ComboFix 10-10-29.03 - Korisnik 30.10.2010  18:43:19.3.1 - x86
Running from: c:\documents and settings\Korisnik\Desktop\ComboFix.exe
AV: ESET NOD32 Antivirus 4.0 *On-access scanning disabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
AV: Spyware Terminator *On-access scanning enabled* (Updated) {55EE49A8-16BE-4601-BBE6-607B7F7317DE}
.

(((((((((((((((((((((((((   Files Created from 2010-09-28 to 2010-10-30  )))))))))))))))))))))))))))))))
.

2010-10-29 22:27 . 2010-10-29 22:36   --------   d-----w-   c:\program files\PowerFolder.com
2010-10-29 22:27 . 2010-10-29 22:27   --------   d-----w-   c:\program files\Common Files\Java
2010-10-29 22:26 . 2010-10-29 22:26   472808   ----a-w-   c:\program files\Mozilla Firefox\plugins\npdeployJava1.dll
2010-10-29 22:26 . 2010-10-29 22:26   73728   ----a-w-   c:\windows\system32\javacpl.cpl
2010-10-29 22:26 . 2010-10-29 22:26   472808   ----a-w-   c:\windows\system32\deployJava1.dll
2010-10-29 22:26 . 2010-10-29 22:26   --------   d-----w-   c:\program files\Java
2010-10-29 22:12 . 2010-10-29 22:12   --------   d-----w-   c:\documents and settings\Korisnik\Application Data\TeamViewer
2010-10-29 22:12 . 2010-10-29 22:12   --------   d-----w-   c:\program files\TeamViewer
2010-10-28 16:11 . 2010-10-29 07:11   --------   d-----w-   c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2010-10-28 12:49 . 2008-04-13 22:09   14592   -c--a-w-   c:\windows\system32\dllcache\kbdhid.sys
2010-10-28 12:49 . 2008-04-13 22:09   14592   ----a-w-   c:\windows\system32\drivers\kbdhid.sys

.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-09-18 10:23 . 2007-04-03 12:44   974848   ----a-w-   c:\windows\system32\mfc42u.dll
2010-09-18 06:53 . 2008-04-14 09:41   974848   ----a-w-   c:\windows\system32\mfc42.dll
2010-09-18 06:53 . 2008-04-14 09:41   953856   ----a-w-   c:\windows\system32\mfc40u.dll
2010-09-18 06:53 . 2001-08-23 12:00   954368   ----a-w-   c:\windows\system32\mfc40.dll
2010-09-09 14:16 . 2008-04-14 09:42   667136   ----a-w-   c:\windows\system32\wininet.dll
2010-09-09 14:16 . 2008-04-14 09:41   61952   ----a-w-   c:\windows\system32\tdc.ocx
2010-09-09 14:16 . 2008-04-14 09:41   81920   ----a-w-   c:\windows\system32\ieencode.dll
2010-09-08 16:49 . 2008-04-14 04:07   369664   ----a-w-   c:\windows\system32\html.iec
2010-09-01 11:51 . 2008-04-14 09:39   285824   ----a-w-   c:\windows\system32\atmfd.dll
2010-08-31 13:42 . 2008-04-14 05:00   1852800   ----a-w-   c:\windows\system32\win32k.sys
2010-08-27 08:02 . 2008-04-14 09:42   119808   ----a-w-   c:\windows\system32\t2embed.dll
2010-08-27 05:57 . 2008-04-14 09:42   99840   ----a-w-   c:\windows\system32\srvsvc.dll
2010-08-26 13:39 . 2008-04-14 04:45   357248   ----a-w-   c:\windows\system32\drivers\srv.sys
2010-08-26 12:52 . 2010-02-26 18:05   5120   ----a-w-   c:\windows\system32\xpsp4res.dll
2010-08-23 16:12 . 2008-04-14 09:41   617472   ----a-w-   c:\windows\system32\comctl32.dll
2010-08-17 13:17 . 2008-04-14 09:42   58880   ----a-w-   c:\windows\system32\spoolsv.exe
2010-08-16 08:45 . 2008-04-14 09:42   590848   ----a-w-   c:\windows\system32\rpcrt4.dll
.

------- Sigcheck -------

[-] 2009-09-02 . 600D58665D16BFBB776EFEFB0E80532D . 1614848 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll
.
(((((((((((((((((((((((((((((   SnapShot@2010-10-30_08.49.13   )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-10-30 11:21 . 2010-10-30 11:21   16384              c:\windows\Temp\Perflib_Perfdata_1f8.dat
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2010-05-13 26192168]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883840]
"SpywareTerminatorUpdate"="c:\program files\Spyware Terminator\SpywareTerminatorUpdate.exe" [2010-03-25 3037696]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2004-11-02 32768]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"RTHDCPL"="RTHDCPL.EXE" [2007-11-22 16858112]
"WinSys2"="c:\windows\system32\winsys2.exe" [2009-05-18 208896]
"nwiz"="nwiz.exe" [2009-04-30 1657376]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-04-30 86016]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-04-30 13750272]
"tsnpstd3"="c:\windows\tsnpstd3.exe" [2007-03-30 262144]
"snpstd3"="c:\windows\vsnpstd3.exe" [2006-09-18 843776]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2009-04-09 2029640]
"SpywareTerminator"="c:\program files\Spyware Terminator\SpywareTerminatorShield.exe" [2010-03-25 2166784]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-06-20 35760]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-21 932288]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2005-05-11 49152]
"Share-to-Web Namespace Daemon"="c:\program files\HP\HP Share-to-Web\hpgs2wnd.exe" [2002-04-17 69632]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2010-04-29 437584]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"_nltide_3"="advpack.dll" [2008-04-14 99840]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2005-5-11 282624]

[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"ForceClassicControlPanel"= 1 (0x1)

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{93994DE8-8239-4655-B1D1-5F4E91300429}"= "c:\program files\DVD Region-Free\DVDShell.dll" [2003-10-29 49152]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" -autorun

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe"

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Spyware Terminator\\SpywareTerminatorUpdate.exe"=
"c:\\Program Files\\Java\\jre6\\launch4j-tmp\\PowerFolder.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [21.12.2009 11:15 691696]
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [9.4.2009 16:18 107256]
R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [9.4.2009 16:21 94360]
R1 sp_rsdrv2;Spyware Terminator Driver 2;c:\windows\system32\drivers\sp_rsdrv2.sys [26.3.2010 0:59 142592]
R2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [9.4.2009 16:19 731840]
R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [26.2.2010 20:43 304464]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [26.2.2010 20:43 20952]
R3 VCSVADHWSer;Avnex Virtual Audio Device (WDM);c:\windows\system32\drivers\vcsvad.sys [3.2.2010 2:50 17792]
S3 SCREAMINGBDRIVER;Screaming Bee Audio;c:\windows\system32\drivers\ScreamingBAudio.sys [1.12.2009 16:49 34384]

--- Other Services/Drivers In Memory ---

*NewlyCreated* - KFPYYKOW
*Deregistered* - kfpyykow
.
Contents of the 'Scheduled Tasks' folder

2010-10-29 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34]

2010-10-30 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-07 21:26]

2010-10-30 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-07 21:26]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.maxiwe.com/
mStart Page = hxxp://www.maxiwe.com/
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
FF - ProfilePath - c:\documents and settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\wrtili34.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: keyword.URL - hxxp://www.crawler.com/search/dispatcher.aspx?tp=aus&tbid=60327&qkw=
FF - plugin: c:\program files\Google\Update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: c:\program files\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npdeployJava1.dll

---- FIREFOX POLICIES ----
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--fiqz9s", true); // Traditional
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--fiqs8s", true); // Simplified
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--j6w193g", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4a87g", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbqly7c0a67fbc", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbqly7cvafr", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--kpry57d", true);  // Traditional
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--kprw13d", true);  // Simplified
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-10-30 18:51
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ... 

scanning hidden autostart entries ...

scanning hidden files ... 

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2010-10-30  18:54:20
ComboFix-quarantined-files.txt  2010-10-30 16:54
ComboFix2.txt  2010-10-30 09:50
ComboFix3.txt  2010-10-30 08:51

Pre-Run: 8.585.474.048 bytes free
Post-Run: 8.573.988.864 bytes free

- - End Of File - - 97CFE24B4BEBD7BB31ED54FD3CD23CA6

Start >> Run

Combofix /Uninstall

Ok


Restartuj racunar i reci mi da kako sad radi?
...........

Preuzmi ovaj program...pokreni ga i ocisti registry
http://www.wisecleaner.com/wiseregistrycleanerfree.html

Jos bih valjalo da racunar iskljucis fizicki iz struje,izvadis ram memoriju i ostavis je napolju nekih 6 minuta.
Vrati je nazad ...startuj racunar...

Umas brdo stavki koji ti se dizu sa sturtup-om...
pokreni ccleaner i sve to poiskljucuj
...ostavi ESET AntiVirus, CTFMON.EXE ,i Malwarebytes ( kod tebe je sa real time zastitom jel? )

Komp je cist...ako i dlaje zeza ...ja bih poceo od hard disk-a   

Ocistio sam registri kao sto si mi rekao i konacno radi kako treba.