MyCity » Ambulanta -> Arhiva Ambulante » avira nalazi trojanca

avira nalazi trojanca

Napisano na dan: 8.12.2009

avira nalazi trojanca
Sledeća strana Pagination

Idi na vrh

Poslao: 08 Dec 2009 10:17
Idi na vrh
offline
  • Pridružio: 17 Maj 2008
  • Poruke: 442
  • Gde živiš: Torak City

Avira mi nalazi na sledecim lokacijama tojance

C:\Windows\cmsetac.dll

C:\Windows\ntdtcstp.dll

probao sam sve opcije u aviri ali nista nije pomoglo evo i logova:


DDS (Ver_09-12-01.01) - NTFSx86
Run by Nikitovic at 10:10:11,21 on uto 08.12.2009
Internet Explorer: 8.0.7600.16385 BrowserJavaVersion: 1.6.0_17
Microsoft Windows 7 Ultimate 6.1.7600.0.1252.1.1033.18.2046.1367 [GMT 1:00]


============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\nvvsvc.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\RTHDCPL.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\mstwain32.exe
C:\Users\Nikitovic\Desktop\0in6m5fo.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Nikitovic\Desktop\dds.com
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.google.rs/
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO: BitComet Helper: {39f7e362-828a-4b5a-bcaf-5b79bfdfea60} - c:\program files\bitcomet\tools\BitCometBHO_1.3.3.2.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
uRun: [mstwain32] c:\windows\mstwain32.exe
mRun: [RTHDCPL] RTHDCPL.EXE
mRun: [Alcmtr] ALCMTR.EXE
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
mRun: [avgnt] "c:\program files\avira\antivir desktop\avgnt.exe" /min
mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: PromptOnSecureDesktop = 0 (0x0)
IE: &D&ownload &with BitComet - c:\program files\bitcomet\BitComet.exe/AddLink.htm
IE: &D&ownload all video with BitComet - c:\program files\bitcomet\BitComet.exe/AddVideo.htm
IE: &D&ownload all with BitComet - c:\program files\bitcomet\BitComet.exe/AddAllLink.htm
IE: E&xport to Microsoft Excel - c:\progra~1\micros~4\office11\EXCEL.EXE/3000
IE: {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://c:\program files\bitcomet\tools\BitCometBHO_1.3.3.2.dll/206
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
TCP: {7C239371-D6FD-4EB9-AD28-2A8A2F06AE99} = 10.24.4.1
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL

================= FIREFOX ===================

FF - ProfilePath - c:\users\nikito~1\appdata\roaming\mozilla\firefox\profiles\zjytb4vy.default\
FF - prefs.js: browser.startup.homepage - www.google.rs
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}

---- FIREFOX POLICIES ----
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);

============= SERVICES / DRIVERS ===============

R1 avgio;avgio;c:\program files\avira\antivir desktop\avgio.sys [2009-11-15 11608]
R1 VWiFiFlt;Virtual WiFi Filter Driver;c:\windows\system32\drivers\vwififlt.sys [2009-7-14 48128]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\avira\antivir desktop\sched.exe [2009-11-15 108289]
R2 AntiVirService;Avira AntiVir Guard;c:\program files\avira\antivir desktop\avguard.exe [2009-11-15 185089]
R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgntflt.sys [2009-11-15 56816]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\nvidia corporation\3d vision\nvSCPAPISvr.exe [2009-9-27 240232]
R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
R3 rt61x86;RT61 Extensible Wireless Driver;c:\windows\system32\drivers\netr61.sys [2009-6-2 368128]
R3 VMUVC;Vimicro Camera Service VMUVC;c:\windows\system32\drivers\VMUVC.sys [2009-11-13 248448]
R3 vvftUVC;Vimicro Camera Filter Service VMUVC;c:\windows\system32\drivers\vvftUVC.sys [2009-11-13 476032]
S2 PEVSystemStart;PEVSystemStart;"c:\combofix\pev.cfxxe" exec /i "c:\combofix\hidec.exe" "c:\combofix\swreg.exe" acl "hkey_local_machine\system\currentcontrolset\enum\root\legacy_beep" /reset /q --> c:\combofix\PEV.cfxxe [?]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\drivers\vwifimp.sys [2009-7-14 14336]

=============== Created Last 30 ================

2009-12-08 06:09:44 7168 ----a-w- c:\windows\ntdtcstp.dll
2009-12-07 10:03:16 77312 ----a-w- c:\windows\MBR.exe
2009-12-07 10:03:15 98816 ----a-w- c:\windows\sed.exe
2009-12-07 10:03:15 260608 ----a-w- c:\windows\PEV.exe
2009-12-07 10:03:15 161792 ----a-w- c:\windows\SWREG.exe
2009-12-07 09:55:10 0 d-----w- c:\program files\PravoslavniK 2010
2009-12-07 05:42:13 33280 ----a-w- c:\windows\cmsetac.dll
2009-12-06 22:19:37 0 d-----w- c:\program files\Unlocker
2009-12-06 22:04:31 0 d-----w- c:\program files\WonderWebWare CSS Menu Generator
2009-12-04 18:34:34 332048 ----a-w- C:\AnalysisLog.sr0
2009-12-04 18:33:26 0 d-sh--w- c:\programdata\SecuROM
2009-12-04 15:45:05 0 d-----w- c:\windows\D56B0E274A3E46C9B5C1D93D580C099C.TMP
2009-12-03 16:11:04 268048 ----a-w- c:\windows\system32\dxtmeta2.dll
2009-12-02 14:21:26 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2009-11-27 10:43:18 0 d-----w- c:\program files\avijoin
2009-11-27 10:27:24 0 d---a-w- c:\programdata\TEMP
2009-11-20 11:21:22 0 d-----w- c:\users\nikito~1\appdata\roaming\Ubisoft
2009-11-20 11:17:24 69448 ----a-w- c:\windows\system32\XAPOFX1_3.dll
2009-11-20 11:17:24 517448 ----a-w- c:\windows\system32\XAudio2_4.dll
2009-11-20 11:17:24 453456 ----a-w- c:\windows\system32\d3dx10_41.dll
2009-11-20 11:17:24 4178264 ----a-w- c:\windows\system32\D3DX9_41.dll
2009-11-20 11:17:24 235352 ----a-w- c:\windows\system32\xactengine3_4.dll
2009-11-20 11:17:24 22360 ----a-w- c:\windows\system32\X3DAudio1_6.dll
2009-11-20 11:17:24 1846632 ----a-w- c:\windows\system32\D3DCompiler_41.dll
2009-11-20 11:17:23 452440 ----a-w- c:\windows\system32\d3dx10_40.dll
2009-11-20 11:17:23 4379984 ----a-w- c:\windows\system32\D3DX9_40.dll
2009-11-20 11:17:23 2036576 ----a-w- c:\windows\system32\D3DCompiler_40.dll
2009-11-19 10:44:12 38 ----a-w- c:\windows\avisplitter.INI
2009-11-18 11:36:12 0 d-----w- c:\programdata\Bluetooth
2009-11-18 11:15:17 376 ----a-w- c:\windows\ODBC.INI
2009-11-18 11:14:42 0 d-----w- c:\program files\Microsoft ActiveSync
2009-11-16 09:20:52 179 ----a-w- c:\windows\system32\linktext.dat
2009-11-16 09:20:52 1 ----a-w- c:\windows\system32\update.ini
2009-11-16 09:20:51 80 ----a-w- c:\windows\system32\link.dat
2009-11-16 09:20:51 557 ----a-w- c:\windows\system32\radio.dat
2009-11-16 09:20:51 1143 ----a-w- c:\windows\system32\url.dat
2009-11-15 22:11:00 116 ----a-w- c:\windows\NeroDigital.ini
2009-11-15 21:47:10 257024 ----a-w- c:\windows\system32\msv1_0.dll
2009-11-15 21:41:23 728648 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2009-11-15 21:41:22 71168 ----a-w- c:\windows\system32\fontsub.dll
2009-11-15 21:41:22 507568 ----a-w- c:\windows\system32\winload.exe
2009-11-15 21:41:22 2613248 ----a-w- c:\windows\explorer.exe
2009-11-15 21:41:22 1320960 ----a-w- c:\windows\system32\CertEnroll.dll
2009-11-15 21:41:21 442920 ----a-w- c:\windows\system32\winresume.exe
2009-11-15 21:41:21 293888 ----a-w- c:\windows\system32\atmfd.dll
2009-11-15 21:41:21 108544 ----a-w- c:\windows\system32\t2embed.dll
2009-11-15 21:41:20 12625408 ----a-w- c:\windows\system32\wmploc.DLL
2009-11-15 21:40:09 34816 ----a-w- c:\windows\system32\msasn1.dll
2009-11-15 17:41:50 5888 ------w- c:\windows\system32\drivers\imagedrv.sys
2009-11-15 17:41:50 127488 ------w- c:\windows\system32\drivers\imagesrv.sys
2009-11-15 17:41:36 476320 ------w- c:\windows\system32\ImagXpr7.dll
2009-11-15 17:41:36 471040 ------w- c:\windows\system32\ImagXRA7.dll
2009-11-15 17:41:36 364544 ------w- c:\windows\system32\TwnLib4.dll
2009-11-15 17:41:36 262144 ------w- c:\windows\system32\ImagXR7.dll
2009-11-15 17:41:36 1568768 ------w- c:\windows\system32\ImagX7.dll
2009-11-15 17:41:36 155648 ----a-w- c:\windows\system32\NeroCheck.exe
2009-11-15 17:41:36 106496 ----a-w- c:\windows\system32\TwnLib20.dll
2009-11-15 15:36:16 56816 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2009-11-15 13:17:52 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_09_00.Wdf
2009-11-15 09:05:24 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-11-14 20:34:26 65536 ------w- c:\windows\system32\Ikeext.etl
2009-11-14 19:04:06 0 d-----w- c:\programdata\Apple Computer
2009-11-14 19:03:27 0 d-----w- c:\programdata\Apple
2009-11-14 15:38:54 0 d-----w- c:\programdata\KONAMI
2009-11-14 15:00:11 56 ---ha-w- c:\windows\system32\ezsidmv.dat
2009-11-14 14:50:47 0 d-----r- c:\program files\Skype
2009-11-14 14:50:43 0 d-----w- c:\programdata\Skype
2009-11-13 22:03:36 0 d-----w- c:\program files\common files\PX Storage Engine
2009-11-13 21:51:43 111616 ----a-w- c:\windows\mstwain32.exe
2009-11-13 21:50:32 0 d-----w- c:\program files\IVT Corporation
2009-11-13 21:50:30 32 ----a-w- c:\windows\0
2009-11-13 21:50:30 0 ----a-w- c:\windows\system32\0
2009-11-13 21:45:25 0 d-----w- c:\program files\Vimicro Corporation
2009-11-13 21:45:16 0 d-----w- c:\windows\VMUVC
2009-11-13 21:44:44 476032 ----a-w- c:\windows\system32\drivers\vvftUVC.sys
2009-11-13 21:44:43 94208 ----a-w- c:\windows\system32\VvFtCtrl.dll
2009-11-13 21:44:43 188416 ----a-w- c:\windows\system32\vvftUVC.ax
2009-11-13 21:44:41 98304 ----a-w- c:\windows\system32\VMCtrl.ax
2009-11-13 21:44:41 73728 ----a-w- c:\windows\system32\exvmuvc.ax
2009-11-13 21:44:41 248448 ----a-w- c:\windows\system32\drivers\VMUVC.sys
2009-11-13 21:44:41 11776 ----a-w- c:\windows\system32\VMUVC.dll
2009-11-13 21:44:40 0 d-----w- c:\program files\Vimicro
2009-11-13 18:17:04 0 d-----w- c:\users\nikito~1\appdata\roaming\Haihaisoft PDF Reader
2009-11-13 18:16:39 0 d-----w- c:\program files\Haihaisoft PDF Reader
2009-11-13 17:17:54 0 d-----w- c:\windows\Panther
2009-11-13 15:18:44 0 d-----w- c:\users\nikitovic\Tracing
2009-11-13 15:17:18 0 d-----w- c:\program files\Microsoft
2009-11-13 15:17:00 0 d-----w- c:\program files\Windows Live SkyDrive
2009-11-13 15:16:18 0 d-----w- c:\windows\PCHEALTH
2009-11-13 14:59:54 0 d-----w- c:\program files\common files\Windows Live
2009-11-13 11:51:40 0 d-----w- c:\programdata\Yahoo!
2009-11-13 11:51:35 0 d-----w- c:\program files\Yahoo!
2009-11-13 11:34:18 15867 ----a-w- c:\windows\Blank.ico
2009-11-13 11:13:22 281760 ----a-w- c:\windows\system32\drivers\atksgt.sys
2009-11-13 11:13:21 25888 ----a-w- c:\windows\system32\drivers\lirsgt.sys
2009-11-13 11:13:21 0 d-----w- c:\windows\1C4551A64743409391E41477CD655043.TMP
2009-11-13 10:56:58 0 d-----w- c:\programdata\CyberLink
2009-11-13 10:56:07 0 d-----w- c:\program files\Mv2Player
2009-11-13 10:54:04 0 d-----w- c:\program files\DAEMON Tools Lite
2009-11-13 10:51:28 691696 ----a-w- c:\windows\system32\drivers\sptd.sys
2009-11-13 10:38:00 146650 ----a-w- c:\windows\system32\BuzzingBee.wav
2009-11-13 10:37:59 940794 ----a-w- c:\windows\system32\LoopyMusic.wav
2009-11-13 10:35:12 545 ----a-w- c:\windows\UC.PIF
2009-11-13 10:35:12 545 ----a-w- c:\windows\RAR.PIF
2009-11-13 10:35:12 545 ----a-w- c:\windows\PKZIP.PIF
2009-11-13 10:35:12 545 ----a-w- c:\windows\PKUNZIP.PIF
2009-11-13 10:35:12 545 ----a-w- c:\windows\NOCLOSE.PIF
2009-11-13 10:35:12 545 ----a-w- c:\windows\LHA.PIF
2009-11-13 10:35:12 545 ----a-w- c:\windows\ARJ.PIF
2009-11-13 10:35:11 0 d-----w- c:\users\nikito~1\appdata\roaming\GHISLER
2009-11-13 10:35:11 0 d-----w- C:\totalcmd
2009-11-13 10:31:40 0 d-----w- c:\program files\K-Lite Codec Pack
2009-11-13 10:31:03 0 d-----w- c:\program files\CCleaner
2009-11-13 10:22:02 0 d-----w- c:\program files\VS Revo Group
2009-11-13 10:00:34 0 d-----w- c:\users\nikito~1\appdata\roaming\BSplayer Pro
2009-11-13 10:00:34 0 d-----w- c:\users\nikito~1\appdata\roaming\BSplayer
2009-11-13 10:00:34 0 d-----w- c:\program files\Webteh
2009-11-13 09:58:23 0 d-----w- c:\programdata\Avira
2009-11-13 09:58:23 0 d-----w- c:\program files\Avira
2009-11-13 09:56:42 0 d-----w- c:\users\nikito~1\appdata\roaming\ACD Systems
2009-11-13 09:56:18 0 d-----w- c:\programdata\ACD Systems
2009-11-13 09:56:15 0 d-----w- c:\program files\common files\ACD Systems
2009-11-13 09:56:15 0 d-----w- c:\program files\ACD Systems
2009-11-13 09:52:33 0 d-----w- C:\Downloads
2009-11-13 09:52:16 0 d-----w- c:\program files\BitComet
2009-11-13 09:28:54 195456 ------w- c:\windows\system32\MpSigStub.exe
2009-11-13 08:56:10 0 d-----w- c:\program files\GIGABYTE
2009-11-13 08:50:49 0 d-----w- c:\program files\NVIDIA Corporation
2009-11-13 08:50:38 0 d-----w- c:\programdata\NVIDIA
2009-11-13 08:50:06 0 d-----w- c:\windows\system32\AGEIA
2009-11-13 08:50:00 0 d-sh--w- c:\windows\Installer
2009-11-13 08:49:57 0 d-----w- c:\program files\common files\Wise Installation Wizard
2009-11-13 08:49:54 490088 ----a-w- c:\windows\system32\nvuninst.exe
2009-11-13 08:49:27 0 d-----w- C:\NVIDIA
2009-11-13 08:42:09 69632 ----a-w- c:\windows\ALCMTR.EXE
2009-11-13 08:42:06 9691136 ----a-w- c:\windows\RTLCPL.exe
2009-11-13 08:42:06 90112 ----a-w- c:\windows\SoundMan.exe
2009-11-13 08:42:06 40960 ------w- c:\windows\system32\ChCfg.exe
2009-11-13 08:42:06 294912 ----a-w- c:\windows\system32\ALSndMgr.Cpl
2009-11-13 08:42:06 2803712 ----a-w- c:\windows\alcwzrd.exe
2009-11-13 08:42:06 262144 ----a-w- c:\windows\system32\RTSndMgr.Cpl
2009-11-13 08:42:06 2547008 ----a-w- c:\windows\system32\drivers\RtkHDAud.Sys
2009-11-13 08:42:06 156672 ----a-w- c:\windows\system32\RtlCPAPI.dll
2009-11-13 08:42:06 14202368 ----a-w- c:\windows\RTHDCPL.exe
2009-11-13 08:42:06 0 d-----w- c:\windows\system32\RTCOM
2009-11-13 08:41:53 0 d-----w- c:\program files\Realtek
2009-11-13 08:41:50 192512 ------w- c:\windows\RtlExUpd.dll
2009-11-13 08:31:56 713888 ----a-w- c:\windows\system32\PerfStringBackup.INI
2009-11-13 08:31:43 0 d-----w- c:\windows\system32\wbem\Performance

==================== Find3M ====================

2009-09-27 16:47:30 2173544 ----a-w- c:\windows\system32\nvcplui.exe
2009-09-27 16:47:00 92776 ----a-w- c:\windows\system32\nvmctray.dll
2009-09-27 16:47:00 805480 ----a-w- c:\windows\system32\nvsvc.dll
2009-09-27 16:47:00 4033128 ----a-w- c:\windows\system32\nvvitvs.dll
2009-09-27 16:47:00 3553896 ----a-w- c:\windows\system32\nvgames.dll
2009-09-27 16:47:00 3172968 ----a-w- c:\windows\system32\nvwss.dll
2009-09-27 16:47:00 215656 ----a-w- c:\windows\system32\nvvsvc.exe
2009-09-27 16:47:00 195176 ----a-w- c:\windows\system32\nvmccss.dll
2009-09-27 16:47:00 150120 ----a-w- c:\windows\system32\nvshext.dll
2009-09-27 16:47:00 1309288 ----a-w- c:\windows\system32\nvsvs.dll
2009-09-27 16:47:00 1292904 ----a-w- c:\windows\system32\nvmobls.dll
2009-09-27 16:46:00 4942440 ----a-w- c:\windows\system32\nvdisps.dll
2009-09-27 16:46:00 13949544 ----a-w- c:\windows\system32\nvcpl.dll
2009-07-14 04:56:42 31548 ----a-w- c:\windows\inf\perflib\0409\perfd.dat
2009-07-14 04:56:42 31548 ----a-w- c:\windows\inf\perflib\0409\perfc.dat
2009-07-14 04:56:42 291294 ----a-w- c:\windows\inf\perflib\0409\perfi.dat
2009-07-14 04:56:42 291294 ----a-w- c:\windows\inf\perflib\0409\perfh.dat
2009-07-14 04:41:57 174 --sha-w- c:\program files\desktop.ini
2009-07-14 00:34:40 291294 ----a-w- c:\windows\inf\perflib\0000\perfi.dat
2009-07-14 00:34:40 291294 ----a-w- c:\windows\inf\perflib\0000\perfh.dat
2009-07-14 00:34:38 31548 ----a-w- c:\windows\inf\perflib\0000\perfd.dat
2009-07-14 00:34:38 31548 ----a-w- c:\windows\inf\perflib\0000\perfc.dat
2009-06-10 21:26:35 9633792 --sha-r- c:\windows\fonts\StaticCache.dat
2009-07-14 01:14:45 396800 --sha-w- c:\windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_f12e83abb108c86c\WinMail.exe

============= FINISH: 10:10:39,44 ===============

https://www.mycity.rs/must-login.png


https://www.mycity.rs/must-login.png

https://www.mycity.rs/must-login.png

https://www.mycity.rs/must-login.png

Poslao: 08 Dec 2009 18:16
Idi na vrh
offline
  • diarno  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 15 Jun 2007
  • Poruke: 5572

Preuzmi AVZ Antiviral Toolkit sa sledećeg linka :

http://devbuilds.kaspersky-labs.com/devbuilds/AVZ/avz4.zip


Raspakuj arhivu u neki folder (uputstvo), a zatim:
pokreni AVZ (dvoklikom na ikonicu);

u meniju izaberi File > Custom Scripts;

u prozor koji se otvori iskopiraj sve što se nalazi unutar Kod polja:

begin
SearchRootkit(true, true);
SetAVZGuardStatus(True);
TerminateProcessByName('C:\Windows\mstwain32.exe');
DeleteFile('C:\Windows\mstwain32.exe');
DeleteFile('C:\Windows\cmsetac.dll');
DeleteFile('C:\Windows\ntdtcstp.dll');
RegKeyParamDel('HKEY_CURRENT_USER','Software\Microsoft\Windows\CurrentVersion\Run','mstwain32');
BC_ImportDeletedList;
BC_Activate;
ExecuteSysClean;
RebootWindows(true);
end.


klikni taster Run i sačekaj da se skripta izvrši.

Zatim mi postavi svez DDS log

Poslao: 08 Dec 2009 20:42
Idi na vrh
offline
  • Pridružio: 17 Maj 2008
  • Poruke: 442
  • Gde živiš: Torak City

DDS (Ver_09-12-01.01) - NTFSx86
Run by Nikitovic at 20:39:01,13 on uto 08.12.2009
Internet Explorer: 8.0.7600.16385 BrowserJavaVersion: 1.6.0_17
Microsoft Windows 7 Ultimate 6.1.7600.0.1252.1.1033.18.2046.1443 [GMT 1:00]


============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\RTHDCPL.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Windows\system32\sppsvc.exe
C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\mobsync.exe
C:\Users\Nikitovic\Desktop\dds.com
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.google.rs/
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO: BitComet Helper: {39f7e362-828a-4b5a-bcaf-5b79bfdfea60} - c:\program files\bitcomet\tools\BitCometBHO_1.3.3.2.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
mRun: [RTHDCPL] RTHDCPL.EXE
mRun: [Alcmtr] ALCMTR.EXE
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
mRun: [avgnt] "c:\program files\avira\antivir desktop\avgnt.exe" /min
mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: PromptOnSecureDesktop = 0 (0x0)
IE: &D&ownload &with BitComet - c:\program files\bitcomet\BitComet.exe/AddLink.htm
IE: &D&ownload all video with BitComet - c:\program files\bitcomet\BitComet.exe/AddVideo.htm
IE: &D&ownload all with BitComet - c:\program files\bitcomet\BitComet.exe/AddAllLink.htm
IE: E&xport to Microsoft Excel - c:\progra~1\micros~4\office11\EXCEL.EXE/3000
IE: {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://c:\program files\bitcomet\tools\BitCometBHO_1.3.3.2.dll/206
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
TCP: {7C239371-D6FD-4EB9-AD28-2A8A2F06AE99} = 10.24.4.1
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL

================= FIREFOX ===================

FF - ProfilePath - c:\users\nikito~1\appdata\roaming\mozilla\firefox\profiles\zjytb4vy.default\
FF - prefs.js: browser.startup.homepage - www.google.rs
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}

---- FIREFOX POLICIES ----
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);

============= SERVICES / DRIVERS ===============

R1 avgio;avgio;c:\program files\avira\antivir desktop\avgio.sys [2009-11-15 11608]
R1 VWiFiFlt;Virtual WiFi Filter Driver;c:\windows\system32\drivers\vwififlt.sys [2009-7-14 48128]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\avira\antivir desktop\sched.exe [2009-11-15 108289]
R2 AntiVirService;Avira AntiVir Guard;c:\program files\avira\antivir desktop\avguard.exe [2009-11-15 185089]
R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgntflt.sys [2009-11-15 56816]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\nvidia corporation\3d vision\nvSCPAPISvr.exe [2009-9-27 240232]
R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
R3 rt61x86;RT61 Extensible Wireless Driver;c:\windows\system32\drivers\netr61.sys [2009-6-2 368128]
R3 VMUVC;Vimicro Camera Service VMUVC;c:\windows\system32\drivers\VMUVC.sys [2009-11-13 248448]
R3 vvftUVC;Vimicro Camera Filter Service VMUVC;c:\windows\system32\drivers\vvftUVC.sys [2009-11-13 476032]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\drivers\vwifimp.sys [2009-7-14 14336]
S2 PEVSystemStart;PEVSystemStart;"c:\combofix\pev.cfxxe" exec /i "c:\combofix\hidec.exe" "c:\combofix\swreg.exe" acl "hkey_local_machine\system\currentcontrolset\enum\root\legacy_beep" /reset /q --> c:\combofix\PEV.cfxxe [?]

=============== Created Last 30 ================

2009-12-07 10:03:16 77312 ----a-w- c:\windows\MBR.exe
2009-12-07 10:03:15 98816 ----a-w- c:\windows\sed.exe
2009-12-07 10:03:15 260608 ----a-w- c:\windows\PEV.exe
2009-12-07 10:03:15 161792 ----a-w- c:\windows\SWREG.exe
2009-12-07 09:55:10 0 d-----w- c:\program files\PravoslavniK 2010
2009-12-06 22:19:37 0 d-----w- c:\program files\Unlocker
2009-12-06 22:04:31 0 d-----w- c:\program files\WonderWebWare CSS Menu Generator
2009-12-04 18:34:34 332048 ----a-w- C:\AnalysisLog.sr0
2009-12-04 18:33:26 0 d-sh--w- c:\programdata\SecuROM
2009-12-04 15:45:05 0 d-----w- c:\windows\D56B0E274A3E46C9B5C1D93D580C099C.TMP
2009-12-03 16:11:04 268048 ----a-w- c:\windows\system32\dxtmeta2.dll
2009-12-02 14:21:26 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2009-11-27 10:43:18 0 d-----w- c:\program files\avijoin
2009-11-27 10:27:24 0 d---a-w- c:\programdata\TEMP
2009-11-20 11:21:22 0 d-----w- c:\users\nikito~1\appdata\roaming\Ubisoft
2009-11-20 11:17:24 69448 ----a-w- c:\windows\system32\XAPOFX1_3.dll
2009-11-20 11:17:24 517448 ----a-w- c:\windows\system32\XAudio2_4.dll
2009-11-20 11:17:24 453456 ----a-w- c:\windows\system32\d3dx10_41.dll
2009-11-20 11:17:24 4178264 ----a-w- c:\windows\system32\D3DX9_41.dll
2009-11-20 11:17:24 235352 ----a-w- c:\windows\system32\xactengine3_4.dll
2009-11-20 11:17:24 22360 ----a-w- c:\windows\system32\X3DAudio1_6.dll
2009-11-20 11:17:24 1846632 ----a-w- c:\windows\system32\D3DCompiler_41.dll
2009-11-20 11:17:23 452440 ----a-w- c:\windows\system32\d3dx10_40.dll
2009-11-20 11:17:23 4379984 ----a-w- c:\windows\system32\D3DX9_40.dll
2009-11-20 11:17:23 2036576 ----a-w- c:\windows\system32\D3DCompiler_40.dll
2009-11-19 10:44:12 38 ----a-w- c:\windows\avisplitter.INI
2009-11-18 11:36:12 0 d-----w- c:\programdata\Bluetooth
2009-11-18 11:15:17 376 ----a-w- c:\windows\ODBC.INI
2009-11-18 11:14:42 0 d-----w- c:\program files\Microsoft ActiveSync
2009-11-16 09:20:52 179 ----a-w- c:\windows\system32\linktext.dat
2009-11-16 09:20:52 1 ----a-w- c:\windows\system32\update.ini
2009-11-16 09:20:51 80 ----a-w- c:\windows\system32\link.dat
2009-11-16 09:20:51 557 ----a-w- c:\windows\system32\radio.dat
2009-11-16 09:20:51 1143 ----a-w- c:\windows\system32\url.dat
2009-11-15 22:11:00 116 ----a-w- c:\windows\NeroDigital.ini
2009-11-15 21:47:10 257024 ----a-w- c:\windows\system32\msv1_0.dll
2009-11-15 21:41:23 728648 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2009-11-15 21:41:22 71168 ----a-w- c:\windows\system32\fontsub.dll
2009-11-15 21:41:22 507568 ----a-w- c:\windows\system32\winload.exe
2009-11-15 21:41:22 2613248 ----a-w- c:\windows\explorer.exe
2009-11-15 21:41:22 1320960 ----a-w- c:\windows\system32\CertEnroll.dll
2009-11-15 21:41:21 442920 ----a-w- c:\windows\system32\winresume.exe
2009-11-15 21:41:21 293888 ----a-w- c:\windows\system32\atmfd.dll
2009-11-15 21:41:21 108544 ----a-w- c:\windows\system32\t2embed.dll
2009-11-15 21:41:20 12625408 ----a-w- c:\windows\system32\wmploc.DLL
2009-11-15 21:40:09 34816 ----a-w- c:\windows\system32\msasn1.dll
2009-11-15 17:41:50 5888 ------w- c:\windows\system32\drivers\imagedrv.sys
2009-11-15 17:41:50 127488 ------w- c:\windows\system32\drivers\imagesrv.sys
2009-11-15 17:41:36 476320 ------w- c:\windows\system32\ImagXpr7.dll
2009-11-15 17:41:36 471040 ------w- c:\windows\system32\ImagXRA7.dll
2009-11-15 17:41:36 364544 ------w- c:\windows\system32\TwnLib4.dll
2009-11-15 17:41:36 262144 ------w- c:\windows\system32\ImagXR7.dll
2009-11-15 17:41:36 1568768 ------w- c:\windows\system32\ImagX7.dll
2009-11-15 17:41:36 155648 ----a-w- c:\windows\system32\NeroCheck.exe
2009-11-15 17:41:36 106496 ----a-w- c:\windows\system32\TwnLib20.dll
2009-11-15 15:36:16 56816 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2009-11-15 13:17:52 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_09_00.Wdf
2009-11-15 09:05:24 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-11-14 20:34:26 65536 ------w- c:\windows\system32\Ikeext.etl
2009-11-14 19:04:06 0 d-----w- c:\programdata\Apple Computer
2009-11-14 19:03:27 0 d-----w- c:\programdata\Apple
2009-11-14 15:38:54 0 d-----w- c:\programdata\KONAMI
2009-11-14 15:00:11 56 ---ha-w- c:\windows\system32\ezsidmv.dat
2009-11-14 14:50:47 0 d-----r- c:\program files\Skype
2009-11-14 14:50:43 0 d-----w- c:\programdata\Skype
2009-11-13 22:03:36 0 d-----w- c:\program files\common files\PX Storage Engine
2009-11-13 21:50:32 0 d-----w- c:\program files\IVT Corporation
2009-11-13 21:50:30 32 ----a-w- c:\windows\0
2009-11-13 21:50:30 0 ----a-w- c:\windows\system32\0
2009-11-13 21:45:25 0 d-----w- c:\program files\Vimicro Corporation
2009-11-13 21:45:16 0 d-----w- c:\windows\VMUVC
2009-11-13 21:44:44 476032 ----a-w- c:\windows\system32\drivers\vvftUVC.sys
2009-11-13 21:44:43 94208 ----a-w- c:\windows\system32\VvFtCtrl.dll
2009-11-13 21:44:43 188416 ----a-w- c:\windows\system32\vvftUVC.ax
2009-11-13 21:44:41 98304 ----a-w- c:\windows\system32\VMCtrl.ax
2009-11-13 21:44:41 73728 ----a-w- c:\windows\system32\exvmuvc.ax
2009-11-13 21:44:41 248448 ----a-w- c:\windows\system32\drivers\VMUVC.sys
2009-11-13 21:44:41 11776 ----a-w- c:\windows\system32\VMUVC.dll
2009-11-13 21:44:40 0 d-----w- c:\program files\Vimicro
2009-11-13 18:17:04 0 d-----w- c:\users\nikito~1\appdata\roaming\Haihaisoft PDF Reader
2009-11-13 18:16:39 0 d-----w- c:\program files\Haihaisoft PDF Reader
2009-11-13 17:17:54 0 d-----w- c:\windows\Panther
2009-11-13 15:18:44 0 d-----w- c:\users\nikitovic\Tracing
2009-11-13 15:17:18 0 d-----w- c:\program files\Microsoft
2009-11-13 15:17:00 0 d-----w- c:\program files\Windows Live SkyDrive
2009-11-13 15:16:18 0 d-----w- c:\windows\PCHEALTH
2009-11-13 14:59:54 0 d-----w- c:\program files\common files\Windows Live
2009-11-13 11:51:40 0 d-----w- c:\programdata\Yahoo!
2009-11-13 11:51:35 0 d-----w- c:\program files\Yahoo!
2009-11-13 11:34:18 15867 ----a-w- c:\windows\Blank.ico
2009-11-13 11:13:22 281760 ----a-w- c:\windows\system32\drivers\atksgt.sys
2009-11-13 11:13:21 25888 ----a-w- c:\windows\system32\drivers\lirsgt.sys
2009-11-13 11:13:21 0 d-----w- c:\windows\1C4551A64743409391E41477CD655043.TMP
2009-11-13 10:56:58 0 d-----w- c:\programdata\CyberLink
2009-11-13 10:56:07 0 d-----w- c:\program files\Mv2Player
2009-11-13 10:54:04 0 d-----w- c:\program files\DAEMON Tools Lite
2009-11-13 10:51:28 691696 ----a-w- c:\windows\system32\drivers\sptd.sys
2009-11-13 10:38:00 146650 ----a-w- c:\windows\system32\BuzzingBee.wav
2009-11-13 10:37:59 940794 ----a-w- c:\windows\system32\LoopyMusic.wav
2009-11-13 10:35:12 545 ----a-w- c:\windows\UC.PIF
2009-11-13 10:35:12 545 ----a-w- c:\windows\RAR.PIF
2009-11-13 10:35:12 545 ----a-w- c:\windows\PKZIP.PIF
2009-11-13 10:35:12 545 ----a-w- c:\windows\PKUNZIP.PIF
2009-11-13 10:35:12 545 ----a-w- c:\windows\NOCLOSE.PIF
2009-11-13 10:35:12 545 ----a-w- c:\windows\LHA.PIF
2009-11-13 10:35:12 545 ----a-w- c:\windows\ARJ.PIF
2009-11-13 10:35:11 0 d-----w- c:\users\nikito~1\appdata\roaming\GHISLER
2009-11-13 10:35:11 0 d-----w- C:\totalcmd
2009-11-13 10:31:40 0 d-----w- c:\program files\K-Lite Codec Pack
2009-11-13 10:31:03 0 d-----w- c:\program files\CCleaner
2009-11-13 10:22:02 0 d-----w- c:\program files\VS Revo Group
2009-11-13 10:00:34 0 d-----w- c:\users\nikito~1\appdata\roaming\BSplayer Pro
2009-11-13 10:00:34 0 d-----w- c:\users\nikito~1\appdata\roaming\BSplayer
2009-11-13 10:00:34 0 d-----w- c:\program files\Webteh
2009-11-13 09:58:23 0 d-----w- c:\programdata\Avira
2009-11-13 09:58:23 0 d-----w- c:\program files\Avira
2009-11-13 09:56:42 0 d-----w- c:\users\nikito~1\appdata\roaming\ACD Systems
2009-11-13 09:56:18 0 d-----w- c:\programdata\ACD Systems
2009-11-13 09:56:15 0 d-----w- c:\program files\common files\ACD Systems
2009-11-13 09:56:15 0 d-----w- c:\program files\ACD Systems
2009-11-13 09:52:33 0 d-----w- C:\Downloads
2009-11-13 09:52:16 0 d-----w- c:\program files\BitComet
2009-11-13 09:28:54 195456 ------w- c:\windows\system32\MpSigStub.exe
2009-11-13 08:56:10 0 d-----w- c:\program files\GIGABYTE
2009-11-13 08:50:49 0 d-----w- c:\program files\NVIDIA Corporation
2009-11-13 08:50:38 0 d-----w- c:\programdata\NVIDIA
2009-11-13 08:50:06 0 d-----w- c:\windows\system32\AGEIA
2009-11-13 08:50:00 0 d-sh--w- c:\windows\Installer
2009-11-13 08:49:57 0 d-----w- c:\program files\common files\Wise Installation Wizard
2009-11-13 08:49:54 490088 ----a-w- c:\windows\system32\nvuninst.exe
2009-11-13 08:49:27 0 d-----w- C:\NVIDIA
2009-11-13 08:42:09 69632 ----a-w- c:\windows\ALCMTR.EXE
2009-11-13 08:42:06 9691136 ----a-w- c:\windows\RTLCPL.exe
2009-11-13 08:42:06 90112 ----a-w- c:\windows\SoundMan.exe
2009-11-13 08:42:06 40960 ------w- c:\windows\system32\ChCfg.exe
2009-11-13 08:42:06 294912 ----a-w- c:\windows\system32\ALSndMgr.Cpl
2009-11-13 08:42:06 2803712 ----a-w- c:\windows\alcwzrd.exe
2009-11-13 08:42:06 262144 ----a-w- c:\windows\system32\RTSndMgr.Cpl
2009-11-13 08:42:06 2547008 ----a-w- c:\windows\system32\drivers\RtkHDAud.Sys
2009-11-13 08:42:06 156672 ----a-w- c:\windows\system32\RtlCPAPI.dll
2009-11-13 08:42:06 14202368 ----a-w- c:\windows\RTHDCPL.exe
2009-11-13 08:42:06 0 d-----w- c:\windows\system32\RTCOM
2009-11-13 08:41:53 0 d-----w- c:\program files\Realtek
2009-11-13 08:41:50 192512 ------w- c:\windows\RtlExUpd.dll
2009-11-13 08:31:56 713888 ----a-w- c:\windows\system32\PerfStringBackup.INI
2009-11-13 08:31:43 0 d-----w- c:\windows\system32\wbem\Performance

==================== Find3M ====================

2009-09-27 16:47:30 2173544 ----a-w- c:\windows\system32\nvcplui.exe
2009-09-27 16:47:00 92776 ----a-w- c:\windows\system32\nvmctray.dll
2009-09-27 16:47:00 805480 ----a-w- c:\windows\system32\nvsvc.dll
2009-09-27 16:47:00 4033128 ----a-w- c:\windows\system32\nvvitvs.dll
2009-09-27 16:47:00 3553896 ----a-w- c:\windows\system32\nvgames.dll
2009-09-27 16:47:00 3172968 ----a-w- c:\windows\system32\nvwss.dll
2009-09-27 16:47:00 215656 ----a-w- c:\windows\system32\nvvsvc.exe
2009-09-27 16:47:00 195176 ----a-w- c:\windows\system32\nvmccss.dll
2009-09-27 16:47:00 150120 ----a-w- c:\windows\system32\nvshext.dll
2009-09-27 16:47:00 1309288 ----a-w- c:\windows\system32\nvsvs.dll
2009-09-27 16:47:00 1292904 ----a-w- c:\windows\system32\nvmobls.dll
2009-09-27 16:46:00 4942440 ----a-w- c:\windows\system32\nvdisps.dll
2009-09-27 16:46:00 13949544 ----a-w- c:\windows\system32\nvcpl.dll
2009-07-14 04:56:42 31548 ----a-w- c:\windows\inf\perflib\0409\perfd.dat
2009-07-14 04:56:42 31548 ----a-w- c:\windows\inf\perflib\0409\perfc.dat
2009-07-14 04:56:42 291294 ----a-w- c:\windows\inf\perflib\0409\perfi.dat
2009-07-14 04:56:42 291294 ----a-w- c:\windows\inf\perflib\0409\perfh.dat
2009-07-14 04:41:57 174 --sha-w- c:\program files\desktop.ini
2009-07-14 00:34:40 291294 ----a-w- c:\windows\inf\perflib\0000\perfi.dat
2009-07-14 00:34:40 291294 ----a-w- c:\windows\inf\perflib\0000\perfh.dat
2009-07-14 00:34:38 31548 ----a-w- c:\windows\inf\perflib\0000\perfd.dat
2009-07-14 00:34:38 31548 ----a-w- c:\windows\inf\perflib\0000\perfc.dat
2009-06-10 21:26:35 9633792 --sha-r- c:\windows\fonts\StaticCache.dat
2009-07-14 01:14:45 396800 --sha-w- c:\windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_f12e83abb108c86c\WinMail.exe

============= FINISH: 20:39:42,68 ===============


evo svez DDS log avira ne prijavljuje nista tako da mislim da je resen problem hvala Ziveli

Poslao: 08 Dec 2009 21:58
Idi na vrh
offline
  • diarno  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 15 Jun 2007
  • Poruke: 5572

To bi bilo to ..pozzz Wink

MyCity » Ambulanta -> Arhiva Ambulante » avira nalazi trojanca

Ko je trenutno na forumu
 

Ukupno su 1111 korisnika na forumu :: 35 registrovanih, 8 sakrivenih i 1068 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: 357magnum, Bobrock1, cavatina, cenejac111, CikaKURE, comi_pfc, dankisha, Dimitrise93, Dorcolac, FileFinder, galerija, HrcAk47, kybonacci, Leonov, ljuba, Luka1998, Marex, MB120mm, mercedesamg, Mi lao shu, Milenaaa, Milos ZA, Mlav, mocnijogurt, Ne doznajem se u oružje, nebkv, nemkea71, Parker, rodoljub, Singidunumac, Srle993, styg, suton, tomigun, wolverined4