offline
- Pridružio: 02 Jan 2008
- Poruke: 33
- Gde živiš: Novi Sad
|
Napisano: 25 Jul 2010 21:41
posle deinstalacije kav 2010 usporio mi je racunar a posle 30 sekundi u task manager cpu ode na 100 %
skenirao sam sa malwarebytes koji nije nasao nista
Dopuna: 25 Jul 2010 21:43
mycity.rs/must-login.png
mycity.rs/must-login.png
DDS (Ver_10-03-17.01) - NTFSx86
Run by Administrator at 21:39:17,82 on ned 25.07.2010
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_21
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.511.117 [GMT 2:00]
AV: Panda Cloud Antivirus *On-access scanning enabled* (Updated) {5AD27692-540A-464E-B625-78275FA38393}
============== Running Processes ===============
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
svchost.exe
svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Panda Security\Panda Cloud Antivirus\PSUNMain.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Panda Security\Panda Cloud Antivirus\PSANHost.exe
C:\Program Files\CDBurnerXP\NMSAccessU.exe
C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Documents and Settings\Administrator\Desktop\dds.scr
============== Pseudo HJT Report ===============
uStart Page = hxxp://www.google.rs/
mWinlogon: UIHost=c:\documents and settings\all users\application data\tuneup software\tuneup utilities\winstyler\tu_logonui.exe
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Skype add-on for Internet Explorer: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
uRun: [CTFMON.EXE] c:\windows\system32\ctfmon.exe
mRun: [PSUNMain] "c:\program files\panda security\panda cloud antivirus\PSUNMain.exe" /Traybar
mRunOnce: [Malwarebytes' Anti-Malware] c:\program files\malwarebytes' anti-malware\mbamgui.exe /install /silent
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
uPolicies-explorer: RestrictRun = 0 (0x0)
mPolicies-explorer: RestrictRun = 0 (0x0)
IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\wpdshserviceobj.dll
SEH: {4F07DA45-8170-4859-9B5F-037EF2970034} - No File
================= FIREFOX ===================
FF - ProfilePath - c:\docume~1\admini~1\applic~1\mozilla\firefox\profiles\ba4v14ly.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.rs
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
---- FIREFOX POLICIES ----
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
c:\program files\mozilla firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
c:\program files\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.lu", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.nu", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.nz", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--p1ai", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbayh7gpa", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.tel", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.proxy.type", 5);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.buffer.cache.count", 24);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.buffer.cache.size", 4096);
c:\program files\mozilla firefox\greprefs\all.js - pref("dom.ipc.plugins.timeoutSecs", 45);
c:\program files\mozilla firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.debug", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
c:\program files\mozilla firefox\greprefs\all.js - pref("accelerometer.enabled", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("html5.enable", false);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.nptest.dll", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npswf32.dll", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npctrl.dll", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npqtplugin.dll", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);
============= SERVICES / DRIVERS ===============
R1 PSINKNC;PSINKNC;c:\windows\system32\drivers\PSINKNC.sys [2010-5-4 129928]
R2 NanoServiceMain;Panda Cloud Antivirus Service;c:\program files\panda security\panda cloud antivirus\PSANHost.exe [2010-4-30 136448]
R2 PSINAflt;PSINAflt;c:\windows\system32\drivers\PSINAflt.sys [2010-5-27 141384]
R2 PSINFile;PSINFile;c:\windows\system32\drivers\PSINFile.sys [2010-4-30 97032]
R2 PSINProc;PSINProc;c:\windows\system32\drivers\PSINProc.sys [2010-4-30 111624]
R2 PSINProt;PSINProt;c:\windows\system32\drivers\PSINProt.sys [2010-5-12 110920]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\tuneup utilities 2010\TuneUpUtilitiesService32.exe [2010-7-6 1051968]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2010-7-25 38224]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\tuneup utilities 2010\TuneUpUtilitiesDriver32.sys [2010-2-25 10064]
S3 SetupNTGLM7X;SetupNTGLM7X;\??\d:\ntglm7x.sys --> d:\NTGLM7X.sys [?]
=============== Created Last 30 ================
2010-07-25 19:13:13 0 d-----w- c:\docume~1\admini~1\applic~1\Malwarebytes
2010-07-25 19:13:04 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-07-25 19:13:02 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-07-25 19:13:02 0 d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-07-25 19:13:02 0 d-----w- c:\docume~1\alluse~1\applic~1\Malwarebytes
2010-07-25 18:54:54 0 d-----w- c:\program files\Trend Micro
2010-07-25 18:41:07 98816 ----a-w- c:\windows\sed.exe
2010-07-25 18:41:07 77312 ----a-w- c:\windows\MBR.exe
2010-07-25 18:41:07 161792 ----a-w- c:\windows\SWREG.exe
2010-07-25 18:39:54 0 d-----w- C:\32788R22FWJFW.0.tmp
2010-07-25 13:28:19 0 d-----w- c:\windows\SHELLNEW
2010-07-25 08:12:16 0 d-sh--w- c:\documents and settings\administrator\IETldCache
2010-07-25 07:51:21 0 d-----w- c:\windows\ie8updates
2010-07-25 07:49:57 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll
2010-07-25 07:49:50 247808 -c----w- c:\windows\system32\dllcache\ieproxy.dll
2010-07-25 07:49:48 743424 -c----w- c:\windows\system32\dllcache\iedvtool.dll
2010-07-25 07:37:56 0 dc-h--w- c:\windows\ie8
2010-07-23 16:41:29 0 d-----w- c:\program files\common files\PC Tools
2010-07-23 14:59:38 0 d-----w- c:\program files\Nexus Radio
2010-07-23 14:47:44 0 d-----w- c:\docume~1\admini~1\applic~1\AIMP
2010-07-23 14:46:23 0 d-----w- c:\program files\AIMP2
2010-07-23 10:47:46 0 d-----w- c:\docume~1\admini~1\applic~1\Canneverbe Limited
2010-07-23 10:47:43 0 d-----w- c:\docume~1\alluse~1\applic~1\Canneverbe Limited
2010-07-23 10:47:20 7168 ----a-w- c:\windows\system32\drivers\StarOpen.sys
2010-07-23 05:54:56 274288 ----a-w- c:\windows\system32\mucltui.dll
2010-07-23 05:54:56 215920 ----a-w- c:\windows\system32\muweb.dll
2010-07-23 05:54:56 16736 ----a-w- c:\windows\system32\mucltui.dll.mui
2010-07-23 00:04:41 0 d--h--w- c:\windows\Icons
2010-07-23 00:01:50 2329600 ----a-w- c:\windows\system32\TUKernel.exe
2010-07-22 23:53:51 0 d-----w- c:\windows\system32\appmgmt
2010-07-22 23:04:48 30016 ----a-w- c:\windows\system32\uxtuneup.dll
2010-07-22 22:59:45 30528 ----a-w- c:\windows\system32\TURegOpt.exe
2010-07-22 22:59:03 0 d-----w- c:\docume~1\admini~1\applic~1\TuneUp Software
2010-07-22 22:58:36 0 d-----w- c:\program files\TuneUp Utilities 2010
2010-07-22 22:58:20 0 d-----w- c:\docume~1\alluse~1\applic~1\TuneUp Software
2010-07-22 22:57:38 0 d-sh--w- c:\docume~1\alluse~1\applic~1\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}
2010-07-22 22:34:28 0 d-----w- c:\documents and settings\administrator\Tracing
2010-07-22 22:33:14 0 d-----w- c:\program files\common files\Wise Installation Wizard
2010-07-22 22:31:14 0 d-----w- c:\program files\Microsoft
2010-07-22 22:30:13 0 d-----w- c:\program files\Windows Live SkyDrive
2010-07-22 22:14:15 0 d-----w- c:\program files\common files\Windows Live
2010-07-22 16:10:56 0 d-----w- c:\docume~1\admini~1\applic~1\IObit
2010-07-22 12:39:00 360583 ----a-w- c:\windows\system32\THE SIMPSONS.SCR
2010-07-22 12:35:38 0 d-----w- c:\program files\FileSubmit
2010-07-22 08:31:21 0 d-----w- c:\program files\MSXML 4.0
2010-07-21 16:05:28 0 d-----w- c:\docume~1\alluse~1\applic~1\Nero
2010-07-21 15:59:50 56 ---ha-w- c:\windows\system32\ezsidmv.dat
2010-07-21 15:58:12 0 d-----r- c:\program files\Skype
2010-07-21 15:44:58 0 d-----w- c:\program files\Unlocker
2010-07-21 15:36:51 0 d-----w- c:\windows\system32\XPSViewer
2010-07-21 15:34:50 117760 ------w- c:\windows\system32\prntvpt.dll
2010-07-21 15:34:49 89088 -c----w- c:\windows\system32\dllcache\filterpipelineprintproc.dll
2010-07-21 15:34:49 597504 -c----w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2010-07-21 15:34:49 575488 -c----w- c:\windows\system32\dllcache\xpsshhdr.dll
2010-07-21 15:34:49 575488 ------w- c:\windows\system32\xpsshhdr.dll
2010-07-21 15:34:47 1676288 -c----w- c:\windows\system32\dllcache\xpssvcs.dll
2010-07-21 15:34:47 1676288 ------w- c:\windows\system32\xpssvcs.dll
2010-07-21 15:34:46 0 d-----w- C:\fa773af8a93c3c6fc4528c
2010-07-21 15:18:50 0 d-----w- c:\docume~1\admini~1\applic~1\BSplayer Pro
2010-07-21 15:18:49 0 d-----w- c:\docume~1\admini~1\applic~1\BSplayer
2010-07-21 15:18:40 0 d-----w- c:\program files\Webteh
2010-07-21 14:13:17 1892184 ----a-w- c:\windows\system32\D3DX9_42.dll
2010-07-21 14:13:16 2414360 ----a-w- c:\windows\system32\d3dx9_31.dll
2010-07-21 14:13:04 0 d-----w- c:\windows\Logs
2010-07-21 14:10:47 0 d-----w- c:\program files\SpeedFan
2010-07-21 14:10:15 45 ----a-w- c:\windows\system32\initdebug.nfo
2010-07-21 13:48:50 0 d-----w- C:\Programi,Torrent,Mp3
2010-07-21 13:28:17 577536 ----a-w- c:\windows\soundman.exe
2010-07-21 13:28:17 49152 ----a-w- c:\windows\system32\ChCfg.exe
2010-07-21 13:28:17 4122368 ----a-r- c:\windows\system32\drivers\alcxwdm.sys
2010-07-21 13:28:17 147456 ----a-w- c:\windows\system32\RtlCPAPI.dll
2010-07-21 13:28:15 141016 ----a-w- c:\windows\system32\alsndmgr.wav
2010-07-21 13:28:15 10528768 ----a-w- c:\windows\system32\RTLCPL.exe
2010-07-21 13:28:08 18804736 ----a-w- c:\windows\system32\alsndmgr.cpl
2010-07-21 13:28:01 0 d--h--w- c:\windows\system32\GroupPolicy
2010-07-21 13:26:50 0 d-----w- c:\program files\Realtek AC97
2010-07-21 13:26:38 315392 ----a-w- c:\windows\alcupd.exe
2010-07-21 13:26:38 217088 ----a-w- c:\windows\alcrmv.exe
2010-07-21 13:16:50 0 d-----w- C:\Direct X
2010-07-21 13:01:23 221184 ----a-w- c:\windows\system32\wmpns.dll
2010-07-21 12:53:26 0 d-----w- c:\program files\CCleaner
2010-07-21 12:42:53 0 d-----w- c:\program files\CONEXANT
2010-07-21 12:40:13 0 d-----w- c:\program files\AMD
2010-07-21 12:23:42 0 d-----w- c:\program files\VIA
2010-07-21 12:22:13 0 d-----w- c:\docume~1\admini~1\applic~1\Panda Security
2010-07-21 12:19:45 0 d-----w- c:\program files\uTorrent
2010-07-21 12:19:26 0 d-----w- c:\docume~1\admini~1\applic~1\uTorrent
2010-07-21 12:19:15 0 d-----w- c:\docume~1\alluse~1\applic~1\Panda Security
2010-07-21 12:03:14 0 d-sh--w- c:\documents and settings\all users\DRM
2010-07-21 12:02:47 0 d--h--w- c:\program files\WindowsUpdate
2010-07-21 12:01:39 0 d-----w- c:\program files\common files\MSSoap
2010-07-21 11:57:38 0 d-----w- c:\program files\Online Services
2010-07-21 11:57:18 0 d-----w- c:\program files\Windows Media Connect 2
2010-07-21 11:57:13 0 d-----w- c:\program files\Messenger
2010-07-21 11:56:59 0 d-----w- c:\program files\MSN Gaming Zone
2010-07-21 11:55:48 0 d-----w- c:\program files\Windows NT
==================== Find3M ====================
2010-07-21 12:55:13 423656 ----a-w- c:\windows\system32\deployJava1.dll
2010-07-21 11:58:10 21640 ----a-w- c:\windows\system32\emptyregdb.dat
2010-05-27 17:39:32 141384 ----a-w- c:\windows\system32\drivers\PSINAflt.sys
2010-05-06 10:41:53 916480 ----a-w- c:\windows\system32\wininet.dll
2010-05-02 05:22:50 1851264 ----a-w- c:\windows\system32\win32k.sys
============= FINISH: 21:40:15,76 ===============
|