Provera xxxxxx...

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Covek makao Aviru Pro pa stavio neki besplatni AV, onda komp poceo kocit, ja sam sad makao taj AV, pa da vidimo samo jel sve u redu;

Ovo sam odmah uradio ComboFix'om

ComboFix 09-06-28.06 - Mico 29.06.2009 16:59.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.2047.1744 [GMT 2:00]
Running from: c:\documents and settings\Mico\Desktop\ComboFix.exe
.

((((((((((((((((((((((((( Files Created from 2009-05-28 to 2009-06-29 )))))))))))))))))))))))))))))))
.

2009-06-29 14:39 . 2009-06-29 14:39 -------- d-----w- c:\program files\USB Disk Security
2009-06-29 14:30 . 2009-06-29 14:30 -------- d-----w- c:\program files\Error Repair Professional
2009-06-28 19:33 . 2009-06-28 19:33 -------- d-----w- c:\program files\Windows Live Safety Center
2009-06-14 13:19 . 2009-06-14 13:32 -------- d-----w- c:\program files\SweetIM
2009-06-14 13:19 . 2009-06-14 13:32 -------- d-----w- c:\documents and settings\All Users\Application Data\SweetIM
2009-06-14 12:19 . 2009-06-14 12:19 -------- d-----w- c:\documents and settings\Mico\Local Settings\Application Data\Ahead
2009-06-14 12:17 . 2009-06-14 12:17 -------- d-----w- c:\documents and settings\Mico\Application Data\Nero
2009-06-14 12:16 . 2009-06-14 12:17 -------- d-----w- c:\program files\Common Files\Nero
2009-06-14 12:16 . 2009-06-14 12:16 -------- d-----w- c:\program files\Nero
2009-06-14 12:16 . 2009-06-14 12:16 -------- d-----w- c:\documents and settings\All Users\Application Data\Nero
2009-06-13 16:55 . 2009-06-13 16:55 -------- d-----w- c:\program files\Trymedia
2009-06-13 10:53 . 2009-06-13 10:53 -------- d-----w- c:\windows\Downloaded Installations
2009-06-13 10:50 . 2009-06-13 10:50 -------- d-----w- c:\documents and settings\Mico\Application Data\Real Desktop
2009-06-12 12:54 . 2009-06-12 12:55 -------- d-----w- c:\program files\Allok Video to MP4 Converter
2009-06-11 18:30 . 2009-06-12 15:54 -------- d-----w- c:\documents and settings\Mico\Local Settings\Application Data\WMTools Downloaded Files
2009-06-11 15:03 . 2009-06-12 12:54 -------- d-----w- c:\documents and settings\Mico\Application Data\Any Video Converter
2009-06-11 15:03 . 2009-06-12 12:54 -------- d-----w- c:\program files\Any Video Converter
2009-06-11 15:01 . 2009-06-11 15:01 -------- d-----w- c:\program files\ffdshow
2009-06-09 12:05 . 2009-06-09 12:06 -------- d-----w- c:\documents and settings\Mico\Application Data\Neverball
2009-06-09 12:05 . 2009-06-26 12:13 -------- d-----w- c:\program files\Neverball
2009-06-09 11:38 . 2009-06-09 11:38 232846 ----a-w- c:\windows\Little_Fighter_2_Toolbar_Uninstaller_9750.exe
2009-06-09 11:38 . 2009-06-09 11:38 -------- d-----w- c:\program files\LittleFighter2
2009-06-09 11:12 . 2009-06-09 11:17 -------- d-----w- c:\program files\mp3DirectCut
2009-06-08 16:56 . 2009-06-08 16:56 -------- d-s---w- c:\documents and settings\Mico\UserData
2009-06-07 20:41 . 2009-06-07 20:41 -------- d-----w- c:\program files\Tracker Software
2009-06-06 12:56 . 2009-06-06 12:59 -------- d-----w- c:\program files\Audio Editor Gold
2009-06-06 12:52 . 2009-06-06 12:56 -------- d-----w- c:\documents and settings\Mico\Application Data\Gold Wave Editor
2009-06-06 12:52 . 2002-01-05 14:37 344064 ----a-w- c:\windows\system32\msvcr70.dll
2009-06-05 16:05 . 2009-06-05 16:05 -------- d-----w- c:\documents and settings\Mico\Application Data\GarageGames
2009-06-05 14:47 . 2009-06-05 14:47 -------- d-----w- c:\documents and settings\Mico\Local Settings\Application Data\ACD Systems
2009-06-05 14:47 . 2009-06-05 14:47 -------- d-----w- c:\documents and settings\Mico\Application Data\ACD Systems
2009-06-05 14:46 . 2009-06-05 15:32 -------- d-----w- c:\program files\Common Files\ACD Systems
2009-06-05 14:46 . 2009-06-05 14:46 -------- d-----w- c:\documents and settings\Mico\Local Settings\Application Data\Downloaded Installations
2009-06-05 14:30 . 2009-06-05 14:30 -------- d-----w- c:\documents and settings\Mico\Local Settings\Application Data\Windows Live Writer
2009-06-05 14:30 . 2009-06-05 14:30 -------- d-----w- c:\documents and settings\Mico\Application Data\Windows Live Writer
2009-06-05 11:54 . 2009-06-05 11:54 -------- d-----w- c:\program files\Common Files\Windows Live
2009-06-04 17:36 . 2009-06-12 13:00 -------- d-----w- C:\OutputFolder
2009-06-04 12:49 . 2009-06-04 12:57 23510720 ----a-w- c:\documents and settings\Mico\Application Data\Sony Setup\09063B41-0916-4360-A80D-0C2A2B89D300\dotnetfx.exe
2009-06-04 12:48 . 2009-06-04 12:49 2585872 ----a-w- c:\documents and settings\Mico\Application Data\Sony Setup\CF356349-4782-4F9D-AE42-7E3C6AD74B9C\WindowsInstaller-KB893803-v2-x86.exe
2009-06-04 12:47 . 2009-06-04 12:49 -------- d-----w- c:\documents and settings\Mico\Application Data\Sony Setup
2009-06-04 12:26 . 2009-06-04 12:26 -------- d-----w- c:\documents and settings\All Users\Application Data\Azureus
2009-06-04 12:26 . 2009-06-22 18:52 -------- d-----w- c:\documents and settings\Mico\Application Data\Azureus
2009-06-04 12:25 . 2009-06-04 12:25 -------- d-----w- c:\program files\Vuze
2009-06-04 12:25 . 2009-06-04 12:25 -------- d-----w- c:\program files\Common Files\i4j_jres
2009-06-03 20:26 . 2009-06-03 20:26 -------- d-----w- c:\program files\uTorrent
2009-06-03 20:26 . 2009-06-19 16:35 -------- d-----w- c:\documents and settings\Mico\Application Data\uTorrent
2009-06-02 13:16 . 2009-06-02 13:16 -------- d-----w- c:\documents and settings\Mico\Local Settings\Application Data\Identities
2009-06-02 13:03 . 2009-06-29 14:52 -------- d-----w- c:\documents and settings\Mico\Application Data\AIMP
2009-06-02 13:03 . 2009-06-13 17:07 -------- d-----w- c:\program files\AIMP2
2009-06-02 12:36 . 2009-06-02 12:36 -------- d-----w- c:\program files\YouTube Downloader
2009-06-02 12:34 . 2009-06-02 12:34 -------- d-----w- c:\program files\GameTop.com
2009-06-02 12:33 . 2007-04-12 12:19 129024 ----a-w- c:\windows\system32\AVERM.dll
2009-06-02 12:33 . 2006-09-26 11:57 28672 ----a-w- c:\windows\system32\AVEQT.dll
2009-06-02 12:33 . 2009-06-02 12:34 -------- d-----w- c:\program files\Allok Video to 3GP Converter
2009-06-02 12:28 . 2009-06-02 12:28 0 ----a-w- c:\documents and settings\Mico\Application Data\MSNInstaller\msnauins.exe
2009-06-02 12:28 . 2009-06-02 12:28 -------- d-----w- c:\documents and settings\Mico\Application Data\MSNInstaller
2009-06-01 18:28 . 2009-06-02 15:04 -------- d-----w- c:\documents and settings\Mico\Application Data\skypePM
2009-06-01 18:28 . 2009-06-01 18:28 56 ---ha-w- c:\windows\system32\ezsidmv.dat
2009-06-01 18:24 . 2009-06-23 21:18 -------- d-----w- c:\documents and settings\Mico\Application Data\Skype
2009-06-01 18:23 . 2009-06-01 18:23 -------- d-----w- c:\documents and settings\All Users\Application Data\Bluetooth
2009-06-01 18:23 . 2009-06-01 18:23 -------- d-----w- c:\program files\Common Files\Skype
2009-06-01 18:23 . 2009-06-01 18:23 -------- d-----r- c:\program files\Skype
2009-06-01 18:23 . 2009-06-01 18:23 -------- d-----w- c:\documents and settings\All Users\Application Data\Skype
2009-06-01 18:11 . 2004-08-03 20:58 5504 -c--a-w- c:\windows\system32\dllcache\mstee.sys
2009-06-01 18:10 . 2004-08-03 21:08 31616 -c--a-w- c:\windows\system32\dllcache\usbccgp.sys
2009-06-01 18:10 . 2004-08-03 21:08 31616 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2009-06-01 18:10 . 2004-08-03 22:56 21504 -c--a-w- c:\windows\system32\dllcache\hidserv.dll
2009-06-01 18:10 . 2004-08-03 22:56 21504 ----a-w- c:\windows\system32\hidserv.dll
2009-06-01 18:10 . 2001-08-17 11:48 12160 -c--a-w- c:\windows\system32\dllcache\mouhid.sys
2009-06-01 18:10 . 2001-08-17 11:48 12160 ----a-w- c:\windows\system32\drivers\mouhid.sys
2009-06-01 18:10 . 2001-08-17 12:02 9600 -c--a-w- c:\windows\system32\dllcache\hidusb.sys
2009-06-01 18:10 . 2001-08-17 12:02 9600 ----a-w- c:\windows\system32\drivers\hidusb.sys
2009-06-01 17:37 . 2009-06-04 12:42 -------- d-----w- c:\documents and settings\Mico\Local Settings\Application Data\Google
2009-06-01 17:37 . 2009-06-01 17:37 -------- d-----w- c:\program files\Google

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-06-29 14:20 . 2009-06-01 15:16 -------- d-----w- c:\documents and settings\All Users\Application Data\Avira
2009-06-29 14:13 . 2009-06-01 16:56 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2009-06-28 15:12 . 2009-06-01 16:56 -------- d-----w- c:\program files\Spyware Doctor
2009-06-13 10:53 . 2009-06-01 15:08 -------- d-----w- c:\program files\Common Files\InstallShield
2009-06-05 12:40 . 2009-06-01 15:42 12912 ----a-w- c:\documents and settings\Mico\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-06-05 12:40 . 2009-06-05 12:36 -------- d-----w- c:\program files\Windows Live
2009-06-05 12:38 . 2009-06-05 12:38 -------- d-----w- c:\program files\Microsoft Sync Framework
2009-06-05 12:37 . 2009-06-05 12:37 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition
2009-06-05 12:36 . 2009-06-05 12:36 -------- d-----w- c:\program files\Microsoft
2009-06-05 12:36 . 2009-06-05 12:36 -------- d-----w- c:\program files\Windows Live SkyDrive
2009-06-01 18:20 . 2009-06-01 18:20 -------- d-----w- c:\program files\IVT Corporation
2009-06-01 18:20 . 2009-06-01 15:08 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-06-01 17:01 . 2009-06-01 16:56 -------- d-----w- c:\program files\Common Files\PC Tools
2009-06-01 16:56 . 2009-06-01 16:56 -------- d-----w- c:\documents and settings\Mico\Application Data\PC Tools
2009-06-01 16:56 . 2009-06-01 16:56 -------- d-----w- c:\documents and settings\All Users\Application Data\PC Tools
2009-06-01 16:07 . 2009-06-01 16:07 -------- d-----w- c:\program files\CCleaner
2009-06-01 16:06 . 2009-06-01 16:03 -------- d-----w- c:\documents and settings\Mico\Application Data\Winamp
2009-06-01 16:05 . 2009-06-01 16:03 -------- d-----w- c:\program files\Winamp
2009-06-01 15:45 . 2009-06-01 15:45 0 ----a-w- c:\windows\nsreg.dat
2009-06-01 15:42 . 2009-06-01 14:48 86327 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2009-06-01 15:08 . 2009-06-01 15:08 -------- d-----w- c:\program files\Realtek
2009-06-01 15:08 . 2009-06-01 15:08 315392 ----a-w- c:\windows\HideWin.exe
2009-06-01 14:48 . 2009-06-01 14:48 -------- d-----w- c:\program files\microsoft frontpage
2009-06-01 14:46 . 2009-06-01 14:46 21640 ----a-w- c:\windows\system32\emptyregdb.dat
2009-04-03 09:18 . 2009-06-01 16:56 130936 ----a-w- c:\windows\system32\drivers\PCTCore.sys
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}]
2009-05-20 12:36 1258808 ----a-w- c:\program files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-01-08 8523776]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice]
@=""

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice]
@=""

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^BlueSoleil.lnk]
backup=c:\windows\pss\BlueSoleil.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^Mico^Start Menu^Programs^Startup^Real Desktop.lnk]
backup=c:\windows\pss\Real Desktop.lnkStartup
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Real Desktop

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Google\\Google Talk\\googletalk.exe"=
"c:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\WINDOWS\\pchealth\\helpctr\\binaries\\HelpCtr.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

R0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore.sys [1.6.2009 18:56 130936]
R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [5.6.2009 14:40 55152]
R3 AtcL001;NDIS Miniport Driver for Atheros L1 Gigabit Ethernet Controller;c:\windows\system32\drivers\l151x86.sys [1.6.2009 17:04 36864]
S3 fsssvc;Windows Live Porodicna bezbednost;c:\program files\Windows Live\Family Safety\fsssvc.exe [6.2.2009 18:08 533360]
S3 sdAuxService;PC Tools Auxiliary Service;c:\program files\Spyware Doctor\pctsAuxs.exe [1.6.2009 18:56 348752]
.
Contents of the 'Scheduled Tasks' folder

2009-06-28 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-790525478-1645522239-839522115-1003.job
- c:\documents and settings\Mico\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-06-04 12:37]
.
.
------- Supplementary Scan -------
.
uStart Page = [Link mogu videti samo ulogovani korisnici]
mStart Page = [Link mogu videti samo ulogovani korisnici]
FF - ProfilePath - c:\documents and settings\Mico\Application Data\Mozilla\Firefox\Profiles\p84blslr.default\
FF - component: c:\program files\Mozilla Firefox\extensions\browserhighlighter@ebay.com\components\Shim.dll
FF - plugin: c:\documents and settings\Mico\Local Settings\Application Data\Google\Update\1.2.145.5\npGoogleOneClick8.dll
FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, [Link mogu videti samo ulogovani korisnici]
Rootkit scan 2009-06-29 17:00
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2009-06-29 17:01
ComboFix-quarantined-files.txt 2009-06-29 15:01
ComboFix2.txt 2009-06-01 16:23

Pre-Run: 43.773.763.584 bytes free
Post-Run: 43.846.307.840 bytes free

175

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Pozdrav...


Ja ovde vidim samo dva problema. Prvi je to što je taj PC bez AV-a, a drugi je to što nisi ispratio uputstvo za otvaranje teme (idući put će tema biti obrisana ukoliko se problem broj dva ponovi).

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Problem 1: reseno !

Problem 2: pa vec mi je bio istaliran ComboFix