MyCity » Ambulanta -> Arhiva Ambulante » Napad virusa

Napad virusa

Napisano na dan: 10.3.2009
1

Napad virusa
Sledeća strana Pagination

Idi na vrh

Poslao: 10 Mar 2009 00:05
Idi na vrh
offline
  • Pridružio: 13 Maj 2008
  • Poruke: 114

Imam ogroman problem, sta god da pokrenem avast mi izbacuje da je virus! Kada restartujem komp izadje mi :C:\Documents and Settings\Dragan\Local Settings\Temporary Internet Files\Content.IE5\UB2YMR81\appnews2[1].htm
Mozzila mi je otkazala i ne moze da se pokrene kao i neki programi. U zadnje vreme desi mi se da mi kom zakuca i da nepomaze ni ctrl+alt+del vec samo dugme za restart na kompu. A sinoc sam nakacio drugi HDD od drugara i od tada je komp poludeo i slabije radi! Pa ako ima pomoci da mi neko pomogne?

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:51:01, on 9.3.2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Folder Guard Pro\FGKey.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Windows Live\Family Safety\fsui.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Family Safety\fsssvc.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
C:\Program Files\CyberLink\Shared files\RichVideo.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\SPEEDB~1\VideoAcceleratorService.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\PROGRA~1\Crawler\CToolbar.exe
C:\Program Files\Windows Live\Toolbar\wltuser.exe
C:\PROGRA~1\SPEEDB~1\VideoAcceleratorEngine.exe
C:\Documents and Settings\Dragan\Desktop\ttttt\TR3.exe.exe
C:\Documents and Settings\Dragan\Desktop\ttttt\TR3.exe.exe
C:\Documents and Settings\Dragan\Desktop\ttttt\TR3.exe.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = [Link mogu videti samo ulogovani korisnici]
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = [Link mogu videti samo ulogovani korisnici]
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [Link mogu videti samo ulogovani korisnici]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [Link mogu videti samo ulogovani korisnici]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = [Link mogu videti samo ulogovani korisnici]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = [Link mogu videti samo ulogovani korisnici]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = [Link mogu videti samo ulogovani korisnici]*http://www.yahoo.com/ext/search/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [Link mogu videti samo ulogovani korisnici]*http://www.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [Link mogu videti samo ulogovani korisnici]
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = [Link mogu videti samo ulogovani korisnici]
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = [Link mogu videti samo ulogovani korisnici]
R3 - URLSearchHook: SpeedBitPlus Toolbar - {60270dc7-9ea0-472f-9b77-66652c06246e} - C:\Program Files\SpeedBitPlus\tbSpee.dll
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
R3 - URLSearchHook: (no name) - {9CB65206-89C4-402c-BA80-02D8C59F9B1D} - C:\Program Files\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL (file missing)
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\ctbr.dll
O2 - BHO: Windows Live Family Safety Browser Helper - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: SpeedBitPlus Toolbar - {60270dc7-9ea0-472f-9b77-66652c06246e} - C:\Program Files\SpeedBitPlus\tbSpee.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: Windows Live pomagac za prijavljivanje - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O3 - Toolbar: SpeedBitPlus Toolbar - {60270dc7-9ea0-472f-9b77-66652c06246e} - C:\Program Files\SpeedBitPlus\tbSpee.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Crawler li?ta - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\PROGRA~1\Crawler\ctbr.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SpywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe"
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"
O4 - HKLM\..\Run: [FG_Monitor] C:\Program Files\Folder Guard Pro\FGKey.exe /Start
O4 - HKLM\..\Run: [SpeedBitVideoAccelerator] "C:\Program Files\SpeedBit Video Accelerator\VideoAccelerator.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [fssui] "C:\Program Files\Windows Live\Family Safety\fsui.exe" -autorun
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
O8 - Extra context menu item: Crawler Search - tbr:iemenu
O9 - Extra button: Objavi ovo u blogu - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Objavi ovo u blogu u okviru usluge Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\PROGRA~1\Crawler\ctbr.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
O23 - Service: VideoAcceleratorService - Speedbit Ltd. - C:\PROGRA~1\SPEEDB~1\VideoAcceleratorService.exe

--
End of file - 10221 bytes



Poslao: 10 Mar 2009 00:13
Idi na vrh
offline
  • diarno  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 15 Jun 2007
  • Poruke: 5572

Cyrax ::Imam ogroman problem, sta god da pokrenem avast mi izbacuje da je virus!

Sta kaze.. Kako se zove taj virus...?



Poslao: 10 Mar 2009 00:18
Idi na vrh
offline
  • Pridružio: 13 Maj 2008
  • Poruke: 114

Gore tek sada vidim da sam pogresio. Kada palim komp izadje mi :
MOM.exe-application error
The application faild to initialize prooerly (0xc 000007b). Click on OK to terminate the application.

A posle mi izbacuje virus:
C:\Documents and Settings\Dragan\Local Settings\Temporary Internet Files\Content.IE5\UB2YMR81\appnews2[1].htm
C:\Documents and Settings\Dragan\Local Settings\Temporary Internet Files\Content.IE5\OPAVOLIZ\mycity[1].htm

I jos 6-7 virusa jedan za drugim.

Poslao: 10 Mar 2009 00:23
Idi na vrh
offline
  • diarno  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 15 Jun 2007
  • Poruke: 5572

Desni klik na ikonicu Avasta u desnom uglu pored sata i izaberi Log Viewer...

Probaj nekako da mi okacis izvestaj.. ima cini mi se export opcija...

Poslao: 10 Mar 2009 00:32
Idi na vrh
offline
  • Pridružio: 13 Maj 2008
  • Poruke: 114

Ovo je log od WARNING:
7.2.2009 13:54:17 Dragan 1240 Sign of "Win32:Agent-KYQ" has been found in "I:\MSOCache\90000804-6000-11D3-8CFE-0150048383C9\KB915865.exe" file.
7.2.2009 16:16:57 Dragan 1244 Sign of "Win32:Agent-KYQ" has been found in "G:\MSOCache\90000804-6000-11D3-8CFE-0150048383C9\KB915865.exe" file.
22.2.2009 14:14:22 SYSTEM 1408 Sign of "JS:Cruzer-B [Trj]" has been found in "http://www.profil.rs/" file.
22.2.2009 14:15:49 SYSTEM 1408 Sign of "JS:Cruzer-B [Trj]" has been found in "http://www.profil.rs/" file.
23.2.2009 15:26:08 SYSTEM 1464 Sign of "Win32:Rootkit-gen [Rtk]" has been found in "D:\WINDOWS\system32\dfrgui32.dll" file.
24.2.2009 14:57:26 SYSTEM 1432 Sign of "HTML:Iframe-inf" has been found in "http://www.bitches-porno.com/tgp/acc.html\{gzip}" file.
28.2.2009 19:34:17 SYSTEM 1424 Sign of "Win32:Trojan-gen {Other}" has been found in "http://files.gameshop-international.com/GameCenterSolution/ZumaDeluxe/ZumaDeluxeSetup.exe\[Embedded_I#02ce04]\{app}\Zuma.exe" file.
28.2.2009 19:38:05 SYSTEM 1424 Sign of "Win32:Trojan-gen {Other}" has been found in "http://files.gameshop-international.com/GameCenterSolution/ZumaDeluxe/ZumaDeluxeSetup.exe\[Embedded_I#02ce04]\{app}\Zuma.exe" file.
1.3.2009 20:52:18 SYSTEM 1432 Sign of "HTML:Iframe-inf" has been found in "http://www.bitches-porno.com/tgp/acc.html\{gzip}" file.
7.3.2009 23:19:11 Dragan 1656 Sign of "Win32:Trojan-gen {Other}" has been found in "F:\ZIKA HDD\-==Digital Studio==-\Rumunphone\Nokia\start\fscommand\pcguide_de.exe" file.
7.3.2009 23:19:25 Dragan 1656 Sign of "Win32:Trojan-gen {Other}" has been found in "F:\ZIKA HDD\-==Digital Studio==-\Rumunphone\Nokia\start\fscommand\pcguide_es.exe" file.
8.3.2009 0:33:08 Dragan 1656 Sign of "Win32:Trojan-gen {Other}" has been found in "F:\ZIKA HDD\programi\nex program's\AcdSee 8.0.67\acdsee.pro.8.x.-.multilangue-patch.exe" file.
8.3.2009 0:33:48 Dragan 1656 Sign of "Win32:Adware-gen [Adw]" has been found in "F:\ZIKA HDD\programi\RadLight 3.03 R5.2\Save.exe" file.
9.3.2009 18:45:53 SYSTEM 1432 Sign of "Win32:Trojan-gen {Other}" has been found in "C:\WINDOWS\TEMP\VRT82.tmp" file.
9.3.2009 19:35:35 Dragan 1424 Sign of "HTML:Iframe-inf" has been found in "C:\Documents and Settings\Dragan\Local Settings\Temporary Internet Files\Content.IE5\UB2YMR81\client_ad[1].htm" file.
9.3.2009 19:35:45 Dragan 1424 Sign of "Win32:Trojan-gen {Other}" has been found in "C:\WINDOWS\TEMP\VRT6.tmp" file.
9.3.2009 19:35:51 Dragan 1424 Sign of "HTML:Iframe-inf" has been found in "C:\Documents and Settings\Dragan\Local Settings\Temporary Internet Files\Content.IE5\UB2YMR81\yimPlayer[1].htm" file.
9.3.2009 19:36:00 Dragan 1424 Sign of "HTML:Iframe-inf" has been found in "C:\Documents and Settings\Dragan\Local Settings\Temporary Internet Files\Content.IE5\8X8C2JWX\client_ad[1].htm" file.
9.3.2009 19:40:26 Dragan 1424 Sign of "Win32:SdBot-RT [Trj]" has been found in "E:\New Folder\Instalacije\Nero-9.2.6.0_update.exe" file.
9.3.2009 19:42:09 Dragan 1424 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Valve\platform\steam\cached\Account.html" file.
9.3.2009 19:42:32 Dragan 1424 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Valve\platform\steam\cached\CDKeyReceipt.html" file.
9.3.2009 19:42:36 Dragan 1424 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Valve\platform\steam\cached\CreditCardPreorderReceipt.html" file.
9.3.2009 19:42:38 Dragan 1424 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Valve\platform\steam\cached\CreditCardReceipt.html" file.
9.3.2009 19:42:40 Dragan 1424 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Valve\platform\steam\cached\offline_english.html" file.
9.3.2009 19:42:45 Dragan 1424 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Valve\platform\steam\cached\offline_french.html" file.
9.3.2009 19:42:47 Dragan 1424 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Valve\platform\steam\cached\offline_german.html" file.
9.3.2009 19:42:49 Dragan 1424 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Valve\platform\steam\cached\offline_italian.html" file.
9.3.2009 19:42:53 Dragan 1424 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Valve\platform\steam\cached\offline_spanish.html" file.
9.3.2009 19:44:48 Dragan 1424 Sign of "HTML:Iframe-inf" has been found in "C:\Documents and Settings\Dragan\Local Settings\Temporary Internet Files\Content.IE5\OPAVOLIZ\appnews2[1].htm" file.
9.3.2009 19:47:55 Dragan 1424 Sign of "HTML:Iframe-inf" has been found in "C:\Documents and Settings\Dragan\Local Settings\Temporary Internet Files\Content.IE5\0PIFGLQ7\google[1].htm" file.
9.3.2009 19:50:52 SYSTEM 1428 Sign of "Win32:Trojan-gen {Other}" has been found in "C:\WINDOWS\TEMP\VRT2.tmp" file.
9.3.2009 20:04:55 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Documents and Settings\Administrator\Application Data\Spyware Terminator\LanguageAct\offlinehelp.html" file.
9.3.2009 20:05:22 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Documents and Settings\All Users\Application Data\ACD Systems\ACDSee\11.0\ACDInTouch\EN\StaticPages\Cannot_Connect.htm" file.
9.3.2009 20:05:22 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Documents and Settings\All Users\Application Data\ACD Systems\ACDSee\11.0\ACDInTouch\EN\StaticPages\Chose_Not_To_Connect.htm" file.
9.3.2009 20:05:22 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Documents and Settings\All Users\Application Data\ACD Systems\ACDSee\11.0\ACDInTouch\EN\StaticPages\privacy-popup.htm" file.
9.3.2009 20:05:22 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Documents and Settings\All Users\Application Data\ACD Systems\ACDSee\11.0\ACDInTouch\EN\StaticPages\registration-cancel.htm" file.
9.3.2009 20:05:22 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Documents and Settings\All Users\Application Data\ACD Systems\ACDSee\11.0\ACDInTouch\EN\StaticPages\Registration.htm" file.
9.3.2009 20:05:22 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Documents and Settings\All Users\Application Data\ACD Systems\ACDSee\11.0\ACDInTouch\EN\StaticPages\trial-cannot-connect.htm" file.
9.3.2009 20:05:29 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Documents and Settings\All Users\Application Data\Skype\Plugins\Plugins\F57B48ADF2224F088EDD1A2B9BAD84E8\PickGame.htm" file.
9.3.2009 20:05:42 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Documents and Settings\Dragan\Application Data\Spyware Terminator\info.htm" file.
9.3.2009 20:05:42 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Documents and Settings\Dragan\Application Data\Spyware Terminator\LanguageAct\offlinehelp.html" file.
9.3.2009 20:05:43 Administrator 1508 Sign of "Win32:JunkPoly [Cryp]" has been found in "C:\Documents and Settings\Dragan\Desktop\Click.exe" file.
9.3.2009 20:05:46 Administrator 1508 Sign of "Win32:JunkPoly [Cryp]" has been found in "C:\Documents and Settings\Dragan\Desktop\milioner07novi sa 5000 pitanja\Milioner.exe" file.
9.3.2009 20:07:22 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Documents and Settings\Dragan\Local Settings\Temp\NotifyMe.htm" file.
9.3.2009 20:07:22 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Documents and Settings\Dragan\Local Settings\Temp\Rar$EX00.984\hlc.htm" file.
9.3.2009 20:07:22 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Documents and Settings\Dragan\Local Settings\Temp\wahtmltmp00.htm" file.
9.3.2009 20:07:23 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Documents and Settings\Dragan\Local Settings\Temporary Internet Files\Content.IE5\0PIFGLQ7\ADSAdClient31[1].htm" file.
9.3.2009 20:07:23 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Documents and Settings\Dragan\Local Settings\Temporary Internet Files\Content.IE5\8X8C2JWX\client_ad[1].htm" file.
9.3.2009 20:07:23 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Documents and Settings\Dragan\Local Settings\Temporary Internet Files\Content.IE5\NXJNFYNF\client_ad[1].htm" file.
9.3.2009 20:12:54 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Documents and Settings\Dragan\My Documents\My Stationery\ArtDeco.htm" file.
9.3.2009 20:12:54 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Documents and Settings\Dragan\My Documents\My Stationery\BlueTiles.htm" file.
9.3.2009 20:12:54 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Documents and Settings\Dragan\My Documents\My Stationery\Bubbles.htm" file.
9.3.2009 20:12:54 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Documents and Settings\Dragan\My Documents\My Stationery\Cheddar.htm" file.
9.3.2009 20:12:54 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Documents and Settings\Dragan\My Documents\My Stationery\ColorStripe.htm" file.
9.3.2009 20:12:54 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Documents and Settings\Dragan\My Documents\My Stationery\Dinosaur.htm" file.
9.3.2009 20:12:54 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Documents and Settings\Dragan\My Documents\My Stationery\Garden.htm" file.
9.3.2009 20:12:54 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Documents and Settings\Dragan\My Documents\My Stationery\HandPrints.htm" file.
9.3.2009 20:12:54 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Documents and Settings\Dragan\My Documents\My Stationery\LED.htm" file.
9.3.2009 20:12:54 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Documents and Settings\Dragan\My Documents\My Stationery\Money.htm" file.
9.3.2009 20:12:54 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Documents and Settings\Dragan\My Documents\My Stationery\Mosaic1.htm" file.
9.3.2009 20:12:54 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Documents and Settings\Dragan\My Documents\My Stationery\Mosaic2.htm" file.
9.3.2009 20:12:55 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Documents and Settings\Dragan\My Documents\My Stationery\Music.htm" file.
9.3.2009 20:12:55 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Documents and Settings\Dragan\My Documents\My Stationery\Snowboard.htm" file.
9.3.2009 20:12:55 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Documents and Settings\Dragan\My Documents\My Stationery\Southwest.htm" file.
9.3.2009 20:12:55 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Documents and Settings\Dragan\My Documents\My Stationery\YellowTiles.htm" file.
9.3.2009 20:13:19 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\ACD Systems\ACDSee\11.0\bin\Welcome\index.htm" file.
9.3.2009 20:13:20 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\ACD Systems\ACDSee\11.0\LM\Pages\ExpiredACDSee.htm" file.
9.3.2009 20:13:20 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\ACD Systems\ACDSee\11.0\LM\Pages\Offer15DayTrial.htm" file.
9.3.2009 20:13:20 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\ACD Systems\ACDSee\11.0\LM\Pages\Offer30DayTrial.htm" file.
9.3.2009 20:13:20 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\ACD Systems\ACDSee\11.0\LM\Pages\OfferGracePeriod.htm" file.
9.3.2009 20:13:24 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\ACD Systems\ACDSee\11.0\Startup\0.html" file.
9.3.2009 20:13:24 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\ACD Systems\ACDSee\11.0\Startup\1.html" file.
9.3.2009 20:13:24 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\ACD Systems\ACDSee\11.0\Startup\10.html" file.
9.3.2009 20:13:24 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\ACD Systems\ACDSee\11.0\Startup\11.html" file.
9.3.2009 20:13:24 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\ACD Systems\ACDSee\11.0\Startup\2.html" file.
9.3.2009 20:13:24 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\ACD Systems\ACDSee\11.0\Startup\3.html" file.
9.3.2009 20:13:24 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\ACD Systems\ACDSee\11.0\Startup\4.html" file.
9.3.2009 20:13:24 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\ACD Systems\ACDSee\11.0\Startup\5.html" file.
9.3.2009 20:13:24 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\ACD Systems\ACDSee\11.0\Startup\6.html" file.
9.3.2009 20:13:24 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\ACD Systems\ACDSee\11.0\Startup\7.html" file.
9.3.2009 20:13:24 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\ACD Systems\ACDSee\11.0\Startup\8.html" file.
9.3.2009 20:13:24 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\ACD Systems\ACDSee\11.0\Startup\9.html" file.
9.3.2009 20:13:25 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\ACD Systems\ACDSee\11.0\Startup\menu.html" file.
9.3.2009 20:13:25 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Adobe Help Viewer\1.0\help.html" file.
9.3.2009 20:13:27 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\adobe_epic\eula\en_US\install.html" file.
9.3.2009 20:13:27 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\adobe_epic\eula\en_US\install2.html" file.
9.3.2009 20:13:27 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\BeyondReader\ENU\Onramp\index.html" file.
9.3.2009 20:13:27 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\Engineering.html" file.
9.3.2009 20:13:27 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\Export.html" file.
9.3.2009 20:13:27 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\Forms.html" file.
9.3.2009 20:13:27 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\Forms1.html" file.
9.3.2009 20:13:27 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\Hanko05.html" file.
9.3.2009 20:13:27 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\HowTo.html" file.
9.3.2009 20:13:27 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\Reader_en-us_report-conref.html" file.
9.3.2009 20:13:27 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\Reader_en-us_report-content.html" file.
9.3.2009 20:13:27 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\Reader_en-us_report-duplicate.html" file.
9.3.2009 20:13:28 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\Reader_en-us_report-image.html" file.
9.3.2009 20:13:28 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\Reader_en-us_report-indexes.html" file.
9.3.2009 20:13:28 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\Reader_en-us_report-summary.html" file.
9.3.2009 20:13:28 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\Reader_en-us_report-xref.html" file.
9.3.2009 20:13:28 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\Review.html" file.
9.3.2009 20:13:28 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\Review01.html" file.
9.3.2009 20:13:28 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\Review02.html" file.
9.3.2009 20:13:28 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\Review05.html" file.
9.3.2009 20:13:28 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\search.html" file.
9.3.2009 20:13:28 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\Sign.html" file.
9.3.2009 20:13:28 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\srch_db.html" file.
9.3.2009 20:13:28 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\version.html" file.
9.3.2009 20:13:28 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\WS0152AC38-6989-4789-A91A-DE804B4EE217.html" file.
9.3.2009 20:13:28 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\WS01D0DD7E-72C5-4bd7-98A5-61B6703E2874.html" file.
9.3.2009 20:13:28 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\WS0DB156A0-D8E0-40d1-A8FE-155D401E100A.html" file.
9.3.2009 20:13:28 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\WS116358B6-C899-4ef8-8718-5E8FEED1E80B.html" file.
9.3.2009 20:13:28 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\WS15C7F996-1DF1-4af3-8BB4-7AA64669E5A2.html" file.
9.3.2009 20:13:28 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\WS16696D10-CF60-4979-BC54-0F60285159A9.html" file.
9.3.2009 20:13:28 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\WS175FFA03-6BF0-4fa7-8D66-C91A809536CE.html" file.
9.3.2009 20:13:28 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\WS1ABEB45F-BA46-4913-A7E1-ACA6A974FE76.html" file.
9.3.2009 20:13:28 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\WS1D6D5242-53DD-40e0-B58E-95E027DCD94D.html" file.
9.3.2009 20:13:28 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\WS1E82B083-927E-47b3-AAD6-88CB47B5E992.html" file.
9.3.2009 20:13:28 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\WS21180009-84AE-4b72-9610-C38FE8B6C423.html" file.
9.3.2009 20:13:28 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\WS23BCDC6F-BC2E-489b-8D36-D875B917293B.html" file.
9.3.2009 20:13:28 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\WS23E49454-94C8-45b7-9F79-BC8CBC1621E1.html" file.
9.3.2009 20:13:28 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\WS25BA4195-6D5F-4aca-A8DF-EF72AAAAB5B1.html" file.
9.3.2009 20:13:28 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\WS26240DA8-2896-4976-8BBD-5A5CDF2DBB65.html" file.
9.3.2009 20:13:28 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\WS28F751CE-AA39-440f-8615-58F751037765.html" file.
9.3.2009 20:13:28 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\WS2AE3999E-C712-4e15-BC7C-1615EE1B5B56.html" file.
9.3.2009 20:13:28 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\WS3153B307-CB17-4269-9B46-DF43E8AC4582.html" file.
9.3.2009 20:13:28 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\WS32EEDD33-2F54-4848-9BBE-3E01F5BB2375.html" file.
9.3.2009 20:13:28 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\WS40A2300E-1DBC-4e12-9837-AD8454775679.html" file.
9.3.2009 20:13:28 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\WS4A6B605A-8F5B-4bfb-BD8E-90611BC05E4E.html" file.
9.3.2009 20:13:28 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\WS4B49EA85-530D-4820-8F46-FE0120FC591A.html" file.
9.3.2009 20:13:28 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\WS4C63D590-2C39-4ad9-9B3B-87558B53E8AD.html" file.
9.3.2009 20:13:28 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\WS4CE8758A-E53C-438a-A3EC-247A2076C1C3.html" file.
9.3.2009 20:13:28 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\WS4D7B71F8-4459-493e-A2BF-0CE66B055B46.html" file.
9.3.2009 20:13:28 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\WS4FDA872B-2373-47cc-9FC4-71EC25DFE3A8.html" file.
9.3.2009 20:13:28 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\WS500B1437-8713-43ea-87D2-C029BC4D95DB.html" file.
9.3.2009 20:13:28 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\WS569061E4-7434-4bb8-92A9-840CF861F474.html" file.
9.3.2009 20:13:28 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\WS57FC3C30-C0F1-41fb-B998-7CB8D9C9E488.html" file.
9.3.2009 20:13:28 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\WS5B5C7EE5-16D9-470a-AAC6-6F569C78D6AB.html" file.
9.3.2009 20:13:28 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\WS5DC362ED-F30C-4303-983D-9426DA6CA939.html" file.
9.3.2009 20:13:28 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\WS675A7196-68DC-405f-AA3B-1FE9D2F2E288.html" file.
9.3.2009 20:13:28 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\WS677DDFC2-618B-4128-A6A7-7BBF8B4B5FA8.html" file.
9.3.2009 20:13:28 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\WS68FC469B-1113-4ab1-BACF-C7ED43B09AC8.html" file.
9.3.2009 20:13:28 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\WS6BDF3AF5-5E90-4423-88C8-16675AF0C595.html" file.
9.3.2009 20:13:28 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\WS6F1D9AEB-BE3B-4b60-8D3F-1BB419EF1C1B.html" file.
9.3.2009 20:13:28 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\WS7098BCBC-0FA6-4a18-AFAB-6C59366399D0.html" file.
9.3.2009 20:13:28 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\WS70F00F0C-C476-46c6-BDC9-4775B21A895A.html" file.
9.3.2009 20:13:28 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\WS7101B368-E344-4a9a-9917-ACB09777A127.html" file.
9.3.2009 20:13:28 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\WS71AAA620-5DAD-4f24-A093-D184201A2CA7.html" file.
9.3.2009 20:13:28 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\WS728F554C-96AE-467c-94C3-61592E343AEC.html" file.
9.3.2009 20:13:28 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\WS7705371C-01C6-41df-8F29-EC17BE90A303.html" file.
9.3.2009 20:13:28 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\WS77BB9683-9BDA-4c93-8C4D-C10BEFD22D34.html" file.
9.3.2009 20:13:28 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\WS7804F58D-9B6D-4f83-8783-707173F19A57.html" file.
9.3.2009 20:13:28 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\WS7CF25848-721F-48e3-BF3F-7F6135505706.html" file.
9.3.2009 20:13:28 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\WS82B540C2-7F9D-4d87-9071-DA13712079F7.html" file.
9.3.2009 20:13:28 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\WS860530CA-10EF-4fcb-8517-B47769F67A93.html" file.
9.3.2009 20:13:28 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\WS86957517-D231-4f67-AA63-BB7113BA6B4C.html" file.
9.3.2009 20:13:28 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\WS913EF9D4-6D87-4858-AB2E-9AB7CD3B33AB.html" file.
9.3.2009 20:13:28 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\WS91C8140A-B901-4d25-B8EB-969199C241DE.html" file.
9.3.2009 20:13:28 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\WS953DEDAB-D5AC-491a-AC5A-9EA68DE93712.html" file.
9.3.2009 20:13:28 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\WS974BA363-E830-43a0-8A0D-54C90F13FE43.html" file.
9.3.2009 20:13:28 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\WS97FC333F-2B50-4664-A4C7-418BBD7EA061.html" file.
9.3.2009 20:13:28 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\WS98108EA9-0350-47c4-8666-C077928F7CDC.html" file.
9.3.2009 20:13:28 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\WS9A8AD2CD-C75D-4a96-A8C8-64125FC6B103.html" file.
9.3.2009 20:13:28 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\WS9CA99867-575D-4438-A010-FEC8F2CEBEE7.html" file.
9.3.2009 20:13:28 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\WSA02AF508-E105-4e80-8928-11BCA70D3402.html" file.
9.3.2009 20:13:28 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\WSA4AFE6C3-84A0-495d-A24C-2273B637C29C.html" file.
9.3.2009 20:13:28 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\WSA64A1338-B969-4dba-80E8-BD37DFDE9180.html" file.
9.3.2009 20:13:28 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\WSA839D6AB-2E30-4c71-A779-CE4F8D964115.html" file.
9.3.2009 20:13:28 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\WSAF65B6C7-D000-4606-ACA4-7F32C9860E91.html" file.
9.3.2009 20:13:28 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\WSB11FAB59-A592-47a8-AD73-B38909D6E12F.html" file.
9.3.2009 20:13:28 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\WSB7B5F563-E2FA-4c9f-A9FD-590A22F508E7.html" file.
9.3.2009 20:13:28 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\WSB9422892-F790-4cb8-B4CD-8E4AD220A696.html" file.
9.3.2009 20:13:28 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\WSB95C4980-9B72-4e66-9ADA-CEC44E977786.html" file.
9.3.2009 20:13:28 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\WSC887FFE1-8857-4be1-BB81-BC32DE2AD7FC.html" file.
9.3.2009 20:13:28 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\WSCB6E92A7-E5C4-4285-853D-477A070EED2D.html" file.
9.3.2009 20:13:28 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\WSCCDA0B9F-2F54-4810-BAAF-04A59E60998B.html" file.
9.3.2009 20:13:28 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\WSCDCB0C74-267A-4db2-856D-EDD048947C59.html" file.
9.3.2009 20:13:28 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\WSD1D23E0E-281D-4aa8-8B10-64DB1EE65C71.html" file.
9.3.2009 20:13:28 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\WSD2ACE85B-5959-4f89-9D2B-218F9376E9D5.html" file.
9.3.2009 20:13:28 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\WSD5671438-ADC2-4616-BA90-0FF6FD03CED8.html" file.
9.3.2009 20:13:28 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\WSD5BEB284-9F6D-4635-881A-31A092178E63.html" file.
9.3.2009 20:13:28 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\WSD73A2CCE-18C6-4885-A567-3FF67DB23AF8.html" file.
9.3.2009 20:13:28 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\WSD8B6C446-DD94-4ade-928D-5A585D90870A.html" file.
9.3.2009 20:13:28 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\WSD8F4B47F-18D4-4fdf-AE0E-3C7B16CAB344.html" file.
9.3.2009 20:13:28 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\WSD96469EA-5613-41d4-A7CB-D05418271C69.html" file.
9.3.2009 20:13:28 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\WSDBCA1B83-917F-4800-BA1E-AE4D73C7436E.html" file.
9.3.2009 20:13:28 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\WSDE9DD7BF-83AA-40c7-ABDC-FFBDC84550C9.html" file.
9.3.2009 20:13:28 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\WSE2D6BFF2-376A-45ac-BB53-056DA78E65B0.html" file.
9.3.2009 20:13:28 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\WSE632035A-F854-473d-8AE0-9BD326226862.html" file.
9.3.2009 20:13:28 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\WSE9BBFA12-14C6-439d-B9E8-48630AB72870.html" file.
9.3.2009 20:13:28 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\WSEAA79063-1DAD-4317-AB33-5A68D623207D.html" file.
9.3.2009 20:13:28 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\WSEC4F451C-E254-43f9-ACFE-F242A591D0D7.html" file.
9.3.2009 20:13:28 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\WSEDA6E022-E71D-4185-8BE4-437766DA1F87.html" file.
9.3.2009 20:13:28 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\WSEE1DFE49-1C7E-4648-AFD8-7A5CFA20391D.html" file.
9.3.2009 20:13:28 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\WSF19D4446-A439-4adc-B9ED-E11325487E28.html" file.
9.3.2009 20:13:28 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\WSF30BC11C-BCEF-4e2b-8934-059526ED0229.html" file.
9.3.2009 20:13:28 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\WSF3FF17C0-8293-4cf7-B1B6-C362AC31072E.html" file.
9.3.2009 20:13:28 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\Legal\en_US\license.html" file.
9.3.2009 20:13:31 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\ReadMe.htm" file.
9.3.2009 20:13:39 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Alwil Software\Avast4\DATA\iNewsEx.htm" file.
9.3.2009 20:13:44 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Alwil Software\Avast4\SERBIAN\ENHANCED.HTM" file.
9.3.2009 20:13:44 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Alwil Software\Avast4\SERBIAN\HtmlData\11001.htm" file.
9.3.2009 20:13:44 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Alwil Software\Avast4\SERBIAN\HtmlData\400.htm" file.
9.3.2009 20:13:44 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Alwil Software\Avast4\SERBIAN\HtmlData\401.htm" file.
9.3.2009 20:13:44 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Alwil Software\Avast4\SERBIAN\HtmlData\407.htm" file.
9.3.2009 20:13:44 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Alwil Software\Avast4\SERBIAN\HtmlData\502.htm" file.
9.3.2009 20:13:44 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Alwil Software\Avast4\SERBIAN\HtmlData\504.htm" file.
9.3.2009 20:13:45 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Alwil Software\Avast4\SERBIAN\HtmlData\Blocked.htm" file.
9.3.2009 20:13:57 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\ATI Technologies\ATI.ACE\Graphics-Full-Existing\Welcome\de\welcome_FMV.html" file.
9.3.2009 20:13:57 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\ATI Technologies\ATI.ACE\Graphics-Full-Existing\Welcome\de\welcome_generic.html" file.
9.3.2009 20:13:57 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\ATI Technologies\ATI.ACE\Graphics-Full-Existing\Welcome\en-US\welcome_en-US_FMV.html" file.
9.3.2009 20:13:57 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\ATI Technologies\ATI.ACE\Graphics-Full-Existing\Welcome\en-US\welcome_en-US_generic.html" file.
9.3.2009 20:13:57 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\ATI Technologies\ATI.ACE\Graphics-Full-Existing\Welcome\en-US\welcome_en-US_MR9600_MOB.html" file.
9.3.2009 20:13:57 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\ATI Technologies\ATI.ACE\Graphics-Full-Existing\Welcome\en-US\welcome_en-US_MR9700_MOB.html" file.
9.3.2009 20:13:57 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\ATI Technologies\ATI.ACE\Graphics-Full-Existing\Welcome\en-US\welcome_en-US_R9600_DSK.html" file.
9.3.2009 20:13:57 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\ATI Technologies\ATI.ACE\Graphics-Full-Existing\Welcome\en-US\welcome_en-US_R9700_DSK.html" file.
9.3.2009 20:13:57 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\ATI Technologies\ATI.ACE\Graphics-Full-Existing\Welcome\en-US\welcome_FMV.html" file.
9.3.2009 20:13:57 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\ATI Technologies\ATI.ACE\Graphics-Full-Existing\Welcome\en-US\welcome_generic.html" file.
9.3.2009 20:13:57 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\ATI Technologies\ATI.ACE\Graphics-Full-Existing\Welcome\en-US\welcom_en-US_cycle.html" file.
9.3.2009 20:13:58 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\ATI Technologies\ATI.ACE\Graphics-Full-Existing\Welcome\es\welcome_FMV.html" file.
9.3.2009 20:13:58 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\ATI Technologies\ATI.ACE\Graphics-Full-Existing\Welcome\es\welcome_generic.html" file.
9.3.2009 20:13:58 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\ATI Technologies\ATI.ACE\Graphics-Full-Existing\Welcome\fr\welcome_FMV.html" file.
9.3.2009 20:13:58 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\ATI Technologies\ATI.ACE\Graphics-Full-Existing\Welcome\fr\welcome_generic.html" file.
9.3.2009 20:13:58 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\ATI Technologies\ATI.ACE\Graphics-Full-Existing\Welcome\pt-BR\welcome_FMV.html" file.
9.3.2009 20:13:58 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\ATI Technologies\ATI.ACE\Graphics-Full-Existing\Welcome\pt-BR\welcome_generic.html" file.
9.3.2009 20:14:08 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Common Files\Adobe\Help\en_US\Adobe Reader\8.0\ACROBATPROFESSIONAL_8.0_HOMEPAGE.html" file.
9.3.2009 20:14:08 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Common Files\Adobe\Help\en_US\Adobe Reader\8.0\Forms1.html" file.
9.3.2009 20:14:08 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Common Files\Adobe\Help\en_US\Adobe Reader\8.0\index_1.html" file.
9.3.2009 20:14:08 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Common Files\Adobe\Help\en_US\Adobe Reader\8.0\index_10.html" file.
9.3.2009 20:14:08 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Common Files\Adobe\Help\en_US\Adobe Reader\8.0\index_11.html" file.
9.3.2009 20:14:08 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Common Files\Adobe\Help\en_US\Adobe Reader\8.0\index_12.html" file.
9.3.2009 20:14:08 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Common Files\Adobe\Help\en_US\Adobe Reader\8.0\index_13.html" file.
9.3.2009 20:14:08 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Common Files\Adobe\Help\en_US\Adobe Reader\8.0\index_14.html" file.
9.3.2009 20:14:08 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Common Files\Adobe\Help\en_US\Adobe Reader\8.0\index_15.html" file.
9.3.2009 20:14:08 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Common Files\Adobe\Help\en_US\Adobe Reader\8.0\index_16.html" file.
9.3.2009 20:14:08 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Common Files\Adobe\Help\en_US\Adobe Reader\8.0\index_17.html" file.
9.3.2009 20:14:08 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Common Files\Adobe\Help\en_US\Adobe Reader\8.0\index_18.html" file.
9.3.2009 20:14:08 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Common Files\Adobe\Help\en_US\Adobe Reader\8.0\index_19.html" file.
9.3.2009 20:14:08 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Common Files\Adobe\Help\en_US\Adobe Reader\8.0\index_2.html" file.
9.3.2009 20:14:08 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Common Files\Adobe\Help\en_US\Adobe Reader\8.0\index_20.html" file.
9.3.2009 20:14:08 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Common Files\Adobe\Help\en_US\Adobe Reader\8.0\index_21.html" file.
9.3.2009 20:14:08 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Common Files\Adobe\Help\en_US\Adobe Reader\8.0\index_22.html" file.
9.3.2009 20:14:08 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Common Files\Adobe\Help\en_US\Adobe Reader\8.0\index_23.html" file.
9.3.2009 20:14:08 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Common Files\Adobe\Help\en_US\Adobe Reader\8.0\index_3.html" file.
9.3.2009 20:14:08 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Common Files\Adobe\Help\en_US\Adobe Reader\8.0\index_4.html" file.
9.3.2009 20:14:08 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Common Files\Adobe\Help\en_US\Adobe Reader\8.0\index_5.html" file.
9.3.2009 20:14:08 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Common Files\Adobe\Help\en_US\Adobe Reader\8.0\index_6.html" file.
9.3.2009 20:14:09 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Common Files\Adobe\Help\en_US\Adobe Reader\8.0\index_7.html" file.
9.3.2009 20:14:09 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Common Files\Adobe\Help\en_US\Adobe Reader\8.0\index_8.html" file.
9.3.2009 20:14:09 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Common Files\Adobe\Help\en_US\Adobe Reader\8.0\index_9.html" file.
9.3.2009 20:14:09 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Common Files\Adobe\Help\en_US\Adobe Reader\8.0\Review01.html" file.
9.3.2009 20:14:09 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Common Files\Adobe\Help\en_US\Adobe Reader\8.0\Review02.html" file.
9.3.2009 20:14:09 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Common Files\Adobe\Help\en_US\Adobe Reader\8.0\Review05.html" file.
9.3.2009 20:14:09 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Common Files\Adobe\Help\en_US\Adobe Reader\8.0\search.html" file.
9.3.2009 20:14:09 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Common Files\Adobe\Help\en_US\Adobe Reader\8.0\splash.html" file.
9.3.2009 20:14:09 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Common Files\Adobe\Help\en_US\Adobe Reader\8.0\srch_db.html" file.
9.3.2009 20:14:09 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Common Files\Adobe\Help\en_US\Adobe Reader\8.0\srch_top.html" file.
9.3.2009 20:14:09 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Common Files\Adobe\Help\en_US\Adobe Reader\8.0\toc.html" file.
9.3.2009 20:14:09 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Common Files\Adobe\Help\en_US\Adobe Reader\8.0\version.html" file.
9.3.2009 20:14:09 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Common Files\Adobe\Help\en_US\Adobe Reader\8.0\WS010EF850-518D-4146-A176-968E19FD2AE4.html" file.
9.3.2009 20:14:09 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Common Files\Adobe\Help\en_US\Adobe Reader\8.0\WS014A8436-26DC-4673-BA61-A4B7ACEA45C4.html" file.
9.3.2009 20:14:09 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Common Files\Adobe\Help\en_US\Adobe Reader\8.0\WS02D75AD2-669B-4b79-9838-3C2493733423.html" file.
9.3.2009 20:14:09 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Common Files\Adobe\Help\en_US\Adobe Reader\8.0\WS0319861F-6B23-44fb-BF12-DBD14CFD9BB7.html" file.
9.3.2009 20:14:09 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Common Files\Adobe\Help\en_US\Adobe Reader\8.0\WS0340383F-97E1-4dc3-A18A-AA8BD50A1668.html" file.
9.3.2009 20:14:09 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Common Files\Adobe\Help\en_US\Adobe Reader\8.0\WS04092BF2-9245-42cd-B647-BBA1881508A1.html" file.
9.3.2009 20:14:09 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Common Files\Adobe\Help\en_US\Adobe Reader\8.0\WS07491C31-1E52-4406-8191-D51251588B61.html" file.
9.3.2009 20:14:09 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Common Files\Adobe\Help\en_US\Adobe Reader\8.0\WS0B6F6E67-A67A-4ec4-947C-97D8F5C2CF97.html" file.
9.3.2009 20:14:09 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Common Files\Adobe\Help\en_US\Adobe Reader\8.0\WS0CD9B08A-80FF-49a0-9202-B453BA6564C8.html" file.
9.3.2009 20:14:09 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Common Files\Adobe\Help\en_US\Adobe Reader\8.0\WS0D23E924-B63F-4bfe-9C54-A8B770F713BF.html" file.
9.3.2009 20:14:09 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Common Files\Adobe\Help\en_US\Adobe Reader\8.0\WS11003862-3658-427d-8D7C-838B0A305F16.html" file.
9.3.2009 20:14:09 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Common Files\Adobe\Help\en_US\Adobe Reader\8.0\WS116358B6-C899-4ef8-8718-5E8FEED1E80B.html" file.
9.3.2009 20:14:09 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Common Files\Adobe\Help\en_US\Adobe Reader\8.0\WS11697F60-6BCC-4981-9C22-7A4611EC0268.html" file.
9.3.2009 20:14:09 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Common Files\Adobe\Help\en_US\Adobe Reader\8.0\WS1666A4B0-1078-4ff8-80CC-CD83DABC3EB8.html" file.
9.3.2009 20:14:09 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Common Files\Adobe\Help\en_US\Adobe Reader\8.0\WS188BEE75-F112-4406-83FF-DA5672BE7884.html" file.
9.3.2009 20:14:09 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Common Files\Adobe\Help\en_US\Adobe Reader\8.0\WS1A103696-4D61-4dca-BA3D-BBA4D1823D82.html" file.
9.3.2009 20:14:09 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Common Files\Adobe\Help\en_US\Adobe Reader\8.0\WS1B8F3234-7282-44e8-9C76-14EAEFAFF2E7.html" file.
9.3.2009 20:14:09 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Common Files\Adobe\Help\en_US\Adobe Reader\8.0\WS1E2D402A-EFFF-4160-B642-122813BB6C25.html" file.
9.3.2009 20:14:09 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Common Files\Adobe\Help\en_US\Adobe Reader\8.0\WS1FD480B9-A35B-4f0e-A07E-185B73F3CFB8.html" file.
9.3.2009 20:14:09 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Common Files\Adobe\Help\en_US\Adobe Reader\8.0\WS203D8EF4-CD9A-49c2-B350-193A2748D633.html" file.
9.3.2009 20:14:09 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Common Files\Adobe\Help\en_US\Adobe Reader\8.0\WS2101F5BE-8188-4562-9DEC-C244234E8E65.html" file.
9.3.2009 20:14:09 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Common Files\Adobe\Help\en_US\Adobe Reader\8.0\WS23E49454-94C8-45b7-9F79-BC8CBC1621E1.html" file.
9.3.2009 20:14:09 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Common Files\Adobe\Help\en_US\Adobe Reader\8.0\WS2633E2D9-A032-43db-B423-40D054095182.html" file.
9.3.2009 20:14:09 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Common Files\Adobe\Help\en_US\Adobe Reader\8.0\WS2AD45836-ADCE-47d7-8D88-204D3D21C73C.html" file.
9.3.2009 20:14:09 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Common Files\Adobe\Help\en_US\Adobe Reader\8.0\WS2AE3999E-C712-4e15-BC7C-1615EE1B5B56.html" file.
9.3.2009 20:14:09 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Common Files\Adobe\Help\en_US\Adobe Reader\8.0\WS2E045AE6-C517-476e-A0AF-8B190F17F79E.html" file.
9.3.2009 20:14:09 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Common Files\Adobe\Help\en_US\Adobe Reader\8.0\WS2E69D8CB-D9E7-4a08-8BE7-D76F7DA08B68.html" file.
9.3.2009 20:14:09 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Common Files\Adobe\Help\en_US\Adobe Reader\8.0\WS2F496A9A-7382-4a85-9BD1-466E9C667597.html" file.
9.3.2009 20:14:09 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Common Files\Adobe\Help\en_US\Adobe Reader\8.0\WS3153B307-CB17-4269-9B46-DF43E8AC4582.html" file.
9.3.2009 20:14:09 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Common Files\Adobe\Help\en_US\Adobe Reader\8.0\WS33931B1E-D0A0-4356-B2A6-4222EB75AC88.html" file.
9.3.2009 20:14:09 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Common Files\Adobe\Help\en_US\Adobe Reader\8.0\WS34EF9148-2E7F-4ec3-A36C-381C2B35CC8C.html" file.
9.3.2009 20:14:09 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Common Files\Adobe\Help\en_US\Adobe Reader\8.0\WS363EFBC7-3751-462a-8A5A-BE0BACFBF7F7.html" file.
9.3.2009 20:14:09 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Common Files\Adobe\Help\en_US\Adobe Reader\8.0\WS3928C77B-4AAD-4826-9B05-EE8C0B81CEBB.html" file.
9.3.2009 20:14:09 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Common Files\Adobe\Help\en_US\Adobe Reader\8.0\WS3C7E6F1A-7193-4405-A4E3-CF958CF3B9B5.html" file.
9.3.2009 20:14:09 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Common Files\Adobe\Help\en_US\Adobe Reader\8.0\WS3D39995A-29A9-429f-A235-50681BF93DD8.html" file.
9.3.2009 20:14:09 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Common Files\Adobe\Help\en_US\Adobe Reader\8.0\WS3F748AE8-1945-45fe-947D-B87833B0E30A.html" file.
9.3.2009 20:14:09 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Common Files\Adobe\Help\en_US\Adobe Reader\8.0\WS40A2300E-1DBC-4e12-9837-AD8454775679.html" file.
9.3.2009 20:14:09 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Common Files\Adobe\Help\en_US\Adobe Reader\8.0\WS4403C5B4-83AA-4799-8589-2DA3467C345F.html" file.
9.3.2009 20:14:09 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Common Files\Adobe\Help\en_US\Adobe Reader\8.0\WS440660F2-B78D-464c-A1A0-C208983E2807.html" file.
9.3.2009 20:14:09 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Common Files\Adobe\Help\en_US\Adobe Reader\8.0\WS481860DF-6C1E-49ce-A303-B3EFF2E864EB.html" file.
9.3.2009 20:14:09 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Common Files\Adobe\Help\en_US\Adobe Reader\8.0\WS494F2F0E-AD47-4803-BD16-DBD7DB60C28E.html" file.
9.3.2009 20:14:09 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Common Files\Adobe\Help\en_US\Adobe Reader\8.0\WS4A27E91A-5096-435d-A7F2-048623F891E5.html" file.
9.3.2009 20:14:09 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Common Files\Adobe\Help\en_US\Adobe Reader\8.0\WS4B49EA85-530D-4820-8F46-FE0120FC591A.html" file.
9.3.2009 20:14:09 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Common Files\Adobe\Help\en_US\Adobe Reader\8.0\WS4BA7C7D5-4075-4781-8101-1C8EE0E870F7.html" file.
9.3.2009 20:14:09 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Common Files\Adobe\Help\en_US\Adobe Reader\8.0\WS4D1BC5C0-B92F-44ea-810D-9ECD657E1892.html" file.
9.3.2009 20:14:09 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Common Files\Adobe\Help\en_US\Adobe Reader\8.0\WS506932BA-8229-4522-B786-3C2221C6D405.html" file.
9.3.2009 20:14:09 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Common Files\Adobe\Help\en_US\Adobe Reader\8.0\WS533B928E-576F-4dc3-AA14-73D08EEE8F20.html" file.
9.3.2009 20:14:09 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Common Files\Adobe\Help\en_US\Adobe Reader\8.0\WS549D04D1-23ED-4465-A065-622498171E93.html" file.
9.3.2009 20:14:09 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Common Files\Adobe\Help\en_US\Adobe Reader\8.0\WS569061E4-7434-4bb8-92A9-840CF861F474.html" file.
9.3.2009 20:14:09 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Common Files\Adobe\Help\en_US\Adobe Reader\8.0\WS58a04a822e3e50102bd615109794195ff-7ae2.html" file.
9.3.2009 20:14:09 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Common Files\Adobe\Help\en_US\Adobe Reader\8.0\WS58a04a822e3e50102bd615109794195ff-7ae5.html" file.
9.3.2009 20:14:09 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Common Files\Adobe\Help\en_US\Adobe Reader\8.0\WS58a04a822e3e50102bd615109794195ff-7ae6.html" file.
9.3.2009 20:14:09 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Common Files\Adobe\Help\en_US\Adobe Reader\8.0\WS58a04a822e3e50102bd615109794195ff-7ae7.html" file.
9.3.2009 20:14:09 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Common Files\Adobe\Help\en_US\Adobe Reader\8.0\WS58a04a822e3e50102bd615109794195ff-7ae8.html" file.
9.3.2009 20:14:09 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Common Files\Adobe\Help\en_US\Adobe Reader\8.0\WS58a04a822e3e50102bd615109794195ff-7ae9.html" file.
9.3.2009 20:14:09 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Common Files\Adobe\Help\en_US\Adobe Reader\8.0\WS58a04a822e3e50102bd615109794195ff-7aea.html" file.
9.3.2009 20:14:09 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Common Files\Adobe\Help\en_US\Adobe Reader\8.0\WS58a04a822e3e50102bd615109794195ff-7aeb.html" file.
9.3.2009 20:14:09 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Common Files\Adobe\Help\en_US\Adobe Reader\8.0\WS58a04a822e3e50102bd615109794195ff-7aec.html" file.
9.3.2009 20:14:09 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Common Files\Adobe\Help\en_US\Adobe Reader\8.0\WS58a04a822e3e50102bd615109794195ff-7bd0.html" file.
9.3.2009 20:14:09 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Common Files\Adobe\Help\en_US\Adobe Reader\8.0\WS58a04a822e3e50102bd615109794195ff-7bdc.html" file.
9.3.2009 20:14:09 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Common Files\Adobe\Help\en_US\Adobe Reader\8.0\WS58a04a822e3e50102bd615109794195ff-7bdd.html" file.
9.3.2009 20:14:09 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Common Files\Adobe\Help\en_US\Adobe Reader\8.0\WS58a04a822e3e50102bd615109794195ff-7bde.html" file.
9.3.2009 20:14:09 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Common Files\Adobe\Help\en_US\Adobe Reader\8.0\WS58a04a822e3e50102bd615109794195ff-7bdf.html" file.
9.3.2009 20:14:09 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Common Files\Adobe\Help\en_US\Adobe Reader\8.0\WS58a04a822e3e50102bd615109794195ff-7c66.html" file.
9.3.2009 20:14:09 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Common Files\Adobe\Help\en_US\Adobe Reader\8.0\WS58a04a822e3e50102bd615109794195ff-7cc5.html" file.
9.3.2009 20:14:09 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Common Files\Adobe\Help\en_US\Adobe Reader\8.0\WS58a04a822e3e50102bd615109794195ff-7cc7.html" file.
9.3.2009 20:14:09 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Common Files\Adobe\Help\en_US\Adobe Reader\8.0\WS58a04a822e3e50102bd615109794195ff-7ccd.html" file.
9.3.2009 20:14:10 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Common Files\Adobe\Help\en_US\Adobe Reader\8.0\WS58a04a822e3e50102bd615109794195ff-7cce.html" file.
9.3.2009 20:14:10 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Common Files\Adobe\Help\en_US\Adobe Reade

Poslao: 10 Mar 2009 00:47
Idi na vrh
offline
  • diarno  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 15 Jun 2007
  • Poruke: 5572

Skeniranje sa ovim alatom moze potrajati veoma ali veoma dugo (preko 4 sata) cisto da znas Wink

Preuzmi Dr.Web CureIt (~12 MB).
Restartuj kompjuter u Safe Mode (uputstvo za Safe Mode)

Dvoklikom pokreni launch.exe, nakon čega će se pojaviti uvodni prozor - klikni Start

Pojaviće se obaveštenje o započinjanju uvodnog skeniranja - klikni OK

Sačekaj nekoliko minuta da Dr.Web CureIt izvrši Express Scan; ukoliko malware bude pronađen, klikom na taster Yes to All u prozoru koji se pojavi dozvoli programu da izvrši dezinfekciju

Klikni Options > Change settings F9; u prozoru koji će se otvoriti, dečekiraj opciju Heuristic Analysis a zatim klikni OK

U glavnom prozoru obeleži opciju Complete scan a zatim klikni i Dr.Web CureIt će započeti skeniranje

Ukoliko malware bude pronađen, klikom na taster Yes to All u prozoru koji se pojavi dozvoli programu da izvrši dezinfekciju

Kada skeniranje bude završeno, klikni Select all taster (ukoliko je dostupan), a zatim klikni Cure i,
u meniju koji se otvori, klikni Move incurable:


Po završetku procesa, klikni File > Save report list i sačuvaj log na Desktopu

Iskopiraj sadržaj Dr.Web CureIt loga u temu na forumu.

Poslao: 10 Mar 2009 03:02
Idi na vrh
offline
  • Pridružio: 13 Maj 2008
  • Poruke: 114

Evo uradio sam to i opet mi izadje poruka:
MOM.exe-application error
The application faild to initialize prooerly (0xc 000007b). Click on OK to terminate the application.


I izadje mi gde da je avast nasao sledece viruse:

C:\Documents and Settings\Dragan\Local Settings\Temporary Internet Files\Content.IE5\0PIFGLQ7\client_ad[1].htm
Win32:Trojan-gen {Other} Win32:Trojan-gen {Other}

HTML:Iframe-inf
C:\Documents and Settings\Dragan\Local Settings\Temporary Internet Files\Content.IE5\OPAVOLIZ\ADSAdClient31[1].htm

HTML:Iframe-inf
C:\Documents and Settings\Dragan\Local Settings\Temporary Internet Files\Content.IE5\UB2YMR81\yimPlayer[1].htm

HTML:Iframe-inf
C:\Documents and Settings\Dragan\Local Settings\Temporary Internet Files\Content.IE5\UB2YMR81\client_ad[1].htm

HTML:Iframe-inf
C:\Documents and Settings\Dragan\Local Settings\Temporary Internet Files\Content.IE5\0PIFGLQ7\client_ad[1].htm


A evo ga i log drweb:

A0020139.exe;C:\System Volume Information\_restore{717C8FC5-9425-4442-96D7-BBF634F444DD}\RP47;Trojan.Packed.140;Deleted.;
A0003838.exe;C:\System Volume Information\_restore{717C8FC5-9425-4442-96D7-BBF634F444DD}\RP9;Trojan.Packed.140;Deleted.;
A0004921.exe;C:\System Volume Information\_restore{717C8FC5-9425-4442-96D7-BBF634F444DD}\RP9;Trojan.Packed.140;Deleted.;
regwiz.exe;C:\WINDOWS\system32;Trojan.Packed.140;Deleted.;
reflexive.arcade.games.universal.keygen-tsrh.exe;E:\HDD\SANNY\igrice\Luxor v.1.0;Trojan.Packed.140;Deleted.;
A0007756.EXE;E:\System Volume Information\_restore{717C8FC5-9425-4442-96D7-BBF634F444DD}\RP13;Trojan.Packed.140;Deleted.;
A0020208.exe;E:\System Volume Information\_restore{717C8FC5-9425-4442-96D7-BBF634F444DD}\RP47;Trojan.Packed.140;Deleted.;
A0020372.exe;E:\System Volume Information\_restore{717C8FC5-9425-4442-96D7-BBF634F444DD}\RP47;Trojan.Packed.140;Deleted.;
A0020252.exe;F:\System Volume Information\_restore{717C8FC5-9425-4442-96D7-BBF634F444DD}\RP47;Tool.ASEye.2;Incurable.Moved.;
xxlmircv10.exe\data049;F:\ZIKA HDD\programi\xxlmircv10.exe;IRC.Generic.13;;
xxlmircv10.exe;F:\ZIKA HDD\programi;Container contains infected objects;Moved.;
Bannershop GIF Animator 4.5.EXE;F:\ZIKA HDD\programi\Bannershop GIF Animator 4.5\(zabranjeno);Tool.Game(zabranjeno);Incurable.Moved.;
RadLight 3.03 R5.2.exe\data036;F:\ZIKA HDD\programi\RadLight 3.03 R5.2\RadLight 3.03 R5.2.exe;Adware.NewDotNet;;
RadLight 3.03 R5.2.exe\data037;F:\ZIKA HDD\programi\RadLight 3.03 R5.2\RadLight 3.03 R5.2.exe;Adware.NewDotNet;;
RadLight 3.03 R5.2.exe;F:\ZIKA HDD\programi\RadLight 3.03 R5.2;Archive contains infected objects;Moved.;
F7_Total Commander_V6.03a 32 bit (16.04.2004)_MULTI_Patch.exe;F:\ZIKA HDD\programi\Total Commander 6.03a\(zabranjeno)\F7_TotalCommander_V6.03a 32bit (160404)_BLACKLiSTKiLLER;Tool.ASEye.2;Incurable.Moved.;

Poslao: 10 Mar 2009 13:02
Idi na vrh
offline
  • diarno  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 15 Jun 2007
  • Poruke: 5572

Klikni desnim tasterom miša na avast! ikonicu ( ) u donjem, desnom uglu ekrana i izaberi Stop OnAccess Protection.

Napomena: Ne zaboravi da uključiš ovu opciju po završetku čišćenja.


Skini ComboFix sa jedne od sledecih adresa na Desktop:
[Link mogu videti samo ulogovani korisnici]
[Link mogu videti samo ulogovani korisnici]
[Link mogu videti samo ulogovani korisnici]

Startuj ga i ne diraj prozor programa dok skenira.
Sledi uputstva na ekranu. Kada zavrsi pojavice se log (C:\ComboFix.txt) koji ces nam ovde iskopirati.

Poslao: 10 Mar 2009 13:14
Idi na vrh
offline
  • Pridružio: 13 Maj 2008
  • Poruke: 114

evo logo:

ComboFix 09-03-06.02 - Dragan 2009-03-10 13:04:21.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2047.1453 [GMT -8:00]
Running from: c:\documents and settings\Dragan\Desktop\ComboFix.exe
AV: avast! antivirus 4.8.1335 [VPS 090309-0] *On-access scanning disabled* (Updated)
* Created a new restore point

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((( Files Created from 2009-02-10 to 2009-03-10 )))))))))))))))))))))))))))))))
.

2009-03-10 00:52 . 2009-03-10 00:52 <DIR> d-------- c:\documents and settings\Administrator\DoctorWeb
2009-03-09 19:53 . 2009-03-09 20:03 <DIR> d-------- c:\documents and settings\Administrator\Application Data\Spyware Terminator
2009-03-09 19:52 . 2009-03-10 00:52 <DIR> d-------- c:\documents and settings\Administrator
2009-03-09 19:46 . 2009-03-10 13:03 <DIR> d-------- c:\program files\Crawler
2009-03-09 02:07 . 2009-03-09 02:07 <DIR> d-------- c:\program files\Robster Productions
2009-03-09 00:57 . 2009-03-09 00:57 <DIR> d-------- c:\program files\Common Files\ACD Systems
2009-03-09 00:57 . 2009-03-09 00:57 <DIR> d-------- c:\program files\ACD Systems
2009-03-09 00:57 . 2009-03-09 00:57 <DIR> d-------- c:\documents and settings\Dragan\Application Data\ACD Systems
2009-03-09 00:57 . 2009-03-09 00:57 <DIR> d-------- c:\documents and settings\All Users\Application Data\ACD Systems
2009-03-07 22:17 . 2009-03-08 01:19 <DIR> d-------- C:\totalcmd
2009-03-07 22:17 . 2008-08-08 07:04 545 --a------ c:\windows\UC.PIF
2009-03-07 22:17 . 2008-08-08 07:04 545 --a------ c:\windows\RAR.PIF
2009-03-07 22:17 . 2008-08-08 07:04 545 --a------ c:\windows\PKZIP.PIF
2009-03-07 22:17 . 2008-08-08 07:04 545 --a------ c:\windows\PKUNZIP.PIF
2009-03-07 22:17 . 2008-08-08 07:04 545 --a------ c:\windows\NOCLOSE.PIF
2009-03-07 22:17 . 2008-08-08 07:04 545 --a------ c:\windows\LHA.PIF
2009-03-07 22:17 . 2008-08-08 07:04 545 --a------ c:\windows\ARJ.PIF
2009-03-07 22:17 . 2009-03-08 01:19 501 --a------ c:\windows\wincmd.ini
2009-03-01 19:24 . 2009-03-01 19:24 <DIR> d-------- c:\program files\Trymedia
2009-03-01 19:24 . 2009-03-01 20:07 10 --a------ c:\windows\popcinfo.dat
2009-03-01 19:18 . 2009-03-01 19:20 52 ---h----- c:\windows\popcreg.dat
2009-03-01 17:55 . 2009-03-01 18:05 <DIR> d-------- c:\documents and settings\Dragan\Application Data\Nero
2009-03-01 17:49 . 2009-03-01 17:53 <DIR> d-------- C:\Temp
2009-03-01 17:39 . 2009-03-06 13:35 <DIR> d-------- c:\program files\AskTBar
2009-03-01 17:38 . 2009-03-01 17:38 4,767 --a------ c:\windows\Irremote.ini
2009-03-01 17:36 . 2009-03-01 17:36 <DIR> d-------- c:\program files\Windows Sidebar
2009-03-01 17:28 . 2009-03-01 17:37 <DIR> d-------- c:\program files\Nero
2009-03-01 17:27 . 2009-03-01 17:49 <DIR> d-------- c:\program files\Common Files\Nero
2009-03-01 17:27 . 2009-03-01 17:32 <DIR> d-------- c:\documents and settings\All Users\Application Data\Nero
2009-03-01 14:26 . 2009-03-01 14:26 <DIR> d-------- c:\program files\YouTube Downloader
2009-03-01 13:15 . 2009-03-01 13:15 98,304 --a------ c:\windows\system32\CmdLineExt.dll
2009-03-01 13:05 . 2009-03-01 13:05 <DIR> d-------- c:\program files\Rockstar Games
2009-02-28 23:43 . 2009-02-28 23:43 <DIR> d-------- c:\documents and settings\All Users\Application Data\PopCap Games
2009-02-28 23:43 . 2009-03-01 19:20 14 --a------ c:\windows\popcinfot.dat
2009-02-26 03:09 . 2009-02-26 03:09 <DIR> d-------- c:\program files\uTorrent
2009-02-26 03:08 . 2009-03-10 13:02 <DIR> d-------- c:\documents and settings\Dragan\Application Data\uTorrent
2009-02-25 20:00 . 2009-02-25 20:00 <DIR> d-------- c:\program files\Eidos Interactive
2009-02-25 14:37 . 2009-02-25 14:37 <DIR> d-------- c:\documents and settings\All Users\Application Data\Yahoo! Companion
2009-02-25 00:49 . 2009-03-10 08:02 <DIR> d-------- c:\documents and settings\Dragan\Application Data\skypePM
2009-02-25 00:49 . 2009-02-25 00:49 56 --ah----- c:\windows\system32\ezsidmv.dat
2009-02-25 00:45 . 2009-03-10 12:52 <DIR> d-------- c:\documents and settings\Dragan\Application Data\Skype
2009-02-25 00:44 . 2009-02-25 00:44 <DIR> dr------- c:\program files\Skype
2009-02-25 00:44 . 2009-02-25 00:44 <DIR> d-------- c:\program files\Common Files\Skype
2009-02-25 00:44 . 2009-02-25 00:44 <DIR> d-------- c:\documents and settings\All Users\Application Data\Skype
2009-02-24 01:31 . 2008-04-14 00:15 10,368 --a------ c:\windows\system32\drivers\hidusb.sys
2009-02-24 01:31 . 2008-04-14 00:15 10,368 --a--c--- c:\windows\system32\dllcache\hidusb.sys
2009-02-21 01:06 . 2009-02-21 01:06 <DIR> d-------- c:\windows\Sun
2009-02-21 01:04 . 2009-02-21 01:04 <DIR> d-------- c:\program files\Java
2009-02-21 01:04 . 2009-02-21 01:04 410,984 --a------ c:\windows\system32\deploytk.dll
2009-02-21 01:04 . 2009-02-21 01:04 73,728 --a------ c:\windows\system32\javacpl.cpl
2009-02-20 00:54 . 2009-02-20 00:54 <DIR> d-------- c:\documents and settings\Dragan\Application Data\Canneverbe_Limited
2009-02-20 00:40 . 2009-02-20 00:40 <DIR> d-------- c:\program files\SpeedBitPlus
2009-02-20 00:40 . 2009-03-07 22:03 <DIR> d-------- c:\program files\SpeedBit Video Accelerator
2009-02-20 00:40 . 2009-02-20 00:40 <DIR> d-------- c:\program files\Conduit
2009-02-20 00:40 . 2009-02-20 00:40 172,032 --a------ c:\windows\system32\AniGIF.ocx
2009-02-19 16:47 . 2009-02-19 16:47 <DIR> d-------- c:\program files\Opera

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-03-10 20:48 --------- d-----w c:\program files\Folder Guard Pro
2009-03-10 19:35 --------- d-----w c:\program files\Spyware Terminator
2009-03-10 19:35 --------- d-----w c:\documents and settings\All Users\Application Data\Spyware Terminator
2009-03-10 19:00 --------- d-----w c:\program files\WinClamAVShield
2009-03-10 19:00 --------- d-----w c:\documents and settings\Dragan\Application Data\Spyware Terminator
2009-03-10 04:15 --------- d-----w c:\program files\Mv2Player
2009-03-10 03:41 --------- d-----w c:\program files\Valve
2009-03-09 09:45 --------- d-----w c:\program files\Winamp
2009-03-01 21:05 --------- d--h--w c:\program files\InstallShield Installation Information
2009-03-01 21:01 --------- d-----w c:\documents and settings\Dragan\Application Data\DAEMON Tools Lite
2009-02-25 22:35 --------- d-----w c:\program files\Yahoo!
2009-02-22 21:12 --------- d-----w c:\program files\Windows Live
2009-02-20 08:33 --------- d-----w c:\program files\CCleaner
2009-02-19 08:24 --------- d-----w c:\program files\Google
2009-02-08 16:56 --------- d-----w c:\documents and settings\Dragan\Application Data\DAEMON Tools Pro
2009-02-08 16:56 --------- d-----w c:\documents and settings\Dragan\Application Data\DAEMON Tools
2009-02-08 16:55 --------- d-----w c:\program files\DAEMON Tools Toolbar
2009-02-08 16:55 --------- d-----w c:\program files\DAEMON Tools Lite
2009-02-08 16:55 --------- d-----w c:\documents and settings\All Users\Application Data\DAEMON Tools Lite
2009-02-08 16:53 717,296 ----a-w c:\windows\system32\drivers\sptd.sys
2009-02-08 13:40 --------- d-----w c:\documents and settings\Dragan\Application Data\Media Player Classic
2009-02-08 13:32 --------- d-----w c:\documents and settings\All Users\Application Data\CyberLink
2009-02-08 13:31 --------- d-----w c:\program files\CyberLink
2009-02-08 13:22 --------- d-----w c:\program files\Xilisoft
2009-02-08 13:15 --------- d-----w c:\documents and settings\All Users\Application Data\Yahoo!
2009-02-08 08:13 --------- d-----w c:\documents and settings\Dragan\Application Data\Yahoo!
2009-02-08 02:29 141,312 ----a-w c:\windows\system32\drivers\sp_rsdrv2.sys
2009-02-08 02:04 --------- d-----w c:\program files\Alwil Software
2009-02-07 21:20 --------- d-----w c:\documents and settings\Dragan\Application Data\7Wonders
2009-02-07 16:35 --------- d-----w c:\program files\K-Lite Codec Pack
2009-02-07 15:59 --------- d-----w c:\program files\Microsoft Sync Framework
2009-02-07 15:58 --------- d-----w c:\program files\Microsoft SQL Server Compact Edition
2009-02-07 15:57 --------- d-----w c:\program files\Windows Live SkyDrive
2009-02-07 15:57 --------- d-----w c:\program files\Microsoft
2009-02-07 15:39 --------- d-----w c:\program files\Common Files\Windows Live
2009-02-07 12:40 --------- d-----w c:\documents and settings\Dragan\Application Data\InstallShield
2009-02-07 12:31 --------- d-----w c:\program files\Realtek
2009-02-07 12:30 335,872 ----a-w c:\windows\HideWin.exe
2009-02-07 12:30 --------- d-----w c:\program files\DIFX
2009-02-07 11:31 --------- d-----w c:\program files\microsoft frontpage
2009-02-07 03:57 --------- d-----w c:\documents and settings\Dragan\Application Data\ATI
2009-02-07 03:57 --------- d-----w c:\documents and settings\All Users\Application Data\ATI
2009-02-07 03:56 --------- d-----w c:\program files\My Company Name
2009-02-07 03:55 --------- d-----w c:\program files\ATI Technologies
2009-02-07 03:54 --------- d-----w c:\program files\Common Files\ATI Technologies
2009-02-07 03:51 --------- d-----w c:\program files\Common Files\InstallShield
2009-02-07 03:45 --------- d-----w c:\program files\Common Files\Adobe
2009-02-07 03:41 15,600 ----a-w c:\windows\gdrv.sys
2009-02-07 03:20 308,088 ----a-w c:\windows\WLXPGSS.SCR
2009-02-07 02:52 49,504 ----a-w c:\windows\system32\sirenacm.dll
2009-02-01 13:18 616 ----a-w c:\windows\Fonts\#aaifnt.ttf
2008-12-11 00:33 86,016 ----a-w c:\windows\system32\dpl100.dll
.

------- Sigcheck -------

2004-08-03 17:07 31744 f2141146c63f512eac2d610f6dd81097 c:\windows\$NtServicePackUninstall$\svchost.exe
2008-04-14 05:42 32256 71ec6a6267c62a26081dc266e79323bd c:\windows\ServicePackFiles\i386\svchost.exe
2008-04-14 05:42 31744 8c3ae121b21d80c4a1486239c1f7e245 c:\windows\system32\svchost.exe

2008-04-14 05:42 1051136 bcdd1701ab0959529db688658d329da4 c:\windows\explorer.exe
2004-08-03 17:07 1049600 dbf03a6d32f260f712a495d186399540 c:\windows\$NtServicePackUninstall$\explorer.exe
2008-04-14 05:42 1051136 34ff4b9caf13aa0635fb0f870133f0b5 c:\windows\ServicePackFiles\i386\explorer.exe

2004-08-03 17:07 32768 3f56218187927da5b6525199b4926eda c:\windows\$NtServicePackUninstall$\ctfmon.exe
2008-04-14 05:42 32768 57a2e8dfbfaf8f41bdf931ca685b8101 c:\windows\ServicePackFiles\i386\ctfmon.exe
2008-04-14 05:42 32768 18d77de02e6ee0016b600c5f2dd9dde3 c:\windows\system32\ctfmon.exe

2004-08-03 17:07 75264 9247fb65a23a48f02007e1ed337c3975 c:\windows\$NtServicePackUninstall$\spoolsv.exe
2008-04-14 05:42 75264 51d832156aa25fd01aa527ad91d5963e c:\windows\ServicePackFiles\i386\spoolsv.exe
2008-04-14 05:42 75776 bda753890d3b3b903a79cc45af6cc3ea c:\windows\system32\spoolsv.exe

2004-08-03 17:07 128512 5d42581105bdbc09d5e7917577b168c1 c:\windows\$NtServicePackUninstall$\wuauclt.exe
2008-04-14 05:42 128512 f6a62cc75e2827f290bd24ae6f7edf6e c:\windows\ServicePackFiles\i386\wuauclt.exe
2008-04-14 05:42 128512 34a527e069eee4942b633ca753c6f207 c:\windows\system32\wuauclt.exe

2004-08-03 17:07 41984 81f967bf61d9f34ad7d589f7a8a6af46 c:\windows\$NtServicePackUninstall$\userinit.exe
2008-04-14 05:42 43520 0af1bcae5cfd55aafc99c60b0fbe7218 c:\windows\ServicePackFiles\i386\userinit.exe
2008-04-14 05:42 43520 5b1f7ffac6d8b86d023cfa0a4885442f c:\windows\system32\userinit.exe
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{60270dc7-9ea0-472f-9b77-66652c06246e}"= "c:\program files\SpeedBitPlus\tbSpee.dll" [2008-06-04 1542168]

[HKEY_CLASSES_ROOT\clsid\{60270dc7-9ea0-472f-9b77-66652c06246e}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{60270dc7-9ea0-472f-9b77-66652c06246e}]
2008-06-04 00:26 1542168 --a------ c:\program files\SpeedBitPlus\tbSpee.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{60270dc7-9ea0-472f-9b77-66652c06246e}"= "c:\program files\SpeedBitPlus\tbSpee.dll" [2008-06-04 1542168]

[HKEY_CLASSES_ROOT\clsid\{60270dc7-9ea0-472f-9b77-66652c06246e}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{60270DC7-9EA0-472F-9B77-66652C06246E}"= "c:\program files\SpeedBitPlus\tbSpee.dll" [2008-06-04 1542168]

[HKEY_CLASSES_ROOT\clsid\{60270dc7-9ea0-472f-9b77-66652c06246e}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-02-08 39408]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-02-06 3885408]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 32768]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2009-02-04 23975720]
"Yahoo! Pager"="c:\program files\Yahoo!\Messenger\YahooMessenger.exe" [2007-08-30 4670704]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-01-21 81920]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-02-05 81000]
"SpywareTerminator"="c:\progra~1\SPYWAR~1\SpywareTerminatorShield.exe" [2009-03-10 1801216]
"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2005-12-07 47616]
"LanguageShortcut"="c:\program files\CyberLink\PowerDVD\Language\Language.exe" [2006-04-13 69632]
"SpeedBitVideoAccelerator"="c:\program files\SpeedBit Video Accelerator\VideoAccelerator.exe" [2009-02-20 2705008]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-02-21 148888]
"fssui"="c:\program files\Windows Live\Family Safety\fsui.exe" [2009-02-06 454000]
"RTHDCPL"="RTHDCPL.EXE" [2007-07-05 c:\windows\RTHDCPL.exe]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.ACDV"= ACDV.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0aswBoot.exe /M:170b03ed

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Valve\\hl.exe"=
"e:\\Filmovi\\Pro.Evolution.Soccer.2009.Full-Rip.Skullptura\\PES 2009\\pes2009.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\SpeedBit Video Accelerator\\VideoAccelerator.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2/7/2009 6:04:27 PM 114768]
R1 sp_rsdrv2;Spyware Terminator Driver 2;c:\windows\system32\drivers\sp_rsdrv2.sys [2/7/2009 6:29:27 PM 141312]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2/7/2009 6:04:27 PM 20560]
R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [2/7/2009 7:59:14 AM 55136]
R2 fsssvc;Windows Live Porodicna bezbednost;c:\program files\Windows Live\Family Safety\fsssvc.exe [2/6/2009 6:08:58 PM 533360]
R2 sbbotdi;sbbotdi;c:\progra~1\SPEEDB~1\sbbotdi.sys [2/20/2009 12:40:14 AM 35584]
R2 SeaPort;SeaPort;c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [1/14/2009 5:53:02 PM 226656]
R2 VideoAcceleratorService;VideoAcceleratorService;c:\progra~1\SPEEDB~1\VideoAcceleratorService.exe -start -scm --> c:\progra~1\SPEEDB~1\VideoAcceleratorService.exe -start -scm [?]
R3 AtiHdmiService;ATI Function Driver for HDMI Service;c:\windows\system32\drivers\AtiHdmi.sys [2/6/2009 7:52:43 PM 93696]
R3 FGUARD32;FGUARD32;c:\program files\Folder Guard Pro\FGUARD32.SYS [2/8/2009 9:12:19 AM 54008]

--- Other Services/Drivers In Memory ---

*NewlyCreated* - SP_RSSRV

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{21f63406-f5dd-11dd-891b-001fd0b5bc2f}]
\Shell\AutoOpen\command - .\MSOCache\90000804-6000-11D3-8CFE-0150048383C9\KB915865.exe
\Shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL .\MSOCache\90000804-6000-11D3-8CFE-0150048383C9\KB915865.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{47b432c9-f555-11dd-a50e-001fd0b5bc2f}]
\Shell\AutoOpen\command - .\MSOCache\90000804-6000-11D3-8CFE-0150048383C9\KB915865.exe
\Shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL .\MSOCache\90000804-6000-11D3-8CFE-0150048383C9\KB915865.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a0f79ecf-f4fd-11dd-84f7-806d6172696f}]
\Shell\AutoRun\command - D:\Run.exe
.
- - - - ORPHANS REMOVED - - - -

URLSearchHooks-{9CB65206-89C4-402c-BA80-02D8C59F9B1D} - c:\program files\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL


.
------- Supplementary Scan -------
.
uStart Page = [Link mogu videti samo ulogovani korisnici]
mStart Page = [Link mogu videti samo ulogovani korisnici]
mSearch Bar = [Link mogu videti samo ulogovani korisnici]*http://www.yahoo.com/ext/search/search.html
uSearchURL,(Default) = [Link mogu videti samo ulogovani korisnici]
IE: Crawler Search - tbr:iemenu
Handler: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - c:\progra~1\Crawler\ctbr.dll
FF - ProfilePath - c:\documents and settings\Dragan\Application Data\Mozilla\Firefox\Profiles\iw9jy7da.default\
FF - prefs.js: browser.search.defaulturl - [Link mogu videti samo ulogovani korisnici]
FF - prefs.js: browser.search.selectedEngine - Yahoo
FF - prefs.js: browser.startup.homepage - [Link mogu videti samo ulogovani korisnici]
FF - prefs.js: keyword.URL - [Link mogu videti samo ulogovani korisnici]
FF - component: c:\program files\DAEMON Tools Toolbar\FirefoxDTT\components\DTToolbarFF.dll
FF - component: c:\program files\Mozilla Firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}\components\NPComponent.dll
FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll
FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll
FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, [Link mogu videti samo ulogovani korisnici]
Rootkit scan 2009-03-10 13:05:19
Windows 5.1.2600 Service Pack 3 NTFS

detected NTDLL code modification:
ZwOpenFile

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(724)
c:\windows\system32\Ati2evxx.dll
.
Completion time: 2009-03-10 13:06:03
ComboFix-quarantined-files.txt 2009-03-10 21:06:01

Pre-Run: 32.589.066.240 bytes free
Post-Run: 32,638,812,160 bytes free

254

Poslao: 10 Mar 2009 13:19
Idi na vrh
offline
  • diarno  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 15 Jun 2007
  • Poruke: 5572

Bice ovde veselo ...

Uploaduj mi sledeci fajl :

c:\windows\system32\userinit.exe

[Link mogu videti samo ulogovani korisnici]

MyCity » Ambulanta -> Arhiva Ambulante » Napad virusa

Ko je trenutno na forumu
 

Ukupno su 1141 korisnika na forumu :: 100 registrovanih, 7 sakrivenih i 1034 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 13297 - dana 20 Jan 2026 17:42

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: 9191vs, ALEKSICMILE, aleph_one, amblemi_vrs, AMCXXL, bigbear, Bilmez25, blejač, bobomicek, Boris.A, BSD, Chainsaw, Cirkon, d.arsenal321, Demi87, desmeki, dexteroza, Dimitrije Paunovic, dj.ape, djuradj, draganl, dragoljub11987, Duh sa sekirom, dushan, Electron, ElvisP, Ercomero, grunff2, Homislav, ikan, ivan_8282, ivran064, Jan, JK, Jonbonjovi, king011, Koser, Kriglord, kybonacci, lcc, LG, Ljusa, M74AB3, Marko00, mercedesamg, Miha79, miki kv, mile.ilic75, milenko crazy north, Miler88, miljannis, mir, mrav pesadinac, neko iz mase, Nele79, oldusername, Panter, Pewac21, Phalanx, Phalcon, Posmatrac77OKB, Povratak1912, raketaš, raster12, Remain, ruma, sales, Sharpshooter, Sin Boskic, Smiljkovich, sova72, sparkie, spikespiegel832, starlights, Szigetwar, tajvankanasta, Tandrčak, taz1cl, Tihi86, tomigun, travisrise, vargas, Vatreni Zmaj, Velizar Laro, veljkovicdani, VJ, Vl veliki, Vlad000, Vlado82, vobo, Vojvoda81, volimpivuvolimrakiju, Vrač, VX1, wizzardone, Yekaterinburg, Zoran1959, Zukov, Zvrk, 79693