MyCity » Ambulanta -> Arhiva Ambulante » Racunar mi se sam gasio, detektovano 15 pretnji

Racunar mi se sam gasio, detektovano 15 pretnji

Napisano na dan: 17.12.2009

Racunar mi se sam gasio, detektovano 15 pretnji

Sledeća strana

Pagination

Odgovori

elzike7 Poslao: 17 Dec 2009 19:56 Idi na vrh
offline elzike7 Počasni građanin Pridružio: 15 Maj 2009 Poruke: 963	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Napisano: 17 Dec 2009 15:46 E ovako stoje stvari. Nesto mi se zeznulo u Windowsu. Dok sam bio na netu (koristim Telekom ADSL) odjednom mi se pojavilo upozorenje da ce mi se racunar iskljuciti za 1 minut i da sacuvam sve sto sam radio. Pokusao sam da uradim SS ali nije moglo nista da mi se otvori. Sacekao sam da mi se iskljuci (restartovao mi se ustvari) a onda sam pokusao da ga ponovo upalin normalno i ponovo mi se to pojavilo. Uspeo sam da prepisem ovo (tako nekako izgleda): C:\WINDOWS\system32\service.exe initiated by NT AUTHORITYSYSTEM C:\WINDOWS\system32\service.exe terminated unexpectedly mwith status code 1073741891 Pokusao sam da udjem u safe mod i radilo je. Zatim sam pokusao da udjem u safe mod sa internetom da vam se obratim za pomoc. Tu nije radilo (jos mi je internet ukljucen). Zatim sam pokrenuo normalni mod ali sam pre toga iskljucio internet i to je radilo. Kada sam se logovao ukljucio sam internet i veza nije mogla da mi se uspostavi i pisalo je da je "limited" (ogranicena) a onda sam ga ponovo iskljucio. Pokrenuo sam NOD32 da skenira da bi eleminisao viruse kao razlog gasenja I on nista nije nasao. Restartovao sam racunar i ukljuco net, logovao se i bio spreman da mi se ponovo pojavi upozorenje i da probam da ukucam u Run “shutdown.exe-a” i da vidim sta ce se desiti ali od upozorenja nista. Ponovo sam restartovao racunar i ponovo nista. Onda sam pokrenuo Malwarebytres. On je detektovao 15 pretnji sto mi je bila osnova da dodjem prvo ovde . Ispod su svi potrebni logovi (GMER log ocekujte posle 19:30, ovo sam sada postavio da ne bi izgubio a da odradim sa GMER sad nemam vreme): NOD32: [Link mogu videti samo ulogovani korisnici] Malwarebytes: [Link mogu videti samo ulogovani korisnici] DDS: DDS (Ver_09-12-01.01) - NTFSx86 Run by kole017 at 12:31:46.45 on Thu 17/12/2009 Internet Explorer: 7.0.5730.11 BrowserJavaVersion: 1.6.0_02 Microsoft Windows XP Professional 5.1.2600.2.1252.61.1033.18.1918.1364 [GMT 1:00] AV: ESET NOD32 antivirus system 2.70 On-access scanning enabled (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0} ============== Running Processes =============== C:\WINDOWS\system32\svchost -k DcomLaunch svchost.exe C:\WINDOWS\System32\svchost.exe -k netsvcs svchost.exe svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Eset\nod32krn.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe -k imgsvc C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\WINDOWS\VistaDrive\VistaDrive.exe C:\Program Files\Unlocker\UnlockerAssistant.exe C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe C:\Program Files\Eset\nod32kui.exe C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe C:\Program Files\Google\Google Talk\googletalk.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\ICQ6.5\ICQ.exe C:\Program Files\Skype\Phone\Skype.exe C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\Program Files\Skype\Plugin Manager\skypePM.exe C:\WINDOWS\system32\wuauclt.exe C:\Users\kole017\Desktop\dds.scr ============== Pseudo HJT Report =============== uStart Page = [Link mogu videti samo ulogovani korisnici] mSearchAssistant = [Link mogu videti samo ulogovani korisnici] uURLSearchHooks: H - No File mWinlogon: SfcDisable=-99 (0xffffff9d) BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File BHO: Windows Live pomagac za prijavljivanje: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.4.4525.1752\swg.dll BHO: Google Dictionary Compression sdch: {c84d72fe-e17d-4195-bb24-76c02e2e7c4e} - c:\program files\google\google toolbar\component\fastsearch_B7C5AC242193BB3E.dll TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll uRun: [CTFMON.EXE] c:\windows\system32\ctfmon.exe uRun: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "c:\program files\common files\ahead\lib\NMBgMonitor.exe" uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background uRun: [ICQ] "c:\program files\icq6.5\ICQ.exe" silent uRun: [Skype] "c:\program files\skype\phone\Skype.exe" /nosplash /minimized mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup mRun: [nwiz] nwiz.exe /install mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit mRun: [VistaDrive] c:\windows\vistadrive\VistaDrive.exe mRun: [UnlockerAssistant] "c:\program files\unlocker\UnlockerAssistant.exe" mRun: [HDAudDeck] c:\program files\via\viaudioi\hdadeck\HDeck.exe 1 mRun: [nod32kui] "c:\program files\eset\nod32kui.exe" /WAITSERVICE mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe" mRun: [RemoteControl] "c:\program files\cyberlink\powerdvd\PDVDServ.exe" mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime mRun: [googletalk] c:\program files\google\google talk\googletalk.exe /autostart dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE mPolicies-explorer: MemCheckBoxInRunDlg = 1 (0x1) mPolicies-explorer: NoSimpleStartMenu = 1 (0x1) mPolicies-explorer: StartMenuFavorites = 1 (0x1) IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000 IE: {E59EB121-F339-4851-A3BA-FE49C35617C2} - c:\program files\icq6.5\ICQ.exe IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL LSP: c:\windows\system32\imon.dll DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - c:\program files\yahoo!\common\yinsthelper.dll DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - [Link mogu videti samo ulogovani korisnici] DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} - [Link mogu videti samo ulogovani korisnici] DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - [Link mogu videti samo ulogovani korisnici] DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - [Link mogu videti samo ulogovani korisnici] Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\Skype4COM.dll SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll ================= FIREFOX =================== FF - ProfilePath - c:\users\kole017\application data\mozilla\firefox\profiles\8a028nhw.default\ FF - prefs.js: browser.search.selectedEngine - ICQ Search FF - prefs.js: browser.startup.homepage - [Link mogu videti samo ulogovani korisnici] FF - prefs.js: keyword.URL - [Link mogu videti samo ulogovani korisnici] FF - component: c:\users\kole017\application data\mozilla\firefox\profiles\8a028nhw.default\extensions\{0b457caa-602d-484a-8fe7-c1d894a011ba}\platform\winnt_x86-msvc\components\SSSLauncher.dll FF - plugin: c:\program files\k-lite codec pack\real\browser\plugins\nppl3260.dll FF - plugin: c:\program files\k-lite codec pack\real\browser\plugins\nprpjplug.dll FF - plugin: c:\users\kole017\application data\mozilla\firefox\profiles\8a028nhw.default\extensions\{e2883e8f-472f-4fb0-9522-ac9bf37916a7}\plugins\np_gp.dll FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} ---- FIREFOX POLICIES ---- c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true); ============= SERVICES / DRIVERS =============== R1 nod32drv;nod32drv;c:\windows\system32\drivers\nod32drv.sys [2009-12-9 15424] R2 NOD32krn;NOD32 Kernel Service;c:\program files\eset\nod32krn.exe [2009-12-9 552064] R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [2009-12-8 279680] S0 bphkk;bphkk; [x] S3 FXDrv32;FXDrv32;\??\f:\fxdrv32.sys --> f:\FXDrv32.sys [?] ============== File Associations =============== regfile\shell\edit\command=%SystemRoot%\system32\NOTEPAD.EXE %1 =============== Created Last 30 ================ 2009-12-17 10:50:41 0 d-----w- c:\users\kole017\application data\Malwarebytes 2009-12-17 10:50:38 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2009-12-17 10:50:36 0 d-----w- c:\users\alluse~1\applic~1\Malwarebytes 2009-12-17 10:50:35 19160 ----a-w- c:\windows\system32\drivers\mbam.sys 2009-12-17 10:50:35 0 d-----w- c:\program files\Malwarebytes' Anti-Malware 2009-12-16 08:09:52 0 d-----w- c:\users\alluse~1\applic~1\Deskshare 2009-12-16 08:09:45 0 d-----w- c:\windows\XSxS 2009-12-16 08:09:45 0 d-----w- c:\program files\Xenocode 2009-12-16 08:09:35 815104 ----a-w- c:\windows\system32\xvidcore.dll 2009-12-16 08:09:33 180224 ----a-w- c:\windows\system32\xvidvfw.dll 2009-12-16 08:08:07 0 d-----w- c:\program files\1AVCapture 2009-12-15 21:42:58 0 d-----w- c:\program files\FreeTime 2009-12-15 18:37:21 56 ---ha-w- c:\windows\system32\ezsidmv.dat 2009-12-15 18:35:15 0 d-----r- c:\program files\Skype 2009-12-15 17:59:35 0 d-----w- c:\users\kole017\application data\Miranda 2009-12-15 17:59:05 0 d-----w- c:\program files\Miranda IM 2009-12-14 19:38:33 69632 ----a-w- c:\windows\system32\DivXG400.ax 2009-12-14 19:38:33 0 d-----w- C:\DivXG400 2009-12-14 19:38:25 34816 ----a-w- c:\windows\system\mpgaudio.ax 2009-12-14 19:38:25 294912 ----a-w- c:\windows\system\iviaudio.ax 2009-12-14 19:38:14 0 d-----w- c:\program files\ffdshow 2009-12-12 05:19:09 1258 ----a-w- C:\Document.rtf 2009-12-12 04:56:04 0 d-----w- c:\program files\ICQ6.5 2009-12-12 04:37:31 0 d-----w- c:\program files\ICQ6Toolbar 2009-12-12 04:37:27 0 d-----w- c:\users\alluse~1\applic~1\ICQ 2009-12-12 04:00:01 0 d-----w- c:\program files\YouTube Downloader 2009-12-11 09:34:03 0 d-----w- c:\users\kole017\dwhelper 2009-12-11 01:52:28 82 ----a-w- c:\users\kole017\default.pls 2009-12-10 01:23:11 0 d-----w- c:\windows\system32\Adobe 2009-12-10 00:04:57 0 d-----w- c:\users\kole017\application data\BSplayer 2009-12-10 00:04:48 0 d-----w- c:\program files\Webteh 2009-12-10 00:01:36 0 d-----w- c:\users\kole017\application data\BSplayer Pro 2009-12-09 10:44:22 0 d-----w- c:\program files\URUSoft 2009-12-09 06:26:51 0 d-----w- c:\users\kole017\Tracing 2009-12-09 06:23:36 0 d-----w- c:\program files\Microsoft 2009-12-09 06:23:19 0 d-----w- c:\program files\Windows Live SkyDrive 2009-12-09 06:19:49 0 d-----w- c:\program files\common files\Windows Live 2009-12-09 06:11:45 0 d-----w- c:\users\kole017\Contacts 2009-12-09 06:01:10 268 ---ha-w- C:\sqmdata02.sqm 2009-12-09 06:01:10 244 ---ha-w- C:\sqmnoopt02.sqm 2009-12-09 05:59:56 268 ---ha-w- C:\sqmdata01.sqm 2009-12-09 05:59:56 244 ---ha-w- C:\sqmnoopt01.sqm 2009-12-09 03:06:48 268 ---ha-w- C:\sqmdata00.sqm 2009-12-09 03:06:48 244 ---ha-w- C:\sqmnoopt00.sqm 2009-12-09 02:57:30 512096 ----a-w- c:\windows\system32\drivers\amon.sys 2009-12-09 02:57:30 298104 ----a-w- c:\windows\system32\imon.dll 2009-12-09 02:57:30 15424 ----a-w- c:\windows\system32\drivers\nod32drv.sys 2009-12-09 02:57:30 0 d-----w- c:\program files\Eset 2009-12-08 15:59:11 331184 ------w- c:\windows\system32\difxapi.dll 2009-12-08 15:59:11 0 d-----w- c:\program files\VIA 2009-12-08 13:53:09 0 d-----w- c:\program files\common files\ODBC 2009-12-08 13:53:07 0 d-----w- c:\program files\common files\SpeechEngines 2009-12-08 13:52:46 0 d-----r- c:\users\all users\Documents 2009-12-08 04:56:55 0 d-----w- c:\program files\CamStudio 2009-12-08 04:02:47 0 d-----w- c:\users\alluse~1\applic~1\Nero 2009-12-08 04:02:46 0 d-----w- c:\program files\Nero 2009-12-08 04:01:35 0 d-----w- c:\program files\JockerSoft 2009-12-08 04:01:33 0 d-----w- c:\program files\AVIcodec 2009-12-08 04:00:47 0 d-----w- c:\program files\Windows Media Connect 2 2009-12-08 03:58:59 0 d-----w- c:\program files\MSN Messenger 2009-12-08 03:58:07 0 d-----w- c:\program files\PDFCreator 2009-12-08 03:50:17 0 d-----w- c:\program files\Microsoft ActiveSync 2009-12-08 03:50:02 0 d-----w- c:\program files\Microsoft Office 2003 2009-12-08 03:48:51 0 d-----w- c:\program files\MicrosoftOfficeSetupFiles 2009-12-08 03:48:48 0 d-----w- c:\program files\HJSplit 2009-12-08 03:48:41 0 d-----w- c:\program files\Unlocker 2009-12-08 03:48:37 0 d-----w- c:\program files\HeavyLoad 2009-12-08 03:30:06 0 d-----w- c:\program files\Yahoo! 2009-12-08 03:30:01 0 d-----w- c:\program files\CCleaner 2009-12-08 03:09:26 0 d-----w- c:\program files\MSXML 6.0 2009-12-08 03:09:23 0 d-----w- c:\program files\MSXML 4.0 2009-12-08 03:04:54 0 d-----w- c:\program files\Xvid 2009-12-08 03:00:33 0 d-sh--w- c:\users\all users\DRM 2009-12-08 03:00:17 0 d--h--w- c:\program files\WindowsUpdate 2009-12-08 03:00:14 0 d-----w- c:\program files\Online Services 2009-12-08 02:59:39 0 d-----w- c:\program files\common files\MSSoap 2009-12-08 02:58:09 0 d-----w- c:\program files\Windows NT ==================== Find3M ==================== 2009-12-08 02:58:50 21640 ----a-w- c:\windows\system32\emptyregdb.dat 2009-10-29 04:48:52 499712 ----a-w- c:\windows\system32\msvcp71.dll ============= FINISH: 12:31:57.43 =============== [Link mogu videti samo ulogovani korisnici] GMER: Posle 19:30 h. Dopuna: 17 Dec 2009 15:47 Inace sada nema nikakvih problema, cisto da proverite... Dopuna: 17 Dec 2009 19:56 Ljudi evo RootRepeal loga. GMER mi nesto stalno koci kompjuter. [Link mogu videti samo ulogovani korisnici]

Profil

diarno Poslao: 17 Dec 2009 20:30 Idi na vrh
offline diarno Anti Malware Fighter Rank 2 Pridružio: 15 Jun 2007 Poruke: 5572	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Log deluje cist..Jel si restartovao komp posle koriscenja mbam-a?

Profil

elzike7 Poslao: 17 Dec 2009 21:49 Idi na vrh
offline elzike7 Počasni građanin Pridružio: 15 Maj 2009 Poruke: 963	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Jesam. Malwarebytes je sam ponudio restart. Znaci sada je sve cisto i sredjeno?

Profil

diarno Poslao: 18 Dec 2009 15:55 Idi na vrh
offline diarno Anti Malware Fighter Rank 2 Pridružio: 15 Jun 2007 Poruke: 5572	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! aham

Profil

MyCity » Ambulanta -> Arhiva Ambulante » Racunar mi se sam gasio, detektovano 15 pretnji

Ko je trenutno na forumu

Ukupno su 1072 korisnika na forumu :: 146 registrovanih, 11 sakrivenih i 915 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 15694 - dana 01 Feb 2026 12:23

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: 037, 04bokibole, 10x10.9, 1MAP, 33 bren, 6.5lapua, _stipa_, aleksandar1888, aleph_one, Apok, asdfjklc, Aska, babaroga, bbogdan, Beanara, Betta, Betty25, blankspace, blatruc82, Bobrock1, bojanstros9, Boris BM, BORUTUS, Bosnjo, brufen, CCCP, celeron, Crazzer, dacanaldo, Dambi, darionis, desmeki, Djevrek od kartona, Djota1, doktor097, DonRumataEstorski, dozorni, draganca, draganst, Duh16, dule10savic, Dungorth, Dzigy, Džekson, ElvisP, Ercomero, Georgius, grega2s, GrobarPovratak, HawX, Igorkg77, Ikica977, Iskander, istokzapad, Jakonjveliki, Jan, Joksss, Još malo pa deda, K2, kalens021, Kružić, lafa008, Lazur_01, ljubsz, lord sir giga, Lubenica303, mainstream, malimedo01, Marko Marković, MarkoJ-Nis, maxim_von_burdengate, Mcdado, mercedesamg, Mikoyan98, mikrimaus, milenko crazy north, mir, miroslav milanović, mnn2, moldway, mrvica78, Nebojsa81, nemkea71, Neutral, Neutral-M, novator, obsc, Orc, ozzy, paladin71, Papadubi, PenzosGSP, peradetlić, petrovicrs, Phaeton, Podgoritza, Pohovani_00, Povratak1912, predragg, proka1ng, proka89, RED4G-304, Roksi, royst33, Sale0501, samo_citam, sevenino, shadower78, simazr, Sin Boskic, Sinisa76, Siti2, stefan95, stegonosa, steksi, Stoorb, suputboy, svetleći, tamno.nebo, theNedjeljko, Tihi86, Titan, Tribal, troki1971, TRZH92, Valter071, vathra, Vatreni Zmaj, vdeki, Velizar Laro, Veljko™, vlad4, VladaKG1980, vladulns, Vrač, Vujkeu, vuk77, Yekaterinburg, yiyi, Zander, Zgembo78, zmajognjeniivan, zokizemun, zziko, Đurđevdan, 79693

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by