sistem se sporo dize

sistem se sporo dize

offline
  • LukA~ 
  • Novi MyCity građanin
  • Pridružio: 22 Maj 2011
  • Poruke: 4

Epa ovako,Jednog jutra upalio sam komp. sasvim normalno se upalio i od jednaput je krenulo nesto da se cuje iz kucista , skenirao sam AVG i pronasao dva virusa , potom otovrio komp da vidim sta toliko krci.Restartujem komp. i sistem se podizao jedno 2-3 minute.I evo sve do sad sporo se dize i koci se komp pomalo non-sop nesto ucitava..pomoc~


dds
mycity.rs/must-login.png



.
DDS (Ver_11-05-19.01) - NTFSx86
Internet Explorer: 6.0.2900.2180
Run by PC at 19:41:05 on 2011-05-23
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.2046.1097 [GMT 2:00]
.
AV: AVG Anti-Virus Free Edition 2011 *Enabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
.
============== Running Processes ===============
.
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\AVG\AVG10\avgwdsvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\AVG\AVG10\avgnsx.exe
C:\Program Files\AVG\AVG10\avgchsvx.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\CyberLink\PowerDVD10\PDVD10Serv.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Cyberlink\Shared files\brs.exe
C:\Program Files\AVG\AVG10\avgtray.exe
D:\Program Files\Valve\Steam\Steam.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\Program Files\Skype\Plugin Manager\skypePM.exe
D:\Documents and Settings\PC\Local Settings\Application Data\TeamSpeak 3 Client\ts3client_win32.exe
C:\PROGRA~1\AVG\AVG10\avgrsx.exe
C:\Program Files\AVG\AVG10\avgcsrvx.exe
C:\Program Files\Opera\opera.exe
C:\Documents and Settings\PC\Desktop\dds.com
C:\WINDOWS\system32\WSCRIPT.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://search.babylon.com/?babsrc=HP_ss&mntrId=f4f2bfb0000000000000001a4d9bde86&tlver=1.4.19.19&ss=1&affID=17981
uSearch Page = hxxp://search.live.com
mSearchAssistant = hxxp://search.babylon.com/?babsrc=SP_ss&q={searchTerms}&mntrId=f4f2bfb0000000000000001a4d9bde86&tlver=1.4.19.19&ss=1&affID=17981
uURLSearchHooks: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program files\avg\avg10\toolbar\IEToolbar.dll
uURLSearchHooks: BrotherSoft Extreme Toolbar: {51a86bb3-6602-4c85-92a5-130ee4864f13} - c:\program files\brothersoft_extreme\prxtbBrot.dll
mURLSearchHooks: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program files\avg\avg10\toolbar\IEToolbar.dll
BHO: Conduit Engine: {30f9b915-b755-4826-820b-08fba6bd249d} - c:\program files\conduitengine\prxConduitEngine.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg10\avgssie.dll
BHO: BrotherSoft Extreme Toolbar: {51a86bb3-6602-4c85-92a5-130ee4864f13} - c:\program files\brothersoft_extreme\prxtbBrot.dll
BHO: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program files\avg\avg10\toolbar\IEToolbar.dll
TB: BrotherSoft Extreme Toolbar: {51a86bb3-6602-4c85-92a5-130ee4864f13} - c:\program files\brothersoft_extreme\prxtbBrot.dll
TB: Conduit Engine: {30f9b915-b755-4826-820b-08fba6bd249d} - c:\program files\conduitengine\prxConduitEngine.dll
TB: AVG Security Toolbar: {ccc7a320-b3ca-4199-b1a6-9f516dd69829} - c:\program files\avg\avg10\toolbar\IEToolbar.dll
uRun: [Skype] "c:\program files\skype\phone\Skype.exe" /nosplash /minimized
uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background
uRun: [Google Update] "c:\documents and settings\pc\local settings\application data\google\update\GoogleUpdate.exe" /c
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [RTHDCPL] RTHDCPL.EXE
mRun: [RemoteControl10] "c:\program files\cyberlink\powerdvd10\PDVD10Serv.exe"
mRun: [nwiz] c:\program files\nvidia corporation\nview\nwiz.exe /installquiet
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [NPSStartup]
mRun: [NeroFilterCheck] c:\windows\system32\NeroCheck.exe
mRun: [BDRegion] c:\program files\cyberlink\shared files\brs.exe
mRun: [AVG_TRAY] c:\program files\avg\avg10\avgtray.exe
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
Handler: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - c:\program files\avg\avg10\toolbar\IEToolbar.dll
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg10\avgpp.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
LSA: Authentication Packages = msv1_0 nwprovau
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\pc\application data\mozilla\firefox\profiles\dmpx5e4p.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.bing.com/search?FORM=IEFM1&q=
FF - prefs.js: browser.search.selectedEngine - AVG Secure Search
FF - prefs.js: browser.startup.homepage - hxxp://search.babylon.com/?babsrc=HP_ss&mntrId=f4f2bfb0000000000000001a4d9bde86&tlver=1.4.19.19&ss=1&affID=17981
FF - prefs.js: keyword.URL - hxxp://search.avg.com/route/?d=4dd8275d&v=7.004.022.004&i=23&tp=ab&iy=&ychte=us&lng=en-US&q=
FF - component: c:\documents and settings\pc\application data\mozilla\firefox\profiles\dmpx5e4p.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}\components\FFExternalAlert.dll
FF - component: c:\documents and settings\pc\application data\mozilla\firefox\profiles\dmpx5e4p.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}\components\RadioWMPCore.dll
FF - plugin: c:\documents and settings\pc\local settings\application data\google\update\1.3.21.53\npGoogleUpdate3.dll
FF - plugin: c:\program files\microsoft silverlight\4.0.51204.0\npctrlui.dll
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSEH;AVGIDSEH;c:\windows\system32\drivers\AVGIDSEH.sys [2010-9-13 22992]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2010-9-7 32592]
R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2010-9-7 248656]
R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2010-9-7 34896]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2010-9-7 297168]
R2 {1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC};Power Control [2010/08/24 17:49:56];c:\program files\cyberlink\powerdvd10\navfilter\000.fcl [2010-4-2 87536]
R2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg10\identity protection\agent\bin\AVGIDSAgent.exe [2011-4-18 7398752]
R2 avgwd;AVG WatchDog;c:\program files\avg\avg10\avgwdsvc.exe [2011-2-8 269520]
R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\AVGIDSDriver.sys [2010-8-19 134480]
R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\AVGIDSFilter.sys [2010-8-19 24144]
R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\AVGIDSShim.sys [2010-8-19 27216]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [2010-8-24 1691480]
S3 AVG Security Toolbar Service;AVG Security Toolbar Service;c:\program files\avg\avg10\toolbar\ToolbarBroker.exe [2011-5-21 984392]
S3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.Sys [2011-1-18 36608]
.
=============== Created Last 30 ================
.
2011-05-23 12:53:42 -------- d-----w- c:\documents and settings\pc\local settings\application data\Opera
2011-05-21 21:04:09 -------- d-----w- c:\documents and settings\pc\local settings\application data\AVG Security Toolbar
2011-05-21 20:58:05 -------- d-----w- c:\documents and settings\all users\application data\AVG Security Toolbar
2011-05-17 15:55:43 -------- d-----w- c:\documents and settings\all users\application data\Skype Extras
2011-05-17 15:54:40 -------- d-----r- c:\program files\Skype
2011-05-15 08:58:24 -------- d-----w- c:\program files\xp_simulation_setup
2011-05-15 08:49:57 -------- d-----w- c:\documents and settings\pc\local settings\application data\BrotherSoft_Extreme
2011-05-15 08:49:52 -------- d-----w- c:\documents and settings\pc\local settings\application data\ConduitEngine
2011-05-15 08:48:41 -------- d-----w- c:\documents and settings\pc\application data\GetRightToGo
2011-05-14 19:47:39 -------- d-----w- c:\documents and settings\pc\application data\Registry Mechanic
2011-05-13 09:16:07 -------- d--h--w- C:\$AVG
2011-05-06 13:44:25 -------- d-----w- c:\documents and settings\pc\application data\com.johnwu.sparkboothhome
2011-05-06 13:44:25 -------- d-----w- c:\documents and settings\pc\.hAWabAzAr
.
==================== Find3M ====================
.
2011-05-01 19:13:07 240608 ----a-w- c:\windows\system32\nvdrsdb1.bin
2011-05-01 19:13:07 1 ----a-w- c:\windows\system32\nvdrssel.bin
2011-04-14 19:28:42 134480 ----a-w- c:\windows\system32\drivers\AVGIDSDriver.sys
2011-04-04 22:59:56 297168 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2011-03-16 14:03:20 32592 ----a-w- c:\windows\system32\drivers\avgrkx86.sys
2011-01-18 21:25:41 7772672 ----a-w- c:\program files\Samsung New PC Studio USB Driver Installer.msi
.
============= FINISH: 19:41:28.31 ===============





attach

mycity.rs/must-login.png

gmer1


mycity.rs/must-login.png

gmer2



mycity.rs/must-login.png


gmer3


mycity.rs/must-login.png


RootRepeal


mycity.rs/must-login.png

offline
  • Fil  Male
  • Legendarni građanin
  • Pridružio: 11 Jun 2009
  • Poruke: 16586

Pozdrav Luka,


Arrow
Zamolio bih te da detaljno ispratiš uputstvo sa ovoga linka:
http://www.mycity.rs/Ambulanta/Kako-otvoriti-temu-u-Ambulanti.html

Naročito obrati pažnju na deo oko GMER izveštaja (tj. logova). Treba da postaviš pravilno Gmer1 i Gmer2 izveštaj.


Arrow
Preuzmi aswMBR i sacuvaj ga na Desktop.

Dvoklikom pokreni aswMBR.
Klikni na Scan.
Kada zavrsi skeniranje, klikni Save log.
Sacuvaj aswMBR log na Desktop.
Sadrzaj tog loga iskopiraj u temi.



Arrow

Preuzmi instalaciju za program Malwarebytes Anti-Malware sa sledećeg linka:
http://www.besttechie.net/tools/mbam-setup.exe

Dvoklikom pokreni instalaciju - na samom kraju procesa, proveri da su obeležene opcije:
Update Malwarebytes' Anti-Malware;
Launch Malwarebytes Anti-Malware;

a zatim klikni Finish.

Nakon završenog ažuriranja program će se pokrenuti.

Izaberi opciju Perform Quick Scan i klikni Scan.

Po završetku procesa klikni OK, Show Results: u listi detektovanog malware-a, obeleži sve stavke i klikni Remove Selected.

Po završetku procesa, logfile će se otvoriti u Notepad-u; iskopiraj ga u temu na forumu.
Ukoliko program zatraži restart kako bi se završio proces čišćenja, obavezno ga dozvoliti.

Napomena: ako dođe do restarta na kraju procesa čišćenja, logfile će biti dostupan na Logs kartici (obeleži ga i klikni Open).

offline
  • LukA~ 
  • Novi MyCity građanin
  • Pridružio: 22 Maj 2011
  • Poruke: 4

mycity.rs/must-login.png



Malware :
Malwarebytes' Anti-Malware 1.51.0.1200
malwarebytes.org

Verzija baze: 6862

Windows 5.1.2600 Service Pack 2
Internet Explorer 6.0.2900.2180

6/15/2011 9:42:03 PM
mbam-log-2011-06-15 (21-42-03).txt

Naèin skeniranja: Kompletno skeniranje (C:\|D:\Smajli
Skeniranih objekata 186138
Proteklo vreme 58 minuta(e), 23 sekundi

Inficirani procesi u memoriji: 0
Inficirani moduli u memoriji: 0
Inficirani kljuèevi u registru: 4
Inficirane vrednosti u registru: 0
Inficirani podaci u registru: 3
Inficirane fascikle: 0
Inficirane datoteke: 3

Inficirani procesi u memoriji:
(Maliciozne stavke nisu pronaðene)

Inficirani moduli u memoriji:
(Maliciozne stavke nisu pronaðene)

Inficirani kljuèevi u registru:
HKEY_CURRENT_USER\SOFTWARE\KOQMLYTPE7 (Trojan.FakeAlert.SA) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\idgbn5xehg (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\ (Hijack.Zones) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\SSHNAS (Trojan.Renos) -> Quarantined and deleted successfully.

Inficirane vrednosti u registru:
(Maliciozne stavke nisu pronaðene)

Inficirani podaci u registru:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Inficirane fascikle:
(Maliciozne stavke nisu pronaðene)

Inficirane datoteke:
c:\program files\xp_simulation_setup\Tutorial.exe (Trojan.Keylogger) -> Quarantined and deleted successfully.
c:\WINDOWS\Tasks\{22116563-108c-42c0-a7ce-60161b75e508}.job (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\WINDOWS\Tasks\{810401e2-dde0-454e-b0e2-aa89c9e5967c}.job (Trojan.FraudPack) -> Quarantined and deleted successfully.

offline
  • Fil  Male
  • Legendarni građanin
  • Pridružio: 11 Jun 2009
  • Poruke: 16586

Pozdrav, Luka

Kakvo je sada stanje na računaru (ima li kočenja, sporo podizanja, itd...)?

Ako i dalje imaš problema, okači sveže izveštaje (logove) po već pomenutom uputstvu:
http://www.mycity.rs/Ambulanta/Kako-otvoriti-temu-u-Ambulanti.html

offline
  • LukA~ 
  • Novi MyCity građanin
  • Pridružio: 22 Maj 2011
  • Poruke: 4

Pozdrav,jos uvek se sporo podize sistem treba mu jedno 4-5 minuta..
dds:
.
DDS (Ver_2011-06-12.02) - NTFSx86
Internet Explorer: 6.0.2900.2180
Run by PC at 13:17:42 on 2011-06-16
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.2046.1126 [GMT 2:00]
.
AV: AVG Anti-Virus Free Edition 2011 *Enabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
.
============== Running Processes ===============
.
C:\PROGRA~1\AVG\AVG10\avgchsvx.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
C:\WINDOWS\system32\svchost -k rpcss
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\Program Files\AVG\AVG10\avgwdsvc.exe
C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\AVG\AVG10\avgtray.exe
C:\Program Files\AVG\AVG10\avgnsx.exe
C:\WINDOWS\system32\ctfmon.exe
D:\Program Files\Steam\Steam.exe
C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
C:\Program Files\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe
C:\WINDOWS\System32\alg.exe
C:\PROGRA~1\AVG\AVG10\avgrsx.exe
C:\Program Files\AVG\AVG10\avgcsrvx.exe
d:\program files\steam\steamapps\dille_155@hotmail.com\counter-strike\hl.exe
D:\Program Files\Steam\GameOverlayUI.exe
C:\Documents and Settings\PC\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\PC\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\PC\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\PC\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\PC\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\PC\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\PC\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\PC\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\PC\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://search.babylon.com/?babsrc=HP_ss&mntrId=f4f2bfb0000000000000001a4d9bde86&tlver=1.4.19.19&ss=1&affID=17981
uSearch Page = hxxp://search.live.com
mSearchAssistant = hxxp://search.babylon.com/?babsrc=SP_ss&q={searchTerms}&mntrId=f4f2bfb0000000000000001a4d9bde86&tlver=1.4.19.19&ss=1&affID=17981
uURLSearchHooks: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program files\avg\avg10\toolbar\IEToolbar.dll
uURLSearchHooks: BrotherSoft Extreme Toolbar: {51a86bb3-6602-4c85-92a5-130ee4864f13} - c:\program files\brothersoft_extreme\prxtbBrot.dll
mURLSearchHooks: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program files\avg\avg10\toolbar\IEToolbar.dll
BHO: CescrtHlpr Object: {2eecd738-5844-4a99-b4b6-146bf802613b} - c:\program files\babylontoolbar\babylontoolbar\1.4.19.19\bh\BabylonToolbar.dll
BHO: Conduit Engine: {30f9b915-b755-4826-820b-08fba6bd249d} - c:\program files\conduitengine\prxConduitEngine.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg10\avgssie.dll
BHO: BrotherSoft Extreme Toolbar: {51a86bb3-6602-4c85-92a5-130ee4864f13} - c:\program files\brothersoft_extreme\prxtbBrot.dll
BHO: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program files\avg\avg10\toolbar\IEToolbar.dll
TB: BrotherSoft Extreme Toolbar: {51a86bb3-6602-4c85-92a5-130ee4864f13} - c:\program files\brothersoft_extreme\prxtbBrot.dll
TB: Conduit Engine: {30f9b915-b755-4826-820b-08fba6bd249d} - c:\program files\conduitengine\prxConduitEngine.dll
TB: AVG Security Toolbar: {ccc7a320-b3ca-4199-b1a6-9f516dd69829} - c:\program files\avg\avg10\toolbar\IEToolbar.dll
TB: Babylon Toolbar: {98889811-442d-49dd-99d7-dc866be87dbc} - c:\program files\babylontoolbar\babylontoolbar\1.4.19.19\BabylonToolbarTlbr.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [Steam] "d:\program files\steam\Steam.exe" -silent
mRun: [RTHDCPL] RTHDCPL.EXE
mRun: [nwiz] c:\program files\nvidia corporation\nview\nwiz.exe /installquiet
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [AVG_TRAY] c:\program files\avg\avg10\avgtray.exe
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [BabylonToolbar] "c:\program files\babylontoolbar\babylontoolbar\1.4.19.19\BabylonToolbarsrv.exe" /md I
mRun: [IObit Security 360] "c:\program files\iobit\iobit security 360\IS360tray.exe" /autostart
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{D9A569F4-487F-48D3-9BA4-89F886D14368} : DhcpNameServer = 192.168.1.1
Handler: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - c:\program files\avg\avg10\toolbar\IEToolbar.dll
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg10\avgpp.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
LSA: Authentication Packages = msv1_0 nwprovau
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\pc\application data\mozilla\firefox\profiles\dmpx5e4p.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.bing.com/search?FORM=IEFM1&q=
FF - prefs.js: browser.search.selectedEngine - AVG Secure Search
FF - prefs.js: browser.startup.homepage - hxxp://search.babylon.com/?babsrc=HP_ss&mntrId=f4f2bfb0000000000000001a4d9bde86&tlver=1.4.19.19&ss=1&affID=17981
FF - prefs.js: keyword.URL - hxxp://search.babylon.com/?babsrc=toolbar2&q=
FF - component: c:\documents and settings\pc\application data\mozilla\firefox\profiles\dmpx5e4p.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}\components\FFExternalAlert.dll
FF - component: c:\documents and settings\pc\application data\mozilla\firefox\profiles\dmpx5e4p.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}\components\RadioWMPCore.dll
FF - plugin: c:\documents and settings\pc\local settings\application data\google\update\1.3.21.57\npGoogleUpdate3.dll
FF - plugin: c:\program files\microsoft silverlight\4.0.51204.0\npctrlui.dll
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSEH;AVGIDSEH;c:\windows\system32\drivers\AVGIDSEH.sys [2010-9-13 22992]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2010-9-7 32592]
R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2010-9-7 248656]
R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2010-9-7 34896]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2010-9-7 297168]
R2 {1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC};Power Control [2010/08/24 17:49:56];c:\program files\cyberlink\powerdvd10\navfilter\000.fcl [2010-4-2 87536]
R2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg10\identity protection\agent\bin\AVGIDSAgent.exe [2011-4-18 7398752]
R2 avgwd;AVG WatchDog;c:\program files\avg\avg10\avgwdsvc.exe [2011-2-8 269520]
R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\AVGIDSDriver.sys [2010-8-19 134480]
R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\AVGIDSFilter.sys [2010-8-19 24144]
R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\AVGIDSShim.sys [2010-8-19 27216]
S2 IS360service;IS360service;c:\program files\iobit\iobit security 360\is360srv.exe [2011-6-14 312152]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [2010-8-24 1691480]
S3 androidusb;ADB Interface Driver;c:\windows\system32\drivers\smhwadb.sys [2011-6-10 25728]
S3 AVG Security Toolbar Service;AVG Security Toolbar Service;c:\program files\avg\avg10\toolbar\ToolbarBroker.exe [2011-5-21 984392]
S3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.Sys [2011-1-18 36608]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2011-6-15 39984]
S3 SCREAMINGBDRIVER;Screaming Bee Audio;c:\windows\system32\drivers\ScreamingBAudio.sys [2009-12-1 34384]
S3 smhwser;USB Device for Legacy Serial Communication (Normal);c:\windows\system32\drivers\smhwser.sys [2011-6-10 108032]
.
=============== Created Last 30 ================
.
2011-06-15 23:35:34 -------- d-----w- c:\windows\ServicePackFiles
2011-06-15 20:14:09 272128 -c----w- c:\windows\system32\dllcache\bthport.sys
2011-06-15 20:14:09 272128 ------w- c:\windows\system32\drivers\bthport.sys
2011-06-15 20:12:56 454016 -c----w- c:\windows\system32\dllcache\mrxsmb.sys
2011-06-15 20:07:28 2137088 -c----w- c:\windows\system32\dllcache\ntkrnlmp.exe
2011-06-15 20:07:25 2181376 -c----w- c:\windows\system32\dllcache\ntoskrnl.exe
2011-06-15 20:07:21 2016768 -c----w- c:\windows\system32\dllcache\ntkrpamp.exe
2011-06-15 20:07:18 2058368 -c----w- c:\windows\system32\dllcache\ntkrnlpa.exe
2011-06-15 19:55:00 -------- d-----w- c:\windows\system32\PreInstall
2011-06-15 19:54:56 -------- d--h--w- c:\windows\$hf_mig$
2011-06-15 15:51:41 -------- d-----w- c:\documents and settings\pc\application data\Malwarebytes
2011-06-15 15:51:29 39984 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-06-15 15:51:29 -------- d-----w- c:\documents and settings\all users\application data\Malwarebytes
2011-06-15 15:51:26 22712 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-06-15 15:51:26 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-06-15 13:49:22 21728 ----a-w- c:\windows\system32\wucltui.dll.mui
2011-06-15 13:49:22 -------- d-----w- c:\windows\system32\SoftwareDistribution
2011-06-15 13:49:21 17632 ----a-w- c:\windows\system32\wuaueng.dll.mui
2011-06-15 13:49:20 15072 ----a-w- c:\windows\system32\wuaucpl.cpl.mui
2011-06-15 13:49:20 15064 ----a-w- c:\windows\system32\wuapi.dll.mui
2011-06-15 12:43:31 -------- d-----w- c:\documents and settings\pc\application data\BabylonToolbar
2011-06-14 21:49:13 -------- d-----w- c:\documents and settings\pc\application data\IObit
2011-06-14 21:49:02 -------- d-----w- c:\documents and settings\all users\application data\IObit
2011-06-14 21:48:56 -------- d-----w- c:\program files\IObit
2011-06-14 21:48:55 -------- d-----w- c:\program files\BabylonToolbar
2011-06-14 21:26:26 -------- d-----w- c:\program files\common files\Steam
2011-06-10 01:29:33 -------- d-----w- c:\documents and settings\pc\local settings\application data\MediaGet2
2011-06-09 23:02:38 31616 -c--a-w- c:\windows\system32\dllcache\usbccgp.sys
2011-06-09 23:02:38 31616 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2011-06-09 23:02:34 25728 ----a-r- c:\windows\system32\drivers\smhwadb.sys
2011-06-09 23:02:34 1419232 ----a-r- c:\windows\system32\wdfcoinstaller01005.dll
2011-06-09 23:02:34 108032 ----a-r- c:\windows\system32\drivers\smhwser.sys
2011-06-09 23:02:34 100864 ----a-r- c:\windows\system32\drivers\smhwdev.sys
2011-06-09 23:02:15 -------- d-----w- c:\program files\PC Suite For Android Handset
2011-06-08 14:00:12 -------- d-----w- c:\program files\Seagate
2011-06-08 13:59:20 -------- d-----w- c:\program files\common files\Wise Installation Wizard
2011-06-08 09:06:11 -------- d-sh--w- C:\found.003
2011-06-07 16:31:38 -------- d-sh--w- C:\found.002
2011-06-07 13:44:59 -------- d-sh--w- C:\found.001
2011-06-02 18:49:57 -------- d-----w- c:\documents and settings\pc\application data\Screaming Bee
2011-05-23 12:53:42 -------- d-----w- c:\documents and settings\pc\local settings\application data\Opera
2011-05-21 21:04:09 -------- d-----w- c:\documents and settings\pc\local settings\application data\AVG Security Toolbar
2011-05-21 20:58:05 -------- d-----w- c:\documents and settings\all users\application data\AVG Security Toolbar
2011-05-17 15:55:43 -------- d-----w- c:\documents and settings\all users\application data\Skype Extras
2011-05-17 15:54:40 -------- d-----r- c:\program files\Skype
.
==================== Find3M ====================
.
2011-05-01 19:13:07 240608 ----a-w- c:\windows\system32\nvdrsdb1.bin
2011-05-01 19:13:07 1 ----a-w- c:\windows\system32\nvdrssel.bin
2011-04-14 19:28:42 134480 ----a-w- c:\windows\system32\drivers\AVGIDSDriver.sys
2011-04-04 22:59:56 297168 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2011-01-18 21:25:41 7772672 ----a-w- c:\program files\Samsung New PC Studio USB Driver Installer.msi
.
============= FINISH: 13:18:21.54 ===============
attach :

mycity.rs/must-login.png
gmer1 :
mycity.rs/must-login.png
gmer2 :

mycity.rs/must-login.png
gmer3 :

mycity.rs/must-login.png
RootRepeal:
mycity.rs/must-login.png

offline
  • Fil  Male
  • Legendarni građanin
  • Pridružio: 11 Jun 2009
  • Poruke: 16586

Pozdrav,

Pregledao sam tvoje logove i zaključio da su čisti.
Dakle, problemi koje trenutno imaš nisu prouzrokovani sa malicioznim programima.

Preporučujem ti, stoga, da otvoriš temu u potforumu Windows za dalje akcije.


AMF tim

Ko je trenutno na forumu
 

Ukupno su 1061 korisnika na forumu :: 32 registrovanih, 6 sakrivenih i 1023 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: A.R.Chafee.Jr., airsuba, Belisarius, bojcistv, Boris90, branko7, darkangel, DeerHunter, dekao, Drug Platov, Faki-Valjevo, HrcAk47, kalens021, Kubovac, LUDI, manda87, mercedesamg, Metanoja, milanovic, milenko crazy north, milos97, mkukoleca, Nemanja.M, nuke92, pein, Povratak1912, vathra, vladaa012, voja64, vukovi, zastavnik, zixmix