offline
- SAnja
- Google master
- Pridružio: 01 Okt 2003
- Poruke: 2383
- Gde živiš: Beograd
|
ComboFix 09-04-04.01 - Sandra 2009-04-07 12:45:01.7 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2815.2226 [GMT 2:00]
Running from: c:\documents and settings\Sandra\Desktop\ComboFix.exe
AV: Kaspersky Internet Security *On-access scanning disabled* (Updated)
FW: Kaspersky Internet Security *disabled*
* Created a new restore point
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\windows\temp\28.exe
.
((((((((((((((((((((((((( Files Created from 2009-03-07 to 2009-04-07 )))))))))))))))))))))))))))))))
.
2009-04-05 22:14 . 2009-04-05 22:14 1,213,320 --a------ c:\windows\system32\trjscan.trb
2009-04-05 22:14 . 2009-04-05 22:14 905,608 --a------ c:\windows\system32\trupd.trb
2009-04-05 22:14 . 2009-04-05 22:14 35,440 --a------ c:\windows\system32\sschk.trb
2009-04-05 22:13 . 2009-03-30 16:53 2,929,528 --a------ c:\windows\system32\rmt.trb
2009-04-05 22:13 . 2009-03-23 18:00 1,295,224 --a------ c:\windows\system32\rmvtrjan.trb
2009-04-05 22:10 . 2009-04-05 22:10 <DIR> d-------- c:\documents and settings\All Users\Application Data\TEMP
2009-04-05 22:09 . 2009-04-05 22:16 <DIR> d-------- c:\program files\Trojan Remover
2009-04-05 22:09 . 2009-04-05 22:09 <DIR> d-------- c:\documents and settings\Sandra\Application Data\Simply Super Software
2009-04-05 22:09 . 2003-02-02 19:06 153,088 --a------ c:\windows\system32\UNRAR3.dll
2009-04-05 09:55 . 2009-04-05 09:55 102,475 --a------ c:\windows\system32\msvcrt2.dll
2009-03-21 15:58 . 2009-03-21 15:58 14 --a------ c:\windows\popcinfo.dat
2009-03-20 01:02 . 2009-03-20 01:02 <DIR> d-------- c:\program files\Bonjour
2009-03-19 08:33 . 2009-03-09 02:53 73,728 --a------ c:\windows\system32\javacpl.cpl
2009-03-19 08:32 . 2009-04-01 09:01 <DIR> d-------- c:\program files\Java
2009-03-19 00:51 . 2008-10-16 15:06 268,648 --a------ c:\windows\system32\mucltui.dll
2009-03-19 00:51 . 2008-10-16 15:06 208,744 --a------ c:\windows\system32\muweb.dll
2009-03-19 00:51 . 2008-10-16 15:06 27,496 --a------ c:\windows\system32\mucltui.dll.mui
2009-03-18 16:00 . 2006-09-06 18:43 22,752 --a------ c:\windows\system32\spupdsvc.exe
2009-03-18 15:59 . 2009-03-19 01:03 <DIR> d--h----- c:\windows\$hf_mig$
2009-03-18 15:55 . 2008-12-21 01:15 6,066,688 -----c--- c:\windows\system32\dllcache\ieframe.dll
2009-03-18 15:55 . 2007-04-17 11:32 2,455,488 -----c--- c:\windows\system32\dllcache\ieapfltr.dat
2009-03-18 15:55 . 2007-03-08 07:10 991,232 -----c--- c:\windows\system32\dllcache\ieframe.dll.mui
2009-03-18 15:55 . 2008-12-21 01:15 459,264 -----c--- c:\windows\system32\dllcache\msfeeds.dll
2009-03-18 15:55 . 2008-12-21 01:15 383,488 -----c--- c:\windows\system32\dllcache\ieapfltr.dll
2009-03-18 15:55 . 2008-12-21 01:15 267,776 -----c--- c:\windows\system32\dllcache\iertutil.dll
2009-03-18 15:55 . 2008-12-21 01:15 63,488 -----c--- c:\windows\system32\dllcache\icardie.dll
2009-03-18 15:55 . 2008-12-21 01:15 52,224 -----c--- c:\windows\system32\dllcache\msfeedsbs.dll
2009-03-18 15:55 . 2008-12-19 11:10 13,824 -----c--- c:\windows\system32\dllcache\ieudinit.exe
2009-03-17 22:17 . 2009-03-17 22:17 <DIR> d-------- c:\windows\Internet Logs
2009-03-17 19:24 . 2009-03-17 19:24 8 --a------ c:\windows\system32\success
2009-03-17 19:22 . 2009-03-17 19:22 <DIR> d-------- c:\program files\Common Files\Deterministic Networks
2009-03-17 19:22 . 2009-03-17 19:22 <DIR> d-------- c:\program files\Cisco Systems
2009-03-17 19:22 . 2004-01-26 16:01 268,872 --a------ c:\windows\system32\drivers\CVPNDRVA.sys
2009-03-17 19:22 . 2003-07-24 20:55 139,604 --a------ c:\windows\system32\drivers\dne2000.sys
2009-03-17 19:22 . 2004-01-26 16:01 139,280 --a------ c:\windows\system32\CSGina.dll
2009-03-17 19:22 . 2003-07-24 20:55 114,000 --a------ c:\windows\system32\dneinobj.dll
2009-03-17 19:22 . 2003-05-01 14:26 5,220 --a------ c:\windows\system32\drivers\CVirtA.sys
2009-03-17 19:05 . 2009-03-17 19:05 <DIR> dr------- c:\program files\Skype
2009-03-17 19:05 . 2009-04-07 12:45 <DIR> d-------- c:\documents and settings\Sandra\Application Data\Skype
2009-03-17 19:05 . 2009-03-17 19:05 <DIR> d-------- c:\documents and settings\All Users\Application Data\Skype
2009-03-16 18:25 . 2009-03-16 18:25 <DIR> d-------- c:\program files\Interwoven
2009-03-16 18:25 . 2009-03-16 18:25 <DIR> d-------- c:\program files\Common Files\Interwoven
2009-03-16 17:57 . 2009-03-17 14:08 <DIR> d-------- C:\IWTemp
2009-03-15 17:58 . 2009-03-15 18:10 <DIR> d-------- c:\documents and settings\Sandra\DoctorWeb
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-04-07 10:49 26,940,960 --sha-w c:\windows\system32\drivers\fidbox.dat
2009-04-07 10:49 1,511,968 --sha-w c:\windows\system32\drivers\fidbox2.dat
2009-04-07 07:01 --------- d-----w c:\documents and settings\All Users\Application Data\Kaspersky Lab
2009-04-06 21:20 360,068 --sha-w c:\windows\system32\drivers\fidbox.idx
2009-04-06 21:20 144,452 --sha-w c:\windows\system32\drivers\fidbox2.idx
2009-03-28 16:41 --------- d-----w c:\documents and settings\Sandra\Application Data\POP Peeper
2009-03-21 13:20 --------- d-----w c:\documents and settings\All Users\Application Data\Phenomedia
2009-03-19 23:02 --------- d-----w c:\program files\Common Files\Adobe
2009-03-18 05:26 --------- d-----w c:\program files\POP Peeper
2009-03-17 17:22 --------- d--h--w c:\program files\InstallShield Installation Information
2009-03-15 16:01 --------- d-----w c:\program files\WordWeb
2009-03-09 03:19 410,984 ----a-w c:\windows\system32\deploytk.dll
2008-12-14 22:57 1,851,544 ----a-w c:\program files\install_flash_player.exe
.
((((((((((((((((((((((((((((( SnapShot@2009-03-15_11.43.09.65 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-02-02 17:07:40 1,914,440 ----a-w c:\windows\Downloaded Program Files\FP_AX_CAB_INSTALLER.exe
- 2005-10-20 19:02:28 163,328 ----a-w c:\windows\ERDNT\Hiv-backup\ERDNT.EXE
+ 2005-10-20 18:02:28 163,328 ----a-w c:\windows\ERDNT\Hiv-backup\ERDNT.EXE
+ 2008-04-14 12:00:00 61,440 -c--a-w c:\windows\ie7\admparse.dll
+ 2008-04-14 12:00:00 99,840 -c--a-w c:\windows\ie7\advpack.dll
+ 2008-04-14 12:00:00 33,792 -c--a-w c:\windows\ie7\custsat.dll
+ 2008-04-14 12:00:00 357,888 -c--a-w c:\windows\ie7\dxtmsft.dll
+ 2008-04-14 12:00:00 205,312 -c--a-w c:\windows\ie7\dxtrans.dll
+ 2008-04-14 12:00:00 55,808 -c--a-w c:\windows\ie7\extmgr.dll
+ 2008-04-14 12:00:00 38,912 -c--a-w c:\windows\ie7\hmmapi.dll
+ 2008-04-14 12:00:00 34,304 -c--a-w c:\windows\ie7\ie4uinit.exe
+ 2008-04-14 12:00:00 143,360 -c--a-w c:\windows\ie7\ieakeng.dll
+ 2008-04-14 12:00:00 216,576 -c--a-w c:\windows\ie7\ieaksie.dll
+ 2008-04-14 12:00:00 221,184 -c--a-w c:\windows\ie7\ieakui.dll
+ 2008-04-14 12:00:00 323,584 -c--a-w c:\windows\ie7\iedkcs32.dll
+ 2008-04-14 12:00:00 18,432 -c--a-w c:\windows\ie7\iedw.exe
+ 2008-04-14 12:00:00 251,904 -c--a-w c:\windows\ie7\iepeers.dll
+ 2008-04-14 12:00:00 48,640 -c--a-w c:\windows\ie7\iernonce.dll
+ 2008-04-14 12:00:00 62,976 -c--a-w c:\windows\ie7\iesetup.dll
+ 2008-04-14 12:00:00 93,184 -c--a-w c:\windows\ie7\iexplore.exe
+ 2008-04-14 12:00:00 35,840 -c--a-w c:\windows\ie7\imgutil.dll
+ 2008-04-14 12:00:00 96,256 -c--a-w c:\windows\ie7\inseng.dll
+ 2008-04-14 12:00:00 15,872 -c--a-w c:\windows\ie7\jsproxy.dll
+ 2008-04-14 12:00:00 22,016 -c--a-w c:\windows\ie7\licmgr10.dll
+ 2008-04-14 12:00:00 29,184 -c--a-w c:\windows\ie7\mshta.exe
+ 2008-04-14 12:00:00 3,066,880 -c--a-w c:\windows\ie7\mshtml.dll
+ 2008-04-14 12:00:00 449,024 -c--a-w c:\windows\ie7\mshtmled.dll
+ 2008-04-14 12:00:00 56,832 -c--a-w c:\windows\ie7\mshtmler.dll
+ 2008-04-14 12:00:00 146,432 -c--a-w c:\windows\ie7\msls31.dll
+ 2008-04-14 12:00:00 146,432 -c--a-w c:\windows\ie7\msrating.dll
+ 2008-04-14 12:00:00 532,480 -c--a-w c:\windows\ie7\mstime.dll
+ 2008-04-14 12:00:00 96,256 -c--a-w c:\windows\ie7\occache.dll
+ 2008-04-14 12:00:00 39,424 -c--a-w c:\windows\ie7\pngfilt.dll
+ 2007-08-13 17:54:42 32,960 -c--a-w c:\windows\ie7\spuninst\iecustom.dll
+ 2007-08-13 17:52:06 66,048 -c--a-w c:\windows\ie7\spuninst\ieResetIcons.exe
+ 2006-09-06 16:43:16 213,216 -c--a-w c:\windows\ie7\spuninst\spuninst.exe
+ 2006-09-06 16:43:18 371,424 -c--a-w c:\windows\ie7\spuninst\updspapi.dll
+ 2008-04-14 12:00:00 37,888 -c--a-w c:\windows\ie7\url.dll
+ 2008-04-14 12:00:00 619,520 -c--a-w c:\windows\ie7\urlmon.dll
+ 2008-04-14 12:00:00 851,968 -c--a-w c:\windows\ie7\vgx.dll
+ 2008-04-14 12:00:00 276,480 -c--a-w c:\windows\ie7\webcheck.dll
+ 2008-04-14 12:00:00 666,112 -c--a-w c:\windows\ie7\wininet.dll
+ 2007-08-13 17:39:00 123,904 -c----w c:\windows\ie7updates\KB956390-IE7\advpack.dll
+ 2007-08-13 17:35:46 346,624 -c----w c:\windows\ie7updates\KB956390-IE7\dxtmsft.dll
+ 2007-08-13 17:35:38 214,528 -c----w c:\windows\ie7updates\KB956390-IE7\dxtrans.dll
+ 2007-08-13 17:54:10 131,584 -c----w c:\windows\ie7updates\KB956390-IE7\extmgr.dll
+ 2007-08-13 17:36:26 61,952 -c----w c:\windows\ie7updates\KB956390-IE7\icardie.dll
+ 2007-08-13 17:39:06 54,784 -c----w c:\windows\ie7updates\KB956390-IE7\ie4uinit.exe
+ 2007-08-13 17:39:26 152,064 -c----w c:\windows\ie7updates\KB956390-IE7\ieakeng.dll
+ 2007-08-13 17:39:54 229,376 -c----w c:\windows\ie7updates\KB956390-IE7\ieaksie.dll
+ 2007-08-13 16:56:54 161,792 -c----w c:\windows\ie7updates\KB956390-IE7\ieakui.dll
+ 2007-02-12 15:10:12 2,451,312 -c----w c:\windows\ie7updates\KB956390-IE7\ieapfltr.dat
+ 2007-07-11 11:27:48 383,488 -c----w c:\windows\ie7updates\KB956390-IE7\ieapfltr.dll
+ 2007-08-13 17:39:50 382,976 -c----w c:\windows\ie7updates\KB956390-IE7\iedkcs32.dll
+ 2007-08-13 17:54:10 6,049,280 -c----w c:\windows\ie7updates\KB956390-IE7\ieframe.dll
+ 2007-08-13 17:39:10 43,008 -c----w c:\windows\ie7updates\KB956390-IE7\iernonce.dll
+ 2007-08-13 17:34:04 266,752 -c----w c:\windows\ie7updates\KB956390-IE7\iertutil.dll
+ 2007-08-13 17:39:10 13,312 -c----w c:\windows\ie7updates\KB956390-IE7\ieudinit.exe
+ 2007-08-13 17:43:56 622,080 -c----w c:\windows\ie7updates\KB956390-IE7\iexplore.exe
+ 2007-08-13 17:54:10 27,136 -c----w c:\windows\ie7updates\KB956390-IE7\jsproxy.dll
+ 2007-08-13 17:54:10 458,752 -c----w c:\windows\ie7updates\KB956390-IE7\msfeeds.dll
+ 2007-08-13 17:54:10 50,688 -c----w c:\windows\ie7updates\KB956390-IE7\msfeedsbs.dll
+ 2007-08-13 17:54:12 3,578,368 -c----w c:\windows\ie7updates\KB956390-IE7\mshtml.dll
+ 2007-08-13 17:54:10 475,648 -c----w c:\windows\ie7updates\KB956390-IE7\mshtmled.dll
+ 2007-08-13 17:44:26 192,000 -c----w c:\windows\ie7updates\KB956390-IE7\msrating.dll
+ 2007-08-13 17:54:10 670,720 -c----w c:\windows\ie7updates\KB956390-IE7\mstime.dll
+ 2007-08-13 17:44:06 101,376 -c----w c:\windows\ie7updates\KB956390-IE7\occache.dll
+ 2007-08-13 17:36:12 44,544 -c----w c:\windows\ie7updates\KB956390-IE7\pngfilt.dll
+ 2007-03-06 01:22:39 213,216 -c----w c:\windows\ie7updates\KB956390-IE7\spuninst\spuninst.exe
+ 2007-03-06 01:23:51 371,424 -c----w c:\windows\ie7updates\KB956390-IE7\spuninst\updspapi.dll
+ 2007-08-13 17:44:30 105,984 -c----w c:\windows\ie7updates\KB956390-IE7\url.dll
+ 2007-08-13 17:54:10 1,162,240 -c----w c:\windows\ie7updates\KB956390-IE7\urlmon.dll
+ 2007-08-13 17:54:10 231,424 -c----w c:\windows\ie7updates\KB956390-IE7\webcheck.dll
+ 2007-08-13 17:54:10 818,688 -c----w c:\windows\ie7updates\KB956390-IE7\wininet.dll
+ 2008-08-26 07:24:28 124,928 -c----w c:\windows\ie7updates\KB961260-IE7\advpack.dll
+ 2008-08-26 07:24:28 124,928 -c----w c:\windows\ie7updates\KB961260-IE7\advpack.dll.000
+ 2008-08-26 07:24:28 347,136 -c----w c:\windows\ie7updates\KB961260-IE7\dxtmsft.dll
+ 2008-08-26 07:24:28 214,528 -c----w c:\windows\ie7updates\KB961260-IE7\dxtrans.dll
+ 2008-08-26 07:24:28 133,120 -c----w c:\windows\ie7updates\KB961260-IE7\extmgr.dll
+ 2008-08-26 07:24:28 63,488 -c----w c:\windows\ie7updates\KB961260-IE7\icardie.dll
+ 2008-08-26 07:24:28 63,488 -c----w c:\windows\ie7updates\KB961260-IE7\icardie.dll.000
+ 2008-08-25 08:37:59 70,656 -c----w c:\windows\ie7updates\KB961260-IE7\ie4uinit.exe
+ 2008-08-26 07:24:28 153,088 -c----w c:\windows\ie7updates\KB961260-IE7\ieakeng.dll
+ 2008-08-26 07:24:28 230,400 -c----w c:\windows\ie7updates\KB961260-IE7\ieaksie.dll
+ 2008-08-23 05:54:51 161,792 -c----w c:\windows\ie7updates\KB961260-IE7\ieakui.dll
+ 2007-04-17 09:32:38 2,455,488 -c----w c:\windows\ie7updates\KB961260-IE7\ieapfltr.dat
+ 2008-08-26 07:24:28 383,488 -c----w c:\windows\ie7updates\KB961260-IE7\ieapfltr.dll
+ 2008-08-26 07:24:28 383,488 -c----w c:\windows\ie7updates\KB961260-IE7\ieapfltr.dll.000
+ 2008-08-26 07:24:29 384,512 -c----w c:\windows\ie7updates\KB961260-IE7\iedkcs32.dll
+ 2008-10-03 17:41:15 6,066,176 -c----w c:\windows\ie7updates\KB961260-IE7\ieframe.dll
+ 2008-10-03 17:41:15 6,066,176 -c----w c:\windows\ie7updates\KB961260-IE7\ieframe.dll.000
+ 2008-08-26 07:24:29 44,544 -c----w c:\windows\ie7updates\KB961260-IE7\iernonce.dll
+ 2008-08-26 07:24:29 267,776 -c----w c:\windows\ie7updates\KB961260-IE7\iertutil.dll
+ 2008-08-26 07:24:29 267,776 -c----w c:\windows\ie7updates\KB961260-IE7\iertutil.dll.000
+ 2008-08-25 08:38:00 13,824 -c----w c:\windows\ie7updates\KB961260-IE7\ieudinit.exe
+ 2008-08-23 05:56:15 635,848 -c----w c:\windows\ie7updates\KB961260-IE7\iexplore.exe
+ 2008-08-26 07:24:30 27,648 -c----w c:\windows\ie7updates\KB961260-IE7\jsproxy.dll
+ 2008-08-26 07:24:30 459,264 -c----w c:\windows\ie7updates\KB961260-IE7\msfeeds.dll
+ 2008-08-26 07:24:30 459,264 -c----w c:\windows\ie7updates\KB961260-IE7\msfeeds.dll.000
+ 2008-08-26 07:24:30 52,224 -c----w c:\windows\ie7updates\KB961260-IE7\msfeedsbs.dll
+ 2008-08-26 07:24:30 52,224 -c----w c:\windows\ie7updates\KB961260-IE7\msfeedsbs.dll.000
+ 2008-08-27 12:54:32 3,593,216 -c----w c:\windows\ie7updates\KB961260-IE7\mshtml.dll
+ 2008-08-27 12:54:32 3,593,216 -c----w c:\windows\ie7updates\KB961260-IE7\mshtml.dll.000
+ 2008-08-26 07:24:30 477,696 -c----w c:\windows\ie7updates\KB961260-IE7\mshtmled.dll
+ 2008-08-26 07:24:30 193,024 -c----w c:\windows\ie7updates\KB961260-IE7\msrating.dll
+ 2008-08-26 07:24:30 671,232 -c----w c:\windows\ie7updates\KB961260-IE7\mstime.dll
+ 2008-08-26 07:24:30 102,912 -c----w c:\windows\ie7updates\KB961260-IE7\occache.dll
+ 2008-08-26 07:24:30 44,544 -c----w c:\windows\ie7updates\KB961260-IE7\pngfilt.dll
+ 2007-03-06 01:22:41 213,216 -c----w c:\windows\ie7updates\KB961260-IE7\spuninst\spuninst.exe
+ 2007-03-06 01:23:51 371,424 -c----w c:\windows\ie7updates\KB961260-IE7\spuninst\updspapi.dll
+ 2008-08-26 07:24:30 105,984 -c----w c:\windows\ie7updates\KB961260-IE7\url.dll
+ 2008-08-26 07:24:30 105,984 -c----w c:\windows\ie7updates\KB961260-IE7\url.dll.000
+ 2008-08-26 07:24:31 1,159,680 -c----w c:\windows\ie7updates\KB961260-IE7\urlmon.dll
+ 2008-08-26 07:24:31 1,159,680 -c----w c:\windows\ie7updates\KB961260-IE7\urlmon.dll.000
+ 2008-08-26 07:24:31 233,472 -c----w c:\windows\ie7updates\KB961260-IE7\webcheck.dll
+ 2008-08-26 07:24:31 233,472 -c----w c:\windows\ie7updates\KB961260-IE7\webcheck.dll.000
+ 2008-08-26 07:24:31 826,368 -c----w c:\windows\ie7updates\KB961260-IE7\wininet.dll
+ 2008-08-26 07:24:31 826,368 -c----w c:\windows\ie7updates\KB961260-IE7\wininet.dll.000
+ 2008-10-14 23:42:46 13,219,184 ----a-r c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7448A3100000030\8.1.3\AcroRd32.dll
+ 2009-03-17 17:05:44 364,726 ----a-r c:\windows\Installer\{24D753CA-6AE9-4E30-8F5F-EFC93E08BF3D}\SkypeIcon.exe
+ 2009-03-18 14:28:59 10,134 ----a-r c:\windows\Installer\{A5D9626C-3459-45C6-9095-24BEC8A0DA76}\ARPPRODUCTICON.exe
- 2009-01-12 20:27:29 295,606 ----a-r c:\windows\Installer\{AC76BA86-1033-F400-7760-000000000003}\_SC_Acrobat.exe
+ 2009-03-27 12:36:50 295,606 ----a-r c:\windows\Installer\{AC76BA86-1033-F400-7760-000000000003}\_SC_Acrobat.exe
- 2009-01-12 20:27:31 295,606 ----a-r c:\windows\Installer\{AC76BA86-1033-F400-7760-000000000003}\_SC_Acrobat_3D.exe
+ 2009-03-27 12:36:51 295,606 ----a-r c:\windows\Installer\{AC76BA86-1033-F400-7760-000000000003}\_SC_Acrobat_3D.exe
- 2009-01-12 20:27:31 295,606 ----a-r c:\windows\Installer\{AC76BA86-1033-F400-7760-000000000003}\_SC_Acrobat_Standard.exe
+ 2009-03-27 12:36:51 295,606 ----a-r c:\windows\Installer\{AC76BA86-1033-F400-7760-000000000003}\_SC_Acrobat_Standard.exe
- 2009-01-12 20:27:31 25,214 ----a-r c:\windows\Installer\{AC76BA86-1033-F400-7760-000000000003}\_SC_Distiller.exe
+ 2009-03-27 12:36:51 25,214 ----a-r c:\windows\Installer\{AC76BA86-1033-F400-7760-000000000003}\_SC_Distiller.exe
- 2009-01-12 20:27:31 7,278 ----a-r c:\windows\Installer\{AC76BA86-1033-F400-7760-000000000003}\_SC_ELEMENTS_DT.exe
+ 2009-03-27 12:36:51 7,278 ----a-r c:\windows\Installer\{AC76BA86-1033-F400-7760-000000000003}\_SC_ELEMENTS_DT.exe
- 2009-01-12 20:27:29 23,558 ----a-r c:\windows\Installer\{AC76BA86-1033-F400-7760-000000000003}\SC_Designer_PFM.70DBED24_B579_40CB_AB0B_F1221A3E9EC5.exe
+ 2009-03-27 12:36:50 23,558 ----a-r c:\windows\Installer\{AC76BA86-1033-F400-7760-000000000003}\SC_Designer_PFM.70DBED24_B579_40CB_AB0B_F1221A3E9EC5.exe
- 2009-01-05 11:48:22 295,606 ----a-r c:\windows\Installer\{AC76BA86-7AD7-1033-7B44-A81300000003}\SC_Reader.exe
+ 2009-03-27 12:41:28 295,606 ----a-r c:\windows\Installer\{AC76BA86-7AD7-1033-7B44-A81300000003}\SC_Reader.exe
- 2000-08-31 07:00:00 29,696 ----a-w c:\windows\NIRCMD.exe
+ 2000-08-31 06:00:00 29,696 ----a-w c:\windows\NIRCMD.exe
- 2000-08-31 07:00:00 161,792 ----a-w c:\windows\SWREG.exe
+ 2000-08-31 06:00:00 161,792 ----a-w c:\windows\SWREG.exe
- 2008-04-14 12:00:00 61,440 ----a-w c:\windows\system32\admparse.dll
+ 2007-08-13 17:39:20 71,680 ----a-w c:\windows\system32\admparse.dll
- 2008-04-14 12:00:00 99,840 ----a-w c:\windows\system32\advpack.dll
+ 2008-12-20 23:15:11 124,928 ----a-w c:\windows\system32\advpack.dll
- 2008-04-14 12:00:00 61,440 -c--a-w c:\windows\system32\dllcache\admparse.dll
+ 2007-08-13 17:39:20 71,680 -c--a-w c:\windows\system32\dllcache\admparse.dll
- 2008-04-14 12:00:00 99,840 -c--a-w c:\windows\system32\dllcache\advpack.dll
+ 2008-12-20 23:15:11 124,928 -c----w c:\windows\system32\dllcache\advpack.dll
- 2008-04-14 12:00:00 33,792 -c--a-w c:\windows\system32\dllcache\custsat.dll
+ 2007-08-13 17:54:10 33,792 -c--a-w c:\windows\system32\dllcache\custsat.dll
- 2008-04-14 12:00:00 357,888 -c--a-w c:\windows\system32\dllcache\dxtmsft.dll
+ 2008-12-20 23:15:12 347,136 -c----w c:\windows\system32\dllcache\dxtmsft.dll
- 2008-04-14 12:00:00 205,312 -c--a-w c:\windows\system32\dllcache\dxtrans.dll
+ 2008-12-20 23:15:13 214,528 -c----w c:\windows\system32\dllcache\dxtrans.dll
- 2008-04-14 12:00:00 55,808 -c--a-w c:\windows\system32\dllcache\extmgr.dll
+ 2008-12-20 23:15:13 133,120 -c----w c:\windows\system32\dllcache\extmgr.dll
- 2008-04-14 12:00:00 38,912 -c--a-w c:\windows\system32\dllcache\hmmapi.dll
+ 2007-08-13 17:18:02 60,416 -c--a-w c:\windows\system32\dllcache\hmmapi.dll
- 2008-04-14 12:00:00 34,304 -c--a-w c:\windows\system32\dllcache\ie4uinit.exe
+ 2008-12-19 09:10:15 70,656 -c----w c:\windows\system32\dllcache\ie4uinit.exe
- 2008-04-14 12:00:00 143,360 -c--a-w c:\windows\system32\dllcache\ieakeng.dll
+ 2008-12-20 23:15:14 153,088 -c----w c:\windows\system32\dllcache\ieakeng.dll
- 2008-04-14 12:00:00 216,576 -c--a-w c:\windows\system32\dllcache\ieaksie.dll
+ 2008-12-20 23:15:14 230,400 -c----w c:\windows\system32\dllcache\ieaksie.dll
- 2008-04-14 12:00:00 221,184 -c--a-w c:\windows\system32\dllcache\ieakui.dll
+ 2008-12-19 05:23:56 161,792 -c----w c:\windows\system32\dllcache\ieakui.dll
- 2008-04-14 12:00:00 323,584 -c--a-w c:\windows\system32\dllcache\iedkcs32.dll
+ 2008-12-20 23:15:16 384,512 -c----w c:\windows\system32\dllcache\iedkcs32.dll
- 2008-04-14 12:00:00 18,432 -c--a-w c:\windows\system32\dllcache\iedw.exe
+ 2007-08-13 17:44:02 69,120 -c--a-w c:\windows\system32\dllcache\iedw.exe
- 2008-04-14 12:00:00 251,904 -c--a-w c:\windows\system32\dllcache\iepeers.dll
+ 2007-08-13 17:54:10 191,488 -c--a-w c:\windows\system32\dllcache\iepeers.dll
- 2008-04-14 12:00:00 48,640 -c--a-w c:\windows\system32\dllcache\iernonce.dll
+ 2008-12-20 23:15:21 44,544 -c----w c:\windows\system32\dllcache\iernonce.dll
- 2008-04-14 12:00:00 62,976 -c--a-w c:\windows\system32\dllcache\iesetup.dll
+ 2007-08-13 17:39:12 55,296 -c--a-w c:\windows\system32\dllcache\iesetup.dll
- 2008-04-14 12:00:00 93,184 -c--a-w c:\windows\system32\dllcache\iexplore.exe
+ 2008-12-19 05:25:25 634,024 -c----w c:\windows\system32\dllcache\iexplore.exe
- 2008-04-14 12:00:00 35,840 -c--a-w c:\windows\system32\dllcache\imgutil.dll
+ 2007-08-13 17:36:06 36,352 -c--a-w c:\windows\system32\dllcache\imgutil.dll
- 2008-04-14 12:00:00 96,256 -c--a-w c:\windows\system32\dllcache\inseng.dll
+ 2007-08-13 17:39:02 92,672 -c--a-w c:\windows\system32\dllcache\inseng.dll
- 2008-04-14 12:00:00 15,872 -c--a-w c:\windows\system32\dllcache\jsproxy.dll
+ 2008-12-20 23:15:23 27,648 -c----w c:\windows\system32\dllcache\jsproxy.dll
- 2008-04-14 12:00:00 22,016 -c--a-w c:\windows\system32\dllcache\licmgr10.dll
+ 2007-08-13 17:44:18 40,960 -c--a-w c:\windows\system32\dllcache\licmgr10.dll
- 2008-04-14 12:00:00 29,184 -c--a-w c:\windows\system32\dllcache\mshta.exe
+ 2007-08-13 17:32:30 45,568 -c--a-w c:\windows\system32\dllcache\mshta.exe
- 2008-04-14 12:00:00 3,066,880 -c--a-w c:\windows\system32\dllcache\mshtml.dll
+ 2009-01-16 20:35:14 3,594,752 -c----w c:\windows\system32\dllcache\mshtml.dll
- 2008-04-14 12:00:00 449,024 -c--a-w c:\windows\system32\dllcache\mshtmled.dll
+ 2008-12-20 23:15:30 477,696 -c----w c:\windows\system32\dllcache\mshtmled.dll
- 2008-04-14 12:00:00 56,832 -c--a-w c:\windows\system32\dllcache\mshtmler.dll
+ 2007-08-13 17:01:12 48,128 -c--a-w c:\windows\system32\dllcache\mshtmler.dll
- 2008-04-14 12:00:00 146,432 -c--a-w c:\windows\system32\dllcache\msls31.dll
+ 2007-08-13 17:54:10 156,160 -c--a-w c:\windows\system32\dllcache\msls31.dll
- 2008-04-14 12:00:00 146,432 -c--a-w c:\windows\system32\dllcache\msrating.dll
+ 2008-12-20 23:15:31 193,024 -c----w c:\windows\system32\dllcache\msrating.dll
- 2008-04-14 12:00:00 532,480 -c--a-w c:\windows\system32\dllcache\mstime.dll
+ 2008-12-20 23:15:32 671,232 -c----w c:\windows\system32\dllcache\mstime.dll
- 2008-04-14 12:00:00 96,256 -c--a-w c:\windows\system32\dllcache\occache.dll
+ 2008-12-20 23:15:38 102,912 -c----w c:\windows\system32\dllcache\occache.dll
- 2008-04-14 12:00:00 39,424 -c--a-w c:\windows\system32\dllcache\pngfilt.dll
+ 2008-12-20 23:15:38 44,544 -c----w c:\windows\system32\dllcache\pngfilt.dll
- 2008-04-14 12:00:00 37,888 -c--a-w c:\windows\system32\dllcache\url.dll
+ 2008-12-20 23:15:39 105,984 -c----w c:\windows\system32\dllcache\url.dll
- 2008-04-14 12:00:00 619,520 -c--a-w c:\windows\system32\dllcache\urlmon.dll
+ 2008-12-20 23:15:40 1,160,192 -c----w c:\windows\system32\dllcache\urlmon.dll
- 2008-04-14 12:00:00 851,968 -c--a-w c:\windows\system32\dllcache\vgx.dll
+ 2007-08-13 17:54:10 765,952 -c--a-w c:\windows\system32\dllcache\VGX.dll
- 2008-04-14 12:00:00 276,480 -c--a-w c:\windows\system32\dllcache\webcheck.dll
+ 2008-12-20 23:15:40 233,472 -c----w c:\windows\system32\dllcache\webcheck.dll
- 2008-04-14 12:00:00 666,112 -c--a-w c:\windows\system32\dllcache\wininet.dll
+ 2008-12-20 23:15:41 826,368 -c----w c:\windows\system32\dllcache\wininet.dll
+ 2006-02-28 11:41:34 61,440 ----a-w c:\windows\system32\dns-sd.exe
+ 2006-02-28 11:41:22 53,248 ----a-w c:\windows\system32\dnssd.dll
- 2008-04-14 12:00:00 357,888 ----a-w c:\windows\system32\dxtmsft.dll
+ 2008-12-20 23:15:12 347,136 ------w c:\windows\system32\dxtmsft.dll
- 2008-04-14 12:00:00 205,312 ----a-w c:\windows\system32\dxtrans.dll
+ 2008-12-20 23:15:13 214,528 ------w c:\windows\system32\dxtrans.dll
- 2008-04-14 12:00:00 55,808 ----a-w c:\windows\system32\extmgr.dll
+ 2008-12-20 23:15:13 133,120 ------w c:\windows\system32\extmgr.dll
+ 2008-12-20 23:15:13 63,488 ----a-w c:\windows\system32\icardie.dll
+ 2006-06-29 07:05:44 26,112 ------w c:\windows\system32\idndl.dll
- 2008-04-14 12:00:00 34,304 ----a-w c:\windows\system32\ie4uinit.exe
+ 2008-12-19 09:10:15 70,656 ------w c:\windows\system32\ie4uinit.exe
- 2008-04-14 12:00:00 143,360 ----a-w c:\windows\system32\ieakeng.dll
+ 2008-12-20 23:15:14 153,088 ------w c:\windows\system32\ieakeng.dll
- 2008-04-14 12:00:00 216,576 ----a-w c:\windows\system32\ieaksie.dll
+ 2008-12-20 23:15:14 230,400 ------w c:\windows\system32\ieaksie.dll
- 2008-04-14 12:00:00 221,184 ----a-w c:\windows\system32\ieakui.dll
+ 2008-12-19 05:23:56 161,792 ------w c:\windows\system32\ieakui.dll
+ 2007-04-17 09:32:38 2,455,488 ----a-w c:\windows\system32\ieapfltr.dat
+ 2008-12-20 23:15:15 383,488 ----a-w c:\windows\system32\ieapfltr.dll
- 2008-04-14 12:00:00 323,584 ----a-w c:\windows\system32\iedkcs32.dll
+ 2008-12-20 23:15:16 384,512 ------w c:\windows\system32\iedkcs32.dll
+ 2008-12-20 23:15:21 6,066,688 ----a-w c:\windows\system32\ieframe.dll
- 2008-04-14 12:00:00 251,904 ----a-w c:\windows\system32\iepeers.dll
+ 2007-08-13 17:54:10 191,488 ----a-w c:\windows\system32\iepeers.dll
- 2008-04-14 12:00:00 48,640 ----a-w c:\windows\system32\iernonce.dll
+ 2008-12-20 23:15:21 44,544 ------w c:\windows\system32\iernonce.dll
+ 2008-12-20 23:15:22 267,776 ----a-w c:\windows\system32\iertutil.dll
- 2008-04-14 12:00:00 62,976 ----a-w c:\windows\system32\iesetup.dll
+ 2007-08-13 17:39:12 55,296 ----a-w c:\windows\system32\iesetup.dll
+ 2008-12-19 09:10:15 13,824 ----a-w c:\windows\system32\ieudinit.exe
+ 2007-08-13 17:54:10 180,736 ------w c:\windows\system32\ieui.dll
- 2008-04-14 12:00:00 35,840 ----a-w c:\windows\system32\imgutil.dll
+ 2007-08-13 17:36:06 36,352 ----a-w c:\windows\system32\imgutil.dll
- 2008-04-14 12:00:00 96,256 ----a-w c:\windows\system32\inseng.dll
+ 2007-08-13 17:39:02 92,672 ----a-w c:\windows\system32\inseng.dll
- 2008-12-15 00:45:11 144,792 ----a-w c:\windows\system32\java.exe
+ 2009-03-09 03:19:11 144,792 ----a-w c:\windows\system32\java.exe
- 2008-12-15 00:45:11 144,792 ----a-w c:\windows\system32\javaw.exe
+ 2009-03-09 03:19:13 144,792 ----a-w c:\windows\system32\javaw.exe
- 2008-12-15 00:45:11 148,888 ----a-w c:\windows\system32\javaws.exe
+ 2009-03-09 03:19:13 148,888 ----a-w c:\windows\system32\javaws.exe
- 2008-04-14 12:00:00 15,872 ----a-w c:\windows\system32\jsproxy.dll
+ 2008-12-20 23:15:23 27,648 ------w c:\windows\system32\jsproxy.dll
- 2008-04-14 12:00:00 22,016 ----a-w c:\windows\system32\licmgr10.dll
+ 2007-08-13 17:44:18 40,960 ----a-w c:\windows\system32\licmgr10.dll
+ 2009-02-03 02:07:18 240,544 ----a-r c:\windows\system32\Macromed\Flash\FlashUtil10b.exe
+ 2009-03-24 13:15:33 89,102 ----a-w c:\windows\system32\Macromed\Flash\uninstall_activeX.exe
+ 2009-02-25 11:55:00 24,768,960 ----a-w c:\windows\system32\MRT.exe
+ 2008-12-20 23:15:23 459,264 ----a-w c:\windows\system32\msfeeds.dll
+ 2008-12-20 23:15:24 52,224 ----a-w c:\windows\system32\msfeedsbs.dll
+ 2007-08-13 17:36:40 12,288 ------w c:\windows\system32\msfeedssync.exe
- 2008-04-14 12:00:00 29,184 ----a-w c:\windows\system32\mshta.exe
+ 2007-08-13 17:32:30 45,568 ----a-w c:\windows\system32\mshta.exe
- 2008-04-14 12:00:00 3,066,880 ----a-w c:\windows\system32\mshtml.dll
+ 2009-01-16 20:35:14 3,594,752 ----a-w c:\windows\system32\mshtml.dll
- 2008-04-14 12:00:00 449,024 ----a-w c:\windows\system32\mshtmled.dll
+ 2008-12-20 23:15:30 477,696 ------w c:\windows\system32\mshtmled.dll
- 2008-04-14 12:00:00 56,832 ----a-w c:\windows\system32\mshtmler.dll
+ 2007-08-13 17:01:12 48,128 ----a-w c:\windows\system32\mshtmler.dll
+ 2007-02-13 15:22:54 947,472 ----a-w c:\windows\system32\msjava.dll
- 2008-04-14 12:00:00 146,432 ----a-w c:\windows\system32\msls31.dll
+ 2007-08-13 17:54:10 156,160 ----a-w c:\windows\system32\msls31.dll
- 2008-04-14 12:00:00 146,432 ----a-w c:\windows\system32\msrating.dll
+ 2008-12-20 23:15:31 193,024 ------w c:\windows\system32\msrating.dll
- 2008-04-14 12:00:00 532,480 ----a-w c:\windows\system32\mstime.dll
+ 2008-12-20 23:15:32 671,232 ------w c:\windows\system32\mstime.dll
+ 2006-06-28 16:59:26 24,576 ------w c:\windows\system32\nlsdl.dll
+ 2006-06-29 07:05:44 23,552 ------w c:\windows\system32\normaliz.dll
- 2008-04-14 12:00:00 96,256 ----a-w c:\windows\system32\occache.dll
+ 2008-12-20 23:15:38 102,912 ------w c:\windows\system32\occache.dll
- 2009-03-15 10:09:16 58,998 ----a-w c:\windows\system32\perfc009.dat
+ 2009-04-07 07:05:10 58,998 ----a-w c:\windows\system32\perfc009.dat
- 2009-03-15 10:09:16 392,864 ----a-w c:\windows\system32\perfh009.dat
+ 2009-04-07 07:05:10 392,864 ----a-w c:\windows\system32\perfh009.dat
- 2008-04-14 12:00:00 39,424 ----a-w c:\windows\system32\pngfilt.dll
+ 2008-12-20 23:15:38 44,544 ------w c:\windows\system32\pngfilt.dll
+ 2007-03-06 01:22:36 14,048 ------w c:\windows\system32\spmsg.dll
- 2008-04-14 12:00:00 37,888 ----a-w c:\windows\system32\url.dll
+ 2008-12-20 23:15:39 105,984 ----a-w c:\windows\system32\url.dll
- 2008-04-14 12:00:00 619,520 ----a-w c:\windows\system32\urlmon.dll
+ 2008-12-20 23:15:40 1,160,192 ----a-w c:\windows\system32\urlmon.dll
+ 2003-08-28 20:40:22 62,560 ----a-w c:\windows\system32\vsdata.dll
+ 2003-08-28 20:40:26 189,792 ----a-w c:\windows\system32\vsdatant.sys
+ 2003-08-28 20:40:38 74,848 ----a-w c:\windows\system32\vsinit.dll
- 2008-04-14 12:00:00 276,480 ----a-w c:\windows\system32\webcheck.dll
+ 2008-12-20 23:15:40 233,472 ----a-w c:\windows\system32\webcheck.dll
+ 2007-08-13 17:45:16 206,336 ------w c:\windows\system32\WinFXDocObj.exe
- 2008-04-14 12:00:00 666,112 ----a-w c:\windows\system32\wininet.dll
+ 2008-12-20 23:15:41 826,368 ----a-w c:\windows\system32\wininet.dll
+ 2007-07-11 16:32:22 338,888 ----a-w c:\windows\system32\xmlredist.exe
+ 2009-04-07 07:01:13 16,384 ----atw c:\windows\temp\Perflib_Perfdata_5fc.dat
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"POP Peeper"="c:\program files\POP Peeper\POPPeeper.exe" [2008-03-12 1429504]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 5724184]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2009-03-06 24095528]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MsgTranAgt"="c:\program files\ASUS\ATK Hotkey\MsgTranAgt.exe" [2008-08-18 117304]
"HControlUser"="c:\program files\ASUS\ATK Hotkey\HControlUser.exe" [2008-08-18 98304]
"ATKHOTKEY"="c:\program files\ASUS\ATK Hotkey\HControl.exe" [2008-10-20 166456]
"ATKOSD2"="c:\program files\ATKOSD2\ATKOSD2.exe" [2008-01-23 7766016]
"ATKMEDIA"="c:\program files\ASUS\ATK Media\DMEDIA.EXE" [2008-02-01 61440]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-09-19 13545472]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-09-19 86016]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-10-12 815104]
"Wireless Console 2"="c:\program files\Wireless Console 2\wcourier.exe" [2007-07-05 1040384]
"ACU"="c:\program files\Atheros\ACU.exe" [2008-07-21 450649]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"Power_Gear"="c:\program files\ASUS\Power4 Gear\BatteryLife.exe" [2006-07-26 90112]
"googletalk"="c:\program files\Google\Google Talk\googletalk.exe" [2007-01-01 3739648]
"Acrobat Assistant 8.0"="c:\program files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe" [2008-10-14 623992]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-15 39792]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-03-09 148888]
"TrojanScanner"="c:\program files\Trojan Remover\Trjscan.exe" [2009-04-05 1213320]
"RTHDCPL"="RTHDCPL.EXE" [2008-09-18 c:\windows\RTHDCPL.EXE]
"nwiz"="nwiz.exe" [2008-09-19 c:\windows\system32\nwiz.exe]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
c:\documents and settings\All Users\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [4/14/2008 3:03:54 PM 596584]
Cisco Systems VPN Client.lnk - c:\program files\Cisco Systems\VPN Client\vpngui.exe [3/17/2009 7:22:04 PM 1466384]
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001
"UpdatesDisableNotify"=dword:00000001
"AntiVirusOverride"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Documents and Settings\\All Users\\Application Data\\Kaspersky Lab Setup Files\\Kaspersky Internet Security 7.0.1.321\\English\\setup.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"c:\\Program Files\\Google\\Google Talk\\googletalk.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
R3 ASNDIS5;ASNDIS5 Protocol Driver;c:\progra~1\ASUS\ATKHOT~1\ASNDIS5.SYS [5/27/2004 7:13:04 PM 16269]
R3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\windows\system32\drivers\klim5.sys [12/13/2007 2:28:40 PM 24592]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32.sys [12/14/2008 1:18:09 AM 41376]
R3 usnjsvc;Messenger Sharing Folders USN Journal Reader service;c:\program files\Windows Live\Messenger\usnsvc.exe [10/18/2007 12:31:54 PM 98328]
R3 WSIMD;wsimd Service;c:\windows\system32\drivers\wsimd.sys [12/14/2008 1:34:03 AM 57408]
.
- - - - ORPHANS REMOVED - - - -
SafeBoot-msile
.
------- Supplementary Scan -------
.
uStart Page = https://webmail.eu.avon.com/
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = *.local
IE: Add to Anti-Banner - c:\program files\Kaspersky Lab\Kaspersky Internet Security 7.0\ie_banner_deny.htm
IE: Append to existing PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert link target to Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert link target to existing PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert selected links to Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert selected links to existing PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Convert selection to Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert selection to existing PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert to Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Send to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send To Bluetooth - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
TCP: {A76910A9-1170-4DE7-BD74-B31628C07E20} = 134.65.181.11,134.65.181.109
FF - ProfilePath - c:\documents and settings\Sandra\Application Data\Mozilla\Firefox\Profiles\9bo71q6s.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.facebook.com/home.php?ref=home
FF - plugin: c:\program files\Mozilla Firefox\plugins\np72esk32.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\NPeWebEditPro.dll
.
**************************************************************************
catchme 0.3.1375 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-04-07 12:49:39
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
- - - - - - - > 'winlogon.exe'(680)
c:\program files\Kaspersky Lab\Kaspersky Internet Security 7.0\miscr3.dll
c:\windows\system32\klogon.dll
- - - - - - - > 'lsass.exe'(828-)
c:\program files\Kaspersky Lab\Kaspersky Internet Security 7.0\dnsq.dll
c:\program files\Kaspersky Lab\Kaspersky Internet Security 7.0\miscr3.dll
c:\program files\Kaspersky Lab\Kaspersky Internet Security 7.0\fssync.dll
.
Completion time: 2009-04-07 12:50:58
ComboFix-quarantined-files.txt 2009-04-07 10:50:56
ComboFix2.txt 2009-03-15 12:53:09
ComboFix3.txt 2009-03-15 12:19:25
ComboFix4.txt 2009-03-15 11:46:43
ComboFix5.txt 2009-03-15 13:15:21
Pre-Run: 9.628.131.328 bytes free
Post-Run: 10,006,958,080 bytes free
496 --- E O F --- 2009-03-18 23:03:27
|