offline
- Pridružio: 14 Jan 2008
- Poruke: 203
- Gde živiš: Nish
|
ComboFix 09-01-21.04 - Pejic 2009-01-27 20:51:42.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.2047.1762 [GMT 1:00]
Running from: c:\documents and settings\Pejic\Desktop\ComboFix.exe
AV: Kaspersky Internet Security *On-access scanning disabled* (Outdated)
FW: Kaspersky Internet Security *disabled*
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\autorun.inf
c:\docume~1\Pejic\LOCALS~1\Temp\tmp1.tmp
c:\docume~1\Pejic\LOCALS~1\Temp\tmp2.tmp
c:\program files\newdotnet
c:\program files\newdotnet\nncore.dll
c:\program files\newdotnet\nnrun.exe
c:\program files\newdotnet\readme.html
c:\program files\newdotnet\uninstall.exe
C:\resycled
c:\resycled\ntldr.com
c:\windows\IE4 Error Log.txt
c:\windows\NDNuninstall6_38.exe
c:\windows\system32\drivers\gaopdxpxexmftp.sys
c:\windows\system32\drivers\gaopdxuxnssovm.sys
c:\windows\system32\drivers\gaopdxvpxmftje.sys
c:\windows\system32\gaopdxtalqevdp.dll
D:\Autorun.inf
D:\resycled
d:\resycled\ntldr.com
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Service_gaopdxserv.sys
-------\Legacy_NNSERV
-------\Service_NNServ
((((((((((((((((((((((((( Files Created from 2008-12-27 to 2009-01-27 )))))))))))))))))))))))))))))))
.
2009-01-26 13:29 . 2009-01-26 13:29 <DIR> d-------- c:\documents and settings\Pejic\Application Data\Thinstall
2009-01-25 16:00 . 2009-01-25 16:03 <DIR> d-------- c:\program files\vanBasco's Karaoke Player
2009-01-25 15:12 . 2009-01-25 20:41 <DIR> d-------- c:\program files\SpeedBit Video Accelerator
2009-01-25 15:12 . 2009-01-25 15:12 <DIR> d-------- c:\program files\AskSBar
2009-01-25 15:09 . 2009-01-25 20:18 <DIR> d-------- c:\documents and settings\All Users\Application Data\SpeedBit
2009-01-21 22:29 . 2009-01-21 22:29 <DIR> d-------- c:\program files\uTorrent
2009-01-21 22:29 . 2009-01-21 22:48 <DIR> d-------- c:\documents and settings\Pejic\Application Data\uTorrent
2009-01-21 14:03 . 2009-01-21 14:39 <DIR> d-------- c:\documents and settings\Pejic\Application Data\Winamp
2009-01-20 20:52 . 2009-01-20 20:52 <DIR> d-------- C:\Downloads
2009-01-20 20:51 . 2009-01-20 20:51 8,464 --a------ c:\windows\system32\sporder.dll
2009-01-20 17:34 . 2009-01-20 17:34 <DIR> d-------- c:\program files\Common Files\NSV
2009-01-20 17:20 . 2009-01-20 17:20 <DIR> d--h----- c:\windows\system32\GroupPolicy
2009-01-20 13:46 . 2009-01-20 13:46 <DIR> d-------- c:\documents and settings\All Users\Application Data\nView_Profiles
2009-01-20 13:40 . 2008-12-26 00:08 453,152 --a------ c:\windows\system32\nvudisp.exe
2009-01-20 13:40 . 2008-12-26 00:08 206,755 --a------ c:\windows\system32\nvapps.nvb
2009-01-20 13:40 . 2008-12-26 00:08 18,725 --a------ c:\windows\system32\nvdisp.nvu
2009-01-20 13:39 . 2008-12-23 21:58 453,152 --a------ c:\windows\system32\NVUNINST.EXE
2009-01-19 18:49 . 2009-01-19 18:49 <DIR> d-------- c:\documents and settings\Pejic\Application Data\GameTracker
2009-01-19 15:00 . 2009-01-19 15:00 <DIR> d--hs---- C:\found.000
2009-01-19 14:25 . 2008-11-06 17:37 120,056 --------- c:\windows\system32\pxcpyi64.exe
2009-01-19 14:25 . 2008-11-06 17:37 118,520 --------- c:\windows\system32\pxinsi64.exe
2009-01-18 20:12 . 2009-01-18 20:12 <DIR> d-------- c:\program files\FlexiMusic Wave Editor
2009-01-18 20:12 . 2004-03-09 00:00 609,824 --a------ c:\windows\system32\COMCTL32.OCX
2009-01-18 20:12 . 2004-03-09 00:00 152,848 --a------ c:\windows\system32\COMDLG32.OCX
2009-01-18 20:12 . 1999-08-09 16:51 40,208 --a------ c:\windows\system32\DSETUP.DLL
2009-01-18 19:09 . 2009-01-18 19:46 96,976 --a------ c:\windows\system32\drivers\klin.dat
2009-01-18 19:09 . 2009-01-18 19:46 87,855 --a------ c:\windows\system32\drivers\klick.dat
2009-01-18 19:08 . 2009-01-27 20:57 <DIR> d-------- c:\documents and settings\All Users\Application Data\Kaspersky Lab
2009-01-18 19:08 . 2009-01-27 20:55 1,021,472 --ahs---- c:\windows\system32\drivers\fidbox.dat
2009-01-18 19:08 . 2009-01-27 20:55 270,368 --ahs---- c:\windows\system32\drivers\fidbox2.dat
2009-01-18 19:08 . 2009-01-27 20:55 10,108 --ahs---- c:\windows\system32\drivers\fidbox.idx
2009-01-18 19:08 . 2009-01-27 20:55 3,052 --ahs---- c:\windows\system32\drivers\fidbox2.idx
2009-01-18 16:58 . 2009-01-25 20:13 <DIR> d-a------ c:\documents and settings\All Users\Application Data\TEMP
2009-01-18 16:58 . 2009-01-18 16:58 <DIR> d-------- c:\documents and settings\All Users\Application Data\Fugazo
2009-01-18 16:48 . 2009-01-18 16:48 <DIR> d-------- c:\program files\bfgclient
2009-01-18 16:45 . 2009-01-18 21:30 <DIR> d-------- c:\documents and settings\All Users\Application Data\BigFishGamesCache
2009-01-18 15:02 . 2009-01-18 15:02 <DIR> d-------- c:\program files\Microsoft Silverlight
2009-01-18 14:30 . 2009-01-20 13:37 <DIR> d-------- c:\documents and settings\Pejic\Application Data\Sports Interactive
2009-01-18 14:30 . 2009-01-20 13:35 <DIR> d-------- c:\documents and settings\All Users\Application Data\Sports Interactive
2009-01-18 14:20 . 2008-06-13 14:10 272,128 --------- c:\windows\system32\drivers\bthport.sys
2009-01-18 14:20 . 2008-06-13 14:10 272,128 -----c--- c:\windows\system32\dllcache\bthport.sys
2009-01-18 14:15 . 2008-08-14 11:00 2,180,352 -----c--- c:\windows\system32\dllcache\ntoskrnl.exe
2009-01-18 14:15 . 2008-08-14 10:58 2,136,064 -----c--- c:\windows\system32\dllcache\ntkrnlmp.exe
2009-01-18 14:15 . 2008-08-14 10:22 2,057,728 -----c--- c:\windows\system32\dllcache\ntkrnlpa.exe
2009-01-18 14:15 . 2008-08-14 10:22 2,015,744 -----c--- c:\windows\system32\dllcache\ntkrpamp.exe
2009-01-18 14:10 . 2008-10-24 12:10 453,632 -----c--- c:\windows\system32\dllcache\mrxsmb.sys
2009-01-17 16:21 . 2009-01-18 20:26 <DIR> d--h----- c:\windows\$hf_mig$
2009-01-17 16:21 . 2005-02-25 04:35 22,752 --a------ c:\windows\system32\spupdsvc.exe
2009-01-17 16:09 . 2009-01-17 16:09 16 --a------ c:\windows\system\cmicnfg.ini
2009-01-17 15:54 . 2009-01-17 15:54 <DIR> d-------- c:\program files\SAGEM
2009-01-17 15:53 . 2009-01-17 15:53 <DIR> d-------- c:\documents and settings\Pejic\Application Data\InstallShield
2009-01-17 15:48 . 2004-08-03 23:08 26,496 --a--c--- c:\windows\system32\dllcache\usbstor.sys
2009-01-17 15:38 . 2009-01-17 15:38 <DIR> d-------- c:\documents and settings\All Users\Application Data\Yahoo! Companion
2009-01-17 12:55 . 2004-08-04 00:56 21,504 --a------ c:\windows\system32\hidserv.dll
2009-01-17 12:55 . 2004-08-04 00:56 21,504 --a--c--- c:\windows\system32\dllcache\hidserv.dll
2009-01-17 12:55 . 2001-08-17 13:48 12,160 --a------ c:\windows\system32\drivers\mouhid.sys
2009-01-17 12:55 . 2001-08-17 13:48 12,160 --a--c--- c:\windows\system32\dllcache\mouhid.sys
2009-01-17 12:54 . 2004-08-03 23:08 31,616 --a------ c:\windows\system32\drivers\usbccgp.sys
2009-01-17 12:54 . 2004-08-03 23:08 31,616 --a--c--- c:\windows\system32\dllcache\usbccgp.sys
2009-01-17 12:54 . 2004-08-03 22:58 14,848 --a------ c:\windows\system32\drivers\kbdhid.sys
2009-01-17 12:54 . 2004-08-03 22:58 14,848 --a--c--- c:\windows\system32\dllcache\kbdhid.sys
2009-01-17 12:54 . 2001-08-17 14:02 9,600 --a------ c:\windows\system32\drivers\hidusb.sys
2009-01-17 12:54 . 2001-08-17 14:02 9,600 --a--c--- c:\windows\system32\dllcache\hidusb.sys
2009-01-17 11:16 . 2009-01-20 13:46 <DIR> d-------- c:\windows\nview
2009-01-17 11:15 . 2005-12-21 18:21 134,272 --a------ c:\windows\system32\drivers\b57xp32.sys
2009-01-17 11:15 . 2005-12-21 18:21 134,272 --a--c--- c:\windows\system32\dllcache\b57xp32.sys
2009-01-17 11:11 . 2003-05-23 09:44 1,171,648 -ra------ c:\windows\system32\drivers\AGRSM.sys
2009-01-17 11:11 . 2003-05-23 09:43 88,363 -ra------ c:\windows\AGRSMMSG.exe
2009-01-17 11:11 . 2003-03-25 16:27 59,392 -ra------ c:\windows\agrsmdel.exe
2009-01-17 11:11 . 2001-08-17 13:57 16,128 --a------ c:\windows\system32\drivers\MODEMCSA.sys
2009-01-17 11:11 . 2001-08-17 13:57 16,128 --a--c--- c:\windows\system32\dllcache\modemcsa.sys
2009-01-17 10:54 . 2009-01-17 16:09 181 --a------ c:\windows\system\Cmicnfg3.ini
2009-01-17 10:52 . 2009-01-17 10:52 <DIR> d-------- c:\program files\C-Media PCI Audio
2009-01-17 10:52 . 2004-11-02 03:35 2,592,768 --a------ c:\windows\system\CMICNFG3.CPL
2009-01-17 10:52 . 2002-04-29 08:04 917,504 --a------ c:\windows\system\CMDS3D3.DLL
2009-01-17 10:52 . 2004-09-24 09:07 801,280 --a------ c:\windows\system32\drivers\cmuda3.sys
2009-01-17 10:52 . 2001-11-23 11:08 712,704 --a--c--- c:\windows\system32\dllcache\a3d.dll
2009-01-17 10:52 . 2001-11-23 05:08 712,704 --a------ c:\windows\system32\AUDIO3D3.DLL
2009-01-17 10:52 . 2001-11-23 11:08 712,704 --a------ c:\windows\system32\a3d.dll
2009-01-17 10:52 . 2004-06-28 07:13 233,472 --a------ c:\windows\system32\CMRMDRV3.exe
2009-01-17 10:52 . 2004-10-29 09:40 36,864 --a------ c:\windows\system32\CMUDA3.DLL
2009-01-17 10:52 . 2003-04-09 12:10 32,768 --a------ c:\windows\system32\UDAPROP3.DLL
2009-01-17 10:52 . 2003-02-18 11:26 28,672 --a------ c:\windows\system32\CMRMDRV3.DLL
2009-01-17 10:52 . 2004-05-13 07:25 28,672 --a------ c:\windows\CmiPCIUninstall.exe
2009-01-17 10:50 . 2009-01-18 15:39 <DIR> d--h----- c:\program files\InstallShield Installation Information
2009-01-17 10:49 . 2006-10-17 19:22 9,216 -ra------ c:\windows\system32\drivers\videX32.sys
2009-01-17 10:42 . 2009-01-17 10:42 <DIR> d-------- c:\program files\VIA
2009-01-17 10:42 . 2009-01-17 10:52 <DIR> d-------- c:\program files\Common Files\InstallShield
2009-01-17 10:42 . 2005-04-14 06:54 331,184 --------- c:\windows\system32\difxapi.dll
2009-01-15 21:09 . 2001-08-17 14:59 3,072 --a------ c:\windows\system32\drivers\audstub.sys
2009-01-15 21:08 . 2004-08-03 23:59 57,472 --a------ c:\windows\system32\drivers\redbook.sys
2009-01-15 21:07 . 2004-08-04 01:56 74,240 --a------ c:\windows\system32\usbui.dll
2009-01-15 21:07 . 2004-08-04 00:07 44,672 --a------ c:\windows\system32\drivers\UAGP35.SYS
2009-01-15 21:07 . 2001-08-17 14:46 6,400 --a------ c:\windows\system32\drivers\enum1394.sys
2009-01-15 21:05 . 2009-01-18 19:18 <DIR> dr------- c:\documents and settings\All Users\Documents
2009-01-15 21:05 . 2001-08-23 10:00 176,157 --a--c--- c:\windows\system32\dllcache\dgrpsetu.dll
2009-01-15 21:04 . 2004-08-03 23:58 2,012,670 --a--c--- c:\windows\system32\dllcache\NT5.CAT
2009-01-15 21:03 . 2009-01-23 15:15 <DIR> d-------- c:\windows\system32\CatRoot2
2009-01-15 21:03 . 2009-01-22 15:18 <DIR> d-------- c:\windows\system32\CatRoot
2009-01-15 21:03 . 2009-01-15 21:03 <DIR> d-------- c:\program files\Microsoft.NET
2009-01-15 21:03 . 2009-01-15 20:17 <DIR> d--h----- c:\documents and settings\Default User
2009-01-15 21:03 . 2009-01-20 19:11 <DIR> d-------- c:\documents and settings\All Users
2009-01-15 21:03 . 2009-01-15 20:22 <DIR> d-------- C:\Documents and Settings
2009-01-15 21:03 . 2009-01-17 16:09 1,095,245 --a------ c:\windows\setupapi.log.0.old
2009-01-15 21:03 . 2004-08-04 00:03 1,042,903 -ra------ c:\windows\SET3.tmp
2009-01-15 21:02 . 2009-01-15 21:02 <DIR> d-------- c:\program files\Microsoft ActiveSync
2009-01-15 21:02 . 2009-01-15 20:20 261 --a------ c:\windows\system32\$winnt$.inf
2009-01-15 21:00 . 2009-01-15 21:02 <DIR> d-------- c:\windows\SHELLNEW
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-01-17 14:54 32 ----a-w c:\windows\system32\drivers\adidsl.cfg
2009-01-15 19:56 --------- d-----w c:\program files\Mv2Player
2009-01-15 19:56 --------- d-----w c:\program files\MarBit
2009-01-15 19:55 --------- d-----w c:\program files\K-Lite Codec Pack
2009-01-15 19:52 --------- d-----w c:\program files\Common Files\Adobe
2009-01-15 19:43 --------- d-----w c:\program files\Yahoo!
2009-01-15 19:43 --------- d-----w c:\documents and settings\Pejic\Application Data\ACD Systems
2009-01-15 19:42 10,368 ----a-w c:\windows\system32\drivers\pfc.sys
2009-01-15 19:42 --------- d-----w c:\program files\Common Files\ACD Systems
2009-01-15 19:42 --------- d-----w c:\program files\ACD Systems
2009-01-15 19:42 --------- d-----w c:\documents and settings\All Users\Application Data\ACD Systems
2009-01-15 19:18 --------- d-----w c:\program files\microsoft frontpage
2008-12-11 11:57 333,184 ----a-w c:\windows\system32\drivers\srv.sys
2008-12-11 00:33 86,016 ----a-w c:\windows\system32\dpl100.dll
2008-12-11 00:33 200,704 ----a-w c:\windows\system32\dtu100.dll
2008-12-09 02:28 593,920 ----a-w c:\windows\system32\dpuGUI11.dll
2008-12-09 02:28 57,344 ----a-w c:\windows\system32\dpv11.dll
2008-12-09 02:28 344,064 ----a-w c:\windows\system32\dpus11.dll
2008-12-09 02:28 294,912 ----a-w c:\windows\system32\dpu11.dll
2008-11-06 16:37 524,288 ----a-w c:\windows\system32\DivXsm.exe
2008-11-06 16:37 3,596,288 ----a-w c:\windows\system32\qt-dx331.dll
2008-11-06 16:37 129,784 ------w c:\windows\system32\pxafs.dll
2008-11-06 16:35 200,704 ----a-w c:\windows\system32\ssldivx.dll
2008-11-06 16:35 1,044,480 ----a-w c:\windows\system32\libdivx.dll
2008-11-06 16:33 823,296 ----a-w c:\windows\system32\divx_xx0c.dll
2008-11-06 16:33 823,296 ----a-w c:\windows\system32\divx_xx07.dll
2008-11-06 16:33 815,104 ----a-w c:\windows\system32\divx_xx0a.dll
2008-11-06 16:33 802,816 ----a-w c:\windows\system32\divx_xx11.dll
2008-11-06 16:33 684,032 ----a-w c:\windows\system32\DivX.dll
2008-11-06 16:33 12,288 ----a-w c:\windows\system32\DivXWMPExtType.dll
2007-05-15 19:34 66,672 ----a-w c:\program files\mozilla firefox\components\jar50.dll
2007-05-15 19:34 54,376 ----a-w c:\program files\mozilla firefox\components\jsd3250.dll
2007-05-15 19:34 34,952 ----a-w c:\program files\mozilla firefox\components\myspell.dll
2007-05-15 19:34 46,720 ----a-w c:\program files\mozilla firefox\components\spellchk.dll
2007-05-15 19:34 172,144 ----a-w c:\program files\mozilla firefox\components\xpinstal.dll
.
------- Sigcheck -------
2004-08-03 22:56 14336 8f078ae4ed187aaabc0a305146de6716 c:\windows\system32\svchost.exe
2004-08-03 22:56 14336 8f078ae4ed187aaabc0a305146de6716 c:\windows\system32\dllcache\svchost.exe
2004-08-03 22:56 577024 c72661f8552ace7c5c85e16a3cf505c4 c:\windows\system32\user32.dll
2004-08-03 22:56 577024 c72661f8552ace7c5c85e16a3cf505c4 c:\windows\system32\dllcache\user32.dll
2004-08-03 22:56 82944 2ed0b7f12a60f90092081c50fa0ec2b2 c:\windows\system32\ws2_32.dll
2004-08-03 22:56 82944 2ed0b7f12a60f90092081c50fa0ec2b2 c:\windows\system32\dllcache\ws2_32.dll
2008-10-16 11:20 667648 93c9d0a216498ee14eb9b26119bb95ee c:\windows\$hf_mig$\KB958215\SP2QFE\wininet.dll
2008-10-16 02:00 666112 1576318bf08d28cc61d1278114ad8d5b c:\windows\$hf_mig$\KB958215\SP3GDR\wininet.dll
2008-10-16 02:04 667136 e8fce58a470999350f64c591557f9e42 c:\windows\$hf_mig$\KB958215\SP3QFE\wininet.dll
2004-08-03 22:56 656384 c0823fc5469663ba63e7db88f9919d70 c:\windows\$NtUninstallKB958215$\wininet.dll
2008-10-16 11:37 659456 6f1e4bfd78c4e0d05ff3725d59b72925 c:\windows\SoftwareDistribution\Download\7bc58354ca50aa200544caaef7677c8a\SP2GDR\wininet.dll
2008-10-16 11:20 667648 93c9d0a216498ee14eb9b26119bb95ee c:\windows\SoftwareDistribution\Download\7bc58354ca50aa200544caaef7677c8a\SP2QFE\wininet.dll
2008-10-16 02:00 666112 1576318bf08d28cc61d1278114ad8d5b c:\windows\SoftwareDistribution\Download\7bc58354ca50aa200544caaef7677c8a\SP3GDR\wininet.dll
2008-10-16 02:04 667136 e8fce58a470999350f64c591557f9e42 c:\windows\SoftwareDistribution\Download\7bc58354ca50aa200544caaef7677c8a\SP3QFE\wininet.dll
2008-10-16 11:37 659456 6f1e4bfd78c4e0d05ff3725d59b72925 c:\windows\system32\wininet.dll
2008-10-16 11:37 659456 6f1e4bfd78c4e0d05ff3725d59b72925 c:\windows\system32\dllcache\wininet.dll
2008-06-20 11:44 360960 744e57c99232201ae98c49168b918f48 c:\windows\$hf_mig$\KB951748\SP2QFE\tcpip.sys
2008-06-20 12:51 361600 9aefa14bd6b182d61e3119fa5f436d3d c:\windows\$hf_mig$\KB951748\SP3GDR\tcpip.sys
2008-06-20 12:59 361600 ad978a1b783b5719720cff204b666c8e c:\windows\$hf_mig$\KB951748\SP3QFE\tcpip.sys
2004-08-03 21:14 359040 9f4b36614a0fc234525ba224957de55c c:\windows\$NtUninstallKB951748$\tcpip.sys
2008-06-20 11:45 360320 2a5554fc5b1e04e131230e3ce035c3f9 c:\windows\SoftwareDistribution\Download\ad744bdeedce85bf37a096f34577ff3a\sp2gdr\tcpip.sys
2008-06-20 11:44 360960 744e57c99232201ae98c49168b918f48 c:\windows\SoftwareDistribution\Download\ad744bdeedce85bf37a096f34577ff3a\sp2qfe\tcpip.sys
2008-06-20 12:51 361600 9aefa14bd6b182d61e3119fa5f436d3d c:\windows\SoftwareDistribution\Download\ad744bdeedce85bf37a096f34577ff3a\sp3gdr\tcpip.sys
2008-06-20 12:59 361600 ad978a1b783b5719720cff204b666c8e c:\windows\SoftwareDistribution\Download\ad744bdeedce85bf37a096f34577ff3a\sp3qfe\tcpip.sys
2008-06-20 11:45 360320 2a5554fc5b1e04e131230e3ce035c3f9 c:\windows\system32\dllcache\tcpip.sys
2008-06-20 11:45 360320 2a5554fc5b1e04e131230e3ce035c3f9 c:\windows\system32\drivers\tcpip.sys
2004-08-03 22:56 502272 01c3346c241652f43aed8e2149881bfe c:\windows\system32\winlogon.exe
2004-08-03 22:56 502272 01c3346c241652f43aed8e2149881bfe c:\windows\system32\dllcache\winlogon.exe
2004-08-03 21:14 182912 558635d3af1c7546d26067d5d9b6959e c:\windows\system32\dllcache\ndis.sys
2004-08-03 21:14 182912 558635d3af1c7546d26067d5d9b6959e c:\windows\system32\drivers\ndis.sys
2004-08-03 21:00 29056 4448006b6bc60e6c027932cfc38d6855 c:\windows\system32\dllcache\ip6fw.sys
2004-08-03 21:00 29056 4448006b6bc60e6c027932cfc38d6855 c:\windows\system32\drivers\ip6fw.sys
2008-08-14 10:18 2062976 63ec865dff6ccfc7bef94b5c50297cad c:\windows\$hf_mig$\KB956841\SP2QFE\ntkrnlpa.exe
2008-08-14 10:33 2066048 4ac58f03eb94a72809949d757fc39d80 c:\windows\$hf_mig$\KB956841\SP3GDR\ntkrnlpa.exe
2008-08-14 15:39 2066048 a25e9b86effb2af33bf51e676b68bfb0 c:\windows\$hf_mig$\KB956841\SP3QFE\ntkrnlpa.exe
2004-08-03 23:05 2056832 947fb1d86d14afcffdb54bf837ec25d0 c:\windows\$NtUninstallKB956841$\ntkrnlpa.exe
2008-08-14 10:22 2057728 ba002228743b6824d87f0551dbc86d45 c:\windows\Driver Cache\i386\ntkrnlpa.exe
2008-08-14 10:22 2057728 ba002228743b6824d87f0551dbc86d45 c:\windows\SoftwareDistribution\Download\e76b316b6389286fbb342d033e63f1ba\SP2GDR\ntkrnlpa.exe
2008-08-14 10:18 2062976 63ec865dff6ccfc7bef94b5c50297cad c:\windows\SoftwareDistribution\Download\e76b316b6389286fbb342d033e63f1ba\SP2QFE\ntkrnlpa.exe
2008-08-14 10:33 2066048 4ac58f03eb94a72809949d757fc39d80 c:\windows\SoftwareDistribution\Download\e76b316b6389286fbb342d033e63f1ba\SP3GDR\ntkrnlpa.exe
2008-08-14 15:39 2066048 a25e9b86effb2af33bf51e676b68bfb0 c:\windows\SoftwareDistribution\Download\e76b316b6389286fbb342d033e63f1ba\SP3QFE\ntkrnlpa.exe
2008-08-14 10:22 2057728 ba002228743b6824d87f0551dbc86d45 c:\windows\system32\ntkrnlpa.exe
2008-08-14 10:22 2057728 ba002228743b6824d87f0551dbc86d45 c:\windows\system32\dllcache\ntkrnlpa.exe
2008-08-14 10:57 2185984 ce69dbd54221f2d40e49ff6db77c6507 c:\windows\$hf_mig$\KB956841\SP2QFE\ntoskrnl.exe
2008-08-14 11:11 2189184 eeaf32f8e15a24f62becb1bd403bb5c5 c:\windows\$hf_mig$\KB956841\SP3GDR\ntoskrnl.exe
2008-08-14 16:11 2189184 31914172342bff330063f343ac6958fe c:\windows\$hf_mig$\KB956841\SP3QFE\ntoskrnl.exe
2004-08-03 21:20 2180992 ce218bc7088681faa06633e218596ca7 c:\windows\$NtUninstallKB956841$\ntoskrnl.exe
2008-08-14 11:00 2180352 21c91da9cb53aa8a37041ba9684a8458 c:\windows\Driver Cache\i386\ntoskrnl.exe
2008-08-14 11:00 2180352 21c91da9cb53aa8a37041ba9684a8458 c:\windows\SoftwareDistribution\Download\e76b316b6389286fbb342d033e63f1ba\SP2GDR\ntoskrnl.exe
2008-08-14 10:57 2185984 ce69dbd54221f2d40e49ff6db77c6507 c:\windows\SoftwareDistribution\Download\e76b316b6389286fbb342d033e63f1ba\SP2QFE\ntoskrnl.exe
2008-08-14 11:11 2189184 eeaf32f8e15a24f62becb1bd403bb5c5 c:\windows\SoftwareDistribution\Download\e76b316b6389286fbb342d033e63f1ba\SP3GDR\ntoskrnl.exe
2008-08-14 16:11 2189184 31914172342bff330063f343ac6958fe c:\windows\SoftwareDistribution\Download\e76b316b6389286fbb342d033e63f1ba\SP3QFE\ntoskrnl.exe
2008-08-14 11:00 2180352 21c91da9cb53aa8a37041ba9684a8458 c:\windows\system32\ntoskrnl.exe
2008-08-14 11:00 2180352 21c91da9cb53aa8a37041ba9684a8458 c:\windows\system32\dllcache\ntoskrnl.exe
2004-08-03 22:56 1032192 a0732187050030ae399b241436565e64 c:\windows\explorer.exe
2004-08-03 22:56 1032192 a0732187050030ae399b241436565e64 c:\windows\system32\dllcache\explorer.exe
2004-08-03 22:56 108032 c6ce6eec82f187615d1002bb3bb50ed4 c:\windows\system32\services.exe
2004-08-03 22:56 108032 c6ce6eec82f187615d1002bb3bb50ed4 c:\windows\system32\dllcache\services.exe
2004-08-03 22:56 13312 84885f9b82f4d55c6146ebf6065d75d2 c:\windows\system32\lsass.exe
2004-08-03 22:56 13312 84885f9b82f4d55c6146ebf6065d75d2 c:\windows\system32\dllcache\lsass.exe
2004-08-03 22:56 15360 24232996a38c0b0cf151c2140ae29fc8 c:\windows\system32\ctfmon.exe
2004-08-03 22:56 15360 24232996a38c0b0cf151c2140ae29fc8 c:\windows\system32\dllcache\ctfmon.exe
2004-08-03 22:56 57856 7435b108b935e42ea92ca94f59c8e717 c:\windows\system32\spoolsv.exe
2004-08-03 22:56 57856 7435b108b935e42ea92ca94f59c8e717 c:\windows\system32\dllcache\spoolsv.exe
2004-08-03 22:56 24576 39b1ffb03c2296323832acbae50d2aff c:\windows\system32\userinit.exe
2004-08-03 22:56 24576 39b1ffb03c2296323832acbae50d2aff c:\windows\system32\dllcache\userinit.exe
2004-08-03 22:56 295424 b60c877d16d9c880b952fda04adf16e6 c:\windows\system32\termsrv.dll
2004-08-03 22:56 295424 b60c877d16d9c880b952fda04adf16e6 c:\windows\system32\dllcache\termsrv.dll
2004-08-03 22:56 983552 888190e31455fad793312f8d087146eb c:\windows\system32\kernel32.dll
2004-08-03 22:56 983552 888190e31455fad793312f8d087146eb c:\windows\system32\dllcache\kernel32.dll
2004-08-03 22:56 17408 1b5f6923abb450692e9fe0672c897aed c:\windows\system32\powrprof.dll
2004-08-03 22:56 17408 1b5f6923abb450692e9fe0672c897aed c:\windows\system32\dllcache\powrprof.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 40048]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-12-26 13680640]
"AVP"="d:\program files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe" [2008-04-25 201992]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-12-26 86016]
"Setup.exe"="c:\windows\system32\Setup.exe" [2004-08-03 23040]
"WinampAgent"="d:\program files\Winamp\winampa.exe" [2008-09-12 36352]
"AGRSMMSG"="AGRSMMSG.exe" [2003-05-23 c:\windows\AGRSMMSG.exe]
"nwiz"="nwiz.exe" [2008-12-26 c:\windows\system32\nwiz.exe]
c:\documents and settings\All Users\Start Menu\Programs\Startup\
DSLMON.lnk - c:\program files\SAGEM\SAGEM F@st 800-840\dslmon.exe [2009-01-17 1205840]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.ACDV"= ACDV.dll
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001
"UpdatesDisableNotify"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Documents and Settings\\Pejic\\Desktop\\Counter Strike 1.6 Portable\\root\\cstrike.exe"=
"d:\\Program Files\\Garena\\Garena.exe"=
"d:\\Documents and Settings\\All Users\\Application Data\\Kaspersky Lab Setup Files\\Kaspersky Internet Security 2009\\english\\setup.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"22462:TCP"= 22462:TCP:BitComet 22462 TCP
"22462:UDP"= 22462:UDP:BitComet 22462 UDP
R0 klbg;Kaspersky Lab Boot Guard Driver;c:\windows\system32\drivers\klbg.sys [2008-01-29 32784]
R3 e4usbaw;USB ADSL2 WAN Adapter;c:\windows\system32\drivers\e4usbaw.sys [2009-01-17 104344]
R3 KLFLTDEV;Kaspersky Lab KLFltDev;c:\windows\system32\drivers\klfltdev.sys [2008-03-13 26640]
R3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\windows\system32\drivers\klim5.sys [2008-03-25 24592]
S4 E4LOADER;General Purpose USB Driver (e4ldr.sys);c:\windows\system32\drivers\e4ldr.sys [2009-01-17 69656]
.
- - - - ORPHANS REMOVED - - - -
HKLM-Run-CmPCIaudio - CMICNFG3.CPL
HKLM-Run-Cmaudio - cmicnfg.cpl
.
------- Supplementary Scan -------
.
uLocal Page = hxxp://dealhrfind.com
uStart Page = hxxp://www.google.com/
IE: Add to Banner Ad Blocker - d:\program files\Kaspersky Lab\Kaspersky Internet Security 2009\ie_banner_deny.htm
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
FF - ProfilePath - c:\documents and settings\Pejic\Application Data\Mozilla\Firefox\Profiles\5o02s3la.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/
FF - component: c:\program files\Mozilla Firefox\components\xpinstal.dll
.
**************************************************************************
catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-01-27 20:57:44
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
- - - - - - - > 'winlogon.exe'(1124)
c:\windows\system32\klogon.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\nvsvc32.exe
c:\windows\system32\wdfmgr.exe
c:\windows\system32\rundll32.exe
.
**************************************************************************
.
Completion time: 2009-01-27 21:00:36 - machine was rebooted
ComboFix-quarantined-files.txt 2009-01-27 20:00:33
Pre-Run: 25,534,492,672 bytes free
Post-Run: 26,142,957,568 bytes free
336 --- E O F --- 2009-01-22 14:18:06
Sada hoce da mi udje u particije.
|