Problem sa skrivenim fajlovima i sa otvaranjem particija

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:46:31, on 7.3.2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\Common Files\Teleca Shared\Generic.exe
C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Bora\Desktop\New Folder\TR3.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [Link mogu videti samo ulogovani korisnici]
O1 - Hosts: 127.255.255.255 serial.alcohol-soft.com
O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll
O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll
O4 - HKLM\..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [Flashget] C:\Program Files\FlashGet\FlashGet.exe /min
O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [cdoosoft] C:\WINDOWS\system32\olhrwef.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
O8 - Extra context menu item: &Download All with FlashGet - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: &Download with FlashGet - C:\Program Files\FlashGet\jc_link.htm
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{9DED41BB-6C03-4B15-96AB-BB11C858A4CF}: NameServer = 80.74.164.249 80.74.160.26
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O21 - SSODL: UpdateCheck - {CABFBC0C-711D-47DF-AE1E-229FF14ABEB9} - C:\WINDOWS\system32\icmus.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe

--
End of file - 4487 bytes


E ovako imam problem sa tim da kad idem na Tools/Folder Options/View/ i stikliram "Show hidden files and folders" on mi ne prikaze skrivene fajlove i ovo sto je stiklirano vrati na "Do not show hidden files and folders" ... Menjao sam windows vise puta i opet ne radi (do sada kad mi se tako nesto desi , promenim windows i posle toga radi super ali sada nece)
A takodje imam problem i sa tim da kad otvorim My Computer i kada hocu da otvorim neku particiju on mi je otvara u novom prozoru (a takodje mi je u Tools/Folder Options/General/ stiklirano "Open each folder in the same window" ...

Da li moze neko da mi kaze sta da radim ???
jos jednom napominjem menjao sam wind nekoliko puta i opet nece da radi


hvala unapred


peace

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Pozdrav

* Pokreni ESET Smart Security/ESET NOD32 na sledeci nacin :
Start>All Programs>ESET>ESET Smart Security ili pak ESET NOD32 Antivirus(ukoliko koristis samo Antivirus resenje).

* Kada ti se otvori glavni prozor programa, klikni na Setup opciju sa leve strane prozora;
* Izaberi Antivirus and antispyware opciju i klikni na Temporarily disable Antivirus and antispyware protection.
* Na sledece pitanje klikni Yes.

Napomena: Ne zaboravi da ukljuciš ovu opciju po završetku cišcenja.


------------------------

Skini ComboFix sa jedne od sledecih adresa na Desktop:
[Link mogu videti samo ulogovani korisnici]
[Link mogu videti samo ulogovani korisnici]
[Link mogu videti samo ulogovani korisnici]

Startuj ga i ne diraj prozor programa dok skenira.
Sledi uputstva na ekranu. Kada zavrsi pojavice se log (C:\ComboFix.txt) koji ces nam ovde iskopirati.

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

ComboFix 09-03-06.02 - Bora 2009-03-07 23:02:27.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.2046.1573 [GMT 1:00]
Running from: c:\documents and settings\Bora\Desktop\ComboFix.exe
AV: ESET NOD32 Antivirus 3.0 *On-access scanning disabled* (Updated)
* Created a new restore point

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\a1agmur.cmd
C:\Autorun.inf
c:\windows\system32\nmdfgds0.dll
c:\windows\system32\nmdfgds1.dll
c:\windows\system32\olhrwef.exe
c:\windows\system32\wmcache.nld
D:\2u.com
D:\a1agmur.cmd
D:\Autorun.inf
E:\2u.com
E:\a1agmur.cmd
E:\Autorun.inf

.
((((((((((((((((((((((((( Files Created from 2009-02-07 to 2009-03-07 )))))))))))))))))))))))))))))))
.

2009-03-07 21:08 . 2009-03-07 21:08 <DIR> d-------- c:\program files\Alcohol Soft
2009-03-07 21:05 . 2009-03-07 21:05 715,248 --a------ c:\windows\system32\drivers\sptd.sys
2009-03-07 17:58 . 2009-03-07 17:59 754 --a------ c:\windows\WORDPAD.INI
2009-03-06 10:04 . 2006-03-13 17:35 89,872 -ra------ c:\windows\system32\drivers\k750mdm.sys
2009-03-06 10:04 . 2006-03-13 17:35 81,728 -ra------ c:\windows\system32\drivers\k750mgmt.sys
2009-03-06 10:04 . 2006-03-13 17:35 79,488 -ra------ c:\windows\system32\drivers\k750obex.sys
2009-03-06 10:04 . 2006-03-13 17:35 6,576 -ra------ c:\windows\system32\drivers\k750mdfl.sys
2009-03-06 10:04 . 2006-03-13 17:35 6,144 -ra------ c:\windows\system32\drivers\k750cmnt.sys
2009-03-06 10:04 . 2006-03-13 17:35 6,144 -ra------ c:\windows\system32\drivers\k750cm.sys
2009-03-06 10:03 . 2006-03-13 17:35 55,216 -ra------ c:\windows\system32\drivers\k750bus.sys
2009-03-06 10:03 . 2006-03-13 17:35 5,744 -ra------ c:\windows\system32\drivers\k750whnt.sys
2009-03-06 10:03 . 2006-03-13 17:35 5,744 -ra------ c:\windows\system32\drivers\k750wh.sys
2009-03-05 20:35 . 2006-09-18 14:59 90,800 -ra------ c:\windows\system32\drivers\se27unic.sys
2009-03-05 20:35 . 2006-09-18 14:58 88,688 -ra------ c:\windows\system32\drivers\SE27mgmt.sys
2009-03-05 20:35 . 2006-09-18 14:59 86,560 -ra------ c:\windows\system32\drivers\SE27obex.sys
2009-03-05 20:35 . 2006-09-18 14:59 18,704 -ra------ c:\windows\system32\drivers\se27nd5.sys
2009-03-05 20:35 . 2006-09-18 14:58 4,128 -ra------ c:\windows\system32\drivers\se27cr.sys
2009-03-05 20:34 . 2009-03-05 20:35 <DIR> d-------- c:\documents and settings\Bora\Application Data\Teleca
2009-03-05 20:34 . 2006-09-18 14:58 97,184 -ra------ c:\windows\system32\drivers\SE27mdm.sys
2009-03-05 20:34 . 2006-09-18 14:58 61,600 -ra------ c:\windows\system32\drivers\SE27bus.sys
2009-03-05 20:34 . 2006-09-18 14:58 9,360 -ra------ c:\windows\system32\drivers\SE27mdfl.sys
2009-03-05 20:34 . 2006-09-18 14:58 6,240 -ra------ c:\windows\system32\drivers\SE27cmnt.sys
2009-03-05 20:34 . 2006-09-18 14:58 6,240 -ra------ c:\windows\system32\drivers\SE27cm.sys
2009-03-05 20:34 . 2006-09-18 14:59 5,872 -ra------ c:\windows\system32\drivers\SE27whnt.sys
2009-03-05 20:34 . 2006-09-18 14:59 5,872 -ra------ c:\windows\system32\drivers\SE27wh.sys
2009-03-05 20:33 . 2009-03-05 20:33 <DIR> d-------- c:\documents and settings\Bora\Application Data\Sony Ericsson
2009-03-05 20:31 . 2009-03-05 20:32 <DIR> d----c--- c:\windows\system32\DRVSTORE
2009-03-05 20:31 . 2009-03-05 20:31 <DIR> d-------- c:\documents and settings\All Users\Application Data\Sony Ericsson
2009-03-05 20:30 . 2009-03-05 20:30 <DIR> d-------- c:\windows\Downloaded Installations
2009-03-05 20:30 . 2009-03-05 20:30 <DIR> d-------- c:\program files\Sony Ericsson
2009-03-05 20:30 . 2009-03-05 20:31 <DIR> d-------- c:\program files\Common Files\Teleca Shared
2009-03-05 20:30 . 2009-03-05 20:31 <DIR> d-------- c:\program files\Common Files\Sony Ericsson Shared
2009-03-05 20:30 . 2009-03-05 20:31 <DIR> d-------- c:\documents and settings\All Users\Application Data\Teleca
2009-03-05 14:26 . 2009-03-05 14:26 <DIR> d-------- c:\windows\Logs
2009-03-05 14:26 . 2009-03-07 16:47 138,464 --a------ c:\windows\system32\drivers\PnkBstrK.sys
2009-03-05 14:26 . 2009-03-05 14:26 22,328 --a------ c:\documents and settings\Bora\Application Data\PnkBstrK.sys
2009-03-05 14:25 . 2009-03-05 14:25 <DIR> d-------- c:\windows\system32\LogFiles
2009-03-05 14:25 . 2009-03-05 14:25 682,280 --a------ c:\windows\system32\pbsvc.exe
2009-03-05 14:25 . 2009-03-07 16:47 111,928 --a------ c:\windows\system32\PnkBstrB.exe
2009-03-05 14:25 . 2009-03-05 14:25 66,872 --a------ c:\windows\system32\PnkBstrA.exe
2009-03-05 14:13 . 2009-03-05 14:13 <DIR> d-------- c:\program files\Activision
2009-03-05 13:42 . 2009-03-05 13:42 <DIR> d-------- c:\documents and settings\Bora\Application Data\Leadertech
2009-03-05 00:41 . 2009-03-05 00:40 109,434 -r-hs---- C:\dbrxubcw.com
2009-03-05 00:38 . 2009-03-05 00:38 <DIR> d-------- c:\documents and settings\Bora\Application Data\CoSoSys
2009-03-03 12:56 . 2009-03-03 12:56 <DIR> d-------- c:\program files\SAGEM
2009-03-03 11:17 . 2009-03-03 11:24 139,264 --a------ c:\windows\War3Unin.exe
2009-03-03 11:17 . 2009-03-03 11:35 77,755 --a------ c:\windows\War3Unin.dat
2009-03-03 11:17 . 2009-03-03 11:24 2,829 --a------ c:\windows\War3Unin.pif
2009-03-03 11:14 . 2009-03-07 22:57 <DIR> d-------- c:\program files\Warcraft III
2009-03-02 22:48 . 2009-03-02 22:49 <DIR> d-------- c:\documents and settings\Bora\Application Data\DivX
2009-03-02 22:46 . 2009-03-02 22:47 <DIR> d-------- c:\program files\DivX
2009-03-02 21:59 . 2009-03-02 21:59 0 --a------ c:\windows\nsreg.dat
2009-03-02 21:29 . 2009-03-02 21:29 <DIR> d-------- c:\program files\NetCaptor
2009-03-02 21:29 . 2009-03-02 21:29 <DIR> d-------- c:\documents and settings\Bora\Application Data\Stilesoft
2009-03-02 21:04 . 2009-03-02 21:04 <DIR> d---s---- c:\documents and settings\Bora\UserData
2009-03-02 20:55 . 2009-03-02 20:55 <DIR> d-------- c:\program files\SUPERAntiSpyware
2009-03-02 20:55 . 2009-03-02 20:55 <DIR> d-------- c:\program files\Common Files\Wise Installation Wizard
2009-03-02 20:55 . 2009-03-02 20:55 <DIR> d-------- c:\documents and settings\Bora\Application Data\SUPERAntiSpyware.com
2009-03-02 20:55 . 2009-03-02 20:55 <DIR> d-------- c:\documents and settings\All Users\Application Data\SUPERAntiSpyware.com
2009-03-02 20:48 . 2004-08-18 15:00 114,688 -rahs---- c:\windows\system32\icmus.dll
2009-03-02 20:44 . 2009-03-07 21:08 <DIR> d-------- c:\program files\FlashGet
2009-03-02 20:44 . 2004-08-03 22:14 359,040 --a------ c:\windows\system32\drivers\tcpip.sys.flg
2009-03-02 20:43 . 2004-08-18 15:00 114,688 -rahs---- c:\windows\system32\itas.dll
2009-03-02 19:14 . 2004-08-18 15:00 114,688 -rahs---- c:\windows\system32\wedit.dll
2009-03-02 18:31 . 2009-03-02 18:31 <DIR> d--hs---- c:\windows\ftpcache

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-03-05 13:35 --------- d--h--w c:\program files\InstallShield Installation Information
2009-03-03 11:57 32 ----a-w c:\windows\system32\drivers\adidsl.cfg
2009-03-02 16:16 --------- d-----w c:\program files\ESET
2009-03-02 16:16 --------- d-----w c:\documents and settings\All Users\Application Data\ESET
2009-03-02 16:11 15,600 ----a-w c:\windows\gdrv.sys
2009-03-02 16:11 --------- d-----w c:\program files\Realtek
2009-03-02 16:11 --------- d-----w c:\documents and settings\Bora\Application Data\InstallShield
2009-03-02 16:08 315,392 ----a-w c:\windows\HideWin.exe
2009-03-02 16:03 --------- d-----w c:\documents and settings\Bora\Application Data\ATI
2009-03-02 16:03 --------- d-----w c:\documents and settings\All Users\Application Data\ATI
2009-03-02 16:01 --------- d-----w c:\program files\ATI Technologies
2009-03-02 15:59 --------- d-----w c:\program files\Common Files\InstallShield
2009-03-02 15:59 --------- d-----w c:\program files\Common Files\ATI Technologies
2009-03-02 15:48 --------- d-----w c:\program files\microsoft frontpage
2004-08-18 14:00 114,688 --sha-r c:\windows\system32\icmus.dll
2004-08-18 14:00 114,688 --sha-r c:\windows\system32\itas.dll
2004-08-18 14:00 114,688 --sha-r c:\windows\system32\wedit.dll
.

------- Sigcheck -------

2004-08-03 22:14 359040 9f4b36614a0fc234525ba224957de55c c:\windows\system32\dllcache\tcpip.sys
2004-08-03 22:14 359040 6a603809f598332dbedd535bdbce313e c:\windows\system32\drivers\tcpip.sys
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2004-08-03 15360]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2004-08-04 1667584]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2009-02-17 1830128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 90112]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2008-06-10 1447168]
"Flashget"="c:\program files\FlashGet\FlashGet.exe" [2007-09-25 2007088]
"Sony Ericsson PC Suite"="c:\program files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" [2006-11-24 487424]
"RTHDCPL"="RTHDCPL.EXE" [2007-07-05 c:\windows\RTHDCPL.exe]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-03 15360]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
DSLMON.lnk - c:\program files\SAGEM\SAGEM F@st 800-840\dslmon.exe [2009-03-03 1205840]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
"UpdateCheck"= {CABFBC0C-711D-47DF-AE1E-229FF14ABEB9} - c:\windows\system32\icmus.dll [2004-08-18 114688]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2008-12-22 11:05 356352 c:\program files\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001
"UpdatesDisableNotify"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\FlashGet\\flashget.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\Activision\\Call of Duty - World at War\\CoDWaWmp.exe"=
"c:\\Program Files\\Activision\\Call of Duty - World at War\\CoDWaW.exe"=
"c:\\Program Files\\Warcraft III\\Warcraft III.exe"=

R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [2008-06-10 34312]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [2009-02-17 8944]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [2009-02-17 55024]
R2 ekrn;Eset Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [2008-06-10 468224]
R3 e4usbaw;USB ADSL2 WAN Adapter;c:\windows\system32\drivers\e4usbaw.sys [2009-03-03 104344]
R3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [2009-02-17 7408]
S2 E4LOADER;General Purpose USB Driver (e4ldr.sys);c:\windows\system32\drivers\e4ldr.sys [2009-03-03 69656]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{3fda7b70-0a2e-11de-8c33-4d6564696130}]
\Shell\AutoRun\command - G:\
\Shell\open\Command - rundll32.exe .\\dsuec.dll,InstallM

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{7e3b16b2-07e1-11de-8c2b-4d6564696130}]
\Shell\AutoRun\command - G:\
\Shell\open\Command - rundll32.exe .\\msyuh.dll,InstallM

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ba33b118-0770-11de-8c28-4d6564696130}]
\Shell\AutoRun\command - G:\
\Shell\open\Command - rundll32.exe .\\mchgwcoi.dll,InstallM

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{dfc03ac3-0744-11de-8c24-ee690480a3e4}]
\Shell\AutoRun\command - H:\
\Shell\open\Command - rundll32.exe .\\mmidle.dll,InstallM
.
- - - - ORPHANS REMOVED - - - -

HKCU-Run-cdoosoft - c:\windows\system32\olhrwef.exe


.
------- Supplementary Scan -------
.
uStart Page = [Link mogu videti samo ulogovani korisnici]
IE: &Download All with FlashGet - c:\program files\FlashGet\jc_all.htm
IE: &Download with FlashGet - c:\program files\FlashGet\jc_link.htm
TCP: {9DED41BB-6C03-4B15-96AB-BB11C858A4CF} = 80.74.164.249 80.74.160.26
FF - ProfilePath - c:\documents and settings\Bora\Application Data\Mozilla\Firefox\Profiles\eynqv3gg.default\
FF - prefs.js: browser.startup.homepage - [Link mogu videti samo ulogovani korisnici]
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, [Link mogu videti samo ulogovani korisnici]
Rootkit scan 2009-03-07 23:05:06
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(728-)
c:\program files\SUPERAntiSpyware\SASWINLO.dll
c:\windows\system32\Ati2evxx.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\ati2evxx.exe
c:\windows\system32\ati2evxx.exe
c:\windows\system32\PnkBstrA.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
c:\program files\Common Files\Teleca Shared\Generic.exe
c:\program files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
.
**************************************************************************
.
Completion time: 2009-03-07 23:05:59 - machine was rebooted
ComboFix-quarantined-files.txt 2009-03-07 22:05:57

Pre-Run: 11.706.765.312 bytes free
Post-Run: 11,777,277,952 bytes free

WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe

216


evo uradio sam sve sto si reko ...

Dopuna: 08 Mar 2009 0:26

Upravo sam probao I SADA RADIIIIIIIIIIII!!!!!!!!!!!!!! E svaka ti cast )) alal ti vera znas li koliko sam se nerviro ...

Ako mogu kako da ti se oduzim reci ...

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Otvoriti Notepad i iskopirati sledeci tekst:

File::
C:\dbrxubcw.com

Registry::
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{3fda7b70-0a2e-11de-8c33-4d6564696130}]
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{7e3b16b2-07e1-11de-8c2b-4d6564696130}]
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ba33b118-0770-11de-8c28-4d6564696130}]
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{dfc03ac3-0744-11de-8c24-ee690480a3e4}]

Snimiti na Desktop fajl iz Notepada kao "CFScript"




Prevuci snimljeni skript/tekst na ComboFix ikonicu kao na slici.
Postaviti u sledecoj poruci log koji bude bio napravljen na kraju ciscenja/skeniranja.

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

ComboFix 09-03-06.02 - Bora 2009-03-09 1:09:39.2 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.2046.1514 [GMT 1:00]
Running from: e:\programi\Combofix\ComboFix.exe
Command switches used :: c:\documents and settings\Bora\Desktop\CFScript.txt
AV: ESET NOD32 Antivirus 3.0 *On-access scanning enabled* (Updated)
* Created a new restore point
* Resident AV is active


FILE ::
C:\dbrxubcw.com
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\dbrxubcw.com
c:\windows\system32\wmcache.nld
H:\2u.com
H:\a1agmur.cmd
H:\autorun.inf

.
((((((((((((((((((((((((( Files Created from 2009-02-09 to 2009-03-09 )))))))))))))))))))))))))))))))
.

2009-03-08 15:50 . 2004-08-03 23:01 25,856 --a------ c:\windows\system32\drivers\usbprint.sys
2009-03-08 15:50 . 2004-08-03 23:01 25,856 --a--c--- c:\windows\system32\dllcache\usbprint.sys
2009-03-08 15:44 . 2009-03-08 15:44 <DIR> d-------- c:\program files\Samsung ML-2010 Series
2009-03-08 15:44 . 2005-03-03 05:32 151,552 --a------ c:\windows\system32\SSCoInst.exe
2009-03-08 15:44 . 2005-03-03 11:09 57,344 --a------ c:\windows\system32\SSCoInst.dll
2009-03-08 15:44 . 2005-04-08 03:29 20,622 --a------ c:\windows\system32\SUGS2LMK.DLL
2009-03-08 15:44 . 2005-03-14 06:01 766 --------- c:\windows\Uninstall.ico
2009-03-08 15:44 . 2005-03-03 12:23 604 --a------ c:\windows\system32\SUGS2LMK.SMT
2009-03-08 15:43 . 2009-03-08 15:44 <DIR> d-------- c:\windows\Samsung
2009-03-08 15:43 . 2005-03-14 06:01 208,896 --------- c:\windows\system32\SSRemove.exe
2009-03-08 15:43 . 2005-03-14 06:01 41,984 --------- c:\windows\system32\drivers\DGIVECP.SYS
2009-03-08 15:43 . 2005-07-08 21:54 11,502 --------- c:\windows\system32\SP119.ICO
2009-03-08 14:32 . 2009-03-08 14:32 <DIR> d-------- c:\program files\MSBuild
2009-03-08 14:32 . 2009-03-08 14:32 <DIR> d-------- c:\program files\Microsoft Works
2009-03-08 14:32 . 2006-10-26 19:56 32,592 --a------ c:\windows\system32\msonpmon.dll
2009-03-08 14:31 . 2009-03-08 14:31 <DIR> d-------- c:\program files\Microsoft.NET
2009-03-08 14:29 . 2009-03-08 14:31 <DIR> d-------- c:\windows\SHELLNEW
2009-03-08 14:29 . 2009-03-08 14:29 <DIR> d-------- c:\program files\Microsoft Visual Studio 8
2009-03-08 14:28 . 2009-03-08 14:28 <DIR> dr-h----- C:\MSOCache
2009-03-08 14:28 . 2009-03-08 14:32 <DIR> d-------- c:\documents and settings\All Users\Application Data\Microsoft Help
2009-03-08 14:01 . 2009-03-08 14:01 319 --a------ c:\windows\game.ini
2009-03-08 13:51 . 2009-03-08 13:51 <DIR> d-------- c:\program files\Activision
2009-03-08 01:18 . 2009-03-08 14:35 <DIR> d-------- c:\documents and settings\Bora\Application Data\uTorrent
2009-03-07 21:08 . 2009-03-07 21:08 <DIR> d-------- c:\program files\Alcohol Soft
2009-03-07 21:05 . 2009-03-08 00:29 716,272 --a------ c:\windows\system32\drivers\sptd.sys
2009-03-07 17:58 . 2009-03-07 17:59 754 --a------ c:\windows\WORDPAD.INI
2009-03-06 10:04 . 2006-03-13 17:35 89,872 -ra------ c:\windows\system32\drivers\k750mdm.sys
2009-03-06 10:04 . 2006-03-13 17:35 81,728 -ra------ c:\windows\system32\drivers\k750mgmt.sys
2009-03-06 10:04 . 2006-03-13 17:35 79,488 -ra------ c:\windows\system32\drivers\k750obex.sys
2009-03-06 10:04 . 2006-03-13 17:35 6,576 -ra------ c:\windows\system32\drivers\k750mdfl.sys
2009-03-06 10:04 . 2006-03-13 17:35 6,144 -ra------ c:\windows\system32\drivers\k750cmnt.sys
2009-03-06 10:04 . 2006-03-13 17:35 6,144 -ra------ c:\windows\system32\drivers\k750cm.sys
2009-03-06 10:03 . 2006-03-13 17:35 55,216 -ra------ c:\windows\system32\drivers\k750bus.sys
2009-03-06 10:03 . 2006-03-13 17:35 5,744 -ra------ c:\windows\system32\drivers\k750whnt.sys
2009-03-06 10:03 . 2006-03-13 17:35 5,744 -ra------ c:\windows\system32\drivers\k750wh.sys
2009-03-05 20:35 . 2006-09-18 14:59 90,800 -ra------ c:\windows\system32\drivers\se27unic.sys
2009-03-05 20:35 . 2006-09-18 14:58 88,688 -ra------ c:\windows\system32\drivers\SE27mgmt.sys
2009-03-05 20:35 . 2006-09-18 14:59 86,560 -ra------ c:\windows\system32\drivers\SE27obex.sys
2009-03-05 20:35 . 2006-09-18 14:59 18,704 -ra------ c:\windows\system32\drivers\se27nd5.sys
2009-03-05 20:35 . 2006-09-18 14:58 4,128 -ra------ c:\windows\system32\drivers\se27cr.sys
2009-03-05 20:34 . 2009-03-05 20:35 <DIR> d-------- c:\documents and settings\Bora\Application Data\Teleca
2009-03-05 20:34 . 2006-09-18 14:58 97,184 -ra------ c:\windows\system32\drivers\SE27mdm.sys
2009-03-05 20:34 . 2006-09-18 14:58 61,600 -ra------ c:\windows\system32\drivers\SE27bus.sys
2009-03-05 20:34 . 2006-09-18 14:58 9,360 -ra------ c:\windows\system32\drivers\SE27mdfl.sys
2009-03-05 20:34 . 2006-09-18 14:58 6,240 -ra------ c:\windows\system32\drivers\SE27cmnt.sys
2009-03-05 20:34 . 2006-09-18 14:58 6,240 -ra------ c:\windows\system32\drivers\SE27cm.sys
2009-03-05 20:34 . 2006-09-18 14:59 5,872 -ra------ c:\windows\system32\drivers\SE27whnt.sys
2009-03-05 20:34 . 2006-09-18 14:59 5,872 -ra------ c:\windows\system32\drivers\SE27wh.sys
2009-03-05 20:33 . 2009-03-05 20:33 <DIR> d-------- c:\documents and settings\Bora\Application Data\Sony Ericsson
2009-03-05 20:31 . 2009-03-05 20:32 <DIR> d----c--- c:\windows\system32\DRVSTORE
2009-03-05 20:31 . 2009-03-05 20:31 <DIR> d-------- c:\documents and settings\All Users\Application Data\Sony Ericsson
2009-03-05 20:30 . 2009-03-05 20:30 <DIR> d-------- c:\windows\Downloaded Installations
2009-03-05 20:30 . 2009-03-05 20:30 <DIR> d-------- c:\program files\Sony Ericsson
2009-03-05 20:30 . 2009-03-05 20:31 <DIR> d-------- c:\program files\Common Files\Teleca Shared
2009-03-05 20:30 . 2009-03-05 20:31 <DIR> d-------- c:\program files\Common Files\Sony Ericsson Shared
2009-03-05 20:30 . 2009-03-05 20:31 <DIR> d-------- c:\documents and settings\All Users\Application Data\Teleca
2009-03-05 14:26 . 2009-03-05 14:26 <DIR> d-------- c:\windows\Logs
2009-03-05 14:26 . 2009-03-08 14:17 22,328 --a------ c:\windows\system32\drivers\PnkBstrK.sys
2009-03-05 14:26 . 2009-03-08 14:02 22,328 --a------ c:\documents and settings\Bora\Application Data\PnkBstrK.sys
2009-03-05 14:25 . 2009-03-05 14:25 <DIR> d-------- c:\windows\system32\LogFiles
2009-03-05 14:25 . 2009-03-05 14:25 682,280 --a------ c:\windows\system32\pbsvc.exe
2009-03-05 14:25 . 2009-03-08 14:17 103,736 --a------ c:\windows\system32\PnkBstrB.exe
2009-03-05 14:25 . 2009-03-08 14:14 66,872 --a------ c:\windows\system32\PnkBstrA.exe
2009-03-05 13:42 . 2009-03-05 13:42 <DIR> d-------- c:\documents and settings\Bora\Application Data\Leadertech
2009-03-05 00:38 . 2009-03-05 00:38 <DIR> d-------- c:\documents and settings\Bora\Application Data\CoSoSys
2009-03-03 12:56 . 2009-03-03 12:56 <DIR> d-------- c:\program files\SAGEM
2009-03-03 11:17 . 2009-03-03 11:24 139,264 --a------ c:\windows\War3Unin.exe
2009-03-03 11:17 . 2009-03-03 11:35 77,755 --a------ c:\windows\War3Unin.dat
2009-03-03 11:17 . 2009-03-03 11:24 2,829 --a------ c:\windows\War3Unin.pif
2009-03-03 11:14 . 2009-03-08 14:50 <DIR> d-------- c:\program files\Warcraft III
2009-03-02 22:48 . 2009-03-02 22:49 <DIR> d-------- c:\documents and settings\Bora\Application Data\DivX
2009-03-02 22:46 . 2009-03-02 22:47 <DIR> d-------- c:\program files\DivX
2009-03-02 21:59 . 2009-03-02 21:59 0 --a------ c:\windows\nsreg.dat
2009-03-02 21:29 . 2009-03-02 21:29 <DIR> d-------- c:\program files\NetCaptor
2009-03-02 21:29 . 2009-03-02 21:29 <DIR> d-------- c:\documents and settings\Bora\Application Data\Stilesoft
2009-03-02 21:04 . 2009-03-02 21:04 <DIR> d---s---- c:\documents and settings\Bora\UserData
2009-03-02 20:55 . 2009-03-02 20:55 <DIR> d-------- c:\program files\SUPERAntiSpyware
2009-03-02 20:55 . 2009-03-02 20:55 <DIR> d-------- c:\program files\Common Files\Wise Installation Wizard
2009-03-02 20:55 . 2009-03-02 20:55 <DIR> d-------- c:\documents and settings\Bora\Application Data\SUPERAntiSpyware.com
2009-03-02 20:55 . 2009-03-02 20:55 <DIR> d-------- c:\documents and settings\All Users\Application Data\SUPERAntiSpyware.com
2009-03-02 20:48 . 2004-08-18 15:00 114,688 -rahs---- c:\windows\system32\icmus.dll
2009-03-02 20:44 . 2009-03-09 01:02 <DIR> d-------- c:\program files\FlashGet
2009-03-02 20:44 . 2004-08-03 22:14 359,040 --a------ c:\windows\system32\drivers\tcpip.sys.flg
2009-03-02 20:43 . 2004-08-18 15:00 114,688 -rahs---- c:\windows\system32\itas.dll
2009-03-02 19:14 . 2004-08-18 15:00 114,688 -rahs---- c:\windows\system32\wedit.dll
2009-03-02 18:31 . 2009-03-02 18:31 <DIR> d--hs---- c:\windows\ftpcache

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-03-08 14:44 --------- d--h--w c:\program files\InstallShield Installation Information
2009-03-03 11:57 32 ----a-w c:\windows\system32\drivers\adidsl.cfg
2009-03-02 16:16 --------- d-----w c:\program files\ESET
2009-03-02 16:16 --------- d-----w c:\documents and settings\All Users\Application Data\ESET
2009-03-02 16:11 15,600 ----a-w c:\windows\gdrv.sys
2009-03-02 16:11 --------- d-----w c:\program files\Realtek
2009-03-02 16:11 --------- d-----w c:\documents and settings\Bora\Application Data\InstallShield
2009-03-02 16:08 315,392 ----a-w c:\windows\HideWin.exe
2009-03-02 16:03 --------- d-----w c:\documents and settings\Bora\Application Data\ATI
2009-03-02 16:03 --------- d-----w c:\documents and settings\All Users\Application Data\ATI
2009-03-02 16:01 --------- d-----w c:\program files\ATI Technologies
2009-03-02 15:59 --------- d-----w c:\program files\Common Files\InstallShield
2009-03-02 15:59 --------- d-----w c:\program files\Common Files\ATI Technologies
2009-03-02 15:48 --------- d-----w c:\program files\microsoft frontpage
2008-12-11 00:33 86,016 ----a-w c:\windows\system32\dpl100.dll
2008-12-11 00:33 200,704 ----a-w c:\windows\system32\dtu100.dll
2008-12-09 02:28 593,920 ----a-w c:\windows\system32\dpuGUI11.dll
2008-12-09 02:28 57,344 ----a-w c:\windows\system32\dpv11.dll
2008-12-09 02:28 344,064 ----a-w c:\windows\system32\dpus11.dll
2008-12-09 02:28 294,912 ----a-w c:\windows\system32\dpu11.dll
2004-08-18 14:00 114,688 --sha-r c:\windows\system32\icmus.dll
2004-08-18 14:00 114,688 --sha-r c:\windows\system32\itas.dll
2004-08-18 14:00 114,688 --sha-r c:\windows\system32\wedit.dll
.

------- Sigcheck -------

2004-08-03 22:14 359040 9f4b36614a0fc234525ba224957de55c c:\windows\system32\dllcache\tcpip.sys
2004-08-03 22:14 359040 6a603809f598332dbedd535bdbce313e c:\windows\system32\drivers\tcpip.sys
.
((((((((((((((((((((((((((((( [Link mogu videti samo ulogovani korisnici] )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-03-08 13:32:12 110,592 ----a-w c:\windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\adodb.dll
+ 2009-03-08 13:32:11 65,536 ----a-w c:\windows\assembly\GAC\dao\10.0.4504.0__31bf3856ad364e35\DAO.DLL
+ 2009-03-08 13:32:13 4,608 ----a-w c:\windows\assembly\GAC\Extensibility\7.0.3300.0__b03f5f7f11d50a3a\extensibility.dll
+ 2009-03-08 13:32:10 1,215,328 ----a-w c:\windows\assembly\GAC\IACore\1.7.6223.0__31bf3856ad364e35\IACore.dll
+ 2009-03-08 13:32:10 82,784 ----a-w c:\windows\assembly\GAC\IALoader\1.7.6223.0__31bf3856ad364e35\IALoader.dll
+ 2009-03-08 13:32:08 31,560 ----a-w c:\windows\assembly\GAC\ipdmctrl\11.0.0.0__71e9bce111e9429c\IPDMCTRL.DLL
- 2009-03-05 13:27:08 53,248 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.AudioVideoPlayback\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.AudioVideoPlayback.dll
+ 2009-03-08 13:03:46 53,248 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.AudioVideoPlayback\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.AudioVideoPlayback.dll
- 2009-03-05 13:27:08 12,800 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Diagnostics\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Diagnostics.dll
+ 2009-03-08 13:03:46 12,800 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Diagnostics\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Diagnostics.dll
- 2009-03-05 13:27:08 473,600 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3D\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3D.dll
+ 2009-03-08 13:03:46 473,600 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3D\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3D.dll
- 2009-03-05 13:27:05 2,676,224 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2009-03-08 13:03:42 2,676,224 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2009-03-05 13:27:06 2,846,720 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2903.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2009-03-08 13:03:43 2,846,720 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2903.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2009-03-05 13:27:06 563,712 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2904.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2009-03-08 13:03:43 563,712 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2904.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2009-03-05 13:27:06 567,296 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2905.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2009-03-08 13:03:43 567,296 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2905.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2009-03-05 13:27:06 576,000 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2906.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2009-03-08 13:03:43 576,000 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2906.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2009-03-05 13:27:07 577,024 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2907.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2009-03-08 13:03:44 577,024 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2907.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2009-03-05 13:27:07 577,536 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2908.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2009-03-08 13:03:45 577,536 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2908.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2009-03-05 13:27:07 577,536 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2909.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2009-03-08 13:03:45 577,536 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2909.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2009-03-05 13:27:07 578,560 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2910.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2009-03-08 13:03:45 578,560 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2910.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2009-03-05 13:27:08 578,560 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2911.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2009-03-08 13:03:46 578,560 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2911.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2009-03-05 13:27:08 145,920 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.DirectDraw\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectDraw.dll
+ 2009-03-08 13:03:47 145,920 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.DirectDraw\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectDraw.dll
- 2009-03-05 13:27:08 159,232 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.DirectInput\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectInput.dll
+ 2009-03-08 13:03:47 159,232 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.DirectInput\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectInput.dll
- 2009-03-05 13:27:09 364,544 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.DirectPlay\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectPlay.dll
+ 2009-03-08 13:03:47 364,544 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.DirectPlay\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectPlay.dll
- 2009-03-05 13:27:09 178,176 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.DirectSound\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectSound.dll
+ 2009-03-08 13:03:47 178,176 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.DirectSound\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectSound.dll
- 2009-03-05 13:27:08 223,232 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.dll
+ 2009-03-08 13:03:46 223,232 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.dll
+ 2009-03-08 13:32:11 8,007,680 ----a-w c:\windows\assembly\GAC\Microsoft.mshtml\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.mshtml.dll
+ 2009-03-08 13:32:08 16,712 ----a-w c:\windows\assembly\GAC\Microsoft.Office.InfoPath.Permission\12.0.0.0__71e9bce111e9429c\Microsoft.Office.InfoPath.Permission.dll
+ 2009-03-08 13:31:28 80,696 ----a-w c:\windows\assembly\GAC\Microsoft.Office.Interop.Access.Dao\12.0.0.0__71e9bce111e9429c\Microsoft.Office.interop.access.dao.dll
+ 2009-03-08 13:31:50 1,612,592 ----a-w c:\windows\assembly\GAC\Microsoft.Office.Interop.Access\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Access.dll
+ 2009-03-08 13:31:50 1,276,720 ----a-w c:\windows\assembly\GAC\Microsoft.Office.Interop.Excel\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Excel.dll
+ 2009-03-08 13:31:50 150,320 ----a-w c:\windows\assembly\GAC\Microsoft.Office.Interop.Graph\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Graph.dll
+ 2009-03-08 13:32:08 404,296 ----a-w c:\windows\assembly\GAC\Microsoft.Office.Interop.InfoPath.SemiTrust\11.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.InfoPath.SemiTrust.dll
+ 2009-03-08 13:31:51 88,896 ----a-w c:\windows\assembly\GAC\Microsoft.Office.Interop.InfoPath.Xml\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.InfoPath.Xml.dll
+ 2009-03-08 13:31:51 146,232 ----a-w c:\windows\assembly\GAC\Microsoft.Office.Interop.InfoPath\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.InfoPath.dll
+ 2009-03-08 13:32:04 17,208 ----a-w c:\windows\assembly\GAC\Microsoft.Office.Interop.OneNote\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.OneNote.dll
+ 2009-03-08 13:31:50 920,376 ----a-w c:\windows\assembly\GAC\Microsoft.Office.Interop.Outlook\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Outlook.dll
+ 2009-03-08 13:31:50 35,648 ----a-w c:\windows\assembly\GAC\Microsoft.Office.Interop.OutlookViewCtl\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.OutlookViewCtl.dll
+ 2009-03-08 13:31:50 248,632 ----a-w c:\windows\assembly\GAC\Microsoft.Office.Interop.PowerPoint\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.PowerPoint.dll
+ 2009-03-08 13:31:51 232,248 ----a-w c:\windows\assembly\GAC\Microsoft.Office.Interop.Publisher\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Publisher.dll
+ 2009-03-08 13:31:50 20,280 ----a-w c:\windows\assembly\GAC\Microsoft.Office.Interop.SmartTag\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.SmartTag.dll
+ 2009-03-08 13:31:51 781,104 ----a-w c:\windows\assembly\GAC\Microsoft.Office.Interop.Word\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Word.dll
+ 2009-03-08 13:32:11 13,312 ----a-w c:\windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.stdformat.dll
+ 2009-03-08 13:31:50 371,496 ----a-w c:\windows\assembly\GAC\Microsoft.Vbe.Interop.Forms\11.0.0.0__71e9bce111e9429c\Microsoft.Vbe.Interop.Forms.dll
+ 2009-03-08 13:31:51 64,288 ----a-w c:\windows\assembly\GAC\Microsoft.Vbe.Interop\12.0.0.0__71e9bce111e9429c\Microsoft.Vbe.Interop.dll
+ 2009-03-08 13:32:11 229,376 ----a-w c:\windows\assembly\GAC\mscomctl\10.0.4504.0__31bf3856ad364e35\MSCOMCTL.DLL
+ 2009-03-08 13:32:12 4,096 ----a-w c:\windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\msdatasrc.dll
+ 2009-03-08 13:31:50 416,544 ----a-w c:\windows\assembly\GAC\office\12.0.0.0__71e9bce111e9429c\OFFICE.DLL
+ 2009-03-08 13:31:28 12,104 ----a-w c:\windows\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.Access\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.Access.dll
+ 2009-03-08 13:31:29 12,096 ----a-w c:\windows\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.Excel\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.Excel.dll
+ 2009-03-08 13:31:56 12,096 ----a-w c:\windows\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.Graph\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.Graph.dll
+ 2009-03-08 13:32:08 12,616 ----a-w c:\windows\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.InfoPath.Xml\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.InfoPath.Xml.dll
+ 2009-03-08 13:32:08 12,616 ----a-w c:\windows\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.InfoPath\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.InfoPath.dll
+ 2009-03-08 13:32:05 12,104 ----a-w c:\windows\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.Outlook\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.Outlook.dll
+ 2009-03-08 13:32:04 12,632 ----a-w c:\windows\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.OutlookViewCtl\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.OutlookViewCtl.dll
+ 2009-03-08 13:32:05 12,112 ----a-w c:\windows\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.PowerPoint\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.PowerPoint.dll
+ 2009-03-08 13:32:06 12,104 ----a-w c:\windows\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.Publisher\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.Publisher.dll
+ 2009-03-08 13:32:01 12,104 ----a-w c:\windows\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.SmartTag\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.SmartTag.dll
+ 2009-03-08 13:32:07 12,096 ----a-w c:\windows\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.Word\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.Word.dll
+ 2009-03-08 13:32:01 12,080 ----a-w c:\windows\assembly\GAC\Policy.11.0.Microsoft.Vbe.Interop\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Vbe.Interop.dll
+ 2009-03-08 13:32:01 11,544 ----a-w c:\windows\assembly\GAC\Policy.11.0.office\12.0.0.0__71e9bce111e9429c\Policy.11.0.Office.dll
+ 2009-03-08 13:32:11 16,384 ----a-w c:\windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll
+ 2009-03-08 13:32:08 118,112 ----a-w c:\windows\assembly\GAC_32\Microsoft.Office.InfoPath.Client.Internal.Host.Interop\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Infopath.Client.Internal.Host.Interop.dll
+ 2009-03-08 13:32:15 367,400 ----a-w c:\windows\assembly\GAC_32\Microsoft.VisualStudio.Tools.Applications.InteropAdapter\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Applications.InteropAdapter.dll
+ 2009-03-08 13:32:08 609,104 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.Office.InfoPath.Client.Internal.Host\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Infopath.Client.Internal.Host.dll
+ 2009-03-08 13:32:08 43,840 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.Office.InfoPath.FormControl\12.0.0.0__71e9bce111e9429c\microsoft.office.infopath.formcontrol.dll
+ 2009-03-08 13:32:08 39,728 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.Office.InfoPath.Vsta\12.0.0.0__71e9bce111e9429c\Microsoft.Office.InfoPath.Vsta.dll
+ 2009-03-08 13:32:08 60,200 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.Office.InfoPath\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Infopath.dll
+ 2009-03-08 13:32:10 211,736 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Applications.Adapter\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Applications.Adapter.dll
+ 2009-03-08 13:32:10 105,248 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Applications.AddInManager\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Applications.AddInManager.dll
+ 2009-03-08 13:32:10 330,520 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Applications.Blueprints\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Applications.Blueprints.dll
+ 2009-03-08 13:32:10 39,712 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Applications.ComRPCChannel\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Applications.ComRPCChannel.dll
+ 2009-03-08 13:32:10 39,704 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Applications.Contract\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Applications.Contract.dll
+ 2009-03-08 13:32:10 72,472 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Applications.DesignTime\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Applications.DesignTime.dll
+ 2009-03-08 13:32:10 47,832 ----a-w c:\windows\assembly\GAC_MSIL\System.AddIn.Contract\2.0.0.0__b03f5f7f11d50a3a\System.AddIn.Contract.dll
+ 2009-03-08 13:32:10 39,624 ----a-w c:\windows\assembly\GAC_MSIL\System.AddIn\2.0.0.0__b03f5f7f11d50a3a\System.AddIn.dll
+ 2009-03-08 13:32:51 1,165,584 ----a-r c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\accicons.exe
+ 2009-03-08 13:32:52 20,240 ----a-r c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\cagicon.exe
+ 2009-03-08 13:32:51 159,504 ----a-r c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\inficon.exe
+ 2009-03-08 13:32:51 184,080 ----a-r c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\joticon.exe
+ 2009-03-08 13:32:52 217,864 ----a-r c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\misc.exe
+ 2009-03-08 13:32:52 18,704 ----a-r c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\mspicons.exe
+ 2009-03-08 13:32:52 35,088 ----a-r c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\oisicon.exe
+ 2009-03-08 13:32:52 845,584 ----a-r c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\outicon.exe
+ 2009-03-08 13:32:52 922,384 ----a-r c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pptico.exe
+ 2009-03-08 13:32:52 272,648 ----a-r c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pubs.exe
+ 2009-03-08 13:32:52 888,080 ----a-r c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\wordicon.exe
+ 2009-03-08 13:32:51 1,172,240 ----a-r c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\xlicons.exe
+ 2009-03-08 13:29:05 217,864 ----a-r c:\windows\Installer\{90120000-006E-0409-0000-0000000FF1CE}\misc.exe
+ 2009-03-08 13:01:55 216,358 ----a-r c:\windows\Installer\{E48469CC-635E-4FD5-A122-1497C286D217}\ARPPRODUCTICON.exe
+ 2005-07-03 07:20:48 372,736 ------w c:\windows\Samsung\ComSMMgr\SSMMgr.exe
+ 2005-03-14 05:02:00 8,820,072 ------w c:\windows\Samsung\ML-2010\ACROBAT_READER\ENGLISH\Acrobat.exe
+ 2006-12-09 00:52:12 57,000 ------w c:\windows\Samsung\ML-2010\Autorun.exe
+ 2005-03-14 05:01:38 41,984 ------w c:\windows\Samsung\ML-2010\DATA\DGIVECP.SYS
+ 2006-01-03 07:02:52 8,909 ------w c:\windows\Samsung\ML-2010\DATA\Lang_DN.Dat
+ 2006-01-03 07:03:06 9,914 ------w c:\windows\Samsung\ML-2010\DATA\Lang_DT.Dat
+ 2006-01-03 07:03:20 8,593 ------w c:\windows\Samsung\ML-2010\DATA\Lang_EL.Dat
+ 2006-01-03 07:03:20 8,593 ------w c:\windows\Samsung\ML-2010\DATA\Lang_EN.Dat
+ 2006-01-03 07:03:36 8,957 ------w c:\windows\Samsung\ML-2010\DATA\Lang_FI.Dat
+ 2006-01-03 07:03:46 10,061 ------w c:\windows\Samsung\ML-2010\DATA\Lang_FN.Dat
+ 2006-01-03 07:04:06 9,878 ------w c:\windows\Samsung\ML-2010\DATA\Lang_GR.Dat
+ 2006-01-03 07:04:20 9,605 ------w c:\windows\Samsung\ML-2010\DATA\Lang_HU.Dat
+ 2006-01-03 07:04:34 9,565 ------w c:\windows\Samsung\ML-2010\DATA\Lang_IT.Dat
+ 2006-01-03 07:04:48 8,750 ------w c:\windows\Samsung\ML-2010\DATA\Lang_NR.Dat
+ 2006-01-03 07:05:02 9,418 ------w c:\windows\Samsung\ML-2010\DATA\Lang_PO.Dat
+ 2006-01-03 07:05:26 9,535 ------w c:\windows\Samsung\ML-2010\DATA\Lang_PT.Dat
+ 2006-01-03 07:05:40 9,590 ------w c:\windows\Samsung\ML-2010\DATA\Lang_SP.Dat
+ 2006-01-03 07:05:52 9,098 ------w c:\windows\Samsung\ML-2010\DATA\Lang_SW.Dat
+ 2005-03-14 05:01:38 131,072 ------w c:\windows\Samsung\ML-2010\DATA\SSDIAG.dll
+ 2005-03-14 05:01:38 479,232 ------w c:\windows\Samsung\ML-2010\DATA\SSinst.exe
+ 2005-07-11 11:11:54 294,912 ------w c:\windows\Samsung\ML-2010\DATA\SSLang.exe
+ 2005-03-14 05:01:38 217,088 ------w c:\windows\Samsung\ML-2010\DATA\SSManual.exe
+ 2005-03-14 05:01:38 208,896 ------w c:\windows\Samsung\ML-2010\DATA\SSRemove.exe
+ 2004-11-22 23:58:06 217,088 ------w c:\windows\Samsung\ML-2010\DATA\SSUtil.dll
+ 2005-03-14 05:01:38 200,704 ------w c:\windows\Samsung\ML-2010\DATA\SvcMan.exe
+ 2005-03-03 10:09:00 57,344 ------w c:\windows\Samsung\ML-2010\ML-2010\PRINTER\WINXP\SSCoInst.dll
+ 2005-03-03 04:32:22 151,552 ------w c:\windows\Samsung\ML-2010\ML-2010\PRINTER\WINXP\SSCoInst.exe
+ 2006-02-08 00:35:22 838,144 ------w c:\windows\Samsung\ML-2010\ML-2010\PRINTER\WINXP\SUGS2.dll
+ 2006-01-04 00:26:46 204,800 ------w c:\windows\Samsung\ML-2010\ML-2010\PRINTER\WINXP\SUGS2CM.dll
+ 2006-01-11 23:53:10 42,762 ------w c:\windows\Samsung\ML-2010\ML-2010\PRINTER\WINXP\SUGS2cp.dat
+ 2006-01-11 23:55:54 42,717 ------w c:\windows\Samsung\ML-2010\ML-2010\PRINTER\WINXP\SUGS2ct.dat
+ 2006-01-11 23:57:36 51,353 ------w c:\windows\Samsung\ML-2010\ML-2010\PRINTER\WINXP\SUGS2dn.dat
+ 2006-01-11 23:58:54 53,500 ------w c:\windows\Samsung\ML-2010\ML-2010\PRINTER\WINXP\SUGS2dt.dat
+ 2006-01-12 00:00:08 49,439 ------w c:\windows\Samsung\ML-2010\ML-2010\PRINTER\WINXP\SUGS2en.dat
+ 2006-01-12 01:34:38 51,699 ------w c:\windows\Samsung\ML-2010\ML-2010\PRINTER\WINXP\SUGS2fi.dat
+ 2006-01-12 00:03:28 57,926 ------w c:\windows\Samsung\ML-2010\ML-2010\PRINTER\WINXP\SUGS2fn.dat
+ 2006-01-12 00:04:56 54,801 ------w c:\windows\Samsung\ML-2010\ML-2010\PRINTER\WINXP\SUGS2gr.dat
+ 2006-01-12 00:06:18 53,250 ------w c:\windows\Samsung\ML-2010\ML-2010\PRINTER\WINXP\SUGS2hu.dat
+ 2006-01-12 00:07:46 54,036 ------w c:\windows\Samsung\ML-2010\ML-2010\PRINTER\WINXP\SUGS2it.dat
+ 2006-01-12 00:09:06 47,627 ------w c:\windows\Samsung\ML-2010\ML-2010\PRINTER\WINXP\SUGS2kr.dat
+ 2005-07-05 11:53:50 53,248 ------w c:\windows\Samsung\ML-2010\ML-2010\PRINTER\WINXP\SUGS2lf.dll
+ 2005-04-08 02:29:54 20,622 ------w c:\windows\Samsung\ML-2010\ML-2010\PRINTER\WINXP\SUGS2lmk.dll
+ 2006-02-08 00:20:26 208,896 ------w c:\windows\Samsung\ML-2010\ML-2010\PRINTER\WINXP\SUGS2M.DLL
+ 2006-01-12 00:10:40 50,317 ------w c:\windows\Samsung\ML-2010\ML-2010\PRINTER\WINXP\SUGS2nr.dat
+ 2006-01-12 00:12:12 52,052 ------w c:\windows\Samsung\ML-2010\ML-2010\PRINTER\WINXP\SUGS2po.dat
+ 2006-01-12 00:13:20 54,971 ------w c:\windows\Samsung\ML-2010\ML-2010\PRINTER\WINXP\SUGS2pt.dat
+ 2006-01-12 00:17:40 52,365 ------w c:\windows\Samsung\ML-2010\ML-2010\PRINTER\WINXP\SUGS2ru.dat
+ 2006-01-12 00:18:44 54,773 ------w c:\windows\Samsung\ML-2010\ML-2010\PRINTER\WINXP\SUGS2sp.dat
+ 2006-01-12 00:21:14 50,843 ------w c:\windows\Samsung\ML-2010\ML-2010\PRINTER\WINXP\SUGS2sw.dat
+ 2005-12-22 04:19:22 606,208 ------w c:\windows\Samsung\ML-2010\ML-2010\PRINTER\WINXP\SUGS2U.dll
+ 2005-04-15 08:06:00 3,764,224 ------w c:\windows\Samsung\ML-2010\ML-2010\PRINTER\WINXP\SUGS2u2.dll
+ 2006-02-08 00:35:22 223,500 ------w c:\windows\Samsung\ML-2010\ML-2010\PRINTER\WINXP\SUGS2ui.dll
+ 2006-01-27 06:48:48 655,360 ------w c:\windows\Samsung\ML-2010\ML-2010\PRINTER\WINXP\SUGS2UM.dll
+ 2005-02-21 10:12:30 282,624 ------w c:\windows\Samsung\ML-2010\ML-2010\SM\CommonSM\CommonSM.exe
+ 2005-03-14 05:01:32 5,207,832 ------w c:\windows\Samsung\ML-2010\ML-2010\SM\CommonSM\Help\Flash_Shockwave_Full.exe
+ 2005-03-14 05:01:30 69,632 ------w c:\windows\Samsung\ML-2010\ML-2010\SM\CommonSM\IOManager.dll
+ 2005-03-14 05:01:28 143,360 ------w c:\windows\Samsung\ML-2010\ML-2010\SM\CommonSM\SecSNMP.dll
+ 2005-04-29 05:26:54 2,778 ------w c:\windows\Samsung\ML-2010\ML-2010\SM\CommonSM\SMCODE.dat
+ 2005-05-19 06:15:20 245,760 ------w c:\windows\Samsung\ML-2010\ML-2010\SM\CommonSM\SMOption.exe
+ 2005-03-14 05:01:28 151,552 ------w c:\windows\Samsung\ML-2010\ML-2010\SM\CommonSM\ssmsrvc.exe
+ 2005-03-14 05:01:28 45,056 ------w c:\windows\Samsung\ML-2010\ML-2010\SM\CommonSM\UsbIO.dll
+ 2005-07-03 07:20:48 372,736 ------w c:\windows\Samsung\ML-2010\ML-2010\SM\ComSMMgr\SSMMgr.exe
+ 2005-03-14 05:01:28 1,385,744 ------w c:\windows\Samsung\ML-2010\ML-2010\SM\Library\MSVBVM60.DLL
+ 2005-03-14 05:01:28 200,704 ------w c:\windows\Samsung\ML-2010\ML-2010\SM\mklnk.exe
+ 2001-04-11 10:07:58 166,912 ------w c:\windows\Samsung\ML-2010\ML-2010\SM\Setup.exe
+ 2006-01-04 04:50:28 12,170 ------w c:\windows\Samsung\ML-2010\SETUP.DAT
+ 2005-06-23 08:07:34 307,200 ------w c:\windows\Samsung\ML-2010\Setup.exe
+ 2005-06-09 04:23:38 270,336 ------w c:\windows\Samsung\ML-2010\SSAuto.Dll
+ 2005-06-23 08:07:24 258,048 ------w c:\windows\Samsung\ML-2010\SSEtc.dll
+ 2005-03-14 05:01:06 225,280 ------w c:\windows\Samsung\ML-2010\SSFcs.dll
+ 2005-03-14 05:01:06 1,622,016 ------w c:\windows\Samsung\ML-2010\SSRes.dll
+ 2005-03-14 05:01:06 155,648 ------w c:\windows\Samsung\ML-2010\SSTtp.dll
+ 2005-03-14 05:01:06 12,288 ------w c:\windows\Samsung\ML-2010\USB\usbmon.dll
+ 2005-03-14 05:01:06 22,608 ------w c:\windows\Samsung\ML-2010\USB\usbprint.sys
+ 2006-10-26 13:10:08 1,190,688 ----a-w c:\windows\system32\FM20.DLL
+ 2006-10-26 13:10:06 33,088 ----a-w c:\windows\system32\FM20ENU.DLL
- 2009-03-02 15:51:51 90,296 ----a-w c:\windows\system32\FNTCACHE.DAT
+ 2009-03-08 14:50:00 263,024 ----a-w c:\windows\system32\FNTCACHE.DAT
+ 2006-10-26 12:45:04 207,360 ----a-w c:\windows\system32\INKED.DLL
+ 2006-07-24 09:50:38 125,744 ----a-w c:\windows\system32\MSSTDFMT.DLL
+ 2006-07-24 09:50:40 39,728 ----a-w c:\windows\system32\SCP32.DLL
+ 2006-10-26 18:56:16 864,080 ----a-w c:\windows\system32\spool\drivers\w32x86\3\msonpdrv.dll
+ 2006-10-26 18:56:14 67,408 ----a-w c:\windows\system32\spool\drivers\w32x86\3\msonpui.dll
+ 2006-02-08 00:35:22 838,144 ----a-w c:\windows\system32\spool\drivers\w32x86\3\SUGS2.DLL
+ 2006-01-04 00:26:46 204,800 ----a-w c:\windows\system32\spool\drivers\w32x86\3\SUGS2CM.DLL
+ 2006-01-11 23:53:10 42,762 ----a-w c:\windows\system32\spool\drivers\w32x86\3\sugs2cp.dat
+ 2006-01-11 23:55:54 42,717 ----a-w c:\windows\system32\spool\drivers\w32x86\3\sugs2ct.dat
+ 2006-01-11 23:57:36 51,353 ----a-w c:\windows\system32\spool\drivers\w32x86\3\sugs2dn.dat
+ 2006-01-11 23:58:54 53,500 ----a-w c:\windows\system32\spool\drivers\w32x86\3\sugs2dt.dat
+ 2006-01-12 00:00:08 49,439 ----a-w c:\windows\system32\spool\drivers\w32x86\3\SUGS2EN.DAT
+ 2006-01-12 01:34:38 51,699 ----a-w c:\windows\system32\spool\drivers\w32x86\3\sugs2fi.dat
+ 2006-01-12 00:03:28 57,926 ----a-w c:\windows\system32\spool\drivers\w32x86\3\sugs2fn.dat
+ 2006-01-12 00:04:56 54,801 ----a-w c:\windows\system32\spool\drivers\w32x86\3\sugs2gr.dat
+ 2006-01-12 00:06:18 53,250 ----a-w c:\windows\system32\spool\drivers\w32x86\3\sugs2hu.dat
+ 2006-01-12 00:07:46 54,036 ----a-w c:\windows\system32\spool\drivers\w32x86\3\sugs2it.dat
+ 2006-01-12 00:09:06 47,627 ----a-w c:\windows\system32\spool\drivers\w32x86\3\sugs2kr.dat
+ 2005-07-05 11:53:50 53,248 ----a-w c:\windows\system32\spool\drivers\w32x86\3\SUGS2lf.DLL
+ 2006-02-08 00:20:26 208,896 ----a-w c:\windows\system32\spool\drivers\w32x86\3\SUGS2M.DLL
+ 2006-01-12 00:10:40 50,317 ----a-w c:\windows\system32\spool\drivers\w32x86\3\sugs2nr.dat
+ 2006-01-12 00:12:12 52,052 ----a-w c:\windows\system32\spool\drivers\w32x86\3\sugs2po.dat
+ 2006-01-12 00:13:20 54,971 ----a-w c:\windows\system32\spool\drivers\w32x86\3\sugs2pt.dat
+ 2006-01-12 00:17:40 52,365 ----a-w c:\windows\system32\spool\drivers\w32x86\3\sugs2ru.dat
+ 2006-01-12 00:18:44 54,773 ----a-w c:\windows\system32\spool\drivers\w32x86\3\sugs2sp.dat
+ 2006-01-12 00:21:14 50,843 ----a-w c:\windows\system32\spool\drivers\w32x86\3\sugs2sw.dat
+ 2005-12-22 04:19:22 606,208 ----a-w c:\windows\system32\spool\drivers\w32x86\3\SUGS2U.DLL
+ 2005-04-15 08:06:00 3,764,224 ----a-w c:\windows\system32\spool\drivers\w32x86\3\SUGS2U2.DLL
+ 2006-02-08 00:35:22 223,500 ----a-w c:\windows\system32\spool\drivers\w32x86\3\SUGS2UI.DLL
+ 2006-01-27 06:48:48 655,360 ----a-w c:\windows\system32\spool\drivers\w32x86\3\SUGS2UM.DLL
+ 2006-10-26 18:56:16 864,080 ----a-w c:\windows\system32\spool\drivers\w32x86\msonpdrv.dll
+ 2006-10-26 18:56:14 67,408 ----a-w c:\windows\system32\spool\drivers\w32x86\msonpui.dll
+ 2006-02-08 00:35:22 838,144 ----a-w c:\windows\system32\spool\drivers\w32x86\samsungml_20100e8d\SUGS2.DLL
+ 2006-01-04 00:26:46 204,800 ----a-w c:\windows\system32\spool\drivers\w32x86\samsungml_20100e8d\SUGS2CM.DLL
+ 2006-01-11 23:53:10 42,762 ----a-w c:\windows\system32\spool\drivers\w32x86\samsungml_20100e8d\sugs2cp.dat
+ 2006-01-11 23:55:54 42,717 ----a-w c:\windows\system32\spool\drivers\w32x86\samsungml_20100e8d\sugs2ct.dat
+ 2006-01-11 23:57:36 51,353 ----a-w c:\windows\system32\spool\drivers\w32x86\samsungml_20100e8d\sugs2dn.dat
+ 2006-01-11 23:58:54 53,500 ----a-w c:\windows\system32\spool\drivers\w32x86\samsungml_20100e8d\sugs2dt.dat
+ 2006-01-12 00:00:08 49,439 ----a-w c:\windows\system32\spool\drivers\w32x86\samsungml_20100e8d\SUGS2EN.DAT
+ 2006-01-12 01:34:38 51,699 ----a-w c:\windows\system32\spool\drivers\w32x86\samsungml_20100e8d\sugs2fi.dat
+ 2006-01-12 00:03:28 57,926 ----a-w c:\windows\system32\spool\drivers\w32x86\samsungml_20100e8d\sugs2fn.dat
+ 2006-01-12 00:04:56 54,801 ----a-w c:\windows\system32\spool\drivers\w32x86\samsungml_20100e8d\sugs2gr.dat
+ 2006-01-12 00:06:18 53,250 ----a-w c:\windows\system32\spool\drivers\w32x86\samsungml_20100e8d\sugs2hu.dat
+ 2006-01-12 00:07:46 54,036 ----a-w c:\windows\system32\spool\drivers\w32x86\samsungml_20100e8d\sugs2it.dat
+ 2006-01-12 00:09:06 47,627 ----a-w c:\windows\system32\spool\drivers\w32x86\samsungml_20100e8d\sugs2kr.dat
+ 2005-07-05 11:53:50 53,248 ----a-w c:\windows\system32\spool\drivers\w32x86\samsungml_20100e8d\SUGS2lf.DLL
+ 2006-02-08 00:20:26 208,896 ----a-w c:\windows\system32\spool\drivers\w32x86\samsungml_20100e8d\SUGS2M.DLL
+ 2006-01-12 00:10:40 50,317 ----a-w c:\windows\system32\spool\drivers\w32x86\samsungml_20100e8d\sugs2nr.dat
+ 2006-01-12 00:12:12 52,052 ----a-w c:\windows\system32\spool\drivers\w32x86\samsungml_20100e8d\sugs2po.dat
+ 2006-01-12 00:13:20 54,971 ----a-w c:\windows\system32\spool\drivers\w32x86\samsungml_20100e8d\sugs2pt.dat
+ 2006-01-12 00:17:40 52,365 ----a-w c:\windows\system32\spool\drivers\w32x86\samsungml_20100e8d\sugs2ru.dat
+ 2006-01-12 00:18:44 54,773 ----a-w c:\windows\system32\spool\drivers\w32x86\samsungml_20100e8d\sugs2sp.dat
+ 2006-01-12 00:21:14 50,843 ----a-w c:\windows\system32\spool\drivers\w32x86\samsungml_20100e8d\sugs2sw.dat
+ 2005-12-22 04:19:22 606,208 ----a-w c:\windows\system32\spool\drivers\w32x86\samsungml_20100e8d\SUGS2U.DLL
+ 2005-04-15 08:06:00 3,764,224 ----a-w c:\windows\system32\spool\drivers\w32x86\samsungml_20100e8d\SUGS2U2.DLL
+ 2006-02-08 00:35:22 223,500 ----a-w c:\windows\system32\spool\drivers\w32x86\samsungml_20100e8d\SUGS2UI.DLL
+ 2006-01-27 06:48:48 655,360 ----a-w c:\windows\system32\spool\drivers\w32x86\samsungml_20100e8d\SUGS2UM.DLL
+ 2006-02-08 00:35:22 838,144 ----a-w c:\windows\system32\spool\drivers\w32x86\SUGS2.DLL
+ 2006-01-04 00:26:46 204,800 ----a-w c:\windows\system32\spool\drivers\w32x86\SUGS2CM.DLL
+ 2006-01-11 23:53:10 42,762 ----a-w c:\windows\system32\spool\drivers\w32x86\sugs2cp.dat
+ 2006-01-11 23:55:54 42,717 ----a-w c:\windows\system32\spool\drivers\w32x86\sugs2ct.dat
+ 2006-01-11 23:57:36 51,353 ----a-w c:\windows\system32\spool\drivers\w32x86\sugs2dn.dat
+ 2006-01-11 23:58:54 53,500 ----a-w c:\windows\system32\spool\drivers\w32x86\sugs2dt.dat
+ 2006-01-12 00:00:08 49,439 ----a-w c:\windows\system32\spool\drivers\w32x86\SUGS2EN.DAT
+ 2006-01-12 01:34:38 51,699 ----a-w c:\windows\system32\spool\drivers\w32x86\sugs2fi.dat
+ 2006-01-12 00:03:28 57,926 ----a-w c:\windows\system32\spool\drivers\w32x86\sugs2fn.dat
+ 2006-01-12 00:04:56 54,801 ----a-w c:\windows\system32\spool\drivers\w32x86\sugs2gr.dat
+ 2006-01-12 00:06:18 53,250 ----a-w c:\windows\system32\spool\drivers\w32x86\sugs2hu.dat
+ 2006-01-12 00:07:46 54,036 ----a-w c:\windows\system32\spool\drivers\w32x86\sugs2it.dat
+ 2006-01-12 00:09:06 47,627 ----a-w c:\windows\system32\spool\drivers\w32x86\sugs2kr.dat
+ 2005-07-05 11:53:50 53,248 ----a-w c:\windows\system32\spool\drivers\w32x86\SUGS2lf.DLL
+ 2006-02-08 00:20:26 208,896 ----a-w c:\windows\system32\spool\drivers\w32x86\SUGS2M.DLL
+ 2006-01-12 00:10:40 50,317 ----a-w c:\windows\system32\spool\drivers\w32x86\sugs2nr.dat
+ 2006-01-12 00:12:12 52,052 ----a-w c:\windows\system32\spool\drivers\w32x86\sugs2po.dat
+ 2006-01-12 00:13:20 54,971 ----a-w c:\windows\system32\spool\drivers\w32x86\sugs2pt.dat
+ 2006-01-12 00:17:40 52,365 ----a-w c:\windows\system32\spool\drivers\w32x86\sugs2ru.dat
+ 2006-01-12 00:18:44 54,773 ----a-w c:\windows\system32\spool\drivers\w32x86\sugs2sp.dat
+ 2006-01-12 00:21:14 50,843 ----a-w c:\windows\system32\spool\drivers\w32x86\sugs2sw.dat
+ 2005-12-22 04:19:22 606,208 ----a-w c:\windows\system32\spool\drivers\w32x86\SUGS2U.DLL
+ 2005-04-15 08:06:00 3,764,224 ----a-w c:\windows\system32\spool\drivers\w32x86\SUGS2U2.DLL
+ 2006-02-08 00:35:22 223,500 ----a-w c:\windows\system32\spool\drivers\w32x86\SUGS2UI.DLL
+ 2006-01-27 06:48:48 655,360 ----a-w c:\windows\system32\spool\drivers\w32x86\SUGS2UM.DLL
+ 2006-10-26 18:56:12 33,104 ----a-w c:\windows\system32\spool\prtprocs\w32x86\msonpppr.dll
+ 2006-07-24 09:50:40 47,920 ----a-w c:\windows\system32\VBAME.DLL
+ 2006-10-26 12:45:04 293,376 ----a-w c:\windows\system32\WISPTIS.EXE
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2004-08-03 15360]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2004-08-04 1667584]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2009-02-17 1830128]
"AlcoholAutomount"="c:\program files\Alcohol Soft\Alcohol 120\axcmd.exe" [2008-02-22 217544]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 90112]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2008-06-10 1447168]
"Flashget"="c:\program files\FlashGet\FlashGet.exe" [2007-09-25 2007088]
"Sony Ericsson PC Suite"="c:\program files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" [2006-11-24 487424]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-27 31016]
"Samsung Common SM"="c:\windows\Samsung\ComSMMgr\ssmmgr.exe" [2005-07-03 372736]
"RTHDCPL"="RTHDCPL.EXE" [2007-07-05 c:\windows\RTHDCPL.exe]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-03 15360]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
DSLMON.lnk - c:\program files\SAGEM\SAGEM F@st 800-840\dslmon.exe [2009-03-03 1205840]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
"UpdateCheck"= {CABFBC0C-711D-47DF-AE1E-229FF14ABEB9} - c:\windows\system32\icmus.dll [2004-08-18 114688]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2008-12-22 11:05 356352 c:\program files\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001
"UpdatesDisableNotify"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\FlashGet\\flashget.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\Warcraft III\\Warcraft III.exe"=
"c:\\Program Files\\Activision\\Call of Duty 4 - Modern Warfare\\iw3mp.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=

R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [2008-06-10 34312]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [2009-02-17 8944]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [2009-02-17 55024]
R2 ekrn;Eset Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [2008-06-10 468224]
R3 e4usbaw;USB ADSL2 WAN Adapter;c:\windows\system32\drivers\e4usbaw.sys [2009-03-03 104344]
R3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [2009-02-17 7408]
S2 E4LOADER;General Purpose USB Driver (e4ldr.sys);c:\windows\system32\drivers\e4ldr.sys [2009-03-03 69656]
.
.
------- Supplementary Scan -------
.
uStart Page = [Link mogu videti samo ulogovani korisnici]
IE: &Download All with FlashGet - c:\program files\FlashGet\jc_all.htm
IE: &Download with FlashGet - c:\program files\FlashGet\jc_link.htm
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
TCP: {9DED41BB-6C03-4B15-96AB-BB11C858A4CF} = 80.74.164.249 80.74.160.26
FF - ProfilePath - c:\documents and settings\Bora\Application Data\Mozilla\Firefox\Profiles\eynqv3gg.default\
FF - prefs.js: browser.startup.homepage - [Link mogu videti samo ulogovani korisnici]
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, [Link mogu videti samo ulogovani korisnici]
Rootkit scan 2009-03-09 01:10:31
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(724)
c:\program files\SUPERAntiSpyware\SASWINLO.dll
c:\windows\system32\Ati2evxx.dll
.
Completion time: 2009-03-09 1:11:16
ComboFix-quarantined-files.txt 2009-03-09 00:11:14
ComboFix2.txt 2009-03-07 22:06:00

Pre-Run: 10.923.061.248 bytes free
Post-Run: 10,911,961,088 bytes free

WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect

500



Evo ovo je log ...

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

- Preuzmi USBNoRisk na Desktop i pokreni ga duplim klikom na ikonicu programa.
- Sacekaj koji sekund dok program izvrsi inicijalno skeniranje.
- Ubacuj sve USB memorijske uredjaje redom u USB slot i svaki zadrzi u slotu po 10 sekundi.
- Ukoliko imas vise uredjaja za proveru, onda na parcetu papira zapisi kojim redom su ubacivani jer ce nam kasnije trebati taj podatak
- Kada zavrsis sa svim uredjajima, klikni desno dugme misa na sred prozora programa i odaberi opciju Save log. To ce automatski otvoriti log u Notepadu. Iskopiraj nam taj log iz Notepada na forum.

Objasnjenje: U USB memorijske uredjaje spadaju svi oni uredjaji koji po prikljucivanju na kompjuter dobijaju svoju oznaku particije. Tu spadaju USB flash drajvovi, eksterni hard-diskovi, memorijske kartice, MP3 i MP4 plejeri, neki mobilni telefoni, neki GPS (navigacioni) uredjaji itd.

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

USBNoRisk 1.5 by bobby

Started at 11.3.2009 19:13:21

Scanning for connected USB Mass storage...
----------------------------------------
========================================

Scanning for other storage...
----------------------------------------
C: {f2b6ee4b-0745-11de-a81d-806d6172696f}
D: {f2b6ee4c-0745-11de-a81d-806d6172696f}
E: {f2b6ee4d-0745-11de-a81d-806d6172696f}
========================================


Scanning fixed storage for autorun.inf files...
----------------------------------------
Autorun.inf on C: - None
----------------------------------------

Sanitizing Shell Menu...
----------------------------------------
No key found for C:
No key found for f2b6ee4b-0745-11de-a81d-806d6172696f
========================================

Autorun.inf on D: - None
----------------------------------------

Sanitizing Shell Menu...
----------------------------------------
No key found for D:
No key found for f2b6ee4c-0745-11de-a81d-806d6172696f
========================================

Autorun.inf on E: - None
----------------------------------------

Sanitizing Shell Menu...
----------------------------------------
No key found for E:
No key found for f2b6ee4d-0745-11de-a81d-806d6172696f
========================================

autorun.inf found in Qoobox
----------------------------------------
Content of C:\QooBox\Quarantine\C\autorun.inf.vir
----------------------------------------
[AutoRun]
;AL4i27swa8Llewik4LaD2LaDle
open=dbrxubcw.com
;dspqwJa7iLJlaiw9Hj64L
shell\open\Command=dbrxubcw.com
----------------------------------------
Content of C:\QooBox\Quarantine\H\autorun.inf.vir
----------------------------------------
[autorun]
open=
shell\open=Explore
shell\open\Command=rundll32.exe .\\mmidle.dll,InstallM
shell\open\Default=1
----------------------------------------


New device connected at 11.3.2009 19:13:38

Scanning for connected USB mass storage...
----------------------------------------
G: {a91d3332-0752-11de-8c26-4d6564696130}
Added G:
========================================

Scanning USB mass storage for files...
----------------------------------------
----------------------------------------
autorun.inf found on G:
----------------------------------------
File G:\autorun.inf renamed successfully

Content of G:\autorun.inf.blocked
----------------------------------------
[autorun]
open=
shell\open=Explore
shell\open\Command=rundll32.exe .\\pfsfs.dll,InstallM
shell\open\Default=1
----------------------------------------

Files referenced from G:\autorun.inf.blocked
----------------------------------------
None
----------------------------------------

Possible references from G:\autorun.inf.blocked
(beware, these are possible false detections)
----------------------------------------
G:\pfsfs.dll -rahs 114688
----------------------------------------

Sanitizing Shell Menu...
----------------------------------------
Sanitized a91d3332-0752-11de-8c26-4d6564696130
========================================

----------------------------------------

Desktop.ini on G: - None
----------------------------------------

========================================

========================================
Removed G:
========================================
========================================

========================================
========================================

========================================
========================================

========================================
========================================

========================================



evo izvini sto kasnim nisam imao net ....