Poslao: 21 Jan 2010 11:59
|
offline
- vladobooy
- Građanin
- Pridružio: 13 Apr 2008
- Poruke: 79
- Gde živiš: Republika Srpska
|
Cao,
Imam problem ne mogu ni sa jednim pretrazivacem da otvorim nijedan microsoft sajt. Pomoc?
Pozdrav
|
|
|
|
|
Poslao: 22 Jan 2010 10:30
|
offline
- vladobooy
- Građanin
- Pridružio: 13 Apr 2008
- Poruke: 79
- Gde živiš: Republika Srpska
|
Napisano: 22 Jan 2010 9:23
DDS (Ver_09-12-01.01) - NTFSx86
Run by Gardovic at 9:15:50,93 on pet 22.01.2010
Internet Explorer: 8.0.6001.18702
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.1023.442 [GMT 1:00]
AV: avast! antivirus 4.8.1368 [VPS 100122-0] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
============== Running Processes ===============
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\QuickTime\qttask.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\McAfee Security Scan\1.0.150\SSScheduler.exe
C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Autodesk Shared\WSCommCntr1.exe
C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
C:\Program Files\AutoCAD 2009\acad.exe
C:\DOCUME~1\Gardovic\LOCALS~1\Temp\AdskCleanup.0001
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\Gardovic\Desktop\dds.com
============== Pseudo HJT Report ===============
uStart Page = hxxp://www.google.ba/
uSearch Page = hxxp://www.google.com
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
mSearchAssistant = hxxp://www.google.com/ie
uURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\progra~1\yahoo!\companion\installs\cpn\yt.dll
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\progra~1\yahoo!\companion\installs\cpn\yt.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Skype add-on (mastermind): {22bf413b-c6d2-4d91-82a9-a0f997ba588c} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.4.4525.1752\swg.dll
BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - c:\progra~1\yahoo!\companion\installs\cpn\YTSingleInstance.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\progra~1\yahoo!\companion\installs\cpn\yt.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background
uRun: [Messenger (Yahoo!)] "c:\progra~1\yahoo!\messenger\YahooMessenger.exe" -quiet
mRun: [NeroFilterCheck] c:\windows\system32\NeroCheck.exe
mRun: [RemoteControl] "c:\program files\cyberlink\powerdvd\PDVDServ.exe"
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [avast!] c:\progra~1\alwils~1\avast4\ashDisp.exe
mRun: [ISUSPM Startup] "c:\program files\common files\installshield\updateservice\isuspm.exe" -startup
mRun: [ISUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [nwiz] nwiz.exe /install
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
StartupFolder: c:\docume~1\gardovic\startm~1\programs\startup\adobeg~1.lnk - c:\program files\common files\adobe\calibration\Adobe Gamma Loader.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\mcafee~1.lnk - c:\program files\mcafee security scan\1.0.150\SSScheduler.exe
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {5067A26B-1337-4436-8AFE-EE169C2DA79F} - {77BF5300-1474-4EC7-9980-D32B190E9B07} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dll
IE: {77BF5300-1474-4EC7-9980-D32B190E9B07} - {77BF5300-1474-4EC7-9980-D32B190E9B07} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
================= FIREFOX ===================
FF - ProfilePath - c:\docume~1\gardovic\applic~1\mozilla\firefox\profiles\vdtx05ww.default\
---- FIREFOX POLICIES ----
FF - user.js: yahoo.ytff.general.dontshowhpoffer - truec:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);
============= SERVICES / DRIVERS ===============
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2010-1-13 114768]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2010-1-13 20560]
R2 avast! Antivirus;avast! Antivirus;c:\program files\alwil software\avast4\ashServ.exe [2010-1-13 138680]
R3 Envy24HFS;ICE Envy24 Family Audio Controller WDM V1.01 (Envy24HT-S Eval. Only);c:\windows\system32\drivers\Envy24HF.sys [2010-1-13 561144]
S2 lzamom;Universal Server;c:\windows\system32\svchost.exe -k netsvcs [2004-8-4 14336]
S2 wuzawqan;exbbc;c:\windows\system32\svchost.exe -k netsvcs [2004-8-4 14336]
S3 avast! Mail Scanner;avast! Mail Scanner;c:\program files\alwil software\avast4\ashMaiSv.exe [2010-1-13 254040]
S3 avast! Web Scanner;avast! Web Scanner;c:\program files\alwil software\avast4\ashWebSv.exe [2010-1-13 352920]
S3 xvvxsrqne;xvvxsrqne;\??\c:\windows\system32\03a.tmp --> c:\windows\system32\03A.tmp [?]
=============== Created Last 30 ================
2010-01-21 11:15:50 0 d-----w- c:\program files\Spybot - Search & Destroy
2010-01-21 11:15:50 0 d-----w- c:\docume~1\alluse~1\applic~1\Spybot - Search & Destroy
2010-01-21 11:07:25 0 d-----w- c:\program files\Includes
2010-01-21 10:59:35 69 ----a-w- c:\windows\NeroDigital.ini
2010-01-21 10:21:38 0 d-sh--w- c:\documents and settings\gardovic\IECompatCache
2010-01-21 10:20:54 0 d-sh--w- c:\documents and settings\gardovic\PrivacIE
2010-01-21 10:19:37 0 d-sh--w- c:\documents and settings\gardovic\IETldCache
2010-01-21 10:15:26 0 dc-h--w- c:\windows\ie8
2010-01-21 10:15:04 0 d--h--w- c:\windows\msdownld.tmp
2010-01-21 08:37:49 0 d-----w- c:\windows\SxsCaPendDel
2010-01-21 08:33:46 0 d-----w- c:\program files\Yahoo!
2010-01-21 08:23:16 0 d-----w- c:\program files\uTorrent
2010-01-21 08:21:49 0 d-----w- c:\docume~1\gardovic\applic~1\uTorrent
2010-01-21 07:12:51 56 ---ha-w- c:\windows\system32\ezsidmv.dat
2010-01-20 09:33:09 0 d-----w- c:\docume~1\alluse~1\applic~1\McAfee Security Scan
2010-01-20 09:33:08 0 d-----w- c:\program files\McAfee Security Scan
2010-01-13 11:25:31 172032 ----a-w- c:\windows\system32\nvudisp.exe
2010-01-13 11:25:31 13474 ----a-w- c:\windows\system32\nvdisp.nvu
2010-01-13 11:25:31 0 d-----w- c:\windows\nview
2010-01-13 11:22:35 0 d-----w- c:\program files\ASUSTeK
2010-01-13 11:21:00 11264 ------r- c:\windows\system32\drivers\EIO.sys
2010-01-13 11:12:10 2568 --sha-w- c:\windows\system32\KGyGaAvL.sys
2010-01-13 11:09:17 0 d-----w- c:\program files\Corel
2010-01-13 11:09:17 0 d-----w- c:\program files\common files\Corel
2010-01-13 10:58:04 499712 ----a-w- c:\windows\system32\MSVCP71.dll
2010-01-13 10:58:04 1060864 ----a-w- c:\windows\system32\MFC71.dll
2010-01-13 10:48:16 0 d-----w- c:\program files\common files\Autodesk Shared
2010-01-13 10:48:16 0 d-----w- c:\program files\AutoCAD 2009
2010-01-13 10:48:16 0 d-----w- c:\docume~1\gardovic\applic~1\Autodesk
2010-01-13 10:47:53 3727720 ----a-w- c:\windows\system32\d3dx9_35.dll
2010-01-13 10:43:44 0 d-----w- c:\windows\system32\XPSViewer
2010-01-13 10:43:00 14048 ------w- c:\windows\system32\spmsg2.dll
2010-01-13 10:38:18 86016 ----a-w- c:\windows\unvise32qt.exe
2010-01-13 10:37:55 0 d-----w- c:\windows\system32\QuickTime
2010-01-13 10:33:35 0 d-----w- c:\program files\common files\Adobe Systems Shared
2010-01-13 10:28:49 376 ----a-w- c:\windows\ODBC.INI
2010-01-13 10:28:42 17920 ----a-w- c:\windows\system32\mdimon.dll
2010-01-13 10:27:40 0 d-----w- c:\program files\common files\L&H
2010-01-13 10:27:18 0 d-----w- c:\program files\Microsoft ActiveSync
2010-01-13 10:26:27 0 d-----w- c:\windows\SHELLNEW
2010-01-13 10:17:11 0 d-----w- c:\program files\Webteh
2010-01-13 10:16:06 0 d-----r- c:\program files\Skype
2010-01-13 10:15:21 453152 ----a-w- c:\windows\system32\NVUNINST.EXE
2010-01-13 10:14:46 0 d-----w- C:\NVIDIA
2010-01-13 10:10:08 5888 ------w- c:\windows\system32\drivers\imagedrv.sys
2010-01-13 10:10:08 127488 ------w- c:\windows\system32\drivers\imagesrv.sys
2010-01-13 10:09:49 364544 ------w- c:\windows\system32\TwnLib4.dll
2010-01-13 10:09:49 106496 ----a-w- c:\windows\system32\TwnLib20.dll
2010-01-13 10:09:48 476320 ------w- c:\windows\system32\ImagXpr7.dll
2010-01-13 10:09:48 471040 ------w- c:\windows\system32\ImagXRA7.dll
2010-01-13 10:09:48 262144 ------w- c:\windows\system32\ImagXR7.dll
2010-01-13 10:09:48 1568768 ------w- c:\windows\system32\ImagX7.dll
2010-01-13 10:09:48 155648 ----a-w- c:\windows\system32\NeroCheck.exe
2010-01-13 10:08:58 0 d-----w- c:\windows\system32\PreInstall
2010-01-13 10:08:54 26144 ----a-w- c:\windows\system32\spupdsvc.exe
2010-01-13 10:08:52 0 d--h--w- c:\windows\$hf_mig$
2010-01-13 10:08:40 0 d-----w- c:\program files\MSECache
2010-01-13 10:08:30 421888 ----a-w- c:\windows\system32\ac3filter.acm
2010-01-13 10:08:24 0 d-----w- c:\program files\XP Codec Pack
2010-01-13 10:03:42 0 d-----w- c:\windows\system32\SoftwareDistribution
2010-01-13 10:00:46 21504 ----a-w- c:\windows\system32\hidserv.dll
2010-01-13 10:00:20 57472 ----a-w- c:\windows\system32\drivers\redbook.sys
2010-01-13 10:00:13 60288 -c--a-w- c:\windows\system32\dllcache\drmk.sys
2010-01-13 10:00:13 60288 ----a-w- c:\windows\system32\drivers\drmk.sys
2010-01-13 10:00:13 4096 -c--a-w- c:\windows\system32\dllcache\ksuser.dll
2010-01-13 10:00:13 4096 ----a-w- c:\windows\system32\ksuser.dll
2010-01-13 10:00:13 2944 ----a-w- c:\windows\system32\drivers\msmpu401.sys
2010-01-13 10:00:13 145792 -c--a-w- c:\windows\system32\dllcache\portcls.sys
2010-01-13 10:00:13 145792 ----a-w- c:\windows\system32\drivers\portcls.sys
2010-01-13 10:00:13 130048 -c--a-w- c:\windows\system32\dllcache\ksproxy.ax
2010-01-13 10:00:13 130048 ----a-w- c:\windows\system32\ksproxy.ax
2010-01-13 10:00:11 10624 ----a-w- c:\windows\system32\drivers\gameenum.sys
2010-01-13 09:57:46 0 d-----w- c:\program files\common files\ODBC
2010-01-13 09:57:43 0 d-----w- c:\program files\common files\SpeechEngines
2010-01-13 09:57:13 0 d-----r- c:\documents and settings\all users\Documents
2010-01-13 09:39:08 0 d-----w- c:\program files\Envy24 Family Audio Controller
2010-01-13 09:16:28 0 d-sh--w- c:\documents and settings\all users\DRM
2010-01-13 09:16:05 0 d--h--w- c:\program files\WindowsUpdate
2010-01-13 09:14:58 0 d-----w- c:\program files\common files\MSSoap
2010-01-13 09:13:25 0 d-----w- c:\program files\Online Services
2010-01-13 09:13:19 0 d-----w- c:\program files\Messenger
2010-01-13 09:13:15 0 d-----w- c:\program files\MSN Gaming Zone
2010-01-13 09:12:30 0 d-----w- c:\program files\Windows NT
==================== Find3M ====================
2010-01-13 09:13:53 21640 ----a-w- c:\windows\system32\emptyregdb.dat
2004-08-04 01:07:00 168509 --sha-r- c:\windows\system32\aoqfwimp.dll
============= FINISH: 9:16:13,95 ===============
mycity.rs/must-login.png
mycity.rs/must-login.png
Dopuna: 22 Jan 2010 10:00
Dopuna: 22 Jan 2010 10:29
mycity.rs/must-login.png
mycity.rs/must-login.png
Dopuna: 22 Jan 2010 10:30
mycity.rs/must-login.png
|
|
|
|
|
Poslao: 22 Jan 2010 14:40
|
offline
- vladobooy
- Građanin
- Pridružio: 13 Apr 2008
- Poruke: 79
- Gde živiš: Republika Srpska
|
Napisano: 22 Jan 2010 13:28
ComboFix 10-01-21.07 - Gardovic 22.01.2010 12:55:20.1.1 - x86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.1023.608 [GMT 1:00]
Running from: c:\documents and settings\Gardovic\Desktop\ComboFix.exe
AV: avast! antivirus 4.8.1368 [VPS 100122-0] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\windows\system32\aoqfwimp.dll
c:\windows\system32\e1000msg.dll
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_lzamom
-------\Legacy_wuzawqan
-------\Service_lzamom
-------\Service_wuzawqan
((((((((((((((((((((((((( Files Created from 2009-12-22 to 2010-01-22 )))))))))))))))))))))))))))))))
.
2010-01-22 09:33 . 2010-01-22 09:33 -------- d-----w- c:\documents and settings\All Users\Application Data\McAfee
2010-01-21 12:26 . 2010-01-21 12:26 -------- d-sh--w- c:\documents and settings\NetworkService\IETldCache
2010-01-21 12:25 . 2010-01-21 12:25 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Mozilla
2010-01-21 12:25 . 2010-01-21 12:25 -------- d-sh--w- c:\documents and settings\Administrator\IETldCache
2010-01-21 11:15 . 2010-01-21 11:23 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2010-01-21 11:15 . 2010-01-21 11:18 -------- d-----w- c:\program files\Spybot - Search & Destroy
2010-01-21 11:07 . 2010-01-21 11:07 -------- d-----w- c:\program files\Includes
2010-01-21 10:59 . 2010-01-21 10:59 -------- d-----w- c:\documents and settings\Gardovic\Application Data\Media Player Classic
2010-01-21 10:38 . 2010-01-21 10:38 -------- d-sh--w- c:\documents and settings\Razvoj\PrivacIE
2010-01-21 10:38 . 2010-01-21 10:38 -------- d-----w- c:\documents and settings\Razvoj\Local Settings\Application Data\Yahoo
2010-01-21 10:38 . 2010-01-21 10:38 -------- d-----w- c:\documents and settings\Razvoj\Application Data\Yahoo!
2010-01-21 10:38 . 2010-01-21 10:38 -------- d-sh--w- c:\documents and settings\Razvoj\IETldCache
2010-01-21 10:21 . 2010-01-21 10:21 -------- d-sh--w- c:\documents and settings\Gardovic\IECompatCache
2010-01-21 10:20 . 2010-01-21 10:20 -------- d-sh--w- c:\documents and settings\Gardovic\PrivacIE
2010-01-21 10:19 . 2010-01-21 10:19 -------- d-sh--w- c:\documents and settings\Gardovic\IETldCache
2010-01-21 10:15 . 2010-01-21 10:17 -------- dc-h--w- c:\windows\ie8
2010-01-21 10:15 . 2010-01-21 10:17 -------- d--h--w- c:\windows\msdownld.tmp
2010-01-21 08:40 . 2010-01-21 09:08 -------- d-----w- c:\documents and settings\Gardovic\Local Settings\Application Data\Yahoo
2010-01-21 08:38 . 2010-01-21 09:08 -------- d-----w- c:\documents and settings\All Users\Application Data\Yahoo! Companion
2010-01-21 08:38 . 2010-01-21 08:40 -------- d-----w- c:\documents and settings\Gardovic\Application Data\Yahoo!
2010-01-21 08:38 . 2009-11-10 13:39 607472 ----a-w- c:\documents and settings\All Users\Application Data\Yahoo!\YUpdater\yupdater.exe
2010-01-21 08:38 . 2010-01-21 08:38 -------- d-----w- c:\documents and settings\All Users\Application Data\Yahoo!
2010-01-21 08:37 . 2010-01-21 09:05 -------- d-----w- c:\windows\SxsCaPendDel
2010-01-21 08:33 . 2010-01-21 08:38 -------- d-----w- c:\program files\Yahoo!
2010-01-21 08:23 . 2010-01-21 08:23 -------- d-----w- c:\program files\uTorrent
2010-01-21 08:21 . 2010-01-21 09:04 -------- d-----w- c:\documents and settings\Gardovic\Application Data\uTorrent
2010-01-21 07:12 . 2010-01-21 07:12 56 ---ha-w- c:\windows\system32\ezsidmv.dat
2010-01-21 07:12 . 2010-01-21 07:12 -------- d-----w- c:\documents and settings\Gardovic\Application Data\skypePM
2010-01-20 12:59 . 2010-01-20 12:59 -------- d-----w- c:\documents and settings\Gardovic\Local Settings\Application Data\Identities
2010-01-20 09:33 . 2010-01-20 09:33 -------- d-----w- c:\documents and settings\All Users\Application Data\McAfee Security Scan
2010-01-20 09:33 . 2010-01-20 09:33 -------- d-----w- c:\program files\McAfee Security Scan
2010-01-19 08:00 . 2010-01-19 08:00 1956072 ----a-w- c:\documents and settings\Razvoj\Application Data\Macromedia\Flash Player\www.macromedia.com\bin\fpupdateax\fpupdateax.exe
2010-01-18 11:32 . 2010-01-19 08:09 -------- d-----w- c:\documents and settings\Razvoj\Local Settings\Application Data\Identities
2010-01-18 10:27 . 2010-01-21 10:38 -------- d-----w- c:\documents and settings\Razvoj\Local Settings\Application Data\Google
2010-01-15 06:01 . 2010-01-15 06:01 152576 ----a-w- c:\documents and settings\Razvoj\Application Data\Sun\Java\jre1.6.0_17\lzma.dll
2010-01-15 06:00 . 2010-01-15 06:00 79488 ----a-w- c:\documents and settings\Razvoj\Application Data\Sun\Java\jre1.6.0_17\gtapi.dll
2010-01-13 12:11 . 2010-01-13 12:11 -------- d-----w- c:\documents and settings\Razvoj\Application Data\Corel
2010-01-13 12:02 . 2010-01-13 12:02 -------- d-----w- c:\documents and settings\Razvoj\Local Settings\Application Data\Mozilla
2010-01-13 11:59 . 2010-01-13 11:59 100280 ----a-w- c:\documents and settings\Razvoj\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2010-01-13 11:59 . 2010-01-15 12:57 -------- d-----w- c:\documents and settings\Razvoj\Application Data\Autodesk
2010-01-13 11:59 . 2010-01-13 11:59 -------- d-----w- c:\documents and settings\Razvoj\Local Settings\Application Data\Autodesk
2010-01-13 11:55 . 2010-01-14 07:31 -------- d-----w- c:\documents and settings\Razvoj\Local Settings\Application Data\Adobe
2010-01-13 11:33 . 2010-01-13 11:33 0 ----a-w- c:\windows\nsreg.dat
2010-01-13 11:33 . 2010-01-13 11:33 -------- d-----w- c:\documents and settings\Gardovic\Local Settings\Application Data\Mozilla
2010-01-13 11:31 . 2010-01-21 10:20 -------- d-----w- c:\documents and settings\Gardovic\Local Settings\Application Data\Google
2010-01-13 11:25 . 2010-01-13 11:27 -------- d-----w- c:\windows\nview
2010-01-13 11:25 . 2004-07-15 10:42 172032 ----a-w- c:\windows\system32\nvudisp.exe
2010-01-13 11:22 . 2010-01-13 11:22 -------- d-----w- c:\program files\ASUSTeK
2010-01-13 11:21 . 2006-02-08 08:26 11264 ------r- c:\windows\system32\drivers\EIO.sys
2010-01-13 11:12 . 2010-01-20 12:38 2568 --sha-w- c:\windows\system32\KGyGaAvL.sys
2010-01-13 11:11 . 2010-01-13 11:11 -------- d-----w- c:\documents and settings\Gardovic\Application Data\Corel
2010-01-13 11:11 . 2010-01-13 11:11 -------- d-----w- c:\documents and settings\All Users\Application Data\InstallShield
2010-01-13 11:11 . 2010-01-13 11:11 65536 ----a-r- c:\documents and settings\Gardovic\Application Data\Microsoft\Installer\{F428D0FB-765D-40EB-BDD8-A1E7F5C597FA}\Shortcut0.C3A146F5_4B48_11D5_A819_00B0D0428C0C.exe
2010-01-13 11:11 . 2010-01-13 11:11 10134 ----a-r- c:\documents and settings\Gardovic\Application Data\Microsoft\Installer\{F428D0FB-765D-40EB-BDD8-A1E7F5C597FA}\ARPPRODUCTICON.exe
2010-01-13 11:09 . 2010-01-13 11:09 -------- d-----w- c:\program files\Corel
2010-01-13 11:09 . 2010-01-13 11:09 -------- d-----w- c:\program files\Common Files\Corel
2010-01-13 11:03 . 2010-01-21 07:58 -------- d-----w- c:\documents and settings\Gardovic\Application Data\Skype
2010-01-13 10:58 . 2009-11-24 23:48 23120 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2010-01-13 10:58 . 2009-11-24 23:49 48560 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2010-01-13 10:58 . 2009-11-24 23:47 27408 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2010-01-13 10:58 . 2009-11-24 23:47 97480 ----a-w- c:\windows\system32\AvastSS.scr
2010-01-13 10:58 . 2009-09-15 11:55 114768 ----a-w- c:\windows\system32\drivers\aswSP.sys
2010-01-13 10:58 . 2009-09-15 11:55 20560 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2010-01-13 10:58 . 2009-11-24 23:51 93424 ----a-w- c:\windows\system32\drivers\aswmon.sys
2010-01-13 10:58 . 2009-09-15 11:56 94160 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2010-01-13 10:58 . 2009-11-24 23:54 1280480 ----a-w- c:\windows\system32\aswBoot.exe
2010-01-13 10:58 . 2003-03-18 21:20 1060864 ----a-w- c:\windows\system32\MFC71.dll
2010-01-13 10:58 . 2003-03-18 20:14 499712 ----a-w- c:\windows\system32\MSVCP71.dll
2010-01-13 10:58 . 2010-01-13 10:58 -------- d-----w- c:\program files\Alwil Software
2010-01-13 10:48 . 2010-01-21 10:01 -------- d-----w- c:\documents and settings\Gardovic\Application Data\Autodesk
2010-01-13 10:48 . 2010-01-15 12:57 -------- d-----w- c:\documents and settings\All Users\Application Data\Autodesk
2010-01-13 10:48 . 2010-01-13 10:52 -------- d-----w- c:\program files\Common Files\Autodesk Shared
2010-01-13 10:48 . 2010-01-13 10:51 -------- d-----w- c:\program files\AutoCAD 2009
2010-01-13 10:48 . 2010-01-13 10:48 -------- d-----w- c:\documents and settings\Gardovic\Local Settings\Application Data\Autodesk
2010-01-13 10:47 . 2007-07-19 17:14 3727720 ----a-w- c:\windows\system32\d3dx9_35.dll
2010-01-13 10:47 . 2010-01-13 10:47 -------- d-----w- c:\program files\MSBuild
2010-01-13 10:47 . 2010-01-21 12:23 727776 ----a-w- c:\documents and settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
2010-01-13 10:43 . 2010-01-13 10:43 -------- d-----w- c:\windows\system32\XPSViewer
2010-01-13 10:43 . 2010-01-13 10:43 -------- d-----w- c:\program files\Reference Assemblies
2010-01-13 10:43 . 2006-10-14 15:43 27648 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\filterpipelineprintproc.dll
2010-01-13 10:43 . 2006-06-29 12:07 14048 ------w- c:\windows\system32\spmsg2.dll
2010-01-13 10:38 . 1999-11-10 10:05 86016 ----a-w- c:\windows\unvise32qt.exe
2010-01-13 10:37 . 2010-01-13 10:38 -------- d-----w- c:\program files\QuickTime
2010-01-13 10:37 . 2010-01-13 10:38 -------- d-----w- c:\windows\system32\QuickTime
2010-01-13 10:37 . 2010-01-13 10:37 -------- d-----w- c:\documents and settings\All Users\Application Data\QuickTime
2010-01-13 10:34 . 2010-01-13 10:34 -------- d-----w- c:\documents and settings\All Users\Application Data\Adobe Systems
2010-01-13 10:33 . 2010-01-13 10:33 -------- d-----w- c:\program files\Common Files\Adobe Systems Shared
2010-01-13 10:31 . 2010-01-13 10:31 -------- d-----w- c:\program files\Common Files\Adobe AIR
2010-01-13 10:30 . 2010-01-13 10:36 -------- d-----w- c:\program files\Common Files\Adobe
2010-01-13 10:30 . 2010-01-21 13:27 -------- d-----w- c:\documents and settings\Gardovic\Local Settings\Application Data\Adobe
2010-01-13 10:28 . 2003-06-18 16:31 18944 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\mdippr.dll
2010-01-13 10:28 . 2003-06-18 16:31 17920 ----a-w- c:\windows\system32\mdimon.dll
2010-01-13 10:27 . 2010-01-13 10:27 -------- d-----w- c:\program files\Common Files\L&H
2010-01-13 10:27 . 2010-01-13 10:27 -------- d-----w- c:\program files\Microsoft ActiveSync
2010-01-13 10:26 . 2010-01-13 10:26 -------- d-----w- c:\program files\Microsoft Works
2010-01-13 10:26 . 2010-01-13 10:27 -------- d-----w- c:\windows\SHELLNEW
2010-01-13 10:25 . 2010-01-13 10:25 -------- d-----w- c:\program files\Microsoft.NET
2010-01-13 10:23 . 2010-01-13 10:23 -------- d-----r- C:\MSOCache
2010-01-13 10:18 . 2010-01-13 10:18 -------- d-----w- c:\documents and settings\All Users\Application Data\CyberLink
2010-01-13 10:17 . 2010-01-13 10:17 -------- d-----w- c:\program files\CyberLink
2010-01-13 10:17 . 2010-01-13 10:17 -------- d-----w- c:\program files\Webteh
2010-01-13 10:16 . 2010-01-13 10:16 -------- d-----w- c:\program files\Google
2010-01-13 10:16 . 2010-01-13 10:16 -------- d-----w- c:\program files\Common Files\Skype
2010-01-13 10:16 . 2010-01-13 10:16 -------- d-----r- c:\program files\Skype
2010-01-13 10:15 . 2010-01-13 10:16 -------- d-----w- c:\documents and settings\All Users\Application Data\Skype
2010-01-13 10:15 . 2008-10-02 09:07 453152 ----a-w- c:\windows\system32\NVUNINST.EXE
2010-01-13 10:14 . 2010-01-13 11:25 -------- d-----w- C:\NVIDIA
2010-01-13 10:10 . 2005-09-01 10:03 5888 ------w- c:\windows\system32\drivers\imagedrv.sys
2010-01-13 10:10 . 2005-09-01 10:03 127488 ------w- c:\windows\system32\drivers\imagesrv.sys
2010-01-13 10:09 . 2004-07-09 07:43 364544 ------w- c:\windows\system32\TwnLib4.dll
2010-01-13 10:09 . 2000-06-26 09:45 106496 ----a-w- c:\windows\system32\TwnLib20.dll
2010-01-13 10:09 . 2010-01-13 10:09 -------- d-----w- c:\program files\Common Files\Ahead
2010-01-13 10:09 . 2004-07-26 15:16 476320 ------w- c:\windows\system32\ImagXpr7.dll
2010-01-13 10:09 . 2004-07-26 15:16 471040 ------w- c:\windows\system32\ImagXRA7.dll
2010-01-13 10:09 . 2004-07-26 15:16 262144 ------w- c:\windows\system32\ImagXR7.dll
2010-01-13 10:09 . 2004-07-26 15:16 1568768 ------w- c:\windows\system32\ImagX7.dll
2010-01-13 10:09 . 2001-07-09 09:50 155648 ----a-w- c:\windows\system32\NeroCheck.exe
2010-01-13 10:09 . 2010-01-13 10:09 -------- d-----w- c:\program files\Ahead
2010-01-13 10:08 . 2009-01-07 17:21 26144 ----a-w- c:\windows\system32\spupdsvc.exe
2010-01-13 10:08 . 2010-01-13 10:15 -------- d--h--w- c:\windows\$hf_mig$
2010-01-13 10:08 . 2010-01-13 10:08 -------- d-----w- c:\program files\MSECache
2010-01-13 10:08 . 2010-01-13 10:08 -------- d-----w- c:\program files\XP Codec Pack
2010-01-13 10:07 . 2010-01-13 10:07 -------- d-----w- c:\program files\7-Zip
2010-01-13 10:02 . 2010-01-13 11:12 100280 ----a-w- c:\documents and settings\Gardovic\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2010-01-13 10:01 . 2004-08-03 23:07 6400 ----a-w- c:\windows\system32\drivers\splitter.sys
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-01-15 09:18 . 2010-01-13 09:16 86327 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2010-01-13 11:22 . 2010-01-13 09:35 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-01-13 11:22 . 2010-01-13 09:35 -------- d-----w- c:\program files\Common Files\InstallShield
2010-01-13 09:39 . 2010-01-13 09:39 -------- d-----w- c:\program files\Envy24 Family Audio Controller
2010-01-13 09:35 . 2010-01-13 09:35 -------- d-----w- c:\program files\Intel
2010-01-13 09:17 . 2010-01-13 09:17 -------- d-----w- c:\program files\microsoft frontpage
2010-01-13 09:13 . 2010-01-13 09:13 21640 ----a-w- c:\windows\system32\emptyregdb.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2004-08-04 1667584]
"Messenger (Yahoo!)"="c:\progra~1\Yahoo!\Messenger\YahooMessenger.exe" [2009-11-10 5244216]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2004-11-02 32768]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2010-01-13 98304]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-11-24 81000]
"ISUSPM Startup"="c:\program files\Common Files\InstallShield\UpdateService\isuspm.exe" [2005-08-11 249856]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2005-08-11 81920]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2004-07-15 4112384]
"nwiz"="nwiz.exe" [2004-07-15 843776]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2004-07-15 81920]
c:\documents and settings\Gardovic\Start Menu\Programs\Startup\
Adobe Gamma.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-3-16 113664]
c:\documents and settings\All Users\Start Menu\Programs\Startup\
McAfee Security Scan.lnk - c:\program files\McAfee Security Scan\1.0.150\SSScheduler.exe [2009-7-28 199184]
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"2909:TCP"= 2909:TCP:qefzpzba
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [13.1.2010 11:58 114768]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [13.1.2010 11:58 20560]
R3 Envy24HFS;ICE Envy24 Family Audio Controller WDM V1.01 (Envy24HT-S Eval. Only);c:\windows\system32\drivers\Envy24HF.sys [13.1.2010 10:39 561144]
S2 lzamom;Universal Server;c:\windows\system32\svchost.exe -k netsvcs [4.8.2004 2:07 14336]
S2 wuzawqan;exbbc;c:\windows\system32\svchost.exe -k netsvcs [4.8.2004 2:07 14336]
S3 xvvxsrqne;xvvxsrqne;\??\c:\windows\system32\03A.tmp --> c:\windows\system32\03A.tmp [?]
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
wuzawqan
lzamom
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.ba/
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
FF - ProfilePath - c:\documents and settings\Gardovic\Application Data\Mozilla\Firefox\Profiles\vdtx05ww.default\
---- FIREFOX POLICIES ----
FF - user.js: yahoo.ytff.general.dontshowhpoffer - true.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, gmer.net
Rootkit scan 2010-01-22 13:18
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\xvvxsrqne]
"ImagePath"="\??\c:\windows\system32\03A.tmp"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\lzamom]
"ServiceDll"="c:\windows\system32\aoqfwimp.dll"
--
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\wuzawqan]
"ServiceDll"="c:\windows\system32\aoqfwimp.dll"
.
--------------------- DLLs Loaded Under Running Processes ---------------------
- - - - - - - > 'explorer.exe'(3948-)
c:\windows\system32\msi.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Alwil Software\Avast4\aswUpdSv.exe
c:\program files\Alwil Software\Avast4\ashServ.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\windows\system32\nvsvc32.exe
c:\windows\system32\RUNDLL32.EXE
c:\program files\Yahoo!\SoftwareUpdate\YahooAUService.exe
c:\program files\Alwil Software\Avast4\ashMaiSv.exe
c:\program files\Alwil Software\Avast4\ashWebSv.exe
c:\progra~1\Yahoo!\Messenger\ymsgr_tray.exe
c:\windows\system32\wscntfy.exe
c:\windows\SoftwareDistribution\Download\8fa1ad7968e63408057364ad07aa482c\update\update.exe
.
**************************************************************************
.
Completion time: 2010-01-22 13:22:34 - machine was rebooted
ComboFix-quarantined-files.txt 2010-01-22 12:22
Pre-Run: 19.485.712.384 bytes free
Post-Run: 19.427.463.168 bytes free
WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
- - End Of File - - 9FB70E4FE549594EE57208EE409955F4
Dopuna: 22 Jan 2010 14:40
Sad je sve superiska!!! Hvala ljudi puno...
|
|
|
|
|
Poslao: 25 Jan 2010 07:39
|
offline
- vladobooy
- Građanin
- Pridružio: 13 Apr 2008
- Poruke: 79
- Gde živiš: Republika Srpska
|
ComboFix 10-01-24.03 - Gardovic 25.01.2010 7:23.2.1 - x86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.1023.584 [GMT 1:00]
Running from: c:\documents and settings\Gardovic\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\Gardovic\Desktop\CFScript.txt
AV: avast! antivirus 4.8.1368 [VPS 100124-1] *On-access scanning enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
FILE ::
"c:\windows\system32\03A.tmp"
"c:\windows\system32\aoqfwimp.dll"
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_LZAMOM
-------\Legacy_WUZAWQAN
-------\Legacy_XVVXSRQNE
-------\Service_lzamom
-------\Service_wuzawqan
-------\Service_xvvxsrqne
((((((((((((((((((((((((( Files Created from 2009-12-25 to 2010-01-25 )))))))))))))))))))))))))))))))
.
2010-01-25 06:11 . 2009-08-06 18:23 274288 ----a-w- c:\windows\system32\mucltui.dll
2010-01-25 06:11 . 2009-08-06 18:23 215920 ----a-w- c:\windows\system32\muweb.dll
2010-01-22 14:02 . 2010-01-22 14:02 -------- d-----w- c:\windows\speech
2010-01-22 14:02 . 2010-01-22 14:02 -------- d-----w- c:\program files\Mini recnik
2010-01-22 13:25 . 2010-01-25 06:30 -------- d-----w- c:\documents and settings\Gardovic\Tracing
2010-01-22 13:24 . 2010-01-22 13:24 -------- d-----w- c:\program files\Microsoft
2010-01-22 13:24 . 2010-01-22 13:24 -------- d-----w- c:\program files\Windows Live SkyDrive
2010-01-22 13:23 . 2010-01-22 13:24 -------- d-----w- c:\program files\Windows Live
2010-01-22 12:30 . 2010-01-22 12:30 -------- d-----w- c:\program files\Common Files\Windows Live
2010-01-22 09:33 . 2010-01-22 09:33 -------- d-----w- c:\documents and settings\All Users\Application Data\McAfee
2010-01-21 12:26 . 2010-01-21 12:26 -------- d-sh--w- c:\documents and settings\NetworkService\IETldCache
2010-01-21 12:25 . 2010-01-21 12:25 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Mozilla
2010-01-21 12:25 . 2010-01-21 12:25 -------- d-sh--w- c:\documents and settings\Administrator\IETldCache
2010-01-21 11:15 . 2010-01-21 11:23 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2010-01-21 11:15 . 2010-01-21 11:18 -------- d-----w- c:\program files\Spybot - Search & Destroy
2010-01-21 11:07 . 2010-01-21 11:07 -------- d-----w- c:\program files\Includes
2010-01-21 10:59 . 2010-01-21 10:59 -------- d-----w- c:\documents and settings\Gardovic\Application Data\Media Player Classic
2010-01-21 10:38 . 2010-01-21 10:38 -------- d-sh--w- c:\documents and settings\Razvoj\PrivacIE
2010-01-21 10:38 . 2010-01-21 10:38 -------- d-----w- c:\documents and settings\Razvoj\Local Settings\Application Data\Yahoo
2010-01-21 10:38 . 2010-01-21 10:38 -------- d-----w- c:\documents and settings\Razvoj\Application Data\Yahoo!
2010-01-21 10:38 . 2010-01-21 10:38 -------- d-sh--w- c:\documents and settings\Razvoj\IETldCache
2010-01-21 10:21 . 2010-01-21 10:21 -------- d-sh--w- c:\documents and settings\Gardovic\IECompatCache
2010-01-21 10:20 . 2010-01-21 10:20 -------- d-sh--w- c:\documents and settings\Gardovic\PrivacIE
2010-01-21 10:19 . 2010-01-21 10:19 -------- d-sh--w- c:\documents and settings\Gardovic\IETldCache
2010-01-21 10:15 . 2010-01-21 10:17 -------- dc-h--w- c:\windows\ie8
2010-01-21 10:15 . 2010-01-21 10:17 -------- d--h--w- c:\windows\msdownld.tmp
2010-01-21 08:40 . 2010-01-21 09:08 -------- d-----w- c:\documents and settings\Gardovic\Local Settings\Application Data\Yahoo
2010-01-21 08:38 . 2010-01-21 09:08 -------- d-----w- c:\documents and settings\All Users\Application Data\Yahoo! Companion
2010-01-21 08:38 . 2010-01-21 08:40 -------- d-----w- c:\documents and settings\Gardovic\Application Data\Yahoo!
2010-01-21 08:38 . 2009-11-10 13:39 607472 ----a-w- c:\documents and settings\All Users\Application Data\Yahoo!\YUpdater\yupdater.exe
2010-01-21 08:38 . 2010-01-21 08:38 -------- d-----w- c:\documents and settings\All Users\Application Data\Yahoo!
2010-01-21 08:37 . 2010-01-21 09:05 -------- d-----w- c:\windows\SxsCaPendDel
2010-01-21 08:33 . 2010-01-21 08:38 -------- d-----w- c:\program files\Yahoo!
2010-01-21 08:23 . 2010-01-21 08:23 -------- d-----w- c:\program files\uTorrent
2010-01-21 08:21 . 2010-01-21 09:04 -------- d-----w- c:\documents and settings\Gardovic\Application Data\uTorrent
2010-01-21 07:12 . 2010-01-21 07:12 56 ---ha-w- c:\windows\system32\ezsidmv.dat
2010-01-21 07:12 . 2010-01-21 07:12 -------- d-----w- c:\documents and settings\Gardovic\Application Data\skypePM
2010-01-20 12:59 . 2010-01-20 12:59 -------- d-----w- c:\documents and settings\Gardovic\Local Settings\Application Data\Identities
2010-01-20 09:33 . 2010-01-20 09:33 -------- d-----w- c:\documents and settings\All Users\Application Data\McAfee Security Scan
2010-01-20 09:33 . 2010-01-20 09:33 -------- d-----w- c:\program files\McAfee Security Scan
2010-01-19 08:00 . 2010-01-19 08:00 1956072 ----a-w- c:\documents and settings\Razvoj\Application Data\Macromedia\Flash Player\www.macromedia.com\bin\fpupdateax\fpupdateax.exe
2010-01-18 11:32 . 2010-01-19 08:09 -------- d-----w- c:\documents and settings\Razvoj\Local Settings\Application Data\Identities
2010-01-18 10:27 . 2010-01-21 10:38 -------- d-----w- c:\documents and settings\Razvoj\Local Settings\Application Data\Google
2010-01-15 06:01 . 2010-01-15 06:01 152576 ----a-w- c:\documents and settings\Razvoj\Application Data\Sun\Java\jre1.6.0_17\lzma.dll
2010-01-15 06:00 . 2010-01-15 06:00 79488 ----a-w- c:\documents and settings\Razvoj\Application Data\Sun\Java\jre1.6.0_17\gtapi.dll
2010-01-13 12:11 . 2010-01-13 12:11 -------- d-----w- c:\documents and settings\Razvoj\Application Data\Corel
2010-01-13 12:02 . 2010-01-13 12:02 -------- d-----w- c:\documents and settings\Razvoj\Local Settings\Application Data\Mozilla
2010-01-13 11:59 . 2010-01-13 11:59 100280 ----a-w- c:\documents and settings\Razvoj\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2010-01-13 11:59 . 2010-01-15 12:57 -------- d-----w- c:\documents and settings\Razvoj\Application Data\Autodesk
2010-01-13 11:59 . 2010-01-13 11:59 -------- d-----w- c:\documents and settings\Razvoj\Local Settings\Application Data\Autodesk
2010-01-13 11:55 . 2010-01-14 07:31 -------- d-----w- c:\documents and settings\Razvoj\Local Settings\Application Data\Adobe
2010-01-13 11:33 . 2010-01-13 11:33 0 ----a-w- c:\windows\nsreg.dat
2010-01-13 11:33 . 2010-01-13 11:33 -------- d-----w- c:\documents and settings\Gardovic\Local Settings\Application Data\Mozilla
2010-01-13 11:31 . 2010-01-21 10:20 -------- d-----w- c:\documents and settings\Gardovic\Local Settings\Application Data\Google
2010-01-13 11:25 . 2010-01-13 11:27 -------- d-----w- c:\windows\nview
2010-01-13 11:25 . 2004-07-15 10:42 172032 ----a-w- c:\windows\system32\nvudisp.exe
2010-01-13 11:22 . 2010-01-13 11:22 -------- d-----w- c:\program files\ASUSTeK
2010-01-13 11:21 . 2006-02-08 08:26 11264 ------r- c:\windows\system32\drivers\EIO.sys
2010-01-13 11:12 . 2010-01-20 12:38 2568 --sha-w- c:\windows\system32\KGyGaAvL.sys
2010-01-13 11:11 . 2010-01-13 11:11 -------- d-----w- c:\documents and settings\Gardovic\Application Data\Corel
2010-01-13 11:11 . 2010-01-13 11:11 -------- d-----w- c:\documents and settings\All Users\Application Data\InstallShield
2010-01-13 11:11 . 2010-01-13 11:11 65536 ----a-r- c:\documents and settings\Gardovic\Application Data\Microsoft\Installer\{F428D0FB-765D-40EB-BDD8-A1E7F5C597FA}\Shortcut0.C3A146F5_4B48_11D5_A819_00B0D0428C0C.exe
2010-01-13 11:11 . 2010-01-13 11:11 10134 ----a-r- c:\documents and settings\Gardovic\Application Data\Microsoft\Installer\{F428D0FB-765D-40EB-BDD8-A1E7F5C597FA}\ARPPRODUCTICON.exe
2010-01-13 11:09 . 2010-01-13 11:09 -------- d-----w- c:\program files\Corel
2010-01-13 11:09 . 2010-01-13 11:09 -------- d-----w- c:\program files\Common Files\Corel
2010-01-13 11:03 . 2010-01-21 07:58 -------- d-----w- c:\documents and settings\Gardovic\Application Data\Skype
2010-01-13 10:58 . 2009-11-24 23:48 23120 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2010-01-13 10:58 . 2009-11-24 23:49 48560 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2010-01-13 10:58 . 2009-11-24 23:47 27408 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2010-01-13 10:58 . 2009-11-24 23:47 97480 ----a-w- c:\windows\system32\AvastSS.scr
2010-01-13 10:58 . 2009-09-15 11:55 114768 ----a-w- c:\windows\system32\drivers\aswSP.sys
2010-01-13 10:58 . 2009-09-15 11:55 20560 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2010-01-13 10:58 . 2009-11-24 23:51 93424 ----a-w- c:\windows\system32\drivers\aswmon.sys
2010-01-13 10:58 . 2009-09-15 11:56 94160 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2010-01-13 10:58 . 2009-11-24 23:54 1280480 ----a-w- c:\windows\system32\aswBoot.exe
2010-01-13 10:58 . 2003-03-18 21:20 1060864 ----a-w- c:\windows\system32\MFC71.dll
2010-01-13 10:58 . 2003-03-18 20:14 499712 ----a-w- c:\windows\system32\MSVCP71.dll
2010-01-13 10:58 . 2010-01-13 10:58 -------- d-----w- c:\program files\Alwil Software
2010-01-13 10:48 . 2010-01-21 10:01 -------- d-----w- c:\documents and settings\Gardovic\Application Data\Autodesk
2010-01-13 10:48 . 2010-01-15 12:57 -------- d-----w- c:\documents and settings\All Users\Application Data\Autodesk
2010-01-13 10:48 . 2010-01-13 10:52 -------- d-----w- c:\program files\Common Files\Autodesk Shared
2010-01-13 10:48 . 2010-01-13 10:51 -------- d-----w- c:\program files\AutoCAD 2009
2010-01-13 10:48 . 2010-01-13 10:48 -------- d-----w- c:\documents and settings\Gardovic\Local Settings\Application Data\Autodesk
2010-01-13 10:47 . 2007-07-19 17:14 3727720 ----a-w- c:\windows\system32\d3dx9_35.dll
2010-01-13 10:47 . 2010-01-13 10:47 -------- d-----w- c:\program files\MSBuild
2010-01-13 10:47 . 2010-01-21 12:23 727776 ----a-w- c:\documents and settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
2010-01-13 10:43 . 2010-01-13 10:43 -------- d-----w- c:\windows\system32\XPSViewer
2010-01-13 10:43 . 2010-01-13 10:43 -------- d-----w- c:\program files\Reference Assemblies
2010-01-13 10:43 . 2006-10-14 15:43 27648 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\filterpipelineprintproc.dll
2010-01-13 10:43 . 2006-06-29 12:07 14048 ------w- c:\windows\system32\spmsg2.dll
2010-01-13 10:38 . 1999-11-10 10:05 86016 ----a-w- c:\windows\unvise32qt.exe
2010-01-13 10:37 . 2010-01-13 10:38 -------- d-----w- c:\program files\QuickTime
2010-01-13 10:37 . 2010-01-13 10:38 -------- d-----w- c:\windows\system32\QuickTime
2010-01-13 10:37 . 2010-01-13 10:37 -------- d-----w- c:\documents and settings\All Users\Application Data\QuickTime
2010-01-13 10:34 . 2010-01-13 10:34 -------- d-----w- c:\documents and settings\All Users\Application Data\Adobe Systems
2010-01-13 10:33 . 2010-01-13 10:33 -------- d-----w- c:\program files\Common Files\Adobe Systems Shared
2010-01-13 10:31 . 2010-01-13 10:31 -------- d-----w- c:\program files\Common Files\Adobe AIR
2010-01-13 10:30 . 2010-01-13 10:36 -------- d-----w- c:\program files\Common Files\Adobe
2010-01-13 10:30 . 2010-01-21 13:27 -------- d-----w- c:\documents and settings\Gardovic\Local Settings\Application Data\Adobe
2010-01-13 10:28 . 2003-06-18 16:31 18944 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\mdippr.dll
2010-01-13 10:28 . 2003-06-18 16:31 17920 ----a-w- c:\windows\system32\mdimon.dll
2010-01-13 10:27 . 2010-01-13 10:27 -------- d-----w- c:\program files\Common Files\L&H
2010-01-13 10:27 . 2010-01-13 10:27 -------- d-----w- c:\program files\Microsoft ActiveSync
2010-01-13 10:26 . 2010-01-13 10:26 -------- d-----w- c:\program files\Microsoft Works
2010-01-13 10:26 . 2010-01-13 10:27 -------- d-----w- c:\windows\SHELLNEW
2010-01-13 10:25 . 2010-01-13 10:25 -------- d-----w- c:\program files\Microsoft.NET
2010-01-13 10:23 . 2010-01-13 10:23 -------- d-----r- C:\MSOCache
2010-01-13 10:18 . 2010-01-13 10:18 -------- d-----w- c:\documents and settings\All Users\Application Data\CyberLink
2010-01-13 10:17 . 2010-01-13 10:17 -------- d-----w- c:\program files\CyberLink
2010-01-13 10:17 . 2010-01-13 10:17 -------- d-----w- c:\program files\Webteh
2010-01-13 10:16 . 2010-01-13 10:16 -------- d-----w- c:\program files\Google
2010-01-13 10:16 . 2010-01-13 10:16 -------- d-----w- c:\program files\Common Files\Skype
2010-01-13 10:16 . 2010-01-13 10:16 -------- d-----r- c:\program files\Skype
2010-01-13 10:15 . 2010-01-13 10:16 -------- d-----w- c:\documents and settings\All Users\Application Data\Skype
2010-01-13 10:15 . 2008-10-02 09:07 453152 ----a-w- c:\windows\system32\NVUNINST.EXE
2010-01-13 10:14 . 2010-01-13 11:25 -------- d-----w- C:\NVIDIA
2010-01-13 10:14 . 2009-08-04 14:00 2180352 -c----w- c:\windows\system32\dllcache\ntoskrnl.exe
2010-01-13 10:14 . 2009-08-04 13:58 2136064 -c----w- c:\windows\system32\dllcache\ntkrnlmp.exe
2010-01-13 10:14 . 2009-08-04 13:13 2015744 -c----w- c:\windows\system32\dllcache\ntkrpamp.exe
2010-01-13 10:14 . 2009-08-04 13:13 2057728 -c----w- c:\windows\system32\dllcache\ntkrnlpa.exe
2010-01-13 10:10 . 2005-09-01 10:03 5888 ------w- c:\windows\system32\drivers\imagedrv.sys
2010-01-13 10:10 . 2005-09-01 10:03 127488 ------w- c:\windows\system32\drivers\imagesrv.sys
2010-01-13 10:09 . 2004-07-09 07:43 364544 ------w- c:\windows\system32\TwnLib4.dll
2010-01-13 10:09 . 2000-06-26 09:45 106496 ----a-w- c:\windows\system32\TwnLib20.dll
2010-01-13 10:09 . 2010-01-13 10:09 -------- d-----w- c:\program files\Common Files\Ahead
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-01-15 09:18 . 2010-01-13 09:16 86327 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2010-01-13 11:22 . 2010-01-13 09:35 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-01-13 11:22 . 2010-01-13 09:35 -------- d-----w- c:\program files\Common Files\InstallShield
2010-01-13 09:39 . 2010-01-13 09:39 -------- d-----w- c:\program files\Envy24 Family Audio Controller
2010-01-13 09:35 . 2010-01-13 09:35 -------- d-----w- c:\program files\Intel
2010-01-13 09:17 . 2010-01-13 09:17 -------- d-----w- c:\program files\microsoft frontpage
2010-01-13 09:13 . 2010-01-13 09:13 21640 ----a-w- c:\windows\system32\emptyregdb.dat
.
((((((((((((((((((((((((((((( SnapShot@2010-01-22_12.18.28 )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-01-25 06:30 . 2010-01-25 06:30 16384 c:\windows\Temp\Perflib_Perfdata_5ac.dat
+ 2009-07-26 15:44 . 2009-07-26 15:44 48448 c:\windows\system32\sirenacm.dll
+ 1999-01-12 10:35 . 1999-01-12 10:35 53760 c:\windows\speech\WrapSAPI.dll
+ 2010-01-22 13:24 . 2010-01-22 13:24 22016 c:\windows\Installer\36f95.msi
+ 2010-01-22 13:24 . 2010-01-22 13:24 27136 c:\windows\Installer\36f7f.msi
+ 2010-01-22 13:23 . 2010-01-22 13:23 83456 c:\windows\Installer\36f63.msi
+ 2010-01-22 13:23 . 2010-01-22 13:23 58880 c:\windows\Installer\36f5c.msi
+ 2010-01-22 13:24 . 2010-01-22 13:24 62304 c:\windows\Installer\{F6BD194C-4190-4D73-B1B1-C48C99921BFE}\IconWlc.exe
+ 2010-01-22 13:24 . 2010-01-22 13:24 80395 c:\windows\Installer\{A85FD55B-891B-4314-97A5-EA96C0BD80B5}\MsblIco.Exe
+ 2010-01-22 13:25 . 2010-01-22 13:25 58945 c:\windows\Installer\{6412CECE-8172-4BE5-935B-6CECACD2CA87}\wlmail.exe
+ 1999-01-12 10:39 . 1999-01-12 10:39 6656 c:\windows\delttsul.exe
+ 2007-11-07 00:19 . 2007-11-07 00:19 655872 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_d08d0375\msvcr90.dll
+ 2007-11-07 00:19 . 2007-11-07 00:19 568832 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_d08d0375\msvcp90.dll
+ 2007-11-06 19:23 . 2007-11-06 19:23 224768 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_d08d0375\msvcm90.dll
+ 2010-01-13 09:56 . 2010-01-22 13:42 349792 c:\windows\system32\FNTCACHE.DAT
+ 1999-01-12 14:19 . 1999-01-12 14:19 195584 c:\windows\speech\Xvoice.dll
+ 1999-01-12 14:19 . 1999-01-12 14:19 203776 c:\windows\speech\XTel.Dll
+ 1999-01-12 14:19 . 1999-01-12 14:19 208896 c:\windows\speech\Xlisten.dll
+ 1999-01-12 14:19 . 1999-01-12 14:19 128000 c:\windows\speech\Xcommand.dll
+ 1999-01-12 14:19 . 1999-01-12 14:19 173056 c:\windows\speech\VText.dll
+ 1999-01-12 14:19 . 1999-01-12 14:19 179712 c:\windows\speech\Vdict.dll
+ 1999-01-12 14:19 . 1999-01-12 14:19 156160 c:\windows\speech\vcmshl.dll
+ 1999-01-12 14:09 . 1999-01-12 14:09 380928 c:\windows\speech\vcmd.exe
+ 1999-01-12 14:19 . 1999-01-12 14:19 562176 c:\windows\speech\speech.dll
+ 1999-01-12 14:19 . 1999-01-12 14:19 248832 c:\windows\speech\spchtel.dll
+ 2010-01-22 13:25 . 2010-01-22 13:25 735744 c:\windows\Installer\36f9c.msi
+ 2010-01-22 13:24 . 2010-01-22 13:24 430080 c:\windows\Installer\36f8e.msi
+ 2010-01-22 13:24 . 2010-01-22 13:24 155648 c:\windows\Installer\36f86.msi
+ 2010-01-22 13:24 . 2010-01-22 13:24 140288 c:\windows\Installer\36f78.msi
+ 2010-01-22 13:24 . 2010-01-22 13:24 202752 c:\windows\Installer\36f71.msi
+ 2010-01-22 13:24 . 2010-01-22 13:24 152576 c:\windows\Installer\36f6a.msi
+ 2010-01-22 13:23 . 2010-01-22 13:23 107008 c:\windows\Installer\36f55.msi
+ 2010-01-22 13:23 . 2010-01-22 13:23 301056 c:\windows\Installer\36f4e.msi
+ 2004-08-04 01:07 . 2009-08-04 14:00 2180352 c:\windows\system32\ntoskrnl.exe
+ 2004-08-03 22:59 . 2009-08-04 13:13 2057728 c:\windows\system32\ntkrnlpa.exe
+ 2010-01-13 10:14 . 2009-08-04 14:00 2180352 c:\windows\Driver Cache\i386\ntoskrnl.exe
+ 2010-01-13 10:14 . 2009-08-04 13:13 2015744 c:\windows\Driver Cache\i386\ntkrpamp.exe
+ 2010-01-13 10:14 . 2009-08-04 13:13 2057728 c:\windows\Driver Cache\i386\ntkrnlpa.exe
+ 2010-01-13 10:14 . 2009-08-04 13:58 2136064 c:\windows\Driver Cache\i386\ntkrnlmp.exe
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Messenger (Yahoo!)"="c:\progra~1\Yahoo!\Messenger\YahooMessenger.exe" [2009-11-10 5244216]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856]
"ACMS__MiniRecnik"="c:\program files\Mini recnik\Recnik.exe" [2006-01-15 2793984]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-04 15360]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2004-11-02 32768]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2010-01-13 98304]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-11-24 81000]
"ISUSPM Startup"="c:\program files\Common Files\InstallShield\UpdateService\isuspm.exe" [2005-08-11 249856]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2005-08-11 81920]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2004-07-15 4112384]
"nwiz"="nwiz.exe" [2004-07-15 843776]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2004-07-15 81920]
c:\documents and settings\Gardovic\Start Menu\Programs\Startup\
Adobe Gamma.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-3-16 113664]
c:\documents and settings\All Users\Start Menu\Programs\Startup\
McAfee Security Scan.lnk - c:\program files\McAfee Security Scan\1.0.150\SSScheduler.exe [2009-7-28 199184]
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [13.1.2010 11:58 114768]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [13.1.2010 11:58 20560]
R3 Envy24HFS;ICE Envy24 Family Audio Controller WDM V1.01 (Envy24HT-S Eval. Only);c:\windows\system32\drivers\Envy24HF.sys [13.1.2010 10:39 561144]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.ba/
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
FF - ProfilePath - c:\documents and settings\Gardovic\Application Data\Mozilla\Firefox\Profiles\vdtx05ww.default\
---- FIREFOX POLICIES ----
FF - user.js: yahoo.ytff.general.dontshowhpoffer - true.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, gmer.net
Rootkit scan 2010-01-25 07:30
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
- - - - - - - > 'explorer.exe'(2592)
c:\windows\system32\ieframe.dll
c:\windows\system32\msi.dll
c:\windows\system32\webcheck.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Alwil Software\Avast4\aswUpdSv.exe
c:\program files\Alwil Software\Avast4\ashServ.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\windows\system32\nvsvc32.exe
c:\windows\system32\RUNDLL32.EXE
c:\program files\Yahoo!\SoftwareUpdate\YahooAUService.exe
c:\program files\Alwil Software\Avast4\ashMaiSv.exe
c:\program files\Alwil Software\Avast4\ashWebSv.exe
c:\progra~1\Yahoo!\Messenger\ymsgr_tray.exe
.
**************************************************************************
.
Completion time: 2010-01-25 07:34:11 - machine was rebooted
ComboFix-quarantined-files.txt 2010-01-25 06:34
ComboFix2.txt 2010-01-22 12:22
Pre-Run: 21.361.385.472 bytes free
Post-Run: 21.446.680.576 bytes free
- - End Of File - - 4BD5EBFA28E2F049773B8D830396E077
|
|
|
|
|