Poslao: 16 Dec 2011 12:14
|
offline
- Pridružio: 23 Mar 2008
- Poruke: 68
|
Pozdrav,
Imam problem sa laptopom koji je vec neko vreme (ne znam tacno) prisutan. Cesto radi sporo. Sporo podize sistem i cesto radi sporo iako koristim samo 30% memorije i procesora. Kada je u pitanju prelazak sa taba na tab u web browseru (konkretno firefoxu) ponekad freezuje na nekoliko sekundi.
Problem imam i sa internetom. Povezan sam na svoj ruter (kroz koji inace ide ADSL internet brzine 6Mbps download-a i skoro 1Mbps uploada) pre wireless-a laptopom i preko LAN-a desktopom. Na desktopu je net konstantno dobar dok na laptopu vrlo cesto prekida ili radi brzinom 0.5DL (sa speedtesta), i to mislim kada skroz iskljucim desktop da se ne desi slucajno neki update u momentu.
Takodje na MSN-u mi se javlja kao neki bot koji mi pise nesto svaki put kada pokrenem msn (kada se ulogujem).
.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 8.0.7600.16385 BrowserJavaVersion: 1.6.0_26
Run by Freezing Cool at 22:35:07 on 2011-12-15
Microsoft Windows 7 Ultimate 6.1.7600.0.1252.1.1033.18.3071.1790 [GMT 1:00]
.
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\CrossriderWebApps\Crossrider.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\DllHost.exe
C:\totalcmd\TOTALCMD.EXE
C:\Program Files\Garena\Garena.exe
C:\Program Files\Winamp\winamp.exe
C:\Program Files\Winamp\elevator.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Users\Freezing Cool\AppData\Roaming\Google\Google Talk\googletalk.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://home.sweetim.com
mStart Page = hxxp://home.sweetim.com
uInternet Settings,ProxyOverride = *.local
uURLSearchHooks: SweetIM ToolbarURLSearchHook Class: {eee6c35d-6118-11dc-9c72-001320c79847} - c:\program files\sweetim\toolbars\internet explorer\mgHelper.dll
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: Skype add-on (mastermind): {22bf413b-c6d2-4d91-82a9-a0f997ba588c} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\progra~1\micros~4\office14\GROOVEEX.DLL
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: CrossRider: {a876e312-7d08-401a-b7a6-fafc5dc2f292} - c:\program files\crossriderwebapps\Crossrider.dll
BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - c:\progra~1\micros~4\office14\URLREDIR.DLL
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: SweetIM Toolbar Helper: {eee6c35c-6118-11dc-9c72-001320c79847} - c:\program files\sweetim\toolbars\internet explorer\mgToolbarIE.dll
TB: SweetIM Toolbar for Internet Explorer: {eee6c35b-6118-11dc-9c72-001320c79847} - c:\program files\sweetim\toolbars\internet explorer\mgToolbarIE.dll
uRun: [CrossRiderPlugin] c:\program files\crossriderwebapps\Crossrider.exe
uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background
mRun: [RtHDVCpl] c:\program files\realtek\audio\hda\RtHDVCpl.exe -s
mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: PromptOnSecureDesktop = 0 (0x0)
IE: E&xport to Microsoft Excel - c:\progra~1\micros~4\office14\EXCEL.EXE/3000
IE: Free YouTube Download - c:\users\freezing cool\appdata\roaming\dvdvideosoftiehelpers\freeyoutubedownload.htm
IE: Free YouTube to MP3 Converter - c:\users\freezing cool\appdata\roaming\dvdvideosoftiehelpers\freeyoutubetomp3converter.htm
IE: Se&nd to OneNote - c:\progra~1\micros~4\office14\ONBttnIE.dll/105
IE: Search the Web - c:\program files\sweetim\toolbars\internet explorer\resources\menuext.html
IE: {CF819DA3-9882-4944-ADF5-6EF17ECF3C6E} - "c:\program files\fiddler2\Fiddler.exe"
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office14\ONBttnIE.dll
IE: {77BF5300-1474-4EC7-9980-D32B190E9B07} - {77BF5300-1474-4EC7-9980-D32B190E9B07} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office\office14\ONBttnIELinkedNotes.dll
DPF: Microsoft XML Parser for Java - file:///C:/Windows/Java/classes/xmldso.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_22-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{EDBF7D15-122E-4545-A0E8-7DA400CA7356} : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{EDBF7D15-122E-4545-A0E8-7DA400CA7356}\249424C494F44554B414 : DhcpNameServer = 212.200.191.166
TCP: Interfaces\{EDBF7D15-122E-4545-A0E8-7DA400CA7356}\33C494F4E435F5241425 : DhcpNameServer = 192.168.2.1
TCP: Interfaces\{EDBF7D15-122E-4545-A0E8-7DA400CA7356}\3747566616E6F667 : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{EDBF7D15-122E-4545-A0E8-7DA400CA7356}\4505D2C494E4B4F5147383243363 : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{EDBF7D15-122E-4545-A0E8-7DA400CA7356}\84745353231413D2739364031413 : DhcpNameServer = 192.168.1.1 192.168.1.1
TCP: Interfaces\{EDBF7D15-122E-4545-A0E8-7DA400CA7356}\E496B6F6C61602A4 : DhcpNameServer = 192.168.0.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\progra~1\micros~4\office14\GROOVEEX.DLL
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\freezing cool\appdata\roaming\mozilla\firefox\profiles\myh93snw.default\
FF - prefs.js: browser.search.defaulturl -
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://home.sweetim.com
FF - plugin: c:\progra~1\micros~4\office14\NPAUTHZ.DLL
FF - plugin: c:\progra~1\micros~4\office14\NPSPWRAP.DLL
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\microsoft silverlight\3.0.40818.0\npctrlui.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npPandoWebInst.dll
FF - plugin: c:\users\freezing cool\appdata\local\google\update\1.3.21.79\npGoogleUpdate3.dll
FF - plugin: c:\users\freezing cool\appdata\locallow\unity\webplayer\loader\npUnity3D32.dll
FF - plugin: c:\users\freezing cool\appdata\roaming\mozilla\plugins\npgoogletalk.dll
FF - plugin: c:\users\freezing cool\appdata\roaming\mozilla\plugins\npgtpo3dautoplugin.dll
FF - plugin: c:\windows\system32\c2mp\npdivx32.dll
.
============= SERVICES / DRIVERS ===============
.
R0 O2MDRDR;O2MDRDR;c:\windows\system32\drivers\o2media.sys [2005-11-14 34176]
R1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\drivers\vwififlt.sys [2009-7-14 48128]
R2 StarWindService;StarWind iSCSI Service;c:\program files\alcohol soft\alcohol 120\starwind\StarWindService.exe [2005-4-2 217600]
R2 TeamViewer6;TeamViewer 6;c:\program files\teamviewer\version6\TeamViewer_Service.exe [2011-6-14 2337144]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\drivers\Rt86win7.sys [2009-6-10 139776]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 StarWindServiceAE;StarWind AE Service;c:\program files\alcohol soft\alcohol 120\starwind\StarWindServiceAE.exe [2009-12-23 370688]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
S3 BthAvrcp;Bluetooth AVRCP Profile;c:\windows\system32\drivers\BthAvrcp.sys [2009-8-13 22528]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\microsoft office\office14\GROOVE.EXE [2010-3-25 30969208]
S3 osppsvc;Office Software Protection Platform;c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\OSPPSVC.EXE [2010-1-9 4640000]
S4 BlackfishSQL;BlackfishSQL;c:\program files\codegear\rad studio\6.0\bin\BSQLServer.exe [2008-8-29 65536]
S4 IBG_gds_db;InterBase 2009 Guardian gds_db;c:\codegear\interbase\bin\ibguard.exe -i "c:\codegear\interbase" -p gds_db --> c:\codegear\interbase\bin\ibguard.exe -i c:\codegear\InterBase [?]
S4 IBS_gds_db;InterBase 2009 Server gds_db;c:\codegear\interbase\bin\ibserver.exe -i "c:\codegear\interbase" -p gds_db --> c:\codegear\interbase\bin\ibserver.exe -i c:\codegear\InterBase [?]
S4 KMService;KMService;c:\windows\system32\srvany.exe [2011-10-27 8192]
S4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files\microsoft sql server\100\shared\sqladhlp.exe [2009-7-23 47128]
S4 NAUpdate;Nero Update;c:\program files\nero\update\NASvc.exe [2010-5-4 503080]
S4 RsFx0103;RsFx0103 Driver;c:\windows\system32\drivers\RsFx0103.sys [2009-3-30 239336]
S4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);c:\program files\microsoft sql server\mssql10.sqlexpress\mssql\binn\SQLAGENT.EXE [2009-3-30 366936]
.
=============== Created Last 30 ================
.
2011-12-13 22:26:10 -------- d-----w- c:\windows\pss
2011-12-13 22:22:41 -------- d-s---w- C:\ComboFix
2011-12-13 22:21:47 -------- d-sh--w- C:\$RECYCLE.BIN
2011-12-13 22:21:45 -------- d-----w- c:\users\freezing cool\appdata\local\temp
2011-12-07 22:32:47 -------- d-----w- c:\users\freezing cool\appdata\local\Flash Builder
2011-12-07 22:32:34 -------- d-----w- c:\programdata\regid.1986-12.com.adobe
2011-12-07 22:16:34 -------- d-----w- c:\users\freezing cool\Adobe Flash Builder 4.6
2011-12-05 21:37:13 -------- d-----w- c:\users\freezing cool\appdata\local\FullTiltPoker
2011-12-05 21:36:51 -------- d-----w- c:\program files\Full Tilt Poker
2011-12-03 03:06:03 -------- d-----w- c:\program files\URUSoft
2011-12-02 00:58:07 -------- d-----w- c:\users\freezing cool\.jgame
2011-11-30 16:26:21 -------- d-----w- C:\Capitalism II
2011-11-27 23:12:09 -------- d-----w- c:\program files\Advanced Video Compressor
2011-11-25 22:39:37 -------- d-----w- c:\programdata\Fugazo
2011-11-25 22:39:35 -------- d-----w- c:\programdata\Trymedia
2011-11-25 22:36:53 -------- d-----w- c:\program files\FishBone Games
2011-11-25 22:36:52 -------- d-----w- C:\Downloads
2011-11-23 23:39:47 -------- d-----w- c:\program files\wxDownload Fast
2011-11-23 23:39:36 -------- d-----w- c:\program files\CrossriderWebApps
2011-11-23 23:39:27 -------- d-----w- c:\programdata\SendSpaceExtention
2011-11-23 23:39:05 -------- d-----w- c:\programdata\SweetIM
2011-11-23 23:39:05 -------- d-----w- c:\program files\SweetIM
2011-11-23 23:38:30 -------- d-----w- c:\programdata\Premium
2011-11-23 23:38:29 -------- d-----w- c:\programdata\InstallMate
2011-11-23 23:33:15 -------- d-----w- c:\users\freezing cool\appdata\roaming\mIRC
2011-11-23 23:33:15 -------- d-----w- c:\program files\mIRC
2011-11-23 18:58:35 -------- d-----w- c:\program files\Dirk's Projects
.
==================== Find3M ====================
.
2011-11-06 18:50:49 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-10-27 22:17:36 8192 ----a-w- c:\windows\system32\srvany.exe
2011-10-27 22:17:36 151552 ----a-w- c:\windows\KMService.exe
2009-08-15 09:50:35 690846 ----a-w- c:\program files\common files\install.exe
.
============= FINISH: 22:35:57.12 ===============
mycity.rs/must-login.png
mycity.rs/must-login.png
mycity.rs/must-login.png
mycity.rs/must-login.png
|
|
|
|
Poslao: 16 Dec 2011 14:28
|
offline
- NIx Car
- Legendarni građanin
- Més que un club
- Glavni vokal @ Harpun
- Pridružio: 27 Feb 2009
- Poruke: 3898
- Gde živiš: Novi Sad,Klisa
|
Pozdrav Nikolavla
ComboFix nije dijagnosticki alat kao ovi iz uputstva. To je jako mocan alat, koji nepravilnim rukovanjem, moze unistiti operativni sistem ili pak obrisati sve padatke sa hard diska. Pokrece se iskljucivo uz predlog, nadleznost i detaljno uputstvo helpera koji je expert u toj oblasti i zna sta radi.
Za ubuduce, ne pokreci ComboFix na svoju ruku!!!!
Okaci mi log od combofixa koji si pokretao. Log bi trebalo da se nalazi ovde:
C:\ComboFix.txt
NIx Car (AMF Tim)
|
|
|
|
Poslao: 16 Dec 2011 14:33
|
offline
- Pridružio: 23 Mar 2008
- Poruke: 68
|
ComboFix log je obrisan prilikom uninstall-a combofixa. Jel da pokrenem ponovo combofix?
Pre pokretanja combofixa imao sam neke smajlije u MSNu koji su bili neobicni i mng dodatnih stvarcica koje su me iritirale. ComboFix je obrisao dosta fajlova od kojih su neki bili u system32 folderu.
Pokretao sam ComboFix jer je laptop radio daleko losije a trenutno je bolje mada ne sjajno.
Hvala za informaciju vezanu za combofix. Necu ga pokretati na svoju ruku vise.
|
|
|
|
Poslao: 16 Dec 2011 21:51
|
offline
- NIx Car
- Legendarni građanin
- Més que un club
- Glavni vokal @ Harpun
- Pridružio: 27 Feb 2009
- Poruke: 3898
- Gde živiš: Novi Sad,Klisa
|
Tvoj racunar je cist sto se malwarea tice. Otvori novu temu u windows potforumu i tamo iznesi probleme koje imas.
No mogu ti dati par saveta kako bi tvoj windows bio bezbedniji.
Instaliraj neki AV program. Ukoliko nemaš novca ili ne želiš da ga izdvojiš za neki komercijalni AV program, na raspolaganju ti se nalaze kvalitetni besplatni AV programi poput AVG Free, Avast Free, Avira Free, Microsoft Security Essentials, Panda Cloud AV, itd.
Nemoj koristiti piratske verzije AV programa!!!
- Koristis staru a ujedno i kriticnu verzija Adobeovog PDF citaca zbog propusta u sigurnosti. Svakako ti je moj predlog da instaliras najnoviju verziju (Reader X(10.1.0)) ili predjes na alternativu tipa Foxit Reader, Nitro PDF Reader, itd ...;
- Preporucujem da za zastitu USB memorijskih uredjaja koristis MCShield. Nema nikakve veze sa AntiVirus-om tj. nece ometati njegov rad a pokazao se kao jedan od najboljih vida zastite od malware-a koji se prenosi putem USB mem. uredjaja.
Skines, instaliras, ubodes USB mem. uredjaj, izvrsi se skeniranje nakon cega dobijes obavestenje da je uredjaj cist (ukoliko je stvarno tako); ili dobijes log u kome vidis informacije o malware-u koji je nadjen i obrisan.
Home Page MCShield-a: http://amf.mycity.rs/programs/mc/mcshield/
Vise o MCShield-u mozes saznati u ovoj temi: http://www.mycity.rs/Antispyware-programi/MCShield.html
Preporučujem ti da instaliraš Service Pack 1 za Windows 7. Na taj način ćeš ažurirati operativni sistem i zakrpiti odgovarajuće bezbednosne propuste na računaru. Prednosti su brojne, u odnosu na Windows 7 bez Service Packa, koji trenutno poseduješ.
|
|
|
|
Poslao: 17 Dec 2011 02:04
|
offline
- Pridružio: 23 Mar 2008
- Poruke: 68
|
Hvala puno na savetima. Definitivno cu instalirati SP1 i noviju verziju Reader-a.
Sto se tice AV-a nisam bas u mogucnosti da izdvojim novac za komercijalni AV trenutno, ali bih voleo da znam koji je preporucljiv kada budem resio da kupim.
Sto se tice MCShield-a, extra je da znam da postoji takav program i da je dobar pored svega, ali mi za sada nije potreban jer nikad ne koristim USB mem. a i ne stavljam tudji USB na svoj komp.
Pretpostavljam da se MCShield takodje odnosi i na externe HDD-ove? U tom slucaju cu instalirati kad budem kupio.
Jos jednom hvala puno.
Pozdrav
|
|
|
|
Poslao: 17 Dec 2011 09:21
|
offline
- NIx Car
- Legendarni građanin
- Més que un club
- Glavni vokal @ Harpun
- Pridružio: 27 Feb 2009
- Poruke: 3898
- Gde živiš: Novi Sad,Klisa
|
Napisao sam ti gore. Ukoliko ne zelis da trosis pare na komercijalna anti virus resenja, mozes naci besplatne alternative (Panda Cloud AV,Avast free,Avira personal,AVG itd.).
Da,MCSheild takodje skenira i externe hard diskove u potrazi za malwareom koji se prenosi pomocu tih prenosivih medija.
Pozdrav.
|
|
|
|