spor net :(

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Internet mi se chudno ponasha, znatno sporije se otvaraju stranice, brzina bi trebalo da bude 1mb. Pronashla sam ovaj sajt i vidim da ste mnogima pomogli, pa rekoh da pokusham. Malo sam pogledala po temama i vidim da sam svima trazhili da vam postuju log sa ComboFixa, pa sam da bih ushtedela vreme pratila instrukcije, nadam se da je ispalo ok.

unapred hvala



ComboFix 09-02-02.03 - Mira 2009-02-02 22:05:27.1 - NTFSx86
Microsoft® Windows Vista™ Ultimate 6.0.6000.0.1252.1.1033.18.1022.342 [GMT 1:00]
Running from: c:\users\Mira\Desktop\ComboFix.exe
AV: avast! antivirus 4.8.1296 [VPS 090202-0] *On-access scanning disabled* (Updated)
* Created a new restore point
.

((((((((((((((((((((((((( Files Created from 2009-01-02 to 2009-02-02 )))))))))))))))))))))))))))))))
.

2009-01-22 17:29 . 2009-01-22 17:35 <DIR> d-------- c:\program files\The KMPlayer
2009-01-22 17:15 . 2009-01-22 17:15 <DIR> d-------- c:\program files\DirectVobSub
2009-01-22 16:53 . 2009-01-22 16:53 <DIR> d-------- c:\program files\Haali
2009-01-13 01:27 . 2009-01-13 01:27 <DIR> d-------- c:\program files\TimeAdjuster

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-02-02 21:06 --------- d-----w c:\users\Mira\AppData\Roaming\LimeWire
2009-02-02 19:15 --------- d-----w c:\users\Mira\AppData\Roaming\uTorrent
2009-02-02 00:09 --------- d-----w c:\programdata\Google Updater
2009-02-01 19:45 --------- d-----w c:\program files\TC UP
2009-01-21 19:24 --------- d-----w c:\users\Mira\AppData\Roaming\Ahead
2008-12-28 15:21 --------- d-----w c:\programdata\WinZip
2008-12-18 03:03 --------- d-----w c:\program files\Picasa2
2008-12-17 23:54 --------- d-----w c:\program files\Google
2008-11-03 19:03 1,851,544 ----a-w c:\program files\install_flash_player.exe
2008-10-09 18:02 1,740,115 ----a-w c:\users\Mira\dokumentapotrebnazavizu.zip
2008-05-23 14:44 174 --sha-w c:\program files\desktop.ini
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-05-23 1232896]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2007-01-15 147456]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2006-11-02 125440]
"MsnMsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2007-10-18 5724184]
"Picasa Media Detector"="c:\program files\Picasa2\PicasaMediaDetector.exe" [2008-08-21 443968]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2006-11-02 201728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"JMB36X IDE Setup"="c:\windows\RaidTool\xInsIDE.exe" [2007-03-20 36864]
"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2006-12-06 69216]
"LanguageShortcut"="c:\program files\CyberLink\PowerDVD\Language\Language.exe" [2006-12-05 54832]
"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2006-01-12 155648]
"WinampAgent"="c:\program files\Winamp\winampa.exe" [2004-12-20 33792]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016]
"DSLSTATEXE"="c:\program files\Conexant\Adsl\dslstat.exe" [2006-12-17 376832]
"DSLAGENTEXE"="c:\program files\Conexant\Adsl\dslagent.exe" [2006-12-17 90112]
"googletalk"="c:\program files\Google\Google Talk\googletalk.exe" [2007-01-01 3739648]
"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_06\bin\jusched.exe" [2008-03-25 144784]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2008-11-26 81000]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792]
"PCSuiteTrayApplication"="c:\program files\Nokia\Nokia PC Suite 6\LaunchApplication.exe" [2007-06-18 271360]
"KBDriver"="c:\program files\Keyboard Driver\OEMDriver.exe" [2006-07-25 151552]
"Di dictionary"="c:\program files\Di recnik\di.exe" [2007-03-16 518656]
"RtHDVCpl"="RtHDVCpl.exe" [2007-03-23 c:\windows\RtHDVCpl.exe]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Nokia.PCSync"="c:\program files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2007-06-19 1241088]

c:\users\Mira\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
LimeWire On Startup.lnk - c:\program files\LimeWire\LimeWire.exe [2008-06-05 147456]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
WinZip Quick Pick.lnk - c:\program files\WinZip\WZQKPICK.EXE [2008-09-10 525664]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{2653C619-F7FF-401B-9FC5-C30EE5E171E9}"= TCP:6004|c:\program files\Microsoft Office\Office12\outlook.exe:Microsoft Office Outlook
"{BD7ADA57-3C49-4FA6-A602-A733C9522C18}"= UDP:c:\program files\Microsoft Office\Office12\GROOVE.EXE:Microsoft Office Groove
"{0C5015F6-4ED0-4262-8480-49460856440F}"= TCP:c:\program files\Microsoft Office\Office12\GROOVE.EXE:Microsoft Office Groove
"{C0D2196E-3650-4254-8AD1-4E53CE79C308}"= UDP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{0B4CD11B-7457-440F-96C0-D5BD9D81368B}"= TCP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{077F08A6-FB73-487D-8F23-25671D4F1699}"= UDP:c:\program files\Google\Google Talk\googletalk.exe:Google Talk
"{7A69FF9E-BF81-41B0-9AF9-422B599CACD7}"= TCP:c:\program files\Google\Google Talk\googletalk.exe:Google Talk
"{326EAE78-B59F-4037-9905-1E007B0C526B}"= c:\program files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{8FE484A6-7BD9-43BA-AE6A-D02FD191C73A}"= UDP:c:\program files\LimeWire\LimeWire.exe:LimeWire
"{6D97D5B5-82A7-4E51-B3BC-A96864191C53}"= TCP:c:\program files\LimeWire\LimeWire.exe:LimeWire
"{F1FCFA1C-9247-4561-8641-0DF89BB7D5BE}"= UDP:c:\program files\LimeWire\LimeWire.exe:LimeWire
"{9BA5AA33-2517-46D2-847B-9357289160B5}"= TCP:c:\program files\LimeWire\LimeWire.exe:LimeWire
"{7BC4BB8C-DC62-4EAB-B76F-291C779CB2B4}"= UDP:c:\program files\uTorrent\uTorrent.exe:µTorrent
"{D04A377B-3978-48B9-9789-0045CE3EB034}"= TCP:c:\program files\uTorrent\uTorrent.exe:µTorrent
"{F6E28833-903E-471C-BAD6-4BC09EEAAC82}"= UDP:c:\program files\uTorrent\uTorrent.exe:µTorrent (TCP-In)
"{948E15E2-2C9C-4F29-A74B-ED82A8D0F8B7}"= TCP:c:\program files\uTorrent\uTorrent.exe:µTorrent (UDP-In)
"TCP Query User{2EC69F7B-9531-4053-9C2B-CB61800F5A2F}c:\\program files\\mozilla firefox\\firefox.exe"= UDP:c:\program files\mozilla firefox\firefox.exe:Firefox
"UDP Query User{89F1A9D6-362B-4353-A26F-1720F3EF7304}c:\\program files\\mozilla firefox\\firefox.exe"= TCP:c:\program files\mozilla firefox\firefox.exe:Firefox

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\RestrictedServices\Static\System]
"DFSR-1"= RPort=5722|UDP:%SystemRoot%\system32\svchost.exe|Svc=DFSR:Allow inbound TCP traffic|

R1 aswSP;avast! Self Protection;c:\windows\System32\drivers\aswSP.sys [2008-05-31 111184]
R1 VD_FileDisk;VD_FileDisk;c:\windows\System32\drivers\vd_filedisk.sys [2008-05-15 15872]
R2 {95808DC4-FA4A-4c74-92FE-5B863F82066B};{95808DC4-FA4A-4c74-92FE-5B863F82066B};c:\program files\CyberLink\PowerDVD\000.fcl [2008-05-15 15:48:38 13560]
R2 aswFsBlk;aswFsBlk;c:\windows\System32\drivers\aswFsBlk.sys [2008-05-31 20560]
R2 aswMonFlt;aswMonFlt;c:\windows\System32\drivers\aswMonFlt.sys [2008-05-31 51792]
R3 AtcL001;NDIS Miniport Driver for Attansic L1 Gigabit Ethernet Controller;c:\windows\System32\drivers\atl01v32.sys [2008-05-15 48128]
R3 VST_DPV;VST_DPV;c:\windows\System32\drivers\VSTDPV3.SYS [2006-11-02 987648]
R3 VSTHWBS2;VSTHWBS2;c:\windows\System32\drivers\VSTBS23.SYS [2006-11-02 251904]
S2 gupdate1c960a2c565e376;Google Update Service (gupdate1c960a2c565e376);c:\program files\Google\Update\GoogleUpdate.exe [2008-12-18 119280]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1b6d82b6-556b-11dd-b737-000000000000}]
\shell\AutoRun\command - F:\LaunchU3.exe -a

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{74ac830b-9e84-11dd-acd1-ad5c22cfccfb}]
\shell\AutoRun\command - G:\LaunchU3.exe -a

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{7a9f92f3-2bec-11dd-94aa-001e8c338ccd}]
\shell\AutoRun\command - F:\jfvkcsy.bat
\shell\explore\Command - F:\jfvkcsy.bat
\shell\open\Command - F:\jfvkcsy.bat

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{8e3ba74c-22d3-11dd-87fe-806e6f6e6963}]
\shell\AutoRun\command - e:\.\Bin\Assetup.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{934ba4db-3a17-11dd-b9f6-000000000000}]
\shell\AutoRun\command - F:\l2f.cmd
\shell\explore\Command - F:\l2f.cmd
\shell\open\Command - F:\l2f.cmd

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{934ba55b-3a17-11dd-b9f6-000000000000}]
\shell\AutoRun\command - wscript.exe .\.vbs
\shell\open\command - wscript.exe .\.vbs
.
Contents of the 'Scheduled Tasks' folder

2009-02-02 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-12-18 00:40]

2009-02-02 c:\windows\Tasks\GoogleUpdateTaskMachine.job
- c:\program files\Google\Update\GoogleUpdate.exe [2008-12-18 00:54]
.
- - - - ORPHANS REMOVED - - - -

HKCU-Run-updateMgr - c:\program files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe


.
------- Supplementary Scan -------
.
uDefault_Search_URL = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Prevedi sa Di recnikom - c:\program files\Di recnik\diie.htm
IE: Translate with Di dictionary -
TCP: {D57EA90A-1399-469D-A5AA-5D0AB2610A0C} = 77.105.0.18 77.105.0.19
FF - ProfilePath - c:\users\Mira\AppData\Roaming\Mozilla\Firefox\Profiles\9m7jrwxi.default\
FF - plugin: c:\program files\Google\Google Updater\2.4.1441.4352\npCIDetect13.dll
FF - plugin: c:\program files\Google\Update\1.2.133.33\npGoogleOneClick7.dll
FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll
FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Picasa2\npPicasa2.dll
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, gmer.net
Rootkit scan 2009-02-02 22:07:10
Windows 6.0.6000 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2009-02-02 22:08:36
ComboFix-quarantined-files.txt 2009-02-02 21:08:33

Pre-Run: 311,148,544 bytes free
Post-Run: 1,412,165,632 bytes free

152 --- E O F --- 2008-05-24 10:54:51

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Pozdrav...


Sem nekih stavki koje pokazuju da su ranije na ovaj kompjuter priključivani inficirani USB drive-ovi, ovde nema ništa problematično.


A drugi put kada otvaraš temu u ovom forumu, isprati uputstvo za otvaranje iste. OK?

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Hvala i sorry za propust oko teme...

pozz