-Deleted adware not-a-virus:AdWare.Win32.RelevantKnowledge.a C:\WINDOWS\Temp\~osCC.tmp\rlxf.dll 29.08.12 21:18:06
-Deleted adware not-a-virus:AdWare.Win32.RelevantKnowledge.a C:\WINDOWS\Temp\~osF6.tmp\rlxf.dll 30.08.12 07:51:51
-Deleted adware not-a-virus:AdWare.Win32.RelevantKnowledge.a C:\WINDOWS\Temp\~os33.tmp\rlxf.dll 30.08.12 17:16:15
ComboFix noted:
ComboFix 12-08-30.05 - natasa 31.08.12 1:07.1.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2038.1488 [GMT 2:00]
Running from: c:\documents and settings\natasa\Desktop\ComboFix.exe
AV: Kaspersky Anti-Virus *Disabled/Updated* {2C4D4BC6-0793-4956-A9F9-E252435469C0}
FW: Kaspersky Anti-Virus *Disabled* {2C4D4BC6-0793-4956-A9F9-E252435469C0}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\All Users\Start Menu\Programs\RelevantKnowledge
c:\documents and settings\All Users\Start Menu\Programs\RelevantKnowledge\About RelevantKnowledge.lnk
c:\documents and settings\All Users\Start Menu\Programs\RelevantKnowledge\Member of GRID - Goodware Repository Information Database.lnk
c:\documents and settings\All Users\Start Menu\Programs\RelevantKnowledge\Privacy Policy and User License Agreement.lnk
c:\documents and settings\All Users\Start Menu\Programs\RelevantKnowledge\Support.lnk
c:\documents and settings\All Users\Start Menu\Programs\RelevantKnowledge\Uninstall Instructions.lnk
c:\documents and settings\natasa\Desktop\Muzika\2001 - Najveci Hitovi\Desktop_.ini
c:\documents and settings\natasa\Desktop\Muzika\dzenan\Desktop_.ini
c:\documents and settings\natasa\Desktop\Muzika\marko bulat\Desktop_.ini
c:\documents and settings\natasa\Desktop\Muzika\mile kitic\Desktop_.ini
c:\documents and settings\natasa\Desktop\Muzika\narodna mix\Desktop_.ini
c:\documents and settings\natasa\Desktop\Muzika\zika kiki\Kucari\Desktop_.ini
c:\documents and settings\natasa\Desktop\Muzika\zika kiki\Kucari\haus paki\Desktop_.ini
c:\documents and settings\natasa\Desktop\Muzika\zika kiki\Kucari\Kucari od Marije\Desktop_.ini
c:\documents and settings\natasa\Desktop\Muzika\zika kiki\Kucari\PJER\Desktop_.ini
c:\documents and settings\natasa\Desktop\Muzika\zika kiki\Kucari\Probrana zika pocetak godine\Desktop_.ini
c:\documents and settings\natasa\Desktop\Muzika\zika kiki\Kucari\probrano nesto 2\David Guetta Live in Amsterdam\Desktop_.ini
c:\documents and settings\natasa\Desktop\Muzika\zika kiki\Kucari\probrano nesto 2\Desktop_.ini
c:\documents and settings\natasa\Desktop\Muzika\zika kiki\Kucari\probrano nesto\Desktop_.ini
c:\documents and settings\natasa\Desktop\Muzika\zika kiki\Kucari\strana\Desktop_.ini
c:\documents and settings\natasa\Desktop\Muzika\zika kiki\Kucari\Sveze,sveze ZIKA CMan\Desktop_.ini
c:\documents and settings\natasa\Desktop\Muzika\zika kiki\Kucari\Tore\Desktop_.ini
c:\documents and settings\natasa\Desktop\Muzika\zika kiki\Kucari\usb\Desktop_.ini
c:\documents and settings\natasa\Desktop\Muzika\zika kiki\narodnjaci\aca lukas\Desktop_.ini
c:\documents and settings\natasa\Desktop\Muzika\zika kiki\narodnjaci\aco pejovic\Desktop_.ini
c:\documents and settings\natasa\Desktop\Muzika\zika kiki\narodnjaci\adam\Desktop_.ini
c:\documents and settings\natasa\Desktop\Muzika\zika kiki\narodnjaci\ana nikolic\Desktop_.ini
c:\documents and settings\natasa\Desktop\Muzika\zika kiki\narodnjaci\baja\Desktop_.ini
c:\documents and settings\natasa\Desktop\Muzika\zika kiki\narodnjaci\boza nikolic\Desktop_.ini
c:\documents and settings\natasa\Desktop\Muzika\zika kiki\narodnjaci\branka sovrlic\Desktop_.ini
c:\documents and settings\natasa\Desktop\Muzika\zika kiki\narodnjaci\bulat\Desktop_.ini
c:\documents and settings\natasa\Desktop\Muzika\zika kiki\narodnjaci\cane\Desktop_.ini
c:\documents and settings\natasa\Desktop\Muzika\zika kiki\narodnjaci\Ceca Raznatovic\Desktop_.ini
c:\documents and settings\natasa\Desktop\Muzika\zika kiki\narodnjaci\ceca\CECA London MIX\Desktop_.ini
c:\documents and settings\natasa\Desktop\Muzika\zika kiki\narodnjaci\ceca\Desktop_.ini
c:\documents and settings\natasa\Desktop\Muzika\zika kiki\narodnjaci\dado polumenta\Desktop_.ini
c:\documents and settings\natasa\Desktop\Muzika\zika kiki\narodnjaci\DOMACA\Desktop_.ini
c:\documents and settings\natasa\Desktop\Muzika\zika kiki\narodnjaci\DOMACA\New Folder\Desktop_.ini
c:\documents and settings\natasa\Desktop\Muzika\zika kiki\narodnjaci\dragana mirkovic\Desktop_.ini
c:\documents and settings\natasa\Desktop\Muzika\zika kiki\narodnjaci\dzej\Desktop_.ini
c:\documents and settings\natasa\Desktop\Muzika\zika kiki\narodnjaci\dzenan\Desktop_.ini
c:\documents and settings\natasa\Desktop\Muzika\zika kiki\narodnjaci\jaca muzika\Desktop_.ini
c:\documents and settings\natasa\Desktop\Muzika\zika kiki\narodnjaci\jaca muzika\keva muzika\Desktop_.ini
c:\documents and settings\natasa\Desktop\Muzika\zika kiki\narodnjaci\jani.zlo i ti\Desktop_.ini
c:\documents and settings\natasa\Desktop\Muzika\zika kiki\narodnjaci\kafanski hitovi\Desktop_.ini
c:\documents and settings\natasa\Desktop\Muzika\zika kiki\narodnjaci\kafanski hitovi\kafanski hitovi\01 KAFANSKI HITOVI I\Desktop_.ini
c:\documents and settings\natasa\Desktop\Muzika\zika kiki\narodnjaci\kafanski hitovi\kafanski hitovi\02 KAFANSKI HITOVI II\Desktop_.ini
c:\documents and settings\natasa\Desktop\Muzika\zika kiki\narodnjaci\kafanski hitovi\kafanski hitovi\03 KAFANSKI HITOVI III\Desktop_.ini
c:\documents and settings\natasa\Desktop\Muzika\zika kiki\narodnjaci\kafanski hitovi\kafanski hitovi\Desktop_.ini
c:\documents and settings\natasa\Desktop\Muzika\zika kiki\narodnjaci\karma\Desktop_.ini
c:\documents and settings\natasa\Desktop\Muzika\zika kiki\narodnjaci\kemal\Desktop_.ini
c:\documents and settings\natasa\Desktop\Muzika\zika kiki\narodnjaci\koktel bend\Desktop_.ini
c:\documents and settings\natasa\Desktop\Muzika\zika kiki\narodnjaci\Lepa brena\Desktop_.ini
c:\documents and settings\natasa\Desktop\Muzika\zika kiki\narodnjaci\luis\Desktop_.ini
c:\documents and settings\natasa\Desktop\Muzika\zika kiki\narodnjaci\ljuba alicic\Desktop_.ini
c:\documents and settings\natasa\Desktop\Muzika\zika kiki\narodnjaci\maja marijana\Desktop_.ini
c:\documents and settings\natasa\Desktop\Muzika\zika kiki\narodnjaci\MARINKO ROKVIC\Desktop_.ini
c:\documents and settings\natasa\Desktop\Muzika\zika kiki\narodnjaci\marko bulat\Desktop_.ini
c:\documents and settings\natasa\Desktop\Muzika\zika kiki\narodnjaci\medeni mesec\Desktop_.ini
c:\documents and settings\natasa\Desktop\Muzika\zika kiki\narodnjaci\MEHO PUZIC\Desktop_.ini
c:\documents and settings\natasa\Desktop\Muzika\zika kiki\narodnjaci\MEHO PUZIC\merlin\Desktop_.ini
c:\documents and settings\natasa\Desktop\Muzika\zika kiki\narodnjaci\merlin\Desktop_.ini
c:\documents and settings\natasa\Desktop\Muzika\zika kiki\narodnjaci\mile kitic\Desktop_.ini
c:\documents and settings\natasa\Desktop\Muzika\zika kiki\narodnjaci\Models\Desktop_.ini
c:\documents and settings\natasa\Desktop\Muzika\zika kiki\narodnjaci\My Disc\Desktop_.ini
c:\documents and settings\natasa\Desktop\Muzika\zika kiki\narodnjaci\narodno-zlitza!\halid beslic\Desktop_.ini
c:\documents and settings\natasa\Desktop\Muzika\zika kiki\narodnjaci\narodno-zlitza!\narodna muzika\To\Desktop_.ini
c:\documents and settings\natasa\Desktop\update\Filmovi\36\Desktop_.ini
c:\documents and settings\natasa\Desktop\update\Filmovi\Blood diamond\Desktop_.ini
c:\documents and settings\natasa\Desktop\update\Filmovi\Blood diamond\My Disc (F)\Blood Diamond\Desktop_.ini
c:\documents and settings\natasa\Desktop\update\Filmovi\Blood diamond\My Disc (F)\Desktop_.ini
c:\documents and settings\natasa\Desktop\update\Filmovi\Body of lies\Desktop_.ini
c:\documents and settings\natasa\Desktop\update\Filmovi\Chaser\Desktop_.ini
c:\documents and settings\natasa\Desktop\update\Filmovi\City of men\Desktop_.ini
c:\documents and settings\natasa\Desktop\update\Filmovi\Constant Gardener\Desktop_.ini
c:\documents and settings\natasa\Desktop\update\Filmovi\Deception[2008]DvDrip-aXXo\Desktop_.ini
c:\documents and settings\natasa\Desktop\update\Filmovi\Gladiator\Desktop_.ini
c:\documents and settings\natasa\Desktop\update\Filmovi\Gran Torino\Desktop_.ini
c:\documents and settings\natasa\Desktop\update\Filmovi\Hannibal\Desktop_.ini
c:\documents and settings\natasa\Desktop\update\Filmovi\Hannibal\Hannibal (F)\Avi\Desktop_.ini
c:\documents and settings\natasa\Desktop\update\Filmovi\Hannibal\Hannibal (F)\Desktop_.ini
c:\documents and settings\natasa\Desktop\update\Filmovi\Hannibal\Hannibal (F)\Divx\Desktop_.ini
c:\documents and settings\natasa\Desktop\update\Filmovi\Hannibal\Hannibal (F)\misc\Desktop_.ini
c:\documents and settings\natasa\Desktop\update\Filmovi\Hannibal\Hannibal (F)\Wmp\Desktop_.ini
c:\documents and settings\natasa\Desktop\update\Filmovi\Miami vice\Desktop_.ini
c:\documents and settings\natasa\Desktop\update\Filmovi\Midnight exspres\Desktop_.ini
c:\documents and settings\natasa\Desktop\update\Filmovi\Monster\Desktop_.ini
c:\documents and settings\natasa\Desktop\update\Filmovi\Pianist\Desktop_.ini
c:\documents and settings\natasa\Desktop\update\Filmovi\Reader\AUDIO_TS\Desktop_.ini
c:\documents and settings\natasa\Desktop\update\Filmovi\Reader\Desktop_.ini
c:\documents and settings\natasa\Desktop\update\Filmovi\Reader\VIDEO_TS\Desktop_.ini
c:\documents and settings\natasa\Desktop\update\Filmovi\Red dragon\Desktop_.ini
c:\documents and settings\natasa\Desktop\update\Filmovi\Red dragon\NEW (F)\Desktop_.ini
c:\documents and settings\natasa\Desktop\update\Filmovi\Red dragon\NEW (F)\Install\Desktop_.ini
c:\documents and settings\natasa\Desktop\update\Filmovi\Red dragon\NEW (F)\Install\MicroDVD\Desktop_.ini
c:\documents and settings\natasa\Desktop\update\Filmovi\Red dragon\NEW (F)\Video\Desktop_.ini
c:\documents and settings\natasa\Desktop\update\Filmovi\seven pounds.[2008.Eng].DVDScr.DivX-LTT\Desktop_.ini
c:\documents and settings\natasa\Desktop\update\Filmovi\Slumdog millionaire\Desktop_.ini
c:\documents and settings\natasa\Desktop\update\Filmovi\The passion of the christ\Avi\Desktop_.ini
c:\documents and settings\natasa\Desktop\update\Filmovi\The passion of the christ\Desktop_.ini
c:\documents and settings\natasa\Desktop\update\Filmovi\The.Curious.Case.of.Benjamin.Button.DVDSCR.XviD-DEViSE\Desktop_.ini
c:\documents and settings\natasa\Desktop\update\New Folder\Muzika\zika kiki\Desktop_.ini
c:\documents and settings\natasa\Desktop\update\New Folder\Muzika\zika kiki\narodnjaci\Desktop_.ini
c:\documents and settings\natasa\Desktop\update\New Folder\Muzika\zika kiki\narodnjaci\narodno-zlitza!\Desktop_.ini
c:\documents and settings\natasa\Desktop\update\New Folder\Muzika\zika kiki\narodnjaci\narodno-zlitza!\narodna muzika\Desktop_.ini
c:\documents and settings\natasa\Desktop\update\New Folder\Muzika\zika kiki\narodnjaci\nedeljko bajic baja\Desktop_.ini
c:\documents and settings\natasa\Desktop\update\New Folder\Muzika\zika kiki\narodnjaci\nino\Desktop_.ini
c:\documents and settings\natasa\Desktop\update\New Folder\Muzika\zika kiki\narodnjaci\sako polumenta\Desktop_.ini
c:\documents and settings\natasa\Desktop\update\New Folder\Muzika\zika kiki\narodnjaci\sasa matic\Desktop_.ini
c:\documents and settings\natasa\Desktop\update\New Folder\Muzika\zika kiki\narodnjaci\sinan sakic\Desktop_.ini
c:\documents and settings\natasa\Desktop\update\New Folder\Muzika\zika kiki\narodnjaci\ULTRA meGA mix of hits\Desktop_.ini
c:\documents and settings\natasa\Desktop\update\New Folder\Muzika\zika kiki\narodnjaci\zeljko vasic\Desktop_.ini
c:\program files\Complitly
c:\program files\Complitly\chrome\ComplitlyChrome.crx
c:\program files\Complitly\FireFoxExtension.exe
c:\program files\Complitly\InstTracker.exe
c:\program files\Complitly\support@Complitly.com\chrome.manifest
c:\program files\Complitly\support@Complitly.com\chrome\content\appIcon.png
c:\program files\Complitly\support@Complitly.com\chrome\content\browserOverlay.xul
c:\program files\Complitly\support@Complitly.com\chrome\content\options.js
c:\program files\Complitly\support@Complitly.com\chrome\content\options.xul
c:\program files\Complitly\support@Complitly.com\chrome\content\utils.js
c:\program files\Complitly\support@Complitly.com\defaults\preferences\predictad.js
c:\program files\Complitly\support@Complitly.com\install.rdf
c:\program files\Complitly\unins000.dat
c:\program files\Complitly\unins000.exe
c:\program files\HDVid Web Player\HDVId091.dll
c:\program files\Realtek\Audio\InstallShield\Desktop_.ini
c:\program files\RelevantKnowledge
c:\program files\RelevantKnowledge\chrome.manifest
c:\program files\RelevantKnowledge\components\rlxg.dll
c:\program files\RelevantKnowledge\firefox\bootstrap.js
c:\program files\RelevantKnowledge\firefox\defaults\preferences\prefs.js
c:\program files\RelevantKnowledge\firefox\harness-options.json
c:\program files\RelevantKnowledge\firefox\install.rdf
c:\program files\RelevantKnowledge\firefox\locale\en-GB.json
c:\program files\RelevantKnowledge\firefox\locale\eo.json
c:\program files\RelevantKnowledge\firefox\locale\fr-FR.json
c:\program files\RelevantKnowledge\firefox\locales.json
c:\program files\RelevantKnowledge\firefox\resources\addon-kit\lib\page-mod.js
c:\program files\RelevantKnowledge\firefox\resources\addon-kit\lib\tabs.js
c:\program files\RelevantKnowledge\firefox\resources\addon-kit\lib\windows.js
c:\program files\RelevantKnowledge\firefox\resources\api-utils\data\content-proxy.js
c:\program files\RelevantKnowledge\firefox\resources\api-utils\data\test-content-symbiont.js
c:\program files\RelevantKnowledge\firefox\resources\api-utils\data\test-message-manager.js
c:\program files\RelevantKnowledge\firefox\resources\api-utils\data\test-trusted-document.html
c:\program files\RelevantKnowledge\firefox\resources\api-utils\lib\api-utils.js
c:\program files\RelevantKnowledge\firefox\resources\api-utils\lib\byte-streams.js
c:\program files\RelevantKnowledge\firefox\resources\api-utils\lib\channel.js
c:\program files\RelevantKnowledge\firefox\resources\api-utils\lib\collection.js
c:\program files\RelevantKnowledge\firefox\resources\api-utils\lib\content.js
c:\program files\RelevantKnowledge\firefox\resources\api-utils\lib\content\loader.js
c:\program files\RelevantKnowledge\firefox\resources\api-utils\lib\content\symbiont.js
c:\program files\RelevantKnowledge\firefox\resources\api-utils\lib\content\worker.js
c:\program files\RelevantKnowledge\firefox\resources\api-utils\lib\cortex.js
c:\program files\RelevantKnowledge\firefox\resources\api-utils\lib\cuddlefish.js
c:\program files\RelevantKnowledge\firefox\resources\api-utils\lib\dom\events.js
c:\program files\RelevantKnowledge\firefox\resources\api-utils\lib\environment.js
c:\program files\RelevantKnowledge\firefox\resources\api-utils\lib\errors.js
c:\program files\RelevantKnowledge\firefox\resources\api-utils\lib\events.js
c:\program files\RelevantKnowledge\firefox\resources\api-utils\lib\events\assembler.js
c:\program files\RelevantKnowledge\firefox\resources\api-utils\lib\file.js
c:\program files\RelevantKnowledge\firefox\resources\api-utils\lib\globals!.js
c:\program files\RelevantKnowledge\firefox\resources\api-utils\lib\hidden-frame.js
c:\program files\RelevantKnowledge\firefox\resources\api-utils\lib\light-traits.js
c:\program files\RelevantKnowledge\firefox\resources\api-utils\lib\list.js
c:\program files\RelevantKnowledge\firefox\resources\api-utils\lib\match-pattern.js
c:\program files\RelevantKnowledge\firefox\resources\api-utils\lib\memory.js
c:\program files\RelevantKnowledge\firefox\resources\api-utils\lib\message-manager.js
c:\program files\RelevantKnowledge\firefox\resources\api-utils\lib\namespace.js
c:\program files\RelevantKnowledge\firefox\resources\api-utils\lib\observer-service.js
c:\program files\RelevantKnowledge\firefox\resources\api-utils\lib\plain-text-console.js
c:\program files\RelevantKnowledge\firefox\resources\api-utils\lib\process.js
c:\program files\RelevantKnowledge\firefox\resources\api-utils\lib\runtime.js
c:\program files\RelevantKnowledge\firefox\resources\api-utils\lib\sandbox.js
c:\program files\RelevantKnowledge\firefox\resources\api-utils\lib\self!.js
c:\program files\RelevantKnowledge\firefox\resources\api-utils\lib\system.js
c:\program files\RelevantKnowledge\firefox\resources\api-utils\lib\tabs\events.js
c:\program files\RelevantKnowledge\firefox\resources\api-utils\lib\tabs\observer.js
c:\program files\RelevantKnowledge\firefox\resources\api-utils\lib\tabs\tab.js
c:\program files\RelevantKnowledge\firefox\resources\api-utils\lib\tabs\utils.js
c:\program files\RelevantKnowledge\firefox\resources\api-utils\lib\text-streams.js
c:\program files\RelevantKnowledge\firefox\resources\api-utils\lib\timer.js
c:\program files\RelevantKnowledge\firefox\resources\api-utils\lib\traceback.js
c:\program files\RelevantKnowledge\firefox\resources\api-utils\lib\traits.js
c:\program files\RelevantKnowledge\firefox\resources\api-utils\lib\traits\core.js
c:\program files\RelevantKnowledge\firefox\resources\api-utils\lib\unload.js
c:\program files\RelevantKnowledge\firefox\resources\api-utils\lib\url.js
c:\program files\RelevantKnowledge\firefox\resources\api-utils\lib\utils\data.js
c:\program files\RelevantKnowledge\firefox\resources\api-utils\lib\utils\function.js
c:\program files\RelevantKnowledge\firefox\resources\api-utils\lib\utils\object.js
c:\program files\RelevantKnowledge\firefox\resources\api-utils\lib\utils\registry.js
c:\program files\RelevantKnowledge\firefox\resources\api-utils\lib\utils\thumbnail.js
c:\program files\RelevantKnowledge\firefox\resources\api-utils\lib\window-utils.js
c:\program files\RelevantKnowledge\firefox\resources\api-utils\lib\windows\dom.js
c:\program files\RelevantKnowledge\firefox\resources\api-utils\lib\windows\loader.js
c:\program files\RelevantKnowledge\firefox\resources\api-utils\lib\windows\observer.js
c:\program files\RelevantKnowledge\firefox\resources\api-utils\lib\windows\tabs.js
c:\program files\RelevantKnowledge\firefox\resources\api-utils\lib\xpcom.js
c:\program files\RelevantKnowledge\firefox\resources\api-utils\lib\xul-app.js
c:\program files\RelevantKnowledge\firefox\resources\chrome.manifest
c:\program files\RelevantKnowledge\firefox\resources\dpjs\data\content.js
c:\program files\RelevantKnowledge\firefox\resources\dpjs\lib\dompilot.js
c:\program files\RelevantKnowledge\firefox\resources\dpjs\lib\dputil.js
c:\program files\RelevantKnowledge\firefox\resources\dpjs\lib\main.js
c:\program files\RelevantKnowledge\firefox\rlnx.dll
c:\program files\RelevantKnowledge\install.rdf
c:\program files\RelevantKnowledge\rlcm.crx
c:\program files\RelevantKnowledge\rlcm.txt
c:\program files\RelevantKnowledge\rlls.dl_
c:\program files\RelevantKnowledge\rlls.dll
c:\program files\RelevantKnowledge\rlls64.dll
c:\program files\RelevantKnowledge\rloci.bin
c:\program files\RelevantKnowledge\rlph.dll
c:\program files\RelevantKnowledge\rlservice.exe
c:\program files\RelevantKnowledge\rlvknlg.exe
c:\program files\RelevantKnowledge\rlvknlg64.exe
c:\program files\RelevantKnowledge\rlxf.dll
c:\program files\RelevantKnowledge\shfscp.dat
c:\windows\system32\DEBUG.log
d:\toshiba l300\BT-stack\Desktop_.ini
d:\toshiba l300\cmod-20080519190820\Desktop_.ini
d:\toshiba l300\csutil-20080519182648\All\Desktop_.ini
d:\toshiba l300\csutil-20080519182648\Desktop_.ini
d:\toshiba l300\csutil-20080519182648\Lang\CHIP\ARA\Desktop_.ini
d:\toshiba l300\csutil-20080519182648\Lang\CHIP\ARB\Desktop_.ini
d:\toshiba l300\csutil-20080519182648\Lang\CHIP\CHS\Desktop_.ini
d:\toshiba l300\csutil-20080519182648\Lang\CHIP\CHT\Desktop_.ini
d:\toshiba l300\csutil-20080519182648\Lang\CHIP\CSY\Desktop_.ini
d:\toshiba l300\csutil-20080519182648\Lang\CHIP\DAN\Desktop_.ini
d:\toshiba l300\csutil-20080519182648\Lang\CHIP\Desktop_.ini
d:\toshiba l300\csutil-20080519182648\Lang\CHIP\DEU\Desktop_.ini
d:\toshiba l300\csutil-20080519182648\Lang\CHIP\ELL\Desktop_.ini
d:\toshiba l300\csutil-20080519182648\Lang\CHIP\ENG\Desktop_.ini
d:\toshiba l300\csutil-20080519182648\Lang\CHIP\ENU\Desktop_.ini
d:\toshiba l300\csutil-20080519182648\Lang\CHIP\ESP\Desktop_.ini
d:\toshiba l300\csutil-20080519182648\Lang\CHIP\FIN\Desktop_.ini
d:\toshiba l300\csutil-20080519182648\Lang\CHIP\FRA\Desktop_.ini
d:\toshiba l300\csutil-20080519182648\Lang\CHIP\FRC\Desktop_.ini
d:\toshiba l300\csutil-20080519182648\Lang\CHIP\HEB\Desktop_.ini
d:\toshiba l300\csutil-20080519182648\Lang\CHIP\HUN\Desktop_.ini
d:\toshiba l300\csutil-20080519182648\Lang\CHIP\ITA\Desktop_.ini
d:\toshiba l300\csutil-20080519182648\Lang\CHIP\JPN\Desktop_.ini
d:\toshiba l300\csutil-20080519182648\Lang\CHIP\KOR\Desktop_.ini
d:\toshiba l300\csutil-20080519182648\Lang\CHIP\NLD\Desktop_.ini
d:\toshiba l300\csutil-20080519182648\Lang\CHIP\NOR\Desktop_.ini
d:\toshiba l300\csutil-20080519182648\Lang\CHIP\PLK\Desktop_.ini
d:\toshiba l300\csutil-20080519182648\Lang\CHIP\PTB\Desktop_.ini
d:\toshiba l300\csutil-20080519182648\Lang\CHIP\PTG\Desktop_.ini
d:\toshiba l300\csutil-20080519182648\Lang\CHIP\RUS\Desktop_.ini
d:\toshiba l300\csutil-20080519182648\Lang\CHIP\SVE\Desktop_.ini
d:\toshiba l300\csutil-20080519182648\Lang\CHIP\THA\Desktop_.ini
d:\toshiba l300\csutil-20080519182648\Lang\CHIP\TRK\Desktop_.ini
d:\toshiba l300\csutil-20080519182648\Lang\Desktop_.ini
d:\toshiba l300\csutil-20080519182648\Vista\Desktop_.ini
d:\toshiba l300\csutil-20080519182648\x64\Desktop_.ini
d:\toshiba l300\Desktop_.ini
d:\toshiba l300\mdm-20080519181029\Desktop_.ini
d:\toshiba l300\mdm-20080519185916\Desktop_.ini
d:\toshiba l300\mdm-20080519185916\VISTAXP2K\amd64\Desktop_.ini
d:\toshiba l300\mdm-20080519185916\VISTAXP2K\Desktop_.ini
d:\toshiba l300\mdm-20080519185916\VISTAXP2K\x86\Desktop_.ini
d:\toshiba l300\mdm-20080519191204\Desktop_.ini
d:\toshiba l300\sound-20080519190647\Config\Desktop_.ini
d:\toshiba l300\sound-20080519190647\Desktop_.ini
d:\toshiba l300\sound-20080519190647\HDMI\Desktop_.ini
d:\toshiba l300\sound-20080519190647\HDMI\Vista\Desktop_.ini
d:\toshiba l300\sound-20080519190647\HDMI\Vista64\Desktop_.ini
d:\toshiba l300\sound-20080519190647\HDMI\XP2K\Desktop_.ini
d:\toshiba l300\sound-20080519190647\HDMI\XP2K64\Desktop_.ini
d:\toshiba l300\sound-20080519190647\MSHDQFE\Desktop_.ini
d:\toshiba l300\sound-20080519190647\MSHDQFE\Win2K_XP\Desktop_.ini
d:\toshiba l300\sound-20080519190647\MSHDQFE\Win2K_XP\us\Desktop_.ini
d:\toshiba l300\sound-20080519190647\MSHDQFE\Win2K3\Desktop_.ini
d:\toshiba l300\sound-20080519190647\MSHDQFE\Win2K3\us\Desktop_.ini
d:\toshiba l300\sound-20080519190647\Vista\Desktop_.ini
d:\toshiba l300\sound-20080519190647\Vista64\Desktop_.ini
d:\toshiba l300\sound-20080519190647\WDM\Desktop_.ini
d:\toshiba l300\Sound Driver\Config\Desktop_.ini
d:\toshiba l300\Sound Driver\Desktop_.ini
d:\toshiba l300\Sound Driver\HDMI\Desktop_.ini
d:\toshiba l300\Sound Driver\HDMI\VISTA\Desktop_.ini
d:\toshiba l300\Sound Driver\HDMI\VISTA64\Desktop_.ini
d:\toshiba l300\Sound Driver\HDMI\XP2K\Desktop_.ini
d:\toshiba l300\Sound Driver\HDMI\XP2K64\Desktop_.ini
d:\toshiba l300\Sound Driver\MSHDQFE\Desktop_.ini
d:\toshiba l300\Sound Driver\MSHDQFE\Win2K_XP\Desktop_.ini
d:\toshiba l300\Sound Driver\MSHDQFE\Win2K_XP\us\Desktop_.ini
d:\toshiba l300\Sound Driver\MSHDQFE\Win2K3\Desktop_.ini
d:\toshiba l300\Sound Driver\MSHDQFE\Win2K3\us\Desktop_.ini
d:\toshiba l300\Sound Driver\Vista\Desktop_.ini
d:\toshiba l300\Sound Driver\Vista64\Desktop_.ini
d:\toshiba l300\Sound Driver\WDM\Desktop_.ini
.
.
((((((((((((((((((((((((( Files Created from 2012-07-28 to 2012-08-30 )))))))))))))))))))))))))))))))
.
.
2012-08-30 05:54 . 2012-08-30 05:54 73696 ----a-w- c:\program files\Mozilla Firefox\breakpadinjector.dll
2012-08-17 20:04 . 2012-08-17 20:06 -------- d-----w- c:\documents and settings\natasa\Local Settings\Application Data\Facebook
2012-08-01 18:51 . 2012-08-01 18:51 -------- d-----w- c:\documents and settings\natasa\Application Data\Search Settings
2012-08-01 18:50 . 2012-08-01 18:50 -------- d-----w- c:\program files\Application Updater
2012-08-01 18:50 . 2012-08-01 18:50 -------- d-----w- c:\program files\pdfforge Toolbar
2012-08-01 18:50 . 2012-08-01 18:50 -------- d-----w- c:\program files\Common Files\Spigot
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-08-14 20:00 . 2012-06-13 17:48 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-08-14 20:00 . 2011-06-29 20:10 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-02-05 07:59 . 2012-02-05 07:47 227073794 ----a-w- c:\program files\LibO_3.3.4_Win_x86_install_multi.exe
2012-02-05 07:48 . 2012-02-05 07:47 8962975 ----a-w- c:\program files\LibO_3.3.4_Win_x86_helppack_sh.exe
2011-08-17 18:19 . 2011-08-17 05:00 125460744 ----a-w- c:\program files\ZuneSetupPkg.exe
2011-07-04 20:48 . 2011-07-04 20:48 872209 ----a-w- c:\program files\APmpg4v1-702.exe
2011-07-04 18:08 . 2011-07-04 18:07 9032272 ----a-w- c:\program files\megamanager.exe
2011-07-04 17:32 . 2011-07-04 17:30 21022914 ----a-w- c:\program files\vlc-1.1.10-win32.exe
2012-08-30 05:54 . 2011-06-29 12:57 266720 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{EEE6C35D-6118-11DC-9C72-001320C79847}"= "c:\program files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll" [2011-08-24 130864]
.
[HKEY_CLASSES_ROOT\clsid\{eee6c35d-6118-11dc-9c72-001320c79847}]
[HKEY_CLASSES_ROOT\SweetIM_URLSearchHook.ToolbarURLSearchHook.1]
[HKEY_CLASSES_ROOT\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847}]
[HKEY_CLASSES_ROOT\SweetIM_URLSearchHook.ToolbarURLSearchHook]
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}]
2011-08-24 16:21 1299248 ----a-w- c:\program files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{EEE6C35B-6118-11DC-9C72-001320C79847}"= "c:\program files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll" [2011-08-24 1299248]
.
[HKEY_CLASSES_ROOT\clsid\{eee6c35b-6118-11dc-9c72-001320c79847}]
[HKEY_CLASSES_ROOT\SWEETIE.IEToolbar.1]
[HKEY_CLASSES_ROOT\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}]
[HKEY_CLASSES_ROOT\SWEETIE.IEToolbar]
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{EEE6C35B-6118-11DC-9C72-001320C79847}"= "c:\program files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll" [2011-08-24 1299248]
.
[HKEY_CLASSES_ROOT\clsid\{eee6c35b-6118-11dc-9c72-001320c79847}]
[HKEY_CLASSES_ROOT\SWEETIE.IEToolbar.1]
[HKEY_CLASSES_ROOT\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}]
[HKEY_CLASSES_ROOT\SWEETIE.IEToolbar]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"H/PC Connection Agent"="c:\program files\Microsoft ActiveSync\Wcescomm.exe" [2006-11-13 1289000]
"uTorrent"="c:\program files\uTorrent\uTorrent.exe" [2011-09-03 640888]
"Facebook Update"="c:\documents and settings\natasa\Local Settings\Application Data\Facebook\Update\FacebookUpdate.exe" [2012-08-17 138096]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AVP"="c:\program files\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations MP4\avp.exe" [2010-03-12 311680]
"RTHDCPL"="RTHDCPL.EXE" [2011-06-28 16859648]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-02-05 137752]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-02-05 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-02-05 162328]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-09-07 37296]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"WinampAgent"="c:\program files\Winamp\winampa.exe" [2011-07-11 74752]
"SweetIM"="c:\program files\SweetIM\Messenger\SweetIM.exe" [2011-08-01 114992]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
"SearchSettings"="c:\program files\Common Files\Spigot\Search Settings\SearchSettings.exe" [2012-07-26 1095560]
.
c:\documents and settings\natasa\Start Menu\Programs\Startup\
OpenOffice.org 3.3.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2010-12-13 1198592]
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\program files\Microsoft ActiveSync\rapimgr.exe"= c:\program files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
"c:\program files\Microsoft ActiveSync\wcescomm.exe"= c:\program files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
"c:\program files\Microsoft ActiveSync\WCESMgr.exe"= c:\program files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
"c:\\Program Files\\Movie Torrent\\Movie Torrent.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\TeamViewer\\Version7\\TeamViewer.exe"=
"c:\\Program Files\\TeamViewer\\Version7\\TeamViewer_Service.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"15000:UDP"= 15000:UDP:Kaspersky Administration Kit
"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
.
R2 ADExchange;ArcSoft Exchange Service;c:\program files\Common Files\ArcSoft\esinter\Bin\eservutil.exe [10/26/2011 4:32 AM 37280]
R2 Application Updater;Application Updater;c:\program files\Application Updater\ApplicationUpdater.exe [7/26/2012 7:40 PM 794560]
R2 klnagent;Kaspersky Lab Network Agent;c:\program files\Kaspersky Lab\NetworkAgent 8\klnagent.exe [10/20/2010 1:38 PM 141688]
R3 KLFLTDEV;Kaspersky Lab KLFltDev;c:\windows\system32\drivers\klfltdev.sys [9/3/2009 3:24 PM 24848]
R3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\windows\system32\drivers\klim5.sys [9/14/2009 1:42 PM 32272]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [6/13/2012 7:48 PM 250056]
S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [4/26/2012 8:42 AM 114144]
.
Contents of the 'Scheduled Tasks' folder
.
2012-08-30 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-13 20:00]
.
2012-08-30 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1644491937-113007714-1417001333-1003Core.job
- c:\documents and settings\natasa\Local Settings\Application Data\Facebook\Update\FacebookUpdate.exe [2012-08-17 20:04]
.
2012-08-30 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1644491937-113007714-1417001333-1003UA.job
- c:\documents and settings\natasa\Local Settings\Application Data\Facebook\Update\FacebookUpdate.exe [2012-08-17 20:04]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/
mStart Page = hxxp://home.sweetim.com
IE: Add to Anti-Banner - c:\program files\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations MP4\ie_banner_deny.htm
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~4\Office12\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~1\MICROS~4\Office14\ONBttnIE.dll/105
IE: Search the Web - c:\program files\SweetIM\Toolbars\Internet Explorer\resources\menuext.html
TCP: DhcpNameServer = 192.168.1.1
DPF: {73848533-39E1-49F1-9363-28054268C094} - hxxps://online.bancaintesabeograd.com/R ... FSINT9.dll
DPF: {76326493-E84F-4D4B-939C-1E07B50037F2} - hxxps://online.bancaintesabeograd.com/R ... CMSCCD.DLL
FF - ProfilePath - c:\documents and settings\natasa\Application Data\Mozilla\Firefox\Profiles\lfcacn2t.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.winamp.com/search/search?query={searchTerms}&invocationType=tb50-ff-winamp-chromesbox-en-us&tb_uuid=20111009000104062&tb_oid=09-10-2011&tb_mrud=09-10-2011&query=
FF - prefs.js: browser.startup.homepage - http://www.google.com
FF - prefs.js: keyword.URL - hxxp://search.sweetim.com/search.asp?src=2&q=
FF - user.js: network.protocol-handler.warn-external.dnupdate - false
.
- - - - ORPHANS REMOVED - - - -
.
AddRemove-{4FFBB818-B13C-11E0-931D-B2664824019B}_is1 - c:\program files\Complitly\unins000.exe
AddRemove-{d08d9f98-1c78-4704-87e6-368b0023d831} - c:\program files\RelevantKnowledge\rlvknlg.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-08-31 01:22
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'explorer.exe'(1096)
c:\program files\SweetIM\Messenger\mgAdaptersProxy.dll
c:\program files\Common Files\Spigot\Search Settings\wth.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\agrsmsvc.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\windows\system32\wdfmgr.exe
c:\program files\Canon\CAL\CALMAIN.exe
c:\windows\system32\wscntfy.exe
c:\windows\RTHDCPL.EXE
c:\windows\system32\igfxsrvc.exe
c:\progra~1\MICROS~3\rapimgr.exe
c:\program files\OpenOffice.org 3\program\soffice.exe
c:\program files\OpenOffice.org 3\program\soffice.bin
.
**************************************************************************
.
Completion time: 2012-08-31 01:26:40 - machine was rebooted
ComboFix-quarantined-files.txt 2012-08-30 23:26
.
Pre-Run: 7.801.393.152 bytes free
Post-Run: 8.043.601.920 bytes free
.
WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
.
- - End Of File - - 0CF84A0A83AB5B96E06058818B1AA20A
THANK YOU IN ADVANCE FOR ANY HELP!
Natasa