Problemi

Problemi

offline
  • Pridružio: 06 Nov 2013
  • Poruke: 2

Problemi su sljedeci:

- prilikom skidanja antivirus programa, nakon sto je stari istekao, kompjuter mi se restartuje; imala sam ESET NOD32, i cak i kad njega pokusam da skinem, opet se restartuje; instalirala sam neke uninstaller-e, posto imam ostatke starog antivirusa u kompu jos uvijek, medjutim nisam uspjela izbrisati;
-ne mogu da udjem u safe mode, kako bih brisala ostatke anitvirusa;
-kad ubacim cd, komp se restartuje sve dok ne izbacim cd;
-tastatura mi prebaci na velika slova, ponekad, iako caps lock nije ukljucen..mada se to ne desava cesto
-prije nekoliko dana ne mogu vise da udjem na google chrome, niti sa opere mogu da downloadujem niti chrome niti mozillu;

DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 6.0.2900.5512
Run by Admin at 13:39:45 on 2013-11-06
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.511.74 [GMT 1:00]
.
AV: ESET NOD32 Antivirus 6.0 *Enabled/Outdated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
.
============== Running Processes ================
.
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Vimicro Corporation\VMUVC\VMonitor.exe
C:\Program Files\AVG SafeGuard toolbar\vprot.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Google\Update\1.3.21.165\GoogleCrashHandler.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Documents and Settings\Admin\Local Settings\Application Data\Spoon\3.33.6.140\Spoon-Console.exe
C:\WINDOWS\system32\dmwu.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Documents and Settings\Admin\Local Settings\Application Data\Spoon\3.33.6.140\Spoon-Sandbox.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.4.0\ToolbarUpdater.exe
C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.4.0\loggingserver.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\jmdp\stij.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Common Files\Java\Java Update\jucheck.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Opera\Opera.exe
C:\Program Files\Opera\pluginwrapper\opera_plugin_wrapper.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k imgsvc
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://search.fbdownloader.com/?channel=msus200fbdgy6
mStart Page = hxxp://home.sweetim.com/?crg=3.1010006&st=12&barid={3C2DC218-381D-11E2-BCBA-0018F34D9F53}
uURLSearchHooks: SweetIM ToolbarURLSearchHook Class: {EEE6C35D-6118-11DC-9C72-001320C79847} - c:\program files\sweetim\toolbars\internet explorer\mgHelper.dll
BHO: Chatvibes Browser Helper: {00cbb66b-1d3b-46d3-9577-323a336acb50} - LocalServer32 - <no file>
BHO: PiccShare BHO: {553318DA-D010-469E-84B1-496563CAE1C0} - c:\documents and settings\admin\local settings\application data\ext_piccshare\ext_piccshare.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - <orphaned>
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre6\bin\ssv.dll
BHO: AVG SafeGuard toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - c:\program files\avg safeguard toolbar\14.0.0.12\AVG SafeGuard toolbar_toolbar.dll
BHO: Chatvibes Browser Helper Verifier: {963B125B-8B21-49A2-A3A8-E37092276531} - LocalServer32 - <no file>
BHO: DealPly: {A6174F27-1FFF-E1D6-A93F-BA48AD5DD448} - LocalServer32 - <no file>
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
BHO: SweetPacks Browser Helper: {EEE6C35C-6118-11DC-9C72-001320C79847} - c:\program files\sweetim\toolbars\internet explorer\mgToolbarIE.dll
TB: SweetPacks Toolbar for Internet Explorer: {EEE6C35B-6118-11DC-9C72-001320C79847} - c:\program files\sweetim\toolbars\internet explorer\mgToolbarIE.dll
TB: <No Name>: {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - LocalServer32 - <no file>
TB: SweetPacks Toolbar for Internet Explorer: {EEE6C35B-6118-11DC-9C72-001320C79847} - c:\program files\sweetim\toolbars\internet explorer\mgToolbarIE.dll
TB: AVG SafeGuard toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - c:\program files\avg safeguard toolbar\14.0.0.12\AVG SafeGuard toolbar_toolbar.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background
uRun: [Hoolapp Android] "c:\docume~1\admin\applic~1\hoolap~1\Hoolapp.exe" /Minimized
uRun: [Skype] "c:\program files\skype\phone\Skype.exe" /minimized /regrun
uRun: [SSync] "c:\documents and settings\admin\application data\ssync\SSync.exe"
uRun: [DataMgr] "c:\documents and settings\admin\application data\datamgr\DataMgr.exe"
uRun: [SCheck] "c:\documents and settings\admin\application data\scheck\SCheck.exe" check
uRun: [Snoozer] "c:\documents and settings\admin\application data\snz\Snz.exe"
uRun: [Intermediate] "c:\documents and settings\admin\application data\intermediate\Intermediate.exe"
uRun: [OMESupervisor] c:\documents and settings\admin\local settings\application data\omesuperv.exe
mRun: [Smapp] c:\program files\analog devices\soundmax\SMTray.exe
mRun: [VMonitorVMUVC] "c:\program files\vimicro corporation\vmuvc\VMonitor.exe" VMUVC
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [Sweetpacks Communicator] c:\program files\sweetim\communicator\SweetPacksUpdateManager.exe
mRun: [egui] "c:\program files\eset\eset nod32 antivirus\egui.exe" /hide /waitservice
mRun: [vProt] "c:\program files\avg safeguard toolbar\vprot.exe"
StartupFolder: c:\docume~1\admin\startm~1\programs\startup\spoonn~1.lnk - c:\documents and settings\admin\local settings\application data\spoon\3.33.6.140\Spoon-Console.exe
StartupFolder: c:\docume~1\admin\startm~1\programs\startup\spoonn~2.lnk - c:\documents and settings\admin\local settings\application data\spoon\3.33.6.140\Spoon-Sandbox-Native.exe
StartupFolder: c:\docume~1\admin\startm~1\programs\startup\stardo~1.lnk - c:\program files\stardock\objectdock\ObjectDock.exe
StartupFolder: c:\docume~1\admin\startm~1\programs\startup\xfire.lnk - c:\program files\xfire\Xfire.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-System: EnableLUA = dword:0
mPolicies-Windows\System: Allow-LogonScript-NetbiosDisabled = dword:1
mPolicies-Explorer: NoDriveTypeAutoRun = dword:145
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab
TCP: NameServer = 77.239.64.19 77.239.64.20
TCP: Interfaces\{DACB62FD-8EC3-4B92-B384-DD1D8C2011A3} : DHCPNameServer = 77.239.64.19 77.239.64.20
Handler: base64 - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - LocalServer32 - <no file>
Handler: chrome - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - LocalServer32 - <no file>
Handler: prox - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - LocalServer32 - <no file>
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\common files\avg secure search\viprotocolinstaller\15.4.0\ViProtocol.dll
.
============= SERVICES / DRIVERS ===============
.
R0 m5289;m5289;c:\windows\system32\drivers\m5289.sys [2011-9-18 51840]
R0 uliagpkx;ULi AGP Bus Filter Driver;c:\windows\system32\drivers\AGPKX.SYS [2011-9-18 44928]
R1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx86.sys [2013-5-27 37664]
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [2012-12-21 122240]
R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [2012-12-21 105784]
R3 asc3360pr;asc3360pr;\??\c:\windows\system32\drivers\qvqpmt.sys --> c:\windows\system32\drivers\qvqpmt.sys [?]
R3 ULI5261;ULi Based Ethernet NT Driver;c:\windows\system32\drivers\ULILAN.SYS [2011-9-18 28160]
R3 VMUVC;Vimicro Camera Service VMUVC;c:\windows\system32\drivers\VMUVC.sys [2011-12-5 252416]
R3 vvftUVC;Vimicro Camera Filter Service VMUVC;c:\windows\system32\drivers\vvftUVC.sys [2011-12-5 398720]
.
=============== Created Last 30 ================
.
2013-10-13 10:59:29 -------- d-----w- c:\documents and settings\admin\local settings\application data\Facebook
2013-10-10 19:30:15 -------- d-----w- c:\documents and settings\admin\application data\Snz
2013-10-10 10:36:04 2289997 ----a-w- c:\documents and settings\admin\local settings\application data\omesuperv.exe
2013-10-09 09:19:44 25088 -c----w- c:\windows\system32\dllcache\hidparse.sys
2013-10-09 09:19:44 14976 -c----w- c:\windows\system32\dllcache\usbscan.sys
2013-10-09 09:19:32 60160 -c----w- c:\windows\system32\dllcache\usbaudio.sys
2013-10-09 09:19:32 46848 -c----w- c:\windows\system32\dllcache\irbus.sys
2013-10-09 09:19:32 123008 -c----w- c:\windows\system32\dllcache\usbvideo.sys
2013-10-09 09:19:09 5376 -c----w- c:\windows\system32\dllcache\usbd.sys
2013-10-09 09:19:09 32384 -c----w- c:\windows\system32\dllcache\usbccgp.sys
2013-10-09 09:19:09 30336 -c----w- c:\windows\system32\dllcache\usbehci.sys
2013-10-09 09:19:09 144128 -c----w- c:\windows\system32\dllcache\usbport.sys
.
==================== Find3M ====================
.
2013-09-23 07:40:04 668672 ----a-w- c:\windows\system32\wininet.dll
2013-09-23 07:40:03 81920 ----a-w- c:\windows\system32\ieencode.dll
2013-09-23 07:40:03 61952 ----a-w- c:\windows\system32\tdc.ocx
2013-09-23 01:22:30 369664 ----a-w- c:\windows\system32\html.iec
2013-08-29 01:31:44 1878656 ----a-w- c:\windows\system32\win32k.sys
2013-08-13 08:38:29 37664 ----a-w- c:\windows\system32\drivers\avgtpx86.sys
2013-08-09 01:56:45 386560 ----a-w- c:\windows\system32\themeui.dll
2013-08-09 00:55:08 144128 ----a-w- c:\windows\system32\drivers\usbport.sys
2013-08-09 00:55:07 32384 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2013-08-09 00:55:06 5376 ----a-w- c:\windows\system32\drivers\usbd.sys
2009-09-13 23:53:46 392704 ----a-w- c:\program files\steamclient.dll
2009-09-13 23:25:10 147456 ----a-w- c:\program files\revSrvBrowser.dll
2009-08-31 21:41:00 1840440 ----a-w- c:\program files\hw.dll
2009-08-31 11:17:20 254012 ----a-w- c:\program files\proxy.dll
2009-08-31 11:17:20 1672504 ----a-w- c:\program files\swds.dll
2009-08-31 11:17:14 118872 ----a-w- c:\program files\FileSystem_Stdio.dll
2009-05-17 09:38:54 329728 ----a-w- c:\program files\Steam.dll
2006-09-09 22:06:36 4822120 ----a-w- c:\program files\Pro Evolution Soccer 6.msi
2006-09-09 21:54:28 311296 ----a-w- c:\program files\setup.exe
2006-08-11 12:30:10 204800 ----a-w- c:\program files\autorun6e.exe
2006-01-01 08:40:08 64379 ----a-w- c:\program files\Uninstall.exe
2004-06-04 13:40:54 35328 ----a-w- c:\program files\DSETUP.dll
2003-09-04 16:27:12 820224 ----a-w- c:\program files\ISScript9.Msi
2003-02-04 10:38:46 1600600 ----a-w- c:\program files\instmsiw.exe
2003-02-04 10:38:34 1592408 ----a-w- c:\program files\instmsia.exe
.
============= FINISH: 13:41:37.95 ===============


mycity.rs/must-login.png

U pitanju je Windows XP, 2002, 1.80 GHz, 512 Mb of RAM, 32 bita

offline
  • Ivan Gvozdenovic
  • Speedcuber
  • Pridružio: 04 Jul 2011
  • Poruke: 4932
  • Gde živiš: Krusevac

Pozdrav.




Imam loše vesti, na tvom racunaru je prisutan virus Sality (file infector)
Sality je inficirao sve particije.

Ciscenje ovog virusa je nemoguce iz aktivnog Windowsa.




Potrebno je uraditi sledece:


Uraditi backup svih bitnih podataka sa C:\ i sa Desktopa (dokumenta, slike...)

Formatirati sistemsku particiju, obicno je to C:\


Kad zavrsi instalacija Operativnog Sistema nikako ne otvarati druge particije, da ne bi doslo do reinfekcije.

Instalirati drajver za Lan (pozeljno sa CD-a), ukoliko nemas CD, preuzeti drajver sa interneta, sa drugog racunara i narezati na CD (ne na flash drive).
Instalirati drajver da bi dobio/la internet konekciju.
Kod OS Windows7 obicno je Lan vec u funkciji, jer Windows7 poseduje genericke drajvere za mrezu.

Preuzeti sa interneta na desktop Antivirus, instalirati i skenirati kompletan HDD (sve particije).

Brisati sve sto Antivirus nadje.

Nakon toga nastaviti instalaciju drajvera i programa.



Preporučujem ti da koristiš program MCShield za zaštitu USB memorijskih uređaja.

Program možeš preuzeti sa ovog linka. Nakon instalacije priključiš USB memorijske uređaje, koji će biti skenirani. Na kraju skeniranja ćeš dobiti izveštaj da je uređaj čist ili obaveštenje o uklonjenom malware-u.


Ukoliko imas bilo kakvih pitanja tu smo da odgovorimo.





Ivance95 (AMF Tim)

offline
  • Pridružio: 06 Nov 2013
  • Poruke: 2

Ok, hvala. Imam pitanje: ovo sto mi se komp restartuje cim ubacim cd, je l' to do virusa ili moze biti nesto drugo?

offline
  • Ivan Gvozdenovic
  • Speedcuber
  • Pridružio: 04 Jul 2011
  • Poruke: 4932
  • Gde živiš: Krusevac

Arrow Verovatno da jeste, ali ako se problem nastavi i nakon reinstalacije sistema otvori temu u Windows potforumu.




Ivance95 (AMF Tim)


Potreban je samo minut da se registrujete - da biste učestvovali u diskusiji:
Izaberite vaše korisničko ime [username] :
Vaša email adresa je [email] : Email adresa mora biti tačna!
Ukucajte željenu šifru [password] :
Ukucajte šifru ponovo [password again] :
Jezik [language] :




Ili se jednostavno uloguj preko Facebook-a:
Ko je trenutno na forumu
 

Ukupno su 233 korisnika na forumu :: 12 registrovanih, 2 sakrivenih i 219 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 1383 - dana 19 Okt 2014 22:26

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: 4channer, Amfilohije Ćuruvija, Chuck Norris, De Dza, deri3891, lakibatica, Marko Ganic, pquanah, Skywhaler, TheDelliRus, zixo, Žan Klod vam dam
Siguran hosting