Trojanski konj Generik_r.CAN

1

Trojanski konj Generik_r.CAN

offline
  • Lazar
  • čik pogodi
  • Pridružio: 30 Apr 2013
  • Poruke: 311
  • Gde živiš: tu iza ugla xD

Ne znam tačno odakle da počnem...Problem je počeo još od nove godine,čini mi se iz čista mira(zvuči nelogično ali tako ispada).Zapravo,problem je počeo odmah jutro posle dočeka kada sam stigao kuči i upalio komp.Ne znam šta je moj burazer radeo sa kompom celu noć ali znam da kada sam ga upalio,katasrofalno mu je mnogo trebalo vremena da se pokrene,ali ja nisam mnogo obraćao pažnju na to.Shvatio sam da nešto nije uredu tek kada sam otvorio chrome i video da mi je svaki bookmark umnožen u po desetak i više primeraka a pozadina chrome-a mi je promenjena.Skenirao sam komp antivirusom(u to vreme sam koristio besplatnu verzioju Avire),i ništa nije detektovano pa nisam ozbiljno shvatio to.Pobrisao sam bookmarkove i vratio staru pozadinu,ali se sve vratio nekih sat-dva kasnije.U međuvremenu sam primeto da se ruši telenorava aplikacija za internet i da je veza još sporija nego inače(koristim telenorov mobilni internet,preko usb modema.ne mogu da se setim koja je brzina u pitanju,ali ovde gde sam ja imam jako loše mrezno pokriče i ide poprilično sporo.)Opet sam pokušao da dovedem chrome u rred,ali kada sam pokušao da otvorim bookmark menadžer od jednom je zablokirao i srušio se chrome i ja sam ga deinstalirao pa opet skinuo(to skidanje je trajalio dobrih 12 sati,a ranije mi ga je skinuo za nekih pola sata)računao sam da je to dovoljno GUZ - Glavom U Zid Ali naravno da nije bilo dovoljno.Nekoliko dana kasnije,chrome mi je opet poludeo skroz.Opet su mi se bookmarkovi namnožili kao zečevi,i opet mi se vratla ONA pozadina Mad Inače,ja svo vreme nisam provaljivao da je on te kobne večeri(dok ja nisam bio kući),instalirao nekakve karaoke i silne igrice koje mu je doneo na disku jedan od ortaka koiji su slavili kod njega(on me i dan danas ubeđuje da nije moguće da je trojanac bio u nekoj od tih igrica ili u karaokama).Tek tada sam postao svestan da je problem ozbiljniji.Pošto je ovo Lenovo lap topp i ima onaj OneKey recovery,neko mi je dao savet da ga restoriram i to sam i uradeo...I narabvno da ništa nije pomoglo.Onda sam skinuo besplatnu verziju avg-a i to jedva(i opet mi je trebalo 12h da ga skinem i ažuriram) i skenirao sam ga.Avg mi je našao pun đavo kolačića za praćenje,nekih 3-4(nisam više siguran koliko tačno)oštećene,izvršne datoteke i jednog trojanskog konja Generic_r.CAN koji se nalazi trenutno u C:\Program Files\Elantech\ETDCtrlHelper.exe (2960).Sve je Avg uspeo da reši,osim trojanca koji se pojavljuje pri svakom skeniranju od tad.Inače,telenorava aplikacija za internet mi se komstantno ruši i koči i to su žive muke kada pokušam da bilo šta radim na netu,a chrom više i ne koristim jer nema vajde od njega GUZ - Glavom U Zid Od tad sam pokušao da ga skeniram svakojakim antimalverima(ne mogu više ni da se setim kojima sve tačno,ali je među njima bio i SpyHunter),i ništa živo nije registrovalo trojanaca GUZ - Glavom U Zid a tu je i prvai mi probleme.Počeo je od nedavno i da mi šeta ikonice po ekranu...Ne znam više šta da radim i nerviram se svaki put kada pokušam bilo šta da radim sa ovom kantom.
Ako može neko da mi pomogne,nekako,bilo kako bio bih jako zahvalan!
Unapred havala.

offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10619
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

Pozdrav,

Potrebno je da ispratiš uputstvo i postaviš tražene izvještaje.

http://www.mycity.rs/Ambulanta/Kako-otvoriti-temu-u-Ambulanti.html

offline
  • Lazar
  • čik pogodi
  • Pridružio: 30 Apr 2013
  • Poruke: 311
  • Gde živiš: tu iza ugla xD

Napisano: 30 Apr 2013 23:17
DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 9.0.8112.16421
Run by leteæa Mašina at 23:12:00 on 2013-04-30
Microsoft Windows 7 Starter 6.1.7601.1.1250.381.1033.18.1942.836 [GMT 2:00]
.
AV: AVG Internet Security 2013 *Enabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: AVG Internet Security 2013 *Enabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
FW: AVG Internet Security 2013 *Enabled* {36AFA1E1-4CDC-7EF8-11EE-C77C3581ABA2}
.
============== Running Processes ================
.
C:\PROGRA~1\AVG\AVG2013\avgrsx.exe
C:\Program Files\AVG\AVG2013\avgcsrvx.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\Bluetooth Suite\adminservice.exe
C:\Program Files\AVG\AVG2013\avgfws.exe
C:\Program Files\AVG\AVG2013\avgidsagent.exe
C:\Program Files\AVG\AVG2013\avgwdsvc.exe
c:\Program Files\Intel\iCLS Client\HeciServer.exe
C:\Program Files\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
C:\Program Files\Telenor Internet\AssistantServices.exe
C:\Program Files\AVG\AVG2013\avgnsx.exe
C:\Program Files\AVG\AVG2013\avgemcx.exe
C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\13.3.2\ToolbarUpdater.exe
C:\Program Files\Bluetooth Suite\Ath_CoexAgent.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Windows\system32\sppsvc.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files\Elantech\ETDCtrl.exe
C:\Program Files\Bluetooth Suite\BtvStack.exe
C:\Program Files\Bluetooth Suite\AthBtTray.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files\Lenovo\Energy Management\Energy Management.exe
C:\Program Files\Lenovo\Energy Management\utility.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Telenor Internet\UIExec.exe
C:\Program Files\AVG\AVG2013\avgui.exe
C:\Program Files\AVG Secure Search\vprot.exe
C:\Program Files\Elantech\ETDCtrlHelper.exe
C:\Program Files\AVG\AVG2013\avgcsrvx.exe
C:\Program Files\uTorrent\uTorrent.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\Macromed\Flash\FlashUtil32_11_7_700_169_ActiveX.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Telenor Internet\UIMain.exe
C:\Windows\System32\WUDFHost.exe
C:\Program Files\Telenor Internet\CMUpdater.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
.
============== Pseudo HJT Report ===============
.
BHO: CIESpeechBHO Class: {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - c:\program files\bluetooth suite\IEPlugIn.dll
BHO: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - c:\program files\avg secure search\13.3.0.17\AVG Secure Search_toolbar.dll
TB: <No Name>: {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - LocalServer32 - <no file>
TB: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - c:\program files\avg secure search\13.3.0.17\AVG Secure Search_toolbar.dll
mRun: [USB3MON] "c:\program files\intel\intel(r) usb 3.0 extensible host controller driver\application\iusb3mon.exe"
mRun: [ETDCtrl] c:\program files\elantech\ETDCtrl.exe
mRun: [AtherosBtStack] "c:\program files\bluetooth suite\btvstack.exe"
mRun: [AthBtTray] "c:\program files\bluetooth suite\athbttray.exe"
mRun: [IAStorIcon] c:\program files\intel\intel(r) rapid storage technology\IAStorIcon.exe
mRun: [UpdatePRCShortCut] "c:\program files\lenovo\onekey app\onekey recovery\muitransfer\muistartmenu.exe" "c:\program files\lenovo\onekey app\onekey recovery" updatewithcreateonce "software\lenovo\onekey app\OneKey Recovery"
mRun: [Energy Management] c:\program files\lenovo\energy management\Energy Management.exe
mRun: [EnergyUtility] c:\program files\lenovo\energy management\Utility.exe
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [UIExec] "c:\program files\telenor internet\UIExec.exe"
mRun: [AVG_UI] "c:\program files\avg\avg2013\avgui.exe" /TRAYONLY
mRun: [vProt] "c:\program files\avg secure search\vprot.exe"
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: {7815BE26-237D-41A8-A98F-F7BD75F71086} - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - c:\program files\bluetooth suite\IEPlugIn.dll
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
TCP: Interfaces\{112226A6-279E-4D87-BDF0-378A044FF9D4} : NameServer = 217.65.192.101 217.65.192.102
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\common files\avg secure search\viprotocolinstaller\13.3.2\ViProtocol.dll
Notify: igfxcui - igfxdev.dll
SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [2013-2-8 60216]
R0 Avglogx;AVG Logging Driver;c:\windows\system32\drivers\avglogx.sys [2013-2-8 245048]
R0 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2013-2-8 96568]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2013-2-8 39224]
R0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver;c:\windows\system32\drivers\iusb3hcs.sys [2012-2-28 13592]
R0 LHDmgr;LHDmgr;c:\windows\system32\drivers\LhdX86.sys [2010-1-16 32352]
R1 Avgfwfd;AVG network filter service;c:\windows\system32\drivers\avgfwd6x.sys [2012-9-4 50296]
R1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [2013-2-27 208184]
R1 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [2013-3-1 22328]
R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2013-2-8 170808]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2013-2-14 182072]
R1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx86.sys [2013-4-26 26984]
R2 AtherosSvc;AtherosSvc;c:\program files\bluetooth suite\AdminService.exe [2012-4-28 97920]
R2 avgfws;AVG zaštitni zid;c:\program files\avg\avg2013\avgfws.exe [2013-2-19 1418184]
R2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg2013\avgidsagent.exe [2013-2-28 4937264]
R2 avgwd;AVG WatchDog;c:\program files\avg\avg2013\avgwdsvc.exe [2013-2-19 282624]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files\intel\intel(r) rapid storage technology\IAStorDataMgrSvc.exe [2012-6-23 13592]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\intel\icls client\HeciServer.exe [2012-2-3 458464]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files\intel\intel(r) management engine components\dal\Jhi_service.exe [2012-6-23 161560]
R2 UI Assistant Service;UI Assistant Service;c:\program files\telenor internet\AssistantServices.exe [2013-4-26 270672]
R2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files\intel\intel(r) management engine components\uns\UNS.exe [2012-6-23 363800]
R2 vToolbarUpdater13.3.2;vToolbarUpdater13.3.2;c:\program files\common files\avg secure search\vtoolbarupdater\13.3.2\ToolbarUpdater.exe [2013-4-26 894920]
R2 ZAtheros Bt&Wlan Coex Agent;ZAtheros Bt&Wlan Coex Agent;c:\program files\bluetooth suite\Ath_CoexAgent.exe [2012-4-28 163456]
R3 ACPIVPC;Lenovo Virtual Power Controller Driver;c:\windows\system32\drivers\AcpiVpc.sys [2010-10-26 23136]
R3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\drivers\btath_bus.sys [2012-4-28 25728]
R3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\drivers\ETD.sys [2012-1-16 177960]
R3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\drivers\IntcDAud.sys [2011-12-7 280576]
R3 iusb3hub;Intel(R) USB 3.0 Hub Driver;c:\windows\system32\drivers\iusb3hub.sys [2012-2-28 348440]
R3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver;c:\windows\system32\drivers\iusb3xhc.sys [2012-2-28 792856]
R3 L1C;NDIS Miniport Driver for Atheros AR81xx PCI-E Ethernet Controller;c:\windows\system32\drivers\L1C62x86.sys [2012-3-3 91248]
R3 MEI;Intel(R) Management Engine Interface ;c:\windows\system32\drivers\HECI.sys [2011-11-10 46080]
R3 wsvd;wsvd;c:\windows\system32\drivers\wsvd.sys [2009-7-22 81704]
R3 zte_cdc_acm;ZTE All CDC-ACM driver;c:\windows\system32\drivers\zte_cdc_acm.sys [2011-10-11 68352]
S3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\drivers\btath_flt.sys [2012-4-28 35968]
S3 ATHDFU;Atheros Valkyrie USB BootROM;c:\windows\system32\drivers\AthDfu.sys [2012-4-28 44160]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-14 229888]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys [2012-4-28 299648]
S3 btath_avdt;Atheros Bluetooth AVDT Service;c:\windows\system32\drivers\btath_avdt.sys [2012-4-28 98432]
S3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\drivers\btath_hcrp.sys [2012-4-28 148096]
S3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\drivers\btath_lwflt.sys [2012-4-28 60544]
S3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\drivers\btath_rcp.sys [2012-4-28 264448]
S3 BtFilter;BtFilter;c:\windows\system32\drivers\btfilter.sys [2012-4-28 468096]
S3 lehidmini;Bluetooth Low Energy Hid Device;c:\windows\system32\drivers\leath_hid.sys [2012-4-28 32384]
S3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;c:\windows\system32\drivers\RtsUVStor.sys [2012-6-23 232040]
S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2010-11-20 52224]
S3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-20 27264]
S3 zte_wcpo;ZTE All Install (WCPO);c:\windows\system32\drivers\zte_wcpo.sys [2011-10-11 9600]
.
=============== Created Last 30 ================
.
2013-04-30 21:12:02 -------- d-----w- c:\users\leteša maüina\appdata\local\Microsoft
2013-04-30 10:40:01 -------- d-----w- c:\program files\uTorrent
2013-04-30 10:37:42 -------- d-----w- c:\users\leteæa mašina\appdata\roaming\uTorrent
2013-04-29 03:29:37 -------- d-----w- c:\users\leteæa mašina\appdata\roaming\Macromedia
2013-04-29 03:29:36 -------- d-----w- c:\users\leteæa mašina\appdata\roaming\Adobe
2013-04-29 03:29:24 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-04-29 03:29:24 691592 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-04-27 23:13:41 9728 ----a-w- c:\windows\system32\Wdfres.dll
2013-04-27 23:13:41 526952 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
2013-04-27 23:13:41 47720 ----a-w- c:\windows\system32\drivers\WdfLdr.sys
2013-04-27 23:13:18 73216 ----a-w- c:\windows\system32\WUDFSvc.dll
2013-04-27 23:13:18 66560 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
2013-04-27 23:13:18 38912 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
2013-04-27 23:13:18 172032 ----a-w- c:\windows\system32\WUDFPlatform.dll
2013-04-27 23:13:18 155136 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
2013-04-27 23:13:17 613888 ----a-w- c:\windows\system32\WUDFx.dll
2013-04-27 23:13:17 196608 ----a-w- c:\windows\system32\WUDFHost.exe
2013-04-27 20:49:27 55296 ----a-w- c:\windows\system32\cero.rs
2013-04-27 20:23:09 75776 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2013-04-27 20:22:54 60416 ----a-w- c:\windows\system32\drivers\BTHUSB.SYS
2013-04-27 20:06:32 1211752 ----a-w- c:\windows\system32\drivers\ntfs.sys
2013-04-27 19:54:54 140288 ----a-w- c:\windows\system32\cryptsvc.dll
2013-04-27 19:54:54 1159680 ----a-w- c:\windows\system32\crypt32.dll
2013-04-27 19:54:54 103936 ----a-w- c:\windows\system32\cryptnet.dll
2013-04-27 19:54:35 3968856 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-04-27 19:54:34 69632 ----a-w- c:\windows\system32\smss.exe
2013-04-27 19:54:34 3913560 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-04-27 19:54:34 38912 ----a-w- c:\windows\system32\csrsrv.dll
2013-04-27 19:50:31 52224 ----a-w- c:\windows\system32\nlaapi.dll
2013-04-27 19:50:31 499712 ----a-w- c:\windows\system32\iphlpsvc.dll
2013-04-27 19:50:31 35328 ----a-w- c:\windows\system32\drivers\tcpipreg.sys
2013-04-27 19:50:31 242176 ----a-w- c:\windows\system32\nlasvc.dll
2013-04-27 19:50:31 18944 ----a-w- c:\windows\system32\netevent.dll
2013-04-27 19:50:31 175104 ----a-w- c:\windows\system32\netcorehc.dll
2013-04-27 19:50:31 156672 ----a-w- c:\windows\system32\ncsi.dll
2013-04-27 19:47:06 542208 ----a-w- c:\windows\system32\kerberos.dll
2013-04-27 19:04:42 2048 ----a-w- c:\windows\system32\tzres.dll
2013-04-27 19:04:33 169984 ----a-w- c:\windows\system32\winsrv.dll
2013-04-27 19:04:20 317440 ----a-w- c:\windows\system32\spoolsv.exe
2013-04-27 19:04:00 626688 ----a-w- c:\windows\system32\usp10.dll
2013-04-27 19:03:46 712048 ----a-w- c:\windows\system32\drivers\ndis.sys
2013-04-27 19:03:46 33280 ----a-w- c:\windows\system32\drivers\RNDISMP.sys
2013-04-27 18:58:40 311808 ----a-w- c:\windows\system32\drivers\srv.sys
2013-04-27 18:58:40 310272 ----a-w- c:\windows\system32\drivers\srv2.sys
2013-04-27 18:58:40 114688 ----a-w- c:\windows\system32\drivers\srvnet.sys
2013-04-27 18:58:26 338944 ----a-w- c:\windows\system32\drivers\afd.sys
2013-04-27 18:58:17 15872 ----a-w- c:\windows\system32\drivers\usb8023.sys
2013-04-27 18:58:15 1288472 ----a-w- c:\windows\system32\ntdll.dll
2013-04-27 18:58:12 2347008 ----a-w- c:\windows\system32\win32k.sys
2013-04-27 18:57:59 172544 ----a-w- c:\windows\system32\wintrust.dll
2013-04-27 18:57:25 376832 ----a-w- c:\windows\system32\dpnet.dll
2013-04-27 18:57:25 31232 ----a-w- c:\windows\system32\prevhost.exe
2013-04-27 18:55:03 492032 ----a-w- c:\windows\system32\win32spl.dll
2013-04-27 18:54:53 196328 ----a-w- c:\windows\system32\drivers\fvevol.sys
2013-04-27 18:49:41 28672 ----a-w- c:\windows\system32\dnscacheugc.exe
2013-04-27 18:49:41 132608 ----a-w- c:\windows\system32\dnsrslvr.dll
2013-04-27 18:49:35 708608 ----a-w- c:\program files\common files\system\wab32.dll
2013-04-27 18:48:17 245760 ----a-w- c:\windows\system32\OxpsConverter.exe
2013-04-27 18:45:00 75776 ----a-w- c:\windows\system32\psisrndr.ax
2013-04-27 18:45:00 465408 ----a-w- c:\windows\system32\psisdecd.dll
2013-04-27 18:44:40 478720 ----a-w- c:\windows\system32\timedate.cpl
2013-04-27 18:44:18 183808 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2013-04-26 22:34:46 70656 ----a-w- c:\windows\system32\fontsub.dll
2013-04-26 22:34:46 34304 ----a-w- c:\windows\system32\atmlib.dll
2013-04-26 22:34:46 295424 ----a-w- c:\windows\system32\atmfd.dll
2013-04-26 22:30:15 5120 ----a-w- c:\windows\system32\wmi.dll
2013-04-26 22:30:15 19824 ----a-w- c:\windows\system32\drivers\fs_rec.sys
2013-04-26 22:30:15 159232 ----a-w- c:\windows\system32\imagehlp.dll
2013-04-26 22:27:38 293376 ----a-w- c:\windows\system32\umpnpmgr.dll
2013-04-26 22:27:34 67440 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2013-04-26 22:27:34 369336 ----a-w- c:\windows\system32\drivers\cng.sys
2013-04-26 22:27:34 225280 ----a-w- c:\windows\system32\schannel.dll
2013-04-26 22:27:34 134000 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2013-04-26 22:26:25 2048 ----a-w- c:\windows\system32\msxml3r.dll
2013-04-26 22:26:25 1236992 ----a-w- c:\windows\system32\msxml3.dll
2013-04-26 22:25:20 96768 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2013-04-26 22:25:20 223744 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2013-04-26 22:25:20 123904 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2013-04-26 22:24:32 571904 ----a-w- c:\windows\system32\oleaut32.dll
2013-04-26 22:24:32 233472 ----a-w- c:\windows\system32\oleacc.dll
2013-04-26 22:20:55 936960 ----a-w- c:\program files\common files\microsoft shared\ink\journal.dll
2013-04-26 22:19:52 3217408 ----a-w- c:\windows\system32\mstscax.dll
2013-04-26 22:19:51 36864 ----a-w- c:\windows\system32\tsgqec.dll
2013-04-26 22:19:51 131584 ----a-w- c:\windows\system32\aaclient.dll
2013-04-26 22:19:30 1389568 ----a-w- c:\windows\system32\msxml6.dll
2013-04-26 22:18:06 741376 ----a-w- c:\windows\system32\inetcomm.dll
2013-04-26 22:10:54 1293672 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-04-26 22:10:53 240496 ----a-w- c:\windows\system32\drivers\netio.sys
2013-04-26 22:10:53 187752 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2013-04-26 22:08:40 67072 ----a-w- c:\windows\system32\packager.dll
2013-04-26 22:05:54 1549312 ----a-w- c:\windows\system32\tquery.dll
2013-04-26 22:05:54 1401344 ----a-w- c:\windows\system32\mssrch.dll
2013-04-26 22:05:53 86528 ----a-w- c:\windows\system32\SearchFilterHost.exe
2013-04-26 22:05:53 666624 ----a-w- c:\windows\system32\mssvp.dll
2013-04-26 22:05:53 59392 ----a-w- c:\windows\system32\msscntrs.dll
2013-04-26 22:05:53 427520 ----a-w- c:\windows\system32\SearchIndexer.exe
2013-04-26 22:05:53 337408 ----a-w- c:\windows\system32\mssph.dll
2013-04-26 22:05:53 197120 ----a-w- c:\windows\system32\mssphtb.dll
2013-04-26 22:05:53 164352 ----a-w- c:\windows\system32\SearchProtocolHost.exe
2013-04-26 22:04:33 805376 ----a-w- c:\windows\system32\cdosys.dll
2013-04-26 22:04:33 57344 ----a-w- c:\program files\common files\system\ado\msador15.dll
2013-04-26 22:04:33 372736 ----a-w- c:\program files\common files\system\ado\msadox.dll
2013-04-26 22:04:33 352256 ----a-w- c:\program files\common files\system\ado\msadomd.dll
2013-04-26 22:04:33 212992 ----a-w- c:\program files\common files\system\msadc\msadco.dll
2013-04-26 22:04:33 143360 ----a-w- c:\program files\common files\system\ado\msjro.dll
2013-04-26 22:04:33 1019904 ----a-w- c:\program files\common files\system\ado\msado15.dll
2013-04-26 22:02:20 191488 ----a-w- c:\windows\system32\FXSCOVER.exe
2013-04-26 22:02:15 400896 ----a-w- c:\windows\system32\srcore.dll
2013-04-26 22:01:11 534528 ----a-w- c:\windows\system32\EncDec.dll
2013-04-26 22:00:23 41984 ----a-w- c:\windows\system32\browcli.dll
2013-04-26 22:00:23 102912 ----a-w- c:\windows\system32\browser.dll
2013-04-26 22:00:16 870912 ----a-w- c:\windows\system32\XpsPrint.dll
2013-04-26 22:00:06 288256 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2013-04-26 21:59:13 850944 ----a-w- c:\windows\system32\sbe.dll
2013-04-26 21:59:13 642048 ----a-w- c:\windows\system32\CPFilters.dll
2013-04-26 21:59:13 199680 ----a-w- c:\windows\system32\mpg2splt.ax
2013-04-26 21:58:04 514560 ----a-w- c:\windows\system32\qdvd.dll
2013-04-26 21:58:04 1328128 ----a-w- c:\windows\system32\quartz.dll
2013-04-26 21:55:21 2616320 ----a-w- c:\windows\explorer.exe
2013-04-26 21:49:29 2342400 ----a-w- c:\windows\system32\msi.dll
2013-04-26 21:48:52 490496 ----a-w- c:\windows\system32\d3d10level9.dll
2013-04-26 21:38:35 220160 ----a-w- c:\windows\system32\ncrypt.dll
2013-04-26 21:38:06 314880 ----a-w- c:\windows\system32\webio.dll
2013-04-26 21:38:06 22528 ----a-w- c:\windows\system32\lsass.exe
2013-04-26 21:38:06 22016 ----a-w- c:\windows\system32\secur32.dll
2013-04-26 21:38:06 15872 ----a-w- c:\windows\system32\sspisrv.dll
2013-04-26 21:38:06 1038848 ----a-w- c:\windows\system32\lsasrv.dll
2013-04-26 21:38:06 100352 ----a-w- c:\windows\system32\sspicli.dll
2013-04-26 21:36:59 78336 ----a-w- c:\windows\system32\synceng.dll
2013-04-26 21:36:55 769024 ----a-w- c:\windows\system32\localspl.dll
2013-04-26 21:36:38 442880 ----a-w- c:\windows\system32\ntshrui.dll
2013-04-26 21:36:02 49152 ----a-w- c:\windows\system32\taskhost.exe
2013-04-26 21:36:01 1077248 ----a-w- c:\windows\system32\DWrite.dll
2013-04-26 21:35:46 44032 ----a-w- c:\windows\system32\dhcpcsvc6.dll
2013-04-26 21:35:46 193536 ----a-w- c:\windows\system32\dhcpcore6.dll
2013-04-26 21:33:55 1164288 ----a-w- c:\windows\system32\mfc42u.dll
2013-04-26 21:33:55 1137664 ----a-w- c:\windows\system32\mfc42.dll
2013-04-26 21:33:03 69632 ----a-w- c:\windows\system32\drivers\bowser.sys
2013-04-26 21:28:54 123904 ----a-w- c:\windows\system32\poqexec.exe
2013-04-26 21:28:41 27008 ----a-w- c:\windows\system32\drivers\Diskdump.sys
2013-04-26 21:27:46 219008 ----a-w- c:\windows\system32\drivers\dxgmms1.sys
2013-04-26 19:27:24 826880 ----a-w- c:\windows\system32\rdpcore.dll
2013-04-26 19:27:24 24576 ----a-w- c:\windows\system32\drivers\tdtcp.sys
2013-04-26 16:39:11 -------- d-----w- c:\windows\system32\SupportAppCB
2013-04-26 16:39:10 -------- d-----w- c:\program files\Telenor Internet
2013-04-26 11:04:28 -------- d-----w- c:\users\leteæa mašina\appdata\roaming\AVG2013
2013-04-26 10:57:00 -------- d-----w- c:\users\leteæa mašina\appdata\roaming\TuneUp Software
2013-04-26 10:56:57 26984 ----a-w- c:\windows\system32\drivers\avgtpx86.sys
2013-04-26 10:56:56 -------- d-----w- c:\program files\common files\AVG Secure Search
2013-04-26 10:56:55 -------- d-----w- c:\program files\AVG Secure Search
2013-04-26 10:56:53 -------- d-----w- c:\programdata\AVG Secure Search
2013-04-26 10:56:39 -------- d--h--w- C:\$AVG
2013-04-26 10:56:39 -------- d-----w- c:\programdata\AVG2013
2013-04-26 10:56:19 -------- d-----w- c:\program files\AVG
2013-04-26 09:37:10 6906960 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{9d80b1dd-fd7a-4be3-95eb-1b65f19496f7}\mpengine.dll
2013-04-26 08:33:50 -------- d--h--w- c:\programdata\Common Files
2013-04-26 08:33:50 -------- d-----w- c:\programdata\MFAData
2013-04-26 07:54:28 2422272 ----a-w- c:\windows\system32\wucltux.dll
2013-04-26 07:54:25 88576 ----a-w- c:\windows\system32\wudriver.dll
2013-04-26 07:54:19 33792 ----a-w- c:\windows\system32\wuapp.exe
2013-04-26 07:54:19 171904 ----a-w- c:\windows\system32\wuwebv.dll
2013-04-26 06:54:26 -------- d-----w- c:\users\leteæa mašina\appdata\roaming\Intel Corporation
2013-04-26 06:54:08 -------- d-----w- c:\users\leteæa mašina\appdata\roaming\Atheros
2013-04-26 06:52:18 -------- d-sh--w- C:\Recovery
.
==================== Find3M ====================
.
2013-03-12 08:10:56 237088 ------w- c:\windows\system32\MpSigStub.exe
2013-03-01 17:32:20 22328 ----a-w- c:\windows\system32\drivers\avgidsshimx.sys
2013-02-27 06:40:46 208184 ----a-w- c:\windows\system32\drivers\avgidsdriverx.sys
2013-02-14 10:52:46 182072 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2013-02-12 04:48:31 474112 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2013-02-12 04:48:26 2176512 ----a-w- c:\windows\apppatch\AcGenral.dll
2013-02-08 11:37:56 245048 ----a-w- c:\windows\system32\drivers\avglogx.sys
2013-02-08 11:37:52 60216 ----a-w- c:\windows\system32\drivers\avgidshx.sys
2013-02-08 11:37:44 170808 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2013-02-08 11:37:40 39224 ----a-w- c:\windows\system32\drivers\avgrkx86.sys
.
============= FINISH: 23:12:30,44 ===============



https://www.mycity.rs/must-login.png

Dopuna: 30 Apr 2013 23:21

https://www.mycity.rs/must-login.png

Dopuna: 30 Apr 2013 23:22

nisam mogao da ih prekopiram pa sam ih uplowdovao...nadam se da može i tako

offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10619
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

Preuzmite program GMER sa donjeg linka na Desktop:


GMER download
Kliknite dati link;
Kada se otvori dijalog za izbor lokacije na kojoj treba sačuvati file, odaberite Desktop i kliknite Save.



Dvoklikom pokrenite GMER.
Sačekajte da se završi uvodno skeniranje - ukoliko se pojavi bilo kakav upit, kliknite No;

kliknite Scan i sačekajte da skeniranje bude završeno;

kliknite Save ... - izveštaj sačuvajte na Desktop (pod nazivom Gmer1);

kliknite desnim tasterom u prozor programa Gmer i odaberite Options > 3rd party - kliknite Scan;

po završetku skeniranja kliknite Save ... - izveštaj sačuvajte na Desktop (pod nazivom Gmer2);

kliknite taster >>> i odaberite Autostart karticu;

po završetku kratkotrajnog skeniranja, kliknite Copy;

otvorite Notepad i u njega postavite kopirani tekst - izveštaj sačuvajte na Desktop (pod nazivom Gmer3);


Slikoviti prikaz postupka

Priložite sva tri izveštaja uz poruku korišćenjem opcije Prikači fajl.

offline
  • Lazar
  • čik pogodi
  • Pridružio: 30 Apr 2013
  • Poruke: 311
  • Gde živiš: tu iza ugla xD

Napisano: 01 Maj 2013 12:41

https://www.mycity.rs/must-login.png

Dopuna: 01 Maj 2013 12:43

https://www.mycity.rs/must-login.png

Dopuna: 01 Maj 2013 13:35

https://www.mycity.rs/must-login.png

Dopuna: 01 Maj 2013 13:39

Gmer3 izveštaj ne mogu da sačuvam u notepad kako piše u uputstvima i samim tim i ne mogu da ga ubacim...ali pokušaću nekako da ga saćuvam u notepad

Dopuna: 01 Maj 2013 13:51

https://www.mycity.rs/must-login.png

Dopuna: 01 Maj 2013 13:53

uhhh nekako sam se snašao...moram da napomenem da sam Gmer1 slučajno ubacio dva puta jer mi je net prekunuo po sred postavljanja

Dopuna: 01 Maj 2013 20:49

mislim da nisam pomenuo to da sam ja malo smotan za ove stvari Very Happy

offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10619
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

Fajl koji ti AVG detektuje,
C:\Program Files\Elantech\ETDCtrlHelper.exe,

pošalji preko sljedećeg linka:
http://www.mycity.rs/ambulanta-upload.php

offline
  • Lazar
  • čik pogodi
  • Pridružio: 30 Apr 2013
  • Poruke: 311
  • Gde živiš: tu iza ugla xD

Napisano: 02 Maj 2013 1:24

evo,upravo sam ga stavio...potrajaće malo ali ok

Dopuna: 02 Maj 2013 1:25

ne znam koliko će ovo potrajati

offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10619
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

U psotavljenim izvještajima nisam našao tragove aktivne infekcije, a rezultati skeniranja dotičnog fajla na VirusTotalu ukazuju na to da je u pitanju pogrešna detekcija od strane AVG-a koje je već ispravljena.


Arrow

Posjeti temu Testirajte da li vam je pretraživač ranjiv, pročitaj i isprati link koji stoji u njoj.



Arrow

Preporučujem da za zaštitu USB memorijskih uređaja koristiš MCShield.
Nema nikakve veze sa antivirus-om tj. neće ometati njegov rad, a pokazao se kao jedan od najboljih vida zaštite od malware-a koji se prenosi putem USB mem. uređaja.


Home Page MCShield-a: http://www.mcshield.net

Više o MCShield-u možeš saznati u ovoj temi: http://www.mycity.rs/MyCity-Laboratorija/MCShield-v2.html

Facebook stranica MCShield-a: http://www.facebook.com/MCShield


To bi bilo to.
Pozdrav.

offline
  • Lazar
  • čik pogodi
  • Pridružio: 30 Apr 2013
  • Poruke: 311
  • Gde živiš: tu iza ugla xD

Napisano: 02 Maj 2013 10:12

odlično,hvala...samo mi nije jasno šta mi je bilo sa chrome-om...ali ok,nema veze.Hvala

Dopuna: 02 Maj 2013 10:13

...I izvini što sam te namučio ni za šta...i još jednom hvala

offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10619
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

Što se tiče Chrome-a, potraži pomoć u ovom forumu ako još imaš problema sa njim:

http://www.mycity.rs/Web-browseri/

Ko je trenutno na forumu
 

Ukupno su 784 korisnika na forumu :: 26 registrovanih, 11 sakrivenih i 747 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: Belac91, Cranium, dane007, dankisha, Doca, doklevise, dragon986, FOX, gorozup, GUARIN, kNikS, Marko Marković, Mercury, MIg, Milan.1976, NoOneEver Dreams, ObelixSRB, Parker2, royst33, stegonosa, theNedjeljko, Toni, trajkoni018, Vlada1389, wizzardone, zoranis