Trojanci poremetili XP

bjede · 23.02.2010., 14:01

Poz,
pokupio sam nedavno tu neku gamad od trojanaca i sad mi je XP Pro SP3 blago s.....!
Prvo što sam primjetio je da su poremetili neke opcije foldera, tipa: isključim u Tools>Folder Options>View Show Hidden Files and folders ili Hide Protected Operating System Fles, ali kad ponovno uđem te opcije su i dalje zaključane! Isto tako onesposobili su System Restore u kojem nisam mogao ništa mijenjati.
Također, onesposobili su i AV program (AVG)!
Sljedeća stvar je da je nestalo zvukova u XP-u. Najprije nije bilo onih u Windows Exploreru (ulazak u foldere, Recycle Bin i dr.), a onda ni Start ni Turn Off zvukova. Inače glazbu reproducira bez problema.
Ovo je sve vjerojatno posljedica poremećenog Registryja, ali još jedan problem mi nije jasan...
Ne mogu u Safe Mode! Samo na sekundu proleti plavi ekran (DSOD!) i opet me izbaci na prijašnji menu (Safe Mode, Safe Mode with Command Prompt, ...).
Znate li u čemu je kvaka? Safe mode ne radi, a Windowsi rade.
Brisao sam tu gamad sa par antivirusa (System skenere nisam koristio budući da nemu u Safe Mode) i čini mi se da sam sve makao. Ali problemi su ostali.
Ima li kakvog rješenja za ovo sve skupa ili će Windowsi morati "pasti" što ne bih nikako želio?

P.S. Riječ je o laptopu DELL Studio 1735, WINDOWS XP SP3

nino · 23.02.2010., 14:18

Provuci Combofix, Malwarebytes ili Superantispyware, i taj AVG je u zadnje vrijeme u banani, nakon njega instalirao sam Kaspersky ili Nod i nasao hrpu trojanaca...

coconut · 23.02.2010., 15:01

Prije bilo kakvog čišćenja, isključi System Restore.

Doink the Clown · 23.02.2010., 15:05

I kolji štetočine u safe modeu

bjede · 23.02.2010., 18:36

Pa vidite li što sam napisao?!
Ne radi mi Safe Mode ni System Restore. Mogu skenirati samo u Normal Modeu? Probao sam SuperAntiSpawareom i Avirom. Makao sam sve što sam našao, više ne pronalazi ništa. Jedino ako se nije zavuklo u virtualnu memoriju...

nino · 23.02.2010., 18:41

Combofix je prosao?

bjede · 23.02.2010., 23:32

ComboFix 10-02-23.02 - Deni 02/23/2010 23:14:21.1.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3582.2939 [GMT 1:00]
Running from: d:\documents and settings\Deni\Desktop\Combofix\ComboFix.exe
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

d:\documents and settings\All Users\Application Data\Microsoft\Shortcuts\Bluetooth.lnk
d:\documents and settings\Deni\secupdat.dat
d:\recycler\S-1-5-21-1957994488-1177238915-1801674531-1003
d:\windows.0\system32\404Fix.exe
d:\windows.0\system32\Agent.OMZ.Fix.exe
d:\windows.0\system32\dumphive.exe
d:\windows.0\system32\IEDFix.C.exe
d:\windows.0\system32\IEDFix.exe
d:\windows.0\system32\msvcrt2.dll
d:\windows.0\system32\o4Patch.exe
d:\windows.0\system32\Process.exe
d:\windows.0\system32\qxzv8.exe
d:\windows.0\system32\secupdat.dat
d:\windows.0\system32\SrchSTS.exe
d:\windows.0\system32\stacsv.exe
d:\windows.0\system32\tmp.reg
d:\windows.0\system32\VACFix.exe
d:\windows.0\system32\VCCLSID.exe
d:\windows.0\system32\WS2Fix.exe

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_ICF
-------\Service_ICF

((((((((((((((((((((((((( Files Created from 2010-01-23 to 2010-02-23 )))))))))))))))))))))))))))))))
.

2010-02-23 22:05 . 2010-02-23 22:04 389120 ----a-w- d:\windows.0\system32\CF4761.exe
2010-02-23 11:58 . 2003-06-25 15:05 266360 ----a-w- d:\windows.0\system32\TweakUI.exe
2010-02-22 15:55 . 2010-02-22 15:55 -------- d-----w- d:\documents and settings\Deni\Application Data\Uniblue
2010-02-22 15:40 . 2010-02-22 15:54 -------- d-----w- d:\documents and settings\All Users\Application Data\RegCure
2010-02-22 15:38 . 2010-02-22 15:38 -------- d-----w- d:\windows.0\RegCure
2010-02-21 17:31 . 2009-11-25 12:01 1230080 ----a-w- d:\documents and settings\All Users\Application Data\AVG Security Toolbar\IEToolbar.dll
2010-02-21 16:53 . 2010-02-21 16:53 -------- d-----w- d:\documents and settings\Deni\Application Data\AVG9
2010-02-21 16:50 . 2010-02-21 16:39 3777280 ----a-w- d:\documents and settings\All Users\Application Data\avg9\update\backup\setup.exe
2010-02-21 16:50 . 2010-02-21 16:39 1260800 ----a-w- d:\documents and settings\All Users\Application Data\avg9\update\backup\avgfrw.exe
2010-02-21 16:42 . 2010-02-21 16:42 -------- d-----w- d:\documents and settings\Deni\Local Settings\Application Data\AVG Security Toolbar
2010-02-21 16:40 . 2010-02-21 17:08 -------- d-----w- D:\$AVG
2010-02-21 16:39 . 2010-02-21 16:39 360584 ----a-w- d:\windows.0\system32\drivers\avgtdix.sys
2010-02-21 16:39 . 2010-02-21 16:39 12464 ----a-w- d:\windows.0\system32\avgrsstx.dll
2010-02-21 16:39 . 2010-02-21 16:39 333192 ----a-w- d:\windows.0\system32\drivers\avgldx86.sys
2010-02-21 16:39 . 2010-02-21 16:39 28424 ----a-w- d:\windows.0\system32\drivers\avgmfx86.sys
2010-02-21 16:39 . 2010-02-23 11:48 -------- d-----w- d:\windows.0\system32\drivers\Avg
2010-02-21 16:39 . 2010-02-21 17:31 -------- d-----w- d:\documents and settings\All Users\Application Data\AVG Security Toolbar
2010-02-21 16:39 . 2010-02-23 17:11 -------- d-----w- d:\program files\AVG9
2010-02-21 16:39 . 2010-02-21 16:39 -------- d-----w- d:\program files\AVG
2010-02-21 16:39 . 2010-02-21 16:39 -------- d-----w- d:\documents and settings\All Users\Application Data\avg9
2010-02-20 16:42 . 2010-02-20 16:42 40128 ----a-w- d:\windows.0\system32\drivers\qhuoyepl.sys
2010-02-19 16:21 . 2010-02-19 16:28 -------- d-----w- d:\documents and settings\Deni\Local Settings\Application Data\www.pro-evo.xooit.fr
2010-02-19 16:14 . 2010-02-19 16:14 -------- d-----w- d:\program files\Microsoft Chart Controls
2010-02-19 16:08 . 2010-02-19 16:28 -------- d-----w- d:\documents and settings\Deni\Application Data\www.pro-evo.xooit.fr
2010-02-18 23:20 . 2007-09-14 01:44 331776 ----a-w- d:\windows.0\system32\stacapi.dll
2010-02-18 23:20 . 2010-02-18 23:20 -------- d-----w- d:\program files\IDT
2010-02-18 23:18 . 2008-03-10 17:18 57384 ----a-w- d:\windows.0\system32\drivers\btwhid.sys
2010-02-18 22:34 . 2010-02-18 22:34 -------- d-----w- d:\windows.0\Your Product
2010-02-18 20:40 . 2010-02-18 20:40 -------- d-----w- d:\program files\Common Files\xing shared
2010-02-18 20:40 . 2010-02-18 20:40 -------- d-----w- d:\program files\Real
2010-02-18 20:40 . 2010-02-18 20:40 -------- d-----w- d:\program files\Common Files\Real
2010-02-18 17:43 . 2010-02-20 16:42 40128 ----a-w- d:\windows.0\system32\drivers\gnalhltw.sys
2010-02-16 13:45 . 2010-02-16 17:55 56816 ----a-w- d:\windows.0\system32\drivers\avgntflt.sys
2010-02-15 23:24 . 2008-04-14 04:42 116224 -c--a-w- d:\windows.0\system32\dllcache\xrxwiadr.dll
2010-02-15 23:24 . 2001-08-17 21:36 23040 -c--a-w- d:\windows.0\system32\dllcache\xrxwbtmp.dll
2010-02-15 23:24 . 2008-04-14 04:42 18944 -c--a-w- d:\windows.0\system32\dllcache\xrxscnui.dll
2010-02-15 23:24 . 2001-08-17 21:37 27648 -c--a-w- d:\windows.0\system32\dllcache\xrxftplt.exe
2010-02-15 23:24 . 2001-08-17 21:37 4608 -c--a-w- d:\windows.0\system32\dllcache\xrxflnch.exe
2010-02-15 23:22 . 2001-08-17 21:37 99865 -c--a-w- d:\windows.0\system32\dllcache\xlog.exe
2010-02-15 23:22 . 2001-08-17 11:11 16970 -c--a-w- d:\windows.0\system32\dllcache\xem336n5.sys
2010-02-15 23:22 . 2008-04-13 21:04 19455 -c--a-w- d:\windows.0\system32\dllcache\wvchntxx.sys
2010-02-15 23:22 . 2008-04-13 21:04 12063 -c--a-w- d:\windows.0\system32\dllcache\wsiintxx.sys
2010-02-15 23:22 . 2008-04-14 04:42 8192 -c--a-w- d:\windows.0\system32\dllcache\wshirda.dll
2010-02-15 23:22 . 2008-04-13 21:05 154624 -c--a-w- d:\windows.0\system32\dllcache\wlluc48.sys
2010-02-15 23:22 . 2001-08-17 11:12 34890 -c--a-w- d:\windows.0\system32\dllcache\wlandrv2.sys
2010-02-15 23:22 . 2001-08-17 12:28 771581 -c--a-w- d:\windows.0\system32\dllcache\winacisa.sys
2010-02-15 23:22 . 2001-08-17 21:36 53760 -c--a-w- d:\windows.0\system32\dllcache\wiamsmud.dll
2010-02-15 23:20 . 2001-08-17 11:14 249402 -c--a-w- d:\windows.0\system32\dllcache\vinwm.sys
2010-02-15 23:19 . 2001-08-17 21:36 26624 -c--a-w- d:\windows.0\system32\dllcache\umaxu22.dll
2010-02-15 23:18 . 2001-08-17 13:56 315520 -c--a-w- d:\windows.0\system32\dllcache\trid3d.dll
2010-02-15 23:17 . 2001-08-17 12:52 7040 -c--a-w- d:\windows.0\system32\dllcache\tandqic.sys
2010-02-15 23:16 . 2001-08-17 12:51 16896 -c--a-w- d:\windows.0\system32\dllcache\stcusb.sys
2010-02-15 23:15 . 2008-04-14 10:00 5632 -c--a-w- d:\windows.0\system32\dllcache\smierrsy.dll
2010-02-15 23:14 . 2008-04-13 23:06 40960 -c--a-w- d:\windows.0\system32\dllcache\sisagp.sys
2010-02-15 23:13 . 2001-08-17 12:51 17280 -c--a-w- d:\windows.0\system32\dllcache\scr111.sys
2010-02-15 23:12 . 2008-04-14 04:42 27648 -c--a-w- d:\windows.0\system32\dllcache\rw430ext.dll
2010-02-15 23:11 . 2001-08-17 12:52 40448 -c--a-w- d:\windows.0\system32\dllcache\ql1240.sys
2010-02-15 23:10 . 2001-08-17 13:04 75776 -c--a-w- d:\windows.0\system32\dllcache\philcam1.sys
2010-02-15 23:09 . 2001-08-17 13:05 351616 -c--a-w- d:\windows.0\system32\dllcache\ovcodek2.sys
2010-02-15 23:08 . 2001-08-17 11:20 126080 -c--a-w- d:\windows.0\system32\dllcache\nm5a2wdm.sys
2010-02-15 23:07 . 2008-04-13 23:13 12672 -c--a-w- d:\windows.0\system32\dllcache\mutohpen.sys
2010-02-15 23:06 . 2001-08-17 12:52 6528 -c--a-w- d:\windows.0\system32\dllcache\miniqic.sys
2010-02-15 23:05 . 2001-08-17 11:12 70730 -c--a-w- d:\windows.0\system32\dllcache\lne100tx.sys
2010-02-15 23:04 . 2008-04-13 23:15 46592 -c--a-w- d:\windows.0\system32\dllcache\irbus.sys
2010-02-15 23:03 . 2001-08-17 11:12 109085 -c--a-w- d:\windows.0\system32\dllcache\ibmtrp.sys
2010-02-15 23:02 . 2001-08-17 12:28 199711 -c--a-w- d:\windows.0\system32\dllcache\hsf_faxx.sys
2010-02-15 23:01 . 2008-04-13 23:10 28288 -c--a-w- d:\windows.0\system32\dllcache\grserial.sys
2010-02-15 23:00 . 2008-04-14 10:00 14336 -c--a-w- d:\windows.0\system32\dllcache\exstrace.dll
2010-02-15 22:59 . 2001-08-17 12:28 634134 -c--a-w- d:\windows.0\system32\dllcache\el656ct5.sys
2010-02-15 22:58 . 2001-08-17 21:36 102484 -c--a-w- d:\windows.0\system32\dllcache\digiinf.dll
2010-02-15 22:57 . 2008-04-14 10:00 24064 -c--a-w- d:\windows.0\system32\dllcache\compfilt.dll
2010-02-15 22:56 . 2001-08-17 21:36 81408 -c--a-w- d:\windows.0\system32\dllcache\brmfcwia.dll
2010-02-15 22:55 . 2008-04-13 23:06 44928 -c--a-w- d:\windows.0\system32\dllcache\agpcpq.sys
2010-02-15 22:54 . 2004-05-12 23:39 598071 -c--a-w- d:\windows.0\system32\dllcache\fpmmc.dll
2010-02-15 20:05 . 2010-01-20 12:16 52224 ----a-w- d:\documents and settings\Deni\Application Data\Mozilla\Firefox\Profiles\veth5itz.default\extensions\{d16373ed-a633-44f0-b69c-ef1dbf90b0da}\components\FFExternalAlert.dll
2010-02-15 20:05 . 2010-01-20 12:16 101376 ----a-w- d:\documents and settings\Deni\Application Data\Mozilla\Firefox\Profiles\veth5itz.default\extensions\{d16373ed-a633-44f0-b69c-ef1dbf90b0da}\components\RadioWMPCore.dll
2010-02-14 16:23 . 2010-02-14 16:23 -------- d-----w- d:\documents and settings\Deni\Local Settings\Application Data\vdownloader
2010-02-11 21:18 . 2010-02-19 13:24 -------- d-s---w- d:\documents and settings\Deni\UserData
2010-02-10 01:08 . 2010-02-10 01:08 -------- d-----w- D:\Godfather Trilogy_DVD
2010-02-05 15:27 . 2010-02-05 15:27 87552 ----a-w- d:\documents and settings\Deni\Local Settings\Application Data\bootrest.exe
2010-02-05 14:44 . 2009-03-23 16:39 20480 ----a-w- d:\windows.0\system32\scrnrdr.exe
2010-01-29 14:52 . 2010-01-29 14:52 -------- d-----w- d:\program files\DVDVideoSoft
2010-01-29 14:52 . 2010-01-29 14:52 -------- d-----w- d:\program files\Free YouTube to MP3 Converter
2010-01-29 14:52 . 2010-01-29 14:52 -------- d-----w- d:\program files\Common Files\DVDVideoSoft
2010-01-28 12:32 . 2010-01-28 12:32 664 ----a-w- d:\windows.0\system32\d3d9caps.dat
2010-01-27 14:38 . 2010-01-27 14:38 -------- d-----w- d:\program files\Common Files\Java
2010-01-27 14:38 . 2010-01-27 14:38 503808 ----a-w- d:\documents and settings\Deni\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-4074c285-n\msvcp71.dll
2010-01-27 14:38 . 2010-01-27 14:38 499712 ----a-w- d:\documents and settings\Deni\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-4074c285-n\jmc.dll
2010-01-27 14:38 . 2010-01-27 14:38 348160 ----a-w- d:\documents and settings\Deni\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-4074c285-n\msvcr71.dll
2010-01-27 14:38 . 2010-01-27 14:38 61440 ----a-w- d:\documents and settings\Deni\Application Data\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-6d8d51e9-n\decora-sse.dll
2010-01-27 14:38 . 2010-01-27 14:38 12800 ----a-w- d:\documents and settings\Deni\Application Data\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-6d8d51e9-n\decora-d3d.dll
2010-01-27 00:28 . 2010-02-06 18:22 1056 --sha-w- d:\windows.0\system32\KGyGaAvL.sys
2010-01-26 12:31 . 2010-01-26 12:31 -------- d-----w- d:\program files\HDDGURU LLF Tool

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-02-23 22:02 . 2009-10-13 13:48 -------- d-----w- d:\documents and settings\Deni\Application Data\uTorrent
2010-02-22 15:37 . 2009-10-14 11:21 -------- d---a-w- d:\documents and settings\All Users\Application Data\Temp
2010-02-19 16:08 . 2009-10-11 19:29 40288 ----a-w- d:\documents and settings\Deni\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2010-02-18 18:13 . 2009-11-08 21:28 -------- d-----w- d:\program files\IGRE
2010-02-16 22:38 . 2008-04-14 02:42 14336 ----a-w- d:\windows.0\system32\svchost.exe
2010-02-16 16:54 . 2009-10-11 21:49 0 ----a-w- d:\windows.0\ativpsrm.bin
2010-02-05 00:00 . 2009-10-13 13:43 -------- d-----w- d:\documents and settings\Deni\Application Data\Winamp
2010-02-04 15:13 . 2009-10-11 20:29 -------- d--h--w- d:\program files\InstallShield Installation Information
2010-01-30 23:46 . 2009-10-13 13:53 -------- d-----w- d:\program files\Common Files\Adobe
2010-01-27 14:38 . 2009-10-13 14:19 -------- d-----w- d:\program files\Java
2010-01-27 00:27 . 2009-10-13 14:08 -------- d-----w- d:\program files\BSplayerPro
2010-01-19 21:29 . 2009-10-13 14:34 -------- d-----w- d:\program files\Macromedia
2010-01-15 16:54 . 2010-01-15 16:43 -------- d-----w- d:\documents and settings\All Users\Application Data\ABBYY
2010-01-15 16:50 . 2010-01-15 16:50 -------- d-----w- d:\documents and settings\Deni\Application Data\ABBYY
2010-01-15 16:48 . 2010-01-15 16:42 -------- d-----w- d:\program files\ABBYY FineReader 9.0
2010-01-04 14:28 . 2009-12-04 16:52 -------- d-----w- d:\program files\Ulead Photo Express
2010-01-04 14:24 . 2010-01-04 14:23 -------- d-----w- d:\program files\Mustek 1200 UB Plus
2009-12-28 15:25 . 2009-12-28 15:24 -------- d-----w- d:\program files\Trust Digital Center
2009-12-17 16:14 . 2009-10-13 14:19 411368 ----a-w- d:\windows.0\system32\deploytk.dll
2009-12-01 16:01 . 2009-11-30 13:28 24575 ----a-w- d:\windows.0\system32\umssetwinsyspios5.dll
2009-11-30 13:22 . 2009-11-30 13:22 24575 ----a-w- d:\windows.0\system32\Pssetwinsyspios57.dat
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{A3BC75A2-1F87-4686-AA43-5347D756017C}"= "d:\program files\AVG9\Toolbar\IEToolbar.dll" [2009-11-25 1230080]

[HKEY_CLASSES_ROOT\clsid\{a3bc75a2-1f87-4686-aa43-5347d756017c}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "d:\program files\AVG9\Toolbar\IEToolbar.dll" [2009-11-25 1230080]

[HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "d:\program files\AVG9\Toolbar\IEToolbar.dll" [2009-11-25 1230080]

[HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AlcoholAutomount"="d:\program files\Alcohol 120\axcmd.exe" [2009-04-24 203928]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WheelMouse"="d:\program files\Wintech Mouse\4DMAIN.EXE" [2000-05-08 61440]
"TkBellExe"="d:\program files\Common Files\Real\Update_OB\realsched.exe" [2010-02-18 198160]
"SunJavaUpdateSched"="d:\program files\Common Files\Java\Java Update\jusched.exe" [2010-01-11 246504]
"StartCCC"="d:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-08-13 98304]
"RemoteControl9"="d:\program files\CyberLink\PowerDVD9\PDVD9Serv.exe" [2009-02-16 87336]
"PDVD9LanguageShortcut"="d:\program files\CyberLink\PowerDVD9\Language\Language.exe" [2008-10-13 50472]
"NBKeyScan"="d:\program files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2007-12-03 2213160]
"BDRegion"="d:\program files\Cyberlink\Shared Files\brs.exe" [2009-02-28 75048]
"Apoint"="d:\program files\DellTPad\Apoint.exe" [2007-12-14 159744]
"Adobe Reader Speed Launcher"="d:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-12-22 35760]
"Adobe ARM"="d:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-12-11 948672]

d:\documents and settings\All Users\Application Data\Microsoft\Shortcuts\
Microsoft Office.lnk - d:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]
Ulead Photo Express 3.0 SE Calendar Checker.lnk - d:\program files\Ulead Photo Express\CalCheck.exe [2009-12-4 61440]
Watch.lnk - d:\program files\Mustek 1200 UB Plus\Driver\WATCH.exe [2010-1-4 364544]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2010-02-21 16:39 12464 ----a-w- d:\windows.0\system32\avgrsstx.dll

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"d:\\Program Files\\uTorrent\\uTorrent.exe"=
"d:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"d:\\Program Files\\IGRE\\Pro Evolution Soccer 2010\\pes2010.exe"=
"d:\\Program Files\\Common Files\\Adobe\\CS4ServiceManager\\CS4ServiceManager.exe"=
"d:\\Program Files\\Real\\RealPlayer\\realplay.exe"=
"d:\\Program Files\\AVG9\\avgupd.exe"=
"d:\\Program Files\\AVG9\\avgnsx.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5353:TCP"= 5353:TCP:Adobe CSI CS4

R0 gnalhltw;gnalhltw;d:\windows.0\system32\drivers\gnalhltw.sys [2/18/2010 6:43 PM 40128]
R0 sptd;sptd;d:\windows.0\system32\drivers\sptd.sys [10/13/2009 10:11 PM 721904]
R1 AvgLdx86;AVG Free AVI Loader Driver x86;d:\windows.0\system32\drivers\avgldx86.sys [2/21/2010 5:39 PM 333192]
R1 AvgTdiX;AVG Free Network Redirector;d:\windows.0\system32\drivers\avgtdix.sys [2/21/2010 5:39 PM 360584]
R2 {B154377D-700F-42cc-9474-23858FBDF4BD};Power Control [2009/10/14 13:24];d:\program files\CyberLink\PowerDVD9\000.fcl [2/28/2009 6:40 PM 87536]
R2 ABBYY.Licensing.FineReader.Professional.9.0;ABBYY FineReader 9.0 Licensing Service;d:\program files\ABBYY FineReader 9.0\NetworkLicenseServer.exe [9/24/2007 7:11 PM 566560]
R2 avg9wd;AVG Free WatchDog;d:\program files\AVG9\avgwdsvc.exe [2/21/2010 5:39 PM 285392]
R3 itecir;ITECIR Infrared Receiver;d:\windows.0\system32\drivers\itecir.sys [10/13/2009 2:24 PM 54784]
R3 k57w2k;Broadcom NetLink (TM) Gigabit Ethernet;d:\windows.0\system32\drivers\k57xp32.sys [10/11/2009 9:24 PM 174592]
R3 OA001Ufd;Creative Camera OA001 Upper Filter Driver;d:\windows.0\system32\drivers\OA001Ufd.sys [10/11/2009 9:29 PM 144672]
R3 OA001Vid;Creative Camera OA001 Function Driver;d:\windows.0\system32\drivers\OA001Vid.sys [10/11/2009 9:29 PM 277440]
S0 qhuoyepl;qhuoyepl;d:\windows.0\system32\drivers\qhuoyepl.sys [2/20/2010 5:42 PM 40128]
S2 vsrexsdny;Server Network;d:\windows.0\system32\svchost.exe -k netsvcs [4/14/2008 3:42 AM 14336]
S3 EverestDriver;Lavalys EVEREST Kernel Driver;d:\program files\EVEREST Ultimate Edition\kerneld.wnt [10/27/2009 8:06 PM 23152]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
vsrexsdny
.
Contents of the 'Scheduled Tasks' folder

2009-10-13 d:\windows.0\Tasks\AppleSoftwareUpdate.job
- d:\program files\Apple Software Update\SoftwareUpdate.exe [2006-08-29 12:21]

2010-02-23 d:\windows.0\Tasks\AWC AutoSweep.job
- d:\program files\IObit\Advanced SystemCare 3\AutoSweep.exe [2009-10-13 13:35]

2010-02-01 d:\windows.0\Tasks\AWC Update.job
- d:\program files\IObit\Advanced SystemCare 3\IObitUpdate.exe [2009-10-13 15:38]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.net.hr/
IE: E&xport to Microsoft Excel - d:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000
IE: Send to &Bluetooth Device... - d:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send To Bluetooth - d:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
FF - ProfilePath - d:\documents and settings\Deni\Application Data\Mozilla\Firefox\Profiles\veth5itz.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1867391&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - yuforum.net Customized Web Search
FF - prefs.js: browser.startup.homepage - www.net.hr
FF - prefs.js: keyword.URL - hxxp://us.yhs.search.yahoo.com/avg/search?fr=yhs-avg&type=yahoo_avg_hs2-tb-web_us&p=
FF - component: d:\documents and settings\Deni\Application Data\Mozilla\Firefox\Profiles\veth5itz.default\extensions\{d16373ed-a633-44f0-b69c-ef1dbf90b0da}\components\FFExternalAlert.dll
FF - component: d:\documents and settings\Deni\Application Data\Mozilla\Firefox\Profiles\veth5itz.default\extensions\{d16373ed-a633-44f0-b69c-ef1dbf90b0da}\components\RadioWMPCore.dll
FF - component: d:\program files\AVG9\Firefox\components\avgssff.dll
FF - component: d:\program files\AVG9\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils2.dll
FF - component: d:\program files\AVG9\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils3.dll
FF - component: d:\program files\AVG9\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils35.dll
FF - component: d:\program files\AVG9\Toolbar\Firefox\avg@igeared\components\xpavgtbapi.dll
FF - component: d:\program files\Real\RealPlayer\browserrecord\firefox\ext\components\nprpffbrowserrecordext.dll
FF - plugin: d:\documents and settings\Deni\Application Data\Mozilla\Firefox\Profiles\veth5itz.default\extensions\npnami@npnami.com\plugins\npnami.dll
.
- - - - ORPHANS REMOVED - - - -

URLSearchHooks-{00000000-6E41-4FD3-8538-502F5495E5FC} - (no file)
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-02-23 23:19
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net

device: opened successfully
user: MBR read successfully
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys iaStor.sys spsc.sys hal.dll >>UNKNOWN [0x8B555938]<<
kernel: MBR read successfully
detected MBR rootkit hooks:
\Driver\Disk -> CLASSPNP.SYS @ 0xba10cf28
\Driver\ACPI -> ACPI.sys @ 0xb9e66cb8
\Driver\iaStor -> iaStor.sys @ 0xb9d87580
IoDeviceObjectType -> DeleteProcedure -> ntkrnlpa.exe @ 0x805836a8
ParseProcedure -> ntkrnlpa.exe @ 0x805827e8
\Device\Harddisk0\DR0 -> DeleteProcedure -> ntkrnlpa.exe @ 0x805836a8
ParseProcedure -> ntkrnlpa.exe @ 0x805827e8
NDIS: -> SendCompleteHandler -> 0x0
PacketIndicateHandler -> 0x0
SendHandler -> 0x0
user & kernel MBR OK

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet003\Services\EverestDriver]
"ImagePath"="\??\d:\program files\EVEREST Ultimate Edition\kerneld.wnt"

[HKEY_LOCAL_MACHINE\System\ControlSet003\Services\{B154377D-700F-42cc-9474-23858FBDF4BD}]
"ImagePath"="\??\d:\program files\CyberLink\PowerDVD9\000.fcl"

[HKEY_LOCAL_MACHINE\System\ControlSet003\Services\vsrexsdny]
"ServiceDll"="d:\windows.0\system32\tygdhn.dll"
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_USERS\S-1-5-21-839522115-73586283-1177238915-1003\Software\SecuROM\License information*]
"datasecu"=hex:f2,5f,5a,06,6e,ea,6e,6f,c4,75,60,77,5d,15,33,f6,e5,86,d3,60,e6,
29,31,c0,b5,01,4a,93,d2,50,1c,d7,9f,92,ca,6b,15,55,ea,38,ff,e7,e9,94,28,85,\
"rkeysecu"=hex:a9,12,2f,01,7b,e9,00,cd,9c,3a,31,04,d5,37,83,76
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(808)
d:\windows.0\system32\Ati2evxx.dll

- - - - - - - > 'explorer.exe'(3840)
d:\windows.0\system32\btmmhook.dll
d:\windows.0\system32\stacapi.dll
.
------------------------ Other Running Processes ------------------------
.
d:\windows.0\system32\Ati2evxx.exe
d:\program files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
d:\windows.0\system32\Ati2evxx.exe
d:\program files\AVG9\avgchsvx.exe
d:\program files\AVG9\avgrsx.exe
d:\program files\AVG9\avgcsrvx.exe
d:\program files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
d:\program files\Java\jre6\bin\jqs.exe
d:\program files\Nero\Nero8\Nero BackItUp\NBService.exe
d:\program files\IDT\WDM\STacSV.exe
d:\program files\WIDCOMM\Bluetooth Software\BTTray.exe
d:\program files\AVG9\avgnsx.exe
d:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
d:\program files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
d:\progra~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE
d:\program files\Alcohol 120\StarWind\StarWindServiceAE.exe
d:\windows.0\system32\wdfmgr.exe
d:\windows.0\system32\wscntfy.exe
d:\windows.0\system32\taskmgr.exe
.
**************************************************************************
.
Completion time: 2010-02-23 23:23:18 - machine was rebooted
ComboFix-quarantined-files.txt 2010-02-23 22:23

Pre-Run: 21,766,991,872 bytes free
Post-Run: 21,801,902,080 bytes free

Current=3 Default=3 Failed=2 LastKnownGood=4 Sets=1,2,3,4
- - End Of File - - 40E489FCABB38AFA0936DBD60B6BAD97

Morao sam instalirati Windows Recovery Console pa mi se ona sad pojavljuje u odabiru kod podizanja windowsa. Može li se ona nekako maknuti?

nino · 23.02.2010., 23:45

1. Vidim da si windoze vec reinstalirao prije, disk d: i folder Windows.0
2. Kako vidim bio si pun sranja
3. Cini mi se da jos nisi cist i da ce se nesto od tih gamadi vratit.

4. recovery consolu makni iz "startup options"

bjede · 24.02.2010., 00:34

Citiraj:

Autor nino

1. Vidim da si windoze vec reinstalirao prije, disk d: i folder Windows.0
2. Kako vidim bio si pun sranja
3. Cini mi se da jos nisi cist i da ce se nesto od tih gamadi vratit.

4. recovery consolu makni iz "startup options"

1. Ne baš "prije", u 8. mjesecu.
2. Očito...

Mogu li sad izbrisati Quarantine folder od ComboFixa?
3. Zbog čega to misliš?
Vratio mi se startup, turn off i Recycle bin zvuk, ali još nema zvuka u Windows Exploreru.
4. Kako?

nino · 24.02.2010., 08:56

Citiraj:

Autor bjede

2. Očito...

Mogu li sad izbrisati Quarantine folder od ComboFixa?
3. Zbog čega to misliš?
Vratio mi se startup, turn off i Recycle bin zvuk, ali još nema zvuka u Windows Exploreru.
4. Kako?

2. Da (A zasto ti smeta?

)
3. Rekao si prije Combofixa... "Makao sam sve što sam našao, više ne pronalazi ništa." A bilo je jos toga, pa pukni jos Kaspersky unutra i dubinsko/analni scan napravi.
4. Makni crvenu stavku. (A zasto ti smeta?

)

zwer · 24.02.2010., 11:04

Moj savjet:

1. backupiraj dokumente i slike i sta vec
2. formatiraj sve diskove
3. instaliraj fine friske windowse
4. trueimage backup boot particije

Ovo trazenje igle u plastu sijena gdje provedes par sati sa svakim programom trazeci spyware, viruse i slicno - osim sto oduzima vremena, sigurno nema neku predobru sansu da vrati sistem u neko kvalitetno i dobro stanje. Ja to iz iskustva. Kad je OS u rasulu, sve ovo ga samo krpa i odgadja pravi posao

bjede · 24.02.2010., 12:42

Citiraj:

Autor nino

2. Da (A zasto ti smeta?

)
3. Rekao si prije Combofixa... "Makao sam sve što sam našao, više ne pronalazi ništa." A bilo je jos toga, pa pukni jos Kaspersky unutra i dubinsko/analni scan napravi.
4. Makni crvenu stavku. (A zasto ti smeta?

)

2. Ne smeta, nego u njemu je ova gamad koju je našao, pa sam mislio da bolje to maknuti.
3. Probat ću, a probat ću i Trojan Remover koji mi je preporučio lik koji je imao isti problem.

Hvala ti na objašnjenjima!

bjede · 24.02.2010., 14:04

Provrtio sam i sa Trojan Removerom i sad su se vratili Safe Mode i System Restore

, ali još uvijek nema zvukova u Windows Exploreru.

EDIT:
Sad sam primjetio da kad otiđem u Add/Remove programs, neki programi više nemaju nikakvih informacija (datum, veličina,...). Zašto su nestale?

Čini mi se da se stvorilo više problema nego što ih je bilo i da će na kraju ipak trebat rušit Windowse.

bjede · 27.02.2010., 02:04

Citiraj:

Autor bjede

Sad sam primjetio da kad otiđem u Add/Remove programs, neki programi više nemaju nikakvih informacija (datum, veličina,...). Zašto su nestale?

Zna li tko?

nino · 27.02.2010., 08:19

Napravi repair windowsa.

coconut · 27.02.2010., 08:48

Poslušaj zwer-ka.

Dottore · 27.02.2010., 10:43

Poslušaj Ferengija

bjede · 27.02.2010., 17:42

Citiraj:

Autor nino

Napravi repair windowsa.

Nemam tu opciju kad bootam cd od XP-a. Jel to ima svaki XP ili ne?

nino · 27.02.2010., 18:20

Normalni xp ima. Ako imas neki enlajtani, moguce da je maknuto....

Doink the Clown · 27.02.2010., 18:27

A da pokušaš system restore nabaciti na posljednji restore point prije te kalvarije s Trojanima sad kad ti je već system restore proradio?

bjede · 28.02.2010., 18:21

Citiraj:

Autor nino

Normalni xp ima. Ako imas neki enlajtani, moguce da je maknuto....

Kakav je to enlajtani?

Citiraj:

Autor Doink the Clown

A da pokušaš system restore nabaciti na posljednji restore point prije te kalvarije s Trojanima sad kad ti je već system restore proradio?

Nema smisla, virusi ostaju bez obzira na vraćanje na prethodno stanje. A i izbrisao sam sadržaj System Volume Information foldera jer se i u tu bila zavukla neka gamad.

nino · 28.02.2010., 19:35

Citiraj:

Autor bjede

Kakav je to enlajtani?....

nLite. Program koji omogucava kreiranje "svoje" verzije bootabilnog winxp cd-a, odnosno ubacivanje odredjenih drivera i programa u samu instalaciju, a moze posluziti i za "razanje" ili izbacivanje odredjenih stvari da bi instalacija bila sto "manja".

bjede · 28.02.2010., 19:50

Citiraj:

Autor nino

nLite. Program koji omogucava kreiranje "svoje" verzije bootabilnog winxp cd-a, odnosno ubacivanje odredjenih drivera i programa u samu instalaciju, a moze posluziti i za "razanje" ili izbacivanje odredjenih stvari da bi instalacija bila sto "manja".

Nije taj, ovo je normalni XP. Ne znam zašto onda nema opcije Repair?

greenfly · 28.02.2010., 19:58

Ako je "normalni", onda će ti OVO pomoći.

magna86 · 04.03.2010., 00:29

@blejde,ja ti mogu pomoci ako ti jos treba pomoc (verovatno je sad kasno ali..) ali moras pazljivo da pratis moja uputstva!

Citiraj:

Running from: d:\documents and settings\Deni\Desktop\Combofix\ComboFix.exe

ovo ovako nesme,Combofix se iskljucivo pokrece sa Desktop-a.
Obrisi samo ikonicu Combofix-a i sa zvanicnog sajta skini svez Combofix

Code:

http://www.bleepingcomputer.com/comb...o-use-combofix

kad to odradis nevrsi nikakve izmene dok ti ja nepregledam log

bjede · 04.03.2010., 01:00

Citiraj:

Autor magna86

@blejde,ja ti mogu pomoci ako ti jos treba pomoc (verovatno je sad kasno ali..) ali moras pazljivo da pratis moja uputstva!

ovo ovako nesme,Combofix se iskljucivo pokrece sa Desktop-a.
Obrisi samo ikonicu Combofix-a i sa zvanicnog sajta skini svez Combofix

Code:

http://www.bleepingcomputer.com/comb...o-use-combofix

kad to odradis nevrsi nikakve izmene dok ti ja nepregledam log

Pa i pokrenuto je s Desktopa. D: mi je sistemska particija.

magna86 · 06.03.2010., 17:48

nije pokrenuo sa desktopa,pokrenuo je iz foldera. Znam da je D: sistemska particija,nisam to ni osporio.

uzmi po uputstvu i pokreni ga i kopiraj mi log na forum. Ako pronadjem nesto u logu napisacu ti CFScript da bi to uklonili.

bjede · 07.03.2010., 14:49

Citiraj:

Autor magna86

nije pokrenuo sa desktopa,pokrenuo je iz foldera. Znam da je D: sistemska particija,nisam to ni osporio.

uzmi po uputstvu i pokreni ga i kopiraj mi log na forum. Ako pronadjem nesto u logu napisacu ti CFScript da bi to uklonili.

Kad sam ga zadnji put pokrenuo, ComboFix mi je onesposobio Virtual Drive od Alcohola? Kako to poslije opet omogućiti?

23.02.2010., 14:01	#1
bjede Premium Moj komp Datum registracije: Jul 2008 Lokacija: iza sedam mora, sedam gora Postovi: 245	Trojanci poremetili XP Poz, pokupio sam nedavno tu neku gamad od trojanaca i sad mi je XP Pro SP3 blago s.....! Prvo što sam primjetio je da su poremetili neke opcije foldera, tipa: isključim u Tools>Folder Options>View Show Hidden Files and folders ili Hide Protected Operating System Fles, ali kad ponovno uđem te opcije su i dalje zaključane! Isto tako onesposobili su System Restore u kojem nisam mogao ništa mijenjati. Također, onesposobili su i AV program (AVG)! Sljedeća stvar je da je nestalo zvukova u XP-u. Najprije nije bilo onih u Windows Exploreru (ulazak u foldere, Recycle Bin i dr.), a onda ni Start ni Turn Off zvukova. Inače glazbu reproducira bez problema. Ovo je sve vjerojatno posljedica poremećenog Registryja, ali još jedan problem mi nije jasan... Ne mogu u Safe Mode! Samo na sekundu proleti plavi ekran (DSOD!) i opet me izbaci na prijašnji menu (Safe Mode, Safe Mode with Command Prompt, ...). Znate li u čemu je kvaka? Safe mode ne radi, a Windowsi rade. Brisao sam tu gamad sa par antivirusa (System skenere nisam koristio budući da nemu u Safe Mode) i čini mi se da sam sve makao. Ali problemi su ostali. Ima li kakvog rješenja za ovo sve skupa ili će Windowsi morati "pasti" što ne bih nikako želio? P.S. Riječ je o laptopu DELL Studio 1735, WINDOWS XP SP3

23.02.2010., 14:18	#2
nino PizzoZder Moj komp Datum registracije: Jan 2003 Lokacija: Umag Postovi: 12,419	Provuci Combofix, Malwarebytes ili Superantispyware, i taj AVG je u zadnje vrijeme u banani, nakon njega instalirao sam Kaspersky ili Nod i nasao hrpu trojanaca... __________________ Prodajem kucu na klizistu.. Nije puno presla..... Member Of PC Ekspert 100+kg Demolition Squad NAJNOVIJE = Povoljno RAM..http://www.downloadmoreram.com/... tor i AMD kupili.... NOVO! Prodajem visokokvalitetni tropleteni hardverski konac za fixiranje coolera

23.02.2010., 15:01	#3
coconut Premium Moj komp Datum registracije: Mar 2006 Lokacija: Opatija Postovi: 33,344	Prije bilo kakvog čišćenja, isključi System Restore. __________________ "Dvije stvari su beskonačne - svemir i ljudska glupost. Za svemir nisam siguran." A. Einstein

23.02.2010., 15:05	#4
Doink the Clown Jack of all, master of none Moj komp Datum registracije: Jan 2009 Lokacija: Matulji - Rijeka Postovi: 6,214	I kolji štetočine u safe modeu __________________ C L O W N I N G A R O U N D

23.02.2010., 18:41	#6
nino PizzoZder Moj komp Datum registracije: Jan 2003 Lokacija: Umag Postovi: 12,419	Combofix je prosao? __________________ Prodajem kucu na klizistu.. Nije puno presla..... Member Of PC Ekspert 100+kg Demolition Squad NAJNOVIJE = Povoljno RAM..http://www.downloadmoreram.com/... tor i AMD kupili.... NOVO! Prodajem visokokvalitetni tropleteni hardverski konac za fixiranje coolera

23.02.2010., 18:36	#5
bjede Premium Moj komp Datum registracije: Jul 2008 Lokacija: iza sedam mora, sedam gora Postovi: 245	Pa vidite li što sam napisao?! Ne radi mi Safe Mode ni System Restore. Mogu skenirati samo u Normal Modeu? Probao sam SuperAntiSpawareom i Avirom. Makao sam sve što sam našao, više ne pronalazi ništa. Jedino ako se nije zavuklo u virtualnu memoriju...

23.02.2010., 23:45	#8
nino PizzoZder Moj komp Datum registracije: Jan 2003 Lokacija: Umag Postovi: 12,419	1. Vidim da si windoze vec reinstalirao prije, disk d: i folder Windows.0 2. Kako vidim bio si pun sranja 3. Cini mi se da jos nisi cist i da ce se nesto od tih gamadi vratit. 4. recovery consolu makni iz "startup options" __________________ Prodajem kucu na klizistu.. Nije puno presla..... Member Of PC Ekspert 100+kg Demolition Squad NAJNOVIJE = Povoljno RAM..http://www.downloadmoreram.com/... tor i AMD kupili.... NOVO! Prodajem visokokvalitetni tropleteni hardverski konac za fixiranje coolera

24.02.2010., 11:04	#11
zwer crnjo Moj komp Datum registracije: Mar 2003 Lokacija: Zagreb Postovi: 1,893	Moj savjet: 1. backupiraj dokumente i slike i sta vec 2. formatiraj sve diskove 3. instaliraj fine friske windowse 4. trueimage backup boot particije Ovo trazenje igle u plastu sijena gdje provedes par sati sa svakim programom trazeci spyware, viruse i slicno - osim sto oduzima vremena, sigurno nema neku predobru sansu da vrati sistem u neko kvalitetno i dobro stanje. Ja to iz iskustva. Kad je OS u rasulu, sve ovo ga samo krpa i odgadja pravi posao __________________ sound powered by B&W/Denon

24.02.2010., 14:04	#13
bjede Premium Moj komp Datum registracije: Jul 2008 Lokacija: iza sedam mora, sedam gora Postovi: 245	Provrtio sam i sa Trojan Removerom i sad su se vratili Safe Mode i System Restore, ali još uvijek nema zvukova u Windows Exploreru. EDIT: Sad sam primjetio da kad otiđem u Add/Remove programs, neki programi više nemaju nikakvih informacija (datum, veličina,...). Zašto su nestale? Čini mi se da se stvorilo više problema nego što ih je bilo i da će na kraju ipak trebat rušit Windowse. Zadnje izmijenjeno od: bjede. 25.02.2010. u 00:40.

27.02.2010., 08:19	#15
nino PizzoZder Moj komp Datum registracije: Jan 2003 Lokacija: Umag Postovi: 12,419	Napravi repair windowsa. __________________ Prodajem kucu na klizistu.. Nije puno presla..... Member Of PC Ekspert 100+kg Demolition Squad NAJNOVIJE = Povoljno RAM..http://www.downloadmoreram.com/... tor i AMD kupili.... NOVO! Prodajem visokokvalitetni tropleteni hardverski konac za fixiranje coolera

27.02.2010., 08:48	#16
coconut Premium Moj komp Datum registracije: Mar 2006 Lokacija: Opatija Postovi: 33,344	Poslušaj zwer-ka. __________________ "Dvije stvari su beskonačne - svemir i ljudska glupost. Za svemir nisam siguran." A. Einstein

27.02.2010., 10:43	#17
Dottore Extrema Thule Moj komp Datum registracije: Feb 2005 Lokacija: 「 ✖ ✖ ✖ 」 Postovi: 7,325	Poslušaj Ferengija __________________

27.02.2010., 18:20	#19
nino PizzoZder Moj komp Datum registracije: Jan 2003 Lokacija: Umag Postovi: 12,419	Normalni xp ima. Ako imas neki enlajtani, moguce da je maknuto.... __________________ Prodajem kucu na klizistu.. Nije puno presla..... Member Of PC Ekspert 100+kg Demolition Squad NAJNOVIJE = Povoljno RAM..http://www.downloadmoreram.com/... tor i AMD kupili.... NOVO! Prodajem visokokvalitetni tropleteni hardverski konac za fixiranje coolera

27.02.2010., 18:27	#20
Doink the Clown Jack of all, master of none Moj komp Datum registracije: Jan 2009 Lokacija: Matulji - Rijeka Postovi: 6,214	A da pokušaš system restore nabaciti na posljednji restore point prije te kalvarije s Trojanima sad kad ti je već system restore proradio? __________________ C L O W N I N G A R O U N D

28.02.2010., 19:58	#24
greenfly Od nonine sestre kunjado Moj komp Datum registracije: Dec 2006 Lokacija: (Vinjro) Postovi: 1,130	Ako je "normalni", onda će ti OVO pomoći. __________________

Oglasni prostor
PC Ekspert Forum Oglas

06.03.2010., 17:48	#27
magna86 Registered User Datum registracije: Mar 2010 Lokacija: system32 Postovi: 2	nije pokrenuo sa desktopa,pokrenuo je iz foldera. Znam da je D: sistemska particija,nisam to ni osporio. uzmi po uputstvu i pokreni ga i kopiraj mi log na forum. Ako pronadjem nesto u logu napisacu ti CFScript da bi to uklonili.