Problem sa racunarom

2

Problem sa racunarom

offline
  • Pridružio: 21 Maj 2004
  • Poruke: 316
  • Gde živiš: Nis

Uspeo sam konacno da pokrenem DDS (prebacio na desktop) i pokrenuo se bez problema iako ranije ni to nije islo. Evo logova iz DDS-a

.
DDS (Ver_2011-06-23.01) - NTFSx86
Internet Explorer: 6.0.2900.5512
Run by Filip Miric at 13:27:10 on 2011-07-22
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1789.1330 [GMT 2:00]
.
.
============== Running Processes ===============
.
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
svchost.exe
svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Nero\Update\NASvc.exe
C:\Program Files\CDBurnerXP\NMSAccessU.exe
C:\WINDOWS\Installer\MSI96.tmp
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\Ask.com\Updater\Updater.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE
c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
C:\WINDOWS\system32\mspaint.exe
C:\Program Files\Mozilla Firefox\firefox.exe
.
============== Pseudo HJT Report ===============
.
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files\microsoft\search enhancement pack\search helper\SearchHelper.dll
BHO: Windows Live pomagac za prijavljivanje: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: QUICKfind BHO Object: {c08df07a-3e49-4e25-9ab0-d3882835f153} - c:\progra~1\textware\quickf~1\plugins\IEHelp.dll
BHO: Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - c:\program files\ask.com\GenericAskToolbar.dll
BHO: Windows Live Toolbar Helper: {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - c:\program files\windows live\toolbar\wltcore.dll
TB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - c:\program files\windows live\toolbar\wltcore.dll
TB: Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - c:\program files\ask.com\GenericAskToolbar.dll
TB: {472734EA-242A-422B-ADF8-83D1E48CC825} - No File
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [StartCCC] "c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe" MSRun
mRun: [QlbCtrl.exe] c:\program files\hewlett-packard\hp quick launch buttons\QlbCtrl.exe /Start
mRun: [SoundMAXPnP] c:\program files\analog devices\core\smax4pnp.exe
mRun: [SoundMAX] c:\program files\analog devices\soundmax\Smax4.exe /tray
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot
mRun: [WinXPService] c:\documents and settings\filip miric\application data\microsoft\document building blocks\1025\build\index\ctfmon.pif
mRun: [DAEMON Tools] "c:\program files\daemon tools\daemon.exe" -lang 1033
mRun: [ApnUpdater] "c:\program files\ask.com\updater\Updater.exe"
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\blueto~1.lnk - c:\program files\widcomm\bluetooth software\BTTray.exe
mPolicies-system: EnableLinkedConnections = 1 (0x1)
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
IE: Send to &Bluetooth Device... - c:\program files\widcomm\bluetooth software\btsendto_ie_ctx.htm
IE: Send To Bluetooth - c:\program files\widcomm\bluetooth software\btsendto_ie.htm
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\program files\widcomm\bluetooth software\btsendto_ie.htm
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://go.microsoft.com/fwlink/?linkid=39204
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1270998566140
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1309382043640
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
TCP: DhcpNameServer = 192.168.0.1
TCP: Interfaces\{374EBC83-652A-4503-AD57-E6D87751F819} : DhcpNameServer = 192.168.0.1
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Notify: AtiExtEvent - Ati2evxx.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "c:\program files\common files\lightscribe\LSRunOnce.exe"
mASetup: {28ABC5C0-4FCB-11CF-AAX5-81CX1C635612} - c:\recycler\s-1-5-21-1482476501-1644491937-682003330-1013\ise64.exe
mASetup: {67KLN5J0-4OPM-33WE-AAX5-34KC2A3453431} - c:\setup\data\June.exe
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\filip miric\application data\mozilla\firefox\profiles\mblh1hkf.default\
FF - plugin: c:\documents and settings\filip miric\application data\mozilla\plugins\npgoogletalk.dll
FF - plugin: c:\documents and settings\filip miric\application data\mozilla\plugins\npgtpo3dautoplugin.dll
FF - plugin: c:\documents and settings\filip miric\local settings\application data\google\update\1.3.21.57\npGoogleUpdate3.dll
FF - plugin: c:\program files\google\update\1.3.21.57\npGoogleUpdate3.dll
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Ask Toolbar: toolbar@ask.com - %profile%\extensions\toolbar@ask.com
.
============= SERVICES / DRIVERS ===============
.
R0 SFAUDIO;Sonic Focus DSP Driver;c:\windows\system32\drivers\sfaudio.sys [2008-3-28 24064]
R2 NAUpdate;@c:\program files\nero\update\nasvc.exe,-200;c:\program files\nero\update\NASvc.exe [2010-3-25 490280]
R2 SCPDFReadSpool;SolidConverterPDFReadSpool;c:\windows\installer\MSI96.tmp [2011-7-5 177784]
R3 Com4QLBEx;Com4QLBEx;c:\program files\hewlett-packard\hp quick launch buttons\Com4QLBEx.exe [2009-4-29 222512]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2009-7-21 133104]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
.
=============== Created Last 30 ================
.
2011-07-10 22:28:07 -------- d-----w- c:\documents and settings\all users\application data\LightScribe
2011-07-10 22:14:10 -------- d-----w- c:\documents and settings\all users\application data\Nero
2011-07-10 22:13:16 -------- d-----w- c:\program files\Nero
2011-07-10 22:06:25 1974616 ----a-w- c:\windows\system32\D3DCompiler_42.dll
2011-07-10 22:06:17 1892184 ----a-w- c:\windows\system32\D3DX9_42.dll
2011-07-10 22:06:06 3727720 ----a-w- c:\windows\system32\d3dx9_35.dll
2011-07-10 21:22:27 4379984 ----a-w- c:\windows\system32\D3DX9_40.dll
2011-07-10 21:22:13 3497832 ----a-w- c:\windows\system32\d3dx9_34.dll
2011-07-05 20:30:23 -------- d-----w- c:\program files\SolidDocuments
2011-07-05 19:52:09 -------- d-----w- c:\documents and settings\filip miric\application data\SolidDocuments
2011-07-05 19:51:34 27456 ----a-w- c:\windows\system32\solidlocalmon.dll
2011-07-05 19:51:34 18752 ----a-w- c:\windows\system32\solidlocalui.dll
2011-07-05 19:50:59 -------- d-----w- c:\documents and settings\all users\application data\SolidDocuments
2011-06-29 23:24:23 -------- d-----w- c:\documents and settings\filip miric\local settings\application data\Threat Expert
2011-06-29 23:00:29 -------- d-----w- c:\program files\PC Tools Security
2011-06-29 22:57:12 -------- d-----w- c:\documents and settings\all users\application data\PC Tools
2011-06-29 21:18:22 -------- d-----w- c:\windows\system32\PreInstall
2011-06-29 21:18:20 -------- d--h--w- c:\windows\$hf_mig$
2011-06-29 21:12:26 -------- d-----w- c:\documents and settings\filip miric\local settings\application data\AskToolbar
.
==================== Find3M ====================
.
.
============= FINISH: 13:27:48,89 ===============


https://www.mycity.rs/must-login.png

https://www.mycity.rs/must-login.png

a evo loga i iz Mini Tool Box-a:



https://www.mycity.rs/must-login.png

offline
  • Pridružio: 02 Feb 2008
  • Poruke: 14018
  • Gde živiš: Nish

U toku resavanja slucaja, zamolio bih te da se pridrzavas sledeceg:
Detaljno citati moja uputstva ( ili uputstva kolega koji ce me zamenjivati) i raditi iskljucivo po njima;
Ne traziti istovremeno pomoc na drugom mestu;
Nemoj koristiti druge programe za uklanjanje malware-a, osim onih za koje budes dobio uputstvo;
U toku intervencije ne koristiti USB memorijske uredjaje, dok to ne budem zatrazio;
Ukoliko ne odgovorim u roku od 48h, osvezi temu novim post-om;
Ukoliko se ne javis u roku od 5 dana, zatvoricemo slucaj.

Za vise informacija o pravilima Ambulante MyCity foruma: LINK

-------------------------------------------------------------------------------------





Arrow



Preuzmi sUBs-ov ComboFix sa sledeće adrese na Desktop:


Bleeping Computer
Klikni desnim tasterom na link i odaberi opciju Save Target As... (Save Link As..., Save Linked Content As... ili sličnu);
Kada se otvori dijalog za izbor lokacije na kojoj treba sačuvati file, odaberi Desktop i klikni Save.




Kada preuzimanje programa bude završeno:
deaktiviraj zaštitni softver (uputstvo);
zatvori pokrenute programe;
dvoklikom pokreni program ComboFix;
u prozoru koji se otvori klikni "I Agree".

U toku rada, ComboFix će:proveriti postoji li novija verzija programa:
klikni Yes ako bude ponuđeno preuzimanje iste.
ako Recovery Console nije instalirana, ponuditi instalaciju:
obavezno prihvati klikom na Yes i isprati postupak.
postaviti/dati određeni broj upita/obaveštenja:
prihvati klikom na Yes ili OK.
po potrebi, restartovati Windows (više puta);
na kraju rada, otvoriti Notepad sa izveštajem o skeniranju.


Iskopiraj izveštaj koji je ComboFix napravio u temu na forumu:
klikni desnim tasterom miša u prozor Notepad-a i izaberi Select All;
klikni desnim tasterom miša na obeleženi tekst i izaberi Copy;
klikni desnim tasterom miša u polje za pisanje poruke i izaberi Paste.


Napomena:Izveštaj će biti sačuvan pod nazivom ComboFix.txt na sistemskoj particiji (tipična lokacija: C:\ComboFix.txt);
Ukoliko nakon slanja poruke primetiš da izveštaj nije kompletan, iskoristi opciju Prikači fajl za prilaganje file-a C:\ComboFix.txt uz poruku.








goran9888 (AMF Tim)

Ko je trenutno na forumu
 

Ukupno su 957 korisnika na forumu :: 62 registrovanih, 7 sakrivenih i 888 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: -[CoA]-, 357magnum, amaterSRB, Bobrock1, bojank, BORUTUS, Buda Baba, darkangel, darkojbn, DeerHunter, Dejan84, Don, draganca, Drug pukovnik, DucicM, dule10savic, Frunze, gile959, gomago, Goran 0000, gorican, Gosha101980, Griffon vulture, grunff2, ILGromovnik, ivica976, kaptain, Krvava Devetka, kunktator, mercedesamg, Mercury, mgolub, milimoj, Miškić, nobutado, nuke92, nuki1234, Orc from Russia, pein, pera bager, pericanet, pvoman, raketaš, Ripanjac, rovac, S2M, ser.hill, Sirius, stegonosa, styg, suton, Toni, trutcina, Van, Viceroy, Vlada78, vsn111, vukdra, YU-UKI, zdrebac, zillbg, šumar bk2