Usporen rad računara AV ništa ne pronalazi

1

Usporen rad računara AV ništa ne pronalazi

offline
  • Pridružio: 07 Apr 2012
  • Poruke: 114

Pozdrav!
Već nekoliko meseci računar radi usporeno.
Kupio sam nov a ovaj odneo na poklon.
Pre toga sam poskidao sve što sam smatrao nepotrebnim, particije su bile gotovo pune pa sam mislio da je to jedan od razloga.
Sporo otvara pretraživač, sporo učitava strane. Kada minimiziram otvorenu stranu, da bi je ponovo podigao iz Taskbar-a potrabno je nekoliko minuta.
Mislim da su problem napravile igrice koje klinci igraju na internetu.
Ovde se po rečima vlasnika koristi satelitski internet.
Koristim AVG koji je svo vreme rada računara isključen. Po nekad pustim dubinsko skeniranje i ništa ne pronalazi.

Ako je moguće da ovo odmah neko pogleda, bio bih zahvalan, jer ću u gostima biti još samo nekoliko sati a vlasnik nije vičan ovim stvarima.

Hvala
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
.
==== Installed Programs ======================
.
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader XI (11.0.05)
avast! Free Antivirus
BS.Player FREE
C-Media WDM Audio Driver
CCleaner
Compatibility Pack for the 2007 Office system
ffdshow v1.2.4422 [2012-04-09]
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows XP (KB2756822)
Hotfix for Windows XP (KB2779562)
Hotfix for Windows XP (KB952287)
Image Resizer Powertoy for Windows XP
Java 7 Update 25
Java Auto Updater
MCShield ::Anti-Malware Tool::
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
Microsoft Office File Validation Add-In
Microsoft Office Professional Edition 2003
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
Mozilla Firefox 26.0 (x86 en-US)
Mozilla Maintenance Service
MSVC90_x86
Prince of Persia T2T
Security Update for Microsoft Windows (KB2564958)
Security Update for Windows Internet Explorer 8 (KB2510531)
Security Update for Windows Internet Explorer 8 (KB2618444)
Security Update for Windows Internet Explorer 8 (KB2744842)
Security Update for Windows Internet Explorer 8 (KB2829530)
Security Update for Windows Internet Explorer 8 (KB2838727)
Security Update for Windows Internet Explorer 8 (KB2846071)
Security Update for Windows Internet Explorer 8 (KB2847204)
Security Update for Windows Internet Explorer 8 (KB2862772)
Security Update for Windows Internet Explorer 8 (KB2870699)
Security Update for Windows Internet Explorer 8 (KB2879017)
Security Update for Windows Internet Explorer 8 (KB2888505)
Security Update for Windows Internet Explorer 8 (KB2898785)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB2803821-v2)
Security Update for Windows Media Player (KB2803821)
Security Update for Windows Media Player (KB2834904)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB2393802)
Security Update for Windows XP (KB2419632)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2443105)
Security Update for Windows XP (KB2476490)
Security Update for Windows XP (KB2478960)
Security Update for Windows XP (KB2478971)
Security Update for Windows XP (KB2479943)
Security Update for Windows XP (KB2481109)
Security Update for Windows XP (KB2483185)
Security Update for Windows XP (KB2485663)
Security Update for Windows XP (KB2506212)
Security Update for Windows XP (KB2507618)
Security Update for Windows XP (KB2507938)
Security Update for Windows XP (KB2508429)
Security Update for Windows XP (KB2509553)
Security Update for Windows XP (KB2510581)
Security Update for Windows XP (KB2535512)
Security Update for Windows XP (KB2536276-v2)
Security Update for Windows XP (KB2544893-v2)
Security Update for Windows XP (KB2566454)
Security Update for Windows XP (KB2570947)
Security Update for Windows XP (KB2584146)
Security Update for Windows XP (KB2585542)
Security Update for Windows XP (KB2592799)
Security Update for Windows XP (KB2598479)
Security Update for Windows XP (KB2603381)
Security Update for Windows XP (KB2618451)
Security Update for Windows XP (KB2619339)
Security Update for Windows XP (KB2620712)
Security Update for Windows XP (KB2624667)
Security Update for Windows XP (KB2631813)
Security Update for Windows XP (KB2646524)
Security Update for Windows XP (KB2653956)
Security Update for Windows XP (KB2655992)
Security Update for Windows XP (KB2659262)
Security Update for Windows XP (KB2661637)
Security Update for Windows XP (KB2676562)
Security Update for Windows XP (KB2686509)
Security Update for Windows XP (KB2691442)
Security Update for Windows XP (KB2698365)
Security Update for Windows XP (KB2705219-v2)
Security Update for Windows XP (KB2712808)
Security Update for Windows XP (KB2719985)
Security Update for Windows XP (KB2723135-v2)
Security Update for Windows XP (KB2724197)
Security Update for Windows XP (KB2727528)
Security Update for Windows XP (KB2753842-v2)
Security Update for Windows XP (KB2753842)
Security Update for Windows XP (KB2757638)
Security Update for Windows XP (KB2758857)
Security Update for Windows XP (KB2761226)
Security Update for Windows XP (KB2770660)
Security Update for Windows XP (KB2778344)
Security Update for Windows XP (KB2779030)
Security Update for Windows XP (KB2780091)
Security Update for Windows XP (KB2799494)
Security Update for Windows XP (KB2802968)
Security Update for Windows XP (KB2807986)
Security Update for Windows XP (KB2808735)
Security Update for Windows XP (KB2813170)
Security Update for Windows XP (KB2813345)
Security Update for Windows XP (KB2820197)
Security Update for Windows XP (KB2820917)
Security Update for Windows XP (KB2829361)
Security Update for Windows XP (KB2829530)
Security Update for Windows XP (KB2834886)
Security Update for Windows XP (KB2839229)
Security Update for Windows XP (KB2845187)
Security Update for Windows XP (KB2847311)
Security Update for Windows XP (KB2849470)
Security Update for Windows XP (KB2850851)
Security Update for Windows XP (KB2850869)
Security Update for Windows XP (KB2859537)
Security Update for Windows XP (KB2862152)
Security Update for Windows XP (KB2862330)
Security Update for Windows XP (KB2862335)
Security Update for Windows XP (KB2864063)
Security Update for Windows XP (KB2868038)
Security Update for Windows XP (KB2868626)
Security Update for Windows XP (KB2876217)
Security Update for Windows XP (KB2876315)
Security Update for Windows XP (KB2876331)
Security Update for Windows XP (KB2883150)
Security Update for Windows XP (KB2884256)
Security Update for Windows XP (KB2892075)
Security Update for Windows XP (KB2893294)
Security Update for Windows XP (KB2893984)
Security Update for Windows XP (KB2898715)
Security Update for Windows XP (KB2900986)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982665)
Skype™ 6.3
Total Commander (Remove or Repair)
Update for Windows Internet Explorer 8 (KB2598845)
Update for Windows XP (KB2345886)
Update for Windows XP (KB2467659)
Update for Windows XP (KB2661254-v2)
Update for Windows XP (KB2736233)
Update for Windows XP (KB2749655)
Update for Windows XP (KB2863058)
Update for Windows XP (KB2904266)
Update for Windows XP (KB898461)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB968389)
Update for Windows XP (KB971029)
Update for Windows XP (KB973815)
WebFldrs XP
Windows Internet Explorer 8
Windows XP Service Pack 3
WinRAR 4.20 (32-bit)
.
==== End Of File ===========================

mycity.rs/must-login.png

offline
  • Research Engineer @MalwareBytes
  • Pridružio: 09 Avg 2011
  • Poruke: 15877
  • Gde živiš: Beograd

Nedostaje ti i DDS.txt izvestaj, prikaci i njega...

offline
  • Pridružio: 07 Apr 2012
  • Poruke: 114

Napisano: 10 Jan 2014 12:43

mycity.rs/must-login.png



DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 8.0.6001.18702
Run by Milan at 11:17:18 on 2014-01-10
.
============== Running Processes ================
.
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\RunDll32.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MCShield\mcshieldrtm.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\System32\svchost.exe -k NetworkService
C:\WINDOWS\System32\svchost.exe -k LocalService
C:\WINDOWS\System32\svchost.exe -k LocalService
C:\WINDOWS\System32\svchost.exe -k imgsvc
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.googl.com/
BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll
TB: avast! Online Security: {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - c:\program files\avast software\avast\aswWebRepIE.dll
uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [MCShield Monitor] c:\program files\mcshield\mcshieldrtm.exe
mRun: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [AvastUI.exe] "c:\program files\avast software\avast\AvastUI.exe" /nogui
mRun: [KernelFaultCheck] c:\windows\system32\dumprep 0 -k
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Windows\System: Allow-LogonScript-NetbiosDisabled = dword:1
mPolicies-Explorer: NoDriveTypeAutoRun = dword:145
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://go.microsoft.com/fwlink/?linkid=39204
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://windowsupdate.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1353009544218
DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} -
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1367488521421
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
TCP: NameServer = 192.168.1.50
TCP: Interfaces\{598DB00E-D368-4D58-A0D0-E4BC9D876DE4} : DHCPNameServer = 91.102.224.62 91.102.225.16
TCP: Interfaces\{CA9ECB67-4F2B-4EF1-A7BA-C8F960917A5C} : DHCPNameServer = 192.168.1.50
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
LSA: Notification Packages = Error!
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\milan\application data\mozilla\firefox\profiles\50koxr5k.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?btnG=Google+Search&q=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com
FF - prefs.js: keyword.URL - hxxp://www.google.com/search?btnG=Google+Search&q=
FF - plugin: c:\program files\adobe\reader 11.0\reader\air\nppdf32.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_9_900_170.dll
FF - plugin: c:\windows\system32\npDeployJava1.dll
FF - plugin: c:\windows\system32\npptools.dll
.
============= SERVICES / DRIVERS ===============
.
R? SkypeUpdate;Skype Updater
S? aswMonFlt;aswMonFlt
S? aswRvrt;avast! Revert
S? aswSnx;aswSnx
S? aswSP;aswSP
S? aswVmm;avast! VM Monitor
S? avast! Antivirus;avast! Antivirus
.
=============== Created Last 30 ================
.
2014-01-04 09:14:06 -------- d-----w- c:\documents and settings\milan\local settings\application data\GHISLER
2014-01-04 09:12:24 545 ----a-w- c:\windows\UC.PIF
2014-01-04 09:12:24 545 ----a-w- c:\windows\RAR.PIF
2014-01-04 09:12:24 545 ----a-w- c:\windows\PKZIP.PIF
2014-01-04 09:12:24 545 ----a-w- c:\windows\PKUNZIP.PIF
2014-01-04 09:12:24 545 ----a-w- c:\windows\LHA.PIF
2014-01-04 09:12:24 545 ----a-w- c:\windows\ARJ.PIF
2014-01-04 09:12:23 -------- d-----w- C:\totalcmd
2014-01-04 09:12:23 -------- d-----w- c:\documents and settings\milan\application data\GHISLER
2013-12-21 08:33:04 22370928 ----a-w- c:\program files\mozilla firefox\xul.dll
2013-12-21 08:33:04 108144 ----a-w- c:\program files\mozilla firefox\webapprt-stub.exe
2013-12-21 08:33:03 276592 ----a-w- c:\program files\mozilla firefox\updater.exe
2013-12-21 08:33:03 170960 ----a-w- c:\program files\mozilla firefox\webapp-uninstaller.exe
2013-12-21 08:33:01 872352 ----a-w- c:\program files\mozilla firefox\uninstall\helper.exe
2013-12-21 08:33:01 153712 ----a-w- c:\program files\mozilla firefox\softokn3.dll
2013-12-21 08:33:00 28272 ----a-w- c:\program files\mozilla firefox\plugin-hang-ui.exe
2013-12-21 08:33:00 18544 ----a-w- c:\program files\mozilla firefox\plugin-container.exe
.
==================== Find3M ====================
.
2013-12-22 08:40:53 180248 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2013-12-22 08:40:52 775952 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-12-22 08:40:51 67824 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2013-12-22 08:40:45 43152 ----a-w- c:\windows\avastSS.scr
2013-12-11 19:05:53 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-12-11 19:05:53 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-12-01 19:38:37 49944 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2013-11-13 02:59:42 150528 ----a-w- c:\windows\system32\imagehlp.dll
2013-11-07 05:38:51 591360 ----a-w- c:\windows\system32\rpcrt4.dll
2013-11-06 01:03:31 7168 ----a-w- c:\windows\system32\xpsp4res.dll
2013-10-31 06:46:14 104752 ----a-w- c:\windows\system32\drivers\aswFW.sys
2013-10-30 02:26:17 1879040 ----a-w- c:\windows\system32\win32k.sys
2013-10-29 07:57:34 920064 ----a-w- c:\windows\system32\wininet.dll
2013-10-29 07:57:33 43520 ------w- c:\windows\system32\licmgr10.dll
2013-10-29 07:57:33 18944 ----a-w- c:\windows\system32\corpol.dll
2013-10-29 07:57:33 1469440 ------w- c:\windows\system32\inetcpl.cpl
2013-10-29 00:45:02 385024 ------w- c:\windows\system32\html.iec
2013-10-23 23:45:49 172032 ----a-w- c:\windows\system32\scrrun.dll
2013-10-12 15:56:19 278528 ----a-w- c:\windows\system32\oakley.dll
.
============= FINISH: 11:26:19.25 ===============


Dopuna: 10 Jan 2014 14:54

Moram da idem.
Doći će momak koji će moći ispratiti do kraja instrukcije.
Molim malo strpljenja, jer po nekada, neće biti u mogućnosti odmah odgovoriti.

offline
  • magna86  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 21 Jun 2008
  • Poruke: 6103

Pozdrav,

Da li korisnik ovog racunara i dalje zeli pomoc?

Ako je tako, potrebno je da izvrsim dodatne provere jer alat DDS iz nekog razloga nije uspesno izvrsio odredjene analize. Dodatnu proveru radimo sa alatom koji zovemo FRST.




Arrow Preuzmi Farbar-ov Farbar Recovery Scan Tool () sa ove adrese na Desktop:
Postoji 32bit. i 64bit.-na verzija. Potrebno je preuzeti verziju koja je kompatibilna sa tvojim sistemom.
Ako nisi siguran koja verzija se odnosi na tvoj sistem, preuzmi ih obe i pokreni. Samo jedan od njih će raditi na tvom sistemu, to će biti prava verzija.




Arrow Verzija koja je kompatibilna sa tvojim sistemom jeste 32bitna verzija alata.
Direktno preuzimanje FRST -32bit:
http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/



Arrow
dvoklikom pokreni program, kada se alat pokrene klikni Yes na disclaimer prozor;
pričekati koji trenutak dok alat proverava postoji li novija verzija;
klikni na dugme Scan;
po završetku skeniranja, alat će formirati izveštaj (FRST.txt) u isti direktorijum gde je FRST alat sačuvan;
iskopiraj sadržaj FRST.txt izveštaja u poruku;
po prvom pokretanju, alat bi trebao formirati i dodatni izveštaj (Addition.txt);
okači Addition.txt izveštaj uz poruku koristeći opciju Prikači fajl

offline
  • Pridružio: 07 Apr 2012
  • Poruke: 114

Pozdrav,

pokušaćemo ovo završiti, ali sporo ide zbog gore navedih razloga.
Program je skinut i računar skeniran ali sada čekamo nekoga ko će pomoći da se okači log.

offline
  • magna86  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 21 Jun 2008
  • Poruke: 6103

U cemu lezi problem kada pokusate okaciti logove? Ako vam je tako lakse, iskopirajte logove u poruku ( copy - paste ).

offline
  • Pridružio: 07 Apr 2012
  • Poruke: 114

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 11-01-2014 03
Ran by Milan (administrator) on DNEVNA-BTPRPTR0 on 11-01-2014 21:00:42
Running from D:\
Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: English(US)
Internet Explorer Version 8
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Microsoft Corporation) C:\Program Files\Messenger\msmsgs.exe
(MyCity) C:\Program Files\MCShield\MCShieldRTM.exe
(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
(Microsoft Corporation) C:\WINDOWS\SoftwareDistribution\Download\Install\WindowsXP-KB905474-ENU-x86.exe
(Microsoft Corporation) E:\62ab51454b2203cb67b5eb\wgasetup.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Cmaudio] - RunDll32 cmicnfg.cpl,CMICtrlWnd
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3764024 2013-12-22] (AVAST Software)
HKLM\...\Run: [KernelFaultCheck] - %systemroot%\system32\dumprep 0 -k
HKCU\...\Run: [MSMSGS] - C:\Program Files\Messenger\msmsgs.exe [1695232 2008-04-14] (Microsoft Corporation)
HKCU\...\Run: [MCShield Monitor] - C:\Program Files\MCShield\mcshieldrtm.exe [607232 2013-10-26] (MyCity)
Lsa: [Notification Packages] scecli scecli scecli
Startup: C:\Documents and Settings\Milan\Start Menu\Programs\Startup\Registration Prince of Persia T2T.LNK
ShortcutTarget: Registration Prince of Persia T2T.LNK -> D:\Vuk\vule\Prince of Persia T2T\Support\Register\RegistrationReminder.exe (No File)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = googl.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKLM - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKCU - &Address - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\Windows\System32\browseui.dll (Microsoft Corporation)
Toolbar: HKCU - &Links - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\Windows\system32\SHELL32.dll (Microsoft Corporation)
DPF: {17492023-C23A-453E-A040-C7C580BBF700} go.microsoft.com/fwlink/?linkid=39204
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} windowsupdate.microsoft.com/windowsupdate/v.....3009544218
DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455}
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} update.microsoft.com/microsoftupdate/v6/V5C.....7488521421
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.50

FireFox:
========
FF ProfilePath: C:\Documents and Settings\Milan\Application Data\Mozilla\Firefox\Profiles\50koxr5k.default
FF NewTab: hxxp://www.google.com/
FF SearchEngineOrder.1: Google
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.google.com
FF Keyword.URL: hxxp://www.google.com/search?btnG=Google+Search&q=
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: HDvid Codec 3 - C:\Documents and Settings\Milan\Application Data\Mozilla\Firefox\Profiles\50koxr5k.default\Extensions\hdvc3@hdvidcodec.com.xpi [2013-06-30]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2012-11-14]

========================== Services (Whitelisted) =================

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2013-12-22] (AVAST Software)
U4 avast! Firewall; "C:\Program Files\AVAST Software\Avast\afwServ.exe" [x]

==================== Drivers (Whitelisted) ====================

R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [67824 2013-12-22] (AVAST Software)
R1 AswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [54832 2013-12-22] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [49944 2013-12-01] ()
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [775952 2013-12-22] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [410528 2013-12-22] (AVAST Software)
R1 aswTdi; C:\WINDOWS\system32\drivers\aswTdi.sys [57672 2013-12-22] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [180248 2013-12-22] ()
S3 CCDECODE; C:\Windows\System32\DRIVERS\CCDECODE.sys [17024 2008-04-14] (Microsoft Corporation)
R3 cmuda; C:\Windows\System32\drivers\cmuda.sys [1368000 2005-12-15] (C-Media Inc)
R3 FETNDIS; C:\Windows\System32\DRIVERS\fetnd5.sys [27165 2001-08-17] (VIA Technologies, Inc. )
R3 gameenum; C:\Windows\System32\DRIVERS\gameenum.sys [10624 2008-04-14] (Microsoft Corporation)
S3 NdisIP; C:\Windows\System32\DRIVERS\NdisIP.sys [10880 2008-04-14] (Microsoft Corporation)
R3 rtl8139; C:\Windows\System32\DRIVERS\RTL8139.SYS [20992 2004-08-03] (Realtek Semiconductor Corporation)
R0 sfvfs02; C:\Windows\System32\drivers\sfvfs02.sys [66048 2005-09-29] (Protection Technology)
U4 aswKbd; \??\C:\WINDOWS\system32\drivers\aswKbd.sys [x]
S4 IntelIde; No ImagePath
U5 ScsiPort; C:\Windows\system32\drivers\scsiport.sys [96384 2008-04-14] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-01-11 20:40 - 2014-01-11 20:40 - 00000000 ____D C:\FRST
2014-01-11 17:09 - 2014-01-11 17:10 - 00003538 _____ C:\WINDOWS\KB976002-v5.log
2014-01-10 16:19 - 2010-02-12 11:03 - 00293376 ____N (Microsoft Corporation) C:\WINDOWS\system32\browserchoice.exe
2014-01-10 11:27 - 2014-01-10 11:27 - 00009435 _____ C:\Documents and Settings\Milan\Desktop\attach.txt
2014-01-10 11:27 - 2014-01-10 11:26 - 00006947 _____ C:\Documents and Settings\Milan\Desktop\dds.txt
2014-01-10 11:15 - 2014-01-10 11:15 - 00688992 ____R (Swearware) C:\Documents and Settings\Milan\Desktop\dds.scr
2014-01-10 10:11 - 2014-01-10 10:12 - 00001892 _____ C:\WINDOWS\setupapi.log
2014-01-04 10:14 - 2014-01-04 10:14 - 00000000 ____D C:\Documents and Settings\Milan\Local Settings\Application Data\GHISLER
2014-01-04 10:12 - 2014-01-04 10:12 - 00000000 ____D C:\totalcmd
2014-01-04 10:12 - 2014-01-04 10:12 - 00000000 ____D C:\Documents and Settings\Milan\Start Menu\Programs\Total Commander
2014-01-04 10:12 - 2014-01-04 10:12 - 00000000 ____D C:\Documents and Settings\Milan\Application Data\GHISLER
2014-01-04 10:12 - 2011-12-23 08:00 - 00000545 _____ C:\WINDOWS\UC.PIF
2014-01-04 10:12 - 2011-12-23 08:00 - 00000545 _____ C:\WINDOWS\RAR.PIF
2014-01-04 10:12 - 2011-12-23 08:00 - 00000545 _____ C:\WINDOWS\PKZIP.PIF
2014-01-04 10:12 - 2011-12-23 08:00 - 00000545 _____ C:\WINDOWS\PKUNZIP.PIF
2014-01-04 10:12 - 2011-12-23 08:00 - 00000545 _____ C:\WINDOWS\LHA.PIF
2014-01-04 10:12 - 2011-12-23 08:00 - 00000545 _____ C:\WINDOWS\ARJ.PIF
2013-12-22 09:44 - 2013-12-22 09:44 - 00001733 _____ C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
2013-12-21 16:02 - 2013-12-21 16:02 - 00000456 _____ C:\Documents and Settings\All Users\Documents\USB Video Device.lnk
2013-12-21 16:02 - 2013-12-21 16:02 - 00000403 _____ C:\Documents and Settings\All Users\Documents\My Documents.lnk
2013-12-21 16:02 - 2013-12-21 16:02 - 00000124 _____ C:\Documents and Settings\All Users\Documents\Nokia Phone Browser.lnk
2013-12-21 09:32 - 2013-12-21 09:37 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-12-12 00:40 - 2013-12-12 00:40 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2904266$
2013-12-12 00:40 - 2013-12-12 00:40 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2898715$
2013-12-12 00:26 - 2013-12-12 00:26 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2893984$
2013-12-12 00:26 - 2013-12-12 00:26 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2893294$
2013-12-12 00:25 - 2013-12-12 00:25 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2892075$

==================== One Month Modified Files and Folders =======

2014-01-11 21:05 - 2012-11-16 18:58 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-01-11 21:03 - 2012-11-15 20:55 - 02019843 _____ C:\WINDOWS\WindowsUpdate.log
2014-01-11 20:40 - 2014-01-11 20:40 - 00000000 ____D C:\FRST
2014-01-11 19:38 - 2012-11-17 13:45 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\MCShield
2014-01-11 19:38 - 2012-11-14 19:15 - 00000364 ____H C:\WINDOWS\Tasks\avast! Emergency Update.job
2014-01-11 19:37 - 2012-11-14 19:14 - 00000159 _____ C:\WINDOWS\wiadebug.log
2014-01-11 19:37 - 2012-11-14 19:14 - 00000049 _____ C:\WINDOWS\wiaservc.log
2014-01-11 19:37 - 2012-11-14 18:22 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2014-01-11 17:10 - 2014-01-11 17:09 - 00003538 _____ C:\WINDOWS\KB976002-v5.log
2014-01-11 17:06 - 2001-08-23 12:00 - 00002206 _____ C:\WINDOWS\system32\wpa.dbl
2014-01-10 23:09 - 2012-11-14 18:27 - 00000278 ___SH C:\Documents and Settings\Milan\ntuser.ini
2014-01-10 23:09 - 2012-11-14 18:26 - 00032442 _____ C:\WINDOWS\SchedLgU.Txt
2014-01-10 11:27 - 2014-01-10 11:27 - 00009435 _____ C:\Documents and Settings\Milan\Desktop\attach.txt
2014-01-10 11:26 - 2014-01-10 11:27 - 00006947 _____ C:\Documents and Settings\Milan\Desktop\dds.txt
2014-01-10 11:15 - 2014-01-10 11:15 - 00688992 ____R (Swearware) C:\Documents and Settings\Milan\Desktop\dds.scr
2014-01-10 10:12 - 2014-01-10 10:11 - 00001892 _____ C:\WINDOWS\setupapi.log
2014-01-08 13:20 - 2012-11-14 18:27 - 00000000 ____D C:\Documents and Settings\Milan
2014-01-08 13:07 - 2013-02-20 12:35 - 00000203 _____ C:\WINDOWS\disney.ini
2014-01-08 13:07 - 2012-12-18 20:04 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2014-01-08 12:44 - 2013-02-22 20:22 - 00000000 ____D C:\WINDOWS\Minidump
2014-01-08 12:26 - 2012-12-28 12:42 - 00000000 ____D C:\Documents and Settings\Milan\My Documents\Eidos
2014-01-08 12:09 - 2012-12-13 08:02 - 00000675 _____ C:\WINDOWS\Spidey.ini
2014-01-04 10:14 - 2014-01-04 10:14 - 00000000 ____D C:\Documents and Settings\Milan\Local Settings\Application Data\GHISLER
2014-01-04 10:12 - 2014-01-04 10:12 - 00000000 ____D C:\totalcmd
2014-01-04 10:12 - 2014-01-04 10:12 - 00000000 ____D C:\Documents and Settings\Milan\Start Menu\Programs\Total Commander
2014-01-04 10:12 - 2014-01-04 10:12 - 00000000 ____D C:\Documents and Settings\Milan\Application Data\GHISLER
2013-12-30 21:35 - 2012-11-17 11:15 - 00000000 ____D C:\Documents and Settings\Milan\Application Data\Skype
2013-12-28 17:01 - 2012-11-14 19:12 - 00360124 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2013-12-22 09:44 - 2013-12-22 09:44 - 00001733 _____ C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
2013-12-22 09:44 - 2013-12-01 20:41 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Avast
2013-12-22 09:40 - 2013-03-27 19:42 - 00180248 _____ C:\WINDOWS\system32\Drivers\aswVmm.sys
2013-12-22 09:40 - 2013-03-27 19:42 - 00067824 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2013-12-22 09:40 - 2012-11-20 20:04 - 00775952 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2013-12-22 09:40 - 2012-11-14 19:15 - 00410528 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2013-12-22 09:40 - 2012-11-14 19:15 - 00270240 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2013-12-22 09:40 - 2012-11-14 19:15 - 00057672 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswTdi.sys
2013-12-22 09:40 - 2012-11-14 19:15 - 00054832 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr.sys
2013-12-22 09:40 - 2012-11-14 19:15 - 00043152 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2013-12-21 16:02 - 2013-12-21 16:02 - 00000456 _____ C:\Documents and Settings\All Users\Documents\USB Video Device.lnk
2013-12-21 16:02 - 2013-12-21 16:02 - 00000403 _____ C:\Documents and Settings\All Users\Documents\My Documents.lnk
2013-12-21 16:02 - 2013-12-21 16:02 - 00000124 _____ C:\Documents and Settings\All Users\Documents\Nokia Phone Browser.lnk
2013-12-21 10:43 - 2013-08-15 19:53 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-12-21 09:37 - 2013-12-21 09:32 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-12-12 12:50 - 2012-11-14 19:11 - 00208896 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2013-12-12 00:41 - 2012-11-16 23:01 - 00000000 ____D C:\WINDOWS\ie8updates
2013-12-12 00:40 - 2013-12-12 00:40 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2904266$
2013-12-12 00:40 - 2013-12-12 00:40 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2898715$
2013-12-12 00:40 - 2012-11-16 23:46 - 00025156 _____ C:\WINDOWS\system32\TZLog.log
2013-12-12 00:39 - 2013-07-25 22:00 - 00000000 ____D C:\WINDOWS\system32\MRT
2013-12-12 00:28 - 2012-11-16 19:33 - 88123800 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2013-12-12 00:26 - 2013-12-12 00:26 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2893984$
2013-12-12 00:26 - 2013-12-12 00:26 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2893294$
2013-12-12 00:25 - 2013-12-12 00:25 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2892075$

Some content of TEMP:
====================
C:\Documents and Settings\Milan\Local Settings\Temp\AutoRunGUI.dll
C:\Documents and Settings\Milan\Local Settings\Temp\eauninstall.exe
C:\Documents and Settings\Milan\Local Settings\Temp\Harry Potter and the Prisoner of Azkaban_uninst.exe
C:\Documents and Settings\Milan\Local Settings\Temp\iv_uninstall.exe


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== End Of Log ============================
mycity.rs/must-login.png

offline
  • magna86  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 21 Jun 2008
  • Poruke: 6103

Pozdrav,
Logovi su cisti. Dopusti da zoek uradi svoju magiju. Ako posle njega racunar i dalje bude radio sporo i stekao, nazalost problem nije maliciozne prirode. No idemo redom ...



Preuzmi smeenk-ov zoek () sa ovog linka i sačuvaj ga na Desktop.
Raspakuj arhivu u neki folder (uputstvo), a zatim:

zatvori browser i ostale pokrenute programe;
privremeno deaktiviraj zaštitni softver ( ukoliko je to potrebno ) Uputstvo ;
dvoklikom pokreni zoek na ikonicu programa ;
pričekaj da se alat startuje ...


Klikni na More Options dugme i stikliraj polje ispred sledece opcije:
Auto Clean
Napomena: Stikliraj samo navedenu opciju, ostale opcije ne dirati ! !

U beli okvir prozora iskopiraj sledeći tekst:

EmptyCLSID;
hdvc3@hdvidcodec.com.xpi;FF


Klikni na dugme i pričekaj da se skeniranje završi.
zoek ce po potrebi, restartovati Windows a na kraju rada, otvoriti Notepad sa izveštajem o skeniranju.

Napomena:Izveštaj će biti sačuvan pod nazivom zoek-results.log na sistemskoj particiji (tipična lokacija: C:\zoek-results.log)

Arrow Kopiraj sadrzaj tog loga u poruku.

offline
  • Pridružio: 07 Apr 2012
  • Poruke: 114

Zoek.exe v5.0.0.0 Updated 12-Januari-2014
Tool run by Milan on Mon 01/13/2014 at 21:16:03.39.
Microsoft Windows XP Professional 5.1.2600 Service Pack 3 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Documents and Settings\Milan\Desktop\zoek.exe [Scan all users] [Script inserted] [Checkboxes used]

===== Runcheck 21:17:02.45 =====

--- Create Environment Variables 21:17:03.79
--- Create System Restore Point 21:17:18.23
--- Checking Input 21:18:12.15
--- AU AppData Check 21:18:33.09
--- Remove From Windows Installer 21:18:35.18

offline
  • magna86  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 21 Jun 2008
  • Poruke: 6103

Da li zoek nije uspeo da zavrsi svoj rad do kraja pa mi zato saljes C:\runcheck.txt izvestaj?

Koliko vidim po izvestaju, zoek jedva da radi punu minutu ... pricekaj da zoek zavrsi svoj rad, ne zuri nigde. Kada zatrazi restart, znas da je zoek skoro zavrsio.

Tek tada, posle restarta mi okaci/iskopiraj C:\zoek-results.log

Ko je trenutno na forumu
 

Ukupno su 1214 korisnika na forumu :: 40 registrovanih, 5 sakrivenih i 1169 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: _Rade, A.R.Chafee.Jr., AK - 230, AMCXXL, babaroga, BORUTUS, dragoljub11987, Duh sa sekirom, Excalibur13, FOX, GenZee, Georgius, havoc995, hooraay, ILGromovnik, Istman, krkalon, Kruger, Krusarac, Krvava Devetka, ladro, lord sir giga, Lubica, manda87, Marko Marković, mercedesamg, opt1, pera bager, samsung, Sančo, sombrero, theNedjeljko, tubular, vasa.93, VJ, Vlad000, voja64, VP6919, vukovi, zdrebac