offline
- Pridružio: 23 Mar 2008
- Poruke: 68
|
Ok. Evo sad cu to uraditi. Znam da imam virus jer posle nekog vremena pojavi mi se greska "Generic Host Win 32" koja mi iskljuci internet i nemogu da ga pokrenem dok ne restartujem komp i sl.
Dopuna: 15 Jun 2008 22:50
Evo ComboFix log file-a:
ComboFix 08-06-15.1 - Bajt Computer 2008-06-15 22:39:41.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.1565 [GMT 2:00]
Running from: C:\Documents and Settings\Bajt Computer\Desktop\NewFolder\ComboFix.exe
* Created a new restore point
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\WINDOWS\system32\_000110_.tmp.dll
C:\WINDOWS\system32\Cfx32.lic
C:\WINDOWS\system32\cfx32.ocx
C:\WINDOWS\system32\lsprst7.dll
C:\WINDOWS\system32\ssprs.dll
C:\WINDOWS\system32\winsys.exe
.
((((((((((((((((((((((((( Files Created from 2008-05-15 to 2008-06-15 )))))))))))))))))))))))))))))))
.
2008-06-15 22:09 . 2008-06-15 22:09 <DIR> d-------- C:\Documents and Settings\Administrator
2008-06-15 18:56 . 2004-08-03 23:10 49,024 --a------ C:\WINDOWS\system32\drivers\mstape.sys
2008-06-15 18:56 . 2004-08-03 23:10 49,024 --a--c--- C:\WINDOWS\system32\dllcache\mstape.sys
2008-06-15 18:56 . 2004-08-03 23:10 13,696 --a------ C:\WINDOWS\system32\drivers\avcstrm.sys
2008-06-15 18:56 . 2004-08-03 23:10 13,696 --a--c--- C:\WINDOWS\system32\dllcache\avcstrm.sys
2008-06-15 11:51 . 2008-06-15 12:00 <DIR> d-------- C:\Documents and Settings\Bajt Computer\Application Data\ChessBase
2008-06-15 11:51 . 2008-06-15 11:51 111 --a------ C:\WINDOWS\ChssBase.ini
2008-06-15 11:50 . 2008-06-15 11:50 <DIR> d-------- C:\Program Files\ChessBase
2008-06-15 11:16 . 2008-06-15 11:16 <DIR> d-------- C:\Program Files\Common Files\CodeGear Shared
2008-06-15 10:55 . 2008-06-15 21:41 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\{AB3EC276-D261-4943-A921-1CC1C6799AED}
2008-06-15 10:43 . 2008-06-15 10:45 <DIR> d-------- C:\Program Files\RPA713c
2008-06-15 10:43 . 2008-06-15 10:43 <DIR> d-------- C:\Program Files\Common Files\VFP
2008-06-15 10:42 . 2008-06-15 10:42 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-06-15 10:33 . 2008-06-15 10:42 <DIR> d--h----- C:\Documents and Settings\Bajt Computer\.ihqa
2008-06-15 10:31 . 2008-06-15 10:31 <DIR> d-------- C:\tmp
2008-06-15 10:31 . 2007-03-19 01:00 1,470,464 --a------ C:\WINDOWS\system32\libmySQL.dll
2008-06-15 10:31 . 2007-03-19 01:00 417,792 --a------ C:\WINDOWS\system32\gds32.dll
2008-06-15 10:21 . 2008-06-15 10:21 <DIR> d-------- C:\Documents and Settings\Bajt Computer\Application Data\Borland
2008-06-15 10:17 . 2008-06-15 10:30 <DIR> d-------- C:\Program Files\CodeGear
2008-06-15 10:09 . 2008-06-15 12:55 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\CodeGear
2008-06-15 10:03 . 2008-06-15 10:05 <DIR> d-------- C:\Program Files\Microsoft Visual Studio 8
2008-06-15 10:03 . 2008-06-15 21:43 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Microsoft Help
2008-06-15 09:56 . 2008-06-15 09:56 <DIR> d-------- C:\Program Files\Alcohol Soft
2008-06-14 20:22 . 2008-06-14 20:22 <DIR> d-------- C:\Program Files\MegauploadToolbar
2008-06-14 20:22 . 2008-06-14 20:24 <DIR> d-------- C:\Documents and Settings\Bajt Computer\Application Data\MegauploadToolbar
2008-06-14 15:35 . 2008-06-15 10:42 <DIR> d-------- C:\Documents and Settings\Bajt Computer\.borland
2008-06-14 12:35 . 2008-06-14 12:38 <DIR> d-------- C:\Program Files\Common Files\Borland Shared
2008-06-14 12:35 . 2008-06-14 12:35 <DIR> d-------- C:\Program Files\Borland
2008-06-13 22:24 . 2008-06-13 22:47 <DIR> d-------- C:\cale - muzika italy
2008-06-13 19:46 . 2004-08-04 00:56 159,232 --a------ C:\WINDOWS\system32\ptpusd.dll
2008-06-13 19:46 . 2004-08-03 22:58 15,104 --a------ C:\WINDOWS\system32\drivers\usbscan.sys
2008-06-13 19:46 . 2004-08-03 22:58 15,104 --a--c--- C:\WINDOWS\system32\dllcache\usbscan.sys
2008-06-13 19:46 . 2001-08-17 22:36 5,632 --a------ C:\WINDOWS\system32\ptpusb.dll
2008-06-12 22:32 . 2008-06-13 00:30 <DIR> d-------- C:\IDOL FINALE DVD
2008-06-12 17:26 . 2008-06-12 17:26 <DIR> d-------- C:\TITANIC movie
2008-06-11 22:25 . 2004-08-03 23:07 59,264 --a------ C:\WINDOWS\system32\drivers\USBAUDIO.sys
2008-06-11 22:25 . 2004-08-03 23:07 59,264 --a--c--- C:\WINDOWS\system32\dllcache\usbaudio.sys
2008-06-11 22:24 . 2004-08-03 23:08 31,616 --a------ C:\WINDOWS\system32\drivers\usbccgp.sys
2008-06-11 22:24 . 2004-08-03 23:08 31,616 --a--c--- C:\WINDOWS\system32\dllcache\usbccgp.sys
2008-06-11 22:23 . 2008-06-11 22:23 <DIR> d-------- C:\Program Files\Common Files\snpstd3
2008-06-11 22:23 . 2007-05-02 11:09 10,222,720 --a------ C:\WINDOWS\system32\drivers\snpstd3.sys
2008-06-11 22:23 . 2006-09-18 14:12 843,776 --a------ C:\WINDOWS\vsnpstd3.exe
2008-06-11 22:23 . 2007-06-15 15:00 368,640 --a------ C:\WINDOWS\tsnpstd3.exe
2008-06-11 22:23 . 2007-03-21 15:23 172,032 --a------ C:\WINDOWS\system32\rsnpstd3.dll
2008-06-11 22:23 . 2006-07-03 10:31 94,208 --a------ C:\WINDOWS\amcap.exe
2008-06-11 22:23 . 2007-03-30 15:09 61,440 --a------ C:\WINDOWS\system32\vsnpstd3.dll
2008-06-11 22:23 . 2005-11-23 13:55 53,248 --a------ C:\WINDOWS\system32\csnpstd3.dll
2008-06-11 22:23 . 2005-11-23 13:55 53,248 --a------ C:\WINDOWS\csnpstd3.dll
2008-06-11 22:23 . 2004-02-27 17:36 15,498 --a------ C:\WINDOWS\snpstd3.ini
2008-06-11 22:23 . 2004-02-27 17:36 13,023 --a------ C:\WINDOWS\snpstd3.src
2008-06-11 21:27 . 2008-06-11 21:38 4,212,882 --a------ C:\Back_To_You.mp3
2008-06-11 21:22 . 2008-06-11 21:22 <DIR> d-------- C:\Program Files\Power MIDI to MP3
2008-06-11 20:15 . 2008-06-11 21:21 <DIR> d-------- C:\Program Files\CD to MP3 Ripper
2008-06-11 00:16 . 2008-06-14 02:07 <DIR> d-------- C:\Lassie
2008-06-10 17:25 . 2008-06-10 20:48 <DIR> d-------- C:\CALE PARIZ... DVD 8-5GB
2008-06-10 14:36 . 2008-06-15 19:18 <DIR> d-------- C:\Program Files\particleIllusion_3
2008-06-10 14:36 . 2008-06-10 14:36 116 -r-hs---- C:\PCGWIN32.LI3
2008-06-09 12:54 . 2008-06-09 12:54 217 --a------ C:\WINDOWS\wcx_ftp.ini
2008-06-08 23:05 . 2008-06-08 23:05 <DIR> d-------- C:\Documents and Settings\Bajt Computer\Application Data\Publish Providers
2008-06-08 18:53 . 2008-06-08 18:53 <DIR> d-------- C:\Program Files\Webteh
2008-06-08 18:53 . 2008-06-12 16:52 <DIR> d-------- C:\Documents and Settings\Bajt Computer\Application Data\BSplayer PRO
2008-06-08 17:45 . 2002-12-17 16:23 33,340 --------- C:\WINDOWS\system32\dbmsqlgc.dll
2008-06-08 17:45 . 2002-10-20 14:05 24,576 --------- C:\WINDOWS\system32\dbmsgnet.dll
2008-06-08 16:20 . 2008-06-10 22:43 7,680 --ahs---- C:\WINDOWS\Thumbs.db
2008-06-08 16:11 . 2008-06-08 16:14 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Sony
2008-06-08 15:41 . 2008-06-08 15:41 <DIR> d-------- C:\Program Files\Vstplugins
2008-06-08 15:38 . 2008-06-08 15:38 <DIR> d-------- C:\Program Files\Video Stabilizer
2008-06-08 15:38 . 2001-03-18 14:40 237,621 --a------ C:\WINDOWS\system32\stabilize.dll
2008-06-08 15:38 . 2001-03-18 14:39 106,563 --a------ C:\WINDOWS\system32\stabilize_ger.dll
2008-06-08 15:38 . 2001-03-18 17:10 106,563 --a------ C:\WINDOWS\system32\stabilize_eng.dll
2008-06-08 15:36 . 2008-06-08 15:36 <DIR> d-------- C:\Documents and Settings\Bajt Computer\WINDOWS
2008-06-08 15:28 . 2008-06-08 15:28 <DIR> d-------- C:\Documents and Settings\Bajt Computer\Application Data\Sony Setup
2008-06-08 01:54 . 2008-06-10 22:43 <DIR> d-------- C:\Program Files\PianoFX
2008-06-08 01:54 . 2000-08-21 00:00 1,693,968 --a------ C:\WINDOWS\system32\VBA6.DLL
2008-06-08 01:54 . 2002-07-09 22:42 140,288 --a------ C:\WINDOWS\system32\COMDLG32.OCX
2008-06-08 01:54 . 2000-05-22 00:00 115,920 --a------ C:\WINDOWS\system32\MSINET.OCX
2008-06-08 01:27 . 2008-06-08 01:27 <DIR> d-------- C:\Documents and Settings\Bajt Computer\Application Data\MSNInstaller
2008-06-08 00:57 . 2008-06-08 00:57 <DIR> d-------- C:\Program Files\Microsoft Works
2008-06-08 00:57 . 2008-06-08 00:57 <DIR> d-------- C:\Program Files\Common Files\L&H
2008-06-08 00:48 . 2003-06-18 17:31 17,920 --a------ C:\WINDOWS\system32\mdimon.dll
2008-06-08 00:48 . 2008-06-08 00:58 376 --a------ C:\WINDOWS\ODBC.INI
2008-06-08 00:47 . 2008-06-15 10:03 <DIR> d-------- C:\Program Files\Microsoft.NET
2008-06-08 00:47 . 2008-06-08 00:47 <DIR> d-------- C:\Program Files\Microsoft ActiveSync
2008-06-08 00:46 . 2008-06-08 00:46 <DIR> d-------- C:\WINDOWS\SHELLNEW
2008-06-07 18:40 . 2008-06-07 18:40 <DIR> d---s---- C:\Documents and Settings\Bajt Computer\UserData
2008-06-07 16:26 . 2008-06-13 20:02 151 --a------ C:\WINDOWS\PhotoSnapViewer.INI
2008-06-07 15:53 . 2008-06-08 16:14 <DIR> d-------- C:\Documents and Settings\Bajt Computer\Application Data\Sony
2008-06-07 15:43 . 2008-06-07 15:43 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Minnetonka Audio Software
2008-06-07 15:43 . 2008-06-07 15:43 1,025 --a------ C:\WINDOWS\system32\sysprs7.tgz
2008-06-07 15:43 . 2008-06-07 15:43 1,025 --a------ C:\WINDOWS\system32\sysprs7.dll
2008-06-07 15:43 . 2008-06-07 15:43 1,025 --a------ C:\WINDOWS\system32\clauth2.dll
2008-06-07 15:43 . 2008-06-07 15:43 1,025 --a------ C:\WINDOWS\system32\clauth1.dll
2008-06-07 15:43 . 2008-06-15 20:03 219 --a------ C:\WINDOWS\system32\lsprst7.tgz
2008-06-07 15:43 . 2008-06-15 20:03 87 --a------ C:\WINDOWS\system32\ssprs.tgz
2008-06-07 14:57 . 2008-06-08 16:10 <DIR> d-------- C:\Program Files\Sony Setup
2008-06-07 14:57 . 2008-06-08 16:11 <DIR> d-------- C:\Program Files\Sony
2008-06-07 14:51 . 2008-06-15 22:22 116 --a------ C:\WINDOWS\NeroDigital.ini
2008-06-07 13:48 . 2008-06-07 13:48 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\FLEXnet
2008-06-07 13:41 . 2008-06-07 13:41 <DIR> d-------- C:\Program Files\Bonjour
2008-06-07 13:34 . 2008-06-07 13:34 <DIR> d-------- C:\Program Files\Common Files\Macrovision Shared
2008-06-07 13:19 . 2008-06-15 22:12 <DIR> d-------- C:\Documents and Settings\Bajt Computer\Tracing
2008-06-07 13:18 . 2008-06-07 13:18 <DIR> d-------- C:\Program Files\Windows Live
2008-06-07 02:34 . 2001-08-17 15:59 3,072 --a------ C:\WINDOWS\system32\drivers\audstub.sys
2008-06-07 02:32 . 2004-08-04 00:59 57,472 --a------ C:\WINDOWS\system32\drivers\redbook.sys
2008-06-07 02:32 . 2001-08-17 15:46 6,400 --a------ C:\WINDOWS\system32\drivers\enum1394.sys
2008-06-07 02:31 . 2004-08-04 02:56 74,240 --a------ C:\WINDOWS\system32\usbui.dll
2008-06-07 01:29 . 2008-06-07 01:29 <DIR> d-------- C:\Program Files\Nero
2008-06-07 01:29 . 2008-06-07 01:29 <DIR> d-------- C:\Program Files\Common Files\Ahead
2008-06-07 01:29 . 2008-06-08 01:17 <DIR> d-------- C:\Documents and Settings\Bajt Computer\Application Data\Ahead
2008-06-07 01:26 . 2008-06-07 01:46 <DIR> d-------- C:\Program Files\Winamp
2008-06-07 01:26 . 2008-06-07 01:46 <DIR> d-------- C:\Documents and Settings\Bajt Computer\Application Data\Winamp
2008-06-07 01:24 . 2008-06-14 13:51 <DIR> d-------- C:\Program Files\Opera
2008-06-07 01:21 . 2008-06-07 01:21 <DIR> d-------- C:\Program Files\SAGEM
2008-06-07 01:21 . 2008-06-15 11:50 <DIR> d--h----- C:\Program Files\InstallShield Installation Information
2008-06-07 01:21 . 2008-06-07 01:21 <DIR> d-------- C:\Documents and Settings\Bajt Computer\Application Data\InstallShield
2008-06-07 01:21 . 2006-12-22 13:18 316,416 --a------ C:\WINDOWS\system32\unaddrv.x64.exe
2008-06-07 01:20 . 2008-06-07 01:20 <DIR> d-------- C:\Program Files\Google
2008-06-07 01:20 . 2008-06-11 23:49 <DIR> d-------- C:\Program Files\Common Files\Adobe
2008-06-07 01:20 . 1998-10-29 15:45 306,688 --a------ C:\WINDOWS\IsUninst.exe
2008-06-07 01:19 . 2008-06-07 13:41 <DIR> d-------- C:\totalcmd
2008-06-07 01:19 . 2008-06-15 22:22 3,667 --a------ C:\WINDOWS\wincmd.ini
2008-06-07 01:19 . 2008-04-22 07:03 545 --a------ C:\WINDOWS\UC.PIF
2008-06-07 01:19 . 2008-04-22 07:03 545 --a------ C:\WINDOWS\RAR.PIF
2008-06-07 01:19 . 2008-04-22 07:03 545 --a------ C:\WINDOWS\PKZIP.PIF
2008-06-07 01:19 . 2008-04-22 07:03 545 --a------ C:\WINDOWS\PKUNZIP.PIF
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-06-06 23:33 112,144 ----a-w C:\WINDOWS\system32\drivers\kl1.sys
2008-06-06 23:21 32 ----a-w C:\WINDOWS\system32\drivers\adidsl.cfg
2008-06-06 22:44 --------- d-----w C:\Program Files\microsoft frontpage
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe" [2005-10-28 16:25 94208]
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [2007-11-07 15:34 3739672]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2002-12-31 14:00 15360]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2006-06-01 11:22 7618560]
"nwiz"="nwiz.exe" [2006-06-01 11:22 1519616 C:\WINDOWS\system32\nwiz.exe]
"SW20"="C:\WINDOWS\system32\sw20.exe" [2006-05-18 03:15 208896]
"SW24"="C:\WINDOWS\system32\sw24.exe" [2006-05-17 04:37 69632]
"NvMediaCenter"="NvMCTray.dll" [2006-06-01 11:22 86016 C:\WINDOWS\system32\nvmctray.dll]
"P17Helper"="P17.dll" [2005-04-12 10:53 64512 C:\WINDOWS\system32\P17.dll]
"googletalk"="C:\Program Files\Google\Google Talk\googletalk.exe" [2007-01-01 23:22 3739648]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 10:50 155648]
"WinampAgent"="C:\Program Files\Winamp\winampa.exe" [ ]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 22:16 39792]
"tsnpstd3"="C:\WINDOWS\tsnpstd3.exe" [2007-06-15 15:00 368640]
"snpstd3"="C:\WINDOWS\vsnpstd3.exe" [2006-09-18 14:12 843776]
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Adobe Gamma Loader.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2008-06-07 01:20:54 113664]
DSLMON.lnk - C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe [2008-06-07 01:21:30 1205840]
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001
"UpdatesDisableNotify"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Google\\Google Talk\\googletalk.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"=
R0 sojubus;sojubus;C:\WINDOWS\system32\DRIVERS\sojubus.sys [2003-10-05 10:41]
R0 sojuscsi;sojuscsi;C:\WINDOWS\system32\DRIVERS\sojuscsi.sys [2003-09-28 10:57]
R3 e4usbaw;USB ADSL2 WAN Adapter;C:\WINDOWS\system32\DRIVERS\e4usbaw.sys [2007-01-04 13:48]
R3 klim5;Kaspersky Anti-Virus NDIS Filter;C:\WINDOWS\system32\DRIVERS\klim5.sys [2007-12-13 13:28]
S2 E4LOADER;General Purpose USB Driver (e4ldr.sys);C:\WINDOWS\system32\Drivers\e4ldr.sys [2007-01-04 13:47]
S3 AVCSTRM;AVC Streaming Filter Driver;C:\WINDOWS\system32\DRIVERS\avcstrm.sys [2004-08-03 23:10]
S3 MSTAPE;Microsoft AV/C Tape Subunit Device;C:\WINDOWS\system32\DRIVERS\mstape.sys [2004-08-03 23:10]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{eaee702c-33fe-11dd-acc4-806d6172696f}]
\Shell\AutoRun\command - M:\setup.exe
*Newly Created Service* - CATCHME
.
**************************************************************************
catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, [Link mogu videti samo ulogovani korisnici]
Rootkit scan 2008-06-15 22:42:18
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
Completion time: 2008-06-15 22:44:09
ComboFix-quarantined-files.txt 2008-06-15 20:43:41
Pre-Run: 23,061,667,840 bytes free
Post-Run: 24,054,009,856 bytes free
213
|
