Racunar radi usporno

Racunar radi usporno

offline
  • Pridružio: 14 Apr 2012
  • Poruke: 81

Vec nekih mesec dana, mozda malo jace, racunar je poceo da radi sve sporije i sporije. Nekada mu je potrebno i po nekoliko minuta da pokrene web browser ili neki drugi program. Imao sam malware, nod ga je izbrisao. Nod se ne apdejtuje, istekla je licenca.
Koristim lokalni kablovski internet, (download speed 3,08 Mbps, upload 0,27 Mbps)


DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 10.15.2
Run by User at 19:21:41 on 2013-02-26
.
============== Running Processes ================
.
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\VTTimer.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
D:\Nova fascikla\Kies\KiesTrayAgent.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
D:\Nova fascikla\Kies\Kies.exe
D:\Nova fascikla\Kies\KiesAirMessage.exe
C:\Program Files\MCShield\mcshieldrtm.exe
C:\Program Files\Gigabyte\Gigabyte GN-WIKG Wireless Mini PCI Adapter\GbConfig.exe
C:\Program Files\Application Updater\ApplicationUpdater.exe
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
C:\WINDOWS\system32\slserv.exe
C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.rs/
uURLSearchHooks: YTD Toolbar: {F3FEE66E-E034-436a-86E4-9690573BEE8A} - LocalServer32 - <no file>
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - <orphaned>
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: Windows Live Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
BHO: YTD Toolbar: {F3FEE66E-E034-436a-86E4-9690573BEE8A} - LocalServer32 - <no file>
TB: YTD Toolbar: {F3FEE66E-E034-436a-86E4-9690573BEE8A} - LocalServer32 - <no file>
uRun: [CTFMON.EXE] c:\windows\system32\ctfmon.exe
uRun: [DAEMON Tools Lite] "c:\program files\daemon tools lite\DTLite.exe" -autorun
uRun: [KiesPreload] d:\nova fascikla\kies\Kies.exe /preload
uRun: [KiesAirMessage] d:\nova fascikla\kies\KiesAirMessage.exe -startup
uRun: [] d:\nova fascikla\kies\external\firmwareupdate\KiesPDLR.exe
uRun: [MCShield Monitor] c:\program files\mcshield\mcshieldrtm.exe
mRun: [VTTimer] VTTimer.exe
mRun: [VTTrayp] VTtrayp.exe
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [SoundMan] SOUNDMAN.EXE
mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"
mRun: [egui] "c:\program files\eset\eset smart security\egui.exe" /hide /waitservice
mRun: [KiesTrayAgent] d:\nova fascikla\kies\KiesTrayAgent.exe
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoDriveTypeAutoRun = dword:145
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://go.microsoft.com/fwlink/?linkid=39204
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://windowsupdate.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1336142620328
TCP: NameServer = 8.8.8.8 109.72.50.5
TCP: Interfaces\{85DD45D8-B407-4657-B51C-4367B345F546} : DHCPNameServer = 8.8.8.8 109.72.50.5
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\25.0.1364.97\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\user\application data\mozilla\firefox\profiles\k1ezg8r1.default\
FF - prefs.js: browser.search.selectedEngine - Yahoo
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=937811&p=
FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\google\update\1.3.21.123\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\windows\system32\adobe\director\np32dsw_1165635.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_5_502_135.dll
.
============= SERVICES / DRIVERS ===============
.
R? androidusb;SAMSUNG Android Composite ADB Interface Driver
R? SkypeUpdate;Skype Updater
R? ssadbus;SAMSUNG Android USB Composite Device driver (WDM)
R? ssadmdfl;SAMSUNG Android USB Modem (Filter)
R? ssadmdm;SAMSUNG Android USB Modem Drivers
S? Application Updater;Application Updater
S? dtsoftbus01;DAEMON Tools Virtual Bus Driver
S? ehdrv;ehdrv
S? ekrn;ESET Service
S? TeamViewer8;TeamViewer 8
S? wbms_x86;Winbond Memory Stick Controller
S? wbsdmmc_x86;Winbond SD/MMC Controller
.
=============== Created Last 30 ================
.
2013-02-23 14:48:47 143872 ----a-w- c:\windows\system32\javacpl.cpl
2013-02-23 14:48:06 94112 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-02-17 10:17:16 -------- d-----r- c:\program files\Skype
2013-02-15 22:31:23 186432 ----a-w- c:\program files\internet explorer\plugins\nppdf32.dll
2013-02-15 16:41:05 -------- d-----w- c:\documents and settings\all users\application data\MCShield
2013-02-15 16:41:04 -------- d-----w- c:\program files\MCShield
2013-02-15 16:32:04 12672 -c--a-w- c:\windows\system32\dllcache\usb8023x.sys
2013-02-15 16:32:04 12672 ----a-w- c:\windows\system32\drivers\usb8023x.sys
2013-02-15 16:31:57 30080 -c--a-w- c:\windows\system32\dllcache\rndismpx.sys
2013-02-15 16:31:57 30080 ----a-w- c:\windows\system32\drivers\rndismpx.sys
.
==================== Find3M ====================
.
2013-02-23 14:46:46 861088 ----a-w- c:\windows\system32\npDeployJava1.dll
2013-02-23 14:46:45 782240 ----a-w- c:\windows\system32\deployJava1.dll
2012-12-27 11:36:43 697272 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-12-27 11:36:42 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-12-18 09:06:54 4659712 ----a-w- c:\windows\system32\Redemption.dll
2012-12-18 09:06:10 90112 ----a-w- c:\windows\MAMCityDownload.ocx
2012-12-18 09:06:10 330240 ----a-w- c:\windows\MASetupCaller.dll
2012-12-18 09:06:10 30568 ----a-w- c:\windows\MusiccityDownload.exe
2012-12-18 09:06:00 821824 ----a-w- c:\windows\system32\dgderapi.dll
2012-12-18 09:06:00 319456 ----a-w- c:\windows\system32\DIFxAPI.dll
2012-12-18 09:06:00 20032 ----a-w- c:\windows\system32\drivers\dgderdrv.sys
.
============= FINISH: 19:22:53,23 ===============

mycity.rs/must-login.png

mycity.rs/must-login.png

mycity.rs/must-login.png

mycity.rs/must-login.png

offline
  • Research Engineer @MalwareBytes
  • Pridružio: 09 Avg 2011
  • Poruke: 15877
  • Gde živiš: Beograd

Preuzmi "Xplode"-ov AdwCleaner i sacuvaj ga na Desktop
Dvoklikom pokreni program i klikni na dugme [Search] .
Kada program zavrsi analizu otvorice notepad (AdwCleaner[R1].txt) sa izvestajem.
Sacuvaj taj notepad na Desktop i okaci ga uz poruku koristeci opciju "Prikaci fajl"

Napomena: Izvestaj ce takodje biti sacuvan na C:\AdwCleaner[R1].txt

offline
  • Pridružio: 14 Apr 2012
  • Poruke: 81

Obavio sam to, evo ga fajl.

mycity.rs/must-login.png

offline
  • Research Engineer @MalwareBytes
  • Pridružio: 09 Avg 2011
  • Poruke: 15877
  • Gde živiš: Beograd

Ponovo pokreni AdwCleaner
Klikni na dugme [Delete] i pricekaj da program zavrsi.
Program ce zatvoriti sve aktivne programe i izbaciti prozor sa tim upozorenjem. Klikni Ok kao potvrdu.
Na sledeca dva prozora koja se otvore (Informations i Restart required ) klikni Ok

Racunar ce se restartovati a potom otvoriti notepad (C:\AdwCleaner[S1].txt) sa izvestajem.
Sacuvaj taj notepad na Desktop i okaci ga uz poruku koristeci opciju "Prikaci fajl"

Napomena: Izvestaj ce takodje biti sacuvan na C:\AdwCleaner[S1].txt

offline
  • Pridružio: 14 Apr 2012
  • Poruke: 81

Odradih i ovo...
mycity.rs/must-login.png

offline
  • Research Engineer @MalwareBytes
  • Pridružio: 09 Avg 2011
  • Poruke: 15877
  • Gde živiš: Beograd

Je si restartovao kompjuter? Kakvo je stanje sada?

offline
  • Pridružio: 14 Apr 2012
  • Poruke: 81

Jesam, ovako na prvi pogled deluje mnogo bolje, i brze. Za sada uopste ne koci. Hvala na pomoci. Wink

offline
  • Research Engineer @MalwareBytes
  • Pridružio: 09 Avg 2011
  • Poruke: 15877
  • Gde živiš: Beograd

Arrow To bi onda bilo to, na racunaru nema malware-a. Obrisali smo toolbare i smece i to je i pravilo problem. Sada isprati ostale korake...



Arrow Ponovo pokreni AdwCleaner
Klikni na dugme [Uninstall] i pricekaj da se postupak uninstallacije završi.




Arrow Preuzmi TFC (Temp File Cleaner) i sacuvaj ga na Desktop.
Dvoklikom pokreni program i klikni na dugme Start da bi dozvolio programu da otpocne skeniranje.
Kada program zavrsi skeniranje,mozda ce zatraziti da restartujes racunar. Dozvoli mu.

Napomena: Kada zavrsis sa ciscenjem temp fajlova,program mozes obrisati ili ga sacuvati za kasniju upotrebu.



Arrow - Preporucujem ti da instaliras [url=]Service Pack 3[/url] za Windows XP tj. update-ujes svoj Operativni Sistem. Necu govoriti o njegovim prednostima u odnosu na Service Pack 2. Te informacije mozes naci na MS-ovom sajtu. Uglavnom, MS je 13.jula 2010 prekinuo podrsku za Service Pack 2 koji je instaliran na tvom racunaru.

Sta to znaci? Pogledaj link: http://windows.microsoft.com/en-US/windows/help/what-does-end-of-support-mean;

**** Ukoliko se odlucis na ovaj korak (instaliranje SP3), preporucujem ti da prethodno uradis backup svih bitnih podataka.



Arrow Obrisi taj ESET i instaliraj neki drugi AV program. Ukoliko nemaš novaca ili ne želiš da ga izdvojiš za neki komercijalni AV program, na raspolaganju ti se nalaze kvalitetni besplatni AV programi poput

Microsoft Security Essentials
avast! Free Antivirus
Avira Free Antivirus
Panda Antivirus Free
AVG Free
Bitdefender Free Antivirus (topla preporuka, odlicno se pokazao)

Takodje prelistaj malo i ove teme...

Aplikacija-za-sigurno-surfovanje-Vas-mozak Arrow
http://www.mycity.rs/Zastita/Aplikacija-za-sigurno-surfovanje-Vas-mozak.html


Izbor besplatnog antivirusa Arrow
http://www.mycity.rs/Zastitni-programi/Izbor-besplatnog-antivirusa.html


Najbolji-antivirus-po-vasem-misljenju Arrow
http://www.mycity.rs/Zastitni-programi/Najbolji-an.....jenju.html


Najbolji besplatni zastitni softver Arrow
http://www.mycity.rs/Zastitni-programi/Najbolji-besplatni-zastitni-softver.html



Nemoj koristiti piratske verzije AV programa!!!



Arrow Obavezno poseti temu "Testirajte da li vam je pretraživač ranjiv", pročitaj i isprati link koji stoji u njoj.
Link do teme je: http://www.mycity.rs/Web-browseri/Testirajte-da-li.....anjiv.html



Arrow Takode, isprati i temu "Kako izbeci i ukloniti toolbar-ove" , procitaj i isprati korake u njoj. Link do teme je: http://www.mycity.rs/Zastita/Kako-izbeci-i-ukloniti-toolbar-ove.html



TwinHeadedEagle (AMF Tim)

offline
  • Pridružio: 14 Apr 2012
  • Poruke: 81

Odlican posao Twin, imas sve pohvale od mene.

Odradio sam ovo s Temp File Cleaner-om.

SP3 mi je pre bio instaliran, i onda prilikom servisiranja u servisu su mi rekli da je za ovaj laptop mnogo bolji SP2, navodno bi sa SP3 kocilo vise (dal su u pravu, dal nisu- nije bitno), ali necu ga dirati, jer ce uskoro ici u staro gvozdje.

Izbrisao sam ESET, i instalirao AVG, s obzirom da Bitdefender Free Antivirus podrzava samo SP3.

Ko je trenutno na forumu
 

Ukupno su 577 korisnika na forumu :: 37 registrovanih, 5 sakrivenih i 535 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: alkatraz080, amstel, Boris Bosiljčić, BORUTUS, brundo65, Bubili, cenejac111, comi_pfc, Dannyboy, darionis, darios, dolinalima, FileFinder, goflja76, Insan, Joja, Kordon, Leonov, lovac12, m0nstrum_, mercedesamg, Mercury, milenko crazy north, naki011, nuke92, Outis, pacika, Polemarchoi, procesor, RJ, Rocker, rovac, v0idmp3, VladaKG1980, VladaNS1978, vladetije, yufighter