MyCity » Ambulanta -> Arhiva Ambulante » avira nalazi trojanca

avira nalazi trojanca

Napisano na dan: 8.12.2009

avira nalazi trojanca
Sledeća strana Pagination

Idi na vrh

Poslao: 08 Dec 2009 10:17
Idi na vrh
offline
  • Pridružio: 17 Maj 2008
  • Poruke: 442
  • Gde živiš: Torak City

Avira mi nalazi na sledecim lokacijama tojance

C:\Windows\cmsetac.dll

C:\Windows\ntdtcstp.dll

probao sam sve opcije u aviri ali nista nije pomoglo evo i logova:


DDS (Ver_09-12-01.01) - NTFSx86
Run by Nikitovic at 10:10:11,21 on uto 08.12.2009
Internet Explorer: 8.0.7600.16385 BrowserJavaVersion: 1.6.0_17
Microsoft Windows 7 Ultimate 6.1.7600.0.1252.1.1033.18.2046.1367 [GMT 1:00]


============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\nvvsvc.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\RTHDCPL.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\mstwain32.exe
C:\Users\Nikitovic\Desktop\0in6m5fo.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Nikitovic\Desktop\dds.com
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.google.rs/
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO: BitComet Helper: {39f7e362-828a-4b5a-bcaf-5b79bfdfea60} - c:\program files\bitcomet\tools\BitCometBHO_1.3.3.2.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
uRun: [mstwain32] c:\windows\mstwain32.exe
mRun: [RTHDCPL] RTHDCPL.EXE
mRun: [Alcmtr] ALCMTR.EXE
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
mRun: [avgnt] "c:\program files\avira\antivir desktop\avgnt.exe" /min
mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: PromptOnSecureDesktop = 0 (0x0)
IE: &D&ownload &with BitComet - c:\program files\bitcomet\BitComet.exe/AddLink.htm
IE: &D&ownload all video with BitComet - c:\program files\bitcomet\BitComet.exe/AddVideo.htm
IE: &D&ownload all with BitComet - c:\program files\bitcomet\BitComet.exe/AddAllLink.htm
IE: E&xport to Microsoft Excel - c:\progra~1\micros~4\office11\EXCEL.EXE/3000
IE: {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://c:\program files\bitcomet\tools\BitCometBHO_1.3.3.2.dll/206
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
TCP: {7C239371-D6FD-4EB9-AD28-2A8A2F06AE99} = 10.24.4.1
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL

================= FIREFOX ===================

FF - ProfilePath - c:\users\nikito~1\appdata\roaming\mozilla\firefox\profiles\zjytb4vy.default\
FF - prefs.js: browser.startup.homepage - www.google.rs
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}

---- FIREFOX POLICIES ----
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);

============= SERVICES / DRIVERS ===============

R1 avgio;avgio;c:\program files\avira\antivir desktop\avgio.sys [2009-11-15 11608]
R1 VWiFiFlt;Virtual WiFi Filter Driver;c:\windows\system32\drivers\vwififlt.sys [2009-7-14 48128]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\avira\antivir desktop\sched.exe [2009-11-15 108289]
R2 AntiVirService;Avira AntiVir Guard;c:\program files\avira\antivir desktop\avguard.exe [2009-11-15 185089]
R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgntflt.sys [2009-11-15 56816]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\nvidia corporation\3d vision\nvSCPAPISvr.exe [2009-9-27 240232]
R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
R3 rt61x86;RT61 Extensible Wireless Driver;c:\windows\system32\drivers\netr61.sys [2009-6-2 368128]
R3 VMUVC;Vimicro Camera Service VMUVC;c:\windows\system32\drivers\VMUVC.sys [2009-11-13 248448]
R3 vvftUVC;Vimicro Camera Filter Service VMUVC;c:\windows\system32\drivers\vvftUVC.sys [2009-11-13 476032]
S2 PEVSystemStart;PEVSystemStart;"c:\combofix\pev.cfxxe" exec /i "c:\combofix\hidec.exe" "c:\combofix\swreg.exe" acl "hkey_local_machine\system\currentcontrolset\enum\root\legacy_beep" /reset /q --> c:\combofix\PEV.cfxxe [?]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\drivers\vwifimp.sys [2009-7-14 14336]

=============== Created Last 30 ================

2009-12-08 06:09:44 7168 ----a-w- c:\windows\ntdtcstp.dll
2009-12-07 10:03:16 77312 ----a-w- c:\windows\MBR.exe
2009-12-07 10:03:15 98816 ----a-w- c:\windows\sed.exe
2009-12-07 10:03:15 260608 ----a-w- c:\windows\PEV.exe
2009-12-07 10:03:15 161792 ----a-w- c:\windows\SWREG.exe
2009-12-07 09:55:10 0 d-----w- c:\program files\PravoslavniK 2010
2009-12-07 05:42:13 33280 ----a-w- c:\windows\cmsetac.dll
2009-12-06 22:19:37 0 d-----w- c:\program files\Unlocker
2009-12-06 22:04:31 0 d-----w- c:\program files\WonderWebWare CSS Menu Generator
2009-12-04 18:34:34 332048 ----a-w- C:\AnalysisLog.sr0
2009-12-04 18:33:26 0 d-sh--w- c:\programdata\SecuROM
2009-12-04 15:45:05 0 d-----w- c:\windows\D56B0E274A3E46C9B5C1D93D580C099C.TMP
2009-12-03 16:11:04 268048 ----a-w- c:\windows\system32\dxtmeta2.dll
2009-12-02 14:21:26 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2009-11-27 10:43:18 0 d-----w- c:\program files\avijoin
2009-11-27 10:27:24 0 d---a-w- c:\programdata\TEMP
2009-11-20 11:21:22 0 d-----w- c:\users\nikito~1\appdata\roaming\Ubisoft
2009-11-20 11:17:24 69448 ----a-w- c:\windows\system32\XAPOFX1_3.dll
2009-11-20 11:17:24 517448 ----a-w- c:\windows\system32\XAudio2_4.dll
2009-11-20 11:17:24 453456 ----a-w- c:\windows\system32\d3dx10_41.dll
2009-11-20 11:17:24 4178264 ----a-w- c:\windows\system32\D3DX9_41.dll
2009-11-20 11:17:24 235352 ----a-w- c:\windows\system32\xactengine3_4.dll
2009-11-20 11:17:24 22360 ----a-w- c:\windows\system32\X3DAudio1_6.dll
2009-11-20 11:17:24 1846632 ----a-w- c:\windows\system32\D3DCompiler_41.dll
2009-11-20 11:17:23 452440 ----a-w- c:\windows\system32\d3dx10_40.dll
2009-11-20 11:17:23 4379984 ----a-w- c:\windows\system32\D3DX9_40.dll
2009-11-20 11:17:23 2036576 ----a-w- c:\windows\system32\D3DCompiler_40.dll
2009-11-19 10:44:12 38 ----a-w- c:\windows\avisplitter.INI
2009-11-18 11:36:12 0 d-----w- c:\programdata\Bluetooth
2009-11-18 11:15:17 376 ----a-w- c:\windows\ODBC.INI
2009-11-18 11:14:42 0 d-----w- c:\program files\Microsoft ActiveSync
2009-11-16 09:20:52 179 ----a-w- c:\windows\system32\linktext.dat
2009-11-16 09:20:52 1 ----a-w- c:\windows\system32\update.ini
2009-11-16 09:20:51 80 ----a-w- c:\windows\system32\link.dat
2009-11-16 09:20:51 557 ----a-w- c:\windows\system32\radio.dat
2009-11-16 09:20:51 1143 ----a-w- c:\windows\system32\url.dat
2009-11-15 22:11:00 116 ----a-w- c:\windows\NeroDigital.ini
2009-11-15 21:47:10 257024 ----a-w- c:\windows\system32\msv1_0.dll
2009-11-15 21:41:23 728648 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2009-11-15 21:41:22 71168 ----a-w- c:\windows\system32\fontsub.dll
2009-11-15 21:41:22 507568 ----a-w- c:\windows\system32\winload.exe
2009-11-15 21:41:22 2613248 ----a-w- c:\windows\explorer.exe
2009-11-15 21:41:22 1320960 ----a-w- c:\windows\system32\CertEnroll.dll
2009-11-15 21:41:21 442920 ----a-w- c:\windows\system32\winresume.exe
2009-11-15 21:41:21 293888 ----a-w- c:\windows\system32\atmfd.dll
2009-11-15 21:41:21 108544 ----a-w- c:\windows\system32\t2embed.dll
2009-11-15 21:41:20 12625408 ----a-w- c:\windows\system32\wmploc.DLL
2009-11-15 21:40:09 34816 ----a-w- c:\windows\system32\msasn1.dll
2009-11-15 17:41:50 5888 ------w- c:\windows\system32\drivers\imagedrv.sys
2009-11-15 17:41:50 127488 ------w- c:\windows\system32\drivers\imagesrv.sys
2009-11-15 17:41:36 476320 ------w- c:\windows\system32\ImagXpr7.dll
2009-11-15 17:41:36 471040 ------w- c:\windows\system32\ImagXRA7.dll
2009-11-15 17:41:36 364544 ------w- c:\windows\system32\TwnLib4.dll
2009-11-15 17:41:36 262144 ------w- c:\windows\system32\ImagXR7.dll
2009-11-15 17:41:36 1568768 ------w- c:\windows\system32\ImagX7.dll
2009-11-15 17:41:36 155648 ----a-w- c:\windows\system32\NeroCheck.exe
2009-11-15 17:41:36 106496 ----a-w- c:\windows\system32\TwnLib20.dll
2009-11-15 15:36:16 56816 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2009-11-15 13:17:52 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_09_00.Wdf
2009-11-15 09:05:24 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-11-14 20:34:26 65536 ------w- c:\windows\system32\Ikeext.etl
2009-11-14 19:04:06 0 d-----w- c:\programdata\Apple Computer
2009-11-14 19:03:27 0 d-----w- c:\programdata\Apple
2009-11-14 15:38:54 0 d-----w- c:\programdata\KONAMI
2009-11-14 15:00:11 56 ---ha-w- c:\windows\system32\ezsidmv.dat
2009-11-14 14:50:47 0 d-----r- c:\program files\Skype
2009-11-14 14:50:43 0 d-----w- c:\programdata\Skype
2009-11-13 22:03:36 0 d-----w- c:\program files\common files\PX Storage Engine
2009-11-13 21:51:43 111616 ----a-w- c:\windows\mstwain32.exe
2009-11-13 21:50:32 0 d-----w- c:\program files\IVT Corporation
2009-11-13 21:50:30 32 ----a-w- c:\windows\0
2009-11-13 21:50:30 0 ----a-w- c:\windows\system32\0
2009-11-13 21:45:25 0 d-----w- c:\program files\Vimicro Corporation
2009-11-13 21:45:16 0 d-----w- c:\windows\VMUVC
2009-11-13 21:44:44 476032 ----a-w- c:\windows\system32\drivers\vvftUVC.sys
2009-11-13 21:44:43 94208 ----a-w- c:\windows\system32\VvFtCtrl.dll
2009-11-13 21:44:43 188416 ----a-w- c:\windows\system32\vvftUVC.ax
2009-11-13 21:44:41 98304 ----a-w- c:\windows\system32\VMCtrl.ax
2009-11-13 21:44:41 73728 ----a-w- c:\windows\system32\exvmuvc.ax
2009-11-13 21:44:41 248448 ----a-w- c:\windows\system32\drivers\VMUVC.sys
2009-11-13 21:44:41 11776 ----a-w- c:\windows\system32\VMUVC.dll
2009-11-13 21:44:40 0 d-----w- c:\program files\Vimicro
2009-11-13 18:17:04 0 d-----w- c:\users\nikito~1\appdata\roaming\Haihaisoft PDF Reader
2009-11-13 18:16:39 0 d-----w- c:\program files\Haihaisoft PDF Reader
2009-11-13 17:17:54 0 d-----w- c:\windows\Panther
2009-11-13 15:18:44 0 d-----w- c:\users\nikitovic\Tracing
2009-11-13 15:17:18 0 d-----w- c:\program files\Microsoft
2009-11-13 15:17:00 0 d-----w- c:\program files\Windows Live SkyDrive
2009-11-13 15:16:18 0 d-----w- c:\windows\PCHEALTH
2009-11-13 14:59:54 0 d-----w- c:\program files\common files\Windows Live
2009-11-13 11:51:40 0 d-----w- c:\programdata\Yahoo!
2009-11-13 11:51:35 0 d-----w- c:\program files\Yahoo!
2009-11-13 11:34:18 15867 ----a-w- c:\windows\Blank.ico
2009-11-13 11:13:22 281760 ----a-w- c:\windows\system32\drivers\atksgt.sys
2009-11-13 11:13:21 25888 ----a-w- c:\windows\system32\drivers\lirsgt.sys
2009-11-13 11:13:21 0 d-----w- c:\windows\1C4551A64743409391E41477CD655043.TMP
2009-11-13 10:56:58 0 d-----w- c:\programdata\CyberLink
2009-11-13 10:56:07 0 d-----w- c:\program files\Mv2Player
2009-11-13 10:54:04 0 d-----w- c:\program files\DAEMON Tools Lite
2009-11-13 10:51:28 691696 ----a-w- c:\windows\system32\drivers\sptd.sys
2009-11-13 10:38:00 146650 ----a-w- c:\windows\system32\BuzzingBee.wav
2009-11-13 10:37:59 940794 ----a-w- c:\windows\system32\LoopyMusic.wav
2009-11-13 10:35:12 545 ----a-w- c:\windows\UC.PIF
2009-11-13 10:35:12 545 ----a-w- c:\windows\RAR.PIF
2009-11-13 10:35:12 545 ----a-w- c:\windows\PKZIP.PIF
2009-11-13 10:35:12 545 ----a-w- c:\windows\PKUNZIP.PIF
2009-11-13 10:35:12 545 ----a-w- c:\windows\NOCLOSE.PIF
2009-11-13 10:35:12 545 ----a-w- c:\windows\LHA.PIF
2009-11-13 10:35:12 545 ----a-w- c:\windows\ARJ.PIF
2009-11-13 10:35:11 0 d-----w- c:\users\nikito~1\appdata\roaming\GHISLER
2009-11-13 10:35:11 0 d-----w- C:\totalcmd
2009-11-13 10:31:40 0 d-----w- c:\program files\K-Lite Codec Pack
2009-11-13 10:31:03 0 d-----w- c:\program files\CCleaner
2009-11-13 10:22:02 0 d-----w- c:\program files\VS Revo Group
2009-11-13 10:00:34 0 d-----w- c:\users\nikito~1\appdata\roaming\BSplayer Pro
2009-11-13 10:00:34 0 d-----w- c:\users\nikito~1\appdata\roaming\BSplayer
2009-11-13 10:00:34 0 d-----w- c:\program files\Webteh
2009-11-13 09:58:23 0 d-----w- c:\programdata\Avira
2009-11-13 09:58:23 0 d-----w- c:\program files\Avira
2009-11-13 09:56:42 0 d-----w- c:\users\nikito~1\appdata\roaming\ACD Systems
2009-11-13 09:56:18 0 d-----w- c:\programdata\ACD Systems
2009-11-13 09:56:15 0 d-----w- c:\program files\common files\ACD Systems
2009-11-13 09:56:15 0 d-----w- c:\program files\ACD Systems
2009-11-13 09:52:33 0 d-----w- C:\Downloads
2009-11-13 09:52:16 0 d-----w- c:\program files\BitComet
2009-11-13 09:28:54 195456 ------w- c:\windows\system32\MpSigStub.exe
2009-11-13 08:56:10 0 d-----w- c:\program files\GIGABYTE
2009-11-13 08:50:49 0 d-----w- c:\program files\NVIDIA Corporation
2009-11-13 08:50:38 0 d-----w- c:\programdata\NVIDIA
2009-11-13 08:50:06 0 d-----w- c:\windows\system32\AGEIA
2009-11-13 08:50:00 0 d-sh--w- c:\windows\Installer
2009-11-13 08:49:57 0 d-----w- c:\program files\common files\Wise Installation Wizard
2009-11-13 08:49:54 490088 ----a-w- c:\windows\system32\nvuninst.exe
2009-11-13 08:49:27 0 d-----w- C:\NVIDIA
2009-11-13 08:42:09 69632 ----a-w- c:\windows\ALCMTR.EXE
2009-11-13 08:42:06 9691136 ----a-w- c:\windows\RTLCPL.exe
2009-11-13 08:42:06 90112 ----a-w- c:\windows\SoundMan.exe
2009-11-13 08:42:06 40960 ------w- c:\windows\system32\ChCfg.exe
2009-11-13 08:42:06 294912 ----a-w- c:\windows\system32\ALSndMgr.Cpl
2009-11-13 08:42:06 2803712 ----a-w- c:\windows\alcwzrd.exe
2009-11-13 08:42:06 262144 ----a-w- c:\windows\system32\RTSndMgr.Cpl
2009-11-13 08:42:06 2547008 ----a-w- c:\windows\system32\drivers\RtkHDAud.Sys
2009-11-13 08:42:06 156672 ----a-w- c:\windows\system32\RtlCPAPI.dll
2009-11-13 08:42:06 14202368 ----a-w- c:\windows\RTHDCPL.exe
2009-11-13 08:42:06 0 d-----w- c:\windows\system32\RTCOM
2009-11-13 08:41:53 0 d-----w- c:\program files\Realtek
2009-11-13 08:41:50 192512 ------w- c:\windows\RtlExUpd.dll
2009-11-13 08:31:56 713888 ----a-w- c:\windows\system32\PerfStringBackup.INI
2009-11-13 08:31:43 0 d-----w- c:\windows\system32\wbem\Performance

==================== Find3M ====================

2009-09-27 16:47:30 2173544 ----a-w- c:\windows\system32\nvcplui.exe
2009-09-27 16:47:00 92776 ----a-w- c:\windows\system32\nvmctray.dll
2009-09-27 16:47:00 805480 ----a-w- c:\windows\system32\nvsvc.dll
2009-09-27 16:47:00 4033128 ----a-w- c:\windows\system32\nvvitvs.dll
2009-09-27 16:47:00 3553896 ----a-w- c:\windows\system32\nvgames.dll
2009-09-27 16:47:00 3172968 ----a-w- c:\windows\system32\nvwss.dll
2009-09-27 16:47:00 215656 ----a-w- c:\windows\system32\nvvsvc.exe
2009-09-27 16:47:00 195176 ----a-w- c:\windows\system32\nvmccss.dll
2009-09-27 16:47:00 150120 ----a-w- c:\windows\system32\nvshext.dll
2009-09-27 16:47:00 1309288 ----a-w- c:\windows\system32\nvsvs.dll
2009-09-27 16:47:00 1292904 ----a-w- c:\windows\system32\nvmobls.dll
2009-09-27 16:46:00 4942440 ----a-w- c:\windows\system32\nvdisps.dll
2009-09-27 16:46:00 13949544 ----a-w- c:\windows\system32\nvcpl.dll
2009-07-14 04:56:42 31548 ----a-w- c:\windows\inf\perflib\0409\perfd.dat
2009-07-14 04:56:42 31548 ----a-w- c:\windows\inf\perflib\0409\perfc.dat
2009-07-14 04:56:42 291294 ----a-w- c:\windows\inf\perflib\0409\perfi.dat
2009-07-14 04:56:42 291294 ----a-w- c:\windows\inf\perflib\0409\perfh.dat
2009-07-14 04:41:57 174 --sha-w- c:\program files\desktop.ini
2009-07-14 00:34:40 291294 ----a-w- c:\windows\inf\perflib\0000\perfi.dat
2009-07-14 00:34:40 291294 ----a-w- c:\windows\inf\perflib\0000\perfh.dat
2009-07-14 00:34:38 31548 ----a-w- c:\windows\inf\perflib\0000\perfd.dat
2009-07-14 00:34:38 31548 ----a-w- c:\windows\inf\perflib\0000\perfc.dat
2009-06-10 21:26:35 9633792 --sha-r- c:\windows\fonts\StaticCache.dat
2009-07-14 01:14:45 396800 --sha-w- c:\windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_f12e83abb108c86c\WinMail.exe

============= FINISH: 10:10:39,44 ===============

https://www.mycity.rs/must-login.png


https://www.mycity.rs/must-login.png

https://www.mycity.rs/must-login.png

https://www.mycity.rs/must-login.png

Poslao: 08 Dec 2009 18:16
Idi na vrh
offline
  • diarno  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 15 Jun 2007
  • Poruke: 5572

Preuzmi AVZ Antiviral Toolkit sa sledećeg linka :

http://devbuilds.kaspersky-labs.com/devbuilds/AVZ/avz4.zip


Raspakuj arhivu u neki folder (uputstvo), a zatim:
pokreni AVZ (dvoklikom na ikonicu);

u meniju izaberi File > Custom Scripts;

u prozor koji se otvori iskopiraj sve što se nalazi unutar Kod polja:

begin
SearchRootkit(true, true);
SetAVZGuardStatus(True);
TerminateProcessByName('C:\Windows\mstwain32.exe');
DeleteFile('C:\Windows\mstwain32.exe');
DeleteFile('C:\Windows\cmsetac.dll');
DeleteFile('C:\Windows\ntdtcstp.dll');
RegKeyParamDel('HKEY_CURRENT_USER','Software\Microsoft\Windows\CurrentVersion\Run','mstwain32');
BC_ImportDeletedList;
BC_Activate;
ExecuteSysClean;
RebootWindows(true);
end.


klikni taster Run i sačekaj da se skripta izvrši.

Zatim mi postavi svez DDS log

Poslao: 08 Dec 2009 20:42
Idi na vrh
offline
  • Pridružio: 17 Maj 2008
  • Poruke: 442
  • Gde živiš: Torak City

DDS (Ver_09-12-01.01) - NTFSx86
Run by Nikitovic at 20:39:01,13 on uto 08.12.2009
Internet Explorer: 8.0.7600.16385 BrowserJavaVersion: 1.6.0_17
Microsoft Windows 7 Ultimate 6.1.7600.0.1252.1.1033.18.2046.1443 [GMT 1:00]


============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\RTHDCPL.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Windows\system32\sppsvc.exe
C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\mobsync.exe
C:\Users\Nikitovic\Desktop\dds.com
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.google.rs/
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO: BitComet Helper: {39f7e362-828a-4b5a-bcaf-5b79bfdfea60} - c:\program files\bitcomet\tools\BitCometBHO_1.3.3.2.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
mRun: [RTHDCPL] RTHDCPL.EXE
mRun: [Alcmtr] ALCMTR.EXE
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
mRun: [avgnt] "c:\program files\avira\antivir desktop\avgnt.exe" /min
mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: PromptOnSecureDesktop = 0 (0x0)
IE: &D&ownload &with BitComet - c:\program files\bitcomet\BitComet.exe/AddLink.htm
IE: &D&ownload all video with BitComet - c:\program files\bitcomet\BitComet.exe/AddVideo.htm
IE: &D&ownload all with BitComet - c:\program files\bitcomet\BitComet.exe/AddAllLink.htm
IE: E&xport to Microsoft Excel - c:\progra~1\micros~4\office11\EXCEL.EXE/3000
IE: {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://c:\program files\bitcomet\tools\BitCometBHO_1.3.3.2.dll/206
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
TCP: {7C239371-D6FD-4EB9-AD28-2A8A2F06AE99} = 10.24.4.1
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL

================= FIREFOX ===================

FF - ProfilePath - c:\users\nikito~1\appdata\roaming\mozilla\firefox\profiles\zjytb4vy.default\
FF - prefs.js: browser.startup.homepage - www.google.rs
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}

---- FIREFOX POLICIES ----
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);

============= SERVICES / DRIVERS ===============

R1 avgio;avgio;c:\program files\avira\antivir desktop\avgio.sys [2009-11-15 11608]
R1 VWiFiFlt;Virtual WiFi Filter Driver;c:\windows\system32\drivers\vwififlt.sys [2009-7-14 48128]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\avira\antivir desktop\sched.exe [2009-11-15 108289]
R2 AntiVirService;Avira AntiVir Guard;c:\program files\avira\antivir desktop\avguard.exe [2009-11-15 185089]
R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgntflt.sys [2009-11-15 56816]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\nvidia corporation\3d vision\nvSCPAPISvr.exe [2009-9-27 240232]
R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
R3 rt61x86;RT61 Extensible Wireless Driver;c:\windows\system32\drivers\netr61.sys [2009-6-2 368128]
R3 VMUVC;Vimicro Camera Service VMUVC;c:\windows\system32\drivers\VMUVC.sys [2009-11-13 248448]
R3 vvftUVC;Vimicro Camera Filter Service VMUVC;c:\windows\system32\drivers\vvftUVC.sys [2009-11-13 476032]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\drivers\vwifimp.sys [2009-7-14 14336]
S2 PEVSystemStart;PEVSystemStart;"c:\combofix\pev.cfxxe" exec /i "c:\combofix\hidec.exe" "c:\combofix\swreg.exe" acl "hkey_local_machine\system\currentcontrolset\enum\root\legacy_beep" /reset /q --> c:\combofix\PEV.cfxxe [?]

=============== Created Last 30 ================

2009-12-07 10:03:16 77312 ----a-w- c:\windows\MBR.exe
2009-12-07 10:03:15 98816 ----a-w- c:\windows\sed.exe
2009-12-07 10:03:15 260608 ----a-w- c:\windows\PEV.exe
2009-12-07 10:03:15 161792 ----a-w- c:\windows\SWREG.exe
2009-12-07 09:55:10 0 d-----w- c:\program files\PravoslavniK 2010
2009-12-06 22:19:37 0 d-----w- c:\program files\Unlocker
2009-12-06 22:04:31 0 d-----w- c:\program files\WonderWebWare CSS Menu Generator
2009-12-04 18:34:34 332048 ----a-w- C:\AnalysisLog.sr0
2009-12-04 18:33:26 0 d-sh--w- c:\programdata\SecuROM
2009-12-04 15:45:05 0 d-----w- c:\windows\D56B0E274A3E46C9B5C1D93D580C099C.TMP
2009-12-03 16:11:04 268048 ----a-w- c:\windows\system32\dxtmeta2.dll
2009-12-02 14:21:26 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2009-11-27 10:43:18 0 d-----w- c:\program files\avijoin
2009-11-27 10:27:24 0 d---a-w- c:\programdata\TEMP
2009-11-20 11:21:22 0 d-----w- c:\users\nikito~1\appdata\roaming\Ubisoft
2009-11-20 11:17:24 69448 ----a-w- c:\windows\system32\XAPOFX1_3.dll
2009-11-20 11:17:24 517448 ----a-w- c:\windows\system32\XAudio2_4.dll
2009-11-20 11:17:24 453456 ----a-w- c:\windows\system32\d3dx10_41.dll
2009-11-20 11:17:24 4178264 ----a-w- c:\windows\system32\D3DX9_41.dll
2009-11-20 11:17:24 235352 ----a-w- c:\windows\system32\xactengine3_4.dll
2009-11-20 11:17:24 22360 ----a-w- c:\windows\system32\X3DAudio1_6.dll
2009-11-20 11:17:24 1846632 ----a-w- c:\windows\system32\D3DCompiler_41.dll
2009-11-20 11:17:23 452440 ----a-w- c:\windows\system32\d3dx10_40.dll
2009-11-20 11:17:23 4379984 ----a-w- c:\windows\system32\D3DX9_40.dll
2009-11-20 11:17:23 2036576 ----a-w- c:\windows\system32\D3DCompiler_40.dll
2009-11-19 10:44:12 38 ----a-w- c:\windows\avisplitter.INI
2009-11-18 11:36:12 0 d-----w- c:\programdata\Bluetooth
2009-11-18 11:15:17 376 ----a-w- c:\windows\ODBC.INI
2009-11-18 11:14:42 0 d-----w- c:\program files\Microsoft ActiveSync
2009-11-16 09:20:52 179 ----a-w- c:\windows\system32\linktext.dat
2009-11-16 09:20:52 1 ----a-w- c:\windows\system32\update.ini
2009-11-16 09:20:51 80 ----a-w- c:\windows\system32\link.dat
2009-11-16 09:20:51 557 ----a-w- c:\windows\system32\radio.dat
2009-11-16 09:20:51 1143 ----a-w- c:\windows\system32\url.dat
2009-11-15 22:11:00 116 ----a-w- c:\windows\NeroDigital.ini
2009-11-15 21:47:10 257024 ----a-w- c:\windows\system32\msv1_0.dll
2009-11-15 21:41:23 728648 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2009-11-15 21:41:22 71168 ----a-w- c:\windows\system32\fontsub.dll
2009-11-15 21:41:22 507568 ----a-w- c:\windows\system32\winload.exe
2009-11-15 21:41:22 2613248 ----a-w- c:\windows\explorer.exe
2009-11-15 21:41:22 1320960 ----a-w- c:\windows\system32\CertEnroll.dll
2009-11-15 21:41:21 442920 ----a-w- c:\windows\system32\winresume.exe
2009-11-15 21:41:21 293888 ----a-w- c:\windows\system32\atmfd.dll
2009-11-15 21:41:21 108544 ----a-w- c:\windows\system32\t2embed.dll
2009-11-15 21:41:20 12625408 ----a-w- c:\windows\system32\wmploc.DLL
2009-11-15 21:40:09 34816 ----a-w- c:\windows\system32\msasn1.dll
2009-11-15 17:41:50 5888 ------w- c:\windows\system32\drivers\imagedrv.sys
2009-11-15 17:41:50 127488 ------w- c:\windows\system32\drivers\imagesrv.sys
2009-11-15 17:41:36 476320 ------w- c:\windows\system32\ImagXpr7.dll
2009-11-15 17:41:36 471040 ------w- c:\windows\system32\ImagXRA7.dll
2009-11-15 17:41:36 364544 ------w- c:\windows\system32\TwnLib4.dll
2009-11-15 17:41:36 262144 ------w- c:\windows\system32\ImagXR7.dll
2009-11-15 17:41:36 1568768 ------w- c:\windows\system32\ImagX7.dll
2009-11-15 17:41:36 155648 ----a-w- c:\windows\system32\NeroCheck.exe
2009-11-15 17:41:36 106496 ----a-w- c:\windows\system32\TwnLib20.dll
2009-11-15 15:36:16 56816 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2009-11-15 13:17:52 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_09_00.Wdf
2009-11-15 09:05:24 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-11-14 20:34:26 65536 ------w- c:\windows\system32\Ikeext.etl
2009-11-14 19:04:06 0 d-----w- c:\programdata\Apple Computer
2009-11-14 19:03:27 0 d-----w- c:\programdata\Apple
2009-11-14 15:38:54 0 d-----w- c:\programdata\KONAMI
2009-11-14 15:00:11 56 ---ha-w- c:\windows\system32\ezsidmv.dat
2009-11-14 14:50:47 0 d-----r- c:\program files\Skype
2009-11-14 14:50:43 0 d-----w- c:\programdata\Skype
2009-11-13 22:03:36 0 d-----w- c:\program files\common files\PX Storage Engine
2009-11-13 21:50:32 0 d-----w- c:\program files\IVT Corporation
2009-11-13 21:50:30 32 ----a-w- c:\windows\0
2009-11-13 21:50:30 0 ----a-w- c:\windows\system32\0
2009-11-13 21:45:25 0 d-----w- c:\program files\Vimicro Corporation
2009-11-13 21:45:16 0 d-----w- c:\windows\VMUVC
2009-11-13 21:44:44 476032 ----a-w- c:\windows\system32\drivers\vvftUVC.sys
2009-11-13 21:44:43 94208 ----a-w- c:\windows\system32\VvFtCtrl.dll
2009-11-13 21:44:43 188416 ----a-w- c:\windows\system32\vvftUVC.ax
2009-11-13 21:44:41 98304 ----a-w- c:\windows\system32\VMCtrl.ax
2009-11-13 21:44:41 73728 ----a-w- c:\windows\system32\exvmuvc.ax
2009-11-13 21:44:41 248448 ----a-w- c:\windows\system32\drivers\VMUVC.sys
2009-11-13 21:44:41 11776 ----a-w- c:\windows\system32\VMUVC.dll
2009-11-13 21:44:40 0 d-----w- c:\program files\Vimicro
2009-11-13 18:17:04 0 d-----w- c:\users\nikito~1\appdata\roaming\Haihaisoft PDF Reader
2009-11-13 18:16:39 0 d-----w- c:\program files\Haihaisoft PDF Reader
2009-11-13 17:17:54 0 d-----w- c:\windows\Panther
2009-11-13 15:18:44 0 d-----w- c:\users\nikitovic\Tracing
2009-11-13 15:17:18 0 d-----w- c:\program files\Microsoft
2009-11-13 15:17:00 0 d-----w- c:\program files\Windows Live SkyDrive
2009-11-13 15:16:18 0 d-----w- c:\windows\PCHEALTH
2009-11-13 14:59:54 0 d-----w- c:\program files\common files\Windows Live
2009-11-13 11:51:40 0 d-----w- c:\programdata\Yahoo!
2009-11-13 11:51:35 0 d-----w- c:\program files\Yahoo!
2009-11-13 11:34:18 15867 ----a-w- c:\windows\Blank.ico
2009-11-13 11:13:22 281760 ----a-w- c:\windows\system32\drivers\atksgt.sys
2009-11-13 11:13:21 25888 ----a-w- c:\windows\system32\drivers\lirsgt.sys
2009-11-13 11:13:21 0 d-----w- c:\windows\1C4551A64743409391E41477CD655043.TMP
2009-11-13 10:56:58 0 d-----w- c:\programdata\CyberLink
2009-11-13 10:56:07 0 d-----w- c:\program files\Mv2Player
2009-11-13 10:54:04 0 d-----w- c:\program files\DAEMON Tools Lite
2009-11-13 10:51:28 691696 ----a-w- c:\windows\system32\drivers\sptd.sys
2009-11-13 10:38:00 146650 ----a-w- c:\windows\system32\BuzzingBee.wav
2009-11-13 10:37:59 940794 ----a-w- c:\windows\system32\LoopyMusic.wav
2009-11-13 10:35:12 545 ----a-w- c:\windows\UC.PIF
2009-11-13 10:35:12 545 ----a-w- c:\windows\RAR.PIF
2009-11-13 10:35:12 545 ----a-w- c:\windows\PKZIP.PIF
2009-11-13 10:35:12 545 ----a-w- c:\windows\PKUNZIP.PIF
2009-11-13 10:35:12 545 ----a-w- c:\windows\NOCLOSE.PIF
2009-11-13 10:35:12 545 ----a-w- c:\windows\LHA.PIF
2009-11-13 10:35:12 545 ----a-w- c:\windows\ARJ.PIF
2009-11-13 10:35:11 0 d-----w- c:\users\nikito~1\appdata\roaming\GHISLER
2009-11-13 10:35:11 0 d-----w- C:\totalcmd
2009-11-13 10:31:40 0 d-----w- c:\program files\K-Lite Codec Pack
2009-11-13 10:31:03 0 d-----w- c:\program files\CCleaner
2009-11-13 10:22:02 0 d-----w- c:\program files\VS Revo Group
2009-11-13 10:00:34 0 d-----w- c:\users\nikito~1\appdata\roaming\BSplayer Pro
2009-11-13 10:00:34 0 d-----w- c:\users\nikito~1\appdata\roaming\BSplayer
2009-11-13 10:00:34 0 d-----w- c:\program files\Webteh
2009-11-13 09:58:23 0 d-----w- c:\programdata\Avira
2009-11-13 09:58:23 0 d-----w- c:\program files\Avira
2009-11-13 09:56:42 0 d-----w- c:\users\nikito~1\appdata\roaming\ACD Systems
2009-11-13 09:56:18 0 d-----w- c:\programdata\ACD Systems
2009-11-13 09:56:15 0 d-----w- c:\program files\common files\ACD Systems
2009-11-13 09:56:15 0 d-----w- c:\program files\ACD Systems
2009-11-13 09:52:33 0 d-----w- C:\Downloads
2009-11-13 09:52:16 0 d-----w- c:\program files\BitComet
2009-11-13 09:28:54 195456 ------w- c:\windows\system32\MpSigStub.exe
2009-11-13 08:56:10 0 d-----w- c:\program files\GIGABYTE
2009-11-13 08:50:49 0 d-----w- c:\program files\NVIDIA Corporation
2009-11-13 08:50:38 0 d-----w- c:\programdata\NVIDIA
2009-11-13 08:50:06 0 d-----w- c:\windows\system32\AGEIA
2009-11-13 08:50:00 0 d-sh--w- c:\windows\Installer
2009-11-13 08:49:57 0 d-----w- c:\program files\common files\Wise Installation Wizard
2009-11-13 08:49:54 490088 ----a-w- c:\windows\system32\nvuninst.exe
2009-11-13 08:49:27 0 d-----w- C:\NVIDIA
2009-11-13 08:42:09 69632 ----a-w- c:\windows\ALCMTR.EXE
2009-11-13 08:42:06 9691136 ----a-w- c:\windows\RTLCPL.exe
2009-11-13 08:42:06 90112 ----a-w- c:\windows\SoundMan.exe
2009-11-13 08:42:06 40960 ------w- c:\windows\system32\ChCfg.exe
2009-11-13 08:42:06 294912 ----a-w- c:\windows\system32\ALSndMgr.Cpl
2009-11-13 08:42:06 2803712 ----a-w- c:\windows\alcwzrd.exe
2009-11-13 08:42:06 262144 ----a-w- c:\windows\system32\RTSndMgr.Cpl
2009-11-13 08:42:06 2547008 ----a-w- c:\windows\system32\drivers\RtkHDAud.Sys
2009-11-13 08:42:06 156672 ----a-w- c:\windows\system32\RtlCPAPI.dll
2009-11-13 08:42:06 14202368 ----a-w- c:\windows\RTHDCPL.exe
2009-11-13 08:42:06 0 d-----w- c:\windows\system32\RTCOM
2009-11-13 08:41:53 0 d-----w- c:\program files\Realtek
2009-11-13 08:41:50 192512 ------w- c:\windows\RtlExUpd.dll
2009-11-13 08:31:56 713888 ----a-w- c:\windows\system32\PerfStringBackup.INI
2009-11-13 08:31:43 0 d-----w- c:\windows\system32\wbem\Performance

==================== Find3M ====================

2009-09-27 16:47:30 2173544 ----a-w- c:\windows\system32\nvcplui.exe
2009-09-27 16:47:00 92776 ----a-w- c:\windows\system32\nvmctray.dll
2009-09-27 16:47:00 805480 ----a-w- c:\windows\system32\nvsvc.dll
2009-09-27 16:47:00 4033128 ----a-w- c:\windows\system32\nvvitvs.dll
2009-09-27 16:47:00 3553896 ----a-w- c:\windows\system32\nvgames.dll
2009-09-27 16:47:00 3172968 ----a-w- c:\windows\system32\nvwss.dll
2009-09-27 16:47:00 215656 ----a-w- c:\windows\system32\nvvsvc.exe
2009-09-27 16:47:00 195176 ----a-w- c:\windows\system32\nvmccss.dll
2009-09-27 16:47:00 150120 ----a-w- c:\windows\system32\nvshext.dll
2009-09-27 16:47:00 1309288 ----a-w- c:\windows\system32\nvsvs.dll
2009-09-27 16:47:00 1292904 ----a-w- c:\windows\system32\nvmobls.dll
2009-09-27 16:46:00 4942440 ----a-w- c:\windows\system32\nvdisps.dll
2009-09-27 16:46:00 13949544 ----a-w- c:\windows\system32\nvcpl.dll
2009-07-14 04:56:42 31548 ----a-w- c:\windows\inf\perflib\0409\perfd.dat
2009-07-14 04:56:42 31548 ----a-w- c:\windows\inf\perflib\0409\perfc.dat
2009-07-14 04:56:42 291294 ----a-w- c:\windows\inf\perflib\0409\perfi.dat
2009-07-14 04:56:42 291294 ----a-w- c:\windows\inf\perflib\0409\perfh.dat
2009-07-14 04:41:57 174 --sha-w- c:\program files\desktop.ini
2009-07-14 00:34:40 291294 ----a-w- c:\windows\inf\perflib\0000\perfi.dat
2009-07-14 00:34:40 291294 ----a-w- c:\windows\inf\perflib\0000\perfh.dat
2009-07-14 00:34:38 31548 ----a-w- c:\windows\inf\perflib\0000\perfd.dat
2009-07-14 00:34:38 31548 ----a-w- c:\windows\inf\perflib\0000\perfc.dat
2009-06-10 21:26:35 9633792 --sha-r- c:\windows\fonts\StaticCache.dat
2009-07-14 01:14:45 396800 --sha-w- c:\windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_f12e83abb108c86c\WinMail.exe

============= FINISH: 20:39:42,68 ===============


evo svez DDS log avira ne prijavljuje nista tako da mislim da je resen problem hvala Ziveli

Poslao: 08 Dec 2009 21:58
Idi na vrh
offline
  • diarno  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 15 Jun 2007
  • Poruke: 5572

To bi bilo to ..pozzz Wink

MyCity » Ambulanta -> Arhiva Ambulante » avira nalazi trojanca

Ko je trenutno na forumu
 

Ukupno su 1021 korisnika na forumu :: 38 registrovanih, 8 sakrivenih i 975 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: 9k38, ajo baba, Apok, Ben Roj, bojanM84, Bokiboks, Boris BM, BORUTUS, crnitrn, dane007, debeli, Denaya, Dorcolac, DragoslavS, drimer, dushan, FOX, Frunze, gasha, ikan, maiden6657, Marko Marković, Mercury, Metanoja, milanovic, Mixelotti, mocnijogurt, mrav pesadinac, ObelixSRB, procesor, radoznao, sevenino, sokars, stankolich, vathra, wizzardone, x9, šumar bk2