Poslao: 21 Mar 2012 16:07
|
offline
- sojic1
- Novi MyCity građanin
- Pridružio: 27 Jul 2011
- Poruke: 25
|
windows 7 home edition 32-bit SP1 laptop compaq
Korak #1:
*kad upalim racunar radi normalno samo odjednom zakuca cpu na 100% dosta je usporen
pregrejava se i gasi i pojavljuje se not respnding pri otvaranju programa
*problem se poceo ispoljavati pre 4 dana
*imam microsoft essential ali nista nepronalazi skenirao sam i sa anti-malware nasao sam dva
neka djavola i obrisao sam to ali to nista nije promenilo instalirao sam i spyware blaster i
ukljucio all protection
*imam telekomovo net 1 mb
*ocistio sam racunar u servisu juce od prasine ali se i dalje pregrejava ((
Korak #2:
DDS.txt >>>>>>>>>>>>>>
.
DDS (Ver_2011-08-26.01) - NTFSx86 NETWORK
Internet Explorer: 9.0.8112.16421
Run by Korisnik at 14:57:55 on 2012-03-21
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3063.2247 [GMT 1:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
SP: Spybot - Search & Destroy *Disabled/Updated* {1EAF1D03-5480-F3B2-EB14-11F0F5EE2699}
SP: Microsoft Security Essentials *Enabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\Explorer.EXE
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\ctfmon.exe
C:\Users\Korisnik\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Korisnik\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Korisnik\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Korisnik\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Korisnik\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Korisnik\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Korisnik\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Korisnik\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Korisnik\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Korisnik\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Korisnik\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Korisnik\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Korisnik\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Korisnik\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uSearch Page = hxxp://cloud-search.linkury.com/results.htm?cx=partner-pub-7890126930977991:1926905636&cof=FORID:11&q={searchTerms}&sa=Search&siteurl=search.linkury.com
uStart Page = hxxp://www.google.rs/
uSearch Bar = hxxp://cloud-search.linkury.com/results.htm?cx=partner-pub-7890126930977991:1926905636&cof=FORID:11&q={searchTerms}&sa=Search&siteurl=search.linkury.com
uSearchAssistant = hxxp://cloud-search.linkury.com/results.htm?cx=partner-pub-7890126930977991:1926905636&cof=FORID:11&q={searchTerms}&sa=Search&siteurl=search.linkury.com
mSearchAssistant = hxxp://start.facemoods.com/?a=ddrnw&s={searchTerms}&f=4
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\programdata\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\program files\spybot - search & destroy 2\SDHelper.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\progra~1\mif5ba~1\office14\GROOVEEX.DLL
BHO: IEExtension.VDownloaderBHO: {7b523e7c-f096-4e36-a0cb-7efeb5c675c1} - mscoree.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - c:\progra~1\mif5ba~1\office14\URLREDIR.DLL
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
TB: !{30F9B915-B755-4826-820B-08FBA6BD249D} - No File
TB: !{51a86bb3-6602-4c85-92a5-130ee4864f13} - No File
TB: !{ae07101b-46d4-4a98-af68-0333ea26e113} - No File
TB: {51A86BB3-6602-4C85-92A5-130EE4864F13} - No File
mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey
mRun: [StartCCC] "c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe" MSRun
mRun: [SysTrayApp] c:\program files\idt\wdm\sttray.exe
mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: PromptOnSecureDesktop = 0 (0x0)
IE: E&xport to Microsoft Excel - c:\progra~1\mif5ba~1\office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~1\mif5ba~1\office14\ONBttnIE.dll/105
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office\office14\ONBttnIELinkedNotes.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy 2\SDHelper.dll
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{00F00BD5-4A8D-40E1-8AEC-42E54A3CEC07} : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{00F00BD5-4A8D-40E1-8AEC-42E54A3CEC07}\35242402A5F6E616 : DhcpNameServer = 89.216.1.50 89.216.1.40 89.216.1.30
TCP: Interfaces\{00F00BD5-4A8D-40E1-8AEC-42E54A3CEC07}\4556C656B6F6D6 : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{00F00BD5-4A8D-40E1-8AEC-42E54A3CEC07}\4594E44554C454 : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{00F00BD5-4A8D-40E1-8AEC-42E54A3CEC07}\5436F6D41687D2D413 : DhcpNameServer = 195.252.126.2
TCP: Interfaces\{00F00BD5-4A8D-40E1-8AEC-42E54A3CEC07}\6524F53656E6471627 : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{00F00BD5-4A8D-40E1-8AEC-42E54A3CEC07}\847453230336 : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{00F00BD5-4A8D-40E1-8AEC-42E54A3CEC07}\8676532303E2E2 : DhcpNameServer = 192.168.0.251
TCP: Interfaces\{E046E886-C11F-47D9-8BFF-F4AEC2D1EA15} : DhcpNameServer = 192.168.1.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll
Notify: SDWinLogon - SDWinLogon.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\progra~1\mif5ba~1\office14\GROOVEEX.DLL
Hosts: 212.227.67.195 we9stun.winning-eleven.net
Hosts: 31.193.132.42 pes6gate-ec.winning-eleven.net
============= SERVICES / DRIVERS ===============
.
R1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\drivers\vwififlt.sys [2009-7-14 48128]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\drivers\Rt86win7.sys [2010-6-23 275048]
S1 MIPFSv332;MIPFSv332;c:\windows\system32\drivers\MIPFSv332.sys [2011-10-20 145960]
S1 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2011-4-18 165648]
S1 SDHookDriver;Spybot-S&D 2 Hook Driver;c:\program files\spybot - search & destroy 2\SDHookDrv32.sys [2012-3-20 38504]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\common files\adobe\arm\1.0\armsvc.exe [2011-6-6 64952]
S2 AESTFilters;Andrea ST Filters Service;c:\windows\system32\driverstore\filerepository\stwrt.inf_x86_neutral_be0aa592be2f1430\AEstSrv.exe [2012-3-20 81920]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-3-9 172032]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 SDHookService;Spybot S&D 2 Live Protection Service;c:\program files\spybot - search & destroy 2\SDHookSvc.exe [2012-3-20 130976]
S2 SDScannerService;Spybot-S&D 2 Scanner Service;c:\program files\spybot - search & destroy 2\SDFSSvc.exe [2012-3-20 892336]
S2 SDUpdateService;Spybot-S&D 2 Updating Service;c:\program files\spybot - search & destroy 2\SDUpdSvc.exe [2012-3-20 955816]
S2 SDWSCService;Spybot-S&D 2 Security Center Service;c:\program files\spybot - search & destroy 2\SDWSCSvc.exe [2012-3-20 169624]
S3 amdkmdag;amdkmdag;c:\windows\system32\drivers\atipmdag.sys [2010-3-9 5341696]
S3 amdkmdap;amdkmdap;c:\windows\system32\drivers\atikmpag.sys [2010-3-9 152064]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
S3 Com4QLBEx;Com4QLBEx;"c:\program files\hewlett-packard\hp quick launch buttons\com4qlbex.exe" --> c:\program files\hewlett-packard\hp quick launch buttons\Com4QLBEx.exe [?]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\microsoft office\office14\GROOVE.EXE [2010-1-21 30963576]
S3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\drivers\MpNWMon.sys [2011-4-18 43392]
S3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\drivers\NisDrvWFP.sys [2011-4-27 65024]
S3 NisSrv;Microsoft Network Inspection;c:\program files\microsoft security client\antimalware\NisSrv.exe [2011-4-27 208944]
S3 osppsvc;Office Software Protection Platform;c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\OSPPSVC.EXE [2010-1-9 4640000]
S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2010-11-20 52224]
S3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-20 27264]
.
=============== Created Last 30 ================
.
2012-03-20 22:08:59 6582328 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{ff287136-6eed-4bdb-92d6-8cf03e1b98b1}\mpengine.dll
2012-03-20 14:06:01 61440 ----a-w- c:\windows\system32\aestaren.dll
2012-03-20 14:06:01 380928 ----a-w- c:\windows\system32\aestecap.dll
2012-03-20 14:06:01 139776 ----a-w- c:\windows\system32\aestacap.dll
2012-03-20 14:06:00 495708 ----a-w- c:\windows\sttray.exe
2012-03-20 14:06:00 3350528 ----a-w- c:\windows\system32\stlang.dll
2012-03-20 14:06:00 12464220 ----a-w- c:\windows\system32\idtcpl.cpl
2012-03-20 14:03:48 423424 ----a-w- c:\windows\system32\drivers\stwrt.sys
2012-03-20 14:03:33 945664 ----a-w- c:\windows\system32\stapo.dll
2012-03-20 14:03:33 527360 ------w- c:\windows\system32\stapi32.dll
2012-03-20 14:03:33 405504 ----a-w- c:\windows\system32\stcplx.dll
2012-03-20 14:03:33 175616 ----a-w- c:\windows\system32\staco.dll
2012-03-20 10:37:13 -------- d-----w- c:\program files\Smart PC Utilities
2012-03-20 10:00:55 15224 ----a-w- c:\windows\system32\sdnclean.exe
2012-03-20 10:00:50 -------- d-----w- c:\program files\Spybot - Search & Destroy 2
2012-03-19 17:15:37 -------- d-----w- c:\users\korisnik\appdata\roaming\Malwarebytes
2012-03-19 17:15:30 -------- d-----w- c:\programdata\Malwarebytes
2012-03-19 17:05:30 -------- d-----w- c:\program files\Trend Micro
2012-03-18 20:56:41 -------- d-----w- c:\program files\Core Temp
2012-03-18 20:55:48 -------- d-sh--w- c:\windows\system32\AI_RecycleBin
2012-03-18 20:55:47 -------- d-----w- c:\programdata\W3i
2012-03-18 20:55:47 -------- d-----w- c:\program files\W3i
2012-03-18 12:56:41 -------- d-----w- c:\program files\SpywareBlaster
2012-03-14 20:23:01 3968368 ----a-w- c:\windows\system32\ntkrnlpa.exe
2012-03-14 20:23:00 3913584 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-03-14 06:20:03 2343424 ----a-w- c:\windows\system32\win32k.sys
2012-03-14 06:20:02 1077248 ----a-w- c:\windows\system32\DWrite.dll
2012-03-14 06:19:42 8192 ----a-w- c:\windows\system32\rdrmemptylst.exe
2012-03-14 06:19:42 58880 ----a-w- c:\windows\system32\rdpwsx.dll
2012-03-14 06:19:42 129536 ----a-w- c:\windows\system32\rdpcorekmts.dll
2012-03-14 06:19:41 826880 ----a-w- c:\windows\system32\rdpcore.dll
2012-03-14 06:19:40 24576 ----a-w- c:\windows\system32\drivers\tdtcp.sys
2012-03-14 06:19:40 183808 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-03-05 14:15:48 149504 ----a-w- c:\windows\UNWISE.EXE
2012-03-03 19:52:46 -------- d-----w- c:\programdata\KONAMI
2012-02-23 15:12:34 12872 ----a-w- c:\windows\system32\bootdelete.exe
2012-02-23 14:55:27 23624 ----a-w- c:\windows\system32\drivers\hitmanpro36.sys
2012-02-23 14:55:00 -------- d-----w- c:\programdata\HitmanPro
2012-02-21 06:14:38 21848 ----a-w- c:\windows\system32\RegistryDefragBootTime.exe
2012-02-20 17:57:43 -------- d-----w- C:\Valve
.
==================== Find3M ====================
.
2012-03-21 11:10:58 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-02-01 17:12:18 473656 ----a-w- c:\windows\system32\drivers\sptd.sys
2012-01-31 12:44:05 237072 ------w- c:\windows\system32\MpSigStub.exe
2012-01-15 17:40:50 499712 ----a-w- c:\windows\system32\msvcp71.dll
2012-01-15 17:40:50 348160 ----a-w- c:\windows\system32\msvcr71.dll
2012-01-10 19:37:12 43520 ----a-w- c:\windows\system32\CmdLineExt03.dll
2012-01-04 08:58:41 442880 ----a-w- c:\windows\system32\ntshrui.dll
2011-12-30 05:27:56 478720 ----a-w- c:\windows\system32\timedate.cpl
2010-01-26 09:11:08 444283 ----a-w- c:\program files\common files\WinPcapNmap.exe
.
============= FINISH: 14:58:36.59 ===============
mycity.rs/must-login.png
Korak #3:
GMER FAJLOVI ne radi prikaci fakl pa sam uploadovo na gamefront
gamefront.com/files/21452362/GMER1.log
gamefront.com/files/21452364/GMER2.log
gamefront.com/files/21452365/GMER
|
|
|
|
|
|
|
|