Problem sa lap topom

1

Problem sa lap topom

offline
  • Pridružio: 20 Maj 2009
  • Poruke: 17

Problem je nastao kada sam pokusao da download-ujem nesto i izabrao sam pogrešno dugme download na jednom od sajtova i to je bilo to. Zakaèio sam nesto sigurno tada, ima vec par dana. U pitanju je laptop, sada samo moze da se podigne sistem, ali odmah zakuca, ne mogu nista sa njim. Pokrenem ga u safe modu i tamo uradim system restore i opet nista. Skinem malwarebytes i uradim sken i pronaðe nesto, to kao stavim u karantin i pokusam opet da udjem u windows i opet nista. Na njemu je ESET NOD32 ali od njega slabe vajde izgleda, ne mogu ni njega da pokrenem.

Pa sam razmisljao da skinem AVAST i uradim sken u safe modu.

E sada logove nisam postavio jer ne znam smijem li i ima li smisla da to uradim u safe modu.
U pitanju je bezicni internet

Hvala

offline
  • Més que un club
  • Glavni vokal @ Harpun
  • Pridružio: 27 Feb 2009
  • Poruke: 3898
  • Gde živiš: Novi Sad,Klisa

Napisano: 28 Mar 2013 18:25


Postavi ih iz safe mode-a.

offline
  • Pridružio: 20 Maj 2009
  • Poruke: 17

Napisano: 29 Mar 2013 10:58

Ovo je sve sto sam uspio uraditi, s tim sto sam uspio da pokrenem dss u normalnom modu, tamo sak ga i skenirao.
+ DDS

Dopuna: 29 Mar 2013 11:05

Isto dobijem kada sam ga skenirao i u safe mode-u.

Dopuna: 29 Mar 2013 11:07

Izvinjavam se, izgleda da sam više puta postovao kopirani log.

rip
  • argus  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 27 Apr 2008
  • Poruke: 9160
  • Gde živiš: Prokuplje

Preuzmi DDS sa ovog linka i uradi to isto.

http://download.bleepingcomputer.com/sUBs/dds.com

offline
  • Pridružio: 20 Maj 2009
  • Poruke: 17

DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 8.0.7601.17105 BrowserJavaVersion: 1.6.0_20
Run by pc at 11:45:58 on 2013-03-29
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.2974.1520 [GMT 1:00]
.
AV: ESET NOD32 Antivirus 5.0 *Enabled/Outdated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
SP: ESET NOD32 Antivirus 5.0 *Enabled/Outdated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\WLANExt.exe
C:\Windows\system32\conhost.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\Nitro PDF\Professional\NitroPDFDriverService.exe
C:\Windows\system32\NLSSRV32.EXE
C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe
C:\Windows\system32\sppsvc.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\CyberLink\PowerDVD10\PDVD10Serv.exe
C:\Program Files\CyberLink\Shared files\brs.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE
C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\BtAssist.exe
C:\Windows\System32\slui.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Common Files\Java\Java Update\jucheck.exe
C:\Windows\system32\WUDFHost.exe
C:\Program Files\Microsoft Office\Office14\EXCEL.EXE
C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k secsvcs
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://home.mywebsearch.com/index.jhtml?n=77DE8857&ptnrS=ZJxpt039YYba&ptb=86DA62E6-EE0A-4A75-A35D-0DC2191FE7E5&si=XXXXXXXXXX
uURLSearchHooks: <No Name>: {cc2e2b99-14d3-4516-883c-9ea147f594ef} - c:\program files\zwinky_5q\bar\1.bin\5qSrcAs.dll
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Toolbar BHO: {27488090-768a-4d20-a938-f223f71c344c} -
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - <orphaned>
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - c:\program files\microsoft office\office14\GROOVEEX.DLL
BHO: Windows Live Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - c:\program files\microsoft office\office14\URLREDIR.DLL
BHO: Search Assistant BHO: {bd3ea7c2-3af8-4463-9a9c-6eb8e136cb02} - c:\program files\zwinky_5q\bar\1.bin\5qSrcAs.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre6\bin\jp2ssv.dll
TB: Zwinky: {3033124F-06BF-4829-873A-310A125B4D4C} - c:\program files\zwinky_5q\bar\1.bin\5qbar.dll
TB: Zwinky: {3033124f-06bf-4829-873a-310a125b4d4c} - c:\program files\zwinky_5q\bar\1.bin\5qbar.dll
uRun: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "c:\program files\common files\ahead\lib\NMBgMonitor.exe"
uRun: [OfficeSyncProcess] "c:\program files\microsoft office\office14\MSOSYNC.EXE"
uRun: [Skype] "c:\program files\skype\phone\Skype.exe" /nosplash /minimized
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [RemoteControl10] "c:\program files\cyberlink\powerdvd10\PDVD10Serv.exe"
mRun: [BDRegion] c:\program files\cyberlink\shared files\brs.exe
mRun: [BCSSync] "c:\program files\microsoft office\office14\BCSSync.exe" /DelayServices
mRun: [TaskTray] <no file>
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\blueto~1.lnk - c:\program files\toshiba\bluetooth toshiba stack\TosBtMng1.exe
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~1\micros~2\office14\ONBttnIE.dll/105
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office\office14\ONBttnIELinkedNotes.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
TCP: NameServer = 81.93.64.9 192.168.3.1
TCP: Interfaces\{2A246062-D5F0-4C92-9A7F-0B5E4ADC0043} : DHCPNameServer = 81.93.64.9 192.168.3.1
TCP: Interfaces\{2A246062-D5F0-4C92-9A7F-0B5E4ADC0043}\164637C6 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{2A246062-D5F0-4C92-9A7F-0B5E4ADC0043}\25144494F4029474F4B45414 : DHCPNameServer = 192.168.1.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL
Notify: igfxcui - igfxdev.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - c:\program files\microsoft office\office14\GROOVEEX.DLL
Hosts: 127.0.0.1 validation.sls.microsoft.com
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\pc\appdata\roaming\mozilla\firefox\profiles\cawq0yk5.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.ba/
FF - prefs.js: keyword.URL - hxxp://search.mywebsearch.com/mywebsearch/GGmain.jhtml?st=kwd&ptb=86DA62E6-EE0A-4A75-A35D-0DC2191FE7E5&n=77ed9a36&ind=2012060214&id=ZJxpt039YYba&ptnrS=ZJxpt039YYba&si=XXXXXXXXXX&searchfor=
FF - plugin: c:\progra~1\micros~2\office14\NPAUTHZ.DLL
FF - plugin: c:\progra~1\micros~2\office14\NPSPWRAP.DLL
FF - plugin: c:\program files\adobe\reader 9.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\google\update\1.3.21.135\npGoogleUpdate3.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npwachk.dll
FF - plugin: c:\program files\zwinky_5q\bar\1.bin\NP5qStub.dll
FF - plugin: c:\windows\system32\adobe\director\np32dsw_1168638.dll
.
============= SERVICES / DRIVERS ===============
.
R2 {1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC};Power Control [2011/10/15 09:40:10];c:\program files\cyberlink\powerdvd10\navfilter\000.fcl [2010-3-13 87536]
R2 Autodesk Content Service;Autodesk Content Service;c:\program files\autodesk\content service\Connect.Service.ContentService.exe [2011-2-2 18656]
R2 eamonm;eamonm;c:\windows\system32\drivers\eamonm.sys [2011-6-3 162912]
R2 ekrn;ESET Service;c:\program files\eset\eset nod32 antivirus\ekrn.exe [2011-6-3 974944]
R2 epfwwfpr;epfwwfpr;c:\windows\system32\drivers\epfwwfpr.sys [2011-6-3 103112]
R2 NitroDriverReadSpool;NitroPDFDriverCreatorReadSpool;c:\program files\nitro pdf\professional\NitroPDFDriverService.exe [2011-3-21 196928]
R2 nlsX86cc;NLS Service;c:\windows\system32\NLSSRV32.EXE [2011-3-21 68928]
R2 TeamViewer6;TeamViewer 6;c:\program files\teamviewer\version6\TeamViewer_Service.exe [2011-10-15 2358656]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 Zwinky_5qService;ZwinkyService;c:\progra~1\zwinky~2\bar\1.bin\5qbarsvc.exe --> c:\progra~1\zwinky~2\bar\1.bin\5qbarsvc.exe [?]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
S3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2010-9-30 62464]
S3 ESHASRV;ESET SHA Service;c:\program files\eset\eset nod32 antivirus\EShaSrv.exe [2011-6-3 183904]
S3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\drivers\ewusbdev.sys [2011-10-28 101248]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2010-9-30 15872]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\drivers\RtsUStor.sys [2011-10-15 197224]
S3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\Synth3dVsc.sys [2010-9-30 77184]
S3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys [2010-9-30 25600]
S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2010-9-30 52224]
S3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-9-30 27264]
S3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [2010-9-30 112640]
.
=============== File Associations ===============
.
FileExt: .scr: AutoCADScriptFile=c:\windows\system32\notepad.exe "%1"
.
=============== Created Last 30 ================
.
2013-03-28 13:44:03 7108640 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{91cdda20-2928-456a-81b7-ed137e7472ea}\mpengine.dll
2013-03-28 07:28:38 -------- d-----w- c:\users\pc\appdata\roaming\Malwarebytes
2013-03-28 07:28:30 -------- d-----w- c:\programdata\Malwarebytes
2013-03-28 07:28:30 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2013-03-28 07:28:18 -------- d-----w- c:\users\pc\appdata\local\Programs
2013-03-26 08:48:30 -------- d-----w- c:\programdata\CLSoft LTD
2013-03-26 08:48:21 -------- d-----w- c:\programdata\Premium
2013-03-26 08:48:19 -------- d-----w- c:\program files\MagniPic
2013-03-26 08:47:53 -------- d-----w- c:\programdata\InstallMate
2013-03-26 08:46:31 -------- d-----w- c:\users\pc\appdata\roaming\BitTorrent
.
==================== Find3M ====================
.
.
============= FINISH: 11:46:19,48 ===============

mycity.rs/must-login.png

rip
  • argus  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 27 Apr 2008
  • Poruke: 9160
  • Gde živiš: Prokuplje

Preuzmi RogueKiller i saèuvaj ga na Desktop

Dvoklikom pokreni RogueKiller i prièekaj da se inicijalno skeniranje završi.
Klikni na dugme Scan.
Po završenom skeniranju, biæe kreiran izveštaj na desktopu pod nazivom RKreport.txt
Sadržaj tog loga iskopiraj u temi..

offline
  • Pridružio: 20 Maj 2009
  • Poruke: 17

RogueKiller V8.5.4 [Mar 18 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : geekstogo.com/forum/files/file/413-roguekiller/
Website : tigzy.geekstogo.com/roguekiller.php
Blog : tigzyrk.blogspot.com/

Operating System : Windows 7 (6.1.7601 Service Pack 1, v.721) 32 bits version
Started in : Normal mode
User : pc [Admin rights]
Mode : Scan -- Date : 04/01/2013 12:36:26
| ARK || FAK || MBR |

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 5 ¤¤¤
[HJ] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> FOUND
[HJ] HKLM\[...]\System : EnableLUA (0) -> FOUND
[HJ SMENU] HKCU\[...]\Advanced : Start_ShowMyGames (0) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [LOADED] ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts

127.0.0.1 validation.sls.microsoft.com


¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: TOSHIBA MK3275GSX ATA Device +++++
--- User ---
[MBR] 6dd29fc654a88673be8c5e3aa3fdd001
[BSP] 04318d6ca4b35b7d2f43914d5ca40b35 : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 149899 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 307200000 | Size: 155244 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[1]_S_04012013_02d1236.txt >>
RKreport[1]_S_04012013_02d1236.txt

rip
  • argus  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 27 Apr 2008
  • Poruke: 9160
  • Gde živiš: Prokuplje

Preuzmi "Xplode"-ov AdwCleaner () i sacuvaj ga na Desktop

Dvoklikom pokreni program.
Klikni na dugme [Delete] i pricekaj da program zavrsi.
Program ce zatvoriti sve aktivne programe i izbaciti prozor sa tim upozorenjem. Klikni Ok kao potvrdu.
Na sledeca dva prozora koja se otvore (Informations i Restart required ) klikni Ok


Racunar ce se restartovati a potom otvoriti notepad (C:\AdwCleaner[S1].txt) sa izvestajem.
Sacuvaj taj notepad na Desktop i okaci ga uz poruku koristeci opciju "Prikaci fajl"

Napomena: Izvestaj ce takodje biti sacuvan na C:\AdwCleaner[S1].txt

offline
  • Pridružio: 20 Maj 2009
  • Poruke: 17

mycity.rs/must-login.png

rip
  • argus  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 27 Apr 2008
  • Poruke: 9160
  • Gde živiš: Prokuplje

Pokreni ponovo DDS i postavi mi log fajl.

Kakvo je stanje sada?

Ko je trenutno na forumu
 

Ukupno su 1404 korisnika na forumu :: 29 registrovanih, 2 sakrivenih i 1373 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: Alibaba1981, bestguarder, Bobrock1, bojcistv, Bubimir, comi_pfc, croato, Dimitrise93, Dorcolac, GandorCC, Georgius, jackreacher011011, janbo, loon123, Luka Blaževiæ, M1los, Mi lao shu, milimoj, Milometer, mrav pesadinac, Outis, Trpe Grozni, Tvrtko I, Vatreni Zmaj, VJ, Vlada1389, vukdra, Wrangler, zziko