XP neradi kao nekad

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

-XP neradi kao nekad-Moja internet brzina 1024/128.....evo i mog log filea.Hvala unapred!!!!

Logfile of HijackThis v1.99.1
Scan saved at 7:04:04, on 17.1.2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\Opera\Opera.exe
C:\Documents and Settings\Prle\Desktop\hidjac this\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [Link mogu videti samo ulogovani korisnici]

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = [Link mogu videti samo ulogovani korisnici]
R3 - URLSearchHook: dloader Toolbar - {d4e072dd-f9ed-48a9-bfeb-281ff450d298} - C:\Program Files\dloader\tbdloa.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: dloader Toolbar - {d4e072dd-f9ed-48a9-bfeb-281ff450d298} - C:\Program Files\dloader\tbdloa.dll
O3 - Toolbar: dloader Toolbar - {d4e072dd-f9ed-48a9-bfeb-281ff450d298} - C:\Program Files\dloader\tbdloa.dll
O3 - Toolbar: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
O4 - Startup: TransBar.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe
O4 - Startup: UberIcon.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
O4 - Startup: Y'z Shadow.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - [Link mogu videti samo ulogovani korisnici]\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} (OnlineScanner Control) - [Link mogu videti samo ulogovani korisnici]
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - Unknown owner - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Pozdrav...



Pošalji mi file: C:\Program Files\dloader\tbdloa.dll

preko sledećeg linka: [Link mogu videti samo ulogovani korisnici]


-------------------------------------------------------------------------------------



Skini ComboFix sa jedne od sledecih adresa na Desktop:
[Link mogu videti samo ulogovani korisnici]
[Link mogu videti samo ulogovani korisnici]

Startuj ga i ne diraj prozor programa dok skenira.
Sledi uputstva na ekranu. Kada zavrsi pojavice se log (C:\ComboFix.txt) koji ces nam ovde iskopirati.

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

ComboFix 08-01-17.5 - Prle 2008-01-17 11:08:09.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.605 [GMT 1:00]
Running from: C:\Documents and Settings\Prle\Desktop\ComboFix.exe
* Created a new restore point

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((( Files Created from 2007-12-17 to 2008-01-17 )))))))))))))))))))))))))))))))
.

2008-01-17 11:06 . 2000-08-31 08:00 51,200 --a------ C:\WINDOWS\NirCmd.exe
2008-01-17 10:09 . 2008-01-17 10:09 <DIR> d-------- C:\WINDOWS\system32\Kaspersky Lab
2008-01-17 10:09 . 2008-01-17 10:09 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2008-01-17 03:29 . 2008-01-17 03:32 <DIR> d-------- C:\Program Files\SpywareBlaster
2008-01-17 03:13 . 2008-01-17 05:58 <DIR> d-------- C:\WINDOWS\SxsCaPendDel
2008-01-17 02:46 . 2005-09-23 07:29 626,688 --a------ C:\WINDOWS\system32\msvcr80.dll
2008-01-17 02:45 . 2008-01-17 02:48 51,355 --a------ C:\WINDOWS\system32\muzika.xm
2008-01-17 00:41 . 2008-01-17 01:27 <DIR> d-------- C:\Program Files\totalcmd
2008-01-17 00:15 . 2008-01-17 00:15 125 --a------ C:\ioSpecial.ini
2008-01-16 22:56 . 2008-01-16 22:56 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\SpinTop Games
2008-01-16 21:55 . 2008-01-16 21:56 <DIR> d-------- C:\Program Files\Mystery Solitaire - Secret Island
2008-01-16 21:52 . 2008-01-16 21:53 <DIR> d-------- C:\Program Files\Hidden Expedition - Everest
2008-01-15 19:28 . 2008-01-15 19:28 <DIR> d-------- C:\Program Files\MSECache
2008-01-15 19:22 . 2006-10-26 19:56 32,592 --a------ C:\WINDOWS\system32\msonpmon.dll
2008-01-15 19:21 . 2008-01-15 19:21 <DIR> d-------- C:\Program Files\MSBuild
2008-01-15 19:21 . 2008-01-15 19:21 <DIR> d-------- C:\Program Files\Microsoft Works
2008-01-15 19:20 . 2008-01-15 19:20 <DIR> d-------- C:\Program Files\Microsoft.NET
2008-01-15 19:17 . 2008-01-15 19:17 <DIR> d-------- C:\Program Files\Microsoft Visual Studio 8
2008-01-15 19:16 . 2008-01-15 19:20 <DIR> d-------- C:\WINDOWS\SHELLNEW
2008-01-15 19:15 . 2008-01-15 22:09 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Microsoft Help
2008-01-15 19:14 . 2008-01-15 19:14 <DIR> dr-h----- C:\MSOCache
2008-01-15 18:30 . 2008-01-15 18:30 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Pro
2008-01-15 18:28 . 2008-01-15 18:28 <DIR> d-------- C:\Program Files\DAEMON Tools Pro
2008-01-15 12:18 . 2008-01-17 10:59 6,656 --ahs---- C:\WINDOWS\Thumbs.db
2008-01-15 08:54 . 2003-12-02 00:12 7,168 --a------ C:\WINDOWS\system\vdremote.dll
2008-01-15 08:54 . 2003-12-02 00:11 5,120 --a------ C:\WINDOWS\system\vdsvrlnk.dll
2008-01-15 03:52 . 2008-01-15 03:52 169 --a------ C:\WINDOWS\RtlRack.ini
2008-01-15 03:50 . 2001-07-05 17:19 164 -r------- C:\WINDOWS\avrack.ini
2008-01-15 03:49 . 2008-01-15 03:50 <DIR> d-------- C:\Program Files\Realtek AC97
2008-01-15 03:06 . 2008-01-15 03:06 <DIR> d-------- C:\Program Files\MegauploadToolbar
2008-01-15 03:06 . 2008-01-17 10:41 <DIR> d-------- C:\Documents and Settings\Prle\Application Data\MegauploadToolbar
2008-01-15 02:50 . 2008-01-15 02:50 <DIR> d-------- C:\Program Files\SigmaTel
2008-01-14 23:03 . 2008-01-14 23:03 <DIR> d-------- C:\Program Files\Pizza Chef
2008-01-14 21:55 . 2008-01-14 21:55 <DIR> d-------- C:\Program Files\Chocolatier 2 - Secret Ingredients
2008-01-14 20:29 . 2008-01-14 20:29 <DIR> d-------- C:\Program Files\Hot Dish
2008-01-14 20:29 . 2008-01-14 20:29 <DIR> d-------- C:\Documents and Settings\Prle\Application Data\Valusoft
2008-01-14 20:29 . 2008-01-14 20:29 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Valusoft
2008-01-14 20:23 . 2008-01-14 20:23 <DIR> d-------- C:\Program Files\bfgclient
2008-01-14 20:23 . 2008-01-14 20:29 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\BigFishGamesCache
2008-01-14 12:50 . 2008-01-14 20:50 <DIR> d-------- C:\Program Files\armagedon 2007
2008-01-14 02:41 . 2008-01-14 12:55 <DIR> d-------- C:\Program Files\Power-Tarot
2008-01-14 01:34 . 2008-01-15 02:49 <DIR> d-------- C:\Program Files\Pro Pinball
2008-01-14 01:29 . 2008-01-14 01:29 <DIR> d-------- C:\Program Files\TLKGAMES
2008-01-14 00:53 . 2008-01-14 00:53 32 --a------ C:\WINDOWS\go
2008-01-13 22:38 . 2008-01-13 23:15 <DIR> d-------- C:\Program Files\3DText
2008-01-13 22:22 . 2008-01-13 23:33 <DIR> d-------- C:\Program Files\Flash Effect Maker
2008-01-13 18:59 . 2008-01-13 18:59 <DIR> d-------- C:\eJay
2008-01-13 01:11 . 2008-01-15 08:54 <DIR> d-------- C:\Program Files\virtual dab
2008-01-13 00:52 . 2008-01-16 20:58 23 --a------ C:\subp.out
2008-01-13 00:52 . 2008-01-16 20:58 0 --a------ C:\subp_data.out
2008-01-13 00:52 . 2008-01-16 20:58 0 --a------ C:\subfilter.out
2008-01-13 00:35 . 2004-05-10 00:42 110,592 --a------ C:\WINDOWS\system32\suppdll.dll
2008-01-13 00:35 . 2007-02-07 07:50 77,824 --a------ C:\WINDOWS\system32\FLKill.exe
2008-01-13 00:35 . 2008-01-13 00:35 35,363 --a------ C:\WINDOWS\system32\windrvNT.sys
2008-01-13 00:34 . 2008-01-16 23:31 <DIR> d-------- C:\Program Files\Folder Lock
2008-01-12 22:46 . 2008-01-12 22:46 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Oberon Games
2008-01-12 20:44 . 2008-01-12 20:44 <DIR> d-------- C:\Documents and Settings\Prle\Application Data\Jane s Hotel
2008-01-12 17:25 . 2008-01-12 17:25 <DIR> d-------- C:\Program Files\dloader
2008-01-12 17:25 . 2008-01-12 17:25 <DIR> d-------- C:\Program Files\Conduit
2008-01-12 14:33 . 2008-01-14 01:29 28 --a------ C:\WINDOWS\mscpt.dat
2008-01-12 02:16 . 2008-01-12 02:16 <DIR> d-------- C:\Documents and Settings\Prle\Application Data\Consultia
2008-01-12 01:28 . 2007-09-26 19:37 3,036,456 --a------ C:\WINDOWS\system32\BCGCBPRO860u80.dll
2008-01-12 01:28 . 2006-03-17 12:45 1,757,184 --a------ C:\WINDOWS\system32\imagX7.dll
2008-01-12 01:28 . 2006-03-17 12:45 802,816 --a------ C:\WINDOWS\system32\imagXRA7.dll
2008-01-12 01:28 . 2006-03-17 12:45 497,296 --a------ C:\WINDOWS\system32\imagXpr7.dll
2008-01-12 01:28 . 2006-03-17 15:49 368,640 --a------ C:\WINDOWS\system32\TwnLib4.dll
2008-01-12 01:28 . 2006-03-17 12:45 258,048 --a------ C:\WINDOWS\system32\imagXR7.dll
2008-01-12 01:28 . 2007-09-26 19:37 33,576 --a------ C:\WINDOWS\system32\BCGPOleAcc.dll
2008-01-11 15:18 . 2008-01-11 15:18 <DIR> d-------- C:\Documents and Settings\Prle\Application Data\Bassic Technologies
2008-01-11 15:18 . 2008-01-11 15:18 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Bassic Technologies
2008-01-11 15:17 . 2008-01-11 15:17 <DIR> d-------- C:\Program Files\Bassic Technologies
2008-01-11 10:53 . 2008-01-11 10:53 <DIR> d-------- C:\Program Files\Haali
2008-01-11 10:51 . 2008-01-11 10:51 48,414 --a------ C:\WINDOWS\system32\uninst Codec pack Extend (ffdshow, h264, vp56).exe
2008-01-10 12:45 . 2008-01-10 12:45 <DIR> d-------- C:\Program Files\Common Files\Blizzard Entertainment
2008-01-10 09:54 . 2008-01-10 09:54 268 --ah----- C:\sqmdata00.sqm
2008-01-10 09:54 . 2008-01-10 09:54 244 --ah----- C:\sqmnoopt00.sqm
2008-01-10 07:22 . 2008-01-17 01:31 810 --a------ C:\WINDOWS\wincmd.ini
2008-01-10 07:22 . 2007-09-14 07:02 545 --a------ C:\WINDOWS\UC.PIF
2008-01-10 07:22 . 2007-09-14 07:02 545 --a------ C:\WINDOWS\RAR.PIF
2008-01-10 07:22 . 2007-09-14 07:02 545 --a------ C:\WINDOWS\PKZIP.PIF
2008-01-10 07:22 . 2007-09-14 07:02 545 --a------ C:\WINDOWS\PKUNZIP.PIF
2008-01-10 07:22 . 2007-09-14 07:02 545 --a------ C:\WINDOWS\NOCLOSE.PIF
2008-01-10 07:22 . 2007-09-14 07:02 545 --a------ C:\WINDOWS\LHA.PIF
2008-01-10 07:22 . 2007-09-14 07:02 545 --a------ C:\WINDOWS\ARJ.PIF
2008-01-10 03:11 . 2008-01-11 01:20 <DIR> d-------- C:\Program Files\Winamp
2008-01-10 03:11 . 2008-01-10 03:15 <DIR> d-------- C:\Documents and Settings\Prle\Application Data\Winamp
2008-01-09 06:50 . 2008-01-09 06:50 <DIR> d-------- C:\Program Files\URUSoft
2008-01-08 23:36 . 2004-08-04 00:56 159,232 --a------ C:\WINDOWS\system32\ptpusd.dll
2008-01-08 23:36 . 2004-08-03 22:58 15,104 --a------ C:\WINDOWS\system32\drivers\usbscan.sys
2008-01-08 23:36 . 2004-08-03 22:58 15,104 --a--c--- C:\WINDOWS\system32\dllcache\usbscan.sys
2008-01-08 23:36 . 2001-08-17 22:36 5,632 --a------ C:\WINDOWS\system32\ptpusb.dll
2008-01-08 21:37 . 2008-01-08 21:37 <DIR> d-------- C:\Documents and Settings\Prle\Application Data\WtmCDProtect
2008-01-07 18:00 . 2008-01-12 18:48 <DIR> d-------- C:\Documents and Settings\Prle\Application Data\AdobeUM
2008-01-07 17:59 . 2008-01-07 17:59 <DIR> d-------- C:\Program Files\Common Files\Adobe
2008-01-07 16:23 . 2008-01-07 16:23 182 --a------ C:\WINDOWS\pdf2word.INI
2008-01-07 14:31 . 2008-01-07 14:31 <DIR> d-------- C:\WINDOWS\PrimoPDF
2008-01-07 14:31 . 2006-12-11 21:12 176,235 --a------ C:\WINDOWS\system32\Primomonnt.dll
2008-01-05 18:17 . 2005-06-24 16:24 438,272 -ra------ C:\WINDOWS\system32\vp6vfw.dll
2008-01-05 18:17 . 2004-12-10 09:06 327,680 --a------ C:\WINDOWS\system32\vp6dec.ax
2008-01-05 12:41 . 2008-01-05 14:29 664 --a------ C:\WINDOWS\system32\d3d9caps.dat

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-01-15 07:59 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-01-03 14:35 --------- d-----w C:\Program Files\Opera
2007-12-28 09:13 218,624 ----a-w C:\WINDOWS\system32\uxtheme.dll
2007-12-26 14:32 --------- d-----w C:\Program Files\Common Files\InstallShield
2007-12-26 13:45 --------- d-----w C:\Documents and Settings\Prle\Application Data\ESET
2007-12-26 13:43 --------- d-----w C:\Documents and Settings\All Users\Application Data\ESET
2007-12-26 13:40 --------- d-----w C:\Documents and Settings\All Users\Application Data\Office Genuine Advantage
2007-12-26 12:46 --------- d-----w C:\Program Files\microsoft frontpage
2007-10-29 22:43 1,287,680 ----a-w C:\WINDOWS\system32\quartz.dll
2007-10-27 16:40 222,720 ----a-w C:\WINDOWS\system32\wmasf.dll
2007-10-22 02:39 267,272 ----a-w C:\WINDOWS\system32\xactengine2_10.dll
2007-10-22 02:37 17,928 ----a-w C:\WINDOWS\system32\X3DAudio1_2.dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{d4e072dd-f9ed-48a9-bfeb-281ff450d298}]
2008-01-07 18:38 1530904 --a------ C:\Program Files\dloader\tbdloa.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{D4E072DD-F9ED-48A9-BFEB-281FF450D298}
{4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C}

[HKEY_CLASSES_ROOT\clsid\{d4e072dd-f9ed-48a9-bfeb-281ff450d298}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{D4E072DD-F9ED-48A9-BFEB-281FF450D298}"= C:\Program Files\dloader\tbdloa.dll [2008-01-07 18:38 1530904]

[HKEY_CLASSES_ROOT\clsid\{d4e072dd-f9ed-48a9-bfeb-281ff450d298}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 05:56 15360]
"Skype"="C:\Program Files\Skype\Phone\Skype.exe" [2007-12-07 15:08 21686568]
"msnmsgr"="C:\Program Files\MSN Messenger\msnmsgr.exe" [2007-01-19 12:54 5674352]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"egui"="C:\Program Files\ESET\ESET Smart Security\egui.exe" [2007-10-25 09:26 1410304]
"SoundMan"="SOUNDMAN.EXE" [2006-08-02 22:12 577536 C:\WINDOWS\soundman.exe]
"GrooveMonitor"="C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-27 00:47 31016]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-04 05:56 15360]

C:\Documents and Settings\Prle\Start Menu\Programs\Startup\
RocketDock.lnk - C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe [2007-03-18 23:05:02]
TransBar.lnk - C:\WINDOWS\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe [2005-06-01 20:41:18]
UberIcon.lnk - C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe [2006-05-21 08:43:08]
Y'z Shadow.lnk - C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe [2006-05-21 08:43:14]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoChangeStartMenu"= 1 (0x1)
"Start_EnabledDragDrop"= 0 (0x0)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"msnmsgr"="C:\Program Files\MSN Messenger\msnmsgr.exe" /background

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"snpstd3"=C:\WINDOWS\vsnpstd3.exe
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"

R0 viamraid;viamraid;C:\WINDOWS\system32\DRIVERS\viamraid.sys [2004-07-06 22:45]
R0 videX32;videX32;C:\WINDOWS\system32\DRIVERS\videX32.sys [2006-10-17 20:22]
R0 xfilt;VIA SATA IDE Hot-plug Driver;C:\WINDOWS\system32\DRIVERS\xfilt.sys [2006-10-18 17:39]
R2 UxTuneUp;TuneUp Theme Extension;C:\WINDOWS\System32\svchost.exe [2004-08-04 05:56]
S3 TuneUp.Defrag;TuneUp Drive Defrag Service;C:\WINDOWS\System32\TuneUpDefragService.exe [2007-12-30 19:39]
S3 usnjsvc;Messenger Sharing Folders USN Journal Reader service;"C:\Program Files\MSN Messenger\usnsvc.exe" [2007-01-19 12:54]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp

*Newly Created Service* - PROCEXP90
.
Contents of the 'Scheduled Tasks' folder
"2008-01-11 16:54:00 C:\WINDOWS\Tasks\1-Click Maintenance.job"
- C:\Program Files\TuneUp Utilities 2008\OneClick.exe
.
**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, [Link mogu videti samo ulogovani korisnici]
Rootkit scan 2008-01-17 11:11:41
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

disk error: C:\WINDOWS\

**************************************************************************

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\catchme]
"ImagePath"="\??\C:\DOCUME~1\Prle\LOCALS~1\Temp\catchme.sys"
.
--------------------- DLLs Loaded Under Running Processes ---------------------

PROCESS: C:\WINDOWS\explorer.exe [6.00.2900.3156]
-> C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.dll
.
Completion time: 2008-01-17 11:13:18
.
2007-12-30 15:35:57 --- E O F ---

Dopuna: 17 Jan 2008 11:23

Zaboravio sam da napomenem da nemogu da udjem i u safe mod..

Dopuna: 17 Jan 2008 11:32

Uplodovao sam file: C:\Program Files\dloader\tbdloa.dll....

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Ništa maliciozno...

Prilično sam siguran da problemi nisu prouzrokovani malware-om, ali ćemo ipak još nešto proveriti...



Skini ovaj file i pokreni ga - proveri da li je sada proradio Safe Mode.



Uradi sledeće:
Preuzmi fajl gmer.zip sa ovog linka i sačuvaj na Desktop-u.
Raspakuj ga u neki folder.

Dupli klik na gmer.exe za početak: Izaberi Rootkit Tab na vrhu.
Klikni na Scan.
Kada je skeniranje završeno, klik na Copy dugme ispod - ovo će sačuvati to u Clipboard.
Iskoristi opciju Paste u Notepad-u da bi to prebacio u tekst. Snimi taj tekst iz Notepada kao file1.txt.
Ponovi ovo isto sa Autostart Tab-om. Snimi taj tekst iz Notepada kao file2.txt.

Iskopiraj nam ovde sadrzaj ta dva fajla koja smo malopre snimili

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

test 1

GMER 1.0.13.12551 - [Link mogu videti samo ulogovani korisnici]
Rootkit scan 2008-01-17 12:16:00
Windows 5.1.2600 Service Pack 2


---- System - GMER 1.0.13 ----

SSDT \??\C:\WINDOWS\system32\windrvNT.sys ZwCreateFile
SSDT spmm.sys ZwCreateKey
SSDT spmm.sys ZwEnumerateKey
SSDT spmm.sys ZwEnumerateValueKey
SSDT \??\C:\WINDOWS\system32\windrvNT.sys ZwOpenFile
SSDT spmm.sys ZwOpenKey
SSDT \??\C:\WINDOWS\system32\windrvNT.sys ZwQueryDirectoryFile
SSDT \??\C:\WINDOWS\system32\windrvNT.sys ZwQueryInformationProcess
SSDT spmm.sys ZwQueryKey
SSDT spmm.sys ZwQueryValueKey
SSDT \??\C:\WINDOWS\system32\windrvNT.sys ZwSetInformationFile
SSDT spmm.sys ZwSetValueKey

---- Kernel code sections - GMER 1.0.13 ----

? spmm.sys The system cannot find the file specified.
.text USBPORT.SYS!DllUnload F682462C 5 Bytes JMP 863DC348
.text aoti9ev8.SYS F63AC384 1 Byte [ 20 ]
.text aoti9ev8.SYS F63AC386 35 Bytes [ 00, 68, 00, 00, 00, 00, 00, ... ]
.text aoti9ev8.SYS F63AC3AA 24 Bytes [ 00, 00, 20, 00, 00, E0, 00, ... ]
.text aoti9ev8.SYS F63AC3C4 3 Bytes [ 00, 00, 00 ]
.text aoti9ev8.SYS F63AC3C9 1 Byte [ 00 ]
.text ...

---- User code sections - GMER 1.0.13 ----

.text C:\Program Files\MSN Messenger\msnmsgr.exe[452] kernel32.dll!SetUnhandledExceptionFilter 7C84467D 5 Bytes JMP 004DE392 C:\Program Files\MSN Messenger\msnmsgr.exe
.text C:\Program Files\ESET\ESET Smart Security\ekrn.exe[724] kernel32.dll!SetUnhandledExceptionFilter 7C84467D 4 Bytes [ C2, 04, 00, 00 ]

---- Kernel IAT/EAT - GMER 1.0.13 ----

IAT atapi.sys[HAL.dll!READ_PORT_UCHAR] [F7413046] spmm.sys
IAT atapi.sys[HAL.dll!READ_PORT_BUFFER_USHORT] [F7413142] spmm.sys
IAT atapi.sys[HAL.dll!READ_PORT_USHORT] [F74130C4] spmm.sys
IAT atapi.sys[HAL.dll!WRITE_PORT_BUFFER_USHORT] [F74137CE] spmm.sys
IAT atapi.sys[HAL.dll!WRITE_PORT_UCHAR] [F74136A4] spmm.sys
IAT \SystemRoot\System32\Drivers\aoti9ev8.SYS[HAL.dll!KfAcquireSpinLock] 6C000000
IAT \SystemRoot\System32\Drivers\aoti9ev8.SYS[HAL.dll!READ_PORT_UCHAR] 56000000
IAT \SystemRoot\System32\Drivers\aoti9ev8.SYS[HAL.dll!KeGetCurrentIrql] F4000000
IAT \SystemRoot\System32\Drivers\aoti9ev8.SYS[HAL.dll!KfRaiseIrql] EA000000
IAT \SystemRoot\System32\Drivers\aoti9ev8.SYS[HAL.dll!KfLowerIrql] 65000000
IAT \SystemRoot\System32\Drivers\aoti9ev8.SYS[HAL.dll!HalGetInterruptVector] 7A000000
IAT \SystemRoot\System32\Drivers\aoti9ev8.SYS[HAL.dll!HalTranslateBusAddress] AE000000
IAT \SystemRoot\System32\Drivers\aoti9ev8.SYS[HAL.dll!KeStallExecutionProcessor] 08000000
IAT \SystemRoot\System32\Drivers\aoti9ev8.SYS[HAL.dll!KfReleaseSpinLock] BA000000
IAT \SystemRoot\System32\Drivers\aoti9ev8.SYS[HAL.dll!READ_PORT_BUFFER_USHORT] 78000000
IAT \SystemRoot\System32\Drivers\aoti9ev8.SYS[HAL.dll!READ_PORT_USHORT] 25000000
IAT \SystemRoot\System32\Drivers\aoti9ev8.SYS[HAL.dll!WRITE_PORT_BUFFER_USHORT] 2E000000
IAT \SystemRoot\System32\Drivers\aoti9ev8.SYS[HAL.dll!WRITE_PORT_UCHAR] 1C000000
IAT \SystemRoot\System32\Drivers\aoti9ev8.SYS[WMILIB.SYS!WmiSystemControl] B4000000
IAT \SystemRoot\System32\Drivers\aoti9ev8.SYS[WMILIB.SYS!WmiCompleteRequest] C6000000
IAT \SystemRoot\system32\DRIVERS\i8042prt.sys[HAL.dll!READ_PORT_UCHAR] [F741ED7A] spmm.sys

Device \FileSystem\Ntfs \Ntfs IRP_MJ_CREATE 8676B1F8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_CLOSE 8676B1F8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_READ 8676B1F8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_WRITE 8676B1F8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_INFORMATION 8676B1F8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_SET_INFORMATION 8676B1F8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_EA 8676B1F8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_SET_EA 8676B1F8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_FLUSH_BUFFERS 8676B1F8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_VOLUME_INFORMATION 8676B1F8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_SET_VOLUME_INFORMATION 8676B1F8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_DIRECTORY_CONTROL 8676B1F8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_FILE_SYSTEM_CONTROL 8676B1F8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_DEVICE_CONTROL 8676B1F8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_SHUTDOWN 8676B1F8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_LOCK_CONTROL 8676B1F8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_CLEANUP 8676B1F8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_SECURITY 8676B1F8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_SET_SECURITY 8676B1F8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_QUOTA 8676B1F8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_SET_QUOTA 8676B1F8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_PNP 8676B1F8

AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_CREATE [B85844B2] eamon.sys
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_CREATE_NAMED_PIPE [B85843C8] eamon.sys
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_CLOSE [B85843C8] eamon.sys
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_READ [B85843C8] eamon.sys
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_WRITE [B85843C8] eamon.sys
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_INFORMATION [B85843C8] eamon.sys
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_SET_INFORMATION [B85843C8] eamon.sys
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_EA [B85843C8] eamon.sys
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_SET_EA [B85843C8] eamon.sys
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_FLUSH_BUFFERS [B85843C8] eamon.sys
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_VOLUME_INFORMATION [B85843C8] eamon.sys
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_SET_VOLUME_INFORMATION [B85843C8] eamon.sys
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_DIRECTORY_CONTROL [B85843C8] eamon.sys
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_FILE_SYSTEM_CONTROL [B8584BD2] eamon.sys
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_DEVICE_CONTROL [B85843C8] eamon.sys
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_INTERNAL_DEVICE_CONTROL [B85843C8] eamon.sys
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_SHUTDOWN [B85843C8] eamon.sys
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_LOCK_CONTROL [B85843C8] eamon.sys
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_CLEANUP [B858488E] eamon.sys
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_CREATE_MAILSLOT [B85843C8] eamon.sys
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_SECURITY [B85843C8] eamon.sys
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_SET_SECURITY [B85843C8] eamon.sys
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_POWER [B85843C8] eamon.sys
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_SYSTEM_CONTROL [B85843C8] eamon.sys
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_DEVICE_CHANGE [B85843C8] eamon.sys
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_QUOTA [B85843C8] eamon.sys
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_SET_QUOTA [B85843C8] eamon.sys
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_CREATE [BAF444CA] epfwtdi.sys
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_CREATE_NAMED_PIPE [BAF444CA] epfwtdi.sys
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_CLOSE [BAF444CA] epfwtdi.sys
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_READ [BAF444CA] epfwtdi.sys
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_WRITE [BAF444CA] epfwtdi.sys
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_QUERY_INFORMATION [BAF444CA] epfwtdi.sys
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_SET_INFORMATION [BAF444CA] epfwtdi.sys
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_QUERY_EA [BAF444CA] epfwtdi.sys
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_SET_EA [BAF444CA] epfwtdi.sys
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_FLUSH_BUFFERS [BAF444CA] epfwtdi.sys
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_QUERY_VOLUME_INFORMATION [BAF444CA] epfwtdi.sys
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_SET_VOLUME_INFORMATION [BAF444CA] epfwtdi.sys
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_DIRECTORY_CONTROL [BAF444CA] epfwtdi.sys
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_FILE_SYSTEM_CONTROL [BAF444CA] epfwtdi.sys
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_DEVICE_CONTROL [BAF444CA] epfwtdi.sys
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_INTERNAL_DEVICE_CONTROL [BAF444CA] epfwtdi.sys
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_SHUTDOWN [BAF444CA] epfwtdi.sys
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_LOCK_CONTROL [BAF444CA] epfwtdi.sys
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_CLEANUP [BAF444CA] epfwtdi.sys
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_CREATE_MAILSLOT [BAF444CA] epfwtdi.sys
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_QUERY_SECURITY [BAF444CA] epfwtdi.sys
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_SET_SECURITY [BAF444CA] epfwtdi.sys
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_POWER [BAF444CA] epfwtdi.sys
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_SYSTEM_CONTROL [BAF444CA] epfwtdi.sys
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_DEVICE_CHANGE [BAF444CA] epfwtdi.sys
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_QUERY_QUOTA [BAF444CA] epfwtdi.sys
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_SET_QUOTA [BAF444CA] epfwtdi.sys

Device \Driver\usbuhci \Device\USBPDO-0 IRP_MJ_CREATE 863E8368
Device \Driver\usbuhci \Device\USBPDO-0 IRP_MJ_CLOSE 863E8368
Device \Driver\usbuhci \Device\USBPDO-0 IRP_MJ_DEVICE_CONTROL 863E8368
Device \Driver\usbuhci \Device\USBPDO-0 IRP_MJ_INTERNAL_DEVICE_CONTROL 863E8368
Device \Driver\usbuhci \Device\USBPDO-0 IRP_MJ_POWER 863E8368
Device \Driver\usbuhci \Device\USBPDO-0 IRP_MJ_SYSTEM_CONTROL 863E8368
Device \Driver\usbuhci \Device\USBPDO-0 IRP_MJ_PNP 863E8368
Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_CREATE 8676D1F8
Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_CLOSE 8676D1F8
Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_READ 8676D1F8
Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_WRITE 8676D1F8
Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_FLUSH_BUFFERS 8676D1F8
Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_DEVICE_CONTROL 8676D1F8
Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_INTERNAL_DEVICE_CONTROL 8676D1F8
Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_SHUTDOWN 8676D1F8
Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_POWER 8676D1F8
Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_SYSTEM_CONTROL 8676D1F8
Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_PNP 8676D1F8
Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_CREATE 8676D1F8
Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_CLOSE 8676D1F8
Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_READ 8676D1F8
Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_WRITE 8676D1F8
Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_FLUSH_BUFFERS 8676D1F8
Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_DEVICE_CONTROL 8676D1F8
Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_INTERNAL_DEVICE_CONTROL 8676D1F8
Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_SHUTDOWN 8676D1F8
Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_POWER 8676D1F8
Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_SYSTEM_CONTROL 8676D1F8
Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_PNP 8676D1F8
Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_CREATE 8676D1F8
Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_CLOSE 8676D1F8
Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_READ 8676D1F8
Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_WRITE 8676D1F8
Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_FLUSH_BUFFERS 8676D1F8
Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_DEVICE_CONTROL 8676D1F8
Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_INTERNAL_DEVICE_CONTROL 8676D1F8
Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_SHUTDOWN 8676D1F8
Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_POWER 8676D1F8
Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_SYSTEM_CONTROL 8676D1F8
Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_PNP 8676D1F8
Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_CREATE 8676D1F8
Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_CLOSE 8676D1F8
Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_READ 8676D1F8
Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_WRITE 8676D1F8
Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_FLUSH_BUFFERS 8676D1F8
Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_DEVICE_CONTROL 8676D1F8
Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_INTERNAL_DEVICE_CONTROL 8676D1F8
Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_SHUTDOWN 8676D1F8
Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_POWER 8676D1F8
Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_SYSTEM_CONTROL 8676D1F8
Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_PNP 8676D1F8
Device \Driver\usbuhci \Device\USBPDO-1 IRP_MJ_CREATE

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

test 2

GMER 1.0.13.12551 - [Link mogu videti samo ulogovani korisnici]
Autostart scan 2008-01-17 12:21:10
Windows 5.1.2600 Service Pack 2


HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems@Windows = %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,3072,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16

HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon@Userinit = C:\WINDOWS\system32\userinit.exe,

HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent@DLLName = Ati2evxx.dll

HKLM\SYSTEM\CurrentControlSet\Services\ >>>
Ati HotKey Poller@ = %SystemRoot%\system32\Ati2evxx.exe
ekrn /*Eset Service*/@ = "C:\Program Files\ESET\ESET Smart Security\ekrn.exe"
Spooler /*Print Spooler*/@ = %SystemRoot%\system32\spoolsv.exe
StarWindServiceAE /*StarWind AE Service*/@ = C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe

HKLM\Software\Microsoft\Windows\CurrentVersion\Run >>>
@egui"C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice = "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
@SoundManSOUNDMAN.EXE = SOUNDMAN.EXE
@GrooveMonitor"C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" = "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"

HKCU\Software\Microsoft\Windows\CurrentVersion\Run >>>
@CTFMON.EXEC:\WINDOWS\system32\ctfmon.exe = C:\WINDOWS\system32\ctfmon.exe
@Skype"C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized = "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
@msnmsgr"C:\Program Files\MSN Messenger\msnmsgr.exe" /background = "C:\Program Files\MSN Messenger\msnmsgr.exe" /background

HKLM\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad@WPDShServiceObj = C:\WINDOWS\system32\WPDShServiceObj.dll

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks@{B5A7F190-DDA6-4420-B3BA-52453494E6CD} = C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL

HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved >>>
@{42071714-76d4-11d1-8b24-00a0c9068ff3} /*Display Panning CPL Extension*/deskpan.dll /*file not found*/ = deskpan.dll /*file not found*/
@{596AB062-B4D2-4215-9F74-E9109B0A8153} /*Previous Versions Property Page*/%SystemRoot%\system32\twext.dll = %SystemRoot%\system32\twext.dll
@{9DB7A13C-F208-4981-8353-73CC61AE2783} /*Previous Versions*/%SystemRoot%\system32\twext.dll = %SystemRoot%\system32\twext.dll
@{00E7B358-F65B-4dcf-83DF-CD026B94BFD4} /*Autoplay for SlideShow*/(null) =
@{692F0339-CBAA-47e6-B5B5-3B84DB604E87} /*Extensions Manager Folder*/%SystemRoot%\system32\extmgr.dll = %SystemRoot%\system32\extmgr.dll
@{e82a2d71-5b2f-43a0-97b8-81be15854de8} /*ShellLink for Application References*/C:\WINDOWS\system32\dfshim.dll = C:\WINDOWS\system32\dfshim.dll
@{E37E2028-CE1A-4f42-AF05-6CEABC4E5D75} /*Shell Icon Handler for Application References*/C:\WINDOWS\system32\dfshim.dll = C:\WINDOWS\system32\dfshim.dll
@{B41DB860-8EE4-11D2-9906-E49FADC173CA} /*WinRAR shell extension*/C:\Program Files\WinRAR\rarext.dll = C:\Program Files\WinRAR\rarext.dll
@{FC9FB64A-1EB2-4CCF-AF5E-1A497A9B5C2D} /*Messenger Sharing Folders*/C:\Program Files\MSN Messenger\fsshext.8.1.0178.00.dll = C:\Program Files\MSN Messenger\fsshext.8.1.0178.00.dll
@{B089FE88-FB52-11D3-BDF1-0050DA34150D} /*Eset Smart Security - Context Menu Shell Extension*/C:\Program Files\ESET\ESET Smart Security\shellExt.dll = C:\Program Files\ESET\ESET Smart Security\shellExt.dll
@{ABC70703-32AF-11d4-90C4-D483A70F4825} /*CMenuExtender*/C:\WINDOWS\BricoPacks\Vista Inspirat 2\iColorFolder\CMExt.dll = C:\WINDOWS\BricoPacks\Vista Inspirat 2\iColorFolder\CMExt.dll
@{35786D3C-B075-49b9-88DD-029876E11C01} /*Portable Devices*/%SystemRoot%\system32\wpdshext.dll = %SystemRoot%\system32\wpdshext.dll
@{D6791A63-E7E2-4fee-BF52-5DED8E86E9B8} /*Portable Devices Menu*/%SystemRoot%\system32\wpdshext.dll = %SystemRoot%\system32\wpdshext.dll
@{4858E7D9-8E12-45a3-B6A3-1CD128C9D403} /*TuneUp Shredder Shell Extension*/C:\Program Files\TuneUp Utilities 2008\SDShelEx-win32.dll = C:\Program Files\TuneUp Utilities 2008\SDShelEx-win32.dll
@{44440D00-FF19-4AFC-B765-9A0970567D97} /*TuneUp Theme Extension*/%SystemRoot%\System32\uxtuneup.dll = %SystemRoot%\System32\uxtuneup.dll
@{B327765E-D724-4347-8B16-78AE18552FC3} /*NeroDigitalIconHandler*/C:\Program Files\Common Files\Nero\Lib\NeroDigitalExt.dll = C:\Program Files\Common Files\Nero\Lib\NeroDigitalExt.dll
@{7F1CF152-04F8-453A-B34C-E609530A9DC8} /*NeroDigitalPropSheetHandler*/C:\Program Files\Common Files\Nero\Lib\NeroDigitalExt.dll = C:\Program Files\Common Files\Nero\Lib\NeroDigitalExt.dll
@{0561EC90-CE54-4f0c-9C55-E226110A740C} /*Haali Column Provider*/C:\Program Files\Haali\MatroskaSplitter\mmfinfo.dll = C:\Program Files\Haali\MatroskaSplitter\mmfinfo.dll
@{5574006C-28F5-4a65-A28C-74DE6BFBE0BB} /*Haali Matroska Shell Property Page*/C:\Program Files\Haali\MatroskaSplitter\mmfinfo.dll = C:\Program Files\Haali\MatroskaSplitter\mmfinfo.dll
@{327669A0-59A7-4be9-B99E-1C9F3A57611A} /*Haali Matroska Thumbnail Extractor*/C:\Program Files\Haali\MatroskaSplitter\mmfinfo.dll = C:\Program Files\Haali\MatroskaSplitter\mmfinfo.dll
@{BDEADF00-C265-11D0-BCED-00A0C90AB50F} /*Web Folders*/C:\Program Files\Common Files\Microsoft Shared\Web Folders\MSONSEXT.DLL = C:\Program Files\Common Files\Microsoft Shared\Web Folders\MSONSEXT.DLL
@{72853161-30C5-4D22-B7F9-0BBC1D38A37E} /*Groove GFS Browser Helper*/C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL = C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
@{2A541AE1-5BF6-4665-A8A3-CFA9672E4291} /*Groove GFS Explorer Bar*/C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL = C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
@{A449600E-1DC6-4232-B948-9BD794D62056} /*Groove GFS Stub Icon Handler*/C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL = C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
@{B5A7F190-DDA6-4420-B3BA-52453494E6CD} /*Groove GFS Stub Execution Hook*/C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL = C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
@{6C467336-8281-4E60-8204-430CED96822D} /*Groove GFS Context Menu Handler*/C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL = C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
@{387E725D-DC16-4D76-B310-2C93ED4752A0} /*Groove XML Icon Handler*/C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL = C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
@{16F3DD56-1AF5-4347-846D-7C10C4192619} /*Groove Explorer Icon Overlay 3 (GFS Folder)*/C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL = C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
@{AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} /*Groove Explorer Icon Overlay 2 (GFS Stub)*/C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL = C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
@{2916C86E-86A6-43FE-8112-43ABE6BF8DCC} /*Groove Explorer Icon Overlay 4 (GFS Unread Mark)*/C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL = C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
@{99FD978C-D287-4F50-827F-B2C658EDA8E7} /*Groove Explorer Icon Overlay 1 (GFS Unread Stub)*/C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL = C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
@{920E6DB1-9907-4370-B3A0-BAFC03D81399} /*Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)*/C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL = C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
@{0006F045-0000-0000-C000-000000000046} /*Microsoft Office Outlook Custom Icon Handler*/C:\PROGRA~1\MICROS~2\Office12\OLKFSTUB.DLL = C:\PROGRA~1\MICROS~2\Office12\OLKFSTUB.DLL
@{00020D75-0000-0000-C000-000000000046} /*Microsoft Office Outlook Desktop Icon Handler*/C:\PROGRA~1\MICROS~2\Office12\MLSHEXT.DLL = C:\PROGRA~1\MICROS~2\Office12\MLSHEXT.DLL
@{5858A72C-C2B4-4dd7-B2BF-B76DB1BD9F6C} /*Microsoft Office OneNote Namespace Extension for Windows Desktop Search*/C:\PROGRA~1\MICROS~2\Office12\ONFILTER.DLL = C:\PROGRA~1\MICROS~2\Office12\ONFILTER.DLL
@{42042206-2D85-11D3-8CFF-005004838597} /*Microsoft Office HTML Icon Handler*/C:\Program Files\Microsoft Office\Office12\msohevi.dll = C:\Program Files\Microsoft Office\Office12\msohevi.dll
@{993BE281-6695-4BA5-8A2A-7AACBFAAB69E} /*Microsoft Office Metadata Handler*/C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll = C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll
@{C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97} /*Microsoft Office Thumbnail Handler*/C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll = C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll

HKLM\Software\Classes\*\shellex\ContextMenuHandlers\ >>>
Eset Smart Security - Context Menu Shell Extension@{B089FE88-FB52-11D3-BDF1-0050DA34150D} = C:\Program Files\ESET\ESET Smart Security\shellExt.dll
TuneUp Shredder Shell Extension@{4858E7D9-8E12-45a3-B6A3-1CD128C9D403} = C:\Program Files\TuneUp Utilities 2008\SDShelEx-win32.dll
WinRAR@{B41DB860-8EE4-11D2-9906-E49FADC173CA} = C:\Program Files\WinRAR\rarext.dll
XXX Groove GFS Context Menu Handler XXX@{6C467336-8281-4E60-8204-430CED96822D} = C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL

HKLM\Software\Classes\Directory\shellex\ContextMenuHandlers\ >>>
CMenuExtender@{ABC70703-32AF-11d4-90C4-D483A70F4825} = C:\WINDOWS\BricoPacks\Vista Inspirat 2\iColorFolder\CMExt.dll
TuneUp Shredder Shell Extension@{4858E7D9-8E12-45a3-B6A3-1CD128C9D403} = C:\Program Files\TuneUp Utilities 2008\SDShelEx-win32.dll
WinRAR@{B41DB860-8EE4-11D2-9906-E49FADC173CA} = C:\Program Files\WinRAR\rarext.dll
XXX Groove GFS Context Menu Handler XXX@{6C467336-8281-4E60-8204-430CED96822D} = C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL

HKLM\Software\Classes\Folder\shellex\ContextMenuHandlers\ >>>
Eset Smart Security - Context Menu Shell Extension@{B089FE88-FB52-11D3-BDF1-0050DA34150D} = C:\Program Files\ESET\ESET Smart Security\shellExt.dll
WinRAR@{B41DB860-8EE4-11D2-9906-E49FADC173CA} = C:\Program Files\WinRAR\rarext.dll
XXX Groove GFS Context Menu Handler XXX@{6C467336-8281-4E60-8204-430CED96822D} = C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects >>>
@{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll = C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
@{4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C}C:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL = C:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL
@{72853161-30C5-4D22-B7F9-0BBC1D38A37E}C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL = C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
@{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll = C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
@{9030D464-4C02-4ABF-8ECC-5164760863C6}C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll = C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
@{d4e072dd-f9ed-48a9-bfeb-281ff450d298}C:\Program Files\dloader\tbdloa.dll = C:\Program Files\dloader\tbdloa.dll

HKLM\Software\Microsoft\Internet Explorer\Main >>>
@Default_Page_URLhttp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome = [Link mogu videti samo ulogovani korisnici]
@Start [Link mogu videti samo ulogovani korisnici]{SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home = [Link mogu videti samo ulogovani korisnici]{SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
@Local Page%SystemRoot%\system32\blank.htm = %SystemRoot%\system32\blank.htm

HKCU\Software\Microsoft\Internet Explorer\Main >>>
@Start [Link mogu videti samo ulogovani korisnici]
= [Link mogu videti samo ulogovani korisnici]

@Local PageC:\WINDOWS\system32\blank.htm = C:\WINDOWS\system32\blank.htm

HKLM\Software\Classes\PROTOCOLS\Filter\text/xml@CLSID = C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL

HKLM\Software\Classes\PROTOCOLS\Handler\ >>>
dvd@CLSID = C:\WINDOWS\system32\msvidctl.dll
grooveLocalGWS@CLSID = C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
its@CLSID = C:\WINDOWS\system32\itss.dll
livecall@CLSID = C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
mhtml@CLSID = %SystemRoot%\system32\inetcomm.dll
ms-help@CLSID = C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
ms-its@CLSID = C:\WINDOWS\system32\itss.dll
msnim@CLSID = C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
skype4com@CLSID = C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
tv@CLSID = C:\WINDOWS\system32\msvidctl.dll

HKLM\Software\Classes\PROTOCOLS\Handler\wia@CLSID = C:\WINDOWS\system32\wiascr.dll

C:\Documents and Settings\Prle\Start Menu\Programs\Startup >>>
RocketDock.lnk = RocketDock.lnk
TransBar.lnk = TransBar.lnk
UberIcon.lnk = UberIcon.lnk
Y'z Shadow.lnk = Y'z Shadow.lnk

---- EOF - GMER 1.0.13 ----


Safe mod jos ne radi

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Upload-uj mi sledeći file: C:\Windows\System32\Drivers\aoti9ev8.SYS

Upload link: [Link mogu videti samo ulogovani korisnici]

-------------------------------------------------------------------------------------


Ponovi rootkit skeniranje sa Gmer-om (samo prvo skeniranje) i priloži snimljeni logfile uz poruku (koristi opciju Prikači fajl).

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Uloguj se preko Facebooka da bi skinuo fajl:

Nemogu da uplodujem fajl-- aoti9ev8.SYS--jer jednostavno nemogu da ga pronadjem na putanji-C:\Windows\System32\Drivers\aoti9ev8.SYS-proverio sam vise puta..sigurno ga nema.........

Prvo skeniranj Gmer-om;
[Link mogu videti samo ulogovani korisnici]

Dopuna: 18 Jan 2008 6:46

glisa05 ::Nemogu da uplodujem fajl-- aoti9ev8.SYS--jer jednostavno nemogu da ga pronadjem na putanji-C:\Windows\System32\Drivers\aoti9ev8.SYS-proverio sam vise puta..sigurno ga nema.........

Prvo skeniranj Gmer-om;
[Link mogu videti samo ulogovani korisnici]

Safe mod mi i dalje nece da mi se pokrene....???

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Ovako... Ovde nema ni jednog traga malware-u.

Šta ti prouzrokuje probleme, to ti ne mogu reći. No, siguran sam da nisu prouzrokovani malware-om - stoga, ovde smo gotovi.
Ako želiš, možeš potražiti savet u nekom drugom podforumu (npr. Windows).

Mada, ja bih preporučio da odradiš Repair Windows-a, a ako to ne pomogne, onda ''čistu'' instalaciju. Naravno, ti odlučuješ...

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Puno hvala na ulozenome trudu da mi pomognete i nasavetu...sve najbolje udaljem radu....!!!!!