racunar blokira

racunar blokira

offline
  • Miroslav Tanaskovic
  • Gradjevinski tehnicar
  • Pridružio: 02 Jan 2009
  • Poruke: 787
  • Gde živiš: Cacak

Od skora cini mi se kako je sa nekom instalacijom instaliran i delta tolbar koji nikako nemogu da uklonim racunar nenormalno koci. Naprimer kada otvara maycomputer treba mu minut da ga otvori.Koristim adsl telekom i av avast koji neprijavljuje nikakav virus. Nisam nista pokusavao osim da izbrisem delta toldar koji se i nevidi da je instaliran u addremove program ali se uvek pojavljuje kod otvaranj google chrome.DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 10.15.2
Run by miroslav at 14:32:32 on 2013-04-09
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.768.199 [GMT 2:00]
.
AV: avast! Antivirus *Enabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
============== Running Processes ================
.
C:\WINDOWS\Explorer.EXE
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\VistaDriveIcon\VistaDrv.exe
C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
C:\Program Files\AVAST Software\Avast\avastUI.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\MCShield\mcshieldrtm.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Pinnacle\Shared Files\Programs\Scheduler\PCLEScheduler.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
C:\Program Files\Common Files\Java\Java Update\jucheck.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k imgsvc
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
TB: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll
uRun: [MCShield Monitor] c:\program files\mcshield\mcshieldrtm.exe
uRun: [DW6] "c:\program files\the weather channel fw\desktop\DesktopWeather.exe"
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [VDrive] c:\windows\vistadriveicon\VistaDrv.exe
mRun: [Smapp] c:\program files\analog devices\soundmax\SMTray.exe
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [avast] "c:\program files\avast software\avast\avastUI.exe" /nogui
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
dRunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\pinnac~1.lnk - c:\program files\pinnacle\shared files\programs\scheduler\PCLEScheduler.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
uPolicies-Explorer: ForceClassicControlPanel = dword:1
uPolicies-Explorer: NoSMHelp = dword:1
mPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: ForceClassicControlPanel = dword:1
mPolicies-Explorer: NoSMHelp = dword:1
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{A42CA8C4-700A-481C-8AFC-39AF0A27BE6D} : DHCPNameServer = 192.168.1.1
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\wpdshserviceobj.dll
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\25.0.1364.97\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
.
============= SERVICES / DRIVERS ===============
.
R0 aswRvrt;aswRvrt;c:\windows\system32\drivers\aswRvrt.sys [2013-3-3 49248]
R0 aswVmm;aswVmm;c:\windows\system32\drivers\aswVmm.sys [2013-3-3 164736]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2013-2-8 765736]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2013-2-6 368176]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2013-2-6 29816]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2013-3-3 66336]
R2 avast! Antivirus;avast! Antivirus;c:\program files\avast software\avast\AvastSvc.exe [2013-2-8 45248]
R2 MBAMScheduler;MBAMScheduler;c:\program files\malwarebytes' anti-malware\mbamscheduler.exe [2013-1-13 398184]
R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2013-1-13 682344]
R2 TeamViewer8;TeamViewer 8;c:\program files\teamviewer\version8\TeamViewer_Service.exe [2013-1-13 3467768]
R3 3xHybrid;Pinnacle PCTV Stereo service;c:\windows\system32\drivers\3xHybrid.sys [2013-1-13 698368]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2013-1-13 21104]
R3 pctvvbi;PCTVVBI;c:\windows\system32\drivers\pctvvbi.sys [2013-1-14 6400]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2013-4-9 40776]
.
=============== Created Last 30 ================
.
2013-04-09 11:34:18 40776 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
.
==================== Find3M ====================
.
2013-03-14 12:02:36 693976 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-03-14 12:02:33 73432 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-03-06 23:33:24 765736 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-03-06 23:33:24 49248 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2013-03-06 23:33:24 164736 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2013-03-06 23:33:23 66336 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2013-03-06 23:32:51 41664 ----a-w- c:\windows\avastSS.scr
2013-02-24 10:20:09 94112 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-02-24 10:20:06 143872 ----a-w- c:\windows\system32\javacpl.cpl
2013-02-24 10:20:05 861088 ----a-w- c:\windows\system32\npDeployJava1.dll
2013-02-24 10:20:05 782240 ----a-w- c:\windows\system32\deployJava1.dll
2013-02-05 20:04:37 920064 ----a-w- c:\windows\system32\wininet.dll
2013-02-05 20:04:36 43520 ----a-w- c:\windows\system32\licmgr10.dll
2013-02-05 20:04:36 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2013-02-05 05:40:26 385024 ----a-w- c:\windows\system32\html.iec
2013-01-26 03:55:44 552448 ----a-w- c:\windows\system32\oleaut32.dll
2013-01-13 12:36:10 44 ----a-w- c:\windows\system32\msssc.dll
.
============= FINISH: 14:33:24.85 ===============
https://www.mycity.rs/must-login.png

rip
  • argus  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 27 Apr 2008
  • Poruke: 9160
  • Gde živiš: Prokuplje

Pozdrav.

Preuzmi "Xplode"-ov AdwCleaner () i sacuvaj ga na Desktop

Dvoklikom pokreni program.
Klikni na dugme [Delete] i pricekaj da program zavrsi.
Program ce zatvoriti sve aktivne programe i izbaciti prozor sa tim upozorenjem. Klikni Ok kao potvrdu.
Na sledeca dva prozora koja se otvore (Informations i Restart required ) klikni Ok


Racunar ce se restartovati a potom otvoriti notepad (C:\AdwCleaner[S1].txt) sa izvestajem.
Sacuvaj taj notepad na Desktop i okaci ga uz poruku koristeci opciju "Prikaci fajl"

Napomena: Izvestaj ce takodje biti sacuvan na C:\AdwCleaner[S1].txt




Korak 2.



Preuzmite program GMER sa donjeg linka na Desktop:


GMER download
Kliknite dati link;
Kada se otvori dijalog za izbor lokacije na kojoj treba sačuvati file, odaberite Desktop i kliknite Save.



Dvoklikom pokrenite GMER.
Sačekajte da se završi uvodno skeniranje - ukoliko se pojavi bilo kakav upit, kliknite No;

kliknite Scan i sačekajte da skeniranje bude završeno;

kliknite Save ... - izveštaj sačuvajte na Desktop (pod nazivom Gmer1);

kliknite desnim tasterom u prozor programa Gmer i odaberite Options > 3rd party - kliknite Scan;

po završetku skeniranja kliknite Save ... - izveštaj sačuvajte na Desktop (pod nazivom Gmer2);

kliknite taster >>> i odaberite Autostart karticu;

po završetku kratkotrajnog skeniranja, kliknite Copy;

otvorite Notepad i u njega postavite kopirani tekst - izveštaj sačuvajte na Desktop (pod nazivom Gmer3);


Slikoviti prikaz postupka

Priložite sva tri izveštaja uz poruku korišćenjem opcije Prikači fajl.

offline
  • Miroslav Tanaskovic
  • Gradjevinski tehnicar
  • Pridružio: 02 Jan 2009
  • Poruke: 787
  • Gde živiš: Cacak

Napisano: 10 Apr 2013 8:10

Ovo odgovaram sa drugog racunara, naime posle zavrsene operacije sa Adw Cleaner-om vise nemogu nista da otvorim ni windows explorer ni googlechrome ni nista iz start menija. Restartovao sam ponovo racunar tri puta i opet isto ???

Dopuna: 10 Apr 2013 9:56

Evo posle cetvrtog restarta i pet minuta cekanja otvorio je googlechrome i saljem trazene izvestaje
https://www.mycity.rs/must-login.png

https://www.mycity.rs/must-login.png

https://www.mycity.rs/must-login.png

https://www.mycity.rs/must-login.png

rip
  • argus  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 27 Apr 2008
  • Poruke: 9160
  • Gde živiš: Prokuplje

DataMngr i Babylon toolbar smo ocistili a u logovima nema prisustvo malware-a, prema tome problem je druge prirode.

Windows je problematican, modifikovan, mozda u tome lezi problem.

Ko je trenutno na forumu
 

Ukupno su 1035 korisnika na forumu :: 42 registrovanih, 7 sakrivenih i 986 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: A.R.Chafee.Jr., aleksmajstor, Alibaba1981, Apok, aramis s, BlekMen, Boris90, Brana01, darkangel, dmdr, draganca, Dukelander, FOX, Frunze, Georgius, kairos, Kubovac, kybonacci, ladro, laurusri, ljuba, M1los, manda87, Marko.anticc, menges, mihajlo.hrin, milenko crazy north, Motocar, nemkea71, proka89, sasa87, sickmouse, sombrero, Steeeefan, VJ, voja64, YU-UKI, zdrebac, Zerajic, zillbg, Čivi, 79693