MyCity » Ambulanta -> Arhiva Ambulante » Problem na laptop-u. Otvara particije u novi prozor HELP

Problem na laptop-u. Otvara particije u novi prozor HELP

Napisano na dan: 26.9.2008
2

Problem na laptop-u. Otvara particije u novi prozor HELP
Pagination Prethodna strana

Idi na vrh

Poslao: 26 Sep 2008 21:48
Idi na vrh
offline
  • helen1  Male
  • Anti Malware Fighter
    Rank 2
  • Master učitelj
  • Pridružio: 27 Avg 2005
  • Poruke: 8515
  • Gde živiš: Novi Beograd

Kako ne mozes? Odakle ga skidas? Oni linkovi meni rade. Moguce je da ga malwer blokira ili antivirus na kompu sa koga skidas. Koji antivirus koristis?

Poslao: 26 Sep 2008 21:48
Idi na vrh
offline
  • m4rk0  Male
  • Administrator
  • Administrator tech foruma
  • Marko Vasić
  • Gladijator - Maximus Decimus Meridius
  • Pridružio: 14 Jan 2005
  • Poruke: 15766
  • Gde živiš: Majur (Colosseum)

Prvi i treci link rade. Ako imas problema sa skidanjem, evo ti miror:

http://www.mycity.rs/mod-upload-dir/2475_1190415817_ComboFix.exe

Poslao: 26 Sep 2008 21:58
Idi na vrh
offline
  • Pridružio: 23 Mar 2008
  • Poruke: 68

Ovaj mirror radi. Inace koristim licenciran kaspersky.

Poslao: 26 Sep 2008 22:00
Idi na vrh
offline
  • helen1  Male
  • Anti Malware Fighter
    Rank 2
  • Master učitelj
  • Pridružio: 27 Avg 2005
  • Poruke: 8515
  • Gde živiš: Novi Beograd

Nikolavla ::Ovaj mirror radi. Inace koristim licenciran kaspersky.

OK. Sad postavi ComboFix log laptopa.

Poslao: 26 Sep 2008 22:04
Idi na vrh
offline
  • Pridružio: 23 Mar 2008
  • Poruke: 68

ComboFix 08-09-26.01 - Hacker 2008-09-26 21:56:37.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.2747 [GMT 2:00]
Running from: C:\Documents and Settings\Hacker\Desktop\ASD123.exe
* Created a new restore point

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\0u.cmd
C:\autorun.inf
C:\WINDOWS\system32\ckvo.exe
C:\WINDOWS\system32\ckvo0.dll
D:\0u.cmd
D:\Autorun.inf
F:\0u.cmd
F:\autorun.inf
F:\b0j6j16.bat

.
((((((((((((((((((((((((( Files Created from 2008-08-26 to 2008-09-26 )))))))))))))))))))))))))))))))
.

2008-09-26 20:48 . 2008-09-26 20:49 69 --a------ C:\WINDOWS\NeroDigital.ini
2008-09-26 19:33 . 2008-09-26 19:56 <DIR> d-------- C:\Documents and Settings\Hacker\Application Data\BSplayer
2008-09-26 19:05 . 2001-08-17 15:59 3,072 --a------ C:\WINDOWS\system32\drivers\audstub.sys
2008-09-26 19:04 . 2004-08-04 00:59 57,472 --a------ C:\WINDOWS\system32\drivers\redbook.sys
2008-09-26 19:04 . 2004-08-04 01:07 14,080 --a------ C:\WINDOWS\system32\drivers\CmBatt.sys
2008-09-26 19:04 . 2001-08-17 15:57 14,080 --a------ C:\WINDOWS\system32\drivers\battc.sys
2008-09-26 19:04 . 2001-08-17 15:58 9,344 --a------ C:\WINDOWS\system32\drivers\compbatt.sys
2008-09-26 19:03 . 2004-08-04 02:56 74,240 --a------ C:\WINDOWS\system32\usbui.dll
2008-09-26 19:03 . 2001-08-17 15:46 6,400 --a------ C:\WINDOWS\system32\drivers\enum1394.sys
2008-09-26 19:01 . 2008-09-26 17:23 <DIR> dr------- C:\Documents and Settings\All Users.WINDOWS\Documents
2008-09-26 19:00 . 2008-09-26 17:26 <DIR> d--h----- C:\Documents and Settings\Default User.WINDOWS
2008-09-26 19:00 . 2008-09-26 17:25 <DIR> d-------- C:\Documents and Settings\All Users.WINDOWS
2008-09-26 18:59 . 2008-09-26 17:28 632 --a------ C:\WINDOWS\system32\$winnt$.inf
2008-09-26 18:56 . 2008-09-26 19:05 <DIR> d-------- C:\Documents and Settings\Hacker\Application Data\Winamp
2008-09-26 18:55 . 2008-09-26 18:55 <DIR> d-------- C:\Documents and Settings\Hacker\Application Data\Ahead
2008-09-26 18:54 . 2008-09-26 18:54 <DIR> d-------- C:\Program Files\Nero
2008-09-26 18:54 . 2008-09-26 18:54 <DIR> d-------- C:\Program Files\Common Files\Ahead
2008-09-26 18:29 . 2008-09-26 18:29 <DIR> d-------- C:\Documents and Settings\Hacker
2008-09-26 18:29 . 2008-09-26 18:29 940,794 --a------ C:\WINDOWS\system32\LoopyMusic.wav
2008-09-26 18:29 . 2008-09-26 18:29 146,650 --a------ C:\WINDOWS\system32\BuzzingBee.wav
2008-09-26 18:25 . 2008-09-26 18:25 <DIR> d-------- C:\WINDOWS\system32\QuickTime
2008-09-26 18:25 . 2008-09-26 18:25 <DIR> d-------- C:\WINDOWS\system32\custom matrices
2008-09-26 18:25 . 2008-09-26 18:25 <DIR> d-------- C:\WINDOWS\system32\C2MP
2008-09-26 18:25 . 2008-09-26 18:25 <DIR> d-------- C:\Program Files\Webteh
2008-09-26 18:03 . 2008-09-26 18:03 52 --a------ C:\WINDOWS\wcx_ftp.ini
2008-09-26 17:54 . 2008-09-26 17:54 <DIR> d-------- C:\WINDOWS\Downloaded Installations
2008-09-26 17:54 . 2008-09-26 17:54 <DIR> d-------- C:\Program Files\O2Micro Oz128 Driver
2008-09-26 17:54 . 2007-04-03 10:04 39,680 --a------ C:\WINDOWS\system32\drivers\o2media.sys
2008-09-26 17:54 . 2007-04-02 16:11 35,712 --a------ C:\WINDOWS\system32\drivers\o2sd.sys
2008-09-26 17:53 . 2008-09-26 17:53 <DIR> d-------- C:\Program Files\Intel
2008-09-26 17:51 . 2008-09-26 17:51 <DIR> d-------- C:\Program Files\DIFX
2008-09-26 17:51 . 2008-09-26 17:51 <DIR> d-------- C:\Intel
2008-09-26 17:50 . 2007-05-02 19:00 546,976 --a------ C:\WINDOWS\system32\drivers\ar5211.sys
2008-09-26 17:50 . 2007-05-02 19:00 546,976 --a------ C:\WINDOWS\system32\ar5211.sys
2008-09-26 17:50 . 2007-05-02 19:00 84,470 --a------ C:\WINDOWS\system32\net5211.inf
2008-09-26 17:50 . 2007-05-09 10:16 20,888 --a------ C:\WINDOWS\system32\net5211.cat
2008-09-26 17:49 . 2008-09-26 17:49 <DIR> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Atheros
2008-09-26 17:47 . 2004-08-03 23:07 171,776 --a------ C:\WINDOWS\system32\drivers\kmixer.sys
2008-09-26 17:46 . 2007-10-16 18:30 16,855,552 --a------ C:\WINDOWS\RTHDCPL.exe
2008-09-26 17:45 . 2007-05-18 02:05 356,352 --a------ C:\WINDOWS\system32\NVUNINST.EXE
2008-09-26 17:45 . 2007-05-18 15:53 356,352 --a------ C:\WINDOWS\system32\nvudisp.exe
2008-09-26 17:45 . 2007-05-18 15:53 111,544 --a------ C:\WINDOWS\system32\nvapps.xml
2008-09-26 17:45 . 2007-05-18 15:53 17,431 --a------ C:\WINDOWS\system32\nvdisp.nvu
2008-09-26 17:42 . 2004-08-03 23:08 26,496 --a--c--- C:\WINDOWS\system32\dllcache\usbstor.sys
2008-09-26 17:42 . 2008-09-26 21:39 3,124 --a------ C:\WINDOWS\wincmd.ini
2008-09-26 17:42 . 2008-04-22 07:03 545 --a------ C:\WINDOWS\UC.PIF
2008-09-26 17:42 . 2008-04-22 07:03 545 --a------ C:\WINDOWS\RAR.PIF
2008-09-26 17:42 . 2008-04-22 07:03 545 --a------ C:\WINDOWS\PKZIP.PIF
2008-09-26 17:42 . 2008-04-22 07:03 545 --a------ C:\WINDOWS\PKUNZIP.PIF
2008-09-26 17:42 . 2008-04-22 07:03 545 --a------ C:\WINDOWS\NOCLOSE.PIF
2008-09-26 17:42 . 2008-04-22 07:03 545 --a------ C:\WINDOWS\LHA.PIF
2008-09-26 17:42 . 2008-04-22 07:03 545 --a------ C:\WINDOWS\ARJ.PIF
2008-09-26 17:33 . 2008-09-26 17:33 <DIR> d--hs---- C:\Documents and Settings\LocalService.NT AUTHORITY
2008-09-26 17:33 . 2008-09-26 20:49 <DIR> d-------- C:\Documents and Settings\Administrator
2008-09-26 17:29 . 2008-09-26 17:29 <DIR> d--hs---- C:\Documents and Settings\NetworkService.NT AUTHORITY
2008-09-26 17:29 . 2008-09-26 17:29 8,192 --a------ C:\WINDOWS\REGLOCS.OLD
2008-09-26 17:27 . 2002-12-31 14:00 13,463,552 --a--c--- C:\WINDOWS\system32\dllcache\hwxjpn.dll
2008-09-26 17:26 . 2002-12-31 14:00 2,134,528 --a--c--- C:\WINDOWS\system32\dllcache\smtpsnap.dll
2008-09-26 17:25 . 2008-09-26 17:25 <DIR> d--hs---- C:\Documents and Settings\All Users.WINDOWS\DRM
2008-09-26 17:25 . 2008-09-26 17:25 316,640 --a------ C:\WINDOWS\WMSysPr9.prx
2008-09-26 17:25 . 2008-09-26 17:25 23,392 --a------ C:\WINDOWS\system32\nscompat.tlb
2008-09-26 17:25 . 2008-09-26 17:25 16,832 --a------ C:\WINDOWS\system32\amcompat.tlb
2008-09-26 17:25 . 2008-09-26 17:25 2,577 --a------ C:\WINDOWS\system32\CONFIG.NT
2008-09-26 17:25 . 2008-09-26 17:25 0 --a------ C:\WINDOWS\control.ini
2008-09-26 17:23 . 2002-12-31 14:00 3,166,208 --a--c--- C:\WINDOWS\system32\dllcache\msgr3en.dll
2008-09-26 17:22 . 2002-12-31 14:00 1,251,840 --a--c--- C:\WINDOWS\system32\dllcache\comsvcs.dll
2008-09-26 17:21 . 2002-12-31 14:00 1,352,192 --a--c--- C:\WINDOWS\system32\dllcache\cimwin32.dll
2008-09-26 15:50 . 2007-05-18 15:53 8,433,664 --a------ C:\WINDOWS\system32\nvcpl.dll
2008-09-26 15:48 . 2006-06-29 13:13 1,160,320 --a------ C:\WINDOWS\system32\drivers\AGRSM.sys
2008-09-26 15:48 . 2006-06-29 13:32 89,541 --a------ C:\WINDOWS\AGRSMMSG.exe
2008-09-26 15:48 . 2005-05-02 12:10 68,096 --a------ C:\WINDOWS\agrsmdel.exe
2008-09-26 15:45 . 2008-09-26 15:45 <DIR> d-------- C:\FPC
2008-09-26 15:41 . 2008-09-26 15:41 <DIR> d-------- C:\totalcmd
2008-09-26 15:32 . 2008-09-26 15:32 <DIR> d--h----- C:\WINDOWS\$hf_mig$
2008-09-24 23:29 . 2008-09-24 23:29 <DIR> d-------- C:\Program Files\Microsoft.NET
2008-09-24 23:29 . 2008-09-24 23:29 <DIR> d-------- C:\Program Files\Microsoft ActiveSync
2008-09-24 23:28 . 2008-09-26 18:55 <DIR> d--h----- C:\WINDOWS\ShellNew
2008-09-24 19:54 . 2008-09-24 19:54 <DIR> d-------- C:\Documents and Settings\BK\Application Data\Apple Computer
2008-09-24 11:45 . 2008-09-24 11:45 <DIR> d-------- C:\Program Files\QuickTime
2008-09-24 11:45 . 2008-09-24 11:45 <DIR> d-------- C:\Program Files\Apple Software Update
2008-09-24 10:20 . 2008-09-25 10:22 <DIR> d-------- C:\Documents and Settings\BK\Application Data\uTorrent
2008-09-24 03:15 . 2008-09-26 15:43 <DIR> d-------- C:\Documents and Settings\BK\Application Data\Skype
2008-09-24 03:14 . 2008-09-24 03:14 <DIR> d-------- C:\Program Files\Skype
2008-09-24 03:14 . 2008-09-24 03:14 <DIR> d-------- C:\Program Files\Opera
2008-09-24 03:14 . 2008-09-24 03:14 <DIR> d-------- C:\Program Files\Common Files\Skype
2008-09-24 03:12 . 2008-09-24 03:12 <DIR> d-------- C:\Program Files\SAGEM
2008-09-24 03:12 . 2008-09-24 03:12 <DIR> d-------- C:\Documents and Settings\BK\Application Data\InstallShield
2008-09-24 02:39 . 2008-09-24 02:39 <DIR> d-------- C:\Program Files\Atheros
2008-09-24 02:30 . 2008-09-26 19:00 <DIR> d-------- C:\WINDOWS\nview
2008-09-24 02:27 . 2008-09-24 02:27 <DIR> d-------- C:\WINDOWS\system32\Lang
2008-09-24 02:25 . 2008-09-26 17:47 <DIR> d-------- C:\WINDOWS\system32\RTCOM
2008-09-24 02:24 . 2008-09-24 02:24 <DIR> d-------- C:\Program Files\Realtek
2008-09-24 02:24 . 2008-09-23 23:14 <DIR> d--h----- C:\Program Files\InstallShield Installation Information
2008-09-24 02:24 . 2008-09-26 17:55 <DIR> d-------- C:\Program Files\Common Files\InstallShield
2008-09-23 23:14 . 2008-09-26 17:49 <DIR> d-------- C:\Program Files\Common Files\snp2std
2008-09-23 22:55 . 2008-09-23 22:55 <DIR> d-------- C:\Program Files\Common Files\Adobe AIR
2008-09-23 22:54 . 2008-09-26 19:18 <DIR> d-------- C:\Program Files\Common Files\Adobe
2008-09-23 21:37 . 2008-09-23 21:37 <DIR> d-------- C:\Program Files\Windows Live Favorites
2008-09-23 21:35 . 2008-09-23 21:37 <DIR> d-------- C:\Program Files\Windows Live Toolbar
2008-09-23 21:35 . 2008-09-23 21:35 <DIR> d-------- C:\Documents and Settings\BK\Contacts
2008-09-23 21:34 . 2008-09-26 17:54 <DIR> d----c--- C:\WINDOWS\system32\DRVSTORE
2008-09-23 21:32 . 2008-09-23 22:03 <DIR> d-------- C:\WINDOWS\SxsCaPendDel
2008-09-23 21:22 . 2007-05-31 15:19 96,896 --a------ C:\WINDOWS\system32\drivers\Rtenicxp.sys
2008-09-23 21:20 . 2008-09-26 15:01 <DIR> d-------- C:\Documents and Settings\BK\Application Data\skypePM

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-09-26 16:58 --------- d-----w C:\Program Files\Winamp
2008-09-26 15:46 315,392 ----a-w C:\WINDOWS\HideWin.exe
2008-09-24 10:02 --------- d-----w C:\Documents and Settings\BK\Application Data\Winamp
2008-09-23 22:33 --------- d-----w C:\Program Files\microsoft frontpage
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2007-05-18 8433664]
"tsnp2std"="C:\WINDOWS\tsnp2std.exe" [2005-08-17 90112]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 155648]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792]
"nwiz"="nwiz.exe" [2007-05-18 C:\WINDOWS\system32\nwiz.exe]
"RTHDCPL"="RTHDCPL.EXE" [2007-10-16 C:\WINDOWS\RTHDCPL.exe]
"AGRSMMSG"="AGRSMMSG.exe" [2006-06-29 C:\WINDOWS\AGRSMMSG.exe]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.ac3filter"= ac3filter.acm
"vidc.hfyu"= huffyuv.dll
"msacm.divxa32"= DivXa32.acm

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001
"UpdatesDisableNotify"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=

R0 O2MDRDR;O2MDRDR;C:\WINDOWS\system32\DRIVERS\o2media.sys [2007-04-03 39680]
R0 O2SDRDR;O2SDRDR;C:\WINDOWS\system32\DRIVERS\o2sd.sys [2007-04-02 35712]

*Newly Created Service* - PROCEXP90
.
- - - - ORPHANS REMOVED - - - -

HKCU-Run-kamsoft - C:\WINDOWS\system32\ckvo.exe
HKLM-Run-WinampAgent - C:\Program Files\Winamp\winampa.exe



**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, gmer.net
Rootkit scan 2008-09-26 21:57:48
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2008-09-26 21:58:18
ComboFix-quarantined-files.txt 2008-09-26 19:58:16

Pre-Run: 67,729,858,560 bytes free
Post-Run: 67,722,780,672 bytes free

178

Poslao: 26 Sep 2008 22:28
Idi na vrh
offline
  • helen1  Male
  • Anti Malware Fighter
    Rank 2
  • Master učitelj
  • Pridružio: 27 Avg 2005
  • Poruke: 8515
  • Gde živiš: Novi Beograd

Kakvo je sad stanje?

Jesi ti video gore poruku koju ti je m4rk0 napisao, sta da kucas?

Poslao: 26 Sep 2008 22:38
Idi na vrh
offline
  • Pridružio: 23 Mar 2008
  • Poruke: 68

Jesam. Nije u pocetku radilo to za particije sto sam kucao u run, ali posle pokretanja combo fixa sada sve radi.
Hvala

Poslao: 26 Sep 2008 23:38
Idi na vrh
offline
  • helen1  Male
  • Anti Malware Fighter
    Rank 2
  • Master učitelj
  • Pridružio: 27 Avg 2005
  • Poruke: 8515
  • Gde živiš: Novi Beograd

Uradi ovo na laptopu:

Klikni START a zatim RUN
U liniju za unos teksta ukucaj Combofix /u i klikni OK





Sačekaj da se proces deinstalacije završi
Gornja procedura će:
Obrisati sledeće:
ComboFix i njegove file-ove i foldere
VundoFix Backups folder, ako postoji
C:\Deckard folder, ako postoji
C:\OtMoveIt folder, ako postoji
Resetovati podešavanja sata na kompjuteru
Sakriti ekstenzije file-ova, ako je potrebno
Sakriti sistemske/skrivene file-ove/foldere, ako je potrebno
Resetovati System Restore


Prekosutra mi postavi novi ComboFix log. Jel vazi?

MyCity » Ambulanta -> Arhiva Ambulante » Problem na laptop-u. Otvara particije u novi prozor HELP

Ko je trenutno na forumu
 

Ukupno su 568 korisnika na forumu :: 3 registrovanih, 3 sakrivenih i 562 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: ruger357, Tas011, zlaya011