Brisanje NOD-a :: Pc Klinika ~ Doktori za vas kompjuter

Evo uspio sam,odradio sam sve kako si reako,samo moram ovako prilepiti log,jer ne mogu uci na "pastebin".

Citat

ComboFix 12-08-29.03 - SEMPRON 3000 30.08.2012 1:00.1.1 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.511.126 [GMT 2:00]
Running from: c:\documents and settings\SEMPRON 3000\Desktop\ComboFix.exe
AV: ESET NOD32 Antivirus 4.2 *Enabled/Outdated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\All Users\Application Data\TEMP
c:\documents and settings\SEMPRON 3000\WINDOWS
c:\program files\ViOrb
c:\program files\ViOrb\resources\flag.png
c:\program files\ViOrb\StartHook.dll
c:\program files\ViOrb\ViOrb.exe
c:\windows\pkunzip.pif
c:\windows\pkzip.pif
c:\windows\system32\scrnrdr.exe
c:\windows\system32\SET4021.tmp
c:\windows\system32\SET4022.tmp
c:\windows\system32\SET4023.tmp
c:\windows\system32\SET4027.tmp
c:\windows\system32\SET4028.tmp
c:\windows\system32\SET4029.tmp
c:\windows\system32\SET402B.tmp
c:\windows\system32\SET402D.tmp
c:\windows\system32\SET402F.tmp
c:\windows\system32\URTTemp
c:\windows\system32\URTTemp\fusion.dll
c:\windows\system32\URTTemp\mscoree.dll
c:\windows\system32\URTTemp\mscoree.dll.local
c:\windows\system32\URTTemp\mscorsn.dll
c:\windows\system32\URTTemp\mscorwks.dll
c:\windows\system32\URTTemp\msvcr71.dll
c:\windows\system32\URTTemp\regtlib.exe
c:\windows\system32\VIRepair
c:\windows\system32\VIRepair\vi.sif
.
.
((((((((((((((((((((((((( Files Created from 2012-07-28 to 2012-08-29 )))))))))))))))))))))))))))))))
.
.
2012-08-28 23:07 . 2012-08-28 23:07   --------   d-----w-   c:\documents and settings\SEMPRON 3000\Application Data\SUPERAntiSpyware.com
2012-08-28 23:06 . 2012-08-28 23:07   --------   d-----w-   c:\program files\SUPERAntiSpyware
2012-08-28 23:06 . 2012-08-28 23:06   --------   d-----w-   c:\documents and settings\All Users\Application Data\SUPERAntiSpyware.com
2012-08-28 19:15 . 2012-08-28 19:15   --------   d-----w-   c:\documents and settings\SEMPRON 3000\Application Data\Malwarebytes
2012-08-28 19:15 . 2012-08-28 19:15   --------   d-----w-   c:\documents and settings\All Users\Application Data\Malwarebytes
2012-08-28 19:15 . 2012-07-03 11:46   22344   ----a-w-   c:\windows\system32\drivers\mbam.sys
2012-08-28 19:15 . 2012-08-28 19:15   --------   d-----w-   c:\program files\Malwarebytes' Anti-Malware
2012-08-28 18:50 . 2012-08-28 18:50   --------   d-----w-   c:\program files\CCleaner
2012-08-21 15:56 . 2012-08-21 15:57   --------   d-----w-   c:\program files\Mozilla Maintenance Service
2012-08-08 21:19 . 2012-08-08 21:20   --------   d-----w-   c:\windows\VMUVC
2012-08-08 21:19 . 2011-03-16 12:44   252928   ----a-w-   c:\windows\system32\drivers\VMUVC.sys
2012-08-08 21:19 . 2009-04-29 14:01   516096   ----a-w-   c:\windows\system32\VMUVC.ax
2012-08-08 21:19 . 2008-09-02 15:47   94208   ----a-w-   c:\windows\system32\VvFtCtrl.dll
2012-08-08 21:19 . 2008-07-01 09:16   188416   ----a-w-   c:\windows\system32\vvftUVC.ax
2012-08-08 21:19 . 2007-04-12 20:59   73728   ----a-w-   c:\windows\system32\exvmuvc.ax
2012-08-08 21:19 . 2011-05-27 07:55   399360   ----a-w-   c:\windows\system32\drivers\vvftUVC.sys
2012-08-08 21:19 . 2008-09-18 14:28   98304   ----a-w-   c:\windows\system32\VMCtrl.ax
2012-08-08 21:19 . 2008-02-29 08:11   11776   ----a-w-   c:\windows\system32\VMUVC.dll
2012-08-08 21:19 . 2007-01-24 10:26   319456   ----a-w-   c:\windows\system32\DIFxAPI.dll
2012-08-08 21:19 . 2012-08-08 21:19   --------   d-----w-   c:\program files\Vimicro Corporation
2012-08-08 13:37 . 2008-04-14 02:15   60032   -c--a-w-   c:\windows\system32\dllcache\usbaudio.sys
2012-08-08 13:37 . 2008-04-14 02:15   60032   ----a-w-   c:\windows\system32\drivers\USBAUDIO.sys
2012-08-08 13:26 . 2008-04-14 07:42   20992   ----a-w-   c:\windows\system32\dshowext.ax
2012-08-08 13:26 . 2008-04-14 02:16   121984   -c--a-w-   c:\windows\system32\dllcache\usbvideo.sys
2012-08-08 13:26 . 2008-04-14 02:16   121984   ----a-w-   c:\windows\system32\drivers\usbvideo.sys
2012-08-08 13:26 . 2008-04-14 02:15   32128   -c--a-w-   c:\windows\system32\dllcache\usbccgp.sys
2012-08-08 13:26 . 2008-04-14 02:15   32128   ----a-w-   c:\windows\system32\drivers\usbccgp.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-07-06 13:58 . 2008-04-14 08:00   78336   ----a-w-   c:\windows\system32\browser.dll
2012-07-04 14:05 . 2010-09-27 20:42   139784   ----a-w-   c:\windows\system32\drivers\rdpwd.sys
2012-07-03 13:40 . 2008-04-14 08:00   1866112   ----a-w-   c:\windows\system32\win32k.sys
2012-07-03 12:30 . 2012-07-03 12:30   21419   ----a-w-   c:\windows\system32\drivers\AegisP.sys
2012-07-02 17:49 . 2008-04-23 00:16   916992   ----a-w-   c:\windows\system32\wininet.dll
2012-07-02 17:49 . 2008-07-12 19:10   43520   ----a-w-   c:\windows\system32\licmgr10.dll
2012-07-02 17:49 . 2008-04-23 00:16   1469440   ------w-   c:\windows\system32\inetcpl.cpl
2012-07-02 12:05 . 2008-07-12 19:09   385024   ----a-w-   c:\windows\system32\html.iec
2012-06-26 11:03 . 2012-06-26 11:02   3796065   ----a-w-   c:\documents and settings\All Users\Application Data\sbsdwin95req.exe
2012-06-06 23:54 . 2012-06-06 23:54   404640   ----a-w-   c:\windows\system32\FlashPlayerCPLApp.cpl
2012-06-05 15:50 . 2008-04-14 08:00   1372672   ----a-w-   c:\windows\system32\msxml6.dll
2012-06-05 15:50 . 2008-04-14 08:00   1172480   ----a-w-   c:\windows\system32\msxml3.dll
2012-06-04 15:35 . 2010-09-27 20:44   210968   ----a-w-   c:\windows\system32\wuweb.dll
2012-06-04 04:32 . 2008-04-14 08:00   152576   ----a-w-   c:\windows\system32\schannel.dll
2012-06-02 13:19 . 2010-09-28 20:12   22040   ----a-w-   c:\windows\system32\wucltui.dll.mui
2012-06-02 13:19 . 2010-09-28 20:12   15384   ----a-w-   c:\windows\system32\wuaucpl.cpl.mui
2012-06-02 13:19 . 2010-09-27 20:44   329240   ----a-w-   c:\windows\system32\wucltui.dll
2012-06-02 13:19 . 2010-09-27 20:44   219160   ----a-w-   c:\windows\system32\wuaucpl.cpl
2012-06-02 13:19 . 2010-09-28 20:12   45080   ----a-w-   c:\windows\system32\wups2.dll
2012-06-02 13:19 . 2010-09-28 20:12   15384   ----a-w-   c:\windows\system32\wuapi.dll.mui
2012-06-02 13:19 . 2010-09-27 20:44   53784   ----a-w-   c:\windows\system32\wuauclt.exe
2012-06-02 13:19 . 2010-09-27 20:44   35864   ----a-w-   c:\windows\system32\wups.dll
2012-06-02 13:19 . 2008-04-14 08:00   97304   ----a-w-   c:\windows\system32\cdm.dll
2012-06-02 13:19 . 2010-09-28 20:12   17944   ----a-w-   c:\windows\system32\wuaueng.dll.mui
2012-06-02 13:19 . 2010-09-27 20:44   577048   ----a-w-   c:\windows\system32\wuapi.dll
2012-06-02 13:19 . 2010-09-27 20:44   1933848   ----a-w-   c:\windows\system32\wuaueng.dll
2012-07-14 00:17 . 2012-08-21 15:56   136672   ----a-w-   c:\program files\mozilla firefox\components\browsercomps.dll
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[-] 2008-04-14 . 6A8B0B64F8D7EBEF70B16FF689C3C76D . 1423872 . . [6.00.2900.5512] . . c:\windows\explorer.exe
[7] 2008-04-14 . 12896823FB95BFB3DC9B46BCAEDC9923 . 1033728 . . [6.00.2900.5512] . . c:\windows\system32\dllcache\explorer.exe
[7] 2008-04-14 . 12896823FB95BFB3DC9B46BCAEDC9923 . 1033728 . . [6.00.2900.5512] . . c:\windows\system32\VITrans\explorer.exe
.
[-] 2008-04-14 . 702BE30013B178035BF81F08A1BF5C46 . 224256 . . [5.1.2600.5512] . . c:\windows\regedit.exe
[7] 2008-04-14 . 058710B720282CA82B909912D3EF28DB . 146432 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\regedit.exe
[7] 2008-04-14 . 058710B720282CA82B909912D3EF28DB . 146432 . . [5.1.2600.5512] . . c:\windows\system32\VITrans\regedit.exe
.
[-] 2008-07-12 . 362BC5AF8EAF712832C58CC13AE05750 . 1614848 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Pando Media Booster"="c:\program files\Pando Networks\Media Booster\PMB.exe" [2011-10-22 3077528]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2012-07-09 4777856]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HTpatch"="c:\windows\htpatch.exe" [2002-10-30 28672]
"SiSUSBRG"="c:\windows\SiSUSBrg.exe" [2002-07-12 106496]
"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2004-11-02 32768]
"VMonitorVMUVC"="c:\program files\Vimicro Corporation\VMUVC\VMonitor.exe" [2010-09-10 143360]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-07-03 462920]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"nltide_2"="shell32" [X]
.
c:\documents and settings\All Users\Start Menu\Programs\Startup\
Ralink Wireless Utility.lnk - c:\program files\RALINK\Common\RaUI.exe [2012-7-3 1339392]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2011-07-19 113024]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"UIHost"=hex(2):76,69,73,74,61,75,69,2e,65,78,65,00
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2011-05-04 17:54   551296   ----a-w-   c:\program files\SUPERAntiSpyware\SASWINLO.DLL
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EsetUninstaller]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"DisableNotifications"= 1 (0x1)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Pando Networks\\Media Booster\\PMB.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"58670:TCP"= 58670:TCP:Pando Media Booster
"58670:UDP"= 58670:UDP:Pando Media Booster
"58757:TCP"= 58757:TCP:Pando Media Booster
"58757:UDP"= 58757:UDP:Pando Media Booster
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
.
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [22.7.2011 18:27 12880]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [12.7.2011 23:55 67664]
R2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCore.exe [12.8.2011 1:38 116608]
R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [28.8.2012 21:15 655944]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [28.8.2012 21:15 22344]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys --> c:\windows\system32\DRIVERS\ehdrv.sys [?]
S1 epfwtdir;epfwtdir;c:\windows\system32\DRIVERS\epfwtdir.sys --> c:\windows\system32\DRIVERS\epfwtdir.sys [?]
S2 ekrn;ESET Service;"c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe" --> c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [?]
S2 WCMVCAM;WebcamMax, WDM Video Capture;c:\windows\system32\drivers\wcmvcam.sys [23.6.2011 8:43 1068216]
S3 EsetUninstaller;ESET Uninstaller Service;c:\windows\ESETUninstaller(2).exe -Service --> c:\windows\ESETUninstaller(2).exe -Service [?]
S3 ManyCam;ManyCam Virtual Webcam, WDM Video Capture Driver;c:\windows\system32\drivers\ManyCam.sys [14.1.2008 12:06 21632]
S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [21.8.2012 17:56 113120]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\drivers\ssadbus.sys [13.5.2011 3:21 121064]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\drivers\ssadmdfl.sys [13.5.2011 3:21 12776]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\drivers\ssadmdm.sys [13.5.2011 3:21 136808]
S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);c:\windows\system32\drivers\ssadserd.sys [13.5.2011 3:21 114280]
S3 VMUVC;Vimicro Camera Service VMUVC;c:\windows\system32\drivers\VMUVC.sys [8.8.2012 23:19 252928]
S3 vvftUVC;Vimicro Camera Filter Service VMUVC;c:\windows\system32\drivers\vvftUVC.sys [8.8.2012 23:19 399360]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.windowsxlive.net
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
FF - ProfilePath - c:\documents and settings\SEMPRON 3000\Application Data\Mozilla\Firefox\Profiles\8oyt4nrc.default\
FF - prefs.js: browser.startup.homepage - www.google.rs
.
- - - - ORPHANS REMOVED - - - -
.
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
HKLM-Run-Cmaudio - cmicnfg.cpl
HKLM-Run-Adobe Reader Speed Launcher - c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe
AddRemove-Vista Transformation Pack - c:\windows\system32\viwc.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-08-30 01:07
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
HTpatch = c:\windows\htpatch.exe?ows\CurrentVersion\Run???\???]??Z???????Z???Z???????????????? ??Z???Z?N?????Z$??????Z????????????{??Z???????????Z$?G~????(????~B~??G~?????~B~??G~???Z@???????d??????Z%??Zx??Zd??????Z,>?Z???Zv?B~Z|?Z{3?Z?2?Z????st.I????G??Z????d????<?Z?I?Z
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(492)
c:\program files\SUPERAntiSpyware\SASWINLO.DLL
c:\windows\system32\WININET.dll
c:\windows\system32\cscui.dll
.
Completion time: 2012-08-30 01:11:13
ComboFix-quarantined-files.txt 2012-08-29 23:11
.
Pre-Run: 28.682.272.768 bytes free
Post-Run: 30.423.232.512 bytes free
.
WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
.
- - End Of File - - A8F1AE1EB902F09B6320F2B5D74CFEA5