Blokira mi komp skoro stalno....molim za pomoc

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Napisano: 17 Jun 2010 13:07

ComboFix 10-06-16.03 - MikI Dobrodolac 17.06.2010 12:55:15.1.1 - x86
Microsoft Windows XP Professional 5.1.2600.2.1252.61.1033.18.255.54 [GMT 2:00]
Running from: c:\documents and settings\MikI Dobrodolac\Desktop\ComboFix.exe

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\system32\win.com

.
((((((((((((((((((((((((( Files Created from 2010-05-17 to 2010-06-17 )))))))))))))))))))))))))))))))
.

2010-06-17 10:53 . 2010-06-17 14:30 -------- d-----w- C:\32788R22FWJFW
2010-06-17 09:00 . 2010-06-17 10:25 -------- d-----w- c:\documents and settings\MikI Dobrodolac\Local Settings\Application Data\AskToolbar
2010-06-17 06:16 . 2010-06-17 06:17 -------- d-----w- c:\program files\Ask.com
2010-06-17 06:16 . 2010-06-17 06:16 -------- d-----w- c:\program files\uTorrent
2010-06-17 06:16 . 2010-06-17 10:53 -------- d-----w- c:\documents and settings\MikI Dobrodolac\Application Data\uTorrent
2010-06-17 06:13 . 2010-06-17 06:13 -------- d-----w- c:\windows\system32\CatRoot_bak
2010-06-16 23:32 . 2010-06-16 23:32 -------- d-----w- c:\documents and settings\MikI Dobrodolac\Application Data\Uniblue
2010-06-16 23:32 . 2010-06-16 23:32 -------- d-----w- c:\program files\Uniblue

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-06-17 09:39 . 2010-06-16 20:23 -------- d-----w- c:\documents and settings\MikI Dobrodolac\Application Data\Skype
2010-06-17 06:09 . 2010-06-16 21:36 -------- d-----w- c:\documents and settings\MikI Dobrodolac\Application Data\skypePM
2010-06-16 21:36 . 2010-06-16 21:36 56 ---ha-w- c:\windows\system32\ezsidmv.dat
2010-06-16 20:47 . 2010-06-16 20:47 0 ----a-w- c:\windows\nsreg.dat
2010-06-16 20:39 . 2010-06-16 20:23 -------- d-----r- c:\program files\Skype
2010-06-16 20:33 . 2010-06-16 20:33 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-06-16 20:33 . 2010-06-16 20:33 -------- d-----w- c:\program files\Common Files\InstallShield
2010-06-16 20:31 . 2010-06-16 20:31 503808 ----a-w- c:\documents and settings\MikI Dobrodolac\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-47fd9211-n\msvcp71.dll
2010-06-16 20:31 . 2010-06-16 20:31 499712 ----a-w- c:\documents and settings\MikI Dobrodolac\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-47fd9211-n\jmc.dll
2010-06-16 20:31 . 2010-06-16 20:31 348160 ----a-w- c:\documents and settings\MikI Dobrodolac\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-47fd9211-n\msvcr71.dll
2010-06-16 20:31 . 2010-06-16 20:31 -------- d-----w- c:\program files\Common Files\Java
2010-06-16 20:31 . 2010-06-16 20:31 61440 ----a-w- c:\documents and settings\MikI Dobrodolac\Application Data\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-31af5eec-n\decora-sse.dll
2010-06-16 20:31 . 2010-06-16 20:31 12800 ----a-w- c:\documents and settings\MikI Dobrodolac\Application Data\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-31af5eec-n\decora-d3d.dll
2010-06-16 20:31 . 2010-06-16 20:31 411368 ----a-w- c:\windows\system32\deployJava1.dll
2010-06-16 20:30 . 2010-06-16 20:30 -------- d-----w- c:\program files\Java
2010-06-16 20:23 . 2010-06-16 20:23 -------- d-----w- c:\program files\Common Files\Skype
2010-06-16 20:23 . 2010-06-16 20:23 -------- d-----w- c:\documents and settings\All Users\Application Data\Skype
2010-06-16 20:09 . 2010-06-16 20:09 -------- d-----w- c:\program files\Opera
2010-06-16 19:58 . 2010-06-16 19:58 -------- d-----w- c:\program files\microsoft frontpage
2010-06-16 19:56 . 2010-06-16 19:56 86327 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2010-06-16 19:53 . 2010-06-16 19:53 21640 ----a-w- c:\windows\system32\emptyregdb.dat
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2010-05-13 26192168]
"NvMediaCenter"="c:\windows\system32\NVMCTRAY.DLL" [2003-07-28 49152]
"uTorrent"="c:\program files\uTorrent\uTorrent.exe" [2010-06-17 323376]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"RegistryBooster"="c:\program files\Uniblue\RegistryBooster\launcher.exe" [2010-05-26 46456]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040]
"SoundMan"="SOUNDMAN.EXE" [2004-06-18 67584]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2003-07-28 4841472]
"nwiz"="nwiz.exe" [2003-07-28 323584]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-03 15360]

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
"d:\\games\\CS 1.6 v42 FULL\\hl.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=

R0 uagp35;Microsoft AGPv3.5 Filter;c:\windows\system32\drivers\UAGP35.SYS [16.6.2010 23:49 44672]
R2 JavaQuickStarterService;Java Quick Starter;c:\program files\Java\jre6\bin\jqs.exe [16.6.2010 22:31 153376]
R2 NVSvc;NVIDIA Driver Helper Service;c:\windows\system32\nvsvc32.exe [16.6.2010 22:39 77824]
R3 ALCXSENS;Service for WDM 3D Audio Driver;c:\windows\system32\drivers\ALCXSENS.SYS [16.6.2010 22:33 400384]
R3 FETNDIS;VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver;c:\windows\system32\drivers\fetnd5.sys [16.6.2010 23:49 27165]
S3 GMSIPCI;GMSIPCI;\??\f:\install\GMSIPCI.SYS --> f:\install\GMSIPCI.SYS [?]
.
Contents of the 'Scheduled Tasks' folder

2010-06-17 c:\windows\Tasks\Scheduled Update for Ask Toolbar.job
- c:\program files\Ask.com\UpdateTask.exe [2010-02-04 14:50]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://eu.ask.com?o=15161&l=dis
FF - ProfilePath - c:\documents and settings\MikI Dobrodolac\Application Data\Mozilla\Firefox\Profiles\1ifms25f.default\
FF - plugin: c:\program files\Java\jre6\bin\new_plugin\npdeployJava1.dll

---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
.

**************************************************************************
scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files:

**************************************************************************
.
Completion time: 2010-06-17 13:00:13
ComboFix-quarantined-files.txt 2010-06-17 11:00

Pre-Run: 16.685.789.184 bytes free

Moze li neko da mi kaze kako da resim problem???
Post-Run: 16.712.138.752 bytes free

- - End Of File - - 96961CBA12094589BF0079AEA9062C24

Dopuna: 17 Jun 2010 13:11

I skoro svaki put kad mi zabode komp pojavi se plava pozadina ispisana na engleskom...pa posto ne razumem engleski mozda neko zna o cemu pricam pa nek mi odg koji mu je :-)))

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Dobrodosao na forum.

Kao prvo instaliraj neki antivirus i proveri sistem. Evo nekoliko besplatnih resenja.

http://www.avast.com/en-eu/index
http://www.free-av.com/
http://free.avg.com/ww-en/homepage

Ukoliko i dalje budes imao problema, procitaj uputstvo kako otvoriti temu u ambulanti.

http://www.mycity.rs/Ambulanta/Kako-otvoriti-temu-u-Ambulanti.html

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

hvala ali msm da to nije do antivirusa juce sam uradio sistem i o5 mi se to plavo pojavljuje...ne kapiram zasto???

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Inace tvoj problem nije prouzrokovan malware-om. CF log, koji si postavio, a niko to nije trazio je cist. Mogao si da procitas na linku koji sam ti zakacio kako se otvara tema u Ambulanti, a ne da na svoju ruku pokreces Combofix.
Mozes otvoriti temu u Windows forumu i tamo izneti tvoj problem.

Potrebno je deinstalirati ComboFix:
klikni start (ili ), a zatim RUN.

Na Visti koristiti Start Search polje ukoliko Run nije dostupan.

U liniju za unos teksta ukucaj (iskopiraj) sledeće:

ComboFix /Uninstall

Primeti da postoji razmak između "ComboFix" i "/Uninstall".



a zatim klikni OK (ili pritisni Enter).

Sačekaj da se proces deinstalacije završi.