sporo pokreće windows

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Uloguj se preko Facebooka da bi skinuo fajl:

Prilikom uključivanja računara nakon pojavljivanja slike na desktopu , sve ostalo se dalje nastavlja otežano do krajnjeg uspostravljanja rada OS. Znači od slike na desktopu prođe po 5 minuta da se pokrene windows. Pokušao sam da Combofix-om otklonim problem ali problem nestane na samo par dana pa se opet pojavi isto kao i pre.


DDS (Ver_10-03-17.01) - NTFSx86
Run by Voodoo at 13:00:27,06 on ned 13.06.2010
Internet Explorer: 8.0.6001.18702
Microsoft Windows XP Professional 5.1.2600.2.1250.381.1033.18.2047.1490 [GMT 2:00]

AV: avast! antivirus 4.8.1368 [VPS 100613-0] *On-access scanning enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}

============== Running Processes ===============

C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
svchost.exe
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Voodoo\Desktop\dds.com

============== Pseudo HJT Report ===============

uStart Page = about:blank
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uInternet Settings,ProxyServer = 155.210.152.21:80
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
uURLSearchHooks: File-Search Toolbar: {e0c7b854-d5ce-4db6-9804-be1438603d89} - c:\program files\torrent-search\tbTor0.dll
mWinlogon: UIHost=c:\documents and settings\all users\application data\tuneup software\tuneup utilities\winstyler\tu_logonui.exe
BHO: Pomagalo za veze za Adobe PDF Reader: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.4.4525.1752\swg.dll
BHO: NitroPDFBHO Class: {cf070cb8-f02f-4af4-a7b7-8d45cad4bb54} - c:\program files\nitro pdf\pdf download\NitroPDF.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: File-Search Toolbar: {e0c7b854-d5ce-4db6-9804-be1438603d89} - c:\program files\torrent-search\tbTor0.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: File-Search Toolbar: {e0c7b854-d5ce-4db6-9804-be1438603d89} - c:\program files\torrent-search\tbTor0.dll
TB: DAEMON Tools Toolbar: {32099aac-c132-4136-9e9a-4e364a424e17} - c:\program files\daemon tools toolbar\DTToolbar.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} -
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [avast!] c:\progra~1\alwils~1\avast4\ashDisp.exe
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
IE: Save Page As PDF ... - file://c:\program files\nitro pdf\pdf download\nitroweb.htm
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {08B0E5C0-4FCB-11CF-AAA5-00401C608501}
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
IE: {AD9E6088-E00B-42f9-9F0C-8480525D234E} - {FF5073C0-28A0-4223-9BDF-59FF020FE77C} - c:\program files\nitro pdf\pdf download\NitroPDF.dll
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://go.microsoft.com/fwlink/?linkid=39204
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1260458566109
DPF: {745395C8-D0E1-4227-8586-624CA9A10A8D} - hxxp://217.126.89.102:8020/activex/AMC.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/products/plugin/autodl/jinstall-160-windows-i586.cab
DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - hxxp://java.sun.com/products/plugin/autodl/jinstall-160-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

============= SERVICES / DRIVERS ===============

R1 appdrv01;Application Driver (01);c:\windows\system32\drivers\appdrv01.sys [2009-12-13 3110512]
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2009-12-10 114768]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2009-12-10 20560]
R2 avast! Antivirus;avast! Antivirus;c:\program files\alwil software\avast4\ashServ.exe [2009-12-10 138680]
R3 avast! Mail Scanner;avast! Mail Scanner;c:\program files\alwil software\avast4\ashMaiSv.exe [2009-12-10 254040]
R3 avast! Web Scanner;avast! Web Scanner;c:\program files\alwil software\avast4\ashWebSv.exe [2009-12-10 352920]
S0 Lbd;Lbd;c:\windows\system32\drivers\lbd.sys --> c:\windows\system32\drivers\Lbd.sys [?]
S2 appdrvrem01;Application Driver Auto Removal Service (01);c:\windows\system32\appdrvrem01.exe svc --> c:\windows\system32\appdrvrem01.exe svc [?]
S2 Ca533av;Dual Mode Video Camera Device;c:\windows\system32\drivers\Ca533av.sys [2009-12-25 515803]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [2009-12-10 1684736]
S3 wxpSvc;webcamXP Service;c:\program files\wlite\wService.exe [2008-7-18 2797056]

============== File Associations ===============

.scr=AutoCADScriptFile

=============== Created Last 30 ================

2010-06-09 10:35:44 743424 -c----w- c:\windows\system32\dllcache\iedvtool.dll
2010-06-03 12:14:37 0 d-----w- c:\program files\DAEMON Tools Toolbar
2010-06-02 15:12:36 0 d-----w- c:\windows\setup.pss
2010-06-02 11:20:25 0 d-----w- c:\windows\system32\wbem\Repository
2010-06-01 10:32:17 0 d-sha-r- C:\cmdcons
2010-06-01 10:30:20 98816 ----a-w- c:\windows\sed.exe
2010-06-01 10:30:20 77312 ----a-w- c:\windows\MBR.exe
2010-06-01 10:30:20 256512 ----a-w- c:\windows\PEV.exe
2010-06-01 10:30:20 161792 ----a-w- c:\windows\SWREG.exe
2010-05-18 19:41:14 65536 ----a-w- c:\windows\system32\Gif89.dll
2010-05-18 19:41:14 443392 ----a-w- c:\windows\system32\SliderExCtrl.ocx
2010-05-18 19:41:12 0 d-----w- c:\program files\SEC
2010-05-17 13:51:47 0 d-----w- c:\docume~1\voodoo\applic~1\Ubisoft
2010-05-17 13:43:26 515416 ----a-w- c:\windows\system32\XAudio2_5.dll
2010-05-17 13:43:26 238936 ----a-w- c:\windows\system32\xactengine3_5.dll
2010-05-17 13:43:25 5501792 ----a-w- c:\windows\system32\d3dcsx_42.dll
2010-05-17 13:43:25 235344 ----a-w- c:\windows\system32\d3dx11_42.dll
2010-05-17 13:43:25 1974616 ----a-w- c:\windows\system32\D3DCompiler_42.dll
2010-05-17 13:43:24 453456 ----a-w- c:\windows\system32\d3dx10_42.dll
2010-05-17 13:43:24 1892184 ----a-w- c:\windows\system32\D3DX9_42.dll
2010-05-15 14:22:13 0 d-----w- c:\docume~1\voodoo\applic~1\CoSoSys
2010-05-14 13:10:25 0 d-----w- c:\windows\system32\appmgmt

==================== Find3M ====================

2010-06-03 12:14:35 691696 ----a-w- c:\windows\system32\drivers\sptd.sys
2010-06-02 19:03:17 2276864 -c--a-w- c:\windows\system32\TUKernel.exe
2010-05-12 10:20:00 1088 ----a-w- c:\documents and settings\voodoo\license.dat
2010-05-12 10:19:59 2396 ----a-w- c:\documents and settings\voodoo\settings.dat
2010-05-06 10:41:53 916480 ----a-w- c:\windows\system32\wininet.dll
2010-05-02 05:56:34 1850880 ----a-w- c:\windows\system32\win32k.sys
2010-04-25 14:52:49 281760 ----a-w- c:\windows\system32\drivers\atksgt.sys
2010-04-25 14:52:49 25888 ----a-w- c:\windows\system32\drivers\lirsgt.sys
2010-04-20 05:51:20 285696 ----a-w- c:\windows\system32\atmfd.dll
2010-04-18 13:47:31 139152 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2010-04-18 13:47:31 139152 ----a-w- c:\docume~1\voodoo\applic~1\PnkBstrK.sys
2010-04-18 13:47:20 111928 ----a-w- c:\windows\system32\PnkBstrB.exe
2010-04-18 13:47:12 794408 ----a-w- c:\windows\system32\pbsvc.exe
2010-04-18 13:47:12 75064 ----a-w- c:\windows\system32\PnkBstrA.exe

============= FINISH: 13:00:35,04 ===============

https://www.mycity.rs/must-login.png

https://www.mycity.rs/must-login.png



prilažem i izveštaj Combofix-a


https://www.mycity.rs/must-login.png

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Pozdrav...


Ovde nema aktivnog malware-a.

Problem (ako se trenutno ispoljava)... Kreni sa instalacijom Service Pack 3 za XP, pa ako i dalje bude bilo nekih problema, ukloni Deamon Tools (i SPTD), StarForce, a možda i TuneUp (zavisi šta si tačno njime radio).

Ako i dalje bude bilo nekih problema, probaj da zameniš trenutni antivirus nekim drugim.

U slučaju da ništa ne pomogne, uvek se možeš dodatno (ili odmah) raspitati u Windows forumu.



Ako smatraš da je malware taj koji povremeno prouzrokuje probleme, onda ti je najveća pomoć u sprečavanju toga instalacija SP3.

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Evo kako izgleda desktop i šta je pokrenuto a ovako traje oko 5 minuta dok se ne uspostavi OS.



dalje, probao sam već pre da uradim popravke widowsa i ne uspeva mi jer prijavljuje neki nedostajući fajl, a mislim da ni pac3 neće da prihvati, tako da ako ništa ne možete da mi pomognete , moraću da reinstaliram ceo sistem što mi ne bi bilo drago...

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Već napisah kojim putem bih ja išao u rešavanju tog problema.

U svakom slučaju, ako želiš druge/dodatne savete, otvori temu u Windows forumu.