Sporo računalo i drugi problemi

Chey · #1 4. studenog 2008, 04:19

Nadam se da netko može pomoć mene ovdje molim.

Tijekom proteklih tjedan dana ili tako moj računalo je usporavanje i jučer sam zadržao uzimajući crni ekran na par sekundi, onda righted sebe. Danas je hladno za samo nekoliko sekundi. I kada odem na stvari kao što su Facebook, on drži zatvaranja dolje na mene.

Ovo je moja kidnapovati ovog prijavite ako netko može biti tako ljubazni kao i savjetovati me.

Hvala.

Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan spremljena u 11:01:49, dana 04/11/2008
Platforma: Windows XP SP3 (Winnt 5.01.2600)
Boot mode: Normal

Pokretanje procesa:
C: \ WINDOWS \ System32 \ smss.exe
C: \ WINDOWS \ system32 \ Winlogon.exe
C: \ WINDOWS \ system32 \ services.exe
C: \ WINDOWS \ system32 \ lsass.exe
C: \ WINDOWS \ system32 \ Ati2evxx.exe
C: \ WINDOWS \ system32 \ Svchost.exe
C: \ WINDOWS \ System32 \ Svchost.exe
C: \ WINDOWS \ system32 \ Ati2evxx.exe
C: \ WINDOWS \ system32 \ ZoneLabs \ vsmon.exe
C: \ WINDOWS \ system32 \ LEXBCES.EXE
C: \ WINDOWS \ system32 \ spoolsv.exe
C: \ WINDOWS \ system32 \ LEXPPS.EXE
C: \ programa ~ 1 \ Grisoft \ AVG7 \ avgamsvr.exe
C: \ programa ~ 1 \ Grisoft \ AVG7 \ avgupsvc.exe
C: \ programa ~ 1 \ Grisoft \ AVG7 \ avgemc.exe
C: \ Program Files \ Bonjour \ mDNSResponder.exe
C: \ WINDOWS \ System32 \ Svchost.exe
C: \ WINDOWS \ explorer.exe
C: \ WINDOWS \ system32 \ sstray.exe
C: \ programa ~ 1 \ Grisoft \ AVG7 \ avgcc.exe
C: \ WINDOWS \ Logi_MwX.Exe
C: \ Program Files \ Zone Labs \ ZoneAlarm \ zlclient.exe
C: \ Program Files \ Lexmark 1200 Series \ lxczbmgr.exe
C: \ Program Files \ Java \ jre1.6.0_07 \ bin \ jusched.exe
C: \ Program Files \ Common Files \ Real \ Update_OB \ realsched.exe
C: \ Program Files \ Common Files \ ispred \ Lib \ NMBgMonitor.exe
C: \ WINDOWS \ system32 \ Ctfmon.exe
C: \ Program Files \ Lexmark 1200 Series \ lxczbmon.exe
C: \ Program Files \ BLUENEXT \ BN-WD54G \ Installer \ WINXP \ BCU.exe
C: \ Program Files \ Common Files \ ispred \ Lib \ NMIndexingService.exe
C: \ Program Files \ Common Files \ ispred \ Lib \ NMIndexStoreSvr.exe
C: \ WINDOWS \ System32 \ Svchost.exe
C: \ Program Files \ Mozilla Firefox \ firefox.exe
C: \ Documents and Settings \ Alexa \ Desktop \ HiJackThis_v2.exe

R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU \ Software \ Microsoft \ Windows \ CurrentVersion \ Int ernet Postavke, ProxyOverride = *. lokalne
R3 - URLSearchHook: Yahoo! Toolbar - (EF99BD32-C1FB-11D2-892F-0090271D4F88) - C: \ Program Files \ Yahoo! \ Companion \ Instalira \ cpn \ yt.dll
O2 - BHO: Yahoo! Toolbar Helper - (02478D38-C3F9-4EFB-9B51-7695ECA05670) - C: \ Program Files \ Yahoo! \ Companion \ Instalira \ cpn \ yt.dll
O2 - BHO: Adobe PDF Link Helper - (18DF081C-E8AD-4283-A596-FA578C2EBDC3) - C: \ Program Files \ Common Files \ Adobe \ Acrobat \ ActiveX \ AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download i Record Plugin za Internet Explorer - (3049C3E9-B461-4BC5-8870-4C09146192CA) - C: \ Program Files \ Real \ RealPlayer \ rpbrowserrecordplugin.dll
O2 - BHO: (no name) - (53707962-6F74-2D53-2644-206D7942484F) - C: \ Program Files \ Spybot - Search & Destroy \ SDHelper.dll
O2 - BHO: SSVHelper Class - (761497BB-D6F0-462C-B6EB-D4DAF1D92D43) - C: \ Program Files \ Java \ jre1.6.0_07 \ bin \ ssv.dll
O2 - BHO: Windows Live Sign-in Helper - (9030D464-4C02-4ABF-8ECC-5164760863C6) - C: \ Program Files \ Common Files \ Microsoft Shared \ Windows Live \ WindowsLiveLogin.dll
O2 - BHO: ZoneAlarm Spy Blocker BHO - (F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA) - C: \ Program Files \ ZoneAlarmSB \ bar \ 1.bin \ SPYBLOCK.DLL
O3 - Toolbar: ZoneAlarm Spy Blocker - (F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA) - C: \ Program Files \ ZoneAlarmSB \ bar \ 1.bin \ SPYBLOCK.DLL
O3 - Toolbar: Yahoo! Toolbar - (EF99BD32-C1FB-11D2-892F-0090271D4F88) - C: \ Program Files \ Yahoo! \ Companion \ Instalira \ cpn \ yt.dll
O4 - HKLM \ .. \ Run: [nForce Trake Options] sstray.exe / r
O4 - HKLM \ .. \ Run: [AVG7_CC] C: \ programa ~ 1 \ Grisoft \ AVG7 \ avgcc.exe / StartUp
O4 - HKLM \ .. \ Run: [Cmaudio] rundll32 cmicnfg.cpl, CMICtrlWnd
O4 - HKLM \ .. \ Run: [NeroFilterCheck] C: \ Program Files \ Common Files \ ispred \ Lib \ NeroCheck.exe
O4 - HKLM \ .. \ Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM \ .. \ Run: [ZoneAlarm Client] "C: \ Program Files \ Zone Labs \ ZoneAlarm \ zlclient.exe"
O4 - HKLM \ .. \ Run: [Adobe Reader Speed Launcher] "C: \ Program Files \ Adobe \ Reader 9,0 \ Reader \ Reader_sl.exe"
O4 - HKLM \ .. \ Run: [Lexmark 1200 Series] "C: \ Program Files \ Lexmark 1200 Series \ lxczbmgr.exe"
O4 - HKLM \ .. \ Run: [SunJavaUpdateSched] "C: \ Program Files \ Java \ jre1.6.0_07 \ bin \ jusched.exe"
O4 - HKLM \ .. \ Run: [TkBellExe] "C: \ Program Files \ Common Files \ Real \ Update_OB \ realsched.exe"-osboot
O4 - HKCU \ .. \ Run: [BgMonitor_ (79662E04-7C6C-4d9f-84C7-88D8A56B10AA)] "C: \ Program Files \ Common Files \ ispred \ Lib \ NMBgMonitor.exe"
O4 - HKCU \ .. \ Run: [Ctfmon.exe] C: \ WINDOWS \ system32 \ Ctfmon.exe
O4 - HKUS \ S-1-5-19 \ .. \ Run: [Ctfmon.exe] C: \ WINDOWS \ System32 \ Ctfmon.exe (User 'LOCAL SERVICE')
O4 - HKUS \ S-1-5-19 \ .. \ Run: [AVG7_Run] C: \ programa ~ 1 \ Grisoft \ AVG7 \ avgw.exe / RunOnce (User 'LOCAL SERVICE')
O4 - HKUS \ S-1-5-20 \ .. \ Run: [Ctfmon.exe] C: \ WINDOWS \ System32 \ Ctfmon.exe (User 'NETWORK SERVICE')
O4 - HKUS \ S-1-5-18 \ .. \ Run: [Ctfmon.exe] C: \ WINDOWS \ System32 \ Ctfmon.exe (User 'SYSTEM')
O4 - HKUS \. DEFAULT \ .. \ Run: [Ctfmon.exe] C: \ WINDOWS \ System32 \ Ctfmon.exe (User 'Default user')
O4 - Global Startup: BN-WD54G Wireless Client Utility.lnk = C: \ Program Files \ BLUENEXT \ BN-WD54G \ Installer \ WINXP \ BCU.exe
O4 - Global Startup: Microsoft Office.lnk = C: \ Program Files \ Microsoft Office \ Office10 \ OSA.EXE
O8 - Extra kontekst meni stavka: & Search -- http://edits.mywebsearch.com/toolbar...tml?p=ZJfox000
O8 - Extra kontekst meni stavka: E & zvezi u Microsoft Excel - res: / / C: \ programa ~ 1 \ MICROS ~ 2 \ Office10 \ EXCEL.EXE/3000
O9 - Extra button: (no name) - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Program Files \ Java \ jre1.6.0_07 \ bin \ ssv.dll
O9 - Extra 'Tools' MENUITEM: Sun Java Console - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Program Files \ Java \ jre1.6.0_07 \ bin \ ssv.dll
O9 - Extra button: (no name) - (e2e2dd38-d088-4134-82b7-f2ba38496583) -% windir% \ Network Diagnostic \ xpnetdiag.exe (file missing)
O9 - Extra 'Tools' MENUITEM: @ xpsp3res.dll, -20001 - (e2e2dd38-d088-4134-82b7-f2ba38496583) -% windir% \ Network Diagnostic \ xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - (FB5F1910-F110-11D2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe
O9 - Extra 'Tools' MENUITEM: Windows Messenger - (FB5F1910-F110-11D2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe
O15 - Trusted Zone: http://www.msi.com.tw
O16 - DPF: (30528230-99f7-4bb4-88d8-fa1d4f56a2ab) (YInstStarter Class) - C: \ Program Files \ Yahoo! \ Common \ yinsthelper.dll
O16 - DPF: (4F1E5B1A-2A80-42CA-8532-2D05CB959537) (MSN Photo Upload Tool) -- http://gfx2.hotmail.com/mail/w3/pr01...s/MSNPUpld.cab
O16 - DPF: (8167C273-DF59-4416-B647-C8BB2C7EE83E) (WebSDev Control) -- http://liveupdate.msi.com.tw/autobio...ne/install.cab
O22 - SharedTaskScheduler: Browseui preloader - (438755C2-A8BA-11D1-B96B-00A0C90312E1) - C: \ WINDOWS \ System32 \ browseui.dll
O22 - SharedTaskScheduler: Component Categories cache demon - (8C7461EF-2B13-11D2-BE35-3078302C2030) - C: \ WINDOWS \ System32 \ browseui.dll
O23 - Service: ati brza tipka Poller - ATI Technologies Inc - C: \ WINDOWS \ system32 \ Ati2evxx.exe
O23 - Service: ATI Smart - Unknown vlasnika - C: \ WINDOWS \ system32 \ ati2sgag.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, sro - C: \ programa ~ 1 \ Grisoft \ AVG7 \ avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, sro - C: \ programa ~ 1 \ Grisoft \ AVG7 \ avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, sro - C: \ programa ~ 1 \ Grisoft \ AVG7 \ avgemc.exe
O23 - Service: Id_String1.6844F930_1628_4223_B5CC_5BB94B879762 # # # # (Bonjour Service) - Apple Computer, Inc - C: \ Program Files \ Bonjour \ mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd - C: \ Program Files \ Common Files \ Macrovision Shared \ FLEXnet Izdavač \ FNPLicensingService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C: \ Program Files \ Common Files \ InstallShield \ Driver \ 1050 \ Intel 32 \ IDriverT.exe
O23 - Service: servis LexBce Server (LexBceS) - Lexmark International, Inc - C: \ WINDOWS \ system32 \ LEXBCES.EXE
O23 - Service: NBService - Nero AG - C: \ Program Files \ Nero \ Nero 7 \ Nero BackItUp \ NBService.exe
O23 - Service: NMIndexingService - Nero AG - C: \ Program Files \ Common Files \ ispred \ Lib \ NMIndexingService.exe

Im 'ne tehnički, pa ako bi mogli objasniti u jednostavnim uvjetima Dajte stvarno poštovati Internet

**evilfantasy** · #2 4. studenog 2008, 12:06

Preuzimanje Malwarebytes' Anti-zaštita od zlonamjernih programa (MBAM)

Dvokliknite mbam-setup.exe i slijedite upute za instaliranje programa.
Na kraju, svakako jedan je postavljena kvačica pored sljedeće:
- Update Malwarebytes' Anti-zaštita od zlonamjernih programa
- Launch Malwarebytes' Anti-zaštita od zlonamjernih programa
Zatim kliknite na Završi.
Ako se ažuriranje je pronađen, on će preuzeti i instalirati najnoviju verziju.
Nakon što program učita, odaberite Obavi brzo pretraživanje, A zatim kliknite Scan.
Kada se skeniranje završi, kliknite na U redu, Zatim Prikaži rezultate za prikaz rezultata.
Budite sigurni da je sve provjeriti, a zatim kliknite Ukloni odabrano.
Kad je završio dezinfekcija, a zapisnik će se otvoriti u Notepad i vi svibanj biti zatraženo da Restart. (Vidi Extra bilješka)
U zapisnik se automatski sprema po MBAM i mogu biti pregledani klikom na tab Evidencije u MBAM.
Kopirajte i zalijepite cijeli izvještaj u vašem sljedeći odgovor.

Extra Napomena: Ako MBAM susrete datoteku koja je teško ukloniti, bit će predstavljen sa 1 of 2 upitom, kliknite U redu da biste bilo i nek MBAM nastaviti s procesom dezinfekcije, ako je zatraženo da ponovo pokrenete računalo, učinite to odmah.

----------

Molimo deinstalirati verziju HijackThis koji koristite, te napi ite log iz nove verzije.

Preuzimanje TrendMicro HijackThis.exe (HJT) na radnoj površini.

Dvaput kliknite na HJTInstall.
Kliknite na Instalacija gumb.
Bit će automatski HJT mjesto u C: \ Program Files \ TrendMicro \ HijackThis \ HijackThis.exe.
Nakon instaliranja, HijackThis trebali otvoriti za vas.
Kliknite na Da li je sustav skenirati i spremanje log datoteku button
HijackThis ce skenirati a zatim i prijava će se otvoriti u Notepad.
Kopirajte i zalijepite onda cijeli sadržaj se prijaviti u vaš post.
Ne HijackThis su riješili ništa još. Većina onoga što će se pronađe bezopasni ili čak obavezna.

----------

Dodaj Sljedeća post:
MBAM log
Novi HijackThis log

Chey · #3 4. studenog 2008, 15:36

Hvala vam za svoj post, morat ću to probati sutra ovo kao moj ISP (bethere) je porinuće i odjave stalno provjeravanje i na njihovim Forum je izgleda 99% korisnika koji se pojavljuje upravo tih problema, te su za protekli tjedan

to zapravo izgleda ovako mogao biti problem, ali JA pa ipak ištanje to ček za spyware.

Čim sam se dovoljno jaka veza za preuzimanje MBAM ću objaviti rezultat.

Mnogobrojan hvala.