MyCity » Ambulanta -> Arhiva Ambulante » Straašno uspooren računar

Straašno uspooren računar

Napisano na dan: 9.10.2009

Strana:
1
2
3

Straašno uspooren računar

Sledeća strana

Pagination

Odgovori

Strana:
1
2
3

rradovan Poslao: 09 Okt 2009 19:30 Idi na vrh
offline rradovan Građanin Pridružio: 15 Dec 2008 Poruke: 177 Gde živiš: Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Pre dan-dva računar se strašno usporio, otvaranje stranice (i Yahoo home page) na internetu (kablovski LAN) traje po minut, ponekad kaže da je stranica nedostupna, a usporili se i lokalni programi i aplikacije. Za kratko se promeni stanje kad se restartuju kablovski modem i ruter, pa onda opet isto. Druga mašina u mreži na istom modemu i ruteru radi normalno. ESET NOD 32 na skeniranju ne vidi ništa. DDS (Ver_09-09-29.01) - NTFSx86 Run by RR at 19:10:35.00 on Fri 10/09/2009 Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_14 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1918.1081 [GMT 2:00] AV: AVG On-access scanning disabled (Outdated) {17DDD097-36FF-435F-9E1B-52D74245D6BF} AV: ESET NOD32 Antivirus 3.0 On-access scanning enabled (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0} ============== Running Processes =============== C:\windows\system32\Ati2evxx.exe C:\windows\system32\svchost -k DcomLaunch svchost.exe C:\windows\System32\svchost.exe -k netsvcs svchost.exe C:\windows\system32\Ati2evxx.exe C:\windows\system32\spoolsv.exe C:\windows\Explorer.EXE C:\Program Files\Common Files\rrff9899rh\r8f99h.exe C:\Program Files\Common Files\tysarekb\zamsdyg.exe C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe C:\windows\RTHDCPL.EXE C:\Program Files\Babylon\Babylon-Pro\Babylon.exe C:\DOCUME~1\RR\LOCALS~1\Temp\Rar$EX01.046\Firefox Ultimate Optimizer.exe C:\Program Files\Skype\Phone\Skype.exe C:\Program Files\DAP\DAP.EXE C:\windows\system32\winulty.exe C:\windows\system32\ctfmon.exe C:\Program Files\Windows Desktop Search\WindowsSearch.exe C:\Program Files\TimeLeft3\TimeLeft.exe C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe C:\windows\System32\snmp.exe C:\windows\System32\TUProgSt.exe C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe C:\windows\system32\SearchIndexer.exe C:\Program Files\Common Files\tya62hfb\zmaodn92.exe C:\Program Files\Skype\Plugin Manager\skypePM.exe C:\Documents and Settings\RR\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\RR\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\RR\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\windows\System32\TuneUpDefragService.exe C:\windows\system32\wuauclt.exe C:\windows\system32\SearchProtocolHost.exe C:\Documents and Settings\RR\Desktop\dds.scr ============== Pseudo HJT Report =============== uStart Page = uDefault_Page_URL = hxxp://www.yahoo.com/?fr=fp-yie8 uInternet Connection Wizard,ShellNext = iexplore uSearchURL,(Default) = hxxp://www.google.com/search/?q=%s uURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn1\yt.dll uURLSearchHooks: P2P Torrent Toolbar: {bc4be15d-6a34-4356-9e97-79e43da32b1d} - c:\program files\p2p_torrent\tbP2P1.dll uURLSearchHooks: myBabylon English5 Toolbar: {98fb0482-4317-4435-a4bc-f9783aa43071} - c:\program files\mybabylon_english5\tbmyB0.dll uURLSearchHooks: myBabylon English Toolbar: {b2e293ee-fd7e-4c71-a714-5f4750d8d7b7} - c:\program files\mybabylon_english\tbmyBa.dll BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn1\yt.dll BHO: myBabylon English5 Toolbar: {98fb0482-4317-4435-a4bc-f9783aa43071} - c:\program files\mybabylon_english5\tbmyB0.dll BHO: Babylon IE plugin: {9cfaccb6-2f3f-4177-94ea-0d2b72d384c1} - c:\program files\babylon\babylon-pro\utils\BabylonIEPI.dll BHO: myBabylon English Toolbar: {b2e293ee-fd7e-4c71-a714-5f4750d8d7b7} - c:\program files\mybabylon_english\tbmyBa.dll BHO: P2P Torrent Toolbar: {bc4be15d-6a34-4356-9e97-79e43da32b1d} - c:\program files\p2p_torrent\tbP2P1.dll BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - c:\program files\yahoo!\companion\installs\cpn1\YTSingleInstance.dll BHO: DAPIELoader Class: {ff6c3cf0-4b15-11d1-abed-709549c10000} - c:\progra~1\dap\DAPIEL~1.DLL TB: Raketa Krstarice: {8b79ee88-e62d-4aa8-b530-cc357ba112b7} - TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn1\yt.dll TB: {A057A204-BACC-4D26-9990-79A187E2698E} - No File TB: {B7D3E479-CC68-42B5-A338-938ECE35F419} - No File TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File TB: P2P Torrent Toolbar: {bc4be15d-6a34-4356-9e97-79e43da32b1d} - c:\program files\p2p_torrent\tbP2P1.dll TB: myBabylon English5 Toolbar: {98fb0482-4317-4435-a4bc-f9783aa43071} - c:\program files\mybabylon_english5\tbmyB0.dll TB: myBabylon English Toolbar: {b2e293ee-fd7e-4c71-a714-5f4750d8d7b7} - c:\program files\mybabylon_english\tbmyBa.dll uRun: [Skype] "c:\program files\skype\\phone\Skype.exe" /nosplash /minimized uRun: [DownloadAccelerator] "c:\program files\dap\DAP.EXE" /STARTUP uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe mRun: [egui] "c:\program files\eset\eset nod32 antivirus\egui.exe" /hide /waitservice mRun: [RTHDCPL] RTHDCPL.EXE mRun: [Babylon Client] c:\program files\babylon\babylon-pro\Babylon.exe -AutoStart mRun: [FirefoxUltimateOptimizer] "c:\docume~1\rr\locals~1\temp\rar$ex01.046\Firefox Ultimate Optimizer.exe" mRun: [Windows Upgrate Utility] c:\windows\system32\winulty.exe StartupFolder: c:\docume~1\rr\startm~1\programs\startup\timeleft.lnk - c:\program files\timeleft3\TimeLeft.exe StartupFolder: c:\docume~1\rr\startm~1\programs\startup\yahoo!~1.lnk - c:\program files\yahoo!\widgets\YahooWidgets.exe StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\window~1.lnk - c:\program files\windows desktop search\WindowsSearch.exe uPolicies-system: WRP = 0 (0x0) mPolicies-explorer: NoResolveTrack = 1 (0x1) IE: &Clean Traces - c:\program files\dap\privacy package\dapcleanerie.htm IE: &Download with &DAP - c:\program files\dap\dapextie.htm IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: Download &all with DAP - c:\program files\dap\dapextie2.htm IE: Translate this web page with Babylon - c:\program files\babylon\babylon-pro\utils\BabylonIEPI.dll/ActionTU.htm IE: Translate with Babylon - c:\program files\babylon\babylon-pro\utils\BabylonIEPI.dll/Action.htm IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe IE: {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - res://c:\program files\babylon\babylon-pro\utils\BabylonIEPI.dll/ActionTU.htm IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL Notify: AtiExtEvent - Ati2evxx.dll SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll SEH: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - No File SEH: Windows Desktop Search Namespace Manager: {56f9679e-7826-4c84-81f3-532071a8bcc5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll ================= FIREFOX =================== FF - ProfilePath - c:\docume~1\rr\applic~1\mozilla\firefox\profiles\zk5243q7.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.yahoo.com/ FF - component: c:\program files\dap\dapfirefox\components\DAPFireFox.dll FF - plugin: c:\documents and settings\rr\application data\mozilla\plugins\npgoogletalk.dll FF - plugin: c:\documents and settings\rr\local settings\application data\google\update\1.2.183.7\npGoogleOneClick8.dll FF - plugin: c:\program files\google\picasa3\npPicasa2.dll FF - plugin: c:\program files\google\picasa3\npPicasa3.dll FF - plugin: c:\program files\k-lite codec pack\real\browser\plugins\nppl3260.dll FF - plugin: c:\program files\k-lite codec pack\real\browser\plugins\nprpjplug.dll FF - plugin: c:\program files\mozilla firefox\plugins\npFoxitReaderPlugin.dll FF - plugin: c:\program files\opera\program\plugins\nppl3260.dll FF - plugin: c:\program files\opera\program\plugins\nprpjplug.dll FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\ FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} ---- FIREFOX POLICIES ---- FF - user.js: yahoo.homepage.dontask - true ============= SERVICES / DRIVERS =============== R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [2008-2-20 33800] R1 StarPortLite;StarPort Storage Controller (Lite);c:\windows\system32\drivers\StarPortLite.sys [2009-8-22 95592] R2 ekrn;Eset Service;c:\program files\eset\eset nod32 antivirus\ekrn.exe [2008-2-20 472320] R2 TuneUp.ProgramStatisticsSvc;TuneUp Program Statistics Service;c:\windows\system32\TUProgSt.exe [2009-8-6 604488] R2 YahooAUService;Yahoo! Updater;c:\program files\yahoo!\softwareupdate\YahooAUService.exe [2008-11-9 602392] S0 ntcdrdrv;ntcdrdrv;c:\windows\system32\drivers\ntcdrdrv.sys --> c:\windows\system32\drivers\ntcdrdrv.sys [?] S2 56u5699gg;56gg69;c:\program files\common files\rrff9899rh\r8f99h.exe [2009-10-4 127011] S2 7aasht6rf;ncvbads;c:\program files\common files\tysarekb\zamsdyg.exe [2009-10-4 126976] S2 7abs3rho7;nmahnds;c:\program files\common files\tya62hfb\zmaodn92.exe [2009-9-27 143403] S2 NOD32FiXTemDono;Eset Nod32 Boot;c:\windows\system32\regedt32.exe [2001-8-23 3584] S3 DfSdkS;Defragmentation-Service;c:\program files\ashampoo\ashampoo winoptimizer 6\DfSdkS.exe [2009-9-13 410976] S3 EuMusDesignVirtualAudioCableWdm_lcs;Breakaway Pipeline (WDM);c:\windows\system32\drivers\vaclcskd.sys --> c:\windows\system32\drivers\vaclcskd.sys [?] S3 PsSdk41;PsSdk41;c:\windows\system32\drivers\pssdk41.sys [2008-10-19 36928] S3 w89c940;Winbond W89C940 PCI Ethernet Adapter Driver;c:\windows\system32\drivers\w940nd.sys [2007-12-22 16925] =============== Created Last 30 ================ 2009-10-05 20:56 131,072 ---sh--- c:\windows\system32\winulty.exe 2009-10-05 20:50 126,976 a------- C:\kh06.exe 2009-10-04 18:08 131,072 a------- C:\z32AP2F5E.exe 2009-10-04 08:13 126,976 a------- C:\J3rhaO9w.exe 2009-10-04 08:12 <DIR> --dshr-- c:\program files\common files\tysarekb 2009-10-04 01:59 <DIR> --dshr-- c:\program files\common files\rrff9899rh 2009-10-01 03:28 <DIR> --d----- c:\program files\Updates 2009-09-30 16:28 <DIR> --d----- C:\Downloads 2009-09-27 09:52 <DIR> --dshr-- c:\program files\common files\tya62hfb 2009-09-27 09:46 165 a------- c:\windows\startUp manager.INI 2009-09-24 03:48 <DIR> --d----- c:\program files\Advanced System Optimizer 2009-09-24 03:07 130 a------- c:\windows\system32\defragboot.ini 2009-09-24 03:07 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Systweak 2009-09-24 03:06 <DIR> --d----- c:\docume~1\rr\applic~1\Systweak 2009-09-24 03:05 <DIR> --d----- c:\docume~1\alluse~1\applic~1\MyDefrag 2009-09-24 02:51 <DIR> --d----- c:\docume~1\rr\applic~1\CBS Interactive 2009-09-19 20:29 17,664 ac------ c:\windows\system32\dllcache\sermouse.sys 2009-09-19 20:29 17,664 a------- c:\windows\system32\drivers\sermouse.sys 2009-09-13 18:11 33,632 a------- c:\windows\system32\DfSdkBt.exe 2009-09-13 18:10 <DIR> --d----- c:\docume~1\alluse~1\applic~1\page 2009-09-13 17:52 39,776 a------- c:\windows\system32\DfSdkBt64.exe ==================== Find3M ==================== 2009-10-01 04:22 2,602 a------- c:\program files\USDownloader.ini 2009-10-01 04:22 548 a------- c:\program files\USDownloader.lst 2009-10-01 04:15 16,140 a------- c:\program files\USDownloader.log 2009-08-22 11:22 721,904 a------- c:\windows\system32\drivers\sptd.sys 2009-08-06 18:13 604,488 a------- c:\windows\system32\TUProgSt.exe 2009-08-06 18:13 361,288 a------- c:\windows\system32\TuneUpDefragService.exe 2009-08-05 11:01 204,800 a------- c:\windows\system32\mswebdvd.dll 2009-07-26 03:38 720,896 a------- c:\windows\iun6002ev.exe 2009-07-26 03:32 922,214 a------- c:\program files\splitter_setup.exe 2009-07-18 02:33 506 a--sh--- c:\program files\USDownloader.exe.manifest 2009-07-18 02:29 2,187,800 a------- c:\program files\spo3_affld.exe 2009-07-18 02:28 8,030,016 a------- c:\program files\USDownloader135.zip 2009-07-17 21:01 58,880 a------- c:\windows\system32\atl.dll 2009-07-15 11:48 29,000 a------- c:\windows\system32\uxtuneup.dll 2009-07-13 23:43 286,208 a------- c:\windows\system32\wmpdxm.dll 2009-05-28 18:32 530,432 a------- c:\program files\USDownloader.exe 2009-03-19 23:43 69,304 ac------ c:\docume~1\rr\applic~1\GDIPFONTCACHEV1.DAT 2009-02-22 16:38 81,920 a------- c:\docume~1\rr\applic~1\ezpinst.exe 2009-02-22 16:38 47,360 a------- c:\docume~1\rr\applic~1\pcouffin.sys 2007-12-22 15:50 32 ac------ c:\docume~1\alluse~1\applic~1\ezsid.dat 2009-03-09 21:08 32,768 a--sh--- c:\windows\system32\config\systemprofile\application data\microsoft\internet explorer\userdata\index.dat 2009-03-09 08:44 49,152 a--sh--- c:\windows\system32\config\systemprofile\local settings\history\history.ie5\mshist012009030220090309\index.dat 2009-03-09 21:08 32,768 a--sh--- c:\windows\system32\config\systemprofile\local settings\history\history.ie5\mshist012009030920090310\index.dat 2009-03-10 17:28 32,768 a--sh--- c:\windows\system32\config\systemprofile\local settings\history\history.ie5\mshist012009031020090311\index.dat 2009-03-11 20:17 32,768 a--sh--- c:\windows\system32\config\systemprofile\local settings\history\history.ie5\mshist012009031120090312\index.dat 2009-03-12 20:51 32,768 a--sh--- c:\windows\system32\config\systemprofile\local settings\history\history.ie5\mshist012009031220090313\index.dat 2009-03-13 17:43 32,768 a--sh--- c:\windows\system32\config\systemprofile\local settings\history\history.ie5\mshist012009031320090314\index.dat 2009-03-14 23:26 32,768 a--sh--- c:\windows\system32\config\systemprofile\local settings\history\history.ie5\mshist012009031420090315\index.dat 2009-03-14 23:26 229,376 a--sh--- c:\windows\system32\config\systemprofile\local settings\temporary internet files\content.ie5\index.dat ============= FINISH: 19:11:06.28 =============== mycity.rs/must-login.png mycity.rs/must-login.png mycity.rs/must-login.png mycity.rs/must-login.png

Profil

magna86 Poslao: 09 Okt 2009 20:19 Idi na vrh
offline magna86 Anti Malware Fighter Rank 2 Pridružio: 21 Jun 2008 Poruke: 6104	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Pozdrav. Preuzmi sUBs-ov ComboFix sa sledeće adrese na Desktop: Bleeping Computer Klikni desnim tasterom na link i odaberi opciju Save Target As... (Save Link As..., Save Linked Content As... ili sličnu); Kada se otvori dijalog za izbor lokacije na kojoj treba sačuvati file, odaberi Desktop i klikni Save. Kada preuzimanje programa bude završeno: deaktiviraj zaštitni softver (uputstvo); zatvori pokrenute programe; dvoklikom pokreni program ComboFix. U toku rada, ComboFix će:proveriti postoji li novija verzija programa: klikni Yes ako bude ponuđeno preuzimanje iste. prikazati DISCLAIMER OF WARRANTY ON SOFTWARE: klikni Yes kako bi proces bio nastavljen.ako Recovery Console nije instalirana, ponuditi instalaciju: obavezno prihvati klikom na Yes i isprati postupak.postaviti/dati određeni broj upita/obaveštenja: prihvati klikom na Yes ili OK.po potrebi, restartovati Windows (više puta); na kraju rada, otvoriti Notepad sa izveštajem o skeniranju. Iskopiraj izveštaj koji je ComboFix napravio u temu na forumu: klikni desnim tasterom miša u prozor Notepad-a i izaberi Select All; klikni desnim tasterom miša na obeleženi tekst i izaberi Copy; klikni desnim tasterom miša u polje za pisanje poruke i izaberi Paste. Napomena:Izveštaj će biti sačuvan pod nazivom ComboFix.txt na sistemskoj particiji (tipična lokacija: C:\ComboFix.txt); Ukoliko nakon slanja poruke primetiš da izveštaj nije kompletan, iskoristi opciju Prikači fajl za prilaganje file-a C:\ComboFix.txt uz poruku.

Profil

rradovan Poslao: 09 Okt 2009 20:52 Idi na vrh
offline rradovan Građanin Pridružio: 15 Dec 2008 Poruke: 177 Gde živiš: Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! ComboFix 09-10-08.04 - RR 10/09/2009 20:27.20.1 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1918.1098 [GMT 2:00] Running from: c:\documents and settings\RR\Desktop\ComboFix.exe AV: AVG On-access scanning disabled (Outdated) {17DDD097-36FF-435F-9E1B-52D74245D6BF} AV: ESET NOD32 Antivirus 3.0 On-access scanning disabled (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0} WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !! . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . C:\J3rhaO9w.exe C:\kh06.exe c:\program files\SkyMediaPack\SkyToolbar\MinBHO.dll c:\windows\Installer\116dc26.msi c:\windows\Installer\1d4be6c.msi c:\windows\Installer\28436e.msi c:\windows\Installer\2964152.msp c:\windows\Installer\2964167.msp c:\windows\Installer\296417d.msp c:\windows\Installer\2b60a63.msi c:\windows\Installer\34f8ee0.msi c:\windows\Installer\440bc4.msi c:\windows\Installer\5ace46.msi c:\windows\Installer\60e9f.msi C:\z32AP2F5E.exe . ((((((((((((((((((((((((( Files Created from 2009-09-09 to 2009-10-09 ))))))))))))))))))))))))))))))) . 2009-10-05 18:56 . 2009-10-08 22:51 131072 --sh--w- c:\windows\system32\winulty.exe 2009-10-04 06:12 . 2009-10-04 06:12 -------- d-sh--r- c:\program files\Common Files\tysarekb 2009-10-03 23:59 . 2009-10-03 23:59 -------- d-sh--r- c:\program files\Common Files\rrff9899rh 2009-10-01 01:28 . 2009-10-01 01:31 -------- d-----w- c:\program files\Updates 2009-09-30 14:28 . 2009-10-01 02:15 -------- d-----w- C:\Downloads 2009-09-27 07:52 . 2009-09-27 07:52 -------- d-sh--r- c:\program files\Common Files\tya62hfb 2009-09-24 01:48 . 2009-09-24 01:48 -------- d-----w- c:\program files\Advanced System Optimizer 2009-09-24 01:07 . 2009-09-24 01:30 -------- d-----w- c:\documents and settings\All Users\Application Data\Systweak 2009-09-24 01:06 . 2009-09-24 01:48 -------- d-----w- c:\documents and settings\RR\Application Data\Systweak 2009-09-24 01:05 . 2009-09-24 01:05 -------- d-----w- c:\documents and settings\All Users\Application Data\MyDefrag 2009-09-24 00:51 . 2009-09-24 23:59 -------- d-----w- c:\documents and settings\RR\Application Data\CBS Interactive 2009-09-19 18:29 . 2001-08-17 11:48 17664 -c--a-w- c:\windows\system32\dllcache\sermouse.sys 2009-09-19 18:29 . 2001-08-17 11:48 17664 ----a-w- c:\windows\system32\drivers\sermouse.sys 2009-09-13 16:11 . 2009-01-09 10:46 33632 ----a-w- c:\windows\system32\DfSdkBt.exe 2009-09-13 16:10 . 2009-09-13 16:10 -------- d-----w- c:\documents and settings\All Users\Application Data\page 2009-09-13 15:52 . 2009-01-09 10:46 39776 ----a-w- c:\windows\system32\DfSdkBt64.exe . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-10-09 18:33 . 2007-12-22 13:48 -------- d-----w- c:\documents and settings\RR\Application Data\Skype 2009-10-09 17:58 . 2009-09-09 03:12 -------- d-----w- c:\documents and settings\All Users\Application Data\Babylon 2009-10-09 14:01 . 2007-12-22 13:50 -------- d-----w- c:\documents and settings\RR\Application Data\skypePM 2009-10-09 12:57 . 2008-11-19 14:21 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP 2009-10-09 00:31 . 2009-03-23 15:08 -------- d-----w- c:\program files\Everything 2009-10-08 22:43 . 2007-12-22 15:19 10 -c--a-w- c:\windows\popcinfo.dat 2009-10-08 13:37 . 2008-02-12 14:56 -------- d-----w- c:\documents and settings\RR\Application Data\uTorrent 2009-10-07 14:40 . 2007-12-22 02:53 -------- d-----w- c:\program files\TimeLeft3 2009-10-07 02:24 . 2008-10-28 16:35 -------- d-----w- c:\documents and settings\RR\Application Data\LimeWire 2009-10-01 02:22 . 2009-07-18 00:37 548 ----a-w- c:\program files\USDownloader.lst 2009-10-01 02:22 . 2009-07-18 00:33 2602 ----a-w- c:\program files\USDownloader.ini 2009-10-01 02:15 . 2009-09-30 14:25 16140 ----a-w- c:\program files\USDownloader.log 2009-10-01 01:31 . 2005-12-31 17:39 -------- d-----w- c:\program files\Plugins 2009-09-29 14:32 . 2009-07-14 12:41 -------- d-----w- c:\documents and settings\RR\Application Data\vlc 2009-09-14 09:58 . 2009-09-09 03:12 -------- d-----w- c:\documents and settings\RR\Application Data\Babylon 2009-09-13 15:48 . 2009-08-22 10:21 -------- d-----w- c:\program files\Ashampoo 2009-09-09 22:01 . 2008-06-01 13:47 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help 2009-09-09 15:23 . 2009-09-09 02:58 -------- d-----w- c:\program files\myBabylon_English5 2009-09-09 03:12 . 2009-09-09 03:12 -------- d-----w- c:\program files\myBabylon_English 2009-09-09 03:12 . 2009-09-09 03:12 -------- d-----w- c:\program files\Babylon 2009-09-05 14:57 . 2009-07-30 15:39 -------- d-----w- c:\documents and settings\RR\Application Data\Windows Desktop Search 2009-09-05 14:51 . 2008-01-30 02:28 -------- d-----w- c:\program files\SpeedFan 2009-09-03 09:24 . 2009-04-22 12:12 -------- d-----w- c:\program files\DAP 2009-09-02 15:30 . 2009-09-01 09:04 -------- d-----w- c:\program files\The KMPlayer 2009-08-31 23:20 . 2009-08-31 23:15 -------- d-----w- c:\program files\Kmplayer Plus 2009-08-22 13:12 . 2009-08-22 10:22 -------- d-----w- c:\documents and settings\All Users\Application Data\ashampoo 2009-08-22 10:24 . 2008-04-10 14:35 -------- d-----w- c:\documents and settings\RR\Application Data\Ashampoo 2009-08-22 09:54 . 2009-08-22 09:25 -------- d-----w- c:\documents and settings\RR\Application Data\StarBurn 2009-08-22 09:22 . 2009-08-22 09:22 -------- d-----w- c:\program files\SkyMediaPack 2009-08-22 09:22 . 2009-08-22 09:22 721904 ----a-w- c:\windows\system32\drivers\sptd.sys 2009-08-21 17:41 . 2008-01-27 13:42 -------- d-----w- c:\documents and settings\RR\Application Data\IObit 2009-08-21 17:41 . 2009-02-22 15:42 -------- d-----w- c:\documents and settings\RR\Application Data\Any Video Converter 2009-08-21 17:41 . 2009-02-22 15:14 -------- d-----w- c:\documents and settings\RR\Application Data\Any Video Converter Professional 2009-08-21 17:41 . 2009-04-03 08:19 -------- d-----w- c:\program files\superdvd 2009-08-21 17:41 . 2009-02-22 15:42 -------- d-----w- c:\program files\Any Video Converter 2009-08-21 04:49 . 2008-08-13 14:16 -------- d-----w- c:\program files\IObit 2009-08-19 03:09 . 2009-02-04 11:08 -------- d-----r- c:\program files\Skype 2009-08-19 03:09 . 2007-12-22 13:47 -------- d-----w- c:\documents and settings\All Users\Application Data\Skype 2009-08-15 19:49 . 2008-11-14 23:26 -------- d-----w- c:\documents and settings\RR\Application Data\ACD Systems 2009-08-15 19:48 . 2007-12-22 02:42 -------- d-----w- c:\program files\Common Files\ACD Systems 2009-08-15 19:48 . 2009-08-15 19:48 -------- d-----w- c:\documents and settings\All Users\Application Data\ACD Systems 2009-08-15 19:48 . 2009-08-15 19:48 -------- d-----w- c:\program files\ACD Systems 2009-08-15 19:35 . 2009-08-05 03:25 -------- d-----w- c:\program files\P2P_Torrent 2009-08-15 19:01 . 2007-12-22 01:37 69632 -c--a-w- c:\documents and settings\RR\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2009-08-14 00:01 . 2008-01-16 11:44 -------- d-----w- c:\program files\AusLogics Disk Defrag 2009-08-13 23:47 . 2007-12-22 19:35 -------- d-----w- c:\program files\Google 2009-08-11 11:05 . 2009-08-11 11:05 -------- d-----w- c:\documents and settings\All Users\Application Data\Crystal Office 2009-08-06 16:13 . 2009-08-06 16:13 604488 ----a-w- c:\windows\system32\TUProgSt.exe 2009-08-06 16:13 . 2009-08-06 16:13 361288 ----a-w- c:\windows\system32\TuneUpDefragService.exe 2009-08-05 09:01 . 2004-08-03 22:56 204800 ----a-w- c:\windows\system32\mswebdvd.dll 2009-07-26 01:38 . 2009-07-26 01:32 720896 ----a-w- c:\windows\iun6002ev.exe 2009-07-26 01:32 . 2009-07-26 01:31 922214 ----a-w- c:\program files\splitter_setup.exe 2009-07-18 00:33 . 2009-07-18 00:33 506 --sha-w- c:\program files\USDownloader.exe.manifest 2009-07-18 00:29 . 2009-07-18 00:29 2187800 ----a-w- c:\program files\spo3_affld.exe 2009-07-18 00:28 . 2009-07-18 00:27 8030016 ----a-w- c:\program files\USDownloader135.zip 2009-07-17 19:01 . 2004-08-03 22:56 58880 ----a-w- c:\windows\system32\atl.dll 2009-07-15 09:48 . 2009-08-06 16:13 29000 ----a-w- c:\windows\system32\uxtuneup.dll 2009-07-13 21:43 . 2004-08-03 22:56 286208 ----a-w- c:\windows\system32\wmpdxm.dll 2009-05-28 16:32 . 2009-05-28 16:32 530432 ----a-w- c:\program files\USDownloader.exe . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks] "{bc4be15d-6a34-4356-9e97-79e43da32b1d}"= "c:\program files\P2P_Torrent\tbP2P1.dll" [2009-08-05 2215960] "{98fb0482-4317-4435-a4bc-f9783aa43071}"= "c:\program files\myBabylon_English5\tbmyB0.dll" [2009-07-02 2215960] [HKEY_CLASSES_ROOT\clsid\{bc4be15d-6a34-4356-9e97-79e43da32b1d}] [HKEY_CLASSES_ROOT\clsid\{98fb0482-4317-4435-a4bc-f9783aa43071}] [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{98fb0482-4317-4435-a4bc-f9783aa43071}] 2009-07-02 08:18 2215960 ----a-w- c:\program files\myBabylon_English5\tbmyB0.dll [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7}] 2009-07-15 08:09 2224152 ----a-w- c:\program files\myBabylon_English\tbmyBa.dll [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{bc4be15d-6a34-4356-9e97-79e43da32b1d}] 2009-08-05 04:27 2215960 ----a-w- c:\program files\P2P_Torrent\tbP2P1.dll [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{FF6C3CF0-4B15-11D1-ABED-709549C10000}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{bc4be15d-6a34-4356-9e97-79e43da32b1d}"= "c:\program files\P2P_Torrent\tbP2P1.dll" [2009-08-05 2215960] "{98fb0482-4317-4435-a4bc-f9783aa43071}"= "c:\program files\myBabylon_English5\tbmyB0.dll" [2009-07-02 2215960] "{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7}"= "c:\program files\myBabylon_English\tbmyBa.dll" [2009-07-15 2224152] [HKEY_CLASSES_ROOT\clsid\{bc4be15d-6a34-4356-9e97-79e43da32b1d}] [HKEY_CLASSES_ROOT\clsid\{98fb0482-4317-4435-a4bc-f9783aa43071}] [HKEY_CLASSES_ROOT\clsid\{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7}] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Skype"="c:\program files\Skype\\Phone\Skype.exe" [2009-09-04 25623336] "DownloadAccelerator"="c:\program files\DAP\DAP.EXE" [2009-09-03 2799104] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2008-02-20 1443072] "Babylon Client"="c:\program files\Babylon\Babylon-Pro\Babylon.exe" [2009-08-03 3730832] "Windows Upgrate Utility"="c:\windows\system32\winulty.exe" [2009-10-08 131072] "RTHDCPL"="RTHDCPL.EXE" - c:\windows\RTHDCPL.exe [2006-01-11 15961088] c:\documents and settings\RR\Start Menu\Programs\Startup\ TimeLeft.lnk - c:\program files\TimeLeft3\TimeLeft.exe [2007-12-22 1996984] Yahoo! Widgets.lnk - c:\program files\Yahoo!\Widgets\YahooWidgets.exe [2008-3-19 4742184] c:\documents and settings\All Users\Start Menu\Programs\Startup\ Windows Search.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe [2008-5-26 123904] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer] "NoResolveTrack"= 1 (0x1) [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks] "{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128] [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecute REG_MULTI_SZ autocheck autochk \0sasnative32 [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microsoft Office.lnk] [HKLM\~\startupfolder\C:^Documents and Settings^RR^Start Menu^Programs^Startup^FrostWire On Startup.lnk] backup=c:\windows\pss\FrostWire On Startup.lnkStartup [HKLM\~\startupfolder\C:^Documents and Settings^RR^Start Menu^Programs^Startup^ppcb_32.lnk] backup=c:\windows\pss\ppcb_32.lnkStartup [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-] "ctfmon.exe"=c:\windows\system32\ctfmon.exe [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-] "Device Detector"=DevDetect.exe -autorun [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "c:\\Program Files\\K-Lite Codec Pack\\Media Player Classic\\mplayerc.exe"= "c:\\Program Files\\LimeWire\\LimeWire.exe"= "c:\\Documents and Settings\\RR\\Local Settings\\Application Data\\Google\\Chrome\\Application\\chrome.exe"= "c:\\Program Files\\uTorrent\\uTorrent.exe"= "c:\\Program Files\\Foxit Software\\PDF Editor\\PDFEdit.exe"= "c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"= "c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"= "c:\\Program Files\\Common Files\\tya62hfb\\zmaodn92.exe"= "c:\\Program Files\\Common Files\\rrff9899rh\\r8f99h.exe"= "c:\\Program Files\\Common Files\\tysarekb\\zamsdyg.exe"= "c:\\Program Files\\Skype\\Phone\\Skype.exe"= R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [2/20/2008 12:11 PM 33800] R1 StarPortLite;StarPort Storage Controller (Lite);c:\windows\system32\drivers\StarPortLite.sys [8/22/2009 11:22 AM 95592] R2 ekrn;Eset Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [2/20/2008 12:08 PM 472320] R2 TuneUp.ProgramStatisticsSvc;TuneUp Program Statistics Service;c:\windows\system32\TUProgSt.exe [8/6/2009 6:13 PM 604488] S0 ntcdrdrv;ntcdrdrv;c:\windows\system32\DRIVERS\ntcdrdrv.sys --> c:\windows\system32\DRIVERS\ntcdrdrv.sys [?] S2 56u5699gg;56gg69;c:\program files\Common Files\rrff9899rh\r8f99h.exe [10/4/2009 1:59 AM 127011] S2 7aasht6rf;ncvbads;c:\program files\Common Files\tysarekb\zamsdyg.exe [10/4/2009 8:12 AM 126976] S2 7abs3rho7;nmahnds;c:\program files\Common Files\tya62hfb\zmaodn92.exe [9/27/2009 9:52 AM 143403] S2 NOD32FiXTemDono;Eset Nod32 Boot;c:\windows\system32\regedt32.exe [8/23/2001 12:00 PM 3584] S3 DfSdkS;Defragmentation-Service;c:\program files\Ashampoo\Ashampoo WinOptimizer 6\DfSdkS.exe [9/13/2009 6:11 PM 410976] S3 EuMusDesignVirtualAudioCableWdm_lcs;Breakaway Pipeline (WDM);c:\windows\system32\DRIVERS\vaclcskd.sys --> c:\windows\system32\DRIVERS\vaclcskd.sys [?] S3 PsSdk41;PsSdk41;c:\windows\system32\drivers\pssdk41.sys [10/19/2008 5:05 PM 36928] S3 w89c940;Winbond W89C940 PCI Ethernet Adapter Driver;c:\windows\system32\drivers\w940nd.sys [12/22/2007 12:52 AM 16925] --- Other Services/Drivers In Memory --- Deregistered* - fwdorpog HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs UxTuneUp [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{A509B1FF-37FF-4bFF-8CFF-4F3A747040FF}] c:\windows\system32\rundll32.exe c:\windows\system32\advpack.dll,LaunchINFSectionEx c:\program files\Internet Explorer\clrtour.inf,DefaultInstall.ResetTour,,12 . Contents of the 'Scheduled Tasks' folder 2009-10-09 c:\windows\Tasks\1-Click Maintenance.job - c:\program files\TuneUp Utilities 2009\OneClickStarter.exe [2009-07-16 08:54] 2009-10-09 c:\windows\Tasks\AWC Update.job - c:\program files\IObit\Advanced SystemCare 3\IObitUpdate.exe [2009-07-18 13:15] 2009-10-09 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-436374069-527237240-725345543-1003Core.job - c:\documents and settings\RR\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2008-09-03 11:13] 2009-10-09 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-436374069-527237240-725345543-1003UA.job - c:\documents and settings\RR\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2008-09-03 11:13] . . ------- Supplementary Scan ------- . uStart Page = uInternet Connection Wizard,ShellNext = iexplore uSearchURL,(Default) = hxxp://www.google.com/search/?q=%s IE: &Clean Traces - c:\program files\DAP\Privacy Package\dapcleanerie.htm IE: &Download with &DAP - c:\program files\DAP\dapextie.htm IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: Download &all with DAP - c:\program files\DAP\dapextie2.htm IE: Translate this web page with Babylon - c:\program files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/ActionTU.htm IE: Translate with Babylon - c:\program files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Action.htm IE: {{F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - res://c:\program files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/ActionTU.htm FF - ProfilePath - c:\documents and settings\RR\Application Data\Mozilla\Firefox\Profiles\zk5243q7.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.yahoo.com/ FF - component: c:\program files\DAP\DAPFireFox\components\DAPFireFox.dll FF - plugin: c:\documents and settings\RR\Application Data\Mozilla\plugins\npgoogletalk.dll FF - plugin: c:\documents and settings\RR\Local Settings\Application Data\Google\Update\1.2.183.7\npGoogleOneClick8.dll FF - plugin: c:\program files\Google\Picasa3\npPicasa2.dll FF - plugin: c:\program files\Google\Picasa3\npPicasa3.dll FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\npFoxitReaderPlugin.dll FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ ---- FIREFOX POLICIES ---- FF - user.js: yahoo.homepage.dontask - true. - - - - ORPHANS REMOVED - - - - URLSearchHooks-{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7} - (no file) Toolbar-Locked - (no file) Toolbar-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file) ************************************************************************ catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, gmer.net Rootkit scan 2009-10-09 20:33 Windows 5.1.2600 Service Pack 3 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************ . --------------------- LOCKED REGISTRY KEYS --------------------- [HKEY_LOCAL_MACHINE\software\Classes\.cs\PersistentHandler] @DACL=(02 0000) @="{5e941d80-bf96-11cd-b579-08002b30bfeb}" [HKEY_LOCAL_MACHINE\software\Classes\.xlt\PersistentHandler] @DACL=(02 0000) @="{98de59a0-d175-11cd-a7bd-00006b827d94}" [HKEY_LOCAL_MACHINE\software\Classes\.xslt\PersistentHandler] @DACL=(02 0000) @="{7E9D8D44-6926-426F-AA2B-217A819A5CCE}" [HKEY_LOCAL_MACHINE\software\Classes\mapi\Shell] @DACL=(02 0000) @="" . --------------------- DLLs Loaded Under Running Processes --------------------- - - - - - - - > 'winlogon.exe'(672) c:\windows\system32\Ati2evxx.dll . Completion time: 2009-10-09 20:39 ComboFix-quarantined-files.txt 2009-10-09 18:39 Pre-Run: 10,383,015,936 bytes free Post-Run: 10,326,708,224 bytes free 263 --- E O F --- 2009-09-09 22:04

Profil

magna86 Poslao: 09 Okt 2009 22:48 Idi na vrh
offline magna86 Anti Malware Fighter Rank 2 Pridružio: 21 Jun 2008 Poruke: 6104	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Otvoriti Notepad i iskopirati sledeci tekst: File:: c:\windows\system32\winulty.exe c:\program files\spo3_affld.exe Folder:: c:\program files\Common Files\tysarekb c:\program files\Common Files\rrff9899rh c:\program files\Common Files\tya62hfb Registry:: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Windows Upgrate Utility"=- [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "c:\\Program Files\\Common Files\\tya62hfb\\zmaodn92.exe"=- "c:\\Program Files\\Common Files\\rrff9899rh\\r8f99h.exe"=- "c:\\Program Files\\Common Files\\tysarekb\\zamsdyg.exe"=- Driver:: 56u5699gg 7aasht6rf 7abs3rho7 REGLOCK:: [HKEY_LOCAL_MACHINE\software\Classes\.cs\PersistentHandler] [HKEY_LOCAL_MACHINE\software\Classes\.xlt\PersistentHandler] [HKEY_LOCAL_MACHINE\software\Classes\.xslt\PersistentHandler] [HKEY_LOCAL_MACHINE\software\Classes\mapi\Shell] Snimiti na Desktop fajl iz Notepada kao "CFScript" Prevuci snimljeni skript/tekst na ComboFix ikonicu kao na slici. Postaviti u sledecoj poruci log koji bude bio napravljen na kraju ciscenja/skeniranja. I obavezno dozvoli instaliranje Recovery Console!

Profil

rradovan Poslao: 09 Okt 2009 23:45 Idi na vrh
offline rradovan Građanin Pridružio: 15 Dec 2008 Poruke: 177 Gde živiš: Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Ne može da se postavi Recovery Console jer CF ponudi da je instalira, ali kad je skine 100 % onda kaže - Boot partition cannot be enumerated correctly - pa pita da li da nastavi da traži Malware ili da prekine. Uzgred, ne znam da li ima veze: kad se diže sistem na crnom ekranu za trenutak napiše - Invalid BOOT.INI file. Evo testa: ComboFix 09-10-08.04 - RR 10/09/2009 23:19.21.1 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1918.1208 [GMT 2:00] Running from: c:\documents and settings\RR\Desktop\New Folder\ComboFix.exe Command switches used :: c:\documents and settings\RR\Desktop\CFScript.txt AV: AVG On-access scanning disabled (Outdated) {17DDD097-36FF-435F-9E1B-52D74245D6BF} AV: ESET NOD32 Antivirus 3.0 On-access scanning disabled (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0} WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !! FILE :: "c:\program files\spo3_affld.exe" "c:\windows\system32\winulty.exe" . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\program files\Common Files\rrff9899rh c:\program files\Common Files\rrff9899rh\r8f99h.exe c:\program files\Common Files\tya62hfb c:\program files\Common Files\tya62hfb\zmaodn92.exe c:\program files\Common Files\tysarekb c:\program files\Common Files\tysarekb\zamsdyg.exe c:\program files\spo3_affld.exe c:\windows\system32\winulty.exe . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Legacy_56U5699GG -------\Legacy_7AASHT6RF -------\Legacy_7ABS3RHO7 -------\Service_56u5699gg -------\Service_7aasht6rf -------\Service_7abs3rho7 ((((((((((((((((((((((((( Files Created from 2009-09-09 to 2009-10-09 ))))))))))))))))))))))))))))))) . 2009-10-01 01:28 . 2009-10-01 01:31 -------- d-----w- c:\program files\Updates 2009-09-30 14:28 . 2009-10-01 02:15 -------- d-----w- C:\Downloads 2009-09-24 01:48 . 2009-09-24 01:48 -------- d-----w- c:\program files\Advanced System Optimizer 2009-09-24 01:07 . 2009-09-24 01:30 -------- d-----w- c:\documents and settings\All Users\Application Data\Systweak 2009-09-24 01:06 . 2009-09-24 01:48 -------- d-----w- c:\documents and settings\RR\Application Data\Systweak 2009-09-24 01:05 . 2009-09-24 01:05 -------- d-----w- c:\documents and settings\All Users\Application Data\MyDefrag 2009-09-24 00:51 . 2009-09-24 23:59 -------- d-----w- c:\documents and settings\RR\Application Data\CBS Interactive 2009-09-19 18:29 . 2001-08-17 11:48 17664 -c--a-w- c:\windows\system32\dllcache\sermouse.sys 2009-09-19 18:29 . 2001-08-17 11:48 17664 ----a-w- c:\windows\system32\drivers\sermouse.sys 2009-09-13 16:11 . 2009-01-09 10:46 33632 ----a-w- c:\windows\system32\DfSdkBt.exe 2009-09-13 16:10 . 2009-09-13 16:10 -------- d-----w- c:\documents and settings\All Users\Application Data\page 2009-09-13 15:52 . 2009-01-09 10:46 39776 ----a-w- c:\windows\system32\DfSdkBt64.exe . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-10-09 21:30 . 2009-09-09 03:12 -------- d-----w- c:\documents and settings\All Users\Application Data\Babylon 2009-10-09 21:28 . 2008-11-19 14:21 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP 2009-10-09 21:23 . 2007-12-22 13:48 -------- d-----w- c:\documents and settings\RR\Application Data\Skype 2009-10-09 18:45 . 2007-12-22 13:50 -------- d-----w- c:\documents and settings\RR\Application Data\skypePM 2009-10-09 00:31 . 2009-03-23 15:08 -------- d-----w- c:\program files\Everything 2009-10-08 22:43 . 2007-12-22 15:19 10 -c--a-w- c:\windows\popcinfo.dat 2009-10-08 13:37 . 2008-02-12 14:56 -------- d-----w- c:\documents and settings\RR\Application Data\uTorrent 2009-10-07 14:40 . 2007-12-22 02:53 -------- d-----w- c:\program files\TimeLeft3 2009-10-07 02:24 . 2008-10-28 16:35 -------- d-----w- c:\documents and settings\RR\Application Data\LimeWire 2009-10-01 02:22 . 2009-07-18 00:37 548 ----a-w- c:\program files\USDownloader.lst 2009-10-01 02:22 . 2009-07-18 00:33 2602 ----a-w- c:\program files\USDownloader.ini 2009-10-01 02:15 . 2009-09-30 14:25 16140 ----a-w- c:\program files\USDownloader.log 2009-10-01 01:31 . 2005-12-31 17:39 -------- d-----w- c:\program files\Plugins 2009-09-29 14:32 . 2009-07-14 12:41 -------- d-----w- c:\documents and settings\RR\Application Data\vlc 2009-09-14 09:58 . 2009-09-09 03:12 -------- d-----w- c:\documents and settings\RR\Application Data\Babylon 2009-09-13 15:48 . 2009-08-22 10:21 -------- d-----w- c:\program files\Ashampoo 2009-09-09 22:01 . 2008-06-01 13:47 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help 2009-09-09 15:23 . 2009-09-09 02:58 -------- d-----w- c:\program files\myBabylon_English5 2009-09-09 03:12 . 2009-09-09 03:12 -------- d-----w- c:\program files\myBabylon_English 2009-09-09 03:12 . 2009-09-09 03:12 -------- d-----w- c:\program files\Babylon 2009-09-05 14:57 . 2009-07-30 15:39 -------- d-----w- c:\documents and settings\RR\Application Data\Windows Desktop Search 2009-09-05 14:51 . 2008-01-30 02:28 -------- d-----w- c:\program files\SpeedFan 2009-09-03 09:24 . 2009-04-22 12:12 -------- d-----w- c:\program files\DAP 2009-09-02 15:30 . 2009-09-01 09:04 -------- d-----w- c:\program files\The KMPlayer 2009-08-31 23:20 . 2009-08-31 23:15 -------- d-----w- c:\program files\Kmplayer Plus 2009-08-22 13:12 . 2009-08-22 10:22 -------- d-----w- c:\documents and settings\All Users\Application Data\ashampoo 2009-08-22 10:24 . 2008-04-10 14:35 -------- d-----w- c:\documents and settings\RR\Application Data\Ashampoo 2009-08-22 09:54 . 2009-08-22 09:25 -------- d-----w- c:\documents and settings\RR\Application Data\StarBurn 2009-08-22 09:22 . 2009-08-22 09:22 -------- d-----w- c:\program files\SkyMediaPack 2009-08-22 09:22 . 2009-08-22 09:22 721904 ----a-w- c:\windows\system32\drivers\sptd.sys 2009-08-21 17:41 . 2008-01-27 13:42 -------- d-----w- c:\documents and settings\RR\Application Data\IObit 2009-08-21 17:41 . 2009-02-22 15:42 -------- d-----w- c:\documents and settings\RR\Application Data\Any Video Converter 2009-08-21 17:41 . 2009-02-22 15:14 -------- d-----w- c:\documents and settings\RR\Application Data\Any Video Converter Professional 2009-08-21 17:41 . 2009-04-03 08:19 -------- d-----w- c:\program files\superdvd 2009-08-21 17:41 . 2009-02-22 15:42 -------- d-----w- c:\program files\Any Video Converter 2009-08-21 04:49 . 2008-08-13 14:16 -------- d-----w- c:\program files\IObit 2009-08-19 03:09 . 2009-02-04 11:08 -------- d-----r- c:\program files\Skype 2009-08-19 03:09 . 2007-12-22 13:47 -------- d-----w- c:\documents and settings\All Users\Application Data\Skype 2009-08-15 19:49 . 2008-11-14 23:26 -------- d-----w- c:\documents and settings\RR\Application Data\ACD Systems 2009-08-15 19:48 . 2007-12-22 02:42 -------- d-----w- c:\program files\Common Files\ACD Systems 2009-08-15 19:48 . 2009-08-15 19:48 -------- d-----w- c:\documents and settings\All Users\Application Data\ACD Systems 2009-08-15 19:48 . 2009-08-15 19:48 -------- d-----w- c:\program files\ACD Systems 2009-08-15 19:35 . 2009-08-05 03:25 -------- d-----w- c:\program files\P2P_Torrent 2009-08-15 19:01 . 2007-12-22 01:37 69632 -c--a-w- c:\documents and settings\RR\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2009-08-14 00:01 . 2008-01-16 11:44 -------- d-----w- c:\program files\AusLogics Disk Defrag 2009-08-13 23:47 . 2007-12-22 19:35 -------- d-----w- c:\program files\Google 2009-08-11 11:05 . 2009-08-11 11:05 -------- d-----w- c:\documents and settings\All Users\Application Data\Crystal Office 2009-08-06 16:13 . 2009-08-06 16:13 604488 ----a-w- c:\windows\system32\TUProgSt.exe 2009-08-06 16:13 . 2009-08-06 16:13 361288 ----a-w- c:\windows\system32\TuneUpDefragService.exe 2009-08-05 09:01 . 2004-08-03 22:56 204800 ----a-w- c:\windows\system32\mswebdvd.dll 2009-07-26 01:38 . 2009-07-26 01:32 720896 ----a-w- c:\windows\iun6002ev.exe 2009-07-26 01:32 . 2009-07-26 01:31 922214 ----a-w- c:\program files\splitter_setup.exe 2009-07-18 00:33 . 2009-07-18 00:33 506 --sha-w- c:\program files\USDownloader.exe.manifest 2009-07-18 00:28 . 2009-07-18 00:27 8030016 ----a-w- c:\program files\USDownloader135.zip 2009-07-17 19:01 . 2004-08-03 22:56 58880 ----a-w- c:\windows\system32\atl.dll 2009-07-15 09:48 . 2009-08-06 16:13 29000 ----a-w- c:\windows\system32\uxtuneup.dll 2009-07-13 21:43 . 2004-08-03 22:56 286208 ----a-w- c:\windows\system32\wmpdxm.dll 2009-05-28 16:32 . 2009-05-28 16:32 530432 ----a-w- c:\program files\USDownloader.exe . ((((((((((((((((((((((((((((( SnapShot@2009-10-09_18.33.21 ))))))))))))))))))))))))))))))))))))))))) . + 2009-10-09 21:27 . 2009-10-09 21:27 16384 c:\windows\Temp\Perflib_Perfdata_e8.dat + 2009-10-09 21:27 . 2009-10-09 21:27 16384 c:\windows\Temp\Perflib_Perfdata_734.dat + 2009-10-09 18:44 . 2009-10-09 18:44 16384 c:\windows\Temp\Perflib_Perfdata_4a0.dat . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks] "{bc4be15d-6a34-4356-9e97-79e43da32b1d}"= "c:\program files\P2P_Torrent\tbP2P1.dll" [2009-08-05 2215960] "{98fb0482-4317-4435-a4bc-f9783aa43071}"= "c:\program files\myBabylon_English5\tbmyB0.dll" [2009-07-02 2215960] [HKEY_CLASSES_ROOT\clsid\{bc4be15d-6a34-4356-9e97-79e43da32b1d}] [HKEY_CLASSES_ROOT\clsid\{98fb0482-4317-4435-a4bc-f9783aa43071}] [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{98fb0482-4317-4435-a4bc-f9783aa43071}] 2009-07-02 08:18 2215960 ----a-w- c:\program files\myBabylon_English5\tbmyB0.dll [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{bc4be15d-6a34-4356-9e97-79e43da32b1d}] 2009-08-05 04:27 2215960 ----a-w- c:\program files\P2P_Torrent\tbP2P1.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{bc4be15d-6a34-4356-9e97-79e43da32b1d}"= "c:\program files\P2P_Torrent\tbP2P1.dll" [2009-08-05 2215960] "{98fb0482-4317-4435-a4bc-f9783aa43071}"= "c:\program files\myBabylon_English5\tbmyB0.dll" [2009-07-02 2215960] [HKEY_CLASSES_ROOT\clsid\{bc4be15d-6a34-4356-9e97-79e43da32b1d}] [HKEY_CLASSES_ROOT\clsid\{98fb0482-4317-4435-a4bc-f9783aa43071}] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Skype"="c:\program files\Skype\\Phone\Skype.exe" [2009-09-04 25623336] "DownloadAccelerator"="c:\program files\DAP\DAP.EXE" [2009-09-03 2799104] "ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2008-02-20 1443072] "Babylon Client"="c:\program files\Babylon\Babylon-Pro\Babylon.exe" [2009-08-03 3730832] "RTHDCPL"="RTHDCPL.EXE" - c:\windows\RTHDCPL.exe [2006-01-11 15961088] c:\documents and settings\RR\Start Menu\Programs\Startup\ TimeLeft.lnk - c:\program files\TimeLeft3\TimeLeft.exe [2007-12-22 1996984] Yahoo! Widgets.lnk - c:\program files\Yahoo!\Widgets\YahooWidgets.exe [2008-3-19 4742184] c:\documents and settings\All Users\Start Menu\Programs\Startup\ Windows Search.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe [2008-5-26 123904] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer] "NoResolveTrack"= 1 (0x1) [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks] "{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128] [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecute REG_MULTI_SZ autocheck autochk \0sasnative32 [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microsoft Office.lnk] [HKLM\~\startupfolder\C:^Documents and Settings^RR^Start Menu^Programs^Startup^FrostWire On Startup.lnk] backup=c:\windows\pss\FrostWire On Startup.lnkStartup [HKLM\~\startupfolder\C:^Documents and Settings^RR^Start Menu^Programs^Startup^ppcb_32.lnk] backup=c:\windows\pss\ppcb_32.lnkStartup [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-] "ctfmon.exe"=c:\windows\system32\ctfmon.exe [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-] "Device Detector"=DevDetect.exe -autorun [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "c:\\Program Files\\K-Lite Codec Pack\\Media Player Classic\\mplayerc.exe"= "c:\\Program Files\\LimeWire\\LimeWire.exe"= "c:\\Documents and Settings\\RR\\Local Settings\\Application Data\\Google\\Chrome\\Application\\chrome.exe"= "c:\\Program Files\\uTorrent\\uTorrent.exe"= "c:\\Program Files\\Foxit Software\\PDF Editor\\PDFEdit.exe"= "c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"= "c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"= "c:\\Program Files\\Skype\\Phone\\Skype.exe"= R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [2/20/2008 12:11 PM 33800] R1 StarPortLite;StarPort Storage Controller (Lite);c:\windows\system32\drivers\StarPortLite.sys [8/22/2009 11:22 AM 95592] R2 ekrn;Eset Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [2/20/2008 12:08 PM 472320] R2 TuneUp.ProgramStatisticsSvc;TuneUp Program Statistics Service;c:\windows\system32\TUProgSt.exe [8/6/2009 6:13 PM 604488] S0 ntcdrdrv;ntcdrdrv;c:\windows\system32\DRIVERS\ntcdrdrv.sys --> c:\windows\system32\DRIVERS\ntcdrdrv.sys [?] S2 NOD32FiXTemDono;Eset Nod32 Boot;c:\windows\system32\regedt32.exe [8/23/2001 12:00 PM 3584] S3 DfSdkS;Defragmentation-Service;c:\program files\Ashampoo\Ashampoo WinOptimizer 6\DfSdkS.exe [9/13/2009 6:11 PM 410976] S3 EuMusDesignVirtualAudioCableWdm_lcs;Breakaway Pipeline (WDM);c:\windows\system32\DRIVERS\vaclcskd.sys --> c:\windows\system32\DRIVERS\vaclcskd.sys [?] S3 PsSdk41;PsSdk41;c:\windows\system32\drivers\pssdk41.sys [10/19/2008 5:05 PM 36928] S3 w89c940;Winbond W89C940 PCI Ethernet Adapter Driver;c:\windows\system32\drivers\w940nd.sys [12/22/2007 12:52 AM 16925] HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs UxTuneUp [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{A509B1FF-37FF-4bFF-8CFF-4F3A747040FF}] c:\windows\system32\rundll32.exe c:\windows\system32\advpack.dll,LaunchINFSectionEx c:\program files\Internet Explorer\clrtour.inf,DefaultInstall.ResetTour,,12 . Contents of the 'Scheduled Tasks' folder 2009-10-09 c:\windows\Tasks\1-Click Maintenance.job - c:\program files\TuneUp Utilities 2009\OneClickStarter.exe [2009-07-16 08:54] 2009-10-09 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-436374069-527237240-725345543-1003Core.job - c:\documents and settings\RR\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2008-09-03 11:13] 2009-10-09 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-436374069-527237240-725345543-1003UA.job - c:\documents and settings\RR\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2008-09-03 11:13] . . ------- Supplementary Scan ------- . uStart Page = uInternet Connection Wizard,ShellNext = iexplore uSearchURL,(Default) = hxxp://www.google.com/search/?q=%s IE: &Clean Traces - c:\program files\DAP\Privacy Package\dapcleanerie.htm IE: &Download with &DAP - c:\program files\DAP\dapextie.htm IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: Download &all with DAP - c:\program files\DAP\dapextie2.htm IE: Translate this web page with Babylon - c:\program files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/ActionTU.htm IE: Translate with Babylon - c:\program files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Action.htm IE: {{F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - res://c:\program files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/ActionTU.htm FF - ProfilePath - c:\documents and settings\RR\Application Data\Mozilla\Firefox\Profiles\zk5243q7.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.yahoo.com/ FF - component: c:\program files\DAP\DAPFireFox\components\DAPFireFox.dll FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ ---- FIREFOX POLICIES ---- FF - user.js: yahoo.homepage.dontask - true. *********************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, gmer.net Rootkit scan 2009-10-09 23:28 Windows 5.1.2600 Service Pack 3 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ********************************************************************** . --------------------- DLLs Loaded Under Running Processes --------------------- - - - - - - - > 'winlogon.exe'(680) c:\windows\system32\Ati2evxx.dll - - - - - - - > 'explorer.exe'(2312) c:\windows\system32\WININET.dll c:\program files\Windows Desktop Search\deskbar.dll c:\program files\Windows Desktop Search\en-us\dbres.dll.mui c:\program files\Windows Desktop Search\dbres.dll c:\program files\Windows Desktop Search\wordwheel.dll c:\program files\Windows Desktop Search\en-us\msnlExtRes.dll.mui c:\program files\Windows Desktop Search\msnlExtRes.dll c:\windows\system32\ieframe.dll c:\windows\system32\webcheck.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . ------------------------ Other Running Processes ------------------------ . c:\windows\system32\ati2evxx.exe c:\windows\system32\ati2evxx.exe c:\program files\Java\jre6\bin\jqs.exe c:\windows\system32\snmp.exe c:\windows\system32\searchindexer.exe c:\program files\Yahoo!\SoftwareUpdate\YahooAUService.exe c:\program files\Skype\Phone\Skype.exe c:\windows\system32\searchprotocolhost.exe c:\program files\Skype\Plugin Manager\skypePM.exe c:\windows\system32\searchfilterhost.exe . ************************************************************************ . Completion time: 2009-10-09 23:35 - machine was rebooted ComboFix-quarantined-files.txt 2009-10-09 21:35 ComboFix2.txt 2009-10-09 18:39 Pre-Run: 10,331,414,528 bytes free Post-Run: 10,170,621,952 bytes free 258 --- E O F --- 2009-09-09 22:04

Profil

magna86 Poslao: 10 Okt 2009 23:12 Idi na vrh
offline magna86 Anti Malware Fighter Rank 2 Pridružio: 21 Jun 2008 Poruke: 6104	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Pokreni program Gmer i pređi na Files karticu. U levom prozoru (klikćući na +) odaberi sledeći folder: C:\WINDOWS\system32\drivers a u desnom obeleži file atapi.sys. Zatim klikni taster Copy i sačuvaj kopiju tog file-a. Upload-uj tu sačuvanu kopiju file-a preko ovog linka: http://www.mycity.rs/ambulanta-upload.php

Profil

rradovan Poslao: 11 Okt 2009 02:25 Idi na vrh
offline rradovan Građanin Pridružio: 15 Dec 2008 Poruke: 177 Gde živiš: Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! U folderu C:\WINDOWS\system32\drivers nema file atapi.sys (???) Ne znam šta ću sad.

Profil

magna86 Poslao: 11 Okt 2009 13:06 Idi na vrh
offline magna86 Anti Malware Fighter Rank 2 Pridružio: 21 Jun 2008 Poruke: 6104	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Pazi,taj file mora da je tamo. verovatno nisi odradio nesto kako treba,pokusaj ponovo

Profil

rradovan Poslao: 11 Okt 2009 15:56 Idi na vrh
offline rradovan Građanin Pridružio: 15 Dec 2008 Poruke: 177 Gde živiš: Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Pazi kad ga nema! Ponovo skinut Gmer, odem na >>> pa na Files, windows, system32, drivers i - nema! Ima ga u >>> Services, kao Name: atapi, Start: BOOT, file name: system32/DRIVERS/atapy.sys, Description: Standard IDE/ESDI Hard Disk Controller, ali tamo u Files - nema!

Profil

magna86 Poslao: 11 Okt 2009 17:44 Idi na vrh
offline magna86 Anti Malware Fighter Rank 2 Pridružio: 21 Jun 2008 Poruke: 6104	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Ok....ajd ovako. Preuzmi Catchme i sacuvaj ga na Desktop Dvoklikom pokreni catchme.exe i predi na Script tab. U (beli) prozor programa iskopiraj tekst koji se nalazi unutar kod polja: `files: C:\WINDOWS\system32\drivers\atapi.sys` Klikni na taster Run Kada se pojavi poruka sa obavestenjem, klikni OK Po zavrsetku procesa, na Desktop-u ce se nalaziti file catchme.zip Upload-uj ga preko sledece forme: http://www.mycity.rs/ambulanta-upload.php

Profil

MyCity » Ambulanta -> Arhiva Ambulante » Straašno uspooren računar

Ko je trenutno na forumu

Ukupno su 1065 korisnika na forumu :: 28 registrovanih, 4 sakrivenih i 1033 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: bokisha253, Boris BM, Boris90, dankisha, Dogma21, draganca, Dukelander, elenemste, Griffon vulture, interesujeme, JohnnyBoii, ladro, Leonov, Metanoja, mikrimaus, milutin134, moldway, Nemanja.M, nenad81, powSrb, Romibrat, Shinobi, Srle993, stegonosa, trajkoni018, voja64, x9, Zimbabwe

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by