[Hilari]

Hi, Imam računalo koje je novo, ja sam stavio datoteka i programa, a zatim ovaj mjesec, to je igranje gore.

Kad idem pokrenuti računalo ponekad radi, a 80% to neće proći pozdravnu stranicu, 10% vremena, ali onda to ne samo za ekran ići crna, svaki put kad gors crno ili ne idem prošlosti dobrodoąlice stranicu. Imam to ponovno podizanje sustava računalo.

Ponekad sam otvoriti ga u safemode zatim ponovo pokrenite ga i onda radi.

I onda kad sam ići u zatvorenim ga, on prestaje na zatvorena stranicu i neće pomaknuti, ja lijevo on jedne noći da li bi to u jutro i to je bio još uvijek u sustavu Windows kazivanje isključi.

I ran Super Anti spyware i pronašao ovo:


Trojanac. Sustav Vozač, C: \ 32788R22FWJFW \ CREG.DAT

Koji je stavljen u karanteni predmeta datoteku, trebali bi ga izbrisati?

Također fould 52 Tracking Cookies koje su stavili u karanteni datoteku.


Ja sam jedan Hijackthis scan i to je ono što je rekao:

Logfile of Trend Micro HijackThis v2.0.2
Scan spremljena u 12:04:20, dana 15/11/2008
Platforma: Windows Vista SP1 (Winnt 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Safe mode
Pokretanje procesa:
C: \ Windows \ Explorer.exe
C: \ Program Files \ Trend Micro \ HijackThis \ HijackThis.exe
R1 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = https: / / login.yahoo.com / config / mail?. intl = uk &. src = ym
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TY...ion&pf=desktop
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://ie.redirect.hp.com/svs/rdr?TY...ion&pf=desktop
R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Search, SearchAssistant =
R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Search, CustomizeSearch =
R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Local Page =
R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Local Page =
R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Toolbar, LinksFolderName =
O1 - Hosts::: 1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - (06849E9F-C8D7-4D59-B87D-784B7D6BE0B3) - C: \ Program Files \ Adobe \ Acrobat 7,0 \ ActiveX \ AcroIEHelper.dll
O2 - BHO: NCO 2,0 IE BHO - (602ADB0E-4AFF-4217-8AA1-95DAC4DFA408) - C: \ Program Files \ Common Files \ Symantec Shared \ coShared \ Browser \ 2,6 \ coIEPlg.dll
O2 - BHO: Symantec prevenciju upada - (6D53EC84-6AAE-4787-AEEE-F4628F01010C) - C: \ programa ~ 1 \ UOBIČAJENA ~ 1 \ SYMANT ~ 1 \ IDS \ IPSBHO.dll
O2 - BHO: Groove GFS Browser Helper - (72853161-30C5-4D22-B7F9-0BBC1D38A37E) - C: \ Program Files \ Microsoft Office \ Office12 \ GrooveShellExtensions.dll
O2 - BHO: Google Toolbar Helper - (AA58ED58-01DD-4d91-8333-CF10577473F7) - c: \ program files \ google \ googletoolbar2.dll
O3 - Toolbar: Norton Show Toolbar - (7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA) - C: \ Program Files \ Common Files \ Symantec Shared \ coShared \ Browser \ 2,6 \ CoIEPlg.dll
O3 - Toolbar: & Google - (2318C2B1-4965-11d4-9B18-009027A5CD4F) - c: \ program files \ google \ googletoolbar2.dll
O4 - HKLM \ .. \ Run: [Windows Defender]% ProgramFiles% \ Windows Defender \ MSASCui.exe-hide
O4 - HKLM \ .. \ Run: [hpsysdrv] c: \ hp \ SUPPORT \ hpsysdrv.exe
O4 - HKLM \ .. \ Run: [KBD] C: \ HP \ KBD \ KbdStub.EXE
O4 - HKLM \ .. \ Run: [ATICCC] "C: \ Program Files \ ATI Technologies \ ATI.ACE \ CLIStart.exe"
O4 - HKLM \ .. \ Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM \ .. \ Run: [ccApp] "C: \ Program Files \ Common Files \ Symantec Shared \ ccApp.exe"
O4 - HKLM \ .. \ Run: [osCheck] "C: \ Program Files \ Norton 360 \ osCheck.exe"
O4 - HKLM \ .. \ Run: [QuickTime Task] "C: \ Program Files \ QuickTime \ QTTask.exe"-atboottime
O4 - HKLM \ .. \ Run: [iTunesHelper] "C: \ Program Files \ iTunes \ iTunesHelper.exe"
O4 - HKLM \ .. \ Run: [GrooveMonitor] "C: \ Program Files \ Microsoft Office \ Office12 \ GrooveMonitor.exe"
O4 - HKLM \ .. \ Run: [IAAnotif] "C: \ Program Files \ Intel \ Intel Matrix Storage Manager \ Iaanotif.exe"
O4 - HKLM \ .. \ Run: [HP Software Update] C: \ Program Files \ HP \ HP Software Update \ HPWuSchd2.exe
O4 - HKLM \ .. \ Run: [RoxWatchTray] "C: \ Program Files \ Common Files \ Roxio Shared \ 9,0 \ SharedCOM \ RoxWatchTray9.exe"
O4 - HKLM \ .. \ Run: [DMXLauncher] "C: \ Program Files \ Roxio \ Media Experience \ DMXLauncher.exe"
O4 - HKLM \ .. \ Run: [RoxioDragToDisc] "C: \ Program Files \ Roxio \ Drag-to-Disk \ DrgToDsc.exe"
O4 - HKLM \ .. \ RunOnce: [Launcher]% Windir% \ SMINST \ launcher.exe
O4 - HKCU \ .. \ Run: [škrabati] C: \ Program Files \ škrabati \ Scribble.exe-tihe
O4 - HKCU \ .. \ Run: [OM2_Monitor] "C: \ Program Files \ Olympus \ Olympus Master 2 \ MMonitor.exe"
O4 - HKUS \ S-1-5-19 \ .. \ Run: [Sidebar]% ProgramFiles% \ Windows Sidebar \ Sidebar.exe / detectMem (User 'LOCAL SERVICE')
O4 - HKUS \ S-1-5-19 \ .. \ Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll, ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS \ S-1-5-20 \ .. \ Run: [Sidebar]% ProgramFiles% \ Windows Sidebar \ Sidebar.exe / detectMem (User 'NETWORK SERVICE')
O4 - Startup: Scheduler.lnk =?
O4 - Startup: TracksCleaner.lnk = C: \ Program Files \ GhostSurf Platinum \ TracksCleaner.exe
O4 - Global Startup: GhostSurf proxy.lnk = C: \ Program Files \ GhostSurf Platinum \ Proxy.exe
O4 - Global Startup: SpyCatcher.lnk = C: \ Program Files \ GhostSurf Platinum \ SpyCatcher.exe
O8 - Extra kontekst meni stavka: E & zvezi u Microsoft Excel - res: / / C: \ programa ~ 1 \ MICROS ~ 3 \ Office12 \ EXCEL.EXE/3000
O9 - Extra button: Send to OneNote - (2670000A-7350-4f3c-8081-5663EE0C6C49) - C: \ programa ~ 1 \ MICROS ~ 3 \ Office12 \ ONBttnIE.dll
O9 - Extra 'Tools' MENUITEM: S & kraj OneNote - (2670000A-7350-4f3c-8081-5663EE0C6C49) - C: \ programa ~ 1 \ MICROS ~ 3 \ Office12 \ ONBttnIE.dll
O9 - Extra button: Research - (92780B25-18CC-41C8-B9BE-3C9C571A8263) - C: \ programa ~ 1 \ MICROS ~ 3 \ Office12 \ REFIEBAR.DLL
O13 - smolastoga Prefiks:
O16 - DPF: (D27CDB6E-AE6D-11CF-96B8-444553540000) (Shockwave Flash Object) -- https: / / fpdownload.macromedia.com / ge...nt / swflash.cab
O18 - Protocol: grooveLocalGWS - (88FED34C-F0CA-4636-A375-3CB6248B04CD) - C: \ Program Files \ Microsoft Office \ Office12 \ GrooveSystemServices.dll
O20 - AppInit_DLLs: secuload.dll
O23 - Service: Intel (R) Alert Service (AlertService) - Intel (R) Corporation - C: \ Program Files \ Intel \ IntelDH \ CCU \ AlertService.exe
O23 - Service: Apple Mobile Device - Apple Inc - C: \ Program Files \ Common Files \ Apple \ Mobile Device Support \ bin \ AppleMobileDeviceService.exe
O23 - Service: ati External Event Utility - ATI Technologies Inc - C: \ Windows \ system32 \ Ati2evxx.exe
O23 - Service: Automatic LiveUpdate Planer - Symantec Corporation - C: \ Program Files \ Symantec \ LiveUpdate \ AluSchedulerSvc.exe
O23 - Service: Bonjour Service - Apple Inc - C: \ Program Files \ Bonjour \ mDNSResponder.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C: \ Program Files \ Common Files \ Symantec Shared \ ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C: \ Program Files \ Common Files \ Symantec Shared \ ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect usluga (CLTNetCnService) - Symantec Corporation - C: \ Program Files \ Common Files \ Symantec Shared \ ccSvcHst.exe
O23 - Service: Host COM (comHost) - Symantec Corporation - C: \ Program Files \ Common Files \ Symantec Shared \ VAScanner \ comHost.exe
O23 - Service: DQLWinService - Unknown vlasnika - C: \ Program Files \ Common Files \ Intel \ IntelDH \ NMS \ AdpPlugins \ DQLWinService.e Xe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd - C: \ Program Files \ Common Files \ Macrovision Shared \ FLEXnet Izdavač \ FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C: \ Program Files \ Google \ Common \ Google Updater \ GoogleUpdaterService.exe
O23 - Service: Intel (R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C: \ Program Files \ Intel \ Intel Matrix Storage Manager \ Iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C: \ Program Files \ Common Files \ InstallShield \ Driver \ 1050 \ Intel 32 \ IDriverT.exe
O23 - Service: Intel DH Service (IntelDHSvcConf) - Intel (R) Corporation - C: \ Program Files \ Intel \ IntelDH \ Intel Media Server \ Tools \ IntelDHSvcConf.exe
O23 - Service: iPod Service - Apple Inc - C: \ Program Files \ iPod \ bin \ iPodService.exe
O23 - Service: Intel (R) Software Services Manager (ISSM) - Intel (R) Corporation - C: \ Program Files \ Intel \ IntelDH \ Intel Media Server \ Media Server \ bin \ ISSM.exe
O23 - Service: LightScribeService Direct Disc Označavanje Service (LightScribeService) - Hewlett-Packard Company - C: \ Program Files \ Common Files \ LightScribe \ LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C: \ Program Files \ Symantec \ LiveUpdate \ LuComServer_3_4.EXE
O23 - Service: LiveUpdate Obavijest - Symantec Corporation - C: \ Program Files \ Common Files \ Symantec Shared \ ccSvcHst.exe
O23 - Service: Intel (R) Viiv (TM) Media Server (M1 Server) - Unknown vlasnika - C: \ Program Files \ Intel \ IntelDH \ Intel Media Server \ Media Server \ bin \ mediaserver.exe
O23 - Service: Intel (R) Primjena Tracker (MCLServiceATL) - Intel (R) Corporation - C: \ Program Files \ Intel \ IntelDH \ Intel Media Server \ školjki \ MCLServiceATL.exe
O23 - Service: protektor - Tenebril Inc - C: \ Program Files \ GhostSurf Platinum \ ProtectorSvc.exe
O23 - Service: Intel (R) Remoting Service (Usluga udaljene UI) - Intel (R) Corporation - C: \ Program Files \ Intel \ IntelDH \ Intel Media Server \ školjki \ Remote UI Service.exe
O23 - Service: Roxio UPnP Renderer 9 - Sonic Solutions - C: \ Program Files \ Roxio \ Digital Home 9 \ RoxioUPnPRenderer9.exe
O23 - Service: Roxio Upnp Server 9 - Sonic Solutions - C: \ Program Files \ Roxio \ Digital Home 9 \ RoxioUpnpService9.exe
O23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Sonic Solutions - C: \ Program Files \ Common Files \ Roxio Shared \ 9,0 \ SharedCOM \ RoxLiveShare9.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C: \ Program Files \ Common Files \ Roxio Shared \ 9,0 \ SharedCOM \ RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C: \ Program Files \ Common Files \ Roxio Shared \ 9,0 \ SharedCOM \ RoxWatch9.exe
O23 - Service: stllssvr - MicroVision Development, Inc - c: \ Program Files \ Common Files \ SureThing Shared \ stllssvr.exe
O23 - Service: Symantec Core LC - Unknown vlasnika - C: \ programa ~ 1 \ UOBIČAJENA ~ 1 \ SYMANT ~ 1 \ CCPD-LC \ symlcsvc.exe
--
End of file - 9503 bytes

[evilfantasy]

Dobrodošli na CJ.

Preuzimanje Malwarebytes' Anti-zaštita od zlonamjernih programa (MBAM)

• Dvokliknite mbam-setup.exe i slijedite upute za instaliranje programa.
• Na kraju, svakako jedan je postavljena kvačica pored sljedeće:
  • Update Malwarebytes' Anti-zaštita od zlonamjernih programa
  • Launch Malwarebytes' Anti-zaštita od zlonamjernih programa
• Zatim kliknite na Završi.
• Ako se ažuriranje je pronađen, on će preuzeti i instalirati najnoviju verziju.
• Nakon što program učita, odaberite Obavi brzo pretraživanje, A zatim kliknite Scan.
• Kada se skeniranje završi, kliknite na U redu, Zatim Prikaži rezultate za prikaz rezultata.
• Budite sigurni da je sve provjeriti, a zatim kliknite Ukloni odabrano.
• Kad je završio dezinfekcija, a zapisnik će se otvoriti u Notepad i vi svibanj biti zatraženo da Restart. (Vidi Extra bilješka)
• U zapisnik se automatski sprema po MBAM i mogu biti pregledani klikom na tab Evidencije u MBAM.
• Kopirajte i zalijepite cijeli izvještaj u vašem sljedeći odgovor.

Extra Napomena: Ako MBAM susrete datoteku koja je teško ukloniti, bit će predstavljen sa 1 of 2 upitom, kliknite U redu da biste bilo i nek MBAM nastaviti s procesom dezinfekcije, ako je zatraženo da ponovo pokrenete računalo, učinite to odmah.

----------

Preuzimanje slučajni sustav informacija alat (RSIT) by random / od slučajnih i spremite je na svoj Desktop.

• Dvaput kliknite na RSIT.exe izvoditi.
• Kliknite Nastavi disclaimer na zaslonu.
• Nakon što je završio, dva logove će se otvoriti.
• log.txt «bit će maximized i info.txt «će biti minimiziran
• Molimo post sadržaj oboje logove u sljedećem odgovoru.

[Hilari]

Pozdrav, ispričavam se na nered oko vas, ja ovo staviti na dvije stranice kao što je bio težak da biste dobili pomoć.
Drugi je odgovorio kako je, dobro, pa ne žele nered oko vas oboje.
Hvala vam za vaš ionako ponuditi pomoć.

[evilfantasy]

Hvala Vam što ste nas obavijestili.