MyCity » Ambulanta -> Arhiva Ambulante » G:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\sy

G:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\sy

Napisano na dan: 21.11.2008

Strana:
1
2
3

G:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\sy

Sledeća strana

Pagination

Odgovori

Strana:
1
2
3

bad_boyyyy Poslao: 21 Nov 2008 17:19 Idi na vrh
offline bad_boyyyy Građanin Pridružio: 21 Nov 2008 Poruke: 77	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Pozz swima...Nov sam na forumu pa ne znam da li sam postavio pitanje gde treba...Imam jedan problem,fajl:G:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\sys32.exe mi Avast! prijavljuje kao virus/crv...Ime malware-a:Win32:AutoRun-AFL [Wrm] E,sad mene interesuje da li je stvarno virus ili false positive... I ovo mi isto prijavljuje kao virus:G:\autorun.inf A ime malware-a:BV:AutoRun-G [Wrm] Hvala unapred na odgovorima

Profil

bobby Poslao: 21 Nov 2008 17:43 Idi na vrh
offline bobby Administrator Pridružio: 04 Sep 2003 Poruke: 24135 Gde živiš: Wien	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Jeste malware. Zamolio bih te da procitas sledecu temu i da postupis kako je u njoj opisano: http://www.mycity.rs/Ambulanta/Kako-otvoriti-temu-u-Ambulanti.html Temu prebacujem u Ambulantu.

Profil

bad_boyyyy Poslao: 21 Nov 2008 17:52 Idi na vrh
offline bad_boyyyy Građanin Pridružio: 21 Nov 2008 Poruke: 77	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Jesu li oba malware ili ne?Chudno mi je to shto se to pojavljuje na skoro svakom flashu...Ovo mi se pojavilo na mp4 plejeru...Ja sam pomislio da je avast! pocheo malo da brlja...hvala puno na pomoci... Dopuna: 21 Nov 2008 17:52 Interesuje me jos nesto...Da ne otvaram posebnu temu samo zbog toga...Interesuje me tvoje licno misljenje da li da ostavim avast! ili da stavim neki drugi AV?Shta mi preporucujes?hvala

Profil

bobby Poslao: 21 Nov 2008 17:57 Idi na vrh
offline bobby Administrator Pridružio: 04 Sep 2003 Poruke: 24135 Gde živiš: Wien	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Procitaj temu sa linka koji sam ti ostavio u prethodnoj temi, i ucini kako ti je tamo napisano. Taj crv se siri putem USB medija, i ako zelis da ti pomognemo onda postavi log onako kako ti je napisano u temi na linku koji sam ti dao. Avast je sasvim OK.

Profil

bad_boyyyy Poslao: 21 Nov 2008 18:21 Idi na vrh
offline bad_boyyyy Građanin Pridružio: 21 Nov 2008 Poruke: 77	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Evo log-a: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 6:16:52 PM, on 11/21/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.5730.0011) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Unlocker\UnlockerAssistant.exe C:\Program Files\Winamp\winampa.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe C:\Program Files\WinFast\WFDTV\DTVSchdl.exe C:\Program Files\WinFast\WFDTV\WFWIZ.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\WINDOWS\sttray.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files\DNA\btdna.exe C:\Program Files\DAEMON Tools Lite\daemon.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\FRAPS\FRAPS.EXE C:\Program Files\RocketDock\RocketDock.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\PnkBstrA.exe C:\WINDOWS\system32\STacSV.exe C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\system32\wscntfy.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\Program Files\AIMP2\AIMP2.exe C:\WINDOWS\explorer.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Accounts\Administrator\Desktop\moje stvari\TR3.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = g.msn.com/0SEENUS/SAOS01?FORM=TOOLBR R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = g.msn.com/0SEENUS/SAOS01?FORM=TOOLBR R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = bsplayer-search.com/startpage R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = g.msn.com/0SEENUS/SAOS01?FORM=TOOLBR R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = shell.windows.com/fileassoc/0409/xml/redir.asp?Ext=bak R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 218.66.219.11:8080 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: IeCatch5 Class - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\PROGRA~1\FlashGet\jccatch.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: Click-to-Call BHO - {5C255C8A-E604-49b4-9D64-90988571CECB} - C:\Program Files\Windows Live\Messenger\wlchtc.dll O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll O2 - BHO: Windows Live Toolbar Beta - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O2 - BHO: gFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\PROGRA~1\FlashGet\getflash.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O3 - Toolbar: BS.Player ControlBar - {2C688203-7EB3-4327-9995-1CB417BA23F9} - C:\Program Files\BS.Player ControlBar\BSToolbar.dll O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\fgiebar.dll O4 - HKLM\..\Run: [UnlockerAssistant] C:\Program Files\Unlocker\UnlockerAssistant.exe -H O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe" O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [WinFastDTV] C:\Program Files\WinFast\WFDTV\DTVSchdl.exe O4 - HKLM\..\Run: [WinFast Schedule] C:\Program Files\WinFast\WFDTV\WFWIZ.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [SigmatelSysTrayApp] sttray.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe" O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [Fraps] C:\FRAPS\FRAPS.EXE O4 - HKUS\S-1-5-19\..\RunOnce: [nltide3] cmd.exe /C rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [nltide1] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [nltide2] cmd.exe /C rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,L,,4,N (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [nltide3] cmd.exe /C rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\RunOnce: [nltide3] cmd.exe /C rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\RunOnce: [nltide3] cmd.exe /C rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user') O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O8 - Extra context menu item: Add to Windows &Live Favorites - favorites.live.com/quickadd.aspx O8 - Extra context menu item: Download All by FlashGet - C:\Program Files\FlashGet\jc_all.htm O8 - Extra context menu item: Download using FlashGet - C:\Program Files\FlashGet\jc_link.htm O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\WINDOWS\system32\STacSV.exe O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe O23 - Service: Windows Driver Foundation - User-mode Driver Framework (WudfSvc) - Unknown owner - hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,74,00,25,00,5c,00,73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,73,00,76,00,63,00,68,00,6f,00,73,00,74,00,2e,00,65,00,78,00,65,00,20,00,2d,00,6b,00,20,00,57,00,75,00,64,00,66,00,53,00,65,00,72,00,76,00,69,00,63,00,65,00,47,00,72,00,6f,00,75,00,70,00,00,00 (file missing) -- End of file - 11558 bytes

Profil

bobby Poslao: 21 Nov 2008 18:24 Idi na vrh
offline bobby Administrator Pridružio: 04 Sep 2003 Poruke: 24135 Gde živiš: Wien	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Pokrenite Spybot S&D Kliknite Mode stavku u meniju Odaberite Advance Mode Na traci levo kliknite na Tools Kliknite na Resident Destiklirajte Resident Tea-Timer Zatvorite Spybot S&D Restartujte kompjuter. - Zatim skinuti program sa ovog linka na Desktop. - Pokrenuti ga dvoklikom i ispratiti uputstva. Nemojte zaboraviti da ponovo ukljucite ove opcije kada zavrsimo ciscenje. Skini ComboFix sa jedne od sledecih adresa na Desktop: http://download.bleepingcomputer.com/sUBs/ComboFix.exe http://www.forospyware.com/sUBs/ComboFix.exe http://subs.geekstogo.com/ComboFix.exe Startuj ga i ne diraj prozor programa dok skenira. Sledi uputstva na ekranu. Kada zavrsi pojavice se log (C:\ComboFix.txt) koji ces nam ovde iskopirati.

Profil

bad_boyyyy Poslao: 21 Nov 2008 19:01 Idi na vrh
offline bad_boyyyy Građanin Pridružio: 21 Nov 2008 Poruke: 77	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! @bobby kazhi mi cemu sluzi ovo shto si mi napisao da uradim?Onaj malware mi je na mp4 a to mislim da nije prikazano u ovom logu koji sam postavio ili mozda jeste?Mislim da u kompu nemam virusa pa ako bi mogao da mi objasnis cemu ovo sluzi?hvala

Profil

bobby Poslao: 21 Nov 2008 20:23 Idi na vrh
offline bobby Administrator Pridružio: 04 Sep 2003 Poruke: 24135 Gde živiš: Wien	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Ovo sto sam te uputio da uradis ce mi napraviti detaljniji log, pa cu bolje znati sa cime imam posla. Nema veze sto je malware na mp4 plejeru, obavezno postoje tragovi u reg. bazi koji meni puno toga mogu da kazu. Pride svega toga, ComboFix je alatka pomocu koje cemo moci dalje da radimo ono sto treba.

Profil

bad_boyyyy Poslao: 22 Nov 2008 13:57 Idi na vrh
offline bad_boyyyy Građanin Pridružio: 21 Nov 2008 Poruke: 77	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! @bobby,ewo loga combo fix-a: ComboFix 08-11-21.05 - Administrator 2008-11-22 12:02:12.1 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.1623 [GMT 1:00] Running from: c:\accounts\Administrator\Desktop\ComboFix.exe * Created a new restore point . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\windows\system32\Dvbpws.dll D:\explorer.exe . ((((((((((((((((((((((((( Files Created from 2008-10-22 to 2008-11-22 ))))))))))))))))))))))))))))))) . 2008-11-21 14:02 . 2008-11-21 19:50 <DIR> d-------- c:\program files\FlashGet 2008-11-20 23:00 . 2008-11-20 23:03 <DIR> d-------- c:\program files\SpywareBlaster 2008-11-20 01:16 . 2008-11-20 23:22 <DIR> d-------- c:\windows\system32\ZoneLabs 2008-11-20 00:38 . 2008-05-30 14:11 3,850,760 --a------ c:\windows\system32\D3DX9_38.dll 2008-11-20 00:38 . 2008-05-30 14:11 1,491,992 --a------ c:\windows\system32\D3DCompiler_38.dll 2008-11-20 00:38 . 2008-03-05 15:56 1,420,824 --a------ c:\windows\system32\D3DCompiler_37.dll 2008-11-20 00:38 . 2008-05-30 14:19 507,400 --a------ c:\windows\system32\XAudio2_1.dll 2008-11-20 00:38 . 2008-03-05 16:03 479,752 --a------ c:\windows\system32\XAudio2_0.dll 2008-11-20 00:38 . 2008-05-30 14:11 467,984 --a------ c:\windows\system32\d3dx10_38.dll 2008-11-20 00:38 . 2008-02-05 23:07 462,864 --a------ c:\windows\system32\d3dx10_37.dll 2008-11-20 00:38 . 2008-05-30 14:18 238,088 --a------ c:\windows\system32\xactengine3_1.dll 2008-11-20 00:38 . 2008-03-05 16:03 238,088 --a------ c:\windows\system32\xactengine3_0.dll 2008-11-20 00:38 . 2008-05-30 14:17 65,032 --a------ c:\windows\system32\XAPOFX1_0.dll 2008-11-20 00:38 . 2008-05-30 14:17 25,608 --a------ c:\windows\system32\X3DAudio1_4.dll 2008-11-20 00:38 . 2008-03-05 16:00 25,608 --a------ c:\windows\system32\X3DAudio1_3.dll 2008-11-20 00:37 . 2008-11-20 00:37 <DIR> d-------- c:\windows\Logs 2008-11-20 00:24 . 2008-11-20 00:24 682,280 --a------ c:\windows\system32\pbsvc.exe 2008-11-16 10:42 . 2008-11-16 10:42 <DIR> d-------- c:\windows\Watson 2008-11-15 00:22 . 2008-11-15 00:22 <DIR> d-------- c:\program files\QuickTime 2008-11-15 00:22 . 2008-11-15 00:22 <DIR> d-------- c:\program files\ImTOO 2008-11-14 14:33 . 2008-11-14 14:33 <DIR> d--h----- c:\windows\$hf_mig$ 2008-11-14 14:30 . 2008-02-26 12:59 294,912 --------- c:\windows\system32\dllcache\msctf.dll 2008-11-13 17:44 . 2008-11-13 17:44 958 --a------ c:\windows\Active Setup Log.BAK 2008-11-13 11:58 . 2008-11-15 14:27 <DIR> d-------- C:\Temp 2008-11-13 11:54 . 2008-11-13 11:54 <DIR> d-------- c:\accounts\All Users\Application Data\Apple Computer 2008-11-12 21:16 . 2008-11-12 21:18 <DIR> d-------- c:\program files\Kaspersky Lab 2008-11-12 20:05 . 2008-11-12 20:05 <DIR> d-------- c:\program files\Microsoft SQL Server Compact Edition 2008-11-12 20:05 . 2008-09-04 22:03 56,344 --a------ c:\windows\system32\drivers\fssfltr.sys 2008-11-12 20:03 . 2008-11-12 20:05 <DIR> d-------- c:\program files\Windows Live 2008-11-11 11:47 . 2008-11-12 17:25 1,113 --a------ C:\rollback.ini 2008-11-11 10:58 . 2008-11-11 10:58 236 --a------ C:\sqmdata09.sqm 2008-11-11 10:58 . 2008-11-11 10:58 200 --a------ C:\sqmnoopt10.sqm 2008-11-11 10:54 . 2008-11-11 20:06 <DIR> d-------- c:\accounts\All Users\Application Data\MailFrontier 2008-11-11 10:54 . 2004-04-27 04:40 11,264 --a------ c:\windows\system32\SpOrder.dll 2008-11-10 17:26 . 2008-11-10 17:26 <DIR> d-------- c:\accounts\All Users\Application Data\Yahoo! Companion 2008-11-10 12:22 . 2008-11-20 23:20 4,212 --ah----- c:\windows\system32\zllictbl.dat 2008-11-10 12:18 . 2008-11-20 23:22 <DIR> d-------- c:\windows\Internet Logs 2008-11-09 16:20 . 2008-11-09 16:20 <DIR> d-------- c:\program files\Yahoo! 2008-11-07 13:46 . 2008-11-07 13:46 236 --a------ C:\sqmdata08.sqm 2008-11-07 13:46 . 2008-11-07 13:46 200 --a------ C:\sqmnoopt09.sqm 2008-11-07 13:37 . 2007-03-06 05:38 266,240 -ra------ c:\windows\system32\stacapi.dll 2008-11-07 13:34 . 2008-11-07 13:34 200 --a------ C:\sqmnoopt08.sqm 2008-11-06 10:55 . 2008-11-22 11:56 <DIR> d-------- C:\Fraps 2008-11-06 10:51 . 2008-11-22 11:59 <DIR> d-a------ c:\accounts\All Users\Application Data\TEMP 2008-11-05 11:50 . 1998-10-29 16:45 306,688 --a------ c:\windows\IsUninst.exe 2008-11-05 10:02 . 2008-11-05 10:02 236 --a------ C:\sqmdata07.sqm 2008-11-05 10:02 . 2008-11-05 10:02 200 --a------ C:\sqmnoopt07.sqm 2008-11-05 09:58 . 2008-11-05 09:58 236 --a------ C:\sqmdata06.sqm 2008-11-05 09:58 . 2008-11-05 09:58 200 --a------ C:\sqmnoopt06.sqm 2008-11-05 09:53 . 2008-11-05 09:53 236 --a------ C:\sqmdata05.sqm 2008-11-05 09:53 . 2008-11-05 09:53 200 --a------ C:\sqmnoopt05.sqm 2008-11-03 20:29 . 2008-11-03 20:29 <DIR> d-------- c:\accounts\Administrator\Application Data\ImTOO Software Studio 2008-10-30 17:26 . 2008-10-30 17:26 1,700,352 --a------ c:\windows\system32\gdiplus.dll 2008-10-30 16:15 . 2008-10-30 16:15 <DIR> d-------- c:\program files\SuperCleaner 2008-10-30 16:02 . 2008-10-30 16:02 <DIR> d-------- c:\program files\TuneUp Utilities 2007 2008-10-30 16:02 . 2008-10-30 16:02 <DIR> d-------- c:\accounts\Administrator\Application Data\TuneUp Software 2008-10-30 16:02 . 2007-03-28 19:42 29,704 --a------ c:\windows\system32\uxtuneup.dll 2008-10-30 16:01 . 2008-10-30 16:01 <DIR> d-------- c:\program files\Common Files\Wise Installation Wizard 2008-10-30 16:01 . 2008-10-30 16:01 <DIR> d-------- c:\accounts\All Users\Application Data\TuneUp Software 2008-10-27 20:22 . 2008-10-27 20:22 724,992 --a------ c:\windows\iun6002.exe 2008-10-27 20:15 . 2008-10-27 20:30 <DIR> d-------- C:\Documents and Settings 2008-10-27 00:39 . 2008-10-27 00:39 <DIR> d-------- c:\accounts\All Users\Application Data\KONAMI 2008-10-27 00:34 . 2008-10-27 00:34 <DIR> d-------- c:\program files\KONAMI 2008-10-25 09:57 . 2008-10-25 09:59 <DIR> d-------- c:\program files\Game Graphic Studio 2008-10-25 09:37 . 2007-10-05 21:55 <DIR> d-a------ C:\AFS Explorer 3.7 2008-10-24 17:39 . 2008-10-24 17:39 <DIR> d-------- c:\program files\Sigmatel 2008-10-24 17:39 . 2007-05-07 04:15 5,398,528 -ra------ c:\windows\system32\IDTSG.cpl 2008-10-24 17:39 . 2007-05-06 10:10 2,187,264 -ra------ c:\windows\system32\stlang.dll 2008-10-24 17:39 . 2007-03-06 05:38 1,228,296 -ra------ c:\windows\system32\drivers\sthda.sys 2008-10-24 17:39 . 2007-05-06 10:10 405,504 -ra------ c:\windows\sttray.exe 2008-10-24 17:39 . 2007-03-06 05:37 142,848 -ra------ c:\windows\system32\staco.dll 2008-10-24 17:39 . 2007-05-06 10:11 94,208 -ra------ c:\windows\system32\stacsv.exe 2008-10-24 15:45 . 2008-11-20 00:40 138,464 --a------ c:\windows\system32\drivers\PnkBstrK.sys 2008-10-24 15:45 . 2008-11-20 00:40 111,928 --a------ c:\windows\system32\PnkBstrB.exe 2008-10-24 15:45 . 2008-11-20 00:24 22,328 --a------ c:\accounts\Administrator\Application Data\PnkBstrK.sys 2008-10-24 15:44 . 2008-10-24 15:44 <DIR> d-------- c:\windows\system32\LogFiles 2008-10-24 15:44 . 2008-11-20 00:24 66,872 --a------ c:\windows\system32\PnkBstrA.exe 2008-10-24 15:44 . 2008-10-24 15:44 319 --a------ c:\windows\game.ini 2008-10-24 13:33 . 2008-10-24 13:33 <DIR> d--hs---- c:\windows\ftpcache . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-11-22 10:56 --------- d-----w c:\program files\DNA 2008-11-22 10:56 --------- d-----w c:\accounts\Administrator\Application Data\DNA 2008-11-22 10:50 --------- d-----w c:\accounts\Administrator\Application Data\AIMP 2008-11-19 23:24 --------- d--h--w c:\program files\InstallShield Installation Information 2008-11-17 17:08 --------- d-----w c:\accounts\Administrator\Application Data\SolSuite 2008-11-15 14:59 --------- d-----w c:\accounts\Administrator\Application Data\Ahead 2008-11-14 15:35 --------- d-----w c:\program files\RocketDock 2008-11-12 09:33 69,717 ----a-w c:\windows\Internet Logs\zlclient_2nd_2008_11_12_00_52_49_small.dmp.zip 2008-11-12 09:33 68,190 ----a-w c:\windows\Internet Logs\zlclient_2nd_2008_11_12_00_52_47_small.dmp.zip 2008-11-11 22:34 --------- d-----w c:\accounts\All Users\Application Data\Spybot - Search & Destroy 2008-11-10 10:21 --------- d-----w c:\accounts\Administrator\Application Data\BearShare 2008-11-08 10:35 --------- d-----w c:\program files\Spybot - Search & Destroy 2008-11-05 10:53 --------- d-----w c:\program files\Common Files\Adobe 2008-11-02 01:36 --------- d-----w c:\accounts\Administrator\Application Data\LimeWire 2008-10-19 16:16 --------- d-----w c:\program files\Microsoft Office Outlook Connector 2008-10-18 13:35 --------- d-----w c:\program files\Sony Ericsson 2008-10-15 13:47 --------- d-----w c:\program files\DAEMON Tools Lite 2008-10-15 13:22 --------- d-----w c:\program files\DAEMON Tools Toolbar 2008-10-15 13:19 717,296 ----a-w c:\windows\system32\drivers\sptd.sys 2008-10-15 13:19 --------- d-----w c:\accounts\Administrator\Application Data\DAEMON Tools 2008-10-15 11:42 --------- d-----w c:\program files\AIMP2 2008-10-14 16:34 --------- d-----w c:\program files\AliveMedia 2008-10-12 12:46 --------- d-----w c:\program files\Common Files\Adobe AIR 2008-10-10 18:08 --------- d-----w c:\program files\Microsoft 2008-10-10 16:08 --------- d-----w c:\program files\WinFast 2008-10-10 16:08 --------- d-----w c:\program files\Common Files\Ulead Systems 2008-10-10 15:50 155,648 ----a-w c:\windows\system32\libssl32.dll 2008-10-09 21:48 --------- d-----w c:\accounts\All Users\Application Data\NVIDIA 2008-10-06 08:23 --------- d-----w c:\accounts\Administrator\Application Data\fltk.org 2008-10-05 22:52 107,888 ----a-w c:\windows\system32\CmdLineExt.dll 2008-10-05 22:52 --------- d--h--r c:\accounts\Administrator\Application Data\SecuROM 2008-10-05 22:52 --------- d-----w c:\program files\Hasbro 2008-10-05 22:47 --------- d-----w c:\program files\Common Files\Real 2008-10-05 22:46 --------- d-----w c:\program files\Online TV Player 3 2008-10-05 16:37 --------- d-----w c:\program files\VID_0E8F&PID_0003 2008-10-05 16:36 --------- d-----w c:\accounts\Administrator\Application Data\InstallShield 2008-10-05 16:18 --------- d-----w c:\program files\Unlocker 2008-10-05 16:13 --------- d-----w c:\accounts\All Users\Application Data\TreeCardGames 2008-10-05 09:38 --------- d-----w c:\program files\ReflexiveArcade 2008-10-02 23:46 81,920 ----a-w c:\windows\system32\frapsvid.dll 2008-10-01 09:43 --------- d-----w c:\program files\FLV to AVI MPEG WMV 3GP MP4 iPod Converter 2008-10-01 09:37 --------- d-----w c:\program files\Common Files\Download Manager 2008-09-26 14:31 --------- d-----w c:\program files\PC Satellite TV 2008-09-24 12:42 --------- d-----w c:\accounts\Administrator\Application Data\vlc 2008-09-24 10:05 --------- d-----w c:\program files\VideoLAN 2008-09-23 11:07 --------- d-----w c:\program files\EvilLyrics 2008-09-22 13:37 --------- d-----w c:\program files\LimeWire 2008-09-22 10:54 --------- d-----w c:\program files\BearShare Applications 2008-09-22 10:48 --------- d-----w c:\accounts\Administrator\Application Data\uTorrent 2008-09-16 19:27 453,152 ----a-w c:\windows\system32\NVUNINST.EXE 2008-09-08 23:03 51,712 ----a-w c:\windows\system32\sirenacm.dll 2008-09-05 14:56 287,744 ----a-w c:\windows\WLXPGSS.SCR . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-03 15360] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\lib\NMBgMonitor.exe" [2005-10-28 94208] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-09-26 68856] "BitTorrent DNA"="c:\program files\DNA\btdna.exe" [2008-11-11 342336] "DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\daemon.exe" [2008-08-08 490952] "msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2008-09-09 3513344] "Fraps"="c:\fraps\FRAPS.EXE" [2008-10-03 1027752] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "UnlockerAssistant"="c:\program files\Unlocker\UnlockerAssistant.exe" [2006-09-07 15872] "NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648] "WinampAgent"="c:\program files\Winamp\winampa.exe" [2008-08-04 36352] "avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2008-07-19 78008] "RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2004-11-02 32768] "WinFastDTV"="c:\program files\WinFast\WFDTV\DTVSchdl.exe" [2007-02-12 69632] "WinFast Schedule"="c:\program files\WinFast\WFDTV\WFWIZ.exe" [2007-02-12 397312] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-09-17 13574144] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-09-17 86016] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672] "nwiz"="nwiz.exe" [2008-09-17 c:\windows\system32\nwiz.exe] "SigmatelSysTrayApp"="sttray.exe" [2007-05-06 c:\windows\sttray.exe] c:\accounts\All Users\Start Menu\Programs\Startup\ Adobe Gamma Loader.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2008-11-05 113664] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "DisableStatusMessages"= 0 (0x0) [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer] "ForceClassicControlPanel"= 1 (0x1) "NoSMMyPictures"= 1 (0x1) "NoSMConfigurePrograms"= 1 (0x1) [HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer] "ForceClassicControlPanel"= 1 (0x1) "NoSMMyPictures"= 1 (0x1) "NoSMConfigurePrograms"= 1 (0x1) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\DNA\\btdna.exe"= "c:\\WINDOWS\\system32\\PnkBstrA.exe"= "c:\\WINDOWS\\system32\\PnkBstrB.exe"= "d:\\Program Files\\Activision\\Call of Duty 4 - Modern Warfare\\iw3mp.exe"= "c:\\Program Files\\KONAMI\\Pro Evolution Soccer 2009\\pes2009.exe"= "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "d:\\Program Files\\Activision\\Call of Duty - World at War\\CoDWaWmp.exe"= "d:\\Program Files\\Activision\\Call of Duty - World at War\\CoDWaW.exe"= "c:\\Program Files\\FlashGet\\FlashGet.exe"= R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2008-09-17 78416] R2 aswFsBlk;aswFsBlk;c:\windows\system32\DRIVERS\aswFsBlk.sys [2008-09-17 20560] R2 fssfltr;FssFltr;c:\windows\system32\DRIVERS\fssfltr.sys [2008-11-12 56344] R2 UxTuneUp;TuneUp Theme Extension;c:\windows\System32\svchost.exe -k netsvcs [2004-08-03 14336] R3 WFIOCTL;WFIOCTL;\??\c:\program files\WinFast\WFDTV\WFIOCTL.SYS [2008-10-10 9446] S3 fsssvc;Windows Live Family Safety;"c:\program files\Windows Live\Family Safety\fsssvc.exe" [2008-09-04 512536] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] WudfServiceGroup REG_SZ hex(7):57,00,55,00,44,00,46,00,53,00,76,00,63,00,00,00,00,00 HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs UxTuneUp Newly Created Service - CATCHME Newly Created Service - PROCEXP90 . Contents of the 'Scheduled Tasks' folder 2008-11-21 c:\windows\Tasks\1-Click Maintenance.job - c:\program files\TuneUp Utilities 2007\SystemOptimizer.exe [2007-04-26 21:51] . - - - - ORPHANS REMOVED - - - - HKU-Default-RunOnce-nltide3 - rundll32 advpack.dll . ------- Supplementary Scan ------- . FireFox -: Profile - c:\accounts\Administrator\Application Data\Mozilla\Firefox\Profiles\7eo4t4fn.default\ FF -: plugin - c:\program files\DNA\plugins\npbtdna.dll FF -: plugin - c:\program files\Java\jre1.6.0\bin\npjava11.dll FF -: plugin - c:\program files\Java\jre1.6.0\bin\npjava12.dll FF -: plugin - c:\program files\Java\jre1.6.0\bin\npjava13.dll FF -: plugin - c:\program files\Java\jre1.6.0\bin\npjava14.dll FF -: plugin - c:\program files\Java\jre1.6.0\bin\npjava32.dll FF -: plugin - c:\program files\Java\jre1.6.0\bin\npjpi160.dll FF -: plugin - c:\program files\Java\jre1.6.0\bin\npoji610.dll FF -: plugin - c:\program files\Yahoo!\Common\npyaxmpb.dll . ************************************************************************ catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, gmer.net Rootkit scan 2008-11-22 12:03:24 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************ [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\WudfPf] "ImagePath"="hex(2):73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,44,00,52,00,49,00,56,00,45,00,52,00,53,00,5c,00,57,00,75,00,64,00,66,00,50,00,66,00,2e,00,73,00,79,00,73,00,00,00" [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\WudfRd] "ImagePath"="hex(2):73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,44,00,52,00,49,00,56,00,45,00,52,00,53,00,5c,00,77,00,75,00,64,00,66,00,72,00,64,00,2e,00,73,00,79,00,73,00,00,00" [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\WudfSvc] "ImagePath"="hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,74,00,25,00,5c,00,73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,73,00,76,00,63,00,68,00,6f,00,73,00,74,00,2e,00,65,00,78,00,65,00,20,00,2d,00,6b,00,20,00,57,00,75,00,64,00,66,00,53,00,65,00,72,00,76,00,69,00,63,00,65,00,47,00,72,00,6f,00,75,00,70,00,00,00" "ServiceDll"="hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,74,00,25,00,5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,57,00,55,00,44,00,46,00,53,00,76,00,63,00,2e,00,64,00,6c,00,6c,00,00,00" [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\WudfPf] "ImagePath"="hex(2):73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,44,00,52,00,49,00,56,00,45,00,52,00,53,00,5c,00,57,00,75,00,64,00,66,00,50,00,66,00,2e,00,73,00,79,00,73,00,00,00" [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\WudfRd] "ImagePath"="hex(2):73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,44,00,52,00,49,00,56,00,45,00,52,00,53,00,5c,00,77,00,75,00,64,00,66,00,72,00,64,00,2e,00,73,00,79,00,73,00,00,00" [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\WudfSvc] "ImagePath"="hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,74,00,25,00,5c,00,73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,73,00,76,00,63,00,68,00,6f,00,73,00,74,00,2e,00,65,00,78,00,65,00,20,00,2d,00,6b,00,20,00,57,00,75,00,64,00,66,00,53,00,65,00,72,00,76,00,69,00,63,00,65,00,47,00,72,00,6f,00,75,00,70,00,00,00" [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\WudfSvc] "ImagePath"="hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,74,00,25,00,5c,00,73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,73,00,76,00,63,00,68,00,6f,00,73,00,74,00,2e,00,65,00,78,00,65,00,20,00,2d,00,6b,00,20,00,57,00,75,00,64,00,66,00,53,00,65,00,72,00,76,00,69,00,63,00,65,00,47,00,72,00,6f,00,75,00,70,00,00,00" "ServiceDll"="hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,74,00,25,00,5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,57,00,55,00,44,00,46,00,53,00,76,00,63,00,2e,00,64,00,6c,00,6c,00,00,00" . Completion time: 2008-11-22 12:03:59 ComboFix-quarantined-files.txt 2008-11-22 11:03:55 Pre-Run: 24,419,934,208 bytes free Post-Run: 24,439,996,416 bytes free WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect 269 Shta da radim dalje?Dodao mi je josh jednu ikonicu internet explorera i iskljucen mi je MSN i spybot...E,da kada me je pitao za windows recovery konzolu ja sam prihvatio da je instalira,da li sam pogresio?hvala Dopuna: 22 Nov 2008 13:57 Jel da brisem sad reset tea timer.exe?I da li da brisem combo fix? Jel je klasican unnistal ili...?hvala unapred

Profil

bobby Poslao: 22 Nov 2008 17:23 Idi na vrh
offline bobby Administrator Pridružio: 04 Sep 2003 Poruke: 24135 Gde živiš: Wien	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Potrudicu se maksimalno da u toku veceri pregledam tvoj log. Proslu noc nisam spavao zbog nenormalnih bolova u ruci, pa sam danas prespavao skoro ceo dan, i sada imam glavobolju od previse spavanja.

Profil

MyCity » Ambulanta -> Arhiva Ambulante » G:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\sy

Ko je trenutno na forumu

Ukupno su 1096 korisnika na forumu :: 33 registrovanih, 5 sakrivenih i 1058 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: anbeast, Ben Roj, bladesu, Boris BM, CikaKURE, debeli, doktor1964, Dorcolac, draganca, galerija, GandorCC, Georgius, hologram, HrcAk47, kolle.the.kid, krkalon, ladro, Marex, milos.cbr, Miskohd, muaddib, ozzy, Pohovani_00, RJ, Srle993, vandrej, vathra, vukdra, yrraf, ZetaMan, zixmix, |_MeD_|, žeks62

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by