Spori rad racunara na mozzili

1

Spori rad racunara na mozzili

offline
  • Stefanovic
  • Pridružio: 02 Nov 2011
  • Poruke: 131
  • Gde živiš: Nis

Probnlem je spori rad racunara ,vrlo sporo otvara stranice mozzile i uopste sam rad na njemu je otezan.Svestan sam da je slabe konfiguracije ali bih iskoristio za eto inteernet i uopste neke manje zahtevne radnje..... Trerbam savet da li je moguce instalirati windows 7 ili ovako ostaviti SP3

512 mb ram Nvidia geoforce 6200 AMD athion 2200..... brzina konekcije je 12 kako ubrzati rad i da li ima uopste neke mogucnosti ili je za kantu hehehe ....unapred hvala
mycity.rs/must-login.png

mycity.rs/must-login.png

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 14-12-2014 01
Ran by owner (administrator) on HOME-E30B55376D on 15-12-2014 16:25:19
Running from C:\Documents and Settings\owner\Desktop
Loaded Profile: owner (Available profiles: owner)
Platform: Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: English (United States)
Internet Explorer Version 8
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: geekstogo.com/forum/topic/335081-frst-t.....scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Lexmark International, Inc.) C:\WINDOWS\system32\LEXBCES.EXE
(Lexmark International, Inc.) C:\WINDOWS\system32\LEXPPS.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(RealNetworks, Inc.) C:\Program Files\real\realplayer\Update\realsched.exe
(Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuschd2.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(VisualTaskTips.com) C:\Program Files\VisualTaskTips\VisualTaskTips.exe
(MyCity) C:\Program Files\MCShield\MCShieldRTM.exe
(Microsoft Corporation) C:\WINDOWS\system32\rundll32.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
(Analog Devices, Inc.) C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [KernelFaultCheck] => %systemroot%\system32\dumprep 0 -k
HKLM\...\Run: [TkBellExe] => C:\Program Files\real\realplayer\update\realsched.exe [296096 2012-11-14] (RealNetworks, Inc.)
HKLM\...\Run: [HP Software Update] => C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [avgnt] => C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [703736 2014-12-10] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [NeroFilterCheck] => C:\WINDOWS\system32\NeroCheck.exe [155648 2001-07-09] (Ahead Software Gmbh)
HKU\S-1-5-21-670792205-2225589205-3563514748-1003\...\Run: [VisualTaskTips] => C:\Program Files\VisualTaskTips\VisualTaskTips.exe [34816 2006-03-14] (VisualTaskTips.com)
HKU\S-1-5-21-670792205-2225589205-3563514748-1003\...\Run: [VW100 Connection Manager] => C:\WINDOWS\system32\ctfmon.exe \VisualTaskTips.exe [15360 2008-04-14] (Microsoft Corporation)
HKU\S-1-5-21-670792205-2225589205-3563514748-1003\...\Run: [MCShield Monitor] => C:\Program Files\MCShield\mcshieldrtm.exe [607232 2013-02-10] (MyCity)
HKU\S-1-5-21-670792205-2225589205-3563514748-1003\...\Run: [Wisdom-soft ScreenHunter 5.1 Free] => 0
HKU\S-1-5-18\...\Run: [DWQueuedReporting] => C:\Program Files\Common Files\Microsoft Shared\DW\DWTRIG20.EXE [437160 2007-02-26] (Microsoft Corporation)
Startup: C:\Documents and Settings\owner\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Deskjet 1050 J410 series.lnk
ShortcutTarget: Monitor Ink Alerts - HP Deskjet 1050 J410 series.lnk -> C:\Program Files\HP\HP Deskjet 1050 J410 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-670792205-2225589205-3563514748-1003\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-670792205-2225589205-3563514748-1003\Software\Microsoft\Internet Explorer\Main,Search Page = microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs: "http://www.google.com" <======= ATTENTION
SearchScopes: HKLM -> DefaultScope value is missing.
SearchScopes: HKU\S-1-5-21-670792205-2225589205-3563514748-1003 -> {82D7B80F-7BD3-4E73-B330-67BED78AE9B7} URL = google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
BHO: Adobe PDF Reader Link Helper -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: RealPlayer Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
BHO: No Name -> {5C255C8A-E604-49b4-9D64-90988571CECB} -> No File
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 92.60.224.30 92.60.224.20

FireFox:
========
FF ProfilePath: C:\Documents and Settings\owner\Application Data\Mozilla\Firefox\Profiles\1yomtjis.default
FF Homepage: google.com
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_16_0_0_235.dll ()
FF Plugin: @java.com/JavaPlugin,version=10.21.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @real.com/nppl3260;version=15.0.6.14 -> c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprjplug;version=15.0.6.14 -> c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpchromebrowserrecordext;version=15.0.6.14 -> C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprphtml5videoshim;version=15.0.6.14 -> C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpplugin;version=15.0.6.14 -> c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Documents and Settings\owner\Application Data\Mozilla\Firefox\Profiles\1yomtjis.default\searchplugins\search-here.xml
FF Extension: DownloadHelper - C:\Documents and Settings\owner\Application Data\Mozilla\Firefox\Profiles\1yomtjis.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-12-10]
FF Extension: Adblock Plus Pop-up Addon - C:\Documents and Settings\owner\Application Data\Mozilla\Firefox\Profiles\1yomtjis.default\Extensions\adblockpopups@jessehakanen.net.xpi [2013-03-14]
FF Extension: YouTube mp3 - C:\Documents and Settings\owner\Application Data\Mozilla\Firefox\Profiles\1yomtjis.default\Extensions\info@youtube-mp3.org.xpi [2014-12-11]
FF Extension: Facebook Secret Emoticons - C:\Documents and Settings\owner\Application Data\Mozilla\Firefox\Profiles\1yomtjis.default\Extensions\jid0-XZn6pYCdV3ANrfYigxlyyGDrxAM@jetpack.xpi [2014-12-11]
FF Extension: Linky - C:\Documents and Settings\owner\Application Data\Mozilla\Firefox\Profiles\1yomtjis.default\Extensions\linky@gemal.dk.xpi [2013-03-17]
FF Extension: Linkification - C:\Documents and Settings\owner\Application Data\Mozilla\Firefox\Profiles\1yomtjis.default\Extensions\{35106bca-6c78-48c7-ac28-56df30b51d2a}.xpi [2013-03-17]
FF Extension: PDF Download - C:\Documents and Settings\owner\Application Data\Mozilla\Firefox\Profiles\1yomtjis.default\Extensions\{37E4D8EA-8BDA-4831-8EA1-89053939A250}.xpi [2013-03-05]
FF Extension: Adblock Plus - C:\Documents and Settings\owner\Application Data\Mozilla\Firefox\Profiles\1yomtjis.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-03-05]
FF Extension: Greasemonkey - C:\Documents and Settings\owner\Application Data\Mozilla\Firefox\Profiles\1yomtjis.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2013-03-05]

Chrome:
=======
CHR HKLM\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx [2012-11-14]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [432888 2014-12-10] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [432888 2014-12-10] (Avira Operations GmbH & Co. KG)
R2 JavaQuickStarterService; C:\Program Files\Java\jre7\bin\jqs.exe [181664 2013-04-04] (Oracle Corporation)
R2 LexBceS; C:\WINDOWS\system32\LEXBCES.EXE [303104 2003-08-18] (Lexmark International, Inc.)
S3 NVSvc; C:\WINDOWS\system32\nvsvc32.exe [155716 2007-09-17] (NVIDIA Corporation) [File not signed]
R2 SoundMAX Agent Service (default); C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe [45056 2002-09-20] (Analog Devices, Inc.) [File not signed]
S2 MBAMScheduler; "C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe" [X]
S2 MBAMService; "C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe" [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avgntflt; C:\WINDOWS\System32\DRIVERS\avgntflt.sys [98160 2014-12-10] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\WINDOWS\System32\DRIVERS\avipbb.sys [136216 2014-12-10] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\WINDOWS\System32\DRIVERS\avkmgr.sys [37352 2014-12-10] (Avira Operations GmbH & Co. KG)
R3 dtsoftbus01; C:\WINDOWS\System32\DRIVERS\dtsoftbus01.sys [232512 2011-11-03] (DT Soft Ltd)
R3 FETND5BV; C:\WINDOWS\System32\DRIVERS\fetnd5bv.sys [42496 2004-12-16] (VIA Technologies, Inc. )
S3 FETNDIS; C:\WINDOWS\System32\DRIVERS\fetnd5.sys [27165 2001-08-17] (VIA Technologies, Inc. )
R3 gameenum; C:\WINDOWS\System32\DRIVERS\gameenum.sys [10624 2008-04-14] (Microsoft Corporation)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [22856 2012-09-29] (Malwarebytes Corporation)
S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\mbamswissarmy.sys [40776 2013-07-03] (Malwarebytes Corporation)
S3 N100; C:\WINDOWS\System32\DRIVERS\n100325.sys [128000 2001-08-17] (Compaq Computer Corporation)
R3 nv; C:\WINDOWS\System32\DRIVERS\nv4_mini.sys [6853088 2007-09-17] (NVIDIA Corporation) [File not signed]
R3 pfc; C:\WINDOWS\System32\drivers\pfc.sys [10368 2007-04-23] (Padus, Inc.) [File not signed]
R1 ssmdrv; C:\WINDOWS\System32\DRIVERS\ssmdrv.sys [28520 2014-12-10] (Avira GmbH)
S3 vulfnths; C:\WINDOWS\System32\Drivers\vulfnth.sys [6912 2002-10-24] (VIA Technologies, Inc.) [File not signed]
R3 vulfntrs; C:\WINDOWS\System32\Drivers\vulfntr.sys [10496 2002-11-13] (VIA Technologies, Inc.) [File not signed]
S3 vwmfbus; C:\WINDOWS\System32\DRIVERS\vwmfbus.sys [98560 2009-11-11] (MCCI Corporation)
S3 vwmfdiag; C:\WINDOWS\System32\DRIVERS\vwmfdiag.sys [100224 2009-11-11] (MCCI Corporation)
S3 vwmfmdfl; C:\WINDOWS\System32\DRIVERS\vwmfmdfl.sys [14848 2009-11-11] (MCCI Corporation)
S3 vwmfmdm; C:\WINDOWS\System32\DRIVERS\vwmfmdm.sys [123776 2009-11-11] (MCCI Corporation)
S3 vwmfserd; C:\WINDOWS\System32\DRIVERS\vwmfserd.sys [100224 2009-11-11] (MCCI Corporation)
S3 ZD1211BU(TP-LINK); C:\WINDOWS\System32\DRIVERS\zd1211Bu.sys [500736 2009-01-05] (Atheros Technology Corporation) [File not signed]
S3 ZDPSp50; C:\WINDOWS\System32\Drivers\ZDPSp50.sys [17664 2009-01-05] (Printing Communications Assoc., Inc. (PCAUSA)) [File not signed]
S3 ewusbnet; system32\DRIVERS\ewusbnet.sys [X]
S3 ew_hwusbdev; system32\DRIVERS\ew_hwusbdev.sys [X]
S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [X]
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X]
S4 IntelIde; No ImagePath
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-14] (Microsoft Corporation)
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [4096 2010-07-04] () [File not signed]

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-15 16:25 - 2014-12-15 16:26 - 00014550 _____ () C:\Documents and Settings\owner\Desktop\FRST.txt
2014-12-15 16:25 - 2014-12-15 16:25 - 00000000 ____D () C:\FRST
2014-12-15 16:24 - 2014-12-15 16:23 - 01111040 _____ (Farbar) C:\Documents and Settings\owner\Desktop\FRST.exe
2014-12-15 12:50 - 2014-12-15 13:17 - 00003776 _____ () C:\Documents and Settings\owner\Desktop\Нови текстуални документ.txt
2014-12-15 06:10 - 2014-12-15 06:10 - 00015360 ___SH () C:\Documents and Settings\owner\Desktop\Thumbs.db
2014-12-14 10:46 - 2014-12-15 09:32 - 00000000 ____D () C:\Documents and Settings\owner\Desktop\Nas svet
2014-12-10 18:05 - 2014-12-10 18:05 - 00000000 ____D () C:\Documents and Settings\owner\Application Data\Avira
2014-12-10 18:04 - 2014-12-10 18:04 - 00000000 ____D () C:\Documents and Settings\NetworkService\Application Data\Avira
2014-12-10 18:03 - 2014-12-10 18:03 - 00001709 _____ () C:\Documents and Settings\All Users\Desktop\Avira Control Center.lnk
2014-12-10 18:03 - 2014-12-10 18:03 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Avira
2014-12-10 18:01 - 2014-12-10 18:01 - 00000000 ____D () C:\Program Files\Avira
2014-12-10 18:01 - 2014-12-10 18:01 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Avira
2014-12-10 18:01 - 2014-12-10 17:44 - 00136216 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys
2014-12-10 18:01 - 2014-12-10 17:44 - 00098160 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
2014-12-10 18:01 - 2014-12-10 17:44 - 00037352 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avkmgr.sys
2014-12-10 18:01 - 2014-12-10 17:43 - 00028520 _____ (Avira GmbH) C:\WINDOWS\system32\Drivers\ssmdrv.sys
2014-12-09 10:38 - 2014-12-15 14:00 - 00000464 _____ () C:\WINDOWS\Tasks\At4.job
2014-12-09 10:38 - 2014-12-14 20:40 - 00000464 _____ () C:\WINDOWS\Tasks\At2.job
2014-12-09 10:38 - 2014-12-14 10:38 - 00000464 _____ () C:\WINDOWS\Tasks\At3.job
2014-12-09 10:38 - 2014-12-14 10:10 - 00000464 _____ () C:\WINDOWS\Tasks\At1.job
2014-12-09 10:38 - 2014-12-10 10:53 - 00000000 ____D () C:\Documents and Settings\owner\Application Data\HpUpdate
2014-12-09 10:38 - 2014-12-09 10:38 - 00000000 ____D () C:\Program Files\HP Photo Creations
2014-12-09 10:38 - 2014-12-09 10:38 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Visan
2014-12-09 10:38 - 2014-12-09 10:38 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\HP Photo Creations
2014-12-09 10:37 - 2014-12-09 10:38 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\HP
2014-12-09 10:37 - 2014-12-09 10:37 - 00002019 _____ () C:\Documents and Settings\All Users\Desktop\HP Deskjet 1050 J410 series.lnk
2014-12-09 10:36 - 2014-12-09 10:38 - 00000000 ____D () C:\Program Files\HP
2014-12-09 10:36 - 2014-12-09 10:36 - 00000057 _____ () C:\Documents and Settings\All Users\Application Data\Ament.ini
2014-12-09 10:35 - 2014-12-09 10:41 - 00000000 ____D () C:\Documents and Settings\owner\Local Settings\Application Data\HP
2014-12-09 10:35 - 2014-12-09 10:35 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\HP
2014-12-09 10:35 - 2012-10-03 00:47 - 02216848 ____R (Hewlett-Packard Co.) C:\WINDOWS\system32\hpinkins8911.exe
2014-12-09 10:35 - 2012-10-03 00:47 - 01979280 ____R (Hewlett-Packard Co.) C:\WINDOWS\system32\HPScanTRDrv_DJ1050_J410.dll
2014-12-09 10:35 - 2012-10-03 00:47 - 00529296 ____R (Hewlett-Packard Co.) C:\WINDOWS\system32\hpinksts8911.dll
2014-12-09 10:35 - 2012-10-03 00:47 - 00496016 ____R (Hewlett-Packard) C:\WINDOWS\system32\HPWia1_DJ1050_J410.dll
2014-12-09 10:35 - 2012-10-03 00:47 - 00269200 ____R (Hewlett-Packard Co.) C:\WINDOWS\system32\hpinksts8911LM.dll
2014-12-09 10:35 - 2012-10-03 00:47 - 00221072 ____R (Hewlett-Packard Co.) C:\WINDOWS\system32\hpinkcoi8911.dll
2014-12-05 20:58 - 2014-12-06 10:48 - 00000000 ____D () C:\Documents and Settings\owner\Application Data\PearlMountain Photo Watermark
2014-12-05 20:33 - 2014-12-05 20:52 - 00000089 _____ () C:\WINDOWS\janus4.ini
2014-12-05 20:06 - 2003-07-10 13:41 - 00387072 _____ () C:\WINDOWS\system32\swedll32.dll
2014-12-05 20:06 - 1998-07-01 11:15 - 00105472 _____ (BeCubed Software, Inc.) C:\WINDOWS\system32\MHOUTB32.OCX
2014-12-05 20:06 - 1998-05-21 12:12 - 00043520 _____ (BeCubed Software, Inc.) C:\WINDOWS\system32\bc32r60.dll
2014-12-05 20:06 - 1998-05-21 10:00 - 00129536 _____ (BeCubed Software, Inc.) C:\WINDOWS\system32\bc32l60.dll
2014-12-05 20:06 - 1997-11-17 10:36 - 00192784 _____ (Microsoft Corporation) C:\WINDOWS\system32\TABCTL32.OCX
2014-12-05 20:06 - 1997-07-19 16:01 - 00196880 _____ (Microsoft Corporation) C:\WINDOWS\system32\RICHTX32.OCX
2014-12-04 18:36 - 2001-08-17 13:48 - 00012160 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mouhid.sys
2014-12-04 18:36 - 2001-08-17 13:48 - 00012160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mouhid.sys
2014-12-04 18:35 - 2008-04-14 00:15 - 00010368 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\hidusb.sys
2014-12-04 18:35 - 2008-04-14 00:15 - 00010368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidusb.sys
2014-12-03 15:09 - 2014-12-03 15:09 - 00020480 _____ () C:\WINDOWS\system32\H@tKeysH@@k.DLL
2014-12-03 14:39 - 1998-06-24 01:00 - 00244024 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSFLXGRD.OCX
2014-12-03 14:39 - 1998-06-18 00:00 - 00089360 _____ (Microsoft Corporation) C:\WINDOWS\system32\VB5DB.DLL
2014-12-01 10:01 - 2014-12-01 10:01 - 00000620 _____ () C:\Documents and Settings\owner\Desktop\Shortcut to alogo.lnk
2014-11-30 15:20 - 2014-12-15 09:37 - 00000000 ____D () C:\Documents and Settings\owner\Desktop\New Folder

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-15 16:26 - 2012-01-15 15:38 - 00000000 ____D () C:\Documents and Settings\owner\Local Settings\temp
2014-12-15 16:25 - 2010-08-04 11:46 - 00000422 ____H () C:\WINDOWS\Tasks\User_Feed_Synchronization-{EF5539D9-73C2-488E-899E-A6A99A167973}.job
2014-12-15 16:24 - 2012-03-31 15:13 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-12-15 16:04 - 2012-04-08 19:16 - 01766914 _____ () C:\WINDOWS\WindowsUpdate.log
2014-12-15 15:35 - 2012-04-09 06:43 - 00032544 _____ () C:\WINDOWS\SchedLgU.Txt
2014-12-15 13:18 - 2012-11-14 19:42 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\MCShield
2014-12-15 12:30 - 2007-04-23 11:50 - 00513656 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-12-15 12:26 - 2012-04-20 09:52 - 00000159 _____ () C:\WINDOWS\wiadebug.log
2014-12-15 12:26 - 2012-04-20 09:52 - 00000050 _____ () C:\WINDOWS\wiaservc.log
2014-12-15 12:26 - 2011-11-26 19:25 - 00000278 _____ () C:\WINDOWS\Tasks\RealUpgradeLogonTaskS-1-5-21-670792205-2225589205-3563514748-1003.job
2014-12-15 12:26 - 2007-04-23 09:07 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-12-15 09:12 - 2007-04-23 09:08 - 00000000 ____D () C:\Documents and Settings\owner
2014-12-15 04:11 - 2010-08-04 11:53 - 00000000 ____D () C:\Documents and Settings\owner\Application Data\Winamp
2014-12-14 22:36 - 2007-04-23 09:08 - 00000278 ___SH () C:\Documents and Settings\owner\ntuser.ini
2014-12-14 15:43 - 2011-11-04 10:48 - 00000069 _____ () C:\WINDOWS\NeroDigital.ini
2014-12-12 17:22 - 2011-11-26 19:25 - 00000286 _____ () C:\WINDOWS\Tasks\RealUpgradeScheduledTaskS-1-5-21-670792205-2225589205-3563514748-1003.job
2014-12-10 22:48 - 2007-04-23 13:55 - 00096256 _____ () C:\Documents and Settings\owner\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-12-10 18:14 - 2012-12-22 02:12 - 00054156 ____H () C:\WINDOWS\QTFont.qfn
2014-12-10 13:31 - 2012-12-12 20:28 - 00000000 ____D () C:\Documents and Settings\owner\dwhelper
2014-12-10 13:25 - 2007-04-23 09:27 - 00000000 ____D () C:\Documents and Settings\owner\Local Settings\Application Data\Adobe
2014-12-10 13:22 - 2012-05-31 13:58 - 00701616 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2014-12-10 13:22 - 2011-11-03 17:18 - 00071344 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2014-12-10 10:19 - 2013-07-03 19:46 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-12-10 10:19 - 2013-03-05 12:44 - 00000732 _____ () C:\Documents and Settings\All Users\Start Menu\Programs\Mozilla Firefox.lnk
2014-12-10 10:19 - 2013-03-05 12:44 - 00000726 _____ () C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
2014-12-10 10:19 - 2013-03-05 12:44 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-12-09 10:36 - 2007-04-23 11:43 - 00000000 ____D () C:\WINDOWS\twain_32
2014-12-07 10:55 - 2001-08-23 13:00 - 00002206 _____ () C:\WINDOWS\system32\wpa.dbl
2014-12-05 20:59 - 2007-04-23 09:09 - 00092432 _____ () C:\Documents and Settings\owner\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2014-12-03 14:43 - 2007-04-23 11:49 - 03620376 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-12-01 10:01 - 2013-03-10 03:30 - 00000000 ____D () C:\Program Files\AAALOGO2010

Files to move or delete:
====================
C:\Windows\Tasks\At1.job
C:\Windows\Tasks\At2.job
C:\Windows\Tasks\At3.job
C:\Windows\Tasks\At4.job


Some content of TEMP:
====================
C:\Documents and Settings\owner\Local Settings\temp\avgnt.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

==================== End Of Log ============================

offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10451
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

Arrow Korak 1

Otvori Notepad i iskopiraj sljedeći tekst koji se nalazi unutar Kod polja.

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-670792205-2225589205-3563514748-1003\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs: "http://www.google.com" <======= ATTENTION
C:\Windows\Tasks\At1.job
C:\Windows\Tasks\At2.job
C:\Windows\Tasks\At3.job
C:\Windows\Tasks\At4.job
AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:1CE11B51


U okviru Notepad-a klikni na File --> Save As
Fajl nazovi Fixlist i sačuvaj na Desktop
Dvoklikom ponovo pokreni FRST.exe
Klikni na Fix i sačekaj dok program ne završi.
Ukoliko program zatraži restart računara, omogući mu da to nesmetano obavi.
Nakon završetka rada, otvoriće se fixlog.txt, sa sadržajem koji treba da kopiraš u temu.
Takođe, na Desktop-u će se nalaziti (fixlog.txt).




Arrow Korak 2

Preuzmi "Xplode"-ov AdwCleaner i sačuvaj ga na Desktop
Dvoklikom pokreni program.
u EULA prozoru klikni na I agree.
Klikni na dugme Scan i sačekaj da se završi skeniranje.
Klikni na dugme Clean i pričekaj da program završi.
Program će zatvoriti sve aktivne programe i izbaciti prozor sa tim upozorenjem. Klikni OK kao potvrdu.
Na sljedeća dva prozora koja se otvore (Informations i Restart required ) klikni OK

Računar će se restartovati, a potom otvoriti Notepad (C:\AdwCleaner[S0].txt) sa izvještajem.
Sačuvaj taj izvještaj na Desktop i okači ga uz poruku koristeći opciju "Prikači fajl"

Napomena: Izvještaj ce takođe biti sačuvan na C:\Adwcleaner\AdwCleaner[S0].txt

offline
  • Stefanovic
  • Pridružio: 02 Nov 2011
  • Poruke: 131
  • Gde živiš: Nis

mycity.rs/must-login.png

mycity.rs/must-login.png

offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10451
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

Preuzmi Malwarebytes Anti-Rootkit (MBAR) sa sledeceg linka i sacuvaj ga na Desktop.

Dvoklikom pokreni MBAR () na ikonicu programa:
- Klikni OK na sledecem prozoru da bi dozvolio raspakivanje u zaseban mbar folder na desktop-u;
- mbar.exe ce biti startovan. Na nekim sistemima to moze da potraje nekoliko dodatnih sekundi, te pricekati pokretanje.;
- U uvodnom prozoru klikni dugme Next ukoliko si saglasan;



• Na 'Update Database' prozoru klik na dugme Update da bi preuzeo sveze definicije. Kada se ispise poruka 'Success: Database was successfully updated' klik na dugme Next;
• Pod sekcijom 'Scan Targets' proveri da su sve opcije stiklirane, te klikni na dugme Scan;

Obavestenje: sa nekim infekcijama moze se desiti da se prikaze neka od sledecih poruka:
- 'Could not load protection driver' => u tom slucaju klikni OK.
- 'Could not load DDA driver' => klikni Yes na to obavestenje da bi dozvolio ucitavanje nakon restarta. Dozvoli restart i nastavi sa ostatkom instrukcija posle restarta.





>> Ukoliko malware nije detektovan, klik na Exit dugme da zatvoris program. U sledecu poruku postavi mbar-log-year-month-day (sat-minuti-sekundi).txt i system-log.txt izveštaje.

>> Ukoliko su infekcija/e pronadjene, proveriti da li je obelezena opcija 'Create Restore Point' i klikni na dugme Cleanup! da bi uklonili pretnje.
- Procedura uklanjanje malware-a (scheduled) ce biti zakazana po restartu, bice prikazano obavestenje u pop-up prozoru. Klikni dugme Yes i sistem bi trebao da se restartuje i da zavrsi proceduru ciscenja.



Obavestenje! samo ukoliko je RootKit detektovan: - postaraj se da pokrenes fixdamage.exe alat koji se nalazi u mbar folderu, \Plugins\fixdamage.exe:
- Dvoklikom pokreni fixdamage, u crnom prozoru koji se otvori (command prompt) ukucaj Y (Y stoji za Yes) da bi nastavio izvrsenje, pricekati da alat odradi sve popravke ...
- Kada vidis poruku 'press any key to exit' popravka je kompletirana. Pritisnuti bilo koju tipku na tastaturi da bi se prozor zatvorio. Restartovati sistem.





Sledeci izvestaji ce biti formirani u mbar folderu.
1. mbar-log-year-month-day (hour-minute-second).txt
2. system-log.txt

Iskopiraj sadrzaj mbar log-a u poruku a system log okaci uz poruku koristeci opciju Prikači fajl.

offline
  • Stefanovic
  • Pridružio: 02 Nov 2011
  • Poruke: 131
  • Gde živiš: Nis

Napisano: 15 Dec 2014 22:34

mycity.rs/must-login.png

mycity.rs/must-login.png

Dopuna: 15 Dec 2014 22:54

Malwarebytes Anti-Rootkit BETA 1.08.2.1001
malwarebytes.org

Database version: v2014.12.15.05

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
owner :: HOME-E30B55376D [administrator]

15.12.2014 22:54:11
mbar-log-2014-12-15 (22-54-11).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 305879
Time elapsed: 26 minute(s), 48 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 1
C:\WINDOWS\system32\H@tKeysH@@k.DLL (HackTool.HotKeyHook) -> Delete on reboot. [ae73d48f4735c670aec7ceef659baf51]

Physical Sectors Detected: 0
(No malicious items detected)

(end)

offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10451
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

To bi bilo to.

Arrow

Sledeća procedura će implementirati završno čišćenje.

Arrow Preuzmi "Xplode"-ov DelFix alat i snimi ga na Desktop.
Dvoklikom pokreni alat i štikliraj kućice ispred sledećih opcija;

Remove disinfection tools
Create registry backup
Purge System Restore


Klikni na dugme Run i pričekaj trenutak dok alat ne završi svoj rad.
Od ovog trenutka, svi korišćeni alati u ovoj temi bi trebali biti obrisani.
Alat će takođe formirati izveštaj za tebe. (C:\DelFix.txt)

Alat će snimiti i zdravo stanje registy-ja i napraviti backup koristeci integrisan program "ERUNT" u %windir%\ERUNT\DelFix
Alat briše stare system restore tačke i pravi novu, svežu tačku nakon čišćenja.




Arrow

512MiB je jako malo za današnje standarde i jedina stvar koju mogu da ti preporučim jeste nabavka novije mašine.

offline
  • Stefanovic
  • Pridružio: 02 Nov 2011
  • Poruke: 131
  • Gde živiš: Nis

Sass Drake hvala puno na strpljennju i pomoci .Ynam da je slaba konfiguracija ,ja licno imam puno jacu masinu ali htedoh kolko je moguce da osposobim ovaj u nekim granicama jer sam planirao da ga kasnije poklonim nekoj skoli ili kome je vec potreban a nema ....

Da 512MiB je jako slabo i da li moye da se nadogradi i kako eto jedan savet ali ako ne to mu je sudbina,

Hvala jos jednom na ulozenom trudu i vremenu .... i vama srecan rad kao i do sada svaka pohvala !!!

offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10451
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

Jedino da nađeš polovan štap sa 1GiB DDR1 i da ga kupiš, ali pitanje je koliko će ti to biti isplativo.

offline
  • Pridružio: 12 Feb 2007
  • Poruke: 1221

Što ne probati neku laganu linuks distribuciju ako se planira samo surfovanje po internetu i slično?

PS.
Izvinjavam se za upad ovde na temu u Ambulanti

offline
  • Stefanovic
  • Pridružio: 02 Nov 2011
  • Poruke: 131
  • Gde živiš: Nis

Sass Drake Hvala jos jednom na pomoci ...... Wisdomseeker hvala na savetu......

Ko je trenutno na forumu
 

Ukupno su 650 korisnika na forumu :: 35 registrovanih, 2 sakrivenih i 613 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 2413 - dana 03 Okt 2019 05:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: A.R.Chafee.Jr., Arhiv, arsa, Bane san, bankulen, bojank2, Boris90, brundo65, Cobi026, Cvijo_ue, Djurdevdan, djurdjija, draggan, FOX2, Gabriel182, Gama, husky, ikan, Iwo Jima, kalens021, LUDI, Markoni29, mgaji21, MiG-29M2, Milan A. Nikolic, nemkea71, NoOneEver Dreams, Panonsky, pein, Perko91, plavii, powSrb, rovac, trajkoni018, VaRvArI 85