Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Please help!

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Please help!

Unread postby natasa78 » August 31st, 2012, 11:32 pm

Hi, I am posting DDS log from my computer (there are also log of ComboFix and Kasperski informations).

.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 6.0.2900.5512 BrowserJavaVersion: 1.6.0_22
Run by natasa at 5:21:36 on 2012-09-01
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2038.1252 [GMT 2:00]
.
AV: Kaspersky Anti-Virus *Enabled/Updated* {2C4D4BC6-0793-4956-A9F9-E252435469C0}
FW: Kaspersky Anti-Virus *Enabled*
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations MP4\avp.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\SweetIM\Messenger\SweetIM.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe
C:\Program Files\Microsoft ActiveSync\Wcescomm.exe
C:\Program Files\uTorrent\uTorrent.exe
C:\PROGRA~1\MICROS~3\rapimgr.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Program Files\Common Files\ArcSoft\esinter\Bin\eservutil.exe
C:\WINDOWS\system32\agrsmsvc.exe
C:\Program Files\Application Updater\ApplicationUpdater.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations MP4\avp.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Kaspersky Lab\NetworkAgent 8\klnagent.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Kaspersky Lab\NetworkAgent 8\klnagent.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\Common Files\Java\Java Update\jucheck.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/
mStart Page = hxxp://home.sweetim.com
uURLSearchHooks: SweetIM ToolbarURLSearchHook Class: {eee6c35d-6118-11dc-9c72-001320c79847} - c:\program files\sweetim\toolbars\internet explorer\mgHelper.dll
BHO: Complitly: {0fb6a909-6086-458f-bd92-1f8ee10042a0} - c:\documents and settings\natasa\application data\complitly\Complitly.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
BHO: SweetIM Toolbar Helper: {eee6c35c-6118-11dc-9c72-001320c79847} - c:\program files\sweetim\toolbars\internet explorer\mgToolbarIE.dll
TB: SweetIM Toolbar for Internet Explorer: {eee6c35b-6118-11dc-9c72-001320c79847} - c:\program files\sweetim\toolbars\internet explorer\mgToolbarIE.dll
uRun: [H/PC Connection Agent] "c:\program files\microsoft activesync\Wcescomm.exe"
uRun: [uTorrent] "c:\program files\utorrent\uTorrent.exe" /MINIMIZED
uRun: [Facebook Update] "c:\documents and settings\natasa\local settings\application data\facebook\update\FacebookUpdate.exe" /c /nocrashserver
mRun: [AVP] "c:\program files\kaspersky lab\kaspersky anti-virus 6.0 for windows workstations mp4\avp.exe"
mRun: [RTHDCPL] RTHDCPL.EXE
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [WinampAgent] "c:\program files\winamp\winampa.exe"
mRun: [SweetIM] c:\program files\sweetim\messenger\SweetIM.exe
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [SearchSettings] "c:\program files\common files\spigot\search settings\SearchSettings.exe"
StartupFolder: c:\docume~1\natasa\startm~1\programs\startup\openof~1.lnk - c:\program files\openoffice.org 3\program\quickstart.exe
IE: Add to Anti-Banner - c:\program files\kaspersky lab\kaspersky anti-virus 6.0 for windows workstations mp4\ie_banner_deny.htm
IE: E&xport to Microsoft Excel - c:\progra~1\micros~4\office12\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~1\micros~4\office14\ONBttnIE.dll/105
IE: Search the Web - c:\program files\sweetim\toolbars\internet explorer\resources\menuext.html
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - {85E0B171-04FA-11D1-B7DA-00A0C90348D6} - c:\program files\kaspersky lab\kaspersky anti-virus 6.0 for windows workstations mp4\scieplgn.dll
IE: {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\progra~1\micros~3\INetRepl.dll
IE: {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\progra~1\micros~3\INetRepl.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~4\office12\REFIEBAR.DLL
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://windowsupdate.microsoft.com/wind ... 4121164640
DPF: {73848533-39E1-49F1-9363-28054268C094} - hxxps://online.bancaintesabeograd.com/R ... FSINT9.dll
DPF: {76326493-E84F-4D4B-939C-1E07B50037F2} - hxxps://online.bancaintesabeograd.com/R ... CMSCCD.DLL
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://download.macromedia.com/pub/shoc ... wflash.cab
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{2ED45920-688B-44D3-A9AC-08708BDCC8A6} : DhcpNameServer = 192.168.1.1
Notify: igfxcui - igfxdev.dll
Notify: klogon - c:\windows\system32\klogon.dll
AppInit_DLLs: c:\progra~1\kasper~1\kasper~1.0fo\adialhk.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\natasa\application data\mozilla\firefox\profiles\lfcacn2t.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.winamp.com/search/search?query={searchTerms}&invocationType=tb50-ff-winamp-chromesbox-en-us&tb_uuid=20111009000104062&tb_oid=09-10-2011&tb_mrud=09-10-2011&query=
FF - prefs.js: browser.startup.homepage - www.google.com
FF - prefs.js: keyword.URL - hxxp://search.sweetim.com/search.asp?src=2&q=
FF - plugin: c:\documents and settings\natasa\local settings\application data\facebook\messenger\2.1.4623.0\npFbDesktopPlugin.dll
FF - plugin: c:\program files\adobe\reader 9.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npwachk.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_3_300_271.dll
.
---- FIREFOX POLICIES ----
FF - user.js: network.protocol-handler.warn-external.dnupdate - false
.
============= SERVICES / DRIVERS ===============
.
R1 kl1;Kl1;c:\windows\system32\drivers\kl1.sys [2009-11-12 126480]
R1 KLIF;Kaspersky Lab Driver;c:\windows\system32\drivers\klif.sys [2011-6-29 231512]
R2 ADExchange;ArcSoft Exchange Service;c:\program files\common files\arcsoft\esinter\bin\eservutil.exe [2011-10-26 37280]
R2 Application Updater;Application Updater;c:\program files\application updater\ApplicationUpdater.exe [2012-7-26 794560]
R2 AVP;Kaspersky Anti-Virus 6.0;c:\program files\kaspersky lab\kaspersky anti-virus 6.0 for windows workstations mp4\avp.exe [2010-3-12 311680]
R2 klnagent;Kaspersky Lab Network Agent;c:\program files\kaspersky lab\networkagent 8\klnagent.exe [2010-10-20 141688]
R3 KLFLTDEV;Kaspersky Lab KLFltDev;c:\windows\system32\drivers\klfltdev.sys [2009-9-3 24848]
R3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\windows\system32\drivers\klim5.sys [2009-9-14 32272]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\macromed\flash\FlashPlayerUpdateService.exe [2012-6-13 250056]
S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\mozilla maintenance service\maintenanceservice.exe [2012-4-26 114144]
.
=============== Created Last 30 ================
.
.
==================== Find3M ====================
.
2012-08-14 20:00:15 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-08-14 20:00:15 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-02-05 07:59:50 227073794 ----a-w- c:\program files\LibO_3.3.4_Win_x86_install_multi.exe
2012-02-05 07:48:25 8962975 ----a-w- c:\program files\LibO_3.3.4_Win_x86_helppack_sh.exe
2011-08-17 18:19:53 125460744 ----a-w- c:\program files\ZuneSetupPkg.exe
2011-07-04 20:48:41 872209 ----a-w- c:\program files\APmpg4v1-702.exe
2011-07-04 18:08:51 9032272 ----a-w- c:\program files\megamanager.exe
2011-07-04 17:32:43 21022914 ----a-w- c:\program files\vlc-1.1.10-win32.exe
.
============= FINISH: 5:22:13,26 ===============


.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 6/29/2011 11:06:26 AM
System Uptime: 9/1/2012 4:59:05 AM (1 hours ago)
.
Motherboard: Intel Corp. | | Base Board Product Name
Processor: Intel(R) Pentium(R) Dual CPU T2390 @ 1.86GHz | CPU | 1862/533mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 98 GiB total, 7.671 GiB free.
D: is FIXED (NTFS) - 135 GiB total, 133.088 GiB free.
E: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Description:
Device ID: ACPI\TOS1901\2&DABA3FF&0
Manufacturer:
Name:
PNP Device ID: ACPI\TOS1901\2&DABA3FF&0
Service:
.
==== System Restore Points ===================
.
RP196: 6/3/2012 2:22:31 PM - System Checkpoint
RP197: 6/4/2012 8:11:16 PM - System Checkpoint
RP198: 6/7/2012 12:04:46 AM - System Checkpoint
RP199: 6/8/2012 7:41:12 PM - System Checkpoint
RP200: 6/10/2012 2:23:53 PM - System Checkpoint
RP201: 6/11/2012 7:20:22 PM - System Checkpoint
RP202: 6/13/2012 10:13:39 PM - System Checkpoint
RP203: 6/14/2012 11:35:50 PM - System Checkpoint
RP204: 6/16/2012 2:03:13 AM - System Checkpoint
RP205: 6/17/2012 7:41:27 AM - System Checkpoint
RP206: 6/18/2012 6:51:07 PM - System Checkpoint
RP207: 6/19/2012 7:57:07 PM - System Checkpoint
RP208: 6/22/2012 12:56:16 AM - System Checkpoint
RP209: 6/23/2012 7:42:14 PM - System Checkpoint
RP210: 6/24/2012 10:31:26 PM - System Checkpoint
RP211: 6/25/2012 11:50:50 PM - System Checkpoint
RP212: 6/27/2012 1:47:27 AM - System Checkpoint
RP213: 6/28/2012 8:39:12 AM - System Checkpoint
RP214: 6/29/2012 6:03:21 PM - System Checkpoint
RP215: 6/30/2012 6:42:21 PM - System Checkpoint
RP216: 7/2/2012 7:17:33 PM - System Checkpoint
RP217: 7/4/2012 8:26:05 PM - System Checkpoint
RP218: 7/6/2012 9:30:27 PM - System Checkpoint
RP219: 7/8/2012 11:21:50 AM - System Checkpoint
RP220: 7/9/2012 11:45:19 PM - System Checkpoint
RP221: 7/11/2012 7:26:38 AM - System Checkpoint
RP222: 8/1/2012 9:22:56 PM - System Checkpoint
RP223: 8/2/2012 11:59:04 PM - System Checkpoint
RP224: 8/4/2012 11:59:25 AM - System Checkpoint
RP225: 8/5/2012 8:54:37 PM - System Checkpoint
RP226: 8/6/2012 9:14:01 PM - System Checkpoint
RP227: 8/7/2012 10:07:37 PM - System Checkpoint
RP228: 8/8/2012 10:10:10 PM - System Checkpoint
RP229: 8/10/2012 6:43:58 PM - System Checkpoint
RP230: 8/11/2012 8:59:08 PM - System Checkpoint
RP231: 8/13/2012 9:19:39 PM - System Checkpoint
RP232: 8/15/2012 10:21:02 PM - System Checkpoint
RP233: 8/18/2012 12:12:40 AM - System Checkpoint
RP234: 8/19/2012 12:39:42 PM - System Checkpoint
RP235: 8/20/2012 6:43:17 PM - System Checkpoint
RP236: 8/21/2012 11:13:38 PM - System Checkpoint
RP237: 8/23/2012 8:42:17 PM - System Checkpoint
RP238: 8/24/2012 11:06:54 PM - System Checkpoint
RP239: 8/26/2012 10:33:02 AM - System Checkpoint
RP240: 8/28/2012 5:50:52 PM - System Checkpoint
RP241: 8/29/2012 6:29:43 PM - System Checkpoint
RP242: 8/30/2012 9:29:34 PM - System Checkpoint
RP243: 9/1/2012 1:25:56 AM - System Checkpoint
.
==== Installed Programs ======================
.
µTorrent
2007 Microsoft Office system
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader 9.4.6
ArcSoft MediaConverter 7.5
AVI Joiner
Calculus
Canon Camera Access Library
Canon MovieEdit Task for ZoomBrowser EX
Canon Utilities CameraWindow DC 8
Canon Utilities CameraWindow Launcher
Canon Utilities Movie Uploader for YouTube
Canon Utilities MyCamera
Canon Utilities PhotoStitch
Canon Utilities ZoomBrowser EX
Canon ZoomBrowser EX Memory Card Utility
Facebook Messenger 2.1.4623.0
Intel(R) Graphics Media Accelerator Driver
IrfanView (remove only)
iSofter DVD Ripper Platinum 3.0.2007.228
IZArc 3.81
Java Auto Updater
Java(TM) 6 Update 22
K-Lite Codec Pack 7.2.0 (Full)
Kaspersky Anti-Virus 6.0 for Windows Workstations
Kaspersky Lab Network Agent
LibreOffice 3.3
Malwarebytes' Anti-Malware
Microsoft .NET Framework 2.0
Microsoft .NET Framework 3.0
Microsoft ActiveSync
Microsoft Application Error Reporting
Microsoft Choice Guard
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Outlook Connector
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Professional Hybrid 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Software Update for Web Folders (English) 12
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Movie Torrent
Mozilla Firefox 15.0 (x86 en-US)
Mozilla Maintenance Service
Mozilla Thunderbird (3.0)
Mp3 Knife 3.2
MSVCRT
MSXML 6.0 Parser (KB925673)
OpenOffice.org 3.3
PDFCreator
pdfforge Toolbar v6.2
Raptor 1.04b
REALTEK GbE & FE Ethernet PCI-E NIC Driver
Realtek High Definition Audio Driver
Segoe UI
Skype™ 5.3
SweetIM for Messenger 3.6
SweetIM Toolbar for Internet Explorer 4.2
TeamViewer 7
TOSHIBA Software Modem
Tucan Manager 0.3.10
Update for Windows XP (KB898461)
VLC media player 1.1.10
WebFldrs XP
Winamp
Winamp Detector Plug-in
Windows Communication Foundation
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Messenger
Windows Live Sign-in Assistant
Windows Live Upload Tool
Windows Media Format Runtime
Windows Presentation Foundation
Windows Workflow Foundation
XML Paper Specification Shared Components Pack 1.0
.
==== Event Viewer Messages From Past Week ========
.
8/26/2012 3:53:36 AM, error: Dhcp [1002] - The IP address lease 192.168.1.4 for the Network Card with network address 001F3C9FE6D1 has been denied by the DHCP server 192.168.1.1 (The DHCP Server sent a DHCPNACK message).
.
==== End Of File ===========================

Than ComboFix:

ComboFix 12-08-30.05 - natasa 31.08.12 1:07.1.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2038.1488 [GMT 2:00]
Running from: c:\documents and settings\natasa\Desktop\ComboFix.exe
AV: Kaspersky Anti-Virus *Disabled/Updated* {2C4D4BC6-0793-4956-A9F9-E252435469C0}
FW: Kaspersky Anti-Virus *Disabled* {2C4D4BC6-0793-4956-A9F9-E252435469C0}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\All Users\Start Menu\Programs\RelevantKnowledge
c:\documents and settings\All Users\Start Menu\Programs\RelevantKnowledge\About RelevantKnowledge.lnk
c:\documents and settings\All Users\Start Menu\Programs\RelevantKnowledge\Member of GRID - Goodware Repository Information Database.lnk
c:\documents and settings\All Users\Start Menu\Programs\RelevantKnowledge\Privacy Policy and User License Agreement.lnk
c:\documents and settings\All Users\Start Menu\Programs\RelevantKnowledge\Support.lnk
c:\documents and settings\All Users\Start Menu\Programs\RelevantKnowledge\Uninstall Instructions.lnk
c:\documents and settings\natasa\Desktop\Muzika\2001 - Najveci Hitovi\Desktop_.ini
c:\documents and settings\natasa\Desktop\Muzika\dzenan\Desktop_.ini
c:\documents and settings\natasa\Desktop\Muzika\marko bulat\Desktop_.ini
c:\documents and settings\natasa\Desktop\Muzika\mile kitic\Desktop_.ini
c:\documents and settings\natasa\Desktop\Muzika\narodna mix\Desktop_.ini
c:\documents and settings\natasa\Desktop\Muzika\zika kiki\Kucari\Desktop_.ini
c:\documents and settings\natasa\Desktop\Muzika\zika kiki\Kucari\haus paki\Desktop_.ini
c:\documents and settings\natasa\Desktop\Muzika\zika kiki\Kucari\Kucari od Marije\Desktop_.ini
c:\documents and settings\natasa\Desktop\Muzika\zika kiki\Kucari\PJER\Desktop_.ini
c:\documents and settings\natasa\Desktop\Muzika\zika kiki\Kucari\Probrana zika pocetak godine\Desktop_.ini
c:\documents and settings\natasa\Desktop\Muzika\zika kiki\Kucari\probrano nesto 2\David Guetta Live in Amsterdam\Desktop_.ini
c:\documents and settings\natasa\Desktop\Muzika\zika kiki\Kucari\probrano nesto 2\Desktop_.ini
c:\documents and settings\natasa\Desktop\Muzika\zika kiki\Kucari\probrano nesto\Desktop_.ini
c:\documents and settings\natasa\Desktop\Muzika\zika kiki\Kucari\strana\Desktop_.ini
c:\documents and settings\natasa\Desktop\Muzika\zika kiki\Kucari\Sveze,sveze ZIKA CMan\Desktop_.ini
c:\documents and settings\natasa\Desktop\Muzika\zika kiki\Kucari\Tore\Desktop_.ini
c:\documents and settings\natasa\Desktop\Muzika\zika kiki\Kucari\usb\Desktop_.ini
c:\documents and settings\natasa\Desktop\Muzika\zika kiki\narodnjaci\aca lukas\Desktop_.ini
c:\documents and settings\natasa\Desktop\Muzika\zika kiki\narodnjaci\aco pejovic\Desktop_.ini
c:\documents and settings\natasa\Desktop\Muzika\zika kiki\narodnjaci\adam\Desktop_.ini
c:\documents and settings\natasa\Desktop\Muzika\zika kiki\narodnjaci\ana nikolic\Desktop_.ini
c:\documents and settings\natasa\Desktop\Muzika\zika kiki\narodnjaci\baja\Desktop_.ini
c:\documents and settings\natasa\Desktop\Muzika\zika kiki\narodnjaci\boza nikolic\Desktop_.ini
c:\documents and settings\natasa\Desktop\Muzika\zika kiki\narodnjaci\branka sovrlic\Desktop_.ini
c:\documents and settings\natasa\Desktop\Muzika\zika kiki\narodnjaci\bulat\Desktop_.ini
c:\documents and settings\natasa\Desktop\Muzika\zika kiki\narodnjaci\cane\Desktop_.ini
c:\documents and settings\natasa\Desktop\Muzika\zika kiki\narodnjaci\Ceca Raznatovic\Desktop_.ini
c:\documents and settings\natasa\Desktop\Muzika\zika kiki\narodnjaci\ceca\CECA London MIX\Desktop_.ini
c:\documents and settings\natasa\Desktop\Muzika\zika kiki\narodnjaci\ceca\Desktop_.ini
c:\documents and settings\natasa\Desktop\Muzika\zika kiki\narodnjaci\dado polumenta\Desktop_.ini
c:\documents and settings\natasa\Desktop\Muzika\zika kiki\narodnjaci\DOMACA\Desktop_.ini
c:\documents and settings\natasa\Desktop\Muzika\zika kiki\narodnjaci\DOMACA\New Folder\Desktop_.ini
c:\documents and settings\natasa\Desktop\Muzika\zika kiki\narodnjaci\dragana mirkovic\Desktop_.ini
c:\documents and settings\natasa\Desktop\Muzika\zika kiki\narodnjaci\dzej\Desktop_.ini
c:\documents and settings\natasa\Desktop\Muzika\zika kiki\narodnjaci\dzenan\Desktop_.ini
c:\documents and settings\natasa\Desktop\Muzika\zika kiki\narodnjaci\jaca muzika\Desktop_.ini
c:\documents and settings\natasa\Desktop\Muzika\zika kiki\narodnjaci\jaca muzika\keva muzika\Desktop_.ini
c:\documents and settings\natasa\Desktop\Muzika\zika kiki\narodnjaci\jani.zlo i ti\Desktop_.ini
c:\documents and settings\natasa\Desktop\Muzika\zika kiki\narodnjaci\kafanski hitovi\Desktop_.ini
c:\documents and settings\natasa\Desktop\Muzika\zika kiki\narodnjaci\kafanski hitovi\kafanski hitovi\01 KAFANSKI HITOVI I\Desktop_.ini
c:\documents and settings\natasa\Desktop\Muzika\zika kiki\narodnjaci\kafanski hitovi\kafanski hitovi\02 KAFANSKI HITOVI II\Desktop_.ini
c:\documents and settings\natasa\Desktop\Muzika\zika kiki\narodnjaci\kafanski hitovi\kafanski hitovi\03 KAFANSKI HITOVI III\Desktop_.ini
c:\documents and settings\natasa\Desktop\Muzika\zika kiki\narodnjaci\kafanski hitovi\kafanski hitovi\Desktop_.ini
c:\documents and settings\natasa\Desktop\Muzika\zika kiki\narodnjaci\karma\Desktop_.ini
c:\documents and settings\natasa\Desktop\Muzika\zika kiki\narodnjaci\kemal\Desktop_.ini
c:\documents and settings\natasa\Desktop\Muzika\zika kiki\narodnjaci\koktel bend\Desktop_.ini
c:\documents and settings\natasa\Desktop\Muzika\zika kiki\narodnjaci\Lepa brena\Desktop_.ini
c:\documents and settings\natasa\Desktop\Muzika\zika kiki\narodnjaci\luis\Desktop_.ini
c:\documents and settings\natasa\Desktop\Muzika\zika kiki\narodnjaci\ljuba alicic\Desktop_.ini
c:\documents and settings\natasa\Desktop\Muzika\zika kiki\narodnjaci\maja marijana\Desktop_.ini
c:\documents and settings\natasa\Desktop\Muzika\zika kiki\narodnjaci\MARINKO ROKVIC\Desktop_.ini
c:\documents and settings\natasa\Desktop\Muzika\zika kiki\narodnjaci\marko bulat\Desktop_.ini
c:\documents and settings\natasa\Desktop\Muzika\zika kiki\narodnjaci\medeni mesec\Desktop_.ini
c:\documents and settings\natasa\Desktop\Muzika\zika kiki\narodnjaci\MEHO PUZIC\Desktop_.ini
c:\documents and settings\natasa\Desktop\Muzika\zika kiki\narodnjaci\MEHO PUZIC\merlin\Desktop_.ini
c:\documents and settings\natasa\Desktop\Muzika\zika kiki\narodnjaci\merlin\Desktop_.ini
c:\documents and settings\natasa\Desktop\Muzika\zika kiki\narodnjaci\mile kitic\Desktop_.ini
c:\documents and settings\natasa\Desktop\Muzika\zika kiki\narodnjaci\Models\Desktop_.ini
c:\documents and settings\natasa\Desktop\Muzika\zika kiki\narodnjaci\My Disc\Desktop_.ini
c:\documents and settings\natasa\Desktop\Muzika\zika kiki\narodnjaci\narodno-zlitza!\halid beslic\Desktop_.ini
c:\documents and settings\natasa\Desktop\Muzika\zika kiki\narodnjaci\narodno-zlitza!\narodna muzika\To\Desktop_.ini
c:\documents and settings\natasa\Desktop\update\Filmovi\36\Desktop_.ini
c:\documents and settings\natasa\Desktop\update\Filmovi\Blood diamond\Desktop_.ini
c:\documents and settings\natasa\Desktop\update\Filmovi\Blood diamond\My Disc (F)\Blood Diamond\Desktop_.ini
c:\documents and settings\natasa\Desktop\update\Filmovi\Blood diamond\My Disc (F)\Desktop_.ini
c:\documents and settings\natasa\Desktop\update\Filmovi\Body of lies\Desktop_.ini
c:\documents and settings\natasa\Desktop\update\Filmovi\Chaser\Desktop_.ini
c:\documents and settings\natasa\Desktop\update\Filmovi\City of men\Desktop_.ini
c:\documents and settings\natasa\Desktop\update\Filmovi\Constant Gardener\Desktop_.ini
c:\documents and settings\natasa\Desktop\update\Filmovi\Deception[2008]DvDrip-aXXo\Desktop_.ini
c:\documents and settings\natasa\Desktop\update\Filmovi\Gladiator\Desktop_.ini
c:\documents and settings\natasa\Desktop\update\Filmovi\Gran Torino\Desktop_.ini
c:\documents and settings\natasa\Desktop\update\Filmovi\Hannibal\Desktop_.ini
c:\documents and settings\natasa\Desktop\update\Filmovi\Hannibal\Hannibal (F)\Avi\Desktop_.ini
c:\documents and settings\natasa\Desktop\update\Filmovi\Hannibal\Hannibal (F)\Desktop_.ini
c:\documents and settings\natasa\Desktop\update\Filmovi\Hannibal\Hannibal (F)\Divx\Desktop_.ini
c:\documents and settings\natasa\Desktop\update\Filmovi\Hannibal\Hannibal (F)\misc\Desktop_.ini
c:\documents and settings\natasa\Desktop\update\Filmovi\Hannibal\Hannibal (F)\Wmp\Desktop_.ini
c:\documents and settings\natasa\Desktop\update\Filmovi\Miami vice\Desktop_.ini
c:\documents and settings\natasa\Desktop\update\Filmovi\Midnight exspres\Desktop_.ini
c:\documents and settings\natasa\Desktop\update\Filmovi\Monster\Desktop_.ini
c:\documents and settings\natasa\Desktop\update\Filmovi\Pianist\Desktop_.ini
c:\documents and settings\natasa\Desktop\update\Filmovi\Reader\AUDIO_TS\Desktop_.ini
c:\documents and settings\natasa\Desktop\update\Filmovi\Reader\Desktop_.ini
c:\documents and settings\natasa\Desktop\update\Filmovi\Reader\VIDEO_TS\Desktop_.ini
c:\documents and settings\natasa\Desktop\update\Filmovi\Red dragon\Desktop_.ini
c:\documents and settings\natasa\Desktop\update\Filmovi\Red dragon\NEW (F)\Desktop_.ini
c:\documents and settings\natasa\Desktop\update\Filmovi\Red dragon\NEW (F)\Install\Desktop_.ini
c:\documents and settings\natasa\Desktop\update\Filmovi\Red dragon\NEW (F)\Install\MicroDVD\Desktop_.ini
c:\documents and settings\natasa\Desktop\update\Filmovi\Red dragon\NEW (F)\Video\Desktop_.ini
c:\documents and settings\natasa\Desktop\update\Filmovi\seven pounds.[2008.Eng].DVDScr.DivX-LTT\Desktop_.ini
c:\documents and settings\natasa\Desktop\update\Filmovi\Slumdog millionaire\Desktop_.ini
c:\documents and settings\natasa\Desktop\update\Filmovi\The passion of the christ\Avi\Desktop_.ini
c:\documents and settings\natasa\Desktop\update\Filmovi\The passion of the christ\Desktop_.ini
c:\documents and settings\natasa\Desktop\update\Filmovi\The.Curious.Case.of.Benjamin.Button.DVDSCR.XviD-DEViSE\Desktop_.ini
c:\documents and settings\natasa\Desktop\update\New Folder\Muzika\zika kiki\Desktop_.ini
c:\documents and settings\natasa\Desktop\update\New Folder\Muzika\zika kiki\narodnjaci\Desktop_.ini
c:\documents and settings\natasa\Desktop\update\New Folder\Muzika\zika kiki\narodnjaci\narodno-zlitza!\Desktop_.ini
c:\documents and settings\natasa\Desktop\update\New Folder\Muzika\zika kiki\narodnjaci\narodno-zlitza!\narodna muzika\Desktop_.ini
c:\documents and settings\natasa\Desktop\update\New Folder\Muzika\zika kiki\narodnjaci\nedeljko bajic baja\Desktop_.ini
c:\documents and settings\natasa\Desktop\update\New Folder\Muzika\zika kiki\narodnjaci\nino\Desktop_.ini
c:\documents and settings\natasa\Desktop\update\New Folder\Muzika\zika kiki\narodnjaci\sako polumenta\Desktop_.ini
c:\documents and settings\natasa\Desktop\update\New Folder\Muzika\zika kiki\narodnjaci\sasa matic\Desktop_.ini
c:\documents and settings\natasa\Desktop\update\New Folder\Muzika\zika kiki\narodnjaci\sinan sakic\Desktop_.ini
c:\documents and settings\natasa\Desktop\update\New Folder\Muzika\zika kiki\narodnjaci\ULTRA meGA mix of hits\Desktop_.ini
c:\documents and settings\natasa\Desktop\update\New Folder\Muzika\zika kiki\narodnjaci\zeljko vasic\Desktop_.ini
c:\program files\Complitly
c:\program files\Complitly\chrome\ComplitlyChrome.crx
c:\program files\Complitly\FireFoxExtension.exe
c:\program files\Complitly\InstTracker.exe
c:\program files\Complitly\support@Complitly.com\chrome.manifest
c:\program files\Complitly\support@Complitly.com\chrome\content\appIcon.png
c:\program files\Complitly\support@Complitly.com\chrome\content\browserOverlay.xul
c:\program files\Complitly\support@Complitly.com\chrome\content\options.js
c:\program files\Complitly\support@Complitly.com\chrome\content\options.xul
c:\program files\Complitly\support@Complitly.com\chrome\content\utils.js
c:\program files\Complitly\support@Complitly.com\defaults\preferences\predictad.js
c:\program files\Complitly\support@Complitly.com\install.rdf
c:\program files\Complitly\unins000.dat
c:\program files\Complitly\unins000.exe
c:\program files\HDVid Web Player\HDVId091.dll
c:\program files\Realtek\Audio\InstallShield\Desktop_.ini
c:\program files\RelevantKnowledge
c:\program files\RelevantKnowledge\chrome.manifest
c:\program files\RelevantKnowledge\components\rlxg.dll
c:\program files\RelevantKnowledge\firefox\bootstrap.js
c:\program files\RelevantKnowledge\firefox\defaults\preferences\prefs.js
c:\program files\RelevantKnowledge\firefox\harness-options.json
c:\program files\RelevantKnowledge\firefox\install.rdf
c:\program files\RelevantKnowledge\firefox\locale\en-GB.json
c:\program files\RelevantKnowledge\firefox\locale\eo.json
c:\program files\RelevantKnowledge\firefox\locale\fr-FR.json
c:\program files\RelevantKnowledge\firefox\locales.json
c:\program files\RelevantKnowledge\firefox\resources\addon-kit\lib\page-mod.js
c:\program files\RelevantKnowledge\firefox\resources\addon-kit\lib\tabs.js
c:\program files\RelevantKnowledge\firefox\resources\addon-kit\lib\windows.js
c:\program files\RelevantKnowledge\firefox\resources\api-utils\data\content-proxy.js
c:\program files\RelevantKnowledge\firefox\resources\api-utils\data\test-content-symbiont.js
c:\program files\RelevantKnowledge\firefox\resources\api-utils\data\test-message-manager.js
c:\program files\RelevantKnowledge\firefox\resources\api-utils\data\test-trusted-document.html
c:\program files\RelevantKnowledge\firefox\resources\api-utils\lib\api-utils.js
c:\program files\RelevantKnowledge\firefox\resources\api-utils\lib\byte-streams.js
c:\program files\RelevantKnowledge\firefox\resources\api-utils\lib\channel.js
c:\program files\RelevantKnowledge\firefox\resources\api-utils\lib\collection.js
c:\program files\RelevantKnowledge\firefox\resources\api-utils\lib\content.js
c:\program files\RelevantKnowledge\firefox\resources\api-utils\lib\content\loader.js
c:\program files\RelevantKnowledge\firefox\resources\api-utils\lib\content\symbiont.js
c:\program files\RelevantKnowledge\firefox\resources\api-utils\lib\content\worker.js
c:\program files\RelevantKnowledge\firefox\resources\api-utils\lib\cortex.js
c:\program files\RelevantKnowledge\firefox\resources\api-utils\lib\cuddlefish.js
c:\program files\RelevantKnowledge\firefox\resources\api-utils\lib\dom\events.js
c:\program files\RelevantKnowledge\firefox\resources\api-utils\lib\environment.js
c:\program files\RelevantKnowledge\firefox\resources\api-utils\lib\errors.js
c:\program files\RelevantKnowledge\firefox\resources\api-utils\lib\events.js
c:\program files\RelevantKnowledge\firefox\resources\api-utils\lib\events\assembler.js
c:\program files\RelevantKnowledge\firefox\resources\api-utils\lib\file.js
c:\program files\RelevantKnowledge\firefox\resources\api-utils\lib\globals!.js
c:\program files\RelevantKnowledge\firefox\resources\api-utils\lib\hidden-frame.js
c:\program files\RelevantKnowledge\firefox\resources\api-utils\lib\light-traits.js
c:\program files\RelevantKnowledge\firefox\resources\api-utils\lib\list.js
c:\program files\RelevantKnowledge\firefox\resources\api-utils\lib\match-pattern.js
c:\program files\RelevantKnowledge\firefox\resources\api-utils\lib\memory.js
c:\program files\RelevantKnowledge\firefox\resources\api-utils\lib\message-manager.js
c:\program files\RelevantKnowledge\firefox\resources\api-utils\lib\namespace.js
c:\program files\RelevantKnowledge\firefox\resources\api-utils\lib\observer-service.js
c:\program files\RelevantKnowledge\firefox\resources\api-utils\lib\plain-text-console.js
c:\program files\RelevantKnowledge\firefox\resources\api-utils\lib\process.js
c:\program files\RelevantKnowledge\firefox\resources\api-utils\lib\runtime.js
c:\program files\RelevantKnowledge\firefox\resources\api-utils\lib\sandbox.js
c:\program files\RelevantKnowledge\firefox\resources\api-utils\lib\self!.js
c:\program files\RelevantKnowledge\firefox\resources\api-utils\lib\system.js
c:\program files\RelevantKnowledge\firefox\resources\api-utils\lib\tabs\events.js
c:\program files\RelevantKnowledge\firefox\resources\api-utils\lib\tabs\observer.js
c:\program files\RelevantKnowledge\firefox\resources\api-utils\lib\tabs\tab.js
c:\program files\RelevantKnowledge\firefox\resources\api-utils\lib\tabs\utils.js
c:\program files\RelevantKnowledge\firefox\resources\api-utils\lib\text-streams.js
c:\program files\RelevantKnowledge\firefox\resources\api-utils\lib\timer.js
c:\program files\RelevantKnowledge\firefox\resources\api-utils\lib\traceback.js
c:\program files\RelevantKnowledge\firefox\resources\api-utils\lib\traits.js
c:\program files\RelevantKnowledge\firefox\resources\api-utils\lib\traits\core.js
c:\program files\RelevantKnowledge\firefox\resources\api-utils\lib\unload.js
c:\program files\RelevantKnowledge\firefox\resources\api-utils\lib\url.js
c:\program files\RelevantKnowledge\firefox\resources\api-utils\lib\utils\data.js
c:\program files\RelevantKnowledge\firefox\resources\api-utils\lib\utils\function.js
c:\program files\RelevantKnowledge\firefox\resources\api-utils\lib\utils\object.js
c:\program files\RelevantKnowledge\firefox\resources\api-utils\lib\utils\registry.js
c:\program files\RelevantKnowledge\firefox\resources\api-utils\lib\utils\thumbnail.js
c:\program files\RelevantKnowledge\firefox\resources\api-utils\lib\window-utils.js
c:\program files\RelevantKnowledge\firefox\resources\api-utils\lib\windows\dom.js
c:\program files\RelevantKnowledge\firefox\resources\api-utils\lib\windows\loader.js
c:\program files\RelevantKnowledge\firefox\resources\api-utils\lib\windows\observer.js
c:\program files\RelevantKnowledge\firefox\resources\api-utils\lib\windows\tabs.js
c:\program files\RelevantKnowledge\firefox\resources\api-utils\lib\xpcom.js
c:\program files\RelevantKnowledge\firefox\resources\api-utils\lib\xul-app.js
c:\program files\RelevantKnowledge\firefox\resources\chrome.manifest
c:\program files\RelevantKnowledge\firefox\resources\dpjs\data\content.js
c:\program files\RelevantKnowledge\firefox\resources\dpjs\lib\dompilot.js
c:\program files\RelevantKnowledge\firefox\resources\dpjs\lib\dputil.js
c:\program files\RelevantKnowledge\firefox\resources\dpjs\lib\main.js
c:\program files\RelevantKnowledge\firefox\rlnx.dll
c:\program files\RelevantKnowledge\install.rdf
c:\program files\RelevantKnowledge\rlcm.crx
c:\program files\RelevantKnowledge\rlcm.txt
c:\program files\RelevantKnowledge\rlls.dl_
c:\program files\RelevantKnowledge\rlls.dll
c:\program files\RelevantKnowledge\rlls64.dll
c:\program files\RelevantKnowledge\rloci.bin
c:\program files\RelevantKnowledge\rlph.dll
c:\program files\RelevantKnowledge\rlservice.exe
c:\program files\RelevantKnowledge\rlvknlg.exe
c:\program files\RelevantKnowledge\rlvknlg64.exe
c:\program files\RelevantKnowledge\rlxf.dll
c:\program files\RelevantKnowledge\shfscp.dat
c:\windows\system32\DEBUG.log
d:\toshiba l300\BT-stack\Desktop_.ini
d:\toshiba l300\cmod-20080519190820\Desktop_.ini
d:\toshiba l300\csutil-20080519182648\All\Desktop_.ini
d:\toshiba l300\csutil-20080519182648\Desktop_.ini
d:\toshiba l300\csutil-20080519182648\Lang\CHIP\ARA\Desktop_.ini
d:\toshiba l300\csutil-20080519182648\Lang\CHIP\ARB\Desktop_.ini
d:\toshiba l300\csutil-20080519182648\Lang\CHIP\CHS\Desktop_.ini
d:\toshiba l300\csutil-20080519182648\Lang\CHIP\CHT\Desktop_.ini
d:\toshiba l300\csutil-20080519182648\Lang\CHIP\CSY\Desktop_.ini
d:\toshiba l300\csutil-20080519182648\Lang\CHIP\DAN\Desktop_.ini
d:\toshiba l300\csutil-20080519182648\Lang\CHIP\Desktop_.ini
d:\toshiba l300\csutil-20080519182648\Lang\CHIP\DEU\Desktop_.ini
d:\toshiba l300\csutil-20080519182648\Lang\CHIP\ELL\Desktop_.ini
d:\toshiba l300\csutil-20080519182648\Lang\CHIP\ENG\Desktop_.ini
d:\toshiba l300\csutil-20080519182648\Lang\CHIP\ENU\Desktop_.ini
d:\toshiba l300\csutil-20080519182648\Lang\CHIP\ESP\Desktop_.ini
d:\toshiba l300\csutil-20080519182648\Lang\CHIP\FIN\Desktop_.ini
d:\toshiba l300\csutil-20080519182648\Lang\CHIP\FRA\Desktop_.ini
d:\toshiba l300\csutil-20080519182648\Lang\CHIP\FRC\Desktop_.ini
d:\toshiba l300\csutil-20080519182648\Lang\CHIP\HEB\Desktop_.ini
d:\toshiba l300\csutil-20080519182648\Lang\CHIP\HUN\Desktop_.ini
d:\toshiba l300\csutil-20080519182648\Lang\CHIP\ITA\Desktop_.ini
d:\toshiba l300\csutil-20080519182648\Lang\CHIP\JPN\Desktop_.ini
d:\toshiba l300\csutil-20080519182648\Lang\CHIP\KOR\Desktop_.ini
d:\toshiba l300\csutil-20080519182648\Lang\CHIP\NLD\Desktop_.ini
d:\toshiba l300\csutil-20080519182648\Lang\CHIP\NOR\Desktop_.ini
d:\toshiba l300\csutil-20080519182648\Lang\CHIP\PLK\Desktop_.ini
d:\toshiba l300\csutil-20080519182648\Lang\CHIP\PTB\Desktop_.ini
d:\toshiba l300\csutil-20080519182648\Lang\CHIP\PTG\Desktop_.ini
d:\toshiba l300\csutil-20080519182648\Lang\CHIP\RUS\Desktop_.ini
d:\toshiba l300\csutil-20080519182648\Lang\CHIP\SVE\Desktop_.ini
d:\toshiba l300\csutil-20080519182648\Lang\CHIP\THA\Desktop_.ini
d:\toshiba l300\csutil-20080519182648\Lang\CHIP\TRK\Desktop_.ini
d:\toshiba l300\csutil-20080519182648\Lang\Desktop_.ini
d:\toshiba l300\csutil-20080519182648\Vista\Desktop_.ini
d:\toshiba l300\csutil-20080519182648\x64\Desktop_.ini
d:\toshiba l300\Desktop_.ini
d:\toshiba l300\mdm-20080519181029\Desktop_.ini
d:\toshiba l300\mdm-20080519185916\Desktop_.ini
d:\toshiba l300\mdm-20080519185916\VISTAXP2K\amd64\Desktop_.ini
d:\toshiba l300\mdm-20080519185916\VISTAXP2K\Desktop_.ini
d:\toshiba l300\mdm-20080519185916\VISTAXP2K\x86\Desktop_.ini
d:\toshiba l300\mdm-20080519191204\Desktop_.ini
d:\toshiba l300\sound-20080519190647\Config\Desktop_.ini
d:\toshiba l300\sound-20080519190647\Desktop_.ini
d:\toshiba l300\sound-20080519190647\HDMI\Desktop_.ini
d:\toshiba l300\sound-20080519190647\HDMI\Vista\Desktop_.ini
d:\toshiba l300\sound-20080519190647\HDMI\Vista64\Desktop_.ini
d:\toshiba l300\sound-20080519190647\HDMI\XP2K\Desktop_.ini
d:\toshiba l300\sound-20080519190647\HDMI\XP2K64\Desktop_.ini
d:\toshiba l300\sound-20080519190647\MSHDQFE\Desktop_.ini
d:\toshiba l300\sound-20080519190647\MSHDQFE\Win2K_XP\Desktop_.ini
d:\toshiba l300\sound-20080519190647\MSHDQFE\Win2K_XP\us\Desktop_.ini
d:\toshiba l300\sound-20080519190647\MSHDQFE\Win2K3\Desktop_.ini
d:\toshiba l300\sound-20080519190647\MSHDQFE\Win2K3\us\Desktop_.ini
d:\toshiba l300\sound-20080519190647\Vista\Desktop_.ini
d:\toshiba l300\sound-20080519190647\Vista64\Desktop_.ini
d:\toshiba l300\sound-20080519190647\WDM\Desktop_.ini
d:\toshiba l300\Sound Driver\Config\Desktop_.ini
d:\toshiba l300\Sound Driver\Desktop_.ini
d:\toshiba l300\Sound Driver\HDMI\Desktop_.ini
d:\toshiba l300\Sound Driver\HDMI\VISTA\Desktop_.ini
d:\toshiba l300\Sound Driver\HDMI\VISTA64\Desktop_.ini
d:\toshiba l300\Sound Driver\HDMI\XP2K\Desktop_.ini
d:\toshiba l300\Sound Driver\HDMI\XP2K64\Desktop_.ini
d:\toshiba l300\Sound Driver\MSHDQFE\Desktop_.ini
d:\toshiba l300\Sound Driver\MSHDQFE\Win2K_XP\Desktop_.ini
d:\toshiba l300\Sound Driver\MSHDQFE\Win2K_XP\us\Desktop_.ini
d:\toshiba l300\Sound Driver\MSHDQFE\Win2K3\Desktop_.ini
d:\toshiba l300\Sound Driver\MSHDQFE\Win2K3\us\Desktop_.ini
d:\toshiba l300\Sound Driver\Vista\Desktop_.ini
d:\toshiba l300\Sound Driver\Vista64\Desktop_.ini
d:\toshiba l300\Sound Driver\WDM\Desktop_.ini
.
.
((((((((((((((((((((((((( Files Created from 2012-07-28 to 2012-08-30 )))))))))))))))))))))))))))))))
.
.
2012-08-30 05:54 . 2012-08-30 05:54 73696 ----a-w- c:\program files\Mozilla Firefox\breakpadinjector.dll
2012-08-17 20:04 . 2012-08-17 20:06 -------- d-----w- c:\documents and settings\natasa\Local Settings\Application Data\Facebook
2012-08-01 18:51 . 2012-08-01 18:51 -------- d-----w- c:\documents and settings\natasa\Application Data\Search Settings
2012-08-01 18:50 . 2012-08-01 18:50 -------- d-----w- c:\program files\Application Updater
2012-08-01 18:50 . 2012-08-01 18:50 -------- d-----w- c:\program files\pdfforge Toolbar
2012-08-01 18:50 . 2012-08-01 18:50 -------- d-----w- c:\program files\Common Files\Spigot
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-08-14 20:00 . 2012-06-13 17:48 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-08-14 20:00 . 2011-06-29 20:10 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-02-05 07:59 . 2012-02-05 07:47 227073794 ----a-w- c:\program files\LibO_3.3.4_Win_x86_install_multi.exe
2012-02-05 07:48 . 2012-02-05 07:47 8962975 ----a-w- c:\program files\LibO_3.3.4_Win_x86_helppack_sh.exe
2011-08-17 18:19 . 2011-08-17 05:00 125460744 ----a-w- c:\program files\ZuneSetupPkg.exe
2011-07-04 20:48 . 2011-07-04 20:48 872209 ----a-w- c:\program files\APmpg4v1-702.exe
2011-07-04 18:08 . 2011-07-04 18:07 9032272 ----a-w- c:\program files\megamanager.exe
2011-07-04 17:32 . 2011-07-04 17:30 21022914 ----a-w- c:\program files\vlc-1.1.10-win32.exe
2012-08-30 05:54 . 2011-06-29 12:57 266720 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{EEE6C35D-6118-11DC-9C72-001320C79847}"= "c:\program files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll" [2011-08-24 130864]
.
[HKEY_CLASSES_ROOT\clsid\{eee6c35d-6118-11dc-9c72-001320c79847}]
[HKEY_CLASSES_ROOT\SweetIM_URLSearchHook.ToolbarURLSearchHook.1]
[HKEY_CLASSES_ROOT\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847}]
[HKEY_CLASSES_ROOT\SweetIM_URLSearchHook.ToolbarURLSearchHook]
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}]
2011-08-24 16:21 1299248 ----a-w- c:\program files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{EEE6C35B-6118-11DC-9C72-001320C79847}"= "c:\program files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll" [2011-08-24 1299248]
.
[HKEY_CLASSES_ROOT\clsid\{eee6c35b-6118-11dc-9c72-001320c79847}]
[HKEY_CLASSES_ROOT\SWEETIE.IEToolbar.1]
[HKEY_CLASSES_ROOT\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}]
[HKEY_CLASSES_ROOT\SWEETIE.IEToolbar]
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{EEE6C35B-6118-11DC-9C72-001320C79847}"= "c:\program files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll" [2011-08-24 1299248]
.
[HKEY_CLASSES_ROOT\clsid\{eee6c35b-6118-11dc-9c72-001320c79847}]
[HKEY_CLASSES_ROOT\SWEETIE.IEToolbar.1]
[HKEY_CLASSES_ROOT\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}]
[HKEY_CLASSES_ROOT\SWEETIE.IEToolbar]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"H/PC Connection Agent"="c:\program files\Microsoft ActiveSync\Wcescomm.exe" [2006-11-13 1289000]
"uTorrent"="c:\program files\uTorrent\uTorrent.exe" [2011-09-03 640888]
"Facebook Update"="c:\documents and settings\natasa\Local Settings\Application Data\Facebook\Update\FacebookUpdate.exe" [2012-08-17 138096]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AVP"="c:\program files\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations MP4\avp.exe" [2010-03-12 311680]
"RTHDCPL"="RTHDCPL.EXE" [2011-06-28 16859648]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-02-05 137752]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-02-05 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-02-05 162328]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-09-07 37296]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"WinampAgent"="c:\program files\Winamp\winampa.exe" [2011-07-11 74752]
"SweetIM"="c:\program files\SweetIM\Messenger\SweetIM.exe" [2011-08-01 114992]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
"SearchSettings"="c:\program files\Common Files\Spigot\Search Settings\SearchSettings.exe" [2012-07-26 1095560]
.
c:\documents and settings\natasa\Start Menu\Programs\Startup\
OpenOffice.org 3.3.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2010-12-13 1198592]
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\program files\Microsoft ActiveSync\rapimgr.exe"= c:\program files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
"c:\program files\Microsoft ActiveSync\wcescomm.exe"= c:\program files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
"c:\program files\Microsoft ActiveSync\WCESMgr.exe"= c:\program files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
"c:\\Program Files\\Movie Torrent\\Movie Torrent.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\TeamViewer\\Version7\\TeamViewer.exe"=
"c:\\Program Files\\TeamViewer\\Version7\\TeamViewer_Service.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"15000:UDP"= 15000:UDP:Kaspersky Administration Kit
"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
.
R2 ADExchange;ArcSoft Exchange Service;c:\program files\Common Files\ArcSoft\esinter\Bin\eservutil.exe [10/26/2011 4:32 AM 37280]
R2 Application Updater;Application Updater;c:\program files\Application Updater\ApplicationUpdater.exe [7/26/2012 7:40 PM 794560]
R2 klnagent;Kaspersky Lab Network Agent;c:\program files\Kaspersky Lab\NetworkAgent 8\klnagent.exe [10/20/2010 1:38 PM 141688]
R3 KLFLTDEV;Kaspersky Lab KLFltDev;c:\windows\system32\drivers\klfltdev.sys [9/3/2009 3:24 PM 24848]
R3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\windows\system32\drivers\klim5.sys [9/14/2009 1:42 PM 32272]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [6/13/2012 7:48 PM 250056]
S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [4/26/2012 8:42 AM 114144]
.
Contents of the 'Scheduled Tasks' folder
.
2012-08-30 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-13 20:00]
.
2012-08-30 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1644491937-113007714-1417001333-1003Core.job
- c:\documents and settings\natasa\Local Settings\Application Data\Facebook\Update\FacebookUpdate.exe [2012-08-17 20:04]
.
2012-08-30 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1644491937-113007714-1417001333-1003UA.job
- c:\documents and settings\natasa\Local Settings\Application Data\Facebook\Update\FacebookUpdate.exe [2012-08-17 20:04]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/
mStart Page = hxxp://home.sweetim.com
IE: Add to Anti-Banner - c:\program files\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations MP4\ie_banner_deny.htm
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~4\Office12\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~1\MICROS~4\Office14\ONBttnIE.dll/105
IE: Search the Web - c:\program files\SweetIM\Toolbars\Internet Explorer\resources\menuext.html
TCP: DhcpNameServer = 192.168.1.1
DPF: {73848533-39E1-49F1-9363-28054268C094} - hxxps://online.bancaintesabeograd.com/R ... FSINT9.dll
DPF: {76326493-E84F-4D4B-939C-1E07B50037F2} - hxxps://online.bancaintesabeograd.com/R ... CMSCCD.DLL
FF - ProfilePath - c:\documents and settings\natasa\Application Data\Mozilla\Firefox\Profiles\lfcacn2t.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.winamp.com/search/search?query={searchTerms}&invocationType=tb50-ff-winamp-chromesbox-en-us&tb_uuid=20111009000104062&tb_oid=09-10-2011&tb_mrud=09-10-2011&query=
FF - prefs.js: browser.startup.homepage - http://www.google.com
FF - prefs.js: keyword.URL - hxxp://search.sweetim.com/search.asp?src=2&q=
FF - user.js: network.protocol-handler.warn-external.dnupdate - false
.
- - - - ORPHANS REMOVED - - - -
.
AddRemove-{4FFBB818-B13C-11E0-931D-B2664824019B}_is1 - c:\program files\Complitly\unins000.exe
AddRemove-{d08d9f98-1c78-4704-87e6-368b0023d831} - c:\program files\RelevantKnowledge\rlvknlg.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-08-31 01:22
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'explorer.exe'(1096)
c:\program files\SweetIM\Messenger\mgAdaptersProxy.dll
c:\program files\Common Files\Spigot\Search Settings\wth.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\agrsmsvc.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\windows\system32\wdfmgr.exe
c:\program files\Canon\CAL\CALMAIN.exe
c:\windows\system32\wscntfy.exe
c:\windows\RTHDCPL.EXE
c:\windows\system32\igfxsrvc.exe
c:\progra~1\MICROS~3\rapimgr.exe
c:\program files\OpenOffice.org 3\program\soffice.exe
c:\program files\OpenOffice.org 3\program\soffice.bin
.
**************************************************************************
.
Completion time: 2012-08-31 01:26:40 - machine was rebooted
ComboFix-quarantined-files.txt 2012-08-30 23:26
.
Pre-Run: 7.801.393.152 bytes free
Post-Run: 8.043.601.920 bytes free
.
WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
.
- - End Of File - - 0CF84A0A83AB5B96E06058818B1AA20A

THANK YOU!
natasa78
Active Member
 
Posts: 3
Joined: August 30th, 2012, 7:35 pm
Advertisement
Register to Remove

Re: Please help!

Unread postby Cypher » September 2nd, 2012, 1:04 pm

No Description of Problems or Symptoms

By posting just the logs without any supporting symptoms or explanations it is likely that your log will be passed by and you will not receive the help you're requesting.

May I draw your attention to THIS topic, which you should have read, that states what we need you to post, so we can help you.
Specifically, this section will tell you what information we require before we can help you and why we need it.

If you still need help, please start a new thread an include your full DDS logs:
  • DDS.txt.
  • Attach.txt.
  • A description of the problems or symptoms you're experiencing.


This topic will now be closed.
User avatar
Cypher
Admin/Teacher
Admin/Teacher
 
Posts: 14959
Joined: October 29th, 2008, 12:49 pm
Location: Land Of The Leprechauns


Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 32 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware