provjera

1

provjera

offline
  • Aco  Male
  • Moderator foruma
  • Aleksandar
  • Pridružio: 12 Maj 2006
  • Poruke: 16823
  • Gde živiš: /home/aco

Pozdrav

Posto sam primijeto da mi racunar cudno radi pogotovo internet skenirao sam racunar sa Malwarebytes' Anti-Malware i on je detektovao nesto ja sam to kao izbrisao. Ali kad ponovo pustim da skenira nadje ponovo isu infekciju evo loga..

Malwarebytes' Anti-Malware 1.30
Verzija baze podataka: 1371
Windows 5.1.2600 Service Pack 3

11/7/2008 17:45:16
mbam-log-2008-11-07 (17-45-16).txt

Tip skeniranja: Brzo Skeniranje
Skeniranih objekata: 49716
Proteklo vreme: 3 minute(s), 30 second(s)

Inficirani procesi u memoriji: 0
Inficirani moduli u memoriji: 0
Inficirani kljuèevi u registru: 0
Inficirane vrednosti u registru: 1
Inficirani podaci u registru: 0
Inficirane fascikle: 0
Inficirane datoteke: 1

Inficirani procesi u memoriji:
(Maliciozne stavke nisu detektovane)

Inficirani moduli u memoriji:
(Maliciozne stavke nisu detektovane)

Inficirani kljuèevi u registru:
(Maliciozne stavke nisu detektovane)

Inficirane vrednosti u registru:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\spool (Heuristics.Reserved.Word.Exploit) -> Quarantined and deleted successfully.

Inficirani podaci u registru:
(Maliciozne stavke nisu detektovane)

Inficirane fascikle:
(Maliciozne stavke nisu detektovane)

Inficirane datoteke:
C:\WINDOWS\system\spoolsv.exe (Heuristics.Reserved.Word.Exploit) -> Quarantined and deleted successfully.

A evo i HijackThis logo...

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:16:50, on 11/7/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\ATKKBService.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\drivers\mstinit.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Google\Gmail Notifier\gnotify.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\NetMeter\NetMeter.exe
C:\Program Files\OVISLINK\Common\AirliveUI.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Documents and Settings\Aco29\Desktop\New Folder\TR3.exe..exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://linktarget.ashampoo.com/linktarget/?target=trial&edition=eid=3181
F3 - REG:win.ini: load=C:\DOCUME~1\Aco29\APPLIC~1\dllhst3g.exe
O2 - BHO: HelperObject Class - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 7\SnagItBHO.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 7\SnagItIEAddin.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [NvCplDaemon] "RUNDLL32.EXE" C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] "nwiz.exe" /install
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] "C:\Program Files\Google\Gmail Notifier\gnotify.exe"
O4 - HKLM\..\Run: [NvMediaCenter] "RUNDLL32.EXE" C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [C:\Program Files\NetMeter\NetMeter.exe] "C:\Program Files\NetMeter\NetMeter.exe"
O4 - HKLM\..\Policies\Explorer\Run: [MstInit] C:\WINDOWS\System32\drivers\mstinit.exe /waitservice
O4 - HKCU\..\Policies\Explorer\Run: [ComRepl] C:\DOCUME~1\Aco29\LOCALS~1\APPLIC~1\comrepl.exe /waitservice
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Policies\Explorer\Run: [Esent Utl] C:\DOCUME~1\Aco29\APPLIC~1\MICROS~1\esentutl.exe /waitservice (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\Policies\Explorer\Run: [Esent Utl] C:\DOCUME~1\Aco29\APPLIC~1\MICROS~1\esentutl.exe /waitservice (User 'Default user')
O4 - Global Startup: AirLive 802.11G Wireless Utility.lnk = C:\Program Files\OVISLINK\Common\AirliveUI.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: (no name) - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - (no file)
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V.....4798028299
O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (a-squared Scanner) - http://ax.emsisoft.com/asquared.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{71AFAAF4-AC17-4921-AA70-60802C3DE1A9}: NameServer = 87.250.98.250 208.67.222.222
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe

--
End of file - 7231 bytes

Pa dali imam razloga za brigu..Hvala

offline
  • dr_Bora  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 24 Jul 2007
  • Poruke: 12280
  • Gde živiš: Höganäs, SE

Pozdrav...



* Otvori Nod32 Control Center (Klik na njegovu tray ikonicu ( ) u donjem desnom uglu ekrana).
* Izaberi AMON iz Threat Protection grupe opcija.
* Na desnom panelu deštikliraj opciju File system monitor (AMON) enabled.
* Gašenje ove opcije pokazaće se kroz promenu boje Control Center-a iz zelene u crvenu.

Napomena: Ne zaboravi da uključiš ovu opciju po završetku čišćenja.




Arrow Skini ComboFix sa jedne od sledecih adresa na Desktop:
http://download.bleepingcomputer.com/sUBs/ComboFix.exe
http://www.forospyware.com/sUBs/ComboFix.exe
http://subs.geekstogo.com/ComboFix.exe

Startuj ga i ne diraj prozor programa dok skenira.
Sledi uputstva na ekranu. Kada zavrsi pojavice se log (C:\ComboFix.txt) koji ces nam ovde iskopirati.

offline
  • Aco  Male
  • Moderator foruma
  • Aleksandar
  • Pridružio: 12 Maj 2006
  • Poruke: 16823
  • Gde živiš: /home/aco

evo dr Bora..uz malu napomenu da je seon restartovao u toku skeniranja e sad neznam jeli to tako treba evo logo..

ComboFix 08-11-07.01 - Aco29 2008-11-07 19:53:48.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.957 [GMT 1:00]
Running from: c:\documents and settings\Aco29\Desktop\ComboFix.exe
* Created a new restore point
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\Aco29\Application Data\dllhst3g.exe
c:\documents and settings\Aco29\Application Data\inst.exe

.
((((((((((((((((((((((((( Files Created from 2008-10-07 to 2008-11-07 )))))))))))))))))))))))))))))))
.

2008-11-07 19:54 . 2008-11-06 22:07 81,920 --a------ c:\windows\sessmgr.exe
2008-11-07 19:54 . 2008-11-06 22:07 81,920 --a------ c:\windows\mstinit.exe
2008-11-07 18:45 . 2008-11-07 18:45 <DIR> d-------- c:\program files\Uniblue
2008-11-07 16:08 . 2008-11-06 22:07 81,920 --a------ c:\windows\system\logman.exe
2008-11-07 11:13 . 2008-11-07 11:13 244 --ah----- C:\sqmnoopt02.sqm
2008-11-07 11:13 . 2008-11-07 11:13 232 --ah----- C:\sqmdata02.sqm
2008-11-06 22:07 . 2008-11-06 22:07 81,920 --a------ c:\windows\system32\drivers\mstinit.exe
2008-11-05 15:25 . 2008-11-05 15:25 54,156 --ah----- c:\windows\QTFont.qfn
2008-11-05 15:25 . 2008-11-05 15:25 1,409 --a------ c:\windows\QTFont.for
2008-11-05 15:18 . 2008-11-05 15:18 <DIR> d-------- c:\program files\MSXML 4.0
2008-11-04 17:02 . 2008-11-04 17:02 <DIR> d-------- c:\windows\Performance
2008-11-04 17:02 . 2008-11-04 17:39 <DIR> d-------- c:\documents and settings\All Users\Application Data\Microsoft Corporation
2008-11-02 20:50 . 2008-11-02 20:50 <DIR> d--h----- c:\windows\PIF
2008-11-01 17:42 . 2008-11-01 17:42 <DIR> d--hs---- c:\windows\ftpcache
2008-11-01 12:48 . 2008-11-01 12:51 <DIR> d-------- c:\program files\MP3Gain
2008-11-01 11:59 . 2008-11-07 19:06 <DIR> d-------- c:\program files\Lavalys
2008-11-01 11:39 . 2008-11-01 11:39 <DIR> d-------- c:\program files\PC Wizard 2008
2008-11-01 11:39 . 2007-09-15 16:11 27,136 --a------ c:\windows\system32\PCWizard.cpl
2008-11-01 00:46 . 2008-11-04 17:15 <DIR> d-------- c:\windows\BDOSCAN8
2008-10-31 19:23 . 2008-10-31 19:23 <DIR> d-------- c:\program files\Common Files\VCAMEye
2008-10-31 19:23 . 2005-06-20 21:27 390,912 --a------ c:\windows\system32\drivers\snpstd.sys
2008-10-31 19:23 . 2004-06-10 13:48 286,720 --a------ c:\windows\vsnpstd.exe
2008-10-31 19:23 . 2005-04-15 06:20 98,304 --a------ c:\windows\system32\rsnpstd.dll
2008-10-31 19:23 . 2004-02-16 13:59 61,440 --a------ c:\windows\system32\csnpstd.dll
2008-10-31 19:23 . 2004-05-06 11:22 53,248 --a------ c:\windows\system32\dsnpstd.dll
2008-10-31 19:23 . 2004-09-24 10:58 36,864 --a------ c:\windows\system32\vsnpstd.dll
2008-10-31 19:23 . 2005-05-30 23:09 36,864 --a------ c:\windows\system32\dsnpstd.ax
2008-10-31 19:23 . 2003-01-17 17:34 15,541 --a------ c:\windows\snpstd.ini
2008-10-31 19:23 . 2003-01-17 17:35 13,023 --a------ c:\windows\snpstd.src
2008-10-31 18:09 . 2008-10-31 18:10 <DIR> d-------- c:\program files\QuickTime
2008-10-31 18:09 . 2008-10-31 18:09 <DIR> d-------- c:\program files\Apple Software Update
2008-10-31 18:09 . 2008-10-31 22:41 <DIR> d-------- c:\documents and settings\All Users\Application Data\Apple Computer
2008-10-31 18:09 . 2008-10-31 18:09 <DIR> d-------- c:\documents and settings\All Users\Application Data\Apple
2008-10-31 18:03 . 2008-10-31 18:03 0 --a------ c:\windows\mngui.INI
2008-10-31 17:54 . 2008-10-31 22:53 <DIR> d-------- c:\documents and settings\Aco29\Application Data\Teleca
2008-10-31 17:54 . 2007-04-23 15:54 108,680 -ra------ c:\windows\system32\drivers\s115mdm.sys
2008-10-31 17:54 . 2007-04-23 15:54 100,488 -ra------ c:\windows\system32\drivers\s115mgmt.sys
2008-10-31 17:54 . 2007-04-23 15:54 98,568 -ra------ c:\windows\system32\drivers\s115obex.sys
2008-10-31 17:54 . 2007-04-23 15:54 83,208 -ra------ c:\windows\system32\drivers\s115bus.sys
2008-10-31 17:54 . 2007-04-23 15:54 15,112 -ra------ c:\windows\system32\drivers\s115mdfl.sys
2008-10-31 17:54 . 2007-04-23 15:54 12,424 -ra------ c:\windows\system32\drivers\s115whnt.sys
2008-10-31 17:54 . 2007-04-23 15:54 12,424 -ra------ c:\windows\system32\drivers\s115wh.sys
2008-10-31 17:54 . 2007-04-23 15:54 12,424 -ra------ c:\windows\system32\drivers\s115cmnt.sys
2008-10-31 17:54 . 2007-04-23 15:54 12,424 -ra------ c:\windows\system32\drivers\s115cm.sys
2008-10-31 17:52 . 2008-10-31 22:53 <DIR> d-------- c:\program files\Common Files\Teleca Shared
2008-10-31 17:52 . 2008-10-31 17:52 <DIR> d-------- c:\documents and settings\Aco29\Application Data\Sony Ericsson
2008-10-31 17:51 . 2008-10-31 22:52 <DIR> d-------- c:\documents and settings\All Users\Application Data\Teleca
2008-10-31 17:51 . 2008-10-31 22:53 <DIR> d-------- c:\documents and settings\All Users\Application Data\Sony Ericsson
2008-10-30 19:22 . 2008-10-30 19:22 <DIR> d-------- c:\program files\Microsoft Silverlight
2008-10-30 18:15 . 2008-10-30 18:15 <DIR> d-------- c:\documents and settings\Aco29\Application Data\Lavasoft
2008-10-30 18:08 . 2008-11-06 00:30 <DIR> d-a------ c:\documents and settings\All Users\Application Data\TEMP
2008-10-30 17:51 . 2008-10-31 22:44 <DIR> d-------- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2008-10-30 17:50 . 2008-10-31 22:44 <DIR> d-------- c:\program files\Lavasoft
2008-10-30 17:49 . 2008-10-30 17:49 <DIR> d-------- c:\documents and settings\All Users\Application Data\Prevx
2008-10-30 17:26 . 2008-10-30 17:26 <DIR> d-------- c:\windows\system32\GroupPolicy
2008-10-30 17:26 . 2004-03-09 00:00 1,081,616 --a------ c:\windows\system32\MSCOMCTL.OCX
2008-10-29 19:10 . 2008-10-29 19:12 90 --a------ c:\windows\ae_mini.INI
2008-10-29 19:07 . 2008-10-29 19:07 399 --a------ c:\windows\asr.INI
2008-10-29 19:04 . 2008-10-29 19:04 <DIR> d-------- c:\program files\Common Files\Adobe
2008-10-29 19:00 . 2008-10-29 19:05 <DIR> d-------- c:\documents and settings\Aco29\dwhelper
2008-10-29 18:49 . 2008-10-29 18:49 <DIR> d-------- c:\windows\Sun
2008-10-28 00:40 . 2008-10-28 00:40 355,584 --a------ c:\windows\system32\TuneUpDefragService.exe
2008-10-28 00:40 . 2008-05-29 09:28 28,416 --a------ c:\windows\system32\uxtuneup.dll
2008-10-27 23:38 . 2008-10-27 23:55 2,211,894 --a------ c:\windows\ACD Wallpaper.bmp
2008-10-27 21:20 . 2008-10-27 21:20 <DIR> d-------- c:\documents and settings\Aco29\Application Data\dvdcss
2008-10-27 20:07 . 2008-11-06 22:10 <DIR> d-------- c:\program files\eMule
2008-10-27 19:24 . 2008-10-28 16:05 <DIR> d-------- c:\documents and settings\Aco29\Application Data\skypePM
2008-10-27 19:24 . 2008-10-27 19:24 56 --ah----- c:\windows\system32\ezsidmv.dat
2008-10-27 17:18 . 2008-10-27 17:18 <DIR> d-------- c:\documents and settings\Aco29\Application Data\CyberLink
2008-10-27 14:54 . 2008-10-27 14:54 <DIR> d-------- c:\program files\VSO
2008-10-27 14:54 . 2008-10-27 21:12 <DIR> d-------- c:\documents and settings\Aco29\Application Data\Vso
2008-10-27 14:54 . 2004-05-04 12:53 1,645,320 --a------ c:\windows\gdiplus.dll
2008-10-27 14:54 . 2006-05-20 17:16 1,184,984 --a------ c:\windows\system32\wvc1dmod.dll
2008-10-27 14:54 . 2006-05-11 20:21 626,688 --a------ c:\windows\system32\vp7vfw.dll
2008-10-27 14:54 . 2006-09-29 13:24 217,127 --a------ c:\windows\system32\drv43260.dll
2008-10-27 14:54 . 2006-09-29 13:25 208,935 --a------ c:\windows\system32\drv33260.dll
2008-10-27 14:54 . 2006-09-29 13:26 176,165 --a------ c:\windows\system32\drv23260.dll
2008-10-27 14:54 . 2007-03-18 21:37 65,602 --a------ c:\windows\system32\cook3260.dll
2008-10-27 14:54 . 2008-10-27 14:54 47,360 --a------ c:\documents and settings\Aco29\Application Data\pcouffin.sys
2008-10-26 10:01 . 2008-10-26 10:20 <DIR> d-------- c:\program files\Readon Technology
2008-10-25 13:12 . 2008-04-13 23:15 10,368 --a------ c:\windows\system32\drivers\hidusb.sys
2008-10-25 13:12 . 2008-04-13 23:15 10,368 --a--c--- c:\windows\system32\dllcache\hidusb.sys
2008-10-25 11:51 . 2008-10-25 12:46 <DIR> d-------- c:\program files\Webteh
2008-10-24 18:57 . 2007-07-30 18:19 271,224 --a------ c:\windows\system32\mucltui.dll
2008-10-24 18:57 . 2007-07-30 18:19 207,736 --a------ c:\windows\system32\muweb.dll
2008-10-24 18:57 . 2007-07-30 18:19 30,072 --a------ c:\windows\system32\mucltui.dll.mui
2008-10-24 18:29 . 2008-10-24 18:29 <DIR> d-------- c:\documents and settings\Aco29\Application Data\vlc
2008-10-24 16:23 . 2008-04-13 23:15 26,368 --a--c--- c:\windows\system32\dllcache\usbstor.sys
2008-10-24 10:54 . 2008-10-24 11:01 <DIR> d-------- c:\program files\Windows Live
2008-10-24 10:54 . 2008-10-24 10:56 <DIR> d--hsc--- c:\program files\Common Files\WindowsLiveInstaller
2008-10-24 10:53 . 2008-10-24 10:53 <DIR> d-------- c:\documents and settings\All Users\Application Data\WLInstaller
2008-10-24 10:50 . 2008-10-24 10:50 <DIR> d-------- c:\documents and settings\Aco29\Contacts
2008-10-24 10:47 . 2008-10-22 15:10 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys
2008-10-24 10:20 . 2008-10-24 10:20 <DIR> d-------- c:\documents and settings\Aco29\Application Data\Uniblue
2008-10-24 10:18 . 2008-10-24 10:16 737,280 --a------ c:\windows\iun6002.exe
2008-10-24 10:17 . 2008-10-24 10:18 <DIR> d-------- c:\program files\Codec Pack - All In 1
2008-10-24 10:12 . 2008-10-24 10:12 <DIR> d-------- c:\program files\VS Revo Group
2008-10-24 09:10 . 2008-10-24 09:10 <DIR> d-------- c:\program files\FLV Player
2008-10-24 08:38 . 2008-10-24 08:38 <DIR> d-------- c:\program files\Unlocker
2008-10-24 08:35 . 2008-10-24 08:35 <DIR> d-------- c:\program files\Real
2008-10-24 08:35 . 2008-10-24 08:35 <DIR> d-------- c:\program files\Common Files\xing shared
2008-10-24 08:35 . 2008-10-24 08:35 <DIR> d-------- c:\program files\Common Files\Real
2008-10-24 08:35 . 2008-10-24 08:35 499,712 --a------ c:\windows\system32\msvcp71.dll
2008-10-24 08:10 . 2008-10-25 10:20 <DIR> d-------- c:\documents and settings\Aco29\Application Data\ACD Systems
2008-10-24 00:01 . 2008-10-24 00:23 <DIR> d-------- c:\windows\NV38202988.TMP
2008-10-24 00:01 . 2008-09-17 22:55 201,050 --a------ c:\windows\system32\nvapps.nvb
2008-10-23 22:40 . 2008-10-23 22:40 <DIR> d--hs---- c:\documents and settings\Aco29\UserData
2008-10-23 22:21 . 2008-10-28 23:35 <DIR> d-------- c:\documents and settings\Aco29\Application Data\Skype

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-11-07 17:51 196,608 ----a-w c:\windows\system32\drivers\nAsmedia.bin
2008-11-06 16:08 --------- d--h--w c:\program files\InstallShield Installation Information
2008-11-01 16:51 196,608 ----a-w c:\windows\system32\drivers\nStandard.bin
2008-10-31 18:06 --------- d-----w c:\program files\TuneUp Utilities 2008
2008-10-31 17:21 --------- d-----w c:\program files\IObit
2008-10-29 19:17 --------- d-----w c:\program files\ESET
2008-10-29 19:17 --------- d-----w c:\documents and settings\All Users\Application Data\ESET
2008-10-29 19:16 --------- d-----w c:\program files\Ashampoo
2008-10-27 13:54 47,360 ----a-w c:\windows\system32\drivers\pcouffin.sys
2008-10-24 09:48 --------- d-----w c:\program files\Malwarebytes' Anti-Malware
2008-10-24 09:18 --------- d-----w c:\program files\Mv2Player
2008-10-24 07:35 348,160 ----a-w c:\windows\system32\msvcr71.dll
2008-10-23 22:28 --------- d-----w c:\program files\Windows Media Connect 2
2008-10-23 21:23 --------- d-----w c:\program files\Picasa2
2008-10-23 21:23 --------- d-----w c:\program files\Google
2008-10-23 21:21 --------- d-----w c:\program files\Skype
2008-10-23 21:21 --------- d-----w c:\program files\NetMeter
2008-10-23 21:21 --------- d-----w c:\program files\Common Files\Skype
2008-10-23 21:20 --------- d-----w c:\documents and settings\All Users\Application Data\Skype
2008-10-23 21:19 --------- d-----w c:\program files\Java
2008-10-23 21:19 --------- d-----w c:\program files\EASEUS
2008-10-23 21:19 --------- d-----w c:\program files\Common Files\Java
2008-10-23 21:17 --------- d-----w c:\program files\VideoLAN
2008-10-23 21:10 --------- d-----w c:\program files\TechSmith
2008-10-23 21:07 --------- d-----w c:\program files\Reference Assemblies
2008-10-23 21:07 --------- d-----w c:\program files\MSBuild
2008-10-23 20:59 --------- d-----w c:\program files\Video Convert Master
2008-10-23 20:59 --------- d-----w c:\program files\Common Files\Wise Installation Wizard
2008-10-23 20:59 --------- d-----w c:\documents and settings\All Users\Application Data\TuneUp Software
2008-10-23 20:59 --------- d-----w c:\documents and settings\Aco29\Application Data\TuneUp Software
2008-10-23 20:58 --------- d-----w c:\program files\Common Files\InstallShield
2008-10-23 20:58 --------- d-----w c:\program files\ASUSTeK
2008-10-23 20:57 --------- d-----w c:\program files\AC3Filter
2008-10-23 20:54 --------- d-----w c:\program files\Common Files\ACD Systems
2008-10-23 20:54 --------- d-----w c:\program files\ACD Systems
2008-10-23 20:54 --------- d-----w c:\documents and settings\All Users\Application Data\ACD Systems
2008-10-23 20:53 --------- d-----w c:\documents and settings\Aco29\Application Data\Winamp
2008-10-23 20:51 --------- d-----w c:\program files\Winamp
2008-10-23 20:48 --------- d-----w c:\program files\CDex_140b9
2008-10-23 20:48 --------- d-----w c:\documents and settings\All Users\Application Data\WinZip
2008-10-23 20:44 --------- d-----w c:\documents and settings\All Users\Application Data\Malwarebytes
2008-10-23 20:44 --------- d-----w c:\documents and settings\Aco29\Application Data\Malwarebytes
2008-10-23 20:43 --------- d-----w c:\documents and settings\Aco29\Application Data\Ashampoo
2008-10-23 20:42 --------- d-----w c:\documents and settings\All Users\Application Data\ashampoo
2008-10-23 20:41 21,419 ----a-w c:\windows\system32\drivers\AegisP.sys
2008-10-23 20:41 --------- d-----w c:\program files\OVISLINK
2008-10-23 20:41 --------- d-----w c:\documents and settings\Aco29\Application Data\InstallShield
2008-10-23 20:38 --------- d-----w c:\program files\ASUS
2008-10-23 20:35 12,288 ----a-w c:\windows\system32\drivers\EIO64_xp.sys
2008-10-23 20:33 --------- d-----w c:\program files\My Company Name
2008-10-23 20:28 315,392 ----a-w c:\windows\HideWin.exe
2008-10-23 20:28 --------- d-----w c:\program files\Realtek
2008-10-23 20:26 --------- d-----w c:\program files\VIA
2008-10-23 20:20 --------- d-----w c:\program files\microsoft frontpage
2008-10-22 14:10 15,504 ----a-w c:\windows\system32\drivers\mbam.sys
2008-09-20 07:16 170,496 ----a-w c:\windows\system32\BootMan.exe
2008-09-19 18:42 86,408 ----a-w c:\windows\system32\setupempdrv03.exe
2008-09-19 18:42 8,704 ----a-w c:\windows\system32\epmntdrv.sys
2008-09-19 18:42 3,072 ----a-w c:\windows\system32\EuGdiDrv.sys
2008-09-19 18:42 14,848 ----a-w c:\windows\system32\EuEpmGdi.dll
2008-09-19 16:10 86,016 ----a-w c:\windows\system32\ResizeNTFS.dll
2008-09-19 16:10 61,952 ----a-w c:\windows\system32\FatResizeMove.dll
2008-09-19 16:10 472,576 ----a-w c:\windows\system32\NTFSFormat.dll
2008-09-19 16:10 22,016 ----a-w c:\windows\system32\FatFormat.dll
2008-09-19 16:09 92,672 ----a-w c:\windows\system32\Partition.dll
2008-09-19 16:09 31,744 ----a-w c:\windows\system32\FatLib.dll
2008-09-19 16:09 179,200 ----a-w c:\windows\system32\DeviceManager.dll
2008-09-19 16:09 124,416 ----a-w c:\windows\system32\NTFSCopy.dll
2008-09-19 16:08 86,528 ----a-w c:\windows\system32\NTFSLib.dll
2008-09-19 16:08 68,096 ----a-w c:\windows\system32\Device.dll
2008-09-19 16:08 6,144 ----a-w c:\windows\system32\CallbackOperator.dll
2008-09-19 16:08 44,032 ----a-w c:\windows\system32\FileSystemCheck.dll
2008-09-19 16:08 25,088 ----a-w c:\windows\system32\FATFileSystemAnalyser.dll
2008-09-19 16:08 24,576 ----a-w c:\windows\system32\NTFSFileSystemAnalyser.dll
2008-09-19 16:08 21,504 ----a-w c:\windows\system32\Fixup.dll
2008-09-19 16:08 14,848 ----a-w c:\windows\system32\FileSystemAnalyser.dll
2008-09-19 16:08 10,752 ----a-w c:\windows\system32\DeviceAdapter.dll
2008-09-15 12:12 1,846,400 ----a-w c:\windows\system32\win32k.sys
2008-09-08 10:41 333,824 ----a-w c:\windows\system32\drivers\srv.sys
2008-08-26 07:24 826,368 ----a-w c:\windows\system32\wininet.dll
2008-08-14 10:11 2,189,184 ----a-w c:\windows\system32\ntoskrnl.exe
2008-08-14 09:33 2,066,048 ----a-w c:\windows\system32\ntkrnlpa.exe
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"c:\program files\NetMeter\NetMeter.exe"="c:\program files\NetMeter\NetMeter.exe" [2007-08-11 331264]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-09-17 13574144]
"WinampAgent"="c:\program files\Winamp\winampa.exe" [2008-08-04 36352]
"{0228e555-4f9c-4e35-a3ec-b109a192b4c2}"="c:\program files\Google\Gmail Notifier\gnotify.exe" [2005-07-15 479232]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-09-17 86016]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2008-07-01 1447168]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2008-10-24 185872]
"RTHDCPL"="RTHDCPL.EXE" [2007-02-26 c:\windows\RTHDCPL.exe]
"SkyTel"="SkyTel.EXE" [2006-05-16 c:\windows\SkyTel.exe]
"nwiz"="nwiz.exe" [2008-09-17 c:\windows\system32\nwiz.exe]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\Currentversion\policies\explorer\Run]
"MstInit"="c:\windows\System32\drivers\mstinit.exe" [2008-11-06 81920]

[HKEY_CURRENT_USER\software\microsoft\windows\Currentversion\policies\explorer\Run]
"ComRepl"="c:\docume~1\Aco29\LOCALS~1\APPLIC~1\comrepl.exe" [2008-11-06 81920]

[HKEY_USERS\.DEFAULT\software\microsoft\windows\Currentversion\policies\explorer\Run]
"Esent Utl"="c:\docume~1\Aco29\APPLIC~1\MICROS~1\esentutl.exe" [2008-11-06 81920]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
AirLive 802.11G Wireless Utility.lnk - c:\program files\OVISLINK\Common\AirliveUI.exe [2008-10-23 1290240]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoResolveSearch"= 1 (0x1)

[HKEY_CURRENT_USER\software\microsoft\windows nt\currentversion\windows]
"load"=c:\docume~1\Aco29\APPLIC~1\MICROS~1\clipsrv.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"vidc.DIV3"= DivXc32.dll
"vidc.DIV4"= DivXc32f.dll
"msacm.divxa32"= DivXa32.acm

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"ASUS SmartDoctor"=c:\program files\ASUS\SmartDoctor\SmartDoctor.exe /start

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"ASUSGamerOSD"=c:\program files\ASUS\GamerOSD\GamerOSD.exe
"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_07\bin\jusched.exe"
"RemoteControl"="c:\program files\ASUSTeK\ASUSDVD\PDVDServ.exe"
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" -osboot
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" -atboottime
"snpstd"=c:\windows\vsnpstd.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001
"UpdatesDisableNotify"=dword:00000001
"AntiVirusOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\eMule\\emule.exe"=
"c:\\Program Files\\Real\\RealPlayer\\realplay.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

R0 ViBus;ViBus;c:\windows\system32\DRIVERS\ViBus.sys [2007-03-26 16896]
R0 videX32;videX32;c:\windows\system32\DRIVERS\videX32.sys [2007-03-29 9216]
R0 ViPrt;VIA SATA IDE Device Driver;c:\windows\system32\DRIVERS\ViPrt.sys [2007-03-26 52224]
R1 EIO_XP;EIO_XP;c:\windows\system32\drivers\EIO_XP.sys [2006-06-14 12288]
R1 epfwtdir;epfwtdir;c:\windows\system32\DRIVERS\epfwtdir.sys [2008-07-01 34312]
R2 UxTuneUp;TuneUp Theme Extension;c:\windows\System32\svchost.exe [2008-04-14 14336]
R3 asusgsb;ASUS Virtual Video Capture Device Driver;c:\windows\system32\drivers\asusgsb.sys [2007-10-23 12416]
R3 Video3D;ASUS Video3D Service;c:\windows\system32\Drivers\Video3D32.sys [2007-10-23 10752]
S3 epmntdrv;epmntdrv;c:\windows\system32\epmntdrv.sys [2008-09-19 8704]
S3 EuGdiDrv;EuGdiDrv;c:\windows\system32\EuGdiDrv.sys [2008-09-19 3072]
S3 FET5X86V;VIA Rhine-Family Fast-Ethernet Adapter Driver Service;c:\windows\system32\DRIVERS\fetnd5bv.sys [2007-02-27 42496]
S3 s115bus;Sony Ericsson Device 115 driver (WDM);c:\windows\system32\DRIVERS\s115bus.sys [2007-04-23 83208]
S3 s115mdfl;Sony Ericsson Device 115 USB WMC Modem Filter;c:\windows\system32\DRIVERS\s115mdfl.sys [2007-04-23 15112]
S3 s115mdm;Sony Ericsson Device 115 USB WMC Modem Driver;c:\windows\system32\DRIVERS\s115mdm.sys [2007-04-23 108680]
S3 s115mgmt;Sony Ericsson Device 115 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\s115mgmt.sys [2007-04-23 100488]
S3 s115obex;Sony Ericsson Device 115 USB WMC OBEX Interface;c:\windows\system32\DRIVERS\s115obex.sys [2007-04-23 98568]
S3 TuneUp.Defrag;TuneUp Drive Defrag Service;c:\windows\System32\TuneUpDefragService.exe [2008-10-28 355584]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Contents of the 'Scheduled Tasks' folder

2008-11-07 c:\windows\Tasks\1-Click Maintenance.job
- c:\program files\TuneUp Utilities 2008\OneClickStarter.exe [2008-06-20 09:09]
.
- - - - ORPHANS REMOVED - - - -

WebBrowser-{8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - (no file)


.
------- Supplementary Scan -------
.
FireFox -: Profile - c:\documents and settings\Aco29\Application Data\Mozilla\Firefox\Profiles\j3rktc11.default\
FireFox -: prefs.js - STARTUP.HOMEPAGE - www.google.com
FF -: plugin - c:\program files\Microsoft Silverlight\2.0.31005.0\npctrl.dll
FF -: plugin - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-11-07 19:56:27
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
c:\windows\ATKKBService.exe
c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe
c:\windows\system32\nvsvc32.exe
c:\windows\system32\rundll32.exe
.
**************************************************************************
.
Completion time: 2008-11-07 19:57:19 - machine was rebooted
ComboFix-quarantined-files.txt 2008-11-07 18:57:15

Pre-Run: 45,539,385,344 bytes free
Post-Run: 45,485,375,488 bytes free

WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect

330 --- E O F --- 2008-11-05 14:18:43

offline
  • dr_Bora  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 24 Jul 2007
  • Poruke: 12280
  • Gde živiš: Höganäs, SE

Citat:uz malu napomenu da je seon restartovao u toku skeniranja e sad neznam jeli to tako treba evo logo..

Nije čudno da se Windows restartuje u toku procesa...

-------------------------------------------------------------------------------------


Uploaduj sledeći file: c:\windows\sessmgr.exe

preko ovog linka: http://www.mycity.rs/ambulanta-upload.php


-------------------------------------------------------------------------------------



Arrow Otvoriti Notepad i iskopirati sledeci tekst:

File::
c:\windows\sessmgr.exe
c:\windows\mstinit.exe
c:\windows\system\logman.exe
c:\windows\system32\drivers\mstinit.exe
c:\docume~1\Aco29\LOCALS~1\APPLIC~1\comrepl.exe
c:\docume~1\Aco29\APPLIC~1\MICROS~1\esentutl.exe
c:\docume~1\Aco29\APPLIC~1\MICROS~1\clipsrv.exe

Registry::
[HKEY_LOCAL_MACHINE\software\microsoft\windows\Currentversion\policies\explorer\Run]
"MstInit"=-
[HKEY_CURRENT_USER\software\microsoft\windows\Currentversion\policies\explorer\Run]
"ComRepl"=-
[HKEY_USERS\.DEFAULT\software\microsoft\windows\Currentversion\policies\explorer\Run]
"Esent Utl"=-
[HKEY_CURRENT_USER\software\microsoft\windows nt\currentversion\windows]
"load"=-


Snimiti na Desktop fajl iz Notepada kao "CFScript"




Prevuci snimljeni skript/tekst na ComboFix ikonicu kao na slici.
Postaviti u sledecoj poruci log koji bude bio napravljen na kraju ciscenja/skeniranja.

offline
  • Aco  Male
  • Moderator foruma
  • Aleksandar
  • Pridružio: 12 Maj 2006
  • Poruke: 16823
  • Gde živiš: /home/aco

Trazeni file sam okacio..a evo loga

ComboFix 08-11-07.01 - Aco29 2008-11-08 1:49:28.2 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1054 [GMT 1:00]
Running from: c:\documents and settings\Aco29\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\Aco29\Desktop\CFScript.txt
* Created a new restore point
* Resident AV is active


FILE ::
c:\docume~1\Aco29\APPLIC~1\MICROS~1\clipsrv.exe
c:\docume~1\Aco29\APPLIC~1\MICROS~1\esentutl.exe
c:\docume~1\Aco29\LOCALS~1\APPLIC~1\comrepl.exe
c:\windows\mstinit.exe
c:\windows\sessmgr.exe
c:\windows\system\logman.exe
c:\windows\system32\drivers\mstinit.exe
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\docume~1\Aco29\APPLIC~1\MICROS~1\clipsrv.exe
c:\docume~1\Aco29\APPLIC~1\MICROS~1\esentutl.exe
c:\docume~1\Aco29\LOCALS~1\APPLIC~1\comrepl.exe
c:\windows\mstinit.exe
c:\windows\sessmgr.exe
c:\windows\system\logman.exe
c:\windows\system32\drivers\mstinit.exe

.
((((((((((((((((((((((((( Files Created from 2008-10-08 to 2008-11-08 )))))))))))))))))))))))))))))))
.

2008-11-07 19:57 . 2008-11-06 22:07 81,920 --a------ c:\documents and settings\Aco29\Application Data\comrepl.exe
2008-11-07 18:45 . 2008-11-07 18:45 <DIR> d-------- c:\program files\Uniblue
2008-11-07 11:13 . 2008-11-07 11:13 244 --ah----- C:\sqmnoopt02.sqm
2008-11-07 11:13 . 2008-11-07 11:13 232 --ah----- C:\sqmdata02.sqm
2008-11-05 15:18 . 2008-11-05 15:18 <DIR> d-------- c:\program files\MSXML 4.0
2008-11-04 17:02 . 2008-11-04 17:02 <DIR> d-------- c:\windows\Performance
2008-11-04 17:02 . 2008-11-04 17:39 <DIR> d-------- c:\documents and settings\All Users\Application Data\Microsoft Corporation
2008-11-02 20:50 . 2008-11-02 20:50 <DIR> d--h----- c:\windows\PIF
2008-11-01 17:42 . 2008-11-01 17:42 <DIR> d--hs---- c:\windows\ftpcache
2008-11-01 12:48 . 2008-11-01 12:51 <DIR> d-------- c:\program files\MP3Gain
2008-11-01 11:59 . 2008-11-07 19:06 <DIR> d-------- c:\program files\Lavalys
2008-11-01 11:39 . 2008-11-01 11:39 <DIR> d-------- c:\program files\PC Wizard 2008
2008-11-01 11:39 . 2007-09-15 16:11 27,136 --a------ c:\windows\system32\PCWizard.cpl
2008-11-01 00:46 . 2008-11-04 17:15 <DIR> d-------- c:\windows\BDOSCAN8
2008-10-31 19:23 . 2008-10-31 19:23 <DIR> d-------- c:\program files\Common Files\VCAMEye
2008-10-31 19:23 . 2005-06-20 21:27 390,912 --a------ c:\windows\system32\drivers\snpstd.sys
2008-10-31 19:23 . 2004-06-10 13:48 286,720 --a------ c:\windows\vsnpstd.exe
2008-10-31 19:23 . 2005-04-15 06:20 98,304 --a------ c:\windows\system32\rsnpstd.dll
2008-10-31 19:23 . 2004-02-16 13:59 61,440 --a------ c:\windows\system32\csnpstd.dll
2008-10-31 19:23 . 2004-05-06 11:22 53,248 --a------ c:\windows\system32\dsnpstd.dll
2008-10-31 19:23 . 2004-09-24 10:58 36,864 --a------ c:\windows\system32\vsnpstd.dll
2008-10-31 19:23 . 2005-05-30 23:09 36,864 --a------ c:\windows\system32\dsnpstd.ax
2008-10-31 19:23 . 2003-01-17 17:34 15,541 --a------ c:\windows\snpstd.ini
2008-10-31 19:23 . 2003-01-17 17:35 13,023 --a------ c:\windows\snpstd.src
2008-10-31 18:09 . 2008-10-31 18:10 <DIR> d-------- c:\program files\QuickTime
2008-10-31 18:09 . 2008-10-31 18:09 <DIR> d-------- c:\program files\Apple Software Update
2008-10-31 18:09 . 2008-10-31 22:41 <DIR> d-------- c:\documents and settings\All Users\Application Data\Apple Computer
2008-10-31 18:09 . 2008-10-31 18:09 <DIR> d-------- c:\documents and settings\All Users\Application Data\Apple
2008-10-31 18:03 . 2008-10-31 18:03 0 --a------ c:\windows\mngui.INI
2008-10-31 17:54 . 2008-10-31 22:53 <DIR> d-------- c:\documents and settings\Aco29\Application Data\Teleca
2008-10-31 17:54 . 2007-04-23 15:54 108,680 -ra------ c:\windows\system32\drivers\s115mdm.sys
2008-10-31 17:54 . 2007-04-23 15:54 100,488 -ra------ c:\windows\system32\drivers\s115mgmt.sys
2008-10-31 17:54 . 2007-04-23 15:54 98,568 -ra------ c:\windows\system32\drivers\s115obex.sys
2008-10-31 17:54 . 2007-04-23 15:54 83,208 -ra------ c:\windows\system32\drivers\s115bus.sys
2008-10-31 17:54 . 2007-04-23 15:54 15,112 -ra------ c:\windows\system32\drivers\s115mdfl.sys
2008-10-31 17:54 . 2007-04-23 15:54 12,424 -ra------ c:\windows\system32\drivers\s115whnt.sys
2008-10-31 17:54 . 2007-04-23 15:54 12,424 -ra------ c:\windows\system32\drivers\s115wh.sys
2008-10-31 17:54 . 2007-04-23 15:54 12,424 -ra------ c:\windows\system32\drivers\s115cmnt.sys
2008-10-31 17:54 . 2007-04-23 15:54 12,424 -ra------ c:\windows\system32\drivers\s115cm.sys
2008-10-31 17:52 . 2008-10-31 22:53 <DIR> d-------- c:\program files\Common Files\Teleca Shared
2008-10-31 17:52 . 2008-10-31 17:52 <DIR> d-------- c:\documents and settings\Aco29\Application Data\Sony Ericsson
2008-10-31 17:51 . 2008-10-31 22:52 <DIR> d-------- c:\documents and settings\All Users\Application Data\Teleca
2008-10-31 17:51 . 2008-10-31 22:53 <DIR> d-------- c:\documents and settings\All Users\Application Data\Sony Ericsson
2008-10-30 19:22 . 2008-10-30 19:22 <DIR> d-------- c:\program files\Microsoft Silverlight
2008-10-30 18:15 . 2008-10-30 18:15 <DIR> d-------- c:\documents and settings\Aco29\Application Data\Lavasoft
2008-10-30 18:08 . 2008-11-06 00:30 <DIR> d-a------ c:\documents and settings\All Users\Application Data\TEMP
2008-10-30 17:51 . 2008-10-31 22:44 <DIR> d-------- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2008-10-30 17:50 . 2008-10-31 22:44 <DIR> d-------- c:\program files\Lavasoft
2008-10-30 17:49 . 2008-10-30 17:49 <DIR> d-------- c:\documents and settings\All Users\Application Data\Prevx
2008-10-30 17:26 . 2008-10-30 17:26 <DIR> d-------- c:\windows\system32\GroupPolicy
2008-10-30 17:26 . 2004-03-09 00:00 1,081,616 --a------ c:\windows\system32\MSCOMCTL.OCX
2008-10-29 19:10 . 2008-10-29 19:12 90 --a------ c:\windows\ae_mini.INI
2008-10-29 19:07 . 2008-10-29 19:07 399 --a------ c:\windows\asr.INI
2008-10-29 19:04 . 2008-10-29 19:04 <DIR> d-------- c:\program files\Common Files\Adobe
2008-10-29 19:00 . 2008-10-29 19:05 <DIR> d-------- c:\documents and settings\Aco29\dwhelper
2008-10-29 18:49 . 2008-10-29 18:49 <DIR> d-------- c:\windows\Sun
2008-10-28 00:40 . 2008-10-28 00:40 355,584 --a------ c:\windows\system32\TuneUpDefragService.exe
2008-10-28 00:40 . 2008-05-29 09:28 28,416 --a------ c:\windows\system32\uxtuneup.dll
2008-10-27 23:38 . 2008-10-27 23:55 2,211,894 --a------ c:\windows\ACD Wallpaper.bmp
2008-10-27 21:20 . 2008-10-27 21:20 <DIR> d-------- c:\documents and settings\Aco29\Application Data\dvdcss
2008-10-27 20:07 . 2008-11-06 22:10 <DIR> d-------- c:\program files\eMule
2008-10-27 19:24 . 2008-10-28 16:05 <DIR> d-------- c:\documents and settings\Aco29\Application Data\skypePM
2008-10-27 19:24 . 2008-10-27 19:24 56 --ah----- c:\windows\system32\ezsidmv.dat
2008-10-27 17:18 . 2008-10-27 17:18 <DIR> d-------- c:\documents and settings\Aco29\Application Data\CyberLink
2008-10-27 14:54 . 2008-10-27 14:54 <DIR> d-------- c:\program files\VSO
2008-10-27 14:54 . 2008-10-27 21:12 <DIR> d-------- c:\documents and settings\Aco29\Application Data\Vso
2008-10-27 14:54 . 2004-05-04 12:53 1,645,320 --a------ c:\windows\gdiplus.dll
2008-10-27 14:54 . 2006-05-20 17:16 1,184,984 --a------ c:\windows\system32\wvc1dmod.dll
2008-10-27 14:54 . 2006-05-11 20:21 626,688 --a------ c:\windows\system32\vp7vfw.dll
2008-10-27 14:54 . 2006-09-29 13:24 217,127 --a------ c:\windows\system32\drv43260.dll
2008-10-27 14:54 . 2006-09-29 13:25 208,935 --a------ c:\windows\system32\drv33260.dll
2008-10-27 14:54 . 2006-09-29 13:26 176,165 --a------ c:\windows\system32\drv23260.dll
2008-10-27 14:54 . 2007-03-18 21:37 65,602 --a------ c:\windows\system32\cook3260.dll
2008-10-27 14:54 . 2008-10-27 14:54 47,360 --a------ c:\documents and settings\Aco29\Application Data\pcouffin.sys
2008-10-26 10:01 . 2008-10-26 10:20 <DIR> d-------- c:\program files\Readon Technology
2008-10-25 13:12 . 2008-04-13 23:15 10,368 --a------ c:\windows\system32\drivers\hidusb.sys
2008-10-25 13:12 . 2008-04-13 23:15 10,368 --a--c--- c:\windows\system32\dllcache\hidusb.sys
2008-10-25 11:51 . 2008-10-25 12:46 <DIR> d-------- c:\program files\Webteh
2008-10-24 18:57 . 2007-07-30 18:19 271,224 --a------ c:\windows\system32\mucltui.dll
2008-10-24 18:57 . 2007-07-30 18:19 207,736 --a------ c:\windows\system32\muweb.dll
2008-10-24 18:57 . 2007-07-30 18:19 30,072 --a------ c:\windows\system32\mucltui.dll.mui
2008-10-24 18:29 . 2008-10-24 18:29 <DIR> d-------- c:\documents and settings\Aco29\Application Data\vlc
2008-10-24 16:23 . 2008-04-13 23:15 26,368 --a--c--- c:\windows\system32\dllcache\usbstor.sys
2008-10-24 10:54 . 2008-10-24 11:01 <DIR> d-------- c:\program files\Windows Live
2008-10-24 10:54 . 2008-10-24 10:56 <DIR> d--hsc--- c:\program files\Common Files\WindowsLiveInstaller
2008-10-24 10:53 . 2008-10-24 10:53 <DIR> d-------- c:\documents and settings\All Users\Application Data\WLInstaller
2008-10-24 10:50 . 2008-10-24 10:50 <DIR> d-------- c:\documents and settings\Aco29\Contacts
2008-10-24 10:47 . 2008-10-22 15:10 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys
2008-10-24 10:20 . 2008-10-24 10:20 <DIR> d-------- c:\documents and settings\Aco29\Application Data\Uniblue
2008-10-24 10:18 . 2008-10-24 10:16 737,280 --a------ c:\windows\iun6002.exe
2008-10-24 10:17 . 2008-10-24 10:18 <DIR> d-------- c:\program files\Codec Pack - All In 1
2008-10-24 10:12 . 2008-10-24 10:12 <DIR> d-------- c:\program files\VS Revo Group
2008-10-24 09:10 . 2008-10-24 09:10 <DIR> d-------- c:\program files\FLV Player
2008-10-24 08:38 . 2008-10-24 08:38 <DIR> d-------- c:\program files\Unlocker
2008-10-24 08:35 . 2008-10-24 08:35 <DIR> d-------- c:\program files\Real
2008-10-24 08:35 . 2008-10-24 08:35 <DIR> d-------- c:\program files\Common Files\xing shared
2008-10-24 08:35 . 2008-10-24 08:35 <DIR> d-------- c:\program files\Common Files\Real
2008-10-24 08:35 . 2008-10-24 08:35 499,712 --a------ c:\windows\system32\msvcp71.dll
2008-10-24 08:10 . 2008-10-25 10:20 <DIR> d-------- c:\documents and settings\Aco29\Application Data\ACD Systems
2008-10-24 00:01 . 2008-10-24 00:23 <DIR> d-------- c:\windows\NV38202988.TMP
2008-10-24 00:01 . 2008-09-17 22:55 201,050 --a------ c:\windows\system32\nvapps.nvb
2008-10-23 22:40 . 2008-10-23 22:40 <DIR> d--hs---- c:\documents and settings\Aco29\UserData
2008-10-23 22:21 . 2008-10-28 23:35 <DIR> d-------- c:\documents and settings\Aco29\Application Data\Skype

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-11-07 22:56 196,608 ----a-w c:\windows\system32\drivers\nAsmedia.bin
2008-11-06 16:08 --------- d--h--w c:\program files\InstallShield Installation Information
2008-11-01 16:51 196,608 ----a-w c:\windows\system32\drivers\nStandard.bin
2008-10-31 18:06 --------- d-----w c:\program files\TuneUp Utilities 2008
2008-10-31 17:21 --------- d-----w c:\program files\IObit
2008-10-29 19:17 --------- d-----w c:\program files\ESET
2008-10-29 19:17 --------- d-----w c:\documents and settings\All Users\Application Data\ESET
2008-10-29 19:16 --------- d-----w c:\program files\Ashampoo
2008-10-27 13:54 47,360 ----a-w c:\windows\system32\drivers\pcouffin.sys
2008-10-24 09:48 --------- d-----w c:\program files\Malwarebytes' Anti-Malware
2008-10-24 09:18 --------- d-----w c:\program files\Mv2Player
2008-10-24 07:35 348,160 ----a-w c:\windows\system32\msvcr71.dll
2008-10-23 22:28 --------- d-----w c:\program files\Windows Media Connect 2
2008-10-23 21:23 --------- d-----w c:\program files\Picasa2
2008-10-23 21:23 --------- d-----w c:\program files\Google
2008-10-23 21:21 --------- d-----w c:\program files\Skype
2008-10-23 21:21 --------- d-----w c:\program files\NetMeter
2008-10-23 21:21 --------- d-----w c:\program files\Common Files\Skype
2008-10-23 21:20 --------- d-----w c:\documents and settings\All Users\Application Data\Skype
2008-10-23 21:19 --------- d-----w c:\program files\Java
2008-10-23 21:19 --------- d-----w c:\program files\EASEUS
2008-10-23 21:19 --------- d-----w c:\program files\Common Files\Java
2008-10-23 21:17 --------- d-----w c:\program files\VideoLAN
2008-10-23 21:10 --------- d-----w c:\program files\TechSmith
2008-10-23 21:07 --------- d-----w c:\program files\Reference Assemblies
2008-10-23 21:07 --------- d-----w c:\program files\MSBuild
2008-10-23 20:59 --------- d-----w c:\program files\Video Convert Master
2008-10-23 20:59 --------- d-----w c:\program files\Common Files\Wise Installation Wizard
2008-10-23 20:59 --------- d-----w c:\documents and settings\All Users\Application Data\TuneUp Software
2008-10-23 20:59 --------- d-----w c:\documents and settings\Aco29\Application Data\TuneUp Software
2008-10-23 20:58 --------- d-----w c:\program files\Common Files\InstallShield
2008-10-23 20:58 --------- d-----w c:\program files\ASUSTeK
2008-10-23 20:57 --------- d-----w c:\program files\AC3Filter
2008-10-23 20:54 --------- d-----w c:\program files\Common Files\ACD Systems
2008-10-23 20:54 --------- d-----w c:\program files\ACD Systems
2008-10-23 20:54 --------- d-----w c:\documents and settings\All Users\Application Data\ACD Systems
2008-10-23 20:53 --------- d-----w c:\documents and settings\Aco29\Application Data\Winamp
2008-10-23 20:51 --------- d-----w c:\program files\Winamp
2008-10-23 20:48 --------- d-----w c:\program files\CDex_140b9
2008-10-23 20:48 --------- d-----w c:\documents and settings\All Users\Application Data\WinZip
2008-10-23 20:44 --------- d-----w c:\documents and settings\All Users\Application Data\Malwarebytes
2008-10-23 20:44 --------- d-----w c:\documents and settings\Aco29\Application Data\Malwarebytes
2008-10-23 20:43 --------- d-----w c:\documents and settings\Aco29\Application Data\Ashampoo
2008-10-23 20:42 --------- d-----w c:\documents and settings\All Users\Application Data\ashampoo
2008-10-23 20:41 21,419 ----a-w c:\windows\system32\drivers\AegisP.sys
2008-10-23 20:41 --------- d-----w c:\program files\OVISLINK
2008-10-23 20:41 --------- d-----w c:\documents and settings\Aco29\Application Data\InstallShield
2008-10-23 20:38 --------- d-----w c:\program files\ASUS
2008-10-23 20:35 12,288 ----a-w c:\windows\system32\drivers\EIO64_xp.sys
2008-10-23 20:33 --------- d-----w c:\program files\My Company Name
2008-10-23 20:28 315,392 ----a-w c:\windows\HideWin.exe
2008-10-23 20:28 --------- d-----w c:\program files\Realtek
2008-10-23 20:26 --------- d-----w c:\program files\VIA
2008-10-23 20:20 --------- d-----w c:\program files\microsoft frontpage
2008-10-22 14:10 15,504 ----a-w c:\windows\system32\drivers\mbam.sys
2008-09-20 07:16 170,496 ----a-w c:\windows\system32\BootMan.exe
2008-09-19 18:42 86,408 ----a-w c:\windows\system32\setupempdrv03.exe
2008-09-19 18:42 8,704 ----a-w c:\windows\system32\epmntdrv.sys
2008-09-19 18:42 3,072 ----a-w c:\windows\system32\EuGdiDrv.sys
2008-09-19 18:42 14,848 ----a-w c:\windows\system32\EuEpmGdi.dll
2008-09-19 16:10 86,016 ----a-w c:\windows\system32\ResizeNTFS.dll
2008-09-19 16:10 61,952 ----a-w c:\windows\system32\FatResizeMove.dll
2008-09-19 16:10 472,576 ----a-w c:\windows\system32\NTFSFormat.dll
2008-09-19 16:10 22,016 ----a-w c:\windows\system32\FatFormat.dll
2008-09-19 16:09 92,672 ----a-w c:\windows\system32\Partition.dll
2008-09-19 16:09 31,744 ----a-w c:\windows\system32\FatLib.dll
2008-09-19 16:09 179,200 ----a-w c:\windows\system32\DeviceManager.dll
2008-09-19 16:09 124,416 ----a-w c:\windows\system32\NTFSCopy.dll
2008-09-19 16:08 86,528 ----a-w c:\windows\system32\NTFSLib.dll
2008-09-19 16:08 68,096 ----a-w c:\windows\system32\Device.dll
2008-09-19 16:08 6,144 ----a-w c:\windows\system32\CallbackOperator.dll
2008-09-19 16:08 44,032 ----a-w c:\windows\system32\FileSystemCheck.dll
2008-09-19 16:08 25,088 ----a-w c:\windows\system32\FATFileSystemAnalyser.dll
2008-09-19 16:08 24,576 ----a-w c:\windows\system32\NTFSFileSystemAnalyser.dll
2008-09-19 16:08 21,504 ----a-w c:\windows\system32\Fixup.dll
2008-09-19 16:08 14,848 ----a-w c:\windows\system32\FileSystemAnalyser.dll
2008-09-19 16:08 10,752 ----a-w c:\windows\system32\DeviceAdapter.dll
2008-09-15 12:12 1,846,400 ----a-w c:\windows\system32\win32k.sys
2008-09-08 10:41 333,824 ----a-w c:\windows\system32\drivers\srv.sys
2008-08-26 07:24 826,368 ----a-w c:\windows\system32\wininet.dll
2008-08-14 10:11 2,189,184 ----a-w c:\windows\system32\ntoskrnl.exe
2008-08-14 09:33 2,066,048 ----a-w c:\windows\system32\ntkrnlpa.exe
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"c:\program files\NetMeter\NetMeter.exe"="c:\program files\NetMeter\NetMeter.exe" [2007-08-11 331264]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-09-17 13574144]
"WinampAgent"="c:\program files\Winamp\winampa.exe" [2008-08-04 36352]
"{0228e555-4f9c-4e35-a3ec-b109a192b4c2}"="c:\program files\Google\Gmail Notifier\gnotify.exe" [2005-07-15 479232]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-09-17 86016]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2008-07-01 1447168]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2008-10-24 185872]
"RTHDCPL"="RTHDCPL.EXE" [2007-02-26 c:\windows\RTHDCPL.exe]
"SkyTel"="SkyTel.EXE" [2006-05-16 c:\windows\SkyTel.exe]
"nwiz"="nwiz.exe" [2008-09-17 c:\windows\system32\nwiz.exe]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
AirLive 802.11G Wireless Utility.lnk - c:\program files\OVISLINK\Common\AirliveUI.exe [2008-10-23 1290240]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoResolveSearch"= 1 (0x1)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"vidc.DIV3"= DivXc32.dll
"vidc.DIV4"= DivXc32f.dll
"msacm.divxa32"= DivXa32.acm

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"ASUS SmartDoctor"=c:\program files\ASUS\SmartDoctor\SmartDoctor.exe /start

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"ASUSGamerOSD"=c:\program files\ASUS\GamerOSD\GamerOSD.exe
"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_07\bin\jusched.exe"
"RemoteControl"="c:\program files\ASUSTeK\ASUSDVD\PDVDServ.exe"
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" -osboot
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" -atboottime
"snpstd"=c:\windows\vsnpstd.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001
"UpdatesDisableNotify"=dword:00000001
"AntiVirusOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\eMule\\emule.exe"=
"c:\\Program Files\\Real\\RealPlayer\\realplay.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

R0 ViBus;ViBus;c:\windows\system32\DRIVERS\ViBus.sys [2007-03-26 16896]
R0 videX32;videX32;c:\windows\system32\DRIVERS\videX32.sys [2007-03-29 9216]
R0 ViPrt;VIA SATA IDE Device Driver;c:\windows\system32\DRIVERS\ViPrt.sys [2007-03-26 52224]
R1 EIO_XP;EIO_XP;c:\windows\system32\drivers\EIO_XP.sys [2006-06-14 12288]
R1 epfwtdir;epfwtdir;c:\windows\system32\DRIVERS\epfwtdir.sys [2008-07-01 34312]
R2 UxTuneUp;TuneUp Theme Extension;c:\windows\System32\svchost.exe [2008-04-14 14336]
R3 asusgsb;ASUS Virtual Video Capture Device Driver;c:\windows\system32\drivers\asusgsb.sys [2007-10-23 12416]
R3 Video3D;ASUS Video3D Service;c:\windows\system32\Drivers\Video3D32.sys [2007-10-23 10752]
S3 epmntdrv;epmntdrv;c:\windows\system32\epmntdrv.sys [2008-09-19 8704]
S3 EuGdiDrv;EuGdiDrv;c:\windows\system32\EuGdiDrv.sys [2008-09-19 3072]
S3 FET5X86V;VIA Rhine-Family Fast-Ethernet Adapter Driver Service;c:\windows\system32\DRIVERS\fetnd5bv.sys [2007-02-27 42496]
S3 s115bus;Sony Ericsson Device 115 driver (WDM);c:\windows\system32\DRIVERS\s115bus.sys [2007-04-23 83208]
S3 s115mdfl;Sony Ericsson Device 115 USB WMC Modem Filter;c:\windows\system32\DRIVERS\s115mdfl.sys [2007-04-23 15112]
S3 s115mdm;Sony Ericsson Device 115 USB WMC Modem Driver;c:\windows\system32\DRIVERS\s115mdm.sys [2007-04-23 108680]
S3 s115mgmt;Sony Ericsson Device 115 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\s115mgmt.sys [2007-04-23 100488]
S3 s115obex;Sony Ericsson Device 115 USB WMC OBEX Interface;c:\windows\system32\DRIVERS\s115obex.sys [2007-04-23 98568]
S3 TuneUp.Defrag;TuneUp Drive Defrag Service;c:\windows\System32\TuneUpDefragService.exe [2008-10-28 355584]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Contents of the 'Scheduled Tasks' folder

2008-11-08 c:\windows\Tasks\1-Click Maintenance.job
- c:\program files\TuneUp Utilities 2008\OneClickStarter.exe [2008-06-20 09:09]
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-11-08 01:51:01
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2008-11-08 1:51:32
ComboFix-quarantined-files.txt 2008-11-08 00:51:28
ComboFix2.txt 2008-11-07 18:57:20

Pre-Run: 45,419,560,960 bytes free
Post-Run: 45,441,515,520 bytes free

307 --- E O F --- 2008-11-05 14:18:43

offline
  • dr_Bora  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 24 Jul 2007
  • Poruke: 12280
  • Gde živiš: Höganäs, SE

Otvoriti Notepad i iskopirati sledeci tekst:

File::
c:\documents and settings\Aco29\Application Data\comrepl.exe

DirLook::
c:\program files\My Company Name


Snimiti na Desktop fajl iz Notepada kao "CFScript"




Prevuci snimljeni skript/tekst na ComboFix ikonicu kao na slici.
Postaviti u sledecoj poruci log koji bude bio napravljen na kraju ciscenja/skeniranja.

offline
  • Aco  Male
  • Moderator foruma
  • Aleksandar
  • Pridružio: 12 Maj 2006
  • Poruke: 16823
  • Gde živiš: /home/aco

Evo logo dr Bora..

ComboFix 08-11-07.01 - Aco29 2008-11-08 13:42:49.3 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1010 [GMT 1:00]
Running from: c:\documents and settings\Aco29\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\Aco29\Desktop\CFScript.txt
* Created a new restore point
* Resident AV is active


FILE ::
c:\documents and settings\Aco29\Application Data\comrepl.exe
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\Aco29\Application Data\comrepl.exe

.
((((((((((((((((((((((((( Files Created from 2008-10-08 to 2008-11-08 )))))))))))))))))))))))))))))))
.

2008-11-08 13:35 . 2008-11-08 13:35 <DIR> d-------- c:\windows\LastGood
2008-11-08 13:31 . 2008-11-08 13:32 <DIR> d-------- c:\program files\direkt
2008-11-07 18:45 . 2008-11-07 18:45 <DIR> d-------- c:\program files\Uniblue
2008-11-07 11:13 . 2008-11-07 11:13 244 --ah----- C:\sqmnoopt02.sqm
2008-11-07 11:13 . 2008-11-07 11:13 232 --ah----- C:\sqmdata02.sqm
2008-11-05 15:18 . 2008-11-05 15:18 <DIR> d-------- c:\program files\MSXML 4.0
2008-11-04 17:02 . 2008-11-04 17:02 <DIR> d-------- c:\windows\Performance
2008-11-04 17:02 . 2008-11-04 17:39 <DIR> d-------- c:\documents and settings\All Users\Application Data\Microsoft Corporation
2008-11-02 20:50 . 2008-11-02 20:50 <DIR> d--h----- c:\windows\PIF
2008-11-01 17:42 . 2008-11-01 17:42 <DIR> d--hs---- c:\windows\ftpcache
2008-11-01 12:48 . 2008-11-01 12:51 <DIR> d-------- c:\program files\MP3Gain
2008-11-01 11:59 . 2008-11-07 19:06 <DIR> d-------- c:\program files\Lavalys
2008-11-01 11:39 . 2008-11-01 11:39 <DIR> d-------- c:\program files\PC Wizard 2008
2008-11-01 11:39 . 2007-09-15 16:11 27,136 --a------ c:\windows\system32\PCWizard.cpl
2008-11-01 00:46 . 2008-11-04 17:15 <DIR> d-------- c:\windows\BDOSCAN8
2008-10-31 19:23 . 2008-10-31 19:23 <DIR> d-------- c:\program files\Common Files\VCAMEye
2008-10-31 19:23 . 2005-06-20 21:27 390,912 --a------ c:\windows\system32\drivers\snpstd.sys
2008-10-31 19:23 . 2004-06-10 13:48 286,720 --a------ c:\windows\vsnpstd.exe
2008-10-31 19:23 . 2005-04-15 06:20 98,304 --a------ c:\windows\system32\rsnpstd.dll
2008-10-31 19:23 . 2004-02-16 13:59 61,440 --a------ c:\windows\system32\csnpstd.dll
2008-10-31 19:23 . 2004-05-06 11:22 53,248 --a------ c:\windows\system32\dsnpstd.dll
2008-10-31 19:23 . 2004-09-24 10:58 36,864 --a------ c:\windows\system32\vsnpstd.dll
2008-10-31 19:23 . 2005-05-30 23:09 36,864 --a------ c:\windows\system32\dsnpstd.ax
2008-10-31 19:23 . 2003-01-17 17:34 15,541 --a------ c:\windows\snpstd.ini
2008-10-31 19:23 . 2003-01-17 17:35 13,023 --a------ c:\windows\snpstd.src
2008-10-31 18:09 . 2008-10-31 18:10 <DIR> d-------- c:\program files\QuickTime
2008-10-31 18:09 . 2008-10-31 18:09 <DIR> d-------- c:\program files\Apple Software Update
2008-10-31 18:09 . 2008-10-31 22:41 <DIR> d-------- c:\documents and settings\All Users\Application Data\Apple Computer
2008-10-31 18:09 . 2008-10-31 18:09 <DIR> d-------- c:\documents and settings\All Users\Application Data\Apple
2008-10-31 18:03 . 2008-10-31 18:03 0 --a------ c:\windows\mngui.INI
2008-10-31 17:54 . 2008-10-31 22:53 <DIR> d-------- c:\documents and settings\Aco29\Application Data\Teleca
2008-10-31 17:54 . 2007-04-23 15:54 108,680 -ra------ c:\windows\system32\drivers\s115mdm.sys
2008-10-31 17:54 . 2007-04-23 15:54 100,488 -ra------ c:\windows\system32\drivers\s115mgmt.sys
2008-10-31 17:54 . 2007-04-23 15:54 98,568 -ra------ c:\windows\system32\drivers\s115obex.sys
2008-10-31 17:54 . 2007-04-23 15:54 83,208 -ra------ c:\windows\system32\drivers\s115bus.sys
2008-10-31 17:54 . 2007-04-23 15:54 15,112 -ra------ c:\windows\system32\drivers\s115mdfl.sys
2008-10-31 17:54 . 2007-04-23 15:54 12,424 -ra------ c:\windows\system32\drivers\s115whnt.sys
2008-10-31 17:54 . 2007-04-23 15:54 12,424 -ra------ c:\windows\system32\drivers\s115wh.sys
2008-10-31 17:54 . 2007-04-23 15:54 12,424 -ra------ c:\windows\system32\drivers\s115cmnt.sys
2008-10-31 17:54 . 2007-04-23 15:54 12,424 -ra------ c:\windows\system32\drivers\s115cm.sys
2008-10-31 17:52 . 2008-10-31 22:53 <DIR> d-------- c:\program files\Common Files\Teleca Shared
2008-10-31 17:52 . 2008-10-31 17:52 <DIR> d-------- c:\documents and settings\Aco29\Application Data\Sony Ericsson
2008-10-31 17:51 . 2008-10-31 22:52 <DIR> d-------- c:\documents and settings\All Users\Application Data\Teleca
2008-10-31 17:51 . 2008-10-31 22:53 <DIR> d-------- c:\documents and settings\All Users\Application Data\Sony Ericsson
2008-10-30 19:22 . 2008-10-30 19:22 <DIR> d-------- c:\program files\Microsoft Silverlight
2008-10-30 18:15 . 2008-10-30 18:15 <DIR> d-------- c:\documents and settings\Aco29\Application Data\Lavasoft
2008-10-30 18:08 . 2008-11-06 00:30 <DIR> d-a------ c:\documents and settings\All Users\Application Data\TEMP
2008-10-30 17:51 . 2008-10-31 22:44 <DIR> d-------- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2008-10-30 17:50 . 2008-10-31 22:44 <DIR> d-------- c:\program files\Lavasoft
2008-10-30 17:49 . 2008-10-30 17:49 <DIR> d-------- c:\documents and settings\All Users\Application Data\Prevx
2008-10-30 17:26 . 2008-10-30 17:26 <DIR> d-------- c:\windows\system32\GroupPolicy
2008-10-30 17:26 . 2004-03-09 00:00 1,081,616 --a------ c:\windows\system32\MSCOMCTL.OCX
2008-10-29 19:10 . 2008-10-29 19:12 90 --a------ c:\windows\ae_mini.INI
2008-10-29 19:07 . 2008-10-29 19:07 399 --a------ c:\windows\asr.INI
2008-10-29 19:04 . 2008-10-29 19:04 <DIR> d-------- c:\program files\Common Files\Adobe
2008-10-29 19:00 . 2008-10-29 19:05 <DIR> d-------- c:\documents and settings\Aco29\dwhelper
2008-10-29 18:49 . 2008-10-29 18:49 <DIR> d-------- c:\windows\Sun
2008-10-28 00:40 . 2008-10-28 00:40 355,584 --a------ c:\windows\system32\TuneUpDefragService.exe
2008-10-28 00:40 . 2008-05-29 09:28 28,416 --a------ c:\windows\system32\uxtuneup.dll
2008-10-27 23:38 . 2008-10-27 23:55 2,211,894 --a------ c:\windows\ACD Wallpaper.bmp
2008-10-27 21:20 . 2008-10-27 21:20 <DIR> d-------- c:\documents and settings\Aco29\Application Data\dvdcss
2008-10-27 20:07 . 2008-11-06 22:10 <DIR> d-------- c:\program files\eMule
2008-10-27 19:24 . 2008-10-28 16:05 <DIR> d-------- c:\documents and settings\Aco29\Application Data\skypePM
2008-10-27 19:24 . 2008-10-27 19:24 56 --ah----- c:\windows\system32\ezsidmv.dat
2008-10-27 17:18 . 2008-10-27 17:18 <DIR> d-------- c:\documents and settings\Aco29\Application Data\CyberLink
2008-10-27 14:54 . 2008-10-27 14:54 <DIR> d-------- c:\program files\VSO
2008-10-27 14:54 . 2008-10-27 21:12 <DIR> d-------- c:\documents and settings\Aco29\Application Data\Vso
2008-10-27 14:54 . 2004-05-04 12:53 1,645,320 --a------ c:\windows\gdiplus.dll
2008-10-27 14:54 . 2006-05-20 17:16 1,184,984 --a------ c:\windows\system32\wvc1dmod.dll
2008-10-27 14:54 . 2006-05-11 20:21 626,688 --a------ c:\windows\system32\vp7vfw.dll
2008-10-27 14:54 . 2006-09-29 13:24 217,127 --a------ c:\windows\system32\drv43260.dll
2008-10-27 14:54 . 2006-09-29 13:25 208,935 --a------ c:\windows\system32\drv33260.dll
2008-10-27 14:54 . 2006-09-29 13:26 176,165 --a------ c:\windows\system32\drv23260.dll
2008-10-27 14:54 . 2007-03-18 21:37 65,602 --a------ c:\windows\system32\cook3260.dll
2008-10-27 14:54 . 2008-10-27 14:54 47,360 --a------ c:\documents and settings\Aco29\Application Data\pcouffin.sys
2008-10-26 10:01 . 2008-10-26 10:20 <DIR> d-------- c:\program files\Readon Technology
2008-10-25 13:12 . 2008-04-13 23:15 10,368 --a------ c:\windows\system32\drivers\hidusb.sys
2008-10-25 13:12 . 2008-04-13 23:15 10,368 --a--c--- c:\windows\system32\dllcache\hidusb.sys
2008-10-25 11:51 . 2008-10-25 12:46 <DIR> d-------- c:\program files\Webteh
2008-10-24 18:57 . 2007-07-30 18:19 271,224 --a------ c:\windows\system32\mucltui.dll
2008-10-24 18:57 . 2007-07-30 18:19 207,736 --a------ c:\windows\system32\muweb.dll
2008-10-24 18:57 . 2007-07-30 18:19 30,072 --a------ c:\windows\system32\mucltui.dll.mui
2008-10-24 18:29 . 2008-10-24 18:29 <DIR> d-------- c:\documents and settings\Aco29\Application Data\vlc
2008-10-24 16:23 . 2008-04-13 23:15 26,368 --a--c--- c:\windows\system32\dllcache\usbstor.sys
2008-10-24 10:54 . 2008-10-24 11:01 <DIR> d-------- c:\program files\Windows Live
2008-10-24 10:54 . 2008-10-24 10:56 <DIR> d--hsc--- c:\program files\Common Files\WindowsLiveInstaller
2008-10-24 10:53 . 2008-10-24 10:53 <DIR> d-------- c:\documents and settings\All Users\Application Data\WLInstaller
2008-10-24 10:50 . 2008-10-24 10:50 <DIR> d-------- c:\documents and settings\Aco29\Contacts
2008-10-24 10:47 . 2008-10-22 15:10 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys
2008-10-24 10:20 . 2008-10-24 10:20 <DIR> d-------- c:\documents and settings\Aco29\Application Data\Uniblue
2008-10-24 10:18 . 2008-10-24 10:16 737,280 --a------ c:\windows\iun6002.exe
2008-10-24 10:17 . 2008-10-24 10:18 <DIR> d-------- c:\program files\Codec Pack - All In 1
2008-10-24 10:12 . 2008-10-24 10:12 <DIR> d-------- c:\program files\VS Revo Group
2008-10-24 09:10 . 2008-10-24 09:10 <DIR> d-------- c:\program files\FLV Player
2008-10-24 08:38 . 2008-10-24 08:38 <DIR> d-------- c:\program files\Unlocker
2008-10-24 08:35 . 2008-10-24 08:35 <DIR> d-------- c:\program files\Real
2008-10-24 08:35 . 2008-10-24 08:35 <DIR> d-------- c:\program files\Common Files\xing shared
2008-10-24 08:35 . 2008-10-24 08:35 <DIR> d-------- c:\program files\Common Files\Real
2008-10-24 08:35 . 2008-10-24 08:35 499,712 --a------ c:\windows\system32\msvcp71.dll
2008-10-24 08:10 . 2008-10-25 10:20 <DIR> d-------- c:\documents and settings\Aco29\Application Data\ACD Systems
2008-10-24 00:01 . 2008-10-24 00:23 <DIR> d-------- c:\windows\NV38202988.TMP
2008-10-24 00:01 . 2008-09-17 22:55 201,050 --a------ c:\windows\system32\nvapps.nvb
2008-10-23 22:40 . 2008-10-23 22:40 <DIR> d--hs---- c:\documents and settings\Aco29\UserData
2008-10-23 22:21 . 2008-10-28 23:35 <DIR> d-------- c:\documents and settings\Aco29\Application Data\Skype

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-11-08 11:22 196,608 ----a-w c:\windows\system32\drivers\nAsmedia.bin
2008-11-06 16:08 --------- d--h--w c:\program files\InstallShield Installation Information
2008-11-01 16:51 196,608 ----a-w c:\windows\system32\drivers\nStandard.bin
2008-10-31 18:06 --------- d-----w c:\program files\TuneUp Utilities 2008
2008-10-31 17:21 --------- d-----w c:\program files\IObit
2008-10-29 19:17 --------- d-----w c:\program files\ESET
2008-10-29 19:17 --------- d-----w c:\documents and settings\All Users\Application Data\ESET
2008-10-29 19:16 --------- d-----w c:\program files\Ashampoo
2008-10-27 13:54 47,360 ----a-w c:\windows\system32\drivers\pcouffin.sys
2008-10-27 09:04 70,992 ----a-w c:\windows\system32\XAPOFX1_2.dll
2008-10-27 09:04 514,384 ----a-w c:\windows\system32\XAudio2_3.dll
2008-10-27 09:04 235,856 ----a-w c:\windows\system32\xactengine3_3.dll
2008-10-27 09:04 23,376 ----a-w c:\windows\system32\X3DAudio1_5.dll
2008-10-24 09:48 --------- d-----w c:\program files\Malwarebytes' Anti-Malware
2008-10-24 09:18 --------- d-----w c:\program files\Mv2Player
2008-10-24 07:35 348,160 ----a-w c:\windows\system32\msvcr71.dll
2008-10-23 22:28 --------- d-----w c:\program files\Windows Media Connect 2
2008-10-23 21:23 --------- d-----w c:\program files\Picasa2
2008-10-23 21:23 --------- d-----w c:\program files\Google
2008-10-23 21:21 --------- d-----w c:\program files\Skype
2008-10-23 21:21 --------- d-----w c:\program files\NetMeter
2008-10-23 21:21 --------- d-----w c:\program files\Common Files\Skype
2008-10-23 21:20 --------- d-----w c:\documents and settings\All Users\Application Data\Skype
2008-10-23 21:19 --------- d-----w c:\program files\Java
2008-10-23 21:19 --------- d-----w c:\program files\EASEUS
2008-10-23 21:19 --------- d-----w c:\program files\Common Files\Java
2008-10-23 21:17 --------- d-----w c:\program files\VideoLAN
2008-10-23 21:10 --------- d-----w c:\program files\TechSmith
2008-10-23 21:07 --------- d-----w c:\program files\Reference Assemblies
2008-10-23 21:07 --------- d-----w c:\program files\MSBuild
2008-10-23 20:59 --------- d-----w c:\program files\Video Convert Master
2008-10-23 20:59 --------- d-----w c:\program files\Common Files\Wise Installation Wizard
2008-10-23 20:59 --------- d-----w c:\documents and settings\All Users\Application Data\TuneUp Software
2008-10-23 20:59 --------- d-----w c:\documents and settings\Aco29\Application Data\TuneUp Software
2008-10-23 20:58 --------- d-----w c:\program files\Common Files\InstallShield
2008-10-23 20:58 --------- d-----w c:\program files\ASUSTeK
2008-10-23 20:57 --------- d-----w c:\program files\AC3Filter
2008-10-23 20:54 --------- d-----w c:\program files\Common Files\ACD Systems
2008-10-23 20:54 --------- d-----w c:\program files\ACD Systems
2008-10-23 20:54 --------- d-----w c:\documents and settings\All Users\Application Data\ACD Systems
2008-10-23 20:53 --------- d-----w c:\documents and settings\Aco29\Application Data\Winamp
2008-10-23 20:51 --------- d-----w c:\program files\Winamp
2008-10-23 20:48 --------- d-----w c:\program files\CDex_140b9
2008-10-23 20:48 --------- d-----w c:\documents and settings\All Users\Application Data\WinZip
2008-10-23 20:44 --------- d-----w c:\documents and settings\All Users\Application Data\Malwarebytes
2008-10-23 20:44 --------- d-----w c:\documents and settings\Aco29\Application Data\Malwarebytes
2008-10-23 20:43 --------- d-----w c:\documents and settings\Aco29\Application Data\Ashampoo
2008-10-23 20:42 --------- d-----w c:\documents and settings\All Users\Application Data\ashampoo
2008-10-23 20:41 21,419 ----a-w c:\windows\system32\drivers\AegisP.sys
2008-10-23 20:41 --------- d-----w c:\program files\OVISLINK
2008-10-23 20:41 --------- d-----w c:\documents and settings\Aco29\Application Data\InstallShield
2008-10-23 20:38 --------- d-----w c:\program files\ASUS
2008-10-23 20:35 12,288 ----a-w c:\windows\system32\drivers\EIO64_xp.sys
2008-10-23 20:33 --------- d-----w c:\program files\My Company Name
2008-10-23 20:28 315,392 ----a-w c:\windows\HideWin.exe
2008-10-23 20:28 --------- d-----w c:\program files\Realtek
2008-10-23 20:26 --------- d-----w c:\program files\VIA
2008-10-23 20:20 --------- d-----w c:\program files\microsoft frontpage
2008-10-22 14:10 15,504 ----a-w c:\windows\system32\drivers\mbam.sys
2008-10-10 03:52 452,440 ----a-w c:\windows\system32\d3dx10_40.dll
2008-10-10 03:52 4,379,984 ----a-w c:\windows\system32\D3DX9_40.dll
2008-10-10 03:52 2,036,576 ----a-w c:\windows\system32\D3DCompiler_40.dll
2008-09-20 07:16 170,496 ----a-w c:\windows\system32\BootMan.exe
2008-09-19 18:42 86,408 ----a-w c:\windows\system32\setupempdrv03.exe
2008-09-19 18:42 8,704 ----a-w c:\windows\system32\epmntdrv.sys
2008-09-19 18:42 3,072 ----a-w c:\windows\system32\EuGdiDrv.sys
2008-09-19 18:42 14,848 ----a-w c:\windows\system32\EuEpmGdi.dll
2008-09-19 16:10 86,016 ----a-w c:\windows\system32\ResizeNTFS.dll
2008-09-19 16:10 61,952 ----a-w c:\windows\system32\FatResizeMove.dll
2008-09-19 16:10 472,576 ----a-w c:\windows\system32\NTFSFormat.dll
2008-09-19 16:10 22,016 ----a-w c:\windows\system32\FatFormat.dll
2008-09-19 16:09 92,672 ----a-w c:\windows\system32\Partition.dll
2008-09-19 16:09 31,744 ----a-w c:\windows\system32\FatLib.dll
2008-09-19 16:09 179,200 ----a-w c:\windows\system32\DeviceManager.dll
2008-09-19 16:09 124,416 ----a-w c:\windows\system32\NTFSCopy.dll
2008-09-19 16:08 86,528 ----a-w c:\windows\system32\NTFSLib.dll
2008-09-19 16:08 68,096 ----a-w c:\windows\system32\Device.dll
2008-09-19 16:08 6,144 ----a-w c:\windows\system32\CallbackOperator.dll
2008-09-19 16:08 44,032 ----a-w c:\windows\system32\FileSystemCheck.dll
2008-09-19 16:08 25,088 ----a-w c:\windows\system32\FATFileSystemAnalyser.dll
2008-09-19 16:08 24,576 ----a-w c:\windows\system32\NTFSFileSystemAnalyser.dll
2008-09-19 16:08 21,504 ----a-w c:\windows\system32\Fixup.dll
2008-09-19 16:08 14,848 ----a-w c:\windows\system32\FileSystemAnalyser.dll
2008-09-19 16:08 10,752 ----a-w c:\windows\system32\DeviceAdapter.dll
2008-09-15 12:12 1,846,400 ----a-w c:\windows\system32\win32k.sys
2008-09-08 10:41 333,824 ----a-w c:\windows\system32\drivers\srv.sys
2008-08-26 07:24 826,368 ----a-w c:\windows\system32\wininet.dll
2008-08-14 10:11 2,189,184 ----a-w c:\windows\system32\ntoskrnl.exe
2008-08-14 09:33 2,066,048 ----a-w c:\windows\system32\ntkrnlpa.exe
.

(((((((((((((((((((((((((((((((((((((((((((( Look )))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.

---- Directory of c:\program files\My Company Name ----



((((((((((((((((((((((((((((( snapshot@2008-11-07_19.56.52.50 )))))))))))))))))))))))))))))))))))))))))
.
- 2008-11-01 09:06:24 53,248 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.AudioVideoPlayback\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.AudioVideoPlayback.dll
+ 2008-11-08 12:32:39 53,248 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.AudioVideoPlayback\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.AudioVideoPlayback.dll
- 2008-11-01 09:06:24 12,800 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Diagnostics\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Diagnostics.dll
+ 2008-11-08 12:32:39 12,800 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Diagnostics\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Diagnostics.dll
- 2008-11-01 09:06:24 473,600 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3D\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3D.dll
+ 2008-11-08 12:32:39 473,600 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3D\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3D.dll
- 2008-11-01 09:06:22 2,676,224 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2008-11-08 12:32:37 2,676,224 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2008-11-01 09:06:22 2,846,720 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2903.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2008-11-08 12:32:37 2,846,720 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2903.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2008-11-01 09:06:23 563,712 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2904.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2008-11-08 12:32:37 563,712 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2904.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2008-11-01 09:06:23 567,296 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2905.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2008-11-08 12:32:37 567,296 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2905.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2008-11-01 09:06:23 576,000 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2906.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2008-11-08 12:32:38 576,000 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2906.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2008-11-01 09:06:23 577,024 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2907.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2008-11-08 12:32:38 577,024 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2907.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2008-11-01 09:06:23 577,536 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2908.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2008-11-08 12:32:38 577,536 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2908.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2008-11-01 09:06:23 577,536 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2909.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2008-11-08 12:32:38 577,536 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2909.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2008-11-01 09:06:23 578,560 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2910.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2008-11-08 12:32:38 578,560 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2910.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2008-11-01 09:06:24 578,560 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2911.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2008-11-08 12:32:39 578,560 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2911.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2008-11-01 09:06:24 145,920 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.DirectDraw\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectDraw.dll
+ 2008-11-08 12:32:39 145,920 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.DirectDraw\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectDraw.dll
- 2008-11-01 09:06:25 159,232 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.DirectInput\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectInput.dll
+ 2008-11-08 12:32:39 159,232 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.DirectInput\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectInput.dll
- 2008-11-01 09:06:25 364,544 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.DirectPlay\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectPlay.dll
+ 2008-11-08 12:32:39 364,544 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.DirectPlay\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectPlay.dll
- 2008-11-01 09:06:25 178,176 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.DirectSound\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectSound.dll
+ 2008-11-08 12:32:39 178,176 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.DirectSound\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectSound.dll
- 2008-11-01 09:06:24 223,232 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.dll
+ 2008-11-08 12:32:39 223,232 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.dll
+ 2008-05-30 13:17:40 97,288 ----a-w c:\windows\LastGood\system32\directx\websetup\dsetup.dll
+ 2008-05-30 13:17:38 1,694,728 ----a-w c:\windows\LastGood\system32\directx\websetup\dsetup32.dll
+ 2007-03-12 15:42:30 1,123,696 ----a-w c:\windows\system32\D3DCompiler_33.dll
+ 2007-05-16 15:45:16 1,124,720 ----a-w c:\windows\system32\D3DCompiler_34.dll
+ 2007-07-19 17:14:42 1,358,192 ----a-w c:\windows\system32\D3DCompiler_35.dll
+ 2007-10-12 14:14:00 1,374,232 ----a-w c:\windows\system32\D3DCompiler_36.dll
+ 2008-03-05 14:56:58 1,420,824 ----a-w c:\windows\system32\D3DCompiler_37.dll
+ 2008-05-30 13:11:46 1,491,992 ----a-w c:\windows\system32\D3DCompiler_38.dll
+ 2008-07-10 10:00:58 1,493,528 ----a-w c:\windows\system32\D3DCompiler_39.dll
+ 2007-03-15 15:57:58 443,752 ----a-w c:\windows\system32\d3dx10_33.dll
+ 2007-05-16 15:45:16 443,752 ----a-w c:\windows\system32\d3dx10_34.dll
+ 2007-07-19 17:14:42 444,776 ----a-w c:\windows\system32\d3dx10_35.dll
+ 2007-10-02 08:56:34 444,776 ----a-w c:\windows\system32\d3dx10_36.dll
+ 2008-02-05 22:07:36 462,864 ----a-w c:\windows\system32\d3dx10_37.dll
+ 2008-05-30 13:11:46 467,984 ----a-w c:\windows\system32\d3dx10_38.dll
+ 2008-07-10 10:01:00 467,984 ----a-w c:\windows\system32\d3dx10_39.dll
+ 2006-09-28 15:05:20 2,414,360 ----a-w c:\windows\system32\d3dx9_31.dll
+ 2006-11-29 12:06:18 3,426,072 ----a-w c:\windows\system32\d3dx9_32.dll
+ 2007-03-12 15:42:30 3,495,784 ----a-w c:\windows\system32\d3dx9_33.dll
+ 2007-05-16 15:45:16 3,497,832 ----a-w c:\windows\system32\d3dx9_34.dll
+ 2007-07-19 17:14:42 3,727,720 ----a-w c:\windows\system32\d3dx9_35.dll
+ 2007-10-12 14:14:00 3,734,536 ----a-w c:\windows\system32\d3dx9_36.dll
+ 2008-03-05 14:56:58 3,786,760 ----a-w c:\windows\system32\D3DX9_37.dll
+ 2008-05-30 13:11:46 3,850,760 ----a-w c:\windows\system32\D3DX9_38.dll
+ 2008-07-10 10:00:58 3,851,784 ----a-w c:\windows\system32\D3DX9_39.dll
+ 2007-03-05 11:42:18 15,128 ----a-w c:\windows\system32\x3daudio1_1.dll
+ 2007-10-22 02:37:16 17,928 ----a-w c:\windows\system32\X3DAudio1_2.dll
+ 2008-03-05 15:00:06 25,608 ----a-w c:\windows\system32\X3DAudio1_3.dll
+ 2008-05-30 13:17:00 25,608 ----a-w c:\windows\system32\X3DAudio1_4.dll
+ 2007-10-22 02:39:54 267,272 ----a-w c:\windows\system32\xactengine2_10.dll
- 2006-07-28 07:30:32 236,824 ----a-w c:\windows\system32\xactengine2_3.dll
+ 2006-07-28 08:30:32 236,824 ----a-w c:\windows\system32\xactengine2_3.dll
+ 2006-09-28 15:05:56 237,848 ----a-w c:\windows\system32\xactengine2_4.dll
+ 2006-12-08 11:02:00 251,672 ----a-w c:\windows\system32\xactengine2_5.dll
+ 2007-01-24 14:27:30 255,848 ----a-w c:\windows\system32\xactengine2_6.dll
+ 2007-04-04 17:55:00 261,480 ----a-w c:\windows\system32\xactengine2_7.dll
+ 2007-06-20 19:46:04 266,088 ----a-w c:\windows\system32\xactengine2_8.dll
+ 2007-07-19 23:57:12 267,112 ----a-w c:\windows\system32\xactengine2_9.dll
+ 2008-03-05 15:03:20 238,088 ----a-w c:\windows\system32\xactengine3_0.dll
+ 2008-05-30 13:18:52 238,088 ----a-w c:\windows\system32\xactengine3_1.dll
+ 2008-07-30 05:20:54 238,088 ----a-w c:\windows\system32\xactengine3_2.dll
+ 2008-05-30 13:17:30 65,032 ----a-w c:\windows\system32\XAPOFX1_0.dll
+ 2008-07-30 05:20:56 68,616 ----a-w c:\windows\system32\XAPOFX1_1.dll
+ 2008-03-05 15:03:54 479,752 ----a-w c:\windows\system32\XAudio2_0.dll
+ 2008-05-30 13:19:18 507,400 ----a-w c:\windows\system32\XAudio2_1.dll
+ 2008-07-30 05:20:56 509,448 ----a-w c:\windows\system32\XAudio2_2.dll
- 2006-07-28 07:30:14 62,744 ----a-w c:\windows\system32\xinput1_2.dll
+ 2006-07-28 08:30:14 62,744 ----a-w c:\windows\system32\xinput1_2.dll
+ 2007-04-04 17:53:42 81,768 ----a-w c:\windows\system32\xinput1_3.dll
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"c:\program files\NetMeter\NetMeter.exe"="c:\program files\NetMeter\NetMeter.exe" [2007-08-11 331264]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-09-17 13574144]
"WinampAgent"="c:\program files\Winamp\winampa.exe" [2008-08-04 36352]
"{0228e555-4f9c-4e35-a3ec-b109a192b4c2}"="c:\program files\Google\Gmail Notifier\gnotify.exe" [2005-07-15 479232]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-09-17 86016]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2008-07-01 1447168]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2008-10-24 185872]
"RTHDCPL"="RTHDCPL.EXE" [2007-02-26 c:\windows\RTHDCPL.exe]
"SkyTel"="SkyTel.EXE" [2006-05-16 c:\windows\SkyTel.exe]
"nwiz"="nwiz.exe" [2008-09-17 c:\windows\system32\nwiz.exe]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
AirLive 802.11G Wireless Utility.lnk - c:\program files\OVISLINK\Common\AirliveUI.exe [2008-10-23 1290240]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoResolveSearch"= 1 (0x1)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"vidc.DIV3"= DivXc32.dll
"vidc.DIV4"= DivXc32f.dll
"msacm.divxa32"= DivXa32.acm

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"ASUS SmartDoctor"=c:\program files\ASUS\SmartDoctor\SmartDoctor.exe /start

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"ASUSGamerOSD"=c:\program files\ASUS\GamerOSD\GamerOSD.exe
"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_07\bin\jusched.exe"
"RemoteControl"="c:\program files\ASUSTeK\ASUSDVD\PDVDServ.exe"
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" -osboot
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" -atboottime
"snpstd"=c:\windows\vsnpstd.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001
"UpdatesDisableNotify"=dword:00000001
"AntiVirusOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\eMule\\emule.exe"=
"c:\\Program Files\\Real\\RealPlayer\\realplay.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

R0 ViBus;ViBus;c:\windows\system32\DRIVERS\ViBus.sys [2007-03-26 16896]
R0 videX32;videX32;c:\windows\system32\DRIVERS\videX32.sys [2007-03-29 9216]
R0 ViPrt;VIA SATA IDE Device Driver;c:\windows\system32\DRIVERS\ViPrt.sys [2007-03-26 52224]
R1 EIO_XP;EIO_XP;c:\windows\system32\drivers\EIO_XP.sys [2006-06-14 12288]
R1 epfwtdir;epfwtdir;c:\windows\system32\DRIVERS\epfwtdir.sys [2008-07-01 34312]
R2 UxTuneUp;TuneUp Theme Extension;c:\windows\System32\svchost.exe [2008-04-14 14336]
R3 asusgsb;ASUS Virtual Video Capture Device Driver;c:\windows\system32\drivers\asusgsb.sys [2007-10-23 12416]
R3 Video3D;ASUS Video3D Service;c:\windows\system32\Drivers\Video3D32.sys [2007-10-23 10752]
S3 epmntdrv;epmntdrv;c:\windows\system32\epmntdrv.sys [2008-09-19 8704]
S3 EuGdiDrv;EuGdiDrv;c:\windows\system32\EuGdiDrv.sys [2008-09-19 3072]
S3 FET5X86V;VIA Rhine-Family Fast-Ethernet Adapter Driver Service;c:\windows\system32\DRIVERS\fetnd5bv.sys [2007-02-27 42496]
S3 s115bus;Sony Ericsson Device 115 driver (WDM);c:\windows\system32\DRIVERS\s115bus.sys [2007-04-23 83208]
S3 s115mdfl;Sony Ericsson Device 115 USB WMC Modem Filter;c:\windows\system32\DRIVERS\s115mdfl.sys [2007-04-23 15112]
S3 s115mdm;Sony Ericsson Device 115 USB WMC Modem Driver;c:\windows\system32\DRIVERS\s115mdm.sys [2007-04-23 108680]
S3 s115mgmt;Sony Ericsson Device 115 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\s115mgmt.sys [2007-04-23 100488]
S3 s115obex;Sony Ericsson Device 115 USB WMC OBEX Interface;c:\windows\system32\DRIVERS\s115obex.sys [2007-04-23 98568]
S3 TuneUp.Defrag;TuneUp Drive Defrag Service;c:\windows\System32\TuneUpDefragService.exe [2008-10-28 355584]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Contents of the 'Scheduled Tasks' folder

2008-11-08 c:\windows\Tasks\1-Click Maintenance.job
- c:\program files\TuneUp Utilities 2008\OneClickStarter.exe [2008-06-20 09:09]
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-11-08 13:45:01
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2008-11-08 13:45:33
ComboFix-quarantined-files.txt 2008-11-08 12:45:30
ComboFix2.txt 2008-11-08 00:51:33
ComboFix3.txt 2008-11-07 18:57:20

Pre-Run: 45,134,987,264 bytes free
Post-Run: 45,137,432,576 bytes free

397 --- E O F --- 2008-11-05 14:18:43

offline
  • dr_Bora  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 24 Jul 2007
  • Poruke: 12280
  • Gde živiš: Höganäs, SE

Šta ti je u ovom folderu: c:\program files\direkt


Takođe, kakvo je sada stanje?

offline
  • Aco  Male
  • Moderator foruma
  • Aleksandar
  • Pridružio: 12 Maj 2006
  • Poruke: 16823
  • Gde živiš: /home/aco

u tom folderu je directx skinuo sam u toku ciscenja pa raspakovao sam na c u program files.A stanje je sad super internet radi sasvim normalno...

offline
  • dr_Bora  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 24 Jul 2007
  • Poruke: 12280
  • Gde živiš: Höganäs, SE

Uradi sledeće:
Klikni START a zatim RUN
U liniju za unos teksta ukucaj Combofix /u i klikni OK





Sačekaj da se proces deinstalacije završi

Gornja procedura će:
Obrisati sledeće:
ComboFix i njegove file-ove i foldere
VundoFix Backups folder, ako postoji
C:\Deckard folder, ako postoji
C:\OtMoveIt folder, ako postoji

Resetovati podešavanja sata na kompjuteru
Sakriti ekstenzije file-ova, ako je potrebno
Sakriti sistemske/skrivene file-ove/foldere, ako je potrebno
Resetovati System Restore




To je sve.

Ko je trenutno na forumu
 

Ukupno su 1048 korisnika na forumu :: 38 registrovanih, 10 sakrivenih i 1000 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: 357magnum, A.R.Chafee.Jr., antonije64, Areal84, Asparagus, Brana01, Cassius Clay, Chainsaw, darkangel, dijica, Dimitrise93, FileFinder, FOX, Goran 0000, hologram, ikan, ILGromovnik, Karla, laurusri, Lieutenant, ljuba, Luka Blažević, madza, oldtimer, Outis, pein, radoznao, RJ, S2M, saputnik plavetnila, Singidunumac, Toper, tubular, VJ, vladulns, yufighter, Yugol33, zillbg