MyCity » Ambulanta -> Arhiva Ambulante » Sporo palene PC-a !

Sporo palene PC-a !

Napisano na dan: 15.5.2009

Sporo palene PC-a !

Sledeća strana

Pagination

Zaključano

Z.Ziska Poslao: 15 Maj 2009 23:55 Idi na vrh
offline Z.Ziska Građanin Pridružio: 04 Mar 2009 Poruke: 54 Gde živiš: Vojvodina Serbia Selenca	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Molio bi proveru loga jel mi se komp nesto usporio pri paljenu!Hvala! ComboFix 09-05-15.01 - Ziska 15/05/2009 23:45.21 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1023.653 [GMT 2:00] Running from: c:\documents and settings\Ziska\Desktop\ComboFix.exe AV: AVG Anti-Virus Free On-access scanning enabled (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF} WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !! . ((((((((((((((((((((((((( Files Created from 2009-04-15 to 2009-05-15 ))))))))))))))))))))))))))))))) . 2009-05-14 15:10 . 2009-05-14 15:10 -------- d-----w c:\program files\Ace Translator 2009-05-08 18:57 . 2009-05-08 18:57 -------- d-----w c:\documents and settings\log 2009-05-08 18:55 . 2009-05-08 18:55 -------- d-----w c:\documents and settings\All Users\Application Data\Downloaded Installations 2009-05-04 15:24 . 2009-03-23 15:39 20480 ----a-w c:\windows\system32\scrnrdr.exe 2009-05-01 21:39 . 2009-05-01 21:40 -------- d-s---w c:\program files\HLSW 2009-04-27 16:07 . 2009-04-27 16:07 -------- d-----w c:\documents and settings\Ziska\Local Settings\Application Data\Clock_22 2009-04-27 16:06 . 2009-04-27 16:07 -------- d-----w c:\program files\Clock 2009-04-24 21:54 . 1998-05-11 20:01 12496 ----a-w c:\windows\system\vbas.dll 2009-04-24 21:54 . 1996-08-24 11:11 398416 ----a-w c:\windows\system32\Vbrun300.dll 2009-04-24 21:54 . 2009-04-24 21:54 -------- d-----w C:\askola 2009-04-24 21:54 . 2009-04-24 21:54 -------- d-----w c:\program files\aSkola 2009-04-24 21:54 . 1999-03-23 07:12 299520 ----a-w c:\windows\uninst.exe 2009-04-24 21:54 . 2009-04-24 21:54 -------- d-----w c:\documents and settings\Ziska\WINDOWS . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-05-15 14:30 . 2008-12-27 09:53 -------- d-----w c:\program files\FlashGet 2009-05-08 18:56 . 2009-03-01 11:39 -------- d-----w c:\program files\AVG 2009-05-08 10:34 . 2009-03-01 11:40 11952 ----a-w c:\windows\system32\avgrsstx.dll 2009-05-08 10:34 . 2009-03-01 11:40 325896 ----a-w c:\windows\system32\drivers\avgldx86.sys 2009-05-08 10:34 . 2009-03-01 11:40 108552 ----a-w c:\windows\system32\drivers\avgtdix.sys 2009-04-28 15:08 . 2009-02-14 14:55 -------- d-----w c:\program files\Google 2009-04-27 16:16 . 2008-12-27 09:56 -------- d-----w c:\program files\ClocX 2009-04-24 18:48 . 2008-12-26 09:59 -------- d--h--w c:\program files\InstallShield Installation Information 2009-04-10 20:41 . 2009-04-10 19:47 -------- d-----w c:\program files\VS Revo Group 2009-04-06 17:31 . 2009-04-06 17:31 56 ---ha-w c:\windows\system32\ezsidmv.dat 2009-04-06 17:22 . 2009-04-06 17:22 -------- d-----r c:\program files\Skype 2009-04-06 17:22 . 2009-04-06 17:22 -------- d-----w c:\program files\Common Files\Skype 2009-04-05 10:21 . 2009-04-05 10:21 664 ----a-w c:\windows\system32\d3d9caps.dat 2009-04-04 18:47 . 2009-04-04 18:46 -------- d-----w c:\program files\MySpace 2009-04-01 10:30 . 2009-03-24 17:55 -------- d-----w c:\program files\Java 2009-03-30 17:07 . 2009-03-30 11:05 -------- d-----w c:\program files\Common Files\Kaspersky Lab 2009-03-30 17:03 . 2009-03-04 18:17 2560 ----a-w c:\windows\_MSRSTRT.EXE 2009-03-30 17:03 . 2009-03-30 11:04 -------- d-----w c:\program files\iolo 2009-03-30 11:05 . 2008-12-26 09:36 -------- d-----w c:\program files\Common Files\InstallShield 2009-03-20 21:20 . 2008-12-26 10:39 -------- d-----w c:\program files\The KMPlayer 2009-03-19 15:08 . 2009-03-19 15:08 499712 ----a-w c:\windows\system32\msvcp71.dll 2009-03-19 15:08 . 2009-03-19 15:08 348160 ----a-w c:\windows\system32\msvcr71.dll 2009-03-09 03:19 . 2009-01-24 11:35 410984 ----a-w c:\windows\system32\deploytk.dll 2009-02-26 10:46 . 2009-02-26 10:46 74760 ----a-w c:\windows\system32\drivers\UniversalDD.sys 2009-02-26 10:46 . 2009-02-26 10:46 25608 ----a-w c:\windows\system32\drivers\AVGIDSErHr.sys . ------- Sigcheck ------- [-] 2008-04-14 03:42 699904 8A513E79E7980018DAEDCA586B866BC3 c:\windows\system32\wininet.dll [-] 2008-04-14 03:42 699904 8A513E79E7980018DAEDCA586B866BC3 c:\windows\system32\dllcache\wininet.dll [-] 2008-04-14 03:42 975872 561A50497324F378E30F55D09B4E1258 c:\windows\explorer.exe [-] 2008-04-14 03:42 975872 088A0CD3D4CD3B584F3A4150D6CF941E c:\windows\system32\dllcache\explorer.exe . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "MsnMsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2007-10-18 5724184] "MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2008-04-14 1695232] "Skype"="c:\program files\Skype\Phone\Skype.exe" [2009-03-27 24103720] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2005-12-10 7311360] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2005-12-10 86016] "Flashget"="c:\program files\FlashGet\FlashGet.exe" [2007-09-25 2007088] "AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-05-08 1947928] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-03-09 148888] "ClocX"="c:\program files\ClocX\ClocX.exe" [2007-07-26 270336] "AVGIDS"="c:\program files\AVG\Identity Protection\agent\bin\AVGIDSUI.exe" [2009-02-26 1579528] "SoundMan"="SOUNDMAN.EXE" - c:\windows\SOUNDMAN.EXE [2004-12-01 77824] "nwiz"="nwiz.exe" - c:\windows\system32\nwiz.exe [2005-12-10 1519616] c:\documents and settings\All Users\Start Menu\Programs\Startup\ Gigabyte Wireless Utility.lnk - c:\program files\GIGABYTE\Common\GNConfig.exe [2008-12-26 753664] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter] 2009-05-08 10:34 11952 ----a-w c:\windows\system32\avgrsstx.dll HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32 "wave1"= serwvdrv.dll [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusDisableNotify"=dword:00000001 "UpdatesDisableNotify"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\FlashGet\\flashget.exe"= "c:\\Program Files\\Ares\\Ares.exe"= "c:\\Program Files\\AVG\\AVG8\\avgupd.exe"= "c:\\Program Files\\AVG\\AVG8\\avgnsx.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"= "c:\\Program Files\\uTorrent\\uTorrent.exe"= "d:\\Games\\C.S .1.6 online\\Counter-Strike\\hl.exe"= "c:\\Program Files\\Ace Translator\\AceTrans.exe"= "c:\\Program Files\\Skype\\Phone\\Skype.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "139:TCP"= 139:TCP:@xpsp2res.dll,-22004 R0 AVGIDSErHr;AVGIDSErHr;c:\windows\system32\drivers\AVGIDSErHr.sys [2/26/2009 12:46 PM 25608] R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [3/1/2009 1:40 PM 325896] R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [3/1/2009 1:40 PM 108552] R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [3/1/2009 1:39 PM 298776] R2 AVGIDSWatcher;AVGIDSWatcher;c:\program files\AVG\Identity Protection\agent\Bin\AVGIDSWatcher.exe [2/26/2009 12:46 PM 563720] R3 AVGIDSDriver;AVGIDSDriver;c:\program files\AVG\Identity Protection\agent\driver\platform_XP\AVGIDSDriver.sys [2/26/2009 12:46 PM 121352] R3 AVGIDSFilter;AVGIDSFilter;c:\program files\AVG\Identity Protection\agent\driver\platform_XP\AVGIDSFilter.sys [2/26/2009 12:46 PM 30216] R3 AVGIDSShim;AVGIDSShim;c:\program files\AVG\Identity Protection\agent\driver\platform_XP\AVGIDSShim.sys [2/26/2009 12:46 PM 27232] S2 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\Identity Protection\agent\Bin\AVGIDSAgent.exe [2/26/2009 12:46 PM 5576712] S3 3xHybrid;3xHybrid service;c:\windows\system32\drivers\3xHybrid.sys [12/26/2008 12:23 PM 670592] S3 SetupNTGLM7X;SetupNTGLM7X;\??\e:\ntglm7x.sys --> e:\NTGLM7X.sys [?] . . ------- Supplementary Scan ------- . uStart Page = about:blank IE: &Download All with FlashGet - c:\program files\FlashGet\jc_all.htm IE: &Download with FlashGet - c:\program files\FlashGet\jc_link.htm IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 FF - ProfilePath - c:\documents and settings\Ziska\Application Data\Mozilla\Firefox\Profiles\nhsg24iv.default\ FF - prefs.js: browser.search.defaulturl - hxxp://search.live.com/results.aspx?FORM=IEFM1&q= FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: browser.startup.homepage - hxxp://www.abakusbp.net/ FF - prefs.js: keyword.URL - hxxp://searchservice.myspace.com/index.cfm?fuseaction=sitesearch.results&type=Web&orig=IMC-FF&qry= FF - component: c:\program files\Mozilla Firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}\components\NPComponent.dll . ************************************************************************ catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, gmer.net Rootkit scan 2009-05-15 23:47 Windows 5.1.2600 Service Pack 3 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************ . --------------------- LOCKED REGISTRY KEYS --------------------- [HKEY_LOCAL_MACHINE\software\Classes\Nf815c75f] @Denied: (4) (Everyone) @Denied: (4) (Administrators) @Allowed: (A B C D Full GENERIC_EXECUTE GENERIC_WRITE Read 1 2 3 4 5 6) (LocalSystem) "a"="M" "InternetCode"="U52LDJMC37ONPGW35EG4SPJX45LFAJ6ESRKK7IY8" . --------------------- DLLs Loaded Under Running Processes --------------------- - - - - - - - > 'explorer.exe'(2924) c:\windows\system32\SHDOCVW.dll c:\program files\FlashGet\fgmgr.dll c:\program files\Windows Media Player\wmpband.dll c:\windows\system32\ntshrui.dll c:\windows\system32\NETSHELL.dll c:\windows\system32\credui.dll c:\windows\system32\msi.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . Completion time: 2009-05-15 23:49 ComboFix-quarantined-files.txt 2009-05-15 21:49 Pre-Run: 4,647,964,672 bytes free Post-Run: 4,702,900,224 bytes free 163

Profil

dr_Bora Poslao: 16 Maj 2009 19:41 Idi na vrh
offline dr_Bora Anti Malware Fighter Rank 2 Pridružio: 24 Jul 2007 Poruke: 12280 Gde živiš: Höganäs, SE	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Par stvari... 1. Ovaj forum služi za rešavanje problema prouzrokovanim malicioznim programima. Da li ti imaš takav problem? Kompjuter ti je usporio pri paljenju? A šta drugo, sem otvaranja ove teme, si uradio po tom pitanju? 2. U slučaju da se doista utvrdi da je problem prouzrokovan malware-om, ili se isključe sve druge mogućnosti, tada se može otvoriti tema u Ambulanti. Tema u Ambulanti se ne otvara ovako kako ti to radiš. Otvara se po određenom pravilu i pri tome se prati određeno uputstvo. 3. Ovde nigde nema ni traga malware-u. 4. Kada idući put otvoriš temu u Ambulanti a da ne postoji smislen razlog/opravdanje za to i kada to uradiš tako što tresneš ComboFix log (ili bilo koji drugi, sem onoga koji se traži), tema će biti obrisana a tebi će biti onemogućeno dalje pisanje u ovom delu foruma. A ja ovo tebi ne pričam prvi put, zar ne? Poštovanje.

Profil

16 Maj 2009 19:42

dr_Bora

Zaključavanje topica

Razlog: Odgovoreno je

MyCity » Ambulanta -> Arhiva Ambulante » Sporo palene PC-a !

Ko je trenutno na forumu

Ukupno su 990 korisnika na forumu :: 36 registrovanih, 2 sakrivenih i 952 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: 357magnum, airsuba, babaroga, bojank, bokisha253, cikadeda, CikaKURE, deimos25, djuradj, draganl, Griffon vulture, ivicasimo, Kaplar2, Kubovac, kybonacci, ljuba, Lucije Kvint, LUDI, MB120mm, Mercury, milenko crazy north, Motocar, mrav pesadinac, nebkv, novator, ostoja, Parker, rodoljub, Snorks, ss10, USSVoyager, vaso1, vathra, VJ, voja64, wizzardone

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by