Usporava mi racunar

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Uloguj se preko Facebooka da bi skinuo fajl:

Vec neko vreme racunar mi otezano radi skenirao sam ga sa antivirusom ali mi nista ne prijavljuje,neke programe sam deinstalirao ali ni to nije nista pomoglo mom problemu,od prijatelja sam saznao za ovaj forum pa sam resio da potrazim vasu pomoc i savet.

mycity.rs/must-login.png

DDS (Ver_2012-10-14.05) - NTFS_x86
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 10.3.0
Run by Maher at 15:25:32 on 2012-10-14
Microsoft Windows XP Professional 5.1.2600.3.1250.381.1033.18.503.83 [GMT 2:00]
.
AV: avast! Antivirus *Enabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
============== Running Processes ================
.
E:\Program Files\AVAST Software\Avast\AvastSvc.exe
E:\WINDOWS\Explorer.EXE
E:\WINDOWS\system32\spoolsv.exe
E:\WINDOWS\system32\igfxtray.exe
E:\WINDOWS\system32\hkcmd.exe
E:\WINDOWS\system32\igfxpers.exe
E:\Program Files\Common Files\Java\Java Update\jusched.exe
E:\Program Files\AVAST Software\Avast\avastUI.exe
E:\Program Files\SweetIM\Messenger\SweetIM.exe
E:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe
E:\Program Files\ClocX\ClocX.exe
E:\WINDOWS\system32\ctfmon.exe
E:\Program Files\Messenger\msmsgs.exe
E:\Program Files\DefaultTab\DefaultTabSearch.exe
E:\Documents and Settings\Maher\Application Data\DefaultTab\DefaultTab\DTUpdate.exe
E:\Program Files\Java\jre7\bin\jqs.exe
E:\WINDOWS\System32\alg.exe
E:\WINDOWS\system32\wbem\unsecapp.exe
E:\WINDOWS\system32\wbem\wmiprvse.exe
E:\Program Files\Google\Chrome\Application\chrome.exe
E:\Program Files\Google\Chrome\Application\chrome.exe
E:\Program Files\Google\Chrome\Application\chrome.exe
E:\Program Files\Google\Chrome\Application\chrome.exe
E:\Program Files\Google\Chrome\Application\chrome.exe
E:\Program Files\Google\Chrome\Application\chrome.exe
E:\Program Files\Google\Chrome\Application\chrome.exe
E:\Program Files\Google\Chrome\Application\chrome.exe
E:\Program Files\Google\Chrome\Application\chrome.exe
E:\WINDOWS\system32\notepad.exe
E:\WINDOWS\System32\svchost.exe -k netsvcs
E:\WINDOWS\system32\svchost.exe -k NetworkService
E:\WINDOWS\system32\svchost.exe -k LocalService
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.rs/
mStart Page = hxxp://home.sweetim.com/?crg=3.1010000.10002&barid={FCA8782F-0C00-11E2-BE87-000D9DD80FA6}
uURLSearchHooks: SweetIM ToolbarURLSearchHook Class: {EEE6C35D-6118-11DC-9C72-001320C79847} - e:\program files\sweetim\toolbars\internet explorer\mgHelper.dll
BHO: I Want This: {11111111-1111-1111-1111-110011221158} - e:\program files\i want this\I Want This.dll
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - e:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: DefaultTab Browser Helper: {7F6AFBF1-E065-4627-A2FD-810366367D01} - e:\documents and settings\maher\application data\defaulttab\defaulttab\DefaultTabBHO.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - e:\program files\java\jre7\bin\jp2ssv.dll
BHO: SweetPacks Browser Helper: {EEE6C35C-6118-11DC-9C72-001320C79847} - e:\program files\sweetim\toolbars\internet explorer\mgToolbarIE.dll
TB: SweetPacks Toolbar for Internet Explorer: {EEE6C35B-6118-11DC-9C72-001320C79847} - e:\program files\sweetim\toolbars\internet explorer\mgToolbarIE.dll
TB: SweetPacks Toolbar for Internet Explorer: {EEE6C35B-6118-11DC-9C72-001320C79847} - e:\program files\sweetim\toolbars\internet explorer\mgToolbarIE.dll
uRun: [CTFMON.EXE] e:\windows\system32\ctfmon.exe
uRun: [MSMSGS] "e:\program files\messenger\msmsgs.exe" /background
uRunOnce: [FlashPlayerUpdate] e:\windows\system32\macromed\flash\FlashUtil11f_ActiveX.exe -update activex
mRun: [igfxtray] e:\windows\system32\igfxtray.exe
mRun: [igfxhkcmd] e:\windows\system32\hkcmd.exe
mRun: [igfxpers] e:\windows\system32\igfxpers.exe
mRun: [Adobe ARM] "e:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [SunJavaUpdateSched] "e:\program files\common files\java\java update\jusched.exe"
mRun: [avast] "e:\program files\avast software\avast\avastUI.exe" /nogui
mRun: [ROC_roc_ssl_v12] "e:\program files\avg secure search\ROC_roc_ssl_v12.exe" / /PROMPT /CMPID=roc_ssl_v12
mRun: [ROC_ROC_JULY_P1] "e:\program files\avg secure search\ROC_ROC_JULY_P1.exe" / /PROMPT /CMPID=ROC_JULY_P1
mRun: [SweetIM] e:\program files\sweetim\messenger\SweetIM.exe
mRun: [Sweetpacks Communicator] e:\program files\sweetim\communicator\SweetPacksUpdateManager.exe
mRun: [ClocX] e:\program files\clocx\ClocX.exe
dRun: [CTFMON.EXE] e:\windows\system32\CTFMON.EXE
dRunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoDriveTypeAutoRun = dword:145
IE: Add to Google Photos Screensa&ver - e:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - e:\progra~1\micros~3\office11\EXCEL.EXE/3000
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - e:\program files\messenger\msmsgs.exe
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_03-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_03-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_03-windows-i586.cab
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{2BFEE59A-5B6F-4F7A-A580-860BF0E6FE38} : DHCPNameServer = 192.168.1.1
Notify: igfxcui - igfxdev.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - e:\windows\system32\wpdshserviceobj.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - e:\documents and settings\maher\application data\mozilla\firefox\profiles\5kt9dnrv.default\
FF - prefs.js: browser.search.defaulturl -
FF - prefs.js: browser.search.selectedEngine - SweetIM Search
FF - prefs.js: browser.startup.homepage - hxxp://search.babylon.com/?affID=112542&babsrc=HP_ss_cr&mntrId=00000000000000000000000d9dd80fa6
FF - prefs.js: keyword.URL - hxxp://search.sweetim.com/search.asp?src=2&barid={FCA8782F-0C00-11E2-BE87-000D9DD80FA6}&q=
FF - plugin: e:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
FF - plugin: e:\program files\common files\avg secure search\sitesafetyinstaller\12.2.6\npsitesafety.dll
FF - plugin: e:\program files\gamingwonderland\bar\1.bin\NPgtStub.dll
FF - plugin: e:\program files\google\picasa3\npPicasa3.dll
FF - plugin: e:\program files\google\update\1.3.21.123\npGoogleUpdate3.dll
FF - plugin: e:\program files\java\jre7\bin\plugin2\npjp2.dll
FF - plugin: e:\program files\marineaquarium3free_57\bar\1.bin\NP57Stub.dll
FF - plugin: e:\program files\microsoft silverlight\5.0.61118.0\npctrlui.dll
FF - plugin: e:\program files\radiorage_4j\bar\1.bin\NP4jStub.dll
FF - plugin: e:\program files\televisionfanatic\bar\1.bin\NP64Stub.dll
FF - ExtSQL: 2012-09-13 18:50; 57ffxtbr@MarineAquarium3Free_57.com; e:\documents and settings\maher\application data\mozilla\firefox\profiles\5kt9dnrv.default\extensions\57ffxtbr@MarineAquarium3Free_57.com
FF - ExtSQL: 2012-09-16 16:31; 4jffxtbr@RadioRage_4j.com; e:\documents and settings\maher\application data\mozilla\firefox\profiles\5kt9dnrv.default\extensions\4jffxtbr@RadioRage_4j.com
FF - ExtSQL: 2012-10-05 19:09; wrc@avast.com; e:\program files\avast software\avast\webrep\FF
FF - ExtSQL: 2012-10-07 12:29; {62d40876-df18-411f-9d34-a9dd7a197bc5}; e:\documents and settings\maher\application data\mozilla\firefox\profiles\5kt9dnrv.default\extensions\{62d40876-df18-411f-9d34-a9dd7a197bc5}
FF - ExtSQL: 2012-10-07 16:43; addon@defaulttab.com; e:\documents and settings\maher\application data\mozilla\firefox\profiles\5kt9dnrv.default\extensions\addon@defaulttab.com.xpi
FF - ExtSQL: 2012-10-07 16:48; ffxtlbra@softonic.com; e:\documents and settings\maher\application data\mozilla\firefox\profiles\5kt9dnrv.default\extensions\ffxtlbra@softonic.com
FF - ExtSQL: 2012-10-07 16:48; {EEE6C361-6118-11DC-9C72-001320C79847}; e:\documents and settings\maher\application data\mozilla\firefox\profiles\5kt9dnrv.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}.xpi
FF - ExtSQL: !HIDDEN! 2012-05-13 13:42; gtffxtbr@GamingWonderland.com; e:\program files\gamingwonderland\bar\1.bin
FF - ExtSQL: !HIDDEN! 2012-05-26 19:23; 64ffxtbr@TelevisionFanatic.com; e:\program files\televisionfanatic\bar\1.bin
FF - ExtSQL: !HIDDEN! 2012-09-13 18:28; 57ffxtbr@MarineAquarium3Free_57.com; e:\program files\marineaquarium3free_57\bar\1.bin
FF - ExtSQL: !HIDDEN! 2012-09-15 14:21; 4jffxtbr@RadioRage_4j.com; e:\program files\radiorage_4j\bar\1.bin
.
---- FIREFOX POLICIES ----
FF - user.js: extensions.BabylonToolbar_i.babTrack - affID=112542
FF - user.js: extensions.BabylonToolbar_i.babExt -
FF - user.js: extensions.BabylonToolbar_i.srcExt - ss
FF - user.js: extensions.BabylonToolbar_i.id - 00000000000000000000000d9dd80fa6
FF - user.js: extensions.BabylonToolbar_i.hardId - 00000000000000000000000d9dd80fa6
FF - user.js: extensions.BabylonToolbar_i.instlDay - 15486
FF - user.js: extensions.BabylonToolbar_i.vrsn - 1.5.3.17
FF - user.js: extensions.BabylonToolbar_i.vrsni - 1.5.3.17
FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.5.3.1722:12:50
FF - user.js: extensions.BabylonToolbar_i.prtnrId - babylon
FF - user.js: extensions.BabylonToolbar_i.prdct - BabylonToolbar
FF - user.js: extensions.BabylonToolbar_i.aflt - babsst
FF - user.js: extensions.BabylonToolbar_i.smplGrp - none
FF - user.js: extensions.BabylonToolbar_i.tlbrId - base
FF - user.js: extensions.BabylonToolbar_i.instlRef - sst
FF - user.js: extensions.Softonic.rvrtMsg - Click Yes to keep current home page and default search settings, Click No to restore original settings
FF - user.js: extensions.Softonic.autoRvrt - false
FF - user.js: extensions.Softonic_i.newTab - false
FF - user.js: extensions.Softonic.tlbrSrchUrl - hxxp://search.softonic.com/MON00006/tb_v1?SearchSource=1&cc=&q=
FF - user.js: extensions.Softonic.id - 00000000000000000000000d9dd80fa6
FF - user.js: extensions.Softonic.instlDay - 15620
FF - user.js: extensions.Softonic.vrsn - 1.6.7.4
FF - user.js: extensions.Softonic.vrsni - 1.6.7.4
FF - user.js: extensions.Softonic_i.vrsnTs - 1.6.7.411:32:24
FF - user.js: extensions.Softonic.prtnrId - softonic
FF - user.js: extensions.Softonic.prdct - Softonic
FF - user.js: extensions.Softonic.aflt - SD
FF - user.js: extensions.Softonic_i.smplGrp - none
FF - user.js: extensions.Softonic.tlbrId - base
FF - user.js: extensions.Softonic.instlRef - MON00006
FF - user.js: extensions.Softonic.dfltLng -
FF - user.js: extensions.Softonic.excTlbr - false
FF - user.js: extensions.Softonic.admin - false
.
============= SERVICES / DRIVERS ===============
.
R1 aswSnx;aswSnx;e:\windows\system32\drivers\aswSnx.sys [2012-5-13 729752]
R1 aswSP;aswSP;e:\windows\system32\drivers\aswSP.sys [2012-5-13 355632]
R2 aswFsBlk;aswFsBlk;e:\windows\system32\drivers\aswFsBlk.sys [2012-5-13 21256]
R2 avast! Antivirus;avast! Antivirus;e:\program files\avast software\avast\AvastSvc.exe [2012-5-13 44808]
R2 DefaultTabSearch;DefaultTabSearch;e:\program files\defaulttab\DefaultTabSearch.exe [2012-7-17 562688]
R2 DefaultTabUpdate;DefaultTabUpdate;e:\documents and settings\maher\application data\defaulttab\defaulttab\DTUpdate.exe [2012-10-5 107520]
S1 MpKsl5469da4a;MpKsl5469da4a;\??\e:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{47575a38-7fb5-40a1-8c54-c4998b9e45ed}\mpksl5469da4a.sys --> e:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{47575a38-7fb5-40a1-8c54-c4998b9e45ed}\MpKsl5469da4a.sys [?]
S3 AGV;AGV;e:\windows\system32\drivers\AGV.sys [2012-3-25 183465]
S3 GV600S;GV600S;e:\windows\system32\drivers\GV600S.sys [2012-3-25 73633]
S3 MozillaMaintenance;Mozilla Maintenance Service;e:\program files\mozilla maintenance service\maintenanceservice.exe [2012-5-19 114144]
.
=============== Created Last 30 ================
.
2012-10-13 19:39:14 693648 ----a-w- e:\program files\gtUninstall GamingWonderland.dll
2012-10-13 19:39:14 174024 ----a-w- e:\program files\gtres.dll
2012-10-13 19:03:58 -------- d-----w- e:\documents and settings\maher\application data\MSNInstaller
2012-10-07 10:31:09 -------- d-----w- e:\program files\Conduit
2012-10-07 10:30:40 -------- d-----w- e:\documents and settings\maher\local settings\application data\Conduit
2012-10-07 10:29:48 -------- d-----w- e:\documents and settings\maher\local settings\application data\CRE
2012-10-05 17:38:24 -------- d-----w- e:\documents and settings\maher\local settings\application data\Eggiz
2012-10-05 17:34:46 -------- d-----w- e:\program files\DefaultTab
2012-10-05 17:34:20 -------- d-----w- e:\documents and settings\maher\application data\DefaultTab
2012-10-01 19:51:16 -------- d-----w- e:\documents and settings\maher\local settings\application data\Pokki
2012-10-01 19:48:23 -------- d-----w- e:\program files\SweetIM
2012-10-01 19:48:23 -------- d-----w- e:\documents and settings\all users\application data\SweetIM
2012-10-01 19:47:18 -------- d-----w- e:\program files\ClocX
2012-09-14 19:04:23 -------- d-----w- e:\documents and settings\maher\application data\Marine Aquarium Lite
.
==================== Find3M ====================
.
2012-08-21 09:13:15 729752 ----a-w- e:\windows\system32\drivers\aswSnx.sys
2012-08-21 09:12:33 41224 ----a-w- e:\windows\avastSS.scr
.
============= FINISH: 15:26:11,67 ===============

mycity.rs/must-login.png

mycity.rs/must-login.png
Ako sta nisam dostavio vi mi napisite.

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Pozdrav,

Ponovo pokreni DDS,pusti ga da zavrsi skeniranje i dostavi mi Attach.txt

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Uloguj se preko Facebooka da bi skinuo fajl:

Evo trazeno
mycity.rs/must-login.png

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Ne citas uputsvo!
Fali Attach.txt log,DDS.txt si mi dostavio vec.

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Uloguj se preko Facebooka da bi skinuo fajl:

mycity.rs/must-login.png

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Korak 1




Deinstaliraj sledeće programe,ukoliko ih ne koristiš:

DefaultTab
DefaultTab Chrome
SweetIM for Messenger 3.7

To možeš uraditi klikom na Start, pa Control Panel i dvoklik na Add or Remove Programs. Deinstalacijom možeš postići bolje performanse računara, kao i performanse i stabilnost browsera koje koristiš.






Korak 2




Preuzmi "Xplode"-ov AdwCleaner i sacuvaj ga na Desktop
Dvoklikom pokreni program i klikni na dugme [Search] .
Kada program zavrsi analizu otvorice notepad sa izvestajem. Zatvori taj notepad.

Klikni na dugme [Delete] i pricekaj da program zavrsi.
Program ce zatvoriti sve aktivne programe i izbaciti prozor sa tim upozorenjem. Klikni Ok kao potvrdu.
Na sledeca dva prozora koja se otvore (Informations i Restart required ) klikni Ok
Racunar ce se restartovati a potom otvoriti notepad (C:\AdwCleaner[S1].txt) sa izvestajem.


Sacuvaj taj notepad na Desktop i okaci ga uz poruku koristeci opciju "Prikaci fajl"
Napomena: Izvestaj ce takodje biti sacuvan na C:\AdwCleaner[S1].txt








NIx Car(AMF Tim)

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Uloguj se preko Facebooka da bi skinuo fajl:

Napisano: 18 Okt 2012 20:02

Hvala za pomoć, pozdrav.

Dopuna: 24 Okt 2012 18:35

mycity.rs/must-login.png

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Ok to bi bilo to. Računar je čist što se malware-a tiče.

Odradi još i sledeće:

Preporučujem ti da koristiš program MCShield za zaštitu USB memorijskih uređaja.

Program možeš preuzeti sa OVOG linka. Nakon instalacije programa, priključi USB memorijske uređaje, i oni će biti skenirani. Na kraju skeniranja ćeš dobiti izveštaj da je uređaj čist ili obaveštenje o uklonjenom malware-u.


Takođe, poseti ovu temu da vidiš da li ti je pretraživač ranjiv i instaliraš ažurirane komponente
http://www.mycity.rs/Propusti-i-azuriranja/Testira.....anjiv.html