Sporo palene PC-a !

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Molio bi proveru loga jel mi se komp nesto usporio pri paljenu!Hvala!


ComboFix 09-05-15.01 - Ziska 15/05/2009 23:45.21 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1023.653 [GMT 2:00]
Running from: c:\documents and settings\Ziska\Desktop\ComboFix.exe
AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((( Files Created from 2009-04-15 to 2009-05-15 )))))))))))))))))))))))))))))))
.

2009-05-14 15:10 . 2009-05-14 15:10 -------- d-----w c:\program files\Ace Translator
2009-05-08 18:57 . 2009-05-08 18:57 -------- d-----w c:\documents and settings\log
2009-05-08 18:55 . 2009-05-08 18:55 -------- d-----w c:\documents and settings\All Users\Application Data\Downloaded Installations
2009-05-04 15:24 . 2009-03-23 15:39 20480 ----a-w c:\windows\system32\scrnrdr.exe
2009-05-01 21:39 . 2009-05-01 21:40 -------- d-s---w c:\program files\HLSW
2009-04-27 16:07 . 2009-04-27 16:07 -------- d-----w c:\documents and settings\Ziska\Local Settings\Application Data\Clock_22
2009-04-27 16:06 . 2009-04-27 16:07 -------- d-----w c:\program files\Clock
2009-04-24 21:54 . 1998-05-11 20:01 12496 ----a-w c:\windows\system\vbas.dll
2009-04-24 21:54 . 1996-08-24 11:11 398416 ----a-w c:\windows\system32\Vbrun300.dll
2009-04-24 21:54 . 2009-04-24 21:54 -------- d-----w C:\askola
2009-04-24 21:54 . 2009-04-24 21:54 -------- d-----w c:\program files\aSkola
2009-04-24 21:54 . 1999-03-23 07:12 299520 ----a-w c:\windows\uninst.exe
2009-04-24 21:54 . 2009-04-24 21:54 -------- d-----w c:\documents and settings\Ziska\WINDOWS

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-05-15 14:30 . 2008-12-27 09:53 -------- d-----w c:\program files\FlashGet
2009-05-08 18:56 . 2009-03-01 11:39 -------- d-----w c:\program files\AVG
2009-05-08 10:34 . 2009-03-01 11:40 11952 ----a-w c:\windows\system32\avgrsstx.dll
2009-05-08 10:34 . 2009-03-01 11:40 325896 ----a-w c:\windows\system32\drivers\avgldx86.sys
2009-05-08 10:34 . 2009-03-01 11:40 108552 ----a-w c:\windows\system32\drivers\avgtdix.sys
2009-04-28 15:08 . 2009-02-14 14:55 -------- d-----w c:\program files\Google
2009-04-27 16:16 . 2008-12-27 09:56 -------- d-----w c:\program files\ClocX
2009-04-24 18:48 . 2008-12-26 09:59 -------- d--h--w c:\program files\InstallShield Installation Information
2009-04-10 20:41 . 2009-04-10 19:47 -------- d-----w c:\program files\VS Revo Group
2009-04-06 17:31 . 2009-04-06 17:31 56 ---ha-w c:\windows\system32\ezsidmv.dat
2009-04-06 17:22 . 2009-04-06 17:22 -------- d-----r c:\program files\Skype
2009-04-06 17:22 . 2009-04-06 17:22 -------- d-----w c:\program files\Common Files\Skype
2009-04-05 10:21 . 2009-04-05 10:21 664 ----a-w c:\windows\system32\d3d9caps.dat
2009-04-04 18:47 . 2009-04-04 18:46 -------- d-----w c:\program files\MySpace
2009-04-01 10:30 . 2009-03-24 17:55 -------- d-----w c:\program files\Java
2009-03-30 17:07 . 2009-03-30 11:05 -------- d-----w c:\program files\Common Files\Kaspersky Lab
2009-03-30 17:03 . 2009-03-04 18:17 2560 ----a-w c:\windows\_MSRSTRT.EXE
2009-03-30 17:03 . 2009-03-30 11:04 -------- d-----w c:\program files\iolo
2009-03-30 11:05 . 2008-12-26 09:36 -------- d-----w c:\program files\Common Files\InstallShield
2009-03-20 21:20 . 2008-12-26 10:39 -------- d-----w c:\program files\The KMPlayer
2009-03-19 15:08 . 2009-03-19 15:08 499712 ----a-w c:\windows\system32\msvcp71.dll
2009-03-19 15:08 . 2009-03-19 15:08 348160 ----a-w c:\windows\system32\msvcr71.dll
2009-03-09 03:19 . 2009-01-24 11:35 410984 ----a-w c:\windows\system32\deploytk.dll
2009-02-26 10:46 . 2009-02-26 10:46 74760 ----a-w c:\windows\system32\drivers\UniversalDD.sys
2009-02-26 10:46 . 2009-02-26 10:46 25608 ----a-w c:\windows\system32\drivers\AVGIDSErHr.sys
.

------- Sigcheck -------

[-] 2008-04-14 03:42 699904 8A513E79E7980018DAEDCA586B866BC3 c:\windows\system32\wininet.dll
[-] 2008-04-14 03:42 699904 8A513E79E7980018DAEDCA586B866BC3 c:\windows\system32\dllcache\wininet.dll

[-] 2008-04-14 03:42 975872 561A50497324F378E30F55D09B4E1258 c:\windows\explorer.exe
[-] 2008-04-14 03:42 975872 088A0CD3D4CD3B584F3A4150D6CF941E c:\windows\system32\dllcache\explorer.exe
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MsnMsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2007-10-18 5724184]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2008-04-14 1695232]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2009-03-27 24103720]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2005-12-10 7311360]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2005-12-10 86016]
"Flashget"="c:\program files\FlashGet\FlashGet.exe" [2007-09-25 2007088]
"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-05-08 1947928]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-03-09 148888]
"ClocX"="c:\program files\ClocX\ClocX.exe" [2007-07-26 270336]
"AVGIDS"="c:\program files\AVG\Identity Protection\agent\bin\AVGIDSUI.exe" [2009-02-26 1579528]
"SoundMan"="SOUNDMAN.EXE" - c:\windows\SOUNDMAN.EXE [2004-12-01 77824]
"nwiz"="nwiz.exe" - c:\windows\system32\nwiz.exe [2005-12-10 1519616]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
Gigabyte Wireless Utility.lnk - c:\program files\GIGABYTE\Common\GNConfig.exe [2008-12-26 753664]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2009-05-08 10:34 11952 ----a-w c:\windows\system32\avgrsstx.dll

HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32
"wave1"= serwvdrv.dll

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001
"UpdatesDisableNotify"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\FlashGet\\flashget.exe"=
"c:\\Program Files\\Ares\\Ares.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgupd.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgnsx.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"d:\\Games\\C.S .1.6 online\\Counter-Strike\\hl.exe"=
"c:\\Program Files\\Ace Translator\\AceTrans.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"139:TCP"= 139:TCP:@xpsp2res.dll,-22004

R0 AVGIDSErHr;AVGIDSErHr;c:\windows\system32\drivers\AVGIDSErHr.sys [2/26/2009 12:46 PM 25608]
R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [3/1/2009 1:40 PM 325896]
R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [3/1/2009 1:40 PM 108552]
R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [3/1/2009 1:39 PM 298776]
R2 AVGIDSWatcher;AVGIDSWatcher;c:\program files\AVG\Identity Protection\agent\Bin\AVGIDSWatcher.exe [2/26/2009 12:46 PM 563720]
R3 AVGIDSDriver;AVGIDSDriver;c:\program files\AVG\Identity Protection\agent\driver\platform_XP\AVGIDSDriver.sys [2/26/2009 12:46 PM 121352]
R3 AVGIDSFilter;AVGIDSFilter;c:\program files\AVG\Identity Protection\agent\driver\platform_XP\AVGIDSFilter.sys [2/26/2009 12:46 PM 30216]
R3 AVGIDSShim;AVGIDSShim;c:\program files\AVG\Identity Protection\agent\driver\platform_XP\AVGIDSShim.sys [2/26/2009 12:46 PM 27232]
S2 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\Identity Protection\agent\Bin\AVGIDSAgent.exe [2/26/2009 12:46 PM 5576712]
S3 3xHybrid;3xHybrid service;c:\windows\system32\drivers\3xHybrid.sys [12/26/2008 12:23 PM 670592]
S3 SetupNTGLM7X;SetupNTGLM7X;\??\e:\ntglm7x.sys --> e:\NTGLM7X.sys [?]
.
.
------- Supplementary Scan -------
.
uStart Page = about:blank
IE: &Download All with FlashGet - c:\program files\FlashGet\jc_all.htm
IE: &Download with FlashGet - c:\program files\FlashGet\jc_link.htm
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
FF - ProfilePath - c:\documents and settings\Ziska\Application Data\Mozilla\Firefox\Profiles\nhsg24iv.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.live.com/results.aspx?FORM=IEFM1&q=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.abakusbp.net/
FF - prefs.js: keyword.URL - hxxp://searchservice.myspace.com/index.cfm?fuseaction=sitesearch.results&type=Web&orig=IMC-FF&qry=
FF - component: c:\program files\Mozilla Firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}\components\NPComponent.dll
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, gmer.net
Rootkit scan 2009-05-15 23:47
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\software\Classes\Nf815c75f]
@Denied: (4) (Everyone)
@Denied: (4) (Administrators)
@Allowed: (A B C D Full GENERIC_EXECUTE GENERIC_WRITE Read 1 2 3 4 5 6) (LocalSystem)
"a"="M"
"InternetCode"="U52LDJMC37ONPGW35EG4SPJX45LFAJ6ESRKK7IY8"
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'explorer.exe'(2924)
c:\windows\system32\SHDOCVW.dll
c:\program files\FlashGet\fgmgr.dll
c:\program files\Windows Media Player\wmpband.dll
c:\windows\system32\ntshrui.dll
c:\windows\system32\NETSHELL.dll
c:\windows\system32\credui.dll
c:\windows\system32\msi.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Completion time: 2009-05-15 23:49
ComboFix-quarantined-files.txt 2009-05-15 21:49

Pre-Run: 4,647,964,672 bytes free
Post-Run: 4,702,900,224 bytes free

163

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Par stvari...


1. Ovaj forum služi za rešavanje problema prouzrokovanim malicioznim programima.





Da li ti imaš takav problem?
Kompjuter ti je usporio pri paljenju? A šta drugo, sem otvaranja ove teme, si uradio po tom pitanju?

2. U slučaju da se doista utvrdi da je problem prouzrokovan malware-om, ili se isključe sve druge mogućnosti, tada se može otvoriti tema u Ambulanti.

Tema u Ambulanti se ne otvara ovako kako ti to radiš. Otvara se po određenom pravilu i pri tome se prati određeno uputstvo.







3. Ovde nigde nema ni traga malware-u.



4. Kada idući put otvoriš temu u Ambulanti a da ne postoji smislen razlog/opravdanje za to i kada to uradiš tako što tresneš ComboFix log (ili bilo koji drugi, sem onoga koji se traži), tema će biti obrisana a tebi će biti onemogućeno dalje pisanje u ovom delu foruma.


A ja ovo tebi ne pričam prvi put, zar ne?


Poštovanje.