windows xp 2012 virus

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Napisano: 16 Dec 2011 2:17

Hvala, Uklonio sam Norton.
instalirao od svih AV bas AVG i sad mi ne da da pokrenem CF. Procackao po netu i shvatio da je to uobicajeno za AVG.

Dopuna: 16 Dec 2011 2:40

Probao da de aktiviram AVG i ponovo pokrenem Cf i dobijem ovu poruku-

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Deinstaliraj AVG i stavi neki drugi. Zatim preuzmi svježu kopiju ComboFix-a na Desktop sa ovog linka pa ga ponovo pokreni.

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Uloguj se preko Facebooka da bi skinuo fajl:

Napisano: 17 Dec 2011 23:09

Deinstalirao AVG, instalirao Microsoft Sec. Essentials.

Ne znam zasto jos uvek postoji ikona AVG.


Dopuna: 17 Dec 2011 23:45

Ne znal koliko sve ovo ima veze sa virusom, ali nece da mi pokrece CD drajver!


Evo CF skena-
[Link mogu videti samo ulogovani korisnici]

ComboFix 11-12-17.02 - Balas 12/17/2011 13:20:21.5.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2038.1419 [GMT -5:00]
Running from: c:\documents and settings\Balas\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
FW: AVG Firewall *Disabled* {8decf618-9569-4340-b34a-d78d28969b66}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\iexplore.exe
c:\iexplore.exe\023.dat
c:\iexplore.exe\023v.dat
c:\iexplore.exe\023w7.dat
c:\iexplore.exe\AppDataFile.cfx
c:\iexplore.exe\AppDataFolder.cfx
c:\iexplore.exe\appinit.bad
c:\iexplore.exe\asp.str
c:\iexplore.exe\Assoc.cmd
c:\iexplore.exe\ATTRIB.3XE
c:\iexplore.exe\Auto-RC.cmd
c:\iexplore.exe\av.cmd
c:\iexplore.exe\av.vbs
c:\iexplore.exe\AWF.cmd
c:\iexplore.exe\badclsid.c
c:\iexplore.exe\Boot-Rk.cmd
c:\iexplore.exe\Boot.bat
c:\iexplore.exe\BootDrv.vbs
c:\iexplore.exe\c.bat
c:\iexplore.exe\Catch-sub.cmd
c:\iexplore.exe\catchme.3XE
c:\iexplore.exe\CF-Script.cmd
c:\iexplore.exe\CF17724.3XE
c:\iexplore.exe\clsid.c
c:\iexplore.exe\cmd.3XE
c:\iexplore.exe\Combobatch.bat
c:\iexplore.exe\ComboFix-Download.3XE
c:\iexplore.exe\Create.cmd
c:\iexplore.exe\Creg.dat
c:\iexplore.exe\CregC.cmd
c:\iexplore.exe\CregC.dat
c:\iexplore.exe\CSCRIPT.3XE
c:\iexplore.exe\dd.3XE
c:\iexplore.exe\ddsDo.sed
c:\iexplore.exe\DelClsid.bat
c:\iexplore.exe\DelClsid64.bat
c:\iexplore.exe\desktop.ini
c:\iexplore.exe\DesktopFile.cfx
c:\iexplore.exe\DisclaimED.dat
c:\iexplore.exe\DPF.str
c:\iexplore.exe\DrvRun.vbs
c:\iexplore.exe\dumphive.3XE
c:\iexplore.exe\embedded.sed
c:\iexplore.exe\ERDNT.e_e
c:\iexplore.exe\ERDNTDOS.LOC
c:\iexplore.exe\ERDNTWIN.LOC
c:\iexplore.exe\ERUNT.3XE
c:\iexplore.exe\ERUNT.LOC
c:\iexplore.exe\Exe.reg
c:\iexplore.exe\extract.3XE
c:\iexplore.exe\FavoriteFolder.cfx
c:\iexplore.exe\FavoritesFile.cfx
c:\iexplore.exe\FD-SV.cmd
c:\iexplore.exe\ffdefstr.dll
c:\iexplore.exe\FileKill.3XE
c:\iexplore.exe\files.pif
c:\iexplore.exe\Fin.dat
c:\iexplore.exe\FIND3M.bat
c:\iexplore.exe\FIXLSP.bat
c:\iexplore.exe\FKMGen.cmd
c:\iexplore.exe\GetHive.cmd
c:\iexplore.exe\grep.3XE
c:\iexplore.exe\gsar.3XE
c:\iexplore.exe\handle.3XE
c:\iexplore.exe\hidec.3XE
c:\iexplore.exe\history.bat
c:\iexplore.exe\hwid.pif
c:\iexplore.exe\iexplore.exe
c:\iexplore.exe\image001.gif
c:\iexplore.exe\Imefile.dat
c:\iexplore.exe\Install-RC.cmd
c:\iexplore.exe\katch.cmd
c:\iexplore.exe\Kill-All.cmd
c:\iexplore.exe\Lang.bat
c:\iexplore.exe\List-B.bat
c:\iexplore.exe\List-C.bat
c:\iexplore.exe\List-D.bat
c:\iexplore.exe\List.bat
c:\iexplore.exe\lnkread.vbs
c:\iexplore.exe\LocalAppDataFile.cfx
c:\iexplore.exe\LocalAppDataFolder.cfx
c:\iexplore.exe\LocalService.dat
c:\iexplore.exe\LocalServiceNetworkRestricted.dat
c:\iexplore.exe\LocalSettingsFile.cfx
c:\iexplore.exe\LocalSystemNetworkRestricted.dat
c:\iexplore.exe\mbr.3XE
c:\iexplore.exe\mbr.chk
c:\iexplore.exe\md5sum.pif
c:\iexplore.exe\MoveIt.bat
c:\iexplore.exe\mtee.3XE
c:\iexplore.exe\mynul.dat
c:\iexplore.exe\ncmd.com
c:\iexplore.exe\ND_.bat
c:\iexplore.exe\ND_64.bat
c:\iexplore.exe\ndis_combofix.dat
c:\iexplore.exe\netsvc.bad.dat
c:\iexplore.exe\netsvc.dat
c:\iexplore.exe\netsvc.vista.dat
c:\iexplore.exe\netsvc.xp.dat
c:\iexplore.exe\NetworkService.dat
c:\iexplore.exe\NirCmd.3XE
c:\iexplore.exe\NirCmdC.3XE
c:\iexplore.exe\NIRKMD.3XE
c:\iexplore.exe\NlsLanguageDefault
c:\iexplore.exe\NT-OS.cmd
c:\iexplore.exe\NULL
c:\iexplore.exe\OSid.vbs
c:\iexplore.exe\P.cmd
c:\iexplore.exe\pausep.3XE
c:\iexplore.exe\PersonalFile.cfx
c:\iexplore.exe\PersonalFolder.cfx
c:\iexplore.exe\pev.3XE
c:\iexplore.exe\pevb.3XE
c:\iexplore.exe\PING.3XE
c:\iexplore.exe\Policies.dat
c:\iexplore.exe\powp.dat
c:\iexplore.exe\Prep.inf
c:\iexplore.exe\ProfilesFile.cfx
c:\iexplore.exe\ProfilesFolder.cfx
c:\iexplore.exe\ProgramsFile.cfx
c:\iexplore.exe\ProgramsFolder.cfx
c:\iexplore.exe\Purity.dat
c:\iexplore.exe\PV.3XE
c:\iexplore.exe\pv.com
c:\iexplore.exe\rar_sfx.cmd
c:\iexplore.exe\RCLink.dat
c:\iexplore.exe\REGDACL.sed
c:\iexplore.exe\RegDo.sed
c:\iexplore.exe\region.dat
c:\iexplore.exe\RegScan.cmd
c:\iexplore.exe\RegScan64.cmd
c:\iexplore.exe\Resident.txt
c:\iexplore.exe\restore_pt.vbs
c:\iexplore.exe\Rkey.cmd
c:\iexplore.exe\rmbr.3XE
c:\iexplore.exe\rogues.dat
c:\iexplore.exe\ROUTE.3XE
c:\iexplore.exe\run2.sed
c:\iexplore.exe\Rust.str
c:\iexplore.exe\s0rt.3XE
c:\iexplore.exe\safeboot.dat
c:\iexplore.exe\safeboot.def.dat
c:\iexplore.exe\safeboot.def.vista.dat
c:\iexplore.exe\Safeboot.def.w7.dat
c:\iexplore.exe\sed.3XE
c:\iexplore.exe\SetEnvmt.bat
c:\iexplore.exe\setpath.3XE
c:\iexplore.exe\setpath_N.cmd
c:\iexplore.exe\SF.exe
c:\iexplore.exe\sfx.cmd
c:\iexplore.exe\SnapShot.cmd
c:\iexplore.exe\SRestore.cmd
c:\iexplore.exe\srizbi.md5
c:\iexplore.exe\Start_dat
c:\iexplore.exe\StartMenuFile.cfx
c:\iexplore.exe\StartMenuFolder.cfx
c:\iexplore.exe\StartUpFile.cfx
c:\iexplore.exe\SuppScan.cmd
c:\iexplore.exe\svc_wht.dat
c:\iexplore.exe\SvcDrv.vbs
c:\iexplore.exe\svchost.dat
c:\iexplore.exe\svchost.vista.dat
c:\iexplore.exe\svchost.vista.x64.dat
c:\iexplore.exe\svchost.w7.dat
c:\iexplore.exe\svchost.w7.x64.dat
c:\iexplore.exe\swreg.3XE
c:\iexplore.exe\swsc.3XE
c:\iexplore.exe\swxcacls.3XE
c:\iexplore.exe\system_ini.dat
c:\iexplore.exe\tail.3XE
c:\iexplore.exe\TemplatesFile.cfx
c:\iexplore.exe\TemplatesFolder.cfx
c:\iexplore.exe\toolbar.sed
c:\iexplore.exe\Update-CF.cmd
c:\iexplore.exe\VikPev00
c:\iexplore.exe\VInfo
c:\iexplore.exe\VInfo2
c:\iexplore.exe\VINFO3
c:\iexplore.exe\Vipev.dat
c:\iexplore.exe\vistaMcode.dat
c:\iexplore.exe\vistareg.dat
c:\iexplore.exe\vun.dat
c:\iexplore.exe\VwinTemp.dacl
c:\iexplore.exe\w_sock.dll
c:\iexplore.exe\w7Mcode.dat
c:\iexplore.exe\w7reg.dat
c:\iexplore.exe\WinNT00
c:\iexplore.exe\Wmi_rem.vbs
c:\iexplore.exe\XP.mac
c:\iexplore.exe\xpmcode.dat
c:\iexplore.exe\xpreg.dat
c:\iexplore.exe\XPSBoot.reg
c:\iexplore.exe\zDomain.dat
c:\iexplore.exe\zhsvc.dat
c:\iexplore.exe\zip.3XE
.
.
((((((((((((((((((((((((( Files Created from 2011-11-17 to 2011-12-17 )))))))))))))))))))))))))))))))
.
.
2011-12-17 17:28 . 2011-12-17 17:28 29904 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{77FBD36C-C994-4B99-9755-B6548631A403}\MpKsl21463363.sys
2011-12-17 17:28 . 2011-12-17 17:28 56200 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{77FBD36C-C994-4B99-9755-B6548631A403}\offreg.dll
2011-12-17 17:28 . 2011-11-21 07:47 6823496 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{77FBD36C-C994-4B99-9755-B6548631A403}\mpengine.dll
2011-12-17 17:27 . 2010-10-19 20:51 222080 ------w- c:\windows\system32\MpSigStub.exe
2011-12-17 17:25 . 2011-12-17 17:25 -------- d-----w- c:\windows\LastGood
2011-12-17 17:25 . 2011-12-17 17:25 -------- d-----w- c:\program files\Microsoft Security Client
2011-12-17 17:19 . 2011-12-17 17:19 -------- d-----w- c:\program files\AVG Secure Search
2011-12-16 02:44 . 2011-12-16 02:44 -------- d-----w- C:\$AVG
2011-12-15 06:08 . 2011-12-15 06:08 -------- d-----w- c:\documents and settings\Balas\Application Data\AVG2012
2011-12-15 06:06 . 2011-12-15 06:06 -------- d-----w- c:\documents and settings\Balas\Application Data\AVG Secure Search
2011-12-15 06:06 . 2011-12-15 06:06 -------- d-----w- c:\documents and settings\All Users\Application Data\AVG Secure Search
2011-12-15 06:06 . 2011-12-15 06:06 -------- d-----w- c:\program files\Common Files\AVG Secure Search
2011-12-15 06:05 . 2011-12-17 13:05 -------- d-----w- c:\windows\system32\drivers\AVG
2011-12-15 06:05 . 2011-12-15 06:13 -------- d-----w- c:\documents and settings\All Users\Application Data\AVG2012
2011-12-15 06:04 . 2011-12-15 06:04 -------- d-----w- c:\program files\AVG
2011-12-15 05:55 . 2011-12-15 06:04 -------- d-----w- c:\documents and settings\All Users\Application Data\AVAST Software
2011-12-15 05:55 . 2011-12-15 05:55 -------- d-----w- c:\program files\AVAST Software
2011-12-15 05:41 . 2011-12-15 05:41 -------- d-----w- c:\program files\Common Files\Java
2011-12-15 05:40 . 2011-12-15 05:40 73728 ----a-w- c:\windows\system32\javacpl.cpl
2011-12-15 01:52 . 2011-12-15 01:52 -------- d-----w- c:\documents and settings\Balas\Application Data\Qualys
2011-12-11 17:16 . 2011-12-11 17:16 -------- d-sh--w- c:\documents and settings\NetworkService\IETldCache
2011-11-24 19:02 . 2011-11-24 19:02 159744 ----a-w- c:\program files\Internet Explorer\PLUGINS\npqtplugin7.dll
2011-11-24 19:02 . 2011-11-24 19:02 159744 ----a-w- c:\program files\Internet Explorer\PLUGINS\npqtplugin6.dll
2011-11-24 19:02 . 2011-11-24 19:02 159744 ----a-w- c:\program files\Internet Explorer\PLUGINS\npqtplugin5.dll
2011-11-24 19:02 . 2011-11-24 19:02 159744 ----a-w- c:\program files\Internet Explorer\PLUGINS\npqtplugin4.dll
2011-11-24 19:02 . 2011-11-24 19:02 159744 ----a-w- c:\program files\Internet Explorer\PLUGINS\npqtplugin3.dll
2011-11-24 19:02 . 2011-11-24 19:02 159744 ----a-w- c:\program files\Internet Explorer\PLUGINS\npqtplugin2.dll
2011-11-24 19:02 . 2011-11-24 19:02 159744 ----a-w- c:\program files\Internet Explorer\PLUGINS\npqtplugin.dll
2011-11-24 19:01 . 2011-11-24 19:02 -------- d-----w- c:\program files\QuickTime
2011-11-24 18:58 . 2011-11-24 18:58 -------- d-----w- c:\program files\iPod
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-12-15 05:40 . 2011-06-06 16:33 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-11-23 13:25 . 2004-08-04 12:00 1859584 ----a-w- c:\windows\system32\win32k.sys
2011-11-15 02:20 . 2011-10-27 22:49 139152 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2011-11-15 02:20 . 2011-10-27 22:49 111928 ----a-w- c:\windows\system32\PnkBstrB.exe
2011-11-15 01:56 . 2011-06-06 17:33 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-11-04 19:20 . 2004-08-04 12:00 916992 ----a-w- c:\windows\system32\wininet.dll
2011-11-04 19:20 . 2004-08-04 12:00 43520 ------w- c:\windows\system32\licmgr10.dll
2011-11-04 19:20 . 2004-08-04 12:00 1469440 ------w- c:\windows\system32\inetcpl.cpl
2011-11-04 11:23 . 2004-08-04 12:00 385024 ------w- c:\windows\system32\html.iec
2011-11-01 16:07 . 2004-08-04 12:00 1288704 ----a-w- c:\windows\system32\ole32.dll
2011-10-28 05:31 . 2004-08-04 12:00 33280 ----a-w- c:\windows\system32\csrsrv.dll
2011-10-27 22:49 . 2011-10-27 22:49 66872 ----a-w- c:\windows\system32\PnkBstrA.exe
2011-10-25 13:37 . 2004-08-04 12:00 2148864 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-10-25 12:52 . 2004-08-03 22:59 2027008 ----a-w- c:\windows\system32\ntkrnlpa.exe
2011-10-24 19:29 . 2011-10-24 19:29 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
2011-10-24 19:29 . 2011-10-24 19:29 69632 ----a-w- c:\windows\system32\QuickTime.qts
2011-10-18 11:13 . 2004-08-04 12:00 186880 ----a-w- c:\windows\system32\encdec.dll
2011-10-15 19:07 . 2011-10-15 19:07 388096 ----a-r- c:\documents and settings\Balas\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2011-10-10 14:22 . 2011-06-06 16:00 692736 ----a-w- c:\windows\system32\inetcomm.dll
2011-09-30 19:37 . 2011-10-15 18:59 17280 ----a-w- c:\windows\system32\roboot.exe
2011-09-30 17:36 . 2011-09-30 17:36 18944 ----a-r- c:\documents and settings\Balas\Application Data\Microsoft\Installer\{8F018A9E-56DE-4A79-A5EF-25F413F1D538}\IconBB6A16301.exe
2011-09-28 07:06 . 2004-08-04 12:00 599040 ----a-w- c:\windows\system32\crypt32.dll
2011-09-26 15:41 . 2008-07-29 23:59 611328 ----a-w- c:\windows\system32\uiautomationcore.dll
2011-09-26 15:41 . 2004-08-04 12:00 220160 ----a-w- c:\windows\system32\oleacc.dll
2011-09-26 15:41 . 2004-08-04 12:00 20480 ----a-w- c:\windows\system32\oleaccrc.dll
2011-11-12 23:52 . 2011-10-15 18:01 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((( [Link mogu videti samo ulogovani korisnici] )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-07-12 05:02 . 2009-07-12 05:02 51008 c:\windows\WinSxS\x86_Microsoft.VC90.OpenMP_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_f0ccd4aa\vcomp90.dll
- 2009-07-12 04:02 . 2009-07-12 04:02 51008 c:\windows\WinSxS\x86_Microsoft.VC90.OpenMP_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_f0ccd4aa\vcomp90.dll
+ 2009-07-12 05:02 . 2009-07-12 05:02 59728 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90rus.dll
- 2009-07-12 04:02 . 2009-07-12 04:02 59728 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90rus.dll
+ 2009-07-12 05:02 . 2009-07-12 05:02 42832 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90kor.dll
- 2009-07-12 04:02 . 2009-07-12 04:02 42832 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90kor.dll
- 2009-07-12 04:02 . 2009-07-12 04:02 43344 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90jpn.dll
+ 2009-07-12 05:02 . 2009-07-12 05:02 43344 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90jpn.dll
- 2009-07-12 04:02 . 2009-07-12 04:02 61264 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90ita.dll
+ 2009-07-12 05:02 . 2009-07-12 05:02 61264 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90ita.dll
- 2009-07-12 04:02 . 2009-07-12 04:02 62800 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90fra.dll
+ 2009-07-12 05:02 . 2009-07-12 05:02 62800 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90fra.dll
+ 2009-07-12 05:02 . 2009-07-12 05:02 61760 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90esp.dll
- 2009-07-12 04:02 . 2009-07-12 04:02 61760 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90esp.dll
+ 2009-07-12 05:02 . 2009-07-12 05:02 61776 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90esn.dll
- 2009-07-12 04:02 . 2009-07-12 04:02 61776 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90esn.dll
+ 2009-07-12 05:02 . 2009-07-12 05:02 53568 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90enu.dll
- 2009-07-12 04:02 . 2009-07-12 04:02 53568 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90enu.dll
- 2009-07-12 04:02 . 2009-07-12 04:02 63296 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90deu.dll
+ 2009-07-12 05:02 . 2009-07-12 05:02 63296 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90deu.dll
+ 2009-07-12 05:02 . 2009-07-12 05:02 36688 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90cht.dll
- 2009-07-12 04:02 . 2009-07-12 04:02 36688 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90cht.dll
+ 2009-07-12 05:02 . 2009-07-12 05:02 35648 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90chs.dll
- 2009-07-12 04:02 . 2009-07-12 04:02 35648 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90chs.dll
- 2009-07-12 04:05 . 2009-07-12 04:05 59904 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_a57c1f53\mfcm90u.dll
+ 2009-07-12 05:05 . 2009-07-12 05:05 59904 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_a57c1f53\mfcm90u.dll
+ 2009-07-12 05:05 . 2009-07-12 05:05 59904 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_a57c1f53\mfcm90.dll
- 2009-07-12 04:05 . 2009-07-12 04:05 59904 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_a57c1f53\mfcm90.dll
+ 2011-12-17 17:22 . 2011-12-17 17:22 16384 c:\windows\Temp\Perflib_Perfdata_78.dat
+ 2011-06-06 16:22 . 2011-11-08 13:46 46080 c:\windows\system32\tzchange.exe
- 2011-06-06 16:22 . 2011-07-08 13:49 46080 c:\windows\system32\tzchange.exe
- 2004-08-04 12:00 . 2011-08-22 23:48 66560 c:\windows\system32\mshtmled.dll
+ 2004-08-04 12:00 . 2011-11-04 19:20 66560 c:\windows\system32\mshtmled.dll
- 2009-03-08 08:31 . 2011-08-22 23:48 55296 c:\windows\system32\msfeedsbs.dll
+ 2009-03-08 08:31 . 2011-11-04 19:20 55296 c:\windows\system32\msfeedsbs.dll
+ 2004-08-04 12:00 . 2011-11-04 19:20 25600 c:\windows\system32\jsproxy.dll
- 2004-08-04 12:00 . 2011-08-22 23:48 25600 c:\windows\system32\jsproxy.dll
- 2011-06-06 11:51 . 2008-04-14 04:10 57600 c:\windows\system32\drivers\redbook.sys
+ 2011-06-06 11:51 . 2008-04-14 05:10 57600 c:\windows\system32\drivers\redbook.sys
+ 2011-07-11 06:14 . 2011-07-11 06:14 23120 c:\windows\system32\drivers\AVGIDSEH.sys
- 2011-06-06 17:09 . 2011-08-22 23:48 12800 c:\windows\system32\dllcache\xpshims.dll
+ 2011-06-06 17:09 . 2011-11-04 19:20 12800 c:\windows\system32\dllcache\xpshims.dll
+ 2011-06-06 11:51 . 2008-04-14 05:10 57600 c:\windows\system32\dllcache\redbook.sys
- 2009-03-08 08:31 . 2011-08-22 23:48 66560 c:\windows\system32\dllcache\mshtmled.dll
+ 2009-03-08 08:31 . 2011-11-04 19:20 66560 c:\windows\system32\dllcache\mshtmled.dll
+ 2011-06-06 17:09 . 2011-11-04 19:20 55296 c:\windows\system32\dllcache\msfeedsbs.dll
- 2011-06-06 17:09 . 2011-08-22 23:48 55296 c:\windows\system32\dllcache\msfeedsbs.dll
+ 2009-03-08 08:34 . 2011-11-04 19:20 43520 c:\windows\system32\dllcache\licmgr10.dll
- 2009-03-08 08:34 . 2011-08-22 23:48 43520 c:\windows\system32\dllcache\licmgr10.dll
+ 2004-08-04 12:00 . 2011-11-04 19:20 25600 c:\windows\system32\dllcache\jsproxy.dll
- 2004-08-04 12:00 . 2011-08-22 23:48 25600 c:\windows\system32\dllcache\jsproxy.dll
+ 2010-12-09 14:30 . 2011-10-28 05:31 33280 c:\windows\system32\dllcache\csrsrv.dll
- 2010-12-09 14:30 . 2011-04-26 11:07 33280 c:\windows\system32\dllcache\csrsrv.dll
+ 2011-06-06 17:34 . 2011-12-15 05:41 87901 c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
+ 2011-11-22 13:34 . 2011-11-22 13:34 86016 c:\windows\system32\Adobe\Shockwave 11\SwMenu.dll
- 2011-08-16 10:27 . 2011-08-16 10:27 86016 c:\windows\system32\Adobe\Shockwave 11\SwMenu.dll
- 2011-07-15 11:39 . 2011-07-15 11:39 73408 c:\windows\system32\Adobe\Shockwave 11\gtapi.dll
+ 2011-11-22 13:19 . 2011-11-22 13:19 73408 c:\windows\system32\Adobe\Shockwave 11\gtapi.dll
- 2011-07-15 11:39 . 2011-07-15 11:39 64512 c:\windows\system32\Adobe\Shockwave 11\gcapi_dll.dll
+ 2011-11-22 13:19 . 2011-11-22 13:19 64512 c:\windows\system32\Adobe\Shockwave 11\gcapi_dll.dll
- 2011-08-16 10:29 . 2011-08-16 10:29 12800 c:\windows\system32\Adobe\Shockwave 11\DynaPlayer.dll
+ 2011-11-22 13:36 . 2011-11-22 13:36 12800 c:\windows\system32\Adobe\Shockwave 11\DynaPlayer.dll
+ 2011-06-06 17:16 . 2011-12-15 05:40 49152 c:\windows\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}\ConfigIcon.dll
- 2011-06-06 17:16 . 2011-10-14 02:15 49152 c:\windows\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}\ConfigIcon.dll
+ 2011-12-15 06:14 . 2011-08-22 23:48 12800 c:\windows\ie8updates\KB2618444-IE8\xpshims.dll
+ 2011-12-15 06:14 . 2011-08-22 23:48 66560 c:\windows\ie8updates\KB2618444-IE8\mshtmled.dll
+ 2011-12-15 06:14 . 2011-08-22 23:48 55296 c:\windows\ie8updates\KB2618444-IE8\msfeedsbs.dll
+ 2011-12-15 06:14 . 2011-08-22 23:48 43520 c:\windows\ie8updates\KB2618444-IE8\licmgr10.dll
+ 2011-12-15 06:14 . 2011-08-22 23:48 25600 c:\windows\ie8updates\KB2618444-IE8\jsproxy.dll
- 2009-07-12 04:02 . 2009-07-12 04:02 653120 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcr90.dll
+ 2009-07-12 05:02 . 2009-07-12 05:02 653120 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcr90.dll
- 2009-07-12 04:02 . 2009-07-12 04:02 569664 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcp90.dll
+ 2009-07-12 05:02 . 2009-07-12 05:02 569664 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcp90.dll
+ 2009-07-12 05:05 . 2009-07-12 05:05 225280 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcm90.dll
- 2009-07-12 04:05 . 2009-07-12 04:05 225280 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcm90.dll
- 2009-07-12 04:02 . 2009-07-12 04:02 159032 c:\windows\WinSxS\x86_Microsoft.VC90.ATL_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_353599c2\atl90.dll
+ 2009-07-12 05:02 . 2009-07-12 05:02 159032 c:\windows\WinSxS\x86_Microsoft.VC90.ATL_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_353599c2\atl90.dll
+ 2005-09-23 03:48 . 2005-09-23 03:48 626688 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_0de06acd\msvcr80.dll
+ 2005-09-23 03:48 . 2005-09-23 03:48 548864 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_0de06acd\msvcp80.dll
+ 2005-09-23 03:48 . 2005-09-23 03:48 479232 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_0de06acd\msvcm80.dll
+ 2004-08-04 12:00 . 2011-11-04 19:20 105984 c:\windows\system32\url.dll
- 2004-08-04 12:00 . 2011-08-22 23:48 105984 c:\windows\system32\url.dll
+ 2004-08-04 12:00 . 2011-11-04 19:20 206848 c:\windows\system32\occache.dll
- 2004-08-04 12:00 . 2011-08-22 23:48 206848 c:\windows\system32\occache.dll
- 2004-08-04 12:00 . 2011-08-22 23:48 611840 c:\windows\system32\mstime.dll
+ 2004-08-04 12:00 . 2011-11-04 19:20 611840 c:\windows\system32\mstime.dll
+ 2009-03-08 08:32 . 2011-11-04 19:20 602112 c:\windows\system32\msfeeds.dll
- 2009-03-08 08:32 . 2011-08-22 23:48 602112 c:\windows\system32\msfeeds.dll
- 2011-07-09 02:29 . 2011-05-04 08:52 157472 c:\windows\system32\javaws.exe
+ 2011-12-15 05:40 . 2011-12-15 05:40 157472 c:\windows\system32\javaws.exe
+ 2011-12-15 05:40 . 2011-12-15 05:40 149280 c:\windows\system32\javaw.exe
+ 2011-12-15 05:40 . 2011-12-15 05:40 149280 c:\windows\system32\java.exe
- 2004-08-04 12:00 . 2011-08-22 23:48 184320 c:\windows\system32\iepeers.dll
+ 2004-08-04 12:00 . 2011-11-04 19:20 184320 c:\windows\system32\iepeers.dll
- 2004-08-04 12:00 . 2011-08-22 23:48 387584 c:\windows\system32\iedkcs32.dll
+ 2004-08-04 12:00 . 2011-11-04 19:20 387584 c:\windows\system32\iedkcs32.dll
+ 2004-08-04 12:00 . 2011-11-04 11:24 174080 c:\windows\system32\ie4uinit.exe
- 2004-08-04 12:00 . 2011-08-22 11:56 174080 c:\windows\system32\ie4uinit.exe
- 2011-06-06 11:48 . 2011-10-14 09:09 125320 c:\windows\system32\FNTCACHE.DAT
+ 2011-06-06 11:48 . 2011-12-16 00:45 125320 c:\windows\system32\FNTCACHE.DAT
+ 2011-04-18 18:18 . 2011-04-18 18:18 165648 c:\windows\system32\drivers\MpFilter.sys
+ 2011-07-11 06:14 . 2011-07-11 06:14 295248 c:\windows\system32\drivers\avgtdix.sys
+ 2004-08-04 12:00 . 2011-11-04 19:20 916992 c:\windows\system32\dllcache\wininet.dll
+ 2004-08-04 12:00 . 2011-11-04 19:20 105984 c:\windows\system32\dllcache\url.dll
- 2004-08-04 12:00 . 2011-08-22 23:48 105984 c:\windows\system32\dllcache\url.dll
- 2009-03-08 08:34 . 2011-08-22 23:48 206848 c:\windows\system32\dllcache\occache.dll
+ 2009-03-08 08:34 . 2011-11-04 19:20 206848 c:\windows\system32\dllcache\occache.dll
- 2009-03-08 08:32 . 2011-08-22 23:48 611840 c:\windows\system32\dllcache\mstime.dll
+ 2009-03-08 08:32 . 2011-11-04 19:20 611840 c:\windows\system32\dllcache\mstime.dll
+ 2011-06-06 17:09 . 2011-11-04 19:20 602112 c:\windows\system32\dllcache\msfeeds.dll
- 2011-06-06 17:09 . 2011-08-22 23:48 602112 c:\windows\system32\dllcache\msfeeds.dll
- 2011-06-06 17:09 . 2011-08-22 23:48 247808 c:\windows\system32\dllcache\ieproxy.dll
+ 2011-06-06 17:09 . 2011-11-04 19:20 247808 c:\windows\system32\dllcache\ieproxy.dll
- 2009-03-08 08:31 . 2011-08-22 23:48 184320 c:\windows\system32\dllcache\iepeers.dll
+ 2009-03-08 08:31 . 2011-11-04 19:20 184320 c:\windows\system32\dllcache\iepeers.dll
- 2011-06-06 17:09 . 2011-08-22 23:48 743424 c:\windows\system32\dllcache\iedvtool.dll
+ 2011-06-06 17:09 . 2011-11-04 19:20 743424 c:\windows\system32\dllcache\iedvtool.dll
- 2009-03-08 18:09 . 2011-08-22 23:48 387584 c:\windows\system32\dllcache\iedkcs32.dll
+ 2009-03-08 18:09 . 2011-11-04 19:20 387584 c:\windows\system32\dllcache\iedkcs32.dll
+ 2009-03-08 08:32 . 2011-11-04 11:24 174080 c:\windows\system32\dllcache\ie4uinit.exe
- 2009-03-08 08:32 . 2011-08-22 11:56 174080 c:\windows\system32\dllcache\ie4uinit.exe
- 2011-02-09 13:53 . 2011-02-09 13:53 186880 c:\windows\system32\dllcache\encdec.dll
+ 2011-02-09 13:53 . 2011-10-18 11:13 186880 c:\windows\system32\dllcache\encdec.dll
+ 2011-11-22 13:19 . 2011-11-22 13:19 279992 c:\windows\system32\Adobe\Shockwave 11\SymCCIS.dll
- 2011-07-15 11:39 . 2011-07-15 11:39 279992 c:\windows\system32\Adobe\Shockwave 11\SymCCIS.dll
- 2011-08-16 10:27 . 2011-08-16 10:27 114176 c:\windows\system32\Adobe\Shockwave 11\SwInit.exe
+ 2011-11-22 13:34 . 2011-11-22 13:34 114176 c:\windows\system32\Adobe\Shockwave 11\SwInit.exe
- 2011-08-16 10:29 . 2011-08-16 10:29 434176 c:\windows\system32\Adobe\Shockwave 11\Proj.dll
+ 2011-11-22 13:36 . 2011-11-22 13:36 434176 c:\windows\system32\Adobe\Shockwave 11\Proj.dll
+ 2011-11-22 13:35 . 2011-11-22 13:35 365056 c:\windows\system32\Adobe\Shockwave 11\Plugin.dll
- 2011-08-16 10:27 . 2011-08-16 10:27 365056 c:\windows\system32\Adobe\Shockwave 11\Plugin.dll
- 2011-08-16 10:16 . 2011-08-16 10:16 990208 c:\windows\system32\Adobe\Shockwave 11\iml32.dll
+ 2011-11-22 13:23 . 2011-11-22 13:23 990208 c:\windows\system32\Adobe\Shockwave 11\iml32.dll
+ 2011-11-22 13:19 . 2011-11-22 13:19 929792 c:\windows\system32\Adobe\Shockwave 11\gi.dll
+ 2011-11-22 13:34 . 2011-11-22 13:34 542720 c:\windows\system32\Adobe\Shockwave 11\Control.dll
- 2011-08-16 10:27 . 2011-08-16 10:27 542720 c:\windows\system32\Adobe\Shockwave 11\Control.dll
+ 2011-11-22 13:42 . 2011-11-22 13:42 113080 c:\windows\system32\Adobe\Director\SWDNLD.EXE
+ 2011-11-22 13:42 . 2011-11-22 13:42 279480 c:\windows\system32\Adobe\Director\SwDir.dll
- 2011-08-16 10:34 . 2011-08-16 10:34 279480 c:\windows\system32\Adobe\Director\SwDir.dll
+ 2011-11-22 13:36 . 2011-11-22 13:36 145920 c:\windows\system32\Adobe\Director\np32dsw.dll
- 2011-08-16 10:28 . 2011-08-16 10:28 145920 c:\windows\system32\Adobe\Director\np32dsw.dll
+ 2011-12-17 17:25 . 2011-12-17 17:25 785920 c:\windows\Installer\305ee.msi
+ 2011-12-17 17:25 . 2011-12-17 17:25 483840 c:\windows\Installer\305e8.msi
+ 2011-12-17 17:25 . 2011-12-17 17:25 301056 c:\windows\Installer\305e3.msi
+ 2011-12-15 05:41 . 2011-12-15 05:41 203776 c:\windows\Installer\19c976.msi
+ 2011-12-15 05:40 . 2011-12-15 05:40 902656 c:\windows\Installer\19c95e.msi
+ 2011-12-15 06:14 . 2011-08-22 23:48 916480 c:\windows\ie8updates\KB2618444-IE8\wininet.dll
+ 2011-12-15 06:14 . 2011-08-22 23:48 105984 c:\windows\ie8updates\KB2618444-IE8\url.dll
+ 2011-12-15 06:14 . 2010-07-05 13:16 382840 c:\windows\ie8updates\KB2618444-IE8\spuninst\updspapi.dll
+ 2011-12-15 06:14 . 2010-07-05 13:15 231288 c:\windows\ie8updates\KB2618444-IE8\spuninst\spuninst.exe
+ 2011-12-15 06:14 . 2011-08-22 23:48 206848 c:\windows\ie8updates\KB2618444-IE8\occache.dll
+ 2011-12-15 06:14 . 2011-08-22 23:48 611840 c:\windows\ie8updates\KB2618444-IE8\mstime.dll
+ 2011-12-15 06:14 . 2011-08-22 23:48 602112 c:\windows\ie8updates\KB2618444-IE8\msfeeds.dll
+ 2011-12-15 06:14 . 2011-08-22 23:48 247808 c:\windows\ie8updates\KB2618444-IE8\ieproxy.dll
+ 2011-12-15 06:14 . 2011-08-22 23:48 184320 c:\windows\ie8updates\KB2618444-IE8\iepeers.dll
+ 2011-12-15 06:14 . 2011-08-22 23:48 743424 c:\windows\ie8updates\KB2618444-IE8\iedvtool.dll
+ 2011-12-15 06:14 . 2011-08-22 23:48 387584 c:\windows\ie8updates\KB2618444-IE8\iedkcs32.dll
+ 2011-12-15 06:14 . 2011-08-22 11:56 174080 c:\windows\ie8updates\KB2618444-IE8\ie4uinit.exe
+ 2009-07-12 05:02 . 2009-07-12 05:02 3780424 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_a57c1f53\mfc90u.dll
- 2009-07-12 04:02 . 2009-07-12 04:02 3780424 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_a57c1f53\mfc90u.dll
- 2009-07-12 04:02 . 2009-07-12 04:02 3765048 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_a57c1f53\mfc90.dll
+ 2009-07-12 05:02 . 2009-07-12 05:02 3765048 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_a57c1f53\mfc90.dll
+ 2004-08-04 12:00 . 2011-11-04 19:20 1212416 c:\windows\system32\urlmon.dll
- 2004-08-04 12:00 . 2011-08-22 23:48 1212416 c:\windows\system32\urlmon.dll
+ 2004-08-04 12:00 . 2011-11-04 19:20 5978112 c:\windows\system32\mshtml.dll
- 2009-03-08 08:32 . 2011-08-22 23:48 2000384 c:\windows\system32\iertutil.dll
+ 2009-03-08 08:32 . 2011-11-04 19:20 2000384 c:\windows\system32\iertutil.dll
+ 2011-03-03 13:21 . 2011-11-23 13:25 1859584 c:\windows\system32\dllcache\win32k.sys
+ 2004-08-04 12:00 . 2011-11-04 19:20 1212416 c:\windows\system32\dllcache\urlmon.dll
- 2004-08-04 12:00 . 2011-08-22 23:48 1212416 c:\windows\system32\dllcache\urlmon.dll
+ 2004-08-04 12:00 . 2011-11-01 16:07 1288704 c:\windows\system32\dllcache\ole32.dll
+ 2011-06-06 16:31 . 2011-10-25 13:33 2192768 c:\windows\system32\dllcache\ntoskrnl.exe
- 2011-06-06 16:31 . 2010-12-09 13:38 2192768 c:\windows\system32\dllcache\ntoskrnl.exe
+ 2011-06-06 16:31 . 2011-10-25 12:52 2027008 c:\windows\system32\dllcache\ntkrpamp.exe
- 2011-06-06 16:31 . 2010-12-09 13:07 2027008 c:\windows\system32\dllcache\ntkrpamp.exe
- 2009-02-07 23:02 . 2010-12-09 13:07 2069376 c:\windows\system32\dllcache\ntkrnlpa.exe
+ 2009-02-07 23:02 . 2011-10-25 12:52 2069376 c:\windows\system32\dllcache\ntkrnlpa.exe
- 2004-08-04 12:00 . 2010-12-09 13:42 2148864 c:\windows\system32\dllcache\ntkrnlmp.exe
+ 2004-08-04 12:00 . 2011-10-25 13:37 2148864 c:\windows\system32\dllcache\ntkrnlmp.exe
+ 2009-03-08 08:41 . 2011-11-04 19:20 5978112 c:\windows\system32\dllcache\mshtml.dll
- 2011-06-06 17:09 . 2011-08-22 23:48 2000384 c:\windows\system32\dllcache\iertutil.dll
+ 2011-06-06 17:09 . 2011-11-04 19:20 2000384 c:\windows\system32\dllcache\iertutil.dll
+ 2011-11-22 13:42 . 2011-11-22 13:42 1040824 c:\windows\system32\Adobe\Shockwave 11\SwHelper_1163633.exe
- 2011-07-29 09:40 . 2011-07-29 09:40 2376368 c:\windows\system32\Adobe\Shockwave 11\gt.exe
+ 2011-11-22 13:19 . 2011-11-22 13:19 2376368 c:\windows\system32\Adobe\Shockwave 11\gt.exe
+ 2011-11-22 13:24 . 2011-11-22 13:24 1742336 c:\windows\system32\Adobe\Shockwave 11\dirapi.dll
+ 2011-12-15 06:07 . 2011-12-15 06:07 4683264 c:\windows\Installer\289357.msi
+ 2011-12-15 06:05 . 2011-12-15 06:05 2186240 c:\windows\Installer\289353.msi
+ 2011-12-15 06:14 . 2011-08-22 23:48 1212416 c:\windows\ie8updates\KB2618444-IE8\urlmon.dll
+ 2011-12-15 06:14 . 2011-10-03 08:35 5971456 c:\windows\ie8updates\KB2618444-IE8\mshtml.dll
+ 2011-12-15 06:14 . 2011-08-22 23:48 2000384 c:\windows\ie8updates\KB2618444-IE8\iertutil.dll
- 2011-06-06 16:31 . 2010-12-09 13:38 2192768 c:\windows\Driver Cache\i386\ntoskrnl.exe
+ 2011-06-06 16:31 . 2011-10-25 13:33 2192768 c:\windows\Driver Cache\i386\ntoskrnl.exe
+ 2011-06-06 16:31 . 2011-10-25 12:52 2027008 c:\windows\Driver Cache\i386\ntkrpamp.exe
- 2011-06-06 16:31 . 2010-12-09 13:07 2027008 c:\windows\Driver Cache\i386\ntkrpamp.exe
+ 2009-02-07 23:02 . 2011-10-25 12:52 2069376 c:\windows\Driver Cache\i386\ntkrnlpa.exe
- 2009-02-07 23:02 . 2010-12-09 13:07 2069376 c:\windows\Driver Cache\i386\ntkrnlpa.exe
+ 2011-06-06 16:31 . 2011-10-25 13:37 2148864 c:\windows\Driver Cache\i386\ntkrnlmp.exe
- 2011-06-06 16:31 . 2010-12-09 13:42 2148864 c:\windows\Driver Cache\i386\ntkrnlmp.exe
+ 2011-06-06 17:06 . 2011-12-15 06:12 52988224 c:\windows\system32\MRT.exe
- 2009-03-08 08:39 . 2011-08-23 21:48 11081728 c:\windows\system32\ieframe.dll
+ 2009-03-08 08:39 . 2011-11-04 19:20 11081728 c:\windows\system32\ieframe.dll
+ 2011-06-06 17:09 . 2011-11-04 19:20 11081728 c:\windows\system32\dllcache\ieframe.dll
- 2011-06-06 17:09 . 2011-08-23 21:48 11081728 c:\windows\system32\dllcache\ieframe.dll
+ 2011-12-15 05:40 . 2011-12-15 05:40 23622656 c:\windows\Installer\19c968.msp
+ 2011-12-15 06:14 . 2011-08-23 21:48 11081728 c:\windows\ie8updates\KB2618444-IE8\ieframe.dll
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
2011-12-17 17:19 1574240 ----a-w- c:\program files\AVG Secure Search\9.0.0.21\AVG Secure Search_toolbar.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}]
2011-08-19 16:45 790304 ----a-w- c:\program files\Yontoo Layers Runtime\YontooIEClient.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{95B7759C-8C7F-4BF1-B163-73684A933233}"= "c:\program files\AVG Secure Search\9.0.0.21\AVG Secure Search_toolbar.dll" [2011-12-17 1574240]
.
[HKEY_CLASSES_ROOT\clsid\{95b7759c-8c7f-4bf1-b163-73684a933233}]
[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj.1]
[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2011-07-05 39408]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2011-12-16 4616064]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-11-12 141336]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-11-12 173592]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-11-12 141336]
"HDAudDeck"="c:\program files\VIA\VIAudioi\HDADeck\HDeck.exe" [2009-08-28 33673216]
"AceGain LiveUpdate"="c:\program files\AceGain\LiveUpdate\LiveUpdate.exe" [2004-01-01 417792]
"ATT-SST_McciTrayApp"="c:\program files\ATT-SST\McciTrayApp.exe" [2010-07-27 1573888]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-10-06 59240]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-09-27 59240]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-11-13 421736]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2011-10-24 421888]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
"AVG_TRAY"="c:\program files\AVG\AVG2012\avgtray.exe" [2011-12-03 2415456]
"vProt"="c:\program files\AVG Secure Search\vprot.exe" [2011-12-17 892768]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2011-06-15 997920]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"AvgUninstallURL"="start [Link mogu videti samo ulogovani korisnici] [?]
.
c:\documents and settings\Balas\Start Menu\Programs\Startup\
OpenOffice.org 3.3.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2010-12-13 1198592]
.
c:\documents and settings\All Users\Start Menu\Programs\Startup\
Adobe Gamma Loader.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2011-6-10 113664]
McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\2.0.181\SSScheduler.exe [2010-1-15 255536]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2011-07-19 113024]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2011-05-04 17:54 551296 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.DLL
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"DisableNotifications"= 1 (0x1)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\EA GAMES\\Battlefield 1942\\BF1942.exe"=
"c:\\Program Files\\EA GAMES\\Battlefield Vietnam\\bfvietnam.exe"=
"c:\\Program Files\\Google\\Google Earth\\client\\googleearth.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Common Files\\Motive\\McciServiceHost.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\AVG\\AVG2012\\avgnsx.exe"=
"c:\\Program Files\\AVG\\AVG2012\\avgdiagex.exe"=
"c:\\Program Files\\AVG\\AVG2012\\avgmfapx.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5985:TCP"= 5985:TCP:*:Disabled:Windows Remote Management
.
R0 AVGIDSEH;AVGIDSEH;c:\windows\system32\drivers\AVGIDSEH.sys [7/11/2011 1:14 AM 23120]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [7/11/2011 1:14 AM 295248]
R1 MpKsl21463363;MpKsl21463363;c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{77FBD36C-C994-4B99-9755-B6548631A403}\MpKsl21463363.sys [12/17/2011 12:28 PM 29904]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [7/22/2011 11:27 AM 12880]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [7/12/2011 4:55 PM 67664]
R2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCore.exe [8/11/2011 6:38 PM 116608]
R2 avgwd;AVG WatchDog;c:\program files\AVG\AVG2012\avgwdsvc.exe [8/2/2011 6:09 AM 192776]
R2 McciServiceHost;McciServiceHost;c:\program files\Common Files\Motive\McciServiceHost.exe [7/3/2011 9:28 AM 315392]
R2 vToolbarUpdater;vToolbarUpdater;c:\program files\Common Files\AVG Secure Search\vToolbarUpdater\9.0.1\ToolbarUpdater.exe [12/15/2011 1:06 AM 869216]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [6/6/2011 11:13 AM 1390976]
S0 TfFsMon;TfFsMon;c:\windows\system32\drivers\TfFsMon.sys --> c:\windows\system32\drivers\TfFsMon.sys [?]
S0 TfSysMon;TfSysMon;c:\windows\system32\drivers\TfSysMon.sys --> c:\windows\system32\drivers\TfSysMon.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [3/18/2010 12:16 PM 130384]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [7/5/2011 4:25 PM 136176]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [7/5/2011 4:25 PM 136176]
S3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\2.0.181\McCHSvc.exe [1/15/2010 7:49 AM 227232]
S3 TfNetMon;TfNetMon;\??\c:\windows\system32\drivers\TfNetMon.sys --> c:\windows\system32\drivers\TfNetMon.sys [?]
S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [8/4/2004 7:00 AM 14336]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [3/18/2010 12:16 PM 753504]
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - MPFILTER
*NewlyCreated* - MPKSL21463363
*NewlyCreated* - MSMPSVC
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
WINRM REG_MULTI_SZ WINRM
.
Contents of the 'Scheduled Tasks' folder
.
2011-12-16 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2011-06-01 21:57]
.
2011-12-17 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-07-05 21:25]
.
2011-12-17 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-07-05 21:25]
.
2011-12-17 c:\windows\Tasks\MP Scheduled Scan.job
- c:\program files\Microsoft Security Client\Antimalware\MpCmdRun.exe [2011-04-27 20:39]
.
2011-12-17 c:\windows\Tasks\MpIdleTask.job
- c:\program files\Microsoft Security Client\Antimalware\MpCmdRun.exe [2011-04-27 20:39]
.
.
------- Supplementary Scan -------
.
uStart Page =
uInternet Settings,ProxyOverride = *.local
Trusted Zone: $talisma_url$
TCP: DhcpNameServer = 192.168.7.254
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\Common Files\AVG Secure Search\ViProtocolInstaller\9.0.1\ViProtocol.dll
FF - ProfilePath - c:\documents and settings\Balas\Application Data\Mozilla\Firefox\Profiles\2hqklzjs.default\
FF - prefs.js: browser.search.selectedEngine - Bing
FF - prefs.js: browser.startup.homepage - [Link mogu videti samo ulogovani korisnici]
FF - prefs.js: keyword.URL - [Link mogu videti samo ulogovani korisnici]
FF - prefs.js: network.proxy.type - 0
FF - user.js: extentions.y2layers.installId - 83a1ff2d-1b1a-4075-a9df-3fb6ef81566e
FF - user.js: extentions.y2layers.defaultEnableAppsList - Buzzdock,BuzzdockTease,DropDownDeals,DropDownDeals,
.
- - - - ORPHANS REMOVED - - - -
.
WebBrowser-{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - (no file)
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, [Link mogu videti samo ulogovani korisnici]
Rootkit scan 2011-12-17 13:26
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
HDAudDeck = c:\program files\VIA\VIAudioi\HDADeck\HDeck.exe 1????????????????????????????????????????????????
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(652)
c:\program files\SUPERAntiSpyware\SASWINLO.DLL
c:\windows\system32\WININET.dll
.
Completion time: 2011-12-17 13:28:23
ComboFix-quarantined-files.txt 2011-12-17 18:28
ComboFix2.txt 2011-12-15 05:15
ComboFix3.txt 2011-12-13 23:14
ComboFix4.txt 2011-12-12 22:54
ComboFix5.txt 2011-12-17 18:19
.
Pre-Run: 127,652,147,200 bytes free
Post-Run: 127,656,681,472 bytes free
.
- - End Of File - - F594D5B409D801DEFACA995D6E64E7CF

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Jesi li AVG deinstalirao kroz Start -> Control Panel -> Add/Remove Programs? Ako još stoji tamo njegova stavka, deinstaliraj ga odatle. Zatim preuzmi AVG Remover, pokreni ga i prati upustva na ekranu.





Otvoriti Notepad i iskopirati sledeći tekst:

DeQuarantine::
C:\Qoobox\Quarantine\C\Windows\iun6002.exe.vir
C:\Qoobox\Quarantine\C\documents and settings\All Users\Application Data\Tarma Installer
Quit::


Snimiti na Desktop fajl iz Notepada kao "CFScript"




Prevuci snimljeni skript/tekst na ComboFix ikonicu kao na slici.
Postaviti u sledećoj poruci log koji bude bio napravljen na kraju čišćenja/skeniranja.

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Uloguj se preko Facebooka da bi skinuo fajl:

[Link mogu videti samo ulogovani korisnici]

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

U logovima više nema tragova aktivne infekcije.



Potrebno je deinstalirati ComboFix:
klikni start (ili ), a zatim RUN.

Na Visti i 7 koristiti Start Search polje ukoliko Run nije dostupan.

U liniju za unos teksta ukucaj (iskopiraj) sledeće:

ComboFix /Uninstall

Primeti da postoji razmak između "ComboFix" i "/Uninstall".



a zatim klikni OK (ili pritisni Enter).

Sačekaj da se proces deinstalacije završi.





- Preporučujem da za zaštitu USB memorijskih uređaja koristiš MCShield. Nema nikakve veze sa antivirus-om tj. neće ometati njegov rad, a pokazao se kao jedan od najboljih vida zaštite od malware-a koji se prenosi putem USB mem. uređaja.

Skineš, instaliraš, ubodeš USB mem. uređaj, izvrši se skeniranje nakon čega dobiješ obavještenje da je uređaj čist (ukoliko je stvarno tako); ili dobiješ log u kome vidiš informacije o malware-u koji je nađen i obrisan.


Home Page MCShield-a: [Link mogu videti samo ulogovani korisnici]

Više o MCShield-u možeš saznati u ovoj temi: [Link mogu videti samo ulogovani korisnici]





Obavezno posjeti temu Testirajte da li vam je pretraživač ranjiv, pročitaj i isprati link koji stoji u njoj.

• 2Ovo se svidja korisnicima: Sass Drake, ThePhilosopher
  
  Registruj se da bi pohvalio/la poruku!

Puno vam hvala na vasoj pomoci!