Napad virusa

1

Napad virusa

offline
  • Pridružio: 13 Maj 2008
  • Poruke: 113

Imam ogroman problem, sta god da pokrenem avast mi izbacuje da je virus! Kada restartujem komp izadje mi :C:\Documents and Settings\Dragan\Local Settings\Temporary Internet Files\Content.IE5\UB2YMR81\appnews2[1].htm
Mozzila mi je otkazala i ne moze da se pokrene kao i neki programi. U zadnje vreme desi mi se da mi kom zakuca i da nepomaze ni ctrl+alt+del vec samo dugme za restart na kompu. A sinoc sam nakacio drugi HDD od drugara i od tada je komp poludeo i slabije radi! Pa ako ima pomoci da mi neko pomogne?

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:51:01, on 9.3.2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Folder Guard Pro\FGKey.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Windows Live\Family Safety\fsui.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Family Safety\fsssvc.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
C:\Program Files\CyberLink\Shared files\RichVideo.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\SPEEDB~1\VideoAcceleratorService.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\PROGRA~1\Crawler\CToolbar.exe
C:\Program Files\Windows Live\Toolbar\wltuser.exe
C:\PROGRA~1\SPEEDB~1\VideoAcceleratorEngine.exe
C:\Documents and Settings\Dragan\Desktop\ttttt\TR3.exe.exe
C:\Documents and Settings\Dragan\Desktop\ttttt\TR3.exe.exe
C:\Documents and Settings\Dragan\Desktop\ttttt\TR3.exe.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = search.live.com/sphome.aspx
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = search.live.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = google.rs/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = crawler.com/search/ie.aspx?tb_id=60076
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = dnl.crawler.com/support/sa_customize.aspx?TbId=60076
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = us.rd.yahoo.com/customize/ie/defaults/sp/msgr8/*http://www.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = search.live.com/sphome.aspx
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = dnl.crawler.com/support/sa_customize.aspx?TbId=60076
R3 - URLSearchHook: SpeedBitPlus Toolbar - {60270dc7-9ea0-472f-9b77-66652c06246e} - C:\Program Files\SpeedBitPlus\tbSpee.dll
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
R3 - URLSearchHook: (no name) - {9CB65206-89C4-402c-BA80-02D8C59F9B1D} - C:\Program Files\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL (file missing)
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\ctbr.dll
O2 - BHO: Windows Live Family Safety Browser Helper - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: SpeedBitPlus Toolbar - {60270dc7-9ea0-472f-9b77-66652c06246e} - C:\Program Files\SpeedBitPlus\tbSpee.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: Windows Live pomagac za prijavljivanje - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O3 - Toolbar: SpeedBitPlus Toolbar - {60270dc7-9ea0-472f-9b77-66652c06246e} - C:\Program Files\SpeedBitPlus\tbSpee.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Crawler li?ta - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\PROGRA~1\Crawler\ctbr.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SpywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe"
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"
O4 - HKLM\..\Run: [FG_Monitor] C:\Program Files\Folder Guard Pro\FGKey.exe /Start
O4 - HKLM\..\Run: [SpeedBitVideoAccelerator] "C:\Program Files\SpeedBit Video Accelerator\VideoAccelerator.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [fssui] "C:\Program Files\Windows Live\Family Safety\fsui.exe" -autorun
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
O8 - Extra context menu item: Crawler Search - tbr:iemenu
O9 - Extra button: Objavi ovo u blogu - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Objavi ovo u blogu u okviru usluge Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\PROGRA~1\Crawler\ctbr.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
O23 - Service: VideoAcceleratorService - Speedbit Ltd. - C:\PROGRA~1\SPEEDB~1\VideoAcceleratorService.exe

--
End of file - 10221 bytes

offline
  • diarno  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 15 Jun 2007
  • Poruke: 5572

Cyrax ::Imam ogroman problem, sta god da pokrenem avast mi izbacuje da je virus!

Sta kaze.. Kako se zove taj virus...?

offline
  • Pridružio: 13 Maj 2008
  • Poruke: 113

Gore tek sada vidim da sam pogresio. Kada palim komp izadje mi :
MOM.exe-application error
The application faild to initialize prooerly (0xc 000007b). Click on OK to terminate the application.

A posle mi izbacuje virus:
C:\Documents and Settings\Dragan\Local Settings\Temporary Internet Files\Content.IE5\UB2YMR81\appnews2[1].htm
C:\Documents and Settings\Dragan\Local Settings\Temporary Internet Files\Content.IE5\OPAVOLIZ\mycity[1].htm

I jos 6-7 virusa jedan za drugim.

offline
  • diarno  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 15 Jun 2007
  • Poruke: 5572

Desni klik na ikonicu Avasta u desnom uglu pored sata i izaberi Log Viewer...

Probaj nekako da mi okacis izvestaj.. ima cini mi se export opcija...

offline
  • Pridružio: 13 Maj 2008
  • Poruke: 113

Ovo je log od WARNING:
7.2.2009 13:54:17 Dragan 1240 Sign of "Win32:Agent-KYQ" has been found in "I:\MSOCache\90000804-6000-11D3-8CFE-0150048383C9\KB915865.exe" file.
7.2.2009 16:16:57 Dragan 1244 Sign of "Win32:Agent-KYQ" has been found in "G:\MSOCache\90000804-6000-11D3-8CFE-0150048383C9\KB915865.exe" file.
22.2.2009 14:14:22 SYSTEM 1408 Sign of "JS:Cruzer-B [Trj]" has been found in "http://www.profil.rs/" file.
22.2.2009 14:15:49 SYSTEM 1408 Sign of "JS:Cruzer-B [Trj]" has been found in "http://www.profil.rs/" file.
23.2.2009 15:26:08 SYSTEM 1464 Sign of "Win32:Rootkit-gen [Rtk]" has been found in "D:\WINDOWS\system32\dfrgui32.dll" file.
24.2.2009 14:57:26 SYSTEM 1432 Sign of "HTML:Iframe-inf" has been found in "http://www.bitches-porno.com/tgp/acc.html\{gzip}" file.
28.2.2009 19:34:17 SYSTEM 1424 Sign of "Win32:Trojan-gen {Other}" has been found in "http://files.gameshop-international.com/GameCenterSolution/ZumaDeluxe/ZumaDeluxeSetup.exe\[Embedded_I#02ce04]\{app}\Zuma.exe" file.
28.2.2009 19:38:05 SYSTEM 1424 Sign of "Win32:Trojan-gen {Other}" has been found in "http://files.gameshop-international.com/GameCenterSolution/ZumaDeluxe/ZumaDeluxeSetup.exe\[Embedded_I#02ce04]\{app}\Zuma.exe" file.
1.3.2009 20:52:18 SYSTEM 1432 Sign of "HTML:Iframe-inf" has been found in "http://www.bitches-porno.com/tgp/acc.html\{gzip}" file.
7.3.2009 23:19:11 Dragan 1656 Sign of "Win32:Trojan-gen {Other}" has been found in "F:\ZIKA HDD\-==Digital Studio==-\Rumunphone\Nokia\start\fscommand\pcguide_de.exe" file.
7.3.2009 23:19:25 Dragan 1656 Sign of "Win32:Trojan-gen {Other}" has been found in "F:\ZIKA HDD\-==Digital Studio==-\Rumunphone\Nokia\start\fscommand\pcguide_es.exe" file.
8.3.2009 0:33:08 Dragan 1656 Sign of "Win32:Trojan-gen {Other}" has been found in "F:\ZIKA HDD\programi\nex program's\AcdSee 8.0.67\acdsee.pro.8.x.-.multilangue-patch.exe" file.
8.3.2009 0:33:48 Dragan 1656 Sign of "Win32:Adware-gen [Adw]" has been found in "F:\ZIKA HDD\programi\RadLight 3.03 R5.2\Save.exe" file.
9.3.2009 18:45:53 SYSTEM 1432 Sign of "Win32:Trojan-gen {Other}" has been found in "C:\WINDOWS\TEMP\VRT82.tmp" file.
9.3.2009 19:35:35 Dragan 1424 Sign of "HTML:Iframe-inf" has been found in "C:\Documents and Settings\Dragan\Local Settings\Temporary Internet Files\Content.IE5\UB2YMR81\client_ad[1].htm" file.
9.3.2009 19:35:45 Dragan 1424 Sign of "Win32:Trojan-gen {Other}" has been found in "C:\WINDOWS\TEMP\VRT6.tmp" file.
9.3.2009 19:35:51 Dragan 1424 Sign of "HTML:Iframe-inf" has been found in "C:\Documents and Settings\Dragan\Local Settings\Temporary Internet Files\Content.IE5\UB2YMR81\yimPlayer[1].htm" file.
9.3.2009 19:36:00 Dragan 1424 Sign of "HTML:Iframe-inf" has been found in "C:\Documents and Settings\Dragan\Local Settings\Temporary Internet Files\Content.IE5\8X8C2JWX\client_ad[1].htm" file.
9.3.2009 19:40:26 Dragan 1424 Sign of "Win32:SdBot-RT [Trj]" has been found in "E:\New Folder\Instalacije\Nero-9.2.6.0_update.exe" file.
9.3.2009 19:42:09 Dragan 1424 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Valve\platform\steam\cached\Account.html" file.
9.3.2009 19:42:32 Dragan 1424 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Valve\platform\steam\cached\CDKeyReceipt.html" file.
9.3.2009 19:42:36 Dragan 1424 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Valve\platform\steam\cached\CreditCardPreorderReceipt.html" file.
9.3.2009 19:42:38 Dragan 1424 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Valve\platform\steam\cached\CreditCardReceipt.html" file.
9.3.2009 19:42:40 Dragan 1424 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Valve\platform\steam\cached\offline_english.html" file.
9.3.2009 19:42:45 Dragan 1424 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Valve\platform\steam\cached\offline_french.html" file.
9.3.2009 19:42:47 Dragan 1424 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Valve\platform\steam\cached\offline_german.html" file.
9.3.2009 19:42:49 Dragan 1424 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Valve\platform\steam\cached\offline_italian.html" file.
9.3.2009 19:42:53 Dragan 1424 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Valve\platform\steam\cached\offline_spanish.html" file.
9.3.2009 19:44:48 Dragan 1424 Sign of "HTML:Iframe-inf" has been found in "C:\Documents and Settings\Dragan\Local Settings\Temporary Internet Files\Content.IE5\OPAVOLIZ\appnews2[1].htm" file.
9.3.2009 19:47:55 Dragan 1424 Sign of "HTML:Iframe-inf" has been found in "C:\Documents and Settings\Dragan\Local Settings\Temporary Internet Files\Content.IE5\0PIFGLQ7\google[1].htm" file.
9.3.2009 19:50:52 SYSTEM 1428 Sign of "Win32:Trojan-gen {Other}" has been found in "C:\WINDOWS\TEMP\VRT2.tmp" file.
9.3.2009 20:04:55 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Documents and Settings\Administrator\Application Data\Spyware Terminator\LanguageAct\offlinehelp.html" file.
9.3.2009 20:05:22 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Documents and Settings\All Users\Application Data\ACD Systems\ACDSee\11.0\ACDInTouch\EN\StaticPages\Cannot_Connect.htm" file.
9.3.2009 20:05:22 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Documents and Settings\All Users\Application Data\ACD Systems\ACDSee\11.0\ACDInTouch\EN\StaticPages\Chose_Not_To_Connect.htm" file.
9.3.2009 20:05:22 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Documents and Settings\All Users\Application Data\ACD Systems\ACDSee\11.0\ACDInTouch\EN\StaticPages\privacy-popup.htm" file.
9.3.2009 20:05:22 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Documents and Settings\All Users\Application Data\ACD Systems\ACDSee\11.0\ACDInTouch\EN\StaticPages\registration-cancel.htm" file.
9.3.2009 20:05:22 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Documents and Settings\All Users\Application Data\ACD Systems\ACDSee\11.0\ACDInTouch\EN\StaticPages\Registration.htm" file.
9.3.2009 20:05:22 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Documents and Settings\All Users\Application Data\ACD Systems\ACDSee\11.0\ACDInTouch\EN\StaticPages\trial-cannot-connect.htm" file.
9.3.2009 20:05:29 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Documents and Settings\All Users\Application Data\Skype\Plugins\Plugins\F57B48ADF2224F088EDD1A2B9BAD84E8\PickGame.htm" file.
9.3.2009 20:05:42 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Documents and Settings\Dragan\Application Data\Spyware Terminator\info.htm" file.
9.3.2009 20:05:42 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Documents and Settings\Dragan\Application Data\Spyware Terminator\LanguageAct\offlinehelp.html" file.
9.3.2009 20:05:43 Administrator 1508 Sign of "Win32:JunkPoly [Cryp]" has been found in "C:\Documents and Settings\Dragan\Desktop\Click.exe" file.
9.3.2009 20:05:46 Administrator 1508 Sign of "Win32:JunkPoly [Cryp]" has been found in "C:\Documents and Settings\Dragan\Desktop\milioner07novi sa 5000 pitanja\Milioner.exe" file.
9.3.2009 20:07:22 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Documents and Settings\Dragan\Local Settings\Temp\NotifyMe.htm" file.
9.3.2009 20:07:22 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Documents and Settings\Dragan\Local Settings\Temp\Rar$EX00.984\hlc.htm" file.
9.3.2009 20:07:22 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Documents and Settings\Dragan\Local Settings\Temp\wahtmltmp00.htm" file.
9.3.2009 20:07:23 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Documents and Settings\Dragan\Local Settings\Temporary Internet Files\Content.IE5\0PIFGLQ7\ADSAdClient31[1].htm" file.
9.3.2009 20:07:23 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Documents and Settings\Dragan\Local Settings\Temporary Internet Files\Content.IE5\8X8C2JWX\client_ad[1].htm" file.
9.3.2009 20:07:23 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Documents and Settings\Dragan\Local Settings\Temporary Internet Files\Content.IE5\NXJNFYNF\client_ad[1].htm" file.
9.3.2009 20:12:54 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Documents and Settings\Dragan\My Documents\My Stationery\ArtDeco.htm" file.
9.3.2009 20:12:54 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Documents and Settings\Dragan\My Documents\My Stationery\BlueTiles.htm" file.
9.3.2009 20:12:54 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Documents and Settings\Dragan\My Documents\My Stationery\Bubbles.htm" file.
9.3.2009 20:12:54 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Documents and Settings\Dragan\My Documents\My Stationery\Cheddar.htm" file.
9.3.2009 20:12:54 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Documents and Settings\Dragan\My Documents\My Stationery\ColorStripe.htm" file.
9.3.2009 20:12:54 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Documents and Settings\Dragan\My Documents\My Stationery\Dinosaur.htm" file.
9.3.2009 20:12:54 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Documents and Settings\Dragan\My Documents\My Stationery\Garden.htm" file.
9.3.2009 20:12:54 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Documents and Settings\Dragan\My Documents\My Stationery\HandPrints.htm" file.
9.3.2009 20:12:54 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Documents and Settings\Dragan\My Documents\My Stationery\LED.htm" file.
9.3.2009 20:12:54 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Documents and Settings\Dragan\My Documents\My Stationery\Money.htm" file.
9.3.2009 20:12:54 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Documents and Settings\Dragan\My Documents\My Stationery\Mosaic1.htm" file.
9.3.2009 20:12:54 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Documents and Settings\Dragan\My Documents\My Stationery\Mosaic2.htm" file.
9.3.2009 20:12:55 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Documents and Settings\Dragan\My Documents\My Stationery\Music.htm" file.
9.3.2009 20:12:55 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Documents and Settings\Dragan\My Documents\My Stationery\Snowboard.htm" file.
9.3.2009 20:12:55 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Documents and Settings\Dragan\My Documents\My Stationery\Southwest.htm" file.
9.3.2009 20:12:55 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Documents and Settings\Dragan\My Documents\My Stationery\YellowTiles.htm" file.
9.3.2009 20:13:19 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\ACD Systems\ACDSee\11.0\bin\Welcome\index.htm" file.
9.3.2009 20:13:20 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\ACD Systems\ACDSee\11.0\LM\Pages\ExpiredACDSee.htm" file.
9.3.2009 20:13:20 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\ACD Systems\ACDSee\11.0\LM\Pages\Offer15DayTrial.htm" file.
9.3.2009 20:13:20 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\ACD Systems\ACDSee\11.0\LM\Pages\Offer30DayTrial.htm" file.
9.3.2009 20:13:20 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\ACD Systems\ACDSee\11.0\LM\Pages\OfferGracePeriod.htm" file.
9.3.2009 20:13:24 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\ACD Systems\ACDSee\11.0\Startup\0.html" file.
9.3.2009 20:13:24 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\ACD Systems\ACDSee\11.0\Startup\1.html" file.
9.3.2009 20:13:24 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\ACD Systems\ACDSee\11.0\Startup\10.html" file.
9.3.2009 20:13:24 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\ACD Systems\ACDSee\11.0\Startup\11.html" file.
9.3.2009 20:13:24 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\ACD Systems\ACDSee\11.0\Startup\2.html" file.
9.3.2009 20:13:24 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\ACD Systems\ACDSee\11.0\Startup\3.html" file.
9.3.2009 20:13:24 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\ACD Systems\ACDSee\11.0\Startup\4.html" file.
9.3.2009 20:13:24 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\ACD Systems\ACDSee\11.0\Startup\5.html" file.
9.3.2009 20:13:24 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\ACD Systems\ACDSee\11.0\Startup\6.html" file.
9.3.2009 20:13:24 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\ACD Systems\ACDSee\11.0\Startup\7.html" file.
9.3.2009 20:13:24 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\ACD Systems\ACDSee\11.0\Startup\8.html" file.
9.3.2009 20:13:24 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\ACD Systems\ACDSee\11.0\Startup\9.html" file.
9.3.2009 20:13:25 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\ACD Systems\ACDSee\11.0\Startup\menu.html" file.
9.3.2009 20:13:25 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Adobe Help Viewer\1.0\help.html" file.
9.3.2009 20:13:27 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\adobe_epic\eula\en_US\install.html" file.
9.3.2009 20:13:27 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\adobe_epic\eula\en_US\install2.html" file.
9.3.2009 20:13:27 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\BeyondReader\ENU\Onramp\index.html" file.
9.3.2009 20:13:27 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\Engineering.html" file.
9.3.2009 20:13:27 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\Export.html" file.
9.3.2009 20:13:27 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\Forms.html" file.
9.3.2009 20:13:27 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\Forms1.html" file.
9.3.2009 20:13:27 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\Hanko05.html" file.
9.3.2009 20:13:27 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\HowTo.html" file.
9.3.2009 20:13:27 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\Reader_en-us_report-conref.html" file.
9.3.2009 20:13:27 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\Reader_en-us_report-content.html" file.
9.3.2009 20:13:27 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\Reader_en-us_report-duplicate.html" file.
9.3.2009 20:13:28 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\Reader_en-us_report-image.html" file.
9.3.2009 20:13:28 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\Reader_en-us_report-indexes.html" file.
9.3.2009 20:13:28 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\Reader_en-us_report-summary.html" file.
9.3.2009 20:13:28 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\Reader_en-us_report-xref.html" file.
9.3.2009 20:13:28 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\Review.html" file.
9.3.2009 20:13:28 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\Review01.html" file.
9.3.2009 20:13:28 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\Review02.html" file.
9.3.2009 20:13:28 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\Review05.html" file.
9.3.2009 20:13:28 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\search.html" file.
9.3.2009 20:13:28 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\Sign.html" file.
9.3.2009 20:13:28 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\srch_db.html" file.
9.3.2009 20:13:28 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\version.html" file.
9.3.2009 20:13:28 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\WS0152AC38-6989-4789-A91A-DE804B4EE217.html" file.
9.3.2009 20:13:28 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\WS01D0DD7E-72C5-4bd7-98A5-61B6703E2874.html" file.
9.3.2009 20:13:28 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\WS0DB156A0-D8E0-40d1-A8FE-155D401E100A.html" file.
9.3.2009 20:13:28 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\WS116358B6-C899-4ef8-8718-5E8FEED1E80B.html" file.
9.3.2009 20:13:28 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\WS15C7F996-1DF1-4af3-8BB4-7AA64669E5A2.html" file.
9.3.2009 20:13:28 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\WS16696D10-CF60-4979-BC54-0F60285159A9.html" file.
9.3.2009 20:13:28 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\WS175FFA03-6BF0-4fa7-8D66-C91A809536CE.html" file.
9.3.2009 20:13:28 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\WS1ABEB45F-BA46-4913-A7E1-ACA6A974FE76.html" file.
9.3.2009 20:13:28 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\WS1D6D5242-53DD-40e0-B58E-95E027DCD94D.html" file.
9.3.2009 20:13:28 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\WS1E82B083-927E-47b3-AAD6-88CB47B5E992.html" file.
9.3.2009 20:13:28 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\WS21180009-84AE-4b72-9610-C38FE8B6C423.html" file.
9.3.2009 20:13:28 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\WS23BCDC6F-BC2E-489b-8D36-D875B917293B.html" file.
9.3.2009 20:13:28 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\WS23E49454-94C8-45b7-9F79-BC8CBC1621E1.html" file.
9.3.2009 20:13:28 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\WS25BA4195-6D5F-4aca-A8DF-EF72AAAAB5B1.html" file.
9.3.2009 20:13:28 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\WS26240DA8-2896-4976-8BBD-5A5CDF2DBB65.html" file.
9.3.2009 20:13:28 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\WS28F751CE-AA39-440f-8615-58F751037765.html" file.
9.3.2009 20:13:28 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\WS2AE3999E-C712-4e15-BC7C-1615EE1B5B56.html" file.
9.3.2009 20:13:28 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\WS3153B307-CB17-4269-9B46-DF43E8AC4582.html" file.
9.3.2009 20:13:28 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\WS32EEDD33-2F54-4848-9BBE-3E01F5BB2375.html" file.
9.3.2009 20:13:28 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\WS40A2300E-1DBC-4e12-9837-AD8454775679.html" file.
9.3.2009 20:13:28 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\WS4A6B605A-8F5B-4bfb-BD8E-90611BC05E4E.html" file.
9.3.2009 20:13:28 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\WS4B49EA85-530D-4820-8F46-FE0120FC591A.html" file.
9.3.2009 20:13:28 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\WS4C63D590-2C39-4ad9-9B3B-87558B53E8AD.html" file.
9.3.2009 20:13:28 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\WS4CE8758A-E53C-438a-A3EC-247A2076C1C3.html" file.
9.3.2009 20:13:28 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\WS4D7B71F8-4459-493e-A2BF-0CE66B055B46.html" file.
9.3.2009 20:13:28 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\WS4FDA872B-2373-47cc-9FC4-71EC25DFE3A8.html" file.
9.3.2009 20:13:28 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\WS500B1437-8713-43ea-87D2-C029BC4D95DB.html" file.
9.3.2009 20:13:28 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\WS569061E4-7434-4bb8-92A9-840CF861F474.html" file.
9.3.2009 20:13:28 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\WS57FC3C30-C0F1-41fb-B998-7CB8D9C9E488.html" file.
9.3.2009 20:13:28 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\WS5B5C7EE5-16D9-470a-AAC6-6F569C78D6AB.html" file.
9.3.2009 20:13:28 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\WS5DC362ED-F30C-4303-983D-9426DA6CA939.html" file.
9.3.2009 20:13:28 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\WS675A7196-68DC-405f-AA3B-1FE9D2F2E288.html" file.
9.3.2009 20:13:28 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\WS677DDFC2-618B-4128-A6A7-7BBF8B4B5FA8.html" file.
9.3.2009 20:13:28 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\WS68FC469B-1113-4ab1-BACF-C7ED43B09AC8.html" file.
9.3.2009 20:13:28 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\WS6BDF3AF5-5E90-4423-88C8-16675AF0C595.html" file.
9.3.2009 20:13:28 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\WS6F1D9AEB-BE3B-4b60-8D3F-1BB419EF1C1B.html" file.
9.3.2009 20:13:28 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\WS7098BCBC-0FA6-4a18-AFAB-6C59366399D0.html" file.
9.3.2009 20:13:28 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\WS70F00F0C-C476-46c6-BDC9-4775B21A895A.html" file.
9.3.2009 20:13:28 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\WS7101B368-E344-4a9a-9917-ACB09777A127.html" file.
9.3.2009 20:13:28 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\WS71AAA620-5DAD-4f24-A093-D184201A2CA7.html" file.
9.3.2009 20:13:28 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\WS728F554C-96AE-467c-94C3-61592E343AEC.html" file.
9.3.2009 20:13:28 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\WS7705371C-01C6-41df-8F29-EC17BE90A303.html" file.
9.3.2009 20:13:28 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\WS77BB9683-9BDA-4c93-8C4D-C10BEFD22D34.html" file.
9.3.2009 20:13:28 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\WS7804F58D-9B6D-4f83-8783-707173F19A57.html" file.
9.3.2009 20:13:28 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\WS7CF25848-721F-48e3-BF3F-7F6135505706.html" file.
9.3.2009 20:13:28 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\WS82B540C2-7F9D-4d87-9071-DA13712079F7.html" file.
9.3.2009 20:13:28 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\WS860530CA-10EF-4fcb-8517-B47769F67A93.html" file.
9.3.2009 20:13:28 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\WS86957517-D231-4f67-AA63-BB7113BA6B4C.html" file.
9.3.2009 20:13:28 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\WS913EF9D4-6D87-4858-AB2E-9AB7CD3B33AB.html" file.
9.3.2009 20:13:28 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\WS91C8140A-B901-4d25-B8EB-969199C241DE.html" file.
9.3.2009 20:13:28 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\WS953DEDAB-D5AC-491a-AC5A-9EA68DE93712.html" file.
9.3.2009 20:13:28 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\WS974BA363-E830-43a0-8A0D-54C90F13FE43.html" file.
9.3.2009 20:13:28 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\WS97FC333F-2B50-4664-A4C7-418BBD7EA061.html" file.
9.3.2009 20:13:28 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\WS98108EA9-0350-47c4-8666-C077928F7CDC.html" file.
9.3.2009 20:13:28 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\WS9A8AD2CD-C75D-4a96-A8C8-64125FC6B103.html" file.
9.3.2009 20:13:28 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\WS9CA99867-575D-4438-A010-FEC8F2CEBEE7.html" file.
9.3.2009 20:13:28 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\WSA02AF508-E105-4e80-8928-11BCA70D3402.html" file.
9.3.2009 20:13:28 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\WSA4AFE6C3-84A0-495d-A24C-2273B637C29C.html" file.
9.3.2009 20:13:28 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\WSA64A1338-B969-4dba-80E8-BD37DFDE9180.html" file.
9.3.2009 20:13:28 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\WSA839D6AB-2E30-4c71-A779-CE4F8D964115.html" file.
9.3.2009 20:13:28 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\WSAF65B6C7-D000-4606-ACA4-7F32C9860E91.html" file.
9.3.2009 20:13:28 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\WSB11FAB59-A592-47a8-AD73-B38909D6E12F.html" file.
9.3.2009 20:13:28 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\WSB7B5F563-E2FA-4c9f-A9FD-590A22F508E7.html" file.
9.3.2009 20:13:28 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\WSB9422892-F790-4cb8-B4CD-8E4AD220A696.html" file.
9.3.2009 20:13:28 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\WSB95C4980-9B72-4e66-9ADA-CEC44E977786.html" file.
9.3.2009 20:13:28 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\WSC887FFE1-8857-4be1-BB81-BC32DE2AD7FC.html" file.
9.3.2009 20:13:28 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\WSCB6E92A7-E5C4-4285-853D-477A070EED2D.html" file.
9.3.2009 20:13:28 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\WSCCDA0B9F-2F54-4810-BAAF-04A59E60998B.html" file.
9.3.2009 20:13:28 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\WSCDCB0C74-267A-4db2-856D-EDD048947C59.html" file.
9.3.2009 20:13:28 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\WSD1D23E0E-281D-4aa8-8B10-64DB1EE65C71.html" file.
9.3.2009 20:13:28 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\WSD2ACE85B-5959-4f89-9D2B-218F9376E9D5.html" file.
9.3.2009 20:13:28 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\WSD5671438-ADC2-4616-BA90-0FF6FD03CED8.html" file.
9.3.2009 20:13:28 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\WSD5BEB284-9F6D-4635-881A-31A092178E63.html" file.
9.3.2009 20:13:28 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\WSD73A2CCE-18C6-4885-A567-3FF67DB23AF8.html" file.
9.3.2009 20:13:28 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\WSD8B6C446-DD94-4ade-928D-5A585D90870A.html" file.
9.3.2009 20:13:28 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\WSD8F4B47F-18D4-4fdf-AE0E-3C7B16CAB344.html" file.
9.3.2009 20:13:28 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\WSD96469EA-5613-41d4-A7CB-D05418271C69.html" file.
9.3.2009 20:13:28 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\WSDBCA1B83-917F-4800-BA1E-AE4D73C7436E.html" file.
9.3.2009 20:13:28 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\WSDE9DD7BF-83AA-40c7-ABDC-FFBDC84550C9.html" file.
9.3.2009 20:13:28 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\WSE2D6BFF2-376A-45ac-BB53-056DA78E65B0.html" file.
9.3.2009 20:13:28 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\WSE632035A-F854-473d-8AE0-9BD326226862.html" file.
9.3.2009 20:13:28 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\WSE9BBFA12-14C6-439d-B9E8-48630AB72870.html" file.
9.3.2009 20:13:28 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\WSEAA79063-1DAD-4317-AB33-5A68D623207D.html" file.
9.3.2009 20:13:28 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\WSEC4F451C-E254-43f9-ACFE-F242A591D0D7.html" file.
9.3.2009 20:13:28 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\WSEDA6E022-E71D-4185-8BE4-437766DA1F87.html" file.
9.3.2009 20:13:28 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\WSEE1DFE49-1C7E-4648-AFD8-7A5CFA20391D.html" file.
9.3.2009 20:13:28 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\WSF19D4446-A439-4adc-B9ED-E11325487E28.html" file.
9.3.2009 20:13:28 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\WSF30BC11C-BCEF-4e2b-8934-059526ED0229.html" file.
9.3.2009 20:13:28 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\WSF3FF17C0-8293-4cf7-B1B6-C362AC31072E.html" file.
9.3.2009 20:13:28 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\Legal\en_US\license.html" file.
9.3.2009 20:13:31 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Adobe\Reader 8.0\Reader\ReadMe.htm" file.
9.3.2009 20:13:39 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Alwil Software\Avast4\DATA\iNewsEx.htm" file.
9.3.2009 20:13:44 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Alwil Software\Avast4\SERBIAN\ENHANCED.HTM" file.
9.3.2009 20:13:44 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Alwil Software\Avast4\SERBIAN\HtmlData\11001.htm" file.
9.3.2009 20:13:44 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Alwil Software\Avast4\SERBIAN\HtmlData\400.htm" file.
9.3.2009 20:13:44 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Alwil Software\Avast4\SERBIAN\HtmlData\401.htm" file.
9.3.2009 20:13:44 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Alwil Software\Avast4\SERBIAN\HtmlData\407.htm" file.
9.3.2009 20:13:44 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Alwil Software\Avast4\SERBIAN\HtmlData\502.htm" file.
9.3.2009 20:13:44 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Alwil Software\Avast4\SERBIAN\HtmlData\504.htm" file.
9.3.2009 20:13:45 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Alwil Software\Avast4\SERBIAN\HtmlData\Blocked.htm" file.
9.3.2009 20:13:57 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\ATI Technologies\ATI.ACE\Graphics-Full-Existing\Welcome\de\welcome_FMV.html" file.
9.3.2009 20:13:57 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\ATI Technologies\ATI.ACE\Graphics-Full-Existing\Welcome\de\welcome_generic.html" file.
9.3.2009 20:13:57 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\ATI Technologies\ATI.ACE\Graphics-Full-Existing\Welcome\en-US\welcome_en-US_FMV.html" file.
9.3.2009 20:13:57 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\ATI Technologies\ATI.ACE\Graphics-Full-Existing\Welcome\en-US\welcome_en-US_generic.html" file.
9.3.2009 20:13:57 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\ATI Technologies\ATI.ACE\Graphics-Full-Existing\Welcome\en-US\welcome_en-US_MR9600_MOB.html" file.
9.3.2009 20:13:57 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\ATI Technologies\ATI.ACE\Graphics-Full-Existing\Welcome\en-US\welcome_en-US_MR9700_MOB.html" file.
9.3.2009 20:13:57 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\ATI Technologies\ATI.ACE\Graphics-Full-Existing\Welcome\en-US\welcome_en-US_R9600_DSK.html" file.
9.3.2009 20:13:57 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\ATI Technologies\ATI.ACE\Graphics-Full-Existing\Welcome\en-US\welcome_en-US_R9700_DSK.html" file.
9.3.2009 20:13:57 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\ATI Technologies\ATI.ACE\Graphics-Full-Existing\Welcome\en-US\welcome_FMV.html" file.
9.3.2009 20:13:57 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\ATI Technologies\ATI.ACE\Graphics-Full-Existing\Welcome\en-US\welcome_generic.html" file.
9.3.2009 20:13:57 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\ATI Technologies\ATI.ACE\Graphics-Full-Existing\Welcome\en-US\welcom_en-US_cycle.html" file.
9.3.2009 20:13:58 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\ATI Technologies\ATI.ACE\Graphics-Full-Existing\Welcome\es\welcome_FMV.html" file.
9.3.2009 20:13:58 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\ATI Technologies\ATI.ACE\Graphics-Full-Existing\Welcome\es\welcome_generic.html" file.
9.3.2009 20:13:58 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\ATI Technologies\ATI.ACE\Graphics-Full-Existing\Welcome\fr\welcome_FMV.html" file.
9.3.2009 20:13:58 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\ATI Technologies\ATI.ACE\Graphics-Full-Existing\Welcome\fr\welcome_generic.html" file.
9.3.2009 20:13:58 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\ATI Technologies\ATI.ACE\Graphics-Full-Existing\Welcome\pt-BR\welcome_FMV.html" file.
9.3.2009 20:13:58 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\ATI Technologies\ATI.ACE\Graphics-Full-Existing\Welcome\pt-BR\welcome_generic.html" file.
9.3.2009 20:14:08 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Common Files\Adobe\Help\en_US\Adobe Reader\8.0\ACROBATPROFESSIONAL_8.0_HOMEPAGE.html" file.
9.3.2009 20:14:08 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Common Files\Adobe\Help\en_US\Adobe Reader\8.0\Forms1.html" file.
9.3.2009 20:14:08 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Common Files\Adobe\Help\en_US\Adobe Reader\8.0\index_1.html" file.
9.3.2009 20:14:08 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Common Files\Adobe\Help\en_US\Adobe Reader\8.0\index_10.html" file.
9.3.2009 20:14:08 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Common Files\Adobe\Help\en_US\Adobe Reader\8.0\index_11.html" file.
9.3.2009 20:14:08 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Common Files\Adobe\Help\en_US\Adobe Reader\8.0\index_12.html" file.
9.3.2009 20:14:08 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Common Files\Adobe\Help\en_US\Adobe Reader\8.0\index_13.html" file.
9.3.2009 20:14:08 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Common Files\Adobe\Help\en_US\Adobe Reader\8.0\index_14.html" file.
9.3.2009 20:14:08 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Common Files\Adobe\Help\en_US\Adobe Reader\8.0\index_15.html" file.
9.3.2009 20:14:08 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Common Files\Adobe\Help\en_US\Adobe Reader\8.0\index_16.html" file.
9.3.2009 20:14:08 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Common Files\Adobe\Help\en_US\Adobe Reader\8.0\index_17.html" file.
9.3.2009 20:14:08 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Common Files\Adobe\Help\en_US\Adobe Reader\8.0\index_18.html" file.
9.3.2009 20:14:08 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Common Files\Adobe\Help\en_US\Adobe Reader\8.0\index_19.html" file.
9.3.2009 20:14:08 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Common Files\Adobe\Help\en_US\Adobe Reader\8.0\index_2.html" file.
9.3.2009 20:14:08 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Common Files\Adobe\Help\en_US\Adobe Reader\8.0\index_20.html" file.
9.3.2009 20:14:08 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Common Files\Adobe\Help\en_US\Adobe Reader\8.0\index_21.html" file.
9.3.2009 20:14:08 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Common Files\Adobe\Help\en_US\Adobe Reader\8.0\index_22.html" file.
9.3.2009 20:14:08 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Common Files\Adobe\Help\en_US\Adobe Reader\8.0\index_23.html" file.
9.3.2009 20:14:08 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Common Files\Adobe\Help\en_US\Adobe Reader\8.0\index_3.html" file.
9.3.2009 20:14:08 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Common Files\Adobe\Help\en_US\Adobe Reader\8.0\index_4.html" file.
9.3.2009 20:14:08 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Common Files\Adobe\Help\en_US\Adobe Reader\8.0\index_5.html" file.
9.3.2009 20:14:08 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Common Files\Adobe\Help\en_US\Adobe Reader\8.0\index_6.html" file.
9.3.2009 20:14:09 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Common Files\Adobe\Help\en_US\Adobe Reader\8.0\index_7.html" file.
9.3.2009 20:14:09 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Common Files\Adobe\Help\en_US\Adobe Reader\8.0\index_8.html" file.
9.3.2009 20:14:09 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Common Files\Adobe\Help\en_US\Adobe Reader\8.0\index_9.html" file.
9.3.2009 20:14:09 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Common Files\Adobe\Help\en_US\Adobe Reader\8.0\Review01.html" file.
9.3.2009 20:14:09 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Common Files\Adobe\Help\en_US\Adobe Reader\8.0\Review02.html" file.
9.3.2009 20:14:09 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Common Files\Adobe\Help\en_US\Adobe Reader\8.0\Review05.html" file.
9.3.2009 20:14:09 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Common Files\Adobe\Help\en_US\Adobe Reader\8.0\search.html" file.
9.3.2009 20:14:09 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Common Files\Adobe\Help\en_US\Adobe Reader\8.0\splash.html" file.
9.3.2009 20:14:09 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Common Files\Adobe\Help\en_US\Adobe Reader\8.0\srch_db.html" file.
9.3.2009 20:14:09 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Common Files\Adobe\Help\en_US\Adobe Reader\8.0\srch_top.html" file.
9.3.2009 20:14:09 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Common Files\Adobe\Help\en_US\Adobe Reader\8.0\toc.html" file.
9.3.2009 20:14:09 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Common Files\Adobe\Help\en_US\Adobe Reader\8.0\version.html" file.
9.3.2009 20:14:09 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Common Files\Adobe\Help\en_US\Adobe Reader\8.0\WS010EF850-518D-4146-A176-968E19FD2AE4.html" file.
9.3.2009 20:14:09 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Common Files\Adobe\Help\en_US\Adobe Reader\8.0\WS014A8436-26DC-4673-BA61-A4B7ACEA45C4.html" file.
9.3.2009 20:14:09 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Common Files\Adobe\Help\en_US\Adobe Reader\8.0\WS02D75AD2-669B-4b79-9838-3C2493733423.html" file.
9.3.2009 20:14:09 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Common Files\Adobe\Help\en_US\Adobe Reader\8.0\WS0319861F-6B23-44fb-BF12-DBD14CFD9BB7.html" file.
9.3.2009 20:14:09 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Common Files\Adobe\Help\en_US\Adobe Reader\8.0\WS0340383F-97E1-4dc3-A18A-AA8BD50A1668.html" file.
9.3.2009 20:14:09 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Common Files\Adobe\Help\en_US\Adobe Reader\8.0\WS04092BF2-9245-42cd-B647-BBA1881508A1.html" file.
9.3.2009 20:14:09 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Common Files\Adobe\Help\en_US\Adobe Reader\8.0\WS07491C31-1E52-4406-8191-D51251588B61.html" file.
9.3.2009 20:14:09 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Common Files\Adobe\Help\en_US\Adobe Reader\8.0\WS0B6F6E67-A67A-4ec4-947C-97D8F5C2CF97.html" file.
9.3.2009 20:14:09 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Common Files\Adobe\Help\en_US\Adobe Reader\8.0\WS0CD9B08A-80FF-49a0-9202-B453BA6564C8.html" file.
9.3.2009 20:14:09 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Common Files\Adobe\Help\en_US\Adobe Reader\8.0\WS0D23E924-B63F-4bfe-9C54-A8B770F713BF.html" file.
9.3.2009 20:14:09 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Common Files\Adobe\Help\en_US\Adobe Reader\8.0\WS11003862-3658-427d-8D7C-838B0A305F16.html" file.
9.3.2009 20:14:09 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Common Files\Adobe\Help\en_US\Adobe Reader\8.0\WS116358B6-C899-4ef8-8718-5E8FEED1E80B.html" file.
9.3.2009 20:14:09 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Common Files\Adobe\Help\en_US\Adobe Reader\8.0\WS11697F60-6BCC-4981-9C22-7A4611EC0268.html" file.
9.3.2009 20:14:09 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Common Files\Adobe\Help\en_US\Adobe Reader\8.0\WS1666A4B0-1078-4ff8-80CC-CD83DABC3EB8.html" file.
9.3.2009 20:14:09 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Common Files\Adobe\Help\en_US\Adobe Reader\8.0\WS188BEE75-F112-4406-83FF-DA5672BE7884.html" file.
9.3.2009 20:14:09 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Common Files\Adobe\Help\en_US\Adobe Reader\8.0\WS1A103696-4D61-4dca-BA3D-BBA4D1823D82.html" file.
9.3.2009 20:14:09 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Common Files\Adobe\Help\en_US\Adobe Reader\8.0\WS1B8F3234-7282-44e8-9C76-14EAEFAFF2E7.html" file.
9.3.2009 20:14:09 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Common Files\Adobe\Help\en_US\Adobe Reader\8.0\WS1E2D402A-EFFF-4160-B642-122813BB6C25.html" file.
9.3.2009 20:14:09 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Common Files\Adobe\Help\en_US\Adobe Reader\8.0\WS1FD480B9-A35B-4f0e-A07E-185B73F3CFB8.html" file.
9.3.2009 20:14:09 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Common Files\Adobe\Help\en_US\Adobe Reader\8.0\WS203D8EF4-CD9A-49c2-B350-193A2748D633.html" file.
9.3.2009 20:14:09 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Common Files\Adobe\Help\en_US\Adobe Reader\8.0\WS2101F5BE-8188-4562-9DEC-C244234E8E65.html" file.
9.3.2009 20:14:09 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Common Files\Adobe\Help\en_US\Adobe Reader\8.0\WS23E49454-94C8-45b7-9F79-BC8CBC1621E1.html" file.
9.3.2009 20:14:09 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Common Files\Adobe\Help\en_US\Adobe Reader\8.0\WS2633E2D9-A032-43db-B423-40D054095182.html" file.
9.3.2009 20:14:09 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Common Files\Adobe\Help\en_US\Adobe Reader\8.0\WS2AD45836-ADCE-47d7-8D88-204D3D21C73C.html" file.
9.3.2009 20:14:09 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Common Files\Adobe\Help\en_US\Adobe Reader\8.0\WS2AE3999E-C712-4e15-BC7C-1615EE1B5B56.html" file.
9.3.2009 20:14:09 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Common Files\Adobe\Help\en_US\Adobe Reader\8.0\WS2E045AE6-C517-476e-A0AF-8B190F17F79E.html" file.
9.3.2009 20:14:09 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Common Files\Adobe\Help\en_US\Adobe Reader\8.0\WS2E69D8CB-D9E7-4a08-8BE7-D76F7DA08B68.html" file.
9.3.2009 20:14:09 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Common Files\Adobe\Help\en_US\Adobe Reader\8.0\WS2F496A9A-7382-4a85-9BD1-466E9C667597.html" file.
9.3.2009 20:14:09 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Common Files\Adobe\Help\en_US\Adobe Reader\8.0\WS3153B307-CB17-4269-9B46-DF43E8AC4582.html" file.
9.3.2009 20:14:09 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Common Files\Adobe\Help\en_US\Adobe Reader\8.0\WS33931B1E-D0A0-4356-B2A6-4222EB75AC88.html" file.
9.3.2009 20:14:09 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Common Files\Adobe\Help\en_US\Adobe Reader\8.0\WS34EF9148-2E7F-4ec3-A36C-381C2B35CC8C.html" file.
9.3.2009 20:14:09 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Common Files\Adobe\Help\en_US\Adobe Reader\8.0\WS363EFBC7-3751-462a-8A5A-BE0BACFBF7F7.html" file.
9.3.2009 20:14:09 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Common Files\Adobe\Help\en_US\Adobe Reader\8.0\WS3928C77B-4AAD-4826-9B05-EE8C0B81CEBB.html" file.
9.3.2009 20:14:09 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Common Files\Adobe\Help\en_US\Adobe Reader\8.0\WS3C7E6F1A-7193-4405-A4E3-CF958CF3B9B5.html" file.
9.3.2009 20:14:09 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Common Files\Adobe\Help\en_US\Adobe Reader\8.0\WS3D39995A-29A9-429f-A235-50681BF93DD8.html" file.
9.3.2009 20:14:09 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Common Files\Adobe\Help\en_US\Adobe Reader\8.0\WS3F748AE8-1945-45fe-947D-B87833B0E30A.html" file.
9.3.2009 20:14:09 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Common Files\Adobe\Help\en_US\Adobe Reader\8.0\WS40A2300E-1DBC-4e12-9837-AD8454775679.html" file.
9.3.2009 20:14:09 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Common Files\Adobe\Help\en_US\Adobe Reader\8.0\WS4403C5B4-83AA-4799-8589-2DA3467C345F.html" file.
9.3.2009 20:14:09 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Common Files\Adobe\Help\en_US\Adobe Reader\8.0\WS440660F2-B78D-464c-A1A0-C208983E2807.html" file.
9.3.2009 20:14:09 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Common Files\Adobe\Help\en_US\Adobe Reader\8.0\WS481860DF-6C1E-49ce-A303-B3EFF2E864EB.html" file.
9.3.2009 20:14:09 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Common Files\Adobe\Help\en_US\Adobe Reader\8.0\WS494F2F0E-AD47-4803-BD16-DBD7DB60C28E.html" file.
9.3.2009 20:14:09 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Common Files\Adobe\Help\en_US\Adobe Reader\8.0\WS4A27E91A-5096-435d-A7F2-048623F891E5.html" file.
9.3.2009 20:14:09 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Common Files\Adobe\Help\en_US\Adobe Reader\8.0\WS4B49EA85-530D-4820-8F46-FE0120FC591A.html" file.
9.3.2009 20:14:09 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Common Files\Adobe\Help\en_US\Adobe Reader\8.0\WS4BA7C7D5-4075-4781-8101-1C8EE0E870F7.html" file.
9.3.2009 20:14:09 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Common Files\Adobe\Help\en_US\Adobe Reader\8.0\WS4D1BC5C0-B92F-44ea-810D-9ECD657E1892.html" file.
9.3.2009 20:14:09 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Common Files\Adobe\Help\en_US\Adobe Reader\8.0\WS506932BA-8229-4522-B786-3C2221C6D405.html" file.
9.3.2009 20:14:09 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Common Files\Adobe\Help\en_US\Adobe Reader\8.0\WS533B928E-576F-4dc3-AA14-73D08EEE8F20.html" file.
9.3.2009 20:14:09 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Common Files\Adobe\Help\en_US\Adobe Reader\8.0\WS549D04D1-23ED-4465-A065-622498171E93.html" file.
9.3.2009 20:14:09 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Common Files\Adobe\Help\en_US\Adobe Reader\8.0\WS569061E4-7434-4bb8-92A9-840CF861F474.html" file.
9.3.2009 20:14:09 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Common Files\Adobe\Help\en_US\Adobe Reader\8.0\WS58a04a822e3e50102bd615109794195ff-7ae2.html" file.
9.3.2009 20:14:09 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Common Files\Adobe\Help\en_US\Adobe Reader\8.0\WS58a04a822e3e50102bd615109794195ff-7ae5.html" file.
9.3.2009 20:14:09 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Common Files\Adobe\Help\en_US\Adobe Reader\8.0\WS58a04a822e3e50102bd615109794195ff-7ae6.html" file.
9.3.2009 20:14:09 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Common Files\Adobe\Help\en_US\Adobe Reader\8.0\WS58a04a822e3e50102bd615109794195ff-7ae7.html" file.
9.3.2009 20:14:09 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Common Files\Adobe\Help\en_US\Adobe Reader\8.0\WS58a04a822e3e50102bd615109794195ff-7ae8.html" file.
9.3.2009 20:14:09 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Common Files\Adobe\Help\en_US\Adobe Reader\8.0\WS58a04a822e3e50102bd615109794195ff-7ae9.html" file.
9.3.2009 20:14:09 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Common Files\Adobe\Help\en_US\Adobe Reader\8.0\WS58a04a822e3e50102bd615109794195ff-7aea.html" file.
9.3.2009 20:14:09 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Common Files\Adobe\Help\en_US\Adobe Reader\8.0\WS58a04a822e3e50102bd615109794195ff-7aeb.html" file.
9.3.2009 20:14:09 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Common Files\Adobe\Help\en_US\Adobe Reader\8.0\WS58a04a822e3e50102bd615109794195ff-7aec.html" file.
9.3.2009 20:14:09 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Common Files\Adobe\Help\en_US\Adobe Reader\8.0\WS58a04a822e3e50102bd615109794195ff-7bd0.html" file.
9.3.2009 20:14:09 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Common Files\Adobe\Help\en_US\Adobe Reader\8.0\WS58a04a822e3e50102bd615109794195ff-7bdc.html" file.
9.3.2009 20:14:09 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Common Files\Adobe\Help\en_US\Adobe Reader\8.0\WS58a04a822e3e50102bd615109794195ff-7bdd.html" file.
9.3.2009 20:14:09 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Common Files\Adobe\Help\en_US\Adobe Reader\8.0\WS58a04a822e3e50102bd615109794195ff-7bde.html" file.
9.3.2009 20:14:09 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Common Files\Adobe\Help\en_US\Adobe Reader\8.0\WS58a04a822e3e50102bd615109794195ff-7bdf.html" file.
9.3.2009 20:14:09 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Common Files\Adobe\Help\en_US\Adobe Reader\8.0\WS58a04a822e3e50102bd615109794195ff-7c66.html" file.
9.3.2009 20:14:09 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Common Files\Adobe\Help\en_US\Adobe Reader\8.0\WS58a04a822e3e50102bd615109794195ff-7cc5.html" file.
9.3.2009 20:14:09 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Common Files\Adobe\Help\en_US\Adobe Reader\8.0\WS58a04a822e3e50102bd615109794195ff-7cc7.html" file.
9.3.2009 20:14:09 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Common Files\Adobe\Help\en_US\Adobe Reader\8.0\WS58a04a822e3e50102bd615109794195ff-7ccd.html" file.
9.3.2009 20:14:10 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Common Files\Adobe\Help\en_US\Adobe Reader\8.0\WS58a04a822e3e50102bd615109794195ff-7cce.html" file.
9.3.2009 20:14:10 Administrator 1508 Sign of "HTML:Iframe-inf" has been found in "C:\Program Files\Common Files\Adobe\Help\en_US\Adobe Reade

offline
  • diarno  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 15 Jun 2007
  • Poruke: 5572

Skeniranje sa ovim alatom moze potrajati veoma ali veoma dugo (preko 4 sata) cisto da znas Wink

Preuzmi Dr.Web CureIt (~12 MB).
Restartuj kompjuter u Safe Mode (uputstvo za Safe Mode)

Dvoklikom pokreni launch.exe, nakon čega će se pojaviti uvodni prozor - klikni Start

Pojaviće se obaveštenje o započinjanju uvodnog skeniranja - klikni OK

Sačekaj nekoliko minuta da Dr.Web CureIt izvrši Express Scan; ukoliko malware bude pronađen, klikom na taster Yes to All u prozoru koji se pojavi dozvoli programu da izvrši dezinfekciju

Klikni Options > Change settings F9; u prozoru koji će se otvoriti, dečekiraj opciju Heuristic Analysis a zatim klikni OK

U glavnom prozoru obeleži opciju Complete scan a zatim klikni i Dr.Web CureIt će započeti skeniranje

Ukoliko malware bude pronađen, klikom na taster Yes to All u prozoru koji se pojavi dozvoli programu da izvrši dezinfekciju

Kada skeniranje bude završeno, klikni Select all taster (ukoliko je dostupan), a zatim klikni Cure i,
u meniju koji se otvori, klikni Move incurable:


Po završetku procesa, klikni File > Save report list i sačuvaj log na Desktopu


Iskopiraj sadržaj Dr.Web CureIt loga u temu na forumu.

offline
  • Pridružio: 13 Maj 2008
  • Poruke: 113

Evo uradio sam to i opet mi izadje poruka:
MOM.exe-application error
The application faild to initialize prooerly (0xc 000007b). Click on OK to terminate the application.


I izadje mi gde da je avast nasao sledece viruse:

C:\Documents and Settings\Dragan\Local Settings\Temporary Internet Files\Content.IE5\0PIFGLQ7\client_ad[1].htm
Win32:Trojan-gen {Other} Win32:Trojan-gen {Other}

HTML:Iframe-inf
C:\Documents and Settings\Dragan\Local Settings\Temporary Internet Files\Content.IE5\OPAVOLIZ\ADSAdClient31[1].htm

HTML:Iframe-inf
C:\Documents and Settings\Dragan\Local Settings\Temporary Internet Files\Content.IE5\UB2YMR81\yimPlayer[1].htm

HTML:Iframe-inf
C:\Documents and Settings\Dragan\Local Settings\Temporary Internet Files\Content.IE5\UB2YMR81\client_ad[1].htm

HTML:Iframe-inf
C:\Documents and Settings\Dragan\Local Settings\Temporary Internet Files\Content.IE5\0PIFGLQ7\client_ad[1].htm


A evo ga i log drweb:

A0020139.exe;C:\System Volume Information\_restore{717C8FC5-9425-4442-96D7-BBF634F444DD}\RP47;Trojan.Packed.140;Deleted.;
A0003838.exe;C:\System Volume Information\_restore{717C8FC5-9425-4442-96D7-BBF634F444DD}\RP9;Trojan.Packed.140;Deleted.;
A0004921.exe;C:\System Volume Information\_restore{717C8FC5-9425-4442-96D7-BBF634F444DD}\RP9;Trojan.Packed.140;Deleted.;
regwiz.exe;C:\WINDOWS\system32;Trojan.Packed.140;Deleted.;
reflexive.arcade.games.universal.keygen-tsrh.exe;E:\HDD\SANNY\igrice\Luxor v.1.0;Trojan.Packed.140;Deleted.;
A0007756.EXE;E:\System Volume Information\_restore{717C8FC5-9425-4442-96D7-BBF634F444DD}\RP13;Trojan.Packed.140;Deleted.;
A0020208.exe;E:\System Volume Information\_restore{717C8FC5-9425-4442-96D7-BBF634F444DD}\RP47;Trojan.Packed.140;Deleted.;
A0020372.exe;E:\System Volume Information\_restore{717C8FC5-9425-4442-96D7-BBF634F444DD}\RP47;Trojan.Packed.140;Deleted.;
A0020252.exe;F:\System Volume Information\_restore{717C8FC5-9425-4442-96D7-BBF634F444DD}\RP47;Tool.ASEye.2;Incurable.Moved.;
xxlmircv10.exe\data049;F:\ZIKA HDD\programi\xxlmircv10.exe;IRC.Generic.13;;
xxlmircv10.exe;F:\ZIKA HDD\programi;Container contains infected objects;Moved.;
Bannershop GIF Animator 4.5.EXE;F:\ZIKA HDD\programi\Bannershop GIF Animator 4.5\(zabranjeno);Tool.Game(zabranjeno);Incurable.Moved.;
RadLight 3.03 R5.2.exe\data036;F:\ZIKA HDD\programi\RadLight 3.03 R5.2\RadLight 3.03 R5.2.exe;Adware.NewDotNet;;
RadLight 3.03 R5.2.exe\data037;F:\ZIKA HDD\programi\RadLight 3.03 R5.2\RadLight 3.03 R5.2.exe;Adware.NewDotNet;;
RadLight 3.03 R5.2.exe;F:\ZIKA HDD\programi\RadLight 3.03 R5.2;Archive contains infected objects;Moved.;
F7_Total Commander_V6.03a 32 bit (16.04.2004)_MULTI_Patch.exe;F:\ZIKA HDD\programi\Total Commander 6.03a\(zabranjeno)\F7_TotalCommander_V6.03a 32bit (160404)_BLACKLiSTKiLLER;Tool.ASEye.2;Incurable.Moved.;

offline
  • diarno  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 15 Jun 2007
  • Poruke: 5572

Klikni desnim tasterom miša na avast! ikonicu ( ) u donjem, desnom uglu ekrana i izaberi Stop OnAccess Protection.

Napomena: Ne zaboravi da uključiš ovu opciju po završetku čišćenja.


Skini ComboFix sa jedne od sledecih adresa na Desktop:
http://download.bleepingcomputer.com/sUBs/ComboFix.exe
http://www.forospyware.com/sUBs/ComboFix.exe
http://subs.geekstogo.com/ComboFix.exe

Startuj ga i ne diraj prozor programa dok skenira.
Sledi uputstva na ekranu. Kada zavrsi pojavice se log (C:\ComboFix.txt) koji ces nam ovde iskopirati.

offline
  • Pridružio: 13 Maj 2008
  • Poruke: 113

evo logo:

ComboFix 09-03-06.02 - Dragan 2009-03-10 13:04:21.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2047.1453 [GMT -8:00]
Running from: c:\documents and settings\Dragan\Desktop\ComboFix.exe
AV: avast! antivirus 4.8.1335 [VPS 090309-0] *On-access scanning disabled* (Updated)
* Created a new restore point

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((( Files Created from 2009-02-10 to 2009-03-10 )))))))))))))))))))))))))))))))
.

2009-03-10 00:52 . 2009-03-10 00:52 <DIR> d-------- c:\documents and settings\Administrator\DoctorWeb
2009-03-09 19:53 . 2009-03-09 20:03 <DIR> d-------- c:\documents and settings\Administrator\Application Data\Spyware Terminator
2009-03-09 19:52 . 2009-03-10 00:52 <DIR> d-------- c:\documents and settings\Administrator
2009-03-09 19:46 . 2009-03-10 13:03 <DIR> d-------- c:\program files\Crawler
2009-03-09 02:07 . 2009-03-09 02:07 <DIR> d-------- c:\program files\Robster Productions
2009-03-09 00:57 . 2009-03-09 00:57 <DIR> d-------- c:\program files\Common Files\ACD Systems
2009-03-09 00:57 . 2009-03-09 00:57 <DIR> d-------- c:\program files\ACD Systems
2009-03-09 00:57 . 2009-03-09 00:57 <DIR> d-------- c:\documents and settings\Dragan\Application Data\ACD Systems
2009-03-09 00:57 . 2009-03-09 00:57 <DIR> d-------- c:\documents and settings\All Users\Application Data\ACD Systems
2009-03-07 22:17 . 2009-03-08 01:19 <DIR> d-------- C:\totalcmd
2009-03-07 22:17 . 2008-08-08 07:04 545 --a------ c:\windows\UC.PIF
2009-03-07 22:17 . 2008-08-08 07:04 545 --a------ c:\windows\RAR.PIF
2009-03-07 22:17 . 2008-08-08 07:04 545 --a------ c:\windows\PKZIP.PIF
2009-03-07 22:17 . 2008-08-08 07:04 545 --a------ c:\windows\PKUNZIP.PIF
2009-03-07 22:17 . 2008-08-08 07:04 545 --a------ c:\windows\NOCLOSE.PIF
2009-03-07 22:17 . 2008-08-08 07:04 545 --a------ c:\windows\LHA.PIF
2009-03-07 22:17 . 2008-08-08 07:04 545 --a------ c:\windows\ARJ.PIF
2009-03-07 22:17 . 2009-03-08 01:19 501 --a------ c:\windows\wincmd.ini
2009-03-01 19:24 . 2009-03-01 19:24 <DIR> d-------- c:\program files\Trymedia
2009-03-01 19:24 . 2009-03-01 20:07 10 --a------ c:\windows\popcinfo.dat
2009-03-01 19:18 . 2009-03-01 19:20 52 ---h----- c:\windows\popcreg.dat
2009-03-01 17:55 . 2009-03-01 18:05 <DIR> d-------- c:\documents and settings\Dragan\Application Data\Nero
2009-03-01 17:49 . 2009-03-01 17:53 <DIR> d-------- C:\Temp
2009-03-01 17:39 . 2009-03-06 13:35 <DIR> d-------- c:\program files\AskTBar
2009-03-01 17:38 . 2009-03-01 17:38 4,767 --a------ c:\windows\Irremote.ini
2009-03-01 17:36 . 2009-03-01 17:36 <DIR> d-------- c:\program files\Windows Sidebar
2009-03-01 17:28 . 2009-03-01 17:37 <DIR> d-------- c:\program files\Nero
2009-03-01 17:27 . 2009-03-01 17:49 <DIR> d-------- c:\program files\Common Files\Nero
2009-03-01 17:27 . 2009-03-01 17:32 <DIR> d-------- c:\documents and settings\All Users\Application Data\Nero
2009-03-01 14:26 . 2009-03-01 14:26 <DIR> d-------- c:\program files\YouTube Downloader
2009-03-01 13:15 . 2009-03-01 13:15 98,304 --a------ c:\windows\system32\CmdLineExt.dll
2009-03-01 13:05 . 2009-03-01 13:05 <DIR> d-------- c:\program files\Rockstar Games
2009-02-28 23:43 . 2009-02-28 23:43 <DIR> d-------- c:\documents and settings\All Users\Application Data\PopCap Games
2009-02-28 23:43 . 2009-03-01 19:20 14 --a------ c:\windows\popcinfot.dat
2009-02-26 03:09 . 2009-02-26 03:09 <DIR> d-------- c:\program files\uTorrent
2009-02-26 03:08 . 2009-03-10 13:02 <DIR> d-------- c:\documents and settings\Dragan\Application Data\uTorrent
2009-02-25 20:00 . 2009-02-25 20:00 <DIR> d-------- c:\program files\Eidos Interactive
2009-02-25 14:37 . 2009-02-25 14:37 <DIR> d-------- c:\documents and settings\All Users\Application Data\Yahoo! Companion
2009-02-25 00:49 . 2009-03-10 08:02 <DIR> d-------- c:\documents and settings\Dragan\Application Data\skypePM
2009-02-25 00:49 . 2009-02-25 00:49 56 --ah----- c:\windows\system32\ezsidmv.dat
2009-02-25 00:45 . 2009-03-10 12:52 <DIR> d-------- c:\documents and settings\Dragan\Application Data\Skype
2009-02-25 00:44 . 2009-02-25 00:44 <DIR> dr------- c:\program files\Skype
2009-02-25 00:44 . 2009-02-25 00:44 <DIR> d-------- c:\program files\Common Files\Skype
2009-02-25 00:44 . 2009-02-25 00:44 <DIR> d-------- c:\documents and settings\All Users\Application Data\Skype
2009-02-24 01:31 . 2008-04-14 00:15 10,368 --a------ c:\windows\system32\drivers\hidusb.sys
2009-02-24 01:31 . 2008-04-14 00:15 10,368 --a--c--- c:\windows\system32\dllcache\hidusb.sys
2009-02-21 01:06 . 2009-02-21 01:06 <DIR> d-------- c:\windows\Sun
2009-02-21 01:04 . 2009-02-21 01:04 <DIR> d-------- c:\program files\Java
2009-02-21 01:04 . 2009-02-21 01:04 410,984 --a------ c:\windows\system32\deploytk.dll
2009-02-21 01:04 . 2009-02-21 01:04 73,728 --a------ c:\windows\system32\javacpl.cpl
2009-02-20 00:54 . 2009-02-20 00:54 <DIR> d-------- c:\documents and settings\Dragan\Application Data\Canneverbe_Limited
2009-02-20 00:40 . 2009-02-20 00:40 <DIR> d-------- c:\program files\SpeedBitPlus
2009-02-20 00:40 . 2009-03-07 22:03 <DIR> d-------- c:\program files\SpeedBit Video Accelerator
2009-02-20 00:40 . 2009-02-20 00:40 <DIR> d-------- c:\program files\Conduit
2009-02-20 00:40 . 2009-02-20 00:40 172,032 --a------ c:\windows\system32\AniGIF.ocx
2009-02-19 16:47 . 2009-02-19 16:47 <DIR> d-------- c:\program files\Opera

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-03-10 20:48 --------- d-----w c:\program files\Folder Guard Pro
2009-03-10 19:35 --------- d-----w c:\program files\Spyware Terminator
2009-03-10 19:35 --------- d-----w c:\documents and settings\All Users\Application Data\Spyware Terminator
2009-03-10 19:00 --------- d-----w c:\program files\WinClamAVShield
2009-03-10 19:00 --------- d-----w c:\documents and settings\Dragan\Application Data\Spyware Terminator
2009-03-10 04:15 --------- d-----w c:\program files\Mv2Player
2009-03-10 03:41 --------- d-----w c:\program files\Valve
2009-03-09 09:45 --------- d-----w c:\program files\Winamp
2009-03-01 21:05 --------- d--h--w c:\program files\InstallShield Installation Information
2009-03-01 21:01 --------- d-----w c:\documents and settings\Dragan\Application Data\DAEMON Tools Lite
2009-02-25 22:35 --------- d-----w c:\program files\Yahoo!
2009-02-22 21:12 --------- d-----w c:\program files\Windows Live
2009-02-20 08:33 --------- d-----w c:\program files\CCleaner
2009-02-19 08:24 --------- d-----w c:\program files\Google
2009-02-08 16:56 --------- d-----w c:\documents and settings\Dragan\Application Data\DAEMON Tools Pro
2009-02-08 16:56 --------- d-----w c:\documents and settings\Dragan\Application Data\DAEMON Tools
2009-02-08 16:55 --------- d-----w c:\program files\DAEMON Tools Toolbar
2009-02-08 16:55 --------- d-----w c:\program files\DAEMON Tools Lite
2009-02-08 16:55 --------- d-----w c:\documents and settings\All Users\Application Data\DAEMON Tools Lite
2009-02-08 16:53 717,296 ----a-w c:\windows\system32\drivers\sptd.sys
2009-02-08 13:40 --------- d-----w c:\documents and settings\Dragan\Application Data\Media Player Classic
2009-02-08 13:32 --------- d-----w c:\documents and settings\All Users\Application Data\CyberLink
2009-02-08 13:31 --------- d-----w c:\program files\CyberLink
2009-02-08 13:22 --------- d-----w c:\program files\Xilisoft
2009-02-08 13:15 --------- d-----w c:\documents and settings\All Users\Application Data\Yahoo!
2009-02-08 08:13 --------- d-----w c:\documents and settings\Dragan\Application Data\Yahoo!
2009-02-08 02:29 141,312 ----a-w c:\windows\system32\drivers\sp_rsdrv2.sys
2009-02-08 02:04 --------- d-----w c:\program files\Alwil Software
2009-02-07 21:20 --------- d-----w c:\documents and settings\Dragan\Application Data\7Wonders
2009-02-07 16:35 --------- d-----w c:\program files\K-Lite Codec Pack
2009-02-07 15:59 --------- d-----w c:\program files\Microsoft Sync Framework
2009-02-07 15:58 --------- d-----w c:\program files\Microsoft SQL Server Compact Edition
2009-02-07 15:57 --------- d-----w c:\program files\Windows Live SkyDrive
2009-02-07 15:57 --------- d-----w c:\program files\Microsoft
2009-02-07 15:39 --------- d-----w c:\program files\Common Files\Windows Live
2009-02-07 12:40 --------- d-----w c:\documents and settings\Dragan\Application Data\InstallShield
2009-02-07 12:31 --------- d-----w c:\program files\Realtek
2009-02-07 12:30 335,872 ----a-w c:\windows\HideWin.exe
2009-02-07 12:30 --------- d-----w c:\program files\DIFX
2009-02-07 11:31 --------- d-----w c:\program files\microsoft frontpage
2009-02-07 03:57 --------- d-----w c:\documents and settings\Dragan\Application Data\ATI
2009-02-07 03:57 --------- d-----w c:\documents and settings\All Users\Application Data\ATI
2009-02-07 03:56 --------- d-----w c:\program files\My Company Name
2009-02-07 03:55 --------- d-----w c:\program files\ATI Technologies
2009-02-07 03:54 --------- d-----w c:\program files\Common Files\ATI Technologies
2009-02-07 03:51 --------- d-----w c:\program files\Common Files\InstallShield
2009-02-07 03:45 --------- d-----w c:\program files\Common Files\Adobe
2009-02-07 03:41 15,600 ----a-w c:\windows\gdrv.sys
2009-02-07 03:20 308,088 ----a-w c:\windows\WLXPGSS.SCR
2009-02-07 02:52 49,504 ----a-w c:\windows\system32\sirenacm.dll
2009-02-01 13:18 616 ----a-w c:\windows\Fonts\#aaifnt.ttf
2008-12-11 00:33 86,016 ----a-w c:\windows\system32\dpl100.dll
.

------- Sigcheck -------

2004-08-03 17:07 31744 f2141146c63f512eac2d610f6dd81097 c:\windows\$NtServicePackUninstall$\svchost.exe
2008-04-14 05:42 32256 71ec6a6267c62a26081dc266e79323bd c:\windows\ServicePackFiles\i386\svchost.exe
2008-04-14 05:42 31744 8c3ae121b21d80c4a1486239c1f7e245 c:\windows\system32\svchost.exe

2008-04-14 05:42 1051136 bcdd1701ab0959529db688658d329da4 c:\windows\explorer.exe
2004-08-03 17:07 1049600 dbf03a6d32f260f712a495d186399540 c:\windows\$NtServicePackUninstall$\explorer.exe
2008-04-14 05:42 1051136 34ff4b9caf13aa0635fb0f870133f0b5 c:\windows\ServicePackFiles\i386\explorer.exe

2004-08-03 17:07 32768 3f56218187927da5b6525199b4926eda c:\windows\$NtServicePackUninstall$\ctfmon.exe
2008-04-14 05:42 32768 57a2e8dfbfaf8f41bdf931ca685b8101 c:\windows\ServicePackFiles\i386\ctfmon.exe
2008-04-14 05:42 32768 18d77de02e6ee0016b600c5f2dd9dde3 c:\windows\system32\ctfmon.exe

2004-08-03 17:07 75264 9247fb65a23a48f02007e1ed337c3975 c:\windows\$NtServicePackUninstall$\spoolsv.exe
2008-04-14 05:42 75264 51d832156aa25fd01aa527ad91d5963e c:\windows\ServicePackFiles\i386\spoolsv.exe
2008-04-14 05:42 75776 bda753890d3b3b903a79cc45af6cc3ea c:\windows\system32\spoolsv.exe

2004-08-03 17:07 128512 5d42581105bdbc09d5e7917577b168c1 c:\windows\$NtServicePackUninstall$\wuauclt.exe
2008-04-14 05:42 128512 f6a62cc75e2827f290bd24ae6f7edf6e c:\windows\ServicePackFiles\i386\wuauclt.exe
2008-04-14 05:42 128512 34a527e069eee4942b633ca753c6f207 c:\windows\system32\wuauclt.exe

2004-08-03 17:07 41984 81f967bf61d9f34ad7d589f7a8a6af46 c:\windows\$NtServicePackUninstall$\userinit.exe
2008-04-14 05:42 43520 0af1bcae5cfd55aafc99c60b0fbe7218 c:\windows\ServicePackFiles\i386\userinit.exe
2008-04-14 05:42 43520 5b1f7ffac6d8b86d023cfa0a4885442f c:\windows\system32\userinit.exe
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{60270dc7-9ea0-472f-9b77-66652c06246e}"= "c:\program files\SpeedBitPlus\tbSpee.dll" [2008-06-04 1542168]

[HKEY_CLASSES_ROOT\clsid\{60270dc7-9ea0-472f-9b77-66652c06246e}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{60270dc7-9ea0-472f-9b77-66652c06246e}]
2008-06-04 00:26 1542168 --a------ c:\program files\SpeedBitPlus\tbSpee.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{60270dc7-9ea0-472f-9b77-66652c06246e}"= "c:\program files\SpeedBitPlus\tbSpee.dll" [2008-06-04 1542168]

[HKEY_CLASSES_ROOT\clsid\{60270dc7-9ea0-472f-9b77-66652c06246e}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{60270DC7-9EA0-472F-9B77-66652C06246E}"= "c:\program files\SpeedBitPlus\tbSpee.dll" [2008-06-04 1542168]

[HKEY_CLASSES_ROOT\clsid\{60270dc7-9ea0-472f-9b77-66652c06246e}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-02-08 39408]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-02-06 3885408]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 32768]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2009-02-04 23975720]
"Yahoo! Pager"="c:\program files\Yahoo!\Messenger\YahooMessenger.exe" [2007-08-30 4670704]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-01-21 81920]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-02-05 81000]
"SpywareTerminator"="c:\progra~1\SPYWAR~1\SpywareTerminatorShield.exe" [2009-03-10 1801216]
"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2005-12-07 47616]
"LanguageShortcut"="c:\program files\CyberLink\PowerDVD\Language\Language.exe" [2006-04-13 69632]
"SpeedBitVideoAccelerator"="c:\program files\SpeedBit Video Accelerator\VideoAccelerator.exe" [2009-02-20 2705008]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-02-21 148888]
"fssui"="c:\program files\Windows Live\Family Safety\fsui.exe" [2009-02-06 454000]
"RTHDCPL"="RTHDCPL.EXE" [2007-07-05 c:\windows\RTHDCPL.exe]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.ACDV"= ACDV.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0aswBoot.exe /M:170b03ed

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Valve\\hl.exe"=
"e:\\Filmovi\\Pro.Evolution.Soccer.2009.Full-Rip.Skullptura\\PES 2009\\pes2009.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\SpeedBit Video Accelerator\\VideoAccelerator.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2/7/2009 6:04:27 PM 114768]
R1 sp_rsdrv2;Spyware Terminator Driver 2;c:\windows\system32\drivers\sp_rsdrv2.sys [2/7/2009 6:29:27 PM 141312]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2/7/2009 6:04:27 PM 20560]
R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [2/7/2009 7:59:14 AM 55136]
R2 fsssvc;Windows Live Porodicna bezbednost;c:\program files\Windows Live\Family Safety\fsssvc.exe [2/6/2009 6:08:58 PM 533360]
R2 sbbotdi;sbbotdi;c:\progra~1\SPEEDB~1\sbbotdi.sys [2/20/2009 12:40:14 AM 35584]
R2 SeaPort;SeaPort;c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [1/14/2009 5:53:02 PM 226656]
R2 VideoAcceleratorService;VideoAcceleratorService;c:\progra~1\SPEEDB~1\VideoAcceleratorService.exe -start -scm --> c:\progra~1\SPEEDB~1\VideoAcceleratorService.exe -start -scm [?]
R3 AtiHdmiService;ATI Function Driver for HDMI Service;c:\windows\system32\drivers\AtiHdmi.sys [2/6/2009 7:52:43 PM 93696]
R3 FGUARD32;FGUARD32;c:\program files\Folder Guard Pro\FGUARD32.SYS [2/8/2009 9:12:19 AM 54008]

--- Other Services/Drivers In Memory ---

*NewlyCreated* - SP_RSSRV

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{21f63406-f5dd-11dd-891b-001fd0b5bc2f}]
\Shell\AutoOpen\command - .\MSOCache\90000804-6000-11D3-8CFE-0150048383C9\KB915865.exe
\Shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL .\MSOCache\90000804-6000-11D3-8CFE-0150048383C9\KB915865.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{47b432c9-f555-11dd-a50e-001fd0b5bc2f}]
\Shell\AutoOpen\command - .\MSOCache\90000804-6000-11D3-8CFE-0150048383C9\KB915865.exe
\Shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL .\MSOCache\90000804-6000-11D3-8CFE-0150048383C9\KB915865.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a0f79ecf-f4fd-11dd-84f7-806d6172696f}]
\Shell\AutoRun\command - D:\Run.exe
.
- - - - ORPHANS REMOVED - - - -

URLSearchHooks-{9CB65206-89C4-402c-BA80-02D8C59F9B1D} - c:\program files\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL


.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.rs/
mStart Page = hxxp://www.yahoo.com
mSearch Bar = hxxp://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Crawler Search - tbr:iemenu
Handler: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - c:\progra~1\Crawler\ctbr.dll
FF - ProfilePath - c:\documents and settings\Dragan\Application Data\Mozilla\Firefox\Profiles\iw9jy7da.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.yahoo.com/search?ei=UTF-8&fr=ytff-msgr&p=
FF - prefs.js: browser.search.selectedEngine - Yahoo
FF - prefs.js: browser.startup.homepage - hxxp://google.rs
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?ei=UTF-8&fr=ytff-msgr&p=
FF - component: c:\program files\DAEMON Tools Toolbar\FirefoxDTT\components\DTToolbarFF.dll
FF - component: c:\program files\Mozilla Firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}\components\NPComponent.dll
FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll
FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll
FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, gmer.net
Rootkit scan 2009-03-10 13:05:19
Windows 5.1.2600 Service Pack 3 NTFS

detected NTDLL code modification:
ZwOpenFile

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(724)
c:\windows\system32\Ati2evxx.dll
.
Completion time: 2009-03-10 13:06:03
ComboFix-quarantined-files.txt 2009-03-10 21:06:01

Pre-Run: 32.589.066.240 bytes free
Post-Run: 32,638,812,160 bytes free

254

offline
  • diarno  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 15 Jun 2007
  • Poruke: 5572

Bice ovde veselo ...

Uploaduj mi sledeci fajl :

c:\windows\system32\userinit.exe

http://www.mycity.rs/ambulanta-upload.php

Ko je trenutno na forumu
 

Ukupno su 1082 korisnika na forumu :: 42 registrovanih, 5 sakrivenih i 1035 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: 357magnum, 9k38, A.R.Chafee.Jr., antonije64, Apok, Asparagus, BORUTUS, Brana01, Bubili, darkangel, dijica, dragoljub11987, havoc995, ILGromovnik, jaeger, Karla, Koridor, Krvava Devetka, Kubovac, kybonacci, Leonov, ljuba, Luka Blažević, marsovac 2, mercedesamg, mikrimaus, milimoj, milos.cbr, Mlav, Nemanja.M, opt1, ruma, sap, Sir Budimir, Srle993, Trpe Grozni, vathra, Vlada78, VP6919, W123, zixmix, zxstole