pomoc

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

ComboFix 08-05-25.4 - user 2008-05-30 15:48:51.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1250.1.1033.18.612 [GMT 2:00]
Running from: C:\Documents and Settings\user\Desktop\ComboFix.exe

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\WINDOWS\install.exe
C:\WINDOWS\system32\winnb58.dll

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_POWERMANAGER
-------\Service_PowerManager


((((((((((((((((((((((((( Files Created from 2008-04-28 to 2008-05-30 )))))))))))))))))))))))))))))))
.

2008-05-27 16:07 . 2008-05-27 16:06 77,768 --a------ C:\izvestaj.html
2008-05-26 15:44 . 2008-05-26 15:59 <DIR> d--hs---- C:\RECYCLER(2)
2008-05-25 23:24 . 2008-05-25 23:24 250 --a------ C:\WINDOWS\gmer.ini
2008-05-25 21:37 . 2008-05-25 23:14 <DIR> d-------- C:\Program Files\Unlocker
2008-05-24 19:21 . 2008-05-25 23:06 <DIR> d-------- C:\Program Files\Brew Mobile Commander
2008-05-24 13:38 . 2008-05-24 13:38 <DIR> d-------- C:\Program Files\totalcmd2
2008-05-24 13:15 . 2007-07-30 19:19 271,224 --a------ C:\WINDOWS\system32\mucltui.dll
2008-05-24 13:15 . 2007-07-30 19:19 30,072 --a------ C:\WINDOWS\system32\mucltui.dll.mui
2008-05-21 16:29 . 2007-07-30 19:18 34,136 --a------ C:\WINDOWS\system32\wucltui.dll.mui
2008-05-21 16:29 . 2007-07-30 19:19 25,944 --a------ C:\WINDOWS\system32\wuaucpl.cpl.mui
2008-05-21 16:29 . 2007-07-30 19:19 25,944 --a------ C:\WINDOWS\system32\wuapi.dll.mui
2008-05-21 16:29 . 2007-07-30 19:18 20,312 --a------ C:\WINDOWS\system32\wuaueng.dll.mui
2008-05-21 15:45 . 2008-05-21 15:45 <DIR> d-------- C:\Documents and Settings\user\Application Data\FDRLab
2008-05-19 21:45 . 2008-05-20 21:47 <DIR> d-------- C:\Program Files\GameWiz32
2008-05-19 21:45 . 2002-04-19 00:43 73,728 --a------ C:\WINDOWS\system32\GkSui18.EXE
2008-05-19 20:00 . 2008-05-19 20:00 244 --ah----- C:\sqmnoopt15.sqm
2008-05-19 20:00 . 2008-05-19 20:00 232 --ah----- C:\sqmdata15.sqm
2008-05-19 18:33 . 2008-05-19 18:33 244 --ah----- C:\sqmnoopt14.sqm
2008-05-19 18:33 . 2008-05-19 18:33 232 --ah----- C:\sqmdata14.sqm
2008-05-18 12:08 . 2008-05-18 12:26 121 --a------ C:\WINDOWS\bdagent.INI
2008-05-18 12:01 . 2008-05-18 12:28 <DIR> d-------- C:\Program Files\BitDefender
2008-05-18 12:00 . 2008-05-18 12:01 <DIR> d-------- C:\Program Files\Common Files\BitDefender
2008-05-18 11:34 . 2008-05-18 11:34 0 --ah----- C:\WINDOWS\SwSys2.bmp
2008-05-18 11:34 . 2008-05-18 11:34 0 --ah----- C:\WINDOWS\SwSys1.bmp
2008-05-08 17:54 . 2008-05-08 17:54 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\PCPitstop
2008-05-05 16:13 . 2008-05-05 16:13 244 --ah----- C:\sqmnoopt13.sqm
2008-05-05 16:13 . 2008-05-05 16:13 232 --ah----- C:\sqmdata13.sqm
2008-05-05 09:53 . 2008-05-05 09:53 244 --ah----- C:\sqmnoopt12.sqm
2008-05-05 09:53 . 2008-05-05 09:53 232 --ah----- C:\sqmdata12.sqm
2008-05-05 09:25 . 2008-05-05 09:25 <DIR> d-------- C:\Program Files\YouTube Downloader
2008-05-04 22:41 . 2008-05-04 22:41 244 --ah----- C:\sqmnoopt11.sqm
2008-05-04 22:41 . 2008-05-04 22:41 232 --ah----- C:\sqmdata11.sqm
2008-05-04 20:55 . 2008-05-04 20:55 244 --ah----- C:\sqmnoopt10.sqm
2008-05-04 20:55 . 2008-05-04 20:55 232 --ah----- C:\sqmdata10.sqm
2008-05-04 19:20 . 2008-05-04 19:20 244 --ah----- C:\sqmnoopt09.sqm
2008-05-04 19:20 . 2008-05-04 19:20 232 --ah----- C:\sqmdata09.sqm
2008-05-04 13:27 . 2008-05-04 13:27 244 --ah----- C:\sqmnoopt08.sqm
2008-05-04 13:27 . 2008-05-04 13:27 232 --ah----- C:\sqmdata08.sqm
2008-05-04 10:56 . 2008-05-04 10:56 244 --ah----- C:\sqmnoopt07.sqm
2008-05-04 10:56 . 2008-05-04 10:56 232 --ah----- C:\sqmdata07.sqm
2008-04-29 15:24 . 2008-04-29 15:24 10 --a------ C:\WINDOWS\system32\810429tv4-test.jun
2008-04-29 08:56 . 2008-04-29 08:56 <DIR> d-------- C:\Program Files\Common Files\Nullsoft
2008-04-29 08:32 . 2008-04-29 08:32 <DIR> d-------- C:\Documents and Settings\user\Application Data\Media Player Classic
2008-04-29 08:31 . 2008-04-29 08:41 <DIR> d-------- C:\Program Files\Real Alternative
2008-04-29 08:21 . 2008-04-29 08:21 <DIR> d-------- C:\Program Files\JLC's Software
2008-04-29 08:21 . 2008-04-29 08:21 <DIR> d-------- C:\Documents and Settings\user\Application Data\JLC's Software
2008-04-28 14:32 . 2008-04-28 14:32 <DIR> d-------- C:\Program Files\Avramovic Web Solutions
2008-04-27 22:14 . 2004-05-14 16:53 462,848 --a------ C:\WINDOWS\system32\ltkrn13n.dll
2008-04-27 22:14 . 2004-05-14 16:53 450,560 --a------ C:\WINDOWS\system32\ltimg13n.dll
2008-04-27 22:14 . 2004-05-14 16:53 401,408 --a------ C:\WINDOWS\system32\lfcmp13n.dll
2008-04-27 22:14 . 2004-05-14 16:53 299,008 --a------ C:\WINDOWS\system32\ltdis13n.dll
2008-04-27 22:14 . 2004-01-12 02:09 206,336 --a------ C:\WINDOWS\system32\ltefx13n.dll
2008-04-27 22:14 . 2004-05-14 16:53 163,840 --a------ C:\WINDOWS\system32\ltfil13n.dll
2008-04-27 22:14 . 2003-11-04 15:10 69,632 --a------ C:\WINDOWS\system32\lfgif13n.dll
2008-04-27 22:14 . 2004-05-14 16:53 57,344 --a------ C:\WINDOWS\system32\lfbmp13n.dll
2008-04-27 20:49 . 2008-04-27 20:49 43,520 --a------ C:\WINDOWS\system32\CmdLineExt03.dll
2008-04-27 20:47 . 2008-05-23 21:26 <DIR> d-------- C:\Program Files\John Deere American Farmer
2008-04-27 15:21 . 2008-04-27 15:22 <DIR> d-------- C:\Program Files\Windows Live Safety Center
2008-04-23 20:40 . 2001-05-11 13:18 420,240 --a------ C:\WINDOWS\system32\mpg4c32.dll
2008-04-23 20:40 . 2001-03-26 04:41 245,760 --a------ C:\WINDOWS\system32\mp4sds32.ax
2008-04-23 20:36 . 2008-04-23 20:36 <DIR> d-------- C:\Program Files\Atari
2008-04-23 20:36 . 2008-04-23 20:36 217,088 --a------ C:\WINDOWS\system32\srkey.exe
2008-04-22 16:25 . 2008-04-22 16:37 <DIR> d-------- C:\Program Files\Ascaron Entertainment
2008-04-19 17:58 . 2008-04-19 17:58 268 --ah----- C:\sqmdata06.sqm
2008-04-19 17:58 . 2008-04-19 17:58 244 --ah----- C:\sqmnoopt06.sqm
2008-04-19 12:24 . 2008-04-19 12:24 268 --ah----- C:\sqmdata05.sqm
2008-04-19 12:24 . 2008-04-19 12:24 244 --ah----- C:\sqmnoopt05.sqm
2008-04-18 16:12 . 2008-04-18 16:12 268 --ah----- C:\sqmdata04.sqm
2008-04-18 16:12 . 2008-04-18 16:12 244 --ah----- C:\sqmnoopt04.sqm
2008-04-16 20:40 . 2008-04-17 14:24 35 --a------ C:\WINDOWS\popcinfo.dat
2008-04-14 16:49 . 2008-04-14 16:52 <DIR> d-------- C:\Documents and Settings\user\Application Data\parentalcontrol
2008-04-12 20:47 . 2004-12-10 09:06 327,680 --a------ C:\WINDOWS\system32\vp6dec.ax
2008-04-12 20:32 . 2008-04-12 20:32 <DIR> d-------- C:\Program Files\Electronic Arts
2008-04-12 00:15 . 2008-04-12 00:15 <DIR> d-------- C:\Program Files\Microsoft ActiveSync
2008-04-03 19:48 . 2008-04-03 19:48 268 --ah----- C:\sqmdata03.sqm
2008-04-03 19:48 . 2008-04-03 19:48 244 --ah----- C:\sqmnoopt03.sqm

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-05-30 12:40 196,608 ----a-w C:\WINDOWS\system32\drivers\aStandard.bin
2008-05-29 16:40 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP
2008-05-29 14:57 --------- d-----w C:\Documents and Settings\user\Application Data\LimeWire
2008-05-08 19:18 --------- d-----w C:\Program Files\Yahoo!
2008-04-27 18:45 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-04-27 18:44 --------- d-----w C:\Program Files\Rockstar Games
2008-04-13 14:40 --------- d-----w C:\Program Files\Common Files\Adobe
2008-04-08 16:55 98,304 ----a-w C:\WINDOWS\system32\CmdLineExt.dll
2008-04-08 16:45 --------- d-----w C:\Program Files\totalcmd
2008-03-31 19:19 --------- d-----w C:\Program Files\Ubisoft
2008-03-31 18:22 --------- d-----w C:\Program Files\Firaxis Games
2008-03-31 18:18 --------- d-----w C:\Program Files\Metro 3D
2008-03-30 16:21 --------- d-----w C:\Program Files\Activision
2008-03-30 06:59 --------- d-----w C:\Program Files\Sony Ericsson
2008-03-02 11:53 1,890 --sha-w C:\WINDOWS\system32\KGyGaAvL.sys
2008-03-02 08:53 409,600 ----a-w C:\WINDOWS\system32\wrap_oal.dll
2008-03-02 08:53 114,688 ----a-w C:\WINDOWS\system32\OpenAL32.dll
2008-03-01 13:00 103,736 -c--a-w C:\WINDOWS\system32\PnkBstrB.exe
2008-02-28 18:26 66,872 -c--a-w C:\WINDOWS\system32\PnkBstrA.exe
2008-02-26 20:56 22,016 ----a-w C:\WINDOWS\e00.exe
2008-02-11 07:58 20,992 ----a-w C:\WINDOWS\jestertb.dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 01:56 15360]
"msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [2008-03-06 17:21 5724184]
"Yahoo! Pager"="C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.exe" [2007-03-01 18:11 4670968]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"High Definition Audio Property Page Shortcut"="HDAShCut.exe" [2005-10-13 22:35 61952 C:\WINDOWS\system32\hdashcut.exe]
"RTHDCPL"="RTHDCPL.EXE" [2005-03-23 07:28 14202368 C:\WINDOWS\RTHDCPL.EXE]
"ATICCC"="C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe" [2006-09-25 19:12 90112]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 21:50 155648]
"WinampAgent"="C:\Program Files\Winamp\winampa.exe" [2003-12-13 02:50 33792]
"Sony Ericsson PC Suite"="C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" [2005-10-27 02:17 159744]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-11-26 01:01 155648]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 05:25 144784]
"RemoteControl"="C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" [2004-11-02 21:24 32768]
"NoGarbage"="C:\Program Files\Avramovic Web Solutions\NoGarbage\NoGarbage.exe" [2004-11-27 12:37 164352]

C:\Documents and Settings\user\Start Menu\Programs\Startup\
PowerReg Scheduler V3.exe [2008-04-23 20:36:26 225280]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe [2006-10-23 02:48:20 40048]
Adobe Reader Synchronizer.lnk - C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe [2006-10-23 01:01:50 734872]
BlueSoleil.lnk - C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe [2007-05-17 18:08:14 661776]
Gigabyte Wireless Utility.lnk - C:\Program Files\GIGABYTE\Common\GNConfig.exe [2008-01-27 15:38:17 741376]
RAID Manager.lnk - C:\Program Files\ITE\ITE IT8212 ATA RAID Controller\RaidMgr.exe [2007-11-17 06:08:42 724992]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.3iv2"= 3ivxVfWCodec.dll
"VIDC.VP31"= vp31vfw.dll
"msacm.l3fhg"= mp3fhg.acm
"VIDC.ACDV"= ACDV.dll

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe"=
"C:\\Program Files\\Messenger\\msmsgs.exe"=
"C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"C:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"=
"C:\\Program Files\\Neoact\\Carom3D\\carom.exe"=
"C:\\Program Files\\LimeWire\\LimeWire.exe"=
"D:\\internet\\za teme\\Uploader.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"C:\\Program Files\\JLC's Software\\Internet TV\\Internet TV.exe"=
"C:\\Program Files\\Internet Explorer\\iexplore.exe"=
"C:\\Program Files\\Real Alternative\\Media Player Classic\\mplayerc.exe"=

R0 iteraid;ITERAID_Service_Install;C:\WINDOWS\system32\DRIVERS\iteraid.sys [2004-12-11 01:44]
R0 sfsync03;StarForce Protection Synchronization Driver (version 3.x);C:\WINDOWS\system32\drivers\sfsync03.sys [2005-10-13 15:46]
R1 aswSP;avast! Self Protection;C:\WINDOWS\system32\drivers\aswSP.sys [2008-05-16 01:20]
R2 aswFsBlk;aswFsBlk;C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-05-16 01:16]
R3 axvbusx;axvbusx;C:\WINDOWS\system32\DRIVERS\axvbusx.sys [2003-01-31 22:43]
R3 axvscsi;axvscsi;C:\WINDOWS\system32\DRIVERS\axvscsi.sys [2003-01-31 22:43]
R3 Video3D;ASUS Video3D Service;C:\WINDOWS\system32\Drivers\Video3D32.sys [2006-09-29 20:06]
S3 FXDRV;FXDRV;E:\Fxdrv.sys []
S4 usnjsvc;Messenger Sharing Folders USN Journal Reader service;"C:\Program Files\Windows Live\Messenger\usnsvc.exe" [2007-10-18 12:31]

.
Contents of the 'Scheduled Tasks' folder
"2008-05-08 18:56:00 C:\WINDOWS\Tasks\Uniblue SpeedUpMyPC Nag.job"
- C:\Program Files\Uniblue\SpeedUpMyPC 3\SpeedUpMyPC.exe
"2008-03-09 19:56:45 C:\WINDOWS\Tasks\Uniblue SpeedUpMyPC.job"
- C:\Program Files\Uniblue\SpeedUpMyPC 3\SpeedUpMyPC.exe
.
**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-05-30 15:53:29
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

PROCESS: C:\WINDOWS\explorer.exe
-> ?:\WINDOWS\System32\CSCDLL.dll
.
------------------------ Other Running Processes ------------------------
.
C:\WINDOWS\system32\ati2evxx.exe
C:\WINDOWS\system32\ati2evxx.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\ATKKBService.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
C:\Program Files\Common Files\Teleca Shared\CapabilityManager.exe
C:\PROGRA~1\Yahoo!\MESSEN~1\Ymsgr_tray.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
C:\Program Files\Common Files\Teleca Shared\Generic.exe
C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
.
**************************************************************************
.
Completion time: 2008-05-30 15:58:41 - machine was rebooted [user]
ComboFix-quarantined-files.txt 2008-05-30 13:58:36
ComboFix2.txt 2008-05-29 13:57:59

Pre-Run: 6,574,141,440 bytes free
Post-Run: 6,582,501,376 bytes free

220

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

malopre sam ti to uradio

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

nesho_15 ::malopre sam ti to uradio

Jesi malo pre uradio i uninstaliranje ComboFixa?

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

obrisao combo fix i sta dalje

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

nesho_15 ::obrisao combo fix i sta dalje

Dao sam ti gore uputstvo sta treba da radis. Kako si ga obrisao? Delete, ili kao sto je u uputstvu?

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

kako pise u upustvu run itd.

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

nesho_15 ::kako pise u upustvu run itd.

E, pa super. Sad ga opet skini i skeniraj sa CF.

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

ja ne znam o cemu se ovde radi prvo postavio sam ti gore log pa mi ti kazes da obrisem combo fix a sad kazes da ga ponovo skinem i skeniram.
ali dobro kako ti kazes uradicu to pa cu postaviti log

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

nesho_15 ::ja ne znam o cemu se ovde radi prvo postavio sam ti gore log pa mi ti kazes da obrisem combo fix a sad kazes da ga ponovo skinem i skeniram.
ali dobro kako ti kazes uradicu to pa cu postaviti log

Veruj mi, i mi helperi smo pomalo zbunjeni. Izgleda da se ComboFix zabagovao, pa nije radio kako treba. Pa smo morali da ga uklonimo i pokusamo ponovo. Izvini