kompjuter se sam restartuje

2

kompjuter se sam restartuje

offline
  • scoles  Male
  • Novi MyCity građanin
  • Pridružio: 08 Jan 2009
  • Poruke: 17
  • Gde živiš: sumadija

ComboFix 09-01-19.05 - Cole 2009-01-20 22:33:44.4 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1250.1.1033.18.256.51 [GMT 1:00]
Running from: c:\documents and settings\Cole\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\Cole\Desktop\zadnja skripta\CFScript.txt
AV: ESET NOD32 Antivirus 3.0 *On-access scanning disabled* (Updated)
* Created a new restore point

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!

FILE ::
c:\documents and settings\Cole\upjdl.exe
c:\windows\system32\autorun.i
c:\windows\system32\autorun.in
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\Cole\upjdl.exe
c:\windows\system32\autorun.i
c:\windows\system32\autorun.in

.
((((((((((((((((((((((((( Files Created from 2008-12-20 to 2009-01-20 )))))))))))))))))))))))))))))))
.

2009-01-19 23:19 . 2009-01-20 21:09 <DIR> d-------- c:\program files\SpeedFan
2009-01-19 23:19 . 2009-01-19 23:19 45 --a------ c:\windows\system32\initdebug.nfo
2009-01-15 22:52 . 2009-01-15 22:51 410,984 --a------ c:\windows\system32\deploytk.dll
2009-01-07 18:27 . 2007-06-29 14:47 34,304 --a------ c:\windows\system32\drivers\AmdLLD.sys
2009-01-07 02:37 . 2009-01-07 02:39 <DIR> d-------- c:\program files\QuickTime
2009-01-07 02:37 . 2009-01-07 02:37 <DIR> d-------- c:\documents and settings\All Users\Application Data\Apple Computer
2009-01-07 02:18 . 2009-01-07 02:36 <DIR> d-------- c:\program files\Common Files\Apple
2009-01-06 00:19 . 2009-01-07 15:20 <DIR> d-------- c:\program files\Google
2009-01-02 13:06 . 2009-01-02 13:06 0 -rahs---- C:\khs
2009-01-02 11:50 . 2009-01-07 02:10 <DIR> d-------- c:\program files\NoteWorthy Composer
2008-12-24 00:20 . 2008-12-24 00:20 268 --ah----- C:\sqmdata13.sqm
2008-12-24 00:20 . 2008-12-24 00:20 244 --ah----- C:\sqmnoopt13.sqm
2008-12-23 02:05 . 2008-12-23 02:05 <DIR> d-------- c:\program files\Typograf

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-01-20 21:09 --------- d-----w c:\program files\Common Files\Akamai
2009-01-19 12:56 2,516 --sha-w c:\windows\system32\KGyGaAvL.sys
2009-01-15 21:51 --------- d-----w c:\program files\Java
2009-01-08 23:13 --------- d-----w c:\program files\CamStudio
2009-01-06 18:29 --------- d-----w c:\documents and settings\All Users\Application Data\HPSSUPPLY
2009-01-06 14:02 --------- d-----w c:\program files\Mv2Player
2008-12-28 14:41 --------- d-----w c:\documents and settings\Cole\Application Data\SAU KP
2008-12-17 21:08 --------- d-----w c:\program files\Apple Software Update
2008-12-17 21:08 --------- d-----w c:\documents and settings\All Users\Application Data\Apple
2008-12-15 00:18 --------- d-----w c:\documents and settings\Cole\Application Data\Sahmon Games
2008-12-15 00:15 --------- d-----w c:\program files\AskSearch
2008-12-15 00:14 --------- d-----w c:\program files\AskBarDis
2008-12-14 22:32 --------- d-----w c:\program files\Morton Benson
2008-12-11 11:57 333,184 ----a-w c:\windows\system32\drivers\srv.sys
2008-10-23 13:01 283,648 ----a-w c:\windows\system32\gdi32.dll
.

((((((((((((((((((((((((((((( snapshot@2009-01-18_23.54.22.53 )))))))))))))))))))))))))))))))))))))))))
.
+ 1996-04-03 19:33:26 5,248 ----a-w c:\windows\system32\giveio.sys
+ 2006-09-24 13:28:47 5,248 ----a-w c:\windows\system32\speedfan.sys
+ 2009-01-20 20:09:05 16,384 ----atw c:\windows\Temp\Perflib_Perfdata_798.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}]
2008-11-24 20:25 333192 --a------ c:\program files\AskBarDis\bar\bin\askBar.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{3041d03e-fd4b-44e0-b742-2d9b88305f98}"= "c:\program files\AskBarDis\bar\bin\askBar.dll" [2008-11-24 333192]

[HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}]
[HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{3041D03E-FD4B-44E0-B742-2D9B88305F98}"= "c:\program files\AskBarDis\bar\bin\askBar.dll" [2008-11-24 333192]

[HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}]
[HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Google Update"="c:\documents and settings\Cole\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [2008-12-23 133104]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-01-11 68856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2004-11-02 32768]
"Smapp"="c:\program files\Analog Devices\SoundMAX\SMTray.exe" [2003-05-05 143360]
"ATIPTA"="c:\windows\atiptaxx.exe" [2003-06-05 335872]
"ISUSPM Startup"="c:\program files\Common Files\InstallShield\UpdateService\isuspm.exe" [2005-08-11 249856]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2005-08-11 81920]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2007-12-21 1443072]
"DeviceDiscovery"="c:\program files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe" [2003-05-21 229437]
"Share-to-Web Namespace Daemon"="c:\program files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe" [2002-04-17 69632]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-01-15 136600]
"Device Detector"="c:\program files\Common Files\ACD Systems\EN\DevDetect.exe" [2003-09-17 212992]
"Di dictionary"="c:\program files\Di recnik\Di.exe" [2007-03-16 518656]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672]
"HP Software Update"="c:\program files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe" [2007-03-11 49152]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2008-11-04 413696]
"nMTaskBarService"="nMtsk.exe" [2005-05-06 c:\windows\nMtsk.exe]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-03 15360]

c:\documents and settings\Cole\Start Menu\Programs\Startup\
Adobe Gamma.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-03-16 113664]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe [2007-03-11 210520]
Metacafe.lnk - c:\program files\Metacafe\MetacafeAgent.exe [2008-06-29 145736]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.ACDV"= ACDV.dll

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"UpdatesDisableNotify"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Winamp\\winamp.exe"=
"c:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"c:\\Program Files\\MSN Messenger\\livecall.exe"=
"c:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpqscnvw.exe"=
"c:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpqcopy.exe"=
"c:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpoews01.exe"=
"c:\\Documents and Settings\\Cole\\Local Settings\\Application Data\\Google\\Google Talk Plugin\\googletalkplugin.dll"=
"c:\\Documents and Settings\\Cole\\Local Settings\\Application Data\\Google\\Google Talk Plugin\\googletalkplugin.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"9420:TCP"= 9420:TCP:Akamai NetSession Interface
"5000:UDP"= 5000:UDP:Akamai NetSession Interface

R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [2007-12-21 33800]
R3 mosuport;USB Serial/Parallel Ports;c:\windows\system32\drivers\mosuport.sys [2008-06-17 867062]
R4 Akamai;Akamai;c:\windows\System32\svchost.exe -k Akamai [2004-08-03 14336]
R4 ASKService;ASKService;c:\program files\AskBarDis\bar\bin\AskService.exe [2008-12-15 464264]
R4 ekrn;Eset Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [2007-12-21 468224]
S3 netModUSBService;Service for netMod USB CAPI Driver;c:\windows\system32\drivers\nMUSB.sys [2008-06-14 62824]
S3 usnjsvc;Usluga Messenger Sharing Folders USN Journal Reader;c:\program files\MSN Messenger\usnsvc.exe [2007-01-19 97136]
S4 ASKUpgrade;ASKUpgrade;c:\program files\AskBarDis\bar\bin\ASKUpgrade.exe [2008-12-15 234888]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
Akamai REG_MULTI_SZ Akamai
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Contents of the 'Scheduled Tasks' folder

2008-12-17 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 12:34]

2009-01-20 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1644491937-1958367476-682003330-1003.job
- c:\documents and settings\Cole\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2008-12-23 21:09]

2009-01-10 c:\windows\Tasks\WebReg 20081006032036.job
- c:\program files\Hewlett-Packard\webreg\bin\hpqwrg.exe []
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://starter.metacafe.com
uSearch Page = hxxp://www.google.com
uSearchMigratedDefaultURL = 687474703a2f2f7777772e676f6f676c652e636f6d2f
uDefault_Search_URL = 687474703a2f2f7777772e676f6f676c652e636f6d2f
uSearch Bar = hxxp://www.google.com/ie
mSearch Bar = 687474703a2f2f7777772e676f6f676c652e636f6d2f
mSearchMigratedDefaultURL = 687474703a2f2f7777772e676f6f676c652e636f6d2f
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
mSearchURL = 687474703a2f2f7777772e676f6f676c652e636f6d2f
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Prevedi sa Di recnikom - c:\program files\Di recnik\diie.htm
IE: Translate with Di dictionary -
FF - ProfilePath - c:\documents and settings\Cole\Application Data\Mozilla\Firefox\Profiles\xrduqzdq.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.babylon.com/web/{searchTerms}?babsrc=browsersearch
FF - prefs.js: browser.search.selectedEngine - Ask
FF - prefs.js: browser.startup.homepage - hxxp://www.google.rs/
FF - prefs.js: keyword.URL - hxxp://toolbar.ask.com/toolbarv/askRedirect?o=101787&gct=&gc=1&q=
FF - component: c:\documents and settings\Cole\Application Data\Mozilla\Firefox\Profiles\xrduqzdq.default\extensions\{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7}\components\FFAlert.dll
FF - component: c:\documents and settings\Cole\Application Data\Mozilla\Firefox\Profiles\xrduqzdq.default\extensions\{b69a9db4-d0a1-4722-b56b-f20757a29cdf}\components\FFAlert.dll
FF - plugin: c:\documents and settings\Cole\Application Data\Mozilla\plugins\npgoogletalk.dll
FF - plugin: c:\documents and settings\Cole\Local Settings\Application Data\Google\Update\1.2.133.33\npGoogleOneClick7.dll
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, gmer.net
Rootkit scan 2009-01-20 22:36:00
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2009-01-20 22:38:02
ComboFix-quarantined-files.txt 2009-01-20 21:37:53
ComboFix2.txt 2009-01-19 22:13:04
ComboFix3.txt 2009-01-19 21:19:08
ComboFix4.txt 2009-01-18 22:55:34

Pre-Run: 16.424.226.816 bytes free
Post-Run: 16,440,377,344 bytes free

186 --- E O F --- 2009-01-20 20:17:03

Nadam se da sam odradio kako je trebalo
pozdrav

offline
  • Pridružio: 04 Sep 2003
  • Poruke: 24135
  • Gde živiš: Wien

Ovo izgleda OK sada.

Kako ti se cini sada rad kompjutera?
Je li nesto bolje?

offline
  • scoles  Male
  • Novi MyCity građanin
  • Pridružio: 08 Jan 2009
  • Poruke: 17
  • Gde živiš: sumadija

Na zalost nista bolje!
Svi problemi su ostali isti, jedino je Mozilla jos sporija kod otvaranja.
I dalje nemam pristupa istim sajtovima odmah se restartuje
Neimerno sam ti zahvalan na ulozenom trudu da mi pomognes!
Srdacan pozdrav!

offline
  • Pridružio: 04 Sep 2003
  • Poruke: 24135
  • Gde živiš: Wien

Hajmo inda da probamo sledece:

Preuzmi gmer.zip sa ovog linka i sačuvaj na Desktopu.
Raspakuj ga u neki folder.

Dupli klik na gmer.exe za početak: Izaberi Rootkit/Malware Tab na vrhu.
Klikni na Scan.
Kada je skeniranje završeno, klik na Copy dugme ispod - ovo će sačuvati rezultate skeniranja u Clipboard.
Iskoristi opciju Paste u Notepad-u da bi to prebacio u tekst. Snimi taj tekst iz Notepada kao file1.txt.
Ponovi ovo isto sa Autostart Tab-om. Snimi taj tekst iz Notepada kao file2.txt.


Iskoristi opciju Prikači fajl ispod polja za pisanje poruke na forumu, i prikači nam ovde ta dva fajla koja smo malopre snimili.

offline
  • scoles  Male
  • Novi MyCity građanin
  • Pridružio: 08 Jan 2009
  • Poruke: 17
  • Gde živiš: sumadija

mycity.rs/must-login.png


mycity.rs/must-login.png

Dali je ovako ok?

offline
  • Pridružio: 04 Sep 2003
  • Poruke: 24135
  • Gde živiš: Wien

OK je.

Nema niceg u logovima, tj. cisti su sto se tice malwarea.

Mozes jedino jos da probas da deinstaliras Alcohol120%, pa da probas.
On ume na nekim sistemima da pravi probleme.

Drugo, pokusaj da nabavis noviju verziju drajvera za tvoju graficku. Drajveri za graficku mogu da prouzrokuju isto ovakve probleme.

Ko je trenutno na forumu
 

Ukupno su 981 korisnika na forumu :: 51 registrovanih, 15 sakrivenih i 915 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: _Sale, A.R.Chafee.Jr., amaterSRB, Andrija357, Boris90, Cirkon, darcaud, DJORDJE-NO-1, doloress, Dorcolac, dukikan, Fog of War, Georgius, goxin, h8propaganda, HrcAk47, ILGromovnik, Insan, ivica976, ivicasimo, Jovan Nenad, Kibice, krkalon, krlebgd77, kvcali, laki_bb, Leonardo, lukac, macedonian45mk, Markoni29, mikrimaus, mushroom, nemkea71, nenad81, pedja63, raskoljnikov, ruso, S2M, Sirius, Srki94, Stuka76, suton, trajkoni018, vasa.93, VJ, vlvl, vobo, vsn111, willie, Zi0mek, zixo