Znam da je to najbrze i najlakse resenje za problem, ali u ovom slucaju to mora da bude krajnje resenje. Uradio sam u recovery consoli fixmbr i instalirao xp na ovu postojecu instalaciju, inace radi se o legalnoj kopiji windowsa.
Ono sto sam postigao ovim da sad mogu da pokrenem windows u safe modu i uspeo sam da pokrenem combofix, u meduvremenu sam pokrenuo i cureit koje je nasao beagle i skinuo ga. log file iz combofixa:
Code:
ComboFix 08-02-11.2 - Administrator 2008-02-11 14:21:37.1 - NTFSx86 MINIMAL
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.776 [GMT 1:00]
Running from: H:\ComboFix.exe
[color=red][b]WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !![/b][/color]
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\Program Files\Helper
C:\Program Files\myglobalsearch
C:\Program Files\myglobalsearch\bar\1.bin\M9FFXTBR.JAR
C:\Program Files\myglobalsearch\bar\1.bin\M9NTSTBR.JAR
C:\Program Files\myglobalsearch\bar\Cache\[u]0[/u]0019015.bin
C:\Program Files\myglobalsearch\bar\Cache\[u]0[/u]0197B50.bin
C:\Program Files\myglobalsearch\bar\Cache\[u]0[/u]01982C3.bin
C:\Program Files\myglobalsearch\bar\Cache\[u]0[/u]655F1A6
C:\Program Files\myglobalsearch\bar\Cache\2DA5B4E4
C:\Program Files\myglobalsearch\bar\Cache\files.ini
C:\Program Files\myglobalsearch\bar\History\search
C:\Program Files\myglobalsearch\bar\Settings\prevcfg.htm
C:\WINDOWS\system32\dbd0_d.dll
C:\WINDOWS\system32\drivers\down
C:\WINDOWS\system32\drivers\down\100062.exe
C:\WINDOWS\system32\drivers\down\100093.exe
C:\WINDOWS\system32\drivers\down\100968.exe
C:\WINDOWS\system32\drivers\down\101031.exe
C:\WINDOWS\system32\drivers\down\101046.exe
C:\WINDOWS\system32\drivers\down\101109.exe
C:\WINDOWS\system32\drivers\down\101281.exe
C:\WINDOWS\system32\drivers\down\102328.exe
C:\WINDOWS\system32\drivers\down\102375.exe
C:\WINDOWS\system32\drivers\down\102656.exe
C:\WINDOWS\system32\drivers\down\103406.exe
C:\WINDOWS\system32\drivers\down\103437.exe
C:\WINDOWS\system32\drivers\down\103968.exe
C:\WINDOWS\system32\drivers\down\104187.exe
C:\WINDOWS\system32\drivers\down\104828.exe
C:\WINDOWS\system32\drivers\down\105203.exe
C:\WINDOWS\system32\drivers\down\105265.exe
C:\WINDOWS\system32\drivers\down\105593.exe
C:\WINDOWS\system32\drivers\down\105921.exe
C:\WINDOWS\system32\drivers\down\106078.exe
C:\WINDOWS\system32\drivers\down\106156.exe
C:\WINDOWS\system32\drivers\down\106171.exe
C:\WINDOWS\system32\drivers\down\106468.exe
C:\WINDOWS\system32\drivers\down\106703.exe
C:\WINDOWS\system32\drivers\down\107062.exe
C:\WINDOWS\system32\drivers\down\108421.exe
C:\WINDOWS\system32\drivers\down\108484.exe
C:\WINDOWS\system32\drivers\down\109453.exe
C:\WINDOWS\system32\drivers\down\110093.exe
C:\WINDOWS\system32\drivers\down\110328.exe
C:\WINDOWS\system32\drivers\down\110718.exe
C:\WINDOWS\system32\drivers\down\110812.exe
C:\WINDOWS\system32\drivers\down\110937.exe
C:\WINDOWS\system32\drivers\down\111062.exe
C:\WINDOWS\system32\drivers\down\111171.exe
C:\WINDOWS\system32\drivers\down\111687.exe
C:\WINDOWS\system32\drivers\down\111890.exe
C:\WINDOWS\system32\drivers\down\112468.exe
C:\WINDOWS\system32\drivers\down\112593.exe
C:\WINDOWS\system32\drivers\down\113203.exe
C:\WINDOWS\system32\drivers\down\113250.exe
C:\WINDOWS\system32\drivers\down\114140.exe
C:\WINDOWS\system32\drivers\down\115203.exe
C:\WINDOWS\system32\drivers\down\116125.exe
C:\WINDOWS\system32\drivers\down\116984.exe
C:\WINDOWS\system32\drivers\down\117390.exe
C:\WINDOWS\system32\drivers\down\117406.exe
C:\WINDOWS\system32\drivers\down\118093.exe
C:\WINDOWS\system32\drivers\down\118265.exe
C:\WINDOWS\system32\drivers\down\118828.exe
C:\WINDOWS\system32\drivers\down\119296.exe
C:\WINDOWS\system32\drivers\down\119359.exe
C:\WINDOWS\system32\drivers\down\119578.exe
C:\WINDOWS\system32\drivers\down\119671.exe
C:\WINDOWS\system32\drivers\down\119734.exe
C:\WINDOWS\system32\drivers\down\119781.exe
C:\WINDOWS\system32\drivers\down\119875.exe
C:\WINDOWS\system32\drivers\down\119906.exe
C:\WINDOWS\system32\drivers\down\120000.exe
C:\WINDOWS\system32\drivers\down\120406.exe
C:\WINDOWS\system32\drivers\down\120765.exe
C:\WINDOWS\system32\drivers\down\121031.exe
C:\WINDOWS\system32\drivers\down\121437.exe
C:\WINDOWS\system32\drivers\down\121484.exe
C:\WINDOWS\system32\drivers\down\121640.exe
C:\WINDOWS\system32\drivers\down\121765.exe
C:\WINDOWS\system32\drivers\down\121890.exe
C:\WINDOWS\system32\drivers\down\122125.exe
C:\WINDOWS\system32\drivers\down\122406.exe
C:\WINDOWS\system32\drivers\down\123406.exe
C:\WINDOWS\system32\drivers\down\124296.exe
C:\WINDOWS\system32\drivers\down\124687.exe
C:\WINDOWS\system32\drivers\down\124984.exe
C:\WINDOWS\system32\drivers\down\125562.exe
C:\WINDOWS\system32\drivers\down\126390.exe
C:\WINDOWS\system32\drivers\down\126453.exe
C:\WINDOWS\system32\drivers\down\126484.exe
C:\WINDOWS\system32\drivers\down\126515.exe
C:\WINDOWS\system32\drivers\down\127000.exe
C:\WINDOWS\system32\drivers\down\127375.exe
C:\WINDOWS\system32\drivers\down\127796.exe
C:\WINDOWS\system32\drivers\down\128078.exe
C:\WINDOWS\system32\drivers\down\128578.exe
C:\WINDOWS\system32\drivers\down\129031.exe
C:\WINDOWS\system32\drivers\down\131093.exe
C:\WINDOWS\system32\drivers\down\132203.exe
C:\WINDOWS\system32\drivers\down\133156.exe
C:\WINDOWS\system32\drivers\down\134578.exe
C:\WINDOWS\system32\drivers\down\135218.exe
C:\WINDOWS\system32\drivers\down\135453.exe
C:\WINDOWS\system32\drivers\down\136500.exe
C:\WINDOWS\system32\drivers\down\136562.exe
C:\WINDOWS\system32\drivers\down\139875.exe
C:\WINDOWS\system32\drivers\down\140031.exe
C:\WINDOWS\system32\drivers\down\140156.exe
C:\WINDOWS\system32\drivers\down\141015.exe
C:\WINDOWS\system32\drivers\down\141781.exe
C:\WINDOWS\system32\drivers\down\142890.exe
C:\WINDOWS\system32\drivers\down\142906.exe
C:\WINDOWS\system32\drivers\down\143031.exe
C:\WINDOWS\system32\drivers\down\143171.exe
C:\WINDOWS\system32\drivers\down\143359.exe
C:\WINDOWS\system32\drivers\down\143703.exe
C:\WINDOWS\system32\drivers\down\144187.exe
C:\WINDOWS\system32\drivers\down\144953.exe
C:\WINDOWS\system32\drivers\down\146343.exe
C:\WINDOWS\system32\drivers\down\146843.exe
C:\WINDOWS\system32\drivers\down\146953.exe
C:\WINDOWS\system32\drivers\down\148000.exe
C:\WINDOWS\system32\drivers\down\148156.exe
C:\WINDOWS\system32\drivers\down\149140.exe
C:\WINDOWS\system32\drivers\down\149359.exe
C:\WINDOWS\system32\drivers\down\149968.exe
C:\WINDOWS\system32\drivers\down\152484.exe
C:\WINDOWS\system32\drivers\down\153734.exe
C:\WINDOWS\system32\drivers\down\153765.exe
C:\WINDOWS\system32\drivers\down\154984.exe
C:\WINDOWS\system32\drivers\down\155015.exe
C:\WINDOWS\system32\drivers\down\155468.exe
C:\WINDOWS\system32\drivers\down\156500.exe
C:\WINDOWS\system32\drivers\down\156984.exe
C:\WINDOWS\system32\drivers\down\157250.exe
C:\WINDOWS\system32\drivers\down\157875.exe
C:\WINDOWS\system32\drivers\down\158531.exe
C:\WINDOWS\system32\drivers\down\161531.exe
C:\WINDOWS\system32\drivers\down\163015.exe
C:\WINDOWS\system32\drivers\down\164140.exe
C:\WINDOWS\system32\drivers\down\164328.exe
C:\WINDOWS\system32\drivers\down\168312.exe
C:\WINDOWS\system32\drivers\down\169234.exe
C:\WINDOWS\system32\drivers\down\171078.exe
C:\WINDOWS\system32\drivers\down\173281.exe
C:\WINDOWS\system32\drivers\down\173515.exe
C:\WINDOWS\system32\drivers\down\174109.exe
C:\WINDOWS\system32\drivers\down\175562.exe
C:\WINDOWS\system32\drivers\down\175687.exe
C:\WINDOWS\system32\drivers\down\176312.exe
C:\WINDOWS\system32\drivers\down\176484.exe
C:\WINDOWS\system32\drivers\down\179156.exe
C:\WINDOWS\system32\drivers\down\193156.exe
C:\WINDOWS\system32\drivers\down\194890.exe
C:\WINDOWS\system32\drivers\down\199765.exe
C:\WINDOWS\system32\drivers\down\200750.exe
C:\WINDOWS\system32\drivers\down\349054531.exe
C:\WINDOWS\system32\drivers\down\349066968.exe
C:\WINDOWS\system32\drivers\down\349073109.exe
C:\WINDOWS\system32\drivers\down\349094718.exe
C:\WINDOWS\system32\drivers\down\349095359.exe
C:\WINDOWS\system32\drivers\down\349108187.exe
C:\WINDOWS\system32\drivers\down\349110625.exe
C:\WINDOWS\system32\drivers\down\349117187.exe
C:\WINDOWS\system32\drivers\down\349118953.exe
C:\WINDOWS\system32\drivers\down\349128625.exe
C:\WINDOWS\system32\drivers\down\349145062.exe
C:\WINDOWS\system32\drivers\down\349148171.exe
C:\WINDOWS\system32\drivers\down\349149703.exe
C:\WINDOWS\system32\drivers\down\349151828.exe
C:\WINDOWS\system32\drivers\down\349155781.exe
C:\WINDOWS\system32\drivers\down\349158218.exe
C:\WINDOWS\system32\drivers\down\349160812.exe
C:\WINDOWS\system32\drivers\down\349188687.exe
C:\WINDOWS\system32\drivers\down\349191687.exe
C:\WINDOWS\system32\drivers\down\58828.exe
C:\WINDOWS\system32\drivers\down\60656.exe
C:\WINDOWS\system32\drivers\down\63000.exe
C:\WINDOWS\system32\drivers\down\66578.exe
C:\WINDOWS\system32\drivers\down\66859.exe
C:\WINDOWS\system32\drivers\down\68359.exe
C:\WINDOWS\system32\drivers\down\69375.exe
C:\WINDOWS\system32\drivers\down\71796.exe
C:\WINDOWS\system32\drivers\down\72578.exe
C:\WINDOWS\system32\drivers\down\74078.exe
C:\WINDOWS\system32\drivers\down\75937.exe
C:\WINDOWS\system32\drivers\down\77906.exe
C:\WINDOWS\system32\drivers\down\78437.exe
C:\WINDOWS\system32\drivers\down\79656.exe
C:\WINDOWS\system32\drivers\down\80000.exe
C:\WINDOWS\system32\drivers\down\80890.exe
C:\WINDOWS\system32\drivers\down\81343.exe
C:\WINDOWS\system32\drivers\down\81359.exe
C:\WINDOWS\system32\drivers\down\81640.exe
C:\WINDOWS\system32\drivers\down\83171.exe
C:\WINDOWS\system32\drivers\down\83593.exe
C:\WINDOWS\system32\drivers\down\85140.exe
C:\WINDOWS\system32\drivers\down\85828.exe
C:\WINDOWS\system32\drivers\down\86203.exe
C:\WINDOWS\system32\drivers\down\86828.exe
C:\WINDOWS\system32\drivers\down\87421.exe
C:\WINDOWS\system32\drivers\down\87640.exe
C:\WINDOWS\system32\drivers\down\87890.exe
C:\WINDOWS\system32\drivers\down\88703.exe
C:\WINDOWS\system32\drivers\down\89546.exe
C:\WINDOWS\system32\drivers\down\89750.exe
C:\WINDOWS\system32\drivers\down\89890.exe
C:\WINDOWS\system32\drivers\down\90359.exe
C:\WINDOWS\system32\drivers\down\90812.exe
C:\WINDOWS\system32\drivers\down\91328.exe
C:\WINDOWS\system32\drivers\down\92281.exe
C:\WINDOWS\system32\drivers\down\94484.exe
C:\WINDOWS\system32\drivers\down\94906.exe
C:\WINDOWS\system32\drivers\down\95250.exe
C:\WINDOWS\system32\drivers\down\95843.exe
C:\WINDOWS\system32\drivers\down\96156.exe
C:\WINDOWS\system32\drivers\down\96203.exe
C:\WINDOWS\system32\drivers\down\96234.exe
C:\WINDOWS\system32\drivers\down\96421.exe
C:\WINDOWS\system32\drivers\down\96437.exe
C:\WINDOWS\system32\drivers\down\97421.exe
C:\WINDOWS\system32\drivers\down\97437.exe
C:\WINDOWS\system32\drivers\down\97562.exe
C:\WINDOWS\system32\drivers\down\97734.exe
C:\WINDOWS\system32\drivers\down\98625.exe
C:\WINDOWS\system32\drivers\down\98921.exe
C:\WINDOWS\system32\drivers\symavc32.sys
C:\WINDOWS\system32\mdelk.exe
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\LEGACY_SROSA
((((((((((((((((((((((((( Files Created from 2008-01-11 to 2008-02-11 )))))))))))))))))))))))))))))))
.
2008-02-11 14:02 . 2004-08-04 13:00 28,288 --a--c--- C:\WINDOWS\system32\dllcache\xjis.nls
2008-02-11 14:00 . 2004-08-04 13:00 13,463,552 --a--c--- C:\WINDOWS\system32\dllcache\hwxjpn.dll
2008-02-11 13:59 . 2008-02-11 13:59 <DIR> d-------- C:\WINDOWS\LastGood.Tmp
2008-02-11 13:58 . 2004-08-04 13:00 16,384 --a--c--- C:\WINDOWS\system32\dllcache\isignup.exe
2008-02-11 13:58 . 2008-02-11 13:58 749 -rah----- C:\WINDOWS\WindowsShell.Manifest
2008-02-11 13:58 . 2008-02-11 13:58 749 -rah----- C:\WINDOWS\system32\wuaucpl.cpl.manifest
2008-02-11 13:58 . 2008-02-11 13:58 749 -rah----- C:\WINDOWS\system32\sapi.cpl.manifest
2008-02-11 13:58 . 2008-02-11 13:58 749 -rah----- C:\WINDOWS\system32\nwc.cpl.manifest
2008-02-11 13:58 . 2008-02-11 13:58 749 -rah----- C:\WINDOWS\system32\ncpa.cpl.manifest
2008-02-11 13:58 . 2008-02-11 13:58 488 -rah----- C:\WINDOWS\system32\logonui.exe.manifest
2008-02-11 13:57 . 2004-08-04 13:00 32,768 --a--c--- C:\WINDOWS\system32\dllcache\icwdl.dll
2008-02-11 13:57 . 2004-08-04 13:00 20,480 --a--c--- C:\WINDOWS\system32\dllcache\inetwiz.exe
2008-02-11 13:55 . 2004-08-04 00:56 152,576 --a------ C:\WINDOWS\system32\irftp.exe
2008-02-11 13:55 . 2004-08-03 23:00 87,424 --a------ C:\WINDOWS\system32\drivers\irda.sys
2008-02-11 13:55 . 2004-08-04 00:56 27,136 --a------ C:\WINDOWS\system32\irmon.dll
2008-02-11 13:55 . 2004-08-04 00:56 8,192 --a------ C:\WINDOWS\system32\wshirda.dll
2008-02-11 13:48 . 2001-08-17 13:51 19,584 --a------ C:\WINDOWS\system32\drivers\rasirda.sys
2008-02-11 12:56 . 2008-02-11 12:56 <DIR> d-------- C:\Documents and Settings\Administrator\DoctorWeb
2008-02-11 12:55 . 2008-02-11 12:55 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Grisoft
2008-02-11 12:55 . 2008-02-11 12:55 <DIR> d-------- C:\Documents and Settings\Administrator\Application Data\Grisoft
2008-02-11 12:55 . 2007-05-30 13:10 10,872 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys
2008-02-11 12:45 . 2008-02-11 12:45 <DIR> d-------- C:\Documents and Settings\Caffetin\DoctorWeb
2008-02-11 12:32 . 2008-02-11 12:32 <DIR> d-------- C:\Documents and Settings\Administrator\Application Data\Sony Ericsson
2008-02-11 12:32 . 2008-02-11 12:32 <DIR> d-------- C:\_backupD
2008-02-11 12:17 . 2004-08-04 13:00 214,528 --a--c--- C:\WINDOWS\system32\dllcache\icwconn1.exe
2008-02-11 12:17 . 2004-08-04 13:00 86,016 --a--c--- C:\WINDOWS\system32\dllcache\icwconn2.exe
2008-02-11 11:57 . 2004-08-04 13:00 1,086,058 -ra------ C:\WINDOWS\SETEE.tmp
2008-02-11 11:57 . 2004-08-04 13:00 1,042,903 -ra------ C:\WINDOWS\SETEB.tmp
2008-02-11 11:57 . 2004-08-04 13:00 13,753 -ra------ C:\WINDOWS\SETFA.tmp
2008-02-11 11:42 . 2008-02-11 11:42 81,984 --a------ C:\WINDOWS\system32\bdod.bin
2008-02-11 08:46 . 2008-02-11 08:46 <DIR> d-------- C:\Documents and Settings\Caffetin\Application Data\Bitdefender
2008-02-09 12:43 . 2008-02-09 12:43 <DIR> d-------- C:\WINDOWS\system32\regdacl
2008-02-09 12:43 . 2008-02-09 12:40 280,286 --a------ C:\win32delfkil.exe
2008-02-09 12:43 . 2008-02-11 12:32 90,112 --a------ C:\WINDOWS\system32\regdacl.exe
2008-02-09 12:43 . 2008-02-11 12:32 53,248 --a------ C:\WINDOWS\system32\process.exe
2008-02-09 12:43 . 2008-02-11 12:32 16,384 --a------ C:\WINDOWS\system32\restart.exe
2008-02-09 12:43 . 2008-02-11 12:32 4,096 --a------ C:\WINDOWS\system32\reboot.exe
2008-02-09 12:10 . 2008-02-09 12:14 102,664 --a------ C:\WINDOWS\system32\drivers\tmcomm.sys
2008-02-09 12:06 . 2008-02-09 12:14 <DIR> d-------- C:\Documents and Settings\Caffetin\.housecall6.6
2008-02-08 11:44 . 2008-02-08 11:44 54,764 --a------ C:\WINDOWS\system32\4fdw.dll
2008-02-08 10:46 . 2007-02-08 12:31 <DIR> d-------- C:\Program Files\dnetc
2008-02-08 09:52 . 2008-02-08 10:07 <DIR> d-------- C:\Program Files\Magic AAC to MP3 Converter
2008-02-08 09:41 . 2008-02-08 09:41 <DIR> d-------- C:\Documents and Settings\Caffetin\Application Data\Search Settings
2008-02-08 09:31 . 2008-02-08 09:31 <DIR> d-------- C:\Program Files\Search Settings
2008-02-08 09:31 . 2008-02-08 09:31 <DIR> d-------- C:\Program Files\Common Files\SWF Studio
2008-02-08 09:30 . 2008-02-08 09:41 <DIR> d-------- C:\Program Files\Dealio
2008-02-08 09:29 . 2008-02-08 09:41 <DIR> d-------- C:\Program Files\Free Audio Pack
2008-02-08 09:29 . 2004-03-08 23:00 662,288 --a------ C:\WINDOWS\system32\MSCOMCT2.OCX
2008-02-08 09:29 . 1998-06-24 00:00 164,144 --a------ C:\WINDOWS\system32\COMCT232.OCX
2008-02-08 09:29 . 1998-07-12 23:00 141,312 --a------ C:\WINDOWS\system32\MSCMCFR.DLL
2008-02-08 09:29 . 2000-10-01 19:00 119,568 --a------ C:\WINDOWS\system32\VB6FR.DLL
2008-02-08 09:29 . 2000-05-22 15:58 115,920 --a------ C:\WINDOWS\system32\msinet.OCX
2008-02-08 09:29 . 1998-07-12 23:00 59,904 --a------ C:\WINDOWS\system32\Mscc2fr.dll
2008-02-08 09:29 . 1998-07-12 19:00 32,768 --a------ C:\WINDOWS\system32\CMDLGFR.DLL
2008-02-08 09:29 . 1998-07-12 23:00 21,504 --a------ C:\WINDOWS\system32\TABCTFR.DLL
2008-02-08 09:29 . 1998-07-12 23:00 15,360 --a------ C:\WINDOWS\system32\inetfr.DLL
2008-02-08 09:22 . 2007-02-09 10:34 <DIR> d-a------ C:\Documents and Settings\All Users\Application Data\TEMP
2008-02-08 09:18 . 2008-02-08 09:21 <DIR> d-------- C:\Program Files\audiograbber
2008-02-06 15:38 . 2008-02-06 15:40 <DIR> d-------- C:\rnids
2008-02-06 09:11 . 2008-01-14 11:00 1,394,954 --a------ C:\temp\MP3REC20.exe
2008-02-06 09:11 . 2008-02-06 09:10 1,371,777 --a------ C:\temp\mp3rec20.zip
2008-02-06 09:11 . 2008-02-06 09:11 0 --a------ C:\WINDOWS\system32\MP3Recorder.key
2008-02-06 09:09 . 2007-01-24 00:05 921,349 --a------ C:\temp\MP3REC10.exe
2008-02-06 09:09 . 2008-02-06 09:09 898,103 --a------ C:\temp\mp3rec10.zip
2008-01-28 11:49 . 2008-02-06 09:24 <DIR> d-------- C:\Program Files\Winamp
2008-01-28 11:49 . 2008-01-28 12:09 <DIR> d-------- C:\Documents and Settings\Caffetin\Application Data\Winamp
2008-01-23 11:12 . 2008-01-22 23:29 25,452,544 --a------ C:\temp\AKORD_2007-24012008.exe
2008-01-23 11:12 . 2008-01-22 22:54 24,649,728 --a------ C:\temp\PREHRANA-24012008.exe
2008-01-16 12:58 . 2008-01-16 12:46 11,501 --a------ C:\temp\NordNetCert.zip
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-02-11 12:03 --------- d-----w C:\Program Files\Desktop Sidebar
2008-02-11 11:48 --------- d-----w C:\Documents and Settings\All Users\Application Data\SecTaskMan
2008-02-11 07:46 --------- d-----w C:\Program Files\Mozilla Thunderbird
2008-02-08 21:18 --------- d-----w C:\Program Files\Mail Bomber
2008-02-08 21:15 --------- d-----w C:\Program Files\HotKey
2008-02-08 09:24 --------- d-----w C:\Program Files\Trillian
2008-02-01 15:10 --------- d-----w C:\Program Files\FlashGet
2008-01-19 09:12 --------- d-----w C:\Program Files\PartyGaming
2007-12-27 09:47 --------- d-----w C:\Program Files\taskix
2007-12-21 15:22 --------- d-----w C:\Program Files\uTorrent
2007-12-20 15:40 --------- d-----w C:\Documents and Settings\Caffetin\Application Data\Nokia Multimedia Player
2007-12-13 08:00 --------- d-----w C:\Program Files\RsReg Manager Client
2007-11-03 10:36 5,628 ----a-w C:\Program Files\install.log
2007-02-26 09:30 35,328 ----a-w C:\Program Files\winbox.exe
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}]
2007-12-06 11:58 1198432 --a------ C:\Program Files\Search Settings\kb125\SearchSettings.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{E0E899AB-F487-11D5-8D29-0050BA6940E3}
{2318C2B1-4965-11D4-9B18-009027A5CD4F}
{381FFDE8-2394-4F90-B10D-FC6124A40F8C}
[HKEY_CLASSES_ROOT\clsid\{381ffde8-2394-4f90-b10d-fc6124a40f8c}]
[HKEY_CLASSES_ROOT\BitDefender Toolbar]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 13:00 15360]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AGRSMMSG"="AGRSMMSG.exe" [2004-06-29 09:06 88363 C:\WINDOWS\AGRSMMSG.exe]
"NeroFilterCheck"="C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe" [2006-01-12 16:40 155648]
"CAPON"="C:\WINDOWS\system32\Spool\Drivers\w32x86\3\CAPONN.EXE" [2001-02-05 16:00 22528]
"HotKey"="C:\Program Files\HotKey\hotkey.exe" [2006-03-07 02:32 81920]
"MSConfig"="C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe" [2004-08-04 13:00 158208]
"SRFirstRun"="srclient.dll" [2004-08-04 13:00 67584 C:\WINDOWS\system32\srclient.dll]
"!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 10:25 6731312]
"SoundMan"="SOUNDMAN.EXE" [2005-12-14 18:06 577536 C:\WINDOWS\soundman.exe]
C:\Documents and Settings\Caffetin\Start Menu\Programs\Startup\
Trillian.lnk - C:\Program Files\Trillian\trillian.exe [2007-12-11 1873280]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoResolveSearch"= 1 (0x1)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ComPlusSetup]
C:\WINDOWS\system32\catsrvut.dll 2004-08-04 13:00 628224 C:\WINDOWS\system32\catsrvut.dll
[HKLM\~\startupfolder\C:^Documents and Settings^Caffetin^Start Menu^Programs^Startup^Adobe Gamma.lnk]
backup=C:\WINDOWS\pss\Adobe Gamma.lnkStartup
[HKLM\~\startupfolder\C:^Documents and Settings^Caffetin^Start Menu^Programs^Startup^Microsoft Update Protection.lnk]
backup=C:\WINDOWS\pss\Microsoft Update Protection.lnkStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BDAgent]
--a------ 2008-02-11 08:45 249856 C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
--a------ 2006-04-21 17:03 94208 C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BluetoothAuthenticationAgent]
--a------ 2004-08-04 13:00 110592 C:\WINDOWS\system32\bthprops.cpl
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools-1033]
--a------ 2004-08-22 16:05 81920 C:\Program Files\D-Tools\daemon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FineReader7NewsReaderPro]
--a------ 2004-12-17 00:38 290816 C:\Program Files\ABBYY FineReader 7.0 Professional Edition\ABBYYNewsReader.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKey]
--a------ 2006-03-07 02:32 81920 C:\Program Files\HotKey\hotkey.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
--a------ 2004-07-01 10:58 118784 C:\WINDOWS\system32\hkcmd.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
--a------ 2004-07-01 11:02 155648 C:\WINDOWS\system32\igfxtray.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LanguageShortcut]
--a------ 2006-12-05 22:55 54832 C:\Program Files\CyberLink\PowerDVD\Language\Language.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
--------- 2004-10-13 17:24 1694208 C:\Program Files\Messenger\msmsgs.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCSuiteTrayApplication]
--a------ 2007-06-18 15:10 271360 C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
--a------ 2007-02-10 11:04 98304 C:\Program Files\QuickTime\qttask.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RegistryMechanic]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
--------- 2006-12-06 18:37 69216 C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SearchSettings]
--a------ 2007-12-06 11:58 1069920 C:\Program Files\Search Settings\SearchSettings.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SmartSync - ScheduleSync]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Suite]
-ra------ 2007-06-13 07:16 528384 C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan]
--a------ 2005-12-14 18:06 577536 C:\WINDOWS\soundman.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
--a------ 2007-07-21 09:43 68856 C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Taskix]
--a------ 2007-11-22 21:27 64000 c:\Program Files\taskix\Taskix32.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\updateMgr]
-ra------ 2006-03-30 16:45 313472 C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe
S1 bdftdif;bdftdif;C:\Program Files\Common Files\BitDefender\BitDefender Firewall\bdftdif.sys [2007-07-10 14:47]
S2 {95808DC4-FA4A-4c74-92FE-5B863F82066B};{95808DC4-FA4A-4c74-92FE-5B863F82066B};C:\Program Files\CyberLink\PowerDVD\[u]0[/u]00.fcl [2006-11-02 16:51]
S2 RapidPort;RapidPort;C:\WINDOWS\system32\Drivers\CAPLPTN.SYS [2001-02-05 16:00]
S3 Bdfndisf;BitDefender Firewall NDIS Filter Service;C:\WINDOWS\system32\DRIVERS\bdfndisf.sys [2007-07-10 14:47]
S3 bdfsfltr;bdfsfltr;C:\WINDOWS\system32\DRIVERS\bdfsfltr.sys [2007-07-12 16:28]
S3 BDSelfPr;BDSelfPr;C:\Program Files\BitDefender\BitDefender 2008\bdselfpr.sys [2007-07-02 16:29]
S3 KS-959;Kingsun KS-959 USB Infrared Adapter;C:\WINDOWS\system32\DRIVERS\KS-959.sys [2005-10-20 14:50]
S3 s125bus;Sony Ericsson Device 125 driver (WDM);C:\WINDOWS\system32\DRIVERS\s125bus.sys [2007-04-24 10:33]
S3 s125mdfl;Sony Ericsson Device 125 USB WMC Modem Filter;C:\WINDOWS\system32\DRIVERS\s125mdfl.sys [2007-04-24 10:33]
S3 s125mdm;Sony Ericsson Device 125 USB WMC Modem Driver;C:\WINDOWS\system32\DRIVERS\s125mdm.sys [2007-04-24 10:33]
S3 s125mgmt;Sony Ericsson Device 125 USB WMC Device Management Drivers (WDM);C:\WINDOWS\system32\DRIVERS\s125mgmt.sys [2007-04-24 10:33]
S3 s125obex;Sony Ericsson Device 125 USB WMC OBEX Interface;C:\WINDOWS\system32\DRIVERS\s125obex.sys [2007-04-24 10:33]
S3 scan;BitDefender Threat Scanner;C:\WINDOWS\System32\svchost.exe [2004-08-04 13:00]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bdx REG_MULTI_SZ scan
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{6778F1EE-80BB-4F27-BC69-F91B843782CD}]
C:\Documents and Settings\Caffetin\Application Data\Microsoft\cfgmgr.vbs
.
**************************************************************************
catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-02-11 14:28:14
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\bdfsfltr]
"ImagePath"=hex:73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,44,00,52,\
.
------------------------ Other Running Processes ------------------------
.
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
.
**************************************************************************
.
Completion time: 2008-02-11 14:33:04 - machine was rebooted
ComboFix-quarantined-files.txt 2008-02-11 13:33:01
.
2008-01-09 02:01:53 --- E O F ---