Poslao: 04 Jul 2009 23:10
|
offline
- denisinho
- Novi MyCity građanin
- Pridružio: 04 Jul 2009
- Poruke: 4
|
Dakle, problem je sledeci:
- Nesto me zezaju internet browser-i, koristim Mozillu, a probao sam i druge samo da provjerim da nije problem konkretno do Mozille, al' i sa ostalima je isto. Stranice mi otvara bas dugo, a brzina net-a je dobra. Provjeravam je na sajtu speedtest.net (Eh, sad ne znam koliko je to validno, al' trebalo bi da jeste) i sa mojim paketom 3 Mbps mi je prije i pokazivao tu brzinu, a od kako mi se desio ovaj problem pokazuje mi uvijek preko 4 Mbps, a sad sam bas izmjerio i brzina je 4.74 Mbps. Od zastite imam NOD 32, Malwarebytes' Anti-Malware i Spybot - Search & Destroy. Takodje ima neki firewall na routeru (DSL-2543B). Ja sam uradio scan sa ComboFix-om i imam log. Naravno slijedio sam upustva-pogasio zastite (NOD 32, Spybot - Search & Destroy, a kod Malwarebytes' Anti-Malware mislim da mi nije aktivna zastita u realnom vremenu, jer nemam njegovu ikonicu u donjem desnom uglu, a nema ga ni u process-ima kad pogledam preko Task Manager-a), a ovaj router-ov i Windows-ov firewall nisam gasio. Ne znam jesam li prvo trebao odradit' scan sa Hijack This-om? Eto ja sam pokusao da objasnim u cemu je problem, pa ako je neko raspolozen i ako ovo ne oduzima mnogo vremena da mi pomogne.
Da odmah kazem da se bas ne razumijem puno u ovo, al' znam da slijedim uputstva ...
Unaprijed hvala!
Pozdrav
|
|
|
|
|
Poslao: 05 Jul 2009 04:22
|
offline
- denisinho
- Novi MyCity građanin
- Pridružio: 04 Jul 2009
- Poruke: 4
|
Izvinjavam se zato sto nisam procitao uputstvo za otvaranje teme.
Ni NOD 32, ni Malwarebytes' Anti-Malware nisu detektovali bilo sta.
Ne sumnjam na malware ... Koliko sam uspio da razumijem citajuci teme, mislim da mi pravi problem ostatak nekog AV programa kojeg sam reinstalirao ... Ka' sto sam rekao ne razumijem se puno u ovo, pa ne znam mozete li Vi da mi pomognete na osnovu ovih analiza.
Hvala!
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 4:09:11, on 5.7.2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal
Running processes:
C:\windows\System32\smss.exe
C:\windows\system32\winlogon.exe
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\svchost.exe
C:\windows\System32\svchost.exe
C:\windows\system32\spoolsv.exe
C:\Program Files\Eset\nod32kui.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Vista Drive Icon\DrvIcon.exe
C:\windows\RTHDCPL.EXE
C:\Program Files\Di recnik\Di.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\windows\system32\ctfmon.exe
C:\Program Files\Chameleon Clock\ChamClock.exe
C:\Program Files\ViOrb\ViOrb.exe
D:\uTorrent 1.8.2 build 14458\utorrent1.8.2build14458.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\windows\system32\drivers\CDAC11BA.EXE
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\Program Files\Eset\nod32krn.exe
C:\windows\system32\nvsvc32.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\windows\system32\svchost.exe
C:\windows\System32\TUProgSt.exe
C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
C:\windows\system32\wscntfy.exe
C:\windows\explorer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\User\Desktop\Net\TR3.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = windowsxlive.net
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = go.microsoft.com/fwlink?linkid=193
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: DigitalPowered Toolbar - {b317125e-2f10-4388-bf1f-2c31c6cd89ed} - C:\Program Files\DigitalPowered\tbDig0.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: DigitalPowered Toolbar - {b317125e-2f10-4388-bf1f-2c31c6cd89ed} - C:\Program Files\DigitalPowered\tbDig0.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll
O3 - Toolbar: (no name) - {FE063DB9-4EC0-403e-8DD8-394C54984B2C} - (no file)
O3 - Toolbar: DigitalPowered Toolbar - {b317125e-2f10-4388-bf1f-2c31c6cd89ed} - C:\Program Files\DigitalPowered\tbDig0.dll
O3 - Toolbar: StylerToolBar - {D2F8F919-690B-4EA2-9FA7-A203D1E04F75} - C:\Program Files\Styler\TB\StylerTB.dll
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [DrvIcon] C:\Program Files\Vista Drive Icon\DrvIcon.exe
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [Di dictionary] "C:\Program Files\Di recnik\Di.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [ctfmon.exe] C:\windows\system32\ctfmon.exe
O4 - HKCU\..\Run: [HomeAlarm] C:\Program Files\Chameleon Clock\ChamClock.exe
O4 - HKCU\..\Run: [ViOrb] C:\Program Files\ViOrb\ViOrb.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [nlsf] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [nlsf] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'Default user')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: &Winamp Search - C:\Documents and Settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Prevedi sa Di recnikom - C:\Program Files\Di recnik\diie.htm
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\windows\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\windows\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - update.microsoft.com/microsoftupdate/v6/V5C.....1222415093
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O23 - Service: ABBYY FineReader 9.0 PE Licensing Service (ABBYY.Licensing.FineReader.Professional.9.0) - ABBYY (BIT Software) - C:\Program Files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\windows\system32\drivers\CDAC11BA.EXE
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\windows\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SiSoftware Deployment Agent Service (SandraAgentSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2009.SP3\RpcAgentSrv.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\windows\System32\TuneUpDefragService.exe
O23 - Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\windows\System32\TUProgSt.exe
--
End of file - 9535 bytes
mycity.rs/must-login.png
|
|
|
|
Poslao: 05 Jul 2009 11:40
|
offline
- dr_Bora
- Anti Malware Fighter
Rank 2
- Pridružio: 24 Jul 2007
- Poruke: 12280
- Gde živiš: Höganäs, SE
|
Pa, ovde nema ni malware-a, ni ostataka antivirusa.
U svakom slučaju, ja ne vidim nikakav razlog za postojanje problema/sporosti pri otvaranju stranica.
Probaj da obrišeš cache (privremene internet file-ove) u browserima, instaliraj najnovije verzije browsera, pregledaj podešavanja antivirusa (u prvom redu IMON modula - možeš probati i da ga isključiš privremeno i proveriti da li to ima kakav uticaj (uputstvo)), žali se internet provajderu.
Dodatne savete možeš potražiti u forumu: http://www.mycity.rs/Web-browseri/
Btw, koristiš staru verziju NOD-a - update ne bi škodio. Isto važi i za Internet Explorer.
|
|
|
|
Poslao: 05 Jul 2009 16:41
|
offline
- denisinho
- Novi MyCity građanin
- Pridružio: 04 Jul 2009
- Poruke: 4
|
E'o sad radi odlicno. Ne znam jel' to rezultat skeniranja sa Hijack This-om i Combo Fix-om, al' cini mi se da sad radi normalno. E'o sad sam provjerio i brzinu i sad je OK (3 Mbps).
Samo jos dva pitanja, treba li da obrisem ovo sto je Combo Fix radio i bolje je da imam novu verziju NOD-a i ako ovu redovno update-ujem, jel'? Vidio sam na temama da to treba brisat', al' ne znam treba li svaki put.
dr_Bora, hvala puno na savjetima i pomoci!
|
|
|
|
|
Poslao: 05 Jul 2009 18:44
|
offline
- denisinho
- Novi MyCity građanin
- Pridružio: 04 Jul 2009
- Poruke: 4
|
Pa naravno, al' ja slusam neke samozvane strucnjake, pa nagrdim pc. :-(
Jos jedno hvala, dr_Bora!
Pozdrav
|
|
|
|