Skinite program HijackThis.
Kada ga preuzmete, preimenujte fajl u bilo sta, npr. “destruct0.exe”. Pokrenite ga i kliknite “Do a system scan and save a logfile”. Taj log iskopirajte ovde.

Evo rezultate:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:44:49, on 09.09.2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.20815)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\TechniSat DVB\bin\Server4PC.exe
C:\Program Files\AutoHotkey\AutoHotkey.exe
C:\Program Files\TechniSat DVB\bin\Server4PC.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\zabkat\xplorer2\xplorer2_UC.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\PROGRA~1\AVG\AVG8\avgam.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\Program Files\AVG\AVG8\avgtray.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\Program Files\Mozilla Firefox\firefox.exe
G:\Drivers\Chipset\Intel\Inf\USBCopy2.exe
C:\Program Files\Windows NT\Accessories\WORDPAD.EXE
F:\My Documents\Downloads\destruct0.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O3 - Toolbar: &TerraTec Home Cinema - {AD6E6555-FB2C-47D4-8339-3E2965509877} - C:\PROGRA~1\TerraTec\TERRAT~1\THCDES~1.DLL
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [UpdateUSB] C:\WINDOWS\inf\UpdateUSB.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user')
O4 - Startup: AutoHotkey.lnk = C:\Program Files\AutoHotkey\AutoHotkey.exe
O4 - Global Startup: Server4PC.lnk = C:\Program Files\TechniSat DVB\bin\Server4PC.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O13 - Gopher Prefix:
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

--
End of file - 4608 bytes

Stiklirajte sledece objekte i kliknite “Fix checked”
C:\WINDOWS\inf\UpdateUSB.exe
Posle toga restartujte racunar.

Ako mozete fajl
C:\WINDOWS\inf\UpdateUSB.exe
da zapakujete u ".rar"/".zip" sa password-om "virus", upload-ujete na Rapidshare i posaljete mi link preko PP.

Taj fajl je cist, mada sam primetio da moze da uspori racunar. Log je cist. Mozda je do drajvera ili necega slicnog?

Uradila sam kako si mi kazao i restartirala PC ali opet isto

Neki su me savetovali da nije neso u redu sa rundll32.exe fajlom
pustila sam windows task manager i snimila ekran, fajl sam stavila na rapidshare ako ti moze dati vise informacije
poslat cu ti link na pp

Izvini nemogu ti poslati pp sada

Hvala ti

Probala sam i sa unhackme, regrun, malwarebytwes ali opet nista

Ima li neko ideju sta da radim?

Hajde odradi ovo za pocetak:
Skini ovaj program,pokreni ga dvoklikom...sacekaj da se zavrsi skeniranje..napravice dva loga Attach.txt i DDS.txt
postavi taj DDS.txt log...on ce ti verovatno i biti otvoren...
http://download.bleepingcomputer.com/sUBs/dds.scr



P.S. popravi ovu liniju:
O13 - Gopher Prefix:

i olaksaj si sturtup..imas podosta programa koji ti se dizu sa XP-om...
CCleaner ima tu opciju...kontrolu sturtupa

Skinula sam ga... onda dvoklik (enter) ali ne pokrece se...

PS
najnovo sta sam uradila je s program RegRun vratim registre i ondak radi dobro dan-dva i opet jovo na novo

Možda imaš instaliran neki script blocker (može biti neki anti-malware alat), koji ti ne da da pokreneš ovaj fajl. Probaj da ugasiš sve od sigurnosnih alata koji su ti uključeni, pa onda opet pokreni dds.scr.

Nego, više bi me zanimalo da opišeš kako se to počinje dešavati da računar uspori. Da li si primetila da li se to možda dešava posle instalacije nekog programa, ili nekog uređaja? Jesi primetila da li ti neki fajl zauzima mnogo memorije ili procesorskog vremena? Ne bi bilo loše da ovde okačiš snimak task manager-a. Ili još bolje skini Microsoft Process Explorer, sejvuj log i okači ga ovde.

..probaj ovako...
Pazljivo procitaj Top Temu ( kako koristiti HijackThis i Combofix) pa postavi logove...

znaci ...iskljuci AntiVirus,skini i pokreni Combofix...na svako pitanje odgovori potvrdno...sacekaj da skripta odradi skeniranje systema,postavi Combofix log...


edit: kad kazes da si ga skinula..mislis li da DDS program ili CCleaner?
u svakom slucaju postavi ovo gore sa CF-om.

Pozdrav
mi smo dvoje is Skoplja, zato prostite zbor greske u izgovora
Jedna radi Video, a Jedan Muziku
imamo puno puno programa i plugine na trecu particiju
Nadamo se da cemo naci resenje bez da formatiramo sve particije

PC KOre2 2G ram 2x320 HD Sata2, Skystar2, Teratek cinergy
PC je dobro radio, sa svim navedenim komponentima, oko 2 godine
Mislim Pc je postao problematican prvi put pre dva meseca
Kada na Shut Down Run32dll nie hteo da se iskluci
Od tada run32dll nije javio problem pri shutdown, ali se uvek usporava PC na nekoliko dana, a ponekad i na nekoliko sati
Onda smo preinstalirali WinSP3 i nekoliko dana je bilo dobro
i od to vreme tako radi malo pa uspori
Koristimo hiren 10, imamo nekoliko imiges sa Norton ghost
Do sada smo vracali image, kada se uspori
A sada smo videli da sa vracanjem registri (sa regrun) radi dobro, ali samo nekoliko dana, ili manje
Generalno dok nadzemo problem, imamo nekoliko programa na Osnovnoj particii
Nero Mozila ultraiso utorent word

Probali smo>
nod, norton, avg, avast, spybot, regrun, MalwareBytes ProcessExplorerSUPERAntiSpyware UnHackMe xp repair pro 4
gore navedeni nista ne javljaju, kazu da je sve cisto

Kada se uspori:?
glavno nema praviila
Prvo vratim image, koi je cist sP3
pa instaliram drajvere, torent, word, ultraiso, ...
probali smo da isklucimo moznost i uvek razlicno smo birali programe
nekada se uspori na Utorent, nekada na neki drajver, nekada na ultraiso, a veoma retko sam od sebe da se uspori

Evo link za Task manager, kada se usporio (tada je bio instaliran samo win, nero, mozila, i jos1-2 program)
http://rapidshare.de/files/48310025/Proces.rar.html


Hvala Hvala

Odkad sam vratila registre pre jedan dan, sad radi dobro
Dali da sad uradim ovo so combofix, ili da sacekam da se uspori?

U ovom slucaju proces avgrsx.exe ti zauzima preko 70% CPU (slika je isecena). To je AVG antivirus. Probaj da ga podesis ili zameni AVG antivirus Avastom ili Avirom.

AVG sam smenila
sad imam RegRun i malwarebytes
kad je sporo, ne mogu ni muziku da slusam
Winamp radi grrrrrrrrrrrrr

Da, izgleda da AVG pravi problem, verovatno je uključeno neko teško praćenje i skeniranje fajlova. Rešenje je ili da zameniš AVG sa recimo Avast-om ili Avira antivirusom (što bih ja lično uradio), ili da konfigurišeš AVG drugačije, recimo da napraviš listu foldera koje da ne skenira i tome slično. Mada, moje lično mišljenje je da ipak zameniš AVG nekim drugim programom.

[edit]:
Eto bedaka. Odradi skeniranje sa combofix-om i postavi ovde log, a i može opet da snimiš ekran kada uspori pa da postaviš.

Mislim da nije do AVG
prvi put problem se javi kad sam imala NOD,
zatim sam sa svako instaliranje win, ili vracanje image savljala sam razlicit antivirus
Norton, avast, spybot,....

Kad se bude opet usporio snimicu ekran i uraditi ono sa combofix

Hvala vam na pomoci

ma odmah odradi skan sa CF-om...bezveze cekas..a ja nemam vremena bas u izobilju

Jedan prijatelj me savetovao posto imam dve ram kartice (2x 1Gb), da ih izvadim i opet vratim, ali da im zamenim mesta
Tako sam i uradila i evo 3-4 dana nemam problema
Nadam se da sam resila vec jednom ovaj problem

ako se bude opet usporio, pisacu opet

Hvala

Zdravo
Moj kompjuter se opet usporio. pa htela bi da probam da ga testiram sa combofix
Moze li mi neko pomoci?

Hvala

Namoj ti da ga testiras sa combofixom, nije to test program.

Skini Program DDS http://download.bleepingcomputer.com/sUBs/dds.scr
Dvoklikom pokreni DDS
Sacekaj malo, izbacice ti dva loga
Zakaci mi oba loga uz poruku

Uradila sam sta si mi kazao,
i stavila logove na rapid (poslala sam ti link na pp)

Hvala

Ajde ugasi AV
Skini ComboFix sa sledece adrese na Desktop:
http://download.bleepingcomputer.com/sUBs/ComboFix.exe
Sa desktopa pokreni combofix i odgovori potvrdno za sve sto te pita.
Kad zavrsi postavi log ovde na forum.

Evo to sto si trazio:

ComboFix 09-09-28.01 - EMY 29.09.2009 14:23.1.2 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1251.389.1033.18.2047.1661 [GMT 2:00]
Running from: c:\documents and settings\EMY\Desktop\ComboFix.exe
AV: ESET Smart Security 4.0 *On-access scanning disabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: ESET Personal firewall *enabled* {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0}
* Created a new restore point

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\docume~1\EMY\LOCALS~1\Temp\svchost.exe
c:\documents and settings\EMY\Favorites\Games.url
c:\windows\neoqaz2.dll
f:\my documents\retgedit.reg

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_SKYNET
-------\Legacy_SkyNetBDA
-------\Service_SKYNET
-------\Service_SkyNetBDA


((((((((((((((((((((((((( Files Created from 2009-08-28 to 2009-09-29 )))))))))))))))))))))))))))))))
.

2009-09-27 22:31 . 2009-09-27 22:39 -------- d-----w- c:\program files\ProgDVB
2009-09-27 22:12 . 2009-09-27 22:13 -------- d-----w- c:\program files\TechniSat DVB
2009-09-27 11:55 . 2009-09-11 05:47 551824 ----a-w- c:\windows\system32\drivers\SkyNetBDA.sys
2009-09-26 15:13 . 2009-09-26 15:14 -------- d-----w- c:\windows\Backups
2009-09-26 15:13 . 2009-09-26 15:13 -------- d-----w- c:\windows\AutoREGs
2009-09-26 15:13 . 2009-09-26 15:16 60 ----a-w- c:\windows\automatski.cmd
2009-09-26 15:12 . 2009-09-26 15:16 404319 ----a-w- c:\windows\zakrpa.exe
2009-09-26 14:22 . 2008-06-29 19:48 311128 ----a-w- c:\windows\system32\libssl32.dll
2009-09-26 14:22 . 2008-06-29 19:48 1526468 ----a-w- c:\windows\system32\libeay32.dll
2009-09-26 13:17 . 2009-09-28 07:10 -------- d-----w- c:\documents and settings\EMY\Application Data\BID
2009-09-26 13:17 . 2009-09-26 13:23 -------- d-----w- c:\program files\Bulk Image Downloader
2009-09-25 16:44 . 2009-09-25 16:44 -------- d-----w- c:\program files\EPSON
2009-09-25 16:43 . 2009-09-25 16:43 -------- d-----w- c:\documents and settings\All Users\Application Data\EPSON
2009-09-25 16:43 . 2004-09-10 20:12 49152 ----a-w- c:\windows\system32\E_DCINST.DLL
2009-09-25 16:43 . 2006-12-08 02:04 76800 ----a-w- c:\windows\system32\E_FLBCCE.DLL
2009-09-25 16:43 . 2006-04-19 02:00 62976 ----a-w- c:\windows\system32\E_FD4BCCE.DLL
2009-09-25 16:41 . 2008-04-13 22:17 25856 -c--a-w- c:\windows\system32\dllcache\usbprint.sys
2009-09-25 16:41 . 2008-04-13 22:17 25856 ----a-w- c:\windows\system32\drivers\usbprint.sys
2009-09-25 13:31 . 2009-09-25 13:31 -------- d-----w- c:\program files\The Tetris Game
2009-09-25 13:20 . 2009-09-25 13:20 -------- d-----w- c:\documents and settings\EMY\Application Data\Publish Providers
2009-09-25 13:18 . 2009-09-25 13:20 -------- d-----w- c:\documents and settings\EMY\Application Data\Sony
2009-09-25 13:18 . 2009-09-25 13:18 -------- d-----w- c:\documents and settings\EMY\Local Settings\Application Data\Sony
2009-09-25 13:16 . 2009-09-25 13:16 -------- d-----w- c:\documents and settings\All Users\Application Data\Sony
2009-09-25 13:16 . 2009-09-25 13:16 -------- d-----w- c:\program files\Sony
2009-09-25 13:13 . 2009-09-25 13:15 -------- d-----w- c:\windows\system32\drivers\UMDF
2009-09-25 13:13 . 2009-09-25 13:13 -------- d-----w- c:\windows\system32\LogFiles
2009-09-25 13:13 . 2006-09-15 23:05 23856 ----a-w- c:\windows\system32\spupdsvc.exe
2009-09-25 13:12 . 2009-09-25 13:12 -------- d-----w- C:\WMSDK
2009-09-25 13:05 . 2009-09-25 13:05 -------- d-----w- c:\documents and settings\All Users\Application Data\CHL Pack
2009-09-25 11:36 . 2004-03-29 14:23 90112 ----a-w- c:\windows\unvise32.exe
2009-09-25 11:24 . 2009-09-25 11:24 -------- d-----w- c:\documents and settings\EMY\Application Data\Apple Computer
2009-09-25 11:22 . 2009-09-25 11:22 -------- d-----w- c:\program files\QuickTime
2009-09-25 11:22 . 2009-09-25 11:24 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple Computer
2009-09-25 11:22 . 2009-09-25 11:22 -------- d-----w- c:\documents and settings\EMY\Local Settings\Application Data\Apple
2009-09-25 11:22 . 2009-09-25 11:22 -------- d-----w- c:\program files\Apple Software Update
2009-09-25 11:22 . 2009-09-25 11:22 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple
2009-09-25 11:21 . 2009-09-25 11:21 -------- d-----w- c:\documents and settings\EMY\Local Settings\Application Data\Apple Computer
2009-09-25 11:04 . 2009-09-25 11:04 -------- d-----w- c:\documents and settings\All Users\Application Data\FLEXnet
2009-09-25 10:47 . 2009-09-25 10:47 -------- d-----w- c:\documents and settings\All Users\Application Data\ALM
2009-09-25 10:36 . 2009-09-25 10:36 -------- d-----w- c:\program files\Common Files\Adobe AIR
2009-09-25 10:31 . 2009-09-25 10:31 -------- d-----w- c:\program files\Common Files\Macrovision Shared
2009-09-24 17:53 . 2009-09-24 17:53 -------- d-----w- c:\documents and settings\EMY\Application Data\Nero
2009-09-24 12:22 . 2009-09-24 12:22 -------- d-----w- c:\documents and settings\EMY\Application Data\AdobeUM
2009-09-24 12:22 . 2009-09-25 11:19 -------- d-----w- c:\documents and settings\EMY\Local Settings\Application Data\Adobe
2009-09-24 12:20 . 2009-09-24 12:20 -------- d-----w- c:\windows\Cache
2009-09-23 20:49 . 2009-09-23 20:49 -------- d-----w- c:\documents and settings\EMY\Application Data\Media Player Classic
2009-09-23 12:04 . 2009-09-23 12:04 -------- d-----w- c:\program files\Microsoft WSE
2009-09-23 12:02 . 2006-09-28 14:05 2414360 ----a-w- c:\windows\system32\d3dx9_31.dll
2009-09-23 12:02 . 2009-09-23 12:02 -------- d-----w- c:\windows\Logs
2009-09-23 11:58 . 2009-09-23 11:58 -------- d-----w- c:\program files\Electronic Arts
2009-09-23 11:56 . 2009-09-23 11:56 -------- d-----w- c:\program files\Common Files\EZB Systems
2009-09-23 11:56 . 2009-09-23 11:56 -------- d-----w- c:\program files\UltraISO
2009-09-23 11:45 . 2009-09-23 11:45 -------- d-----w- c:\program files\zabkat
2009-09-21 17:27 . 2009-09-21 17:27 -------- d--h--w- c:\windows\PIF
2009-09-21 13:11 . 2009-09-21 13:11 -------- d-----w- c:\documents and settings\EMY\Local Settings\Application Data\GlobalSCAPE
2009-09-21 13:11 . 2009-09-21 13:11 -------- d-----w- c:\documents and settings\All Users\Application Data\GlobalSCAPE
2009-09-21 13:06 . 2009-09-21 13:06 -------- d-----w- c:\program files\AskBarDis
2009-09-21 12:08 . 2009-09-21 17:01 -------- d-----w- c:\documents and settings\EMY\Application Data\GlobalSCAPE
2009-09-21 12:08 . 2009-09-21 13:06 -------- d-----w- c:\program files\GlobalSCAPE
2009-09-14 06:59 . 2009-09-14 06:59 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Application Data\ESET
2009-09-13 23:29 . 2008-04-13 22:15 26368 -c--a-w- c:\windows\system32\dllcache\usbstor.sys
2009-09-13 18:11 . 2009-09-29 11:37 -------- d-----w- C:\Video
2009-09-13 16:22 . 2006-03-17 12:49 368640 ----a-w- c:\windows\system32\TwnLib4.dll
2009-09-13 16:22 . 2006-03-17 09:45 802816 ----a-w- c:\windows\system32\imagXRA7.dll
2009-09-13 16:22 . 2006-03-17 09:45 497296 ----a-w- c:\windows\system32\imagXpr7.dll
2009-09-13 16:22 . 2006-03-17 09:45 258048 ----a-w- c:\windows\system32\imagXR7.dll
2009-09-13 16:22 . 2006-03-17 09:45 1757184 ----a-w- c:\windows\system32\imagX7.dll
2009-09-13 16:22 . 2009-09-13 16:22 -------- d-----w- c:\program files\Nero
2009-09-13 16:22 . 2009-09-13 16:22 -------- d-----w- c:\program files\Common Files\Nero
2009-09-13 16:22 . 2009-09-13 16:22 -------- d-----w- c:\documents and settings\All Users\Application Data\Nero
2009-09-13 15:44 . 2009-09-27 21:31 -------- d-----w- c:\program files\Common Files\TerraTec
2009-09-13 15:44 . 2009-09-13 15:44 -------- d-----w- c:\program files\TerraTec
2009-09-13 15:44 . 2009-09-27 21:04 -------- d-----w- c:\documents and settings\EMY\Application Data\TerraTec
2009-09-13 15:41 . 2009-09-13 15:41 -------- d-----w- c:\program files\uTorrent
2009-09-13 15:41 . 2009-09-29 12:31 -------- d-----w- c:\documents and settings\EMY\Application Data\uTorrent
2009-09-13 15:23 . 2009-09-13 15:23 -------- d-----w- c:\program files\ASIO4ALL v2
2009-09-13 15:22 . 2009-09-13 15:22 -------- d-----w- c:\program files\Outsim
2009-09-13 15:21 . 2009-09-13 15:22 -------- d-----w- c:\program files\Image-Line
2009-09-13 15:10 . 2009-09-13 15:10 -------- dc-h--w- c:\documents and settings\All Users\Application Data\{C2686527-0D57-4F0B-ADAB-EE203CA30FC6}
2009-09-13 15:09 . 2009-09-13 15:09 -------- dc-h--w- c:\documents and settings\All Users\Application Data\{A397AF63-B3A1-40DF-AA85-5C5368304B60}
2009-09-13 15:05 . 2009-09-13 15:05 -------- d-----w- c:\documents and settings\EMY\Local Settings\Application Data\Native Instruments
2009-09-13 15:00 . 2009-09-13 15:22 -------- d-----w- c:\program files\Vstplugins
2009-09-13 14:58 . 2009-09-13 15:09 -------- d-----w- c:\program files\Common Files\Native Instruments
2009-09-13 14:58 . 2009-09-13 15:09 -------- d-----w- c:\program files\Native Instruments
2009-09-13 14:55 . 2009-09-13 14:55 -------- d-----w- c:\windows\ShellNew
2009-09-13 14:55 . 2009-09-13 14:55 -------- d-----w- c:\program files\AutoHotkey
2009-09-13 14:55 . 2009-09-13 14:55 -------- d--h--w- c:\windows\system32\GroupPolicy
2009-09-13 14:47 . 2009-09-13 14:48 -------- d-----w- c:\program files\DVBViewer
2009-09-13 14:41 . 2009-09-13 14:41 -------- d-----w- c:\program files\Real Alternative
2009-09-13 14:41 . 2009-09-13 14:41 -------- d-----w- c:\documents and settings\EMY\Local Settings\Application Data\Real
2009-09-13 14:39 . 2009-09-23 20:50 -------- d-----w- c:\program files\The KMPlayer
2009-09-13 14:33 . 2009-09-13 14:33 -------- d-----w- c:\program files\ACD Systems
2009-09-13 14:31 . 2009-09-13 14:32 -------- d-----w- C:\ProgDVB
2009-09-13 14:26 . 2009-09-25 11:04 18256 ----a-w- c:\documents and settings\EMY\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-09-13 14:19 . 2009-09-13 14:19 -------- d-----w- c:\documents and settings\EMY\Application Data\ESET
2009-09-13 14:18 . 2009-09-13 14:18 -------- d-----w- c:\program files\ESET
2009-09-13 14:18 . 2009-09-13 14:18 -------- d-----w- c:\documents and settings\All Users\Application Data\ESET
2009-09-13 13:56 . 2009-09-28 08:15 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2009-09-13 13:56 . 2009-09-28 08:14 -------- d-----w- c:\documents and settings\EMY\Application Data\VideoReDo-TVSuite
2009-09-13 13:56 . 2009-09-13 13:56 -------- d-----w- c:\program files\VideoReDoTVSuite
2009-09-13 13:34 . 2007-03-07 23:51 129784 ------w- c:\windows\system32\pxafs.dll
2009-09-13 13:34 . 2009-09-13 13:45 -------- d-----w- c:\documents and settings\EMY\Application Data\Winamp
2009-09-13 13:34 . 2009-09-13 13:45 -------- d-----w- c:\program files\Winamp
2009-09-13 13:32 . 2009-09-13 13:32 -------- d-----w- c:\program files\MSECache
2009-09-13 04:06 . 2001-08-17 13:59 3072 ----a-w- c:\windows\system32\drivers\audstub.sys
2009-09-13 04:05 . 2008-04-14 05:41 21504 ----a-w- c:\windows\system32\hidserv.dll
2009-09-13 04:05 . 2008-04-14 00:10 57600 ----a-w- c:\windows\system32\drivers\redbook.sys
2009-09-13 04:04 . 2008-04-14 03:42 74240 -c--a-w- c:\windows\system32\dllcache\usbui.dll
2009-09-13 04:04 . 2008-04-14 03:42 74240 ----a-w- c:\windows\system32\usbui.dll
2009-09-13 04:02 . 2008-04-14 12:00 7168 -c--a-w- c:\windows\system32\dllcache\kbdcz.dll
2009-09-13 04:00 . 2009-09-29 12:22 -------- d-----w- c:\windows\system32\CatRoot2
2009-09-13 04:00 . 2009-09-13 04:00 -------- d-----w- c:\windows\system32\CatRoot
2009-09-13 04:00 . 2009-09-29 12:22 -------- d--h--w- c:\documents and settings\Default User
2009-09-13 04:00 . 2009-09-13 14:55 -------- d-----w- c:\documents and settings\All Users
2009-09-13 04:00 . 2009-09-13 02:22 -------- d-----w- C:\Documents and Settings

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-09-27 22:12 . 2009-09-13 02:58 -------- d-----w- c:\program files\DVBViewerTE
2009-09-27 22:12 . 2009-09-13 02:35 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-09-25 10:40 . 2009-09-13 03:52 -------- d-----w- c:\program files\Common Files\Adobe
2009-09-21 17:03 . 2009-09-13 02:35 -------- d-----w- c:\program files\Common Files\InstallShield
2009-09-13 15:45 . 2009-09-13 15:45 -------- d-----w- c:\documents and settings\All Users\Application Data\TerraTec
2009-09-13 14:47 . 2009-09-13 02:58 -------- d-----w- c:\documents and settings\All Users\Application Data\CMUV
2009-09-13 03:50 . 2009-09-13 03:50 -------- d-----w- c:\program files\K-Lite Codec Pack
2009-09-13 03:49 . 2009-09-13 03:49 0 ----a-w- c:\windows\nsreg.dat
2009-09-13 03:10 . 2009-09-13 03:10 664 ----a-w- c:\windows\system32\d3d9caps.dat
2009-09-13 02:58 . 2009-09-13 02:58 -------- d-----w- c:\documents and settings\All Users\Application Data\Technisat
2009-09-13 02:58 . 2009-09-13 02:58 -------- d-----w- c:\program files\MainConcept
2009-09-13 02:56 . 2009-09-13 02:56 -------- d-----w- c:\program files\AGEIA Technologies
2009-09-13 02:56 . 2009-09-13 02:56 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2009-09-13 02:39 . 2009-09-13 02:39 -------- d-----w- c:\program files\Realtek
2009-09-13 02:35 . 2009-09-13 02:35 -------- d-----w- c:\program files\Analog Devices
2009-09-13 02:32 . 2009-09-13 02:32 -------- d-----w- c:\program files\Intel
2009-09-13 02:14 . 2009-09-13 02:14 -------- d-----w- c:\program files\microsoft frontpage
2009-09-13 02:11 . 2009-09-13 02:11 21640 ----a-w- c:\windows\system32\emptyregdb.dat
2009-07-14 10:04 . 2009-07-14 10:04 344064 ----a-w- c:\windows\system32\msvcr70.dll
2009-07-14 10:04 . 2009-07-14 10:04 83448 ----a-w- c:\windows\system32\CddbLangJA.dll
2009-07-14 10:04 . 2009-07-14 10:04 808440 ----a-w- c:\windows\system32\CDDBUI.dll
2009-07-14 10:04 . 2009-07-14 10:04 796152 ----a-w- c:\windows\system32\CDDBControl.dll
2009-07-14 10:04 . 2009-07-14 10:04 108024 ----a-w- c:\windows\system32\CddbLangIT.dll
2009-07-14 10:04 . 2009-07-14 10:04 103928 ----a-w- c:\windows\system32\CddbLangNL.dll
2009-07-14 10:04 . 2009-07-14 10:04 103928 ----a-w- c:\windows\system32\CddbLangFR.dll
2009-07-14 10:04 . 2009-07-14 10:04 103928 ----a-w- c:\windows\system32\CddbLangES.dll
2009-07-14 10:04 . 2009-07-14 10:04 103928 ----a-w- c:\windows\system32\CddbLangDE.dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}]
2008-07-17 15:20 279944 ----a-w- c:\program files\AskBarDis\bar\bin\askBar.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{3041d03e-fd4b-44e0-b742-2d9b88305f98}"= "c:\program files\AskBarDis\bar\bin\askBar.dll" [2008-07-17 279944]

[HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}]
[HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"="c:\program files\uTorrent\uTorrent.exe" [2009-09-13 288048]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2006-12-18 868352]
"JMB36X IDE Setup"="c:\windows\JM\JMInsIDE.exe" [2006-10-30 36864]
"JMB36X Configure"="c:\windows\system32\JMRaidSetup.exe" [2006-10-30 1953792]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-12-25 13680640]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-12-25 86016]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2009-05-14 2029640]
"AdobeCS4ServiceManager"="c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2008-08-14 611712]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-05-26 413696]
"nwiz"="nwiz.exe" - c:\windows\system32\nwiz.exe [2008-12-25 1657376]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\EMY\Start Menu\Programs\Startup\
AutoHotkey.lnk - c:\program files\AutoHotkey\AutoHotkey.exe [2007-11-21 240128]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
Server4PC.lnk - c:\program files\TechniSat DVB\bin\Server4PC.exe [2009-9-28 338448]

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"UpdatesDisableNotify"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\TerraTec\\TerraTec Home Cinema\\CinergyDvr.exe"=
"c:\\Program Files\\TerraTec\\TerraTec Home Cinema\\CinergyDvrUpdate\\CinergyDVRUp_Date.exe"=
"c:\\Program Files\\Common Files\\Adobe\\CS4ServiceManager\\CS4ServiceManager.exe"=
"c:\\Program Files\\TerraTec\\TerraTec Home Cinema\\CinergyDvrHelper.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5353:TCP"= 5353:TCP:Adobe CSI CS4

R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [5/14/2009 3:47 PM 107256]
R2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [5/14/2009 3:47 PM 731840]
R3 3xHybrid;TerraTec BDA capture service;c:\windows\system32\drivers\3xHybrid.sys [4/15/2005 5:50 AM 908160]
.
.
------- Supplementary Scan -------
.
IE: En&queue current page with BID - file://c:\program files\Bulk Image Downloader\iemenu\iebidqueue.htm
IE: Enqueue link tar&get with BID - file://c:\program files\Bulk Image Downloader\iemenu\iebidlinkqueue.htm
IE: Open &link target with BID - file://c:\program files\Bulk Image Downloader\iemenu\iebidlink.htm
IE: Open current page with BI&D - file://c:\program files\Bulk Image Downloader\iemenu\iebid.htm
IE: Open current page with BID Link Explorer - file://c:\program files\Bulk Image Downloader\iemenu\iebidlinkexplorer.htm
FF - ProfilePath - c:\documents and settings\EMY\Application Data\Mozilla\Firefox\Profiles\0nyhknli.default\
FF - prefs.js: browser.startup.homepage - www.google.com
.
- - - - ORPHANS REMOVED - - - -

HKCU-Run-Remote Control Editor - c:\program files\Common Files\TerraTec\Remote\TTTVRC.exe
AddRemove-Native Instruments Massive v1.0.1.008 - c:\progra~1\NATIVE~1\Massive\UNWISE.EXE



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-09-29 14:30
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\software\ESET\ESET Security\CurrentVersion\Info]
@Denied: (2) (LocalSystem)
"PackageTag"=dword:6090e758
"AppDataDir"="c:\\Documents and Settings\\All Users\\Application Data\\ESET\\ESET Smart Security\\"
"DataDir"="ESET\\ESET Smart Security\\"
"EditionName"="BUSINESS EDITION"
"InstallDir"="c:\\Program Files\\ESET\\ESET Smart Security\\"
"LanguageId"=dword:00000409
"ProductBase"=dword:00000001
"ProductCode"="{71CBF9BB-7E07-4A9D-BF30-84C11810B242}"
"ProductName"="ESET Smart Security"
"ProductType"="essbe"
"ProductVersion"="4.0.437.0"
"UniqueId"="008FBB694AACFF67"
"ScannerBuild"=dword:00001329
"ScannerVersionId"=dword:00000feb
"ScannerVersion"="Open window for status."
"FixId"=dword:00000005
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(916)
c:\program files\Common Files\Adobe\Adobe Drive CS4\AdobeDriveCS4_NP.dll

- - - - - - - > 'explorer.exe'(792)
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\nvsvc32.exe
c:\windows\system32\rundll32.exe
c:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Completion time: 2009-09-29 14:33 - machine was rebooted
ComboFix-quarantined-files.txt 2009-09-29 12:33

Pre-Run: 160.538.730.496 bytes free
Post-Run: 160.433.266.688 bytes free

281

Da li ti je poznat ovaj fajl c:\windows\zakrpa.exe
Ako nije posalji ga na analizu na http://www.virustotal.com/
i postavi link sa izvestajem.

ne mi je poznat
dali treba da ga spakujem ili ne

poslala sam fajl na analizu i evo rezultate:


File has already been analysed:
MD5: 17663011bd486a5e8dd2ba7c1f3d5a2b
First received: 2009.01.17 22:15:40 UTC
Date: 2009.08.31 02:13:44 UTC [>29D]
Results: 4/41
Permalink: analisis/221070bb6983c21e02eb1be09100d815dfc0ddbc6a10c4d3ff52948fe5a06cc4-1251684824


http://www.virustotal.com/anal...4d3ff52948fe5a06cc4-1251684824

Skini ovaj fajl, raspakuj na desktop.
Ugasi AV.
Levim klikom misa prevuci CFScript na ikonicu Combofixa.



Postavi novi log.

Evo novi log:

ComboFix 09-09-28.01 - EMY 29.09.2009 23:57.2.2 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1251.389.1033.18.2047.1684 [GMT 2:00]
Running from: c:\documents and settings\EMY\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\EMY\Desktop\CFScript\CFScript.txt
AV: ESET Smart Security 4.0 *On-access scanning disabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: ESET Personal firewall *enabled* {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0}

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!

FILE ::
"c:\windows\automatski.cmd"
"c:\windows\zakrpa.exe"
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\automatski.cmd
c:\windows\neoqaz2.dll
c:\windows\zakrpa.exe

.
((((((((((((((((((((((((( Files Created from 2009-08-28 to 2009-09-29 )))))))))))))))))))))))))))))))
.

2009-09-29 13:45 . 2009-09-29 13:45 -------- d-----w- c:\documents and settings\EMY\Local Settings\Application Data\ESET
2009-09-27 22:31 . 2009-09-27 22:39 -------- d-----w- c:\program files\ProgDVB
2009-09-27 22:12 . 2009-09-27 22:13 -------- d-----w- c:\program files\TechniSat DVB
2009-09-27 11:55 . 2009-09-11 05:47 551824 ----a-w- c:\windows\system32\drivers\SkyNetBDA.sys
2009-09-26 15:13 . 2009-09-26 15:14 -------- d-----w- c:\windows\Backups
2009-09-26 15:13 . 2009-09-26 15:13 -------- d-----w- c:\windows\AutoREGs
2009-09-26 14:22 . 2008-06-29 19:48 311128 ----a-w- c:\windows\system32\libssl32.dll
2009-09-26 14:22 . 2008-06-29 19:48 1526468 ----a-w- c:\windows\system32\libeay32.dll
2009-09-26 13:17 . 2009-09-28 07:10 -------- d-----w- c:\documents and settings\EMY\Application Data\BID
2009-09-26 13:17 . 2009-09-26 13:23 -------- d-----w- c:\program files\Bulk Image Downloader
2009-09-25 16:44 . 2009-09-25 16:44 -------- d-----w- c:\program files\EPSON
2009-09-25 16:43 . 2009-09-25 16:43 -------- d-----w- c:\documents and settings\All Users\Application Data\EPSON
2009-09-25 16:43 . 2004-09-10 20:12 49152 ----a-w- c:\windows\system32\E_DCINST.DLL
2009-09-25 16:43 . 2006-12-08 02:04 76800 ----a-w- c:\windows\system32\E_FLBCCE.DLL
2009-09-25 16:43 . 2006-04-19 02:00 62976 ----a-w- c:\windows\system32\E_FD4BCCE.DLL
2009-09-25 16:41 . 2008-04-13 22:17 25856 -c--a-w- c:\windows\system32\dllcache\usbprint.sys
2009-09-25 16:41 . 2008-04-13 22:17 25856 ----a-w- c:\windows\system32\drivers\usbprint.sys
2009-09-25 13:31 . 2009-09-25 13:31 -------- d-----w- c:\program files\The Tetris Game
2009-09-25 13:20 . 2009-09-25 13:20 -------- d-----w- c:\documents and settings\EMY\Application Data\Publish Providers
2009-09-25 13:18 . 2009-09-25 13:20 -------- d-----w- c:\documents and settings\EMY\Application Data\Sony
2009-09-25 13:18 . 2009-09-25 13:18 -------- d-----w- c:\documents and settings\EMY\Local Settings\Application Data\Sony
2009-09-25 13:16 . 2009-09-25 13:16 -------- d-----w- c:\documents and settings\All Users\Application Data\Sony
2009-09-25 13:16 . 2009-09-25 13:16 -------- d-----w- c:\program files\Sony
2009-09-25 13:13 . 2009-09-25 13:15 -------- d-----w- c:\windows\system32\drivers\UMDF
2009-09-25 13:13 . 2009-09-25 13:13 -------- d-----w- c:\windows\system32\LogFiles
2009-09-25 13:13 . 2006-09-15 23:05 23856 ----a-w- c:\windows\system32\spupdsvc.exe
2009-09-25 13:12 . 2009-09-25 13:12 -------- d-----w- C:\WMSDK
2009-09-25 13:05 . 2009-09-25 13:05 -------- d-----w- c:\documents and settings\All Users\Application Data\CHL Pack
2009-09-25 11:36 . 2004-03-29 14:23 90112 ----a-w- c:\windows\unvise32.exe
2009-09-25 11:24 . 2009-09-25 11:24 -------- d-----w- c:\documents and settings\EMY\Application Data\Apple Computer
2009-09-25 11:22 . 2009-09-25 11:22 -------- d-----w- c:\program files\QuickTime
2009-09-25 11:22 . 2009-09-25 11:24 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple Computer
2009-09-25 11:22 . 2009-09-25 11:22 -------- d-----w- c:\documents and settings\EMY\Local Settings\Application Data\Apple
2009-09-25 11:22 . 2009-09-25 11:22 -------- d-----w- c:\program files\Apple Software Update
2009-09-25 11:22 . 2009-09-25 11:22 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple
2009-09-25 11:21 . 2009-09-25 11:21 -------- d-----w- c:\documents and settings\EMY\Local Settings\Application Data\Apple Computer
2009-09-25 11:04 . 2009-09-25 11:04 -------- d-----w- c:\documents and settings\All Users\Application Data\FLEXnet
2009-09-25 10:47 . 2009-09-25 10:47 -------- d-----w- c:\documents and settings\All Users\Application Data\ALM
2009-09-25 10:36 . 2009-09-25 10:36 -------- d-----w- c:\program files\Common Files\Adobe AIR
2009-09-25 10:31 . 2009-09-25 10:31 -------- d-----w- c:\program files\Common Files\Macrovision Shared
2009-09-24 17:53 . 2009-09-24 17:53 -------- d-----w- c:\documents and settings\EMY\Application Data\Nero
2009-09-24 12:22 . 2009-09-24 12:22 -------- d-----w- c:\documents and settings\EMY\Application Data\AdobeUM
2009-09-24 12:22 . 2009-09-25 11:19 -------- d-----w- c:\documents and settings\EMY\Local Settings\Application Data\Adobe
2009-09-24 12:20 . 2009-09-24 12:20 -------- d-----w- c:\windows\Cache
2009-09-23 20:49 . 2009-09-23 20:49 -------- d-----w- c:\documents and settings\EMY\Application Data\Media Player Classic
2009-09-23 12:04 . 2009-09-23 12:04 -------- d-----w- c:\program files\Microsoft WSE
2009-09-23 12:02 . 2006-09-28 14:05 2414360 ----a-w- c:\windows\system32\d3dx9_31.dll
2009-09-23 12:02 . 2009-09-23 12:02 -------- d-----w- c:\windows\Logs
2009-09-23 11:58 . 2009-09-23 11:58 -------- d-----w- c:\program files\Electronic Arts
2009-09-23 11:56 . 2009-09-23 11:56 -------- d-----w- c:\program files\Common Files\EZB Systems
2009-09-23 11:56 . 2009-09-23 11:56 -------- d-----w- c:\program files\UltraISO
2009-09-23 11:45 . 2009-09-23 11:45 -------- d-----w- c:\program files\zabkat
2009-09-21 17:27 . 2009-09-21 17:27 -------- d--h--w- c:\windows\PIF
2009-09-21 13:11 . 2009-09-21 13:11 -------- d-----w- c:\documents and settings\EMY\Local Settings\Application Data\GlobalSCAPE
2009-09-21 13:11 . 2009-09-21 13:11 -------- d-----w- c:\documents and settings\All Users\Application Data\GlobalSCAPE
2009-09-21 13:06 . 2009-09-21 13:06 -------- d-----w- c:\program files\AskBarDis
2009-09-21 12:08 . 2009-09-21 17:01 -------- d-----w- c:\documents and settings\EMY\Application Data\GlobalSCAPE
2009-09-21 12:08 . 2009-09-21 13:06 -------- d-----w- c:\program files\GlobalSCAPE
2009-09-14 06:59 . 2009-09-14 06:59 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Application Data\ESET
2009-09-13 23:29 . 2008-04-13 22:15 26368 -c--a-w- c:\windows\system32\dllcache\usbstor.sys
2009-09-13 18:11 . 2009-09-29 11:37 -------- d-----w- C:\Video
2009-09-13 16:22 . 2006-03-17 12:49 368640 ----a-w- c:\windows\system32\TwnLib4.dll
2009-09-13 16:22 . 2006-03-17 09:45 802816 ----a-w- c:\windows\system32\imagXRA7.dll
2009-09-13 16:22 . 2006-03-17 09:45 497296 ----a-w- c:\windows\system32\imagXpr7.dll
2009-09-13 16:22 . 2006-03-17 09:45 258048 ----a-w- c:\windows\system32\imagXR7.dll
2009-09-13 16:22 . 2006-03-17 09:45 1757184 ----a-w- c:\windows\system32\imagX7.dll
2009-09-13 16:22 . 2009-09-13 16:22 -------- d-----w- c:\program files\Nero
2009-09-13 16:22 . 2009-09-13 16:22 -------- d-----w- c:\program files\Common Files\Nero
2009-09-13 16:22 . 2009-09-13 16:22 -------- d-----w- c:\documents and settings\All Users\Application Data\Nero
2009-09-13 15:44 . 2009-09-27 21:31 -------- d-----w- c:\program files\Common Files\TerraTec
2009-09-13 15:44 . 2009-09-13 15:44 -------- d-----w- c:\program files\TerraTec
2009-09-13 15:44 . 2009-09-27 21:04 -------- d-----w- c:\documents and settings\EMY\Application Data\TerraTec
2009-09-13 15:41 . 2009-09-13 15:41 -------- d-----w- c:\program files\uTorrent
2009-09-13 15:41 . 2009-09-29 21:54 -------- d-----w- c:\documents and settings\EMY\Application Data\uTorrent
2009-09-13 15:23 . 2009-09-13 15:23 -------- d-----w- c:\program files\ASIO4ALL v2
2009-09-13 15:22 . 2009-09-13 15:22 -------- d-----w- c:\program files\Outsim
2009-09-13 15:21 . 2009-09-13 15:22 -------- d-----w- c:\program files\Image-Line
2009-09-13 15:10 . 2009-09-13 15:10 -------- dc-h--w- c:\documents and settings\All Users\Application Data\{C2686527-0D57-4F0B-ADAB-EE203CA30FC6}
2009-09-13 15:09 . 2009-09-13 15:09 -------- dc-h--w- c:\documents and settings\All Users\Application Data\{A397AF63-B3A1-40DF-AA85-5C5368304B60}
2009-09-13 15:05 . 2009-09-13 15:05 -------- d-----w- c:\documents and settings\EMY\Local Settings\Application Data\Native Instruments
2009-09-13 15:00 . 2009-09-13 15:22 -------- d-----w- c:\program files\Vstplugins
2009-09-13 14:58 . 2009-09-13 15:09 -------- d-----w- c:\program files\Common Files\Native Instruments
2009-09-13 14:58 . 2009-09-13 15:09 -------- d-----w- c:\program files\Native Instruments
2009-09-13 14:55 . 2009-09-13 14:55 -------- d-----w- c:\windows\ShellNew
2009-09-13 14:55 . 2009-09-13 14:55 -------- d-----w- c:\program files\AutoHotkey
2009-09-13 14:55 . 2009-09-13 14:55 -------- d--h--w- c:\windows\system32\GroupPolicy
2009-09-13 14:47 . 2009-09-13 14:48 -------- d-----w- c:\program files\DVBViewer
2009-09-13 14:41 . 2009-09-13 14:41 -------- d-----w- c:\program files\Real Alternative
2009-09-13 14:41 . 2009-09-13 14:41 -------- d-----w- c:\documents and settings\EMY\Local Settings\Application Data\Real
2009-09-13 14:39 . 2009-09-23 20:50 -------- d-----w- c:\program files\The KMPlayer
2009-09-13 14:33 . 2009-09-13 14:33 -------- d-----w- c:\program files\ACD Systems
2009-09-13 14:31 . 2009-09-13 14:32 -------- d-----w- C:\ProgDVB
2009-09-13 14:26 . 2009-09-25 11:04 18256 ----a-w- c:\documents and settings\EMY\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-09-13 14:19 . 2009-09-13 14:19 -------- d-----w- c:\documents and settings\EMY\Application Data\ESET
2009-09-13 14:18 . 2009-09-13 14:18 -------- d-----w- c:\program files\ESET
2009-09-13 14:18 . 2009-09-13 14:18 -------- d-----w- c:\documents and settings\All Users\Application Data\ESET
2009-09-13 13:56 . 2009-09-28 08:15 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2009-09-13 13:56 . 2009-09-28 08:14 -------- d-----w- c:\documents and settings\EMY\Application Data\VideoReDo-TVSuite
2009-09-13 13:56 . 2009-09-13 13:56 -------- d-----w- c:\program files\VideoReDoTVSuite
2009-09-13 13:34 . 2007-03-07 23:51 129784 ------w- c:\windows\system32\pxafs.dll
2009-09-13 13:34 . 2009-09-13 13:45 -------- d-----w- c:\documents and settings\EMY\Application Data\Winamp
2009-09-13 13:34 . 2009-09-13 13:45 -------- d-----w- c:\program files\Winamp
2009-09-13 13:32 . 2009-09-13 13:32 -------- d-----w- c:\program files\MSECache
2009-09-13 04:06 . 2001-08-17 13:59 3072 ----a-w- c:\windows\system32\drivers\audstub.sys
2009-09-13 04:05 . 2008-04-14 05:41 21504 ----a-w- c:\windows\system32\hidserv.dll
2009-09-13 04:05 . 2008-04-14 00:10 57600 ----a-w- c:\windows\system32\drivers\redbook.sys
2009-09-13 04:04 . 2008-04-14 03:42 74240 -c--a-w- c:\windows\system32\dllcache\usbui.dll
2009-09-13 04:04 . 2008-04-14 03:42 74240 ----a-w- c:\windows\system32\usbui.dll
2009-09-13 04:02 . 2008-04-14 12:00 7168 -c--a-w- c:\windows\system32\dllcache\kbdcz.dll
2009-09-13 04:00 . 2009-09-29 21:56 -------- d-----w- c:\windows\system32\CatRoot2
2009-09-13 04:00 . 2009-09-13 04:00 -------- d-----w- c:\windows\system32\CatRoot
2009-09-13 04:00 . 2009-09-29 12:33 -------- d--h--w- c:\documents and settings\Default User
2009-09-13 04:00 . 2009-09-13 14:55 -------- d-----w- c:\documents and settings\All Users
2009-09-13 04:00 . 2009-09-13 02:22 -------- d-----w- C:\Documents and Settings

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-09-27 22:12 . 2009-09-13 02:58 -------- d-----w- c:\program files\DVBViewerTE
2009-09-27 22:12 . 2009-09-13 02:35 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-09-25 10:40 . 2009-09-13 03:52 -------- d-----w- c:\program files\Common Files\Adobe
2009-09-21 17:03 . 2009-09-13 02:35 -------- d-----w- c:\program files\Common Files\InstallShield
2009-09-13 15:45 . 2009-09-13 15:45 -------- d-----w- c:\documents and settings\All Users\Application Data\TerraTec
2009-09-13 14:47 . 2009-09-13 02:58 -------- d-----w- c:\documents and settings\All Users\Application Data\CMUV
2009-09-13 03:50 . 2009-09-13 03:50 -------- d-----w- c:\program files\K-Lite Codec Pack
2009-09-13 03:49 . 2009-09-13 03:49 0 ----a-w- c:\windows\nsreg.dat
2009-09-13 03:10 . 2009-09-13 03:10 664 ----a-w- c:\windows\system32\d3d9caps.dat
2009-09-13 02:58 . 2009-09-13 02:58 -------- d-----w- c:\documents and settings\All Users\Application Data\Technisat
2009-09-13 02:58 . 2009-09-13 02:58 -------- d-----w- c:\program files\MainConcept
2009-09-13 02:56 . 2009-09-13 02:56 -------- d-----w- c:\program files\AGEIA Technologies
2009-09-13 02:56 . 2009-09-13 02:56 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2009-09-13 02:39 . 2009-09-13 02:39 -------- d-----w- c:\program files\Realtek
2009-09-13 02:35 . 2009-09-13 02:35 -------- d-----w- c:\program files\Analog Devices
2009-09-13 02:32 . 2009-09-13 02:32 -------- d-----w- c:\program files\Intel
2009-09-13 02:14 . 2009-09-13 02:14 -------- d-----w- c:\program files\microsoft frontpage
2009-09-13 02:11 . 2009-09-13 02:11 21640 ----a-w- c:\windows\system32\emptyregdb.dat
2009-07-14 10:04 . 2009-07-14 10:04 344064 ----a-w- c:\windows\system32\msvcr70.dll
2009-07-14 10:04 . 2009-07-14 10:04 83448 ----a-w- c:\windows\system32\CddbLangJA.dll
2009-07-14 10:04 . 2009-07-14 10:04 808440 ----a-w- c:\windows\system32\CDDBUI.dll
2009-07-14 10:04 . 2009-07-14 10:04 796152 ----a-w- c:\windows\system32\CDDBControl.dll
2009-07-14 10:04 . 2009-07-14 10:04 108024 ----a-w- c:\windows\system32\CddbLangIT.dll
2009-07-14 10:04 . 2009-07-14 10:04 103928 ----a-w- c:\windows\system32\CddbLangNL.dll
2009-07-14 10:04 . 2009-07-14 10:04 103928 ----a-w- c:\windows\system32\CddbLangFR.dll
2009-07-14 10:04 . 2009-07-14 10:04 103928 ----a-w- c:\windows\system32\CddbLangES.dll
2009-07-14 10:04 . 2009-07-14 10:04 103928 ----a-w- c:\windows\system32\CddbLangDE.dll
.

(((((((((((((((((((((((((((((((((((((((((((( Look )))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
---- Directory of c:\windows\AutoREGs ----


---- Directory of c:\windows\Backups ----

2009-09-26 15:14 . 2009-09-26 15:14 915 ----a-w- c:\windows\Backups\[20090926171426].reg
2009-09-26 15:13 . 2009-09-26 15:13 2299 ----a-w- c:\windows\Backups\[20090926171359].reg
2009-09-26 15:13 . 2009-09-26 15:13 18796 ----a-w- c:\windows\Backups\[20090926171349].reg


((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}]
2008-07-17 15:20 279944 ----a-w- c:\program files\AskBarDis\bar\bin\askBar.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{3041d03e-fd4b-44e0-b742-2d9b88305f98}"= "c:\program files\AskBarDis\bar\bin\askBar.dll" [2008-07-17 279944]

[HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}]
[HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"="c:\program files\uTorrent\uTorrent.exe" [2009-09-13 288048]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2008-04-14 1695232]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2006-12-18 868352]
"JMB36X IDE Setup"="c:\windows\JM\JMInsIDE.exe" [2006-10-30 36864]
"JMB36X Configure"="c:\windows\system32\JMRaidSetup.exe" [2006-10-30 1953792]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-12-25 13680640]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-12-25 86016]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2009-05-14 2029640]
"AdobeCS4ServiceManager"="c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2008-08-14 611712]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-05-26 413696]
"nwiz"="nwiz.exe" - c:\windows\system32\nwiz.exe [2008-12-25 1657376]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\EMY\Start Menu\Programs\Startup\
AutoHotkey.lnk - c:\program files\AutoHotkey\AutoHotkey.exe [2007-11-21 240128]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
Server4PC.lnk - c:\program files\TechniSat DVB\bin\Server4PC.exe [2009-9-28 338448]

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"UpdatesDisableNotify"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\TerraTec\\TerraTec Home Cinema\\CinergyDvr.exe"=
"c:\\Program Files\\TerraTec\\TerraTec Home Cinema\\CinergyDvrUpdate\\CinergyDVRUp_Date.exe"=
"c:\\Program Files\\Common Files\\Adobe\\CS4ServiceManager\\CS4ServiceManager.exe"=
"c:\\Program Files\\TerraTec\\TerraTec Home Cinema\\CinergyDvrHelper.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5353:TCP"= 5353:TCP:Adobe CSI CS4

R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [5/14/2009 3:47 PM 107256]
R2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [5/14/2009 3:47 PM 731840]
R3 3xHybrid;TerraTec BDA capture service;c:\windows\system32\drivers\3xHybrid.sys [4/15/2005 5:50 AM 908160]
.
.
------- Supplementary Scan -------
.
IE: En&queue current page with BID - file://c:\program files\Bulk Image Downloader\iemenu\iebidqueue.htm
IE: Enqueue link tar&get with BID - file://c:\program files\Bulk Image Downloader\iemenu\iebidlinkqueue.htm
IE: Open &link target with BID - file://c:\program files\Bulk Image Downloader\iemenu\iebidlink.htm
IE: Open current page with BI&D - file://c:\program files\Bulk Image Downloader\iemenu\iebid.htm
IE: Open current page with BID Link Explorer - file://c:\program files\Bulk Image Downloader\iemenu\iebidlinkexplorer.htm
FF - ProfilePath - c:\documents and settings\EMY\Application Data\Mozilla\Firefox\Profiles\0nyhknli.default\
FF - prefs.js: browser.startup.homepage - www.google.com
.
- - - - ORPHANS REMOVED - - - -

AddRemove-Native Instruments Massive v1.0.1.008 - c:\progra~1\NATIVE~1\Massive\UNWISE.EXE



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-09-30 00:00
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\software\ESET\ESET Security\CurrentVersion\Info]
@Denied: (2) (LocalSystem)
"PackageTag"=dword:6090e758
"AppDataDir"="c:\\Documents and Settings\\All Users\\Application Data\\ESET\\ESET Smart Security\\"
"DataDir"="ESET\\ESET Smart Security\\"
"EditionName"="BUSINESS EDITION"
"InstallDir"="c:\\Program Files\\ESET\\ESET Smart Security\\"
"LanguageId"=dword:00000409
"ProductBase"=dword:00000001
"ProductCode"="{71CBF9BB-7E07-4A9D-BF30-84C11810B242}"
"ProductName"="ESET Smart Security"
"ProductType"="essbe"
"ProductVersion"="4.0.437.0"
"UniqueId"="008FBB694AACFF67"
"ScannerBuild"=dword:00001329
"ScannerVersionId"=dword:00000feb
"ScannerVersion"="Open window for status."
"FixId"=dword:00000005
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(920)
c:\program files\Common Files\Adobe\Adobe Drive CS4\AdobeDriveCS4_NP.dll
.
Completion time: 2009-09-29 0:02
ComboFix-quarantined-files.txt 2009-09-29 22:02
ComboFix2.txt 2009-09-29 12:33

Pre-Run: 160.446.787.584 bytes free
Post-Run: 160.416.186.368 bytes free

272

Ista procedura sa ovim fajlom, ugasi AV.

Evo novi log:

ComboFix 09-09-28.01 - EMY 30.09.2009 10:11.3.2 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1251.389.1033.18.2047.1688 [GMT 2:00]
Running from: c:\documents and settings\EMY\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\EMY\Desktop\CFScript.txt
AV: ESET Smart Security 4.0 *On-access scanning disabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: ESET Personal firewall *enabled* {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0}

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\program files\AskBarDis
c:\program files\AskBarDis\bar\bin\askBar.dll
c:\program files\AskBarDis\bar\bin\askPopStp.dll
c:\program files\AskBarDis\bar\bin\psvince.dll
c:\program files\AskBarDis\bar\Settings\config.dat
c:\program files\AskBarDis\bar\Settings\config.dat.bak
c:\program files\AskBarDis\unins000.dat
c:\program files\AskBarDis\unins000.exe
c:\windows\AutoREGs
c:\windows\Backups
c:\windows\Backups\[20090926171349].reg
c:\windows\Backups\[20090926171359].reg
c:\windows\Backups\[20090926171426].reg

.
((((((((((((((((((((((((( Files Created from 2009-08-28 to 2009-09-30 )))))))))))))))))))))))))))))))
.

2009-09-29 13:45 . 2009-09-29 13:45 -------- d-----w- c:\documents and settings\EMY\Local Settings\Application Data\ESET
2009-09-27 22:31 . 2009-09-27 22:39 -------- d-----w- c:\program files\ProgDVB
2009-09-27 22:12 . 2009-09-27 22:13 -------- d-----w- c:\program files\TechniSat DVB
2009-09-27 11:55 . 2009-09-11 05:47 551824 ----a-w- c:\windows\system32\drivers\SkyNetBDA.sys
2009-09-26 14:22 . 2008-06-29 19:48 311128 ----a-w- c:\windows\system32\libssl32.dll
2009-09-26 14:22 . 2008-06-29 19:48 1526468 ----a-w- c:\windows\system32\libeay32.dll
2009-09-26 13:17 . 2009-09-28 07:10 -------- d-----w- c:\documents and settings\EMY\Application Data\BID
2009-09-26 13:17 . 2009-09-26 13:23 -------- d-----w- c:\program files\Bulk Image Downloader
2009-09-25 16:44 . 2009-09-25 16:44 -------- d-----w- c:\program files\EPSON
2009-09-25 16:43 . 2009-09-25 16:43 -------- d-----w- c:\documents and settings\All Users\Application Data\EPSON
2009-09-25 16:43 . 2004-09-10 20:12 49152 ----a-w- c:\windows\system32\E_DCINST.DLL
2009-09-25 16:43 . 2006-12-08 02:04 76800 ----a-w- c:\windows\system32\E_FLBCCE.DLL
2009-09-25 16:43 . 2006-04-19 02:00 62976 ----a-w- c:\windows\system32\E_FD4BCCE.DLL
2009-09-25 16:41 . 2008-04-13 22:17 25856 -c--a-w- c:\windows\system32\dllcache\usbprint.sys
2009-09-25 16:41 . 2008-04-13 22:17 25856 ----a-w- c:\windows\system32\drivers\usbprint.sys
2009-09-25 13:31 . 2009-09-25 13:31 -------- d-----w- c:\program files\The Tetris Game
2009-09-25 13:20 . 2009-09-25 13:20 -------- d-----w- c:\documents and settings\EMY\Application Data\Publish Providers
2009-09-25 13:18 . 2009-09-25 13:20 -------- d-----w- c:\documents and settings\EMY\Application Data\Sony
2009-09-25 13:18 . 2009-09-25 13:18 -------- d-----w- c:\documents and settings\EMY\Local Settings\Application Data\Sony
2009-09-25 13:16 . 2009-09-25 13:16 -------- d-----w- c:\documents and settings\All Users\Application Data\Sony
2009-09-25 13:16 . 2009-09-25 13:16 -------- d-----w- c:\program files\Sony
2009-09-25 13:13 . 2009-09-25 13:15 -------- d-----w- c:\windows\system32\drivers\UMDF
2009-09-25 13:13 . 2009-09-25 13:13 -------- d-----w- c:\windows\system32\LogFiles
2009-09-25 13:13 . 2006-09-15 23:05 23856 ----a-w- c:\windows\system32\spupdsvc.exe
2009-09-25 13:12 . 2009-09-25 13:12 -------- d-----w- C:\WMSDK
2009-09-25 13:05 . 2009-09-25 13:05 -------- d-----w- c:\documents and settings\All Users\Application Data\CHL Pack
2009-09-25 11:36 . 2004-03-29 14:23 90112 ----a-w- c:\windows\unvise32.exe
2009-09-25 11:24 . 2009-09-25 11:24 -------- d-----w- c:\documents and settings\EMY\Application Data\Apple Computer
2009-09-25 11:22 . 2009-09-25 11:22 -------- d-----w- c:\program files\QuickTime
2009-09-25 11:22 . 2009-09-25 11:24 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple Computer
2009-09-25 11:22 . 2009-09-25 11:22 -------- d-----w- c:\documents and settings\EMY\Local Settings\Application Data\Apple
2009-09-25 11:22 . 2009-09-25 11:22 -------- d-----w- c:\program files\Apple Software Update
2009-09-25 11:22 . 2009-09-25 11:22 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple
2009-09-25 11:21 . 2009-09-25 11:21 -------- d-----w- c:\documents and settings\EMY\Local Settings\Application Data\Apple Computer
2009-09-25 11:04 . 2009-09-25 11:04 -------- d-----w- c:\documents and settings\All Users\Application Data\FLEXnet
2009-09-25 10:47 . 2009-09-25 10:47 -------- d-----w- c:\documents and settings\All Users\Application Data\ALM
2009-09-25 10:36 . 2009-09-25 10:36 -------- d-----w- c:\program files\Common Files\Adobe AIR
2009-09-25 10:31 . 2009-09-25 10:31 -------- d-----w- c:\program files\Common Files\Macrovision Shared
2009-09-24 17:53 . 2009-09-24 17:53 -------- d-----w- c:\documents and settings\EMY\Application Data\Nero
2009-09-24 12:22 . 2009-09-24 12:22 -------- d-----w- c:\documents and settings\EMY\Application Data\AdobeUM
2009-09-24 12:22 . 2009-09-25 11:19 -------- d-----w- c:\documents and settings\EMY\Local Settings\Application Data\Adobe
2009-09-24 12:20 . 2009-09-24 12:20 -------- d-----w- c:\windows\Cache
2009-09-23 20:49 . 2009-09-23 20:49 -------- d-----w- c:\documents and settings\EMY\Application Data\Media Player Classic
2009-09-23 12:04 . 2009-09-23 12:04 -------- d-----w- c:\program files\Microsoft WSE
2009-09-23 12:02 . 2006-09-28 14:05 2414360 ----a-w- c:\windows\system32\d3dx9_31.dll
2009-09-23 12:02 . 2009-09-23 12:02 -------- d-----w- c:\windows\Logs
2009-09-23 11:58 . 2009-09-23 11:58 -------- d-----w- c:\program files\Electronic Arts
2009-09-23 11:56 . 2009-09-23 11:56 -------- d-----w- c:\program files\Common Files\EZB Systems
2009-09-23 11:56 . 2009-09-23 11:56 -------- d-----w- c:\program files\UltraISO
2009-09-23 11:45 . 2009-09-23 11:45 -------- d-----w- c:\program files\zabkat
2009-09-21 17:27 . 2009-09-21 17:27 -------- d--h--w- c:\windows\PIF
2009-09-21 13:11 . 2009-09-21 13:11 -------- d-----w- c:\documents and settings\EMY\Local Settings\Application Data\GlobalSCAPE
2009-09-21 13:11 . 2009-09-21 13:11 -------- d-----w- c:\documents and settings\All Users\Application Data\GlobalSCAPE
2009-09-21 12:08 . 2009-09-21 17:01 -------- d-----w- c:\documents and settings\EMY\Application Data\GlobalSCAPE
2009-09-21 12:08 . 2009-09-21 13:06 -------- d-----w- c:\program files\GlobalSCAPE
2009-09-14 06:59 . 2009-09-14 06:59 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Application Data\ESET
2009-09-13 23:29 . 2008-04-13 22:15 26368 -c--a-w- c:\windows\system32\dllcache\usbstor.sys
2009-09-13 18:11 . 2009-09-29 11:37 -------- d-----w- C:\Video
2009-09-13 16:22 . 2006-03-17 12:49 368640 ----a-w- c:\windows\system32\TwnLib4.dll
2009-09-13 16:22 . 2006-03-17 09:45 802816 ----a-w- c:\windows\system32\imagXRA7.dll
2009-09-13 16:22 . 2006-03-17 09:45 497296 ----a-w- c:\windows\system32\imagXpr7.dll
2009-09-13 16:22 . 2006-03-17 09:45 258048 ----a-w- c:\windows\system32\imagXR7.dll
2009-09-13 16:22 . 2006-03-17 09:45 1757184 ----a-w- c:\windows\system32\imagX7.dll
2009-09-13 16:22 . 2009-09-13 16:22 -------- d-----w- c:\program files\Nero
2009-09-13 16:22 . 2009-09-13 16:22 -------- d-----w- c:\program files\Common Files\Nero
2009-09-13 16:22 . 2009-09-13 16:22 -------- d-----w- c:\documents and settings\All Users\Application Data\Nero
2009-09-13 15:44 . 2009-09-27 21:31 -------- d-----w- c:\program files\Common Files\TerraTec
2009-09-13 15:44 . 2009-09-13 15:44 -------- d-----w- c:\program files\TerraTec
2009-09-13 15:44 . 2009-09-27 21:04 -------- d-----w- c:\documents and settings\EMY\Application Data\TerraTec
2009-09-13 15:41 . 2009-09-13 15:41 -------- d-----w- c:\program files\uTorrent
2009-09-13 15:41 . 2009-09-30 08:08 -------- d-----w- c:\documents and settings\EMY\Application Data\uTorrent
2009-09-13 15:23 . 2009-09-13 15:23 -------- d-----w- c:\program files\ASIO4ALL v2
2009-09-13 15:22 . 2009-09-13 15:22 -------- d-----w- c:\program files\Outsim
2009-09-13 15:21 . 2009-09-13 15:22 -------- d-----w- c:\program files\Image-Line
2009-09-13 15:10 . 2009-09-13 15:10 -------- dc-h--w- c:\documents and settings\All Users\Application Data\{C2686527-0D57-4F0B-ADAB-EE203CA30FC6}
2009-09-13 15:09 . 2009-09-13 15:09 -------- dc-h--w- c:\documents and settings\All Users\Application Data\{A397AF63-B3A1-40DF-AA85-5C5368304B60}
2009-09-13 15:05 . 2009-09-13 15:05 -------- d-----w- c:\documents and settings\EMY\Local Settings\Application Data\Native Instruments
2009-09-13 15:00 . 2009-09-13 15:22 -------- d-----w- c:\program files\Vstplugins
2009-09-13 14:58 . 2009-09-13 15:09 -------- d-----w- c:\program files\Common Files\Native Instruments
2009-09-13 14:58 . 2009-09-13 15:09 -------- d-----w- c:\program files\Native Instruments
2009-09-13 14:55 . 2009-09-13 14:55 -------- d-----w- c:\windows\ShellNew
2009-09-13 14:55 . 2009-09-13 14:55 -------- d-----w- c:\program files\AutoHotkey
2009-09-13 14:55 . 2009-09-13 14:55 -------- d--h--w- c:\windows\system32\GroupPolicy
2009-09-13 14:47 . 2009-09-13 14:48 -------- d-----w- c:\program files\DVBViewer
2009-09-13 14:41 . 2009-09-13 14:41 -------- d-----w- c:\program files\Real Alternative
2009-09-13 14:41 . 2009-09-13 14:41 -------- d-----w- c:\documents and settings\EMY\Local Settings\Application Data\Real
2009-09-13 14:39 . 2009-09-23 20:50 -------- d-----w- c:\program files\The KMPlayer
2009-09-13 14:33 . 2009-09-13 14:33 -------- d-----w- c:\program files\ACD Systems
2009-09-13 14:31 . 2009-09-13 14:32 -------- d-----w- C:\ProgDVB
2009-09-13 14:26 . 2009-09-25 11:04 18256 ----a-w- c:\documents and settings\EMY\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-09-13 14:19 . 2009-09-13 14:19 -------- d-----w- c:\documents and settings\EMY\Application Data\ESET
2009-09-13 14:18 . 2009-09-13 14:18 -------- d-----w- c:\program files\ESET
2009-09-13 14:18 . 2009-09-13 14:18 -------- d-----w- c:\documents and settings\All Users\Application Data\ESET
2009-09-13 13:56 . 2009-09-28 08:15 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2009-09-13 13:56 . 2009-09-28 08:14 -------- d-----w- c:\documents and settings\EMY\Application Data\VideoReDo-TVSuite
2009-09-13 13:56 . 2009-09-13 13:56 -------- d-----w- c:\program files\VideoReDoTVSuite
2009-09-13 13:34 . 2007-03-07 23:51 129784 ------w- c:\windows\system32\pxafs.dll
2009-09-13 13:34 . 2009-09-13 13:45 -------- d-----w- c:\documents and settings\EMY\Application Data\Winamp
2009-09-13 13:34 . 2009-09-13 13:45 -------- d-----w- c:\program files\Winamp
2009-09-13 13:32 . 2009-09-13 13:32 -------- d-----w- c:\program files\MSECache
2009-09-13 04:06 . 2001-08-17 13:59 3072 ----a-w- c:\windows\system32\drivers\audstub.sys
2009-09-13 04:05 . 2008-04-14 05:41 21504 ----a-w- c:\windows\system32\hidserv.dll
2009-09-13 04:05 . 2008-04-14 00:10 57600 ----a-w- c:\windows\system32\drivers\redbook.sys
2009-09-13 04:04 . 2008-04-14 03:42 74240 -c--a-w- c:\windows\system32\dllcache\usbui.dll
2009-09-13 04:04 . 2008-04-14 03:42 74240 ----a-w- c:\windows\system32\usbui.dll
2009-09-13 04:02 . 2008-04-14 12:00 7168 -c--a-w- c:\windows\system32\dllcache\kbdcz.dll
2009-09-13 04:00 . 2009-09-30 08:11 -------- d-----w- c:\windows\system32\CatRoot2
2009-09-13 04:00 . 2009-09-13 04:00 -------- d-----w- c:\windows\system32\CatRoot
2009-09-13 04:00 . 2009-09-29 12:33 -------- d--h--w- c:\documents and settings\Default User
2009-09-13 04:00 . 2009-09-13 14:55 -------- d-----w- c:\documents and settings\All Users
2009-09-13 04:00 . 2009-09-13 02:22 -------- d-----w- C:\Documents and Settings

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-09-27 22:12 . 2009-09-13 02:58 -------- d-----w- c:\program files\DVBViewerTE
2009-09-27 22:12 . 2009-09-13 02:35 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-09-25 10:40 . 2009-09-13 03:52 -------- d-----w- c:\program files\Common Files\Adobe
2009-09-21 17:03 . 2009-09-13 02:35 -------- d-----w- c:\program files\Common Files\InstallShield
2009-09-13 15:45 . 2009-09-13 15:45 -------- d-----w- c:\documents and settings\All Users\Application Data\TerraTec
2009-09-13 14:47 . 2009-09-13 02:58 -------- d-----w- c:\documents and settings\All Users\Application Data\CMUV
2009-09-13 03:50 . 2009-09-13 03:50 -------- d-----w- c:\program files\K-Lite Codec Pack
2009-09-13 03:49 . 2009-09-13 03:49 0 ----a-w- c:\windows\nsreg.dat
2009-09-13 03:10 . 2009-09-13 03:10 664 ----a-w- c:\windows\system32\d3d9caps.dat
2009-09-13 02:58 . 2009-09-13 02:58 -------- d-----w- c:\documents and settings\All Users\Application Data\Technisat
2009-09-13 02:58 . 2009-09-13 02:58 -------- d-----w- c:\program files\MainConcept
2009-09-13 02:56 . 2009-09-13 02:56 -------- d-----w- c:\program files\AGEIA Technologies
2009-09-13 02:56 . 2009-09-13 02:56 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2009-09-13 02:39 . 2009-09-13 02:39 -------- d-----w- c:\program files\Realtek
2009-09-13 02:35 . 2009-09-13 02:35 -------- d-----w- c:\program files\Analog Devices
2009-09-13 02:32 . 2009-09-13 02:32 -------- d-----w- c:\program files\Intel
2009-09-13 02:14 . 2009-09-13 02:14 -------- d-----w- c:\program files\microsoft frontpage
2009-09-13 02:11 . 2009-09-13 02:11 21640 ----a-w- c:\windows\system32\emptyregdb.dat
2009-07-14 10:04 . 2009-07-14 10:04 344064 ----a-w- c:\windows\system32\msvcr70.dll
2009-07-14 10:04 . 2009-07-14 10:04 83448 ----a-w- c:\windows\system32\CddbLangJA.dll
2009-07-14 10:04 . 2009-07-14 10:04 808440 ----a-w- c:\windows\system32\CDDBUI.dll
2009-07-14 10:04 . 2009-07-14 10:04 796152 ----a-w- c:\windows\system32\CDDBControl.dll
2009-07-14 10:04 . 2009-07-14 10:04 108024 ----a-w- c:\windows\system32\CddbLangIT.dll
2009-07-14 10:04 . 2009-07-14 10:04 103928 ----a-w- c:\windows\system32\CddbLangNL.dll
2009-07-14 10:04 . 2009-07-14 10:04 103928 ----a-w- c:\windows\system32\CddbLangFR.dll
2009-07-14 10:04 . 2009-07-14 10:04 103928 ----a-w- c:\windows\system32\CddbLangES.dll
2009-07-14 10:04 . 2009-07-14 10:04 103928 ----a-w- c:\windows\system32\CddbLangDE.dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"="c:\program files\uTorrent\uTorrent.exe" [2009-09-13 288048]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2006-12-18 868352]
"JMB36X IDE Setup"="c:\windows\JM\JMInsIDE.exe" [2006-10-30 36864]
"JMB36X Configure"="c:\windows\system32\JMRaidSetup.exe" [2006-10-30 1953792]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-12-25 13680640]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-12-25 86016]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2009-05-14 2029640]
"AdobeCS4ServiceManager"="c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2008-08-14 611712]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-05-26 413696]
"nwiz"="nwiz.exe" - c:\windows\system32\nwiz.exe [2008-12-25 1657376]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\EMY\Start Menu\Programs\Startup\
AutoHotkey.lnk - c:\program files\AutoHotkey\AutoHotkey.exe [2007-11-21 240128]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
Server4PC.lnk - c:\program files\TechniSat DVB\bin\Server4PC.exe [2009-9-28 338448]

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"UpdatesDisableNotify"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\TerraTec\\TerraTec Home Cinema\\CinergyDvr.exe"=
"c:\\Program Files\\TerraTec\\TerraTec Home Cinema\\CinergyDvrUpdate\\CinergyDVRUp_Date.exe"=
"c:\\Program Files\\Common Files\\Adobe\\CS4ServiceManager\\CS4ServiceManager.exe"=
"c:\\Program Files\\TerraTec\\TerraTec Home Cinema\\CinergyDvrHelper.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5353:TCP"= 5353:TCP:Adobe CSI CS4

R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [5/14/2009 3:47 PM 107256]
R2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [5/14/2009 3:47 PM 731840]
R3 3xHybrid;TerraTec BDA capture service;c:\windows\system32\drivers\3xHybrid.sys [4/15/2005 5:50 AM 908160]
.
.
------- Supplementary Scan -------
.
IE: En&queue current page with BID - file://c:\program files\Bulk Image Downloader\iemenu\iebidqueue.htm
IE: Enqueue link tar&get with BID - file://c:\program files\Bulk Image Downloader\iemenu\iebidlinkqueue.htm
IE: Open &link target with BID - file://c:\program files\Bulk Image Downloader\iemenu\iebidlink.htm
IE: Open current page with BI&D - file://c:\program files\Bulk Image Downloader\iemenu\iebid.htm
IE: Open current page with BID Link Explorer - file://c:\program files\Bulk Image Downloader\iemenu\iebidlinkexplorer.htm
FF - ProfilePath - c:\documents and settings\EMY\Application Data\Mozilla\Firefox\Profiles\0nyhknli.default\
FF - prefs.js: browser.startup.homepage - www.google.com
.
- - - - ORPHANS REMOVED - - - -

AddRemove-Ask Toolbar_is1 - c:\program files\AskBarDis\unins000.exe
AddRemove-Native Instruments Massive v1.0.1.008 - c:\progra~1\NATIVE~1\Massive\UNWISE.EXE



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-09-30 10:14
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\software\ESET\ESET Security\CurrentVersion\Info]
@Denied: (2) (LocalSystem)
"PackageTag"=dword:6090e758
"AppDataDir"="c:\\Documents and Settings\\All Users\\Application Data\\ESET\\ESET Smart Security\\"
"DataDir"="ESET\\ESET Smart Security\\"
"EditionName"="BUSINESS EDITION"
"InstallDir"="c:\\Program Files\\ESET\\ESET Smart Security\\"
"LanguageId"=dword:00000409
"ProductBase"=dword:00000001
"ProductCode"="{71CBF9BB-7E07-4A9D-BF30-84C11810B242}"
"ProductName"="ESET Smart Security"
"ProductType"="essbe"
"ProductVersion"="4.0.437.0"
"UniqueId"="008FBB694AACFF67"
"ScannerBuild"=dword:00001329
"ScannerVersionId"=dword:00000feb
"ScannerVersion"="Open window for status."
"FixId"=dword:00000005
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(920)
c:\program files\Common Files\Adobe\Adobe Drive CS4\AdobeDriveCS4_NP.dll
.
Completion time: 2009-09-30 10:16
ComboFix-quarantined-files.txt 2009-09-30 08:16
ComboFix2.txt 2009-09-29 22:02
ComboFix3.txt 2009-09-29 12:33

Pre-Run: 160.480.038.912 bytes free
Post-Run: 160.449.404.928 bytes free

264

Karemy, kazi ima li poboljsanja, posto je sada komp potpuno cist. Mislim da ne bi trebalo da imas vise problema.

Nazalost nema podobruvanje

Mozda je ipak problem u ram memorije.
Rekli su mi da je mozda problem u tome sto micron ram kartice su nekompatibilne sa asus maticne ploce
Meni je ovo bilo malo cudne jer kompjuter imam skoro 2 godine i do pred 2-3 meseca nisam imala probleme

Klikni start, pa u run kucaj Combofix /u ok i sacekaj da se CF deinstalira.

U kom smislu ti komp radi sporo, da li se sporo startuje, da li uopste sporo radi, opisi mi problem, posto nije malware u pitanju.

Pokusaj da uklonis jedan ram modul. Ili skeniraj particije na greske (desni klik na particiju zatim tools zatim scan). Probaj Win 7 kao poslednju opciju. Takodje, probaj da stavis XP sp3 ili ako ga vec imas probaj da ga deinstaliras.

Kad pusti muziku ondak secka signal, cuje se krckanje
Kad pustim Tv secka signal ima zalenu sliku na ekran
Kad pustim neko video sa nekim player-om signal secka, ako ga ugasim i opet pustim na isto mesto (na pr.na 2 min) gde prije je bio los signal je uredu, a secka na drugo mesto

Neke programe se sporo startuju, ponekad i se uopste ne startuju

Imam dve ram kartice
Kad sam im smenila mesta
radio je dobro jedna nnedelja a zatim opet isti problem
Instalirala sal Xp Sp2, Sp3, win borg, leopard i opet isto


Pokusacu sa jednimu ram karticu, da vidim sta ce biti

Hvala

Kako si do sad opisala situaciju, imas problema sa Xp-om SP3. Konfiguraciju koju si rekla da imas ( dvoglavi intel sa dva giga rama) je i vise nego dovoljna da teras XP bez problema. A, vidim da su kolege ustanovile da racunar nije nicim zarazen, znaci problem nije do virusa. Razne varijante xp (borg, ultimate, leopard...itd.) znaju da prave dosta problema, zato ti predlazem da odradis cistu instalaciju sa nemodifikovanom verzijom. Slican problem je imao jedan moj kolega, ali je napravio pravu zbrku sa drajverima, zato lepo kad se digne sistem posle instalacije, prvo instaliras drajvere za maticnu plocu (cd koji si dobila sa kompjuterom), pa restart, pa onda drajvere za graficku, pa opet restart... Zatim instaliraj programe po zelji( najbolje se drzati pravila jedan program za jednu namenu), kodeke i sl.... Da bi oslobodila resurse, smanji startup na minimum, samo neophodne programe ostale odstikliraj. Za ovu namenu imas puno programa (Ccleaner, Tune up 2008), li i mscnofig ce da odradi posao. Takodje kad pokrnes neki program, i primetis simtome na koje se zalis - secka, koci - pritisni ctrl-alt-delete, pa u task medzeru pogledaj sta pravi problem, odnosno sta zauzima najvise memorije i procesora, pa ces dobiti odgovor sta ti koci komp.... Takodje antivirus samo jedan, avira moj predlog.....
Sto se tice morije, ako na nju sumnjas, izvadi jedan modul pa digni sistem pa vidi jel ima problema, pa operaciju ponovi sa drugim..... Mada tesko da ti je memorija posle dve godine postala nekopatibilna sa plocom, vise moze biti da je mozda jedan modul crko.....
Nadam, se da ce ti nesto od navedenog pomoci....ako ne javi pa cemo videti...

malena insraliraj kasperski antivirus i sveće biti ok