problem sa mozilom

problem sa mozilom

offline
  • Pridružio: 29 Jul 2008
  • Poruke: 44

naime imam problem da kad startujem mozilu cak i u safe modu treba joj dosta vremena da se podigne a i desava da zablokira na minut dva u toku surfovanja i neda nista drugo da se otvori,posle nekog vremena otkoci se i nastavi sve normalno da radi.nmeni se to lici na virus neki pa bih vas zamolio logove da pogledate...
hvala

DDS (Ver_09-12-01.01) - NTFSx86
Run by Kiki at 22:08:23,12 on sre 23.12.2009
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_17
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2046.1407 [GMT 1:00]

AV: avast! antivirus 4.8.1368 [VPS 091223-0] *On-access scanning enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}

============== Running Processes ===============

C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
svchost.exe
svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\ATKKBService.exe
C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
C:\Program Files\DCPFLICS\dcpflics.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Autodesk\3ds Max 2010\mentalray\satellite\raysat_3dsmax2010_32server.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Documents and Settings\Kiki\My Documents\Downloads\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.google.com/
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = *.local
uURLSearchHooks: SweetIM ToolbarURLSearchHook Class: {eee6c35d-6118-11dc-9c72-001320c79847} - c:\program files\sweetim\toolbars\internet explorer\mgHelper.dll
uURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn0\yt.dll
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn0\yt.dll
BHO: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - No File
BHO: {1F364306-AA45-47B5-9F9D-39A8B94E7EF1} - No File
BHO: Megaupload Toolbar: {4e7bd74f-2b8d-469e-ccb0-b130eedbe97c} - c:\progra~1\megaup~1\MEGAUP~1.DLL
BHO: Click-to-Call BHO: {5c255c8a-e604-49b4-9d64-90988571cecb} - c:\program files\windows live\messenger\wlchtc.dll
BHO: {7E853D72-626A-48EC-A868-BA8D5E23E045} - No File
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
BHO: SweetIM Toolbar Helper: {eee6c35c-6118-11dc-9c72-001320c79847} - c:\program files\sweetim\toolbars\internet explorer\mgToolbarIE.dll
BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - c:\program files\yahoo!\companion\installs\cpn0\YTSingleInstance.dll
TB: Megaupload Toolbar: {4e7bd74f-2b8d-469e-ccb0-b130eedbe97c} - c:\progra~1\megaup~1\MEGAUP~1.DLL
TB: SweetIM Toolbar for Internet Explorer: {eee6c35b-6118-11dc-9c72-001320c79847} - c:\program files\sweetim\toolbars\internet explorer\mgToolbarIE.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn0\yt.dll
EB: {2A541AE1-5BF6-4665-A8A3-CFA9672E4291} - No File
EB: {85E0B171-04FA-11D1-B7DA-00A0C90348D6} - No File
uRun: [AdobeBridge]
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [avast!] c:\progra~1\alwils~1\avast4\ashDisp.exe
mRun: [nwiz] c:\program files\nvidia corporation\nview\nwiz.exe /install
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
dRunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N
dRunOnce: [RunNarrator] Narrator.exe
IE: &Download All by FlashGet - c:\program files\flashget network\flashget universal\comdlls\Bhoall.htm
IE: &Download by FlashGet - c:\program files\flashget network\flashget universal\comdlls\Bholink.htm
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - c:\program files\partygaming\partypoker\RunApp.exe
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_04-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SecurityProviders: msapsspc.dll, schannel.dll, digest.dll, credssp.dll, msnsspc.dll

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\kiki\applic~1\mozilla\firefox\profiles\tmz8ijwv.kiki\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/ig
FF - plugin: c:\program files\divx\divx plus web player\npdivx32.dll
FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\google\update\1.2.183.13\npGoogleOneClick8.dll
FF - plugin: c:\program files\microsoft\office live\npOLW.dll
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}

---- FIREFOX POLICIES ----
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);

============= SERVICES / DRIVERS ===============

R0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore.sys [2009-6-6 206256]
R0 sfdrv01a;StarForce Protection Environment Driver (version 1.x.a);c:\windows\system32\drivers\sfdrv01a.sys [2006-7-5 63352]
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2009-4-15 114768]
R2 {FE4C91E7-22C2-4D0C-9F6B-82F1B7742054};{FE4C91E7-22C2-4D0C-9F6B-82F1B7742054};c:\program files\cyberlink\powerdvd8\000.fcl [2008-2-1 41456]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2009-4-15 20560]
R2 avast! Antivirus;avast! Antivirus;c:\program files\alwil software\avast4\ashServ.exe [2009-4-15 138680]
R2 BT848;BtCap, WDM Video Capture;c:\windows\system32\drivers\BT848.SYS [2008-3-2 291768]
R2 BTTUNER;BtTuner, WDM TV Tuner;c:\windows\system32\drivers\BTTUNER.SYS [2008-3-2 21288]
R2 BTXBAR;BtXBar, WDM Crossbar;c:\windows\system32\drivers\BTXBAR.SYS [2008-3-2 12568]
R2 mi-raysat_3dsmax2010_32;mental ray 3.7 Satellite for Autodesk 3ds Max 2010 32-bit 32-bit;c:\program files\autodesk\3ds max 2010\mentalray\satellite\raysat_3dsmax2010_32server.exe [2009-3-12 86016]
R3 avast! Mail Scanner;avast! Mail Scanner;c:\program files\alwil software\avast4\ashMaiSv.exe [2009-4-15 254040]
R3 avast! Web Scanner;avast! Web Scanner;c:\program files\alwil software\avast4\ashWebSv.exe [2009-4-15 352920]
R3 rxpvbus;Reality XP Avionics Bus Driver;c:\windows\system32\drivers\rxpvbus.sys [2005-11-4 44032]
S2 gupdate1c9a2436824028e;Google Update Service (gupdate1c9a2436824028e);c:\program files\google\update\GoogleUpdate.exe [2009-3-11 133104]
S2 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine;c:\program files\logmein hamachi\hamachi-2.exe [2009-10-29 1074568]
S3 sdAuxService;PC Tools Auxiliary Service;c:\program files\spyware doctor\pctsAuxs.exe [2008-12-5 348752]
S3 sdCoreService;PC Tools Security Service;c:\program files\spyware doctor\pctsSvc.exe [2008-12-5 1097096]
S4 TwonkyMedia;TwonkyMedia;c:\program files\nokia\nokia home media server\media server\twonkymedia.exe -serviceversion 0 --> c:\program files\nokia\nokia home media server\media server\TwonkyMedia.exe -serviceversion 0 [?]
S4 usnjsvc;Messenger Sharing Folders USN Journal Reader service;c:\program files\windows live\messenger\usnsvc.exe [2007-11-7 98840]

=============== Created Last 30 ================

2009-12-21 14:01:11 0 d-----w- c:\program files\Winamp Detect
2009-12-19 01:31:20 198 ----a-w- c:\windows\TSCTNDBG.INI
2009-12-16 17:14:15 0 d-----w- c:\program files\FOC 2003
2009-12-16 17:14:03 0 d-----w- c:\program files\aerosoft
2009-12-15 21:30:37 0 d-----w- c:\docume~1\kiki\applic~1\TeamViewer
2009-12-15 21:30:15 0 d-----w- c:\documents and settings\kiki\temp
2009-12-15 01:36:28 2048 ----a-w- c:\windows\FL4-Z.lic
2009-12-15 00:55:30 0 d-----w- c:\program files\GARMIN
2009-12-15 00:00:41 2048 ----a-w- c:\windows\FLTEE.lic
2009-12-14 23:54:33 2048 ----a-w- c:\windows\FL5-X.lic
2009-12-14 23:52:37 2048 ----a-w- c:\windows\GNPRO.lic
2009-12-14 17:14:43 0 d-----w- c:\program files\Abacus
2009-12-13 04:32:08 0 d-----w- c:\program files\Shockwave 3D Lights Redux for FS9
2009-12-12 23:25:51 149675 ----a-w- c:\windows\OCS PT-154 Uninstaller.exe
2009-12-12 23:25:50 0 d-----w- c:\program files\OCS PT-154
2009-12-12 22:54:55 0 d-----w- c:\program files\NCalc5
2009-12-12 16:50:45 0 d-----w- c:\program files\Real Environment Pro
2009-12-12 09:46:18 0 d-----w- c:\docume~1\kiki\applic~1\HiFi
2009-12-04 00:19:11 0 d-----w- c:\program files\common files\TOPCAT
2009-12-04 00:16:42 0 d-----w- c:\program files\TOPCAT
2009-12-02 17:23:55 151552 ----a-w- c:\windows\system32\nvRegDev.dll
2009-12-02 03:15:12 18 ----a-w- C:\fsb_wpos.ini
2009-12-02 03:15:02 0 d-----w- c:\program files\FSBuild
2009-11-30 14:49:03 0 d-----w- c:\program files\Microsoft Games
2009-11-27 00:17:28 286720 ------w- c:\windows\Setup1.exe
2009-11-27 00:17:26 73216 ----a-w- c:\windows\ST6UNST.EXE

==================== Find3M ====================

2009-12-21 20:38:08 196608 ----a-w- c:\windows\system32\drivers\nStandard.bin
2009-12-12 09:36:02 737280 ----a-w- c:\windows\iun6002.exe
2009-11-21 22:22:58 1328 ----a-w- C:\FSUIPC_reg.bin
2009-10-31 23:16:34 691696 ----a-w- c:\windows\system32\drivers\sptd.sys
2009-10-31 12:17:26 206256 ----a-w- c:\windows\system32\drivers\PCTCore.sys
2009-10-31 12:17:25 7396 ----a-w- c:\windows\system32\drivers\pctcore.cat
2009-10-27 00:45:14 567 ----a-w- C:\subafsfile0.bin
2009-10-27 00:45:14 1552 ----a-w- C:\bin0.bin
2009-10-11 03:17:27 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-10-06 10:55:50 1112288 ----a-w- c:\windows\system32\wdfcoinstaller01007.dll
2009-10-06 10:52:46 660480 ----a-w- c:\windows\system32\nmwcdcocls.dll
2009-10-06 10:52:36 91136 ----a-w- c:\windows\system32\nmwcdcls.dll
2009-05-14 19:02:10 3392872 ----a-w- c:\program files\common files\adlmint_libFNP.dll
2009-05-14 19:02:10 3298152 ----a-w- c:\program files\common files\adlmint.dll
2009-06-25 12:14:16 61 --sh--w- c:\windows\cnerolf.dat
2009-03-22 15:33:13 16384 --sha-w- c:\windows\system32\config\systemprofile\cookies\index.dat
2009-03-22 15:33:13 32768 --sha-w- c:\windows\system32\config\systemprofile\local settings\history\history.ie5\index.dat
2008-03-01 14:55:30 32768 --sha-w- c:\windows\system32\config\systemprofile\local settings\history\history.ie5\mshist012008030120080302\index.dat
2009-03-22 15:33:13 32768 --sha-w- c:\windows\system32\config\systemprofile\local settings\temporary internet files\content.ie5\index.dat

============= FINISH: 22:09:12,43 ===============

mycity.rs/must-login.png

mycity.rs/must-login.png

mycity.rs/must-login.png

mycity.rs/must-login.png

offline
  • diarno  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 15 Jun 2007
  • Poruke: 5572

Preuzmi sUBs-ov ComboFix sa sledeće adrese na Desktop:


Bleeping Computer
Klikni desnim tasterom na link i odaberi opciju Save Target As... (Save Link As..., Save Linked Content As... ili sličnu);
Kada se otvori dijalog za izbor lokacije na kojoj treba sačuvati file, odaberi Desktop i klikni Save.




Kada preuzimanje programa bude završeno:
deaktiviraj zaštitni softver (uputstvo);
zatvori pokrenute programe;
dvoklikom pokreni program ComboFix.

U toku rada, ComboFix će:proveriti postoji li novija verzija programa:
klikni Yes ako bude ponuđeno preuzimanje iste.
prikazati DISCLAIMER OF WARRANTY ON SOFTWARE:
klikni Yes kako bi proces bio nastavljen.
ako Recovery Console nije instalirana, ponuditi instalaciju:
obavezno prihvati klikom na Yes i isprati postupak.
postaviti/dati određeni broj upita/obaveštenja:
prihvati klikom na Yes ili OK.
po potrebi, restartovati Windows (više puta);
na kraju rada, otvoriti Notepad sa izveštajem o skeniranju.


Iskopiraj izveštaj koji je ComboFix napravio u temu na forumu:
klikni desnim tasterom miša u prozor Notepad-a i izaberi Select All;
klikni desnim tasterom miša na obeleženi tekst i izaberi Copy;
klikni desnim tasterom miša u polje za pisanje poruke i izaberi Paste.


Napomena:Izveštaj će biti sačuvan pod nazivom ComboFix.txt na sistemskoj particiji (tipična lokacija: C:\ComboFix.txt);
Ukoliko nakon slanja poruke primetiš da izveštaj nije kompletan, iskoristi opciju Prikači fajl za prilaganje file-a C:\ComboFix.txt uz poruku.

offline
  • Pridružio: 29 Jul 2008
  • Poruke: 44

ComboFix 09-12-22.09 - Kiki 24.12.2009 2:03.1.1 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2046.1555 [GMT 1:00]
Running from: c:\documents and settings\Kiki\Desktop\ComboFix.exe
AV: avast! antivirus 4.8.1368 [VPS 091223-1] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\Kiki\Application Data\Desktopicon
c:\documents and settings\Kiki\Application Data\Desktopicon\config.ini
c:\documents and settings\Kiki\Application Data\Desktopicon\eBayShortcuts.exe
c:\documents and settings\Kiki\Application Data\Kaspersky_Key_Finder_(KKF
c:\documents and settings\Kiki\Application Data\Kaspersky_Key_Finder_(KKF\Kaspersky_Key_Finder_V1.5_Url_k43bu3jnpwwecibbp2001qusnmcgeemb\1.5.2.0\user.config

.
((((((((((((((((((((((((( Files Created from 2009-11-24 to 2009-12-24 )))))))))))))))))))))))))))))))
.

2009-12-21 14:01 . 2009-12-21 14:01 -------- d-----w- c:\program files\Winamp Detect
2009-12-16 17:14 . 2009-12-16 17:16 -------- d-----w- c:\program files\FOC 2003
2009-12-16 17:14 . 2009-12-16 17:14 -------- d-----w- c:\program files\aerosoft
2009-12-15 21:30 . 2009-12-15 21:30 -------- d-----w- c:\documents and settings\Kiki\Application Data\TeamViewer
2009-12-15 21:30 . 2009-12-15 21:30 -------- d-----w- c:\documents and settings\Kiki\temp
2009-12-15 00:55 . 2009-12-15 01:02 -------- d-----w- c:\program files\GARMIN
2009-12-14 17:14 . 2009-12-14 17:14 -------- d-----w- c:\program files\Abacus
2009-12-13 04:32 . 2009-12-13 04:32 -------- d-----w- c:\program files\Shockwave 3D Lights Redux for FS9
2009-12-12 23:25 . 2009-12-12 23:25 149675 ----a-w- c:\windows\OCS PT-154 Uninstaller.exe
2009-12-12 23:25 . 2009-12-12 23:25 -------- d-----w- c:\program files\OCS PT-154
2009-12-12 22:54 . 2009-12-12 23:20 -------- d-----w- c:\program files\NCalc5
2009-12-12 21:54 . 2009-12-12 21:54 -------- d-----w- c:\documents and settings\Kiki\Local Settings\Application Data\Home
2009-12-12 16:50 . 2009-12-12 16:51 -------- d-----w- c:\program files\Real Environment Pro
2009-12-12 09:46 . 2009-12-12 11:11 -------- d-----w- c:\documents and settings\Kiki\Application Data\HiFi
2009-12-04 00:19 . 2009-12-04 00:19 -------- d-----w- c:\program files\Common Files\TOPCAT
2009-12-04 00:16 . 2009-12-04 00:21 -------- d-----w- c:\program files\TOPCAT
2009-12-02 17:23 . 2009-12-02 17:23 151552 ----a-w- c:\windows\system32\nvRegDev.dll
2009-12-02 03:15 . 2009-12-05 17:28 -------- d-----w- c:\program files\FSBuild
2009-11-30 14:49 . 2009-11-30 14:49 -------- d-----w- c:\program files\Microsoft Games
2009-11-27 00:17 . 2009-11-27 00:17 286720 ------w- c:\windows\Setup1.exe
2009-11-27 00:17 . 2009-11-27 00:17 73216 ----a-w- c:\windows\ST6UNST.EXE
2009-11-26 03:20 . 2009-12-24 01:00 1054544 ----a-w- c:\documents and settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
2009-11-26 02:14 . 2009-11-26 02:05 24403616 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{4C911A61-39EA-41CC-AB3C-FE3BFFDB5F78}\NokiaSoftwareUpdaterSetup_1.8.10EN.exe
2009-11-26 02:06 . 2009-11-26 02:06 3351812 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{4C911A61-39EA-41CC-AB3C-FE3BFFDB5F78}\Installer\CommonCustomActions\msxml6Exec.exe
2009-11-26 02:06 . 2009-11-26 02:06 36864 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{4C911A61-39EA-41CC-AB3C-FE3BFFDB5F78}\Installer\CommonCustomActions\Sleep.exe
2009-11-26 02:06 . 2009-11-26 02:06 3203453 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{4C911A61-39EA-41CC-AB3C-FE3BFFDB5F78}\Installer\CommonCustomActions\vcredistExec.exe

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-12-23 12:40 . 2008-10-19 23:26 -------- d-----w- c:\program files\Google
2009-12-22 21:03 . 2008-03-02 21:00 -------- d-----w- c:\program files\Mozilla Thunderbird
2009-12-22 19:57 . 2008-04-11 16:52 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2009-12-22 19:52 . 2008-12-05 18:50 -------- d-----w- c:\program files\Spyware Doctor
2009-12-22 01:34 . 2008-03-01 14:58 96656 ----a-w- c:\documents and settings\Kiki\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-12-22 01:13 . 2008-03-03 11:36 -------- d-----w- c:\documents and settings\Kiki\Application Data\LimeWire
2009-12-21 20:38 . 2008-03-02 11:34 196608 ----a-w- c:\windows\system32\drivers\nStandard.bin
2009-12-21 14:02 . 2008-03-02 18:00 -------- d-----w- c:\program files\Winamp
2009-12-18 20:23 . 2008-03-01 18:54 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-12-15 23:23 . 2008-03-02 21:00 -------- d-----w- c:\documents and settings\Kiki\Application Data\Thunderbird
2009-12-12 09:36 . 2009-11-19 22:10 737280 ----a-w- c:\windows\iun6002.exe
2009-12-02 17:25 . 2009-09-03 16:37 -------- d-----w- c:\program files\NVIDIA Corporation
2009-12-02 02:36 . 2008-03-03 11:16 -------- d-----w- c:\program files\LimeWire
2009-11-30 20:34 . 2009-11-05 13:52 -------- d-----w- c:\documents and settings\All Users\Application Data\Yahoo! Companion
2009-11-26 02:15 . 2008-03-03 21:48 -------- d-----w- c:\documents and settings\All Users\Application Data\Installations
2009-11-24 23:54 . 2009-04-15 20:37 1280480 ----a-w- c:\windows\system32\aswBoot.exe
2009-11-24 23:51 . 2009-04-15 20:38 93424 ----a-w- c:\windows\system32\drivers\aswmon.sys
2009-11-24 23:49 . 2009-04-15 20:38 48560 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2009-11-24 23:48 . 2009-04-15 20:38 23120 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2009-11-24 23:47 . 2009-04-15 20:38 27408 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2009-11-24 23:47 . 2009-04-15 20:38 97480 ----a-w- c:\windows\system32\AvastSS.scr
2009-11-24 01:37 . 2009-03-05 01:12 -------- d-----w- c:\program files\Opera
2009-11-23 19:23 . 2009-11-23 19:22 -------- d-----w- c:\program files\DivX
2009-11-23 19:23 . 2009-11-23 19:23 -------- d-----w- c:\program files\Common Files\DivX Shared
2009-11-23 16:45 . 2009-10-05 23:46 -------- d-----w- c:\program files\The KMPlayer
2009-11-22 03:09 . 2009-11-22 02:37 -------- d-----w- c:\program files\FS Panel Studio
2009-11-21 22:22 . 2009-11-21 22:22 1328 ----a-w- C:\FSUIPC_reg.bin
2009-11-21 22:22 . 2009-11-21 22:22 -------- d-----w- c:\documents and settings\Kiki\Application Data\ESDG
2009-11-19 22:48 . 2009-11-19 22:48 -------- d-----w- c:\documents and settings\Kiki\Application Data\InstallShield
2009-11-19 22:03 . 2008-12-10 23:00 -------- d-----w- c:\program files\Microsoft Silverlight
2009-11-19 22:00 . 2008-03-02 17:33 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help
2009-11-18 21:55 . 2008-03-26 17:29 -------- d-----w- c:\documents and settings\Kiki\Application Data\Audio Record Edit Toolbox
2009-11-18 20:55 . 2008-03-03 22:05 -------- d-----w- c:\program files\Common Files\Nokia
2009-11-18 20:55 . 2008-03-03 22:05 -------- d-----w- c:\documents and settings\Kiki\Application Data\Nokia
2009-11-18 20:54 . 2009-11-18 20:54 -------- d-----w- c:\program files\PC Connectivity Solution
2009-11-18 20:53 . 2008-03-03 22:04 -------- d-----w- c:\program files\Nokia
2009-11-18 20:51 . 2009-11-18 20:51 95232 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{9249D7E7-33E7-4CC8-BB0B-3DF3C3CB2568}\Installer\CommonCustomActions\pcswpcsi.exe
2009-11-18 20:51 . 2009-11-18 20:51 8192 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{9249D7E7-33E7-4CC8-BB0B-3DF3C3CB2568}\Installer\CommonCustomActions\UninstCCD.exe
2009-11-18 20:51 . 2009-11-18 20:51 61440 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{9249D7E7-33E7-4CC8-BB0B-3DF3C3CB2568}\Installer\CommonCustomActions\UninstPCSFEMsi.exe
2009-11-18 20:51 . 2009-11-18 20:51 10240 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{9249D7E7-33E7-4CC8-BB0B-3DF3C3CB2568}\Installer\CommonCustomActions\UninstPCS.exe
2009-11-18 20:51 . 2009-11-18 20:52 34429264 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{9249D7E7-33E7-4CC8-BB0B-3DF3C3CB2568}\Nokia_PC_Suite_7_1_40_1_eng.exe
2009-11-13 16:06 . 2009-11-13 16:04 -------- d-----w- c:\program files\Hacker Evolution Untold
2009-11-13 16:04 . 2009-11-13 16:03 -------- d-----w- c:\program files\Hacker Evolution
2009-11-13 13:26 . 2008-03-02 17:39 -------- d-----w- c:\documents and settings\Kiki\Application Data\BSplayer PRO
2009-11-13 02:03 . 2009-11-09 01:49 -------- d-----w- c:\documents and settings\Kiki\Application Data\headus
2009-11-12 20:35 . 2009-11-12 20:35 -------- d-----w- c:\program files\headus UVLayout v2 Professional
2009-11-10 20:53 . 2009-11-10 20:53 -------- d-----w- c:\program files\Common Files\ChaosGroup
2009-11-10 20:53 . 2009-11-10 20:53 -------- d-----w- c:\program files\Chaos Group
2009-11-07 19:50 . 2008-11-26 19:42 -------- d-----w- c:\documents and settings\Kiki\Application Data\Sports Interactive
2009-11-06 17:50 . 2009-11-06 17:50 -------- d-----w- c:\program files\LogMeIn Hamachi
2009-11-05 13:52 . 2008-08-17 22:22 -------- d-----w- c:\documents and settings\All Users\Application Data\Yahoo!
2009-11-05 13:52 . 2008-08-17 22:19 -------- d-----w- c:\program files\Yahoo!
2009-11-05 13:52 . 2009-11-05 13:52 -------- d-----w- c:\documents and settings\Kiki\Application Data\Yahoo!
2009-11-05 13:20 . 2009-02-26 00:36 -------- d-----w- c:\program files\SweetIM
2009-11-03 20:31 . 2008-03-03 11:26 -------- d-----w- c:\program files\Java
2009-11-03 20:30 . 2009-11-03 20:30 152576 ----a-w- c:\documents and settings\Kiki\Application Data\Sun\Java\jre1.6.0_17\lzma.dll
2009-11-01 10:23 . 2009-10-31 18:55 532 ----a-w- c:\windows\eReg.dat
2009-11-01 10:23 . 2009-11-01 10:23 -------- d-----w- c:\program files\Maxis
2009-10-31 23:16 . 2009-04-25 00:34 -------- d-----w- c:\program files\DAEMON Tools Toolbar
2009-10-31 23:16 . 2008-06-22 22:57 -------- d-----w- c:\program files\DAEMON Tools Lite
2009-10-31 23:16 . 2008-03-02 17:40 691696 ----a-w- c:\windows\system32\drivers\sptd.sys
2009-10-31 23:16 . 2009-01-26 20:10 -------- d-----w- c:\documents and settings\All Users\Application Data\DAEMON Tools Lite
2009-10-31 23:11 . 2008-11-02 00:46 -------- d---a-w- c:\documents and settings\All Users\Application Data\Sports Interactive
2009-10-31 12:17 . 2009-06-05 23:48 206256 ----a-w- c:\windows\system32\drivers\PCTCore.sys
2009-10-31 12:17 . 2009-10-31 12:17 7396 ----a-w- c:\windows\system32\drivers\pctcore.cat
2009-10-30 16:59 . 2009-10-30 16:58 -------- d-----w- c:\program files\iTunes
2009-10-30 16:58 . 2009-10-30 16:58 -------- d-----w- c:\program files\iPod
2009-10-30 16:58 . 2008-03-03 23:07 -------- d-----w- c:\program files\Common Files\Apple
2009-10-30 16:46 . 2009-10-30 16:46 79144 ----a-w- c:\documents and settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 9.0.2.25\SetupAdmin.exe
2009-10-27 00:45 . 2009-10-27 00:45 567 ----a-w- C:\subafsfile0.bin
2009-10-27 00:45 . 2009-10-27 00:45 1552 ----a-w- C:\bin0.bin
2009-10-23 19:22 . 2009-10-23 19:22 32384 ----a-w- c:\windows\system32\drivers\WMDrive.sys
2009-10-11 03:17 . 2008-11-22 23:30 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-10-06 10:55 . 2009-11-18 20:53 1112288 ----a-w- c:\windows\system32\wdfcoinstaller01007.dll
2009-10-06 10:52 . 2009-11-18 20:53 7936 ----a-w- c:\windows\system32\drivers\usbser_lowerfltj.sys
2009-10-06 10:52 . 2009-11-18 20:53 660480 ----a-w- c:\windows\system32\nmwcdcocls.dll
2009-10-06 10:52 . 2008-03-03 22:04 91136 ----a-w- c:\windows\system32\nmwcdcls.dll
2009-10-06 10:52 . 2009-11-18 20:53 7936 ----a-w- c:\windows\system32\drivers\usbser_lowerflt.sys
2009-10-06 10:52 . 2009-11-18 20:53 22016 ----a-w- c:\windows\system32\drivers\ccdcmbo.sys
2009-10-06 10:52 . 2009-11-18 20:53 17664 ----a-w- c:\windows\system32\drivers\ccdcmb.sys
2009-05-14 19:02 . 2009-05-14 19:02 3392872 ----a-w- c:\program files\Common Files\adlmint_libFNP.dll
2009-05-14 19:02 . 2009-05-14 19:02 3298152 ----a-w- c:\program files\Common Files\adlmint.dll
2009-06-25 12:14 . 2009-06-25 12:14 61 --sh--w- c:\windows\cnerolf.dat
2008-06-23 09:51 . 2008-06-23 09:51 0 --sha-w- c:\windows\SF6315E56.tmp
.

------- Sigcheck -------

[-] 2007-12-29 . 25FA97DFFD06153B735BFB7AD359BC65 . 361344 . . [5.1.2600.3264] . . c:\windows\system32\drivers\tcpip.sys

[-] 2007-12-29 . 17A60CD35FBE6DD5BEAAF93BED6138B8 . 2350208 . . [5.1.2600.3264] . . c:\windows\system32\ntoskrnl.exe

[-] 2007-12-29 . 6EB0FCD71AAB8E5378321475AE8DB732 . 1613824 . . [5.1.2600.3264] . . c:\windows\system32\sfcfiles.dll

[-] 2007-12-29 . 7CD93F0F8149EFE5AED4A8C0195004DB . 2227072 . . [5.1.2600.3264] . . c:\windows\system32\ntkrnlpa.exe
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{EEE6C35D-6118-11DC-9C72-001320C79847}"= "c:\program files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll" [2009-10-19 187192]

[HKEY_CLASSES_ROOT\clsid\{eee6c35d-6118-11dc-9c72-001320c79847}]
[HKEY_CLASSES_ROOT\SweetIM_URLSearchHook.ToolbarURLSearchHook.1]
[HKEY_CLASSES_ROOT\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847}]
[HKEY_CLASSES_ROOT\SweetIM_URLSearchHook.ToolbarURLSearchHook]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}]
2009-10-19 15:15 1345336 ----a-w- c:\program files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{EEE6C35B-6118-11DC-9C72-001320C79847}"= "c:\program files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll" [2009-10-19 1345336]

[HKEY_CLASSES_ROOT\clsid\{eee6c35b-6118-11dc-9c72-001320c79847}]
[HKEY_CLASSES_ROOT\SWEETIE.IEToolbar.1]
[HKEY_CLASSES_ROOT\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}]
[HKEY_CLASSES_ROOT\SWEETIE.IEToolbar]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{EEE6C35B-6118-11DC-9C72-001320C79847}"= "c:\program files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll" [2009-10-19 1345336]

[HKEY_CLASSES_ROOT\clsid\{eee6c35b-6118-11dc-9c72-001320c79847}]
[HKEY_CLASSES_ROOT\SWEETIE.IEToolbar.1]
[HKEY_CLASSES_ROOT\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}]
[HKEY_CLASSES_ROOT\SWEETIE.IEToolbar]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-11-24 81000]
"nwiz"="c:\program files\NVIDIA Corporation\nView\nwiz.exe" [2009-08-12 1657376]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-08-17 13877248]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-08-17 86016]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-10-11 149280]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2007-11-30 15360]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"nltide_3"="advpack.dll" [2009-03-08 128512]
"RunNarrator"="Narrator.exe" [2007-11-30 53760]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"midi1"=myokent.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
SecurityProviders msapsspc.dll, schannel.dll, digest.dll, credssp.dll, msnsspc.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice]
@=""

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice]
@=""

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Nokia Ovi Suite.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Nokia Ovi Suite.lnk
backup=c:\windows\pss\Nokia Ovi Suite.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^Kiki^Start Menu^Programs^Startup^OneNote 2007 Screen Clipper and Launcher.lnk]
path=c:\documents and settings\Kiki\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk
backup=c:\windows\pss\OneNote 2007 Screen Clipper and Launcher.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMServer]
c:\program files\Common Files\Nokia\MPlatform\NokiaMServer [X]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2008-06-12 00:38 34672 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS4ServiceManager]
2008-08-14 05:58 611712 ----a-w- c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BDRegion]
2008-04-21 08:22 91432 ----a-w- c:\program files\CyberLink\Shared Files\brs.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
2007-11-30 23:26 15360 ------w- c:\windows\system32\ctfmon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2009-10-28 19:21 141600 ----a-w- c:\program files\iTunes\iTunesHelper.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2007-11-30 23:26 1695232 ------w- c:\program files\Messenger\msmsgs.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2006-01-12 15:40 155648 ----a-w- c:\program files\Common Files\Ahead\Lib\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Nokia FastStart]
2008-06-29 17:11 2327776 ----a-w- c:\program files\Nokia\Nokia Music\NokiaMusic.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
2009-08-17 01:03 13877248 ----a-w- c:\windows\system32\nvcpl.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
2009-08-17 01:03 86016 ----a-w- c:\windows\system32\nvmctray.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
2008-12-25 23:08 1657376 ----a-w- c:\windows\system32\nwiz.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
2009-11-11 09:57 1451520 ----a-w- c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDVD8LanguageShortcut]
2007-12-14 09:36 50472 ------w- c:\program files\CyberLink\PowerDVD8\Language\Language.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PowerS]
2001-08-03 16:56 159800 ----a-w- c:\windows\PowerS.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PRONoMgrWired]
2004-11-18 09:16 86016 ----a-w- c:\program files\Intel\PROSetWired\NCS\PROSet\PRONoMgr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2009-09-04 23:54 417792 ----a-w- c:\program files\QuickTime\QTTask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl8]
2008-03-20 18:23 83240 ------w- c:\program files\CyberLink\PowerDVD8\PDVD8Serv.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan]
2005-06-14 17:36 77824 ----a-w- c:\windows\SOUNDMAN.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Start WingMan Profiler]
2008-04-04 10:38 88584 ----a-w- c:\program files\Logitech\Gaming Software\LWEMon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2009-10-11 03:17 149280 ----a-w- c:\program files\Java\jre6\bin\jusched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SweetIM]
2009-10-20 12:59 111928 ----a-r- c:\program files\SweetIM\Messenger\SweetIM.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"TwonkyMedia"=2 (0x2)
"mi-raysat_3dsmax2010_32"=2 (0x2)
"mi-raysat_3dsMax2008_32"=2 (0x2)
"gupdate1c9a2436824028e"=2 (0x2)
"Bonjour Service"=2 (0x2)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\Nokia\\Nokia Software Updater\\nsu_ui_client.exe"=
"c:\\Program Files\\Common Files\\Nokia\\Service Layer\\A\\nsl_host_process.exe"=
"c:\\Program Files\\LimeWire\\LimeWire.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"c:\\Program Files\\Autodesk\\Backburner\\monitor.exe"=
"c:\\Program Files\\Autodesk\\Backburner\\manager.exe"=
"c:\\Program Files\\Autodesk\\Backburner\\server.exe"=
"c:\\Program Files\\Autodesk\\3ds Max 2010\\3dsmax.exe"=
"c:\\Program Files\\Autodesk\\3ds Max 2010\\mentalray\\satellite\\raysat_3dsmax2010_32server.exe"=
"c:\\Program Files\\Autodesk\\3ds Max 2010\\mentalray\\satellite\\raysat_3dsmax2010_32.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\WINDOWS\\system32\\dpnsvr.exe"=
"c:\\Program Files\\Common Files\\Adobe\\CS4ServiceManager\\CS4ServiceManager.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Opera\\opera.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5353:TCP"= 5353:TCP:Adobe CSI CS4

R0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore.sys [6/6/2009 12:48 AM 206256]
R0 sfdrv01a;StarForce Protection Environment Driver (version 1.x.a);c:\windows\system32\drivers\sfdrv01a.sys [7/5/2006 1:46 PM 63352]
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [4/15/2009 9:38 PM 114768]
R2 {FE4C91E7-22C2-4D0C-9F6B-82F1B7742054};{FE4C91E7-22C2-4D0C-9F6B-82F1B7742054};c:\program files\CyberLink\PowerDVD8\000.fcl [2/1/2008 4:24 PM 41456]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [4/15/2009 9:38 PM 20560]
R2 BT848;BtCap, WDM Video Capture;c:\windows\system32\drivers\BT848.SYS [3/2/2008 6:10 PM 291768]
R2 BTTUNER;BtTuner, WDM TV Tuner;c:\windows\system32\drivers\BTTUNER.SYS [3/2/2008 6:11 PM 21288]
R2 BTXBAR;BtXBar, WDM Crossbar;c:\windows\system32\drivers\BTXBAR.SYS [3/2/2008 6:11 PM 12568]
R2 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine;c:\program files\LogMeIn Hamachi\hamachi-2.exe [10/29/2009 12:27 PM 1074568]
R3 rxpvbus;Reality XP Avionics Bus Driver;c:\windows\system32\drivers\rxpvbus.sys [11/4/2005 9:35 AM 44032]
S0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [3/2/2008 6:40 PM 691696]
S2 gupdate1c9a2436824028e;Google Update Service (gupdate1c9a2436824028e);c:\program files\Google\Update\GoogleUpdate.exe [3/11/2009 1:17 PM 133104]
S2 mi-raysat_3dsmax2010_32;mental ray 3.7 Satellite for Autodesk 3ds Max 2010 32-bit 32-bit;c:\program files\Autodesk\3ds Max 2010\mentalray\satellite\raysat_3dsmax2010_32server.exe [3/12/2009 4:36 PM 86016]
S3 sdAuxService;PC Tools Auxiliary Service;c:\program files\Spyware Doctor\pctsAuxs.exe [12/5/2008 7:50 PM 348752]
S4 TwonkyMedia;TwonkyMedia;c:\program files\Nokia\Nokia Home Media Server\Media Server\TwonkyMedia.exe -serviceversion 0 --> c:\program files\Nokia\Nokia Home Media Server\Media Server\TwonkyMedia.exe -serviceversion 0 [?]
S4 usnjsvc;Messenger Sharing Folders USN Journal Reader service;c:\program files\Windows Live\Messenger\usnsvc.exe [11/7/2007 3:34 PM 98840]
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = *.local
IE: &Download All by FlashGet - c:\program files\FlashGet Network\FlashGet universal\ComDlls\Bhoall.htm
IE: &Download by FlashGet - c:\program files\FlashGet Network\FlashGet universal\ComDlls\Bholink.htm
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
FF - ProfilePath - c:\documents and settings\Kiki\Application Data\Mozilla\Firefox\Profiles\tmz8ijwv.kiki\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/ig
FF - plugin: c:\program files\DivX\DivX Plus Web Player\npdivx32.dll
FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\Google\Update\1.2.183.13\npGoogleOneClick8.dll
FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll
.
- - - - ORPHANS REMOVED - - - -

HKCU-Run-AdobeBridge - (no file)
MSConfigStartUp-AppleSyncNotifier - c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
MSConfigStartUp-ASuite - g:\lupo pensuite v6.76 full\Launcher\ASuite.exe
MSConfigStartUp-DAEMON Tools Lite - c:\program files\DAEMON Tools Lite\daemon.exe
MSConfigStartUp-GrooveMonitor - c:\program files\Microsoft Office\Office12\GrooveMonitor.exe
AddRemove-Falcon 4.0 - c:\microprose\Falcon4\Uninst.isu
AddRemove-V-Ray for 3dsmax 2010 for x86 - c:\program files\Chaos Group\V-Ray\3dsmax 2010 for x86\uninstall\wininstaller.exe-uninstall=c:\program files\Chaos Group\V-Ray\3dsmax 2010 for x86\uninstall\install.log
AddRemove-Project Tupolev Tu-154m for MS FS2004 - c:\documents and settings\Kiki\Desktop\tu 22\Uninstal_PT_Tu-154m_2.02.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, gmer.net
Rootkit scan 2009-12-24 02:15
Windows 5.1.2600 Service Pack 3, v.3264 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, gmer.net

device: opened successfully
user: MBR read successfully
called modules: ntkrnlpa.exe catchme.sys CLASSPNP.SYS disk.sys ACPI.sys hal.dll >>UNKNOWN [0x8A3BF820]<<
kernel: MBR read successfully
detected MBR rootkit hooks:
\Driver\Disk -> CLASSPNP.SYS @ 0xb80ecf28
\Driver\ACPI -> ACPI.sys @ 0xb7f7fcb8
\Driver\atapi -> atapi.sys @ 0xb7efe850
IoDeviceObjectType -> DeleteProcedure -> ntkrnlpa.exe @ 0x80578fa2
ParseProcedure -> ntkrnlpa.exe @ 0x80577c04
\Device\Harddisk0\DR0 -> DeleteProcedure -> ntkrnlpa.exe @ 0x80578fa2
ParseProcedure -> ntkrnlpa.exe @ 0x80577c04
NDIS: Intel(R) PRO/1000 MT Network Connection -> SendCompleteHandler -> NDIS.sys @ 0xb7da9bb0
PacketIndicateHandler -> NDIS.sys @ 0xb7db6a21
SendHandler -> NDIS.sys @ 0xb7d9487b
user & kernel MBR OK

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\{FE4C91E7-22C2-4D0C-9F6B-82F1B7742054}]
"ImagePath"="\??\c:\program files\CyberLink\PowerDVD8\000.fcl"
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_USERS\S-1-5-21-1202660629-436374069-1644491937-1003\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{03B6550E-15D4-2AF2-3D70-0A74B79B342C}*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
"abedbcmgaonbnbeeibofcldbapnlgboojp"=hex:69,61,66,63,67,68,6a,6b,6f,6c,65,6e,
6c,6b,6d,62,6b,70,00,00
"maddgbgangijidmdpliekhkmdm"=hex:6f,61,69,61,64,61,6b,64,6d,6f,6e,6a,68,64,67,
70,65,61,69,6e,6c,6a,64,62,6e,6b,6f,61,61,69,00,00
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(736)
c:\windows\system32\myokent.dll
c:\program files\Common Files\Adobe\Adobe Drive CS4\AdobeDriveCS4_NP.dll

- - - - - - - > 'lsass.exe'(792)
c:\windows\system32\myokent.dll
.
Completion time: 2009-12-24 02:21:24
ComboFix-quarantined-files.txt 2009-12-24 01:21
ComboFix2.txt 2009-06-06 17:59

Pre-Run: 1.362.276.352 bytes free
Post-Run: 1.327.861.760 bytes free

- - End Of File - - 9CFDAFBEA702E04052E0C0EA5E449585

offline
  • diarno  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 15 Jun 2007
  • Poruke: 5572

Nema malware-a..Uradi sledece :

Potrebno je deinstalirati ComboFix:
klikni start (ili ), a zatim RUN.

Na Visti koristiti Start Search polje ukoliko Run nije dostupan.

U liniju za unos teksta ukucaj (iskopiraj) sledeće:

ComboFix /Uninstall

Primeti da postoji razmak između "ComboFix" i "/Uninstall".



a zatim klikni OK (ili pritisni Enter).


Sačekaj da se proces deinstalacije završi.

Ko je trenutno na forumu
 

Ukupno su 602 korisnika na forumu :: 30 registrovanih, 7 sakrivenih i 565 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3028 - dana 22 Nov 2019 07:47

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: 5.56, A.R.Chafee.Jr., brufen2, Cranium, darcaud, darkangel, djboj, DM1994, Drug pukovnik, FOX2, havoc995, ivan979, Jovica Despotovic, kolateralnasteta, Leonardo, louderick, Maksim 3, Marko Marković, Markoni958, MB120mm, mean_machine, miodrag3, nikolapetkovic, Recce, rovac, ruseskij, Skywhaler, Vladko, vobo, Yellow Pinky2