Problem sa kompjuterom. Blokirao!

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Napisano: 26 Mar 2011 16:24

Prije par mjeseci poceo mi se sam restartovati kompjuter. Nisam pridavao paznje tom problemu posto se rijetko kad desavalo da se sam restartuje. Prije 24 sata kompjuter se sam restartovao tri put za redom i rijesih da pokusam nesto. Na poslu imam stariji kompjuter i prije par sati pokusao sam da zamjenim napojnu misleci da bi to mogao biti problem, al` nista. Jos gore! Sad kompjuter nece nikako da digne normalno sistem samo u safe mode moze da radi.

Do sad sam uz vasu pomoc rjesavao probleme na kompjuteru i hvala vam za to. Sad bi vas zamolio da mi pomognete opet. Hvala

Iskopirao sam DDS.txt :

.
DDS (Ver_11-03-05.01) - NTFSx86 MINIMAL
Run by Administrator at 15:38:33.53 on Sat 03/26/2011
Internet Explorer: 8.0.6001.18702
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1023.807 [GMT 1:00]
.
AV: AVG Anti-Virus *Enabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\PCHealth\HelpCtr\Binaries\HelpSvc.exe
C:\Documents and Settings\Administrator\Desktop\dds.scr
.
============== Pseudo HJT Report ===============
.
uSearch Page = hxxp://downloads.phpnuke.org/en/index.php?rvs=google
uStart Page = hxxp://downloads.phpnuke.org/en/index.php?rvs=google
mSearch Page = hxxp://downloads.phpnuke.org/en/index.php?rvs=google
mStart Page = hxxp://downloads.phpnuke.org/en/index.php?rvs=google
uInternet Connection Wizard,ShellNext = "c:\program files\outlook express\msimn.exe"
uURLSearchHooks: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program files\avg\avg8\toolbar\IEToolbar.dll
uURLSearchHooks: Winamp Search Class: {57bca5fa-5dbb-45a2-b558-1755c3f6253b} - c:\program files\winamp toolbar\winamptb.dll
mURLSearchHooks: Winamp Search Class: {57bca5fa-5dbb-45a2-b558-1755c3f6253b} - c:\program files\winamp toolbar\winamptb.dll
mURLSearchHooks: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program files\avg\avg8\toolbar\IEToolbar.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Winamp Toolbar Loader: {25cee8ec-5730-41bc-8b58-22ddc8ab8c20} - c:\program files\winamp toolbar\winamptb.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg8\avgssie.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\progra~1\micros~3\office12\GRA8E1~1.DLL
BHO: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program files\avg\avg8\toolbar\IEToolbar.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: AVG Security Toolbar: {ccc7a320-b3ca-4199-b1a6-9f516dd69829} - c:\program files\avg\avg8\toolbar\IEToolbar.dll
TB: Winamp Toolbar: {ebf2ba02-9094-4c5a-858b-bb198f3d8de2} - c:\program files\winamp toolbar\winamptb.dll
TB: {A057A204-BACC-4D26-9990-79A187E2698E} - No File
EB: Groove Folder Synchronization: {2a541ae1-5bf6-4665-a8a3-cfa9672e4291} - c:\progra~1\micros~3\office12\GRA8E1~1.DLL
uRun: [CTFMON.EXE] c:\windows\system32\ctfmon.exe
mRun: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
mRun: [ATIPTA] c:\program files\ati technologies\ati control panel\atiptaxx.exe
mRun: [AVG8_TRAY] c:\progra~1\avg\avg8\avgtray.exe
mRun: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
IE: &Winamp Search - c:\documents and settings\all users\application data\winamp toolbar\ietoolbar\resources\en-us\local\search.html
IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~3\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office12\REFIEBAR.DLL
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
Handler: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - c:\program files\avg\avg8\toolbar\IEToolbar.dll
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\progra~1\micros~3\office12\GR99D3~1.DLL
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg8\avgpp.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Notify: AtiExtEvent - Ati2evxx.dll
Notify: avgrsstarter - avgrsstx.dll
Notify: cryptnet32 - cryptnet32.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Windows Desktop Search Namespace Manager: {56f9679e-7826-4c84-81f3-532071a8bcc5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\progra~1\micros~3\office12\GRA8E1~1.DLL
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\docume~1\admini~1\applic~1\mozilla\firefox\profiles\g4bwmu8m.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2319505&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://gb.toolbarhome.com/?hp=df
FF - prefs.js: keyword.URL - hxxp://search.avg.com/route/?d=4bf4dc3c&v=6.010.006.004&i=26&tp=ab&iy=&ychte=us&lng=en-US&q=
FF - component: c:\documents and settings\administrator\application data\mozilla\firefox\profiles\g4bwmu8m.default\extensions\{013a635f-e3aa-4371-b682-ece95ca974b0}\components\FFExternalAlert.dll
FF - component: c:\documents and settings\administrator\application data\mozilla\firefox\profiles\g4bwmu8m.default\extensions\{013a635f-e3aa-4371-b682-ece95ca974b0}\components\RadioWMPCore.dll
FF - component: c:\documents and settings\administrator\application data\mozilla\firefox\profiles\g4bwmu8m.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f}\components\WinampTBPlayer.dll
FF - component: c:\documents and settings\administrator\application data\mozilla\firefox\profiles\g4bwmu8m.default\extensions\{350e72a9-e6db-4967-9572-dd8e27d3e1be}\components\FFExternalAlert.dll
FF - component: c:\documents and settings\administrator\application data\mozilla\firefox\profiles\g4bwmu8m.default\extensions\{350e72a9-e6db-4967-9572-dd8e27d3e1be}\components\RadioWMPCore.dll
FF - component: c:\documents and settings\administrator\application data\mozilla\firefox\profiles\g4bwmu8m.default\extensions\{e8de9422-3b2c-4243-bf6f-235da84d8ef8}\components\RadioWMPCore.dll
FF - component: c:\documents and settings\administrator\application data\mozilla\firefox\profiles\g4bwmu8m.default\extensions\{e8de9422-3b2c-4243-bf6f-235da84d8ef8}\components\RadioWMPCoreGecko19.dll
FF - component: c:\documents and settings\administrator\application data\mozilla\firefox\profiles\g4bwmu8m.default\extensions\engine@conduit.com\components\RadioWMPCore.dll
FF - component: c:\documents and settings\administrator\application data\mozilla\firefox\profiles\g4bwmu8m.default\extensions\engine@conduit.com\components\RadioWMPCoreGecko19.dll
FF - component: c:\documents and settings\administrator\application data\mozilla\firefox\profiles\g4bwmu8m.default\extensions\gb@toolbar\components\toolbarhomewmp.dll
FF - component: c:\program files\avg\avg8\toolbar\firefox\avg@igeared\components\IGeared_tavgp_xputils2.dll
FF - component: c:\program files\avg\avg8\toolbar\firefox\avg@igeared\components\IGeared_tavgp_xputils3.dll
FF - component: c:\program files\avg\avg8\toolbar\firefox\avg@igeared\components\IGeared_tavgp_xputils35.dll
FF - component: c:\program files\avg\avg8\toolbar\firefox\avg@igeared\components\xpavgtbapi.dll
FF - plugin: c:\documents and settings\administrator\application data\facebook\npfbplugin_1_0_3.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npwachk.dll
FF - plugin: c:\program files\veetle\player\npvlc.dll
FF - plugin: c:\program files\veetle\plugins\npVeetle.dll
FF - plugin: c:\program files\veetle\vlcbroadcast\npvbp.dll
FF - Ext: Finbu.com: info@finbu.com - c:\program files\mozilla firefox\extensions\info@finbu.com
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\java\jre6\lib\deploy\jqs\ff
FF - Ext: AVG Security Toolbar em:version=6.010.006.004 em:displayname=AVG Security Toolbar em:iconURL=chrome://tavgp/skin/logo.ico em:creator=AVG Technologies em:description=AVG Security Toolbar em:homepageURL=http://www.avg.com >: avg@igeared - c:\program files\avg\avg8\toolbar\firefox\avg@igeared
FF - Ext: Winamp Toolbar: {0b38152b-1b20-484d-a11f-5e04a9b0661f} - %profile%\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f}
FF - Ext: MB2 Toolbar: {013a635f-e3aa-4371-b682-ece95ca974b0} - %profile%\extensions\{013a635f-e3aa-4371-b682-ece95ca974b0}
FF - Ext: TV Center Toolbar: {350e72a9-e6db-4967-9572-dd8e27d3e1be} - %profile%\extensions\{350e72a9-e6db-4967-9572-dd8e27d3e1be}
FF - Ext: Facicons: {DDABDBA1-2377-4A30-A027-25697B99E254} - %profile%\extensions\{DDABDBA1-2377-4A30-A027-25697B99E254}
FF - Ext: GameBox: gb@toolbar - %profile%\extensions\gb@toolbar
FF - Ext: UnPlug: unplug@compunach - %profile%\extensions\unplug@compunach
FF - Ext: Conduit Engine : engine@conduit.com - %profile%\extensions\engine@conduit.com
FF - Ext: Brothersoft Community Toolbar: {e8de9422-3b2c-4243-bf6f-235da84d8ef8} - %profile%\extensions\{e8de9422-3b2c-4243-bf6f-235da84d8ef8}
.
============= SERVICES / DRIVERS ===============
.
R0 AvgRkx86;avgrkx86.sys;c:\windows\system32\drivers\avgrkx86.sys [2010-5-19 12552]
S0 ntsdxowlruzq;ntsdxowlruzq;c:\windows\system32\drivers\oycwkn.sys [2011-3-4 53760]
S1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2010-5-19 335240]
S1 AvgMfx86;AVG On-access Scanner Minifilter Driver x86;c:\windows\system32\drivers\avgmfx86.sys [2010-5-19 27784]
S1 AvgTdiX;AVG8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2010-5-19 108552]
S2 avg8emc;AVG8 E-mail Scanner;c:\progra~1\avg\avg8\avgemc.exe [2010-5-20 908056]
S2 avg8wd;AVG8 WatchDog;c:\progra~1\avg\avg8\avgwdsvc.exe [2010-5-20 297752]
S2 FlexService;Remote Connections Service;"c:\program files\rapidbit\cisvc.exe" --> c:\program files\rapidbit\cisvc.exe [?]
S2 SSHNAS;SSHNAS;c:\windows\system32\svchost.exe -k netsvcs [2008-4-14 14336]
S3 AVG Security Toolbar Service;AVG Security Toolbar Service;c:\program files\avg\avg8\toolbar\ToolbarBroker.exe [2010-10-28 517448]
S3 PAC207;Eye 110;c:\windows\system32\drivers\PFC027.SYS [2006-12-5 507136]
.
=============== Created Last 30 ================
.
2011-03-05 19:34:06 -------- d-----w- c:\program files\CrystalDiskInfo
2011-03-05 19:31:30 -------- d-----w- c:\program files\SpeedFan
2011-03-05 19:19:29 -------- d-----w- c:\program files\Speccy
2011-03-05 19:15:52 -------- d-----w- c:\docume~1\alluse~1\applic~1\MFAData
2011-03-04 06:27:47 163872 ----a-w- c:\windows\system32\drivers\str.sys
2011-03-04 06:27:44 53760 ----a-w- c:\windows\system32\drivers\oycwkn.sys
2011-03-04 06:27:44 18296 ----a-w- c:\windows\system32\MAI4.tmp
2011-03-04 06:27:03 296283 ----a-w- c:\windows\system32\shimg.dll
.
==================== Find3M ====================
.
.
============= FINISH: 15:39:20.84 ===============

Iskopirao sam Attach.txt:

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_11-03-05.01)
.
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 5/18/2010 11:11:02 PM
System Uptime: 3/26/2011 3:36:32 PM (0 hours ago)
.
Motherboard: | | P4V88+
Processor: Intel(R) Celeron(R) CPU 2.66GHz | mPGA478 | 2660/133mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 29 GiB total, 8.17 GiB free.
D: is FIXED (NTFS) - 82 GiB total, 5.578 GiB free.
E: is CDROM ()
F: is Removable
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP199: 1/15/2011 5:18:04 PM - System Checkpoint
RP200: 1/16/2011 8:51:51 PM - System Checkpoint
RP201: 1/17/2011 10:33:28 PM - System Checkpoint
RP202: 1/19/2011 1:20:04 AM - System Checkpoint
RP203: 1/20/2011 3:00:37 AM - System Checkpoint
RP204: 1/21/2011 3:17:43 AM - System Checkpoint
RP205: 1/28/2011 1:19:57 AM - System Checkpoint
RP206: 1/29/2011 11:04:55 PM - System Checkpoint
RP207: 1/31/2011 7:59:14 AM - System Checkpoint
RP208: 2/1/2011 8:01:34 AM - System Checkpoint
RP209: 2/2/2011 7:38:22 PM - System Checkpoint
RP210: 2/3/2011 8:11:15 PM - System Checkpoint
RP211: 2/4/2011 8:16:50 PM - System Checkpoint
RP212: 2/6/2011 2:11:17 PM - System Checkpoint
RP213: 2/7/2011 7:15:34 PM - System Checkpoint
RP214: 2/8/2011 7:38:30 PM - System Checkpoint
RP215: 2/9/2011 8:04:28 PM - System Checkpoint
RP216: 2/11/2011 6:49:24 PM - System Checkpoint
RP217: 2/12/2011 7:16:45 PM - System Checkpoint
RP218: 2/14/2011 8:11:16 AM - System Checkpoint
RP219: 2/15/2011 9:07:18 AM - System Checkpoint
RP220: 2/16/2011 9:53:12 AM - System Checkpoint
RP221: 2/17/2011 10:07:57 AM - System Checkpoint
RP222: 2/18/2011 1:00:08 PM - System Checkpoint
RP223: 2/19/2011 8:28:50 PM - System Checkpoint
RP224: 2/20/2011 9:22:43 PM - System Checkpoint
RP225: 2/22/2011 7:54:10 AM - System Checkpoint
RP226: 2/23/2011 8:48:16 AM - System Checkpoint
RP227: 2/24/2011 9:06:19 AM - System Checkpoint
RP228: 2/25/2011 11:39:22 AM - System Checkpoint
RP229: 2/26/2011 9:48:30 PM - System Checkpoint
RP230: 2/28/2011 8:02:56 AM - System Checkpoint
RP231: 3/1/2011 8:03:19 AM - System Checkpoint
RP232: 3/2/2011 8:24:42 AM - System Checkpoint
RP233: 3/3/2011 9:15:06 AM - System Checkpoint
RP234: 3/4/2011 2:05:37 PM - System Checkpoint
RP235: 3/5/2011 9:06:54 PM - System Checkpoint
RP236: 3/7/2011 7:57:19 AM - System Checkpoint
RP237: 3/8/2011 4:31:10 PM - System Checkpoint
RP238: 3/9/2011 5:07:56 PM - System Checkpoint
RP239: 3/10/2011 5:13:00 PM - System Checkpoint
RP240: 3/11/2011 6:35:45 PM - System Checkpoint
RP241: 3/12/2011 7:14:54 PM - System Checkpoint
RP242: 3/14/2011 7:12:39 PM - System Checkpoint
RP243: 3/15/2011 7:30:21 PM - System Checkpoint
RP244: 3/16/2011 7:45:07 PM - System Checkpoint
RP245: 3/18/2011 6:47:56 PM - System Checkpoint
RP246: 3/19/2011 10:26:23 PM - System Checkpoint
RP247: 3/21/2011 7:41:25 AM - System Checkpoint
RP248: 3/22/2011 5:30:17 PM - System Checkpoint
RP249: 3/23/2011 8:09:59 PM - System Checkpoint
RP250: 3/25/2011 1:48:56 PM - System Checkpoint
.
==== Installed Programs ======================
.
%WS4_ARP_DISPLAY%
µTorrent
ACDSee 10 Photo Manager
Acrobat.com
Adobe AIR
Adobe Flash Player 10 Plugin
Adobe Reader 9.4.2
Apple Application Support
Apple Software Update
ATI - Software Uninstall Utility
ATI Control Panel
ATI Display Driver
AVG 8.5
BS.Player FREE
C-Media WDM Audio Driver
CCleaner
CrystalDiskInfo 3.10.0
Easy Driver Pro
Eye 110
Facebook Plug-In
FlatOut2
FormatFactory 2.20
GameSpy Arcade
Google Chrome
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows XP (KB954550-v5)
Intel(R) 536EP Modem
Java Auto Updater
Java(TM) 6 Update 20
K-Lite Codec Pack 5.9.0 (Basic)
MCShield
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Microsoft Software Update for Web Folders (English) 12
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Mixxx 1.7.2
Mozilla Firefox (3.6.16)
MSXML 4.0 SP3 Parser
MSXML4 Parser
Nero 6 Enterprise Edition
Opera 10.50
PowerDVD
QuickTime
Remi Royal
Rise of Nations
S.W.I.N.E.
Skype™ 4.2
Speccy
SpeedFan (remove only)
Veetle TV 0.9.17
Virtual DJ Home - Atomix Productions
WebFldrs XP
Winamp
Winamp Detector Plug-in
Winamp Toolbar
Windows Rights Management Client Backwards Compatibility SP2
Windows Rights Management Client with Service Pack 2
WinRAR archiver
.
==== Event Viewer Messages From Past Week ========
.
3/26/2011 3:10:19 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
3/26/2011 3:09:36 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service MSIServer with arguments "" in order to run the server: {000C101C-0000-0000-C000-000000000046}
3/26/2011 3:09:18 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service wuauserv with arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}
3/26/2011 3:08:09 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD AvgLdx86 AvgMfx86 AvgTdiX Fips intelppm IPSec MRxSmb NetBIOS NetBT RasAcd Rdbss Tcpip
3/26/2011 3:08:09 PM, error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the AFD service which failed to start because of the following error: A device attached to the system is not functioning.
3/26/2011 3:08:09 PM, error: Service Control Manager [7001] - The IPSEC Services service depends on the IPSEC driver service which failed to start because of the following error: A device attached to the system is not functioning.
3/26/2011 3:08:09 PM, error: Service Control Manager [7001] - The DNS Client service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.
3/26/2011 3:08:09 PM, error: Service Control Manager [7001] - The DHCP Client service depends on the NetBios over Tcpip service which failed to start because of the following error: A device attached to the system is not functioning.
3/26/2011 3:07:34 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service netman with arguments "" in order to run the server: {BA126AE5-2166-11D1-B1D0-00805FC1270E}
3/26/2011 3:07:21 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
3/24/2011 7:08:15 AM, error: System Error [1003] - Error code 0000009c, parameter1 00000000, parameter2 8054e0f0, parameter3 b2000000, parameter4 1040080f.
3/23/2011 7:05:54 AM, error: Dhcp [1002] - The IP address lease 192.168.1.2 for the Network Card with network address 00138F426EFA has been denied by the DHCP server 192.168.1.1 (The DHCP Server sent a DHCPNACK message).
3/22/2011 9:34:53 AM, error: Service Control Manager [7023] - The SSHNAS service terminated with the following error: The specified module could not be found.
3/22/2011 9:34:53 AM, error: Service Control Manager [7000] - The Remote Connections Service service failed to start due to the following error: The system cannot find the file specified.
3/20/2011 1:11:52 PM, error: System Error [1003] - Error code 1000000a, parameter1 00000020, parameter2 00000002, parameter3 00000000, parameter4 804f98fa.
.
==== End Of File ===========================

Dopuna: 26 Mar 2011 17:52

poslije krace pauze od oko sat vremena uspio sam normalno pokrenuti kompjuter i trenutno pisem sa istog al` nisam rjesio problem pa ako i dalje ima neko zainteresovan oko mog problema vise je nego dobrodosao

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Pozdrav

Mozes li da ispratis korak3 i postavis Gmer logove.

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Ispratio sam ali kad pokusam da ga prikacim otvori mi firefox i samo bijelo na cjeloj stranici.

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Da li rade drugi pretrazivaci, probaj preko IE. Moras mi dostaviti logove.

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Uloguj se preko Facebooka da bi skinuo fajl:

mycity.rs/must-login.png

mycity.rs/must-login.png

mycity.rs/must-login.png

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Preuzmi sUBs-ov ComboFix sa sledeće adrese na Desktop:


Bleeping Computer
Klikni desnim tasterom na link i odaberi opciju Save Target As... (Save Link As..., Save Linked Content As... ili sličnu);
Kada se otvori dijalog za izbor lokacije na kojoj treba sačuvati file, odaberi Desktop i klikni Save.



Kada preuzimanje programa bude završeno:
deaktiviraj zaštitni softver (uputstvo);
zatvori pokrenute programe;
dvoklikom pokreni program ComboFix.
U toku rada, ComboFix će:proveriti postoji li novija verzija programa:
klikni Yes ako bude ponuđeno preuzimanje iste. prikazati DISCLAIMER OF WARRANTY ON SOFTWARE:
klikni Yes kako bi proces bio nastavljen.ako Recovery Console nije instalirana, ponuditi instalaciju:
obavezno prihvati klikom na Yes i isprati postupak.postaviti/dati određeni broj upita/obaveštenja:
prihvati klikom na Yes ili OK.po potrebi, restartovati Windows (više puta);
na kraju rada, otvoriti Notepad sa izveštajem o skeniranju.

Iskopiraj izveštaj koji je ComboFix napravio u temu na forumu:
klikni desnim tasterom miša u prozor Notepad-a i izaberi Select All;
klikni desnim tasterom miša na obeleženi tekst i izaberi Copy;
klikni desnim tasterom miša u polje za pisanje poruke i izaberi Paste.

Napomena:Izveštaj će biti sačuvan pod nazivom ComboFix.txt na sistemskoj particiji (tipična lokacija: C:\ComboFix.txt);
Ukoliko nakon slanja poruke primetiš da izveštaj nije kompletan, iskoristi opciju Prikači fajl za prilaganje file-a C:\ComboFix.txt uz poruku.

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

iskljucio sam AVG i pokrenuo ComboFix i javio mi je da ne moze da radi dok ne obrisem AVG. Poslije sam restartovao kompjuter i nisam mogao vise da ga upalim. Upalim kompjuter i izbaci mi samo opcije da ga pokrenem u safe modu ili da ga startujem normalno. U safe modu radi a normalno kad ga pokrenem zablokira na ucitavanju.

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Zaboravio sam da ti kazem da moras da deinstaliras AVG. Combofix ne moze da se pokrene kada je AVG instaliran, znaci ne pomaze iskljucivanje .

Za potpuno uklanjanje AVG-a sa racunara moze upotrebiti ovaj alat

http://www.avg.com/ww-en/download-tools

Kasnije kad zavrsimo sa ciscenjem instaliraces AVG ponovo

Ukoliko ne mozes da pokrenes racunar u Normal mode, pokreni Combofix u Safe mode

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Napisano: 27 Mar 2011 15:15

ComboFix 11-03-25.04 - Administrator 03/27/2011 17:59:08.1.1 - x86 NETWORK
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1023.805 [GMT 2:00]
Running from: c:\documents and settings\Administrator\Desktop\ComboFix.exe
AV: AVG Anti-Virus *Disabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\system32\crt.dat
c:\windows\system32\drivers\oycwkn.sys
c:\windows\system32\drivers\str.sys
c:\windows\system32\shimg.dll
c:\windows\Tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_SSHNAS
-------\Service_ntsdxowlruzq
-------\Service_SSHNAS
.
.
((((((((((((((((((((((((( Files Created from 2011-02-27 to 2011-03-27 )))))))))))))))))))))))))))))))
.
.
2011-03-05 19:34 . 2011-03-05 19:34 -------- d-----w- c:\program files\CrystalDiskInfo
2011-03-05 19:31 . 2011-03-19 13:04 -------- d-----w- c:\program files\SpeedFan
2011-03-05 19:19 . 2011-03-05 19:19 -------- d-----w- c:\program files\Speccy
2011-03-05 19:15 . 2011-03-05 19:15 -------- d-----w- c:\documents and settings\All Users\Application Data\MFAData
2011-03-04 06:27 . 2011-03-04 06:27 18296 ----a-w- c:\windows\system32\MAI4.tmp
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
------- Sigcheck -------
.
[-] 2009-04-18 . 25A740D70E8007814A48D3FA1B34FA34 . 361600 . . [5.1.2600.5649] . . c:\windows\system32\drivers\tcpip.sys
.
[-] 2009-04-18 . C951DB3D9B6EF3CF4B82454D30A8BF59 . 1614848 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{57BCA5FA-5DBB-45a2-B558-1755C3F6253B}"= "c:\program files\Winamp Toolbar\winamptb.dll" [2010-07-28 1267024]
.
[HKEY_CLASSES_ROOT\clsid\{57bca5fa-5dbb-45a2-b558-1755c3f6253b}]
[HKEY_CLASSES_ROOT\WINAMPTB.AOLTBSearch.1]
[HKEY_CLASSES_ROOT\TypeLib\{538CD77C-BFDD-49b0-9562-77419CAB89D1}]
[HKEY_CLASSES_ROOT\WINAMPTB.AOLTBSearch]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ATIPTA"="c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2005-02-22 339968]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2008-05-27 304128]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2010-05-20 06:51 11952 ----a-w- c:\windows\system32\avgrsstx.dll
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Windows Search.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Windows Search.lnk
backup=c:\windows\pss\Windows Search.lnkCommon Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Device Detector]
DevDetect.exe -autorun [X]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]
c:\windows\system32\dumprep 0 -k [X]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2010-09-20 22:07 932288 ----a-r- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2011-01-31 08:44 35760 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2006-10-26 22:47 31016 ----a-w- c:\program files\Microsoft Office\Office12\GrooveMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MCShield]
2010-09-09 18:23 251904 ----a-w- c:\program files\MCShield\MCShieldRTM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MCShieldTray]
2010-09-16 20:15 65536 ----a-w- c:\program files\MCShield\MCShieldTray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Monitor]
2006-11-03 09:01 319488 ----a-w- c:\windows\PixArt\PAC207\Monitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2001-07-09 09:50 155648 ----a-w- c:\windows\system32\NeroCheck.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2010-03-17 19:53 421888 ----a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
2004-11-02 18:24 32768 ----a-w- c:\program files\CyberLink\PowerDVD\PDVDServ.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2010-04-20 11:14 26192680 ----a-r- c:\program files\Skype\Phone\Skype.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2010-02-18 09:43 248040 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
2010-10-20 15:29 328056 ----a-w- c:\program files\uTorrent\uTorrent.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Microsoft Games\\Rise of Nations\\thrones.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
.
R0 AvgRkx86;avgrkx86.sys;c:\windows\system32\drivers\avgrkx86.sys [5/19/2010 10:20 AM 12552]
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [5/19/2010 11:55 AM 682232]
R1 AvgTdiX;AVG8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [5/19/2010 10:20 AM 108552]
S1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [5/19/2010 10:20 AM 335240]
S2 avg8emc;AVG8 E-mail Scanner;c:\progra~1\AVG\AVG8\avgemc.exe --> c:\progra~1\AVG\AVG8\avgemc.exe [?]
S2 avg8wd;AVG8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe --> c:\progra~1\AVG\AVG8\avgwdsvc.exe [?]
S2 FlexService;Remote Connections Service;"c:\program files\RapidBIT\cisvc.exe" --> c:\program files\RapidBIT\cisvc.exe [?]
S3 AVG Security Toolbar Service;AVG Security Toolbar Service;c:\program files\AVG\AVG8\Toolbar\ToolbarBroker.exe --> c:\program files\AVG\AVG8\Toolbar\ToolbarBroker.exe [?]
S3 PAC207;Eye 110;c:\windows\system32\drivers\PFC027.SYS [12/5/2006 11:34 AM 507136]
.
Contents of the 'Scheduled Tasks' folder
.
2011-03-26 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 10:34]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://downloads.phpnuke.org/en/index.php?rvs=google
mStart Page = hxxp://downloads.phpnuke.org/en/index.php?rvs=google
uInternet Connection Wizard,ShellNext = "c:\program files\Outlook Express\msimn.exe"
IE: &Winamp Search - c:\documents and settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
Handler: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} -
FF - ProfilePath - c:\documents and settings\Administrator\Application Data\Mozilla\Firefox\Profiles\g4bwmu8m.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2319505&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://gb.toolbarhome.com/?hp=df
FF - prefs.js: keyword.URL - hxxp://search.avg.com/route/?d=4bf4dc3c&v=6.010.006.004&i=26&tp=ab&iy=&ychte=us&lng=en-US&q=
FF - Ext: Finbu.com: info@finbu.com - c:\program files\Mozilla Firefox\extensions\info@finbu.com
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\Java\jre6\lib\deploy\jqs\ff
FF - Ext: Winamp Toolbar: {0b38152b-1b20-484d-a11f-5e04a9b0661f} - %profile%\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f}
FF - Ext: MB2 Toolbar: {013a635f-e3aa-4371-b682-ece95ca974b0} - %profile%\extensions\{013a635f-e3aa-4371-b682-ece95ca974b0}
FF - Ext: TV Center Toolbar: {350e72a9-e6db-4967-9572-dd8e27d3e1be} - %profile%\extensions\{350e72a9-e6db-4967-9572-dd8e27d3e1be}
FF - Ext: Facicons: {DDABDBA1-2377-4A30-A027-25697B99E254} - %profile%\extensions\{DDABDBA1-2377-4A30-A027-25697B99E254}
FF - Ext: GameBox: gb@toolbar - %profile%\extensions\gb@toolbar
FF - Ext: UnPlug: unplug@compunach - %profile%\extensions\unplug@compunach
FF - Ext: Conduit Engine : engine@conduit.com - %profile%\extensions\engine@conduit.com
FF - Ext: Brothersoft Community Toolbar: {e8de9422-3b2c-4243-bf6f-235da84d8ef8} - %profile%\extensions\{e8de9422-3b2c-4243-bf6f-235da84d8ef8}
.
- - - - ORPHANS REMOVED - - - -
.
URLSearchHooks-{A3BC75A2-1F87-4686-AA43-5347D756017C} - c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll
BHO-{A3BC75A2-1F87-4686-AA43-5347D756017C} - c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll
Toolbar-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll
WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll
HKLM-Run-Cmaudio - cmicnfg.cpl
HKLM-Run-AVG8_TRAY - c:\progra~1\AVG\AVG8\avgtray.exe
MSConfigStartUp-DAEMON Tools - c:\program files\DAEMON Tools\daemon.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, gmer.net
Rootkit scan 2011-03-27 18:04
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\MSPQM]
"ImagePath"="system32\drivers\MSPQM.sys"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-1957994488-725345543-1606980848-500\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (Administrator)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,b3,44,e0,4d,73,0d,a5,40,81,24,6c,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,99,54,4f,69,30,d2,e5,46,89,4c,f0,\
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(628-)
c:\windows\system32\Ati2evxx.dll
.
- - - - - - - > 'explorer.exe'(1388-)
c:\windows\system32\msi.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\OneX.DLL
c:\windows\system32\eappprxy.dll
.
Completion time: 2011-03-27 18:07:16 - machine was rebooted
ComboFix-quarantined-files.txt 2011-03-27 16:07
.
Pre-Run: 8,835,309,568 bytes free
Post-Run: 8,723,922,944 bytes free
.
WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
.
- - End Of File - - 62301E3F100B619364E7D0C659238469

Dopuna: 27 Mar 2011 15:22

prilikom deinstalacije avg prijavila mi se greska da avg ne moze da se deinstalira, pa sam odlucio da ga obrisem rucno i jedan mi je fajl ostao ne obrisan. pokusao sam da ga obrisem al ne ide mi.

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Prilikom deinstalacije AVG-a koristio si alat koji sam ti dao?

Kako ti se cini stanje posle Combofixa, da li je sve u redu?