Vesti

vladobooy · Novi građanin

Cao,

Imam problem ne mogu ni sa jednim pretrazivacem da otvorim nijedan microsoft sajt. Pomoc?

Pozdrav

diarno · Anti Malware Fighter Rank 1

http://www.mycity.rs/Ambulanta/Kako-otvoriti-temu-u-Ambulanti.html

vladobooy · Novi građanin

----------- Napisano: 22 Jan 2010 9:23 ---------

DDS (Ver_09-12-01.01) - NTFSx86
Run by Gardovic at 9:15:50,93 on pet 22.01.2010
Internet Explorer: 8.0.6001.18702
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.1023.442 [GMT 1:00]

AV: avast! antivirus 4.8.1368 [VPS 100122-0] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\QuickTime\qttask.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\McAfee Security Scan\1.0.150\SSScheduler.exe
C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Autodesk Shared\WSCommCntr1.exe
C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
C:\Program Files\AutoCAD 2009\acad.exe
C:\DOCUME~1\Gardovic\LOCALS~1\Temp\AdskCleanup.0001
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\Gardovic\Desktop\dds.com

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.google.ba/
uSearch Page = hxxp://www.google.com
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
mSearchAssistant = hxxp://www.google.com/ie
uURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\progra~1\yahoo!\companion\installs\cpn\yt.dll
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\progra~1\yahoo!\companion\installs\cpn\yt.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Skype add-on (mastermind): {22bf413b-c6d2-4d91-82a9-a0f997ba588c} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.4.4525.1752\swg.dll
BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - c:\progra~1\yahoo!\companion\installs\cpn\YTSingleInstance.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\progra~1\yahoo!\companion\installs\cpn\yt.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background
uRun: [Messenger (Yahoo!)] "c:\progra~1\yahoo!\messenger\YahooMessenger.exe" -quiet
mRun: [NeroFilterCheck] c:\windows\system32\NeroCheck.exe
mRun: [RemoteControl] "c:\program files\cyberlink\powerdvd\PDVDServ.exe"
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [avast!] c:\progra~1\alwils~1\avast4\ashDisp.exe
mRun: [ISUSPM Startup] "c:\program files\common files\installshield\updateservice\isuspm.exe" -startup
mRun: [ISUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [nwiz] nwiz.exe /install
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
StartupFolder: c:\docume~1\gardovic\startm~1\programs\startup\adobeg~1.lnk - c:\program files\common files\adobe\calibration\Adobe Gamma Loader.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\mcafee~1.lnk - c:\program files\mcafee security scan\1.0.150\SSScheduler.exe
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {5067A26B-1337-4436-8AFE-EE169C2DA79F} - {77BF5300-1474-4EC7-9980-D32B190E9B07} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dll
IE: {77BF5300-1474-4EC7-9980-D32B190E9B07} - {77BF5300-1474-4EC7-9980-D32B190E9B07} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\gardovic\applic~1\mozilla\firefox\profiles\vdtx05ww.default\

---- FIREFOX POLICIES ----
FF - user.js: yahoo.ytff.general.dontshowhpoffer - truec:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);

============= SERVICES / DRIVERS ===============

R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2010-1-13 114768]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2010-1-13 20560]
R2 avast! Antivirus;avast! Antivirus;c:\program files\alwil software\avast4\ashServ.exe [2010-1-13 138680]
R3 Envy24HFS;ICE Envy24 Family Audio Controller WDM V1.01 (Envy24HT-S Eval. Only);c:\windows\system32\drivers\Envy24HF.sys [2010-1-13 561144]
S2 lzamom;Universal Server;c:\windows\system32\svchost.exe -k netsvcs [2004-8-4 14336]
S2 wuzawqan;exbbc;c:\windows\system32\svchost.exe -k netsvcs [2004-8-4 14336]
S3 avast! Mail Scanner;avast! Mail Scanner;c:\program files\alwil software\avast4\ashMaiSv.exe [2010-1-13 254040]
S3 avast! Web Scanner;avast! Web Scanner;c:\program files\alwil software\avast4\ashWebSv.exe [2010-1-13 352920]
S3 xvvxsrqne;xvvxsrqne;\??\c:\windows\system32\03a.tmp --> c:\windows\system32\03A.tmp [?]

=============== Created Last 30 ================

2010-01-21 11:15:50 0 d-----w- c:\program files\Spybot - Search & Destroy
2010-01-21 11:15:50 0 d-----w- c:\docume~1\alluse~1\applic~1\Spybot - Search & Destroy
2010-01-21 11:07:25 0 d-----w- c:\program files\Includes
2010-01-21 10:59:35 69 ----a-w- c:\windows\NeroDigital.ini
2010-01-21 10:21:38 0 d-sh--w- c:\documents and settings\gardovic\IECompatCache
2010-01-21 10:20:54 0 d-sh--w- c:\documents and settings\gardovic\PrivacIE
2010-01-21 10:19:37 0 d-sh--w- c:\documents and settings\gardovic\IETldCache
2010-01-21 10:15:26 0 dc-h--w- c:\windows\ie8
2010-01-21 10:15:04 0 d--h--w- c:\windows\msdownld.tmp
2010-01-21 08:37:49 0 d-----w- c:\windows\SxsCaPendDel
2010-01-21 08:33:46 0 d-----w- c:\program files\Yahoo!
2010-01-21 08:23:16 0 d-----w- c:\program files\uTorrent
2010-01-21 08:21:49 0 d-----w- c:\docume~1\gardovic\applic~1\uTorrent
2010-01-21 07:12:51 56 ---ha-w- c:\windows\system32\ezsidmv.dat
2010-01-20 09:33:09 0 d-----w- c:\docume~1\alluse~1\applic~1\McAfee Security Scan
2010-01-20 09:33:08 0 d-----w- c:\program files\McAfee Security Scan
2010-01-13 11:25:31 172032 ----a-w- c:\windows\system32\nvudisp.exe
2010-01-13 11:25:31 13474 ----a-w- c:\windows\system32\nvdisp.nvu
2010-01-13 11:25:31 0 d-----w- c:\windows\nview
2010-01-13 11:22:35 0 d-----w- c:\program files\ASUSTeK
2010-01-13 11:21:00 11264 ------r- c:\windows\system32\drivers\EIO.sys
2010-01-13 11:12:10 2568 --sha-w- c:\windows\system32\KGyGaAvL.sys
2010-01-13 11:09:17 0 d-----w- c:\program files\Corel
2010-01-13 11:09:17 0 d-----w- c:\program files\common files\Corel
2010-01-13 10:58:04 499712 ----a-w- c:\windows\system32\MSVCP71.dll
2010-01-13 10:58:04 1060864 ----a-w- c:\windows\system32\MFC71.dll
2010-01-13 10:48:16 0 d-----w- c:\program files\common files\Autodesk Shared
2010-01-13 10:48:16 0 d-----w- c:\program files\AutoCAD 2009
2010-01-13 10:48:16 0 d-----w- c:\docume~1\gardovic\applic~1\Autodesk
2010-01-13 10:47:53 3727720 ----a-w- c:\windows\system32\d3dx9_35.dll
2010-01-13 10:43:44 0 d-----w- c:\windows\system32\XPSViewer
2010-01-13 10:43:00 14048 ------w- c:\windows\system32\spmsg2.dll
2010-01-13 10:38:18 86016 ----a-w- c:\windows\unvise32qt.exe
2010-01-13 10:37:55 0 d-----w- c:\windows\system32\QuickTime
2010-01-13 10:33:35 0 d-----w- c:\program files\common files\Adobe Systems Shared
2010-01-13 10:28:49 376 ----a-w- c:\windows\ODBC.INI
2010-01-13 10:28:42 17920 ----a-w- c:\windows\system32\mdimon.dll
2010-01-13 10:27:40 0 d-----w- c:\program files\common files\L&H
2010-01-13 10:27:18 0 d-----w- c:\program files\Microsoft ActiveSync
2010-01-13 10:26:27 0 d-----w- c:\windows\SHELLNEW
2010-01-13 10:17:11 0 d-----w- c:\program files\Webteh
2010-01-13 10:16:06 0 d-----r- c:\program files\Skype
2010-01-13 10:15:21 453152 ----a-w- c:\windows\system32\NVUNINST.EXE
2010-01-13 10:14:46 0 d-----w- C:\NVIDIA
2010-01-13 10:10:08 5888 ------w- c:\windows\system32\drivers\imagedrv.sys
2010-01-13 10:10:08 127488 ------w- c:\windows\system32\drivers\imagesrv.sys
2010-01-13 10:09:49 364544 ------w- c:\windows\system32\TwnLib4.dll
2010-01-13 10:09:49 106496 ----a-w- c:\windows\system32\TwnLib20.dll
2010-01-13 10:09:48 476320 ------w- c:\windows\system32\ImagXpr7.dll
2010-01-13 10:09:48 471040 ------w- c:\windows\system32\ImagXRA7.dll
2010-01-13 10:09:48 262144 ------w- c:\windows\system32\ImagXR7.dll
2010-01-13 10:09:48 1568768 ------w- c:\windows\system32\ImagX7.dll
2010-01-13 10:09:48 155648 ----a-w- c:\windows\system32\NeroCheck.exe
2010-01-13 10:08:58 0 d-----w- c:\windows\system32\PreInstall
2010-01-13 10:08:54 26144 ----a-w- c:\windows\system32\spupdsvc.exe
2010-01-13 10:08:52 0 d--h--w- c:\windows\$hf_mig$
2010-01-13 10:08:40 0 d-----w- c:\program files\MSECache
2010-01-13 10:08:30 421888 ----a-w- c:\windows\system32\ac3filter.acm
2010-01-13 10:08:24 0 d-----w- c:\program files\XP Codec Pack
2010-01-13 10:03:42 0 d-----w- c:\windows\system32\SoftwareDistribution
2010-01-13 10:00:46 21504 ----a-w- c:\windows\system32\hidserv.dll
2010-01-13 10:00:20 57472 ----a-w- c:\windows\system32\drivers\redbook.sys
2010-01-13 10:00:13 60288 -c--a-w- c:\windows\system32\dllcache\drmk.sys
2010-01-13 10:00:13 60288 ----a-w- c:\windows\system32\drivers\drmk.sys
2010-01-13 10:00:13 4096 -c--a-w- c:\windows\system32\dllcache\ksuser.dll
2010-01-13 10:00:13 4096 ----a-w- c:\windows\system32\ksuser.dll
2010-01-13 10:00:13 2944 ----a-w- c:\windows\system32\drivers\msmpu401.sys
2010-01-13 10:00:13 145792 -c--a-w- c:\windows\system32\dllcache\portcls.sys
2010-01-13 10:00:13 145792 ----a-w- c:\windows\system32\drivers\portcls.sys
2010-01-13 10:00:13 130048 -c--a-w- c:\windows\system32\dllcache\ksproxy.ax
2010-01-13 10:00:13 130048 ----a-w- c:\windows\system32\ksproxy.ax
2010-01-13 10:00:11 10624 ----a-w- c:\windows\system32\drivers\gameenum.sys
2010-01-13 09:57:46 0 d-----w- c:\program files\common files\ODBC
2010-01-13 09:57:43 0 d-----w- c:\program files\common files\SpeechEngines
2010-01-13 09:57:13 0 d-----r- c:\documents and settings\all users\Documents
2010-01-13 09:39:08 0 d-----w- c:\program files\Envy24 Family Audio Controller
2010-01-13 09:16:28 0 d-sh--w- c:\documents and settings\all users\DRM
2010-01-13 09:16:05 0 d--h--w- c:\program files\WindowsUpdate
2010-01-13 09:14:58 0 d-----w- c:\program files\common files\MSSoap
2010-01-13 09:13:25 0 d-----w- c:\program files\Online Services
2010-01-13 09:13:19 0 d-----w- c:\program files\Messenger
2010-01-13 09:13:15 0 d-----w- c:\program files\MSN Gaming Zone
2010-01-13 09:12:30 0 d-----w- c:\program files\Windows NT

==================== Find3M ====================

2010-01-13 09:13:53 21640 ----a-w- c:\windows\system32\emptyregdb.dat
2004-08-04 01:07:00 168509 --sha-r- c:\windows\system32\aoqfwimp.dll

============= FINISH: 9:16:13,95 ===============

http://www.mycity.rs/Uploads/107357_1045085239_Attach.txt

http://www.mycity.rs/Uploads/107357_17046362_Attach.txt

----------- Dopuna: 22 Jan 2010 10:00 ---------

----------- Dopuna: 22 Jan 2010 10:29 ---------

http://www.mycity.rs/Uploads/107357_1327547349_Gmer1.log

http://www.mycity.rs/Uploads/107357_1948857168_Gmer2.log

----------- Dopuna: 22 Jan 2010 10:30 ---------

http://www.mycity.rs/Uploads/107357_195532391_Gmer3.txt

diarno · Anti Malware Fighter Rank 1

Preuzmi sUBs-ov ComboFix sa sledeće adrese na Desktop:

Bleeping Computer

Klikni desnim tasterom na link i odaberi opciju Save Target As... (Save Link As..., Save Linked Content As... ili sličnu);
Kada se otvori dijalog za izbor lokacije na kojoj treba sačuvati file, odaberi Desktop i klikni Save.

Kada preuzimanje programa bude završeno:

deaktiviraj zaštitni softver (uputstvo);
zatvori pokrenute programe;
dvoklikom pokreni program ComboFix.

U toku rada, ComboFix će:

proveriti postoji li novija verzija programa:
- klikni Yes ako bude ponuđeno preuzimanje iste.
prikazati DISCLAIMER OF WARRANTY ON SOFTWARE:
- klikni Yes kako bi proces bio nastavljen.
ako Recovery Console nije instalirana, ponuditi instalaciju:
- obavezno prihvati klikom na Yes i isprati postupak.
postaviti/dati određeni broj upita/obaveštenja:
- prihvati klikom na Yes ili OK.
po potrebi, restartovati Windows (više puta);
na kraju rada, otvoriti Notepad sa izveštajem o skeniranju.

Iskopiraj izveštaj koji je ComboFix napravio u temu na forumu:

klikni desnim tasterom miša u prozor Notepad-a i izaberi Select All;
klikni desnim tasterom miša na obeleženi tekst i izaberi Copy;
klikni desnim tasterom miša u polje za pisanje poruke i izaberi Paste.

Napomena:

Izveštaj će biti sačuvan pod nazivom ComboFix.txt na sistemskoj particiji (tipična lokacija: C:\ComboFix.txt);
Ukoliko nakon slanja poruke primetiš da izveštaj nije kompletan, iskoristi opciju Prikači fajl za prilaganje file-a C:\ComboFix.txt uz poruku.

vladobooy · Novi građanin

----------- Napisano: 22 Jan 2010 13:28 ---------

ComboFix 10-01-21.07 - Gardovic 22.01.2010 12:55:20.1.1 - x86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.1023.608 [GMT 1:00]
Running from: c:\documents and settings\Gardovic\Desktop\ComboFix.exe
AV: avast! antivirus 4.8.1368 [VPS 100122-0] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\system32\aoqfwimp.dll
c:\windows\system32\e1000msg.dll

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_lzamom
-------\Legacy_wuzawqan
-------\Service_lzamom
-------\Service_wuzawqan

((((((((((((((((((((((((( Files Created from 2009-12-22 to 2010-01-22 )))))))))))))))))))))))))))))))
.

2010-01-22 09:33 . 2010-01-22 09:33 -------- d-----w- c:\documents and settings\All Users\Application Data\McAfee
2010-01-21 12:26 . 2010-01-21 12:26 -------- d-sh--w- c:\documents and settings\NetworkService\IETldCache
2010-01-21 12:25 . 2010-01-21 12:25 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Mozilla
2010-01-21 12:25 . 2010-01-21 12:25 -------- d-sh--w- c:\documents and settings\Administrator\IETldCache
2010-01-21 11:15 . 2010-01-21 11:23 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2010-01-21 11:15 . 2010-01-21 11:18 -------- d-----w- c:\program files\Spybot - Search & Destroy
2010-01-21 11:07 . 2010-01-21 11:07 -------- d-----w- c:\program files\Includes
2010-01-21 10:59 . 2010-01-21 10:59 -------- d-----w- c:\documents and settings\Gardovic\Application Data\Media Player Classic
2010-01-21 10:38 . 2010-01-21 10:38 -------- d-sh--w- c:\documents and settings\Razvoj\PrivacIE
2010-01-21 10:38 . 2010-01-21 10:38 -------- d-----w- c:\documents and settings\Razvoj\Local Settings\Application Data\Yahoo
2010-01-21 10:38 . 2010-01-21 10:38 -------- d-----w- c:\documents and settings\Razvoj\Application Data\Yahoo!
2010-01-21 10:38 . 2010-01-21 10:38 -------- d-sh--w- c:\documents and settings\Razvoj\IETldCache
2010-01-21 10:21 . 2010-01-21 10:21 -------- d-sh--w- c:\documents and settings\Gardovic\IECompatCache
2010-01-21 10:20 . 2010-01-21 10:20 -------- d-sh--w- c:\documents and settings\Gardovic\PrivacIE
2010-01-21 10:19 . 2010-01-21 10:19 -------- d-sh--w- c:\documents and settings\Gardovic\IETldCache
2010-01-21 10:15 . 2010-01-21 10:17 -------- dc-h--w- c:\windows\ie8
2010-01-21 10:15 . 2010-01-21 10:17 -------- d--h--w- c:\windows\msdownld.tmp
2010-01-21 08:40 . 2010-01-21 09:08 -------- d-----w- c:\documents and settings\Gardovic\Local Settings\Application Data\Yahoo
2010-01-21 08:38 . 2010-01-21 09:08 -------- d-----w- c:\documents and settings\All Users\Application Data\Yahoo! Companion
2010-01-21 08:38 . 2010-01-21 08:40 -------- d-----w- c:\documents and settings\Gardovic\Application Data\Yahoo!
2010-01-21 08:38 . 2009-11-10 13:39 607472 ----a-w- c:\documents and settings\All Users\Application Data\Yahoo!\YUpdater\yupdater.exe
2010-01-21 08:38 . 2010-01-21 08:38 -------- d-----w- c:\documents and settings\All Users\Application Data\Yahoo!
2010-01-21 08:37 . 2010-01-21 09:05 -------- d-----w- c:\windows\SxsCaPendDel
2010-01-21 08:33 . 2010-01-21 08:38 -------- d-----w- c:\program files\Yahoo!
2010-01-21 08:23 . 2010-01-21 08:23 -------- d-----w- c:\program files\uTorrent
2010-01-21 08:21 . 2010-01-21 09:04 -------- d-----w- c:\documents and settings\Gardovic\Application Data\uTorrent
2010-01-21 07:12 . 2010-01-21 07:12 56 ---ha-w- c:\windows\system32\ezsidmv.dat
2010-01-21 07:12 . 2010-01-21 07:12 -------- d-----w- c:\documents and settings\Gardovic\Application Data\skypePM
2010-01-20 12:59 . 2010-01-20 12:59 -------- d-----w- c:\documents and settings\Gardovic\Local Settings\Application Data\Identities
2010-01-20 09:33 . 2010-01-20 09:33 -------- d-----w- c:\documents and settings\All Users\Application Data\McAfee Security Scan
2010-01-20 09:33 . 2010-01-20 09:33 -------- d-----w- c:\program files\McAfee Security Scan
2010-01-19 08:00 . 2010-01-19 08:00 1956072 ----a-w- c:\documents and settings\Razvoj\Application Data\Macromedia\Flash Player\www.macromedia.com\bin\fpupdateax\fpupdateax.exe
2010-01-18 11:32 . 2010-01-19 08:09 -------- d-----w- c:\documents and settings\Razvoj\Local Settings\Application Data\Identities
2010-01-18 10:27 . 2010-01-21 10:38 -------- d-----w- c:\documents and settings\Razvoj\Local Settings\Application Data\Google
2010-01-15 06:01 . 2010-01-15 06:01 152576 ----a-w- c:\documents and settings\Razvoj\Application Data\Sun\Java\jre1.6.0_17\lzma.dll
2010-01-15 06:00 . 2010-01-15 06:00 79488 ----a-w- c:\documents and settings\Razvoj\Application Data\Sun\Java\jre1.6.0_17\gtapi.dll
2010-01-13 12:11 . 2010-01-13 12:11 -------- d-----w- c:\documents and settings\Razvoj\Application Data\Corel
2010-01-13 12:02 . 2010-01-13 12:02 -------- d-----w- c:\documents and settings\Razvoj\Local Settings\Application Data\Mozilla
2010-01-13 11:59 . 2010-01-13 11:59 100280 ----a-w- c:\documents and settings\Razvoj\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2010-01-13 11:59 . 2010-01-15 12:57 -------- d-----w- c:\documents and settings\Razvoj\Application Data\Autodesk
2010-01-13 11:59 . 2010-01-13 11:59 -------- d-----w- c:\documents and settings\Razvoj\Local Settings\Application Data\Autodesk
2010-01-13 11:55 . 2010-01-14 07:31 -------- d-----w- c:\documents and settings\Razvoj\Local Settings\Application Data\Adobe
2010-01-13 11:33 . 2010-01-13 11:33 0 ----a-w- c:\windows\nsreg.dat
2010-01-13 11:33 . 2010-01-13 11:33 -------- d-----w- c:\documents and settings\Gardovic\Local Settings\Application Data\Mozilla
2010-01-13 11:31 . 2010-01-21 10:20 -------- d-----w- c:\documents and settings\Gardovic\Local Settings\Application Data\Google
2010-01-13 11:25 . 2010-01-13 11:27 -------- d-----w- c:\windows\nview
2010-01-13 11:25 . 2004-07-15 10:42 172032 ----a-w- c:\windows\system32\nvudisp.exe
2010-01-13 11:22 . 2010-01-13 11:22 -------- d-----w- c:\program files\ASUSTeK
2010-01-13 11:21 . 2006-02-08 08:26 11264 ------r- c:\windows\system32\drivers\EIO.sys
2010-01-13 11:12 . 2010-01-20 12:38 2568 --sha-w- c:\windows\system32\KGyGaAvL.sys
2010-01-13 11:11 . 2010-01-13 11:11 -------- d-----w- c:\documents and settings\Gardovic\Application Data\Corel
2010-01-13 11:11 . 2010-01-13 11:11 -------- d-----w- c:\documents and settings\All Users\Application Data\InstallShield
2010-01-13 11:11 . 2010-01-13 11:11 65536 ----a-r- c:\documents and settings\Gardovic\Application Data\Microsoft\Installer\{F428D0FB-765D-40EB-BDD8-A1E7F5C597FA}\Shortcut0.C3A146F5_4B48_11D5_A819_00B0D0428C0C.exe
2010-01-13 11:11 . 2010-01-13 11:11 10134 ----a-r- c:\documents and settings\Gardovic\Application Data\Microsoft\Installer\{F428D0FB-765D-40EB-BDD8-A1E7F5C597FA}\ARPPRODUCTICON.exe
2010-01-13 11:09 . 2010-01-13 11:09 -------- d-----w- c:\program files\Corel
2010-01-13 11:09 . 2010-01-13 11:09 -------- d-----w- c:\program files\Common Files\Corel
2010-01-13 11:03 . 2010-01-21 07:58 -------- d-----w- c:\documents and settings\Gardovic\Application Data\Skype
2010-01-13 10:58 . 2009-11-24 23:48 23120 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2010-01-13 10:58 . 2009-11-24 23:49 48560 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2010-01-13 10:58 . 2009-11-24 23:47 27408 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2010-01-13 10:58 . 2009-11-24 23:47 97480 ----a-w- c:\windows\system32\AvastSS.scr
2010-01-13 10:58 . 2009-09-15 11:55 114768 ----a-w- c:\windows\system32\drivers\aswSP.sys
2010-01-13 10:58 . 2009-09-15 11:55 20560 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2010-01-13 10:58 . 2009-11-24 23:51 93424 ----a-w- c:\windows\system32\drivers\aswmon.sys
2010-01-13 10:58 . 2009-09-15 11:56 94160 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2010-01-13 10:58 . 2009-11-24 23:54 1280480 ----a-w- c:\windows\system32\aswBoot.exe
2010-01-13 10:58 . 2003-03-18 21:20 1060864 ----a-w- c:\windows\system32\MFC71.dll
2010-01-13 10:58 . 2003-03-18 20:14 499712 ----a-w- c:\windows\system32\MSVCP71.dll
2010-01-13 10:58 . 2010-01-13 10:58 -------- d-----w- c:\program files\Alwil Software
2010-01-13 10:48 . 2010-01-21 10:01 -------- d-----w- c:\documents and settings\Gardovic\Application Data\Autodesk
2010-01-13 10:48 . 2010-01-15 12:57 -------- d-----w- c:\documents and settings\All Users\Application Data\Autodesk
2010-01-13 10:48 . 2010-01-13 10:52 -------- d-----w- c:\program files\Common Files\Autodesk Shared
2010-01-13 10:48 . 2010-01-13 10:51 -------- d-----w- c:\program files\AutoCAD 2009
2010-01-13 10:48 . 2010-01-13 10:48 -------- d-----w- c:\documents and settings\Gardovic\Local Settings\Application Data\Autodesk
2010-01-13 10:47 . 2007-07-19 17:14 3727720 ----a-w- c:\windows\system32\d3dx9_35.dll
2010-01-13 10:47 . 2010-01-13 10:47 -------- d-----w- c:\program files\MSBuild
2010-01-13 10:47 . 2010-01-21 12:23 727776 ----a-w- c:\documents and settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
2010-01-13 10:43 . 2010-01-13 10:43 -------- d-----w- c:\windows\system32\XPSViewer
2010-01-13 10:43 . 2010-01-13 10:43 -------- d-----w- c:\program files\Reference Assemblies
2010-01-13 10:43 . 2006-10-14 15:43 27648 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\filterpipelineprintproc.dll
2010-01-13 10:43 . 2006-06-29 12:07 14048 ------w- c:\windows\system32\spmsg2.dll
2010-01-13 10:38 . 1999-11-10 10:05 86016 ----a-w- c:\windows\unvise32qt.exe
2010-01-13 10:37 . 2010-01-13 10:38 -------- d-----w- c:\program files\QuickTime
2010-01-13 10:37 . 2010-01-13 10:38 -------- d-----w- c:\windows\system32\QuickTime
2010-01-13 10:37 . 2010-01-13 10:37 -------- d-----w- c:\documents and settings\All Users\Application Data\QuickTime
2010-01-13 10:34 . 2010-01-13 10:34 -------- d-----w- c:\documents and settings\All Users\Application Data\Adobe Systems
2010-01-13 10:33 . 2010-01-13 10:33 -------- d-----w- c:\program files\Common Files\Adobe Systems Shared
2010-01-13 10:31 . 2010-01-13 10:31 -------- d-----w- c:\program files\Common Files\Adobe AIR
2010-01-13 10:30 . 2010-01-13 10:36 -------- d-----w- c:\program files\Common Files\Adobe
2010-01-13 10:30 . 2010-01-21 13:27 -------- d-----w- c:\documents and settings\Gardovic\Local Settings\Application Data\Adobe
2010-01-13 10:28 . 2003-06-18 16:31 18944 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\mdippr.dll
2010-01-13 10:28 . 2003-06-18 16:31 17920 ----a-w- c:\windows\system32\mdimon.dll
2010-01-13 10:27 . 2010-01-13 10:27 -------- d-----w- c:\program files\Common Files\L&H
2010-01-13 10:27 . 2010-01-13 10:27 -------- d-----w- c:\program files\Microsoft ActiveSync
2010-01-13 10:26 . 2010-01-13 10:26 -------- d-----w- c:\program files\Microsoft Works
2010-01-13 10:26 . 2010-01-13 10:27 -------- d-----w- c:\windows\SHELLNEW
2010-01-13 10:25 . 2010-01-13 10:25 -------- d-----w- c:\program files\Microsoft.NET
2010-01-13 10:23 . 2010-01-13 10:23 -------- d-----r- C:\MSOCache
2010-01-13 10:18 . 2010-01-13 10:18 -------- d-----w- c:\documents and settings\All Users\Application Data\CyberLink
2010-01-13 10:17 . 2010-01-13 10:17 -------- d-----w- c:\program files\CyberLink
2010-01-13 10:17 . 2010-01-13 10:17 -------- d-----w- c:\program files\Webteh
2010-01-13 10:16 . 2010-01-13 10:16 -------- d-----w- c:\program files\Google
2010-01-13 10:16 . 2010-01-13 10:16 -------- d-----w- c:\program files\Common Files\Skype
2010-01-13 10:16 . 2010-01-13 10:16 -------- d-----r- c:\program files\Skype
2010-01-13 10:15 . 2010-01-13 10:16 -------- d-----w- c:\documents and settings\All Users\Application Data\Skype
2010-01-13 10:15 . 2008-10-02 09:07 453152 ----a-w- c:\windows\system32\NVUNINST.EXE
2010-01-13 10:14 . 2010-01-13 11:25 -------- d-----w- C:\NVIDIA
2010-01-13 10:10 . 2005-09-01 10:03 5888 ------w- c:\windows\system32\drivers\imagedrv.sys
2010-01-13 10:10 . 2005-09-01 10:03 127488 ------w- c:\windows\system32\drivers\imagesrv.sys
2010-01-13 10:09 . 2004-07-09 07:43 364544 ------w- c:\windows\system32\TwnLib4.dll
2010-01-13 10:09 . 2000-06-26 09:45 106496 ----a-w- c:\windows\system32\TwnLib20.dll
2010-01-13 10:09 . 2010-01-13 10:09 -------- d-----w- c:\program files\Common Files\Ahead
2010-01-13 10:09 . 2004-07-26 15:16 476320 ------w- c:\windows\system32\ImagXpr7.dll
2010-01-13 10:09 . 2004-07-26 15:16 471040 ------w- c:\windows\system32\ImagXRA7.dll
2010-01-13 10:09 . 2004-07-26 15:16 262144 ------w- c:\windows\system32\ImagXR7.dll
2010-01-13 10:09 . 2004-07-26 15:16 1568768 ------w- c:\windows\system32\ImagX7.dll
2010-01-13 10:09 . 2001-07-09 09:50 155648 ----a-w- c:\windows\system32\NeroCheck.exe
2010-01-13 10:09 . 2010-01-13 10:09 -------- d-----w- c:\program files\Ahead
2010-01-13 10:08 . 2009-01-07 17:21 26144 ----a-w- c:\windows\system32\spupdsvc.exe
2010-01-13 10:08 . 2010-01-13 10:15 -------- d--h--w- c:\windows\$hf_mig$
2010-01-13 10:08 . 2010-01-13 10:08 -------- d-----w- c:\program files\MSECache
2010-01-13 10:08 . 2010-01-13 10:08 -------- d-----w- c:\program files\XP Codec Pack
2010-01-13 10:07 . 2010-01-13 10:07 -------- d-----w- c:\program files\7-Zip
2010-01-13 10:02 . 2010-01-13 11:12 100280 ----a-w- c:\documents and settings\Gardovic\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2010-01-13 10:01 . 2004-08-03 23:07 6400 ----a-w- c:\windows\system32\drivers\splitter.sys

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-01-15 09:18 . 2010-01-13 09:16 86327 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2010-01-13 11:22 . 2010-01-13 09:35 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-01-13 11:22 . 2010-01-13 09:35 -------- d-----w- c:\program files\Common Files\InstallShield
2010-01-13 09:39 . 2010-01-13 09:39 -------- d-----w- c:\program files\Envy24 Family Audio Controller
2010-01-13 09:35 . 2010-01-13 09:35 -------- d-----w- c:\program files\Intel
2010-01-13 09:17 . 2010-01-13 09:17 -------- d-----w- c:\program files\microsoft frontpage
2010-01-13 09:13 . 2010-01-13 09:13 21640 ----a-w- c:\windows\system32\emptyregdb.dat
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2004-08-04 1667584]
"Messenger (Yahoo!)"="c:\progra~1\Yahoo!\Messenger\YahooMessenger.exe" [2009-11-10 5244216]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2004-11-02 32768]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2010-01-13 98304]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-11-24 81000]
"ISUSPM Startup"="c:\program files\Common Files\InstallShield\UpdateService\isuspm.exe" [2005-08-11 249856]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2005-08-11 81920]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2004-07-15 4112384]
"nwiz"="nwiz.exe" [2004-07-15 843776]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2004-07-15 81920]

c:\documents and settings\Gardovic\Start Menu\Programs\Startup\
Adobe Gamma.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-3-16 113664]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
McAfee Security Scan.lnk - c:\program files\McAfee Security Scan\1.0.150\SSScheduler.exe [2009-7-28 199184]

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"2909:TCP"= 2909:TCP:qefzpzba

R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [13.1.2010 11:58 114768]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [13.1.2010 11:58 20560]
R3 Envy24HFS;ICE Envy24 Family Audio Controller WDM V1.01 (Envy24HT-S Eval. Only);c:\windows\system32\drivers\Envy24HF.sys [13.1.2010 10:39 561144]
S2 lzamom;Universal Server;c:\windows\system32\svchost.exe -k netsvcs [4.8.2004 2:07 14336]
S2 wuzawqan;exbbc;c:\windows\system32\svchost.exe -k netsvcs [4.8.2004 2:07 14336]
S3 xvvxsrqne;xvvxsrqne;\??\c:\windows\system32\03A.tmp --> c:\windows\system32\03A.tmp [?]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
wuzawqan
lzamom
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.ba/
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
FF - ProfilePath - c:\documents and settings\Gardovic\Application Data\Mozilla\Firefox\Profiles\vdtx05ww.default\

---- FIREFOX POLICIES ----
FF - user.js: yahoo.ytff.general.dontshowhpoffer - true.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-01-22 13:18
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\xvvxsrqne]
"ImagePath"="\??\c:\windows\system32\03A.tmp"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\lzamom]
"ServiceDll"="c:\windows\system32\aoqfwimp.dll"
--

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\wuzawqan]
"ServiceDll"="c:\windows\system32\aoqfwimp.dll"
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'explorer.exe'(3948)
c:\windows\system32\msi.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Alwil Software\Avast4\aswUpdSv.exe
c:\program files\Alwil Software\Avast4\ashServ.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\windows\system32\nvsvc32.exe
c:\windows\system32\RUNDLL32.EXE
c:\program files\Yahoo!\SoftwareUpdate\YahooAUService.exe
c:\program files\Alwil Software\Avast4\ashMaiSv.exe
c:\program files\Alwil Software\Avast4\ashWebSv.exe
c:\progra~1\Yahoo!\Messenger\ymsgr_tray.exe
c:\windows\system32\wscntfy.exe
c:\windows\SoftwareDistribution\Download\8fa1ad7968e63408057364ad07aa482c\update\update.exe
.
**************************************************************************
.
Completion time: 2010-01-22 13:22:34 - machine was rebooted
ComboFix-quarantined-files.txt 2010-01-22 12:22

Pre-Run: 19.485.712.384 bytes free
Post-Run: 19.427.463.168 bytes free

WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect

- - End Of File - - 9FB70E4FE549594EE57208EE409955F4

----------- Dopuna: 22 Jan 2010 14:40 ---------

Sad je sve superiska!!! Hvala ljudi puno...

diarno · Anti Malware Fighter Rank 1

Nismo zavrsili :

Otvoriti Notepad i iskopirati sledeci tekst:

vladobooy · Novi građanin

ComboFix 10-01-24.03 - Gardovic 25.01.2010 7:23.2.1 - x86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.1023.584 [GMT 1:00]
Running from: c:\documents and settings\Gardovic\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\Gardovic\Desktop\CFScript.txt
AV: avast! antivirus 4.8.1368 [VPS 100124-1] *On-access scanning enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}

FILE ::
"c:\windows\system32\03A.tmp"
"c:\windows\system32\aoqfwimp.dll"
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_LZAMOM
-------\Legacy_WUZAWQAN
-------\Legacy_XVVXSRQNE
-------\Service_lzamom
-------\Service_wuzawqan
-------\Service_xvvxsrqne

((((((((((((((((((((((((( Files Created from 2009-12-25 to 2010-01-25 )))))))))))))))))))))))))))))))
.

2010-01-25 06:11 . 2009-08-06 18:23 274288 ----a-w- c:\windows\system32\mucltui.dll
2010-01-25 06:11 . 2009-08-06 18:23 215920 ----a-w- c:\windows\system32\muweb.dll
2010-01-22 14:02 . 2010-01-22 14:02 -------- d-----w- c:\windows\speech
2010-01-22 14:02 . 2010-01-22 14:02 -------- d-----w- c:\program files\Mini recnik
2010-01-22 13:25 . 2010-01-25 06:30 -------- d-----w- c:\documents and settings\Gardovic\Tracing
2010-01-22 13:24 . 2010-01-22 13:24 -------- d-----w- c:\program files\Microsoft
2010-01-22 13:24 . 2010-01-22 13:24 -------- d-----w- c:\program files\Windows Live SkyDrive
2010-01-22 13:23 . 2010-01-22 13:24 -------- d-----w- c:\program files\Windows Live
2010-01-22 12:30 . 2010-01-22 12:30 -------- d-----w- c:\program files\Common Files\Windows Live
2010-01-22 09:33 . 2010-01-22 09:33 -------- d-----w- c:\documents and settings\All Users\Application Data\McAfee
2010-01-21 12:26 . 2010-01-21 12:26 -------- d-sh--w- c:\documents and settings\NetworkService\IETldCache
2010-01-21 12:25 . 2010-01-21 12:25 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Mozilla
2010-01-21 12:25 . 2010-01-21 12:25 -------- d-sh--w- c:\documents and settings\Administrator\IETldCache
2010-01-21 11:15 . 2010-01-21 11:23 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2010-01-21 11:15 . 2010-01-21 11:18 -------- d-----w- c:\program files\Spybot - Search & Destroy
2010-01-21 11:07 . 2010-01-21 11:07 -------- d-----w- c:\program files\Includes
2010-01-21 10:59 . 2010-01-21 10:59 -------- d-----w- c:\documents and settings\Gardovic\Application Data\Media Player Classic
2010-01-21 10:38 . 2010-01-21 10:38 -------- d-sh--w- c:\documents and settings\Razvoj\PrivacIE
2010-01-21 10:38 . 2010-01-21 10:38 -------- d-----w- c:\documents and settings\Razvoj\Local Settings\Application Data\Yahoo
2010-01-21 10:38 . 2010-01-21 10:38 -------- d-----w- c:\documents and settings\Razvoj\Application Data\Yahoo!
2010-01-21 10:38 . 2010-01-21 10:38 -------- d-sh--w- c:\documents and settings\Razvoj\IETldCache
2010-01-21 10:21 . 2010-01-21 10:21 -------- d-sh--w- c:\documents and settings\Gardovic\IECompatCache
2010-01-21 10:20 . 2010-01-21 10:20 -------- d-sh--w- c:\documents and settings\Gardovic\PrivacIE
2010-01-21 10:19 . 2010-01-21 10:19 -------- d-sh--w- c:\documents and settings\Gardovic\IETldCache
2010-01-21 10:15 . 2010-01-21 10:17 -------- dc-h--w- c:\windows\ie8
2010-01-21 10:15 . 2010-01-21 10:17 -------- d--h--w- c:\windows\msdownld.tmp
2010-01-21 08:40 . 2010-01-21 09:08 -------- d-----w- c:\documents and settings\Gardovic\Local Settings\Application Data\Yahoo
2010-01-21 08:38 . 2010-01-21 09:08 -------- d-----w- c:\documents and settings\All Users\Application Data\Yahoo! Companion
2010-01-21 08:38 . 2010-01-21 08:40 -------- d-----w- c:\documents and settings\Gardovic\Application Data\Yahoo!
2010-01-21 08:38 . 2009-11-10 13:39 607472 ----a-w- c:\documents and settings\All Users\Application Data\Yahoo!\YUpdater\yupdater.exe
2010-01-21 08:38 . 2010-01-21 08:38 -------- d-----w- c:\documents and settings\All Users\Application Data\Yahoo!
2010-01-21 08:37 . 2010-01-21 09:05 -------- d-----w- c:\windows\SxsCaPendDel
2010-01-21 08:33 . 2010-01-21 08:38 -------- d-----w- c:\program files\Yahoo!
2010-01-21 08:23 . 2010-01-21 08:23 -------- d-----w- c:\program files\uTorrent
2010-01-21 08:21 . 2010-01-21 09:04 -------- d-----w- c:\documents and settings\Gardovic\Application Data\uTorrent
2010-01-21 07:12 . 2010-01-21 07:12 56 ---ha-w- c:\windows\system32\ezsidmv.dat
2010-01-21 07:12 . 2010-01-21 07:12 -------- d-----w- c:\documents and settings\Gardovic\Application Data\skypePM
2010-01-20 12:59 . 2010-01-20 12:59 -------- d-----w- c:\documents and settings\Gardovic\Local Settings\Application Data\Identities
2010-01-20 09:33 . 2010-01-20 09:33 -------- d-----w- c:\documents and settings\All Users\Application Data\McAfee Security Scan
2010-01-20 09:33 . 2010-01-20 09:33 -------- d-----w- c:\program files\McAfee Security Scan
2010-01-19 08:00 . 2010-01-19 08:00 1956072 ----a-w- c:\documents and settings\Razvoj\Application Data\Macromedia\Flash Player\www.macromedia.com\bin\fpupdateax\fpupdateax.exe
2010-01-18 11:32 . 2010-01-19 08:09 -------- d-----w- c:\documents and settings\Razvoj\Local Settings\Application Data\Identities
2010-01-18 10:27 . 2010-01-21 10:38 -------- d-----w- c:\documents and settings\Razvoj\Local Settings\Application Data\Google
2010-01-15 06:01 . 2010-01-15 06:01 152576 ----a-w- c:\documents and settings\Razvoj\Application Data\Sun\Java\jre1.6.0_17\lzma.dll
2010-01-15 06:00 . 2010-01-15 06:00 79488 ----a-w- c:\documents and settings\Razvoj\Application Data\Sun\Java\jre1.6.0_17\gtapi.dll
2010-01-13 12:11 . 2010-01-13 12:11 -------- d-----w- c:\documents and settings\Razvoj\Application Data\Corel
2010-01-13 12:02 . 2010-01-13 12:02 -------- d-----w- c:\documents and settings\Razvoj\Local Settings\Application Data\Mozilla
2010-01-13 11:59 . 2010-01-13 11:59 100280 ----a-w- c:\documents and settings\Razvoj\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2010-01-13 11:59 . 2010-01-15 12:57 -------- d-----w- c:\documents and settings\Razvoj\Application Data\Autodesk
2010-01-13 11:59 . 2010-01-13 11:59 -------- d-----w- c:\documents and settings\Razvoj\Local Settings\Application Data\Autodesk
2010-01-13 11:55 . 2010-01-14 07:31 -------- d-----w- c:\documents and settings\Razvoj\Local Settings\Application Data\Adobe
2010-01-13 11:33 . 2010-01-13 11:33 0 ----a-w- c:\windows\nsreg.dat
2010-01-13 11:33 . 2010-01-13 11:33 -------- d-----w- c:\documents and settings\Gardovic\Local Settings\Application Data\Mozilla
2010-01-13 11:31 . 2010-01-21 10:20 -------- d-----w- c:\documents and settings\Gardovic\Local Settings\Application Data\Google
2010-01-13 11:25 . 2010-01-13 11:27 -------- d-----w- c:\windows\nview
2010-01-13 11:25 . 2004-07-15 10:42 172032 ----a-w- c:\windows\system32\nvudisp.exe
2010-01-13 11:22 . 2010-01-13 11:22 -------- d-----w- c:\program files\ASUSTeK
2010-01-13 11:21 . 2006-02-08 08:26 11264 ------r- c:\windows\system32\drivers\EIO.sys
2010-01-13 11:12 . 2010-01-20 12:38 2568 --sha-w- c:\windows\system32\KGyGaAvL.sys
2010-01-13 11:11 . 2010-01-13 11:11 -------- d-----w- c:\documents and settings\Gardovic\Application Data\Corel
2010-01-13 11:11 . 2010-01-13 11:11 -------- d-----w- c:\documents and settings\All Users\Application Data\InstallShield
2010-01-13 11:11 . 2010-01-13 11:11 65536 ----a-r- c:\documents and settings\Gardovic\Application Data\Microsoft\Installer\{F428D0FB-765D-40EB-BDD8-A1E7F5C597FA}\Shortcut0.C3A146F5_4B48_11D5_A819_00B0D0428C0C.exe
2010-01-13 11:11 . 2010-01-13 11:11 10134 ----a-r- c:\documents and settings\Gardovic\Application Data\Microsoft\Installer\{F428D0FB-765D-40EB-BDD8-A1E7F5C597FA}\ARPPRODUCTICON.exe
2010-01-13 11:09 . 2010-01-13 11:09 -------- d-----w- c:\program files\Corel
2010-01-13 11:09 . 2010-01-13 11:09 -------- d-----w- c:\program files\Common Files\Corel
2010-01-13 11:03 . 2010-01-21 07:58 -------- d-----w- c:\documents and settings\Gardovic\Application Data\Skype
2010-01-13 10:58 . 2009-11-24 23:48 23120 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2010-01-13 10:58 . 2009-11-24 23:49 48560 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2010-01-13 10:58 . 2009-11-24 23:47 27408 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2010-01-13 10:58 . 2009-11-24 23:47 97480 ----a-w- c:\windows\system32\AvastSS.scr
2010-01-13 10:58 . 2009-09-15 11:55 114768 ----a-w- c:\windows\system32\drivers\aswSP.sys
2010-01-13 10:58 . 2009-09-15 11:55 20560 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2010-01-13 10:58 . 2009-11-24 23:51 93424 ----a-w- c:\windows\system32\drivers\aswmon.sys
2010-01-13 10:58 . 2009-09-15 11:56 94160 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2010-01-13 10:58 . 2009-11-24 23:54 1280480 ----a-w- c:\windows\system32\aswBoot.exe
2010-01-13 10:58 . 2003-03-18 21:20 1060864 ----a-w- c:\windows\system32\MFC71.dll
2010-01-13 10:58 . 2003-03-18 20:14 499712 ----a-w- c:\windows\system32\MSVCP71.dll
2010-01-13 10:58 . 2010-01-13 10:58 -------- d-----w- c:\program files\Alwil Software
2010-01-13 10:48 . 2010-01-21 10:01 -------- d-----w- c:\documents and settings\Gardovic\Application Data\Autodesk
2010-01-13 10:48 . 2010-01-15 12:57 -------- d-----w- c:\documents and settings\All Users\Application Data\Autodesk
2010-01-13 10:48 . 2010-01-13 10:52 -------- d-----w- c:\program files\Common Files\Autodesk Shared
2010-01-13 10:48 . 2010-01-13 10:51 -------- d-----w- c:\program files\AutoCAD 2009
2010-01-13 10:48 . 2010-01-13 10:48 -------- d-----w- c:\documents and settings\Gardovic\Local Settings\Application Data\Autodesk
2010-01-13 10:47 . 2007-07-19 17:14 3727720 ----a-w- c:\windows\system32\d3dx9_35.dll
2010-01-13 10:47 . 2010-01-13 10:47 -------- d-----w- c:\program files\MSBuild
2010-01-13 10:47 . 2010-01-21 12:23 727776 ----a-w- c:\documents and settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
2010-01-13 10:43 . 2010-01-13 10:43 -------- d-----w- c:\windows\system32\XPSViewer
2010-01-13 10:43 . 2010-01-13 10:43 -------- d-----w- c:\program files\Reference Assemblies
2010-01-13 10:43 . 2006-10-14 15:43 27648 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\filterpipelineprintproc.dll
2010-01-13 10:43 . 2006-06-29 12:07 14048 ------w- c:\windows\system32\spmsg2.dll
2010-01-13 10:38 . 1999-11-10 10:05 86016 ----a-w- c:\windows\unvise32qt.exe
2010-01-13 10:37 . 2010-01-13 10:38 -------- d-----w- c:\program files\QuickTime
2010-01-13 10:37 . 2010-01-13 10:38 -------- d-----w- c:\windows\system32\QuickTime
2010-01-13 10:37 . 2010-01-13 10:37 -------- d-----w- c:\documents and settings\All Users\Application Data\QuickTime
2010-01-13 10:34 . 2010-01-13 10:34 -------- d-----w- c:\documents and settings\All Users\Application Data\Adobe Systems
2010-01-13 10:33 . 2010-01-13 10:33 -------- d-----w- c:\program files\Common Files\Adobe Systems Shared
2010-01-13 10:31 . 2010-01-13 10:31 -------- d-----w- c:\program files\Common Files\Adobe AIR
2010-01-13 10:30 . 2010-01-13 10:36 -------- d-----w- c:\program files\Common Files\Adobe
2010-01-13 10:30 . 2010-01-21 13:27 -------- d-----w- c:\documents and settings\Gardovic\Local Settings\Application Data\Adobe
2010-01-13 10:28 . 2003-06-18 16:31 18944 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\mdippr.dll
2010-01-13 10:28 . 2003-06-18 16:31 17920 ----a-w- c:\windows\system32\mdimon.dll
2010-01-13 10:27 . 2010-01-13 10:27 -------- d-----w- c:\program files\Common Files\L&H
2010-01-13 10:27 . 2010-01-13 10:27 -------- d-----w- c:\program files\Microsoft ActiveSync
2010-01-13 10:26 . 2010-01-13 10:26 -------- d-----w- c:\program files\Microsoft Works
2010-01-13 10:26 . 2010-01-13 10:27 -------- d-----w- c:\windows\SHELLNEW
2010-01-13 10:25 . 2010-01-13 10:25 -------- d-----w- c:\program files\Microsoft.NET
2010-01-13 10:23 . 2010-01-13 10:23 -------- d-----r- C:\MSOCache
2010-01-13 10:18 . 2010-01-13 10:18 -------- d-----w- c:\documents and settings\All Users\Application Data\CyberLink
2010-01-13 10:17 . 2010-01-13 10:17 -------- d-----w- c:\program files\CyberLink
2010-01-13 10:17 . 2010-01-13 10:17 -------- d-----w- c:\program files\Webteh
2010-01-13 10:16 . 2010-01-13 10:16 -------- d-----w- c:\program files\Google
2010-01-13 10:16 . 2010-01-13 10:16 -------- d-----w- c:\program files\Common Files\Skype
2010-01-13 10:16 . 2010-01-13 10:16 -------- d-----r- c:\program files\Skype
2010-01-13 10:15 . 2010-01-13 10:16 -------- d-----w- c:\documents and settings\All Users\Application Data\Skype
2010-01-13 10:15 . 2008-10-02 09:07 453152 ----a-w- c:\windows\system32\NVUNINST.EXE
2010-01-13 10:14 . 2010-01-13 11:25 -------- d-----w- C:\NVIDIA
2010-01-13 10:14 . 2009-08-04 14:00 2180352 -c----w- c:\windows\system32\dllcache\ntoskrnl.exe
2010-01-13 10:14 . 2009-08-04 13:58 2136064 -c----w- c:\windows\system32\dllcache\ntkrnlmp.exe
2010-01-13 10:14 . 2009-08-04 13:13 2015744 -c----w- c:\windows\system32\dllcache\ntkrpamp.exe
2010-01-13 10:14 . 2009-08-04 13:13 2057728 -c----w- c:\windows\system32\dllcache\ntkrnlpa.exe
2010-01-13 10:10 . 2005-09-01 10:03 5888 ------w- c:\windows\system32\drivers\imagedrv.sys
2010-01-13 10:10 . 2005-09-01 10:03 127488 ------w- c:\windows\system32\drivers\imagesrv.sys
2010-01-13 10:09 . 2004-07-09 07:43 364544 ------w- c:\windows\system32\TwnLib4.dll
2010-01-13 10:09 . 2000-06-26 09:45 106496 ----a-w- c:\windows\system32\TwnLib20.dll
2010-01-13 10:09 . 2010-01-13 10:09 -------- d-----w- c:\program files\Common Files\Ahead

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-01-15 09:18 . 2010-01-13 09:16 86327 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2010-01-13 11:22 . 2010-01-13 09:35 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-01-13 11:22 . 2010-01-13 09:35 -------- d-----w- c:\program files\Common Files\InstallShield
2010-01-13 09:39 . 2010-01-13 09:39 -------- d-----w- c:\program files\Envy24 Family Audio Controller
2010-01-13 09:35 . 2010-01-13 09:35 -------- d-----w- c:\program files\Intel
2010-01-13 09:17 . 2010-01-13 09:17 -------- d-----w- c:\program files\microsoft frontpage
2010-01-13 09:13 . 2010-01-13 09:13 21640 ----a-w- c:\windows\system32\emptyregdb.dat
.

((((((((((((((((((((((((((((( SnapShot@2010-01-22_12.18.28 )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-01-25 06:30 . 2010-01-25 06:30 16384 c:\windows\Temp\Perflib_Perfdata_5ac.dat
+ 2009-07-26 15:44 . 2009-07-26 15:44 48448 c:\windows\system32\sirenacm.dll
+ 1999-01-12 10:35 . 1999-01-12 10:35 53760 c:\windows\speech\WrapSAPI.dll
+ 2010-01-22 13:24 . 2010-01-22 13:24 22016 c:\windows\Installer\36f95.msi
+ 2010-01-22 13:24 . 2010-01-22 13:24 27136 c:\windows\Installer\36f7f.msi
+ 2010-01-22 13:23 . 2010-01-22 13:23 83456 c:\windows\Installer\36f63.msi
+ 2010-01-22 13:23 . 2010-01-22 13:23 58880 c:\windows\Installer\36f5c.msi
+ 2010-01-22 13:24 . 2010-01-22 13:24 62304 c:\windows\Installer\{F6BD194C-4190-4D73-B1B1-C48C99921BFE}\IconWlc.exe
+ 2010-01-22 13:24 . 2010-01-22 13:24 80395 c:\windows\Installer\{A85FD55B-891B-4314-97A5-EA96C0BD80B5}\MsblIco.Exe
+ 2010-01-22 13:25 . 2010-01-22 13:25 58945 c:\windows\Installer\{6412CECE-8172-4BE5-935B-6CECACD2CA87}\wlmail.exe
+ 1999-01-12 10:39 . 1999-01-12 10:39 6656 c:\windows\delttsul.exe
+ 2007-11-07 00:19 . 2007-11-07 00:19 655872 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_d08d0375\msvcr90.dll
+ 2007-11-07 00:19 . 2007-11-07 00:19 568832 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_d08d0375\msvcp90.dll
+ 2007-11-06 19:23 . 2007-11-06 19:23 224768 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_d08d0375\msvcm90.dll
+ 2010-01-13 09:56 . 2010-01-22 13:42 349792 c:\windows\system32\FNTCACHE.DAT
+ 1999-01-12 14:19 . 1999-01-12 14:19 195584 c:\windows\speech\Xvoice.dll
+ 1999-01-12 14:19 . 1999-01-12 14:19 203776 c:\windows\speech\XTel.Dll
+ 1999-01-12 14:19 . 1999-01-12 14:19 208896 c:\windows\speech\Xlisten.dll
+ 1999-01-12 14:19 . 1999-01-12 14:19 128000 c:\windows\speech\Xcommand.dll
+ 1999-01-12 14:19 . 1999-01-12 14:19 173056 c:\windows\speech\VText.dll
+ 1999-01-12 14:19 . 1999-01-12 14:19 179712 c:\windows\speech\Vdict.dll
+ 1999-01-12 14:19 . 1999-01-12 14:19 156160 c:\windows\speech\vcmshl.dll
+ 1999-01-12 14:09 . 1999-01-12 14:09 380928 c:\windows\speech\vcmd.exe
+ 1999-01-12 14:19 . 1999-01-12 14:19 562176 c:\windows\speech\speech.dll
+ 1999-01-12 14:19 . 1999-01-12 14:19 248832 c:\windows\speech\spchtel.dll
+ 2010-01-22 13:25 . 2010-01-22 13:25 735744 c:\windows\Installer\36f9c.msi
+ 2010-01-22 13:24 . 2010-01-22 13:24 430080 c:\windows\Installer\36f8e.msi
+ 2010-01-22 13:24 . 2010-01-22 13:24 155648 c:\windows\Installer\36f86.msi
+ 2010-01-22 13:24 . 2010-01-22 13:24 140288 c:\windows\Installer\36f78.msi
+ 2010-01-22 13:24 . 2010-01-22 13:24 202752 c:\windows\Installer\36f71.msi
+ 2010-01-22 13:24 . 2010-01-22 13:24 152576 c:\windows\Installer\36f6a.msi
+ 2010-01-22 13:23 . 2010-01-22 13:23 107008 c:\windows\Installer\36f55.msi
+ 2010-01-22 13:23 . 2010-01-22 13:23 301056 c:\windows\Installer\36f4e.msi
+ 2004-08-04 01:07 . 2009-08-04 14:00 2180352 c:\windows\system32\ntoskrnl.exe
+ 2004-08-03 22:59 . 2009-08-04 13:13 2057728 c:\windows\system32\ntkrnlpa.exe
+ 2010-01-13 10:14 . 2009-08-04 14:00 2180352 c:\windows\Driver Cache\i386\ntoskrnl.exe
+ 2010-01-13 10:14 . 2009-08-04 13:13 2015744 c:\windows\Driver Cache\i386\ntkrpamp.exe
+ 2010-01-13 10:14 . 2009-08-04 13:13 2057728 c:\windows\Driver Cache\i386\ntkrnlpa.exe
+ 2010-01-13 10:14 . 2009-08-04 13:58 2136064 c:\windows\Driver Cache\i386\ntkrnlmp.exe
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Messenger (Yahoo!)"="c:\progra~1\Yahoo!\Messenger\YahooMessenger.exe" [2009-11-10 5244216]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856]
"ACMS__MiniRecnik"="c:\program files\Mini recnik\Recnik.exe" [2006-01-15 2793984]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-04 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2004-11-02 32768]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2010-01-13 98304]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-11-24 81000]
"ISUSPM Startup"="c:\program files\Common Files\InstallShield\UpdateService\isuspm.exe" [2005-08-11 249856]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2005-08-11 81920]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2004-07-15 4112384]
"nwiz"="nwiz.exe" [2004-07-15 843776]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2004-07-15 81920]

c:\documents and settings\Gardovic\Start Menu\Programs\Startup\
Adobe Gamma.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-3-16 113664]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
McAfee Security Scan.lnk - c:\program files\McAfee Security Scan\1.0.150\SSScheduler.exe [2009-7-28 199184]

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=

R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [13.1.2010 11:58 114768]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [13.1.2010 11:58 20560]
R3 Envy24HFS;ICE Envy24 Family Audio Controller WDM V1.01 (Envy24HT-S Eval. Only);c:\windows\system32\drivers\Envy24HF.sys [13.1.2010 10:39 561144]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.ba/
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
FF - ProfilePath - c:\documents and settings\Gardovic\Application Data\Mozilla\Firefox\Profiles\vdtx05ww.default\

---- FIREFOX POLICIES ----
FF - user.js: yahoo.ytff.general.dontshowhpoffer - true.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-01-25 07:30
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'explorer.exe'(2592)
c:\windows\system32\ieframe.dll
c:\windows\system32\msi.dll
c:\windows\system32\webcheck.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Alwil Software\Avast4\aswUpdSv.exe
c:\program files\Alwil Software\Avast4\ashServ.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\windows\system32\nvsvc32.exe
c:\windows\system32\RUNDLL32.EXE
c:\program files\Yahoo!\SoftwareUpdate\YahooAUService.exe
c:\program files\Alwil Software\Avast4\ashMaiSv.exe
c:\program files\Alwil Software\Avast4\ashWebSv.exe
c:\progra~1\Yahoo!\Messenger\ymsgr_tray.exe
.
**************************************************************************
.
Completion time: 2010-01-25 07:34:11 - machine was rebooted
ComboFix-quarantined-files.txt 2010-01-25 06:34
ComboFix2.txt 2010-01-22 12:22

Pre-Run: 21.361.385.472 bytes free
Post-Run: 21.446.680.576 bytes free

- - End Of File - - 4BD5EBFA28E2F049773B8D830396E077

diarno · Anti Malware Fighter Rank 1

To bi bilo to

Potrebno je deinstalirati ComboFix:

klikni start (ili ), a zatim RUN.

Na Visti koristiti Start Search polje ukoliko Run nije dostupan.
U liniju za unos teksta ukucaj (iskopiraj) sledeće:
ComboFix /Uninstall

Primeti da postoji razmak između "ComboFix" i "/Uninstall".
a zatim klikni OK (ili pritisni Enter).

Sačekaj da se proces deinstalacije završi.

Vesti

Ne mogu da otvorim microsoftov sajt