problem sa mozilom

problem sa mozilom

offline
  • Pridružio: 29 Jul 2008
  • Poruke: 44

naime imam problem da kad startujem mozilu cak i u safe modu treba joj dosta vremena da se podigne a i desava da zablokira na minut dva u toku surfovanja i neda nista drugo da se otvori,posle nekog vremena otkoci se i nastavi sve normalno da radi.nmeni se to lici na virus neki pa bih vas zamolio logove da pogledate...
hvala

DDS (Ver_09-12-01.01) - NTFSx86
Run by Kiki at 22:08:23,12 on sre 23.12.2009
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_17
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2046.1407 [GMT 1:00]

AV: avast! antivirus 4.8.1368 [VPS 091223-0] *On-access scanning enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}

============== Running Processes ===============

C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
svchost.exe
svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\ATKKBService.exe
C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
C:\Program Files\DCPFLICS\dcpflics.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Autodesk\3ds Max 2010\mentalray\satellite\raysat_3dsmax2010_32server.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Documents and Settings\Kiki\My Documents\Downloads\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.google.com/
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = *.local
uURLSearchHooks: SweetIM ToolbarURLSearchHook Class: {eee6c35d-6118-11dc-9c72-001320c79847} - c:\program files\sweetim\toolbars\internet explorer\mgHelper.dll
uURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn0\yt.dll
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn0\yt.dll
BHO: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - No File
BHO: {1F364306-AA45-47B5-9F9D-39A8B94E7EF1} - No File
BHO: Megaupload Toolbar: {4e7bd74f-2b8d-469e-ccb0-b130eedbe97c} - c:\progra~1\megaup~1\MEGAUP~1.DLL
BHO: Click-to-Call BHO: {5c255c8a-e604-49b4-9d64-90988571cecb} - c:\program files\windows live\messenger\wlchtc.dll
BHO: {7E853D72-626A-48EC-A868-BA8D5E23E045} - No File
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
BHO: SweetIM Toolbar Helper: {eee6c35c-6118-11dc-9c72-001320c79847} - c:\program files\sweetim\toolbars\internet explorer\mgToolbarIE.dll
BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - c:\program files\yahoo!\companion\installs\cpn0\YTSingleInstance.dll
TB: Megaupload Toolbar: {4e7bd74f-2b8d-469e-ccb0-b130eedbe97c} - c:\progra~1\megaup~1\MEGAUP~1.DLL
TB: SweetIM Toolbar for Internet Explorer: {eee6c35b-6118-11dc-9c72-001320c79847} - c:\program files\sweetim\toolbars\internet explorer\mgToolbarIE.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn0\yt.dll
EB: {2A541AE1-5BF6-4665-A8A3-CFA9672E4291} - No File
EB: {85E0B171-04FA-11D1-B7DA-00A0C90348D6} - No File
uRun: [AdobeBridge]
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [avast!] c:\progra~1\alwils~1\avast4\ashDisp.exe
mRun: [nwiz] c:\program files\nvidia corporation\nview\nwiz.exe /install
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
dRunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N
dRunOnce: [RunNarrator] Narrator.exe
IE: &Download All by FlashGet - c:\program files\flashget network\flashget universal\comdlls\Bhoall.htm
IE: &Download by FlashGet - c:\program files\flashget network\flashget universal\comdlls\Bholink.htm
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - c:\program files\partygaming\partypoker\RunApp.exe
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_04-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SecurityProviders: msapsspc.dll, schannel.dll, digest.dll, credssp.dll, msnsspc.dll

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\kiki\applic~1\mozilla\firefox\profiles\tmz8ijwv.kiki\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/ig
FF - plugin: c:\program files\divx\divx plus web player\npdivx32.dll
FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\google\update\1.2.183.13\npGoogleOneClick8.dll
FF - plugin: c:\program files\microsoft\office live\npOLW.dll
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}

---- FIREFOX POLICIES ----
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);

============= SERVICES / DRIVERS ===============

R0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore.sys [2009-6-6 206256]
R0 sfdrv01a;StarForce Protection Environment Driver (version 1.x.a);c:\windows\system32\drivers\sfdrv01a.sys [2006-7-5 63352]
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2009-4-15 114768]
R2 {FE4C91E7-22C2-4D0C-9F6B-82F1B7742054};{FE4C91E7-22C2-4D0C-9F6B-82F1B7742054};c:\program files\cyberlink\powerdvd8\000.fcl [2008-2-1 41456]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2009-4-15 20560]
R2 avast! Antivirus;avast! Antivirus;c:\program files\alwil software\avast4\ashServ.exe [2009-4-15 138680]
R2 BT848;BtCap, WDM Video Capture;c:\windows\system32\drivers\BT848.SYS [2008-3-2 291768]
R2 BTTUNER;BtTuner, WDM TV Tuner;c:\windows\system32\drivers\BTTUNER.SYS [2008-3-2 21288]
R2 BTXBAR;BtXBar, WDM Crossbar;c:\windows\system32\drivers\BTXBAR.SYS [2008-3-2 12568]
R2 mi-raysat_3dsmax2010_32;mental ray 3.7 Satellite for Autodesk 3ds Max 2010 32-bit 32-bit;c:\program files\autodesk\3ds max 2010\mentalray\satellite\raysat_3dsmax2010_32server.exe [2009-3-12 86016]
R3 avast! Mail Scanner;avast! Mail Scanner;c:\program files\alwil software\avast4\ashMaiSv.exe [2009-4-15 254040]
R3 avast! Web Scanner;avast! Web Scanner;c:\program files\alwil software\avast4\ashWebSv.exe [2009-4-15 352920]
R3 rxpvbus;Reality XP Avionics Bus Driver;c:\windows\system32\drivers\rxpvbus.sys [2005-11-4 44032]
S2 gupdate1c9a2436824028e;Google Update Service (gupdate1c9a2436824028e);c:\program files\google\update\GoogleUpdate.exe [2009-3-11 133104]
S2 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine;c:\program files\logmein hamachi\hamachi-2.exe [2009-10-29 1074568]
S3 sdAuxService;PC Tools Auxiliary Service;c:\program files\spyware doctor\pctsAuxs.exe [2008-12-5 348752]
S3 sdCoreService;PC Tools Security Service;c:\program files\spyware doctor\pctsSvc.exe [2008-12-5 1097096]
S4 TwonkyMedia;TwonkyMedia;c:\program files\nokia\nokia home media server\media server\twonkymedia.exe -serviceversion 0 --> c:\program files\nokia\nokia home media server\media server\TwonkyMedia.exe -serviceversion 0 [?]
S4 usnjsvc;Messenger Sharing Folders USN Journal Reader service;c:\program files\windows live\messenger\usnsvc.exe [2007-11-7 98840]

=============== Created Last 30 ================

2009-12-21 14:01:11 0 d-----w- c:\program files\Winamp Detect
2009-12-19 01:31:20 198 ----a-w- c:\windows\TSCTNDBG.INI
2009-12-16 17:14:15 0 d-----w- c:\program files\FOC 2003
2009-12-16 17:14:03 0 d-----w- c:\program files\aerosoft
2009-12-15 21:30:37 0 d-----w- c:\docume~1\kiki\applic~1\TeamViewer
2009-12-15 21:30:15 0 d-----w- c:\documents and settings\kiki\temp
2009-12-15 01:36:28 2048 ----a-w- c:\windows\FL4-Z.lic
2009-12-15 00:55:30 0 d-----w- c:\program files\GARMIN
2009-12-15 00:00:41 2048 ----a-w- c:\windows\FLTEE.lic
2009-12-14 23:54:33 2048 ----a-w- c:\windows\FL5-X.lic
2009-12-14 23:52:37 2048 ----a-w- c:\windows\GNPRO.lic
2009-12-14 17:14:43 0 d-----w- c:\program files\Abacus
2009-12-13 04:32:08 0 d-----w- c:\program files\Shockwave 3D Lights Redux for FS9
2009-12-12 23:25:51 149675 ----a-w- c:\windows\OCS PT-154 Uninstaller.exe
2009-12-12 23:25:50 0 d-----w- c:\program files\OCS PT-154
2009-12-12 22:54:55 0 d-----w- c:\program files\NCalc5
2009-12-12 16:50:45 0 d-----w- c:\program files\Real Environment Pro
2009-12-12 09:46:18 0 d-----w- c:\docume~1\kiki\applic~1\HiFi
2009-12-04 00:19:11 0 d-----w- c:\program files\common files\TOPCAT
2009-12-04 00:16:42 0 d-----w- c:\program files\TOPCAT
2009-12-02 17:23:55 151552 ----a-w- c:\windows\system32\nvRegDev.dll
2009-12-02 03:15:12 18 ----a-w- C:\fsb_wpos.ini
2009-12-02 03:15:02 0 d-----w- c:\program files\FSBuild
2009-11-30 14:49:03 0 d-----w- c:\program files\Microsoft Games
2009-11-27 00:17:28 286720 ------w- c:\windows\Setup1.exe
2009-11-27 00:17:26 73216 ----a-w- c:\windows\ST6UNST.EXE

==================== Find3M ====================

2009-12-21 20:38:08 196608 ----a-w- c:\windows\system32\drivers\nStandard.bin
2009-12-12 09:36:02 737280 ----a-w- c:\windows\iun6002.exe
2009-11-21 22:22:58 1328 ----a-w- C:\FSUIPC_reg.bin
2009-10-31 23:16:34 691696 ----a-w- c:\windows\system32\drivers\sptd.sys
2009-10-31 12:17:26 206256 ----a-w- c:\windows\system32\drivers\PCTCore.sys
2009-10-31 12:17:25 7396 ----a-w- c:\windows\system32\drivers\pctcore.cat
2009-10-27 00:45:14 567 ----a-w- C:\subafsfile0.bin
2009-10-27 00:45:14 1552 ----a-w- C:\bin0.bin
2009-10-11 03:17:27 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-10-06 10:55:50 1112288 ----a-w- c:\windows\system32\wdfcoinstaller01007.dll
2009-10-06 10:52:46 660480 ----a-w- c:\windows\system32\nmwcdcocls.dll
2009-10-06 10:52:36 91136 ----a-w- c:\windows\system32\nmwcdcls.dll
2009-05-14 19:02:10 3392872 ----a-w- c:\program files\common files\adlmint_libFNP.dll
2009-05-14 19:02:10 3298152 ----a-w- c:\program files\common files\adlmint.dll
2009-06-25 12:14:16 61 --sh--w- c:\windows\cnerolf.dat
2009-03-22 15:33:13 16384 --sha-w- c:\windows\system32\config\systemprofile\cookies\index.dat
2009-03-22 15:33:13 32768 --sha-w- c:\windows\system32\config\systemprofile\local settings\history\history.ie5\index.dat
2008-03-01 14:55:30 32768 --sha-w- c:\windows\system32\config\systemprofile\local settings\history\history.ie5\mshist012008030120080302\index.dat
2009-03-22 15:33:13 32768 --sha-w- c:\windows\system32\config\systemprofile\local settings\temporary internet files\content.ie5\index.dat

============= FINISH: 22:09:12,43 ===============

mycity.rs/must-login.png

mycity.rs/must-login.png

mycity.rs/must-login.png

mycity.rs/must-login.png

offline
  • diarno  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 15 Jun 2007
  • Poruke: 5572

Preuzmi sUBs-ov ComboFix sa sledeće adrese na Desktop:


Bleeping Computer
Klikni desnim tasterom na link i odaberi opciju Save Target As... (Save Link As..., Save Linked Content As... ili sličnu);
Kada se otvori dijalog za izbor lokacije na kojoj treba sačuvati file, odaberi Desktop i klikni Save.




Kada preuzimanje programa bude završeno:
deaktiviraj zaštitni softver (uputstvo);
zatvori pokrenute programe;
dvoklikom pokreni program ComboFix.

U toku rada, ComboFix će:proveriti postoji li novija verzija programa:
klikni Yes ako bude ponuđeno preuzimanje iste.
prikazati DISCLAIMER OF WARRANTY ON SOFTWARE:
klikni Yes kako bi proces bio nastavljen.
ako Recovery Console nije instalirana, ponuditi instalaciju:
obavezno prihvati klikom na Yes i isprati postupak.
postaviti/dati određeni broj upita/obaveštenja:
prihvati klikom na Yes ili OK.
po potrebi, restartovati Windows (više puta);
na kraju rada, otvoriti Notepad sa izveštajem o skeniranju.


Iskopiraj izveštaj koji je ComboFix napravio u temu na forumu:
klikni desnim tasterom miša u prozor Notepad-a i izaberi Select All;
klikni desnim tasterom miša na obeleženi tekst i izaberi Copy;
klikni desnim tasterom miša u polje za pisanje poruke i izaberi Paste.


Napomena:Izveštaj će biti sačuvan pod nazivom ComboFix.txt na sistemskoj particiji (tipična lokacija: C:\ComboFix.txt);
Ukoliko nakon slanja poruke primetiš da izveštaj nije kompletan, iskoristi opciju Prikači fajl za prilaganje file-a C:\ComboFix.txt uz poruku.

offline
  • Pridružio: 29 Jul 2008
  • Poruke: 44

ComboFix 09-12-22.09 - Kiki 24.12.2009 2:03.1.1 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2046.1555 [GMT 1:00]
Running from: c:\documents and settings\Kiki\Desktop\ComboFix.exe
AV: avast! antivirus 4.8.1368 [VPS 091223-1] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\Kiki\Application Data\Desktopicon
c:\documents and settings\Kiki\Application Data\Desktopicon\config.ini
c:\documents and settings\Kiki\Application Data\Desktopicon\eBayShortcuts.exe
c:\documents and settings\Kiki\Application Data\Kaspersky_Key_Finder_(KKF
c:\documents and settings\Kiki\Application Data\Kaspersky_Key_Finder_(KKF\Kaspersky_Key_Finder_V1.5_Url_k43bu3jnpwwecibbp2001qusnmcgeemb\1.5.2.0\user.config

.
((((((((((((((((((((((((( Files Created from 2009-11-24 to 2009-12-24 )))))))))))))))))))))))))))))))
.

2009-12-21 14:01 . 2009-12-21 14:01 -------- d-----w- c:\program files\Winamp Detect
2009-12-16 17:14 . 2009-12-16 17:16 -------- d-----w- c:\program files\FOC 2003
2009-12-16 17:14 . 2009-12-16 17:14 -------- d-----w- c:\program files\aerosoft
2009-12-15 21:30 . 2009-12-15 21:30 -------- d-----w- c:\documents and settings\Kiki\Application Data\TeamViewer
2009-12-15 21:30 . 2009-12-15 21:30 -------- d-----w- c:\documents and settings\Kiki\temp
2009-12-15 00:55 . 2009-12-15 01:02 -------- d-----w- c:\program files\GARMIN
2009-12-14 17:14 . 2009-12-14 17:14 -------- d-----w- c:\program files\Abacus
2009-12-13 04:32 . 2009-12-13 04:32 -------- d-----w- c:\program files\Shockwave 3D Lights Redux for FS9
2009-12-12 23:25 . 2009-12-12 23:25 149675 ----a-w- c:\windows\OCS PT-154 Uninstaller.exe
2009-12-12 23:25 . 2009-12-12 23:25 -------- d-----w- c:\program files\OCS PT-154
2009-12-12 22:54 . 2009-12-12 23:20 -------- d-----w- c:\program files\NCalc5
2009-12-12 21:54 . 2009-12-12 21:54 -------- d-----w- c:\documents and settings\Kiki\Local Settings\Application Data\Home
2009-12-12 16:50 . 2009-12-12 16:51 -------- d-----w- c:\program files\Real Environment Pro
2009-12-12 09:46 . 2009-12-12 11:11 -------- d-----w- c:\documents and settings\Kiki\Application Data\HiFi
2009-12-04 00:19 . 2009-12-04 00:19 -------- d-----w- c:\program files\Common Files\TOPCAT
2009-12-04 00:16 . 2009-12-04 00:21 -------- d-----w- c:\program files\TOPCAT
2009-12-02 17:23 . 2009-12-02 17:23 151552 ----a-w- c:\windows\system32\nvRegDev.dll
2009-12-02 03:15 . 2009-12-05 17:28 -------- d-----w- c:\program files\FSBuild
2009-11-30 14:49 . 2009-11-30 14:49 -------- d-----w- c:\program files\Microsoft Games
2009-11-27 00:17 . 2009-11-27 00:17 286720 ------w- c:\windows\Setup1.exe
2009-11-27 00:17 . 2009-11-27 00:17 73216 ----a-w- c:\windows\ST6UNST.EXE
2009-11-26 03:20 . 2009-12-24 01:00 1054544 ----a-w- c:\documents and settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
2009-11-26 02:14 . 2009-11-26 02:05 24403616 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{4C911A61-39EA-41CC-AB3C-FE3BFFDB5F78}\NokiaSoftwareUpdaterSetup_1.8.10EN.exe
2009-11-26 02:06 . 2009-11-26 02:06 3351812 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{4C911A61-39EA-41CC-AB3C-FE3BFFDB5F78}\Installer\CommonCustomActions\msxml6Exec.exe
2009-11-26 02:06 . 2009-11-26 02:06 36864 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{4C911A61-39EA-41CC-AB3C-FE3BFFDB5F78}\Installer\CommonCustomActions\Sleep.exe
2009-11-26 02:06 . 2009-11-26 02:06 3203453 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{4C911A61-39EA-41CC-AB3C-FE3BFFDB5F78}\Installer\CommonCustomActions\vcredistExec.exe

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-12-23 12:40 . 2008-10-19 23:26 -------- d-----w- c:\program files\Google
2009-12-22 21:03 . 2008-03-02 21:00 -------- d-----w- c:\program files\Mozilla Thunderbird
2009-12-22 19:57 . 2008-04-11 16:52 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2009-12-22 19:52 . 2008-12-05 18:50 -------- d-----w- c:\program files\Spyware Doctor
2009-12-22 01:34 . 2008-03-01 14:58 96656 ----a-w- c:\documents and settings\Kiki\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-12-22 01:13 . 2008-03-03 11:36 -------- d-----w- c:\documents and settings\Kiki\Application Data\LimeWire
2009-12-21 20:38 . 2008-03-02 11:34 196608 ----a-w- c:\windows\system32\drivers\nStandard.bin
2009-12-21 14:02 . 2008-03-02 18:00 -------- d-----w- c:\program files\Winamp
2009-12-18 20:23 . 2008-03-01 18:54 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-12-15 23:23 . 2008-03-02 21:00 -------- d-----w- c:\documents and settings\Kiki\Application Data\Thunderbird
2009-12-12 09:36 . 2009-11-19 22:10 737280 ----a-w- c:\windows\iun6002.exe
2009-12-02 17:25 . 2009-09-03 16:37 -------- d-----w- c:\program files\NVIDIA Corporation
2009-12-02 02:36 . 2008-03-03 11:16 -------- d-----w- c:\program files\LimeWire
2009-11-30 20:34 . 2009-11-05 13:52 -------- d-----w- c:\documents and settings\All Users\Application Data\Yahoo! Companion
2009-11-26 02:15 . 2008-03-03 21:48 -------- d-----w- c:\documents and settings\All Users\Application Data\Installations
2009-11-24 23:54 . 2009-04-15 20:37 1280480 ----a-w- c:\windows\system32\aswBoot.exe
2009-11-24 23:51 . 2009-04-15 20:38 93424 ----a-w- c:\windows\system32\drivers\aswmon.sys
2009-11-24 23:49 . 2009-04-15 20:38 48560 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2009-11-24 23:48 . 2009-04-15 20:38 23120 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2009-11-24 23:47 . 2009-04-15 20:38 27408 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2009-11-24 23:47 . 2009-04-15 20:38 97480 ----a-w- c:\windows\system32\AvastSS.scr
2009-11-24 01:37 . 2009-03-05 01:12 -------- d-----w- c:\program files\Opera
2009-11-23 19:23 . 2009-11-23 19:22 -------- d-----w- c:\program files\DivX
2009-11-23 19:23 . 2009-11-23 19:23 -------- d-----w- c:\program files\Common Files\DivX Shared
2009-11-23 16:45 . 2009-10-05 23:46 -------- d-----w- c:\program files\The KMPlayer
2009-11-22 03:09 . 2009-11-22 02:37 -------- d-----w- c:\program files\FS Panel Studio
2009-11-21 22:22 . 2009-11-21 22:22 1328 ----a-w- C:\FSUIPC_reg.bin
2009-11-21 22:22 . 2009-11-21 22:22 -------- d-----w- c:\documents and settings\Kiki\Application Data\ESDG
2009-11-19 22:48 . 2009-11-19 22:48 -------- d-----w- c:\documents and settings\Kiki\Application Data\InstallShield
2009-11-19 22:03 . 2008-12-10 23:00 -------- d-----w- c:\program files\Microsoft Silverlight
2009-11-19 22:00 . 2008-03-02 17:33 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help
2009-11-18 21:55 . 2008-03-26 17:29 -------- d-----w- c:\documents and settings\Kiki\Application Data\Audio Record Edit Toolbox
2009-11-18 20:55 . 2008-03-03 22:05 -------- d-----w- c:\program files\Common Files\Nokia
2009-11-18 20:55 . 2008-03-03 22:05 -------- d-----w- c:\documents and settings\Kiki\Application Data\Nokia
2009-11-18 20:54 . 2009-11-18 20:54 -------- d-----w- c:\program files\PC Connectivity Solution
2009-11-18 20:53 . 2008-03-03 22:04 -------- d-----w- c:\program files\Nokia
2009-11-18 20:51 . 2009-11-18 20:51 95232 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{9249D7E7-33E7-4CC8-BB0B-3DF3C3CB2568}\Installer\CommonCustomActions\pcswpcsi.exe
2009-11-18 20:51 . 2009-11-18 20:51 8192 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{9249D7E7-33E7-4CC8-BB0B-3DF3C3CB2568}\Installer\CommonCustomActions\UninstCCD.exe
2009-11-18 20:51 . 2009-11-18 20:51 61440 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{9249D7E7-33E7-4CC8-BB0B-3DF3C3CB2568}\Installer\CommonCustomActions\UninstPCSFEMsi.exe
2009-11-18 20:51 . 2009-11-18 20:51 10240 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{9249D7E7-33E7-4CC8-BB0B-3DF3C3CB2568}\Installer\CommonCustomActions\UninstPCS.exe
2009-11-18 20:51 . 2009-11-18 20:52 34429264 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{9249D7E7-33E7-4CC8-BB0B-3DF3C3CB2568}\Nokia_PC_Suite_7_1_40_1_eng.exe
2009-11-13 16:06 . 2009-11-13 16:04 -------- d-----w- c:\program files\Hacker Evolution Untold
2009-11-13 16:04 . 2009-11-13 16:03 -------- d-----w- c:\program files\Hacker Evolution
2009-11-13 13:26 . 2008-03-02 17:39 -------- d-----w- c:\documents and settings\Kiki\Application Data\BSplayer PRO
2009-11-13 02:03 . 2009-11-09 01:49 -------- d-----w- c:\documents and settings\Kiki\Application Data\headus
2009-11-12 20:35 . 2009-11-12 20:35 -------- d-----w- c:\program files\headus UVLayout v2 Professional
2009-11-10 20:53 . 2009-11-10 20:53 -------- d-----w- c:\program files\Common Files\ChaosGroup
2009-11-10 20:53 . 2009-11-10 20:53 -------- d-----w- c:\program files\Chaos Group
2009-11-07 19:50 . 2008-11-26 19:42 -------- d-----w- c:\documents and settings\Kiki\Application Data\Sports Interactive
2009-11-06 17:50 . 2009-11-06 17:50 -------- d-----w- c:\program files\LogMeIn Hamachi
2009-11-05 13:52 . 2008-08-17 22:22 -------- d-----w- c:\documents and settings\All Users\Application Data\Yahoo!
2009-11-05 13:52 . 2008-08-17 22:19 -------- d-----w- c:\program files\Yahoo!
2009-11-05 13:52 . 2009-11-05 13:52 -------- d-----w- c:\documents and settings\Kiki\Application Data\Yahoo!
2009-11-05 13:20 . 2009-02-26 00:36 -------- d-----w- c:\program files\SweetIM
2009-11-03 20:31 . 2008-03-03 11:26 -------- d-----w- c:\program files\Java
2009-11-03 20:30 . 2009-11-03 20:30 152576 ----a-w- c:\documents and settings\Kiki\Application Data\Sun\Java\jre1.6.0_17\lzma.dll
2009-11-01 10:23 . 2009-10-31 18:55 532 ----a-w- c:\windows\eReg.dat
2009-11-01 10:23 . 2009-11-01 10:23 -------- d-----w- c:\program files\Maxis
2009-10-31 23:16 . 2009-04-25 00:34 -------- d-----w- c:\program files\DAEMON Tools Toolbar
2009-10-31 23:16 . 2008-06-22 22:57 -------- d-----w- c:\program files\DAEMON Tools Lite
2009-10-31 23:16 . 2008-03-02 17:40 691696 ----a-w- c:\windows\system32\drivers\sptd.sys
2009-10-31 23:16 . 2009-01-26 20:10 -------- d-----w- c:\documents and settings\All Users\Application Data\DAEMON Tools Lite
2009-10-31 23:11 . 2008-11-02 00:46 -------- d---a-w- c:\documents and settings\All Users\Application Data\Sports Interactive
2009-10-31 12:17 . 2009-06-05 23:48 206256 ----a-w- c:\windows\system32\drivers\PCTCore.sys
2009-10-31 12:17 . 2009-10-31 12:17 7396 ----a-w- c:\windows\system32\drivers\pctcore.cat
2009-10-30 16:59 . 2009-10-30 16:58 -------- d-----w- c:\program files\iTunes
2009-10-30 16:58 . 2009-10-30 16:58 -------- d-----w- c:\program files\iPod
2009-10-30 16:58 . 2008-03-03 23:07 -------- d-----w- c:\program files\Common Files\Apple
2009-10-30 16:46 . 2009-10-30 16:46 79144 ----a-w- c:\documents and settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 9.0.2.25\SetupAdmin.exe
2009-10-27 00:45 . 2009-10-27 00:45 567 ----a-w- C:\subafsfile0.bin
2009-10-27 00:45 . 2009-10-27 00:45 1552 ----a-w- C:\bin0.bin
2009-10-23 19:22 . 2009-10-23 19:22 32384 ----a-w- c:\windows\system32\drivers\WMDrive.sys
2009-10-11 03:17 . 2008-11-22 23:30 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-10-06 10:55 . 2009-11-18 20:53 1112288 ----a-w- c:\windows\system32\wdfcoinstaller01007.dll
2009-10-06 10:52 . 2009-11-18 20:53 7936 ----a-w- c:\windows\system32\drivers\usbser_lowerfltj.sys
2009-10-06 10:52 . 2009-11-18 20:53 660480 ----a-w- c:\windows\system32\nmwcdcocls.dll
2009-10-06 10:52 . 2008-03-03 22:04 91136 ----a-w- c:\windows\system32\nmwcdcls.dll
2009-10-06 10:52 . 2009-11-18 20:53 7936 ----a-w- c:\windows\system32\drivers\usbser_lowerflt.sys
2009-10-06 10:52 . 2009-11-18 20:53 22016 ----a-w- c:\windows\system32\drivers\ccdcmbo.sys
2009-10-06 10:52 . 2009-11-18 20:53 17664 ----a-w- c:\windows\system32\drivers\ccdcmb.sys
2009-05-14 19:02 . 2009-05-14 19:02 3392872 ----a-w- c:\program files\Common Files\adlmint_libFNP.dll
2009-05-14 19:02 . 2009-05-14 19:02 3298152 ----a-w- c:\program files\Common Files\adlmint.dll
2009-06-25 12:14 . 2009-06-25 12:14 61 --sh--w- c:\windows\cnerolf.dat
2008-06-23 09:51 . 2008-06-23 09:51 0 --sha-w- c:\windows\SF6315E56.tmp
.

------- Sigcheck -------

[-] 2007-12-29 . 25FA97DFFD06153B735BFB7AD359BC65 . 361344 . . [5.1.2600.3264] . . c:\windows\system32\drivers\tcpip.sys

[-] 2007-12-29 . 17A60CD35FBE6DD5BEAAF93BED6138B8 . 2350208 . . [5.1.2600.3264] . . c:\windows\system32\ntoskrnl.exe

[-] 2007-12-29 . 6EB0FCD71AAB8E5378321475AE8DB732 . 1613824 . . [5.1.2600.3264] . . c:\windows\system32\sfcfiles.dll

[-] 2007-12-29 . 7CD93F0F8149EFE5AED4A8C0195004DB . 2227072 . . [5.1.2600.3264] . . c:\windows\system32\ntkrnlpa.exe
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{EEE6C35D-6118-11DC-9C72-001320C79847}"= "c:\program files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll" [2009-10-19 187192]

[HKEY_CLASSES_ROOT\clsid\{eee6c35d-6118-11dc-9c72-001320c79847}]
[HKEY_CLASSES_ROOT\SweetIM_URLSearchHook.ToolbarURLSearchHook.1]
[HKEY_CLASSES_ROOT\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847}]
[HKEY_CLASSES_ROOT\SweetIM_URLSearchHook.ToolbarURLSearchHook]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}]
2009-10-19 15:15 1345336 ----a-w- c:\program files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{EEE6C35B-6118-11DC-9C72-001320C79847}"= "c:\program files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll" [2009-10-19 1345336]

[HKEY_CLASSES_ROOT\clsid\{eee6c35b-6118-11dc-9c72-001320c79847}]
[HKEY_CLASSES_ROOT\SWEETIE.IEToolbar.1]
[HKEY_CLASSES_ROOT\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}]
[HKEY_CLASSES_ROOT\SWEETIE.IEToolbar]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{EEE6C35B-6118-11DC-9C72-001320C79847}"= "c:\program files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll" [2009-10-19 1345336]

[HKEY_CLASSES_ROOT\clsid\{eee6c35b-6118-11dc-9c72-001320c79847}]
[HKEY_CLASSES_ROOT\SWEETIE.IEToolbar.1]
[HKEY_CLASSES_ROOT\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}]
[HKEY_CLASSES_ROOT\SWEETIE.IEToolbar]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-11-24 81000]
"nwiz"="c:\program files\NVIDIA Corporation\nView\nwiz.exe" [2009-08-12 1657376]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-08-17 13877248]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-08-17 86016]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-10-11 149280]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2007-11-30 15360]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"nltide_3"="advpack.dll" [2009-03-08 128512]
"RunNarrator"="Narrator.exe" [2007-11-30 53760]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"midi1"=myokent.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
SecurityProviders msapsspc.dll, schannel.dll, digest.dll, credssp.dll, msnsspc.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice]
@=""

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice]
@=""

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Nokia Ovi Suite.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Nokia Ovi Suite.lnk
backup=c:\windows\pss\Nokia Ovi Suite.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^Kiki^Start Menu^Programs^Startup^OneNote 2007 Screen Clipper and Launcher.lnk]
path=c:\documents and settings\Kiki\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk
backup=c:\windows\pss\OneNote 2007 Screen Clipper and Launcher.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMServer]
c:\program files\Common Files\Nokia\MPlatform\NokiaMServer [X]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2008-06-12 00:38 34672 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS4ServiceManager]
2008-08-14 05:58 611712 ----a-w- c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BDRegion]
2008-04-21 08:22 91432 ----a-w- c:\program files\CyberLink\Shared Files\brs.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
2007-11-30 23:26 15360 ------w- c:\windows\system32\ctfmon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2009-10-28 19:21 141600 ----a-w- c:\program files\iTunes\iTunesHelper.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2007-11-30 23:26 1695232 ------w- c:\program files\Messenger\msmsgs.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2006-01-12 15:40 155648 ----a-w- c:\program files\Common Files\Ahead\Lib\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Nokia FastStart]
2008-06-29 17:11 2327776 ----a-w- c:\program files\Nokia\Nokia Music\NokiaMusic.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
2009-08-17 01:03 13877248 ----a-w- c:\windows\system32\nvcpl.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
2009-08-17 01:03 86016 ----a-w- c:\windows\system32\nvmctray.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
2008-12-25 23:08 1657376 ----a-w- c:\windows\system32\nwiz.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
2009-11-11 09:57 1451520 ----a-w- c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDVD8LanguageShortcut]
2007-12-14 09:36 50472 ------w- c:\program files\CyberLink\PowerDVD8\Language\Language.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PowerS]
2001-08-03 16:56 159800 ----a-w- c:\windows\PowerS.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PRONoMgrWired]
2004-11-18 09:16 86016 ----a-w- c:\program files\Intel\PROSetWired\NCS\PROSet\PRONoMgr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2009-09-04 23:54 417792 ----a-w- c:\program files\QuickTime\QTTask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl8]
2008-03-20 18:23 83240 ------w- c:\program files\CyberLink\PowerDVD8\PDVD8Serv.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan]
2005-06-14 17:36 77824 ----a-w- c:\windows\SOUNDMAN.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Start WingMan Profiler]
2008-04-04 10:38 88584 ----a-w- c:\program files\Logitech\Gaming Software\LWEMon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2009-10-11 03:17 149280 ----a-w- c:\program files\Java\jre6\bin\jusched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SweetIM]
2009-10-20 12:59 111928 ----a-r- c:\program files\SweetIM\Messenger\SweetIM.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"TwonkyMedia"=2 (0x2)
"mi-raysat_3dsmax2010_32"=2 (0x2)
"mi-raysat_3dsMax2008_32"=2 (0x2)
"gupdate1c9a2436824028e"=2 (0x2)
"Bonjour Service"=2 (0x2)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\Nokia\\Nokia Software Updater\\nsu_ui_client.exe"=
"c:\\Program Files\\Common Files\\Nokia\\Service Layer\\A\\nsl_host_process.exe"=
"c:\\Program Files\\LimeWire\\LimeWire.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"c:\\Program Files\\Autodesk\\Backburner\\monitor.exe"=
"c:\\Program Files\\Autodesk\\Backburner\\manager.exe"=
"c:\\Program Files\\Autodesk\\Backburner\\server.exe"=
"c:\\Program Files\\Autodesk\\3ds Max 2010\\3dsmax.exe"=
"c:\\Program Files\\Autodesk\\3ds Max 2010\\mentalray\\satellite\\raysat_3dsmax2010_32server.exe"=
"c:\\Program Files\\Autodesk\\3ds Max 2010\\mentalray\\satellite\\raysat_3dsmax2010_32.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\WINDOWS\\system32\\dpnsvr.exe"=
"c:\\Program Files\\Common Files\\Adobe\\CS4ServiceManager\\CS4ServiceManager.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Opera\\opera.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5353:TCP"= 5353:TCP:Adobe CSI CS4

R0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore.sys [6/6/2009 12:48 AM 206256]
R0 sfdrv01a;StarForce Protection Environment Driver (version 1.x.a);c:\windows\system32\drivers\sfdrv01a.sys [7/5/2006 1:46 PM 63352]
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [4/15/2009 9:38 PM 114768]
R2 {FE4C91E7-22C2-4D0C-9F6B-82F1B7742054};{FE4C91E7-22C2-4D0C-9F6B-82F1B7742054};c:\program files\CyberLink\PowerDVD8\000.fcl [2/1/2008 4:24 PM 41456]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [4/15/2009 9:38 PM 20560]
R2 BT848;BtCap, WDM Video Capture;c:\windows\system32\drivers\BT848.SYS [3/2/2008 6:10 PM 291768]
R2 BTTUNER;BtTuner, WDM TV Tuner;c:\windows\system32\drivers\BTTUNER.SYS [3/2/2008 6:11 PM 21288]
R2 BTXBAR;BtXBar, WDM Crossbar;c:\windows\system32\drivers\BTXBAR.SYS [3/2/2008 6:11 PM 12568]
R2 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine;c:\program files\LogMeIn Hamachi\hamachi-2.exe [10/29/2009 12:27 PM 1074568]
R3 rxpvbus;Reality XP Avionics Bus Driver;c:\windows\system32\drivers\rxpvbus.sys [11/4/2005 9:35 AM 44032]
S0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [3/2/2008 6:40 PM 691696]
S2 gupdate1c9a2436824028e;Google Update Service (gupdate1c9a2436824028e);c:\program files\Google\Update\GoogleUpdate.exe [3/11/2009 1:17 PM 133104]
S2 mi-raysat_3dsmax2010_32;mental ray 3.7 Satellite for Autodesk 3ds Max 2010 32-bit 32-bit;c:\program files\Autodesk\3ds Max 2010\mentalray\satellite\raysat_3dsmax2010_32server.exe [3/12/2009 4:36 PM 86016]
S3 sdAuxService;PC Tools Auxiliary Service;c:\program files\Spyware Doctor\pctsAuxs.exe [12/5/2008 7:50 PM 348752]
S4 TwonkyMedia;TwonkyMedia;c:\program files\Nokia\Nokia Home Media Server\Media Server\TwonkyMedia.exe -serviceversion 0 --> c:\program files\Nokia\Nokia Home Media Server\Media Server\TwonkyMedia.exe -serviceversion 0 [?]
S4 usnjsvc;Messenger Sharing Folders USN Journal Reader service;c:\program files\Windows Live\Messenger\usnsvc.exe [11/7/2007 3:34 PM 98840]
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = *.local
IE: &Download All by FlashGet - c:\program files\FlashGet Network\FlashGet universal\ComDlls\Bhoall.htm
IE: &Download by FlashGet - c:\program files\FlashGet Network\FlashGet universal\ComDlls\Bholink.htm
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
FF - ProfilePath - c:\documents and settings\Kiki\Application Data\Mozilla\Firefox\Profiles\tmz8ijwv.kiki\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/ig
FF - plugin: c:\program files\DivX\DivX Plus Web Player\npdivx32.dll
FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\Google\Update\1.2.183.13\npGoogleOneClick8.dll
FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll
.
- - - - ORPHANS REMOVED - - - -

HKCU-Run-AdobeBridge - (no file)
MSConfigStartUp-AppleSyncNotifier - c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
MSConfigStartUp-ASuite - g:\lupo pensuite v6.76 full\Launcher\ASuite.exe
MSConfigStartUp-DAEMON Tools Lite - c:\program files\DAEMON Tools Lite\daemon.exe
MSConfigStartUp-GrooveMonitor - c:\program files\Microsoft Office\Office12\GrooveMonitor.exe
AddRemove-Falcon 4.0 - c:\microprose\Falcon4\Uninst.isu
AddRemove-V-Ray for 3dsmax 2010 for x86 - c:\program files\Chaos Group\V-Ray\3dsmax 2010 for x86\uninstall\wininstaller.exe-uninstall=c:\program files\Chaos Group\V-Ray\3dsmax 2010 for x86\uninstall\install.log
AddRemove-Project Tupolev Tu-154m for MS FS2004 - c:\documents and settings\Kiki\Desktop\tu 22\Uninstal_PT_Tu-154m_2.02.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, gmer.net
Rootkit scan 2009-12-24 02:15
Windows 5.1.2600 Service Pack 3, v.3264 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, gmer.net

device: opened successfully
user: MBR read successfully
called modules: ntkrnlpa.exe catchme.sys CLASSPNP.SYS disk.sys ACPI.sys hal.dll >>UNKNOWN [0x8A3BF820]<<
kernel: MBR read successfully
detected MBR rootkit hooks:
\Driver\Disk -> CLASSPNP.SYS @ 0xb80ecf28
\Driver\ACPI -> ACPI.sys @ 0xb7f7fcb8
\Driver\atapi -> atapi.sys @ 0xb7efe850
IoDeviceObjectType -> DeleteProcedure -> ntkrnlpa.exe @ 0x80578fa2
ParseProcedure -> ntkrnlpa.exe @ 0x80577c04
\Device\Harddisk0\DR0 -> DeleteProcedure -> ntkrnlpa.exe @ 0x80578fa2
ParseProcedure -> ntkrnlpa.exe @ 0x80577c04
NDIS: Intel(R) PRO/1000 MT Network Connection -> SendCompleteHandler -> NDIS.sys @ 0xb7da9bb0
PacketIndicateHandler -> NDIS.sys @ 0xb7db6a21
SendHandler -> NDIS.sys @ 0xb7d9487b
user & kernel MBR OK

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\{FE4C91E7-22C2-4D0C-9F6B-82F1B7742054}]
"ImagePath"="\??\c:\program files\CyberLink\PowerDVD8\000.fcl"
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_USERS\S-1-5-21-1202660629-436374069-1644491937-1003\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{03B6550E-15D4-2AF2-3D70-0A74B79B342C}*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
"abedbcmgaonbnbeeibofcldbapnlgboojp"=hex:69,61,66,63,67,68,6a,6b,6f,6c,65,6e,
6c,6b,6d,62,6b,70,00,00
"maddgbgangijidmdpliekhkmdm"=hex:6f,61,69,61,64,61,6b,64,6d,6f,6e,6a,68,64,67,
70,65,61,69,6e,6c,6a,64,62,6e,6b,6f,61,61,69,00,00
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(736)
c:\windows\system32\myokent.dll
c:\program files\Common Files\Adobe\Adobe Drive CS4\AdobeDriveCS4_NP.dll

- - - - - - - > 'lsass.exe'(792)
c:\windows\system32\myokent.dll
.
Completion time: 2009-12-24 02:21:24
ComboFix-quarantined-files.txt 2009-12-24 01:21
ComboFix2.txt 2009-06-06 17:59

Pre-Run: 1.362.276.352 bytes free
Post-Run: 1.327.861.760 bytes free

- - End Of File - - 9CFDAFBEA702E04052E0C0EA5E449585

offline
  • diarno  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 15 Jun 2007
  • Poruke: 5572

Nema malware-a..Uradi sledece :

Potrebno je deinstalirati ComboFix:
klikni start (ili ), a zatim RUN.

Na Visti koristiti Start Search polje ukoliko Run nije dostupan.

U liniju za unos teksta ukucaj (iskopiraj) sledeće:

ComboFix /Uninstall

Primeti da postoji razmak između "ComboFix" i "/Uninstall".



a zatim klikni OK (ili pritisni Enter).


Sačekaj da se proces deinstalacije završi.

Ko je trenutno na forumu
 

Ukupno su 981 korisnika na forumu :: 64 registrovanih, 5 sakrivenih i 912 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3028 - dana 22 Nov 2019 07:47

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: 5.56, _Petar, _Sale, A.R.Chafee.Jr., amstel2, antosky, Apok, arsa, axa, babaroga, bobeNS, bojank, boki199777, Cranium, dane007, darcaud, darkstar101, Denaya, Deneb, Drug pukovnik, Duh sa sekirom, Georgius, goxsys, Insan2, ivan979, ivance95, Jethro, kaptain, Killer7, Kubovac, LUDI, madza2, manda87, mandicdamir245, MB120mm, Mercury, MikeHammer, milimoj, miodrag3, MiroslavD, Mr. Majevica, mrmr, Nemanja.M2, nemkea71, pein, RJ, royst33, sakota79, Sale.S, Senne, sevenino, Sirius, spektorsky, suton2, Toni, Trpe Grozni, virked, VJ, Vlada1389, vladas87, vlvl, voja64, yamato, Zoran Rapajić