MyCity » Ambulanta -> Arhiva Ambulante » Provjera PC-a

Provjera PC-a

Napisano na dan: 31.8.2008

Provjera PC-a
Sledeća strana Pagination

Idi na vrh

Poslao: 31 Avg 2008 18:35
Idi na vrh
offline
  • Pridružio: 28 Jun 2008
  • Poruke: 61

Močio bih da mi provjerite pc! Unaprijed zahvaljujem.. U zadnja 3-4 dana kao da je malo usporio s radom!

Logfile of HijackThis v1.99.1
Scan saved at 18:30:43, on 31.8.2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\DOCUME~1\Hum\LOCALS~1\Temp\RtkBtMnt.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\BitDefender\BitDefender Communicator\xcommsvr.exe
C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe
C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Documents and Settings\Hum\My Documents\HijackThis_v1.99.1.exe

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: CodecPlugin Class - {a37b3779-e4f3-424c-a495-a60ea8063476} - C:\WINDOWS\system32\RichVideoCodec.dll (file missing)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.0.1225.9868\swg.dll
O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2008\IEToolbar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: MSN Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar\01.01.2607.0\msgr.en-us.en-gb\msntb.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2008\IEShow.exe"
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [AdobeUpdater] C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: I&zvoz u Microsoft Excel - [Link mogu videti samo ulogovani korisnici]\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Istraživanje - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - [Link mogu videti samo ulogovani korisnici]
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: dimsntfy - %SystemRoot%\System32\dimsntfy.dll (file missing)
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - Unknown owner - C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe" /service (file missing)
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Unknown owner - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe (file missing)
O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe" /service (file missing)
O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Program Files\Common Files\BitDefender\BitDefender Communicator\xcommsvr.exe" /service (file missing)



Poslao: 31 Avg 2008 19:31
Idi na vrh
offline
  • dr_Bora  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 24 Jul 2007
  • Poruke: 12280
  • Gde živiš: Höganäs, SE

Poz...


Ovde nema tragova aktivne infekcije, no proverićemo još nešto.



Skini ComboFix sa jedne od sledecih adresa na Desktop:
[Link mogu videti samo ulogovani korisnici]
[Link mogu videti samo ulogovani korisnici]
[Link mogu videti samo ulogovani korisnici]

Startuj ga i ne diraj prozor programa dok skenira.
Sledi uputstva na ekranu. Kada zavrsi pojavice se log (C:\ComboFix.txt) koji ces nam ovde iskopirati.



Poslao: 31 Avg 2008 22:41
Idi na vrh
offline
  • Pridružio: 28 Jun 2008
  • Poruke: 61

ComboFix 08-08-30.03 - Hum 2008-08-31 22:28:07. - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1250.1.1033.18.2570 [GMT 2:00]
Running from: C:\Documents and Settings\Hum\My Documents\ComboFix.exe
* Created a new restore point
* Resident AV is active


WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\Hum\Application Data\macromedia\Flash Player\#SharedObjects\7UD3BAGF\bin.clearspring.com
C:\Documents and Settings\Hum\Application Data\macromedia\Flash Player\#SharedObjects\7UD3BAGF\bin.clearspring.com\clearspring.sol
C:\Documents and Settings\Hum\Application Data\macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#bin.clearspring.com
C:\Documents and Settings\Hum\Application Data\macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#bin.clearspring.com\settings.sol
C:\Documents and Settings\Hum\Cookies\hum@ad.yieldmanager[2].txt
C:\Program Files\RichVideoCodec
C:\WINDOWS\system32\x64

.
((((((((((((((((((((((((( Files Created from 2008-07-28 to 2008-08-31 )))))))))))))))))))))))))))))))
.

2008-08-29 10:57 . 2008-08-29 10:58 <DIR> d-------- C:\Program Files\Virtual Earth 3D
2008-08-22 18:33 . 2008-04-14 05:42 221,184 --a------ C:\WINDOWS\system32\wmpns.dll
2008-08-22 01:14 . 2008-08-22 01:14 <DIR> d-------- C:\WINDOWS\Sun
2008-08-17 12:22 . 2008-08-17 12:22 <DIR> d-------- C:\Program Files\KONAMI
2008-08-09 04:07 . 2008-08-09 04:07 268 --ah----- C:\sqmdata00.sqm
2008-08-09 04:07 . 2008-08-09 04:07 244 --ah----- C:\sqmnoopt00.sqm
2008-08-08 14:22 . 2008-08-08 17:54 <DIR> d-------- C:\Documents and Settings\Hum\Application Data\temp
2008-08-08 13:57 . 2008-08-08 13:57 <DIR> d-------- C:\Programme
2008-08-08 11:15 . 2008-08-23 12:31 <DIR> d-------- C:\Program Files\EA SPORTS
2008-08-08 11:14 . 2008-08-08 11:14 <DIR> d-------- C:\Program Files\Soccerland2001
2008-08-08 11:14 . 1999-06-04 13:25 290,816 --a------ C:\WINDOWS\system32\SWFlash.ocx
2008-08-08 11:13 . 2008-08-08 11:13 <DIR> d-------- C:\Documents and Settings\Hum\WINDOWS
2008-08-08 11:13 . 1999-03-23 09:12 299,520 --a------ C:\WINDOWS\uninst.exe
2008-08-08 10:50 . 2003-11-03 14:28 40,960 --a------ C:\WINDOWS\system32\ctlLabel.ocx
2008-08-08 10:49 . 2008-08-08 10:50 <DIR> d-------- C:\Program Files\World Basketball Manager 2008
2008-08-08 10:49 . 2008-06-13 13:05 272,128 --------- C:\WINDOWS\system32\drivers\bthport.sys
2008-08-08 10:49 . 2008-06-13 13:05 272,128 -----c--- C:\WINDOWS\system32\dllcache\bthport.sys
2008-08-08 02:47 . 2008-08-15 01:21 <DIR> d--h----- C:\WINDOWS\$hf_mig$
2008-08-08 02:27 . 2007-07-30 19:19 271,224 --a------ C:\WINDOWS\system32\mucltui.dll
2008-08-08 02:27 . 2007-07-30 19:19 207,736 --a------ C:\WINDOWS\system32\muweb.dll
2008-08-08 02:27 . 2007-07-30 19:19 30,072 --a------ C:\WINDOWS\system32\mucltui.dll.mui
2008-08-07 17:23 . 2008-08-07 17:23 <DIR> d-------- C:\Program Files\Codemasters
2008-08-07 16:35 . 2008-08-07 16:35 <DIR> d-------- C:\Program Files\SEGA
2008-08-07 16:25 . 2008-08-07 16:25 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\InstallShield
2008-08-07 16:24 . 2005-05-26 15:34 2,297,552 --a------ C:\WINDOWS\system32\d3dx9_26.dll
2008-08-07 16:23 . 2008-08-07 16:23 <DIR> d-------- C:\WINDOWS\system32\AGEIA
2008-08-07 16:23 . 2008-08-07 16:23 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-08-07 16:23 . 2008-08-07 16:23 <DIR> d-------- C:\Program Files\AGEIA Technologies
2008-08-07 16:23 . 2008-08-07 16:23 278,728 --a------ C:\WINDOWS\system32\drivers\atksgt.sys
2008-08-07 16:23 . 2008-08-07 16:23 25,416 --a------ C:\WINDOWS\system32\drivers\lirsgt.sys
2008-08-07 16:19 . 2008-08-07 16:19 <DIR> d-------- C:\Program Files\The Adventure Company
2008-08-07 16:19 . 2008-08-07 17:23 <DIR> d--h----- C:\Program Files\InstallShield Installation Information
2008-08-07 16:19 . 2008-08-07 16:19 <DIR> d-------- C:\Program Files\Common Files\InstallShield
2008-08-07 16:19 . 2004-08-09 05:04 73,728 --a------ C:\WINDOWS\system32\ISUSPM.cpl
2008-08-07 16:18 . 2008-08-07 16:18 69 --a------ C:\WINDOWS\NeroDigital.ini
2008-07-26 23:38 . 2008-07-26 23:38 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Adobe Systems
2008-07-26 23:34 . 2008-07-26 23:34 <DIR> d-------- C:\Program Files\Common Files\Adobe Systems Shared
2008-07-25 19:41 . 2008-07-26 11:01 <DIR> d-------- C:\Documents and Settings\Hum\Contacts
2008-07-25 19:40 . 2008-07-25 19:41 <DIR> d-------- C:\Program Files\Windows Live
2008-07-25 19:40 . 2008-07-25 19:40 <DIR> d--hsc--- C:\Program Files\Common Files\WindowsLiveInstaller
2008-07-25 19:40 . 2008-07-25 19:40 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\WLInstaller
2008-07-25 19:37 . 2007-07-30 19:19 43,352 --a------ C:\WINDOWS\system32\wups2.dll
2008-07-25 19:37 . 2007-07-30 19:18 34,136 --a------ C:\WINDOWS\system32\wucltui.dll.mui
2008-07-25 19:36 . 2008-07-25 19:36 <DIR> d---s---- C:\Documents and Settings\Hum\UserData
2008-07-25 19:36 . 2007-07-30 19:19 25,944 --a------ C:\WINDOWS\system32\wuaucpl.cpl.mui
2008-07-25 19:36 . 2007-07-30 19:19 25,944 --a------ C:\WINDOWS\system32\wuapi.dll.mui
2008-07-25 19:36 . 2007-07-30 19:18 20,312 --a------ C:\WINDOWS\system32\wuaueng.dll.mui
2008-07-25 13:56 . 2008-07-25 13:56 <DIR> d-------- C:\Program Files\MSN Toolbar
2008-07-25 10:11 . 2001-08-17 13:56 7,552 --a------ C:\WINDOWS\system32\drivers\SONYPVU1.SYS
2008-07-25 10:11 . 2001-08-17 13:56 7,552 --a--c--- C:\WINDOWS\system32\dllcache\sonypvu1.sys
2008-07-25 10:00 . 2008-08-31 18:22 <DIR> d-------- C:\Documents and Settings\Hum\Application Data\skypePM
2008-07-25 10:00 . 2008-07-25 10:00 32 --a------ C:\Documents and Settings\All Users\Application Data\ezsid.dat
2008-07-24 10:09 . 2008-08-31 22:34 <DIR> d-------- C:\Documents and Settings\Hum\Application Data\Skype
2008-07-24 10:08 . 2008-07-24 10:08 <DIR> d-------- C:\Program Files\Skype
2008-07-24 10:08 . 2008-07-24 10:09 <DIR> d-------- C:\Program Files\Google
2008-07-24 10:08 . 2008-07-24 10:08 <DIR> d-------- C:\Program Files\Common Files\Skype
2008-07-24 10:08 . 2008-07-24 10:08 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Skype
2008-07-23 17:37 . 2008-07-23 17:56 <DIR> d-------- C:\Documents and Settings\Hum\Application Data\VoipCheapCom
2008-07-23 17:36 . 2008-07-23 18:02 <DIR> d-------- C:\Program Files\VoipCheapCom
2008-07-19 16:24 . 2008-04-14 00:15 10,368 --a------ C:\WINDOWS\system32\drivers\hidusb.sys
2008-07-19 16:24 . 2008-04-14 00:15 10,368 --a--c--- C:\WINDOWS\system32\dllcache\hidusb.sys
2008-07-19 14:22 . 2008-07-19 14:22 <DIR> d-------- C:\Documents and Settings\Hum\Application Data\Sports Interactive
2008-07-19 14:07 . 2008-07-19 14:07 <DIR> dr-h----- C:\Documents and Settings\Hum\Application Data\SecuROM
2008-07-19 14:07 . 2008-07-19 14:07 107,888 --a------ C:\WINDOWS\system32\CmdLineExt.dll
2008-07-19 13:53 . 2008-07-19 14:06 <DIR> d--h----- C:\Program Files\Zero G Registry
2008-07-19 13:53 . 2008-07-19 13:53 <DIR> d-------- C:\Program Files\Sports Interactive
2008-07-19 13:52 . 2008-07-19 13:52 <DIR> d--h----- C:\Documents and Settings\Hum\InstallAnywhere
2008-07-19 13:28 . 2008-07-19 13:28 223,128 --a------ C:\WINDOWS\system32\drivers\vaxscsi.sys
2008-07-19 13:25 . 2008-07-19 13:25 642,560 --a------ C:\WINDOWS\system32\drivers\sptd.sys
2008-07-19 13:25 . 2008-07-19 13:25 96,384 --a------ C:\WINDOWS\system32\drivers\sptd8445.sys
2008-07-19 10:15 . 2008-08-31 22:32 81,984 --a------ C:\WINDOWS\system32\bdod.bin
2008-07-19 10:14 . 2008-08-31 22:32 121 --a------ C:\WINDOWS\bdagent.INI
2008-07-19 10:11 . 2008-07-19 10:11 <DIR> d-------- C:\Documents and Settings\Hum\Application Data\BitDefender
2008-07-19 10:10 . 2008-07-19 10:10 <DIR> d-------- C:\Program Files\Common Files\BitDefender
2008-07-19 10:10 . 2008-07-19 10:11 <DIR> d-------- C:\Program Files\BitDefender
2008-07-19 10:10 . 2008-07-19 10:11 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\BitDefender
2008-07-19 10:09 . 2008-07-19 10:09 <DIR> d-------- C:\Program Files\Webteh
2008-07-19 10:09 . 2008-08-29 21:28 <DIR> d-------- C:\Documents and Settings\Hum\Application Data\BSplayer PRO
2008-07-19 10:09 . 2007-04-09 13:23 28,040 --a------ C:\WINDOWS\system32\mdimon.dll
2008-07-19 10:09 . 2008-07-19 10:09 394 --a------ C:\WINDOWS\ODBC.INI
2008-07-19 10:08 . 2008-07-19 10:08 <DIR> d-------- C:\WINDOWS\SHELLNEW
2008-07-19 10:08 . 2008-07-19 10:08 <DIR> d-------- C:\Program Files\Microsoft.NET
2008-07-19 10:01 . 2008-07-19 10:01 <DIR> d-------- C:\Program Files\MSBuild
2008-07-19 09:59 . 2008-07-19 09:59 <DIR> d-------- C:\WINDOWS\system32\XPSViewer
2008-07-19 09:58 . 2008-07-19 09:58 <DIR> d-------- C:\Program Files\Reference Assemblies
2008-07-19 09:58 . 2006-06-29 13:07 22,752 --a------ C:\WINDOWS\system32\spupdsvc.exe
2008-07-19 09:58 . 2006-06-29 13:07 14,048 --------- C:\WINDOWS\system32\spmsg2.dll
2008-07-19 09:53 . 2008-07-26 23:34 <DIR> d-------- C:\Program Files\Common Files\Adobe
2008-07-19 09:53 . 2008-07-19 09:53 <DIR> d-------- C:\Documents and Settings\Hum\Application Data\Ahead
2008-07-19 09:52 . 2008-07-19 09:52 <DIR> d-------- C:\Program Files\Nero
2008-07-19 09:52 . 2008-07-19 09:53 <DIR> d-------- C:\Program Files\Common Files\Ahead
2008-07-19 09:51 . 2008-07-19 09:51 <DIR> d-------- C:\Program Files\Java
2008-07-19 09:51 . 2008-07-19 09:51 <DIR> d-------- C:\Program Files\Common Files\Java
2008-07-19 09:51 . 2008-02-22 02:33 69,632 --a------ C:\WINDOWS\system32\javacpl.cpl
2008-07-19 09:50 . 2008-07-19 09:50 <DIR> d-------- C:\Program Files\K-Lite Codec Pack
2008-07-19 09:47 . 2008-04-14 00:15 26,368 --a--c--- C:\WINDOWS\system32\dllcache\usbstor.sys
2008-07-19 09:08 . 2008-07-19 09:08 <DIR> d-------- C:\Documents and Settings\Hum\Bluetooth Software
2008-07-19 09:08 . 2008-04-14 05:41 21,504 --a------ C:\WINDOWS\system32\hidserv.dll
2008-07-19 09:08 . 2008-04-14 05:41 21,504 --a--c--- C:\WINDOWS\system32\dllcache\hidserv.dll
2008-07-19 09:08 . 2001-08-17 13:48 12,160 --a------ C:\WINDOWS\system32\drivers\mouhid.sys
2008-07-19 09:08 . 2001-08-17 13:48 12,160 --a--c--- C:\WINDOWS\system32\dllcache\mouhid.sys
2008-07-19 09:07 . 2008-07-19 09:07 <DIR> d-------- C:\Program Files\WIDCOMM
2008-07-19 09:07 . 2007-07-25 03:41 876,384 --a------ C:\WINDOWS\system32\drivers\btkrnl.sys
2008-07-19 09:07 . 2007-07-25 03:41 539,072 --a------ C:\WINDOWS\system32\drivers\btaudio.sys
2008-07-19 09:07 . 2007-07-25 03:41 149,123 --a------ C:\WINDOWS\system32\drivers\btwdndis.sys
2008-07-19 09:07 . 2007-07-25 03:41 106,557 --a------ C:\WINDOWS\system32\btw_ci.dll
2008-07-19 09:07 . 2007-07-25 03:41 67,960 --a------ C:\WINDOWS\system32\drivers\btwusb.sys
2008-07-19 09:07 . 2007-07-25 03:41 55,352 --a------ C:\WINDOWS\system32\drivers\btwhid.sys
2008-07-19 09:07 . 2007-07-25 03:41 37,424 --a------ C:\WINDOWS\system32\drivers\btport.sys
2008-07-19 09:06 . 2008-07-19 09:06 7 --a------ C:\ISACER.id
2008-07-18 20:11 . 2008-07-18 20:11 <DIR> d-------- C:\Program Files\CONEXANT
2008-07-18 20:10 . 2008-04-14 07:42 129,536 --a------ C:\WINDOWS\system32\ksproxy.ax
2008-07-18 20:09 . 2008-08-07 16:23 <DIR> d----c--- C:\WINDOWS\system32\DRVSTORE
2008-07-18 20:09 . 2007-12-19 11:40 920,088 --a------ C:\WINDOWS\system32\igxpun.exe
2008-07-18 20:09 . 2006-11-10 08:25 319,456 --a------ C:\WINDOWS\system32\difxapi.dll
2008-07-18 20:09 . 2008-04-14 07:42 74,240 --a------ C:\WINDOWS\system32\usbui.dll
2008-07-18 20:09 . 2008-04-14 02:06 8,832 --a------ C:\WINDOWS\system32\drivers\wmiacpi.sys
2008-07-18 20:07 . 2008-07-26 23:34 <DIR> dr------- C:\Documents and Settings\All Users\Documents
2008-07-18 20:05 . 2006-12-22 07:56 988,800 --a------ C:\WINDOWS\system32\drivers\HSF_DPV.sys
2008-07-18 20:05 . 2006-12-22 07:55 730,112 --a------ C:\WINDOWS\system32\drivers\HSF_CNXT.sys
2008-07-18 20:05 . 2006-12-22 07:56 209,664 --a------ C:\WINDOWS\system32\drivers\HSFHWAZL.sys
2008-07-18 20:05 . 2006-12-20 13:37 176,128 --a------ C:\WINDOWS\system32\UCI32M16.dll
2008-07-18 20:05 . 2007-05-17 09:45 90,112 --a------ C:\WINDOWS\system32\snymsico.dll
2008-07-18 20:05 . 2007-05-17 09:45 42,496 --a------ C:\WINDOWS\system32\drivers\rimsptsk.sys
2008-07-18 20:05 . 2007-05-17 09:45 39,936 --a------ C:\WINDOWS\system32\drivers\rimmptsk.sys

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-07-19 08:13 86,792 ----a-w C:\WINDOWS\system32\drivers\bdfndisf.sys
2008-07-18 16:20 --------- d-----w C:\Program Files\microsoft frontpage
2008-07-07 20:26 253,952 ----a-w C:\WINDOWS\system32\es.dll
2008-06-24 16:43 74,240 ----a-w C:\WINDOWS\system32\mscms.dll
2008-06-23 15:09 666,112 ----a-w C:\WINDOWS\system32\wininet.dll
2008-06-20 17:46 245,248 ----a-w C:\WINDOWS\system32\mswsock.dll
2008-06-08 18:18 3,127 ----a-w C:\WINDOWS\system32\presetup.cmd
2008-06-08 18:18 28,672 ----a-w C:\WINDOWS\system32\setupold.exe
2008-05-09 10:53 90,112 ----a-w C:\WINDOWS\system32\wshext.dll
2008-05-09 10:53 430,080 ----a-w C:\WINDOWS\system32\vbscript.dll
2008-05-09 10:53 180,224 ----a-w C:\WINDOWS\system32\scrobj.dll
2008-05-09 10:53 172,032 ----a-w C:\WINDOWS\system32\scrrun.dll
2008-05-08 11:24 155,648 ----a-w C:\WINDOWS\system32\wscript.exe
2008-05-07 09:07 135,168 ----a-w C:\WINDOWS\system32\cscript.exe
2008-05-07 05:12 1,288,192 ----a-w C:\WINDOWS\system32\quartz.dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2008-04-14 05:42 15360]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2006-09-13 11:12 139264]
"Skype"="C:\Program Files\Skype\Phone\Skype.exe" [2008-02-06 18:24 21898024]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-08-01 15:11 68856]
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" [2007-10-18 11:34 5724184]
"AdobeUpdater"="C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe" [2008-07-26 13:28 2321600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="C:\WINDOWS\system32\igfxtray.exe" [2007-12-19 11:08 135168]
"HotKeysCmds"="C:\WINDOWS\system32\hkcmd.exe" [2007-12-19 11:08 159744]
"Persistence"="C:\WINDOWS\system32\igfxpers.exe" [2007-12-19 11:07 131072]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 04:25 144784]
"NeroFilterCheck"="C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe" [2006-01-12 16:40 155648]
"BitDefender Antiphishing Helper"="C:\Program Files\BitDefender\BitDefender 2008\IEShow.exe" [2007-10-09 15:46 61440]
"BDAgent"="C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe" [2008-07-19 10:13 368640]
"RTHDCPL"="RTHDCPL.EXE" [2008-04-10 16:52 16861184 C:\WINDOWS\RTHDCPL.EXE]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2008-04-14 05:42 15360]

C:\Documents and Settings\Hum\Start Menu\Programs\Startup\
Adobe Gamma.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-03-16 19:16:50 113664]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe [2006-10-23 01:48:20 40048]
Adobe Reader Synchronizer.lnk - C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe [2006-10-23 00:01:50 734872]
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe [2007-04-01 09:02:38 568176]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.l3fhg"= mp3fhg.acm
"msacm.divxa32"= divxa32.acm
"VIDC.X264"= x264vfw.dll
"VIDC.HFYU"= huffyuv.dll
"vidc.i263"= i263_32.drv
"VIDC.YV12"= yv12vfw.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Authentication Packages REG_MULTI_SZ msv1_0 nwprovau

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Sports Interactive\\Football Manager 2008\\fm.exe"=
"C:\\Program Files\\VoipCheapCom\\VoipCheapCom.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"C:\\Program Files\\KONAMI\\Pro Evolution Soccer 2008\\BIHPL.exe"=
"C:\\Program Files\\KONAMI\\Pro Evolution Soccer 2008\\PES2008.exe"=
"C:\\Program Files\\Skype\\Phone\\Skype.exe"=

R0 iastor78;iastor78;C:\WINDOWS\system32\drivers\iastor78.sys [2008-06-08 20:09]
R3 Bdfndisf;BitDefender Firewall NDIS Filter Service;C:\WINDOWS\system32\DRIVERS\bdfndisf.sys [2008-07-19 10:13]
R3 usnjsvc;Messenger Sharing Folders USN Journal Reader service;C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 11:31]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bdx REG_MULTI_SZ scan
.
- - - - ORPHANS REMOVED - - - -

BHO-{a37b3779-e4f3-424c-a495-a60ea8063476} - C:\WINDOWS\system32\RichVideoCodec.dll


.
------- Supplementary Scan -------
.
R0 -: HKCU-Main,Start Page = [Link mogu videti samo ulogovani korisnici]
R0 -: HKCU-Main,Search Page = [Link mogu videti samo ulogovani korisnici]
R0 -: HKCU-Main,Search Bar = [Link mogu videti samo ulogovani korisnici]
R0 -: HKLM-Main,Default_Search_URL = [Link mogu videti samo ulogovani korisnici]
R0 -: HKCU-Search,SearchAssistant = [Link mogu videti samo ulogovani korisnici]
R1 -: HKCU-SearchURL,(Default) = [Link mogu videti samo ulogovani korisnici]
R0 -: HKLM-Search,SearchAssistant = [Link mogu videti samo ulogovani korisnici]
O8 -: I&zvoz u Microsoft Excel - C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 -: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
.

**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, [Link mogu videti samo ulogovani korisnici]
Rootkit scan 2008-08-31 22:33:56
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\Common Files\BitDefender\BitDefender Communicator\xcommsvr.exe
C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe
C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
C:\WINDOWS\system32\wscntfy.exe
.
**************************************************************************
.
Completion time: 2008-08-31 22:37:08 - machine was rebooted
ComboFix-quarantined-files.txt 2008-08-31 20:37:04

Pre-Run: 17,359,507,456 bytes free
Post-Run: 18,689,560,576 bytes free

259 --- E O F --- 2008-08-17 09:51:19

Poslao: 31 Avg 2008 23:13
Idi na vrh
offline
  • dr_Bora  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 24 Jul 2007
  • Poruke: 12280
  • Gde živiš: Höganäs, SE

Ništa maliciozno (sem tragova ranije infekcije koji su obrisani).

Preostaje da odradiš sledeće:

Klikni START a zatim RUN
U liniju za unos teksta ukucaj Combofix /u i klikni OK





Sačekaj da se proces deinstalacije završi
Gornja procedura će:
Obrisati sledeće:
ComboFix i njegove file-ove i foldere
VundoFix Backups folder, ako postoji
C:\Deckard folder, ako postoji
C:\OtMoveIt folder, ako postoji
Resetovati podešavanja sata na kompjuteru
Sakriti ekstenzije file-ova, ako je potrebno
Sakriti sistemske/skrivene file-ove/foldere, ako je potrebno
Resetovati System Restore

To je sve...

Poslao: 31 Avg 2008 23:27
Idi na vrh
offline
  • Pridružio: 28 Jun 2008
  • Poruke: 61

Hvala! Puno pozdrava!

MyCity » Ambulanta -> Arhiva Ambulante » Provjera PC-a

Ko je trenutno na forumu
 

Ukupno su 1044 korisnika na forumu :: 94 registrovanih, 12 sakrivenih i 938 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 15694 - dana 01 Feb 2026 12:23

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: -Max-, 357magnum, 9k38, A.R.Chafee.Jr., ajo baba, aleksamaki, Alexa77, Apok, Avalon015, bbogdan, bigvlada, Bo96, Bobrock1, Bojan198527, bojan_t, Boris BM, BrcakRS, Ca6otep, CCCP, CikaKURE, Citalac, Comisa, delboy, djonsule, draganl, Dukelander, dunavzed, g_g, Georgius, Gogi_avio, goxin, hyla, Jozo74, kaisarevic1, Kajzer Soze, kihot, Knovakov, koom0001, kybonacci, laki_bb, larix, laurusri, Levi, Lieutenant, ljubsz, M74AB3, Marija88, Marko Marković, MarkoW, marsovac 2, mat, metallac777, milenko crazy north, neko iz mase, nobutado, obsc, operniki, ozzy, pceklic, pedja.st, peraklio, pixi, Prečanin30, procesor, proka89, raso76, Remain, rodoljub, royst33, sap, shota91, singa, skok, Sky diver 29, sluga, Sone1983, SOVO515, sspp, stegonosa, Tas011, Topaz9, TTN, Tumansky, US_Rank_0, Vanderx, vidra boy, Vilhelmus, VJ, W123, x011, zeka013, zubri, 79693, 3791744032