MyCity » Ambulanta -> Arhiva Ambulante » Provera loga

Provera loga

Napisano na dan: 26.11.2008
2

Provera loga
Pagination Prethodna strana

Idi na vrh

Poslao: 06 Dec 2008 02:30
Idi na vrh
offline
  • Pridružio: 26 Nov 2008
  • Poruke: 24

ComboFix 08-12-05.02 - Tamara 2008-12-06 1:52:51.3 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.73 [GMT 1:00]
Running from: c:\documents and settings\Tamara\Desktop\ComboFix.exe
* Created a new restore point

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_POWERMANAGER


((((((((((((((((((((((((( Files Created from 2008-11-06 to 2008-12-06 )))))))))))))))))))))))))))))))
.

2008-12-05 05:35 . 2008-12-05 05:37 <DIR> d-------- c:\program files\eMule
2008-12-02 07:18 . 2008-03-21 13:57 14,640 --------- c:\windows\system32\spmsgXP_2k3.dll
2008-12-02 07:18 . 2008-12-02 07:18 0 --ah----- c:\windows\system32\drivers\MsftWdf_Kernel_01007_Coinstaller_Critical.Wdf
2008-12-02 07:18 . 2008-12-02 07:18 0 --ah----- c:\windows\system32\drivers\Msft_Kernel_ccdcmb_01007.Wdf
2008-12-02 07:08 . 2008-12-02 07:08 <DIR> d-------- c:\documents and settings\All Users\Application Data\Nokia
2008-12-02 04:04 . 2008-09-15 08:29 1,112,288 --a------ c:\windows\system32\wdfcoinstaller01007.dll
2008-12-02 04:04 . 2008-09-15 08:56 659,968 --a------ c:\windows\system32\nmwcdcocls.dll
2008-12-02 04:04 . 2008-09-15 08:56 22,016 --a------ c:\windows\system32\drivers\ccdcmbo.sys
2008-12-02 04:04 . 2008-09-15 08:56 17,664 --a------ c:\windows\system32\drivers\ccdcmb.sys
2008-12-02 04:04 . 2008-09-15 08:56 8,064 --a------ c:\windows\system32\drivers\usbser_lowerflt.sys
2008-12-02 03:56 . 2008-12-02 03:56 <DIR> d-------- c:\program files\MSXML 6.0
2008-12-01 02:48 . 2008-12-01 02:48 0 --ah----- c:\windows\system32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf
2008-12-01 02:48 . 2008-12-01 02:48 0 --ah----- c:\windows\system32\drivers\Msft_Kernel_ccdcmb_01005.Wdf
2008-12-01 02:44 . 2008-12-01 02:49 <DIR> d-------- c:\documents and settings\Tamara\Application Data\PC Suite
2008-12-01 02:44 . 2008-12-02 03:24 <DIR> d-------- c:\documents and settings\Tamara\Application Data\Nokia
2008-12-01 02:44 . 2008-12-01 02:44 <DIR> d-------- c:\documents and settings\All Users\Application Data\PC Suite
2008-12-01 02:33 . 2008-12-01 02:33 <DIR> d-------- c:\program files\Common Files\PCSuite
2008-12-01 02:33 . 2008-12-02 03:55 <DIR> d-------- c:\program files\Common Files\Nokia
2008-12-01 02:30 . 2008-12-01 02:30 <DIR> d-------- c:\program files\DIFX
2008-12-01 02:30 . 2007-09-17 15:53 21,632 --a------ c:\windows\system32\drivers\pccsmcfd.sys
2008-12-01 02:29 . 2008-12-02 04:04 <DIR> d----c--- c:\windows\system32\DRVSTORE
2008-12-01 02:29 . 2008-12-01 02:29 <DIR> d-------- c:\program files\PC Connectivity Solution
2008-12-01 02:29 . 2008-12-02 04:04 <DIR> d-------- c:\program files\Nokia
2008-12-01 02:29 . 2008-09-15 08:56 91,136 --a------ c:\windows\system32\nmwcdcls.dll
2008-12-01 02:04 . 2008-12-02 03:38 <DIR> d-------- c:\documents and settings\All Users\Application Data\Installations
2008-11-30 20:05 . 2008-11-30 20:05 <DIR> d-------- c:\program files\SweetIM
2008-11-30 20:05 . 2008-11-30 20:05 <DIR> d-------- c:\documents and settings\All Users\Application Data\SweetIM
2008-11-29 01:55 . 2008-11-29 01:53 410,976 --a------ c:\windows\system32\deploytk.dll
2008-11-26 03:24 . 2008-12-06 01:03 116 --a------ c:\windows\NeroDigital.ini
2008-11-26 02:34 . 2005-09-01 12:03 127,488 --------- c:\windows\system32\drivers\imagesrv.sys
2008-11-26 02:32 . 2004-07-26 17:16 1,568,768 --------- c:\windows\system32\ImagX7.dll
2008-11-26 02:32 . 2004-07-26 17:16 476,320 --------- c:\windows\system32\ImagXpr7.dll
2008-11-26 02:32 . 2004-07-26 17:16 471,040 --------- c:\windows\system32\ImagXRA7.dll
2008-11-26 02:32 . 2004-07-09 09:43 364,544 --------- c:\windows\system32\TwnLib4.dll
2008-11-26 02:32 . 2004-07-26 17:16 262,144 --------- c:\windows\system32\ImagXR7.dll
2008-11-26 02:32 . 2000-06-26 11:45 106,496 --a------ c:\windows\system32\TwnLib20.dll
2008-11-21 10:08 . 2008-11-27 17:36 <DIR> d-------- c:\documents and settings\All Users\Application Data\WLInstaller
2008-11-15 05:02 . 2008-11-26 02:36 <DIR> d-------- c:\documents and settings\Tamara\Application Data\Ahead
2008-11-15 04:42 . 2008-11-15 04:42 <DIR> d-------- c:\program files\Common Files\Ahead
2008-11-15 04:42 . 2008-11-15 04:42 <DIR> d-------- c:\program files\Ahead
2008-11-15 04:42 . 2001-07-06 13:41 569,344 --a------ c:\windows\system32\imagr5.dll
2008-11-15 04:42 . 2001-07-06 11:44 544,768 --a------ c:\windows\system32\imagx5.dll
2008-11-15 04:42 . 2001-07-06 17:24 283,920 --a------ c:\windows\system32\ImagXpr5.dll
2008-11-15 04:42 . 2001-07-09 11:50 155,648 --a------ c:\windows\system32\NeroCheck.exe
2008-11-15 04:42 . 2003-09-15 13:56 57,344 --a------ c:\windows\system32\ImageDrive.cpl
2008-11-15 04:42 . 2001-06-26 07:15 38,912 --a------ c:\windows\system32\picn20.dll
2008-11-15 04:42 . 2005-09-01 12:03 5,888 --------- c:\windows\system32\drivers\imagedrv.sys
2008-11-09 22:32 . 2008-11-09 22:32 <DIR> d-------- c:\documents and settings\Tamara\Application Data\Uniblue
2008-11-09 21:50 . 2008-12-01 02:48 1,374 --a------ c:\windows\imsins.BAK
2008-11-09 21:43 . 2008-11-09 21:56 <DIR> d-------- c:\documents and settings\Tamara\Application Data\MSNInstaller

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-12-06 00:56 442,400 --sha-w c:\windows\system32\drivers\fidbox2.dat
2008-12-06 00:56 2,592 --sha-w c:\windows\system32\drivers\fidbox2.idx
2008-12-06 00:56 2,007,072 --sha-w c:\windows\system32\drivers\fidbox.dat
2008-12-06 00:56 16,760 --sha-w c:\windows\system32\drivers\fidbox.idx
2008-12-06 00:40 --------- d-----w c:\documents and settings\Tamara\Application Data\Skype
2008-12-06 00:39 --------- d-----w c:\documents and settings\Tamara\Application Data\skypePM
2008-12-06 00:37 --------- d-----w c:\program files\FlashGet
2008-12-06 00:37 --------- d-----w c:\documents and settings\All Users\Application Data\Kaspersky Lab
2008-12-04 00:37 343,040 ----a-w c:\windows\IsUninst.exe
2008-12-03 05:49 870,595 -c--a-w c:\program files\evillyrics_setup.exe
2008-11-30 23:36 --------- d-----w c:\documents and settings\Tamara\Application Data\mIRC
2008-11-30 20:43 --------- d-----w c:\program files\mIRC
2008-11-30 04:26 --------- d-----w c:\program files\Java
2008-11-08 03:23 --------- d-----w c:\program files\Common Files\Stardock
2008-11-07 15:13 --------- d---a-w c:\documents and settings\All Users\Application Data\TEMP
2008-11-05 11:23 --------- d-----w c:\program files\BitComet
2008-10-30 01:47 --------- d-----w c:\documents and settings\Tamara\Application Data\Thinstall
2008-10-30 00:33 --------- d-----w c:\program files\Skype
2008-10-30 00:33 --------- d-----w c:\program files\Common Files\Skype
2008-10-30 00:33 --------- d-----w c:\documents and settings\All Users\Application Data\Skype
2008-10-13 23:59 --------- d--h--w c:\program files\InstallShield Installation Information
2008-10-13 23:59 --------- d-----w c:\program files\Singles
2008-10-13 23:36 --------- d-----w c:\program files\OpenOffice.org 2.4
2008-10-13 23:31 --------- d-----w c:\documents and settings\All Users\Application Data\BVRP Software
2008-10-13 23:28 --------- d-----w c:\program files\AC3Filter
2008-10-08 00:49 --------- d-----w c:\program files\FastStone Image Viewer
2008-10-08 00:49 --------- d-----w c:\documents and settings\Tamara\Application Data\FastStone
2008-10-08 00:45 --------- d-----w c:\program files\Nuclear Coffee
2008-10-08 00:41 --------- d-----w c:\program files\Stardock
2008-10-08 00:28 --------- d-----w c:\program files\totalcmd
2008-10-08 00:17 --------- d-----w c:\program files\Godlike Developers
2008-09-23 19:27 79,792 ----a-w c:\program files\wmp-lyrc.exe
2005-12-13 22:03 24,192 ----a-w c:\documents and settings\Tamara\usbsermptxp.sys
2005-12-13 22:03 22,768 ----a-w c:\documents and settings\Tamara\usbsermpt.sys
.

((((((((((((((((((((((((((((( snapshot@2008-11-27_ 0.38.49.56 )))))))))))))))))))))))))))))))))))))))))
.
- 2005-02-25 03:35:05 245,984 -c--a-w c:\windows\$hf_mig$\KB898461\spuninst.exe
+ 2008-12-03 06:07:29 245,984 -c--a-w c:\windows\$hf_mig$\KB898461\spuninst.exe
- 2005-02-25 03:35:05 754,400 -c--a-w c:\windows\$hf_mig$\KB898461\update\update.exe
+ 2008-12-03 06:07:31 754,400 -c--a-w c:\windows\$hf_mig$\KB898461\update\update.exe
- 2007-03-06 01:22:39 249,568 -c--a-w c:\windows\$hf_mig$\KB944338-v2\spuninst.exe
+ 2008-12-03 06:07:32 249,568 -c--a-w c:\windows\$hf_mig$\KB944338-v2\spuninst.exe
- 2007-03-06 01:22:56 752,352 -c--a-w c:\windows\$hf_mig$\KB944338-v2\update\update.exe
+ 2008-12-03 06:07:34 752,352 -c--a-w c:\windows\$hf_mig$\KB944338-v2\update\update.exe
- 2007-11-30 12:39:22 267,640 -c--a-w c:\windows\$hf_mig$\KB946648\spuninst.exe
+ 2008-12-03 06:07:34 267,640 -c--a-w c:\windows\$hf_mig$\KB946648\spuninst.exe
- 2007-11-30 11:20:44 791,928 -c--a-w c:\windows\$hf_mig$\KB946648\update\update.exe
+ 2008-12-03 06:07:36 791,928 -c--a-w c:\windows\$hf_mig$\KB946648\update\update.exe
- 2007-11-30 11:18:51 267,640 -c--a-w c:\windows\$hf_mig$\KB951376-v2\spuninst.exe
+ 2008-12-03 06:07:47 267,640 -c--a-w c:\windows\$hf_mig$\KB951376-v2\spuninst.exe
- 2007-11-30 11:18:51 791,928 -c--a-w c:\windows\$hf_mig$\KB951376-v2\update\update.exe
+ 2008-12-03 06:07:51 791,928 -c--a-w c:\windows\$hf_mig$\KB951376-v2\update\update.exe
- 2005-02-25 03:35:05 245,984 -c----w c:\windows\$NtUninstallKB898461$\spuninst\spuninst.exe
+ 2008-12-03 06:08:18 245,984 -c--a-w c:\windows\$NtUninstallKB898461$\spuninst\spuninst.exe
- 2007-03-06 01:22:39 249,568 -c----w c:\windows\$NtUninstallKB944338-v2$\spuninst\spuninst.exe
+ 2008-12-03 06:08:19 249,568 -c--a-w c:\windows\$NtUninstallKB944338-v2$\spuninst\spuninst.exe
- 2007-11-30 12:39:22 267,640 -c----w c:\windows\$NtUninstallKB946648$\spuninst\spuninst.exe
+ 2008-12-03 06:08:21 267,640 -c--a-w c:\windows\$NtUninstallKB946648$\spuninst\spuninst.exe
- 2007-11-30 11:18:51 267,640 -c----w c:\windows\$NtUninstallKB951376-v2$\spuninst\spuninst.exe
+ 2008-12-03 06:08:28 267,640 -c--a-w c:\windows\$NtUninstallKB951376-v2$\spuninst\spuninst.exe
+ 2008-12-02 02:55:55 10,134 ----a-r c:\windows\Installer\{0332234E-09D1-4B74-A5F3-73E34BA29F5B}\ARPPRODUCTICON.exe
+ 2008-12-02 02:55:55 458,752 ----a-r c:\windows\Installer\{0332234E-09D1-4B74-A5F3-73E34BA29F5B}\NewShortcut16_F7578A24A4B240E4BA057EF931EB25B5.exe
+ 2008-12-02 02:55:55 8,854 ----a-r c:\windows\Installer\{0332234E-09D1-4B74-A5F3-73E34BA29F5B}\NewShortcut2_1C7B7089989A424FB39D41A32581C775.exe
+ 2008-12-02 02:55:55 458,752 ----a-r c:\windows\Installer\{0332234E-09D1-4B74-A5F3-73E34BA29F5B}\NewShortcut20_F7578A24A4B240E4BA057EF931EB25B5.exe
+ 2008-12-02 02:55:55 8,854 ----a-r c:\windows\Installer\{0332234E-09D1-4B74-A5F3-73E34BA29F5B}\NewShortcut3_F30B5B541F7D4207BF3032ED8CAF6640.exe
+ 2008-12-02 02:55:55 8,854 ----a-r c:\windows\Installer\{0332234E-09D1-4B74-A5F3-73E34BA29F5B}\Uninstall_QA_OTI_H_FE5D756F71E147C4972AD6775344B40B.exe
+ 2008-11-30 19:05:40 10,134 ----a-r c:\windows\Installer\{0EE593B1-07F7-49B4-8825-4EAAB3FA6266}\ARPPRODUCTICON.exe
+ 2008-12-01 01:30:27 10,134 ----a-r c:\windows\Installer\{1A524CFE-DF85-4555-8BC2-0C89DBD8BC2C}\ARPPRODUCTICON.exe
+ 2008-11-30 19:05:46 10,134 ----a-r c:\windows\Installer\{266C7330-C0F4-49E5-8F20-A56F9F822875}\ARPPRODUCTICON.exe
+ 2008-12-02 03:02:55 3,262 ----a-r c:\windows\Installer\{2A0A6470-FD0F-4F45-9B11-85F3167DB943}\ARPPRODUCTICON.exe
+ 2008-12-02 03:04:17 3,262 ----a-r c:\windows\Installer\{CBDE9C7D-CF52-4558-B23E-B66359CB586A}\ARPPRODUCTICON.exe
+ 2008-12-01 01:35:05 15,086 ----a-r c:\windows\Installer\{D5577624-0626-4C4B-87AA-D966DA1739D6}\ARPPRODUCTICON.exe
- 2005-09-23 05:01:16 645,824 -c--a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.exe
+ 2008-12-03 06:11:00 645,824 -c--a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.exe
+ 2003-03-18 18:05:50 89,088 ----a-w c:\windows\system32\atl71.dll
+ 2007-03-29 22:00:40 203,264 ----a-r c:\windows\system32\CddbCdda.dll
- 2008-06-18 17:52:28 197,448 -c--a-w c:\windows\system32\DivXCodecVersionChecker.exe
+ 2008-12-03 06:12:30 197,448 -c--a-w c:\windows\system32\DivXCodecVersionChecker.exe
+ 2008-03-27 15:27:46 503,008 ------w c:\windows\system32\drivers\wdf01000.sys
+ 2008-03-27 15:27:48 35,040 ------w c:\windows\system32\drivers\wdfldr.sys
+ 2008-09-15 07:56:24 17,664 -c--a-w c:\windows\system32\DRVSTORE\ccdcmb_338785DB262FD86AC1597B0D3A9EE1F4A4B5E460\ccdcmb.sys
+ 2008-09-15 07:56:26 91,136 -c--a-w c:\windows\system32\DRVSTORE\ccdcmb_338785DB262FD86AC1597B0D3A9EE1F4A4B5E460\nmwcdcls.dll
+ 2008-09-15 07:56:26 659,968 -c--a-w c:\windows\system32\DRVSTORE\ccdcmb_338785DB262FD86AC1597B0D3A9EE1F4A4B5E460\nmwcdcocls.dll
+ 2008-09-15 07:29:28 1,112,288 -c--a-w c:\windows\system32\DRVSTORE\ccdcmb_338785DB262FD86AC1597B0D3A9EE1F4A4B5E460\wdfcoinstaller01007.dll
+ 2008-09-15 07:56:34 8,064 -c--a-w c:\windows\system32\DRVSTORE\ccdcmbcj_338785DB262FD86AC1597B0D3A9EE1F4A4B5E460\usbser_lowerfltj.sys
+ 2008-09-15 07:56:24 8,064 -c--a-w c:\windows\system32\DRVSTORE\ccdcmbm_338785DB262FD86AC1597B0D3A9EE1F4A4B5E460\usbser_lowerflt.sys
+ 2008-09-15 07:56:24 22,016 -c--a-w c:\windows\system32\DRVSTORE\ccdcmbo_338785DB262FD86AC1597B0D3A9EE1F4A4B5E460\ccdcmbo.sys
+ 2008-02-01 15:17:12 138,112 -c--a-w c:\windows\system32\DRVSTORE\nmwcdnsu_44DA5D9994D88495A1C1116BFFF6763CF67ABD72\nmwcdnsu.sys
+ 2008-02-01 15:17:06 8,320 -c--a-w c:\windows\system32\DRVSTORE\nmwcdnsuc_44DA5D9994D88495A1C1116BFFF6763CF67ABD72\nmwcdnsuc.sys
+ 2007-09-17 14:53:26 21,632 -c--a-w c:\windows\system32\DRVSTORE\pccsmcfd_4A1E30386F4D0DEC8F5DF262CFBD8845EEBAB175\pccsmcfd.sys
+ 2008-05-20 09:37:00 525,824 -c--a-w c:\windows\system32\DRVSTORE\pccswpddri_66268C3E0C6968D7F539EAEAD801C68E0DB54FE9\PCCSWpdDriver.dll
+ 2008-05-20 09:32:30 831,048 -c--a-w c:\windows\system32\DRVSTORE\pccswpddri_66268C3E0C6968D7F539EAEAD801C68E0DB54FE9\WudfUpdate_01005.dll
- 2008-06-09 23:21:01 135,168 ----a-w c:\windows\system32\java.exe
+ 2008-11-29 00:53:45 144,792 ----a-w c:\windows\system32\java.exe
- 2008-06-09 23:21:04 135,168 ----a-w c:\windows\system32\javaw.exe
+ 2008-11-29 00:53:45 144,792 ----a-w c:\windows\system32\javaw.exe
- 2008-06-10 00:32:34 139,264 ----a-w c:\windows\system32\javaws.exe
+ 2008-11-29 00:53:45 148,888 ----a-w c:\windows\system32\javaws.exe
- 2005-02-24 05:32:00 429,568 ----a-w c:\windows\system32\keystone.exe
+ 2008-12-04 00:37:44 429,568 ----a-w c:\windows\system32\keystone.exe
+ 2003-03-18 20:20:00 1,060,864 ----a-w c:\windows\system32\mfc71.dll
+ 2003-03-18 20:12:12 1,047,552 ----a-w c:\windows\system32\mfc71u.dll
+ 2003-03-18 19:14:52 499,712 ----a-w c:\windows\system32\msvcp71.dll
+ 2003-02-21 03:42:22 348,160 ----a-w c:\windows\system32\msvcr71.dll
+ 2003-04-18 15:46:22 1,233,920 ----a-w c:\windows\system32\msxml4.dll
+ 2003-04-18 15:29:26 82,432 ----a-w c:\windows\system32\msxml4r.dll
+ 2006-12-04 13:37:58 1,317,648 ----a-w c:\windows\system32\msxml6.dll
+ 2006-10-05 03:31:10 79,872 ----a-w c:\windows\system32\msxml6r.dll
- 2005-02-24 05:32:00 478,720 ----a-w c:\windows\system32\nvappbar.exe
+ 2008-12-04 00:37:44 478,720 ----a-w c:\windows\system32\nvappbar.exe
- 2005-02-24 05:32:00 183,808 ----a-w c:\windows\system32\nvcolor.exe
+ 2008-12-04 00:37:44 183,808 ----a-w c:\windows\system32\nvcolor.exe
- 2005-02-24 05:32:00 1,375,744 ----a-w c:\windows\system32\nvdspsch.exe
+ 2008-12-04 00:37:44 1,375,744 ----a-w c:\windows\system32\nvdspsch.exe
- 2005-02-24 05:32:00 212,480 ----a-w c:\windows\system32\nvudisp.exe
+ 2008-12-04 00:37:44 212,480 ----a-w c:\windows\system32\nvudisp.exe
- 2005-02-25 03:35:05 22,752 ----a-w c:\windows\system32\spupdsvc.exe
+ 2008-03-21 12:57:18 23,856 ----a-w c:\windows\system32\spupdsvc.exe
+ 2008-12-06 00:57:18 16,384 ----atw c:\windows\temp\Perflib_Perfdata_73c.dat
+ 2008-12-02 02:55:15 1,233,920 ----a-w c:\windows\WinSxS\x86_Microsoft.MSXML2_6bd6b9abf345378f_4.20.9818.0_x-ww_8ff50c5d\msxml4.dll
+ 2008-12-02 02:55:15 82,432 ----a-w c:\windows\WinSxS\x86_Microsoft.MSXML2R_6bd6b9abf345378f_4.1.0.0_x-ww_29c3ad6a\msxml4r.dll
+ 2006-12-01 21:56:00 96,256 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_cbb27474\ATL80.dll
+ 2006-12-01 21:54:32 479,232 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\msvcm80.dll
+ 2006-12-01 21:54:34 548,864 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\msvcp80.dll
+ 2006-12-01 21:54:32 626,688 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\msvcr80.dll
+ 2006-12-01 23:25:52 1,101,824 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfc80.dll
+ 2006-12-01 23:25:56 1,093,120 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfc80u.dll
+ 2006-12-01 23:25:58 69,632 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfcm80.dll
+ 2006-12-01 23:26:00 57,856 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfcm80u.dll
+ 2006-12-01 23:08:00 40,960 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80CHS.dll
+ 2006-12-01 23:08:00 45,056 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80CHT.dll
+ 2006-12-01 23:08:00 65,536 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80DEU.dll
+ 2006-12-01 23:08:00 57,344 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80ENU.dll
+ 2006-12-01 23:08:00 61,440 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80ESP.dll
+ 2006-12-01 23:08:00 61,440 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80FRA.dll
+ 2006-12-01 23:08:00 61,440 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80ITA.dll
+ 2006-12-01 23:08:00 49,152 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80JPN.dll
+ 2006-12-01 23:08:00 49,152 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80KOR.dll
+ 2006-12-01 23:46:44 65,536 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.OpenMP_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6c18549a\vcomp.dll
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{EEE6C35D-6118-11DC-9C72-001320C79847}"= "c:\program files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll" [2008-10-08 173368]

[HKEY_CLASSES_ROOT\clsid\{eee6c35d-6118-11dc-9c72-001320c79847}]
[HKEY_CLASSES_ROOT\SweetIM_URLSearchHook.ToolbarURLSearchHook.1]
[HKEY_CLASSES_ROOT\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847}]
[HKEY_CLASSES_ROOT\SweetIM_URLSearchHook.ToolbarURLSearchHook]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}]
2008-10-08 12:22 1172792 --a------ c:\program files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{EEE6C35B-6118-11DC-9C72-001320C79847}"= "c:\program files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll" [2008-10-08 1172792]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{EEE6C35B-6118-11DC-9C72-001320C79847}"= "c:\program files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll" [2008-10-08 1172792]

[HKEY_CLASSES_ROOT\clsid\{eee6c35b-6118-11dc-9c72-001320c79847}]
[HKEY_CLASSES_ROOT\SWEETIE.SWEETIE.3]
[HKEY_CLASSES_ROOT\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}]
[HKEY_CLASSES_ROOT\SWEETIE.SWEETIE]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2004-08-03 15360]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2008-09-16 1667584]
"ares"="c:\program files\Ares\Ares.exe" [2008-08-21 888832]
"Nokia.PCSync"="c:\program files\Nokia\Nokia PC Suite 7\PCSync2.exe" [2008-06-17 1249280]
"PC Suite Tray"="c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe" [2008-10-02 1124352]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2005-02-24 5537792]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"Flashget"="c:\program files\FlashGet\FlashGet.exe" [2007-09-25 2007088]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2008-11-29 136600]
"SweetIM"="c:\program files\SweetIM\Messenger\SweetIM.exe" [2008-11-17 111928]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-03 15360]

c:\documents and settings\Tamara\Start Menu\Programs\Startup\
Stardock ObjectDock.lnk - c:\program files\Stardock\ObjectDock\ObjectDock.exe [2008-10-08 2664184]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
DSLMON.lnk - c:\program files\SAGEM\SAGEM F@st 800-840\dslmon.exe [2008-09-18 1205840]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoStartMenuSubFolders"= 0 (0x0)
"NoCommonGroups"= 0 (0x0)
"NoPrinterTabs"= 0 (0x0)
"NoDeletePrinter"= 0 (0x0)
"NoAddPrinter"= 0 (0x0)
"NoPrinters"= 0 (0x0)
"NoFavoritesMenu"= 0 (0x0)
"NoRecentDocsNetHood"= 0 (0x0)
"NoChangeAnimation"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\MCPClient]
2005-01-31 15:13 49152 c:\progra~1\COMMON~1\Stardock\MCPStub.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"vidc.ffds"= ffdshow.ax

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"nwiz"=nwiz.exe /install
"NvMediaCenter"=RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
"NvCplDaemon"=RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"=
"c:\\Program Files\\Ares\\Ares.exe"=
"c:\\Program Files\\mIRC\\mirc.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\FlashGet\\FlashGet.exe"=
"c:\\Program Files\\Common Files\\Nokia\\Service Layer\\A\\nsl_host_process.exe"=
"c:\\Program Files\\Nokia\\Nokia Software Updater\\nsu_ui_client.exe"=
"c:\\Program Files\\eMule\\emule.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"22516:TCP"= 22516:TCP:BitComet 22516 TCP
"22516:UDP"= 22516:UDP:BitComet 22516 UDP

R0 klbg;Kaspersky Lab Boot Guard Driver;c:\windows\system32\drivers\klbg.sys [2008-01-29 32784]
R3 KLFLTDEV;Kaspersky Lab KLFltDev;c:\windows\system32\DRIVERS\klfltdev.sys [2008-03-13 26640]
R3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\windows\system32\DRIVERS\klim5.sys [2008-03-25 24592]
S2 ELOADER;General Purpose USB Driver (adildr.sys);c:\windows\system32\Drivers\adildr.sys [2008-09-18 56088]
.
- - - - ORPHANS REMOVED - - - -

HKCU-Run-Yahoo! Pager - ~c:\program files\Yahoo!\Messenger\YahooMessenger.exe


.
------- Supplementary Scan -------
.
mStart Page = hxxp://www.yahoo.com/
mSearch Bar = hxxp://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html
IE: &Download All with FlashGet - c:\program files\FlashGet\jc_all.htm
IE: &Download with FlashGet - c:\program files\FlashGet\jc_link.htm
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
TCP: {8C3E1F33-F06F-448E-AFCF-869676F5558C} = 212.200.82.4 212.200.82.5
FireFox -: Profile - c:\documents and settings\Tamara\Application Data\Mozilla\Firefox\Profiles\bpodzxh8.default\
FireFox -: prefs.js - STARTUP.HOMEPAGE - hxxp://google.atcomet.com/b/
FF -: plugin - c:\documents and settings\Tamara\Desktop\DivX\DivX Player\npDivxPlayerPlugin.dll
FF -: plugin - c:\documents and settings\Tamara\Desktop\DivX\DivX Web Player\npdivx32.dll
FF -: plugin - c:\program files\Java\jre6\bin\new_plugin\npdeploytk.dll
FF -: plugin - c:\program files\Java\jre6\bin\new_plugin\npjp2.dll
FF -: plugin - c:\program files\Mozilla Firefox\plugins\npdeploytk.dll
FF -: plugin - c:\program files\Opera\program\plugins\nppl3260.dll
FF -: plugin - c:\program files\Opera\program\plugins\nprpjplug.dll
FF -: plugin - c:\program files\Yahoo!\Shared\npYState.dll
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, gmer.net
Rootkit scan 2008-12-06 01:57:39
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(980)
c:\windows\system32\klogon.dll
c:\progra~1\COMMON~1\Stardock\mcpstub.dll
.
------------------------ Other Running Processes ------------------------
.
c:\progra~1\COMMON~1\Stardock\SDMCP.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\windows\system32\nvsvc32.exe
c:\windows\system32\wscntfy.exe
c:\program files\PC Connectivity Solution\ServiceLayer.exe
c:\program files\PC Connectivity Solution\Transports\NclUSBSrv.exe
c:\program files\PC Connectivity Solution\Transports\NclRSSrv.exe
c:\program files\Common Files\Nokia\MPAPI\MPAPI3s.exe
.
**************************************************************************
.
Completion time: 2008-12-06 2:05:59 - machine was rebooted
ComboFix-quarantined-files.txt 2008-12-06 01:05:50
ComboFix2.txt 2008-11-29 16:31:32
ComboFix3.txt 2008-11-26 23:39:29

Pre-Run: 525.430.784 bytes free
Post-Run: 558,870,528 bytes free

350 --- E O F --- 2008-09-17 00:45:04

Dopuna: 06 Dec 2008 2:30

Evo loga,a evo i sta je kaspersky nasao (ne znam kako da iskopiram log skeniranja).

Poslao: 06 Dec 2008 19:57
Idi na vrh
offline
  • dr_Bora  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 24 Jul 2007
  • Poruke: 12280
  • Gde živiš: Höganäs, SE

Ovako...

To što tvoj AV detektuje je virus (file infektor) Hidrag/Jeefo.

Alati koje mi koristimo ovde ne mogu da dezinfikuju viruse, već je za to potrebno koristiti antivirus program.

Problem kod tebe je to što su očigledno inficirani aktivni file-ovi (procesi) te ih stoga AV ne može dezinfikovati.

Postoje dve mogućnosti:

- mogao bi da deinstaliraš Kaspersky i zatim instaliraš avast! te da odradiš Boot time skeniranje (pri podizanju Windowsa). To bi možda moglo da ukloni virus (mada nije garantovano).
No, isto tako bi i Windows nakon tog postupka mogao biti u neupotrebljivom stanju.

- mogao bi da prebaciš svoj hard disk u drugi kompjuter te da odradiš skeniranje/dezinfekciju. Ovaj postupak je mnogo efikasniji i virus bi bio gotovo sigurno uklonjen. No, i ovaj postupak bi mogao imati za posledicu nefunkcionalnost Windowsa.


I to je trenutno stanje. Neko pitanje?

Dopuna: 06 Dec 2008 19:57

Samo još mala dopuna, tačnije pitanje.


Ti si ''rekao'' KAV-u da izvrši dezinfekciju, tj. kliknuo si na Disinfect All, ali on ne uspeva da izvrši dezinfekciju. Tačno?

Poslao: 06 Dec 2008 22:02
Idi na vrh
offline
  • Pridružio: 26 Nov 2008
  • Poruke: 24

Da,to je tacno nazalost>To vezano za povezivanje sa drugim kompom je moguce tek od iduce nedelje kad budem otisao do brata jer nemam drugih mogucnosti da to odradim...
Javljam se kad dodjem do toga,a hvala puno do sada sto si ucinio.
Nadam se i da cu konacno uspeti da se resim te napasti od virusa...

MyCity » Ambulanta -> Arhiva Ambulante » Provera loga

Ko je trenutno na forumu
 

Ukupno su 957 korisnika na forumu :: 31 registrovanih, 3 sakrivenih i 923 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: A.R.Chafee.Jr., Apok, ccoogg123, crnitrn, darkangel, draganca, esx66, ivica976, janbo, Još malo pa deda, mean_machine, Mercury, Metanoja, mikrimaus, mile33, Milometer, moldway, nenaddz, nikoladim, operniki, Oscar, robertino, Sirius, stegonosa, virked, Vladimir O., yagosh, Yellow Pinky, YugoSlav, ZetaMan, 79693