task manager i regedit

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Uloguj se preko Facebooka da bi skinuo fajl:

znaci nikako nemogu da ih ukljucim sve sam probao i kroz gpedit.msc pa na disabled i nista ukucavao sifre u run sto sam nalazio za pokretanje toga i opet nista doduse cim naprimer stavim na disapled task manager on radi dok nesto ne otvorim ponovo ili ugasim racunar i upalim on je ponovo iskljucen.Znaci pise ono administrator je zabranio upravljac zadacima.Probao sam i sa ciscenjem sa antimalverima antivirusima, regist clinerima al nista tako da sam nemocan.


DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 8.0.6001.18702
Run by Administrator at 18:53:26 on 2013-07-24
Microsoft Windows XP Professional 5.1.2600.3.1251.381.1033.18.511.127 [GMT 2:00]
.
.
============== Running Processes ================
.
C:\Program Files\IObit\Advanced SystemCare 6\ASCService.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k bthsvcs
C:\WINDOWS\system32\svchost.exe -k imgsvc
.
============== Pseudo HJT Report ===============
.
BHO: BitComet Helper: {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - c:\program files\bitcomet\tools\BitCometBHO_1.2.1.2.dll
BHO: Advanced SystemCare Browser Protection: {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - c:\program files\iobit\advanced systemcare 6\browerprotect\ASCPlugin_Protection.dll
BHO: delta Helper Object: {C1AF5FA5-852C-4C90-812E-A7F75E011D87} - c:\program files\delta\delta\1.8.21.5\bh\delta.dll
TB: Delta Toolbar: {82E1477C-B154-48D3-9891-33D83C26BCD3} - c:\program files\delta\delta\1.8.21.5\deltaTlbr.dll
uRun: [CTFMON.EXE] c:\windows\system32\ctfmon.exe
uRun: [Skype] "c:\program files\skype\phone\Skype.exe" /minimized /regrun
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
uPolicies-System: DisableRegistryTools = dword:1
uPolicies-System: DisableTaskMgr = dword:1
mPolicies-System: EnableLUA = dword:0
mPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-System: DisableTaskMgr = dword:1
mPolicies-System: DisableRegistryTools = dword:1
IE: &D&ownload &with BitComet - c:\program files\bitcomet\BitComet.exe/AddLink.htm
IE: &D&ownload all video with BitComet - c:\program files\bitcomet\BitComet.exe/AddVideo.htm
IE: &D&ownload all with BitComet - c:\program files\bitcomet\BitComet.exe/AddAllLink.htm
IE: {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - c:\program files\bitcomet\tools\BitCometBHO_1.2.1.2.dll/206
DPF: {31435657-9980-0010-8000-00AA00389B71} - hxxp://download.microsoft.com/download/e/2/f/e2fcec4b-6c8b-48b7-adab-ab9c403a978f/wvc1dmo.cab
TCP: NameServer = 89.216.1.40 89.216.1.50
TCP: Interfaces\{6C09DDB1-6917-4991-B13D-6A8309434F88} : DHCPNameServer = 89.216.1.40 89.216.1.50
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
SecurityProviders: SecurityProviders = schannel.dll, credssp.dll, digest.dll
LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\27.0.1453.116\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
.
============= SERVICES / DRIVERS ===============
.
R0 mv61xxmm;mv61xxmm;c:\windows\system32\drivers\mv61xxmm.sys [2011-11-9 13616]
R0 mv64xxmm;mv64xxmm;c:\windows\system32\drivers\mv64xxmm.sys [2011-11-9 5632]
R0 mvxxmm;mvxxmm;c:\windows\system32\drivers\mvxxmm.sys [2011-11-9 13616]
R1 WMDrive;WMDrive;c:\windows\system32\drivers\WMDrive.sys [2013-6-29 65856]
R2 AdvancedSystemCareService6;Advanced SystemCare Service 6;c:\program files\iobit\advanced systemcare 6\ASCService.exe [2013-7-3 574272]
R2 StarWindServiceAE;StarWind AE Service;c:\program files\alcohol soft\alcohol 120\starwind\StarWindServiceAE.exe [2009-12-23 370688]
R2 TeamViewer8;TeamViewer 8;c:\program files\teamviewer\version8\TeamViewer_Service.exe [2013-7-1 4150112]
R3 Amps2prt;A4Tech PS/2 Port Mouse Driver;c:\windows\system32\drivers\Amps2prt.sys [2013-7-8 14336]
R3 amsint32;amsint32;\??\c:\windows\system32\drivers\rqdmk.sys --> c:\windows\system32\drivers\rqdmk.sys [?]
S2 AxAutoMntSrv;Alcohol Virtual Drive Auto-mount Service;c:\program files\alcohol soft\alcohol 120\AxAutoMntSrv.exe [2012-1-5 75624]
S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2013-6-21 162408]
S3 pwdrvio;pwdrvio;c:\windows\system32\pwdrvio.sys [2013-7-13 15576]
S3 pwdspio;pwdspio;c:\windows\system32\pwdspio.sys [2013-7-13 10200]
.
=============== File Associations ===============
.
ShellExec: BitComet.exe: open="c:\program files\bitcomet\BitComet.exe"
.
=============== Created Last 30 ================
.
2013-07-24 14:56:54 -------- d-----w- c:\program files\VITSOFT
2013-07-24 14:21:30 -------- d-----w- c:\documents and settings\administrator\application data\Wise Registry Cleaner
2013-07-24 14:21:13 -------- d-----w- c:\program files\Wise
2013-07-22 18:22:27 2560 ----a-w- c:\windows\system32\bitcometres.dll
2013-07-22 18:04:49 -------- d-----w- c:\documents and settings\administrator\local settings\application data\Shareaza
2013-07-22 18:04:39 -------- d-----w- c:\documents and settings\administrator\application data\Shareaza
2013-07-22 17:51:14 -------- d-----w- c:\documents and settings\administrator\local settings\application data\Ares
2013-07-22 17:51:05 -------- d-----w- c:\program files\Ares
2013-07-22 17:45:50 -------- d-----w- c:\program files\eMule
2013-07-22 17:39:54 -------- d-----w- c:\documents and settings\administrator\local settings\application data\Innovative Solutions
2013-07-22 17:38:38 -------- d-----w- c:\program files\common files\Innovative Solutions
2013-07-22 17:38:38 -------- d-----w- c:\documents and settings\all users\application data\Innovative Solutions
2013-07-22 17:38:33 -------- d-----w- c:\program files\Innovative Solutions
2013-07-22 17:23:17 -------- d-----w- C:\Downloads
2013-07-22 17:21:56 -------- d-----w- c:\program files\BitComet
2013-07-21 15:58:48 -------- d-----w- c:\documents and settings\administrator\application data\GHISLER
2013-07-20 17:43:14 -------- d-----w- c:\documents and settings\administrator\local settings\application data\Google
2013-07-20 17:41:01 -------- d-----w- c:\documents and settings\administrator\application data\WinMount
2013-07-20 17:34:14 -------- d-----w- c:\documents and settings\administrator\application data\IObit
2013-07-19 18:06:23 -------- d-----w- c:\program files\Lightspark 0.5.3-git
2013-07-19 14:13:54 -------- d-----w- c:\program files\Free Extended Task Manager
2013-07-19 14:13:34 -------- d-----w- c:\documents and settings\all users\application data\TaskManager
2013-07-19 14:07:54 -------- d-----w- c:\documents and settings\all users\application data\CA
2013-07-19 14:07:20 -------- d-----w- c:\program files\common files\Scanner
2013-07-18 16:39:54 -------- d-----w- c:\documents and settings\all users\application data\Firefly Studios
2013-07-17 16:21:59 -------- d-----w- c:\program files\NetDragon
2013-07-17 16:14:34 -------- d-----w- c:\documents and settings\all users\application data\BlueStacksSetup
2013-07-17 16:14:24 -------- d-----w- c:\documents and settings\all users\application data\BlueStacks
2013-07-15 14:18:41 -------- d-----w- c:\program files\DirectX
2013-07-15 14:17:27 -------- d-----w- C:\Games
2013-07-14 13:27:45 255848 ----a-w- c:\windows\system32\xactengine2_6.dll
2013-07-14 11:58:02 -------- d-----w- c:\program files\Cyanide
2013-07-14 11:49:22 -------- d-----w- c:\program files\Micro Application
2013-07-14 08:57:23 20992 ----a-w- c:\windows\jestertb.dll
2013-07-14 08:56:49 -------- d-----w- c:\documents and settings\all users\application data\WinMount
2013-07-14 08:48:27 -------- d-----w- c:\documents and settings\all users\application data\CheckPoint
2013-07-14 08:37:14 -------- d--h--r- C:\AHCache
2013-07-13 20:29:03 2888384 ----a-w- c:\windows\system32\pwNative.exe
2013-07-13 20:29:00 15576 ------w- c:\windows\system32\pwdrvio.sys
2013-07-13 20:28:59 10200 ------w- c:\windows\system32\pwdspio.sys
2013-07-13 20:09:24 16928 ------w- c:\windows\system32\spmsgXP_2k3.dll
2013-07-13 20:09:15 26144 ----a-w- c:\windows\system32\spupdsvc.exe
2013-07-13 20:09:00 850352 ----a-w- c:\windows\system32\WinUSBCoInstaller2.dll
2013-07-13 20:09:00 54704 ----a-w- c:\windows\system32\USBCoInstaller.dll
2013-07-13 20:09:00 1461168 ----a-w- c:\windows\system32\WdfCoInstaller01009.dll
2013-07-13 20:00:04 -------- d-----w- c:\program files\MiniTool Partition Wizard Home Edition 7.8
2013-07-13 19:47:08 -------- d-----w- c:\documents and settings\all users\application data\r2 Studios
2013-07-12 16:25:37 -------- d-----w- c:\windows\system32\Extensions
2013-07-12 16:25:36 -------- d-----w- c:\windows\system32\searchplugins
2013-07-12 16:25:05 -------- d-----w- c:\program files\Delta
2013-07-12 16:23:49 -------- d-----w- c:\documents and settings\all users\application data\Babylon
2013-07-12 12:29:21 -------- d-----w- c:\program files\UMPlayer
2013-07-11 19:23:41 -------- d-----w- c:\windows\InteresTV
2013-07-08 18:39:25 -------- d-----r- c:\program files\Skype
2013-07-08 17:48:47 -------- d-----w- c:\program files\Disk Check
2013-07-08 17:05:05 103140 --sh--r- C:\tvnnvk.exe
2013-07-08 16:39:30 22050 ----a-w- c:\windows\system32\drivers\smb.sys
2013-07-08 16:38:38 73728 ----a-w- c:\windows\system32\RtNicProp32.dll
2013-07-08 16:38:38 130432 ----a-w- c:\windows\system32\drivers\Rtnicxp.sys
2013-07-08 16:36:55 14336 ----a-w- c:\windows\system32\drivers\Amps2prt.sys
2013-07-08 16:32:39 -------- d-----w- c:\program files\Uniblue
2013-07-07 11:05:13 -------- d-----w- c:\program files\Essentials Codec Pack
2013-07-07 11:00:44 -------- d-----w- c:\program files\Smart PC Solutions
2013-07-05 14:45:07 28160 ----a-w- c:\program files\windows nt\hypertrm.exe
2013-07-05 14:11:57 1700352 ----a-w- c:\windows\system32\gdiplus.dll
2013-07-05 14:09:01 -------- d-----w- c:\documents and settings\all users\application data\COMODO
2013-07-04 17:30:42 405360 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-07-03 16:34:03 -------- d-----w- c:\program files\scar5
2013-07-03 16:30:46 -------- d-----w- c:\program files\CCleaner
2013-07-03 16:09:19 15504 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-07-03 16:09:14 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2013-07-03 15:49:14 -------- d-----w- c:\program files\common files\Spigot
2013-07-03 15:49:04 -------- d-----w- c:\documents and settings\all users\application data\{CED89F1A-945F-46EC-B23C-5EAF6D2DB12A}
2013-07-03 15:48:47 -------- d-----w- c:\documents and settings\all users\application data\IObit
2013-07-03 15:48:21 -------- d-----w- c:\program files\IObit
2013-07-03 13:56:32 -------- d-----w- c:\program files\Skispringen 2005
2013-07-03 12:16:44 -------- d-----w- c:\windows\RegisteredPackages
2013-07-03 10:16:28 98304 ----a-w- c:\windows\system32CmdLineExt.dll
2013-07-02 18:11:12 -------- d-----w- c:\documents and settings\all users\application data\Tarma Installer
2013-07-02 17:23:54 -------- d-----w- c:\documents and settings\all users\application data\XoftSpySE
2013-07-02 17:23:12 -------- d-----w- c:\documents and settings\all users\application data\SpeedyPC Software
2013-07-02 16:05:09 32128 -c--a-w- c:\windows\system32\dllcache\usbccgp.sys
2013-07-02 16:05:09 32128 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2013-07-02 15:58:01 -------- d-----w- c:\windows\system32\Adobe
2013-07-01 20:11:18 -------- d-----w- c:\program files\TeamViewer
2013-06-30 14:46:16 545 ----a-w- c:\windows\UC.PIF
2013-06-30 14:46:16 545 ----a-w- c:\windows\RAR.PIF
2013-06-30 14:46:16 545 ----a-w- c:\windows\PKZIP.PIF
2013-06-30 14:46:16 545 ----a-w- c:\windows\PKUNZIP.PIF
2013-06-30 14:46:16 545 ----a-w- c:\windows\LHA.PIF
2013-06-30 14:46:16 545 ----a-w- c:\windows\ARJ.PIF
2013-06-30 14:46:16 -------- d-----w- C:\totalcmd
2013-06-30 08:56:53 -------- d-----w- c:\documents and settings\all users\application data\Panda Security
2013-06-30 08:32:46 -------- d-----w- c:\documents and settings\all users\application data\Privacyware
2013-06-30 08:28:13 -------- d-----w- c:\windows\pss
2013-06-30 06:54:19 238872 ------w- c:\windows\system32\MpSigStub.exe
2013-06-30 06:49:55 -------- d-----w- c:\windows\system32\SoftwareDistribution
2013-06-30 06:43:14 -------- d-----w- c:\documents and settings\all users\application data\scar5
2013-06-30 06:15:11 38496 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2013-06-30 06:14:49 -------- d-----w- c:\documents and settings\all users\application data\Malwarebytes
2013-06-30 05:52:34 -------- d-----w- c:\windows\system32\appmgmt
2013-06-29 18:08:03 32768 ----a-w- c:\program files\common files\installshield\professional\runtime\Objectps.dll
2013-06-29 18:08:03 237568 ----a-w- c:\program files\common files\installshield\professional\runtime\0701\intel32\iscript.dll
2013-06-29 18:08:03 155648 ----a-w- c:\program files\common files\installshield\professional\runtime\0701\intel32\iuser.dll
2013-06-29 18:08:02 696320 ----a-w- c:\program files\common files\installshield\professional\runtime\0701\intel32\iKernel.dll
2013-06-29 18:08:02 57344 ----a-w- c:\program files\common files\installshield\professional\runtime\0701\intel32\ctor.dll
2013-06-29 18:08:02 5632 ----a-w- c:\program files\common files\installshield\professional\runtime\0701\intel32\DotNetInstaller.exe
2013-06-29 18:08:00 282756 ----a-w- c:\program files\common files\installshield\professional\runtime\0701\intel32\setup.dll
2013-06-29 18:08:00 163972 ----a-w- c:\program files\common files\installshield\professional\runtime\0701\intel32\iGdi.dll
2013-06-29 17:09:00 251672 ----a-w- c:\windows\system32\xactengine2_5.dll
2013-06-29 17:05:29 -------- d-----w- c:\program files\NovaLogic
2013-06-29 16:49:48 -------- d-----w- c:\program files\Alcohol Soft
2013-06-29 16:47:59 466008 ----a-w- c:\windows\system32\drivers\sptd.sys
2013-06-29 13:47:34 -------- d-----w- c:\program files\WinMount
2013-06-29 13:47:33 65856 ----a-w- c:\windows\system32\drivers\WMDrive.sys
2013-06-28 18:42:14 17018248 ----a-w- c:\windows\system32\FlashPlayerInstaller.exe
2013-06-28 18:21:26 178688 ----a-w- c:\windows\system32\unrar.dll
2013-06-28 18:21:10 -------- d-----w- c:\program files\K-Lite Codec Pack
.
==================== Find3M ====================
.
2013-06-28 16:29:45 30208 ----a-w- c:\windows\system32\cam1210.dll
2013-06-28 16:27:09 765952 ----a-w- c:\windows\system\crlds3d.dll
2013-06-28 16:27:09 712704 ----a-w- c:\windows\system32\Audio3D.dll
2013-06-28 16:27:09 712704 ----a-w- c:\windows\system32\a3d.dll
2013-06-28 16:27:09 377358 ----a-w- c:\windows\system32\drivers\cmaudio.sys
2013-06-28 16:27:09 32768 ----a-w- c:\windows\system32\cmnprop.dll
2013-06-28 16:27:09 1818624 ----a-w- c:\windows\mixer.exe
2013-06-28 16:27:09 139264 ----a-w- c:\windows\cmuninst.exe
2013-06-28 16:27:09 135168 ----a-w- c:\windows\cmuninst.dat
2013-06-28 15:54:17 103140 --sh--r- C:\hiyjqn.exe
.
============= FINISH: 18:55:04,45 ===============





mycity.rs/must-login.png

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Pozdrav srdjan03,

Na računaru imaš opasnu infekciju - fajl infektor Sality.
Pošto je dezinfekcija nemoguća iz aktivnog Windowsa, preporučujem ti da uradiš jednu od sledećih solucija:

1) Formatiraj sistemsku particiju (particiju na kojoj ti je instaliran operativni sistem) i nanovo instaliraj Windows. Nemoj da ulaziš na druge particije, već instaliraj antivirus, ažuriraj ga i skeniraj ostale particije koje imaš. Nakon uklanjanja infekcije, možeš otvarati i druge particije.

2) Hard disk možeš da izvadiš iz računara i montiraš ga na drugi računar, koji nije inficiran. Sa tog drugog računara skeniraj montirani hard disk (napomena: ako se odlučiš za ovu varijantu, nemoj ulaziti na zaraženi hard disk dok ga prethodno ne skeniraš i ukloniš infekciju).

3) Poseti temu Primena Live CD Rescue rešenja kako bi skenirao računar sa nekim RescueCD rešenjem. Napisana su detaljna uputstva kako se skenira računar sa popularnim rešenjima.

Javi za koju si se varijantu odlučio.

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

verovatno cu prvu samo ne bas odmah zato bi ti pitanje neko ako mozes da odgovoris.Da li zasad to necemu smeta osim sto neradi task i regedit i verovatno nevredi posto si vec rekao samo ove tri solucije dal bi mozda pomogao win saliti remuver hvala unapred

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Da ne smeta ne bih ti rekao da je opasna infekcija
Sality je virus tj fajl infektor (pogledaj mali recnik zastite), i koji god .exe fajl da pokrenes, sality ce se ugraditi u njega. U nekim situacijama neces ni moci da pokrenes exe fajl bas zbog prisustva te infekcije. Sality remover ne bi pomogao zato sto se on pokrece iz aktivnog windowsa (a sality je nemoguce ukloniti iz aktivnog windowsa).

Ukoliko ne zelis da formatiras particiju, mozes probati opciju 3, ali su rezultati jako neizvesni, zato sto postoji sansa da je Sality zarazio bitne sistemske fajlove, i da posle ciscenja, sistem ne bude funkcionalan.