Ne mogu da otvorim microsoftov sajt

Ne mogu da otvorim microsoftov sajt

offline
  • Pridružio: 13 Apr 2008
  • Poruke: 79
  • Gde živiš: Republika Srpska

Cao,

Imam problem ne mogu ni sa jednim pretrazivacem da otvorim nijedan microsoft sajt. Pomoc?

Pozdrav

offline
  • diarno  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 15 Jun 2007
  • Poruke: 5572

http://www.mycity.rs/Ambulanta/Kako-otvoriti-temu-u-Ambulanti.html

offline
  • Pridružio: 13 Apr 2008
  • Poruke: 79
  • Gde živiš: Republika Srpska

Napisano: 22 Jan 2010 9:23

DDS (Ver_09-12-01.01) - NTFSx86
Run by Gardovic at 9:15:50,93 on pet 22.01.2010
Internet Explorer: 8.0.6001.18702
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.1023.442 [GMT 1:00]

AV: avast! antivirus 4.8.1368 [VPS 100122-0] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\QuickTime\qttask.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\McAfee Security Scan\1.0.150\SSScheduler.exe
C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Autodesk Shared\WSCommCntr1.exe
C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
C:\Program Files\AutoCAD 2009\acad.exe
C:\DOCUME~1\Gardovic\LOCALS~1\Temp\AdskCleanup.0001
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\Gardovic\Desktop\dds.com

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.google.ba/
uSearch Page = hxxp://www.google.com
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
mSearchAssistant = hxxp://www.google.com/ie
uURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\progra~1\yahoo!\companion\installs\cpn\yt.dll
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\progra~1\yahoo!\companion\installs\cpn\yt.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Skype add-on (mastermind): {22bf413b-c6d2-4d91-82a9-a0f997ba588c} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.4.4525.1752\swg.dll
BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - c:\progra~1\yahoo!\companion\installs\cpn\YTSingleInstance.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\progra~1\yahoo!\companion\installs\cpn\yt.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background
uRun: [Messenger (Yahoo!)] "c:\progra~1\yahoo!\messenger\YahooMessenger.exe" -quiet
mRun: [NeroFilterCheck] c:\windows\system32\NeroCheck.exe
mRun: [RemoteControl] "c:\program files\cyberlink\powerdvd\PDVDServ.exe"
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [avast!] c:\progra~1\alwils~1\avast4\ashDisp.exe
mRun: [ISUSPM Startup] "c:\program files\common files\installshield\updateservice\isuspm.exe" -startup
mRun: [ISUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [nwiz] nwiz.exe /install
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
StartupFolder: c:\docume~1\gardovic\startm~1\programs\startup\adobeg~1.lnk - c:\program files\common files\adobe\calibration\Adobe Gamma Loader.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\mcafee~1.lnk - c:\program files\mcafee security scan\1.0.150\SSScheduler.exe
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {5067A26B-1337-4436-8AFE-EE169C2DA79F} - {77BF5300-1474-4EC7-9980-D32B190E9B07} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dll
IE: {77BF5300-1474-4EC7-9980-D32B190E9B07} - {77BF5300-1474-4EC7-9980-D32B190E9B07} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\gardovic\applic~1\mozilla\firefox\profiles\vdtx05ww.default\

---- FIREFOX POLICIES ----
FF - user.js: yahoo.ytff.general.dontshowhpoffer - truec:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);

============= SERVICES / DRIVERS ===============

R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2010-1-13 114768]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2010-1-13 20560]
R2 avast! Antivirus;avast! Antivirus;c:\program files\alwil software\avast4\ashServ.exe [2010-1-13 138680]
R3 Envy24HFS;ICE Envy24 Family Audio Controller WDM V1.01 (Envy24HT-S Eval. Only);c:\windows\system32\drivers\Envy24HF.sys [2010-1-13 561144]
S2 lzamom;Universal Server;c:\windows\system32\svchost.exe -k netsvcs [2004-8-4 14336]
S2 wuzawqan;exbbc;c:\windows\system32\svchost.exe -k netsvcs [2004-8-4 14336]
S3 avast! Mail Scanner;avast! Mail Scanner;c:\program files\alwil software\avast4\ashMaiSv.exe [2010-1-13 254040]
S3 avast! Web Scanner;avast! Web Scanner;c:\program files\alwil software\avast4\ashWebSv.exe [2010-1-13 352920]
S3 xvvxsrqne;xvvxsrqne;\??\c:\windows\system32\03a.tmp --> c:\windows\system32\03A.tmp [?]

=============== Created Last 30 ================

2010-01-21 11:15:50 0 d-----w- c:\program files\Spybot - Search & Destroy
2010-01-21 11:15:50 0 d-----w- c:\docume~1\alluse~1\applic~1\Spybot - Search & Destroy
2010-01-21 11:07:25 0 d-----w- c:\program files\Includes
2010-01-21 10:59:35 69 ----a-w- c:\windows\NeroDigital.ini
2010-01-21 10:21:38 0 d-sh--w- c:\documents and settings\gardovic\IECompatCache
2010-01-21 10:20:54 0 d-sh--w- c:\documents and settings\gardovic\PrivacIE
2010-01-21 10:19:37 0 d-sh--w- c:\documents and settings\gardovic\IETldCache
2010-01-21 10:15:26 0 dc-h--w- c:\windows\ie8
2010-01-21 10:15:04 0 d--h--w- c:\windows\msdownld.tmp
2010-01-21 08:37:49 0 d-----w- c:\windows\SxsCaPendDel
2010-01-21 08:33:46 0 d-----w- c:\program files\Yahoo!
2010-01-21 08:23:16 0 d-----w- c:\program files\uTorrent
2010-01-21 08:21:49 0 d-----w- c:\docume~1\gardovic\applic~1\uTorrent
2010-01-21 07:12:51 56 ---ha-w- c:\windows\system32\ezsidmv.dat
2010-01-20 09:33:09 0 d-----w- c:\docume~1\alluse~1\applic~1\McAfee Security Scan
2010-01-20 09:33:08 0 d-----w- c:\program files\McAfee Security Scan
2010-01-13 11:25:31 172032 ----a-w- c:\windows\system32\nvudisp.exe
2010-01-13 11:25:31 13474 ----a-w- c:\windows\system32\nvdisp.nvu
2010-01-13 11:25:31 0 d-----w- c:\windows\nview
2010-01-13 11:22:35 0 d-----w- c:\program files\ASUSTeK
2010-01-13 11:21:00 11264 ------r- c:\windows\system32\drivers\EIO.sys
2010-01-13 11:12:10 2568 --sha-w- c:\windows\system32\KGyGaAvL.sys
2010-01-13 11:09:17 0 d-----w- c:\program files\Corel
2010-01-13 11:09:17 0 d-----w- c:\program files\common files\Corel
2010-01-13 10:58:04 499712 ----a-w- c:\windows\system32\MSVCP71.dll
2010-01-13 10:58:04 1060864 ----a-w- c:\windows\system32\MFC71.dll
2010-01-13 10:48:16 0 d-----w- c:\program files\common files\Autodesk Shared
2010-01-13 10:48:16 0 d-----w- c:\program files\AutoCAD 2009
2010-01-13 10:48:16 0 d-----w- c:\docume~1\gardovic\applic~1\Autodesk
2010-01-13 10:47:53 3727720 ----a-w- c:\windows\system32\d3dx9_35.dll
2010-01-13 10:43:44 0 d-----w- c:\windows\system32\XPSViewer
2010-01-13 10:43:00 14048 ------w- c:\windows\system32\spmsg2.dll
2010-01-13 10:38:18 86016 ----a-w- c:\windows\unvise32qt.exe
2010-01-13 10:37:55 0 d-----w- c:\windows\system32\QuickTime
2010-01-13 10:33:35 0 d-----w- c:\program files\common files\Adobe Systems Shared
2010-01-13 10:28:49 376 ----a-w- c:\windows\ODBC.INI
2010-01-13 10:28:42 17920 ----a-w- c:\windows\system32\mdimon.dll
2010-01-13 10:27:40 0 d-----w- c:\program files\common files\L&H
2010-01-13 10:27:18 0 d-----w- c:\program files\Microsoft ActiveSync
2010-01-13 10:26:27 0 d-----w- c:\windows\SHELLNEW
2010-01-13 10:17:11 0 d-----w- c:\program files\Webteh
2010-01-13 10:16:06 0 d-----r- c:\program files\Skype
2010-01-13 10:15:21 453152 ----a-w- c:\windows\system32\NVUNINST.EXE
2010-01-13 10:14:46 0 d-----w- C:\NVIDIA
2010-01-13 10:10:08 5888 ------w- c:\windows\system32\drivers\imagedrv.sys
2010-01-13 10:10:08 127488 ------w- c:\windows\system32\drivers\imagesrv.sys
2010-01-13 10:09:49 364544 ------w- c:\windows\system32\TwnLib4.dll
2010-01-13 10:09:49 106496 ----a-w- c:\windows\system32\TwnLib20.dll
2010-01-13 10:09:48 476320 ------w- c:\windows\system32\ImagXpr7.dll
2010-01-13 10:09:48 471040 ------w- c:\windows\system32\ImagXRA7.dll
2010-01-13 10:09:48 262144 ------w- c:\windows\system32\ImagXR7.dll
2010-01-13 10:09:48 1568768 ------w- c:\windows\system32\ImagX7.dll
2010-01-13 10:09:48 155648 ----a-w- c:\windows\system32\NeroCheck.exe
2010-01-13 10:08:58 0 d-----w- c:\windows\system32\PreInstall
2010-01-13 10:08:54 26144 ----a-w- c:\windows\system32\spupdsvc.exe
2010-01-13 10:08:52 0 d--h--w- c:\windows\$hf_mig$
2010-01-13 10:08:40 0 d-----w- c:\program files\MSECache
2010-01-13 10:08:30 421888 ----a-w- c:\windows\system32\ac3filter.acm
2010-01-13 10:08:24 0 d-----w- c:\program files\XP Codec Pack
2010-01-13 10:03:42 0 d-----w- c:\windows\system32\SoftwareDistribution
2010-01-13 10:00:46 21504 ----a-w- c:\windows\system32\hidserv.dll
2010-01-13 10:00:20 57472 ----a-w- c:\windows\system32\drivers\redbook.sys
2010-01-13 10:00:13 60288 -c--a-w- c:\windows\system32\dllcache\drmk.sys
2010-01-13 10:00:13 60288 ----a-w- c:\windows\system32\drivers\drmk.sys
2010-01-13 10:00:13 4096 -c--a-w- c:\windows\system32\dllcache\ksuser.dll
2010-01-13 10:00:13 4096 ----a-w- c:\windows\system32\ksuser.dll
2010-01-13 10:00:13 2944 ----a-w- c:\windows\system32\drivers\msmpu401.sys
2010-01-13 10:00:13 145792 -c--a-w- c:\windows\system32\dllcache\portcls.sys
2010-01-13 10:00:13 145792 ----a-w- c:\windows\system32\drivers\portcls.sys
2010-01-13 10:00:13 130048 -c--a-w- c:\windows\system32\dllcache\ksproxy.ax
2010-01-13 10:00:13 130048 ----a-w- c:\windows\system32\ksproxy.ax
2010-01-13 10:00:11 10624 ----a-w- c:\windows\system32\drivers\gameenum.sys
2010-01-13 09:57:46 0 d-----w- c:\program files\common files\ODBC
2010-01-13 09:57:43 0 d-----w- c:\program files\common files\SpeechEngines
2010-01-13 09:57:13 0 d-----r- c:\documents and settings\all users\Documents
2010-01-13 09:39:08 0 d-----w- c:\program files\Envy24 Family Audio Controller
2010-01-13 09:16:28 0 d-sh--w- c:\documents and settings\all users\DRM
2010-01-13 09:16:05 0 d--h--w- c:\program files\WindowsUpdate
2010-01-13 09:14:58 0 d-----w- c:\program files\common files\MSSoap
2010-01-13 09:13:25 0 d-----w- c:\program files\Online Services
2010-01-13 09:13:19 0 d-----w- c:\program files\Messenger
2010-01-13 09:13:15 0 d-----w- c:\program files\MSN Gaming Zone
2010-01-13 09:12:30 0 d-----w- c:\program files\Windows NT

==================== Find3M ====================

2010-01-13 09:13:53 21640 ----a-w- c:\windows\system32\emptyregdb.dat
2004-08-04 01:07:00 168509 --sha-r- c:\windows\system32\aoqfwimp.dll

============= FINISH: 9:16:13,95 ===============



mycity.rs/must-login.png

mycity.rs/must-login.png

Dopuna: 22 Jan 2010 10:00



Dopuna: 22 Jan 2010 10:29

mycity.rs/must-login.png

mycity.rs/must-login.png

Dopuna: 22 Jan 2010 10:30

mycity.rs/must-login.png

offline
  • diarno  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 15 Jun 2007
  • Poruke: 5572

Preuzmi sUBs-ov ComboFix sa sledeće adrese na Desktop:


Bleeping Computer
Klikni desnim tasterom na link i odaberi opciju Save Target As... (Save Link As..., Save Linked Content As... ili sličnu);
Kada se otvori dijalog za izbor lokacije na kojoj treba sačuvati file, odaberi Desktop i klikni Save.




Kada preuzimanje programa bude završeno:
deaktiviraj zaštitni softver (uputstvo);
zatvori pokrenute programe;
dvoklikom pokreni program ComboFix.

U toku rada, ComboFix će:proveriti postoji li novija verzija programa:
klikni Yes ako bude ponuđeno preuzimanje iste.
prikazati DISCLAIMER OF WARRANTY ON SOFTWARE:
klikni Yes kako bi proces bio nastavljen.
ako Recovery Console nije instalirana, ponuditi instalaciju:
obavezno prihvati klikom na Yes i isprati postupak.
postaviti/dati određeni broj upita/obaveštenja:
prihvati klikom na Yes ili OK.
po potrebi, restartovati Windows (više puta);
na kraju rada, otvoriti Notepad sa izveštajem o skeniranju.


Iskopiraj izveštaj koji je ComboFix napravio u temu na forumu:
klikni desnim tasterom miša u prozor Notepad-a i izaberi Select All;
klikni desnim tasterom miša na obeleženi tekst i izaberi Copy;
klikni desnim tasterom miša u polje za pisanje poruke i izaberi Paste.


Napomena:Izveštaj će biti sačuvan pod nazivom ComboFix.txt na sistemskoj particiji (tipična lokacija: C:\ComboFix.txt);
Ukoliko nakon slanja poruke primetiš da izveštaj nije kompletan, iskoristi opciju Prikači fajl za prilaganje file-a C:\ComboFix.txt uz poruku.

offline
  • Pridružio: 13 Apr 2008
  • Poruke: 79
  • Gde živiš: Republika Srpska

Napisano: 22 Jan 2010 13:28

ComboFix 10-01-21.07 - Gardovic 22.01.2010 12:55:20.1.1 - x86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.1023.608 [GMT 1:00]
Running from: c:\documents and settings\Gardovic\Desktop\ComboFix.exe
AV: avast! antivirus 4.8.1368 [VPS 100122-0] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\system32\aoqfwimp.dll
c:\windows\system32\e1000msg.dll

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_lzamom
-------\Legacy_wuzawqan
-------\Service_lzamom
-------\Service_wuzawqan


((((((((((((((((((((((((( Files Created from 2009-12-22 to 2010-01-22 )))))))))))))))))))))))))))))))
.

2010-01-22 09:33 . 2010-01-22 09:33 -------- d-----w- c:\documents and settings\All Users\Application Data\McAfee
2010-01-21 12:26 . 2010-01-21 12:26 -------- d-sh--w- c:\documents and settings\NetworkService\IETldCache
2010-01-21 12:25 . 2010-01-21 12:25 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Mozilla
2010-01-21 12:25 . 2010-01-21 12:25 -------- d-sh--w- c:\documents and settings\Administrator\IETldCache
2010-01-21 11:15 . 2010-01-21 11:23 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2010-01-21 11:15 . 2010-01-21 11:18 -------- d-----w- c:\program files\Spybot - Search & Destroy
2010-01-21 11:07 . 2010-01-21 11:07 -------- d-----w- c:\program files\Includes
2010-01-21 10:59 . 2010-01-21 10:59 -------- d-----w- c:\documents and settings\Gardovic\Application Data\Media Player Classic
2010-01-21 10:38 . 2010-01-21 10:38 -------- d-sh--w- c:\documents and settings\Razvoj\PrivacIE
2010-01-21 10:38 . 2010-01-21 10:38 -------- d-----w- c:\documents and settings\Razvoj\Local Settings\Application Data\Yahoo
2010-01-21 10:38 . 2010-01-21 10:38 -------- d-----w- c:\documents and settings\Razvoj\Application Data\Yahoo!
2010-01-21 10:38 . 2010-01-21 10:38 -------- d-sh--w- c:\documents and settings\Razvoj\IETldCache
2010-01-21 10:21 . 2010-01-21 10:21 -------- d-sh--w- c:\documents and settings\Gardovic\IECompatCache
2010-01-21 10:20 . 2010-01-21 10:20 -------- d-sh--w- c:\documents and settings\Gardovic\PrivacIE
2010-01-21 10:19 . 2010-01-21 10:19 -------- d-sh--w- c:\documents and settings\Gardovic\IETldCache
2010-01-21 10:15 . 2010-01-21 10:17 -------- dc-h--w- c:\windows\ie8
2010-01-21 10:15 . 2010-01-21 10:17 -------- d--h--w- c:\windows\msdownld.tmp
2010-01-21 08:40 . 2010-01-21 09:08 -------- d-----w- c:\documents and settings\Gardovic\Local Settings\Application Data\Yahoo
2010-01-21 08:38 . 2010-01-21 09:08 -------- d-----w- c:\documents and settings\All Users\Application Data\Yahoo! Companion
2010-01-21 08:38 . 2010-01-21 08:40 -------- d-----w- c:\documents and settings\Gardovic\Application Data\Yahoo!
2010-01-21 08:38 . 2009-11-10 13:39 607472 ----a-w- c:\documents and settings\All Users\Application Data\Yahoo!\YUpdater\yupdater.exe
2010-01-21 08:38 . 2010-01-21 08:38 -------- d-----w- c:\documents and settings\All Users\Application Data\Yahoo!
2010-01-21 08:37 . 2010-01-21 09:05 -------- d-----w- c:\windows\SxsCaPendDel
2010-01-21 08:33 . 2010-01-21 08:38 -------- d-----w- c:\program files\Yahoo!
2010-01-21 08:23 . 2010-01-21 08:23 -------- d-----w- c:\program files\uTorrent
2010-01-21 08:21 . 2010-01-21 09:04 -------- d-----w- c:\documents and settings\Gardovic\Application Data\uTorrent
2010-01-21 07:12 . 2010-01-21 07:12 56 ---ha-w- c:\windows\system32\ezsidmv.dat
2010-01-21 07:12 . 2010-01-21 07:12 -------- d-----w- c:\documents and settings\Gardovic\Application Data\skypePM
2010-01-20 12:59 . 2010-01-20 12:59 -------- d-----w- c:\documents and settings\Gardovic\Local Settings\Application Data\Identities
2010-01-20 09:33 . 2010-01-20 09:33 -------- d-----w- c:\documents and settings\All Users\Application Data\McAfee Security Scan
2010-01-20 09:33 . 2010-01-20 09:33 -------- d-----w- c:\program files\McAfee Security Scan
2010-01-19 08:00 . 2010-01-19 08:00 1956072 ----a-w- c:\documents and settings\Razvoj\Application Data\Macromedia\Flash Player\www.macromedia.com\bin\fpupdateax\fpupdateax.exe
2010-01-18 11:32 . 2010-01-19 08:09 -------- d-----w- c:\documents and settings\Razvoj\Local Settings\Application Data\Identities
2010-01-18 10:27 . 2010-01-21 10:38 -------- d-----w- c:\documents and settings\Razvoj\Local Settings\Application Data\Google
2010-01-15 06:01 . 2010-01-15 06:01 152576 ----a-w- c:\documents and settings\Razvoj\Application Data\Sun\Java\jre1.6.0_17\lzma.dll
2010-01-15 06:00 . 2010-01-15 06:00 79488 ----a-w- c:\documents and settings\Razvoj\Application Data\Sun\Java\jre1.6.0_17\gtapi.dll
2010-01-13 12:11 . 2010-01-13 12:11 -------- d-----w- c:\documents and settings\Razvoj\Application Data\Corel
2010-01-13 12:02 . 2010-01-13 12:02 -------- d-----w- c:\documents and settings\Razvoj\Local Settings\Application Data\Mozilla
2010-01-13 11:59 . 2010-01-13 11:59 100280 ----a-w- c:\documents and settings\Razvoj\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2010-01-13 11:59 . 2010-01-15 12:57 -------- d-----w- c:\documents and settings\Razvoj\Application Data\Autodesk
2010-01-13 11:59 . 2010-01-13 11:59 -------- d-----w- c:\documents and settings\Razvoj\Local Settings\Application Data\Autodesk
2010-01-13 11:55 . 2010-01-14 07:31 -------- d-----w- c:\documents and settings\Razvoj\Local Settings\Application Data\Adobe
2010-01-13 11:33 . 2010-01-13 11:33 0 ----a-w- c:\windows\nsreg.dat
2010-01-13 11:33 . 2010-01-13 11:33 -------- d-----w- c:\documents and settings\Gardovic\Local Settings\Application Data\Mozilla
2010-01-13 11:31 . 2010-01-21 10:20 -------- d-----w- c:\documents and settings\Gardovic\Local Settings\Application Data\Google
2010-01-13 11:25 . 2010-01-13 11:27 -------- d-----w- c:\windows\nview
2010-01-13 11:25 . 2004-07-15 10:42 172032 ----a-w- c:\windows\system32\nvudisp.exe
2010-01-13 11:22 . 2010-01-13 11:22 -------- d-----w- c:\program files\ASUSTeK
2010-01-13 11:21 . 2006-02-08 08:26 11264 ------r- c:\windows\system32\drivers\EIO.sys
2010-01-13 11:12 . 2010-01-20 12:38 2568 --sha-w- c:\windows\system32\KGyGaAvL.sys
2010-01-13 11:11 . 2010-01-13 11:11 -------- d-----w- c:\documents and settings\Gardovic\Application Data\Corel
2010-01-13 11:11 . 2010-01-13 11:11 -------- d-----w- c:\documents and settings\All Users\Application Data\InstallShield
2010-01-13 11:11 . 2010-01-13 11:11 65536 ----a-r- c:\documents and settings\Gardovic\Application Data\Microsoft\Installer\{F428D0FB-765D-40EB-BDD8-A1E7F5C597FA}\Shortcut0.C3A146F5_4B48_11D5_A819_00B0D0428C0C.exe
2010-01-13 11:11 . 2010-01-13 11:11 10134 ----a-r- c:\documents and settings\Gardovic\Application Data\Microsoft\Installer\{F428D0FB-765D-40EB-BDD8-A1E7F5C597FA}\ARPPRODUCTICON.exe
2010-01-13 11:09 . 2010-01-13 11:09 -------- d-----w- c:\program files\Corel
2010-01-13 11:09 . 2010-01-13 11:09 -------- d-----w- c:\program files\Common Files\Corel
2010-01-13 11:03 . 2010-01-21 07:58 -------- d-----w- c:\documents and settings\Gardovic\Application Data\Skype
2010-01-13 10:58 . 2009-11-24 23:48 23120 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2010-01-13 10:58 . 2009-11-24 23:49 48560 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2010-01-13 10:58 . 2009-11-24 23:47 27408 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2010-01-13 10:58 . 2009-11-24 23:47 97480 ----a-w- c:\windows\system32\AvastSS.scr
2010-01-13 10:58 . 2009-09-15 11:55 114768 ----a-w- c:\windows\system32\drivers\aswSP.sys
2010-01-13 10:58 . 2009-09-15 11:55 20560 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2010-01-13 10:58 . 2009-11-24 23:51 93424 ----a-w- c:\windows\system32\drivers\aswmon.sys
2010-01-13 10:58 . 2009-09-15 11:56 94160 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2010-01-13 10:58 . 2009-11-24 23:54 1280480 ----a-w- c:\windows\system32\aswBoot.exe
2010-01-13 10:58 . 2003-03-18 21:20 1060864 ----a-w- c:\windows\system32\MFC71.dll
2010-01-13 10:58 . 2003-03-18 20:14 499712 ----a-w- c:\windows\system32\MSVCP71.dll
2010-01-13 10:58 . 2010-01-13 10:58 -------- d-----w- c:\program files\Alwil Software
2010-01-13 10:48 . 2010-01-21 10:01 -------- d-----w- c:\documents and settings\Gardovic\Application Data\Autodesk
2010-01-13 10:48 . 2010-01-15 12:57 -------- d-----w- c:\documents and settings\All Users\Application Data\Autodesk
2010-01-13 10:48 . 2010-01-13 10:52 -------- d-----w- c:\program files\Common Files\Autodesk Shared
2010-01-13 10:48 . 2010-01-13 10:51 -------- d-----w- c:\program files\AutoCAD 2009
2010-01-13 10:48 . 2010-01-13 10:48 -------- d-----w- c:\documents and settings\Gardovic\Local Settings\Application Data\Autodesk
2010-01-13 10:47 . 2007-07-19 17:14 3727720 ----a-w- c:\windows\system32\d3dx9_35.dll
2010-01-13 10:47 . 2010-01-13 10:47 -------- d-----w- c:\program files\MSBuild
2010-01-13 10:47 . 2010-01-21 12:23 727776 ----a-w- c:\documents and settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
2010-01-13 10:43 . 2010-01-13 10:43 -------- d-----w- c:\windows\system32\XPSViewer
2010-01-13 10:43 . 2010-01-13 10:43 -------- d-----w- c:\program files\Reference Assemblies
2010-01-13 10:43 . 2006-10-14 15:43 27648 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\filterpipelineprintproc.dll
2010-01-13 10:43 . 2006-06-29 12:07 14048 ------w- c:\windows\system32\spmsg2.dll
2010-01-13 10:38 . 1999-11-10 10:05 86016 ----a-w- c:\windows\unvise32qt.exe
2010-01-13 10:37 . 2010-01-13 10:38 -------- d-----w- c:\program files\QuickTime
2010-01-13 10:37 . 2010-01-13 10:38 -------- d-----w- c:\windows\system32\QuickTime
2010-01-13 10:37 . 2010-01-13 10:37 -------- d-----w- c:\documents and settings\All Users\Application Data\QuickTime
2010-01-13 10:34 . 2010-01-13 10:34 -------- d-----w- c:\documents and settings\All Users\Application Data\Adobe Systems
2010-01-13 10:33 . 2010-01-13 10:33 -------- d-----w- c:\program files\Common Files\Adobe Systems Shared
2010-01-13 10:31 . 2010-01-13 10:31 -------- d-----w- c:\program files\Common Files\Adobe AIR
2010-01-13 10:30 . 2010-01-13 10:36 -------- d-----w- c:\program files\Common Files\Adobe
2010-01-13 10:30 . 2010-01-21 13:27 -------- d-----w- c:\documents and settings\Gardovic\Local Settings\Application Data\Adobe
2010-01-13 10:28 . 2003-06-18 16:31 18944 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\mdippr.dll
2010-01-13 10:28 . 2003-06-18 16:31 17920 ----a-w- c:\windows\system32\mdimon.dll
2010-01-13 10:27 . 2010-01-13 10:27 -------- d-----w- c:\program files\Common Files\L&H
2010-01-13 10:27 . 2010-01-13 10:27 -------- d-----w- c:\program files\Microsoft ActiveSync
2010-01-13 10:26 . 2010-01-13 10:26 -------- d-----w- c:\program files\Microsoft Works
2010-01-13 10:26 . 2010-01-13 10:27 -------- d-----w- c:\windows\SHELLNEW
2010-01-13 10:25 . 2010-01-13 10:25 -------- d-----w- c:\program files\Microsoft.NET
2010-01-13 10:23 . 2010-01-13 10:23 -------- d-----r- C:\MSOCache
2010-01-13 10:18 . 2010-01-13 10:18 -------- d-----w- c:\documents and settings\All Users\Application Data\CyberLink
2010-01-13 10:17 . 2010-01-13 10:17 -------- d-----w- c:\program files\CyberLink
2010-01-13 10:17 . 2010-01-13 10:17 -------- d-----w- c:\program files\Webteh
2010-01-13 10:16 . 2010-01-13 10:16 -------- d-----w- c:\program files\Google
2010-01-13 10:16 . 2010-01-13 10:16 -------- d-----w- c:\program files\Common Files\Skype
2010-01-13 10:16 . 2010-01-13 10:16 -------- d-----r- c:\program files\Skype
2010-01-13 10:15 . 2010-01-13 10:16 -------- d-----w- c:\documents and settings\All Users\Application Data\Skype
2010-01-13 10:15 . 2008-10-02 09:07 453152 ----a-w- c:\windows\system32\NVUNINST.EXE
2010-01-13 10:14 . 2010-01-13 11:25 -------- d-----w- C:\NVIDIA
2010-01-13 10:10 . 2005-09-01 10:03 5888 ------w- c:\windows\system32\drivers\imagedrv.sys
2010-01-13 10:10 . 2005-09-01 10:03 127488 ------w- c:\windows\system32\drivers\imagesrv.sys
2010-01-13 10:09 . 2004-07-09 07:43 364544 ------w- c:\windows\system32\TwnLib4.dll
2010-01-13 10:09 . 2000-06-26 09:45 106496 ----a-w- c:\windows\system32\TwnLib20.dll
2010-01-13 10:09 . 2010-01-13 10:09 -------- d-----w- c:\program files\Common Files\Ahead
2010-01-13 10:09 . 2004-07-26 15:16 476320 ------w- c:\windows\system32\ImagXpr7.dll
2010-01-13 10:09 . 2004-07-26 15:16 471040 ------w- c:\windows\system32\ImagXRA7.dll
2010-01-13 10:09 . 2004-07-26 15:16 262144 ------w- c:\windows\system32\ImagXR7.dll
2010-01-13 10:09 . 2004-07-26 15:16 1568768 ------w- c:\windows\system32\ImagX7.dll
2010-01-13 10:09 . 2001-07-09 09:50 155648 ----a-w- c:\windows\system32\NeroCheck.exe
2010-01-13 10:09 . 2010-01-13 10:09 -------- d-----w- c:\program files\Ahead
2010-01-13 10:08 . 2009-01-07 17:21 26144 ----a-w- c:\windows\system32\spupdsvc.exe
2010-01-13 10:08 . 2010-01-13 10:15 -------- d--h--w- c:\windows\$hf_mig$
2010-01-13 10:08 . 2010-01-13 10:08 -------- d-----w- c:\program files\MSECache
2010-01-13 10:08 . 2010-01-13 10:08 -------- d-----w- c:\program files\XP Codec Pack
2010-01-13 10:07 . 2010-01-13 10:07 -------- d-----w- c:\program files\7-Zip
2010-01-13 10:02 . 2010-01-13 11:12 100280 ----a-w- c:\documents and settings\Gardovic\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2010-01-13 10:01 . 2004-08-03 23:07 6400 ----a-w- c:\windows\system32\drivers\splitter.sys

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-01-15 09:18 . 2010-01-13 09:16 86327 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2010-01-13 11:22 . 2010-01-13 09:35 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-01-13 11:22 . 2010-01-13 09:35 -------- d-----w- c:\program files\Common Files\InstallShield
2010-01-13 09:39 . 2010-01-13 09:39 -------- d-----w- c:\program files\Envy24 Family Audio Controller
2010-01-13 09:35 . 2010-01-13 09:35 -------- d-----w- c:\program files\Intel
2010-01-13 09:17 . 2010-01-13 09:17 -------- d-----w- c:\program files\microsoft frontpage
2010-01-13 09:13 . 2010-01-13 09:13 21640 ----a-w- c:\windows\system32\emptyregdb.dat
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2004-08-04 1667584]
"Messenger (Yahoo!)"="c:\progra~1\Yahoo!\Messenger\YahooMessenger.exe" [2009-11-10 5244216]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2004-11-02 32768]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2010-01-13 98304]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-11-24 81000]
"ISUSPM Startup"="c:\program files\Common Files\InstallShield\UpdateService\isuspm.exe" [2005-08-11 249856]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2005-08-11 81920]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2004-07-15 4112384]
"nwiz"="nwiz.exe" [2004-07-15 843776]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2004-07-15 81920]

c:\documents and settings\Gardovic\Start Menu\Programs\Startup\
Adobe Gamma.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-3-16 113664]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
McAfee Security Scan.lnk - c:\program files\McAfee Security Scan\1.0.150\SSScheduler.exe [2009-7-28 199184]

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"2909:TCP"= 2909:TCP:qefzpzba

R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [13.1.2010 11:58 114768]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [13.1.2010 11:58 20560]
R3 Envy24HFS;ICE Envy24 Family Audio Controller WDM V1.01 (Envy24HT-S Eval. Only);c:\windows\system32\drivers\Envy24HF.sys [13.1.2010 10:39 561144]
S2 lzamom;Universal Server;c:\windows\system32\svchost.exe -k netsvcs [4.8.2004 2:07 14336]
S2 wuzawqan;exbbc;c:\windows\system32\svchost.exe -k netsvcs [4.8.2004 2:07 14336]
S3 xvvxsrqne;xvvxsrqne;\??\c:\windows\system32\03A.tmp --> c:\windows\system32\03A.tmp [?]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
wuzawqan
lzamom
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.ba/
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
FF - ProfilePath - c:\documents and settings\Gardovic\Application Data\Mozilla\Firefox\Profiles\vdtx05ww.default\

---- FIREFOX POLICIES ----
FF - user.js: yahoo.ytff.general.dontshowhpoffer - true.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, gmer.net
Rootkit scan 2010-01-22 13:18
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\xvvxsrqne]
"ImagePath"="\??\c:\windows\system32\03A.tmp"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\lzamom]
"ServiceDll"="c:\windows\system32\aoqfwimp.dll"
--

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\wuzawqan]
"ServiceDll"="c:\windows\system32\aoqfwimp.dll"
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'explorer.exe'(3948-)
c:\windows\system32\msi.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Alwil Software\Avast4\aswUpdSv.exe
c:\program files\Alwil Software\Avast4\ashServ.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\windows\system32\nvsvc32.exe
c:\windows\system32\RUNDLL32.EXE
c:\program files\Yahoo!\SoftwareUpdate\YahooAUService.exe
c:\program files\Alwil Software\Avast4\ashMaiSv.exe
c:\program files\Alwil Software\Avast4\ashWebSv.exe
c:\progra~1\Yahoo!\Messenger\ymsgr_tray.exe
c:\windows\system32\wscntfy.exe
c:\windows\SoftwareDistribution\Download\8fa1ad7968e63408057364ad07aa482c\update\update.exe
.
**************************************************************************
.
Completion time: 2010-01-22 13:22:34 - machine was rebooted
ComboFix-quarantined-files.txt 2010-01-22 12:22

Pre-Run: 19.485.712.384 bytes free
Post-Run: 19.427.463.168 bytes free

WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect

- - End Of File - - 9FB70E4FE549594EE57208EE409955F4

Dopuna: 22 Jan 2010 14:40

Sad je sve superiska!!! Hvala ljudi puno...

offline
  • diarno  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 15 Jun 2007
  • Poruke: 5572

Nismo zavrsili :

Otvoriti Notepad i iskopirati sledeci tekst:

DDS::
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html

File::
c:\windows\system32\03A.tmp
c:\windows\system32\aoqfwimp.dll

NetSvc::
wuzawqan
lzamom

Driver::
wuzawqan
lzamom
xvvxsrqne

Registry::
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"2909:TCP"=-


Snimiti na Desktop fajl iz Notepada kao "CFScript"




Prevuci snimljeni skript/tekst na ComboFix ikonicu kao na slici.
Postaviti u sledecoj poruci log koji bude bio napravljen na kraju ciscenja/skeniranja.

offline
  • Pridružio: 13 Apr 2008
  • Poruke: 79
  • Gde živiš: Republika Srpska

ComboFix 10-01-24.03 - Gardovic 25.01.2010 7:23.2.1 - x86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.1023.584 [GMT 1:00]
Running from: c:\documents and settings\Gardovic\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\Gardovic\Desktop\CFScript.txt
AV: avast! antivirus 4.8.1368 [VPS 100124-1] *On-access scanning enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}

FILE ::
"c:\windows\system32\03A.tmp"
"c:\windows\system32\aoqfwimp.dll"
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_LZAMOM
-------\Legacy_WUZAWQAN
-------\Legacy_XVVXSRQNE
-------\Service_lzamom
-------\Service_wuzawqan
-------\Service_xvvxsrqne


((((((((((((((((((((((((( Files Created from 2009-12-25 to 2010-01-25 )))))))))))))))))))))))))))))))
.

2010-01-25 06:11 . 2009-08-06 18:23 274288 ----a-w- c:\windows\system32\mucltui.dll
2010-01-25 06:11 . 2009-08-06 18:23 215920 ----a-w- c:\windows\system32\muweb.dll
2010-01-22 14:02 . 2010-01-22 14:02 -------- d-----w- c:\windows\speech
2010-01-22 14:02 . 2010-01-22 14:02 -------- d-----w- c:\program files\Mini recnik
2010-01-22 13:25 . 2010-01-25 06:30 -------- d-----w- c:\documents and settings\Gardovic\Tracing
2010-01-22 13:24 . 2010-01-22 13:24 -------- d-----w- c:\program files\Microsoft
2010-01-22 13:24 . 2010-01-22 13:24 -------- d-----w- c:\program files\Windows Live SkyDrive
2010-01-22 13:23 . 2010-01-22 13:24 -------- d-----w- c:\program files\Windows Live
2010-01-22 12:30 . 2010-01-22 12:30 -------- d-----w- c:\program files\Common Files\Windows Live
2010-01-22 09:33 . 2010-01-22 09:33 -------- d-----w- c:\documents and settings\All Users\Application Data\McAfee
2010-01-21 12:26 . 2010-01-21 12:26 -------- d-sh--w- c:\documents and settings\NetworkService\IETldCache
2010-01-21 12:25 . 2010-01-21 12:25 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Mozilla
2010-01-21 12:25 . 2010-01-21 12:25 -------- d-sh--w- c:\documents and settings\Administrator\IETldCache
2010-01-21 11:15 . 2010-01-21 11:23 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2010-01-21 11:15 . 2010-01-21 11:18 -------- d-----w- c:\program files\Spybot - Search & Destroy
2010-01-21 11:07 . 2010-01-21 11:07 -------- d-----w- c:\program files\Includes
2010-01-21 10:59 . 2010-01-21 10:59 -------- d-----w- c:\documents and settings\Gardovic\Application Data\Media Player Classic
2010-01-21 10:38 . 2010-01-21 10:38 -------- d-sh--w- c:\documents and settings\Razvoj\PrivacIE
2010-01-21 10:38 . 2010-01-21 10:38 -------- d-----w- c:\documents and settings\Razvoj\Local Settings\Application Data\Yahoo
2010-01-21 10:38 . 2010-01-21 10:38 -------- d-----w- c:\documents and settings\Razvoj\Application Data\Yahoo!
2010-01-21 10:38 . 2010-01-21 10:38 -------- d-sh--w- c:\documents and settings\Razvoj\IETldCache
2010-01-21 10:21 . 2010-01-21 10:21 -------- d-sh--w- c:\documents and settings\Gardovic\IECompatCache
2010-01-21 10:20 . 2010-01-21 10:20 -------- d-sh--w- c:\documents and settings\Gardovic\PrivacIE
2010-01-21 10:19 . 2010-01-21 10:19 -------- d-sh--w- c:\documents and settings\Gardovic\IETldCache
2010-01-21 10:15 . 2010-01-21 10:17 -------- dc-h--w- c:\windows\ie8
2010-01-21 10:15 . 2010-01-21 10:17 -------- d--h--w- c:\windows\msdownld.tmp
2010-01-21 08:40 . 2010-01-21 09:08 -------- d-----w- c:\documents and settings\Gardovic\Local Settings\Application Data\Yahoo
2010-01-21 08:38 . 2010-01-21 09:08 -------- d-----w- c:\documents and settings\All Users\Application Data\Yahoo! Companion
2010-01-21 08:38 . 2010-01-21 08:40 -------- d-----w- c:\documents and settings\Gardovic\Application Data\Yahoo!
2010-01-21 08:38 . 2009-11-10 13:39 607472 ----a-w- c:\documents and settings\All Users\Application Data\Yahoo!\YUpdater\yupdater.exe
2010-01-21 08:38 . 2010-01-21 08:38 -------- d-----w- c:\documents and settings\All Users\Application Data\Yahoo!
2010-01-21 08:37 . 2010-01-21 09:05 -------- d-----w- c:\windows\SxsCaPendDel
2010-01-21 08:33 . 2010-01-21 08:38 -------- d-----w- c:\program files\Yahoo!
2010-01-21 08:23 . 2010-01-21 08:23 -------- d-----w- c:\program files\uTorrent
2010-01-21 08:21 . 2010-01-21 09:04 -------- d-----w- c:\documents and settings\Gardovic\Application Data\uTorrent
2010-01-21 07:12 . 2010-01-21 07:12 56 ---ha-w- c:\windows\system32\ezsidmv.dat
2010-01-21 07:12 . 2010-01-21 07:12 -------- d-----w- c:\documents and settings\Gardovic\Application Data\skypePM
2010-01-20 12:59 . 2010-01-20 12:59 -------- d-----w- c:\documents and settings\Gardovic\Local Settings\Application Data\Identities
2010-01-20 09:33 . 2010-01-20 09:33 -------- d-----w- c:\documents and settings\All Users\Application Data\McAfee Security Scan
2010-01-20 09:33 . 2010-01-20 09:33 -------- d-----w- c:\program files\McAfee Security Scan
2010-01-19 08:00 . 2010-01-19 08:00 1956072 ----a-w- c:\documents and settings\Razvoj\Application Data\Macromedia\Flash Player\www.macromedia.com\bin\fpupdateax\fpupdateax.exe
2010-01-18 11:32 . 2010-01-19 08:09 -------- d-----w- c:\documents and settings\Razvoj\Local Settings\Application Data\Identities
2010-01-18 10:27 . 2010-01-21 10:38 -------- d-----w- c:\documents and settings\Razvoj\Local Settings\Application Data\Google
2010-01-15 06:01 . 2010-01-15 06:01 152576 ----a-w- c:\documents and settings\Razvoj\Application Data\Sun\Java\jre1.6.0_17\lzma.dll
2010-01-15 06:00 . 2010-01-15 06:00 79488 ----a-w- c:\documents and settings\Razvoj\Application Data\Sun\Java\jre1.6.0_17\gtapi.dll
2010-01-13 12:11 . 2010-01-13 12:11 -------- d-----w- c:\documents and settings\Razvoj\Application Data\Corel
2010-01-13 12:02 . 2010-01-13 12:02 -------- d-----w- c:\documents and settings\Razvoj\Local Settings\Application Data\Mozilla
2010-01-13 11:59 . 2010-01-13 11:59 100280 ----a-w- c:\documents and settings\Razvoj\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2010-01-13 11:59 . 2010-01-15 12:57 -------- d-----w- c:\documents and settings\Razvoj\Application Data\Autodesk
2010-01-13 11:59 . 2010-01-13 11:59 -------- d-----w- c:\documents and settings\Razvoj\Local Settings\Application Data\Autodesk
2010-01-13 11:55 . 2010-01-14 07:31 -------- d-----w- c:\documents and settings\Razvoj\Local Settings\Application Data\Adobe
2010-01-13 11:33 . 2010-01-13 11:33 0 ----a-w- c:\windows\nsreg.dat
2010-01-13 11:33 . 2010-01-13 11:33 -------- d-----w- c:\documents and settings\Gardovic\Local Settings\Application Data\Mozilla
2010-01-13 11:31 . 2010-01-21 10:20 -------- d-----w- c:\documents and settings\Gardovic\Local Settings\Application Data\Google
2010-01-13 11:25 . 2010-01-13 11:27 -------- d-----w- c:\windows\nview
2010-01-13 11:25 . 2004-07-15 10:42 172032 ----a-w- c:\windows\system32\nvudisp.exe
2010-01-13 11:22 . 2010-01-13 11:22 -------- d-----w- c:\program files\ASUSTeK
2010-01-13 11:21 . 2006-02-08 08:26 11264 ------r- c:\windows\system32\drivers\EIO.sys
2010-01-13 11:12 . 2010-01-20 12:38 2568 --sha-w- c:\windows\system32\KGyGaAvL.sys
2010-01-13 11:11 . 2010-01-13 11:11 -------- d-----w- c:\documents and settings\Gardovic\Application Data\Corel
2010-01-13 11:11 . 2010-01-13 11:11 -------- d-----w- c:\documents and settings\All Users\Application Data\InstallShield
2010-01-13 11:11 . 2010-01-13 11:11 65536 ----a-r- c:\documents and settings\Gardovic\Application Data\Microsoft\Installer\{F428D0FB-765D-40EB-BDD8-A1E7F5C597FA}\Shortcut0.C3A146F5_4B48_11D5_A819_00B0D0428C0C.exe
2010-01-13 11:11 . 2010-01-13 11:11 10134 ----a-r- c:\documents and settings\Gardovic\Application Data\Microsoft\Installer\{F428D0FB-765D-40EB-BDD8-A1E7F5C597FA}\ARPPRODUCTICON.exe
2010-01-13 11:09 . 2010-01-13 11:09 -------- d-----w- c:\program files\Corel
2010-01-13 11:09 . 2010-01-13 11:09 -------- d-----w- c:\program files\Common Files\Corel
2010-01-13 11:03 . 2010-01-21 07:58 -------- d-----w- c:\documents and settings\Gardovic\Application Data\Skype
2010-01-13 10:58 . 2009-11-24 23:48 23120 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2010-01-13 10:58 . 2009-11-24 23:49 48560 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2010-01-13 10:58 . 2009-11-24 23:47 27408 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2010-01-13 10:58 . 2009-11-24 23:47 97480 ----a-w- c:\windows\system32\AvastSS.scr
2010-01-13 10:58 . 2009-09-15 11:55 114768 ----a-w- c:\windows\system32\drivers\aswSP.sys
2010-01-13 10:58 . 2009-09-15 11:55 20560 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2010-01-13 10:58 . 2009-11-24 23:51 93424 ----a-w- c:\windows\system32\drivers\aswmon.sys
2010-01-13 10:58 . 2009-09-15 11:56 94160 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2010-01-13 10:58 . 2009-11-24 23:54 1280480 ----a-w- c:\windows\system32\aswBoot.exe
2010-01-13 10:58 . 2003-03-18 21:20 1060864 ----a-w- c:\windows\system32\MFC71.dll
2010-01-13 10:58 . 2003-03-18 20:14 499712 ----a-w- c:\windows\system32\MSVCP71.dll
2010-01-13 10:58 . 2010-01-13 10:58 -------- d-----w- c:\program files\Alwil Software
2010-01-13 10:48 . 2010-01-21 10:01 -------- d-----w- c:\documents and settings\Gardovic\Application Data\Autodesk
2010-01-13 10:48 . 2010-01-15 12:57 -------- d-----w- c:\documents and settings\All Users\Application Data\Autodesk
2010-01-13 10:48 . 2010-01-13 10:52 -------- d-----w- c:\program files\Common Files\Autodesk Shared
2010-01-13 10:48 . 2010-01-13 10:51 -------- d-----w- c:\program files\AutoCAD 2009
2010-01-13 10:48 . 2010-01-13 10:48 -------- d-----w- c:\documents and settings\Gardovic\Local Settings\Application Data\Autodesk
2010-01-13 10:47 . 2007-07-19 17:14 3727720 ----a-w- c:\windows\system32\d3dx9_35.dll
2010-01-13 10:47 . 2010-01-13 10:47 -------- d-----w- c:\program files\MSBuild
2010-01-13 10:47 . 2010-01-21 12:23 727776 ----a-w- c:\documents and settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
2010-01-13 10:43 . 2010-01-13 10:43 -------- d-----w- c:\windows\system32\XPSViewer
2010-01-13 10:43 . 2010-01-13 10:43 -------- d-----w- c:\program files\Reference Assemblies
2010-01-13 10:43 . 2006-10-14 15:43 27648 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\filterpipelineprintproc.dll
2010-01-13 10:43 . 2006-06-29 12:07 14048 ------w- c:\windows\system32\spmsg2.dll
2010-01-13 10:38 . 1999-11-10 10:05 86016 ----a-w- c:\windows\unvise32qt.exe
2010-01-13 10:37 . 2010-01-13 10:38 -------- d-----w- c:\program files\QuickTime
2010-01-13 10:37 . 2010-01-13 10:38 -------- d-----w- c:\windows\system32\QuickTime
2010-01-13 10:37 . 2010-01-13 10:37 -------- d-----w- c:\documents and settings\All Users\Application Data\QuickTime
2010-01-13 10:34 . 2010-01-13 10:34 -------- d-----w- c:\documents and settings\All Users\Application Data\Adobe Systems
2010-01-13 10:33 . 2010-01-13 10:33 -------- d-----w- c:\program files\Common Files\Adobe Systems Shared
2010-01-13 10:31 . 2010-01-13 10:31 -------- d-----w- c:\program files\Common Files\Adobe AIR
2010-01-13 10:30 . 2010-01-13 10:36 -------- d-----w- c:\program files\Common Files\Adobe
2010-01-13 10:30 . 2010-01-21 13:27 -------- d-----w- c:\documents and settings\Gardovic\Local Settings\Application Data\Adobe
2010-01-13 10:28 . 2003-06-18 16:31 18944 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\mdippr.dll
2010-01-13 10:28 . 2003-06-18 16:31 17920 ----a-w- c:\windows\system32\mdimon.dll
2010-01-13 10:27 . 2010-01-13 10:27 -------- d-----w- c:\program files\Common Files\L&H
2010-01-13 10:27 . 2010-01-13 10:27 -------- d-----w- c:\program files\Microsoft ActiveSync
2010-01-13 10:26 . 2010-01-13 10:26 -------- d-----w- c:\program files\Microsoft Works
2010-01-13 10:26 . 2010-01-13 10:27 -------- d-----w- c:\windows\SHELLNEW
2010-01-13 10:25 . 2010-01-13 10:25 -------- d-----w- c:\program files\Microsoft.NET
2010-01-13 10:23 . 2010-01-13 10:23 -------- d-----r- C:\MSOCache
2010-01-13 10:18 . 2010-01-13 10:18 -------- d-----w- c:\documents and settings\All Users\Application Data\CyberLink
2010-01-13 10:17 . 2010-01-13 10:17 -------- d-----w- c:\program files\CyberLink
2010-01-13 10:17 . 2010-01-13 10:17 -------- d-----w- c:\program files\Webteh
2010-01-13 10:16 . 2010-01-13 10:16 -------- d-----w- c:\program files\Google
2010-01-13 10:16 . 2010-01-13 10:16 -------- d-----w- c:\program files\Common Files\Skype
2010-01-13 10:16 . 2010-01-13 10:16 -------- d-----r- c:\program files\Skype
2010-01-13 10:15 . 2010-01-13 10:16 -------- d-----w- c:\documents and settings\All Users\Application Data\Skype
2010-01-13 10:15 . 2008-10-02 09:07 453152 ----a-w- c:\windows\system32\NVUNINST.EXE
2010-01-13 10:14 . 2010-01-13 11:25 -------- d-----w- C:\NVIDIA
2010-01-13 10:14 . 2009-08-04 14:00 2180352 -c----w- c:\windows\system32\dllcache\ntoskrnl.exe
2010-01-13 10:14 . 2009-08-04 13:58 2136064 -c----w- c:\windows\system32\dllcache\ntkrnlmp.exe
2010-01-13 10:14 . 2009-08-04 13:13 2015744 -c----w- c:\windows\system32\dllcache\ntkrpamp.exe
2010-01-13 10:14 . 2009-08-04 13:13 2057728 -c----w- c:\windows\system32\dllcache\ntkrnlpa.exe
2010-01-13 10:10 . 2005-09-01 10:03 5888 ------w- c:\windows\system32\drivers\imagedrv.sys
2010-01-13 10:10 . 2005-09-01 10:03 127488 ------w- c:\windows\system32\drivers\imagesrv.sys
2010-01-13 10:09 . 2004-07-09 07:43 364544 ------w- c:\windows\system32\TwnLib4.dll
2010-01-13 10:09 . 2000-06-26 09:45 106496 ----a-w- c:\windows\system32\TwnLib20.dll
2010-01-13 10:09 . 2010-01-13 10:09 -------- d-----w- c:\program files\Common Files\Ahead

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-01-15 09:18 . 2010-01-13 09:16 86327 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2010-01-13 11:22 . 2010-01-13 09:35 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-01-13 11:22 . 2010-01-13 09:35 -------- d-----w- c:\program files\Common Files\InstallShield
2010-01-13 09:39 . 2010-01-13 09:39 -------- d-----w- c:\program files\Envy24 Family Audio Controller
2010-01-13 09:35 . 2010-01-13 09:35 -------- d-----w- c:\program files\Intel
2010-01-13 09:17 . 2010-01-13 09:17 -------- d-----w- c:\program files\microsoft frontpage
2010-01-13 09:13 . 2010-01-13 09:13 21640 ----a-w- c:\windows\system32\emptyregdb.dat
.

((((((((((((((((((((((((((((( SnapShot@2010-01-22_12.18.28 )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-01-25 06:30 . 2010-01-25 06:30 16384 c:\windows\Temp\Perflib_Perfdata_5ac.dat
+ 2009-07-26 15:44 . 2009-07-26 15:44 48448 c:\windows\system32\sirenacm.dll
+ 1999-01-12 10:35 . 1999-01-12 10:35 53760 c:\windows\speech\WrapSAPI.dll
+ 2010-01-22 13:24 . 2010-01-22 13:24 22016 c:\windows\Installer\36f95.msi
+ 2010-01-22 13:24 . 2010-01-22 13:24 27136 c:\windows\Installer\36f7f.msi
+ 2010-01-22 13:23 . 2010-01-22 13:23 83456 c:\windows\Installer\36f63.msi
+ 2010-01-22 13:23 . 2010-01-22 13:23 58880 c:\windows\Installer\36f5c.msi
+ 2010-01-22 13:24 . 2010-01-22 13:24 62304 c:\windows\Installer\{F6BD194C-4190-4D73-B1B1-C48C99921BFE}\IconWlc.exe
+ 2010-01-22 13:24 . 2010-01-22 13:24 80395 c:\windows\Installer\{A85FD55B-891B-4314-97A5-EA96C0BD80B5}\MsblIco.Exe
+ 2010-01-22 13:25 . 2010-01-22 13:25 58945 c:\windows\Installer\{6412CECE-8172-4BE5-935B-6CECACD2CA87}\wlmail.exe
+ 1999-01-12 10:39 . 1999-01-12 10:39 6656 c:\windows\delttsul.exe
+ 2007-11-07 00:19 . 2007-11-07 00:19 655872 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_d08d0375\msvcr90.dll
+ 2007-11-07 00:19 . 2007-11-07 00:19 568832 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_d08d0375\msvcp90.dll
+ 2007-11-06 19:23 . 2007-11-06 19:23 224768 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_d08d0375\msvcm90.dll
+ 2010-01-13 09:56 . 2010-01-22 13:42 349792 c:\windows\system32\FNTCACHE.DAT
+ 1999-01-12 14:19 . 1999-01-12 14:19 195584 c:\windows\speech\Xvoice.dll
+ 1999-01-12 14:19 . 1999-01-12 14:19 203776 c:\windows\speech\XTel.Dll
+ 1999-01-12 14:19 . 1999-01-12 14:19 208896 c:\windows\speech\Xlisten.dll
+ 1999-01-12 14:19 . 1999-01-12 14:19 128000 c:\windows\speech\Xcommand.dll
+ 1999-01-12 14:19 . 1999-01-12 14:19 173056 c:\windows\speech\VText.dll
+ 1999-01-12 14:19 . 1999-01-12 14:19 179712 c:\windows\speech\Vdict.dll
+ 1999-01-12 14:19 . 1999-01-12 14:19 156160 c:\windows\speech\vcmshl.dll
+ 1999-01-12 14:09 . 1999-01-12 14:09 380928 c:\windows\speech\vcmd.exe
+ 1999-01-12 14:19 . 1999-01-12 14:19 562176 c:\windows\speech\speech.dll
+ 1999-01-12 14:19 . 1999-01-12 14:19 248832 c:\windows\speech\spchtel.dll
+ 2010-01-22 13:25 . 2010-01-22 13:25 735744 c:\windows\Installer\36f9c.msi
+ 2010-01-22 13:24 . 2010-01-22 13:24 430080 c:\windows\Installer\36f8e.msi
+ 2010-01-22 13:24 . 2010-01-22 13:24 155648 c:\windows\Installer\36f86.msi
+ 2010-01-22 13:24 . 2010-01-22 13:24 140288 c:\windows\Installer\36f78.msi
+ 2010-01-22 13:24 . 2010-01-22 13:24 202752 c:\windows\Installer\36f71.msi
+ 2010-01-22 13:24 . 2010-01-22 13:24 152576 c:\windows\Installer\36f6a.msi
+ 2010-01-22 13:23 . 2010-01-22 13:23 107008 c:\windows\Installer\36f55.msi
+ 2010-01-22 13:23 . 2010-01-22 13:23 301056 c:\windows\Installer\36f4e.msi
+ 2004-08-04 01:07 . 2009-08-04 14:00 2180352 c:\windows\system32\ntoskrnl.exe
+ 2004-08-03 22:59 . 2009-08-04 13:13 2057728 c:\windows\system32\ntkrnlpa.exe
+ 2010-01-13 10:14 . 2009-08-04 14:00 2180352 c:\windows\Driver Cache\i386\ntoskrnl.exe
+ 2010-01-13 10:14 . 2009-08-04 13:13 2015744 c:\windows\Driver Cache\i386\ntkrpamp.exe
+ 2010-01-13 10:14 . 2009-08-04 13:13 2057728 c:\windows\Driver Cache\i386\ntkrnlpa.exe
+ 2010-01-13 10:14 . 2009-08-04 13:58 2136064 c:\windows\Driver Cache\i386\ntkrnlmp.exe
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Messenger (Yahoo!)"="c:\progra~1\Yahoo!\Messenger\YahooMessenger.exe" [2009-11-10 5244216]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856]
"ACMS__MiniRecnik"="c:\program files\Mini recnik\Recnik.exe" [2006-01-15 2793984]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-04 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2004-11-02 32768]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2010-01-13 98304]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-11-24 81000]
"ISUSPM Startup"="c:\program files\Common Files\InstallShield\UpdateService\isuspm.exe" [2005-08-11 249856]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2005-08-11 81920]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2004-07-15 4112384]
"nwiz"="nwiz.exe" [2004-07-15 843776]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2004-07-15 81920]

c:\documents and settings\Gardovic\Start Menu\Programs\Startup\
Adobe Gamma.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-3-16 113664]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
McAfee Security Scan.lnk - c:\program files\McAfee Security Scan\1.0.150\SSScheduler.exe [2009-7-28 199184]

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=

R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [13.1.2010 11:58 114768]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [13.1.2010 11:58 20560]
R3 Envy24HFS;ICE Envy24 Family Audio Controller WDM V1.01 (Envy24HT-S Eval. Only);c:\windows\system32\drivers\Envy24HF.sys [13.1.2010 10:39 561144]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.ba/
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
FF - ProfilePath - c:\documents and settings\Gardovic\Application Data\Mozilla\Firefox\Profiles\vdtx05ww.default\

---- FIREFOX POLICIES ----
FF - user.js: yahoo.ytff.general.dontshowhpoffer - true.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, gmer.net
Rootkit scan 2010-01-25 07:30
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'explorer.exe'(2592)
c:\windows\system32\ieframe.dll
c:\windows\system32\msi.dll
c:\windows\system32\webcheck.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Alwil Software\Avast4\aswUpdSv.exe
c:\program files\Alwil Software\Avast4\ashServ.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\windows\system32\nvsvc32.exe
c:\windows\system32\RUNDLL32.EXE
c:\program files\Yahoo!\SoftwareUpdate\YahooAUService.exe
c:\program files\Alwil Software\Avast4\ashMaiSv.exe
c:\program files\Alwil Software\Avast4\ashWebSv.exe
c:\progra~1\Yahoo!\Messenger\ymsgr_tray.exe
.
**************************************************************************
.
Completion time: 2010-01-25 07:34:11 - machine was rebooted
ComboFix-quarantined-files.txt 2010-01-25 06:34
ComboFix2.txt 2010-01-22 12:22

Pre-Run: 21.361.385.472 bytes free
Post-Run: 21.446.680.576 bytes free

- - End Of File - - 4BD5EBFA28E2F049773B8D830396E077

offline
  • diarno  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 15 Jun 2007
  • Poruke: 5572

To bi bilo to

Potrebno je deinstalirati ComboFix:
klikni start (ili ), a zatim RUN.

Na Visti koristiti Start Search polje ukoliko Run nije dostupan.

U liniju za unos teksta ukucaj (iskopiraj) sledeće:

ComboFix /Uninstall

Primeti da postoji razmak između "ComboFix" i "/Uninstall".



a zatim klikni OK (ili pritisni Enter).


Sačekaj da se proces deinstalacije završi.

Ko je trenutno na forumu
 

Ukupno su 847 korisnika na forumu :: 48 registrovanih, 10 sakrivenih i 789 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: _Sale, A.R.Chafee.Jr., BraneS, BRATORIII, crnitrn, dankisha, djboj, Djordje29, Georgius, goxin, h8propaganda, havoc995, Hoegaarden, ikan, Krusarac, L A Z A R, Marko Marković, Markogrozni, Markoni29, MB120mm, mcgunner, mercedesamg, Mercury, mikrimaus, Mr.G., MrNo, nebkv, nenad81, novator, Oluj2.1, Panter, pavlo, pein, Polemarchoi, Rakenica, riva, RJ, rodoljub, rovac, Sirius, sokars, Toni, vasa.93, Viceroy, vlahale, vranjanac29, xJeremijAx, zajcev1