[ senko_zid @ 03.02.2010. 03:38 ] @
ko ce mi reci da li mi je log cist bicu mu zahvalan

ComboFix 10-02-02.02 - Administrator 02/03/2010 4:01.1.1 - x86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.1534.1125 [GMT 1:00]
Running from: e:\antivirus\ComboFix.exe
AV: avast! antivirus 4.8.1368 [VPS 100202-1] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Autorun.inf
c:\documents and settings\Administrator\Application Data\inst.exe

.
((((((((((((((((((((((((( Files Created from 2010-01-03 to 2010-02-03 )))))))))))))))))))))))))))))))
.

2010-02-02 21:59 . 2010-02-02 21:59 -------- d-----w- c:\documents and settings\Administrator\Application Data\Boomzap
2010-02-02 21:53 . 2010-02-02 22:05 -------- d-----w- c:\program files\Passport to Paradise
2010-02-02 21:53 . 2010-02-02 21:53 -------- d-----w- c:\program files\ReflexiveArcade
2010-02-02 16:55 . 2010-02-02 16:55 -------- d-----w- c:\documents and settings\All Users\Application Data\FileCure
2010-02-02 02:26 . 2010-02-02 02:26 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple Computer
2010-02-01 20:19 . 2010-02-01 20:19 -------- d-----w- c:\program files\Microsoft Silverlight
2010-02-01 15:50 . 2010-02-02 02:42 -------- d-----w- c:\documents and settings\Administrator\Application Data\vlc
2010-02-01 00:14 . 2010-02-01 00:14 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Application Data\Google
2010-02-01 00:10 . 2010-02-01 00:10 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Application Data\Google
2010-01-31 21:29 . 2010-01-31 21:29 -------- d-----w- c:\documents and settings\Administrator\Application Data\DivX
2010-01-31 21:24 . 2010-01-31 21:35 -------- d-----w- c:\program files\DivX
2010-01-31 21:11 . 2010-01-31 21:11 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Readon_Technology
2010-01-31 21:10 . 2010-01-31 21:10 -------- d-----w- c:\program files\Readon Technology
2010-01-31 18:34 . 2010-01-31 18:34 -------- d-----r- C:\AHCache
2010-01-31 14:15 . 2009-11-24 23:49 48560 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2010-01-31 14:15 . 2009-11-24 23:48 23120 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2010-01-31 14:15 . 2009-11-24 23:47 27408 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2010-01-31 14:15 . 2009-11-24 23:51 93424 ----a-w- c:\windows\system32\drivers\aswmon.sys
2010-01-31 14:15 . 2009-11-24 23:50 94160 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2010-01-31 14:15 . 2009-11-24 23:50 114768 ----a-w- c:\windows\system32\drivers\aswSP.sys
2010-01-31 14:15 . 2009-11-24 23:50 20560 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2010-01-31 14:15 . 2009-11-24 23:47 97480 ----a-w- c:\windows\system32\AvastSS.scr
2010-01-31 14:14 . 2009-11-24 23:54 1280480 ----a-w- c:\windows\system32\aswBoot.exe
2010-01-31 12:23 . 2010-01-31 12:23 -------- d-----w- c:\documents and settings\Administrator\Application Data\skypePM
2010-01-31 12:22 . 2010-02-01 15:23 -------- d-----w- c:\documents and settings\Administrator\Application Data\Skype
2010-01-31 12:22 . 2010-01-31 12:22 -------- d-----w- c:\program files\Skype
2010-01-31 12:22 . 2010-01-31 12:22 -------- d-----w- c:\program files\Common Files\Skype
2010-01-31 12:18 . 2010-01-31 12:22 -------- d-----w- c:\documents and settings\All Users\Application Data\Skype
2010-01-31 11:58 . 2010-01-31 11:58 -------- d-----w- c:\program files\Common Files\PCSuite
2010-01-31 11:57 . 2008-08-26 08:26 18816 ----a-w- c:\windows\system32\drivers\pccsmcfd.sys
2010-01-31 11:57 . 2010-01-31 11:57 -------- d-----w- c:\program files\PC Connectivity Solution
2010-01-31 11:57 . 2009-10-06 10:52 7936 ----a-w- c:\windows\system32\drivers\usbser_lowerfltj.sys
2010-01-31 11:57 . 2009-10-06 10:52 7936 ----a-w- c:\windows\system32\drivers\usbser_lowerflt.sys
2010-01-31 11:57 . 2009-10-06 10:52 22016 ----a-w- c:\windows\system32\drivers\ccdcmbo.sys
2010-01-31 11:57 . 2009-10-06 10:55 1112288 ----a-w- c:\windows\system32\wdfcoinstaller01007.dll
2010-01-31 11:57 . 2009-10-06 10:52 660480 ----a-w- c:\windows\system32\nmwcdcocls.dll
2010-01-31 11:57 . 2009-10-06 10:52 17664 ----a-w- c:\windows\system32\drivers\ccdcmb.sys
2010-01-31 11:56 . 2010-01-31 11:55 34399664 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{19DC9559-9C20-4A46-A67D-7ECBA52A2788}\Nokia_PC_Suite_eng_web.exe
2010-01-31 11:55 . 2010-01-31 11:55 95232 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{19DC9559-9C20-4A46-A67D-7ECBA52A2788}\Installer\CommonCustomActions\pcswpcsi.exe
2010-01-31 11:55 . 2010-01-31 11:55 8192 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{19DC9559-9C20-4A46-A67D-7ECBA52A2788}\Installer\CommonCustomActions\UninstCCD.exe
2010-01-31 11:55 . 2010-01-31 11:55 61440 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{19DC9559-9C20-4A46-A67D-7ECBA52A2788}\Installer\CommonCustomActions\UninstPCSFEMsi.exe
2010-01-31 11:55 . 2010-01-31 11:55 10240 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{19DC9559-9C20-4A46-A67D-7ECBA52A2788}\Installer\CommonCustomActions\UninstPCS.exe
2010-01-31 03:24 . 2010-01-31 03:24 -------- d-----w- c:\documents and settings\All Users\Application Data\Nokia
2010-01-31 03:24 . 2010-01-31 03:22 24565400 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{4C911A61-39EA-41CC-AB3C-FE3BFFDB5F78}\NokiaSoftwareUpdaterSetup_hr.exe
2010-01-31 03:24 . 2010-01-31 03:24 -------- d-----w- c:\program files\MSXML 6.0
2010-01-31 03:23 . 2010-01-31 03:23 3351812 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{4C911A61-39EA-41CC-AB3C-FE3BFFDB5F78}\Installer\CommonCustomActions\msxml6Exec.exe
2010-01-31 03:23 . 2010-01-31 03:23 36864 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{4C911A61-39EA-41CC-AB3C-FE3BFFDB5F78}\Installer\CommonCustomActions\Sleep.exe
2010-01-31 03:23 . 2010-01-31 03:23 3203453 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{4C911A61-39EA-41CC-AB3C-FE3BFFDB5F78}\Installer\CommonCustomActions\vcredistExec.exe
2010-01-30 23:23 . 2010-02-02 00:22 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Google
2010-01-30 23:23 . 2010-02-01 00:10 -------- d-----w- c:\program files\Google
2010-01-30 23:17 . 2010-01-30 23:17 1956528 ----a-w- c:\program files\install_flash_player_ax.exe
2010-01-30 14:33 . 2010-01-30 14:33 -------- d-----w- c:\documents and settings\Administrator\Application Data\Media Player Classic
2010-01-29 22:55 . 2009-08-16 15:08 178176 ----a-w- c:\windows\system32\unrar.dll
2010-01-29 22:55 . 2009-05-29 21:37 205824 ----a-w- c:\windows\system32\xvidvfw.dll
2010-01-29 22:55 . 2009-05-29 21:31 881664 ----a-w- c:\windows\system32\xvidcore.dll
2010-01-29 22:55 . 2004-01-25 16:18 217088 ----a-w- c:\windows\system32\yv12vfw.dll
2010-01-29 22:55 . 2009-07-14 00:15 90112 ----a-w- c:\windows\system32\dpl100.dll
2010-01-29 22:55 . 2009-11-04 18:00 85504 ----a-w- c:\windows\system32\ff_vfw.dll
2010-01-29 22:55 . 2010-01-29 22:56 -------- d-----w- c:\program files\K-Lite Codec Pack
2010-01-29 22:53 . 2010-01-29 22:53 -------- d-----w- c:\program files\Quran_in_Word
2010-01-29 22:52 . 2006-10-26 18:56 33104 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\msonpppr.dll
2010-01-29 22:52 . 2006-10-26 18:56 32592 ----a-w- c:\windows\system32\msonpmon.dll
2010-01-29 22:50 . 2010-01-29 22:50 -------- d-----w- c:\program files\Microsoft Works
2010-01-29 22:50 . 2010-01-29 22:50 -------- d-----w- c:\program files\MSBuild
2010-01-29 22:44 . 2010-01-29 22:44 -------- d-----w- c:\windows\SHELLNEW
2010-01-29 22:43 . 2010-01-29 22:43 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Microsoft Help
2010-01-29 22:43 . 2010-01-29 22:52 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help
2010-01-29 22:43 . 2010-01-29 22:43 -------- d-----r- C:\MSOCache
2010-01-29 22:35 . 2010-01-29 22:35 -------- d-----w- c:\documents and settings\All Users\Application Data\LightScribe
2010-01-29 22:31 . 2010-01-29 22:34 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Ahead
2010-01-29 22:31 . 2010-01-29 22:31 -------- d-----w- c:\program files\Common Files\LightScribe
2010-01-29 22:30 . 2010-01-29 22:35 -------- d-----w- c:\documents and settings\Administrator\Application Data\Ahead
2010-01-29 22:27 . 2010-01-29 22:31 -------- d-----w- c:\program files\Common Files\Ahead
2010-01-29 22:27 . 2010-01-29 22:27 -------- d-----w- c:\program files\Nero
2010-01-29 22:27 . 2010-01-29 22:27 -------- d-----w- c:\documents and settings\All Users\Application Data\Nero
2010-01-29 22:11 . 2010-01-29 22:11 -------- d-----w- c:\program files\Common Files\Adobe
2010-01-29 21:56 . 2010-01-29 21:56 -------- d-----w- c:\program files\Photo!
2010-01-29 21:53 . 2010-01-29 21:56 -------- d-----w- c:\program files\PhotoScape
2010-01-29 21:44 . 2010-01-29 21:44 -------- d-----w- c:\windows\InstallCache
2010-01-29 21:35 . 2009-05-14 02:00 45056 ----a-w- c:\windows\system32\WNASPI32.DLL
2010-01-29 21:35 . 2009-05-14 02:00 16512 ----a-w- c:\windows\system32\drivers\ASPI32.SYS
2010-01-29 21:35 . 2010-01-29 21:35 -------- d-----w- c:\program files\ImTOO
2010-01-29 21:35 . 2010-01-29 21:35 -------- d-----w- c:\program files\QuickTime
2010-01-29 21:31 . 2010-01-31 01:03 85696 ----a-w- c:\documents and settings\Administrator\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2010-01-29 21:29 . 2010-01-29 21:29 47360 ----a-w- c:\windows\system32\drivers\pcouffin.sys
2010-01-29 21:29 . 2010-01-29 21:29 47360 ----a-w- c:\documents and settings\Administrator\Application Data\pcouffin.sys
2010-01-29 21:29 . 2010-01-31 11:38 -------- d-----w- c:\documents and settings\Administrator\Application Data\Vso
2010-01-29 21:28 . 2006-09-29 11:26 176165 ----a-w- c:\windows\system32\drv23260.dll
2010-01-29 21:28 . 2006-09-29 11:25 208935 ----a-w- c:\windows\system32\drv33260.dll
2010-01-29 21:28 . 2006-09-29 11:24 217127 ----a-w- c:\windows\system32\drv43260.dll
2010-01-29 21:28 . 2002-12-10 01:20 102439 ----a-w- c:\windows\system32\sipr3260.dll
2010-01-29 21:28 . 2007-03-18 19:37 65602 ----a-w- c:\windows\system32\cook3260.dll
2010-01-29 21:28 . 2006-05-11 18:21 626688 ----a-w- c:\windows\system32\vp7vfw.dll
2010-01-29 21:28 . 2006-05-20 15:16 1184984 ----a-w- c:\windows\system32\wvc1dmod.dll
2010-01-29 21:28 . 2010-01-29 21:28 -------- d-----w- c:\program files\VSO
2010-01-29 20:26 . 2010-01-29 20:26 -------- d-----w- c:\program files\uTorrent
2010-01-29 20:26 . 2010-02-03 03:06 -------- d-----w- c:\documents and settings\Administrator\Application Data\uTorrent
2010-01-29 19:58 . 2010-01-29 19:58 0 ----a-w- c:\windows\nsreg.dat
2010-01-29 19:57 . 2010-01-29 19:57 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Mozilla
2010-01-29 19:41 . 2010-01-29 19:41 -------- d-s---w- c:\documents and settings\Administrator\UserData
2010-01-29 19:05 . 2010-01-31 16:12 -------- d-----w- c:\documents and settings\Administrator\Contacts
2010-01-29 18:56 . 2010-01-29 18:56 -------- d-----w- c:\program files\Common Files\InstallShield
2010-01-29 18:55 . 2004-08-03 22:08 25600 ----a-w- c:\windows\system32\drivers\usbser.sys
2010-01-29 18:54 . 2008-03-21 12:57 14640 ------w- c:\windows\system32\spmsgXP_2k3.dll
2010-01-29 18:54 . 2008-03-21 12:57 23856 ----a-w- c:\windows\system32\spupdsvc.exe
2010-01-29 18:54 . 2010-01-29 18:56 -------- d-----w- c:\documents and settings\Administrator\Application Data\Nokia
2010-01-29 18:54 . 2010-02-01 16:18 -------- d-----w- c:\documents and settings\Administrator\Application Data\PC Suite
2010-01-29 18:54 . 2010-01-29 18:54 -------- d-----w- c:\documents and settings\All Users\Application Data\PC Suite
2010-01-29 18:53 . 2010-01-31 11:58 -------- d-----w- c:\program files\Common Files\Nokia
2010-01-29 18:53 . 2010-01-29 18:54 -------- d-----w- c:\program files\DIFX
2010-01-29 18:53 . 2009-10-06 10:52 91136 ----a-w- c:\windows\system32\nmwcdcls.dll
2010-01-29 18:53 . 2010-01-31 11:58 -------- d-----w- c:\program files\Nokia
2010-01-29 18:52 . 2009-09-23 23:47 33773208 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{3D39E775-DDDA-4327-B747-0BDC5F191331}\Nokia_PC_Suite_7_1_30_9_eng_web.exe
2010-01-29 18:52 . 2010-01-29 18:52 95232 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{3D39E775-DDDA-4327-B747-0BDC5F191331}\Installer\CommonCustomActions\pcswpcsi.exe
2010-01-29 18:52 . 2010-01-29 18:52 8192 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{3D39E775-DDDA-4327-B747-0BDC5F191331}\Installer\CommonCustomActions\UninstCCD.exe
2010-01-29 18:52 . 2010-01-29 18:52 61440 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{3D39E775-DDDA-4327-B747-0BDC5F191331}\Installer\CommonCustomActions\UninstPCSFEMsi.exe
2010-01-29 18:52 . 2010-01-29 18:52 10240 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{3D39E775-DDDA-4327-B747-0BDC5F191331}\Installer\CommonCustomActions\UninstPCS.exe
2010-01-29 18:52 . 2010-01-31 11:55 -------- d-----w- c:\documents and settings\All Users\Application Data\Installations
2010-01-29 18:49 . 2010-01-29 22:14 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Adobe
2010-01-29 18:45 . 2010-01-31 11:58 -------- dc----w- c:\windows\system32\DRVSTORE
2010-01-29 18:45 . 2010-01-29 18:45 -------- d-----w- c:\documents and settings\All Users\Application Data\WindowsLiveInstaller
2010-01-29 18:45 . 2010-01-29 18:45 -------- d-----w- c:\program files\Windows Live
2010-01-29 18:45 . 2010-01-29 18:45 -------- d-----w- c:\documents and settings\All Users\Application Data\WLInstaller

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-01-31 21:34 . 2010-01-29 12:02 86327 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2010-01-31 12:23 . 2010-01-31 12:23 32 ----a-w- c:\documents and settings\All Users\Application Data\ezsid.dat
2010-01-29 18:57 . 2010-01-29 18:57 -------- d-----w- c:\documents and settings\All Users\Application Data\EnGenius
2010-01-29 18:57 . 2010-01-29 18:57 -------- d-----w- c:\program files\EnGenius
2010-01-29 18:57 . 2010-01-29 12:19 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-01-29 18:55 . 2010-01-29 18:55 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_ccdcmb_01007.Wdf
2010-01-29 18:55 . 2010-01-29 18:55 0 ---ha-w- c:\windows\system32\drivers\MsftWdf_Kernel_01007_Coinstaller_Critical.Wdf
2010-01-29 12:24 . 2010-01-29 12:24 -------- d-----w- c:\program files\Alwil Software
2010-01-29 12:19 . 2010-01-29 12:19 -------- d-----w- c:\program files\KYE
2010-01-29 12:19 . 2010-01-29 12:19 -------- d-----w- c:\program files\Common Files\snp2std
2010-01-29 12:19 . 2010-01-29 12:19 -------- d-----w- c:\documents and settings\Administrator\Application Data\InstallShield
2010-01-29 12:03 . 2010-01-29 12:03 -------- d-----w- c:\program files\microsoft frontpage
2010-01-29 11:59 . 2010-01-29 11:59 21640 ----a-w- c:\windows\system32\emptyregdb.dat
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MsnMsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2010-01-29 5729136]
"uTorrent"="c:\program files\uTorrent\uTorrent.exe" [2010-01-29 289584]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-01-30 39408]
"PC Suite Tray"="c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe" [2009-11-11 1451520]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2008-02-01 21898024]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2004-08-04 1667584]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ACU"="c:\program files\EnGenius\ACU.exe" [2007-08-22 401566]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-11-24 81000]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\Nokia\\Nokia Software Updater\\nsu_ui_client.exe"=
"c:\\Program Files\\Common Files\\Nokia\\Service Layer\\A\\nsl_host_process.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"49152:TCP"= 49152:TCP:µTorrent
"49152:UDP"= 49152:UDP:µTorrent

R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [1/31/2010 3:15 PM 114768]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [1/31/2010 3:15 PM 20560]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2/1/2010 1:10 AM 135664]
.
Contents of the 'Scheduled Tasks' folder

2010-02-03 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-01 00:10]

2010-02-03 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-01 00:10]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/
uSearch Page = hxxp://www.google.com
uSearch Bar = hxxp://www.google.com/ie
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
TCP: {547D88E8-38E6-4237-811A-8768BB222754} = 82.114.64.3,82.114.64.4
FF - ProfilePath - c:\documents and settings\Administrator\Application Data\Mozilla\Firefox\Profiles\hpdypg62.default\
FF - plugin: c:\program files\Google\Update\1.2.183.13\npGoogleOneClick8.dll
FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll
FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll

---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.debug", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("html5.enable", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);
.
- - - - ORPHANS REMOVED - - - -

WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-02-03 04:07
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2010-02-03 04:09:15
ComboFix-quarantined-files.txt 2010-02-03 03:09

Pre-Run: 22,990,155,776 bytes free
Post-Run: 23,137,988,608 bytes free

WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect

- - End Of File - - 62AB1A598132A68C48B97644057B622C
[ Aleksandar Maletic @ 03.02.2010. 11:28 ] @
Kao prvo,zasto si pokrenuo ComboFix iz tog direktorijuma???Da li si procitao uputstvo za koriscenje u kome se navodi da mora da se pokrene sa desktopa inace moze da nastane steta???Ovaj program nije za zezanje!Kao drugo,nisam expert za citanje log-ova ovakvog tipa,ali vidim da je ComboFix nesto obrisao,verovatno je bilo malware-a...to ce ti malo opsirnije reci @kristi1 i @magna86,ukljucice se u temu ubrzo...
U medjuvremenu si mogao da uradis scan sa HijackThis-om i da postavis log ovde pa da ti preko njega kazem da li postoji nesto...
[ senko_zid @ 05.02.2010. 05:53 ] @
pozdrav
hvala na savetu ali veruj mi nisam obrati paznju po pitanju direktorijuma tj odakle dase pokrene combofix ,nadam se da nisam nesto gadno zeznuo pozdrav!
[ kristi1 @ 05.02.2010. 08:30 ] @
Izbrisi Combofix i njegove foldere na rootu C
C\Combofix i C\ Qoobox
iskljuci SRestore restartuj pa ukljuci, takodje formatiraj flesku.