Kocenje,seckanje,restartovanje...

1

Kocenje,seckanje,restartovanje...

offline
  • Pridružio: 24 Jan 2009
  • Poruke: 87

Ko u navedenom naslovu teme.Dakle cesto mi se komp koci,secka igre koje pre nije seckao i sto je najgore pocelo je restartovanje i pojava plavog ekrana smrti koje sam apdejtovanjem drajvera nekako smanjio ali i dalje se desava.Pogotovo se to dogadja kad koristim program DC ++...a to mi je glavni izvor prikupljanja podataka(muzike,filmova i ostalog...)
Nijedan AV mi ne detektuje bilo kakvu pretnju a opet ovo sve gore navedeno se sve ucestalije desava.

evo log-a


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:10:13 PM, on 1/27/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\TUProgSt.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Documents and Settings\Milos\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\ApexDC++_Gusari_XY6\ApexDC.exe
C:\Documents and Settings\Milos\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Milos\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Milos\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Milos\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Milos\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Milos\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Milos\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Milos\Desktop\TR3.exe.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = \blank.htm
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: HP Print Clips - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Milos\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: HP Clipbook - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: HP Smart Select - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\WINDOWS\System32\TUProgSt.exe

--
End of file - 7194 bytes

Dopuna: 27 Jan 2009 21:21

I da pomenem jos jednu stvar,neke mp3-ojke su mi se ne znam kako zamenile nekim drugim ili bolje receno na mesto pesama dosle su mi pesme koje nikad nisam imao dakle isti filename i sve,samo druge pesme.
I pri podizanju windowsa mi se pojavljuje neka opcija windows recovery console...(mislim ne mora da znaci da je ista lose) samo nije mi se pre to pojavljivalo a ja se nesto ne razumem mnogo tako da eto da napomenm i to.

offline
  • Pridružio: 04 Sep 2003
  • Poruke: 24135
  • Gde živiš: Wien

To sto imas problema sa DC++ i sa skidanjem piraterije - to nije nas problem, i da si se potrudio da malko procitas Pravilnik ovog foruma, znao bi da je ovde piraterija zabranjena.

Sto se ostatka tice, BSOD-vi su najcesce posledica hardwerskih problema (lose napajanje, maticna ploca na kojoj su elektrolitski kondenzatori izgubili kapacitet itd.), a najcesce su posledica pregrevanja kompjutera zato sto se napunio prasine.

Zato, prvo skini SpeedFan ili HWInfo32 (opcija Sensors), pa pogledaj temperature. Ako je bilo koja od njih preko 55 stepeni kada racunar ne radi nista narocitao, a upaljen je preko pola sata - onda imas problem sa prasinom i losim hladjenjem.

To sto imas Recovery Console, to znaci da si ranije pustao program ComboFix na svoju ruku, i to meni samo govori da si mozda i sam zasluzan za ono sto ti se desava sa kompom ukoliko ne umes da koristis taj program.

offline
  • Pridružio: 24 Jan 2009
  • Poruke: 87

nije vas problem nikako nista ono sto je moj problem,samo sam napomenuo u kakvim programima se windows restartuje da bi objasnio malo blize,nije bitno.I ne kapiram to kako sam prekrsio pravilnik foruma o pirateriji,time sto sam rekao da mi se windows restartuje kad mi je ukljucen odredjen program,koliko znam to piraterija nije ili ja pogresno pirateriju shvatam pa zivim u zabludi.
Sto se Combofix-a tice danas sam prvo dobrih 3-4 h pretrazio celu ambulantu i nasao par tema slicnih mojoj gde sam video uputstva koja su pomogla ljudima da rese probleme slicne mojima(seckanje,kocenje i ostalo) cisto da ne bi bespotrebno otvarao temu slicnu desetini drugih,ali posle svega odradjenog sve je nastavilo i dalje da se desava isto ko i pre.
Hvala probacu da prvo proverim to.Hvala jos jednom.

offline
  • Pridružio: 04 Sep 2003
  • Poruke: 24135
  • Gde živiš: Wien

Ako si ComboFix pokretao samo jednom, onda mi ovde iskopiraj sadrzaj loga koji se nalazi na lokaciji C:\ComboFix.txt

Ukoliko si pokretao vise puta, onda mi iskopiraj i sadrzaj ostalih logova:
C:\Qoobox\ComboFix2.txt (pa onda ide trojka umesto dvojke itd. zavisno koliko puta je ComboFix pokretan).

Javi i sta su pokazali SpeedFan ili HWInfo32 (zavisno za koji se odlucis), pa da vidimo za dalje.

offline
  • Pridružio: 24 Jan 2009
  • Poruke: 87

za sad ne prelazi 40 stepeni ako ja dobro gledam ovo.

Combofix sam kasnije po uputstvu obrisao,kapiram da je onda i log obrisan? da skinem ponovo i odradim to ili ne?

offline
  • Pridružio: 04 Sep 2003
  • Poruke: 24135
  • Gde živiš: Wien

Pa ono sto je vec obrisao, to ja vise necu moci da vidim.

Za svaki slucaj skini ponovo, da vidim kakvo je sada stanje.

Inace, mozes li mi postaviti screenshot temperatura i napona (iz programa Speedfan ili HWInfo32, posto ne znam za koji si se tacno odlucio)?
Zeleo bih da vidim napone.

offline
  • Pridružio: 24 Jan 2009
  • Poruke: 87

Evo skrinsot speedfana



Evo i loga


ComboFix 09-01-21.04 - Milos 2009-01-27 21:58:03.4 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.2047.1317 [GMT 1:00]
Running from: c:\documents and settings\Milos\Desktop\C-F.exe
AV: avast! antivirus 4.8.1296 [VPS 090126-0] *On-access scanning enabled* (Updated)
.

((((((((((((((((((((((((( Files Created from 2008-12-27 to 2009-01-27 )))))))))))))))))))))))))))))))
.

2009-01-27 21:37 . 2009-01-27 21:44 <DIR> d-------- c:\program files\SpeedFan
2009-01-27 21:37 . 2009-01-27 21:37 45 --a------ c:\windows\system32\initdebug.nfo
2009-01-27 11:28 . 2009-01-27 11:28 <DIR> d-------- c:\program files\SUPERAntiSpyware
2009-01-27 11:28 . 2009-01-27 11:28 <DIR> d-------- c:\documents and settings\Milos\Application Data\SUPERAntiSpyware.com
2009-01-27 11:28 . 2009-01-27 11:28 <DIR> d-------- c:\documents and settings\All Users\Application Data\SUPERAntiSpyware.com
2009-01-27 10:28 . 2009-01-27 10:28 <DIR> d-------- c:\program files\Unlocker
2009-01-27 10:28 . 2009-01-27 10:28 <DIR> d-------- c:\documents and settings\Milos\Application Data\Desktopicon
2009-01-27 10:06 . 2009-01-27 10:07 <DIR> d-------- c:\program files\SpywareBlaster
2009-01-24 23:26 . 2009-01-24 23:26 <DIR> d-------- c:\program files\K-Lite Codec Pack
2009-01-24 23:23 . 2008-12-08 12:53 57,344 --a------ c:\windows\system32\ff_vfw.dll
2009-01-24 23:23 . 2007-07-10 17:10 547 --a------ c:\windows\system32\ff_vfw.dll.manifest
2009-01-22 20:42 . 2009-01-22 20:42 5,632 --a------ c:\windows\system32\drivers\StarOpen.sys
2009-01-22 11:49 . 2009-01-22 11:49 <DIR> d-------- c:\program files\NCH Swift Sound
2009-01-22 11:49 . 2009-01-22 11:49 <DIR> d-------- c:\program files\NCH Software
2009-01-22 11:49 . 2009-01-22 11:49 <DIR> d-------- c:\documents and settings\Milos\Application Data\NCH Swift Sound
2009-01-22 11:49 . 2009-01-22 11:49 <DIR> d-------- c:\documents and settings\All Users\Application Data\NCH Swift Sound
2009-01-22 11:28 . 2009-01-27 10:08 <DIR> d-a------ c:\documents and settings\All Users\Application Data\TEMP
2009-01-12 09:29 . 2009-01-12 09:29 664 --a------ c:\windows\system32\d3d9caps.dat
2009-01-10 17:36 . 2009-01-10 17:36 <DIR> d-------- c:\program files\Euro Truck Simulator
2009-01-10 14:04 . 2009-01-10 14:07 67 --a------ c:\windows\#1 Video Converter.INI
2009-01-08 13:05 . 2008-03-26 11:15 53,248 --a------ c:\windows\system32\CSVer.dll
2009-01-06 10:00 . 2009-01-06 10:00 <DIR> d-------- c:\documents and settings\All Users\Application Data\nView_Profiles
2009-01-06 01:20 . 2009-01-06 01:20 <DIR> d-------- C:\Intel
2009-01-05 23:46 . 2009-01-05 23:46 <DIR> d-------- c:\program files\MSXML 6.0
2009-01-05 23:44 . 2003-08-07 16:42 6,528 --a------ c:\windows\system32\drivers\gflmouhid.sys
2009-01-05 23:36 . 2008-08-05 20:10 1,684,736 --a------ c:\windows\system32\drivers\Ambfilt.sys
2009-01-05 23:36 . 2006-01-04 15:41 1,389,056 --a------ c:\windows\system32\drivers\Monfilt.sys
2009-01-05 23:36 . 2008-10-27 18:12 34,816 --a------ c:\windows\system32\RtkCoInstXP.dll
2009-01-05 23:36 . 2007-11-14 15:18 553 --a------ c:\windows\USetup.iss
2009-01-05 22:48 . 2009-01-05 22:48 <DIR> d-------- c:\program files\Uniblue
2009-01-05 22:48 . 2009-01-05 22:48 <DIR> d-------- c:\documents and settings\Milos\Application Data\Uniblue
2009-01-05 22:48 . 2009-01-19 19:57 <DIR> d-------- c:\documents and settings\All Users\Application Data\DriverScanner
2009-01-05 22:44 . 2009-01-05 22:48 <DIR> d--h-c--- c:\documents and settings\All Users\Application Data\{148D8B8A-8F96-4822-81EC-D510B626B7D5}
2009-01-05 18:19 . 2009-01-05 18:19 <DIR> d-------- c:\program files\Audacity
2009-01-05 01:27 . 2009-01-05 01:27 <DIR> d-------- c:\documents and settings\Milos\Application Data\Publish Providers
2009-01-05 01:27 . 2009-01-05 01:29 <DIR> d-------- c:\documents and settings\Milos\Application Data\NetMedia Providers
2009-01-05 01:25 . 2009-01-05 01:25 <DIR> d-------- c:\program files\Vstplugins
2009-01-05 01:24 . 2009-01-05 01:24 <DIR> d-------- c:\program files\Sony Setup
2009-01-05 01:24 . 2009-01-05 01:24 <DIR> d-------- c:\program files\Sony
2009-01-05 00:40 . 2009-01-05 00:40 <DIR> d-------- c:\documents and settings\Milos\Application Data\Sony Setup
2009-01-02 23:18 . 2009-01-02 23:19 <DIR> d-------- c:\documents and settings\Milos\Application Data\Steinberg
2009-01-02 23:16 . 2005-06-04 09:08 487,936 --a------ c:\windows\system32\rmbe3260.dll
2009-01-02 23:16 . 2005-06-04 09:09 352,768 --a------ c:\windows\system32\pngu3263.dll
2009-01-02 23:16 . 2005-06-04 09:09 131,072 --a------ c:\windows\system32\pneng50.dll
2009-01-02 23:16 . 2005-06-04 09:09 130,560 --a------ c:\windows\system32\pnc3250.dll
2009-01-02 23:16 . 2005-06-04 09:08 87,040 --a------ c:\windows\system32\ra32sipr.dll
2009-01-02 23:16 . 2005-06-04 09:11 85,504 --a------ c:\windows\system32\encdnet.dll
2009-01-02 23:16 . 2005-06-04 09:09 81,920 --a------ c:\windows\system32\ra3214_4.dll
2009-01-02 23:16 . 2005-06-04 09:09 72,704 --a------ c:\windows\system32\ra3228_8.dll
2009-01-02 23:16 . 2005-06-04 09:09 61,952 --a------ c:\windows\system32\decdnet.dll
2009-01-02 23:16 . 2005-06-04 09:09 21,504 --a------ c:\windows\system32\ra32dnet.dll
2009-01-02 23:14 . 2005-05-09 20:08 33,792 --a------ c:\windows\system32\drivers\cledx.sys
2009-01-02 23:14 . 2002-11-25 05:46 16,896 --a------ c:\windows\system32\drivers\synasUSB.sys

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-01-27 10:28 --------- d-----w c:\program files\Common Files\Wise Installation Wizard
2009-01-26 10:48 --------- d-----w c:\program files\DkZ Studio
2009-01-24 00:42 737,280 ----a-w c:\windows\iun6002.exe
2009-01-22 10:56 --------- d-----w c:\program files\TuneUp Utilities 2009
2009-01-19 10:53 --------- d-----w c:\program files\KONAMI
2009-01-10 10:27 --------- d-----w c:\program files\Winamp
2009-01-05 22:36 --------- d-----w c:\program files\Realtek
2009-01-05 22:12 --------- d--h--w c:\program files\InstallShield Installation Information
2009-01-05 00:27 --------- d-----w c:\documents and settings\Milos\Application Data\Sony
2009-01-01 13:03 --------- d-----w c:\program files\mIRC
2008-12-23 17:05 --------- d-----w c:\program files\Common Files\stardock
2008-12-23 17:04 2,560 ----a-w c:\windows\_MSRSTRT.EXE
2008-12-23 16:55 --------- d-----w c:\program files\Mario Forever
2008-12-23 11:38 --------- d-----w c:\program files\Lavalys
2008-12-20 23:23 --------- d-----w c:\documents and settings\All Users\Application Data\Lavasoft
2008-12-20 23:21 --------- d-----w c:\program files\Lavasoft
2008-12-20 23:11 --------- d-----w c:\documents and settings\Milos\Application Data\Lavasoft
2008-12-20 17:56 603,904 ----a-w c:\windows\system32\TUProgSt.exe
2008-12-20 17:55 360,192 ----a-w c:\windows\system32\TuneUpDefragService.exe
2008-12-20 17:55 --------- d-sh--w c:\documents and settings\All Users\Application Data\{55A29068-F2CE-456C-9148-C869879E2357}
2008-12-20 17:55 --------- d-----w c:\documents and settings\All Users\Application Data\TuneUp Software
2008-12-19 09:15 --------- d-----w c:\program files\ApexDC++_Gusari_XY6
2008-12-13 10:53 --------- d-----w c:\program files\Common Files\NSV
2008-12-11 12:31 27,904 ----a-w c:\windows\system32\uxtuneup.dll
2008-12-07 18:08 795,648 ----a-w c:\windows\system32\xvidcore.dll
2008-12-07 18:08 130,048 ----a-w c:\windows\system32\xvidvfw.dll
2008-12-06 13:54 --------- d-----w c:\program files\Morton Benson
2008-12-06 13:07 --------- d-----w c:\documents and settings\Milos\Application Data\TuneUp Software
2008-12-01 09:04 --------- d-----w c:\documents and settings\All Users\Application Data\Microsoft Help
2008-10-28 22:35 684,032 ----a-w c:\windows\system32\divx.dll
2008-10-28 16:18 17,331,200 ----a-w c:\windows\RTHDCPL.EXE
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2007-01-15 147456]
"Google Update"="c:\documents and settings\Milos\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [2008-11-06 133104]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-03 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-09-17 13574144]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2008-11-26 81000]
"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2006-01-12 155648]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-03-11 49152]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-09-17 86016]
"RTHDCPL"="RTHDCPL.EXE" [2008-10-28 c:\windows\RTHDCPL.EXE]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-03 15360]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2007-03-11 210520]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2008-07-23 16:28 352256 c:\program files\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.ACDV"= ACDV.dll
"msacm.divxa32"= msaud32_divx.acm

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
--a------ 2008-02-14 00:09 486856 c:\program files\DAEMON Tools Lite\daemon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware]
--a------ 2008-09-03 14:07 1576176 c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UnlockerAssistant]
--a------ 2008-05-02 05:15 15872 c:\program files\Unlocker\UnlockerAssistant.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
--a------ 2008-09-17 08:55 1657376 c:\windows\system32\nwiz.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001
"UpdatesDisableNotify"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"c:\\Program Files\\MSN Messenger\\livecall.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\UBISOFT\\Ghost Recon Advanced Warfighter 2\\graw2.exe"=
"c:\\Program Files\\UBISOFT\\Ghost Recon Advanced Warfighter 2\\graw2_dedicated.exe"=
"c:\\Program Files\\KONAMI\\Pro Evolution Soccer 2009\\pes2009.exe"=
"c:\\Program Files\\KONAMI\\Pro Evolution Soccer 2009\\JSL_PATCH_2009.exe"=
"c:\\Program Files\\KONAMI\\Pro Evolution Soccer 2009\\GCP2009.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"12826:TCP"= 12826:TCP:BitComet 12826 TCP
"12826:UDP"= 12826:UDP:BitComet 12826 UDP

R0 d346bus;d346bus;c:\windows\system32\drivers\d346bus.sys [2008-07-25 156800]
R0 d346prt;d346prt;c:\windows\system32\drivers\d346prt.sys [2008-07-25 5248]
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2008-07-24 111184]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [2008-09-03 8944]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [2008-09-03 55024]
R3 genmcmnUSB;USB Scroll Mouse Driver;c:\windows\system32\drivers\gflmouhid.sys [2009-01-05 6528]
R4 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2008-07-24 20560]
R4 TuneUp.ProgramStatisticsSvc;TuneUp Program Statistics Service;c:\windows\system32\TUProgSt.exe [2008-12-20 603904]
S3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [2008-09-03 7408]
S3 UNDPX2K;UNDPX2K;\??\c:\windows\system32\drivers\UNDPX2K.SYS --> c:\windows\system32\drivers\UNDPX2K.SYS [?]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{82bfd90c-5a2b-11dd-8d03-0019dbcf0564}]
\Shell\AutoRun\command - plusultra_za_CD.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{af5d0a93-5a96-11dd-8d08-0014f861623d}]
\Shell\AutoRun\command - F:\autorun.exe
.
Contents of the 'Scheduled Tasks' folder

2009-01-27 c:\windows\Tasks\1-Click Maintenance.job
- c:\program files\TuneUp Utilities 2009\OneClickStarter.exe [2008-12-11 21:36]

2009-01-27 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-507921405-1454471165-725345543-1003.job
- c:\documents and settings\Milos\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2008-11-06 18:31]
.
.
------- Supplementary Scan -------
.
uLocal Page = \blank.htm
uStart Page = hxxp://www.google.com
mStart Page = hxxp://www.google.com
uInternet Connection Wizard,ShellNext = iexplore
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, gmer.net
Rootkit scan 2009-01-27 21:59:39
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(1472)
c:\program files\SUPERAntiSpyware\SASWINLO.dll
.
Completion time: 2009-01-27 22:00:38
ComboFix-quarantined-files.txt 2009-01-27 21:00:36

Pre-Run: 1,928,507,392 bytes free
Post-Run: 1,915,142,144 bytes free

205

offline
  • Pridružio: 04 Sep 2003
  • Poruke: 24135
  • Gde živiš: Wien

Log je cist, ali su ti zato temperature i naponi nenormalni.

Hajde deinstaliraj SpeedFan i instaliraj HWInfo32, pa iz menija gore odaberi Sensors, pa mi postavi taj screenshot.
Ovo cisto da se uverimo da su stvarno temperature besne, a da nije greska SpeedFana.

offline
  • Pridružio: 24 Jan 2009
  • Poruke: 87

evo:

offline
  • Pridružio: 04 Sep 2003
  • Poruke: 24135
  • Gde živiš: Wien

Hmmm...
SpeedFan pokazuje jos jednu temperaturu koju ovde u HWInfo32 ne vidim, a ona je bas besno velika (78 stepeni).

U svakom slucaju, oba programa pokazuju da ti se graficka pregreva (57 stepeni).
To je prevelika temperatura ukoliko trenutno ne igras nikakvu zahtevnu igricu.

Ko je trenutno na forumu
 

Ukupno su 535 korisnika na forumu :: 5 registrovanih, 1 sakriven i 529 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: havoc995, Milos ZA, Ognjen D., sakota79, volimpivuvolimrakiju