Reset racunaraaaaaaaa!!!!

Reset racunaraaaaaaaa!!!!

offline
  • Pridružio: 11 Avg 2010
  • Poruke: 36

Napisano: 24 Okt 2010 13:17

Postovani “saborci”,
Vise ni sam ne znam sta da radim i kako da pomognem svom racunaru! Ja sam vec resavao problem kod vas ali izgleda da mojim mukama nema kraja! Vise mi je muka da formatiram i instaliram “freski” Windows 7 svaki put kada zapadnem u corsokak! Ali da ne duzim, nego da pocnem!
Kao prvo, u pitanju je sledeca konfiguracija:
1. AMD Phenom II X3 720 Black Edition
2. Gigabyte GA-MA790FX-DS5
3. Asus 8600GT
4. WD 500GB
5. 2x1GB Kingston i
6. Napajanje Cooler Master GX 650W

Drugo, cisto reda radi (mozda ce biti od pomoci) ove probleme nisam imao sve dok nisam promenio procesor, pre ovog imao sam AMD Athlon 64 X2 2.8 Black edition!
E sada, ide ovo glavno! Problem: RESET RACUNARA!!!! Jos da kazem da sam update-ovao predposlednju verziju BIOS-a kako bi mi racunar prepoznao procesor. U pitanju je F7 verzija BIOS-a, a postoji i poslednja koja je neka BETA verzija! Sada se pitate kada se desava reset racunara?! Reset mi se dogadja opet kada pokrenem Eset Smart Security i kada zelim da SCAN-ujem odredjene HDD particije! Takodje do RESET-a dolazi i kada zelim da raspakujem neku igricu koju sam skinuo sa neta, znaci ne radi se o svim igricama samo o nekim, novijim! Imam 2 externa HDD i 2 koja se nalaze u kucistu! Radi lakseg objasnjenja problema fokusiracu se na ovaj drugi, koji se nalazi u kucistu i koji mi, iskljucivo, sluzi za downloading! Kada sam ga povezao formatirao sam ga i odradio HDD check! Sve je bilo OK! Skinuo sam par igrica, malo muzike i nekoliko filmova! Poslednja igrica koju sam skinuo je Medal of Honor limited editin, sa sajta:
(zabranjeno)-bb.org/viewtopic.php?t=7028221&sid=2376ee63bc2fb2525b25d36a04d1c791
Kada sam krenuo da je raspakujem, sledi reset racunara! Pokusao sam preko WinRar-a, 7zip i preko Total Commandera da je otpakujem i uvek bi nakon nekoliko sekundi po pokretanju raspakivanja doslo do reseta!!!! Jos da kazem da sam pre nego sto krenem sa raspakivanjem uvek proverio preko ESS-a da li nije u pitanju neki virus! ESS mi nije nista pronasao! Danas sam pokusao da ugasim ESS ali za divno cudo to je nemoguce! Kao prilog vam prilazem ovu sliku!
Sada malo jos da se osvrnem na ESS! Pre nekoliko minuta pokrenuo sam ga i zeleo da proverim ovaj interni HDD, koji mi sluzi za downloading, da li ima neke viruse. Pokrenem ESS, izaberem opciju CUSTOM SCAN, odaberem pomenuti HDD, krene skeniranje i posle nekih 20-tak sekundi ide RESET!!! Nakon reseta odmah pristupim BIOS-u da proverim temperatutu CPU-a i pokazuje mi da je oko 45-46C! Kada se Windows ponovo pokrenem, opet startujem ESS, odaberem isti HDD za proveru ali ovog puta proveravam folder po folder (MP3, FILMOVI i SLIKE). ESS mi ne pronalazi nista!!! Nakon ovoga, odaberem ova 3 foldera i pustim ESS da pretrazi automatski!!! I zamislite, nakon 10-tak sekundi, opet ide RESET!!!!!!!!!!!!




Evo sada i logova od programa koje ste trazili!

1. DDS.txt:


DDS (Ver_10-10-21.02) - NTFSx86
Run by Milan at 12:13:22.86 on Sun 10/24/2010
Internet Explorer: 8.0.7600.16385 BrowserJavaVersion: 1.6.0_21
Microsoft Windows 7 Ultimate 6.1.7600.0.1252.1.1033.18.2046.1139 [GMT 2:00]


============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\Common Files\ABBYY\FineReader\10.00\Licensing\CE\NetworkLicenseServer.exe
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Windows\system32\WUDFHost.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Windows\tsnp2std.exe
C:\Windows\vsnp2std.exe
C:\Program Files\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\RealHideIP\RealHideIP.exe
C:\Program Files\Media Key\MagicKey.exe
C:\Program Files\Media Key\OSD.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\wbem\wmiprvse.exe
C:\Users\Milan\AppData\Roaming\mjusbsp\magicJack.exe
C:\Windows\system32\DllHost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\Nero\Update\NASvc.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Milan\Desktop\dds.scr
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe

============== Pseudo HJT Report ===============

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\progra~1\micros~2\office14\GROOVEEX.DLL
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - c:\program files\windows live\companion\companioncore.dll
BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll
BHO: Skype add-on for Internet Explorer: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: FlashGetBHO: {b070d3e3-fec0-47d9-8e8a-99d4eeb3d3b0} - c:\users\milan\appdata\roaming\flashgetbho\FlashGetBHO3.dll
BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - c:\progra~1\micros~2\office14\URLREDIR.DLL
BHO: Bing Bar BHO: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\program files\msn toolbar\platform\6.3.2322.0\npwinext.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: SmartSelect Class: {f4971ee7-daa0-4053-9964-665d8ee6a077} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll
TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll
TB: @c:\program files\msn toolbar\platform\6.3.2322.0\npwinext.dll,-100: {8dcb7100-df86-4384-8842-8fa844297b3f} - c:\program files\msn toolbar\platform\6.3.2322.0\npwinext.dll
TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
uRun: [cdloader] "c:\users\milan\appdata\roaming\mjusbsp\cdloader2.exe" MAGICJACK
uRun: [PC Suite Tray] "c:\program files\nokia\nokia pc suite 7\PCSuite.exe" -onlytray
uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background
uRun: [Real Hide IP] c:\program files\realhideip\RealHideIP.exe
mRun: [egui] "c:\program files\eset\eset smart security\egui.exe" /hide /waitservice
mRun: [RtHDVCpl] c:\program files\realtek\audio\hda\RtHDVCpl.exe -s
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [BCSSync] "c:\program files\microsoft office\office14\BCSSync.exe" /DelayServices
mRun: [FixCamera] c:\windows\FixCamera.exe
mRun: [tsnp2std] c:\windows\tsnp2std.exe
mRun: [snp2std] c:\windows\vsnp2std.exe
mRun: [Bonus.SSR.FR10] "c:\program files\abbyy finereader 10\Bonus.ScreenshotReader.exe" /autorun
mRun: [Adobe Acrobat Speed Launcher] "c:\program files\adobe\acrobat 9.0\acrobat\Acrobat_sl.exe"
mRun: [<NO NAME>]
mRun: [Acrobat Assistant 8.0] "c:\program files\adobe\acrobat 9.0\acrobat\Acrotray.exe"
mRun: [NBAgent] "c:\program files\nero\nero 10\nero backitup\NBAgent.exe" /WinStart
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\mediak~1.lnk - c:\program files\media key\MagicKey.exe
mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: PromptOnSecureDesktop = 0 (0x0)
mPolicies-system: EnableLinkedConnections = 1 (0x1)
IE: Append Link Target to Existing PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIECapture.html
IE: Download all by FlashGet3 - c:\users\milan\appdata\roaming\flashgetbho\GetAllUrl.htm
IE: Download by FlashGet3 - c:\users\milan\appdata\roaming\flashgetbho\GetUrl.htm
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~1\micros~2\office14\ONBttnIE.dll/105
IE: {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - c:\program files\pokerstars\PokerStarsUpdate.exe
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - c:\program files\windows live\companion\companioncore.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office\office14\ONBttnIELinkedNotes.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\progra~1\micros~2\office14\GROOVEEX.DLL

================= FIREFOX ===================

FF - ProfilePath - c:\users\milan\appdata\roaming\mozilla\firefox\profiles\k24fpvye.default\
FF - prefs.js: network.proxy.type - 0
FF - component: c:\program files\mozilla firefox\extensions\{ab2ce124-6272-4b12-94a9-7303c7397bd1}\components\SkypeFfComponent.dll
FF - component: c:\program files\nokia\nokia pc suite 7\bkmrksync\components\BkMrkExt.dll
FF - component: c:\users\milan\appdata\roaming\mozilla\firefox\profiles\k24fpvye.default\extensions\{db9127a2-3381-41ec-82b3-1b6ed4c6f29a}\components\FlashGetXPI.dll
FF - plugin: c:\progra~1\micros~2\office14\NPAUTHZ.DLL
FF - plugin: c:\progra~1\micros~2\office14\NPSPWRAP.DLL
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\nvidia corporation\3d vision\npnv3dv.dll
FF - plugin: c:\program files\nvidia corporation\3d vision\npnv3dvstreaming.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}

---- FIREFOX POLICIES ----
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--fiqz9s", true); // Traditional
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--fiqs8s", true); // Simplified
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--j6w193g", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4a87g", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbqly7c0a67fbc", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbqly7cvafr", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--kpry57d", true); // Traditional
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--kprw13d", true); // Simplified

============= SERVICES / DRIVERS ===============

R1 VD_FileDisk;VD_FileDisk;c:\windows\system32\drivers\vd_filedisk.sys [2006-1-13 15872]
R2 ABBYY.Licensing.FineReader.Corporate.10.0;ABBYY FineReader 10 CE Licensing Service;c:\program files\common files\abbyy\finereader\10.00\licensing\ce\NetworkLicenseServer.exe [2009-12-19 814344]
R2 eamonm;eamonm;c:\windows\system32\drivers\eamonm.sys [2010-6-24 136120]
R2 ekrn;ESET Service;c:\program files\eset\eset smart security\ekrn.exe [2010-6-24 810144]
R2 epfwwfp;epfwwfp;c:\windows\system32\drivers\epfwwfp.sys [2010-4-28 41312]
R2 NAUpdate;Nero Update;c:\program files\nero\update\NASvc.exe [2010-3-25 490280]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\nvidia corporation\3d vision\nvSCPAPISvr.exe [2010-7-9 248936]
R2 TeamViewer5;TeamViewer 5;c:\program files\teamviewer\version5\TeamViewer_Service.exe [2010-10-14 2002728]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\drivers\Rt86win7.sys [2009-11-5 230912]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 KMService;KMService;c:\windows\system32\srvany.exe [2010-10-10 8192]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-14 229888]
S3 fssfltr;fssfltr;c:\windows\system32\drivers\fssfltr.sys [2010-10-22 39272]
S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2010-9-23 1493352]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\microsoft office\office14\GROOVE.EXE [2010-3-25 30969208]
S3 osppsvc;Office Software Protection Platform;c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\OSPPSVC.EXE [2010-1-9 4640000]
S3 Revoflt;Revoflt;c:\windows\system32\drivers\revoflt.sys [2010-10-10 27192]
S4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\windows live\mesh\wlcrasvc.exe [2010-9-22 51040]

=============== Created Last 30 ================

2010-10-22 17:10:57 -------- d-----w- c:\windows\en
2010-10-22 17:10:33 39272 ----a-w- c:\windows\system32\drivers\fssfltr.sys
2010-10-22 17:05:46 -------- d-----w- c:\users\milan\appdata\local\Windows Live
2010-10-22 17:05:18 3181568 ----a-w- c:\windows\system32\mf.dll
2010-10-22 17:05:18 196608 ----a-w- c:\windows\system32\mfreadwrite.dll
2010-10-22 17:05:18 1619456 ----a-w- c:\windows\system32\WMVDECOD.DLL
2010-10-22 17:04:23 6146896 ----a-w- c:\progra~2\microsoft\windows defender\definition updates\{fcedac4a-c1cd-42be-9006-dbb4d880f138}\mpengine.dll
2010-10-22 16:37:35 -------- d-----w- c:\program files\Pocket Tanks Deluxe
2010-10-17 21:24:24 -------- d-----w- c:\users\milan\appdata\roaming\Malwarebytes
2010-10-17 21:24:17 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-10-17 21:24:16 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-10-17 21:24:16 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-10-17 21:24:16 -------- d-----w- c:\progra~2\Malwarebytes
2010-10-17 19:03:22 -------- d-----w- c:\users\milan\appdata\local\ElevatedDiagnostics
2010-10-17 10:04:58 -------- d-----w- c:\users\milan\appdata\roaming\WebcamMax
2010-10-17 10:04:55 -------- d-----w- c:\program files\Ask.com
2010-10-15 12:47:09 -------- d-----w- c:\program files\MSXML 4.0
2010-10-14 21:15:08 -------- d-----w- c:\program files\Where Is It
2010-10-14 18:44:23 -------- d-----w- c:\users\milan\appdata\roaming\RealHideIP
2010-10-14 18:44:23 -------- d-----w- c:\progra~2\RealHideIP
2010-10-14 18:43:30 -------- d-----w- c:\program files\RealHideIP
2010-10-14 16:00:45 -------- d-----w- c:\users\milan\appdata\local\Nero_AG
2010-10-14 16:00:03 -------- d-----w- c:\users\milan\appdata\local\Nero
2010-10-14 15:54:06 -------- d-----w- c:\progra~2\Nero
2010-10-14 15:53:32 -------- d-----w- c:\program files\Nero
2010-10-14 15:31:17 1974616 ----a-w- c:\windows\system32\D3DCompiler_42.dll
2010-10-14 15:31:03 1892184 ----a-w- c:\windows\system32\D3DX9_42.dll
2010-10-14 15:30:49 4379984 ----a-w- c:\windows\system32\D3DX9_40.dll
2010-10-14 15:30:35 3727720 ----a-w- c:\windows\system32\d3dx9_35.dll
2010-10-14 15:30:18 3497832 ----a-w- c:\windows\system32\d3dx9_34.dll
2010-10-14 14:41:10 -------- d-----w- c:\users\milan\appdata\roaming\TeamViewer
2010-10-14 14:41:05 -------- d-----w- c:\program files\TeamViewer
2010-10-14 14:18:19 -------- d-----w- c:\users\milan\Tracing
2010-10-14 14:13:12 3426072 ----a-w- c:\windows\system32\d3dx9_32.dll
2010-10-14 14:12:18 -------- d-----w- c:\program files\Microsoft
2010-10-14 13:57:53 -------- d-----w- c:\program files\common files\Windows Live
2010-10-14 05:36:58 -------- d-----w- c:\users\milan\appdata\local\Adobe
2010-10-13 14:53:15 -------- d-----w- c:\program files\common files\Macrovision Shared
2010-10-13 14:53:00 22872 ----a-r- c:\windows\system32\AdobePDFUI.dll
2010-10-13 14:05:22 -------- d-----w- c:\program files\common files\ABBYY
2010-10-13 14:04:10 -------- d-----w- c:\users\milan\appdata\local\ABBYY
2010-10-13 14:04:10 -------- d-----w- c:\program files\ABBYY FineReader 10
2010-10-13 14:04:10 -------- d-----w- c:\progra~2\ABBYY
2010-10-12 20:49:07 4247040 ----a-w- c:\program files\windows nt\accessories\wordpad.exe
2010-10-12 20:49:06 1413632 ----a-w- c:\windows\system32\ole32.dll
2010-10-11 17:58:52 -------- d-----w- c:\progra~2\Contrast
2010-10-11 17:58:51 -------- d-----w- c:\program files\Contrast
2010-10-11 17:54:23 -------- d-----w- c:\users\milan\appdata\roaming\Contrast
2010-10-11 17:44:54 -------- d-----w- c:\program files\Media Key
2010-10-11 17:43:21 40960 ----a-w- c:\windows\system32\ForgiveMe.exe
2010-10-11 17:39:46 94208 ----a-w- c:\windows\amcap.exe
2010-10-11 17:39:45 675840 ----a-w- c:\windows\vsnp2std.exe
2010-10-11 17:39:45 258048 ----a-w- c:\windows\tsnp2std.exe
2010-10-11 17:39:44 77824 ----a-w- c:\windows\system32\csnp2std.dll
2010-10-11 17:39:44 25472 ----a-w- c:\windows\system32\drivers\sncamd.sys
2010-10-11 17:39:44 249856 ----a-w- c:\windows\system32\vsnp2std.dll
2010-10-11 17:39:44 151552 ----a-w- c:\windows\system32\rsnp2std.dll
2010-10-11 17:39:44 12028032 ----a-w- c:\windows\system32\drivers\snp2sxp.sys
2010-10-11 17:39:44 -------- d-----w- c:\program files\common files\snp2std
2010-10-11 17:38:38 12856 ----a-w- c:\windows\system32\drivers\KBFILTER.SYS
2010-10-11 17:38:31 306688 ----a-w- c:\windows\IsUninst.exe
2010-10-11 17:35:58 -------- d-----w- c:\program files\common files\PCSuite
2010-10-11 17:35:56 -------- d-----w- c:\program files\common files\Nokia
2010-10-11 17:35:52 18816 ----a-w- c:\windows\system32\drivers\pccsmcfd.sys
2010-10-11 17:35:45 -------- d-----w- c:\program files\PC Connectivity Solution
2010-10-11 17:35:33 92672 ----a-w- c:\windows\system32\nmwcdcls.dll
2010-10-11 17:35:33 -------- d-----w- c:\program files\Nokia
2010-10-11 00:24:30 -------- d-----w- c:\windows\Panther
2010-10-11 00:24:16 -------- d-sh--w- C:\Boot
2010-10-10 22:10:19 -------- d-----w- c:\users\milan\appdata\local\tjnet
2010-10-10 22:08:29 -------- d-----w- c:\users\milan\appdata\local\magicJack
2010-10-10 22:08:24 -------- d-----w- c:\progra~2\magicJack
2010-10-10 22:06:55 -------- d-----w- c:\users\milan\appdata\roaming\mjusbsp
2010-10-10 22:02:01 -------- d-----w- c:\program files\CCleaner
2010-10-10 21:57:46 -------- d-----w- c:\users\milan\appdata\roaming\BSplayer PRO
2010-10-10 21:57:42 -------- d-----w- c:\program files\Webteh
2010-10-10 21:47:00 839680 ----a-w- c:\windows\system32\lameACM.acm
2010-10-10 21:47:00 790528 ----a-w- c:\windows\system32\xvidcore.dll
2010-10-10 21:47:00 217088 ----a-w- c:\windows\system32\yv12vfw.dll
2010-10-10 21:47:00 151552 ----a-w- c:\windows\system32\ac3acm.acm
2010-10-10 21:47:00 134144 ----a-w- c:\windows\system32\xvidvfw.dll
2010-10-10 21:46:59 108032 ----a-w- c:\windows\system32\ff_vfw.dll
2010-10-10 21:46:57 -------- d-----w- c:\program files\K-Lite Codec Pack
2010-10-10 21:40:49 165376 ----a-w- c:\windows\system32\unrar.dll
2010-10-10 19:21:00 8192 ----a-w- c:\windows\system32\srvany.exe
2010-10-10 19:15:51 -------- d-----w- c:\program files\Microsoft Synchronization Services
2010-10-10 19:15:35 -------- d-----w- c:\windows\PCHEALTH
2010-10-10 19:15:35 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition
2010-10-10 19:15:02 -------- d-----w- c:\program files\Microsoft Visual Studio 8
2010-10-10 19:14:39 -------- d-----w- c:\program files\Microsoft Analysis Services
2010-10-10 19:13:57 -------- d-----w- c:\users\milan\appdata\local\Microsoft Help
2010-10-10 19:03:19 -------- d-----r- c:\program files\Skype
2010-10-10 18:55:47 691696 ----a-w- c:\windows\system32\drivers\sptd.sys
2010-10-10 18:55:36 -------- d-----w- c:\program files\DAEMON Tools Lite
2010-10-10 18:54:58 -------- d-----w- c:\users\milan\appdata\roaming\DAEMON Tools Lite
2010-10-10 18:54:56 -------- d-----w- c:\progra~2\DAEMON Tools Lite
2010-10-10 18:52:07 -------- d-----w- c:\users\milan\appdata\local\PokerStars
2010-10-10 18:51:49 -------- d-----w- c:\program files\PokerStars
2010-10-10 18:46:18 2048 ----a-w- c:\windows\system32\tzres.dll
2010-10-10 18:40:22 -------- d-----w- c:\windows\sr-Latn-CS
2010-10-10 18:40:17 -------- d-----w- c:\windows\system32\wbem\sr-Latn-CS
2010-10-10 18:40:17 -------- d-----w- c:\windows\system32\drivers\sr-Latn-CS
2010-10-10 18:37:50 -------- d-----w- C:\Poker
2010-10-10 18:35:14 89600 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\HPZPPLHN.DLL
2010-10-10 18:33:31 257024 ----a-w- c:\windows\system32\msv1_0.dll
2010-10-10 18:31:36 99176 ----a-w- c:\windows\system32\PresentationHostProxy.dll
2010-10-10 18:31:36 49472 ----a-w- c:\windows\system32\netfxperf.dll
2010-10-10 18:31:36 297808 ----a-w- c:\windows\system32\mscoree.dll
2010-10-10 18:31:36 295264 ----a-w- c:\windows\system32\PresentationHost.exe
2010-10-10 18:31:36 1130824 ----a-w- c:\windows\system32\dfshim.dll
2010-10-10 18:21:49 12800 ----a-w- c:\windows\system32\drivers\sffp_sd.sys
2010-10-10 18:21:45 190976 ----a-w- c:\windows\system32\drivers\ks.sys
2010-10-10 15:37:17 423656 ----a-w- c:\windows\system32\deployJava1.dll
2010-10-10 15:37:17 423656 ----a-w- c:\program files\mozilla firefox\plugins\npdeployJava1.dll
2010-10-10 15:35:50 -------- d-----w- c:\program files\JDownloader
2010-10-10 15:28:22 -------- d-----w- c:\users\milan\appdata\local\VS Revo Group
2010-10-10 15:28:20 27192 ----a-w- c:\windows\system32\drivers\revoflt.sys
2010-10-10 15:28:17 -------- d-----w- c:\program files\VS Revo Group
2010-10-10 15:16:34 222080 ------w- c:\windows\system32\MpSigStub.exe
2010-10-10 15:16:14 728648 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2010-10-10 15:16:14 507568 ----a-w- c:\windows\system32\winload.exe
2010-10-10 15:16:14 442920 ----a-w- c:\windows\system32\winresume.exe
2010-10-10 15:16:14 1320960 ----a-w- c:\windows\system32\CertEnroll.dll
2010-10-10 15:14:59 740864 ----a-w- c:\windows\system32\inetcomm.dll
2010-10-10 15:14:59 1619968 ----a-w- c:\program files\windows mail\msoe.dll
2010-10-10 15:14:58 67584 ----a-w- c:\windows\system32\asycfilt.dll
2010-10-10 15:14:58 34816 ----a-w- c:\windows\system32\msasn1.dll
2010-10-10 15:14:56 427520 ----a-w- c:\windows\system32\vbscript.dll
2010-10-10 15:14:55 13312 ----a-w- c:\program files\internet explorer\iecompat.dll
2010-10-10 15:14:35 316928 ----a-w- c:\windows\system32\spoolsv.exe
2010-10-10 15:14:21 132608 ----a-w- c:\windows\system32\cabview.dll
2010-10-10 15:12:50 70656 ----a-w- c:\windows\system32\fontsub.dll
2010-10-10 15:12:50 34304 ----a-w- c:\windows\system32\atmlib.dll
2010-10-10 15:12:50 293888 ----a-w- c:\windows\system32\atmfd.dll
2010-10-10 15:03:15 -------- d-----w- c:\users\milan\appdata\roaming\FlashGet
2010-10-10 15:03:14 -------- d-----w- c:\users\milan\appdata\roaming\BITS
2010-10-10 15:03:11 -------- d-----w- c:\users\milan\appdata\roaming\FlashGetBHO
2010-10-10 15:03:09 -------- d-----w- c:\program files\FlashGet Network
2010-10-10 14:59:21 -------- d-----w- c:\users\milan\appdata\roaming\ACD Systems
2010-10-10 14:59:21 -------- d-----w- c:\users\milan\appdata\local\ACD Systems
2010-10-10 14:58:54 -------- d-----w- c:\progra~2\ACD Systems
2010-10-10 14:58:48 -------- d-----w- c:\program files\common files\ACD Systems
2010-10-10 14:58:48 -------- d-----w- c:\program files\ACD Systems
2010-10-10 14:58:16 -------- d-----w- c:\users\milan\appdata\local\Downloaded Installations
2010-10-10 14:44:33 -------- d-----w- C:\1
2010-10-10 14:44:11 -------- d-----w- c:\users\milan\appdata\roaming\ESET
2010-10-10 14:44:11 -------- d-----w- c:\users\milan\appdata\local\ESET
2010-10-10 14:43:36 -------- d-----w- c:\program files\ESET
2010-10-10 14:43:09 -------- d-sh--w- c:\windows\Installer
2010-10-10 14:40:10 -------- d-----w- c:\users\milan\appdata\local\GHISLER
2010-10-10 14:39:17 -------- d-----w- c:\users\milan\appdata\roaming\HEXelon
2010-10-10 14:39:05 -------- d-----w- c:\program files\TC UP
2010-10-10 14:37:10 -------- d-----w- c:\windows\system32\wbem\Performance
2010-10-10 14:30:19 -------- d-sh--w- C:\Recovery

==================== Find3M ====================

2010-09-22 22:47:28 49016 ----a-w- c:\windows\system32\sirenacm.dll
2010-09-22 22:32:56 301936 ----a-w- c:\windows\WLXPGSS.SCR
2010-09-21 12:03:14 208768 ----a-w- c:\windows\system32\LIVESSP.DLL
2010-09-08 04:30:04 978432 ----a-w- c:\windows\system32\wininet.dll
2010-09-08 04:28:15 44544 ----a-w- c:\windows\system32\licmgr10.dll
2010-09-08 03:22:31 386048 ----a-w- c:\windows\system32\html.iec
2010-09-08 02:48:16 1638912 ----a-w- c:\windows\system32\mshtml.tlb
2010-09-01 04:23:49 12625408 ----a-w- c:\windows\system32\wmploc.DLL
2010-09-01 02:34:52 2327552 ----a-w- c:\windows\system32\win32k.sys
2010-08-31 04:32:30 954752 ----a-w- c:\windows\system32\mfc40.dll
2010-08-31 04:32:30 954288 ----a-w- c:\windows\system32\mfc40u.dll
2010-08-27 05:46:48 168448 ----a-w- c:\windows\system32\srvsvc.dll
2010-08-26 04:39:58 109056 ----a-w- c:\windows\system32\t2embed.dll
2010-08-21 05:36:33 738816 ----a-w- c:\windows\system32\wmpmde.dll
2010-08-21 05:36:24 224256 ----a-w- c:\windows\system32\schannel.dll
2010-08-21 05:33:24 530432 ----a-w- c:\windows\system32\comctl32.dll
2010-07-29 06:30:49 197632 ----a-w- c:\windows\system32\ir32_32.dll
2010-07-29 06:30:34 82944 ----a-w- c:\windows\system32\iccvid.dll
2010-07-28 10:23:48 1084008 ----a-w- c:\windows\system32\RTSndMgr.cpl
2010-07-28 10:23:36 1829992 ----a-w- c:\windows\system32\RtkPgExt.dll
2010-07-28 10:23:24 64616 ----a-w- c:\windows\system32\RtkCoInst.dll
2010-07-28 10:23:24 367208 ----a-w- c:\windows\system32\RtkApoApi.dll
2010-07-28 10:23:24 3604584 ----a-w- c:\windows\system32\RtkAPO.dll
2010-07-27 05:54:00 1251944 ----a-w- c:\windows\RtlExUpd.dll

============= FINISH: 12:13:52.81 ===============


mycity.rs/must-login.png

mycity.rs/must-login.png

mycity.rs/must-login.png

Gmer3.log nisam okacio jer mi program nista ne pokazuje tj. ne ispise nista kada pritisnem SCAN! Prazno!

Dopuna: 24 Okt 2010 13:59

Evo sada mi cak ESS pronalazi ponovo neki BOOT virus!
Prikacicu sliku!

offline
  • Pridružio: 02 Feb 2008
  • Poruke: 14018
  • Gde živiš: Nish

Pozdrav, toci1980.




U toku resavanja slucaja, zamolio bih te da se pridrzavas sledeceg:
Detaljno citati moja uputstva (ili uputstva kolega koji ce me zamenjivati) i raditi iskljucivo po njima;
Ne traziti istovremeno pomoc na drugom mestu;
Nemoj koristiti druge programe za uklanjanje malware-a, osim onih za koje budes dobio uputstvo;
U toku intervencije ne koristiti USB memorijske uredjaje, dok to ne budem zatrazio;
Ukoliko ne odgovorim u roku od 48h, osvezi temu novim post-om;
Ukoliko se ne javis u roku od 5 dana, zatvoricemo slucaj.

Za vise informacija o pravilima Ambulante MyCity foruma: LINK

-------------------------------------------------------------------------------------

Arrow

Preuzmi sUBs-ov ComboFix sa sledeće adrese na Desktop:


Bleeping Computer
Klikni desnim tasterom na link i odaberi opciju Save Target As... (Save Link As..., Save Linked Content As... ili sličnu);
Kada se otvori dijalog za izbor lokacije na kojoj treba sačuvati file, odaberi Desktop i klikni Save.




Kada preuzimanje programa bude završeno:
deaktiviraj zaštitni softver (uputstvo);
zatvori pokrenute programe;
dvoklikom pokreni program ComboFix.

U toku rada, ComboFix će:proveriti postoji li novija verzija programa:
klikni Yes ako bude ponuđeno preuzimanje iste.
prikazati DISCLAIMER OF WARRANTY ON SOFTWARE:
klikni Yes kako bi proces bio nastavljen.
ako Recovery Console nije instalirana, ponuditi instalaciju:
obavezno prihvati klikom na Yes i isprati postupak.
postaviti/dati određeni broj upita/obaveštenja:
prihvati klikom na Yes ili OK.
po potrebi, restartovati Windows (više puta);
na kraju rada, otvoriti Notepad sa izveštajem o skeniranju.


Iskopiraj izveštaj koji je ComboFix napravio u temu na forumu:
klikni desnim tasterom miša u prozor Notepad-a i izaberi Select All;
klikni desnim tasterom miša na obeleženi tekst i izaberi Copy;
klikni desnim tasterom miša u polje za pisanje poruke i izaberi Paste.


Napomena:Izveštaj će biti sačuvan pod nazivom ComboFix.txt na sistemskoj particiji (tipična lokacija: C:\ComboFix.txt);
Ukoliko nakon slanja poruke primetiš da izveštaj nije kompletan, iskoristi opciju Prikači fajl za prilaganje file-a C:\ComboFix.txt uz poruku.






goran9888 (AMF Tim)

offline
  • Pridružio: 11 Avg 2010
  • Poruke: 36

Nisam uspeo nista pomocu ComboFix-a!!!! Prvi put kada sam ga pokrenuo, dobio sam crn ekran i plavi mali ekran na kome je pisalo ComboFix. Drugi puta kada sam ga pokrenuo poceo je nesto da radi i na kraju kada sam cekao da ispise log, NISTA se nije desilo. Ovo je slika koja mi se poslednja pojavila i PC je stojao tako 2-3h i nista se nije desilo!


I jos jedno pitanje u vezi USB memorijskih uredjaja - da li ovo znaci da treba da iskljucim oba externa HDD-a posto su oba povezana preko USB-a ili ne? Takodje imam i jedan USB uredjaj koji mi sluzi za telefoniranje i jednaputa mi je ESS i tu pronasao neki virus! Jos samo da napomenem da na ovim externim HDD ima sigurno nekih virusa!!!

offline
  • Pridružio: 02 Feb 2008
  • Poruke: 14018
  • Gde živiš: Nish

Otvori novu temu u Hardware potforumu: http://www.mycity.rs/Hardware/ , opisi detaljno problem i reci da nije izazvan malware-om. Posle, kada resis problem sa restartom racunara, mozes svratiti ovde (u ovoj temi) da nastavimo analizu tvog operativnog sistema.



goran9888 (AMF Tim)

offline
  • Pridružio: 11 Avg 2010
  • Poruke: 36

OK, probacu tamo, pa se javljam!
Pozz!

Ko je trenutno na forumu
 

Ukupno su 663 korisnika na forumu :: 11 registrovanih, 1 sakriven i 651 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: Battlehammer, bojank, DPera, dragoljub11987, gorantrojka, hyla, Krvava Devetka, Lord Nem, nemkea71, opt1, slonic_tonic