Dugo cekanje da se pojave ikonice pri dizanju sistema

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Napisano: 08 Apr 2013 20:21

Skroz mi se poremetio windows. Kad spustim tab, on se dole uopste nevidi. I sve mi je tako nekako cudno

Dopuna: 08 Apr 2013 20:21

moram da spudstim google chrom da bi video prozore koje sam spustio

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

CF ne pokazuje da je bilo sta petljao oko drajvera. Hajde odradi CFScript pa da vidimo na cemu smo.

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Napisano: 08 Apr 2013 20:28

Pazi kad ne mogu ni ikonicu da prevucem preko comba! Ne znam sta da radim?

Dopuna: 08 Apr 2013 20:30

Cak mi se i neka linija pojavljuje na sred ekrana? Da mi nisu drajveri otisli? Hajde pomagaj molim te

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Napisano: 08 Apr 2013 20:37

Drajveri su ako nista drugo osteceni, to sigurno ali ...meni sve ovo deluje kao hardverski problem. Nagadjam da je hard disk na izdisaju.


Combofix moda da bude na desktopu;
CFScript mora da se nalazi na desktopu;

Start > run, kopiraj:

Combofix "c:\documents and settings\WINXP\Desktop\CFScript.txt"

Enter.

Ovo bi trebalo startovati Combofix koristeci CFScript.

Dopuna: 08 Apr 2013 20:40

PS: Samo ne panici, ako ne uspes, samo restartuj racunar pa probaj onda da prevuces CFScript preko Combofix -a.

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

ComboFix 13-04-08.02 - WINXP 08.04.2013 20:42:52.2.2 - x86
Running from: c:\documents and settings\WINXP\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\WINXP\Desktop\CFScript.txt
.
.
((((((((((((((((((((((((( Files Created from 2013-03-08 to 2013-04-08 )))))))))))))))))))))))))))))))
.
.
2013-04-07 18:02 . 2013-04-07 18:02 -------- d-----w- c:\documents and settings\WINXP\Application Data\vlc
2013-04-04 15:58 . 2013-04-04 15:58 -------- d-----w- c:\documents and settings\All Users\Application Data\Graboid Inc
2013-04-04 15:58 . 2013-04-04 15:58 -------- d-----w- c:\documents and settings\WINXP\Local Settings\Application Data\Geckofx
2013-04-04 15:57 . 2013-04-05 10:44 -------- d-----w- c:\program files\Graboid
2013-04-04 15:56 . 2013-04-05 19:31 -------- d-----w- c:\documents and settings\All Users\Application Data\Package Cache
2013-04-01 19:59 . 2013-04-01 19:59 -------- d-----w- c:\program files\CCleaner
2013-03-31 23:28 . 2013-03-31 23:28 94112 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-03-29 16:29 . 2013-04-01 13:32 -------- d-----w- c:\program files\Tennis Elbow 2013
2013-03-18 22:12 . 2013-02-12 00:32 12928 -c----w- c:\windows\system32\dllcache\usb8023x.sys
2013-03-18 22:12 . 2013-02-12 00:32 12928 -c----w- c:\windows\system32\dllcache\usb8023.sys
2013-03-18 20:42 . 2013-03-06 23:33 199384 ----a-w- c:\windows\system32\drivers\aswNdis2.sys
2013-03-18 20:42 . 2013-03-06 23:33 21576 ----a-w- c:\windows\system32\drivers\aswKbd.sys
2013-03-18 20:42 . 2013-03-06 23:33 101656 ----a-w- c:\windows\system32\drivers\aswFW.sys
2013-03-18 20:42 . 2013-03-06 23:33 49248 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2013-03-18 20:42 . 2013-03-06 23:33 164736 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2013-03-18 20:42 . 2013-03-06 23:33 66336 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2013-03-18 20:40 . 2013-02-18 08:41 12112 ----a-w- c:\windows\system32\drivers\aswNdis.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-04-07 18:02 . 2011-09-06 11:42 2516 --sha-w- c:\documents and settings\All Users\Application Data\KGyGaAvL.sys
2013-03-31 23:28 . 2012-06-27 16:09 861088 ----a-w- c:\windows\system32\npDeployJava1.dll
2013-03-31 23:28 . 2011-08-04 19:17 143872 ----a-w- c:\windows\system32\javacpl.cpl
2013-03-31 23:28 . 2011-08-04 19:17 782240 ----a-w- c:\windows\system32\deployJava1.dll
2013-03-13 01:22 . 2012-06-06 09:22 693976 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-03-13 01:22 . 2011-11-23 17:42 73432 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-03-06 23:33 . 2011-09-06 11:49 368176 ----a-w- c:\windows\system32\drivers\aswSP.sys
2013-03-06 23:33 . 2011-09-06 11:49 62376 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2013-03-06 23:33 . 2011-09-06 11:49 49760 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2013-03-06 23:33 . 2011-09-06 11:49 765736 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-03-06 23:33 . 2011-09-06 11:49 29816 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2013-03-06 23:32 . 2011-09-06 11:49 41664 ----a-w- c:\windows\avastSS.scr
2013-03-06 23:32 . 2011-09-06 11:49 228600 ----a-w- c:\windows\system32\aswBoot.exe
2013-02-12 00:32 . 2011-09-06 09:04 12928 ------w- c:\windows\system32\drivers\usb8023x.sys
2013-02-12 00:32 . 2004-08-04 03:04 12928 ----a-w- c:\windows\system32\drivers\usb8023.sys
2013-02-05 20:05 . 2004-08-04 04:56 916480 ----a-w- c:\windows\system32\wininet.dll
2013-02-05 20:05 . 2004-08-04 04:56 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2013-02-05 20:05 . 2004-08-04 04:56 43520 ----a-w- c:\windows\system32\licmgr10.dll
2013-02-05 05:53 . 2004-08-04 02:59 385024 ----a-w- c:\windows\system32\html.iec
2013-01-26 03:55 . 2004-08-04 04:56 552448 ----a-w- c:\windows\system32\oleaut32.dll
2013-01-15 17:49 . 2013-02-13 23:56 23360 ----a-w- c:\windows\system32\RegistryDefragBootTime.exe
2012-06-19 11:22 . 2012-04-21 10:43 85472 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
Cryptography Services Error !!
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-03-06 23:32 121968 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2013-03-06 4767304]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-04-30 13750272]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-20 59240]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-18 946352]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
[HKLM\~\startupfolder\C:^Documents and Settings^WINXP^Start Menu^Programs^Startup^Adobe Gamma.lnk]
backup=c:\windows\pss\Adobe Gamma.lnkStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Device Detector]
DevDetect.exe -autorun [X]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
2007-12-13 17:10 1688872 ----a-w- c:\program files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2008-04-14 03:42 1695232 ----a-w- c:\program files\Messenger\msmsgs.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBKeyScan]
2007-12-03 12:21 2213160 ----a-w- c:\program files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2007-03-01 12:57 153136 ----a-w- c:\program files\Common Files\Nero\Lib\NeroCheck.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
2009-04-30 22:30 13750272 ----a-w- c:\windows\system32\nvcpl.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
2009-04-30 22:30 86016 ----a-w- c:\windows\system32\nvmctray.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
2009-04-30 22:31 1657376 ----a-w- c:\windows\system32\nwiz.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2012-04-18 18:56 421888 ----a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2013-01-08 11:59 18705664 ----a-r- c:\program files\Skype\Phone\Skype.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan]
2005-10-24 06:45 90112 ------r- c:\windows\soundman.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
2010-07-12 16:32 74752 ----a-w- c:\program files\Winamp\winampa.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"wuauserv"=2 (0x2)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" -atboottime
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\BitTorrent\\BitTorrent.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\VideoLAN\\VLC\\vlc.exe"=
"c:\\Program Files\\AlexTV\\alextv.exe"=
"c:\\Program Files\\SopCast\\adv\\SopAdver.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\javaw.exe"=
"c:\\Program Files\\Veetle\\Player\\VeetleNet.exe"=
"c:\\WINDOWS\\pchealth\\helpctr\\binaries\\helpctr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Program Files\\Java\\jre7\\bin\\javaw.exe"=
"c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=
"c:\\Documents and Settings\\WINXP\\Local Settings\\Application Data\\Torch\\Plugins\\Torrent\\TorchTorrent.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5985:TCP"= 5985:TCP:*:Disabled:Windows Remote Management
.
R2 avast! Firewall;avast! Firewall;c:\program files\AVAST Software\Avast\afwServ.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [x]
S0 aswKbd;aswKbd; [x]
S0 aswNdis;avast! Firewall NDIS Filter Service;c:\windows\system32\DRIVERS\aswNdis.sys [x]
S0 aswNdis2;avast! Firewall Core Firewall Service; [x]
S0 aswRvrt;aswRvrt; [x]
S0 aswVmm;aswVmm; [x]
S1 aswFW;avast! TDI Firewall driver; [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x]
S2 regi;regi;c:\windows\system32\drivers\regi.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-04-01 17:17 1642448 ----a-w- c:\program files\Google\Chrome\Application\26.0.1410.43\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2013-04-08 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-06 01:22]
.
2013-04-08 c:\windows\Tasks\avast! Emergency Update.job
- c:\program files\AVAST Software\Avast\AvastEmUpdate.exe [2013-03-18 23:32]
.
2013-04-08 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-01-17 17:59]
.
2013-04-08 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-01-17 17:59]
.
.
------- Supplementary Scan -------
.
uStart Page = [Link mogu videti samo ulogovani korisnici]
mStart Page = [Link mogu videti samo ulogovani korisnici]
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
TCP: DhcpNameServer = 89.216.1.40 89.216.1.50
FF - ProfilePath - c:\documents and settings\WINXP\Application Data\Mozilla\Firefox\Profiles\d0admk95.default\
FF - ExtSQL: !HIDDEN! 2011-09-27 19:10; {1FD91A9C-410C-4090-BBCC-55D3450EF433}; c:\program files\Searchqu Toolbar\Datamngr\FirefoxExtension
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, [Link mogu videti samo ulogovani korisnici]
Rootkit scan 2013-04-08 20:55
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-299502267-1500820517-725345543-1003\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_6_602_180_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_6_602_180_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'explorer.exe'(1228)
c:\windows\system32\WININET.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\nvsvc32.exe
c:\program files\Java\jre7\bin\jqs.exe
c:\program files\Common Files\Protexis\License Service\PsiService_2.exe
.
**************************************************************************
.
Completion time: 2013-04-08 20:59:03 - machine was rebooted
ComboFix-quarantined-files.txt 2013-04-08 18:59
ComboFix2.txt 2013-04-08 17:52
.
Pre-Run: 9.702.211.584 bytes free
Post-Run: 9.692.729.344 bytes free
.
- - End Of File - - 250112E7989B1DCA942230FF25E7A0BA

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Restartuj racunar.

Obrisi rucno DDS i Gmer.

-----------------------------

Ponovo pokreni AdwCleaner
Klikni na dugme [Uninstall] i pricekaj da se postupak uninstallacije zavrsi.

-----------------------------
Potrebno je deinstalirati ComboFix:
klikni start (ili ), a zatim RUN.

Na Visti koristiti Start Search polje ukoliko Run nije dostupan.

U liniju za unos teksta ukucaj (iskopiraj) sledeće:

ComboFix /Uninstall

Primeti da postoji razmak između "ComboFix" i "/Uninstall".



a zatim klikni OK (ili pritisni Enter).

Sačekaj da se proces deinstalacije završi.
------------------------------


Problem nije prouzrokovan malware-om tako da smo i samim tim ovde diskusiju zavrsili. U Ambulanti radimo analizu i uklanjanje infekcija sa racunara.

Ukoliko ti se i dalje ispoljava navedeni problem, nastavite resavanje problema u staroj temi.
Posto ti je taj Windows bitan, moja je preporuka je da pocnes od testiranja hard diska. Postavicu ti u windows temi PG za test koristeci MHDD alat.
[Link mogu videti samo ulogovani korisnici]

Srecno.