Problem sa Scheduled.exe

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Uloguj se preko Facebooka da bi skinuo fajl:

Pozdrav, ja imam problem cim mi se podigne sistem odmah izlazi poruka da je Scheduled.exe naisao na neki problem i da se ne moze pokrenuti.Mislim da je u pitanju neki virus jer mi i TV kartica ne radi.Molim Vas za pomoc.



DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 6.0.2900.2180 BrowserJavaVersion: 10.25.2
Run by Nesa at 20:01:49 on 2013-07-10
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.768.189 [GMT 1:00]
.
AV: avast! Antivirus *Enabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: avast! Antivirus *Disabled*
.
============== Running Processes ================
.
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast5\avastUI.exe
C:\Program Files\Hewlett-Packard\OrderReminder\OrderReminder.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\cisvc.exe
F:\bin\jqs.exe
C:\Program Files\KWorld Multimedia\PVR-TV 7131 Utilities\P3XRCtl.exe
C:\WINDOWS\system32\slserv.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\System32\alg.exe
C:\Documents and Settings\Nesa\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Nesa\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Nesa\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Nesa\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\cidaemon.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k imgsvc
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://search.conduit.com/?SearchSource=10&ctid=CT2776682
mStart Page = about:blank
mSearch Page = hxxp://www.toggle.com/en/index.php?rvs=google
uInternet Connection Wizard,ShellNext = hxxp://www.toggle.com/en/index.php?rvs=google
mSearchAssistant = hxxp://search.babylon.com/?babsrc=SP_ss&q={searchTerms}&mntrId=e813520d0000000000000014043f7f51&tlver=1.4.19.19&ss=1&affID=17981
uURLSearchHooks: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - <orphaned>
BHO: {02478D38-C3F9-4EFB-9B51-7695ECA05670} - <orphaned>
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: DivX Plus Web Player HTML5 <video>: {326E768D-4182-46FD-9C16-1449A49795F4} -
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - f:\bin\ssv.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - f:\bin\jp2ssv.dll
EB: {BDEA95CF-F0E6-41E0-BD3D-B00F39A4E939} - <orphaned>
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [Google Update] "c:\documents and settings\nesa\local settings\application data\google\update\GoogleUpdate.exe" /c
mRun: [avast5] "c:\program files\alwil software\avast5\avastUI.exe" /nogui
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [OrderReminder] c:\program files\hewlett-packard\orderreminder\OrderReminder.exe
mRun: [PVR Agent] e:\tvr\Scheduled.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\adober~2.lnk - c:\program files\adobe\reader 8.0\reader\reader_sl.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\adober~1.lnk - c:\program files\adobe\reader 8.0\reader\AdobeCollabSync.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\remote~1.lnk - c:\program files\kworld multimedia\pvr-tv 7131 utilities\P3XRCtl.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoDriveTypeAutoRun = dword:145
IE: Iz&vezi u Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {DB38E21A-0133-419d-92AD-ECDFD5244D6D} - {3E2DFD6A-4E20-4d4c-AA8B-E1F9DBEF3C80} - <orphaned>
IE: {EB620C54-E229-4942-87CE-E717109FC8C6} - {714E0876-FCEE-49ce-A429-B9AD8AEFCB56} - <orphaned>
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
Trusted Zone: qword.com
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_10-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0010-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_10-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_10-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
TCP: NameServer = 178.79.14.6 178.79.0.3
TCP: Interfaces\{082EB8D3-1500-4484-A4C2-4FC2AB5594A7} : DHCPNameServer = 178.79.14.6 178.79.0.3
TCP: Interfaces\{50E4586B-4975-4644-93C7-C67A35373199} : DHCPNameServer = 178.79.14.6 178.79.0.3
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
.
============= SERVICES / DRIVERS ===============
.
R0 aswRvrt;aswRvrt;c:\windows\system32\drivers\aswRvrt.sys [2013-3-6 49376]
R0 aswVmm;aswVmm;c:\windows\system32\drivers\aswVmm.sys [2013-3-6 175176]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2011-5-27 770344]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2011-1-30 369584]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2011-1-30 29816]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2013-3-6 66336]
R2 avast! Antivirus;avast! Antivirus;c:\program files\alwil software\avast5\AvastSvc.exe [2011-1-30 46808]
R3 Cap713x;Philips Cap713x Video Capture;c:\windows\system32\drivers\Cap713x.sys [2013-7-7 686080]
S2 BasicScan Service;BasicScan Service;"c:\program files\basicscan\basicscan.exe" "c:\program files\basicscan\basicscan.dll" ramisaye tajocetu --> c:\program files\basicscan\basicscan.exe [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2012-2-29 158856]
S3 PBDOWNFORCE_SERVICE;PBDOWNFORCE_SERVICE;\??\f:\xin_nix\cs\anti local ban hack sxe all\pbdownforce.sys --> f:\xin_nix\cs\anti local ban hack sxe all\PBDownforce.sys [?]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
.
=============== File Associations ===============
.
ShellExec: Foxit Reader.exe: print="c:\program files\foxit software\foxit reader\Foxit Reader.exe"/p "%1"
ShellExec: Foxit Reader.exe: printto="c:\program files\foxit software\foxit reader\Foxit Reader.exe"/t "%1" "%2" "%3" "%4"
ShellExec: FOXITR~1.EXE: print="c:\progra~1\foxits~1\foxitr~1\FOXITR~1.EXE"/p "%1"
ShellExec: FOXITR~1.EXE: printto="c:\progra~1\foxits~1\foxitr~1\FOXITR~1.EXE"/t "%1" "%2" "%3" "%4"
.
=============== Created Last 30 ================
.
2013-07-10 18:25:02 144896 -c--a-w- c:\windows\system32\javacpl.cpl
2013-07-10 18:24:56 94632 -c--a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-07-09 13:11:15 5632 -c--a-w- c:\windows\system32\pxc25pm.dll
2013-07-09 13:11:10 258352 -c--a-w- c:\windows\system32\unicows.dll
2013-07-07 22:29:09 -------- dc----w- c:\documents and settings\nesa\application data\Carambis
2013-07-07 16:27:35 686080 -c--a-r- c:\windows\system32\drivers\Cap713x.sys
2013-07-07 16:27:26 57344 -c--a-r- c:\windows\system32\Prop713x.dll
2013-06-30 17:14:08 -------- dc----w- c:\program files\Microsoft
2013-06-11 16:33:56 81946 -c--a-w- c:\windows\system32\vb5ko.dll
2013-06-11 16:33:56 176128 -c--a-w- c:\windows\system32\PuzzSaver.scr
2013-06-11 16:33:56 172032 -c--a-w- c:\windows\system32\SpotSaver.scr
2013-06-11 16:33:55 135168 -c--a-w- c:\windows\system32\ParaSaver.scr
2013-06-11 16:24:08 86400 -c--a-w- c:\windows\~GLC0008.TMP
.
==================== Find3M ====================
.
2013-07-10 18:24:12 867240 -c--a-w- c:\windows\system32\npDeployJava1.dll
2013-07-10 18:24:10 789416 -c--a-w- c:\windows\system32\deployJava1.dll
2013-06-27 23:38:40 175176 -c--a-w- c:\windows\system32\drivers\aswVmm.sys
2013-06-27 23:38:39 770344 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-06-12 09:33:49 692104 -c--a-w- c:\windows\system32\FlashPlayerApp.exe
2013-06-12 09:33:48 71048 -c--a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-05-09 08:59:10 49376 -c--a-w- c:\windows\system32\drivers\aswRvrt.sys
2013-05-09 08:59:09 66336 -c--a-w- c:\windows\system32\drivers\aswMonFlt.sys
2013-05-09 08:58:37 41664 -c--a-w- c:\windows\avastSS.scr
.
============= FINISH: 20:02:58,62 ===============
mycity.rs/must-login.png
mycity.rs/must-login.png



[ Edit by magna86: Korigovan naslov teme. Procitaj pravilnik foruma ]

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Pozdrav.



Preuzmi "Xplode"-ov AdwCleaner () i sacuvaj ga na Desktop

Dvoklikom pokreni program.
Klikni na dugme [Delete] i pricekaj da program zavrsi.
Program ce zatvoriti sve aktivne programe i izbaciti prozor sa tim upozorenjem. Klikni Ok kao potvrdu.
Na sledeca dva prozora koja se otvore (Informations i Restart required ) klikni Ok

Racunar ce se restartovati a potom otvoriti notepad (C:\AdwCleaner[S1].txt) sa izvestajem.
Sacuvaj taj notepad na Desktop i okaci ga uz poruku koristeci opciju "Prikaci fajl"
Napomena: Izvestaj ce takodje biti sacuvan na C:\AdwCleaner[S1].txt




============ Sledece ============




Preuzmite program GMER sa donjeg linka na Desktop:


GMER download
Kliknite dati link;
Kada se otvori dijalog za izbor lokacije na kojoj treba sačuvati file, odaberite Desktop i kliknite Save.


Dvoklikom pokrenite GMER.
Sačekajte da se završi uvodno skeniranje - ukoliko se pojavi bilo kakav upit, kliknite No;

kliknite Scan i sačekajte da skeniranje bude završeno;

kliknite Save ... - izveštaj sačuvajte na Desktop (pod nazivom Gmer1);

kliknite desnim tasterom u prozor programa Gmer i odaberite Options > 3rd party - kliknite Scan;

po završetku skeniranja kliknite Save ... - izveštaj sačuvajte na Desktop (pod nazivom Gmer2);

kliknite taster >>> i odaberite Autostart karticu;

po završetku kratkotrajnog skeniranja, kliknite Copy;

otvorite Notepad i u njega postavite kopirani tekst - izveštaj sačuvajte na Desktop (pod nazivom Gmer3);

Slikoviti prikaz postupka

Priložite sva tri izveštaja uz poruku korišćenjem opcije Prikači fajl.

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Uloguj se preko Facebooka da bi skinuo fajl:

Ima 4 ova Gmer fajla zato sto mi se kod treceg iskljucio program sam od sebe.

mycity.rs/must-login.png

mycity.rs/must-login.png

mycity.rs/must-login.png

mycity.rs/must-login.png

mycity.rs/must-login.png

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Nismo utvrdili da je problem do malware-a, odnosno sistem je cist.

Otvori temu u Windows forumu da pokusaju da nadju uzrok problema, pozdrav.

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Hvala puno.