Microsoft Pop Up tell me I Have a Virus

**hopthwoks** · #1 3. srpnja 2009, 00:31

Imao sam Microsoft pop up telling me sam imao virus ran malwarebyts ništa. Ran super 16 protu-virus pokazao problem. Onda sjetio da sam Drweb skenera u računalo i ran Internet. Ali, primijetio sam da je isto tako pozvao trojanskih čuva izlazi.

aolcinst.exe \ core.cab \ GTDOWNAO_106.ocx; C: \ Program Files \ Common Files \ aolback \ Comps \ trener \ aolcinst.exe; Adware.Gdow n;
aolcinst.exe; C: \ Program Files \ Common Files \ aolback \ Comps \ trener; Arhiva sadrži zaraženih objekata; premještena.;
TSSetup.exe \ data002; C: \ Program Files \ Common Files \ aolback \ Comps \ tpspd \ TSSetup.exe; Vjerojatno DLOADER.Trojan;
TSSetup.exe; C: \ Program Files \ Common Files \ aolback \ Comps \ tpspd; Arhiva sadrži zaraženih objekata; premještena.;
ppctl.dll; C: \ Program Files \ Common Files \ Scanner; Vjerojatno DLOADER.Trojan; premještena.;
AIM.exe \ data090; C: \ Instant Messenger \ AIM.exe; Adware.Aws;
AIM.exe; C: \ Instant Messenger; Arhiva sadrži zaraženih objekata; premještena.;
setup.exe; C: \ Documents and Settings \ All Users \ Application Data \ AOL \ UserProfiles \ All Users \ sapunica \ Cache \ 4381.3.4; Vjerojatno BACKDOOR.Trojan; premještena.;
A0089111.ocx; C: \ System Volume Information \ _restore (D9C30710-440A-4B3A-837F-765DA7B6372B) \ RP212; Adware.Gdown; premještena.;
A0089113.exe; C: \ System Volume Information \ _restore (D9C30710-440A-4B3A-837F-765DA7B6372B) \ RP212; Vjerojatno BACKDOOR.Trojan; premještena.;
A0101519.exe \ data090; C: \ System Volume Information \ _restore (D9C30710-440A-4B3A-837F-765DA7B6372B) \ RP217 \ A0101519.exe; Adware.Aws;
A0101519.exe; C: \ System Volume Information \ _restore (D9C30710-440A-4B3A-837F-765DA7B6372B) \ RP217; Arhiva sadrži zaraženih objekata; premještena.;
A0122098.bat; C: \ System Volume Information \ _restore (D9C30710-440A-4B3A-837F-765DA7B6372B) \ RP257; Vjerojatno BATCH.Virus; premještena.;
A0122542.bat; C: \ System Volume Information \ _restore (D9C30710-440A-4B3A-837F-765DA7B6372B) \ RP265; Vjerojatno BATCH.Virus; premještena.;
A0122632.bat; C: \ System Volume Information \ _restore (D9C30710-440A-4B3A-837F-765DA7B6372B) \ RP265; Vjerojatno BATCH.Virus; premještena.;
A0138379.exe \ core.cab \ GTDOWNAO_106.ocx; C: \ System Volume Information \ _restore (D9C30710-440A-4B3A-837F-765DA7B6372B) \ RP292 \ A0138379.exe; Adware.Gdown;
A0138379.exe; C: \ System Volume Information \ _restore (D9C30710-440A-4B3A-837F-765DA7B6372B) \ RP292; Arhiva sadrži zaraženih objekata; premještena.;
A0139338.exe \ data090; C: \ System Volume Information \ _restore (D9C30710-440A-4B3A-837F-765DA7B6372B) \ RP293 \ A0139338.exe; Adware.Aws;
A0139338.exe; C: \ System Volume Information \ _restore (D9C30710-440A-4B3A-837F-765DA7B6372B) \ RP293; Arhiva sadrži zaraženih objekata; premještena.;
A0139364.exe \ core.cab \ GTDOWNAO_106.ocx; C: \ System Volume Information \ _restore (D9C30710-440A-4B3A-837F-765DA7B6372B) \ RP293 \ A0139364.exe; Adware.Gdown;
A0139364.exe; C: \ System Volume Information \ _restore (D9C30710-440A-4B3A-837F-765DA7B6372B) \ RP293; Arhiva sadrži zaraženih objekata; premještena.;
A0139386.exe \ data002; C: \ System Volume Information \ _restore (D9C30710-440A-4B3A-837F-765DA7B6372B) \ RP293 \ A0139386.exe; Vjerojatno DLOADER.Trojan;
A0139386.exe; C: \ System Volume Information \ _restore (D9C30710-440A-4B3A-837F-765DA7B6372B) \ RP293; Arhiva sadrži zaraženih objekata; premještena.;
A0139531.DLL; C: \ System Volume Information \ _restore (D9C30710-440A-4B3A-837F-765DA7B6372B) \ RP296; Vjerojatno DLOADER.Trojan; premještena.;
A0156077.exe \ data090; C: \ System Volume Information \ _restore (D9C30710-440A-4B3A-837F-765DA7B6372B) \ RP315 \ A0156077.exe; Adware.Aws;
A0156077.exe; C: \ System Volume Information \ _restore (D9C30710-440A-4B3A-837F-765DA7B6372B) \ RP315; Arhiva sadrži zaraženih objekata; premještena.;
A0156103.exe \ core.cab \ GTDOWNAO_106.ocx; C: \ System Volume Information \ _restore (D9C30710-440A-4B3A-837F-765DA7B6372B) \ RP315 \ A0156103.exe; Adware.Gdown;
A0156103.exe; C: \ System Volume Information \ _restore (D9C30710-440A-4B3A-837F-765DA7B6372B) \ RP315; Arhiva sadrži zaraženih objekata; premještena.;
A0156125.exe \ data002; C: \ System Volume Information \ _restore (D9C30710-440A-4B3A-837F-765DA7B6372B) \ RP315 \ A0156125.exe; Vjerojatno DLOADER.Trojan;
A0156125.exe; C: \ System Volume Information \ _restore (D9C30710-440A-4B3A-837F-765DA7B6372B) \ RP315; Arhiva sadrži zaraženih objekata; premještena.;
A0156545.DLL; C: \ System Volume Information \ _restore (D9C30710-440A-4B3A-837F-765DA7B6372B) \ RP317; Vjerojatno DLOADER.Trojan; premještena.;
A0157937.exe \ core.cab \ GTDOWNAO_106.ocx; C: \ System Volume Information \ _restore (D9C30710-440A-4B3A-837F-765DA7B6372B) \ RP327 \ A0157937.exe; Adware.Gdown;
A0157937.exe; C: \ System Volume Information \ _restore (D9C30710-440A-4B3A-837F-765DA7B6372B) \ RP327; Arhiva sadrži zaraženih objekata; premještena.;
A0157938.exe \ data002; C: \ System Volume Information \ _restore (D9C30710-440A-4B3A-837F-765DA7B6372B) \ RP327 \ A0157938.exe; Vjerojatno DLOADER.Trojan;
A0157938.exe; C: \ System Volume Information \ _restore (D9C30710-440A-4B3A-837F-765DA7B6372B) \ RP327; Arhiva sadrži zaraženih objekata; premještena.;
A0157939.exe \ data090; C: \ System Volume Information \ _restore (D9C30710-440A-4B3A-837F-765DA7B6372B) \ RP327 \ A0157939.exe; Adware.Aws;
A0157939.exe; C: \ System Volume Information \ _restore (D9C30710-440A-4B3A-837F-765DA7B6372B) \ RP327; Arhiva sadrži zaraženih objekata; premještena.;
A to neće riješiti problem samo premjestite.
Što trebam koristiti kako bi dobili što trojanskih isključiti računalo jednom i za sve?
Sad nemam anti virus pokrenut zbog toga svatko sam tryed bez obzira da li platili ili besplatno čuva povlačenjem AOL. (My ISP) kao virus.

**evilfantasy** · #2 3. srpnja 2009, 10:09

Update Malwarebytes i trčanje pun skandirati post onda molimo da se prijavite.

**hopthwoks** · #3 3. srpnja 2009, 13:29

updated malwarebytes
Malwarebytes' Anti-zaštita od zlonamjernih programa 1,38
Database Version: 2297
5/1/2600 Windows Service Pack 2
7/2/2009 3:06:04 PM
mbam-log-2009-07-02 (15-06-04). txt
Scan type: Full Scan (C: \ |)
Objekti skenirane: 168556
Vrijeme proteklo: 17 minute (s), 16 Drugi (a / e)
Memory Processes zaraženih: 0
Memorijske module zaraženih: 0
Ključevi registra zaraženih: 0
Registry Values zaraženih: 0
Registry Data Items zaraženih: 0
Mape zaraženih: 0
Zaraženih datoteka: 0
Memory Processes zaraženih:
(Nema stavki otkrivenih zlonamjernih)
Memorijske module zaraženih:
(Nema stavki otkrivenih zlonamjernih)
Ključevi registra zaraženih:
(Nema stavki otkrivenih zlonamjernih)
Registry Values zaraženih:
(Nema stavki otkrivenih zlonamjernih)
Registry Data Items zaraženih:
(Nema stavki otkrivenih zlonamjernih)
Mape zaraženih:
(Nema stavki otkrivenih zlonamjernih)
Zaražene datoteke:
(Nema stavki otkrivenih zlonamjernih)

Ali nakon ovog skeniranja je preko prozora poped up telling me došlo je do pogreške i potrebi za zatvaranje prozora.

**evilfantasy** · #4 3. srpnja 2009, 14:52

Download DDS iz | OVDJE | ili | OVDJE | ili | OVDJE | i spremite ju na radnu površinu.

Vista korisnici desni klik na dds i odaberite Pokreni kao administrator (dobit ćete prompt UAC, molimo dopustiti)

* XP korisnici Dvaput kliknite na dds da ga vode.
* Ako vaš vatrozid ili protuvirusni pokušati blokirati DDS molimo dopustiti Internet to trčanje.
* Kada završite, DDS će otvoriti dva (2) logove.

1) DDS.txt
2) Attach.txt

* Spremite oba logove na Vašu radnu površinu.
* Molimo Vas da kopirate i zalijepite cijeli sadržaj oba prijavljuje u sljedećoj odgovor.

Napomena: DDS će narediti da se u post Attach.txt prijavite kao privitak.
Molimo post samo ga kao što bi bilo koji drugi log by kopirajte i zalijepite ga u odgovor.

----------

Preuzimanje Rooter.exe na radnu površinu

* Rooter.exe Dupli klik da biste pokrenuli alat .* DOS prozor će se pojaviti i pokazati skeniranje napredak.
* Nakon dovršetka notepad file sadrži izvješće će se otvoriti.
* Kopirajte i zalijepite rezultate u sljedećoj odgovor.
* Zatvorite Notepad i navijač će se zatvoriti.

A klada će spremiti u systemdrive%% \ Rooter.txt (Gdje systemdrive%% je obično C: pogon ili da imate instaliran Windows).

**hopthwoks** · #5 3. srpnja 2009, 17:13

DDS (Ver_09-06 - 26,01) - FAT32x86
Trčanje Windows korisnik 19:43:32.90 na petak 07/03/2009
Internet Explorer: 8.0.6001.18702
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.1023.788 [GMT -4:00]

============== Running Processes ===============
C: \ WINDOWS \ system32 \ Svchost-k DcomLaunch
Svchost.exe
C: \ WINDOWS \ System32 \ Svchost.exe-k netsvcs
Svchost.exe
Svchost.exe
C: \ WINDOWS \ system32 \ spoolsv.exe
Svchost.exe
C: \ Program Files \ Common Files \ AOL \ ACS \ AOLAcsd.exe
C: \ Program Files \ Java \ jre6 \ bin \ jqs.exe
C: \ WINDOWS \ System32 \ snmp.exe
C: \ WINDOWS \ system32 \ Svchost.exe-k imgsvc
C: \ WINDOWS \ explorer.exe
C: \ Program Files \ Lexmark 5200 serija \ lxbtbmgr.exe
C: \ Program Files \ Java \ jre6 \ bin \ jusched.exe
C: \ Program Files \ Lexmark 5200 serija \ lxbtbmon.exe
C: \ Program Files \ Common Files \ AOL \ 1246084174 \ ee \ AOLSoftware.exe
C: \ Program Files \ Common Files \ AOL \ ACS \ AOLDial.exe
C: \ WINDOWS \ system32 \ Ctfmon.exe
C: \ Program Files \ Jet snimka zaslona \ jetScreenshot.exe
C: \ WINDOWS \ system32 \ wuauclt.exe
C: \ Program Files \ America Online 9,0 \ waol.exe
C: \ Program Files \ America Online 9,0 \ shellmon.exe
C: \ WINDOWS \ system32 \ rundll32.exe
C: \ DOCUME ~ 1 \ WINDOW ~ 1 \ MYDOCU ~ 1 \ dds.scr
============== Pseudo HJT Report ===============
uSearchMigratedDefaultURL = hxxp: / / www.google.com/search?q = () searchTerms & sourceid = IE7 & rls = com.micros čest: en-US & ie = UTF8 & OE = UTF8
Page uStart = hxxp: / / www.aol.com/
Naslov uWindow = Internet Explorer koje epix ®
Naslov mWindow = Internet Explorer koje epix ®
BHO: AskBar BHO: (201f27d4-3704-41d6-89c1-aa35e39143ed) - C: \ Program Files \ askbardis \ bar \ bin \ askBar.dll
BHO: Java (tm) Plug-in 2 SSV Helper: (dbc80044-a445-435b-bc74-9c25c1c588a9) - C: \ Program Files \ Java \ jre6 \ bin \ jp2ssv.dll
BHO: JQSIEStartDetectorImpl Klasa: (e7e6f031-17ce-4c07-bc86-eabfe594f69c) - C: \ Program Files \ Java \ jre6 \ lib \ rasporediti \ jqs \ ie \ jqs_plugin.dll
TB: AIM Potražnja: (40d41a8b-d79b-43d7-99a7-9ee0f344c385) --
TB: AOL Toolbar: (4982d40a-c53b-4615-b15b-b5b5e98d167c) - C: \ Program Files \ AOL toolbar \ toolbar.dll
TB: Ask Toolbar: (3041d03e-fd4b-44e0-b742-2d9b88305f98) - C: \ Program Files \ askbardis \ bar \ bin \ askBar.dll
EB: Real.com: (fe54fa40-d68c-11D2-98fa-00c0f0318afe) - c: \ windows \ system32 \ Shdocvw.dll
uRun: [Ctfmon.exe] c: \ windows \ system32 \ Ctfmon.exe
uRun: [AOL Brzi Start] "C: \ Program Files \ America Online 9,0 \ AOL.EXE"-b
uRun: [Jet snimka zaslona] "C: \ Program Files \ jet screenshot \ jetScreenshot.exe"
mRun: [Lexmark serije 5200] "C: \ Program Files \ Lexmark 5200 serija \ lxbtbmgr.exe"
mRun: [LXBTCATS] rundll32 C: \ Windows \ system32 \ spool \ drivers \ w32x86 \ 3 \ LXBTtim e.dll, _RunDLLEntry @ 16
mRun: [SunJavaUpdateSched] "C: \ Program Files \ Java \ jre6 \ bin \ jusched.exe"
mRun: [HostManager] C: \ Program Files \ zajedničke datoteke \ AOL \ 1246084174 \ ee \ AOLSoftware.exe
mRun: [AOLDialer] C: \ Program Files \ zajedničke datoteke \ AOL \ ACS \ AOLDial.exe
mRun: [Pure Networks Port Magic] "C: \ programa ~ 1 \ purene ~ 1 \ portma ~ 1 \ PortAOL.exe" Run -
mRun: [QuickTime Task] "C: \ Program Files \ QuickTime \ qttask.exe"-atboottime
IE: & Dodaj animaciju na IncrediMail Style Box - C: \ Program Files \ incredimail \ bin \ resurse \ WebMenuImg.htm
IE: & AIM Pretraga
IE: AOL Toolbar & search - C: \ Program Files \ AOL toolbar \ toolbar.dll / SEARCH.HTML
IE: (e2e2dd38-d088-4134-82b7-f2ba38496583) -% windir% \ Network Diagnostic \ xpnetdiag.exe
IE: (FB5F1910-F110-11D2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe
IE: (4982D40A-C53B-4615-B15B-B5B5E98D167C) - (4982D40A-C53B-4615-B15B-B5B5E98D167C) - C: \ Program Files \ AOL toolbar \ toolbar.dll
IE: (CD67F990-D8E9-11D2-98FE-00C0F0318AFE) - (FE54FA40-D68C-11D2-98FA-00C0F0318AFE) - c: \ windows \ system32 \ Shdocvw.dll
LSP: FarLsp.dll
Trusted Zone: 88sears.com \ www
Trusted Zone: aol.com \ www
Trusted Zone: comodo.com \ www
Trusted Zone: računalno juice.com \ www
Trusted Zone: giveawayoftheday.com \ www
Trusted Zone: newegg.com \ www
Trusted Zone: pchelpforum.com \ www
Trusted Zone: searscard.com \ www
Trusted Zone: statefarm.com \ www
Trusted Zone: winpatrol.com \ www
DPF: DirectAnimation Java Classes
DPF: Internet Explorer Nastava za Javu
DPF: Microsoft XML parser za Javu
DPF: Win32 Klase
DPF: (05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8) - hxxp: / / download.microsoft.com/download/e/7/3/e7345c16-80aa-4488-ae10-9ac6be844f99/OGAControl.cab
DPF: (15589FA1-C456-11CE-BF01-00AA0055595A) - hxxp: / / w4s2.work4sure.com/c/ge/w4sgeen9.exe
DPF: (5D86DDB5-BDF9-441B-9E9E-D4730F4EE499) - hxxp: / / download.bitdefender.com/resources/scanner/sources/en/scan8/oscan8.cab
DPF: (6414512B-B978-451D-A0D8-FCFDF33E833C) - hxxp: / / update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab? 1181748806125
DPF: (6E32070A-766D-4EE6-879C-DC1FA91D2FC3) - hxxp: / / update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab? 1223016488385
DPF: (8AD9C840-044E-11D1-B3E9-00805F499D93) - hxxp: / / java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab
DPF: (A90A5822-F108-45AD-8482-9BC8B12DD539) - hxxp: / / www.crucial.com / kontrola / cpcScanner.cab
DPF: (B1E2B96C-12FE-45E2-BEF1-44A219113CDD) - hxxp: / / www.superadblocker.com / ActiveX / sabspx.cab
DPF: (CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA) - hxxp: / / java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab
DPF: (CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA) - hxxp: / / java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab
DPF: (D27CDB6E-AE6D-11CF-96B8-444553540000) - hxxp: / / download.macromedia.com / pub / Shockwave / cabs / flash / swflash.cab
DPF: (E8F628B5-259A-4734-97EE-BA914D7BE941) - hxxp: / / plugin.driveragent.com / files / driveragent.cab
AppInit_DLLs: c: \ windows \ system32 \ cssdll32.dll
LSA: Notification Packages = scecli
============= USLUGE / Vozači ===============
R1 SASDIFSV; SASDIFSV; c: \ program files \ superantispyware \ sasdifsv.sys [2006-10-10 5632]
R1 SASKUTIL; SASKUTIL; c: \ program files \ superantispyware \ SASKUTIL.SYS [2007-2-27 32256]
R3 Winacusb; Winacusb; c: \ windows \ system32 \ drivers \ wina cusb.sys [2008-3-25 902860]
S2 ioloFileInfoList; iolo FileInfoList Service; C: \ Program Files \ iolo \ zajedničko \ lib \ ioloservicemanager.exe -> C: \ Program Files \ iolo \ zajedničko \ lib \ ioloServiceManager.exe [?]
S2 ioloSystemService; iolo Sistem Service; C: \ Program Files \ iolo \ zajedničko \ lib \ ioloservicemanager.exe -> C: \ Program Files \ iolo \ zajedničko \ lib \ ioloServiceManager.exe [?]
S3 FarStoneFireWallDrive; FarStoneFireWallDrive; c: \ win dows \ System32 \ Drivers \ FarDrive.sys [2003-4-2 140256]
S3 ousb2hub; OrangeWare USB 2.0 Hub Support; c: \ windows \ system32 \ drivers \ ousb2hub.sys [2008-2-27 53248]
S3 PavSRK.sys; PavSRK.sys; \? \ C: \ windows \ system32 \ pavs rk.sys -> c: \ windows \ system32 \ PavSRK.sys [?]
S3 PavTPK.sys; PavTPK.sys; \? \ C: \ windows \ system32 \ pavt pk.sys -> c: \ windows \ system32 \ PavTPK.sys [?]
S3 SASENUM; SASENUM; c: \ program files \ superantispyware \ SASENUM.SYS [2006-2-16 4096]
S3 SIVDRIVER; SIV Kernel Driver, c: \ windows \ system32 \ drivers \ SIVX32.sys [2008-4-9 48480]
============== File Associations ===============
JSEFile = NOTEPAD.EXE% 1
VBEFile = NOTEPAD.EXE% 1
VBSFile = NOTEPAD.EXE% 1
=============== Created Posljednjih 30 ================
2009-07-03 02:49 <DIR> - D ----- C: \ docume ~ 1 \ prozor ~ 1 \ applic ~ 1 \ licence
2009-07-03 02:49 <DIR> - D ----- C: \ docume ~ 1 \ prozor ~ 1 \ applic ~ 1 \ PCMM2009
2009-07-03 02:48 <DIR> - D ----- C: \ Program Files \ PC MightyMax 2009
2009-07-01 09:43 <DIR> - D ----- C: \ docume ~ 1 \ prozor ~ 1 \ applic ~ 1 \ ArcticLine
2009-07-01 09:43 <DIR> - D ----- C: \ Program Files \ Jet snimka zaslona
2009-06-27 02:36 <DIR> - D ----- C: \ Windows \ system32 \ CatRoot_bak
2009-06-27 02:30 <DIR> - D ----- C: \ install iTunes
2009-06-27 02:30 <DIR> - D ----- C: \ Instalacija ICQ
2009-06-27 02:30 <DIR> - D ----- C: \ Instant Messenger
2009-06-27 02:30 <DIR> - D ----- C: \ MAV
2009-06-27 02:29 <DIR> - D ----- C: \ Program Files \ zajedničke datoteke \ aolshare
2009-06-27 02:29 <DIR> - D ----- C: \ Program Files \ America Online 9,0
2009-06-24 22:33 221.184 jedan ------- c: \ windows \ system32 \ wmpns.dll
2009-06-24 22:05 <DIR> - D ----- C: \ Windows \ system32 \ scripting
2009-06-24 22:05 <DIR> - D ----- C: \ Windows \ l2schemas
2009-06-24 22:05 <DIR> - D ----- C: \ Windows \ system32 \ en
2009-06-24 22:05 <DIR> - D ----- C: \ Windows \ system32 \ bitova
2009-06-24 21:56 67.584 jedne ------- C: \ Windows \ System32 \ Drivers \ sdbus.sys
2009-06-24 21:56 36.096 jedne ------- C: \ Windows \ System32 \ Drivers \ intelppm.sys
2009-06-24 21:56 15.488 jedne ------- C: \ Windows \ System32 \ Drivers \ mssmbios.sys
2009-06-24 21:56 12.416 jedne ------- C: \ Windows \ System32 \ Drivers \ tunmp.sys
2009-06-24 21:56 11.136 jedne ------- C: \ Windows \ System32 \ Drivers \ sffdisk.sys
2009-06-24 21:56 10.240 jedne ------- C: \ Windows \ System32 \ Drivers \ sffp_sd.sys
2009-06-24 21:56 262.784 jedan ------- C: \ Windows \ System32 \ Drivers \ Http.sys
2009-06-24 21:54 2.012.670 jedan ------- c: \ windows \ system32 \ dllcache \ nt5.cat
2009-06-24 21:53 114.688 jedan ------- c: \ windows \ system32 \ dllcache \ wscript.exe
2009-06-24 21:50 <DIR> - D ----- C: \ Windows \ EHome
2009-06-24 02:10 <DIR> - D ----- C: \ Program Files \ SNSafe & Softver
2009-06-24 02:10 <DIR> - D ----- C: \ docume ~ 1 \ alluse ~ 1 \ applic ~ 1 \ SNSafe & Softver
2009-06-20 20:46 246.272 -------- C: \ Windows \ system32 \ dllcache \ ieproxy.dll
2009-06-20 20:46 12.800 -------- C: \ Windows \ system32 \ dllcache \ xpshims.dll
2009-06-17 20:32 <DIR> - dsh --- C: \ FOUND.020
2009-06-17 10:03 <DIR> - DH --- c: \ windows \ ie8
2009-06-16 19:54 <DIR> - D ----- C: \ docume ~ 1 \ prozor ~ 1 \ applic ~ 1 \ AVS4YOU
2009-06-16 19:54 <DIR> - D ----- C: \ docume ~ 1 \ alluse ~ 1 \ applic ~ 1 \ AVS4YOU
2009-06-16 19:53 <DIR> - D ----- C: \ Program Files \ zajedničke datoteke \ AVSMedia
2009-06-16 19:53 1.700.352 jedan ------- c: \ windows \ system32 \ GdiPlus.dll
2009-06-16 19:53 974.848 jedan ------- c: \ windows \ system32 \ mfc70.dll
2009-06-16 19:53 487.424 jedan ------- c: \ windows \ system32 \ msvcp70.dll
2009-06-16 19:53 344.064 jedan ------- c: \ windows \ system32 \ msvcr70.dll
2009-06-16 19:53 <DIR> - D ----- C: \ Program Files \ AVS4YOU
2009-06-12 21:45 3.120 jedan ------- c: \ windows \ MF_C426.lfa
2009-06-11 16:27 <DIR> - D ----- C: \ Program Files \ Svježe RAM
2009-06-11 16:21 <DIR> - dsh --- C: \ FOUND.019
2009-06-11 11:55 5.465.088 jedan ------- C: \ Svježe RAM.msi
2009-06-09 02:29 <DIR> - D ----- C: \ docume ~ 1 \ prozor ~ 1 \ applic ~ 1 \ Blitware
2009-06-09 02:29 <DIR> - D ----- C: \ Program Files \ Driver Robot
2009-06-08 22:24 <DIR> - D ----- C: \ docume ~ 1 \ alluse ~ 1 \ applic ~ 1 \ Drivers PC Headquarters
2009-06-07 23:00 <DIR> - D ----- C: \ docume ~ 1 \ prozor ~ 1 \ applic ~ 1 \ GetRightToGo
2009-06-07 19:38 7.680 jedan ------- c: \ windows \ system32 \ spdwnwxp.exe
2009-06-07 19:38 19.569 jedne ------- c: \ windows \ 002865_.tmp
2009-06-06 23:57 <DIR> - dsh --- C: \ reciklirati
2009-06-06 10:46 <DIR> - D ----- C: \ Program Files \ filehippo.com
2009-06-04 23:59 <DIR> - D ----- C: \ Program Files \ DrWeb
2009-06-03 23:57 <DIR> a-dshr - C: \ cmdcons
2009-06-03 23:28 161.792 jedan ------- c: \ windows \ SWREG.exe
2009-06-03 23:28 98.816 jedne ------- c: \ windows \ sed.exe
==================== Find3M ====================
2009-06-27 02:16 76.487 jedne ------- c: \ windows \ pchealth \ helpctr \ offlinecache \ Index.dat
2009-06-17 11:27 38.160 jedne ------- C: \ Windows \ System32 \ Drivers \ mbamswissarmy.sys
2009-06-17 11:27 19.096 jedne ------- C: \ Windows \ System32 \ Drivers \ mbam.sys
2009-06-11 18:43 1.744 jedan ------- c: \ windows \ system32 \ d3d9caps.dat
2009-05-27 11:21 372 ------- jedan c: \ program files \ ujhonz.txt
2009-05-21 11:33 410.984 jedan ------- c: \ windows \ system32 \ deploytk.dll
2009-05-13 01:15 5.936.128 jedan ------- c: \ windows \ system32 \ dllcache \ Mshtml.dll
2009-05-13 01:15 915.456 jedan ------- c: \ windows \ system32 \ Wininet.dll
2009-05-13 01:15 915.456 jedan ------- c: \ windows \ system32 \ dllcache \ Wininet.dll
2009-05-12 01:11 102.912 -------- C: \ Windows \ system32 \ dllcache \ iecompat.dll
2009-05-07 11:44 344.064 jedan ------- c: \ windows \ system32 \ Localspl.dll
2009-05-07 11:44 344.064 jedan ------- c: \ windows \ system32 \ dllcache \ Localspl.dll
2009-04-30 17:22 1.985.024 jedan ------- c: \ windows \ system32 \ dllcache \ iertutil.dll
2009-04-30 17:22 11.064.832 jedan ------- c: \ windows \ system32 \ dllcache \ ieframe.dll
2009-04-30 17:22 1.207.808 jedan ------- c: \ windows \ system32 \ dllcache \ urlmon.dll
2009-04-30 17:22 385.536 jedan ------- c: \ windows \ system32 \ dllcache \ iedkcs32.dll
2009-04-30 17:22 25.600 jedne ------- c: \ windows \ system32 \ dllcache \ jsproxy.dll
2009-04-30 07:21 173.056 jedan ------- c: \ windows \ system32 \ dllcache \ ie4uinit.exe
2009-04-22 00:07 253.688 jedan ------- c: \ windows \ system32 \ cssdll32.dll
2009-04-17 05:58 1.846.656 jedan ------- c: \ windows \ system32 \ Win32k.sys
2009-04-17 05:58 1.846.656 jedan ------- c: \ windows \ system32 \ dllcache \ Win32k.sys
2009-04-15 11:26 583.168 jedan ------- c: \ windows \ system32 \ rpcrt4.dll
2009-04-15 11:26 583.168 jedan ------- c: \ windows \ system32 \ dllcache \ rpcrt4.dll
2008-03-18 03:11 332 ------- jedan c: \ docume ~ 1 \ prozor ~ 1 \ applic ~ 1 \ wklnhst.dat
2007-06-10 23:19 11.079 jedne ------- C: \ Program Files \ folder.htt
2007-06-10 23:19 266 --- --- SH C: \ Program Files \ desktop.ini
============= FINISH: 19:43:58.97 ===============
Osim ako POSEBNO uputama, NE OVAJ POST LOG.
Ako to zatraže, ZIP privitak IT UP & IT
DDS (Ver_09-06 - 26,01)
Microsoft Windows XP Home Edition
Boot Device: \ Device \ HarddiskVolume1
Instalacija Datum: 6/13/2007 12:27:51 AM
Produženje rada sustava: 7/3/2009 6:50:56 PM (1 hour ago)
Matične ploče: ECS | | K7S5A
Procesor: AMD Athlon (tm) XP 1900 + | Socket-A | 1593/66mhz
==== Particije diska =========================
A: je Prenosno
C: je fiksni (FAT32) - 112 GIB ukupno 90,479 GIB besplatno.
D: je CDROM ()
==== Onemogućene Device Manager Stavke =============
==== System Restore Points ===================
RP205: 3/27/2009 3:00:16 AM - Software Distribution Service 3,0
RP206: 3/27/2009 3:38:07 AM - Software Distribution Service 3,0
RP207: 3/28/2009 3:52:35 AM - Sistem prijelaz
RP208: 3/29/2009 10:01:09 PM - Software Distribution Service 3,0
RP209: 6/6/2009 10:52:13 PM - Instalirana drozd pjevač Beacon Typing podučava 15
RP210: 6/6/2009 10:52:30 PM - Odstranjena drozd pjevač Beacon Typing podučava 15
RP211: 6/6/2009 10:52:49 PM - Instalirana Panda Internet Security 2007
RP212: 6/6/2009 10:53:06 PM - Odstranjena Panda Internet Security 2007
RP213: 5/16/2009 12:48:17 PM - Software Distribution Service 3,0
RP214: 5/17/2009 4:49:29 PM - Software Distribution Service 3,0
RP215: 5/17/2009 5:35:08 PM - Software Distribution Service 3,0
RP216: 5/18/2009 8:44:14 AM - Software Distribution Service 3,0
RP217: 5/18/2009 8:51:46 AM - Software Distribution Service 3,0
RP218: 5/19/2009 12:10:32 PM - Software Distribution Service 3,0
RP219: 5/19/2009 1:35:25 PM - Software Distribution Service 3,0
RP220: 5/20/2009 8:09:36 AM - Software Distribution Service 3,0
RP221: 5/20/2009 9:17:11 AM - Software Distribution Service 3,0
RP222: 5/21/2009 8:36:45 AM - Software Distribution Service 3,0
RP223: 5/21/2009 9:24:15 AM - Software Distribution Service 3,0
RP224: 5/21/2009 3:40:47 PM - Software Distribution Service 3,0
RP225: 5/21/2009 11:38:45 PM - Software Distribution Service 3,0
RP226: 5/22/2009 7:54:23 PM - Software Distribution Service 3,0
RP227: 5/22/2009 10:48:21 PM - Software Distribution Service 3,0
RP228: 5/23/2009 7:15:10 PM - Software Distribution Service 3,0
RP229: 5/24/2009 4:32:34 PM - Software Distribution Service 3,0
RP230: 5/24/2009 6:46:46 PM - Software Distribution Service 3,0
RP231: 5/24/2009 8:21:48 PM - Software Distribution Service 3,0
RP232: 5/24/2009 11:47:56 PM - Software Distribution Service 3,0
RP233: 5/25/2009 8:18:22 AM - Software Distribution Service 3,0
RP234: 5/25/2009 8:39:45 AM - Software Distribution Service 3,0
RP235: 5/25/2009 11:41:13 PM - Software Distribution Service 3,0
RP236: 5/26/2009 10:33:23 AM - Software Distribution Service 3,0
RP237: 5/27/2009 8:13:50 AM - Software Distribution Service 3,0
RP238: 5/27/2009 8:45:24 AM - Software Distribution Service 3,0
RP239: 5/27/2009 7:16:04 PM - Software Distribution Service 3,0
RP240: 5/28/2009 4:52:25 PM - Software Distribution Service 3,0
RP241: 5/28/2009 4:58:56 PM - Software Distribution Service 3,0
RP242: 5/28/2009 5:05:35 PM - Instalirani Windows Internet Explorer 8.
RP243: 5/28/2009 5:06:37 PM - Software Distribution Service 3,0
RP244: 5/29/2009 8:39:44 AM - Software Distribution Service 3,0
RP245: 5/29/2009 8:52:41 AM - Software Distribution Service 3,0
RP246: 5/30/2009 5:01:53 AM - Software Distribution Service 3,0
RP247: 5/31/2009 9:08:55 PM - Software Distribution Service 3,0
RP248: 6/1/2009 12:30:50 AM - Instalirani Windows Internet Explorer 8.
RP249: 6/1/2009 12:31:29 AM - Software Distribution Service 3,0
RP250: 6/1/2009 1:01:01 AM - Software Distribution Service 3,0
RP251: 6/1/2009 9:59:00 AM - Software Distribution Service 3,0
RP252: 6/2/2009 1:25:10 AM - Software Distribution Service 3,0
RP253: 6/2/2009 1:44:44 PM - Software Distribution Service 3,0
RP254: 6/2/2009 9:42:45 PM - Software Distribution Service 3,0
RP255: 6/3/2009 2:52:20 AM - Software Distribution Service 3,0
RP256: 6/3/2009 10:07:30 AM - Software Distribution Service 3,0
RP257: 6/3/2009 9:03:54 PM - Software Distribution Service 3,0
RP258: 6/4/2009 1:16:16 AM - Instalirana MSXML 4.0 SP2 (KB925672)
RP259: 6/4/2009 3:00:13 AM - Software Distribution Service 3,0
RP260: 6/4/2009 3:13:34 AM - Software Distribution Service 3,0
RP261: 6/4/2009 11:59:13 PM - Instalirana Dr.Web protu-virus za Windows 5.0.
RP262: 6/5/2009 12:36:30 AM - Odstranjena Dr.Web protu-virus za Windows 5.0.
RP263: 6/5/2009 12:38:54 AM - Odstranjena Dr.Web protu-virus za Windows 5.0.
RP264: 6/5/2009 2:22:38 AM - Software Distribution Service 3,0
RP265: 6/6/2009 3:00:14 AM - Software Distribution Service 3,0
RP266: 6/6/2009 10:51:09 AM - Software Distribution Service 3,0
RP267: 6/7/2009 12:10:12 AM - Software Distribution Service 3,0
RP268: 6/8/2009 12:20:37 AM - Software Distribution Service 3,0
RP269: 6/8/2009 10:03:39 AM - Software Distribution Service 3,0
RP270: 6/8/2009 10:23:28 PM - Instalirana Driver Detektiv
RP271: 6/8/2009 10:41:57 PM - Software Distribution Service 3,0
RP272: 6/9/2009 2:32:24 AM - Software Distribution Service 3,0
RP273: 6/9/2009 8:29:05 AM - Software Distribution Service 3,0
RP274: 6/9/2009 1:25:29 PM - Software Distribution Service 3,0
RP275: 6/9/2009 11:06:13 PM - Software Distribution Service 3,0
RP276: 6/10/2009 8:56:06 AM - Software Distribution Service 3,0
RP277: 6/10/2009 9:40:44 AM - Software Distribution Service 3,0
RP278: 6/11/2009 1:45:31 AM - Software Distribution Service 3,0
RP279: 6/11/2009 4:27:14 PM - Instalirani RAM Fresh
RP280: 6/11/2009 6:45:39 PM - konfiguriranim Driver Detektiv
RP281: 6/12/2009 1:51:36 AM - Software Distribution Service 3,0
RP282: 6/12/2009 8:55:19 AM - Software Distribution Service 3,0
RP283: 6/13/2009 11:02:27 AM - Software Distribution Service 3,0
RP284: 6/13/2009 11:13:50 AM - Software Distribution Service 3,0
RP285: 6/14/2009 10:49:45 PM - Software Distribution Service 3,0
RP286: 6/15/2009 9:16:53 AM - Software Distribution Service 3,0
RP287: 6/15/2009 11:09:18 PM - Software Distribution Service 3,0
RP288: 6/16/2009 10:07:34 AM - Software Distribution Service 3,0
RP289: 6/17/2009 9:01:20 AM - Software Distribution Service 3,0
RP290: 6/17/2009 10:05:33 AM - Instalirani Windows Internet Explorer 8.
RP291: 6/18/2009 10:16:10 AM - Software Distribution Service 3,0
RP292: 6/18/2009 10:41:06 AM - Instalirani Windows Media Format Runtime Setup 9 Series
RP293: 6/18/2009 1:11:48 PM - Instalirani Windows Media Format Runtime Setup 9 Series
RP294: 6/18/2009 1:29:13 PM - Software Distribution Service 3,0
RP295: 6/19/2009 3:01:54 AM - Software Distribution Service 3,0
RP296: 6/19/2009 9:29:35 AM - Software Distribution Service 3,0
RP297: 6/19/2009 5:47:01 PM - Software Distribution Service 3,0
RP298: 6/20/2009 6:59:50 PM - Software Distribution Service 3,0
RP299: 6/20/2009 7:05:46 PM - Instalirana Java (tm) 6 Update 14
RP300: 6/21/2009 4:07:26 PM - Software Distribution Service 3,0
RP301: 6/21/2009 4:14:22 PM - Software Distribution Service 3,0
RP302: 6/22/2009 9:44:00 AM - Software Distribution Service 3,0
RP303: 6/22/2009 11:31:38 AM - Software Distribution Service 3,0
RP304: 6/23/2009 3:00:23 AM - Software Distribution Service 3,0
RP305: 6/24/2009 9:44:31 AM - Software Distribution Service 3,0
RP306: 6/24/2009 9:55:45 AM - Software Distribution Service 3,0
RP307: 6/24/2009 10:14:50 AM - Software Distribution Service 3,0
RP308: 6/24/2009 9:41:13 PM - Software Distribution Service 3,0
RP309: 6/25/2009 2:52:04 AM - Software Distribution Service 3,0
RP310: 6/25/2009 12:17:49 PM - Software Distribution Service 3,0
RP311: 6/26/2009 9:27:47 PM - Software Distribution Service 3,0
RP312: 6/27/2009 12:41:14 AM - Operation Restore
RP313: 6/27/2009 1:35:40 AM - Operation Restore
RP314: 6/27/2009 2:25:58 AM - Software Distribution Service 3,0
RP315: 6/27/2009 2:30:41 AM - Instalirani Windows Media Format Runtime Setup 9 Series
RP316: 6/28/2009 8:31:27 AM - Software Distribution Service 3,0
RP317: 6/29/2009 10:03:24 AM - Software Distribution Service 3,0
RP318: 6/29/2009 6:35:12 PM - Software Distribution Service 3,0
RP319: 6/29/2009 9:00:14 PM - Software Distribution Service 3,0
RP320: 6/30/2009 3:32:09 AM - Software Distribution Service 3,0
RP321: 6/30/2009 11:45:20 AM - Software Distribution Service 3,0
RP322: 7/1/2009 9:15:52 AM - Software Distribution Service 3,0
RP323: 7/1/2009 11:21:44 AM - Software Distribution Service 3,0
RP324: 7/1/2009 10:38:39 PM - Software Distribution Service 3,0
RP325: 7/2/2009 3:16:53 AM - Software Distribution Service 3,0
RP326: 7/2/2009 12:22:35 PM - Software Distribution Service 3,0
RP327: 7/2/2009 7:09:25 PM - Software Distribution Service 3,0
RP328: 7/3/2009 4:04:54 AM - Software Distribution Service 3,0
==== Instaliranih programa ======================

ABBYY FineReader Sprint Plus 5,0
Adobe Flash Player 10 ActiveX
AOL Trener Version 2.0 (Build: 20.041.026,5 en)
AOL Connectivity Services
AOL Deskbar
AOL Toolbar
AOL Uninstaller (Odaberite proizvode koji se ukloni)
AOL You've Got Screensaver Slike
C-Media Audio
C-Media WDM Audio Driver
COMODO SafeSurf
Compatibility Pack za Office 2007 sustav
Cool PDF Reader 1,0
Vozač Robot 1.0.6.0
Update filehippo.com Checker
Svježa RAM
HackerSmacker
HijackThis 2.0.2
Hotfix za Windows XP (KB896344)
Hotfix za Windows XP (KB914440)
Hotfix za Windows XP (KB915865)
Hotfix za Windows XP (KB952287)
IncrediMail Xe
Java (tm) 6 Update 14
Jet snimka zaslona 2,0 V
Lexmark 5200 Series
Macromedia Shockwave Player
Magentic
Malwarebytes' Anti-zaštita od zlonamjernih programa
Microsoft. NET Framework 1.1
Microsoft. NET Framework 2.0
Microsoft Internationalized Domain Names ublažavanja API
Microsoftov National Language Support Downlevel API
Microsoft Office PowerPoint Viewer 2007 (English)
Microsoft Visual C + + 2005 Redistributable
Microsoft Web Publishing Wizard 1,52
Microsoft Works
MSXML 4.0 SP2 (KB925672)
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 6 Service Pack 2 (KB954459)
Pure Networks Port Magic
QuickTime
RealPlayer Basic
Sigurnosno ažuriranje za Windows Internet Explorer 7 (KB933566)
Sigurnosno ažuriranje za Windows Internet Explorer 7 (KB937143)
Sigurnosno ažuriranje za Windows Internet Explorer 7 (KB938127)
Sigurnosno ažuriranje za Windows Internet Explorer 7 (KB939653)
Sigurnosno ažuriranje za Windows Internet Explorer 7 (KB942615)
Sigurnosno ažuriranje za Windows Internet Explorer 7 (KB944533)
Sigurnosno ažuriranje za Windows Internet Explorer 7 (KB963027)
Sigurnosno ažuriranje za Windows Internet Explorer 8 (KB969897)
Sigurnosno ažuriranje za Windows Media Player (KB911564)
Sigurnosno ažuriranje za Windows Media Player (KB952069)
Sigurnosno ažuriranje za Windows Media Player 6,4 (KB925398)
Sigurnosno ažuriranje za Windows Media Player 9 (KB917734)
Sigurnosno ažuriranje za Windows Media Player 9 (KB936782)
Sigurnosno ažuriranje za Windows XP (KB893756)
Sigurnosno ažuriranje za Windows XP (KB896358)
Sigurnosno ažuriranje za Windows XP (KB896423)
Sigurnosno ažuriranje za Windows XP (KB896428)
Sigurnosno ažuriranje za Windows XP (KB899587)
Sigurnosno ažuriranje za Windows XP (KB899591)
Sigurnosno ažuriranje za Windows XP (KB900725)
Sigurnosno ažuriranje za Windows XP (KB901017)
Sigurnosno ažuriranje za Windows XP (KB901214)
Sigurnosno ažuriranje za Windows XP (KB902400)
Sigurnosno ažuriranje za Windows XP (KB904706)
Sigurnosno ažuriranje za Windows XP (KB905414)
Sigurnosno ažuriranje za Windows XP (KB905749)
Sigurnosno ažuriranje za Windows XP (KB908519)
Sigurnosno ažuriranje za Windows XP (KB911562)
Sigurnosno ažuriranje za Windows XP (KB911927)
Sigurnosno ažuriranje za Windows XP (KB913580)
Sigurnosno ažuriranje za Windows XP (KB914388)
Sigurnosno ažuriranje za Windows XP (KB914389)
Sigurnosno ažuriranje za Windows XP (KB917344)
Sigurnosno ažuriranje za Windows XP (KB917953)
Sigurnosno ažuriranje za Windows XP (KB918118)
Sigurnosno ažuriranje za Windows XP (KB918439)
Sigurnosno ažuriranje za Windows XP (KB919007)
Sigurnosno ažuriranje za Windows XP (KB920213)
Sigurnosno ažuriranje za Windows XP (KB920670)
Sigurnosno ažuriranje za Windows XP (KB920683)
Sigurnosno ažuriranje za Windows XP (KB920685)
Sigurnosno ažuriranje za Windows XP (KB921503)
Sigurnosno ažuriranje za Windows XP (KB922819)
Sigurnosno ažuriranje za Windows XP (KB923191)
Sigurnosno ažuriranje za Windows XP (KB923414)
Sigurnosno ažuriranje za Windows XP (KB923561)
Sigurnosno ažuriranje za Windows XP (KB923689)
Sigurnosno ažuriranje za Windows XP (KB923980)
Sigurnosno ažuriranje za Windows XP (KB924191)
Sigurnosno ažuriranje za Windows XP (KB924270)
Sigurnosno ažuriranje za Windows XP (KB924496)
Sigurnosno ažuriranje za Windows XP (KB924667)
Sigurnosno ažuriranje za Windows XP (KB925902)
Sigurnosno ažuriranje za Windows XP (KB926247)
Sigurnosno ažuriranje za Windows XP (KB926255)
Sigurnosno ažuriranje za Windows XP (KB926436)
Sigurnosno ažuriranje za Windows XP (KB927779)
Sigurnosno ažuriranje za Windows XP (KB927802)
Sigurnosno ažuriranje za Windows XP (KB928255)
Sigurnosno ažuriranje za Windows XP (KB928843)
Sigurnosno ažuriranje za Windows XP (KB929123)
Sigurnosno ažuriranje za Windows XP (KB930178)
Sigurnosno ažuriranje za Windows XP (KB931261)
Sigurnosno ažuriranje za Windows XP (KB931784)
Sigurnosno ažuriranje za Windows XP (KB932168)
Sigurnosno ažuriranje za Windows XP (KB933566)
Sigurnosno ažuriranje za Windows XP (KB933729)
Sigurnosno ažuriranje za Windows XP (KB935839)
Sigurnosno ažuriranje za Windows XP (KB935840)
Sigurnosno ažuriranje za Windows XP (KB936021)
Sigurnosno ažuriranje za Windows XP (KB938464)
Sigurnosno ažuriranje za Windows XP (KB938829)
Sigurnosno ažuriranje za Windows XP (KB941202)
Sigurnosno ažuriranje za Windows XP (KB941568)
Sigurnosno ažuriranje za Windows XP (KB941569)
Sigurnosno ažuriranje za Windows XP (KB941644)
Sigurnosno ažuriranje za Windows XP (KB941693)
Sigurnosno ažuriranje za Windows XP (KB943055)
Sigurnosno ažuriranje za Windows XP (KB943460)
Sigurnosno ažuriranje za Windows XP (KB943485)
Sigurnosno ažuriranje za Windows XP (KB944653)
Sigurnosno ažuriranje za Windows XP (KB945553)
Sigurnosno ažuriranje za Windows XP (KB946026)
Sigurnosno ažuriranje za Windows XP (KB946648)
Sigurnosno ažuriranje za Windows XP (KB948590)
Sigurnosno ažuriranje za Windows XP (KB948881)
Sigurnosno ažuriranje za Windows XP (KB950749)
Sigurnosno ažuriranje za Windows XP (KB950760)
Sigurnosno ažuriranje za Windows XP (KB950762)
Sigurnosno ažuriranje za Windows XP (KB950974)
Sigurnosno ažuriranje za Windows XP (KB951066)
Sigurnosno ažuriranje za Windows XP (KB951376-v2)
Sigurnosno ažuriranje za Windows XP (KB951376)
Sigurnosno ažuriranje za Windows XP (KB951698)
Sigurnosno ažuriranje za Windows XP (KB951748)
Sigurnosno ažuriranje za Windows XP (KB952004)
Sigurnosno ažuriranje za Windows XP (KB952954)
Sigurnosno ažuriranje za Windows XP (KB953839)
Sigurnosno ažuriranje za Windows XP (KB954211)
Sigurnosno ažuriranje za Windows XP (KB954600)
Sigurnosno ažuriranje za Windows XP (KB955069)
Sigurnosno ažuriranje za Windows XP (KB956391)
Sigurnosno ažuriranje za Windows XP (KB956572)
Sigurnosno ažuriranje za Windows XP (KB956802)
Sigurnosno ažuriranje za Windows XP (KB956803)
Sigurnosno ažuriranje za Windows XP (KB956841)
Sigurnosno ažuriranje za Windows XP (KB957095)
Sigurnosno ažuriranje za Windows XP (KB957097)
Sigurnosno ažuriranje za Windows XP (KB958644)
Sigurnosno ažuriranje za Windows XP (KB958687)
Sigurnosno ažuriranje za Windows XP (KB958690)
Sigurnosno ažuriranje za Windows XP (KB959426)
Sigurnosno ažuriranje za Windows XP (KB960225)
Sigurnosno ažuriranje za Windows XP (KB960715)
Sigurnosno ažuriranje za Windows XP (KB960803)
Sigurnosno ažuriranje za Windows XP (KB961373)
Sigurnosno ažuriranje za Windows XP (KB961501)
Sigurnosno ažuriranje za Windows XP (KB968537)
Sigurnosno ažuriranje za Windows XP (KB969898)
Sigurnosno ažuriranje za Windows XP (KB970238)
SIS 900 PCI Fast Ethernet adapter Vozač
SIW verzija 2008/04/02
SUPERAntiSpyware Free Edition
The Print Shop 21
US Robotics 56K Faxmodem USB
Ažuriranje za Windows XP (KB894391)
Ažuriranje za Windows XP (KB898461)
Ažuriranje za Windows XP (KB900485)
Ažuriranje za Windows XP (KB904942)
Ažuriranje za Windows XP (KB908531)
Ažuriranje za Windows XP (KB910437)
Ažuriranje za Windows XP (KB911280)
Ažuriranje za Windows XP (KB916595)
Ažuriranje za Windows XP (KB920342)
Ažuriranje za Windows XP (KB920872)
Ažuriranje za Windows XP (KB922582)
Ažuriranje za Windows XP (KB927891)
Ažuriranje za Windows XP (KB930916)
Ažuriranje za Windows XP (KB931836)
Ažuriranje za Windows XP (KB932823-v3)
Ažuriranje za Windows XP (KB933360)
Ažuriranje za Windows XP (KB938828)
Ažuriranje za Windows XP (KB942763)
Ažuriranje za Windows XP (KB955839)
Ažuriranje za Windows XP (KB967715)
Glediąta Media Player
WebFldrs XP
Windows Genuine Advantage Validation Tool (KB892130)
Windows Installer 3.1 (KB893803)
Windows Internet Explorer 8
Windows XP Hotfix - KB873339
Windows XP Hotfix - KB885836
Windows XP Hotfix - KB886185
Windows XP Hotfix - KB887472
Windows XP Hotfix - KB888302
Windows XP Hotfix - KB890859
Windows XP Hotfix - KB891781
Deinstalirajte Windows XP
WinPatrol 2009
Zoom Voice V.92 PCI Faxmodem
Zoom V92 PC Card Voice Faxmodem
==== Event Viewer poruke iz Prošli tjedan ========
7/3/2009 4:23:49 PM, error: System Error [1003] - Error code 00000077, parametar1 c000000e, parametar2 c000000e, parametar3 00000000, parameter4 01.422.000.
7/3/2009 2:33:40 PM, error: System Error [1003] - Error code 000000f4, parametar1 00000003, parametar2 86cdb430, parametar3 86cdb5a4, parameter4 805fa1f0.
7/1/2009 10:39:09 AM, greška: Service Control Manager [7034] - The AOL TopSpeed Monitor usluga prestaje neočekivano. On je to učinio 6 put (a).
6/30/2009 5:05:18 PM, greška: Tisak [6161] - Dokument Syslog - Notepad vlasništvu Korisničke Windows nije ispunilo proročanstvo za ispis na pisač Lexmark 5200 Series. Data Type: LEMF. Veličina datoteke je špula u bajtovima: 1208022. Broj tiskanih bytes: 1208022. Ukupan broj stranica u dokumentu: 3. Broj stranica tiskane: 0. Stroj za klijente: \ \ SUNPORCH. Win32 vratio kod pogreške koju print procesor: 126 (0x7e).
6/29/2009 11:36:01 PM, greška: Service Control Manager [7000] - The SASDIFSV usluga nisu započeli zbog slijedeće greška: Ne može se stvoriti datoteku kada je taj file already exists.
6/27/2009 2:24:45 AM, greška: Service Control Manager [7000] - The Upload Manager usluga nisu započeli zbog sljedeće pogreške: Na računu navedeno za ovaj servis razlikuje od navedenog računa za ostale usluge trčanje u istom procesu.
6/27/2009 2:24:37 AM, error: BITS [16391] - The BITS posao popis nije u priznatim formatu. On svibanj imati je stvorio neku drugu verziju bitova. Posao lista je izbrisan.
6/27/2009 2:08:32 AM, error: SnsCore [20] --
6/27/2009 2:08:24 AM, greška: Service Control Manager [7000] - The iolo FileInfoList Usluga servisa nisu započeli zbog sljedeće pogreške: Sustav ne može pronaći datoteku.
6/27/2009 1:41:24 AM, greška: Service Control Manager [7023] - The HID Unos usluge prestaje sa sljedećim pogrešci: Sustav ne može pronaći datoteku.
6/27/2009 1:41:24 AM, greška: Service Control Manager [7000] - The iolo Sistem usluge nisu započeli zbog sljedeće pogreške: Sustav ne može pronaći datoteku.
6/27/2009 1:36:19 AM, greška: Service Control Manager [7034] - The AOL TopSpeed Monitor usluga prestaje neočekivano. To je učinio to 5 put (a).
6/27/2009 1:36:09 AM, greška: Service Control Manager [7031] - The AOL TopSpeed Monitor usluga prestaje neočekivano. To je učinio to 4 put (a). Sljedeći korektivne akcije će se poduzeti u 1000 milisekundi: Ponovo pokrenite uslugu.
6/27/2009 1:36:01 AM, greška: Service Control Manager [7031] - The AOL TopSpeed Monitor usluga prestaje neočekivano. To je učinio to 3 put (a). Sljedeći korektivne akcije će se poduzeti u 1000 milisekundi: Ponovo pokrenite uslugu.
6/27/2009 1:35:53 AM, greška: Service Control Manager [7031] - The AOL TopSpeed Monitor usluga prestaje neočekivano. To je učinio to 2 put (a). Sljedeći korektivne akcije će se poduzeti u 1000 milisekundi: Ponovo pokrenite uslugu.
6/27/2009 1:35:35 AM, greška: Service Control Manager [7031] - The AOL TopSpeed Monitor usluga prestaje neočekivano. On je to učinio 1 put (a). Sljedeći korektivne akcije će se poduzeti u 1000 milisekundi: Ponovo pokrenite uslugu.
6/27/2009 1:32:44 AM, error: DCOM [10005] - DCOM je dobio greška "% 1084" Pokušavate pokrenuti uslugu EventSystem sa argumente "" da bi pokretanje poslužitelja: (1BE1F766-5536-11D1 - B726-00C04FB926AF)
6/27/2009 1:30:38 AM, greška: Service Control Manager [7026] - Sljedeći boot-start ili sistem-start driver (e) nije ispunilo proročanstvo to učitavanje: AFD AmdK7 Fips IPSec MRxSmb NetBIOS NetBT RasAcd Rdbss SASDIFSV SASKUTIL SnsCore tcpip WS2IFSL
6/27/2009 1:30:38 AM, greška: Service Control Manager [7001] - TCP / IP NetBIOS Helper usluga ovisi o AFD uslugu koja nisu započeli zbog sljedeće pogreške: A uređaj priključen na sustav ne funkcionira.
6/27/2009 1:30:38 AM, greška: Service Control Manager [7001] - The IPSEC Services usluga ovisi o IPSEC driver uslugu koja nisu započeli zbog sljedeće pogreške: A uređaj priključen na sustav ne funkcionira .
6/27/2009 1:30:38 AM, greška: Service Control Manager [7001] - DNS klijentski servis ovisi o TCP / IP Protocol Driver usluga koje nisu započeli zbog sljedeće pogreške: A uređaj priključen na sustav ne funkcionira.
6/27/2009 1:30:38 AM, greška: Service Control Manager [7001] - The DHCP Client usluga ovisi o NetBIOS putem TCPIP uslugu koja nisu započeli zbog sljedeće pogreške: A uređaj priključen na sustav nije funkcionisanje.
6/27/2009 1:29:52 AM, error: DCOM [10005] - DCOM je dobio greška "% 1084" Pokušavate pokrenuti uslugu netman sa argumente "" da bi pokretanje poslužitelja: (BA126AE5-2166-11D1 - B1D0-00805FC1270E)
6/27/2009 1:19:01 AM, greška: Service Control Manager [7009] - Timeout (30000 milisekundi) na čekanju za IMAPI CD-Burning COM Service uslugu za spajanje.
6/27/2009 1:19:01 AM, greška: Service Control Manager [7000] - The IMAPI CD-Burning COM Service servis nije uspio pokrenuti zbog sljedeće pogreške: Usluga nije odgovorio na zahtjev za pokretanje ili kontrolom u pravodobno modi.
6/27/2009 1:16:56 AM, greška: Service Control Manager [7023] - The Terminal Services servis prestaje sa sljedećim error: Invalid pristup memorijska lokacija.
6/27/2009 1:16:56 AM, greška: Service Control Manager [7023] - Automatic Updates service prestaje sa sljedećim error:%% 3228369023
6/27/2009 1:16:56 AM, greška: Service Control Manager [7001] - The Fast User Switching Compatibility usluga ovisi o Terminal Services servis koji nije uspio pokrenuti jer sljedeće pogreške: Invalid pristup memorijska lokacija.
6/27/2009 1:05:23 AM, error: DCOM [10005] - DCOM je dobio greška "% 1084" Pokušavate pokrenuti uslugu wuauserv s argumentima "kako bi se pokrenuti poslužitelj: E60687F7 (-01A1-40AA - 86AC-DB1CBF673334)
6/26/2009 9:29:28 PM, error: Windows Update Agent [20] - Instalacija Neuspeh: Windows nije ispunilo proročanstvo to uvesti koga u službu slijedeće ažurirati sa greška 0x80070643: Microsoft. NET Framework 1.1 Service Pack 1.
==== Kraj datoteke ===========================
Rooter.exe (v1.0.2) by Eric_71
.
SeDebugPrivilege odobrena uspješno ...
.
Windows XP Home Edition (5.1.2600) Service Pack 2
[32_bits] - x86 Family 6 MODEL 6 Stepping 2, AuthenticAMD
.
[wscsvc] (Sigurnosni centar) prikazivati (država: 4)
[SharedAccess] prikazivati (država: 4)
Vatrozid za Windows -> Omogućeno
.
Internet Explorer 8.0.6001.18702
.
A: \ [Prenosno]
C: \ [Fixed-FAT32] .. (Ukupno: 112 Idi - Besplatno: 90 Idi)
D: \ [CD_Rom]
.
Scan: 19:57.51
Path: C: \ Documents and Settings \ Windows Korisnik \ Local Settings \ Temporary Internet Files \ Content.IE5 \ EI7LBMQF \ navijač [1]. Exe
Korisnik: Windows User (Administrator -> YES)
.
---------------------- \ \ Procesi
.
Locked [System Process] (0)
______ System (4)
______ \ SystemRoot \ System32 \ smss.exe (292)
______ \? \ C: \ WINDOWS \ system32 \ csrss.exe (348)
______ \? \ C: \ Windows \ System32 \ Winlogon.exe (372)
______ C: \ WINDOWS \ system32 \ services.exe (416)
______ C: \ WINDOWS \ system32 \ lsass.exe (428)
______ C: \ WINDOWS \ system32 \ Svchost.exe (576)
______ C: \ WINDOWS \ system32 \ Svchost.exe (620)
______ C: \ WINDOWS \ System32 \ Svchost.exe (664)
______ C: \ WINDOWS \ system32 \ Svchost.exe (708)
______ C: \ WINDOWS \ system32 \ Svchost.exe (804)
______ C: \ WINDOWS \ system32 \ spoolsv.exe (900)
______ C: \ WINDOWS \ system32 \ Svchost.exe (980)
______ C: \ Program Files \ Common Files \ AOL \ ACS \ AOLAcsd.exe (1012)
______ C: \ Program Files \ Java \ jre6 \ bin \ jqs.exe (1056)
______ C: \ WINDOWS \ System32 \ snmp.exe (1148)
______ C: \ WINDOWS \ system32 \ Svchost.exe (1180)
______ C: \ WINDOWS \ System32 \ alg.exe (1900)
______ C: \ WINDOWS \ explorer.exe (1124)
______ C: \ Program Files \ Lexmark 5200 serija \ lxbtbmgr.exe (528)
______ C: \ Program Files \ Java \ jre6 \ bin \ jusched.exe (1736)
______ C: \ Program Files \ Lexmark 5200 serija \ lxbtbmon.exe (1468)
______ C: \ Program Files \ Common Files \ AOL \ 1246084174 \ ee \ AOLSoftware.exe (1316)
______ C: \ Program Files \ Common Files \ AOL \ ACS \ AOLDial.exe (1572)
______ C: \ WINDOWS \ system32 \ Ctfmon.exe (1648)
______ C: \ Program Files \ Jet snimka zaslona \ jetScreenshot.exe (1216)
______ C: \ WINDOWS \ system32 \ wbem \ wmiprvse.exe (2148)
______ C: \ WINDOWS \ system32 \ wuauclt.exe (2428)
______ C: \ Program Files \ America Online 9,0 \ waol.exe (596)
______ C: \ Program Files \ America Online 9,0 \ shellmon.exe (756)
______ C: \ Documents and Settings \ Windows Korisnik \ Local Settings \ Temporary Internet Files \ Content.IE5 \ EI7LBMQF \ navijač [1]. Exe (3388)
.
---------------------- \ \ Device \ Harddisk0 \
.
\ Device \ Harddisk0 [Sektori: 63 x 512 Bytes]
.
\ Device \ Harddisk0 \ Partition1 - [MBR] - (Start_Offset: 32256 | Length: 120681275904)
.
---------------------- \ \ Scheduled Tasks
.
C: \ WINDOWS \ Tasks \ SA.DAT
C: \ WINDOWS \ Tasks \ DESKTOP.INI
C: \ WINDOWS \ Tasks \ Driver Robot.job
.
---------------------- \ \ Registry
.
.
---------------------- \ \ Datoteke i mape
.
C: \ DOCUME ~ 1 \ WINDOW ~ 1 \ APPLIC ~ 1 \ PrivacyControl
==> Rogues <==
.
---------------------- \ \ Scan završio na 19:57.56
.
C: \ navijač $ \ Rooter_1.txt - (03/07/2009 | 19:57.56)

**evilfantasy** · #6 3. srpnja 2009, 19:01

Izbriši ove datoteke / mape, kako slijedi:

1. Idi na Početak > Pokrenuti > Tip Notepad.exe i kliknite U redu otvoriti Notepad.
To morati biti Notepad, WordPad ne.
2. Kopiraj tekst ispod u okvir code by označavanje svih tekstualnih i pritiskom na Ctrl + C

Code:

KillAll:: DDS:: BHO: AskBar BHO: (201f27d4-3704-41d6-89c1-aa35e39143ed) - C: \ Program Files \ askbardis \ bar \ bin \ askBar.dll TB: Ask Toolbar: (3041d03e-fd4b-44e0 - b742-2d9b88305f98) - C: \ Program Files \ askbardis \ bar \ bin \ askBar.dll IE: (FB5F1910-F110-11D2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe mapu: C: \ docume ~ 1 \ prozor ~ 1 \ applic ~ 1 \ licence c: \ docume ~ 1 \ prozor ~ 1 \ applic ~ 1 \ PCMM2009 C: \ Program Files \ PC MightyMax 2009 C: \ Program Files \ askbardis C: \ Program files \ Messenger

3. Idi na Notepad prozor i kliknite na Uredi > Zalijepi
4. Zatim kliknite na Datoteka > Spremiti
5. Ime datoteke CFScript.txt - Spremi datoteku na svoj Desktop
6. Zatim povucite CFScript (držite lijevu tipku miša dok povučete datoteku), a pad je (otpustite lijevu tipku miša) u ComboFix.exe kao što vidite na sliki ispod. Važno: Obavi ovo uputstvo pažljivo!

ComboFix će se početi izvršavati, samo slijedite upute.
Nakon što ponovno podizanje sustava (u slučaju da ga zatraži ponovno podizanje sustava), on će proizvesti prijava za vas.
Pošta koja log (Combofix.txt) u sljedeći odgovor.

Napomena: Ne mouseclick ComboFix's prozor dok je pokrenut. To svibanj nanijeti tvoj sistem za zamrzavanje

**hopthwoks** · #7 5. srpnja 2009, 14:04

Samo trebate ponovo napuniti ComboFix. Čini se da je datoteka WES delrtrd Sve sam je tekstualne datoteke u combofix.

**evilfantasy** · #8 5. srpnja 2009, 14:28

http://download.bleepingcomputer.com/sUBs/ComboFix.exe

**hopthwoks** · #9 5. srpnja 2009, 21:33

Nažalost to je tako dugo. Imaš ujedat pauk i da je po potrošnji najveći dio vremena u potrazi za vidjeti ako JA mogao saznati što bitni mene.
Ovdje je scan.
ComboFix 09-07-05.01 - Windows Korisničke 07/06/2009 0:04.4 - FAT32x86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.1023.742 [GMT -4:00]
Running from: C: \ Documents and Settings \ Windows User \ Desktop \ ComboFix.exe
Naredba prekidači koji se koriste:: C: \ Documents and Settings \ Windows User \ Desktop \ CFScript.txt
.
Ostali ((((((((((((((((((((((((((((((((((((((( brisanja ))))))))) ))))))))))))))))))))))))))))))))))))))))
.
c: \ docume ~ 1 \ prozor ~ 1 \ applic ~ 1 \ licence
c: \ docume ~ 1 \ prozor ~ 1 \ applic ~ 1 \ licence \ PCMightyMax c27fe264-0186-4910-8a97-50c383296a11
c: \ docume ~ 1 \ prozor ~ 1 \ applic ~ 1 \ PCMM2009
c: \ docume ~ 1 \ prozor ~ 1 \ applic ~ 1 \ PCMM2009 \ dijagnostički \ zadnja-scan
c: \ docume ~ 1 \ prozor ~ 1 \ applic ~ 1 \ PCMM2009 \ pcmm2009-konfiguracija
C: \ Program Files \ askbardis
C: \ Program Files \ askbardis \ bar \ bin \ askBar.dll
C: \ Program Files \ askbardis \ bar \ bin \ askPopStp.dll
C: \ Program Files \ askbardis \ bar \ bin \ psvince.dll
C: \ Program Files \ askbardis \ bar \ Cache \ files.ini
C: \ Program Files \ askbardis \ bar \ Povijest \ pretraživanje
C: \ Program Files \ askbardis \ bar \ Settings \ config.dat
C: \ Program Files \ askbardis \ bar \ Settings \ config.dat.bak
C: \ Program Files \ askbardis \ unins000.dat
C: \ Program Files \ askbardis \ unins000.exe
C: \ Program Files \ Messenger
C: \ Program Files \ Messenger \ custsat.dll
C: \ Program Files \ Messenger \ logowin.gif
C: \ Program Files \ Messenger \ lvback.gif
C: \ Program Files \ Messenger \ msgsc.dll
C: \ Program Files \ Messenger \ msgslang.dll
C: \ Program Files \ Messenger \ msmsgs.exe
C: \ Program Files \ Messenger \ newalert.wav
C: \ Program Files \ Messenger \ newemail.wav
C: \ Program Files \ Messenger \ online.wav
C: \ Program Files \ Messenger \ type.wav
C: \ Program Files \ Messenger \ xpmsgr.chm
C: \ Program Files \ PC MightyMax 2009
C: \ Program Files \ PC MightyMax 2009 \ pcmm2009.error.log
.
((((((((((((((((((((((((( Files Created from 2009/06/06 da 2009/07/06 ))))))))))) ))))))))))))))))))))
.
2009-07-06 02:18. ------ 2008-12-03 16:09 59184 w-c: \ Documents and Settings \ All Users \ Application Data \ AOL \ UserProfiles \ All Users \ sapunica \ Cache \ 4381.3.4 \ toolbarsud.exe
2009-07-06 02:18. ------ 2006-04-06 15:33 81000 w-c: \ Documents and Settings \ All Users \ Application Data \ AOL \ UserProfiles \ All Users \ sapunica \ Cache \ 4381.3.4 \ ProgUpd.dll
2009-07-06 02:18. ------ 2006-04-06 15:33 33896 w-c: \ Documents and Settings \ All Users \ Application Data \ AOL \ UserProfiles \ All Users \ sapunica \ Cache \ 4381.3.4 \ postproc.exe
2009-07-06 02:18. ------ 2006-04-06 15:33 156264-w C: \ Documents and Settings \ All Users \ Application Data \ AOL \ UserProfiles \ All Users \ sapunica \ Cache \ 4381.3.4 \ setup.exe
2009-07-06 02:18. ------ 2008-12-02 18:34 2316392-w C: \ Documents and Settings \ All Users \ Application Data \ AOL \ UserProfiles \ All Users \ sapunica \ Cache \ 4381.3.4 \ ocpinst.exe
2009-07-06 02:18. ------ 2008-11-12 21:12 1370528-w C: \ Documents and Settings \ All Users \ Application Data \ AOL \ UserProfiles \ All Users \ sapunica \ Cache \ 4381.3.4 \ msvc9rt.exe
2009-07-06 02:18. ------ 2008-11-06 14:42 2100984-w C: \ Documents and Settings \ All Users \ Application Data \ AOL \ UserProfiles \ All Users \ sapunica \ Cache \ 4381.3.4 \ aol_toolbar_dual.exe
2009-07-06 02:18. ------ 2008-07-23 18:35 62248 w-c: \ Documents and Settings \ All Users \ Application Data \ AOL \ UserProfiles \ All Users \ sapunica \ Cache \ 4381.3.4 \ ocpgc.exe
2009-07-06 02:18. ------ 2008-07-23 18:35 15144 w-c: \ Documents and Settings \ All Users \ Application Data \ AOL \ UserProfiles \ All Users \ sapunica \ Cache \ 4381.3.4 \ ocpchk.dll
2009-07-06 02:18. ------ 2008-07-23 18:35 74536 w-c: \ Documents and Settings \ All Users \ Application Data \ AOL \ UserProfiles \ All Users \ sapunica \ Cache \ 4381.3.4 \ instSup.dll
2009-07-06 02:18. ------ 2006-07-31 18:41 474184-w C: \ Documents and Settings \ All Users \ Application Data \ AOL \ UserProfiles \ All Users \ sapunica \ Cache \ 4381.3.4 \ gui.dll
2009-07-06 02:18. ------ 2006-04-06 15:33 25088 w-c: \ Documents and Settings \ All Users \ Application Data \ AOL \ UserProfiles \ All Users \ sapunica \ Cache \ 4381.3.4 \ EEStart.exe
2009-07-03 23:57. 2009-07-03 23:57 -------- d ----- w-C: \ $ navijač
2009-07-01 13:43. 2009-07-01 13:43 -------- d ----- w-c: \ Documents and Settings \ Korisnik Windows \ Application Data \ ArcticLine
2009-07-01 13:43. 2009-07-01 13:43 -------- d ----- w-c: \ program files \ Jet snimka zaslona
2009-06-30 03:17. 2006-10-12 16:29 83504 ---- AW-c: \ Documents and Settings \ All Users \ Application Data \ AOL \ UserProfiles \ All Users \ sapunica \ Temp \ ProgUpd.dll
2009-06-30 03:11. 2009-06-30 03:11 -------- d ----- w-c: \ Documents and Settings \ All Users \ Application Data \ AOL OCP
2009-06-30 03:11. 2009-06-30 03:11 -------- d ----- w-c: \ Documents and Settings \ Windows Korisnik \ Local Settings \ Application Data \ AOL OCP
2009-06-30 03:05. 2009-06-30 03:07 370496 ---- AW-c: \ Documents and Settings \ All Users \ Application Data \ AOL Downloads \ ccu_suite \ 4.3.38.1 \ ccu_suite_4.3.38.1 \ CC UInst.exe
2009-06-30 03:05. 2009-06-30 03:05 94256 ---- AW-c: \ Documents and Settings \ All Users \ Application Data \ AOL Downloads \ ccu_suite \ 4.3.38.1 \ ccu_suite_4.3.38.1 \ u stph.dll
2009-06-30 02:57. 2009-06-30 03:05 2439824 ---- AW-c: \ Documents and Settings \ All Users \ Application Data \ AOL Downloads \ ccu_suite \ 4.3.38.1 \ ccu_suite_4.3.38.1 \ oc pinsti.exe
2009-06-30 02:56. 2009-06-30 02:57 260040 ---- AW-c: \ Documents and Settings \ All Users \ Application Data \ AOL Downloads \ ccu_suite \ 4.3.38.1 \ ccu_suite_4.3.38.1 \ ec uinst.exe
2009-06-30 02:55. 2009-06-30 02:56 237616 ---- AW-c: \ Documents and Settings \ All Users \ Application Data \ AOL Downloads \ ccu_suite \ 4.3.38.1 \ ccu_suite_4.3.38.1 \ GU i.dll
2009-06-30 02:55. 2009-06-30 02:55 127224 ---- AW-c: \ Documents and Settings \ All Users \ Application Data \ AOL Downloads \ ccu_suite \ 4.3.38.1 \ ccu_suite_4.3.38.1 \ af ixlang.exe
2009-06-30 02:55. 2009-06-30 02:55 83504 ---- AW-c: \ Documents and Settings \ All Users \ Application Data \ AOL Downloads \ ccu_suite \ 4.3.38.1 \ ccu_suite_4.3.38.1 \ Pr ogUpd.dll
2009-06-30 02:54. 2009-06-30 02:55 223152 ---- AW-c: \ Documents and Settings \ All Users \ Application Data \ AOL Downloads \ ccu_suite \ 4.3.38.1 \ ccu_suite_4.3.38.1 \ bio finst.exe
2009-06-30 02:53. 2009-06-30 02:54 355592 ---- AW-c: \ Documents and Settings \ All Users \ Application Data \ AOL Downloads \ ccu_suite \ 4.3.38.1 \ ccu_suite_4.3.38.1 \ af ixinst.exe
2009-06-30 02:52. 2009-06-30 02:52 11056 ---- AW-c: \ Documents and Settings \ All Users \ Application Data \ AOL Downloads \ ccu_suite \ 4.3.38.1 \ ccu_suite_4.3.38.1 \ CC NdInst.dll
2009-06-30 02:52. 2009-06-30 02:52 11312 ---- AW-c: \ Documents and Settings \ All Users \ Application Data \ AOL Downloads \ ccu_suite \ 4.3.38.1 \ ccu_suite_4.3.38.1 \ ec uchk.dll
2009-06-30 02:52. 2009-06-30 02:52 11568 ---- AW-c: \ Documents and Settings \ All Users \ Application Data \ AOL Downloads \ ccu_suite \ 4.3.38.1 \ ccu_suite_4.3.38.1 \ TB inst.dll
2009-06-30 02:52. 2009-06-30 02:52 170544 ---- AW-c: \ Documents and Settings \ All Users \ Application Data \ AOL Downloads \ ccu_suite \ 4.3.38.1 \ ccu_suite_4.3.38.1 \ tup.exe se
2009-06-30 02:51. 2009-06-30 02:52 98992 ---- AW-c: \ Documents and Settings \ All Users \ Application Data \ AOL Downloads \ ccu_suite \ 4.3.38.1 \ ccu_suite_4.3.38.1 \ sm instlp.exe
2009-06-30 02:51. 2009-06-30 02:51 11568 ---- AW-c: \ Documents and Settings \ All Users \ Application Data \ AOL Downloads \ ccu_suite \ 4.3.38.1 \ ccu_suite_4.3.38.1 \ oc fcheck.dll
2009-06-30 02:51. 2009-06-30 02:51 15920 ---- AW-c: \ Documents and Settings \ All Users \ Application Data \ AOL Downloads \ ccu_suite \ 4.3.38.1 \ ccu_suite_4.3.38.1 \ oc pchk.dll
2009-06-30 02:49. 2009-06-30 02:51 580136 ---- AW-c: \ Documents and Settings \ All Users \ Application Data \ AOL Downloads \ ccu_suite \ 4.3.38.1 \ ccu_suite_4.3.38.1 \ mu inst.exe
2009-06-30 02:48. 2009-06-30 02:49 282056 ---- AW-c: \ Documents and Settings \ All Users \ Application Data \ AOL Downloads \ ccu_suite \ 4.3.38.1 \ ccu_suite_4.3.38.1 \ cc ulang.exe
2009-06-30 02:48. 2009-06-30 02:48 36912 ---- AW-c: \ Documents and Settings \ All Users \ Application Data \ AOL Downloads \ ccu_suite \ 4.3.38.1 \ ccu_suite_4.3.38.1 \ Po stproc.exe
2009-06-30 02:47. 2009-06-30 02:48 359184 ---- AW-c: \ Documents and Settings \ All Users \ Application Data \ AOL Downloads \ ccu_suite \ 4.3.38.1 \ ccu_suite_4.3.38.1 \ setup.exe TB
2009-06-30 02:36. 2009-06-30 02:47 3147256 ---- AW-c: \ Documents and Settings \ All Users \ Application Data \ AOL Downloads \ ccu_suite \ 4.3.38.1 \ ccu_suite_4.3.38.1 \ oc pinsts.exe
2009-06-30 02:36. 2009-06-30 02:36 10800 ---- AW-c: \ Documents and Settings \ All Users \ Application Data \ AOL Downloads \ ccu_suite \ 4.3.38.1 \ ccu_suite_4.3.38.1 \ bio fixchk.dll
2009-06-30 02:35. 2009-06-30 02:36 174752 ---- AW-c: \ Documents and Settings \ All Users \ Application Data \ AOL Downloads \ ccu_suite \ 4.3.38.1 \ ccu_suite_4.3.38.1 \ st mninst.exe
2009-06-30 02:35. 2009-06-30 02:35 142040 ---- AW-c: \ Documents and Settings \ All Users \ Application Data \ AOL Downloads \ ccu_suite \ 4.3.38.1 \ ccu_suite_4.3.38.1 \ setup.exe al
2009-06-30 02:34. 2009-06-30 02:34 67120 ---- AW-c: \ Documents and Settings \ All Users \ Application Data \ AOL Downloads \ ccu_suite \ 4.3.38.1 \ ccu_suite_4.3.38.1 \ u stSup.dll
2009-06-27 06:36. 2009-06-27 06:36 -------- d ----- w-c: \ windows \ system32 \ CatRoot_bak
2009-06-27 06:31. 2009-06-27 06:31 167999 ---- AW-c: \ Documents and Settings \ All Users \ Application Data \ AOL \ C_America Online 9,0 \ aolEULanPack \ cswitch.exe
2009-06-27 06:31. 2009-06-27 06:31 3298040 ---- AW-c: \ Documents and Settings \ All Users \ Application Data \ AOL \ C_America Online 9,0 \ aolEULanPack \ langpack.exe
2009-06-27 06:30. 2009-06-27 06:30 -------- d ----- w-C: \ install iTunes
2009-06-27 06:30. 2009-06-27 06:30 -------- d ----- w-C: \ Instalacija ICQ
2009-06-27 06:30. 2009-06-27 06:30 -------- d ----- w-C: \ Instant Messenger
2009-06-27 06:30. 2009-06-27 06:30 -------- d ----- w-C: \ MAV
2009-06-27 06:29. 2009-06-27 06:29 -------- d ----- w-C: \ Program Files \ Common Files \ aolshare
2009-06-27 06:29. 2009-06-27 06:29 -------- d ----- w-c: \ program files \ America Online 9,0
2009-06-27 05:04. 2009-06-27 05:04 -------- d-sh - w-c: \ Documents and Settings \ Administrator \ IETldCache
2009-06-27 05:03. 2007-12-04 03:49 487323 ---- AW-c: \ Documents and Settings \ Administrator \ Application Data \ IE7Pro \ prosetup.exe
2009-06-27 05:03. 2007-12-04 03:43 -------- D --- AW-c: \ Documents and Settings \ Administrator \ Application Data \ IE7Pro
2009-06-27 05:03. 2009-06-27 05:03 -------- d ----- w-c: \ Documents and Settings \ Administrator
2009-06-27 05:03. 2007-12-04 03:43 -------- d ----- w-c: \ Documents and Settings \ Administrator \ Local Settings \ Application Data \ SITEguard
2009-06-27 05:03. 2007-06-13 04:19 -------- d ----- w-c: \ Documents and Settings \ Administrator \ Local Settings \ Application Data \ Microsoft
2009-06-25 02:33. 2008-04-14 00:12 221184 ---- AW-c: \ windows \ system32 \ wmpns.dll
2009-06-25 02:05. 2009-06-25 02:05 -------- d ----- w-c: \ windows \ system32 \ scripting
2009-06-25 02:05. 2009-06-25 02:05 -------- d ----- w-c: \ windows \ l2schemas
2009-06-25 02:05. 2009-06-25 02:05 -------- d ----- w-c: \ windows \ system32 \ en
2009-06-25 02:05. 2009-06-25 02:05 -------- d ----- w-c: \ windows \ system32 \ bitova
2009-06-25 01:56. 2006-02-28 16:00 67584 ---- AW-c: \ windows \ system32 \ drivers \ sdbus.sys
2009-06-25 01:56. 2006-02-28 16:00 36096 ---- AW-c: \ windows \ system32 \ drivers \ intelppm.sys
2009-06-25 01:56. 2006-02-28 16:00 15488 ---- AW-c: \ windows \ system32 \ drivers \ mssmbios.sys
2009-06-25 01:56. 2006-02-28 16:00 12416 ---- AW-c: \ windows \ system32 \ drivers \ tunmp.sys
2009-06-25 01:56. 2006-02-28 16:00 11136 ---- AW-c: \ windows \ system32 \ drivers \ sffdisk.sys
2009-06-25 01:56. 2006-02-28 16:00 10240 ---- AW-c: \ windows \ system32 \ drivers \ sffp_sd.sys
2009-06-25 01:56. 2006-03-17 00:33 262784 ---- AW-c: \ windows \ system32 \ drivers \ Http.sys
2009-06-25 01:54. 2006-02-28 16:00 15360 ---- AW-c: \ windows \ system32 \ dllcache \ nppagent.exe
2009-06-25 01:53. 2006-02-28 16:00 82944 ---- AW-c: \ windows \ system32 \ dllcache \ ws2_32.dll
2009-06-25 01:50. 2009-06-25 01:51 -------- d ----- w-c: \ windows \ EHome
2009-06-24 06:11. 2009-06-24 06:11 -------- d-sh - w-c: \ Documents and Settings \ LocalService \ IETldCache
2009-06-24 06:10. 2009-06-24 06:10 -------- d ----- w-c: \ program files \ SNSafe & Software
2009-06-24 06:10. 2009-06-24 06:10 -------- d ----- w-c: \ Documents and Settings \ All Users \ Application Data \ SNSafe & Softver
2009-06-21 00:46. ------ 2009-04-30 21:22 12800 w-c: \ windows \ system32 \ dllcache \ xpshims.dll
2009-06-21 00:46. ------ 2009-04-30 21:22 246272 w-c: \ windows \ system32 \ dllcache \ ieproxy.dll
2009-06-20 23:05. 2009-06-20 23:05 152576 ---- AW-c: \ Documents and Settings \ Windows User \ Application Data \ nedjelja \ Java \ jre1.6.0_14 \ lzma.dll
2009-06-18 00:32. 2009-06-18 00:32 -------- d-sh - w-C: \ FOUND.020
2009-06-17 14:03. 2009-06-17 14:03 -------- d - h - w-c: \ windows \ ie8
2009-06-16 23:54. 2009-06-16 23:54 -------- d ----- w-c: \ Documents and Settings \ Korisnik Windows \ Application Data \ AVS4YOU
2009-06-16 23:54. 2009-06-16 23:54 -------- d ----- w-c: \ Documents and Settings \ All Users \ Application Data \ AVS4YOU
2009-06-16 23:53. 2009-06-16 23:53 -------- d ----- w-C: \ Program Files \ Common Files \ AVSMedia
2009-06-16 23:53. 2007-02-27 22:36 974848 ---- AW-c: \ windows \ system32 \ mfc70.dll
2009-06-16 23:53. 2007-02-27 22:36 487424 ---- AW-c: \ windows \ system32 \ msvcp70.dll
2009-06-16 23:53. 2007-02-27 22:36 344064 ---- AW-c: \ windows \ system32 \ msvcr70.dll
2009-06-16 23:53. 2007-02-27 22:36 1700352 ---- AW-c: \ windows \ system32 \ GdiPlus.dll
2009-06-16 23:53. 2009-06-16 23:53 -------- d ----- w-c: \ program files \ AVS4YOU
2009-06-12 05:15. 2009-06-12 05:15 -------- d ----- w-C: \ Program Files \ Alwil Software
2009-06-11 20:27. 2009-06-11 20:27 18942 ---- ar-c: \ Documents and Settings \ Windows User \ Application Data \ Microsoft \ Installer \ (334A33C2-B9A5-4322-AB83-EBF42BFCC470) \ _2ce7ed6.exe
2009-06-11 20:27. 2009-06-11 20:27 18942 ---- ar-c: \ Documents and Settings \ Windows User \ Application Data \ Microsoft \ Installer \ (334A33C2-B9A5-4322-AB83-EBF42BFCC470) \ _2447235c.exe
2009-06-11 20:27. 2009-06-11 20:27 -------- d ----- w-c: \ program files \ Svježe RAM
2009-06-11 20:21. 2009-06-11 20:21 -------- d-sh - w-C: \ FOUND.019
2009-06-11 15:55. 2009-06-10 17:39 5465088 ---- AW-C: \ Svježe RAM.msi
2009-06-09 06:29. 2009-06-09 06:29 -------- d ----- w-c: \ Documents and Settings \ Korisnik Windows \ Application Data \ Blitware
2009-06-09 06:29. 2009-06-09 06:29 -------- d ----- w-c: \ program files \ Driver Robot
2009-06-09 02:24. 2009-06-09 02:24 -------- d ----- w-c: \ Documents and Settings \ All Users \ Application Data \ Drivers PC Headquarters
2009-06-09 02:23. 2009-06-09 02:23 -------- d ----- w-c: \ Documents and Settings \ Windows Korisnik \ Local Settings \ Application Data \ Downloaded Instalacije
2009-06-08 03:00. 2009-06-08 03:00 -------- d ----- w-c: \ Documents and Settings \ Korisnik Windows \ Application Data \ GetRightToGo
2009-06-07 23:38. 2008-04-14 00:12 7680 ---- AW-c: \ windows \ system32 \ spdwnwxp.exe
2009-06-06 14:46. 2009-06-06 14:46 -------- d ----- w-c: \ program files \ filehippo.com
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))) ))))))))))))))))))))))))))))))))))))))))))))
.
2009-07-03 06:49. 2007-06-16 18:55 302080 ---- AW-c: \ Documents and Settings \ Windows Korisnik \ Local Settings \ Application Data \ GDIPFONTCACHEV1.DAT
2009-06-30 03:32. 2009-05-21 02:29 3561743 ---- AW-c: \ Documents and Settings \ All Users \ Application Data \ Malwarebytes \ Malwarebytes' Anti-zaštita od zlonamjernih programa \ mbam-setup.exe
2009-06-27 06:16. 2007-06-13 04:18 76487 ---- AW-c: \ windows \ pchealth \ helpctr \ OfflineCache \ Index.dat
2009-06-17 15:27. 2009-05-21 02:17 38160 ---- AW-c: \ windows \ system32 \ drivers \ mbamswissarmy.sys
2009-06-17 15:27. 2009-05-21 02:17 19096 ---- AW-c: \ windows \ system32 \ drivers \ mbam.sys
2009-06-11 22:43. 2007-06-21 02:45 1744 ---- AW-c: \ windows \ system32 \ d3d9caps.dat
2009-06-05 03:59. 2009-06-05 03:59 -------- d ----- w-c: \ program files \ DrWeb
2009-05-28 23:14. 2009-05-28 23:14 -------- d ----- w-C: \ Program Files \ Java
2009-05-28 23:14. 2009-05-28 23:14 152576 ---- AW-c: \ Documents and Settings \ Windows User \ Application Data \ nedjelja \ Java \ jre1.6.0_13 \ lzma.dll
2009-05-27 15:21. 2009-05-27 15:21 372 ---- AW-c: \ program files \ ujhonz.txt
2009-05-21 15:33. 2009-05-28 23:15 410984 ---- AW-c: \ windows \ system32 \ deploytk.dll
2009-05-21 02:17. 2009-05-21 02:17 -------- d ----- w-C: \ Program Files \ Malwarebytes' Anti-zaštita od zlonamjernih programa
2009-05-17 00:04. 2009-05-17 00:04 -------- d ----- w-c: \ Documents and Settings \ Korisnik Windows \ Application Data \ WinPatrol
2009-05-17 00:03. 2009-05-17 00:03 -------- d ----- w-c: \ program files \ BillP Studios
2009-05-13 05:15. 2007-06-13 03:56 915456 ---- AW-c: \ windows \ system32 \ Wininet.dll
2009-05-07 15:44. 2009-06-25 01:53 344064 ---- AW-c: \ windows \ system32 \ Localspl.dll
2009-04-22 04:07. 2009-04-22 04:07 253688 ---- AW-c: \ windows \ system32 \ cssdll32.dll
2009-04-17 09:58. 2009-06-25 01:53 1846656 ---- AW-c: \ windows \ system32 \ Win32k.sys
2009-04-15 15:26. 2007-06-13 03:55 583168 ---- AW-c: \ windows \ system32 \ rpcrt4.dll
2007-06-11 03:19. 2007-06-07 04:37 11079 ---- AW-c: \ program files \ folder.htt
.
((((((((((((((((((((((((((((( SnapShot_2009-07-06_03.59.12 )))))))))))))) )))))))))))))))))))))))))))
.
+ 2009-07-06 04:08. 2009-07-06 04:08 16384 C: \ Windows \ Temp \ Perflib_Perfdata_468.dat
+ 2009-07-06 04:08. 2009-07-06 04:08 16384 C: \ Windows \ Temp \ Perflib_Perfdata_430.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))) ))))))))))))))))))))))))))))))))))))))))
.
.
* Note * empty entries & čitljiv default unose se ne prikazuju
REGEDIT4
[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entversion \ Explorer \ shelliconoverlayidentifiers \ Sl. owFile Icon Preklapanje]
@ = "(7D688A77-C613-11D0-999B-00C04FD655E1)"
[HKEY_CLASSES_ROOT \ CLSID \ (7D688A77-C613-11D0-999B-00C04FD655E1)]
2008-07-03 13:03 8460800 ---- AW-c: \ windows \ system32 \ shell32.dll
[HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ Curre ntVersion \ Run]
"Ctfmon.exe" = "c: \ windows \ system32 \ Ctfmon.exe" [2006-02-28 15360]
"Brzi AOL Start" = "C: \ Program Files \ America Online 9,0 \ AOL.EXE" [2005-07-12 50776]
"Jet snimka zaslona" = "C: \ Program Files \ Jet snimka zaslona \ jetScreenshot.exe" [2009-05-10 3804160]
[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Run]
"5200 Lexmark serije" = "C: \ Program Files \ Lexmark 5200 serija \ lxbtbmgr.exe" [2004-06-04 57344]
"LXBTCATS" = "C: \ Windows \ System32 \ spool \ drivers \ W32X 86 \ 3 \ LXBTtime.dll" [2004-03-17 65536]
"SunJavaUpdateSched" = "C: \ Program Files \ Java \ jre6 \ bin \ jusched.exe" [2009-05-21 148888]
"HostManager" = "C: \ Program Files \ Common Files \ AOL \ 1246084174 \ ee \ AOLSoftware.exe" [2007-04-12 42032]
"AOLDialer" = "C: \ Program Files \ Common Files \ AOL \ ACS \ AOLDial.exe" [2004-10-20 34904]
"Pure Networks Port Magic" = "c: \ programa ~ 1 \ PURENE ~ 1 \ PORTMA ~ 1 \ PortAOL.exe" [2004-04-05 99480]
"QuickTime Task" = "C: \ Program Files \ QuickTime \ qttask.exe" [2008-02-20 98304]
[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ windows]
"AppInit_DLLs" = C: \ Windows \ System32 \ cssdll32.dl l
[HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ contro l \ session manager]
BootExecute REG_MULTI_SZ autocheck autochk * \ 0autocheck smrgdf c: \ Documents and Settings \ Korisnik Windows \ Application Data \ iolo \
[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entversion \ Setup \ disabledrunkeys]
"Cmaudio" = rundll32 cmicnfg.cpl, CMICtrlWnd
"NvCplDaemon" = RUNDLL32.EXE NvQTwk, NvCplDaemon inicijalizirate
"nwiz" = nwiz.exe / install
"RegistrySmart" = "C: \ Program Files \ RegistrySmart \ RegistrySmart.exe"-boot
"<NO Name>" =
"LoadPowerProfile" = Rundll32.exe powrprof.dll, LoadCurrentPwrScheme
[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ sigurnosni centar]
"AntiVirusOverride" = dword: 00000001
[HKLM \ ~ \ Services \ sharedaccess \ Parameters \ firewallpo licy \ standardprofile \ AuthorizedApplications \ List]
"c: \ \ WINDOWS \ \ system32 \ \ sessmgr.exe" =
"c: \ \ Program Files \ \ IncrediMail \ \ bin \ \ ImApp.exe" =
"c: \ \ Program Files \ \ IncrediMail \ \ bin \ \ IncMail.exe" =
"c: \ \ Program Files \ \ IncrediMail \ \ bin \ \ ImpCnt.exe" =
"c: \ \ Program Files \ \ Magentic \ \ bin \ \ MgImp.exe" =
"c: \ \ Program Files \ \ Magentic \ \ bin \ \ Magentic.exe" =
"c: \ \ Program Files \ \ Magentic \ \ bin \ \ MgApp.exe" =
"c: \ \ Program Files \ \ Common Files \ \ AOL \ \ Loader \ \ aolload.exe" =
"c: \ \ Program Files \ \ Common Files \ \ AOL \ \ ACS \ \ AOLDial.exe" =
"c: \ \ Program Files \ \ Common Files \ \ AOL \ \ ACS \ \ AOLacsd.exe" =
"c: \ \ Program Files \ \ America Online 9,0 \ \ waol.exe" =
"c: \ \ Program Files \ \ Common Files \ \ AOL \ \ TopSpeed \ \ 2,0 \ \ aoltsmon.exe" =
"c: \ \ Program Files \ \ Common Files \ \ AOL \ \ TopSpeed \ \ 2,0 \ \ aoltpspd.exe" =
"c: \ \ Program Files \ \ Common Files \ \ AOL \ \ System Information \ \ sinf.exe" =
"c: \ \ Program Files \ \ Common Files \ \ AolCoach \ \ en_en \ \ player \ \ AOLNySEV.exe" =
"c: \ \ Program Files \ \ Malwarebytes' Anti-zaštita od zlonamjernih programa \ \ mbam.exe" =
"c: \ \ Program Files \ \ BillP Studios \ \ WinPatrol \ \ WinPatrol.exe" =
"c: \ \ WINDOWS \ \ Network Diagnostic \ \ xpnetdiag.exe" =
"% windir% \ \ system32 \ \ sessmgr.exe" =
"c: \ \ Program Files \ \ Common Files \ \ AOL \ \ 1246084174 \ \ EE \ \ AOLServiceHost.exe" =
R1 SASDIFSV; SASDIFSV; C: \ Program Files \ SUPERAntiSpyware \ sasdifsv.sys [10/10/2006 1:53 PM 5632]
R1 SASKUTIL; SASKUTIL; C: \ Program Files \ SUPERAntiSpyware \ SASKUTIL.SYS [2/27/2007 12:39 PM 32256]
R3 Winacusb; Winacusb; c: \ Windows \ System32 \ Drivers \ wina cusb.sys [3/25/2008 6:57 AM 902860]
S2 ioloFileInfoList; iolo FileInfoList Service; C: \ Program Files \ iolo \ zajedničko \ lib \ ioloServiceManager.exe -> C: \ Program Files \ iolo \ zajedničko \ lib \ ioloServiceManager.exe [?]
S2 ioloSystemService; iolo Sistem Service; C: \ Program Files \ iolo \ zajedničko \ lib \ ioloServiceManager.exe -> C: \ Program Files \ iolo \ zajedničko \ lib \ ioloServiceManager.exe [?]
S3 FarStoneFireWallDrive; FarStoneFireWallDrive; c: \ win dows \ System32 \ Drivers \ FarDrive.sys [4/2/2003 2:36 PM 140256]
S3 ousb2hub; OrangeWare USB 2.0 Hub Support; c: \ Windows \ System32 \ Drivers \ ousb2hub.sys [2/27/2008 7:17 AM 53248]
S3 PavSRK.sys; PavSRK.sys; \? \ C: \ windows \ system32 \ PavS RK.sys -> c: \ windows \ system32 \ PavSRK.sys [?]
S3 PavTPK.sys; PavTPK.sys; \? \ C: \ windows \ system32 \ PavT PK.sys -> c: \ windows \ system32 \ PavTPK.sys [?]
S3 SASENUM; SASENUM; C: \ Program Files \ SUPERAntiSpyware \ SASENUM.SYS [2/16/2006 5:51 PM 4096]
S3 SIVDRIVER; SIV Kernel Driver, c: \ Windows \ System32 \ Drivers \ SIVX32.sys [4/9/2008 9:47 AM 48480]
[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ aktivnih setup \ instalirane komponente \> (60B49E34-C7CC-11D0-8953-00A0C90347FF)]
"c: \ windows \ system32 \ rundll32.exe" C: \ Windows \ system32 \ iedkcs32.dll ", BrandIEActiveSe ovan Signup
[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ aktivnih setup \ instalirane komponente \ (9EF0045A-CDD9-438e-95E6-02B9AFEC8E11)]
c: \ windows \ system32 \ updcrl.exe-e-UC: \ Windows \ System \ verisignpub1.crl
.
Sadržaj je 'Scheduled Tasks' folder
2009/06/09 C: \ Windows \ Tasks \ Driver Robot.job
- C: \ Program Files \ Driver Robot \ 1.0.6.0 \ DriverRobot.exe [2009-06-09 13:02]
.
- - - - Orphans Odstranjena - - - --
BHO-201f27d4 (-3704-41d6-89c1-aa35e39143ed) - (no file)

.
------- Supplementary Scan -------
.
uSearchMigratedDefaultURL = hxxp: / / www.google.com/search?q = () searchTerms & sourceid = IE7 & rls = com.micros čest: en-US & ie = UTF8 & OE = UTF8
Page uStart = hxxp: / / www.aol.com/
Naslov mWindow = Internet Explorer koje epix
IE: & Dodaj animaciju na IncrediMail Style Box - C: \ Program Files \ IncrediMail \ bin \ resurse \ WebMenuImg.htm
IE: & AIM Pretraga
IE: AOL Toolbar & search - C: \ Program Files \ AOL Toolbar \ toolbar.dll / SEARCH.HTML
LSP: FarLsp.dll
Trusted Zone: 88sears.com \ www
Trusted Zone: aol.com \ www
Trusted Zone: comodo.com \ www
Trusted Zone: računalno juice.com \ www
Trusted Zone: giveawayoftheday.com \ www
Trusted Zone: newegg.com \ www
Trusted Zone: pchelpforum.com \ www
Trusted Zone: searscard.com \ www
Trusted Zone: statefarm.com \ www
Trusted Zone: winpatrol.com \ www
TCP: (68589BEF-2503-4090-B404-9FB7D2105BB4) = 205.188.146.145
DPF: DirectAnimation Java Classes
DPF: Internet Explorer Nastava za Javu
DPF: Microsoft XML parser za Javu
DPF: Win32 Klase
.
************************************************** ************************
catchme 0.3.1398 W2K/XP/Vista - rootkit / potaja detector by Gmer zlonamjernih programa, http://www.gmer.net
Rootkit scan 2009-07-06 00:08
5/1/2600 Windows Service Pack 2 FAT NTAPI
skeniranja skrivenih procesa ...
skeniranja skrivenih autostart entries ...
HKLM \ Software \ Microsoft \ Windows \ CurrentVersion \ Run
LXBTCATS = rundll32 C: \ Windows \ System32 \ spool \ drivers \ W32X86 \ 3 \ LXBTtim e.dll, _RunDLLEntry @ 16 ???????????????????????? ????? ?????????????????????????????????????????????????? ?????????????????????????????????????????????????? ??????????????????????????????????????????????????
skeniranja skrivenih datoteka ...
scan uspješno završena
skrivenih datoteka: 0
************************************************** ************************
.
--------------------- --------------------- Zaključana registarske ključeve
[HKEY_USERS \ $ $ $ \ Software \ Microsoft \ SystemCertificat ES \ AddressBook *]
@ Dozvoljen: (Read) (RestrictedCode)
@ Dozvoljen: (Read) (RestrictedCode)
.
--------------------- Loaded DLL datoteke koje Under Running Processes ---------------------
- - - - - - -> 'Lsass.exe "(428)
c: \ windows \ system32 \ FarLsp.dll
- - - - - - -> "Explorer.exe" (2420)
c: \ windows \ system32 \ Wininet.dll
C: \ Program Files \ Common Files \ AOL \ ACS \ WLHook.dll
C: \ Program Files \ AOL Deskbara \ deskbar.dll
C: \ Program Files \ Common Files \ AOL \ AOL Toolbar \ AOLHelper.dll
c: \ windows \ system32 \ ieframe.dll
c: \ windows \ system32 \ webcheck.dll
.
------------------------ Other Running Processes ----------------------- --
.
C: \ Program Files \ UOBIČAJENA Files \ AOL \ ACS \ AOLACSD.EXE
C: \ Program Files \ JAVA \ JRE6 \ Bin \ JQS.EXE
c: \ windows \ system32 \ SNMP.EXE
C: \ Program Files \ LEXMARK 5200 SERIES \ LXBTBMON.EXE
C: \ Program Files \ AMERICA ONLINE 9,0 \ WAOL.EXE
C: \ Program Files \ AMERICA ONLINE 9,0 \ SHELLMON.EXE
.
************************************************** ************************
.
Completion time: 2009-07-06 0:10 - stroj je ponovno podizanje sustava
ComboFix-u karanteni-files.txt 2009-07-06 04:10
ComboFix2.txt 2009-07-06 04:01
ComboFix3.txt 2009-06-06 14:20
ComboFix4.txt 2009-06-04 04:03
Pre-Run: 97549156352 bytes free
Post-Run: 97532772352 bytes free
320 --- EOF --- 2009-07-05 21:28

**evilfantasy** · #10 6. srpnja 2009, 09:43

Scan Sumnjičavu File (s)

Molimo otiđite na VirusTotal.com
(Ako više od jedne datoteke treba skenirati moraju biti gotovi i odvojeno za svaku logove posted jedan)

1. Kopiraj put datoteke u okvir ispod Code:

Code:

C: \ Documents and Settings \ Korisnik Windows \ Application Data \ Microsoft \ Installer \ (334A33C2-B9A5-4322-AB83-EBF42BFCC470) \ _2ce7ed6.exe

2. Na učitavanje stranice, kliknite unutar prozora odjednom uz Browse.
3. Press Ctrl + V na tipkovnici (oba u isto vrijeme) za lijepljenje put datoteke u prozoru.
4. Kliknite Next Send File
Vaša datoteka će možda biti unesen u red čekanja na koji normalno traje manje od minute za brisanje.
Time će se izvesti na više različitih scan virus skeniranje motora.
Važno: Pričekajte za sve od motora do skeniranje završi.
5. Copy, a zatim Zalijepi vezu za rezultate u narednih odgovorite