MyCity » Ambulanta -> Arhiva Ambulante » resycled/boot.com

resycled/boot.com

Napisano na dan: 17.12.2008

Strana:
1
2

resycled/boot.com

Sledeća strana

Pagination

Odgovori

Strana:
1
2

dreamer050 Poslao: 17 Dec 2008 18:50 Idi na vrh
offline dreamer050 Građanin Pridružio: 10 Okt 2008 Poruke: 38 Gde živiš: Rijeka	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Svako dobro! Imam nekoliko problema s kompjuterom, i zaista ne znam ni odakle bih počela. Prvo: na hardu imam tri particije: C, D i E. C particija se normalno otvara, a kad pokušavam lijevim klikom otvoriti particije D i E, javlja mi se ova obavjest: resycled/boot.com is not a valid Win 32 application Particije se mogu otvoriti jedino pomoću desnog klika i opcije explore... Nije toliko strašno, ali bih voljel znati o čemu je riječ. Drugo: Kod podizanja Windowsa javlja mi se prozor sa obavješću da je instaliran novi hardver, i traži drivere za njega... Ne znam o čemu bi moglo biti riječi, i trebam li možda uploadati drivere? Inače, riječ je o novoj instalaciji Windowsa (zbog nemogućnosti instaliranja WLM-a, nepodizanja sustava nakon restarta - morala sam svaki put ponovo restartati, ići na tipku F8 i birati podizanje sa harda i inače "čudnog" rada). Zahvaljujem na svakoj pomoći! Dopuna: 17 Dec 2008 18:48 Evo i log od HijackThis-a... Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 18:42:18, on 17.12.2008 Platform: Windows XP SP3, v.5657 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16762) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\ESET\ESET Smart Security\egui.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\SmartPCTools\Registry Repair Wizard\RCHelper.exe C:\Program Files\NETGATE\Spy Emergency 2008\SpyEmergency.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files\MSN Messenger\MsnMsgr.Exe C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe C:\Program Files\ESET\ESET Smart Security\ekrn.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Common Files\LightScribe\LSSrvc.exe C:\Program Files\CDBurnerXP\NMSAccessU.exe C:\Program Files\NETGATE\Spy Emergency 2008\SpyEmergencySrv.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = go.microsoft.com/fwlink/?LinkId=69157 O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [Registry Repair Wizard Scheduler] "C:\Program Files\SmartPCTools\Registry Repair Wizard\RCHelper.exe" /startup O4 - HKCU\..\Run: [SpyEmergency] C:\Program Files\NETGATE\Spy Emergency 2008\SpyEmergency.exe O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O17 - HKLM\System\CCS\Services\Tcpip\..\{FBC8DE23-02F6-4306-85DC-AE4613BD1AA2}: NameServer = 195.29.149.196 195.29.149.197 O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Droppix Service - Droppix - C:\Program Files\Common Files\Droppix\DxService.exe O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe O23 - Service: Spy Emergency Engine Service (SpyEmrgSrv) - NETGATE Technologies s.r.o. - C:\Program Files\NETGATE\Spy Emergency 2008\SpyEmergencySrv.exe O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe -- End of file - 7175 bytes Dopuna: 17 Dec 2008 18:50 Evo i log od HijackThis-a... Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 18:42:18, on 17.12.2008 Platform: Windows XP SP3, v.5657 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16762) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\ESET\ESET Smart Security\egui.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\SmartPCTools\Registry Repair Wizard\RCHelper.exe C:\Program Files\NETGATE\Spy Emergency 2008\SpyEmergency.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files\MSN Messenger\MsnMsgr.Exe C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe C:\Program Files\ESET\ESET Smart Security\ekrn.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Common Files\LightScribe\LSSrvc.exe C:\Program Files\CDBurnerXP\NMSAccessU.exe C:\Program Files\NETGATE\Spy Emergency 2008\SpyEmergencySrv.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = go.microsoft.com/fwlink/?LinkId=69157 O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [Registry Repair Wizard Scheduler] "C:\Program Files\SmartPCTools\Registry Repair Wizard\RCHelper.exe" /startup O4 - HKCU\..\Run: [SpyEmergency] C:\Program Files\NETGATE\Spy Emergency 2008\SpyEmergency.exe O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O17 - HKLM\System\CCS\Services\Tcpip\..\{FBC8DE23-02F6-4306-85DC-AE4613BD1AA2}: NameServer = 195.29.149.196 195.29.149.197 O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Droppix Service - Droppix - C:\Program Files\Common Files\Droppix\DxService.exe O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe O23 - Service: Spy Emergency Engine Service (SpyEmrgSrv) - NETGATE Technologies s.r.o. - C:\Program Files\NETGATE\Spy Emergency 2008\SpyEmergencySrv.exe O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe -- End of file - 7175 bytes

Profil

bobby Poslao: 17 Dec 2008 18:51 Idi na vrh
offline bobby Administrator Pridružio: 04 Sep 2003 Poruke: 24135 Gde živiš: Wien	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Skini ComboFix sa jedne od sledecih adresa na Desktop: http://download.bleepingcomputer.com/sUBs/ComboFix.exe http://www.forospyware.com/sUBs/ComboFix.exe http://subs.geekstogo.com/ComboFix.exe Startuj ga i ne diraj prozor programa dok skenira. Sledi uputstva na ekranu. Kada zavrsi pojavice se log (C:\ComboFix.txt) koji ces nam ovde iskopirati.

Profil

dreamer050 Poslao: 17 Dec 2008 19:11 Idi na vrh
offline dreamer050 Građanin Pridružio: 10 Okt 2008 Poruke: 38 Gde živiš: Rijeka	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Evo Loga, nisam mogla prije, jer sam morala praviti novu konekciju na internet... Uh... ComboFix 08-12-16.03 - Natasa 2008-12-17 18:55:59.1 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1535.862 [GMT 1:00] Running from: c:\documents and settings\Natasa\Desktop\ComboFix.exe * Created a new restore point * Resident AV is active . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . D:\Autorun.inf D:\resycled d:\resycled\boot.com E:\Autorun.inf E:\resycled e:\resycled\boot.com . ((((((((((((((((((((((((( Files Created from 2008-11-17 to 2008-12-17 ))))))))))))))))))))))))))))))) . 2008-12-17 17:47 . 2008-12-17 17:47 <DIR> d-------- c:\windows\Sun 2008-12-17 17:45 . 2008-12-17 17:45 <DIR> d-------- c:\windows\LastGood 2008-12-17 17:45 . 2008-12-17 17:45 142 --a------ c:\windows\system32\spupdsvc.inf 2008-12-17 09:47 . 2008-12-17 09:47 268 --ah----- C:\sqmdata00.sqm 2008-12-17 09:47 . 2008-12-17 09:47 244 --ah----- C:\sqmnoopt00.sqm 2008-12-17 09:46 . 2007-11-30 23:26 221,184 --a------ c:\windows\system32\wmpns.dll 2008-12-17 09:39 . 2008-12-17 09:40 <DIR> d-------- c:\program files\Rjecnik 2008-12-17 09:39 . 2008-12-17 09:39 249,856 --------- c:\windows\Setup1.exe 2008-12-17 09:39 . 2008-12-17 09:39 73,216 --a------ c:\windows\ST6UNST.EXE 2008-12-17 09:31 . 2008-12-17 09:31 <DIR> d-------- c:\program files\eRjecnik11 2008-12-17 09:31 . 2008-12-17 09:31 <DIR> d-------- c:\program files\Common Files\Borland Shared 2008-12-17 09:31 . 1999-11-12 06:11 183,808 --a------ c:\windows\system32\bdeadmin.cpl 2008-12-17 09:29 . 2008-06-13 12:05 272,128 --------- c:\windows\system32\drivers\bthport.sys 2008-12-17 09:29 . 2008-06-13 12:05 272,128 -----c--- c:\windows\system32\dllcache\bthport.sys 2008-12-17 09:28 . 2008-10-16 21:38 6,066,176 -----c--- c:\windows\system32\dllcache\ieframe.dll 2008-12-17 09:28 . 2007-04-17 10:32 2,455,488 -----c--- c:\windows\system32\dllcache\ieapfltr.dat 2008-12-17 09:28 . 2007-03-08 06:10 991,232 -----c--- c:\windows\system32\dllcache\ieframe.dll.mui 2008-12-17 09:28 . 2008-10-16 21:38 459,264 -----c--- c:\windows\system32\dllcache\msfeeds.dll 2008-12-17 09:28 . 2008-10-16 21:38 383,488 -----c--- c:\windows\system32\dllcache\ieapfltr.dll 2008-12-17 09:28 . 2008-10-16 21:38 267,776 -----c--- c:\windows\system32\dllcache\iertutil.dll 2008-12-17 09:28 . 2008-10-16 21:38 63,488 -----c--- c:\windows\system32\dllcache\icardie.dll 2008-12-17 09:28 . 2008-10-16 21:38 52,224 -----c--- c:\windows\system32\dllcache\msfeedsbs.dll 2008-12-17 09:28 . 2006-10-26 19:56 32,592 --a------ c:\windows\system32\msonpmon.dll 2008-12-17 09:28 . 2008-10-16 14:11 13,824 -----c--- c:\windows\system32\dllcache\ieudinit.exe 2008-12-17 09:26 . 2008-12-17 09:26 <DIR> d-------- c:\program files\Microsoft Works 2008-12-17 09:23 . 2008-12-17 09:23 <DIR> d-------- c:\program files\Microsoft.NET 2008-12-17 09:22 . 2008-08-14 11:11 2,189,184 -----c--- c:\windows\system32\dllcache\ntoskrnl.exe 2008-12-17 09:22 . 2008-08-14 11:09 2,145,280 -----c--- c:\windows\system32\dllcache\ntkrnlmp.exe 2008-12-17 09:22 . 2008-08-14 10:33 2,066,048 -----c--- c:\windows\system32\dllcache\ntkrnlpa.exe 2008-12-17 09:22 . 2008-08-14 10:33 2,023,936 -----c--- c:\windows\system32\dllcache\ntkrpamp.exe 2008-12-17 09:21 . 2008-10-24 12:21 455,296 -----c--- c:\windows\system32\dllcache\mrxsmb.sys 2008-12-17 09:20 . 2008-12-17 09:20 <DIR> d-------- c:\program files\Microsoft Visual Studio 8 2008-12-17 09:19 . 2008-12-17 09:25 <DIR> d-------- c:\windows\SHELLNEW 2008-12-17 09:18 . 2008-12-17 09:18 <DIR> dr-h----- C:\MSOCache 2008-12-17 09:18 . 2008-12-17 09:28 <DIR> d-------- c:\documents and settings\All Users\Application Data\Microsoft Help 2008-12-17 09:11 . 2008-12-17 09:31 <DIR> d--h----- c:\program files\InstallShield Installation Information 2008-12-17 09:11 . 2005-06-17 10:32 18,751,488 -ra------ c:\windows\system32\ALSNDMGR.CPL 2008-12-17 09:11 . 2005-06-17 10:28 9,409,536 -ra------ c:\windows\system32\RTLCPL.EXE 2008-12-17 09:11 . 2005-06-16 17:24 2,324,160 -ra------ c:\windows\system32\drivers\ALCXWDM.SYS 2008-12-17 09:11 . 2005-06-02 09:31 294,912 -r------- c:\windows\alcupd.exe 2008-12-17 09:11 . 2005-06-02 09:43 200,704 -r------- c:\windows\alcrmv.exe 2008-12-17 09:11 . 2004-09-07 07:23 156,672 -ra------ c:\windows\system32\RTLCPAPI.dll 2008-12-17 09:11 . 2002-02-05 06:54 141,016 -ra------ c:\windows\system32\ALSNDMGR.WAV 2008-12-17 09:11 . 2005-06-14 11:36 77,824 -ra------ c:\windows\SOUNDMAN.EXE 2008-12-17 09:11 . 2005-05-18 06:38 40,960 -r------- c:\windows\system32\ChCfg.exe 2008-12-17 09:10 . 2008-12-17 09:10 <DIR> d-------- c:\program files\Common Files\InstallShield 2008-12-17 09:10 . 2000-03-29 07:17 5,824 --a------ c:\windows\system32\drivers\ASUSHWIO.SYS 2008-12-17 09:10 . 2008-12-17 09:10 4,700 --a------ c:\windows\Ascd_tmp.ini 2008-12-17 09:08 . 2008-12-17 09:08 <DIR> d-------- c:\documents and settings\Natasa\Contacts 2008-12-17 09:06 . 2008-12-17 09:06 <DIR> d-------- c:\program files\MSN Messenger 2008-12-17 08:58 . 2008-12-17 09:50 <DIR> d--h----- c:\windows\$hf_mig$ 2008-12-17 08:36 . 2008-12-17 08:36 <DIR> d-------- c:\program files\Real 2008-12-17 08:36 . 2008-12-17 08:36 <DIR> d-------- c:\program files\Common Files\xing shared 2008-12-17 08:36 . 2008-12-17 08:36 <DIR> d-------- c:\program files\Common Files\Real 2008-12-17 08:28 . 2008-12-17 08:33 <DIR> d-------- c:\documents and settings\Natasa\Application Data\Apple Computer 2008-12-17 08:28 . 2008-04-17 13:12 107,368 --a------ c:\windows\system32\GEARAspi.dll 2008-12-17 08:28 . 2008-04-17 13:12 15,464 --a------ c:\windows\system32\drivers\GEARAspiWDM.sys 2008-12-17 08:27 . 2008-12-17 08:28 <DIR> d----c--- c:\windows\system32\DRVSTORE 2008-12-17 08:27 . 2008-12-17 08:27 <DIR> d-------- c:\program files\QuickTime 2008-12-17 08:27 . 2008-12-17 08:28 <DIR> d-------- c:\program files\iTunes 2008-12-17 08:27 . 2008-12-17 08:27 <DIR> d-------- c:\program files\iPod 2008-12-17 08:27 . 2008-12-17 08:27 <DIR> d-------- c:\program files\Bonjour 2008-12-17 08:27 . 2008-12-17 08:27 <DIR> d-------- c:\program files\Apple Software Update 2008-12-17 08:27 . 2008-12-17 08:32 <DIR> d-------- c:\documents and settings\All Users\Application Data\Apple Computer 2008-12-17 08:27 . 2008-12-17 08:28 <DIR> d-------- c:\documents and settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6} 2008-12-17 08:26 . 2008-12-17 08:27 <DIR> d-------- c:\program files\Common Files\Apple 2008-12-17 08:26 . 2008-12-17 08:26 <DIR> d-------- c:\documents and settings\All Users\Application Data\Apple 2008-12-17 08:25 . 2008-12-17 08:25 685,913 --a------ c:\windows\unins004.exe 2008-12-17 08:25 . 2008-12-17 08:25 685,913 --a------ c:\windows\unins003.exe 2008-12-17 08:25 . 2008-12-17 08:25 685,913 --a------ c:\windows\unins002.exe 2008-12-17 08:25 . 2008-12-17 08:25 685,913 --a------ c:\windows\unins001.exe 2008-12-17 08:25 . 2008-12-17 08:25 17,434 --a------ c:\windows\unins001.dat 2008-12-17 08:25 . 2008-12-17 08:25 16,524 --a------ c:\windows\unins003.dat 2008-12-17 08:25 . 2008-12-17 08:25 12,821 --a------ c:\windows\unins002.dat 2008-12-17 08:25 . 2008-12-17 08:25 12,529 --a------ c:\windows\unins004.dat 2008-12-17 08:24 . 2008-12-17 08:24 685,913 --a------ c:\windows\unins000.exe 2008-12-17 08:24 . 2008-12-17 08:25 26,563 --a------ c:\windows\unins000.dat 2008-12-17 08:23 . 2008-12-17 08:23 <DIR> d-------- c:\program files\Droppix 2008-12-17 08:23 . 2008-12-17 08:23 <DIR> d-------- c:\program files\Common Files\LightScribe 2008-12-17 08:23 . 2008-12-17 08:23 <DIR> d-------- c:\program files\Common Files\Droppix 2008-12-17 08:23 . 2008-12-17 08:24 <DIR> d-------- c:\documents and settings\All Users\Application Data\Droppix 2008-12-17 08:23 . 2005-11-09 10:00 487,424 --a-s---- c:\windows\system32\msvcp70.dll 2008-12-17 08:23 . 2005-11-09 10:00 462,848 --a------ c:\windows\system32\HHActiveX.dll 2008-12-17 08:23 . 2005-11-09 10:00 344,064 -ra------ c:\windows\system32\msvcr70.dll 2008-12-17 08:23 . 2005-11-09 10:00 24,576 --a------ c:\windows\system32\msxml3a.dll 2008-12-17 08:22 . 2008-12-17 08:22 <DIR> d-------- c:\program files\uTorrent 2008-12-17 08:22 . 2008-12-17 09:02 <DIR> d-------- c:\documents and settings\Natasa\Application Data\uTorrent 2008-12-17 08:20 . 2008-12-17 08:21 <DIR> d-------- c:\documents and settings\All Users\Application Data\WinZip 2008-12-17 08:17 . 2008-12-17 08:17 <DIR> d-------- c:\program files\EZPhotoCalendarCreatorPlus 2008-12-17 08:16 . 2008-12-17 08:16 <DIR> d-------- c:\windows\Downloaded Installations 2008-12-17 07:59 . 2008-12-17 07:59 <DIR> d-------- c:\program files\CDBurnerXP 2008-12-17 07:55 . 2008-12-17 07:55 <DIR> d-------- c:\windows\system32\XPSViewer 2008-12-17 07:55 . 2008-12-17 07:55 <DIR> d-------- c:\program files\Reference Assemblies 2008-12-17 07:55 . 2008-12-17 09:25 <DIR> d-------- c:\program files\MSBuild 2008-12-17 07:55 . 2008-12-17 07:55 <DIR> d-------- C:\4102430da6902d564dfa 2008-12-17 07:55 . 2008-07-06 13:06 1,676,288 --------- c:\windows\system32\xpssvcs.dll 2008-12-17 07:55 . 2008-07-06 13:06 1,676,288 -----c--- c:\windows\system32\dllcache\xpssvcs.dll 2008-12-17 07:55 . 2008-07-06 11:50 597,504 -----c--- c:\windows\system32\dllcache\printfilterpipelinesvc.exe 2008-12-17 07:55 . 2008-07-06 13:06 575,488 --------- c:\windows\system32\xpsshhdr.dll 2008-12-17 07:55 . 2008-07-06 13:06 575,488 -----c--- c:\windows\system32\dllcache\xpsshhdr.dll 2008-12-17 07:55 . 2008-07-06 13:06 117,760 --------- c:\windows\system32\prntvpt.dll 2008-12-17 07:55 . 2008-07-06 13:06 89,088 -----c--- c:\windows\system32\dllcache\filterpipelineprintproc.dll 2008-12-17 07:55 . 2007-11-30 12:18 26,488 --a------ c:\windows\system32\spupdsvc.exe 2008-12-17 07:40 . 2008-12-17 07:40 410,984 --a------ c:\windows\system32\deploytk.dll 2008-12-17 07:40 . 2008-12-17 07:40 73,728 --a------ c:\windows\system32\javacpl.cpl 2008-12-17 07:38 . 2008-12-17 07:38 <DIR> d-------- c:\program files\Trend Micro 2008-12-17 07:32 . 2008-12-17 09:03 <DIR> d-------- c:\program files\Spybot - Search & Destroy 2008-12-17 07:32 . 2008-12-17 07:37 <DIR> d-------- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy 2008-12-17 07:29 . 2008-12-17 07:29 <DIR> d-------- c:\program files\FastStone Capture 2008-12-17 07:29 . 2008-12-17 07:29 <DIR> d-------- c:\documents and settings\Natasa\Application Data\FastStone 2008-12-17 07:28 . 2008-12-17 07:28 <DIR> d-------- c:\program files\7-Zip 2008-12-17 07:26 . 2008-12-17 07:26 <DIR> d-------- c:\program files\TuneUp Utilities 2008 2008-12-17 07:26 . 2008-12-17 07:26 <DIR> d-------- c:\documents and settings\Natasa\Application Data\TuneUp Software 2008-12-17 07:26 . 2008-12-17 07:26 <DIR> d-------- c:\documents and settings\All Users\Application Data\TuneUp Software 2008-12-17 07:26 . 2008-12-17 07:26 355,584 --a------ c:\windows\system32\TuneUpDefragService.exe 2008-12-17 07:26 . 2008-05-29 09:28 28,416 --a------ c:\windows\system32\uxtuneup.dll 2008-12-17 07:25 . 2008-12-17 07:25 <DIR> d-------- c:\program files\Common Files\Wise Installation Wizard 2008-12-17 07:14 . 2008-01-07 14:29 352 --ah----- c:\windows\nod32fixtemdono.reg 2008-12-17 07:06 . 2008-12-17 07:06 <DIR> d-------- c:\documents and settings\Natasa\Application Data\ESET 2008-12-17 07:05 . 2008-12-17 07:05 <DIR> d-------- c:\program files\ESET 2008-12-17 07:05 . 2008-12-17 07:05 <DIR> d-------- c:\documents and settings\All Users\Application Data\ESET 2008-12-17 07:04 . 2008-12-17 07:04 4,444 --a------ c:\windows\system32\pid.PNF 2008-12-17 07:02 . 2007-12-01 01:25 4,274,816 --a------ c:\windows\system32\nv4_disp.dll 2008-12-17 07:01 . 2008-12-17 07:01 <DIR> d-------- c:\program files\Common Files\Adobe 2008-12-17 07:01 . 2007-12-01 01:26 74,240 --a------ c:\windows\system32\usbui.dll . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-12-17 16:42 --------- d---a-w c:\documents and settings\All Users\Application Data\TEMP 2008-12-17 08:15 --------- d-----w c:\documents and settings\Natasa\Application Data\Spy Emergency 2008-12-17 07:36 499,712 ----a-w c:\windows\system32\msvcp71.dll 2008-12-17 07:36 348,160 ----a-w c:\windows\system32\msvcr71.dll 2008-12-17 06:40 --------- d-----w c:\program files\Java 2008-12-17 05:58 --------- d-----w c:\program files\GeoVid 2008-12-17 05:58 --------- d-----w c:\program files\Common Files\GeoVid 2008-12-17 05:58 --------- d-----w c:\documents and settings\All Users\Application Data\GeoVid 2008-12-17 05:57 --------- d-----w c:\program files\Common Files\Java 2008-12-17 05:52 --------- d-----w c:\documents and settings\All Users\Application Data\Office Genuine Advantage 2008-12-17 05:46 --------- d-----w c:\program files\Your Uninstaller 2008 2008-12-17 05:45 --------- d-----w c:\documents and settings\Natasa\Application Data\URSoft 2008-12-17 05:44 --------- d-----w c:\program files\Malwarebytes' Anti-Malware 2008-12-17 05:44 --------- d-----w c:\documents and settings\Natasa\Application Data\Malwarebytes 2008-12-17 05:44 --------- d-----w c:\documents and settings\All Users\Application Data\Malwarebytes 2008-12-17 05:43 --------- d-----w c:\program files\Windows Installer Clean Up 2008-12-17 05:43 --------- d-----w c:\program files\MSECACHE 2008-12-17 05:42 --------- d-----w c:\program files\Unlocker 2008-12-17 05:41 --------- d-----w c:\program files\Error Repair Professional 2008-12-17 05:35 --------- d-----w c:\documents and settings\Natasa\Application Data\Ashampoo 2008-12-17 05:34 --------- d-----w c:\documents and settings\All Users\Application Data\ashampoo 2008-12-17 05:33 --------- d-----w c:\program files\Ashampoo 2008-12-17 05:26 --------- d-----w c:\program files\XP Codec Pack 2008-12-17 05:26 --------- d-----w c:\program files\NETGATE 2008-12-17 05:26 --------- d-----w c:\documents and settings\All Users\Application Data\NETGATE 2008-12-17 05:24 --------- d-----w c:\program files\SmartPCTools 2008-12-17 05:11 --------- d-----w c:\program files\microsoft frontpage 2008-10-24 11:21 455,296 ----a-w c:\windows\system32\drivers\mrxsmb.sys 2008-10-23 12:36 286,720 ----a-w c:\windows\system32\gdi32.dll 2008-10-22 15:27 38,496 ----a-w c:\windows\system32\drivers\mbamswissarmy.sys 2008-10-22 15:27 15,504 ----a-w c:\windows\system32\drivers\mbam.sys 2008-10-16 20:38 826,368 ----a-w c:\windows\system32\wininet.dll 2008-10-16 13:13 202,776 ----a-w c:\windows\system32\wuweb.dll 2008-10-16 13:13 1,809,944 ----a-w c:\windows\system32\wuaueng.dll 2008-10-16 13:12 561,688 ----a-w c:\windows\system32\wuapi.dll 2008-10-16 13:12 323,608 ----a-w c:\windows\system32\wucltui.dll 2008-10-16 13:09 92,696 ----a-w c:\windows\system32\cdm.dll 2008-10-16 13:09 51,224 ----a-w c:\windows\system32\wuauclt.exe 2008-10-16 13:09 43,544 ----a-w c:\windows\system32\wups2.dll 2008-10-16 13:08 34,328 ----a-w c:\windows\system32\wups.dll 2008-10-03 10:02 247,326 ----a-w c:\windows\system32\strmdll.dll 2005-11-04 16:59 135,525 ----a-w c:\program files\Common Files\ReportPreview.app 2003-02-21 03:42 348,160 ----a-w c:\program files\msvcr71.dll . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2007-11-30 15360] "Registry Repair Wizard Scheduler"="c:\program files\SmartPCTools\Registry Repair Wizard\RCHelper.exe" [2008-11-24 1052928] "SpyEmergency"="c:\program files\NETGATE\Spy Emergency 2008\SpyEmergency.exe" [2008-10-16 1985080] "SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2008-09-16 1833296] "LightScribe Control Panel"="c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe" [2008-08-22 2363392] "MsnMsgr"="c:\program files\MSN Messenger\MsnMsgr.Exe" [2007-01-19 5674352] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2008-12-17 136600] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-15 39792] "egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2007-12-21 1443072] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2008-11-04 413696] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2008-11-20 290088] "TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2008-12-17 185896] "GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-27 31016] "SoundMan"="SOUNDMAN.EXE" [2005-06-14 c:\windows\SOUNDMAN.EXE] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "vidc.ffds"= ffdshow.ax "msacm.ac3filter"= ac3filter.acm [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] SecurityProviders msapsspc.dll, schannel.dll, digest.dll, credssp.dll, msnsspc.dll [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\uTorrent\\uTorrent.exe"= "c:\\Program Files\\Bonjour\\mDNSResponder.exe"= "c:\\Program Files\\iTunes\\iTunes.exe"= "c:\\Program Files\\MSN Messenger\\msnmsgr.exe"= "c:\\Program Files\\MSN Messenger\\livecall.exe"= "c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"= "c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"= "c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"= R1 SpyEmrg;Spy Emergency Driver;c:\windows\system32\Drivers\spyemrg.sys [2008-12-17 12344] R2 ekrn;Eset Service;"c:\program files\ESET\ESET Smart Security\ekrn.exe" [2007-12-21 468224] R2 SpyEmrgSrv;Spy Emergency Engine Service;c:\program files\NETGATE\Spy Emergency 2008\SpyEmergencySrv.exe [2008-12-17 727608] R3 SpyEmrgAccess;Spy Emergency OnAccess Driver;c:\windows\system32\Drivers\spyemrg_access.sys [2008-12-17 15288] R3 SpyEmrgGuard;Spy Emergency Real-Time Shield Driver;c:\windows\system32\Drivers\spyemrg_guard.sys [2008-12-17 14392] S2 spupdsvc;Windows Service Pack Installer update service;c:\windows\system32\spupdsvc.exe [2008-12-17 26488] S3 Droppix Service;Droppix Service;"c:\program files\Common Files\Droppix\DxService.exe" [2008-12-17 221184] S3 usnjsvc;Usluga Messenger Sharing Folders USN Journal Reader;"c:\program files\MSN Messenger\usnsvc.exe" [2007-01-19 97136] HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs UxTuneUp Newly Created Service - CATCHME Newly Created Service - PROCEXP90 [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}] "c:\program files\Common Files\LightScribe\LSRunOnce.exe" . Contents of the 'Scheduled Tasks' folder 2008-12-17 c:\windows\Tasks\1-Click Maintenance.job - c:\program files\TuneUp Utilities 2008\OneClickStarter.exe [2008-06-20 09:09] 2008-12-17 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 12:34] . . ------- Supplementary Scan ------- . IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 TCP: {FBC8DE23-02F6-4306-85DC-AE4613BD1AA2} = 195.29.149.196 195.29.149.197 FF - ProfilePath - c:\documents and settings\Natasa\Application Data\Mozilla\Firefox\Profiles\wi9e58mc.default\ . ************************************************************************ catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, gmer.net Rootkit scan 2008-12-17 18:57:07 Windows 5.1.2600 Service Pack 3, v.5657 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************ . Completion time: 2008-12-17 18:57:51 ComboFix-quarantined-files.txt 2008-12-17 17:57:49 Pre-Run: 31.224.799.232 bytes free Post-Run: 31,305,388,032 bytes free WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect 279 --- E O F --- 2008-12-17 16:45:36

Profil

bobby Poslao: 17 Dec 2008 19:29 Idi na vrh
offline bobby Administrator Pridružio: 04 Sep 2003 Poruke: 24135 Gde živiš: Wien	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Kako se sada kompjuter ponasa? Ima li jos uvek iste simptome?

Profil

dreamer050 Poslao: 17 Dec 2008 19:40 Idi na vrh
offline dreamer050 Građanin Pridružio: 10 Okt 2008 Poruke: 38 Gde živiš: Rijeka	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Hvala Vam puno! Particije se otvaraju normalno. Jedino ne znam zašto se kod podizanja Windowsa pojavljuju dva operativna sustava, jedan iznad a drugi ispod recovery console, a ja imam instaliran jedan - ovaj u C particiji. I zašto ne mogu kliknuti na taj sustav da pokrenem Windowse, nego moram čekati da se sami pokrenu, nakon nekog vremena... I taj neki hardver je ostao... Probati ću ići na instalaciju, sa Cd-a od matične ploče... Zadrugu opciju ne znam... Sve u svemu - veliki je uspjeh što se otvaraju particije! "Prošvrljaću" malo temama ovdje u Ambulanti, ma sigurno će biti nešto i za to podizanje... I inače volim "švrljati" ovuda, čitati... Učiti? Uh, ne ide mi baš to s učenjem... Još jednom - PUNO HVALA! Srdačan pozdrav!

Profil

bobby Poslao: 17 Dec 2008 19:50 Idi na vrh
offline bobby Administrator Pridružio: 04 Sep 2003 Poruke: 24135 Gde živiš: Wien	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Otvori Notepad, pa idi na menij File > Open... U dijalogu koji se bude otvorio, u liniji File name ukucaj c:\boot.ini Otvorice se kratak tekstualni fajl. Iskopiraj mi ovde sadrzaj tog fajla (Copy/Paste).

Profil

dreamer050 Poslao: 17 Dec 2008 20:02 Idi na vrh
offline dreamer050 Građanin Pridružio: 10 Okt 2008 Poruke: 38 Gde živiš: Rijeka	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Jesam... više puta, ali ništa ne otvara. Pojavljuje se mali prozorčić na kojem piše: The above file name is invalid Dopuna: 17 Dec 2008 20:02 Joj, joj... Ipak jesam... Hvala vam što gubite vrijeme sa mnom... [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS [operating systems] C:\CMDCONS\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect

Profil

bobby Poslao: 17 Dec 2008 20:13 Idi na vrh
offline bobby Administrator Pridružio: 04 Sep 2003 Poruke: 24135 Gde živiš: Wien	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Hmmm... Jako mi je bitno da znam da li se pojavljuje neka poruka pre nego sto krene startovanje sistema. Znaci, pojavi se taj menij sa Recovery Console i dva Windowsa, i ti tu moras da cekas. Da li se na kraju cekanja pojavljuje ikakva poruka, pa tek da onda krene ucitavanje? Vidi, ti imas u tom meniju opcije za startovanje Windowsa sa C particije, i sa D particije. Ja iz samog teksta menija ne mogu zakljuciti koja linija je za koju particiju. Moracemo utvrditi rucno. Otvori ponovo Boot.ini kao i malopre, i umesto originalnog teksta stavi sledeci: `[boot loader] timeout=30 default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS [operating systems] C:\CMDCONS\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Prvi" /noexecute=optin /fastdetect multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Drugi" /noexecute=optin /fastdetect` Onda fajl snimi na disk iz menija File > Save. Restartuj racunar, i kada se pojavi ovaj menij onda kursorom (tasteri sa strelicama na tastaturi) probaj opciju Prvi i stisni Enter na tastaturi. Ukoliko preko te opcije uspes da startujes Windows, onda se javi ovde za dalje instrukcije. Ukoliko opcija Prvi ne radi, onda probaj Drugi. Meni je bitno da znam koja od te dve opcije radi, a koja ne radi, da bi smo onu neispravnu izbacili iz menija.

Profil

dreamer050 Poslao: 17 Dec 2008 20:22 Idi na vrh
offline dreamer050 Građanin Pridružio: 10 Okt 2008 Poruke: 38 Gde živiš: Rijeka	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Ne da mi to... Evo slike... A ja idem probati restartati kompjuter...

Profil

bobby Poslao: 17 Dec 2008 20:27 Idi na vrh
offline bobby Administrator Pridružio: 04 Sep 2003 Poruke: 24135 Gde živiš: Wien	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Nemoj restartovati ukoliko se vec pojavila ova greska. Sada cu da ti napisem kako to da uradis na drugi nacin. Dopuna: 17 Dec 2008 20:27 Idi na dugme Start, pa na Run, pa u dijalogu koji se bude otvorio kucaj msconfig i klikni na OK. Otvorice se program. Gore odaberi karticu BOOT.INI. Klikni na dugme Check All Boot Paths i javi mi sta ti komp prijavljuje kao rezultat.

Profil

MyCity » Ambulanta -> Arhiva Ambulante » resycled/boot.com

Ko je trenutno na forumu

Ukupno su 1181 korisnika na forumu :: 33 registrovanih, 9 sakrivenih i 1139 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: Andrija357, Battlehammer, bojank, Dannyboy, Dimitrise93, dozorni, dushan, FileFinder, flash12, HrcAk47, ILGromovnik, laganini123, laurusri, Marko Marković, MB120mm, mercedesamg, Metanoja, Milos ZA, milutin134, mnn2, mocnijogurt, mustangkg, nikoladim, Petarvu, procesor, Romibrat, Srle993, stegonosa, StepskiVuk, Vatreni Zmaj, vukdra, wizzardone, Zoca

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by