straaašno usporen internet

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

OK, OK, ide novi upload.
Pre neki dan si me ukorio što nisam "prikačio" fajlu, a sad što nisam "preko forme". Ko će razumeti vas majstore i apotekare kad govorite u ranije zgotovljenim formulacijama.
Slušam te i skidam SpeedBit Video Accelerator, ali on se, stoka, direktno gurao uz Download accelerator, pa ga uzmeš mahinalno.

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Objasnio sam ti vec - primerke za analizu uploadovati preko one forme za koju sam ti dao link, a ostale stvari kao sto su logovi preko opcije Prikaci fajl.

Ne mora ponovo da ih uploadujes.
Problem je sto ako je fajl virus, a ti ga postavis preko "Prikaci fajl", neko od citalaca moze da klikne na njega i da se nehotice inficira.

Taj Download Accelerator Plus takodje deinstaliraj. Imas gomilu drugih besplatnih resenja koja ne idu sa raznim "dodacima"

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

OK, skidam i taj DAP.

Pri sadašnjem skeniranju NOD je našao nešto što se zove

C:\Sistem volume information\restore{9CE8A243-05F9-4E39-86AD-D81970B2999D}\RP165\A0038841.sys, ima size 6656 i on ga računa kao "variant of Win32/Wigon trojan" i to je kao pretnju ćušnuo u karantin.

I dosad se pojavljivao taj trojanac, ali valjda ga NOD drži u karantinu, samo mi nije jasno odakle niče.
Nema više BN u Tempu.
Noćas ću pustiti duboko NOD skeniranje cele mašine, pa ćeš sutra imati na uvid, ako nešto ima.

Izgleda mi da si uložio silan trud, zahvalan sam vrlo, mnogo si pomogao. Da si bliže pa da se vidimo boljim povodom.

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Ako ti ne bude bilo tesko, pusti sutra ComboFIx jos jednom, cisto da vidim da se infekcija nekim cudom ne regenerise.
Takodje, ako NOD jos sta nadje, javi obavezno.
Ovo sto je nasao, to je u System Restoreu, tj. vec je obrisano. To je onaj fajl restore.sys koji smo mi brisali.

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

NOD nije našao baš ništa.
Čestitam ti care, nadam se da je i CF log čist, pa si onda apsolutno pobedio.
Zahvaljujem mnogo.
Poz.



ComboFix 09-03-10.03 - RR 2009-03-16 4:02:47.18 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1918.1251 [GMT 1:00]
Running from: c:\documents and settings\RR\Desktop\lecenje\ComboFix.exe
AV: AVG *On-access scanning disabled* (Outdated)
AV: ESET NOD32 Antivirus 3.0 *On-access scanning disabled* (Updated)
.

((((((((((((((((((((((((( Files Created from 2009-02-16 to 2009-03-16 )))))))))))))))))))))))))))))))
.

2009-03-13 22:40 . 2009-03-13 22:40 738 --a------ C:\main.bat
2009-03-13 22:40 . 2009-03-13 22:40 381 --a------ C:\back.bat
2009-03-13 22:35 . 2009-03-13 22:35 23 --a------ C:\restore.bat
2009-03-12 22:22 . 2009-03-12 22:22 1,025 --a------ c:\windows\system32\sysprs7.tgz
2009-03-12 22:22 . 2009-03-12 22:22 1,025 --a------ c:\windows\system32\sysprs7.dll
2009-03-12 22:22 . 2009-03-14 00:15 351 --a------ c:\windows\system32\lsprst7.tgz
2009-03-12 22:22 . 2009-03-14 00:15 16 ---h----- c:\windows\system32\servdat.slm
2009-03-12 22:15 . 2009-03-12 22:15 1,024 --a------ c:\windows\system32\clauth2.dll
2009-03-12 22:15 . 2009-03-12 22:15 1,024 --a------ c:\windows\system32\clauth1.dll
2009-03-12 22:15 . 2009-03-14 00:15 14 --a------ c:\windows\system32\ssprs.tgz
2009-03-12 22:15 . 2009-03-12 22:15 0 --a------ c:\windows\system32\nsprs.tgz
2009-03-12 22:13 . 2009-03-14 00:15 <DIR> d-------- c:\program files\SPSSEval
2009-03-08 16:51 . 2009-03-15 00:17 <DIR> d-------- c:\program files\SpeedBit Video Accelerator
2009-03-07 22:19 . 2009-03-07 22:19 <DIR> d-------- c:\program files\Software Informer
2009-03-07 04:43 . 2005-10-31 19:17 135,168 -r------- c:\windows\system32\RtlCPAPI.dll
2009-03-07 04:42 . 2005-05-03 19:43 69,632 -r------- c:\windows\Alcmtr.exe
2009-03-05 18:38 . 2009-03-05 18:38 <DIR> d-------- c:\windows\system32\config\systemprofile\Application Data\Yahoo!
2009-03-03 16:20 . 2009-03-03 16:20 <DIR> d-------- c:\documents and settings\RR\Application Data\Thinstall
2009-03-03 16:16 . 2009-03-08 00:40 <DIR> d--hs---- c:\documents and settings\All Users\Application Data\{55A29068-F2CE-456C-9148-C869879E2357}
2009-03-03 16:14 . 2009-03-03 16:14 <DIR> d-------- c:\program files\TuneUp Utilities 2009 8.0.2000.35
2009-03-02 17:46 . 2009-03-02 17:46 <DIR> d-------- c:\program files\Reference Assemblies
2009-02-28 19:51 . 2009-02-28 19:51 <DIR> d-------- c:\documents and settings\RR\Application Data\URSoft
2009-02-28 02:00 . 2009-02-28 06:03 <DIR> d-------- c:\program files\Magic Video Converter
2009-02-28 02:00 . 2003-03-19 11:03 544,768 --a------ c:\windows\system32\msvcr71d.dll
2009-02-25 03:18 . 2009-01-09 20:19 1,089,593 -----c--- c:\windows\system32\dllcache\ntprint.cat
2009-02-25 02:51 . 2009-02-26 03:17 <DIR> d-------- c:\program files\Total Video Converter
2009-02-25 02:50 . 2009-02-28 05:51 <DIR> d-------- c:\program files\Codec Pack - All In 1
2009-02-25 02:50 . 2009-02-28 05:51 737,280 --a------ c:\windows\iun6002.exe
2009-02-24 16:59 . 2009-02-24 17:00 <DIR> d-------- c:\program files\ZC Video Converter
2009-02-24 16:42 . 2009-02-24 16:42 <DIR> d-------- c:\program files\XviD
2009-02-24 16:39 . 2001-08-23 17:00 1,700,352 --a------ c:\windows\system32\gdiplus.dll
2009-02-24 02:44 . 2009-02-24 02:44 <DIR> d-------- c:\program files\XP Codec Pack
2009-02-24 02:44 . 2008-07-09 09:05 421,888 --a------ c:\windows\system32\ac3filter.acm
2009-02-22 16:42 . 2009-02-22 16:43 <DIR> d-------- c:\program files\Any Video Converter
2009-02-22 16:42 . 2009-02-26 03:17 <DIR> d-------- c:\documents and settings\RR\Application Data\Any Video Converter
2009-02-22 16:14 . 2009-02-22 16:39 <DIR> d-------- c:\program files\Any Video Converter Professional
2009-02-22 16:14 . 2009-02-26 03:17 <DIR> d-------- c:\documents and settings\RR\Application Data\Any Video Converter Professional
2009-02-22 15:38 . 2009-02-22 15:39 <DIR> d-------- c:\program files\Media Convert Master
2009-02-22 15:38 . 2009-02-22 15:39 <DIR> d-------- c:\documents and settings\RR\Application Data\Vso
2009-02-22 15:38 . 2009-02-22 15:38 81,920 --a------ c:\documents and settings\RR\Application Data\ezpinst.exe
2009-02-22 15:38 . 2009-02-22 15:38 47,360 --a------ c:\windows\system32\drivers\pcouffin.sys
2009-02-22 15:38 . 2009-02-22 15:38 47,360 --a------ c:\documents and settings\RR\Application Data\pcouffin.sys
2009-02-22 15:20 . 2007-02-07 20:05 269,824 --a------ c:\windows\system32\baksm.dll
2009-02-22 14:14 . 2009-02-22 14:14 <DIR> d-------- c:\program files\AviSynth 2.5
2009-02-22 14:14 . 2004-05-26 21:37 719,872 --a------ c:\windows\system32\devil.dll
2009-02-22 14:14 . 2006-09-16 19:44 314,368 --a------ c:\windows\system32\avisynth.dll
2009-02-22 14:14 . 2005-02-13 00:00 186,880 -r-hs---- c:\windows\system32\RLOgg.ax
2009-02-22 14:14 . 2005-02-06 00:00 92,672 -r-hs---- c:\windows\system32\RLVorbisDec.ax
2009-02-22 14:14 . 2004-01-25 00:00 70,656 --a------ c:\windows\system32\i420vfw.dll
2009-02-22 14:14 . 2005-02-13 00:00 67,584 -r-hs---- c:\windows\system32\RLTheoraDec.ax
2009-02-22 14:14 . 2005-02-13 00:00 51,712 -r-hs---- c:\windows\system32\RLSpeexDec.ax
2009-02-22 14:13 . 2005-01-18 00:26 179,200 -r-hs---- c:\windows\system32\DiracSplitter.ax
2009-02-22 14:13 . 2005-02-22 17:55 81,920 -r-hs---- c:\windows\system32\aac_parser.ax
2009-02-22 03:31 . 2009-02-22 03:31 <DIR> d-------- c:\program files\Common Files\Download Manager
2009-02-20 20:39 . 2008-03-03 14:25 5,702 --ah----- c:\windows\nod32restoretemdono.reg
2009-02-20 20:39 . 2008-03-03 18:21 568 --ah----- c:\windows\nod32fixtemdono.reg
2009-02-20 20:33 . 2009-02-20 20:33 <DIR> d-------- c:\documents and settings\All Users\Application Data\ESET

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-03-16 03:01 --------- d-----w c:\documents and settings\RR\Application Data\uTorrent
2009-03-16 03:01 --------- d-----w c:\documents and settings\RR\Application Data\Skype
2009-03-15 23:04 --------- d-----w c:\documents and settings\RR\Application Data\skypePM
2009-03-14 23:17 --------- d-----w c:\documents and settings\All Users\Application Data\SpeedBit
2009-03-14 07:27 --------- d-----w c:\program files\Everything
2009-03-14 03:33 --------- d---a-w c:\documents and settings\All Users\Application Data\TEMP
2009-03-13 15:04 --------- d-----w c:\program files\DAP
2009-03-13 00:49 --------- d-----w c:\program files\SPSS
2009-03-11 07:58 --------- d-----w c:\program files\TimeLeft3
2009-03-09 07:41 --------- d-----w c:\documents and settings\RR\Application Data\FrostWire
2009-03-08 15:08 --------- d-----w c:\documents and settings\RR\Application Data\Software Informer
2009-03-07 21:57 --------- d-----w c:\program files\Windows Live
2009-03-07 03:42 --------- d-----w c:\program files\Realtek
2009-03-07 03:23 --------- d-----w c:\program files\Foxit Software
2009-03-06 14:08 --------- d-----w c:\program files\Opera
2009-03-05 17:38 --------- d-----w c:\documents and settings\All Users\Application Data\Yahoo! Companion
2009-03-03 15:17 --------- d-----w c:\documents and settings\RR\Application Data\TuneUp Software
2009-03-03 15:16 --------- d-----w c:\documents and settings\All Users\Application Data\TuneUp Software
2009-03-01 16:06 --------- d-----w c:\program files\Glary Utilities
2009-02-27 21:31 --------- d-----w c:\program files\Total Video Player
2009-02-26 02:21 --------- d-----w c:\program files\IObit
2009-02-26 02:21 --------- d-----w c:\documents and settings\RR\Application Data\IObit
2009-02-25 02:25 --------- d-----w c:\documents and settings\RR\Application Data\LimeWire
2009-02-24 02:28 --------- d-----w c:\program files\Mv2Player
2009-02-20 19:36 --------- d-----w c:\program files\ESET
2009-02-20 12:19 --------- d-----w c:\documents and settings\All Users\Application Data\Lavasoft
2009-02-15 01:30 --------- d-----w c:\program files\SpeedFan
2009-02-14 07:15 --------- dc----w c:\documents and settings\All Users\Application Data\{83C91755-2546-441D-AC40-9A6B4B860800}
2009-02-12 02:02 --------- d-----w c:\program files\Google
2009-02-12 01:23 --------- d-----w c:\documents and settings\RR\Application Data\WinPatrol
2009-02-09 11:13 1,846,784 ----a-w c:\windows\system32\win32k.sys
2009-02-09 01:01 --------- d-----w c:\program files\Common Files\Ahead
2009-02-09 01:01 --------- d-----w c:\program files\Ahead
2009-02-09 00:54 --------- d-----w c:\documents and settings\All Users\Application Data\Nero
2009-02-08 15:14 --------- d-----w c:\program files\DivX
2009-02-08 13:39 --------- d-----w c:\documents and settings\RR\Application Data\Ahead
2009-02-08 13:17 --------- d-----w c:\documents and settings\All Users\Application Data\Ahead
2009-02-08 13:03 --------- d-----w c:\program files\Common Files\Nero
2009-02-07 23:41 --------- d-----w c:\documents and settings\RR\Application Data\Nero
2009-02-07 12:11 --------- d-----w c:\program files\FrostWire
2009-02-04 12:17 --------- d-----w c:\program files\Wise Registry Cleaner 3
2009-02-04 12:15 --------- d-----w c:\program files\Wise Disk Cleaner
2009-02-04 11:39 --------- d-----w c:\documents and settings\All Users\Application Data\3A3E
2009-02-04 11:08 --------- d-----w c:\program files\Common Files\Skype
2009-02-04 11:08 --------- d-----w c:\documents and settings\All Users\Application Data\Skype
2009-02-04 11:08 --------- d-----r c:\program files\Skype
2009-02-02 10:41 --------- d-----w c:\documents and settings\All Users\Application Data\23CB
2009-01-31 16:45 --------- d-----w c:\documents and settings\All Users\Application Data\F138
2009-01-31 01:17 --------- d-----w c:\documents and settings\All Users\Application Data\2835B
2009-01-28 01:03 --------- d-----w c:\documents and settings\All Users\Application Data\3034B
2009-01-27 11:49 --------- d-----w c:\program files\Recuva
2009-01-25 01:40 17,920 -c--a-w c:\windows\WebFerretUninstall.exe
2009-01-25 01:40 --------- d-----w c:\program files\WebFerret
2009-01-23 23:48 --------- d-----w c:\documents and settings\All Users\Application Data\3A138
2009-01-23 23:02 --------- d-----w c:\documents and settings\All Users\Application Data\131F
2009-01-23 22:58 --------- d-----w c:\documents and settings\All Users\Application Data\1B1F
2009-01-05 22:33 3,751,995 ----a-w c:\windows\system32\GPhotos.scr
2008-12-20 23:15 826,368 ----a-w c:\windows\system32\wininet.dll
2008-12-18 14:50 410,984 -c--a-w c:\windows\system32\deploytk.dll
2008-10-27 13:33 69,232 -c--a-w c:\documents and settings\RR\Application Data\GDIPFONTCACHEV1.DAT
2007-12-22 13:50 32 -c--a-w c:\documents and settings\All Users\Application Data\ezsid.dat
2009-03-13 14:59 251,392 ----a-w c:\program files\opera\program\plugins\dapop.dll
.

((((((((((((((((((((((((((((( SnapShot@2009-03-14_23.15.03.67 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-03-15 13:13:52 16,384 ----atw c:\windows\Temp\Perflib_Perfdata_164.dat
+ 2009-03-15 13:13:43 16,384 ----atw c:\windows\Temp\Perflib_Perfdata_1fc.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2009-01-29 23975720]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"DownloadAccelerator"="c:\program files\DAP\DAP.EXE" [2009-03-13 6959104]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2008-02-20 1443072]
"RTHDCPL"="RTHDCPL.EXE" [2006-01-11 c:\windows\RTHDCPL.exe]

c:\documents and settings\RR\Start Menu\Programs\Startup\
TimeLeft.lnk - c:\program files\TimeLeft3\TimeLeft.exe [2007-12-22 1981112]
Yahoo! Widgets.lnk - c:\program files\Yahoo!\Widgets\YahooWidgets.exe [2008-03-19 4742184]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"vidc.I420"= i420vfw.dll
"VIDC.XVID"= xvid.dll
"msacm.ac3filter"= ac3filter.acm

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microsoft Office.lnk]

[HKLM\~\startupfolder\C:^Documents and Settings^RR^Start Menu^Programs^Startup^FrostWire On Startup.lnk]
backup=c:\windows\pss\FrostWire On Startup.lnkStartup

[HKLM\~\startupfolder\C:^Documents and Settings^RR^Start Menu^Programs^Startup^ppcb_32.lnk]
backup=c:\windows\pss\ppcb_32.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
--a------ 2008-04-14 01:12 15360 c:\windows\system32\ctfmon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
--a----t- 2008-09-03 12:13 133104 c:\documents and settings\RR\Local Settings\Application Data\Google\Update\GoogleUpdate.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"ctfmon.exe"=c:\windows\system32\ctfmon.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\K-Lite Codec Pack\\Media Player Classic\\mplayerc.exe"=
"c:\\Program Files\\WebFerret\\WebFerret.exe"=
"c:\\Program Files\\FrostWire\\FrostWire.exe"=
"c:\\Program Files\\Real\\RealPlayer\\realplay.exe"=
"c:\\Program Files\\DAP\\DAP.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [2008-02-20 33800]
R2 ekrn;Eset Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [2008-02-20 472320]
S2 NOD32FiXTemDono;Eset Nod32 Boot;c:\windows\system32\regedt32.exe [2001-08-23 3584]
S3 EuMusDesignVirtualAudioCableWdm_lcs;Breakaway Pipeline (WDM);c:\windows\system32\DRIVERS\vaclcskd.sys --> c:\windows\system32\DRIVERS\vaclcskd.sys [?]
S3 PsSdk41;PsSdk41;c:\windows\system32\drivers\pssdk41.sys [2008-10-19 36928]
S3 w89c940;Winbond W89C940 PCI Ethernet Adapter Driver;c:\windows\system32\drivers\w940nd.sys [2007-12-21 16925]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d8351d48-3147-11dd-857d-0016767e8929}]
\Shell\AutoRun\command - E:\
\Shell\open\Command - rundll32.exe .\\wowfar.dll,InstallM
.
Contents of the 'Scheduled Tasks' folder

2009-03-13 c:\windows\Tasks\AWC Update.job
- c:\program files\IObit\Advanced SystemCare 3\IObitUpdate.exe [2009-02-23 17:38]

2009-03-13 c:\windows\Tasks\AWC Update.job
- c:\program files\IObit\Advanced SystemCare 3\ [2009-03-14 23:38]

2009-03-15 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-436374069-527237240-725345543-1003.job
- c:\documents and settings\RR\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2008-09-03 12:13]

2009-03-16 c:\windows\Tasks\SmartDefrag.job
- c:\program files\IObit\IObit SmartDefrag\IObit SmartDefrag.exe [2009-02-13 18:15]

2009-03-16 c:\windows\Tasks\SmartDefrag.job
- c:\program files\IObit\IObit SmartDefrag\ [2009-02-26 03:21]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.yahoo.com/
mStart Page = hxxp://www.krstarica.com
uInternet Connection Wizard,ShellNext = iexplore
uSearchURL,(Default) = hxxp://www.google.com/search/?q=%s
IE: &Clean Traces - c:\program files\DAP\Privacy Package\dapcleanerie.htm
IE: &Download with &DAP - c:\program files\DAP\dapextie.htm
IE: &Search - ?p=ZCfox000
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Download &all with DAP - c:\program files\DAP\dapextie2.htm
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
Name-Space Handler: ftp\ZDA - {5BFA1DAF-5EDC-11D2-959E-00C00C02DA5E} - c:\progra~1\DAP\dapie.dll
Name-Space Handler: http\ZDA - {5BFA1DAF-5EDC-11D2-959E-00C00C02DA5E} - c:\progra~1\DAP\dapie.dll
FF - ProfilePath - c:\documents and settings\RR\Application Data\Mozilla\Firefox\Profiles\qq1l57ie.default\
FF - prefs.js: browser.startup.homepage - yahoo.com
FF - component: c:\program files\DAP\DAPFireFox\components\DAPFireFox.dll
FF - plugin: c:\documents and settings\RR\Local Settings\Application Data\Google\Update\1.2.141.5\npGoogleOneClick7.dll
FF - plugin: c:\program files\Google\Picasa3\npPicasa2.dll
FF - plugin: c:\program files\Google\Picasa3\npPicasa3.dll
FF - plugin: c:\program files\Opera\program\plugins\npFoxitReaderPlugin.dll
FF - plugin: c:\program files\Opera\program\plugins\nppl3260.dll
FF - plugin: c:\program files\Opera\program\plugins\nprpjplug.dll

---- FIREFOX POLICIES ----
FF - user.js: network.http.max-persistent-connections-per-server - 3
FF - user.js: nglayout.initialpaint.delay - 750
FF - user.js: content.notify.interval - 750000
FF - user.js: content.max.tokenizing.time - 2250000
FF - user.js: content.switch.threshold - 750000
FF - user.js: network.http.max-connections-per-server - 6
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, gmer.net
Rootkit scan 2009-03-16 04:05:05
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(700)
c:\windows\system32\Ati2evxx.dll
.
Completion time: 2009-03-16 4:07:18
ComboFix-quarantined-files.txt 2009-03-16 03:07:15
ComboFix2.txt 2009-03-14 22:16:34

Pre-Run: 27,149,684,736 bytes free
Post-Run: 27,135,246,336 bytes free

248 --- E O F --- 2009-03-11 17:48:35

Dopuna: 16 Mar 2009 4:18

Da li da sad deinstaliram ComboFix i da instaliram novu Recovery Console?

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Izvini na kasnjenju, bas sam bio u guzvi...

Klikni START a zatim RUN
U liniju za unos teksta ukucaj Combofix /u i klikni OK





Sačekaj da se proces deinstalacije završi
Gornja procedura će:
Obrisati sledeće:
ComboFix i njegove file-ove i foldere
VundoFix Backups folder, ako postoji
C:\Deckard folder, ako postoji
C:\OtMoveIt folder, ako postoji
Resetovati podešavanja sata na kompjuteru
Sakriti ekstenzije file-ova, ako je potrebno
Sakriti sistemske/skrivene file-ove/foldere, ako je potrebno
Resetovati System Restore

Sa roota (osnovnog foldera) C: particije obrisi sledece fajlove:
1.sys
3.sys
main.bat
restore.bat
back.bat

To bi bilo to.