Možda tražite i:
Spybot - Search & Destroy 2 beta
Pomoc-Spybot Search&Destroy
promena velicine search bar-a u Firefoxu

MyCity » Ambulanta -> Arhiva Ambulante » Neradi search

Neradi search

Napisano na dan: 24.1.2008

Strana:
1
2
3

Neradi search

Pagination

Prethodna strana

Sledeća strana

Pagination

Odgovori

Strana:
1
2
3

Golas Poslao: 24 Jan 2008 19:34 Idi na vrh
offline Golas Novi MyCity građanin Pridružio: 24 Jan 2008 Poruke: 28 Gde živiš: Sombor-Novi Sad	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Logfile of HijackThis v1.99.1 Scan saved at 19:32, on 2008-01-24 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe C:\WINDOWS\system32\LckFldService.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\UEAgent\UEAgent.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\WgaTray.exe C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\DAEMON Tools\daemon.exe C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe C:\Program Files\PC Connectivity Solution\ServiceLayer.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\PC Connectivity Solution\NclBTHandler.exe C:\Program Files\PeerWeb DC++\PeerWeb DC++.exe C:\WINDOWS\explorer.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\WINDOWS\system32\wupeng.exe C:\Program Files\MalwareCrush\MalwareCrush.exe C:\Program Files\MalwareCrush\MalwareCrush.exe C:\Documents and Settings\Nebojsa\My Documents\Programi\Moji\HijackThis.exe R3 - URLSearchHook: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll (file missing) O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O4 - HKLM\..\Run: [SoundMAX] C:\Program Files\Analog Devices\SoundMAX\Smax4.exe /tray O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe O4 - HKLM\..\Run: [MalwareCrush] C:\Program Files\MalwareCrush\MalwareCrush.exe /h O4 - HKCU\..\Run: [MsnMsgr] ~"C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [OM2_Monitor] "C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe" -NoStart O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033 O4 - Global Startup: Bluetooth.lnk = ? O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe O23 - Service: LckFldService - Unknown owner - C:\WINDOWS\system32\LckFldService.exe O23 - Service: RadClock - Unknown owner - C:\Program Files\RadLinker\RadClock.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe O23 - Service: UEAgent - SecureSynergy Pvt. Ltd. - C:\WINDOWS\UEAgent\UEAgent.exe O23 - Service: WMI Performance Adapter (WmiApSrv) - Unknown owner - C:\WINDOWS\System32\wbem\wmiapsrv.exe (file missing)

Profil

bobby Poslao: 24 Jan 2008 19:39 Idi na vrh
offline bobby Administrator Pridružio: 04 Sep 2003 Poruke: 24135 Gde živiš: Wien	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! 1) Preuzmi program SmitfraudFix sa ovog linka. 2.) Extract-uj program na desktop. (Takodje na ovaj način pripremi i program Hijack This koje će se kasnije koristiti) 3.) Restartuj računar i podigni sistem u Safe Mode-u. [ Safe Mode info link ] 4.) Pronadji na desktop-u folder gde si raspakovao SmitfraudFix program i dvoklikom pokreni fajl SmitfraudFix.cmd. Kada se alat za uklanjanje prvi put startuje pokazaće ti se ekran za odobrenje. Jednostavno pritisni bilo koje dugme na tastaturi da bi prešao na sledeći nivo. 5.) 6.) Program će početi sa čišćenjem kompjutera. Posle završenog čišćenja SmitfraudFix-om pokrenuće ti se Windows-ov program Disk Cleanup. Nakon sto SmitFraudFix zavrsi svoj posao, postavi nam ovde log koji se nalazi na C:\rapport.txt i svez HJT log.

Profil

Golas Poslao: 24 Jan 2008 19:57 Idi na vrh
offline Golas Novi MyCity građanin Pridružio: 24 Jan 2008 Poruke: 28 Gde živiš: Sombor-Novi Sad	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! SmitFraudFix v2.274 Scan done at 19:46:59.28, 2008-01-24 Run from C:\Documents and Settings\Nebojsa\Desktop\SmitfraudFix OS: Microsoft Windows XP [Version 5.1.2600] - Windows_NT The filesystem type is FAT32 Fix run in safe mode »»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Before SmitFraudFix !!!Attention, following keys are not inevitably infected!!! SrchSTS.exe by S!Ri Search SharedTaskScheduler's .dll »»»»»»»»»»»»»»»»»»»»»»»» Killing process »»»»»»»»»»»»»»»»»»»»»»»» hosts 127.0.0.1 localhost »»»»»»»»»»»»»»»»»»»»»»»» Winsock2 Fix S!Ri's WS2Fix: LSP not Found. »»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix GenericRenosFix by S!Ri »»»»»»»»»»»»»»»»»»»»»»»» Deleting infected files »»»»»»»»»»»»»»»»»»»»»»»» IEDFix IEDFix.exe by S!Ri »»»»»»»»»»»»»»»»»»»»»»»» DNS HKLM\SYSTEM\CCS\Services\Tcpip\..\{5C18D2F0-69DB-43AF-8276-48055315C22F}: DhcpNameServer=82.117.194.2 82.117.194.3 HKLM\SYSTEM\CS2\Services\Tcpip\..\{EC68F81D-CEBA-4598-9520-F8CD03EEFE73}: DhcpNameServer=82.117.194.2 82.117.194.3 HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=82.117.194.2 82.117.194.3 HKLM\SYSTEM\CS2\Services\Tcpip\Parameters: DhcpNameServer=82.117.194.2 82.117.194.3 »»»»»»»»»»»»»»»»»»»»»»»» Deleting Temp Files »»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System !!!Attention, following keys are not inevitably infected!!! [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] "System"="" »»»»»»»»»»»»»»»»»»»»»»»» Registry Cleaning Registry Cleaning done. »»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler After SmitFraudFix !!!Attention, following keys are not inevitably infected!!! SrchSTS.exe by S!Ri Search SharedTaskScheduler's .dll »»»»»»»»»»»»»»»»»»»»»»»» End Dopuna: 24 Jan 2008 19:57 Logfile of HijackThis v1.99.1 Scan saved at 19:55, on 2008-01-24 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe C:\WINDOWS\system32\LckFldService.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\UEAgent\UEAgent.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\WgaTray.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\MalwareCrush\MalwareCrush.exe C:\Program Files\DAEMON Tools\daemon.exe C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe C:\Program Files\MalwareCrush\MalwareCrush.exe C:\Program Files\PC Connectivity Solution\ServiceLayer.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\PC Connectivity Solution\NclBTHandler.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\WINDOWS\system32\NOTEPAD.EXE C:\Documents and Settings\Nebojsa\My Documents\Programi\Moji\HijackThis.exe R3 - URLSearchHook: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll (file missing) O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O4 - HKLM\..\Run: [SoundMAX] C:\Program Files\Analog Devices\SoundMAX\Smax4.exe /tray O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe O4 - HKLM\..\Run: [MalwareCrush] C:\Program Files\MalwareCrush\MalwareCrush.exe /h O4 - HKCU\..\Run: [MsnMsgr] ~"C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [OM2_Monitor] "C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe" -NoStart O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033 O4 - Global Startup: Bluetooth.lnk = ? O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe O23 - Service: LckFldService - Unknown owner - C:\WINDOWS\system32\LckFldService.exe O23 - Service: RadClock - Unknown owner - C:\Program Files\RadLinker\RadClock.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe O23 - Service: UEAgent - SecureSynergy Pvt. Ltd. - C:\WINDOWS\UEAgent\UEAgent.exe O23 - Service: WMI Performance Adapter (WmiApSrv) - Unknown owner - C:\WINDOWS\System32\wbem\wmiapsrv.exe (file missing)

Profil

bobby Poslao: 24 Jan 2008 20:02 Idi na vrh
offline bobby Administrator Pridružio: 04 Sep 2003 Poruke: 24135 Gde živiš: Wien	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Posto vec imas skinut ComboFix, probacemo sledece: Otvoriti Notepad i iskopirati sledeci tekst: `File:: C:\WINDOWS\system32\wupeng.exe Folder:: C:\Program Files\MalwareCrush` Snimiti na Desktop fajl iz Notepada kao "CFScript" Prevuci snimljeni skript/tekst na ComboFix ikonicu kao na slici. Postaviti u sledecoj poruci log koji bude bio napravljen na kraju ciscenja/skeniranja.

Profil

Golas Poslao: 24 Jan 2008 20:24 Idi na vrh
offline Golas Novi MyCity građanin Pridružio: 24 Jan 2008 Poruke: 28 Gde živiš: Sombor-Novi Sad	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! ComboFix 08-01-23.2 - Nebojsa 2008-01-24 20:14:59.4 - FAT32x86 Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.510 [GMT 1:00] Running from: C:\Documents and Settings\Nebojsa\Desktop\ComboFix(2).exe Command switches used :: C:\Documents and Settings\Nebojsa\Desktop\CFScript.txt * Created a new restore point WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !! FILE C:\WINDOWS\system32\wupeng.exe . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . ---- Previous Run ------- . C:\Documents and Settings\Nebojsa\My Documents\My Music\Strana\Katarina\Earth Wind & Fire\Desktop_.ini C:\Documents and Settings\Nebojsa\My Documents\My Music\Strana\Katarina\Laki jazz\Desktop_.ini C:\Documents and Settings\Nebojsa\My Documents\My Music\Strana\Katarina\Tracy Chapman\Desktop_.ini C:\Documents and Settings\Nebojsa\ravmonlog C:\Documents and Settings\Nebojsa\Start Menu\Programs\MalwareCrush C:\Documents and Settings\Nebojsa\Start Menu\Programs\MalwareCrush\MalwareCrush 3.7 Website.lnk C:\Documents and Settings\Nebojsa\Start Menu\Programs\MalwareCrush\MalwareCrush 3.7.lnk C:\Documents and Settings\Nebojsa\Start Menu\Programs\MalwareCrush\Uninstall MalwareCrush 3.7.lnk C:\Program Files\MalwareCrush\ C:\Program Files\MalwareCrush\\blacklist.txt C:\Program Files\MalwareCrush\\Lang\English.ini C:\Program Files\MalwareCrush\\MalwareCrush.exe C:\Program Files\MalwareCrush\\MalwareCrush.url C:\Program Files\MalwareCrush\\msvcp71.dll C:\Program Files\MalwareCrush\\msvcr71.dll C:\Program Files\MalwareCrush\\ref.dat C:\Program Files\MalwareCrush\\uninst.exe C:\Program Files\MalwareCrush\blacklist.txt C:\Program Files\MalwareCrush\Lang\English.ini C:\Program Files\MalwareCrush\MalwareCrush.exe C:\Program Files\MalwareCrush\MalwareCrush.url C:\Program Files\MalwareCrush\msvcp71.dll C:\Program Files\MalwareCrush\msvcr71.dll C:\Program Files\MalwareCrush\ref.dat C:\Program Files\MalwareCrush\uninst.exe C:\WINDOWS\system32\wupeng.exe . ((((((((((((((((((((((((( Files Created from 2007-12-24 to 2008-01-24 ))))))))))))))))))))))))))))))) . 2008-01-24 19:47 . 2008-01-24 19:47 1,838 --a------ C:\WINDOWS\system32\tmp.reg 2008-01-24 19:46 . 2007-09-05 23:22 289,144 --a------ C:\WINDOWS\system32\VCCLSID.exe 2008-01-24 19:46 . 2006-04-27 16:49 288,417 --a------ C:\WINDOWS\system32\SrchSTS.exe 2008-01-24 19:46 . 2007-12-20 23:11 81,920 --a------ C:\WINDOWS\system32\IEDFix.exe 2008-01-24 19:46 . 2003-06-05 20:13 53,248 --a------ C:\WINDOWS\system32\Process.exe 2008-01-24 19:46 . 2004-07-31 17:50 51,200 --a------ C:\WINDOWS\system32\dumphive.exe 2008-01-24 19:46 . 2007-10-03 23:36 25,600 --a------ C:\WINDOWS\system32\WS2Fix.exe 2008-01-24 18:07 . 2000-08-31 08:00 51,200 --a------ C:\WINDOWS\Nircmd.exe 2008-01-22 23:47 . 2008-01-22 23:47 <DIR> d-------- C:\totalcmd 2008-01-22 23:47 . 2008-01-23 23:56 1,003 --a------ C:\WINDOWS\wincmd.ini 2008-01-22 23:47 . 2007-09-14 07:02 545 --a------ C:\WINDOWS\UC.PIF 2008-01-22 23:47 . 2007-09-14 07:02 545 --a------ C:\WINDOWS\RAR.PIF 2008-01-22 23:47 . 2007-09-14 07:02 545 --a------ C:\WINDOWS\PKZIP.PIF 2008-01-22 23:47 . 2007-09-14 07:02 545 --a------ C:\WINDOWS\PKUNZIP.PIF 2008-01-22 23:47 . 2007-09-14 07:02 545 --a------ C:\WINDOWS\NOCLOSE.PIF 2008-01-22 23:47 . 2007-09-14 07:02 545 --a------ C:\WINDOWS\LHA.PIF 2008-01-22 23:47 . 2007-09-14 07:02 545 --a------ C:\WINDOWS\ARJ.PIF 2008-01-22 23:09 . 2008-01-22 23:09 <DIR> d-------- C:\WINDOWS\UEAgent 2008-01-22 23:09 . 2008-01-22 23:09 <DIR> d-------- C:\Program Files\Common Files\PatchEasy 2008-01-22 23:09 . 2008-01-22 23:14 1,675,264 --a------ C:\WINDOWS\system32\codec4ue3dbs.dll 2008-01-15 18:10 . 2008-01-15 18:11 <DIR> d-------- C:\WINDOWS\system32\URTTEMP 2008-01-15 13:11 . 2008-01-15 13:11 <DIR> d-------- C:\Program Files\Sony 2008-01-15 12:48 . 2008-01-15 12:48 <DIR> d-------- C:\Program Files\Sony Setup 2008-01-15 00:16 . 2008-01-15 00:16 <DIR> d-------- C:\Program Files\DAEMON Tools 2008-01-14 23:52 . 2008-01-14 23:52 <DIR> d--h----- C:\WINDOWS\PIF 2008-01-14 19:06 . 2008-01-14 19:06 <DIR> d-------- C:\Program Files\Synaptics 2008-01-14 18:45 . 2001-08-17 13:48 12,160 --a------ C:\WINDOWS\system32\drivers\mouhid.sys 2008-01-14 18:45 . 2001-08-17 13:48 12,160 --a------ C:\WINDOWS\system32\dllcache\mouhid.sys 2008-01-13 18:33 . 2008-01-13 18:33 <DIR> d-------- C:\Program Files\DkZ Studio 2008-01-11 16:47 . 2007-03-08 00:51 129,784 --------- C:\WINDOWS\system32\pxafs.dll 2008-01-11 10:04 . 2008-01-11 10:05 <DIR> d-------- C:\Program Files\PeerWeb DC++ 2008-01-11 00:22 . 2008-01-11 00:22 <DIR> d-------- C:\Program Files\Morpheus 2008-01-10 23:46 . 2008-01-10 23:46 <DIR> d-------- C:\Program Files\BearShare Applications 2008-01-10 23:46 . 2006-11-12 11:39 483,328 --a------ C:\WINDOWS\system32\actskn45.ocx 2008-01-10 19:48 . 2008-01-10 19:48 822,272 --a------ C:\WINDOWS\system32\drivers\BCMWL5.SYS . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-01-16 12:01 43,920 ----a-w C:\WINDOWS\AVI32HLM.DLL 2008-01-14 23:13 685,816 ----a-w C:\WINDOWS\system32\drivers\sptd.sys 2007-12-04 14:56 93,264 ----a-w C:\WINDOWS\system32\drivers\aswmon.sys 2007-12-04 14:55 94,544 ----a-w C:\WINDOWS\system32\drivers\aswmon2.sys 2007-12-04 14:53 23,152 ----a-w C:\WINDOWS\system32\drivers\aswRdr.sys 2007-12-04 14:51 42,912 ----a-w C:\WINDOWS\system32\drivers\aswTdi.sys 2007-12-04 14:49 26,624 ----a-w C:\WINDOWS\system32\drivers\aavmker4.sys 2007-12-04 13:04 837,496 ----a-w C:\WINDOWS\system32\aswBoot.exe 2007-12-04 12:54 95,608 ----a-w C:\WINDOWS\system32\AVASTSS.scr 2007-11-28 22:00 --------- d-----w C:\Program Files\uTorrent 2007-11-28 17:21 --------- d-----w C:\Program Files\Macrogaming 2007-11-14 07:26 450,560 ----a-w C:\WINDOWS\system32\dllcache\jscript.dll 2007-11-07 17:26 107,888 ----a-w C:\WINDOWS\system32\CmdLineExt.dll 2007-11-07 09:26 721,920 ----a-w C:\WINDOWS\system32\lsasrv.dll 2007-11-07 09:26 721,920 ------w C:\WINDOWS\system32\dllcache\lsasrv.dll 2007-10-30 17:20 360,064 ------w C:\WINDOWS\system32\dllcache\tcpip.sys 2007-10-30 10:16 3,058,688 ------w C:\WINDOWS\system32\dllcache\mshtml.dll 2007-10-29 22:43 1,287,680 ----a-w C:\WINDOWS\system32\quartz.dll 2007-10-29 22:43 1,287,680 ------w C:\WINDOWS\system32\dllcache\quartz.dll 2007-10-27 16:40 227,328 ----a-w C:\WINDOWS\system32\wmasf.dll 2007-10-27 16:40 227,328 ----a-w C:\WINDOWS\system32\dllcache\wmasf.dll 2007-10-26 03:36 8,454,656 ------w C:\WINDOWS\system32\dllcache\shell32.dll . ((((((((((((((((((((((((((((( snapshot@2008-01-24_18.09.52,84 ))))))))))))))))))))))))))))))))))))))))) . - 2008-01-24 17:07:38 229,376 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\00000001\NTUSER.DAT + 2008-01-24 19:14:54 229,376 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\00000001\NTUSER.DAT - 2008-01-24 17:07:38 8,192 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\00000002\UsrClass.dat + 2008-01-24 19:14:56 8,192 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\00000002\UsrClass.dat - 2008-01-24 17:07:38 229,376 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\00000003\NTUSER.DAT + 2008-01-24 19:14:56 229,376 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\00000003\NTUSER.DAT - 2008-01-24 17:07:40 8,192 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\00000004\UsrClass.dat + 2008-01-24 19:14:56 8,192 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\00000004\UsrClass.dat - 2008-01-24 17:07:40 7,696,384 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\00000005\ntuser.dat + 2008-01-24 19:14:56 7,696,384 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\00000005\ntuser.dat - 2008-01-24 17:07:40 647,168 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\00000006\UsrClass.dat + 2008-01-24 19:14:56 647,168 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\00000006\UsrClass.dat + 2008-01-24 19:12:30 16,384 ----a-w C:\WINDOWS\Temp\Perflib_Perfdata_144.dat . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "MsnMsgr"="~C:\Program Files\MSN Messenger\MsnMsgr.exe" [ ] "OM2_Monitor"="C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe" [2007-09-11 18:43 95536] "DAEMON Tools"="C:\Program Files\DAEMON Tools\daemon.exe" [2007-08-29 16:09 171464] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SoundMAX"="C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" [2007-08-04 16:45 716800] "PCSuiteTrayApplication"="C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe" [2006-11-08 13:27 222208] "avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-12-04 14:00 79224] "SynTPStart"="C:\Program Files\Synaptics\SynTP\SynTPStart.exe" [2007-09-15 02:29 102400] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2004-08-04 00:56 15360] "PcSync"="C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2007-08-04 16:44 1634304] C:\Documents and Settings\All Users\Start Menu\Programs\Startup\ Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe [2006-02-15 16:16:02 581693] [hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks] "{35B2861B-2B26-4691-9FF0-09083722C736}"= C:\PROGRA~1\RADLIN~1\RadExe.dll [2004-01-30 05:19 139264] [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk] path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk backup=C:\WINDOWS\pss\Adobe Reader Speed Launch.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE] --a------ 2004-08-04 00:56 15360 C:\WINDOWS\system32\ctfmon.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup] --a------ 2007-08-04 16:44 249856 C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler] --a------ 2005-08-11 16:30 81920 C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MalwareCrush] C:\Program Files\MalwareCrush\MalwareCrush.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS] --a------ 2004-10-13 18:24 1694208 C:\Program Files\Messenger\MSMSGS.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroCheck] --a------ 2001-07-09 11:50 155648 C:\WINDOWS\system32\NeroCheck.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RavAV] C:\WINDOWS\AdobeR.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMAXPnP] --a------ 2005-05-20 09:11 925696 C:\Program Files\Analog Devices\Core\smax4pnp.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SweetIM] -ra------ 2007-10-14 18:09 103712 C:\Program Files\Macrogaming\SweetIM\SweetIM.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe] --a------ 2007-01-07 20:05 180269 C:\Program Files\Common Files\Real\Update_OB\realsched.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Vidalia] C:\Program Files\Vidalia Bundle\Vidalia\vidalia.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Winupdate Engine] C:\WINDOWS\system32\wupeng.exe R2 UEAgent;UEAgent;C:\WINDOWS\UEAgent\UEAgent.exe [2008-01-22 23:14] S3 usnjsvc;Messenger Sharing Folders USN Journal Reader service;"C:\Program Files\MSN Messenger\usnsvc.exe" [2007-01-19 12:54] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{78b40236-c3ad-11dc-b864-001bd7bd484d}] \Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript.exe killVBS.vbs . ************************************************************************ catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, gmer.net Rootkit scan 2008-01-24 20:16:54 Windows 5.1.2600 Service Pack 2 FAT NTAPI scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************ . Dopuna: 24 Jan 2008 20:21 ComboFix 08-01-23.2 - Nebojsa 2008-01-24 20:14:59.4 - FAT32x86 Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.510 [GMT 1:00] Running from: C:\Documents and Settings\Nebojsa\Desktop\ComboFix(2).exe Command switches used :: C:\Documents and Settings\Nebojsa\Desktop\CFScript.txt * Created a new restore point WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !! FILE C:\WINDOWS\system32\wupeng.exe . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . ---- Previous Run ------- . C:\Documents and Settings\Nebojsa\My Documents\My Music\Strana\Katarina\Earth Wind & Fire\Desktop_.ini C:\Documents and Settings\Nebojsa\My Documents\My Music\Strana\Katarina\Laki jazz\Desktop_.ini C:\Documents and Settings\Nebojsa\My Documents\My Music\Strana\Katarina\Tracy Chapman\Desktop_.ini C:\Documents and Settings\Nebojsa\ravmonlog C:\Documents and Settings\Nebojsa\Start Menu\Programs\MalwareCrush C:\Documents and Settings\Nebojsa\Start Menu\Programs\MalwareCrush\MalwareCrush 3.7 Website.lnk C:\Documents and Settings\Nebojsa\Start Menu\Programs\MalwareCrush\MalwareCrush 3.7.lnk C:\Documents and Settings\Nebojsa\Start Menu\Programs\MalwareCrush\Uninstall MalwareCrush 3.7.lnk C:\Program Files\MalwareCrush\ C:\Program Files\MalwareCrush\\blacklist.txt C:\Program Files\MalwareCrush\\Lang\English.ini C:\Program Files\MalwareCrush\\MalwareCrush.exe C:\Program Files\MalwareCrush\\MalwareCrush.url C:\Program Files\MalwareCrush\\msvcp71.dll C:\Program Files\MalwareCrush\\msvcr71.dll C:\Program Files\MalwareCrush\\ref.dat C:\Program Files\MalwareCrush\\uninst.exe C:\Program Files\MalwareCrush\blacklist.txt C:\Program Files\MalwareCrush\Lang\English.ini C:\Program Files\MalwareCrush\MalwareCrush.exe C:\Program Files\MalwareCrush\MalwareCrush.url C:\Program Files\MalwareCrush\msvcp71.dll C:\Program Files\MalwareCrush\msvcr71.dll C:\Program Files\MalwareCrush\ref.dat C:\Program Files\MalwareCrush\uninst.exe C:\WINDOWS\system32\wupeng.exe . ((((((((((((((((((((((((( Files Created from 2007-12-24 to 2008-01-24 ))))))))))))))))))))))))))))))) . 2008-01-24 19:47 . 2008-01-24 19:47 1,838 --a------ C:\WINDOWS\system32\tmp.reg 2008-01-24 19:46 . 2007-09-05 23:22 289,144 --a------ C:\WINDOWS\system32\VCCLSID.exe 2008-01-24 19:46 . 2006-04-27 16:49 288,417 --a------ C:\WINDOWS\system32\SrchSTS.exe 2008-01-24 19:46 . 2007-12-20 23:11 81,920 --a------ C:\WINDOWS\system32\IEDFix.exe 2008-01-24 19:46 . 2003-06-05 20:13 53,248 --a------ C:\WINDOWS\system32\Process.exe 2008-01-24 19:46 . 2004-07-31 17:50 51,200 --a------ C:\WINDOWS\system32\dumphive.exe 2008-01-24 19:46 . 2007-10-03 23:36 25,600 --a------ C:\WINDOWS\system32\WS2Fix.exe 2008-01-24 18:07 . 2000-08-31 08:00 51,200 --a------ C:\WINDOWS\Nircmd.exe 2008-01-22 23:47 . 2008-01-22 23:47 <DIR> d-------- C:\totalcmd 2008-01-22 23:47 . 2008-01-23 23:56 1,003 --a------ C:\WINDOWS\wincmd.ini 2008-01-22 23:47 . 2007-09-14 07:02 545 --a------ C:\WINDOWS\UC.PIF 2008-01-22 23:47 . 2007-09-14 07:02 545 --a------ C:\WINDOWS\RAR.PIF 2008-01-22 23:47 . 2007-09-14 07:02 545 --a------ C:\WINDOWS\PKZIP.PIF 2008-01-22 23:47 . 2007-09-14 07:02 545 --a------ C:\WINDOWS\PKUNZIP.PIF 2008-01-22 23:47 . 2007-09-14 07:02 545 --a------ C:\WINDOWS\NOCLOSE.PIF 2008-01-22 23:47 . 2007-09-14 07:02 545 --a------ C:\WINDOWS\LHA.PIF 2008-01-22 23:47 . 2007-09-14 07:02 545 --a------ C:\WINDOWS\ARJ.PIF 2008-01-22 23:09 . 2008-01-22 23:09 <DIR> d-------- C:\WINDOWS\UEAgent 2008-01-22 23:09 . 2008-01-22 23:09 <DIR> d-------- C:\Program Files\Common Files\PatchEasy 2008-01-22 23:09 . 2008-01-22 23:14 1,675,264 --a------ C:\WINDOWS\system32\codec4ue3dbs.dll 2008-01-15 18:10 . 2008-01-15 18:11 <DIR> d-------- C:\WINDOWS\system32\URTTEMP 2008-01-15 13:11 . 2008-01-15 13:11 <DIR> d-------- C:\Program Files\Sony 2008-01-15 12:48 . 2008-01-15 12:48 <DIR> d-------- C:\Program Files\Sony Setup 2008-01-15 00:16 . 2008-01-15 00:16 <DIR> d-------- C:\Program Files\DAEMON Tools 2008-01-14 23:52 . 2008-01-14 23:52 <DIR> d--h----- C:\WINDOWS\PIF 2008-01-14 19:06 . 2008-01-14 19:06 <DIR> d-------- C:\Program Files\Synaptics 2008-01-14 18:45 . 2001-08-17 13:48 12,160 --a------ C:\WINDOWS\system32\drivers\mouhid.sys 2008-01-14 18:45 . 2001-08-17 13:48 12,160 --a------ C:\WINDOWS\system32\dllcache\mouhid.sys 2008-01-13 18:33 . 2008-01-13 18:33 <DIR> d-------- C:\Program Files\DkZ Studio 2008-01-11 16:47 . 2007-03-08 00:51 129,784 --------- C:\WINDOWS\system32\pxafs.dll 2008-01-11 10:04 . 2008-01-11 10:05 <DIR> d-------- C:\Program Files\PeerWeb DC++ 2008-01-11 00:22 . 2008-01-11 00:22 <DIR> d-------- C:\Program Files\Morpheus 2008-01-10 23:46 . 2008-01-10 23:46 <DIR> d-------- C:\Program Files\BearShare Applications 2008-01-10 23:46 . 2006-11-12 11:39 483,328 --a------ C:\WINDOWS\system32\actskn45.ocx 2008-01-10 19:48 . 2008-01-10 19:48 822,272 --a------ C:\WINDOWS\system32\drivers\BCMWL5.SYS . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-01-16 12:01 43,920 ----a-w C:\WINDOWS\AVI32HLM.DLL 2008-01-14 23:13 685,816 ----a-w C:\WINDOWS\system32\drivers\sptd.sys 2007-12-04 14:56 93,264 ----a-w C:\WINDOWS\system32\drivers\aswmon.sys 2007-12-04 14:55 94,544 ----a-w C:\WINDOWS\system32\drivers\aswmon2.sys 2007-12-04 14:53 23,152 ----a-w C:\WINDOWS\system32\drivers\aswRdr.sys 2007-12-04 14:51 42,912 ----a-w C:\WINDOWS\system32\drivers\aswTdi.sys 2007-12-04 14:49 26,624 ----a-w C:\WINDOWS\system32\drivers\aavmker4.sys 2007-12-04 13:04 837,496 ----a-w C:\WINDOWS\system32\aswBoot.exe 2007-12-04 12:54 95,608 ----a-w C:\WINDOWS\system32\AVASTSS.scr 2007-11-28 22:00 --------- d-----w C:\Program Files\uTorrent 2007-11-28 17:21 --------- d-----w C:\Program Files\Macrogaming 2007-11-14 07:26 450,560 ----a-w C:\WINDOWS\system32\dllcache\jscript.dll 2007-11-07 17:26 107,888 ----a-w C:\WINDOWS\system32\CmdLineExt.dll 2007-11-07 09:26 721,920 ----a-w C:\WINDOWS\system32\lsasrv.dll 2007-11-07 09:26 721,920 ------w C:\WINDOWS\system32\dllcache\lsasrv.dll 2007-10-30 17:20 360,064 ------w C:\WINDOWS\system32\dllcache\tcpip.sys 2007-10-30 10:16 3,058,688 ------w C:\WINDOWS\system32\dllcache\mshtml.dll 2007-10-29 22:43 1,287,680 ----a-w C:\WINDOWS\system32\quartz.dll 2007-10-29 22:43 1,287,680 ------w C:\WINDOWS\system32\dllcache\quartz.dll 2007-10-27 16:40 227,328 ----a-w C:\WINDOWS\system32\wmasf.dll 2007-10-27 16:40 227,328 ----a-w C:\WINDOWS\system32\dllcache\wmasf.dll 2007-10-26 03:36 8,454,656 ------w C:\WINDOWS\system32\dllcache\shell32.dll . ((((((((((((((((((((((((((((( snapshot@2008-01-24_18.09.52,84 ))))))))))))))))))))))))))))))))))))))))) . - 2008-01-24 17:07:38 229,376 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\00000001\NTUSER.DAT + 2008-01-24 19:14:54 229,376 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\00000001\NTUSER.DAT - 2008-01-24 17:07:38 8,192 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\00000002\UsrClass.dat + 2008-01-24 19:14:56 8,192 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\00000002\UsrClass.dat - 2008-01-24 17:07:38 229,376 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\00000003\NTUSER.DAT + 2008-01-24 19:14:56 229,376 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\00000003\NTUSER.DAT - 2008-01-24 17:07:40 8,192 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\00000004\UsrClass.dat + 2008-01-24 19:14:56 8,192 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\00000004\UsrClass.dat - 2008-01-24 17:07:40 7,696,384 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\00000005\ntuser.dat + 2008-01-24 19:14:56 7,696,384 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\00000005\ntuser.dat - 2008-01-24 17:07:40 647,168 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\00000006\UsrClass.dat + 2008-01-24 19:14:56 647,168 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\00000006\UsrClass.dat + 2008-01-24 19:12:30 16,384 ----a-w C:\WINDOWS\Temp\Perflib_Perfdata_144.dat . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "MsnMsgr"="~C:\Program Files\MSN Messenger\MsnMsgr.exe" [ ] "OM2_Monitor"="C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe" [2007-09-11 18:43 95536] "DAEMON Tools"="C:\Program Files\DAEMON Tools\daemon.exe" [2007-08-29 16:09 171464] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SoundMAX"="C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" [2007-08-04 16:45 716800] "PCSuiteTrayApplication"="C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe" [2006-11-08 13:27 222208] "avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-12-04 14:00 79224] "SynTPStart"="C:\Program Files\Synaptics\SynTP\SynTPStart.exe" [2007-09-15 02:29 102400] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2004-08-04 00:56 15360] "PcSync"="C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2007-08-04 16:44 1634304] C:\Documents and Settings\All Users\Start Menu\Programs\Startup\ Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe [2006-02-15 16:16:02 581693] [hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks] "{35B2861B-2B26-4691-9FF0-09083722C736}"= C:\PROGRA~1\RADLIN~1\RadExe.dll [2004-01-30 05:19 139264] [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk] path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk backup=C:\WINDOWS\pss\Adobe Reader Speed Launch.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE] --a------ 2004-08-04 00:56 15360 C:\WINDOWS\system32\ctfmon.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup] --a------ 2007-08-04 16:44 249856 C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler] --a------ 2005-08-11 16:30 81920 C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MalwareCrush] C:\Program Files\MalwareCrush\MalwareCrush.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS] --a------ 2004-10-13 18:24 1694208 C:\Program Files\Messenger\MSMSGS.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroCheck] --a------ 2001-07-09 11:50 155648 C:\WINDOWS\system32\NeroCheck.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RavAV] C:\WINDOWS\AdobeR.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMAXPnP] --a------ 2005-05-20 09:11 925696 C:\Program Files\Analog Devices\Core\smax4pnp.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SweetIM] -ra------ 2007-10-14 18:09 103712 C:\Program Files\Macrogaming\SweetIM\SweetIM.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe] --a------ 2007-01-07 20:05 180269 C:\Program Files\Common Files\Real\Update_OB\realsched.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Vidalia] C:\Program Files\Vidalia Bundle\Vidalia\vidalia.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Winupdate Engine] C:\WINDOWS\system32\wupeng.exe R2 UEAgent;UEAgent;C:\WINDOWS\UEAgent\UEAgent.exe [2008-01-22 23:14] S3 usnjsvc;Messenger Sharing Folders USN Journal Reader service;"C:\Program Files\MSN Messenger\usnsvc.exe" [2007-01-19 12:54] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{78b40236-c3ad-11dc-b864-001bd7bd484d}] \Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript.exe killVBS.vbs . ************************************************************************ catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, gmer.net Rootkit scan 2008-01-24 20:16:54 Windows 5.1.2600 Service Pack 2 FAT NTAPI scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************ . Dopuna: 24 Jan 2008 20:24 ComboFix 08-01-23.2 - Nebojsa 2008-01-24 20:14:59.4 - FAT32x86 Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.510 [GMT 1:00] Running from: C:\Documents and Settings\Nebojsa\Desktop\ComboFix(2).exe Command switches used :: C:\Documents and Settings\Nebojsa\Desktop\CFScript.txt * Created a new restore point WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !! FILE C:\WINDOWS\system32\wupeng.exe . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . ---- Previous Run ------- . C:\Documents and Settings\Nebojsa\My Documents\My Music\Strana\Katarina\Earth Wind & Fire\Desktop_.ini C:\Documents and Settings\Nebojsa\My Documents\My Music\Strana\Katarina\Laki jazz\Desktop_.ini C:\Documents and Settings\Nebojsa\My Documents\My Music\Strana\Katarina\Tracy Chapman\Desktop_.ini C:\Documents and Settings\Nebojsa\ravmonlog C:\Documents and Settings\Nebojsa\Start Menu\Programs\MalwareCrush C:\Documents and Settings\Nebojsa\Start Menu\Programs\MalwareCrush\MalwareCrush 3.7 Website.lnk C:\Documents and Settings\Nebojsa\Start Menu\Programs\MalwareCrush\MalwareCrush 3.7.lnk C:\Documents and Settings\Nebojsa\Start Menu\Programs\MalwareCrush\Uninstall MalwareCrush 3.7.lnk C:\Program Files\MalwareCrush\ C:\Program Files\MalwareCrush\\blacklist.txt C:\Program Files\MalwareCrush\\Lang\English.ini C:\Program Files\MalwareCrush\\MalwareCrush.exe C:\Program Files\MalwareCrush\\MalwareCrush.url C:\Program Files\MalwareCrush\\msvcp71.dll C:\Program Files\MalwareCrush\\msvcr71.dll C:\Program Files\MalwareCrush\\ref.dat C:\Program Files\MalwareCrush\\uninst.exe C:\Program Files\MalwareCrush\blacklist.txt C:\Program Files\MalwareCrush\Lang\English.ini C:\Program Files\MalwareCrush\MalwareCrush.exe C:\Program Files\MalwareCrush\MalwareCrush.url C:\Program Files\MalwareCrush\msvcp71.dll C:\Program Files\MalwareCrush\msvcr71.dll C:\Program Files\MalwareCrush\ref.dat C:\Program Files\MalwareCrush\uninst.exe C:\WINDOWS\system32\wupeng.exe . ((((((((((((((((((((((((( Files Created from 2007-12-24 to 2008-01-24 ))))))))))))))))))))))))))))))) . 2008-01-24 19:47 . 2008-01-24 19:47 1,838 --a------ C:\WINDOWS\system32\tmp.reg 2008-01-24 19:46 . 2007-09-05 23:22 289,144 --a------ C:\WINDOWS\system32\VCCLSID.exe 2008-01-24 19:46 . 2006-04-27 16:49 288,417 --a------ C:\WINDOWS\system32\SrchSTS.exe 2008-01-24 19:46 . 2007-12-20 23:11 81,920 --a------ C:\WINDOWS\system32\IEDFix.exe 2008-01-24 19:46 . 2003-06-05 20:13 53,248 --a------ C:\WINDOWS\system32\Process.exe 2008-01-24 19:46 . 2004-07-31 17:50 51,200 --a------ C:\WINDOWS\system32\dumphive.exe 2008-01-24 19:46 . 2007-10-03 23:36 25,600 --a------ C:\WINDOWS\system32\WS2Fix.exe 2008-01-24 18:07 . 2000-08-31 08:00 51,200 --a------ C:\WINDOWS\Nircmd.exe 2008-01-22 23:47 . 2008-01-22 23:47 <DIR> d-------- C:\totalcmd 2008-01-22 23:47 . 2008-01-23 23:56 1,003 --a------ C:\WINDOWS\wincmd.ini 2008-01-22 23:47 . 2007-09-14 07:02 545 --a------ C:\WINDOWS\UC.PIF 2008-01-22 23:47 . 2007-09-14 07:02 545 --a------ C:\WINDOWS\RAR.PIF 2008-01-22 23:47 . 2007-09-14 07:02 545 --a------ C:\WINDOWS\PKZIP.PIF 2008-01-22 23:47 . 2007-09-14 07:02 545 --a------ C:\WINDOWS\PKUNZIP.PIF 2008-01-22 23:47 . 2007-09-14 07:02 545 --a------ C:\WINDOWS\NOCLOSE.PIF 2008-01-22 23:47 . 2007-09-14 07:02 545 --a------ C:\WINDOWS\LHA.PIF 2008-01-22 23:47 . 2007-09-14 07:02 545 --a------ C:\WINDOWS\ARJ.PIF 2008-01-22 23:09 . 2008-01-22 23:09 <DIR> d-------- C:\WINDOWS\UEAgent 2008-01-22 23:09 . 2008-01-22 23:09 <DIR> d-------- C:\Program Files\Common Files\PatchEasy 2008-01-22 23:09 . 2008-01-22 23:14 1,675,264 --a------ C:\WINDOWS\system32\codec4ue3dbs.dll 2008-01-15 18:10 . 2008-01-15 18:11 <DIR> d-------- C:\WINDOWS\system32\URTTEMP 2008-01-15 13:11 . 2008-01-15 13:11 <DIR> d-------- C:\Program Files\Sony 2008-01-15 12:48 . 2008-01-15 12:48 <DIR> d-------- C:\Program Files\Sony Setup 2008-01-15 00:16 . 2008-01-15 00:16 <DIR> d-------- C:\Program Files\DAEMON Tools 2008-01-14 23:52 . 2008-01-14 23:52 <DIR> d--h----- C:\WINDOWS\PIF 2008-01-14 19:06 . 2008-01-14 19:06 <DIR> d-------- C:\Program Files\Synaptics 2008-01-14 18:45 . 2001-08-17 13:48 12,160 --a------ C:\WINDOWS\system32\drivers\mouhid.sys 2008-01-14 18:45 . 2001-08-17 13:48 12,160 --a------ C:\WINDOWS\system32\dllcache\mouhid.sys 2008-01-13 18:33 . 2008-01-13 18:33 <DIR> d-------- C:\Program Files\DkZ Studio 2008-01-11 16:47 . 2007-03-08 00:51 129,784 --------- C:\WINDOWS\system32\pxafs.dll 2008-01-11 10:04 . 2008-01-11 10:05 <DIR> d-------- C:\Program Files\PeerWeb DC++ 2008-01-11 00:22 . 2008-01-11 00:22 <DIR> d-------- C:\Program Files\Morpheus 2008-01-10 23:46 . 2008-01-10 23:46 <DIR> d-------- C:\Program Files\BearShare Applications 2008-01-10 23:46 . 2006-11-12 11:39 483,328 --a------ C:\WINDOWS\system32\actskn45.ocx 2008-01-10 19:48 . 2008-01-10 19:48 822,272 --a------ C:\WINDOWS\system32\drivers\BCMWL5.SYS . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-01-16 12:01 43,920 ----a-w C:\WINDOWS\AVI32HLM.DLL 2008-01-14 23:13 685,816 ----a-w C:\WINDOWS\system32\drivers\sptd.sys 2007-12-04 14:56 93,264 ----a-w C:\WINDOWS\system32\drivers\aswmon.sys 2007-12-04 14:55 94,544 ----a-w C:\WINDOWS\system32\drivers\aswmon2.sys 2007-12-04 14:53 23,152 ----a-w C:\WINDOWS\system32\drivers\aswRdr.sys 2007-12-04 14:51 42,912 ----a-w C:\WINDOWS\system32\drivers\aswTdi.sys 2007-12-04 14:49 26,624 ----a-w C:\WINDOWS\system32\drivers\aavmker4.sys 2007-12-04 13:04 837,496 ----a-w C:\WINDOWS\system32\aswBoot.exe 2007-12-04 12:54 95,608 ----a-w C:\WINDOWS\system32\AVASTSS.scr 2007-11-28 22:00 --------- d-----w C:\Program Files\uTorrent 2007-11-28 17:21 --------- d-----w C:\Program Files\Macrogaming 2007-11-14 07:26 450,560 ----a-w C:\WINDOWS\system32\dllcache\jscript.dll 2007-11-07 17:26 107,888 ----a-w C:\WINDOWS\system32\CmdLineExt.dll 2007-11-07 09:26 721,920 ----a-w C:\WINDOWS\system32\lsasrv.dll 2007-11-07 09:26 721,920 ------w C:\WINDOWS\system32\dllcache\lsasrv.dll 2007-10-30 17:20 360,064 ------w C:\WINDOWS\system32\dllcache\tcpip.sys 2007-10-30 10:16 3,058,688 ------w C:\WINDOWS\system32\dllcache\mshtml.dll 2007-10-29 22:43 1,287,680 ----a-w C:\WINDOWS\system32\quartz.dll 2007-10-29 22:43 1,287,680 ------w C:\WINDOWS\system32\dllcache\quartz.dll 2007-10-27 16:40 227,328 ----a-w C:\WINDOWS\system32\wmasf.dll 2007-10-27 16:40 227,328 ----a-w C:\WINDOWS\system32\dllcache\wmasf.dll 2007-10-26 03:36 8,454,656 ------w C:\WINDOWS\system32\dllcache\shell32.dll . ((((((((((((((((((((((((((((( snapshot@2008-01-24_18.09.52,84 ))))))))))))))))))))))))))))))))))))))))) . - 2008-01-24 17:07:38 229,376 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\00000001\NTUSER.DAT + 2008-01-24 19:14:54 229,376 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\00000001\NTUSER.DAT - 2008-01-24 17:07:38 8,192 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\00000002\UsrClass.dat + 2008-01-24 19:14:56 8,192 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\00000002\UsrClass.dat - 2008-01-24 17:07:38 229,376 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\00000003\NTUSER.DAT + 2008-01-24 19:14:56 229,376 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\00000003\NTUSER.DAT - 2008-01-24 17:07:40 8,192 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\00000004\UsrClass.dat + 2008-01-24 19:14:56 8,192 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\00000004\UsrClass.dat - 2008-01-24 17:07:40 7,696,384 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\00000005\ntuser.dat + 2008-01-24 19:14:56 7,696,384 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\00000005\ntuser.dat - 2008-01-24 17:07:40 647,168 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\00000006\UsrClass.dat + 2008-01-24 19:14:56 647,168 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\00000006\UsrClass.dat + 2008-01-24 19:12:30 16,384 ----a-w C:\WINDOWS\Temp\Perflib_Perfdata_144.dat . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "MsnMsgr"="~C:\Program Files\MSN Messenger\MsnMsgr.exe" [ ] "OM2_Monitor"="C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe" [2007-09-11 18:43 95536] "DAEMON Tools"="C:\Program Files\DAEMON Tools\daemon.exe" [2007-08-29 16:09 171464] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SoundMAX"="C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" [2007-08-04 16:45 716800] "PCSuiteTrayApplication"="C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe" [2006-11-08 13:27 222208] "avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-12-04 14:00 79224] "SynTPStart"="C:\Program Files\Synaptics\SynTP\SynTPStart.exe" [2007-09-15 02:29 102400] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2004-08-04 00:56 15360] "PcSync"="C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2007-08-04 16:44 1634304] C:\Documents and Settings\All Users\Start Menu\Programs\Startup\ Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe [2006-02-15 16:16:02 581693] [hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks] "{35B2861B-2B26-4691-9FF0-09083722C736}"= C:\PROGRA~1\RADLIN~1\RadExe.dll [2004-01-30 05:19 139264] [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk] path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk backup=C:\WINDOWS\pss\Adobe Reader Speed Launch.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE] --a------ 2004-08-04 00:56 15360 C:\WINDOWS\system32\ctfmon.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup] --a------ 2007-08-04 16:44 249856 C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler] --a------ 2005-08-11 16:30 81920 C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MalwareCrush] C:\Program Files\MalwareCrush\MalwareCrush.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS] --a------ 2004-10-13 18:24 1694208 C:\Program Files\Messenger\MSMSGS.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroCheck] --a------ 2001-07-09 11:50 155648 C:\WINDOWS\system32\NeroCheck.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RavAV] C:\WINDOWS\AdobeR.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMAXPnP] --a------ 2005-05-20 09:11 925696 C:\Program Files\Analog Devices\Core\smax4pnp.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SweetIM] -ra------ 2007-10-14 18:09 103712 C:\Program Files\Macrogaming\SweetIM\SweetIM.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe] --a------ 2007-01-07 20:05 180269 C:\Program Files\Common Files\Real\Update_OB\realsched.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Vidalia] C:\Program Files\Vidalia Bundle\Vidalia\vidalia.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Winupdate Engine] C:\WINDOWS\system32\wupeng.exe R2 UEAgent;UEAgent;C:\WINDOWS\UEAgent\UEAgent.exe [2008-01-22 23:14] S3 usnjsvc;Messenger Sharing Folders USN Journal Reader service;"C:\Program Files\MSN Messenger\usnsvc.exe" [2007-01-19 12:54] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{78b40236-c3ad-11dc-b864-001bd7bd484d}] \Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript.exe killVBS.vbs . ************************************************************************ catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, gmer.net Rootkit scan 2008-01-24 20:16:54 Windows 5.1.2600 Service Pack 2 FAT NTAPI scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************ .

Profil

bobby Poslao: 24 Jan 2008 20:33 Idi na vrh
offline bobby Administrator Pridružio: 04 Sep 2003 Poruke: 24135 Gde živiš: Wien	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Postoji li C:\WINDOWS\system32\wupeng.exe jos uvek na disku?

Profil

Golas Poslao: 24 Jan 2008 20:39 Idi na vrh
offline Golas Novi MyCity građanin Pridružio: 24 Jan 2008 Poruke: 28 Gde živiš: Sombor-Novi Sad	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Ne postoji

Profil

bobby Poslao: 24 Jan 2008 20:43 Idi na vrh
offline bobby Administrator Pridružio: 04 Sep 2003 Poruke: 24135 Gde živiš: Wien	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Ima li jos kakvih simptoma?

Profil

Golas Poslao: 24 Jan 2008 20:50 Idi na vrh
offline Golas Novi MyCity građanin Pridružio: 24 Jan 2008 Poruke: 28 Gde živiš: Sombor-Novi Sad	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Nekada se par puta restartuje pre nego sto se podigne sistem, a nekada moram da idem u safe mode, pa da ga odande restartujem da bi se normalno podigao sistem.

Profil

bobby Poslao: 24 Jan 2008 20:56 Idi na vrh
offline bobby Administrator Pridružio: 04 Sep 2003 Poruke: 24135 Gde živiš: Wien	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! To ti se desava nakon ovog naseg ciscenja ili je to od ranije? Ja te pitam da li ima jos simptoma infekcije, za ostale vrste problema bih te zamolio da otvoris temu u odgovarajucim forumima. Kod takvih "teskih startovanja" uzrok je obicno lose ili zastarelo napajanje, a to je vec tema za hardverski deo foruma.

Profil

MyCity » Ambulanta -> Arhiva Ambulante » Neradi search

Ko je trenutno na forumu

Ukupno su 955 korisnika na forumu :: 11 registrovanih, 3 sakrivenih i 941 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: bobomicek, darkojbn, galijot, hyla, ILGromovnik, jukeboxer, Lazarus, Mi lao shu, panzerwaffe, Tvrtko I, voja64

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by