MyCity » Ambulanta -> Arhiva Ambulante » Ne otvara particiju...

Ne otvara particiju...

Napisano na dan: 7.7.2007

Ne otvara particiju...
Sledeća strana Pagination

Idi na vrh

Poslao: 07 Jul 2007 15:40
Idi na vrh
offline
  • Pridružio: 26 Dec 2005
  • Poruke: 842

Prilikom sledećih koraka:
My Computer/C (ili D, E), dobijem pitanje koji program želim da upotrebim za izvršenje komande. Odaberem IE i particija se otvara... Elem, prilikom skeniranja sistema na startovanju, obavezno mi se pojavljuje:
deleted: Trojan program Trojan.Win32.Agent.aei File: C:\WINDOWS\MDM.EXE//NPack,
deleted: Trojan program Trojan.Win32.Agent.abt File: D:\RavMon.exe//NPack
...
koje ja obrišem, ali se iznova javljaju prilikom svakog startovanja sistema...

Nagradno pitanje: O čem' se tu radi?



Poslao: 07 Jul 2007 16:12
Idi na vrh
offline
  • DEMIAN  Male
  • Legendarni građanin
  • IT Manager
  • Pridružio: 25 Mar 2005
  • Poruke: 3706
  • Gde živiš: The darkest place on earth..

Ajd' za pocetak isprati ovu temu i postavi nam log programa HijackThis pa da vidimo sta dalje..
[Link mogu videti samo ulogovani korisnici]



Poslao: 07 Jul 2007 16:19
Idi na vrh
offline
  • Pridružio: 26 Dec 2005
  • Poruke: 842

Logfile of HijackThis v1.99.1
Scan saved at 16:22:44, on 7.7.2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
C:\Program Files\Opera\Opera.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Documents and Settings\Rade\Desktop\programi 2007\Nova fascikla\TR3.exe.exe

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = [Link mogu videti samo ulogovani korisnici]
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll
O2 - BHO: Ask Toolbar BHO - {F4D76F01-7896-458a-890F-E1F05C46069F} - C:\Program Files\AskPBar\bar\1.bin\ASKPBAR.DLL
O3 - Toolbar: Ask Toolbar - {F4D76F09-7896-458a-890F-E1F05C46069F} - C:\Program Files\AskPBar\bar\1.bin\ASKPBAR.DLL
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [µTorrent] "C:\Program Files\uTorrent\utorrent.exe"
O4 - Global Startup: DSLMON.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - [Link mogu videti samo ulogovani korisnici]\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Web Anti-Virus - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\scieplugin.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{C0CB7634-80A3-498E-B32D-9B496D41B4BB}: NameServer = 194.247.192.1 194.247.192.33
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
O20 - Winlogon Notify: klogon - C:\WINDOWS\system32\klogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\wpdshserviceobj.dll
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Kaspersky Anti-Virus 6.0 (AVP) - Unknown owner - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe" -r (file missing)
O23 - Service: Spyware Doctor Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\svcntaux.exe
O23 - Service: Spyware Doctor Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\swdsvc.exe
O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Program Files\TuneUp Utilities 2006\WinStylerThemeSvc.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe



Konekcija: adsl 256

Poslao: 08 Jul 2007 14:46
Idi na vrh
offline
  • DEMIAN  Male
  • Legendarni građanin
  • IT Manager
  • Pridružio: 25 Mar 2005
  • Poruke: 3706
  • Gde živiš: The darkest place on earth..

Prvo ces da pronadjes sledeće fajlova i da nam ih posaljes na proveru preko ovog linka:
> [Link mogu videti samo ulogovani korisnici]

C:\WINDOWS\system32\SearchProtocolHost.exe
C:\WINDOWS\system32\SearchIndexer.exe

[Da bi ih pronasao potrebno je da ukljucis prikaz skrivenih fajlova. Info Link.]

Kada to odradis skeniraces komp GMER-om prema ovom uputstvu i postaviti nam njegov log.

Preuzmi fajl gmer.zip sa ovog linka i sačuvaj na Desktop-u.
Raspakuj ga u neki folder.

Dupli klik na gmer.exe za početak: Izaberi Rootkit Tab na vrhu.
Klikni na Scan.
Kada je skeniranje završeno, klik na Copy dugme ispod - ovo će sačuvati to u Clipboard.
Iskoristi opciju Paste u Notepad-u da bi to prebacio u tekst. Snimi taj tekst iz Notepada kao file1.txt.
Ponovi ovo isto sa Autostart Tab-om. Snimi taj tekst iz Notepada kao file2.txt.
-------------------

Kada to pregledam, pisem nastavak..
Pozz

Dopuna: 07 Jul 2007 20:01

@rade012
Dobio sam fajlove, sta je sa gmer logovima koje sam ti trazio ?

Dopuna: 08 Jul 2007 14:46

Uradi sledeće:

- skini Deckard's System Scanner
- zatvori sve pokrenute programe
- pokreni dss.exe i sacekaj da zavrsi proveru
- kada se skeniranje zavrsi otvorice se prozor sa logom (main.txt)
- iskopiraj sadrzaj celog loga na forum

Poslao: 08 Jul 2007 15:09
Idi na vrh
offline
  • Pridružio: 26 Dec 2005
  • Poruke: 842

Deckard's System Scanner v20070611.50
Run by Rade on 2007-07-08 at 15:08:49
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------

Successfully created a Deckard's System Scanner Restore Point.


-- Last 5 Restore Point(s) --
6: 2007-07-08 13:08:54 UTC - RP125 - Deckard's System Scanner Restore Point
5: 2007-07-08 10:12:47 UTC - RP124 - Installed PC Inspector smart recovery
4: 2007-07-08 09:59:54 UTC - RP123 - Removed Microsoft Windows User State Migration Tool version 2.61
3: 2007-07-08 09:58:31 UTC - RP122 - Removed Western Australian Time Zone Update
2: 2007-07-08 09:58:11 UTC - RP121 - Removed Windows Defender


-- First Restore Point --
1: 2007-07-07 23:02:48 UTC - RP120 - Kontrolna tačka sistema


Backed up registry hives.

Performed disk cleanup.


-- HijackThis Clone ------------------------------------------------------------

Emulating logfile of HijackThis v1.99.1
Scan saved at 2007-07-08 15:10:43
Platform: Windows XP Service Pack 2 (5.01.2600)
MSIE: Internet Explorer (7.00.6000.16414)

Running processes:
C:\WINDOWS\system32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ati2evxx.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\searchindexer.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
C:\WINDOWS\system32\searchprotocolhost.exe
C:\Program Files\Opera\Opera.exe
C:\Documents and Settings\Rade\Desktop\dss.exe

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = [Link mogu videti samo ulogovani korisnici]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [Link mogu videti samo ulogovani korisnici]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [Link mogu videti samo ulogovani korisnici]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [Link mogu videti samo ulogovani korisnici]
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [Link mogu videti samo ulogovani korisnici]
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe"
O4 - HKLM\..\RunOnce: [AskPBar Uninstall] rundll32 C:\PROGRA~1\UNINST~1.DLL,O -2
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [µTorrent] "C:\Program Files\uTorrent\utorrent.exe"
O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - [Link mogu videti samo ulogovani korisnici]\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Web Anti-Virus - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - (file missing)
O9 - Extra 'Tools' menuitem: (no name) - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - (file missing)
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - (file missing)
O9 - Extra 'Tools' menuitem: (no name) - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\SYSTEM\CCS\Services\Tcpip\..\{C0CB7634-80A3-498E-B32D-9B496D41B4BB}: NameServer = 194.247.192.1 194.247.192.33
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll
O18 - Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL
O20 - Winlogon Notify: AtiExtEvent - C:\WINDOWS\system32\Ati2evxx.dll
O20 - Winlogon Notify: klogon - C:\WINDOWS\system32\klogon.dll
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Kaspersky Anti-Virus 6.0 (AVP) - Kaspersky Lab - "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe" -r
O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - "C:\Program Files\TuneUp Utilities 2006\WinStylerThemeSvc.exe"


-- File Associations -----------------------------------------------------------

.js - JSFile - DefaultIcon - "C:\Program Files\Macromedia\Dreamweaver 8\dreamweaver.exe",2


-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

R3 e4usbaw (USB ADSL2 WAN Adapter) - c:\windows\system32\drivers\e4usbaw.sys <Not Verified; Analog Devices Inc.; ADSL USB WAN Driver>


-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

S3 TUWinStylerThemeSvc (TuneUp WinStyler Theme Service) - "c:\program files\tuneup utilities 2006\winstylerthemesvc.exe" <Not Verified; TuneUp Software GmbH; TuneUp Utilities>


-- Scheduled Tasks -------------------------------------------------------------

2007-07-06 18:14:45 388 --a------ C:\WINDOWS\Tasks\1-Click Maintenance.job


-- Files created between 2007-06-08 and 2007-07-08 -----------------------------

2007-07-08 12:13:06 0 d-------- C:\Program Files\SilentNight Microburner
2007-07-08 12:12:48 44544 --a------ C:\WINDOWS\system32\Gif89.dll <Not Verified; ; Gif89 Module>
2007-07-08 12:12:48 0 d-------- C:\Program Files\Convar
2007-07-08 12:12:47 118784 --a------ C:\WINDOWS\system32\DartWeb.dll <Not Verified; Dart Communications; PowerTCP© Tools>
2007-07-08 12:12:47 217088 --a------ C:\WINDOWS\system32\DartSock.dll <Not Verified; Dart Communications; PowerTCP© Tools>
2007-07-08 12:00:20 241664 --a------ C:\Program Files\Uninstall Ask Toolbar.dll <Not Verified; Ask.com; Ask Toolbar for Internet Explorer>
2007-07-07 22:11:45 545 --a------ C:\WINDOWS\UC.PIF
2007-07-07 22:11:45 545 --a------ C:\WINDOWS\RAR.PIF
2007-07-07 22:11:45 545 --a------ C:\WINDOWS\PKZIP.PIF
2007-07-07 22:11:45 545 --a------ C:\WINDOWS\PKUNZIP.PIF
2007-07-07 22:11:45 545 --a------ C:\WINDOWS\NOCLOSE.PIF
2007-07-07 22:11:45 545 --a------ C:\WINDOWS\LHA.PIF
2007-07-07 22:11:45 545 --a------ C:\WINDOWS\ARJ.PIF
2007-07-07 22:11:45 0 d-------- C:\totalcmd
2007-07-07 21:56:08 0 dr-h----- C:\Documents and Settings\Rade\Recent
2007-07-07 21:47:33 0 d-------- C:\WINDOWS\system32\DRM
2007-07-07 21:24:52 0 d-------- C:\Program Files\Microsoft CAPICOM 2.1.0.2
2007-07-07 21:24:10 0 d-------- C:\Program Files\Malicious Software Removal Tool
2007-07-07 21:22:08 0 d-------- C:\WINDOWS\system32\SoftwareDistribution
2007-07-07 21:20:59 0 d------c- C:\WINDOWS\system32\DRVSTORE
2007-07-07 21:20:39 0 d-------- C:\Program Files\Microsoft
2007-07-07 21:15:58 0 d-------- C:\Program Files\MSXML 6.0
2007-07-07 21:15:17 0 d-------- C:\Program Files\MSXML 4.0
2007-07-07 21:12:29 0 d-------- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
2007-07-07 21:00:21 0 d-------- C:\WINDOWS\system32\XPSViewer
2007-07-07 20:59:41 0 d-------- C:\Program Files\Reference Assemblies
2007-07-07 20:55:22 0 d--h---c- C:\WINDOWS\$SQLUninstallMSXML2SP6-KB887606-x86-ENU$
2007-07-07 20:54:34 61440 --a------ C:\WINDOWS\ContextMenuExt.dll
2007-07-07 20:40:46 40960 --a------ C:\WINDOWS\system32\SSUBTMR6.DLL <Not Verified; vbAccelerator; SSubTmr6>
2007-07-07 20:40:45 10752 --a------ C:\WINDOWS\system32\aamd532.dll <Not Verified; Almeida & Andrade Ltda; MD5 Maker DLL>
2007-07-07 20:36:15 0 d-------- C:\Program Files\AutoPatcher
2007-07-07 15:32:19 0 d-------- C:\Program Files\URUSoft
2007-07-07 14:19:50 0 d-------- C:\Program Files\Gold Miner Vegas
2007-07-07 14:19:41 0 d-------- C:\Program Files\ReflexiveArcade
2007-07-07 12:55:23 0 d-------- C:\Downloads
2007-07-06 20:33:26 0 d-------- C:\Phenomedia AG
2007-07-06 20:32:50 0 d-------- C:\Program Files\Phenomedia AG
2007-07-06 20:32:42 328704 --a------ C:\WINDOWS\IsUn0407.exe <Not Verified; InstallShield Software Corporation; InstallShield® Deinstaller>
2007-07-06 20:18:50 30 --a------ C:\WINDOWS\popcinfo.dat
2007-07-06 13:33:14 0 d-------- C:\Program Files\CalcSharp
2007-07-05 21:58:46 0 d-------- C:\Documents and Settings\Rade\Application Data\Ahead
2007-07-05 18:48:04 0 d-------- C:\Documents and Settings\All Users\Application Data\TEMP
2007-07-05 18:47:51 162304 --a------ C:\WINDOWS\system32\ztvunrar36.dll
2007-07-05 18:47:51 77312 --a------ C:\WINDOWS\system32\ztvunace26.dll
2007-07-05 18:47:51 69632 --a------ C:\WINDOWS\system32\ztvcabinet.dll <Not Verified; Microsoft Corporation; Microsoft(R) Windows (R) 2000 Operating System>
2007-07-05 18:47:51 153088 --a------ C:\WINDOWS\system32\UNRAR3.dll
2007-07-05 18:47:51 75264 --a------ C:\WINDOWS\system32\unacev2.dll
2007-07-01 15:28:37 0 d-------- C:\Documents and Settings\Rade\Application Data\Media Player Classic
2007-06-30 22:00:03 0 d-------- C:\Program Files\Common Files\Macromedia Shared
2007-06-30 21:52:52 0 d-------- C:\Documents and Settings\All Users\Application Data\Macromedia
2007-06-30 21:52:25 0 d-------- C:\Program Files\Macromedia
2007-06-30 21:52:25 0 d-------- C:\Program Files\Common Files\Macromedia
2007-06-30 20:59:47 0 d-------- C:\Program Files\uTorrent
2007-06-30 18:57:16 217088 --a------ C:\WINDOWS\system32\yv12vfw.dll <Not Verified; [Link mogu videti samo ulogovani korisnici] Helix YV12 YUV Codec>
2007-06-30 18:57:16 180224 --a------ C:\WINDOWS\system32\xvidvfw.dll
2007-06-30 18:57:16 593920 --a------ C:\WINDOWS\system32\xvidcore.dll
2007-06-30 18:57:15 3596288 --a------ C:\WINDOWS\system32\qt-dx331.dll
2007-06-30 18:57:15 73728 --a------ C:\WINDOWS\system32\dpl100.dll <Not Verified; DivX, Inc.; DivX, Inc. dpl100>
2007-06-30 18:57:15 740442 --a------ C:\WINDOWS\system32\divx.dll <Not Verified; DivX, Inc.; DivX®>
2007-06-30 18:57:12 0 d-------- C:\Program Files\K-Lite Codec Pack
2007-06-30 18:14:04 0 d-------- C:\Program Files\Winamp
2007-06-30 17:50:28 0 d-------- C:\Program Files\Mv2Player
2007-06-30 17:31:53 0 d-------- C:\Documents and Settings\Rade\Application Data\NetPumper
2007-06-30 16:03:32 0 d-------- C:\Program Files\CCleaner
2007-06-30 15:52:13 0 d-------- C:\Documents and Settings\Rade\Application Data\Help
2007-06-30 15:49:33 516096 -----n--- C:\WINDOWS\system32\ati2sgag.exe <Not Verified; ; ATI Smart>
2007-06-30 15:49:25 294912 -ra------ C:\WINDOWS\system32\atiiiexx.dll <Not Verified; ATI Technologies Inc.; ATI Display Driver Utilities>
2007-06-30 15:49:22 135168 -ra------ C:\WINDOWS\system32\ATIDEMGR.dll
2007-06-30 15:48:56 0 d-------- C:\Program Files\ATI Technologies
2007-06-30 15:33:37 0 d-------- C:\WINDOWS\system32\ReinstallBackups
2007-06-30 14:42:46 0 d-------- C:\Program Files\Call of Duty
2007-06-30 11:35:30 0 d-------- C:\Program Files\PeerGuardian2
2007-06-30 11:08:54 0 d-------- C:\Documents and Settings\Rade\Application Data\uTorrent
2007-06-29 16:41:23 0 d-------- C:\Program Files\Nenad's Productions and Programs
2007-06-29 11:53:22 2621440 --a------ C:\Documents and Settings\Rade\ntuser.dat
2007-06-25 22:34:28 0 d-------- C:\Program Files\Pidgin
2007-06-25 17:20:42 0 d-------- C:\Documents and Settings\Rade\Application Data\CyberLink
2007-06-25 17:20:21 0 d-------- C:\Documents and Settings\All Users\Application Data\CyberLink
2007-06-25 17:20:05 0 d-------- C:\Program Files\CyberLink
2007-06-24 23:39:29 0 d-------- C:\Program Files\Lavasoft
2007-06-24 23:39:29 0 d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft
2007-06-24 20:34:21 0 d-------- C:\Program Files\MSN Messenger
2007-06-24 20:31:32 0 d-------- C:\Documents and Settings\Rade\Application Data\MSNInstaller
2007-06-24 14:34:37 0 d-------- C:\WINDOWS\EVEREST Corporate Edition
2007-06-24 14:34:37 0 d-------- C:\Program Files\Lavalys
2007-06-24 12:24:40 0 d-------- C:\Documents and Settings\Rade\Application Data\ABBYY
2007-06-24 12:23:19 0 d-------- C:\Documents and Settings\All Users\Application Data\ABBYY
2007-06-24 12:18:44 0 d-------- C:\Program Files\ABBYY FineReader 7.0 Professional Edition
2007-06-23 23:51:41 0 d-------- C:\Program Files\AskPBar
2007-06-23 23:50:32 0 d-------- C:\Program Files\Trillian
2007-06-23 21:57:27 0 d-------- C:\Documents and Settings\Rade\Application Data\.purple
2007-06-23 21:56:32 0 d-------- C:\Program Files\Common Files\GTK
2007-06-23 21:42:01 0 d-------- C:\Program Files\Common Files\Ahead
2007-06-23 21:41:56 0 d-------- C:\Program Files\Ahead
2007-06-23 20:00:39 0 d-------- C:\Documents and Settings\Rade\Application Data\Macromedia
2007-06-23 19:59:56 0 d-------- C:\Program Files\Recnik20
2007-06-23 16:12:43 0 d-------- C:\Documents and Settings\Rade\Application Data\Skype
2007-06-23 16:12:25 0 d-------- C:\Program Files\Skype
2007-06-23 16:12:25 0 d-------- C:\Program Files\Common Files\Skype
2007-06-23 16:12:16 0 d-------- C:\Documents and Settings\All Users\Application Data\Skype
2007-06-23 15:02:28 0 d-------- C:\Documents and Settings\All Users\Application Data\Adobe
2007-06-23 15:02:20 0 d-------- C:\Program Files\Common Files\Adobe
2007-06-23 15:01:34 0 d-------- C:\WINDOWS\system32\appmgmt
2007-06-23 14:00:55 0 d-------- C:\Documents and Settings\Rade\Application Data\AdobeUM
2007-06-23 14:00:27 0 d-------- C:\Documents and Settings\Rade\Application Data\Adobe
2007-06-23 13:43:10 0 d-------- C:\Documents and Settings\Rade\Application Data\Opera
2007-06-23 13:42:53 0 d-------- C:\Program Files\Opera
2007-06-23 13:39:11 0 d-------- C:\Program Files\SpeedSim
2007-06-23 13:26:29 114616 --a------ C:\WINDOWS\system32\drivers\e4usbaw.sys <Not Verified; Analog Devices Inc.; ADSL USB WAN Driver>
2007-06-23 13:26:29 126489 --a------ C:\WINDOWS\system32\drivers\adiusbaw.sys <Not Verified; Analog Devices Inc.; ADSL USB WAN Driver>
2007-06-23 13:26:29 143360 --a------ C:\WINDOWS\adiras.exe <Not Verified; ; adiras Application>
2007-06-23 13:26:28 127456 --a------ C:\WINDOWS\system32\IPDETECT.EXE <Not Verified; ; IPDETECT>
2007-06-23 13:26:26 135168 --a------ C:\WINDOWS\system32\unaddrv.exe <Not Verified; Analog Devices.; UnADdrv>
2007-06-23 13:26:26 152126 --a------ C:\WINDOWS\system32\drivers\L1E9P2.BIN
2007-06-23 13:26:26 152126 --a------ C:\WINDOWS\system32\drivers\L1E9P1.BIN
2007-06-23 13:26:26 152126 --a------ C:\WINDOWS\system32\drivers\L1E9P0.BIN
2007-06-23 13:26:26 152126 --a------ C:\WINDOWS\system32\drivers\L1E9I2.BIN
2007-06-23 13:26:26 126976 --a------ C:\WINDOWS\system32\coclassfast.dll
2007-06-23 13:26:26 46892 --a------ C:\WINDOWS\system32\ADADIX16.DLL
2007-06-23 13:26:26 24576 --a------ C:\WINDOWS\enddisk32.exe
2007-06-23 13:26:25 152126 --a------ C:\WINDOWS\system32\drivers\L1E9I1.BIN
2007-06-23 13:26:25 152126 --a------ C:\WINDOWS\system32\drivers\L1E9I0.BIN
2007-06-23 13:26:25 152146 --a------ C:\WINDOWS\system32\drivers\L1E4P2.BIN
2007-06-23 13:26:25 152145 --a------ C:\WINDOWS\system32\drivers\L1E4P1.BIN
2007-06-23 13:26:25 152145 --a------ C:\WINDOWS\system32\drivers\L1E4P0.BIN
2007-06-23 13:26:25 152308 --a------ C:\WINDOWS\system32\drivers\L1E4I2.BIN
2007-06-23 13:26:25 152306 --a------ C:\WINDOWS\system32\drivers\L1E4I1.BIN
2007-06-23 13:26:25 152306 --a------ C:\WINDOWS\system32\drivers\L1E4I0.BIN
2007-06-23 13:26:23 176128 --a------ C:\WINDOWS\autoclk.exe <Not Verified; ; autoclk Application>
2007-06-23 13:26:15 0 d-------- C:\Program Files\SAGEM
2007-06-23 13:26:13 0 d-------- C:\Program Files\Common Files\InstallShield
2007-06-23 13:17:47 0 d--hs---- C:\WINDOWS\Installer
2007-06-23 13:17:46 0 d-------- C:\Program Files\Common Files\ODBC
2007-06-23 13:17:43 0 d-------- C:\Program Files\Common Files\SpeechEngines
2007-06-23 13:17:42 0 dr------- C:\Program Files
2007-06-23 13:17:41 262144 ---h----- C:\Documents and Settings\Default User\NTUSER.DAT
2007-06-23 13:17:15 0 d--h----- C:\Documents and Settings\Default User\Templates <TEMPLA~1>
2007-06-23 13:17:15 0 dr------- C:\Documents and Settings\Default User\Start Menu <STARTM~1>
2007-06-23 13:17:15 0 dr-h----- C:\Documents and Settings\Default User\SendTo
2007-06-23 13:17:15 0 d--h----- C:\Documents and Settings\Default User\Recent
2007-06-23 13:17:15 0 d--h----- C:\Documents and Settings\Default User\PrintHood <PRINTH~1>
2007-06-23 13:17:15 0 d--h----- C:\Documents and Settings\Default User\NetHood
2007-06-23 13:17:15 0 d-------- C:\Documents and Settings\Default User\My Documents <MYDOCU~1>
2007-06-23 13:17:15 0 dr-h----- C:\Documents and Settings\Default User\Local Settings <LOCALS~1>
2007-06-23 13:17:15 0 d-------- C:\Documents and Settings\Default User\Favorites <FAVORI~1>
2007-06-23 13:17:15 0 d-------- C:\Documents and Settings\Default User\Desktop
2007-06-23 13:17:15 0 d---s---- C:\Documents and Settings\Default User\Cookies
2007-06-23 13:17:15 0 d--h----- C:\Documents and Settings\All Users\Templates <TEMPLA~1>
2007-06-23 13:17:15 0 dr------- C:\Documents and Settings\All Users\Start Menu <STARTM~1>
2007-06-23 13:17:15 0 d-------- C:\Documents and Settings\All Users\Favorites <FAVORI~1>
2007-06-23 13:17:15 0 dr------- C:\Documents and Settings\All Users\Documents
2007-06-23 13:17:15 0 d-------- C:\Documents and Settings\All Users\Desktop
2007-06-23 13:16:37 0 d-------- C:\WINDOWS\system32\CatRoot2
2007-06-23 13:16:37 0 d-------- C:\WINDOWS\system32\CatRoot
2007-06-23 13:16:32 0 dr-h----- C:\Documents and Settings\Default User\Application Data <APPLIC~1>
2007-06-23 13:16:32 0 d---s---- C:\Documents and Settings\Default User\Application Data\Microsoft
2007-06-23 13:16:31 0 dr-h----- C:\Documents and Settings\All Users\Application Data <APPLIC~1>
2007-06-23 13:16:31 0 d---s---- C:\Documents and Settings\All Users\Application Data\Microsoft
2007-06-23 13:16:10 0 d-------- C:\Documents and Settings
2007-06-23 13:16:09 0 d--hs---- C:\System Volume Information
2007-06-23 13:07:13 0 d-------- C:\WINDOWS
2007-06-23 13:07:13 0 d-------- C:\WINDOWS\WinSxS
2007-06-23 13:07:13 0 dr------- C:\WINDOWS\Web
2007-06-23 13:07:13 0 d-------- C:\WINDOWS\twain_32
2007-06-23 13:07:13 0 d-------- C:\WINDOWS\system32
2007-06-23 13:07:13 0 d-------- C:\WINDOWS\system32\wins
2007-06-23 13:07:13 0 d-------- C:\WINDOWS\system32\wbem
2007-06-23 13:07:13 0 d-------- C:\WINDOWS\system32\usmt
2007-06-23 13:07:13 0 d-------- C:\WINDOWS\system32\spool
2007-06-23 13:07:13 0 d-------- C:\WINDOWS\system32\ShellExt
2007-06-23 13:07:13 0 d-------- C:\WINDOWS\system32\Setup
2007-06-23 13:07:13 0 d-------- C:\WINDOWS\system32\ras
2007-06-23 13:07:13 0 d-------- C:\WINDOWS\system32\PreInstall
2007-06-23 13:07:13 0 d-------- C:\WINDOWS\system32\oobe
2007-06-23 13:07:13 0 d-------- C:\WINDOWS\system32\npp
2007-06-23 13:07:13 0 d-------- C:\WINDOWS\system32\mui
2007-06-23 13:07:13 0 d-------- C:\WINDOWS\system32\Macromed
2007-06-23 13:07:13 0 d-------- C:\WINDOWS\system32\inetsrv
2007-06-23 13:07:13 0 d-------- C:\WINDOWS\system32\IME
2007-06-23 13:07:13 0 d-------- C:\WINDOWS\system32\icsxml
2007-06-23 13:07:13 0 d-------- C:\WINDOWS\system32\ias
2007-06-23 13:07:13 0 d-------- C:\WINDOWS\system32\export
2007-06-23 13:07:13 0 d-------- C:\WINDOWS\system32\en
2007-06-23 13:07:13 0 d-------- C:\WINDOWS\system32\drivers
2007-06-23 13:07:13 0 d-------- C:\WINDOWS\system32\drivers\UMDF
2007-06-23 13:07:13 0 d-------- C:\WINDOWS\system32\drivers\etc
2007-06-23 13:07:13 0 d-------- C:\WINDOWS\system32\drivers\disdn
2007-06-23 13:07:13 0 d-------- C:\WINDOWS\system32\dhcp
2007-06-23 13:07:13 0 d-------- C:\WINDOWS\system32\config
2007-06-23 13:07:13 0 d-------- C:\WINDOWS\system32\3com_dmi
2007-06-23 13:07:13 0 d-------- C:\WINDOWS\system32\3076
2007-06-23 13:07:13 0 d-------- C:\WINDOWS\system32\2052
2007-06-23 13:07:13 0 d-------- C:\WINDOWS\system32\1054
2007-06-23 13:07:13 0 d-------- C:\WINDOWS\system32\1042
2007-06-23 13:07:13 0 d-------- C:\WINDOWS\system32\1041
2007-06-23 13:07:13 0 d-------- C:\WINDOWS\system32\1037
2007-06-23 13:07:13 0 d-------- C:\WINDOWS\system32\1033
2007-06-23 13:07:13 0 d-------- C:\WINDOWS\system32\1031
2007-06-23 13:07:13 0 d-------- C:\WINDOWS\system32\1028
2007-06-23 13:07:13 0 d-------- C:\WINDOWS\system32\1025
2007-06-23 13:07:13 0 d-------- C:\WINDOWS\system
2007-06-23 13:07:13 0 d-------- C:\WINDOWS\SoftwareDistribution
2007-06-23 13:07:13 0 d-------- C:\WINDOWS\security
2007-06-23 13:07:13 0 d-------- C:\WINDOWS\Resources
2007-06-23 13:07:13 0 d-------- C:\WINDOWS\repair
2007-06-23 13:07:13 0 d-------- C:\WINDOWS\Provisioning
2007-06-23 13:07:13 0 d-------- C:\WINDOWS\PeerNet
2007-06-23 13:07:13 0 d-------- C:\WINDOWS\pchealth
2007-06-23 13:07:13 0 d-------- C:\WINDOWS\Network Diagnostic
2007-06-23 13:07:13 0 d-------- C:\WINDOWS\mui
2007-06-23 13:07:13 0 d-------- C:\WINDOWS\msapps
2007-06-23 13:07:13 0 d-------- C:\WINDOWS\msagent
2007-06-23 13:07:13 0 d-------- C:\WINDOWS\Media
2007-06-23 13:07:13 0 d-------- C:\WINDOWS\l2schemas
2007-06-23 13:07:13 0 d-------- C:\WINDOWS\java
2007-06-23 13:07:13 0 d--h----- C:\WINDOWS\inf
2007-06-23 13:07:13 0 d-------- C:\WINDOWS\ime
2007-06-23 13:07:13 0 d-------- C:\WINDOWS\Help
2007-06-23 13:07:13 0 dr--s---- C:\WINDOWS\Fonts
2007-06-23 13:07:13 0 d-------- C:\WINDOWS\ehome
2007-06-23 13:07:13 0 d-------- C:\WINDOWS\Driver Cache
2007-06-23 13:07:13 0 d-------- C:\WINDOWS\Debug
2007-06-23 13:07:13 0 d-------- C:\WINDOWS\Cursors
2007-06-23 13:07:13 0 d-------- C:\WINDOWS\Connection Wizard
2007-06-23 13:07:13 0 d-------- C:\WINDOWS\Config
2007-06-23 13:07:13 0 d-------- C:\WINDOWS\AppPatch
2007-06-23 13:07:13 0 d-------- C:\WINDOWS\addins
2007-06-23 12:12:40 0 d--h----- C:\Program Files\InstallShield Installation Information
2007-06-23 12:09:18 32768 --a------ C:\WINDOWS\system32\UnAudioNT.dll
2007-06-23 12:09:17 0 d-------- C:\Program Files\VIA Technologies, INC
2007-06-23 12:09:13 327168 --a------ C:\WINDOWS\IsUn041a.exe <Not Verified; InstallShield Software Corporation; InstallShield® unInstaller>
2007-06-23 12:05:13 391456 --ahs---- C:\WINDOWS\system32\drivers\fidbox2.dat
2007-06-23 12:05:13 12468768 --ahs---- C:\WINDOWS\system32\drivers\fidbox.dat
2007-06-23 12:05:13 0 d-------- C:\Program Files\Kaspersky Lab
2007-06-23 12:05:13 0 d-------- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2007-06-23 12:00:54 4212 ---h----- C:\WINDOWS\system32\zllictbl.dat
2007-06-23 12:00:36 0 d-------- C:\WINDOWS\system32\ZoneLabs
2007-06-23 12:00:05 0 d-------- C:\WINDOWS\Internet Logs
2007-06-23 11:58:19 0 d-------- C:\Program Files\TuneUp Utilities 2006
2007-06-23 11:58:19 0 d-------- C:\Documents and Settings\Rade\Application Data\TuneUp Software
2007-06-23 11:58:08 0 d-------- C:\Documents and Settings\All Users\Application Data\TuneUp Software
2007-06-23 11:58:05 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard
2007-06-23 11:57:43 0 d-------- C:\Program Files\ffdshow
2007-06-23 11:57:01 0 d-------- C:\WINDOWS\Downloaded Installations
2007-06-23 11:55:54 0 d-------- C:\Documents and Settings\Rade\Application Data\Windows Desktop Search
2007-06-23 11:55:27 0 d-------- C:\Program Files\Windows Desktop Search
2007-06-23 11:54:55 0 d--h----- C:\WINDOWS\$hf_mig$
2007-06-23 11:52:37 0 d-------- C:\Program Files\Microsoft Works
2007-06-23 11:52:28 0 d-------- C:\Program Files\MSBuild
2007-06-23 11:51:26 0 d-------- C:\Program Files\Microsoft.NET
2007-06-23 11:49:22 0 d-------- C:\Program Files\Microsoft Visual Studio 8
2007-06-23 11:48:31 0 d-------- C:\WINDOWS\SHELLNEW
2007-06-23 11:48:09 0 d-------- C:\Documents and Settings\All Users\Application Data\Microsoft Help
2007-06-23 11:47:53 0 dr-h----- C:\MSOCache
2007-06-23 11:41:18 0 d-------- C:\Documents and Settings\Rade\Application Data\Identities
2007-06-23 11:36:20 0 d--h----- C:\Documents and Settings\Rade\Templates <TEMPLA~1>
2007-06-23 11:36:20 0 dr------- C:\Documents and Settings\Rade\Start Menu <STARTM~1>
2007-06-23 11:36:20 0 dr-h----- C:\Documents and Settings\Rade\SendTo
2007-06-23 11:36:20 0 d--h----- C:\Documents and Settings\Rade\PrintHood <PRINTH~1>
2007-06-23 11:36:20 0 d--h----- C:\Documents and Settings\Rade\NetHood
2007-06-23 11:36:20 0 dr------- C:\Documents and Settings\Rade\My Documents <MYDOCU~1>
2007-06-23 11:36:20 0 d--h----- C:\Documents and Settings\Rade\Local Settings <LOCALS~1>
2007-06-23 11:36:20 0 dr------- C:\Documents and Settings\Rade\Favorites <FAVORI~1>
2007-06-23 11:36:20 0 d-------- C:\Documents and Settings\Rade\Desktop
2007-06-23 11:36:20 0 d--hs---- C:\Documents and Settings\Rade\Cookies
2007-06-23 11:36:20 0 dr-h----- C:\Documents and Settings\Rade\Application Data <APPLIC~1>
2007-06-23 11:35:29 0 d-------- C:\WINDOWS\Prefetch
2007-06-23 11:35:28 0 d---s---- C:\WINDOWS\system32\Microsoft
2007-06-23 11:35:27 266240 --a------ C:\Documents and Settings\LocalService\NTUSER.DAT
2007-06-23 11:35:27 0 d--h----- C:\Documents and Settings\LocalService\Local Settings <LOCALS~1>
2007-06-23 11:35:27 0 d--hs---- C:\Documents and Settings\LocalService\Cookies
2007-06-23 11:35:27 0 d-------- C:\Documents and Settings\LocalService\Application Data <APPLIC~1>
2007-06-23 11:35:27 0 d---s---- C:\Documents and Settings\LocalService\Application Data\Microsoft
2007-06-23 11:35:19 0 d--h----- C:\Documents and Settings\NetworkService\Local Settings <LOCALS~1>
2007-06-23 11:35:19 0 d--hs---- C:\Documents and Settings\NetworkService\Cookies
2007-06-23 11:35:19 0 d-------- C:\Documents and Settings\NetworkService\Application Data <APPLIC~1>
2007-06-23 11:35:19 0 d---s---- C:\Documents and Settings\NetworkService\Application Data\Microsoft
2007-06-23 11:35:18 262144 --a------ C:\Documents and Settings\NetworkService\NTUSER.DAT
2007-06-23 11:33:43 0 d-------- C:\Program Files\DAMN NFO Viewer
2007-06-23 11:31:53 0 d-------- C:\WINDOWS\system32\URTTemp
2007-06-23 11:31:07 0 d-------- C:\Program Files\Java
2007-06-23 11:31:07 0 d-------- C:\Program Files\Common Files\Java
2007-06-23 11:30:48 0 -rahs---- C:\MSDOS.SYS
2007-06-23 11:30:48 0 -rahs---- C:\IO.SYS
2007-06-23 11:30:48 0 --a------ C:\CONFIG.SYS
2007-06-23 11:30:48 0 --a------ C:\AUTOEXEC.BAT
2007-06-23 11:30:29 0 d-------- C:\WINDOWS\system32\dllcache
2007-06-23 11:29:29 0 d--hs---- C:\Documents and Settings\All Users\DRM
2007-06-23 11:29:15 0 dr------- C:\WINDOWS\Offline Web Pages
2007-06-23 11:29:15 0 d---s---- C:\WINDOWS\Downloaded Program Files
2007-06-23 11:29:01 0 d--h----- C:\Program Files\WindowsUpdate
2007-06-23 11:28:39 0 d-------- C:\WINDOWS\system32\DirectX
2007-06-23 11:28:08 0 d---s---- C:\WINDOWS\Tasks
2007-06-23 11:28:07 0 d-------- C:\Program Files\Common Files\MSSoap
2007-06-23 11:28:04 0 d-------- C:\WINDOWS\srchasst
2007-06-23 11:27:56 0 d-------- C:\Program Files\Movie Maker
2007-06-23 11:27:48 0 d-------- C:\WINDOWS\system32\Restore
2007-06-23 11:26:51 21640 --a------ C:\WINDOWS\system32\emptyregdb.dat
2007-06-23 11:26:36 0 d-------- C:\WINDOWS\Registration
2007-06-23 11:26:29 0 d-------- C:\Program Files\Online Services
2007-06-23 11:26:07 0 d-------- C:\Program Files\Games
2007-06-23 11:25:56 291840 --a------ C:\WINDOWS\system32\Bliss.scr <Not Verified; Microsoft; >
2007-06-23 11:25:30 0 d-------- C:\Program Files\Windows Media Connect 2
2007-06-23 11:25:29 409600 --a------ C:\WINDOWS\system32\wrap_oal.dll <Not Verified; Creative Labs; Creative Labs OpenAL32>
2007-06-23 11:25:29 4608 --a------ C:\WINDOWS\system32\W95INF32.DLL <Not Verified; Microsoft Corporation; Microsoft® Plus! for Windows® 95>
2007-06-23 11:25:29 2272 --a------ C:\WINDOWS\system32\W95INF16.DLL <Not Verified; Microsoft Corporation; Microsoft® Plus! for Windows® 95>
2007-06-23 11:25:29 398416 --a------ C:\WINDOWS\system32\Vbrun300.dll <Not Verified; Microsoft Corporation; Visual Basic 3.0>
2007-06-23 11:25:28 356992 --a------ C:\WINDOWS\system32\vbrun200.dll <Not Verified; Microsoft Corporation; Visual Basic 2.0>
2007-06-23 11:25:28 271264 --a------ C:\WINDOWS\system32\vbrun100.dll
2007-06-23 11:25:28 722192 --a------ C:\WINDOWS\system32\Vb40032.dll <Not Verified; Microsoft Corporation; Visual Basic 4.0>
2007-06-23 11:25:28 935632 --a------ C:\WINDOWS\system32\Vb40016.dll <Not Verified; Microsoft Corporation; Visual Basic 4.0>
2007-06-23 11:25:27 114688 --a------ C:\WINDOWS\system32\OpenAL32.dll <Not Verified; Portions (C) Creative Labs Inc. and NVIDIA Corp.; Standard OpenAL(TM) Library>
2007-06-23 11:25:27 1146880 --a------ C:\WINDOWS\system32\msvcr80d.dll <Not Verified; Microsoft Corporation; Microsoft® Visual Studio® .NET>
2007-06-23 11:25:26 950272 --a------ C:\WINDOWS\system32\msvcp80d.dll <Not Verified; Microsoft Corporation; Microsoft® Visual Studio® .NET>
2007-06-23 11:25:25 1089536 --a------ C:\WINDOWS\system32\msvcm80d.dll <Not Verified; Microsoft Corporation; Microsoft® Visual Studio® .NET>
2007-06-23 11:25:25 94208 --a------ C:\WINDOWS\system32\MSSTKPRP.DLL <Not Verified; Microsoft Corporation; msprop32>
2007-06-23 11:25:25 119808 --a------ C:\WINDOWS\system32\msstdfmt.dll <Not Verified; Microsoft Corporation; MSSTDFMT Object Library>
2007-06-23 11:25:23 339968 --a------ C:\WINDOWS\system32\MMVCR70.dll <Not Verified; Sample Corporation; Sample Application DLL>
2007-06-23 11:25:23 495616 --a------ C:\WINDOWS\system32\MMVCP70.dll <Not Verified; Sample Corporation; Sample Application DLL>
2007-06-23 11:25:20 2789468 --a------ C:\WINDOWS\system32\libmmd.dll <Not Verified; Intel Corporation; Intel(r) C Compiler, Intel(r) C++ Compiler, Intel(r) Fortran Compiler>
2007-06-23 11:25:16 0 d-------- C:\Program Files\HashTab Shell Extension
2007-06-23 11:25:15 0 d-------- C:\Program Files\Microsoft PowerToys
2007-06-23 11:25:14 0 d-------- C:\Program Files\Messenger
2007-06-23 11:25:11 0 d-------- C:\Program Files\MSN Gaming Zone
2007-06-23 11:24:56 946448 --a------ C:\WINDOWS\system32\calc.exe <Not Verified; Microsoft Corporation; Microsoft® Calculator Plus>
2007-06-23 11:24:39 0 d-------- C:\Program Files\Windows NT
2007-06-23 11:24:36 0 d-------- C:\WINDOWS\system32\MsDtc
2007-06-23 11:24:34 0 d-------- C:\WINDOWS\system32\Com


-- Find3M Report ---------------------------------------------------------------

2007-06-23 13:17:15 62 --ahs---- C:\Documents and Settings\Rade\Application Data\desktop.ini


-- Registry Dump ---------------------------------------------------------------

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects]
{72853161-30C5-4D22-B7F9-0BBC1D38A37E} C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"SoundMan"="SOUNDMAN.EXE"
"Zone Labs Client"="C:\\Program Files\\Zone Labs\\ZoneAlarm\\zlclient.exe"
"AVP"="\"C:\\Program Files\\Kaspersky Lab\\Kaspersky Anti-Virus 6.0\\avp.exe\""

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
"CTFMON.EXE"="C:\\WINDOWS\\system32\\ctfmon.exe"
"MSMSGS"="\"C:\\Program Files\\Messenger\\msmsgs.exe\" /background"
"MsnMsgr"="\"C:\\Program Files\\MSN Messenger\\MsnMsgr.Exe\" /background"
"µTorrent"="\"C:\\Program Files\\uTorrent\\utorrent.exe\""

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runonce]
"AskPBar Uninstall"="rundll32 C:\\PROGRA~1\\UNINST~1.DLL,O -2"

[HKEY_USERS\.default\software\microsoft\windows\currentversion\runonce]
"nltide_3"=hex(2):72,75,6e,64,6c,6c,33,32,20,61,64,76,70,61,63,6b,2e,64,6c,6c,\
2c,4c,61,75,6e,63,68,49,4e,46,53,65,63,74,69,6f,6e,45,78,20,6e,4c,69,74,65,\
2e,69,6e,66,2c,43,2c,2c,34,2c,4e,00

[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"CTFMON.EXE"="C:\\WINDOWS\\system32\\CTFMON.EXE"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"ClearRecentDocsOnExit"=dword:00000001
"NoStartBanner"=dword:00000001
"NoSharedDocuments"=dword:00000001
"NoSaveSettings"=dword:00000000

[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"ClearRecentDocsOnExit"=dword:00000001
"NoStartBanner"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"="Groove GFS Stub Execution Hook"
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"=""

HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa
Authentication Packages REG_MULTI_SZ msv1_0\0\0
Security Packages REG_MULTI_SZ kerberos\0msv1_0\0schannel\0wdigest\0\0
Notification Packages REG_MULTI_SZ scecli\0\0


[HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Svchost]
HTTPFilter REG_MULTI_SZ HTTPFilter\0\0
LocalService REG_MULTI_SZ Alerter\0WebClient\0LmHosts\0RemoteRegistry\0upnphost\0SSDPSRV\0\0
NetworkService REG_MULTI_SZ DnsCache\0\0
DcomLaunch REG_MULTI_SZ DcomLaunch\0TermService\0\0
rpcss REG_MULTI_SZ RpcSs\0\0
imgsvc REG_MULTI_SZ StiSvc\0\0
termsvcs REG_MULTI_SZ TermService\0\0
WudfServiceGroup REG_MULTI_SZ WUDFSvc\0\0


[HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{cf9f1fc8-2179-11dc-901b-806d6172696f}]
Shell\AutoRun\command RavMon.exe
Shell\explore\Command RavMon.exe -e
Shell\open\Command RavMon.exe

[HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{cf9f1fc9-2179-11dc-901b-806d6172696f}]
Shell\AutoRun\command RavMon.exe
Shell\explore\Command RavMon.exe -e
Shell\open\Command RavMon.exe

[HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{cf9f1fca-2179-11dc-901b-806d6172696f}]
Shell\AutoRun\command RavMon.exe
Shell\explore\Command RavMon.exe -e
Shell\open\Command RavMon.exe


-- End of Deckard's System Scanner: finished at 2007-07-08 at 15:12:27 ---------

Poslao: 08 Jul 2007 21:53
Idi na vrh
offline
  • DEMIAN  Male
  • Legendarni građanin
  • IT Manager
  • Pridružio: 25 Mar 2005
  • Poruke: 3706
  • Gde živiš: The darkest place on earth..

Bas si me namucio sa ovim Rade.. Imas par infekcija na kompu.

Probaj da nađeš na računaru prvo RavMon.exe i da nam fajl posaljes na upload.

Zatim ces pokrenuti HijackThis program preko opcije "Do a system scan only" oznaciti i kliknuti na "Fix Checked" kako bi uklonio ovu liniju:
O4 - HKLM\..\RunOnce: [AskPBar Uninstall] rundll32 C:\PROGRA~1\UNINST~1.DLL,O -2

Zatim iz Control Panel-a deinstaliraj aplikaciju "My Search Bar". Po deinstalaciji pogledaj da nije zaostao folder sa ove putanje > "C:\Program Files\AskPBar". Ako jeste brisi ga.

Preuzmi Stinger sa ovog linka i procitaj uputstvo na linku ispod o njegovom koriscenju.
[Link mogu videti samo ulogovani korisnici]

Skeniraces i C i D particije njime.

Kada to zavrsis restartuj racunar.

Sledeći korak ti je BitDefender online skeniranje preko Internet Expolorer-a > [Link mogu videti samo ulogovani korisnici]

Kad zavrsis sa njim opet restartujes sistem i postavis mi isto Deckard's System Scanner report kao u prethodnom postu da ispratim razlike. Uz poruku mozes da prikačiš i izvestaj sa online skeniranja.

MyCity » Ambulanta -> Arhiva Ambulante » Ne otvara particiju...

Ko je trenutno na forumu
 

Ukupno su 1005 korisnika na forumu :: 166 registrovanih, 16 sakrivenih i 823 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 15694 - dana 01 Feb 2026 12:23

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: -Max-, 10x10.9, 357magnum, _Rade, aleksandar89, aleksjevt, alternator, amonsrb, aramis s, ArchaBasha, Asteker, avalon, Babilon3, Batko.VD.65, bavar357, Betty25, blue, Bojan198527, bojcistv, bokisha253, Bombona, boro975, boromir, BOXRR, Bubimir, burevesnik, BZ, celeron, chichabg, Cirkon, Clouseau, Coficab, cojapop, Dambi, debeli, DeerHunter, dekan.m, Dimitrise93, Dioniss, djboj, Doca, draganca, DrMrPr, dushan, DzigiNS, Feller, Flanker-G, Georgius, GH69, ghoost, grenadir, Hans Gajger, igorkozar83, ikan, ivan1973, ivanb, Jakonjveliki, Jaz, Joint Chief, Jose, Jozo74, Kajzer Soze, kalens021, Kanader, Kenanjoz, kikisp, kokodakalo, konstruktor, Koridor, krasta, Kule15, kuntakinte, kybonacci, LeGrandCharles, Levi, liki83, LostInSpaceandTime, lukac, M74AB3, Manjane, Marko00, mat, matrix_1, max power, mean_machine, mercedesamg, miki69, Miki90, mikidragi, milan.tatanac1, milanpb, Mile14, milijarder, milimoj, Milometer, mino bosanac, mirkoro, mixkax, mkukoleca, mm1811, MrG, Murko, N.e.m.a.nj.a., Nasegorelist, Natuzzi, nenad81, nnovakis, novator, Patent, Pekman, Petrusci, PoolbegD02, posmatrac300, predragc, Prometeus, PuškeiPlavuše, pzoca, Radoslava, Ray1973, repac, Rok A Bit, Romibrat, Rupert, Salence74, samocitam, sap, Sarmat, sekretar, sickmouse, Silvertooth, Sićko, Smor, Sr.Stat., Srle993, Srna, ssekir75, stalja, stegonosa, Stevan Visoki, tamno.nebo, tesa, tm, TRABAKULA, tritonus, uruk, Vatreni Zmaj, vdeki, veljkovicdani, vensla, Vica1958, Vlajman1957, Vrač, vukajlo71, Vzor50, wizzardone, Zdilar, Zec, Zeljo980, zemljanin, zil10, ziro, ZlatniRez, Zukov, zzapNDjuric99, Đurđevdan, 79693