[ izida @ 14.11.2010. 09:58 ] @
Operativni sistem je 7,instaliran pre mesec dana,u poslednjih nekoliko dana komp mi sve teze radi,od jutros koliko sam primetio i mis(bezicni) pocinje da pravi problem,strelica se neverovatno sporo pomera! Sumljam da imam "nesto" sto pravi problem! Od programa koristim samo Avira AntiVir Personal i firewall iz 7.... ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 10:46:55 AM, on 11/14/2010 Platform: Windows 7 (WinNT 6.00.3504) MSIE: Internet Explorer v8.00 (8.00.7600.16671) Boot mode: Normal Running processes: C:\Windows\system32\taskeng.exe C:\Program Files\ASUS\TurboV EVO\TurboVHELP.exe C:\Windows\DAODx.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskhost.exe C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe C:\Program Files\ASUS\TurboV EVO\TurboV_EVO.exe C:\Program Files\ASUS\EPU\EPU.exe C:\Program Files\DeviceVM\Browser Configuration Utility\BCU.exe C:\Program Files\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\Program Files\Logitech\SetPoint\SetPoint.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\Windows\system32\SearchFilterHost.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: SearchHook Class - {BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} - C:\Program Files\DeviceVM\Browser Configuration Utility\AddressBarSearch.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: Foxit Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe -r O4 - HKLM\..\Run: [TurboV EVO] "C:\Program Files\ASUS\TurboV EVO\TurboV_EVO.exe" -b O4 - HKLM\..\Run: [Six Engine] "C:\Program Files\ASUS\EPU\EPU.exe" -b O4 - HKLM\..\Run: [BCU] "C:\Program Files\DeviceVM\Browser Configuration Utility\BCU.exe" O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [ATICustomerCare] "C:\Program Files\ATI\ATICustomerCare\ATICustomerCare.exe" O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O17 - HKLM\System\CCS\Services\Tcpip\..\{AA07F302-A14D-4352-8656-E206C859B8B7}: NameServer = 93.93.192.2,194.106.162.2 O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: ASUS System Control Service (AsSysCtrlService) - ASUSTeK Computer Inc. - C:\Program Files\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe O23 - Service: Browser Configuration Utility Service (BCUService) - DeviceVM, Inc. - C:\Program Files\DeviceVM\Browser Configuration Utility\BCUService.exe O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe O23 - Service: TeamViewer 5 (TeamViewer5) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe -- End of file - 5660 bytes ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ ComboFix 10-11-12.06 - Srbija Srbima 11/14/2010 10:49:23.1.2 - x86 Microsoft Windows 7 Ultimate 6.1.7600.0.1252.1.1033.18.3198.2057 [GMT 1:00] Running from: c:\users\Srbija Srbima\Desktop\ComboFix.exe . ((((((((((((((((((((((((( Files Created from 2010-10-14 to 2010-11-14 ))))))))))))))))))))))))))))))) . 2010-11-14 09:52 . 2010-11-14 09:52 -------- d-----w- c:\users\Default\AppData\Local\temp 2010-11-14 09:46 . 2010-11-14 09:46 388096 ----a-r- c:\users\Srbija Srbima\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2010-11-14 09:46 . 2010-11-14 09:46 -------- d-----w- c:\program files\Trend Micro 2010-11-13 13:04 . 2010-11-13 13:05 -------- d-----w- c:\users\Srbija Srbima\AppData\Roaming\Ashampoo 2010-11-13 13:03 . 2010-11-13 13:04 -------- d-----w- c:\users\Srbija Srbima\AppData\Local\ashampoo 2010-11-13 13:03 . 2010-11-13 13:03 -------- d-----w- c:\programdata\ashampoo 2010-11-13 13:03 . 2010-11-13 13:03 -------- d-----w- c:\program files\Ashampoo 2010-11-12 22:04 . 2010-11-12 22:04 737072 ----a-w- c:\programdata\Microsoft\eHome\Packages\SportsV2\SportsTemplateCore\Microsoft.MediaCenter.Sports.UI.dll 2010-11-12 22:03 . 2010-11-12 22:03 4277016 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\markup.dll 2010-11-12 22:01 . 2010-11-12 22:01 42776 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM\StartResources.dll 2010-11-12 22:01 . 2010-11-12 22:01 588096 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll 2010-11-12 13:51 . 2010-10-07 23:21 6146896 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{212EC703-C417-4F63-8047-B96D3119EF9D}\mpengine.dll 2010-11-11 12:49 . 2010-11-11 23:21 -------- d-----w- c:\program files\JDownloader 2010-11-09 09:17 . 2010-11-11 12:47 -------- d-----w- c:\users\Srbija Srbima\AppData\Roaming\Media Player Classic 2010-11-04 19:06 . 2010-11-04 19:06 -------- d-----w- c:\users\Srbija Srbima\AppData\Local\THQ 2010-11-04 18:50 . 2010-11-13 21:15 -------- d-----w- c:\users\Srbija Srbima\AppData\Local\Deployment 2010-11-04 18:50 . 2010-11-04 18:50 -------- d-----w- c:\users\Srbija Srbima\AppData\Local\Apps 2010-11-04 18:50 . 2009-09-04 16:29 1974616 ----a-w- c:\windows\system32\D3DCompiler_42.dll 2010-11-04 18:50 . 2009-09-04 16:29 453456 ----a-w- c:\windows\system32\d3dx10_42.dll 2010-11-04 18:50 . 2009-09-04 16:29 1892184 ----a-w- c:\windows\system32\D3DX9_42.dll 2010-11-04 18:50 . 2010-11-04 18:50 -------- d-----w- c:\program files\THQ 2010-10-31 20:34 . 2010-10-31 20:34 -------- d-----w- c:\programdata\KONAMI 2010-10-31 20:34 . 2010-10-31 20:34 -------- d-----w- c:\program files\KONAMI 2010-10-26 18:38 . 2010-08-04 06:18 641536 ----a-w- c:\windows\system32\CPFilters.dll 2010-10-26 18:38 . 2010-08-04 06:17 417792 ----a-w- c:\windows\system32\msdri.dll 2010-10-26 18:38 . 2010-08-04 06:15 204288 ----a-w- c:\windows\system32\MSNP.ax 2010-10-26 18:38 . 2010-08-04 06:15 199680 ----a-w- c:\windows\system32\mpg2splt.ax 2010-10-26 18:37 . 2010-07-13 05:22 26504 ----a-w- c:\windows\system32\drivers\Diskdump.sys 2010-10-25 12:13 . 2010-10-25 12:13 -------- d-----w- c:\programdata\ATI 2010-10-23 22:21 . 2010-10-23 22:21 -------- d-----w- c:\program files\SystemRequirementsLab 2010-10-23 22:21 . 2010-10-23 22:21 -------- d-----w- c:\users\Srbija Srbima\AppData\Roaming\SystemRequirementsLab 2010-10-23 22:21 . 2010-10-23 22:21 -------- d-----w- c:\windows\Sun 2010-10-20 17:10 . 2010-10-20 17:10 -------- d-----w- c:\users\Srbija Srbima\AppData\Roaming\ArcSoft 2010-10-20 17:04 . 2010-10-20 17:04 -------- d-----w- c:\users\Srbija Srbima\AppData\Local\ArcSoft 2010-10-20 17:04 . 2010-10-20 17:04 -------- d-----w- c:\program files\Common Files\ArcSoft 2010-10-20 17:04 . 2010-10-20 17:04 -------- d-----w- c:\programdata\ArcSoft 2010-10-20 17:04 . 2010-10-20 17:04 -------- d-----w- c:\windows\system32\Codec 2010-10-20 17:04 . 2009-08-11 19:18 497664 ----a-w- c:\windows\system32\ac3filter.acm 2010-10-15 21:29 . 2010-10-15 21:29 -------- d-----w- c:\programdata\eMule 2010-10-15 21:26 . 2010-10-15 21:32 -------- d-----w- c:\users\Srbija Srbima\AppData\Local\eMule 2010-10-15 21:26 . 2010-10-15 21:26 -------- d-----w- c:\program files\eMule 2010-10-15 17:35 . 2010-10-15 17:35 -------- d-----w- c:\users\Srbija Srbima\AppData\Local\Sandstone 2010-10-15 17:26 . 2010-10-20 10:47 -------- d-----w- c:\programdata\Muzzy Lane 2010-10-15 12:08 . 2010-10-15 12:08 -------- d-----w- c:\users\Srbija Srbima\AppData\Roaming\Ubisoft 2010-10-15 12:08 . 2010-10-15 12:08 -------- d-----w- c:\programdata\Ubisoft 2010-10-15 12:06 . 2010-11-03 16:52 -------- d-----w- c:\program files\AC2 OFFLINE Server v0.41 2010-10-15 11:46 . 2010-10-15 12:00 -------- d-----w- c:\program files\Ubisoft 2010-10-15 10:56 . 2010-10-15 10:56 -------- d-----w- c:\users\Srbija Srbima\AppData\Roaming\ATI 2010-10-15 10:56 . 2010-10-15 10:56 -------- d-----w- c:\users\Srbija Srbima\AppData\Local\ATI 2010-10-15 10:54 . 2010-10-15 10:54 -------- d-----w- c:\program files\Common Files\ATI Technologies 2010-10-15 10:53 . 2010-10-25 12:13 -------- d-----w- c:\program files\ATI Technologies 2010-10-15 10:52 . 2010-10-15 10:52 -------- d-----w- C:\ATI 2010-10-15 10:49 . 2010-10-15 10:49 691696 ----a-w- c:\windows\system32\drivers\sptd.sys 2010-10-15 10:49 . 2010-10-15 10:50 -------- d-----w- c:\program files\DAEMON Tools Lite 2010-10-15 10:49 . 2010-10-15 11:42 -------- d-----w- c:\users\Srbija Srbima\AppData\Roaming\DAEMON Tools Lite 2010-10-15 10:49 . 2010-10-15 10:49 -------- d-----w- c:\programdata\DAEMON Tools Lite 2010-10-15 10:40 . 2010-10-15 10:40 -------- d-----w- c:\users\Srbija Srbima\AppData\Roaming\Foxit Software . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2010-11-03 16:34 . 2010-10-14 14:07 60936 ----a-w- c:\windows\system32\drivers\avgntflt.sys 2010-11-03 16:34 . 2010-10-14 14:07 126856 ----a-w- c:\windows\system32\drivers\avipbb.sys 2010-10-19 09:41 . 2009-10-14 09:58 222080 ------w- c:\windows\system32\MpSigStub.exe 2010-10-14 18:45 . 2010-10-14 18:45 505128 ----a-w- c:\windows\system32\msvcp71.dll 2010-10-14 18:45 . 2010-10-14 18:45 353576 ----a-w- c:\windows\system32\msvcr71.dll 2010-10-14 18:45 . 2010-10-14 18:45 29480 ----a-w- c:\windows\system32\msxml3a.dll 2010-10-14 14:05 . 2010-10-14 14:05 472808 ----a-w- c:\windows\system32\deployJava1.dll 2010-09-29 02:25 . 2010-09-29 02:25 6472192 ----a-w- c:\windows\system32\drivers\atikmdag.sys 2010-09-29 01:56 . 2010-09-29 01:56 16201728 ----a-w- c:\windows\system32\atioglxx.dll 2010-09-29 01:55 . 2010-09-29 01:55 143360 ----a-w- c:\windows\system32\atiapfxx.exe 2010-09-29 01:55 . 2010-08-03 23:54 536576 ----a-w- c:\windows\system32\aticfx32.dll 2010-09-29 01:51 . 2010-09-29 01:51 450560 ----a-w- c:\windows\system32\ATIDEMGX.dll 2010-09-29 01:51 . 2010-09-29 01:51 380928 ----a-w- c:\windows\system32\atieclxx.exe 2010-09-29 01:50 . 2010-09-29 01:50 176128 ----a-w- c:\windows\system32\atiesrxx.exe 2010-09-29 01:49 . 2010-09-29 01:49 159744 ----a-w- c:\windows\system32\atitmmxx.dll 2010-09-29 01:49 . 2010-09-29 01:49 356352 ----a-w- c:\windows\system32\atipdlxx.dll 2010-09-29 01:49 . 2010-09-29 01:49 278528 ----a-w- c:\windows\system32\Oemdspif.dll 2010-09-29 01:49 . 2010-09-29 01:49 11776 ----a-w- c:\windows\system32\atimuixx.dll 2010-09-29 01:49 . 2010-09-29 01:49 43520 ----a-w- c:\windows\system32\ati2edxx.dll 2010-09-29 01:46 . 2010-08-03 23:46 3953152 ----a-w- c:\windows\system32\atidxx32.dll 2010-09-29 01:28 . 2010-09-29 01:28 4077568 ----a-w- c:\windows\system32\atiumdag.dll 2010-09-29 01:27 . 2010-09-29 01:27 46080 ----a-w- c:\windows\system32\aticalrt.dll 2010-09-29 01:27 . 2010-09-29 01:27 44032 ----a-w- c:\windows\system32\aticalcl.dll 2010-09-29 01:26 . 2010-09-29 01:26 4407808 ----a-w- c:\windows\system32\aticaldd.dll 2010-09-29 01:22 . 2010-08-03 23:23 52736 ----a-w- c:\windows\system32\coinst.dll 2010-09-29 01:22 . 2010-09-29 01:22 3460096 ----a-w- c:\windows\system32\atiumdva.dll 2010-09-29 01:15 . 2010-09-29 01:15 241664 ----a-w- c:\windows\system32\atiadlxx.dll 2010-09-29 01:14 . 2010-09-29 01:14 12800 ----a-w- c:\windows\system32\atiglpxx.dll 2010-09-29 01:14 . 2010-09-29 01:14 19968 ----a-w- c:\windows\system32\atigktxx.dll 2010-09-29 01:14 . 2010-09-29 01:14 228352 ----a-w- c:\windows\system32\drivers\atikmpag.sys 2010-09-29 01:14 . 2010-08-03 23:15 30720 ----a-w- c:\windows\system32\atiuxpag.dll 2010-09-29 01:13 . 2010-08-26 01:19 28672 ----a-w- c:\windows\system32\atiu9pag.dll 2010-09-29 01:12 . 2010-09-29 01:12 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll 2010-09-29 01:09 . 2010-09-29 01:09 52736 ----a-w- c:\windows\system32\atimpc32.dll 2010-09-29 01:09 . 2010-09-29 01:09 52736 ----a-w- c:\windows\system32\amdpcom32.dll 2010-09-22 22:47 . 2010-09-22 22:47 49016 ----a-w- c:\windows\system32\sirenacm.dll 2010-09-21 12:03 . 2010-09-21 12:03 208768 ----a-w- c:\windows\system32\LIVESSP.DLL 2010-09-14 08:00 . 2010-10-14 22:39 108032 ----a-w- c:\windows\system32\ff_vfw.dll 2010-09-08 04:30 . 2010-10-14 11:54 978432 ----a-w- c:\windows\system32\wininet.dll 2010-09-08 04:28 . 2010-10-14 11:54 44544 ----a-w- c:\windows\system32\licmgr10.dll 2010-09-08 03:22 . 2010-10-14 11:54 386048 ----a-w- c:\windows\system32\html.iec 2010-09-08 02:48 . 2010-10-14 11:54 1638912 ----a-w- c:\windows\system32\mshtml.tlb 2010-09-01 04:23 . 2010-10-14 11:54 12625408 ----a-w- c:\windows\system32\wmploc.DLL 2010-09-01 02:34 . 2010-10-14 11:53 2327552 ----a-w- c:\windows\system32\win32k.sys 2010-08-31 04:32 . 2010-10-14 11:53 954752 ----a-w- c:\windows\system32\mfc40.dll 2010-08-31 04:32 . 2010-10-14 11:53 954288 ----a-w- c:\windows\system32\mfc40u.dll 2010-08-27 18:32 . 2010-08-27 18:32 294912 ----a-w- c:\windows\system32\ATIODE.exe 2010-08-27 05:46 . 2010-10-14 11:53 168448 ----a-w- c:\windows\system32\srvsvc.dll 2010-08-27 03:31 . 2010-10-14 11:53 310784 ----a-w- c:\windows\system32\drivers\srv.sys 2010-08-27 03:30 . 2010-10-14 11:53 308736 ----a-w- c:\windows\system32\drivers\srv2.sys 2010-08-27 03:30 . 2010-10-14 11:53 113664 ----a-w- c:\windows\system32\drivers\srvnet.sys 2010-08-26 04:39 . 2010-10-14 11:53 109056 ----a-w- c:\windows\system32\t2embed.dll 2010-08-21 05:36 . 2010-10-14 11:52 738816 ----a-w- c:\windows\system32\wmpmde.dll 2010-08-21 05:36 . 2010-10-14 11:54 224256 ----a-w- c:\windows\system32\schannel.dll 2010-08-21 05:33 . 2010-10-14 11:54 530432 ----a-w- c:\windows\system32\comctl32.dll 2010-08-21 05:32 . 2010-10-14 11:53 316928 ----a-w- c:\windows\system32\spoolsv.exe 2010-08-16 10:41 . 2010-08-16 10:41 101904 ----a-w- c:\windows\system32\drivers\AtihdW73.sys . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}] 2010-05-26 13:23 1385864 ----a-w- c:\program files\Ask.com\GenericAskToolbar.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2010-05-26 1385864] [HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}] [HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1] [HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}] [HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser] "{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2010-05-26 1385864] [HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}] [HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1] [HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}] [HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "HDAudDeck"="c:\program files\VIA\VIAudioi\VDeck\VDeck.exe" [2010-03-15 1780224] "TurboV EVO"="c:\program files\ASUS\TurboV EVO\TurboV_EVO.exe" [2010-04-07 9919104] "Six Engine"="c:\program files\ASUS\EPU\EPU.exe" [2010-03-16 5309056] "BCU"="c:\program files\DeviceVM\Browser Configuration Utility\BCU.exe" [2009-10-26 375000] "NUSB3MON"="c:\program files\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2010-01-22 106496] "Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2008-12-18 76304] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552] "avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2010-11-03 281768] "ATICustomerCare"="c:\program files\ATI\ATICustomerCare\ATICustomerCare.exe" [2010-03-04 311296] "StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-09-30 98304] c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\SetPoint.exe [2010-10-14 809488] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 0 (0x0) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableLUA"= 0 (0x0) "EnableUIADesktopToggle"= 0 (0x0) "PromptOnSecureDesktop"= 0 (0x0) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn] 2009-02-18 22:30 72208 ----a-w- c:\program files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BDRegion] 2010-04-02 07:11 75048 ------w- c:\program files\CyberLink\Shared files\brs.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite] 2010-04-01 09:16 357696 ----a-w- c:\program files\DAEMON Tools Lite\DTLite.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl10] 2010-02-02 22:08 87336 ------w- c:\program files\CyberLink\PowerDVD10\PDVD10Serv.exe R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-10-15 691696] S2 {1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC};Power Control [2010/10/14 20:46];c:\program files\CyberLink\PowerDVD10\NavFilter\000.fcl [2010-04-02 07:11 87536] S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-09-29 176128] S2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [2010-11-03 135336] S2 AsSysCtrlService;ASUS System Control Service;c:\program files\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe [2009-12-28 96896] S2 BCUService;Browser Configuration Utility Service;c:\program files\DeviceVM\Browser Configuration Utility\BCUService.exe [2009-10-26 223464] S2 TeamViewer5;TeamViewer 5;c:\program files\TeamViewer\Version5\TeamViewer_Service.exe [2010-10-06 2002728] S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2010-09-29 6472192] S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2010-09-29 228352] S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW73.sys [2010-08-16 101904] S3 nusb3hub;NEC Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [2010-01-22 59904] S3 nusb3xhc;NEC Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [2010-01-22 139648] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2010-02-09 260640] S3 SKYNET;TechniSat DVB-PC TV Star PCI;c:\windows\system32\DRIVERS\SkyNET.SYS [2010-05-10 627288] S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys [2009-10-19 31288] S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [2010-03-02 1127936] . . ------- Supplementary Scan ------- . TCP: {AA07F302-A14D-4352-8656-E206C859B8B7} = 93.93.192.2,194.106.162.2 FF - ProfilePath - c:\users\Srbija Srbima\AppData\Roaming\Mozilla\Firefox\Profiles\fzcko17l.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.elitesecurity.org/f101-PC-DVB-kartice FF - plugin: c:\program files\Java\jre6\bin\new_plugin\npdeployJava1.dll ---- FIREFOX POLICIES ---- c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--fiqz9s", true); // Traditional c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--fiqs8s", true); // Simplified c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--j6w193g", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4a87g", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbqly7c0a67fbc", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbqly7cvafr", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--kpry57d", true); // Traditional c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--kprw13d", true); // Simplified c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false); . . ------- File Associations ------- . .txt=GetDiz.Document . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\{1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC}] "ImagePath"="\??\c:\program files\CyberLink\PowerDVD10\NavFilter\000.fcl" . --------------------- LOCKED REGISTRY KEYS --------------------- [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . --------------------- DLLs Loaded Under Running Processes --------------------- - - - - - - - > 'Explorer.exe'(2172) c:\program files\Logitech\SetPoint\lgscroll.dll . Completion time: 2010-11-14 10:53:27 ComboFix-quarantined-files.txt 2010-11-14 09:53 Pre-Run: 99,554,258,944 bytes free Post-Run: 99,462,402,048 bytes free - - End Of File - - 9C4D8E9741B160613075180D858E342D |