MyCity » Ambulanta -> Arhiva Ambulante » Video ActiveX Access ??? Sta je ovo sad?

Video ActiveX Access ??? Sta je ovo sad?

Napisano na dan: 21.8.2007

Strana:
1
2
3
4

Video ActiveX Access ??? Sta je ovo sad?

Pagination

Prethodna strana

Sledeća strana

Pagination

Odgovori

Strana:
1
2
3
4

dorothy Poslao: 21 Avg 2007 19:59 Idi na vrh
offline dorothy Građanin Pridružio: 07 Feb 2007 Poruke: 144 Gde živiš: u Ozu...	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! neuspeva...i dalje ne mogu da skinem

Profil

bobby Poslao: 21 Avg 2007 20:02 Idi na vrh
offline bobby Administrator Pridružio: 04 Sep 2003 Poruke: 24135 Gde živiš: Wien	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Ima jos jedan fajl koji treba da nadjemo u System32 folderu, barem je tako bilo do sada sa ostalim VideoActiveX infekcijama koje smo do sada imali na forumu. Probajmo sledece: preuzmi program Deckard's System Scanner. Preporučuje se čuvanje programa direktno na Desktop radi lakšeg i bržeg pokretanja. Program se startuje prosto - dvoklikom na ikonu. Skeniranje i provera sistema se odvija kroz par koraka i traje maksimalno par minuta. Rezultat je log main.txt koji Deckard's System Scanner kreira i otvara automatski po završtetku skeniranja. Kompletan sadržaj tog loga je potrebno kopirati i postovati na forum u sledećem postu radi analize.

Profil

dorothy Poslao: 21 Avg 2007 20:11 Idi na vrh
offline dorothy Građanin Pridružio: 07 Feb 2007 Poruke: 144 Gde živiš: u Ozu...	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Deckard's System Scanner v20070819.64 Run by Korisnik on 2007-08-21 20:05:13 Computer is in Normal Mode. -------------------------------------------------------------------------------- -- System Restore -------------------------------------------------------------- Successfully created a Deckard's System Scanner Restore Point. -- Last 5 Restore Point(s) -- 73: 2007-08-21 17:05:18 UTC - RP309 - Deckard's System Scanner Restore Point 72: 2007-08-21 16:29:55 UTC - RP308 - System Checkpoint 71: 2007-08-20 08:00:38 UTC - RP307 - System Checkpoint 70: 2007-08-18 20:29:06 UTC - RP306 - System Checkpoint 69: 2007-08-17 19:56:38 UTC - RP305 - System Checkpoint -- First Restore Point -- 1: 2007-06-07 18:10:48 UTC - RP237 - System Checkpoint Backed up registry hives. Performed disk cleanup. [color=red]Total Physical Memory: 504 MiB (512 MiB recommended).[/color] -- HijackThis (run as Korisnik.exe) -------------------------------------------- Logfile of HijackThis v1.99.1 Scan saved at 20:09:15, on 21.08.2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\igfxtray.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxpers.exe C:\WINDOWS\RTHDCPL.EXE C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\RssReader\RssReader.exe C:\AppServ\Apache2.2\bin\httpd.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\AppServ\MySQL\bin\mysqld-nt.exe C:\AppServ\Apache2.2\bin\httpd.exe C:\Program Files\Eset\nod32krn.exe C:\Program Files\CyberLink\Shared files\RichVideo.exe C:\PROGRA~1\Lavasoft\AD-AWA~1\Ad-Watch.exe C:\Program Files\Yahoo!\Yahoo! Widget Engine\YahooWidgetEngine.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\Program Files\MSN Messenger\usnsvc.exe C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe C:\Program Files\ESET\nod32kui.exe C:\Documents and Settings\Korisnik\Desktop\dss.exe C:\DOCUME~1\Korisnik\Desktop\NEWFOL~1\Korisnik.exe C:\WINDOWS\system32\NOTEPAD.EXE R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = .local R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file) O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {5DDE5591-A8AB-4897-93EF-1E4E943F85A7} - C:\Program Files\Video ActiveX Access\iesplg.dll (file missing) O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O3 - Toolbar: Protection Bar - {CC18AE76-7E65-4258-A193-9EA0C52DA6B8} - C:\Program Files\Video ActiveX Access\iesbpl.dll (file missing) O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe" O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [SweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe O4 - HKCU\..\Run: [MsnMsgr] ~"C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [RssReader] C:\Program Files\RssReader\RssReader.exe O4 - HKCU\..\Run: [BitTorrent] "C:\Program Files\BitTorrent\bittorrent.exe" --force_start_minimized O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [AWMON] "C:\PROGRA~1\Lavasoft\AD-AWA~1\Ad-Watch.exe" O4 - HKCU\..\Run: [SweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE O4 - Startup: Yahoo! Widget Engine.lnk = C:\Program Files\Yahoo!\Yahoo! Widget Engine\YahooWidgetEngine.exe O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O8 - Extra context menu item: &NeoTrace It! - C:\PROGRA~1\NEOTRA~1\NTXcontext.htm O8 - Extra context menu item: Add to AMV Convert Tool... - C:\Program Files\MP3 Player Utilities 4.00\AMVConverter\grab.html O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: MediaManager tool grab multimedia file - C:\Program Files\MP3 Player Utilities 4.00\MediaManager\grab.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra button: NeoTrace It! - {9885224C-1217-4c5f-83C2-00002E6CEF2B} - C:\PROGRA~1\NEOTRA~1\NTXtoolbar.htm (file missing) (HKCU) O10 - Unknown file in Winsock LSP: c:\program files\bonjour\mdnsnsp.dll O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1164012359218 O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://d-dragana.spaces.live.com/PhotoUpload/MsnPUpld.cab O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\ O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: Apache2.2 - Unknown owner - C:\AppServ\Apache2.2\bin\httpd.exe" -k runservice (file missing) O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe O23 - Service: mysql - Unknown owner - C:\AppServ\MySQL\bin\mysqld-nt.exe O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe -- File Associations ----------------------------------------------------------- [COLOR=red].js - JSFile - DefaultIcon - C:\Program Files\Macromedia\Dreamweaver MX 2004\Dreamweaver.exe,2[/COLOR] [COLOR=red].js - JSFile - shell\open\command - "C:\Program Files\Macromedia\Dreamweaver MX 2004\Dreamweaver.exe" "%1"[/COLOR] -- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------- R1 SASDIFSV - c:\program files\superantispyware\sasdifsv.sys R1 SASKUTIL - c:\program files\superantispyware\saskutil.sys R2 AMON - c:\windows\system32\drivers\amon.sys <Not Verified; Eset; NOD32 Antivirus System> R3 pfc (Padus ASPI Shell) - c:\windows\system32\drivers\pfc.sys <Not Verified; Padus, Inc.; Padus(R) ASPI Shell> R3 RT2500 (RT2500 Wireless Driver) - c:\windows\system32\drivers\rt2500.sys <Not Verified; Ralink Technology Inc.; RT2500 802.11g Wireless Adapters> R3 SASENUM - c:\program files\superantispyware\sasenum.sys <Not Verified; SuperAdBlocker, Inc.; SuperAntiSpyware> S3 ss_bus (Samsung Mobile USB Device 1.0 driver (WDM)) - c:\windows\system32\drivers\ss_bus.sys <Not Verified; MCCI; Samsung Mobile USB Device 1.0> S3 ss_mdfl (SAMSUNG Mobile USB Modem 1.0 Filter) - c:\windows\system32\drivers\ss_mdfl.sys <Not Verified; MCCI; SAMSUNG Mobile USB Modem 1.0 Filter> S3 ss_mdm (SAMSUNG Mobile USB Modem 1.0 Drivers) - c:\windows\system32\drivers\ss_mdm.sys <Not Verified; MCCI; SAMSUNG Mobile USB Modem 1.0> -- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled -------------------- R2 Apache2.2 - "c:\appserv\apache2.2\bin\httpd.exe" -k runservice <Not Verified; Apache Software Foundation; Apache HTTP Server> R2 Bonjour Service (##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##) - "c:\program files\bonjour\mdnsresponder.exe" <Not Verified; Apple Computer, Inc.; Bonjour> R2 mysql - c:\appserv\mysql\bin\mysqld-nt --defaults-file=c:\appserv\mysql\my.ini mysql R2 RichVideo (Cyberlink RichVideo Service(CRVS)) - "c:\program files\cyberlink\shared files\richvideo.exe" <Not Verified; ; RichVideo Module> S3 FLEXnet Licensing Service - "c:\program files\common files\macrovision shared\flexnet publisher\fnplicensingservice.exe" <Not Verified; Macrovision Europe Ltd.; FLEXnet Publisher (32 bit)> S3 NBService - c:\program files\nero\nero 7\nero backitup\nbservice.exe -- Device Manager: Disabled ---------------------------------------------------- Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318} Description: Marvell Yukon 88E8001/8003/8010 PCI Gigabit Ethernet Controller Device ID: PCI\VEN_11AB&DEV_4320&SUBSYS_E0001458&REV_13\4&BC67B8D&0&28F0 Manufacturer: Marvell Name: Marvell Yukon 88E8001/8003/8010 PCI Gigabit Ethernet Controller PNP Device ID: PCI\VEN_11AB&DEV_4320&SUBSYS_E0001458&REV_13\4&BC67B8D&0&28F0 Service: yukonwxp -- Scheduled Tasks ------------------------------------------------------------- 2007-07-27 14:07:00 284 --a------ C:\WINDOWS\Tasks\AppleSoftwareUpdate.job -- Files created between 2007-07-21 and 2007-08-21 ----------------------------- 2007-08-21 19:07:01 0 d--h----- C:\Documents and Settings\Administrator\Templates 2007-08-21 19:07:01 0 dr------- C:\Documents and Settings\Administrator\Start Menu 2007-08-21 19:07:01 0 dr-h----- C:\Documents and Settings\Administrator\SendTo 2007-08-21 19:07:01 0 d--h----- C:\Documents and Settings\Administrator\Recent 2007-08-21 19:07:01 0 d--h----- C:\Documents and Settings\Administrator\PrintHood 2007-08-21 19:07:01 524288 --ah----- C:\Documents and Settings\Administrator\NTUSER.DAT 2007-08-21 19:07:01 0 d--h----- C:\Documents and Settings\Administrator\NetHood 2007-08-21 19:07:01 0 d-------- C:\Documents and Settings\Administrator\My Documents 2007-08-21 19:07:01 0 d--h----- C:\Documents and Settings\Administrator\Local Settings 2007-08-21 19:07:01 0 d-------- C:\Documents and Settings\Administrator\Favorites 2007-08-21 19:07:01 0 d-------- C:\Documents and Settings\Administrator\Desktop 2007-08-21 19:07:01 0 d---s---- C:\Documents and Settings\Administrator\Cookies 2007-08-21 19:07:01 0 dr-h----- C:\Documents and Settings\Administrator\Application Data 2007-08-21 19:07:01 0 d---s---- C:\Documents and Settings\Administrator\Application Data\Microsoft 2007-08-20 20:20:12 0 d-------- C:\Program Files\AIMP2 2007-08-16 19:51:43 0 d-------- C:\Program Files\IncrediMail 2007-08-14 12:51:54 0 d-------- C:\Program Files\mIRC 2007-08-12 17:08:47 0 d-------- C:\divx 2007-08-11 15:41:08 0 d-------- C:\Documents and Settings\Korisnik\Application Data\funkitron 2007-08-11 14:01:24 0 d-------- C:\Documents and Settings\All Users\Application Data\Oberon Media 2007-08-08 16:35:16 0 d-------- C:\Program Files\GameHouse 2007-08-07 22:42:55 86016 --a------ C:\WINDOWS\unvise32.exe <Not Verified; MindVision Software; Installer VISE> 2007-08-07 22:42:51 0 d-------- C:\Program Files\TerraGame 2007-08-06 22:45:23 0 dr-h----- C:\Documents and Settings\Korisnik\Recent 2007-07-31 20:22:08 0 d-------- C:\Program Files\Common Files\Skype 2007-07-26 13:16:27 0 d-------- C:\Program Files\Lavasoft 2007-07-24 14:39:51 0 d-------- C:\Program Files\NeoTracePro 2007-07-24 14:29:21 0 d-------- C:\Program Files\Tactile Pictures 2007-07-24 14:29:10 0 d-------- C:\Documents and Settings\Korisnik\WINDOWS -- Find3M Report --------------------------------------------------------------- 2007-08-21 19:08:01 0 d-------- C:\Program Files\Video ActiveX Access 2007-08-21 14:12:01 0 d-------- C:\Program Files\SUPERAntiSpyware 2007-08-14 12:29:21 0 d-------- C:\Program Files\eMule 2007-08-11 17:10:10 0 d-------- C:\Program Files\Easy CD-DA Extractor 6 2007-08-10 21:48:03 0 d-------- C:\Program Files\Prost telefonski imenik 2007-08-10 13:39:28 0 d-------- C:\Documents and Settings\Korisnik\Application Data\Macromedia 2007-08-07 00:21:43 0 d-------- C:\Documents and Settings\Korisnik\Application Data\Skype 2007-08-05 16:42:33 0 d-------- C:\Program Files\Macrogaming 2007-08-04 00:51:27 1289 --a------ C:\WINDOWS\mozver.dat 2007-08-04 00:51:08 0 d-------- C:\Program Files\Java 2007-08-02 14:43:19 0 d-------- C:\Program Files\RssReader 2007-07-31 20:22:13 0 d-------- C:\Program Files\Skype 2007-07-31 20:22:08 0 d-------- C:\Program Files\Common Files 2007-07-27 19:30:13 0 d-------- C:\Documents and Settings\Korisnik\Application Data\Audacity 2007-07-26 13:17:30 0 d-------- C:\Documents and Settings\Korisnik\Application Data\Lavasoft 2007-07-24 13:25:35 0 d-------- C:\Documents and Settings\Korisnik\Application Data\Adobe 2007-07-02 22:27:54 0 d-------- C:\Program Files\ICQLite 2007-07-02 22:26:49 0 d-------- C:\Program Files\Google 2007-07-02 22:25:34 0 d-------- C:\Documents and Settings\Korisnik\Application Data\Leadertech 2007-05-31 09:44:55 823296 --a------ C:\WINDOWS\system32\divx_xx07.dll <Not Verified; DivX, Inc.; DivX®> 2007-05-31 09:44:54 802816 --a------ C:\WINDOWS\system32\divx_xx11.dll <Not Verified; DivX, Inc.; DivX?> 2007-05-31 09:44:54 823296 --a------ C:\WINDOWS\system32\divx_xx0c.dll <Not Verified; DivX, Inc.; DivX®> 2007-05-31 09:44:54 740442 --a------ C:\WINDOWS\system32\DivX.dll <Not Verified; DivX, Inc.; DivX®> -- Registry Dump --------------------------------------------------------------- Note* empty entries & legit default entries are not shown [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{5DDE5591-A8AB-4897-93EF-1E4E943F85A7}] C:\Program Files\Video ActiveX Access\iesplg.dll [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser] "{CC18AE76-7E65-4258-A193-9EA0C52DA6B8}"= C:\Program Files\Video ActiveX Access\iesbpl.dll [ ] [-HKEY_CLASSES_ROOT\CLSID\{CC18AE76-7E65-4258-A193-9EA0C52DA6B8}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "igfxtray"="C:\WINDOWS\system32\igfxtray.exe" [28.11.2005 08:55] "igfxhkcmd"="C:\WINDOWS\system32\hkcmd.exe" [28.11.2005 08:52] "igfxpers"="C:\WINDOWS\system32\igfxpers.exe" [28.11.2005 08:55] "RTHDCPL"="RTHDCPL.EXE" [18.05.2006 09:27 C:\WINDOWS\RTHDCPL.EXE] "SkyTel"="SkyTel.EXE" [16.05.2006 13:04 C:\WINDOWS\SkyTel.exe] "Alcmtr"="ALCMTR.EXE" [03.05.2005 13:43 C:\WINDOWS\ALCMTR.EXE] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe" [14.03.2007 03:43] "nod32kui"="C:\Program Files\Eset\nod32kui.exe" [08.12.2006 00:07] "TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [09.12.2006 23:49] "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [01.09.2006 17:57] "GrooveMonitor"="C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" [27.10.2006 00:47] "Adobe Photo Downloader"="C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe" [] "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [11.05.2007 03:06] "SweetIM"="C:\Program Files\Macrogaming\SweetIM\SweetIM.exe" [] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [04.08.2004 02:56] "SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [27.06.2007 12:52] "MsnMsgr"="~C:\Program Files\MSN Messenger\MsnMsgr.exe" [] "RssReader"="C:\Program Files\RssReader\RssReader.exe" [04.04.2004 17:21] "BitTorrent"="C:\Program Files\BitTorrent\bittorrent.exe" [] "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [29.06.2007 21:22] "AWMON"="C:\PROGRA~1\Lavasoft\AD-AWA~1\Ad-Watch.exe" [25.05.2005 12:12] "SweetIM"="C:\Program Files\Macrogaming\SweetIM\SweetIM.exe" [] C:\Documents and Settings\Korisnik\Start Menu\Programs\Startup\ OneNote 2007 Screen Clipper and Launcher.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE [26.10.2006 20:24:54] Yahoo! Widget Engine.lnk - C:\Program Files\Yahoo!\Yahoo! Widget Engine\YahooWidgetEngine.exe [04.05.2007 22:39:42] C:\Documents and Settings\All Users\Start Menu\Programs\Startup\ Adobe Gamma Loader.exe.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [09.12.2006 16:16:39] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler] "{6e886df7-914d-48f0-86b3-a5cf24385361}"= C:\WINDOWS\system32\fwrkqfl.dll [ ] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [20.12.2006 13:55 77824] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon] C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL 29.04.2007 12:27 294912 C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk] path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk backup=C:\WINDOWS\pss\Adobe Reader Speed Launch.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" -- End of Deckard's System Scanner: finished at 2007-08-21 20:09:56 ------------ ima i neki extra.txt ako treba i to da prikazem....?

Profil

bobby Poslao: 21 Avg 2007 20:22 Idi na vrh
offline bobby Administrator Pridružio: 04 Sep 2003 Poruke: 24135 Gde živiš: Wien	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Daj i Extra.txt, a uradi i sledece: pronadji sledeci fajl - C:\WINDOWS\system32\fwrkqfl.dll i ukoliko ga nadjes uploaduje ga preko sledece forme - http://www.mycity.rs/ambulanta-upload.php Ukoliko ne mozes da nadjes taj fajl, proveri da li ti je ukljucena opcija za prikaz skrivenih fajlova: http://www.mycity.rs/Uputstva-sa-ex-SuperSajta/Kako-videti-skrivene-fajlove.html Uradi jos i sledeće (da vidim da li mogu da nadjem zasto ne mozes da skines SmitFraudFix): Preuzmi fajl gmer.zip sa ovog linka i sačuvaj na Desktop-u. Raspakuj ga u neki folder. Dupli klik na gmer.exe za početak: Izaberi Rootkit Tab na vrhu. Klikni na Scan. Kada je skeniranje završeno, klik na Copy dugme ispod - ovo će sačuvati to u Clipboard. U polju za pisanje poruke na forumu klikni desno dugme misa i odaberi opciju Paste.

Profil

dorothy Poslao: 21 Avg 2007 20:48 Idi na vrh
offline dorothy Građanin Pridružio: 07 Feb 2007 Poruke: 144 Gde živiš: u Ozu...	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Ovo je extra.txt Deckard's System Scanner v20070819.64 Extra logfile - please post this as an attachment with your post. -------------------------------------------------------------------------------- -- System Information ---------------------------------------------------------- Microsoft Windows XP Professional (build 2600) SP 2.0 Architecture: X86; Language: English CPU 0: Intel(R) Pentium(R) 4 CPU 3.06GHz CPU 1: Intel(R) Pentium(R) 4 CPU 3.06GHz Percentage of Memory in Use: 72% Physical Memory (total/avail): 503.48 MiB / 140.23 MiB Pagefile Memory (total/avail): 1228.73 MiB / 810.82 MiB Virtual Memory (total/avail): 2047.88 MiB / 1966.39 MiB A: is Removable (No Media) C: is Fixed (NTFS) - 40.01 GiB total, 19.91 GiB free. D: is Fixed (NTFS) - 109.03 GiB total, 32.47 GiB free. E: is CDROM (No Media) -- Security Center ------------------------------------------------------------- AUOptions is scheduled to auto-install. Windows Internal Firewall is enabled. FirstRunDisabled is set. AntiVirusDisableNotify is set. FirewallDisableNotify is set. UpdatesDisableNotify is set. AV: Eset NOD32 antivirus system 2.51 v2.51 (Eset) [HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe::enabled:@xpsp2res.dll,-22019" "C:\\Program Files\\MSN Messenger\\msncall.exe"="C:\\Program Files\\MSN Messenger\\msncall.exe::Enabled:Windows Live Messenger 8.0 (Phone)" "C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe::Enabled:Windows Live Messenger 8.1" "C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe::Enabled:Windows Live Messenger 8.1 (Phone)" [HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe::enabled:@xpsp2res.dll,-22019" "C:\\Program Files\\MSN Messenger\\msncall.exe"="C:\\Program Files\\MSN Messenger\\msncall.exe::Enabled:Windows Live Messenger 8.0 (Phone)" "C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"="C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE::Enabled:Microsoft Office Outlook" "C:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"="C:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE::Enabled:Microsoft Office OneNote" "C:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"="C:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE::Disabled:Microsoft Office Groove" "C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"="C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe::Enabled:Yahoo! Messenger" "C:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"="C:\\Program Files\\Yahoo!\\Messenger\\YServer.exe::Enabled:Yahoo! FT Server" "C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe::Enabled:Windows Live Messenger 8.1" "C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe::Enabled:Windows Live Messenger 8.1 (Phone)" "C:\\Program Files\\Wolfram Research\\Mathematica\\5.2\\Mathematica.exe"="C:\\Program Files\\Wolfram Research\\Mathematica\\5.2\\Mathematica.exe::Enabled:Mathematica 5.2" "C:\\Program Files\\Wolfram Research\\Mathematica\\5.2\\MathKernel.exe"="C:\\Program Files\\Wolfram Research\\Mathematica\\5.2\\MathKernel.exe::Enabled:Mathematica 5.2 Kernel" "C:\\Program Files\\Wolfram Research\\Mathematica\\5.2\\math.exe"="C:\\Program Files\\Wolfram Research\\Mathematica\\5.2\\math.exe::Enabled:math.exe" "C:\\Program Files\\Bonjour\\mDNSResponder.exe"="C:\\Program Files\\Bonjour\\mDNSResponder.exe::Enabled:Bonjour" "C:\\Program Files\\BitTorrent\\bittorrent.exe"="C:\\Program Files\\BitTorrent\\bittorrent.exe::Enabled:BitTorrent" "C:\\Program Files\\Skype\\Phone\\Skype.exe"="C:\\Program Files\\Skype\\Phone\\Skype.exe::Enabled:Skype" "C:\\Program Files\\IncrediMail\\bin\\ImApp.exe"="C:\\Program Files\\IncrediMail\\bin\\ImApp.exe::Enabled:IncrediMail" "C:\\Program Files\\IncrediMail\\bin\\IncMail.exe"="C:\\Program Files\\IncrediMail\\bin\\IncMail.exe::Enabled:IncrediMail" "C:\\Program Files\\IncrediMail\\bin\\ImpCnt.exe"="C:\\Program Files\\IncrediMail\\bin\\ImpCnt.exe::Enabled:IncrediMail" -- Environment Variables ------------------------------------------------------- ALLUSERSPROFILE=C:\Documents and Settings\All Users APPDATA=C:\Documents and Settings\Korisnik\Application Data CLASSPATH=.;C:\Program Files\Java\jre1.5.0_03\lib\ext\QTJava.zip CLIENTNAME=Console CommonProgramFiles=C:\Program Files\Common Files COMPUTERNAME=XP ComSpec=C:\WINDOWS\system32\cmd.exe FP_NO_HOST_CHECK=NO HOMEDRIVE=C: HOMEPATH=\Documents and Settings\Korisnik LOGONSERVER=\\XP NUMBER_OF_PROCESSORS=2 OS=Windows_NT Path=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\Program Files\QuickTime\QTSystem\;;C:\XDS\BIN;C:\AppServ\Apache2.2\bin;C:\AppServ\php5;C:\AppServ\MySQL\bin PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH PROCESSOR_ARCHITECTURE=x86 PROCESSOR_IDENTIFIER=x86 Family 15 Model 4 Stepping 9, GenuineIntel PROCESSOR_LEVEL=15 PROCESSOR_REVISION=0409 ProgramFiles=C:\Program Files PROMPT=$P$G QTJAVA=C:\Program Files\Java\jre1.5.0_03\lib\ext\QTJava.zip SESSIONNAME=Console SystemDrive=C: SystemRoot=C:\WINDOWS TEMP=C:\DOCUME~1\Korisnik\LOCALS~1\Temp TMP=C:\DOCUME~1\Korisnik\LOCALS~1\Temp USERDOMAIN=XP USERNAME=Korisnik USERPROFILE=C:\Documents and Settings\Korisnik windir=C:\WINDOWS XDSDIR=C:\XDS -- User Profiles --------------------------------------------------------------- XP [I](new local)[/I] Korisnik [I](admin)[/I] Administrator [I](new local, admin)[/I] -- Add/Remove Programs --------------------------------------------------------- --> C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks\|RealPlayer\|6.0 --> C:\Program Files\DivX\ConverterUninstall.exe /CONVERTER --> C:\Program Files\Nero\Nero 7\nero\uninstall\UNNERO.exe /UNINSTALL --> C:\WINDOWS\UNNeroBackItUp.exe /UNINSTALL --> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf AC3Filter (remove only) --> C:\Program Files\AC3Filter\uninstall.exe ACDSee 9 Photo Manager --> MsiExec.exe /I{B2D41883-3BFC-4BA0-A2F6-5A2C9836C238} Ad-Aware SE Professional --> C:\PROGRA~1\Lavasoft\AD-AWA~1\UNWISE.EXE C:\PROGRA~1\Lavasoft\AD-AWA~1\INSTALL.LOG Adobe Anchor Service CS3 --> MsiExec.exe /I{90176341-0A8B-4CCC-A78D-F862228A6B95} Adobe Asset Services CS3 --> MsiExec.exe /I{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61} Adobe Bridge CS3 --> MsiExec.exe /I{9C9824D9-9000-4373-A6A5-D0E5D4831394} Adobe Bridge Start Meeting --> MsiExec.exe /I{08B32819-6EEF-4057-AEDA-5AB681A36A23} Adobe Camera Raw 4.0 --> MsiExec.exe /I{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C} Adobe CMaps --> MsiExec.exe /I{A2B242BD-FF8D-4840-9DAA-9170EABEC59C} Adobe Color - Photoshop Specific --> MsiExec.exe /I{A2D81E70-2A98-4A08-A628-94388B063C5E} Adobe Color Common Settings --> MsiExec.exe /I{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9} Adobe Color EU Extra Settings --> MsiExec.exe /I{51846830-E7B2-4218-8968-B77F0FF475B8} Adobe Color JA Extra Settings --> MsiExec.exe /I{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029} Adobe Color NA Recommended Settings --> MsiExec.exe /I{95655ED4-7CA5-46DF-907F-7144877A32E5} Adobe Default Language CS3 --> MsiExec.exe /I{B9B35331-B7E4-4E5C-BF4C-7BC87856124D} Adobe Device Central CS3 --> MsiExec.exe /I{8D2BA474-F406-4710-9AE4-D4F22D21F0DD} Adobe ExtendScript Toolkit 2 --> MsiExec.exe /I{C2D69781-F392-4118-A5A7-C7E9C38DBFC2} Adobe Flash Player 9 ActiveX --> C:\WINDOWS\system32\Macromed\Flash\FlashUtil9b.exe -uninstallDelete Adobe Fonts All --> MsiExec.exe /I{6ABE0BEE-D572-4FE8-B434-9E72A289431B} Adobe Help Viewer CS3 --> MsiExec.exe /I{04AF207D-9A77-465A-8B76-991F6AB66245} Adobe Linguistics CS3 --> MsiExec.exe /I{54793AA1-5001-42F4-ABB6-C364617C6078} Adobe PDF Library Files --> MsiExec.exe /I{D2559B88-CC9D-4B48-81BB-F492BAA9C48C} Adobe Photoshop 6.0 --> C:\WINDOWS\ISUNINST.EXE -f"C:\Program Files\Adobe\Photoshop 6.0\Uninst.isu" -c"C:\Program Files\Adobe\Photoshop 6.0\Uninst.dll" Adobe Photoshop CS3 --> C:\Program Files\Common Files\Adobe\Installers\719d6f144d0c086a0dfa7ff76bb9ac1\Setup.exe Adobe Photoshop CS3 --> MsiExec.exe /I{3D7E3EC9-46CF-4359-9289-39CE01DFB82F} Adobe Reader 8.1.0 --> MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A81000000003} Adobe Setup --> MsiExec.exe /I{FF11004C-F42A-4A31-9BCF-7F5C8FDBE53C} Adobe Stock Photos CS3 --> MsiExec.exe /I{29E5EA97-5F74-4A57-B8B2-D4F169117183} Adobe SVG Viewer --> C:\WINDOWS\IsUninst.exe -f"C:\WINDOWS\System32\Adobe\SVG Viewer\Uninst.isu" Adobe Type Support --> MsiExec.exe /I{8E6808E2-613D-4FCD-81A2-6C8FA8E03312} Adobe Update Manager CS3 --> MsiExec.exe /I{E69AE897-9E0B-485C-8552-7841F48D42D8} Adobe Version Cue CS3 Client --> MsiExec.exe /I{D0DFF92A-492E-4C40-B862-A74A173C25C5} Adobe WinSoft Linguistics Plugin --> MsiExec.exe /I{184CE391-7E0E-4C63-9935-D7A10EDFD3C6} Adobe XMP Panels CS3 --> MsiExec.exe /I{802771A9-A856-4A41-ACF7-1450E523C923} AIMP2 --> C:\Program Files\AIMP2\UnInstall.exe Apple Software Update --> MsiExec.exe /I{55FA89BD-21D3-42F7-9249-C94C0094A83C} AppServ 2.5.8 (remove only) --> C:\AppServ\Uninstall-AppServ2.5.8.exe Audacity 1.3.2 (Unicode) --> "C:\Program Files\Audacity 1.3 Beta (Unicode)\unins000.exe" DeepBurner v1.8.0.224 --> "C:\Program Files\Astonsoft\DeepBurner\Uninstall.exe" "C:\Program Files\Astonsoft\DeepBurner\install.log" DivX Codec --> C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC DivX Content Uploader --> C:\Program Files\DivX\DivXContentUploaderUninstall.exe /CUPLOADER DivX Converter --> C:\Program Files\DivX\ConverterUninstall.exe /CONVERTER DivX Player --> C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER DivX Web Player --> C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN DVD Shrink 3.2 --> "C:\Program Files\DVD Shrink\unins000.exe" Easy CD-DA Extractor 6 --> C:\WINDOWS\iun6002.exe "C:\Program Files\Easy CD-DA Extractor 6\irunin.ini" eMule --> "C:\Program Files\eMule\Uninstall.exe" Google Earth --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3DE5E7D4-7B88-403C-A3FD-2017A8240C5B}\setup.exe" -l0x9 -removeonly High Definition Audio Driver Package - KB888111 --> "C:\WINDOWS\$NtUninstallKB888111WXPSP2$\spuninst\spuninst.exe" HijackThis 1.99.1 --> C:\Documents and Settings\Korisnik\Desktop\New Folder\HijackThis.exe /uninstall Hotfix for Windows Media Format 11 SDK (KB929399) --> "C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe" IExplorer Security Plug-in --> "C:\Program Files\Video ActiveX Access\iesunst.exe" Intel(R) Graphics Media Accelerator Driver --> RUNDLL32.EXE C:\WINDOWS\system32\ialmrem.dll,UninstallW2KIGfx2ID PCI\VEN_8086&DEV_2776 PCI\VEN_8086&DEV_2772 Intergraph SmartSketch LE --> C:\WINDOWS\ISUNINST.EXE -f"C:\Program Files\SmartSketch\Uninst.isu" -c"C:\Program Files\SmartSketch\removeit.dll" Internet Explorer Secure Bar --> "C:\Program Files\Video ActiveX Access\iesbunst.exe" J2SE Runtime Environment 5.0 Update 10 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150100} J2SE Runtime Environment 5.0 Update 11 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150110} J2SE Runtime Environment 5.0 Update 3 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150030} Java(TM) 6 Update 2 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160020} Java(TM) SE Runtime Environment 6 Update 1 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160010} Live Billiards Demo --> C:\WINDOWS\unvise32.exe C:\Program Files\TerraGame\Live Billiards Demo\uninstal.log Macromedia Dreamweaver MX 2004 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{05BB2EC5-6BEF-4DDC-9E75-BEE7B161157A}\Setup.exe" -l0x9 mmUninstall Macromedia Extension Manager --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A5BA14E0-7384-11D4-BAE7-00409631A2C8}\setup.exe" -l0x9 mmUninstall Macromedia Fireworks MX 2004 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E583ED6F-BD99-4066-A420-C815BF692B69}\Setup.exe" -l0x9 UNINSTALL Macromedia Flash MX 2004 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2F353D44-73BB-4971-B31D-F7642E9E9531}\Setup.exe" -l0x9 UNINSTALL Macromedia FreeHand MXa --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{939740B5-0064-4779-854A-8C1086181C05}\Setup.exe" -l0x9 UNINSTALL Mathematica 5.2 --> C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{6C06DC75-94D9-4A1C-A71D-FEAA9C520224} Messenger Service --> "C:\Program Files\Video ActiveX Access\imsunst.exe" Microsoft Compression Client Pack 1.0 for Windows XP --> "C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe" Microsoft Office 2003 programski dodatak za preslovljavanje --> MsiExec.exe /I{51312349-0B4D-450E-AFAA-03CC28A9531F} Microsoft Office Access MUI (English) 2007 --> MsiExec.exe /X{90120000-0015-0409-0000-0000000FF1CE} Microsoft Office Access Setup Metadata MUI (English) 2007 --> MsiExec.exe /X{90120000-0117-0409-0000-0000000FF1CE} Microsoft Office Enterprise 2007 --> "C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISE /dll OSETUP.DLL Microsoft Office Enterprise 2007 --> MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE} Microsoft Office Excel MUI (English) 2007 --> MsiExec.exe /X{90120000-0016-0409-0000-0000000FF1CE} Microsoft Office Groove MUI (English) 2007 --> MsiExec.exe /X{90120000-00BA-0409-0000-0000000FF1CE} Microsoft Office Groove Setup Metadata MUI (English) 2007 --> MsiExec.exe /X{90120000-0114-0409-0000-0000000FF1CE} Microsoft Office InfoPath MUI (English) 2007 --> MsiExec.exe /X{90120000-0044-0409-0000-0000000FF1CE} Microsoft Office OneNote MUI (English) 2007 --> MsiExec.exe /X{90120000-00A1-0409-0000-0000000FF1CE} Microsoft Office Outlook MUI (English) 2007 --> MsiExec.exe /X{90120000-001A-0409-0000-0000000FF1CE} Microsoft Office PowerPoint MUI (English) 2007 --> MsiExec.exe /X{90120000-0018-0409-0000-0000000FF1CE} Microsoft Office Proof (English) 2007 --> MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE} Microsoft Office Proof (French) 2007 --> MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE} Microsoft Office Proof (Spanish) 2007 --> MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE} Microsoft Office Proofing (English) 2007 --> MsiExec.exe /X{90120000-002C-0409-0000-0000000FF1CE} Microsoft Office Publisher MUI (English) 2007 --> MsiExec.exe /X{90120000-0019-0409-0000-0000000FF1CE} Microsoft Office Shared MUI (English) 2007 --> MsiExec.exe /X{90120000-006E-0409-0000-0000000FF1CE} Microsoft Office Shared Setup Metadata MUI (English) 2007 --> MsiExec.exe /X{90120000-0115-0409-0000-0000000FF1CE} Microsoft Office Word MUI (English) 2007 --> MsiExec.exe /X{90120000-001B-0409-0000-0000000FF1CE} Microsoft User-Mode Driver Framework Feature Pack 1.0 --> "C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe" mIRC --> "C:\Program Files\mIRC\mirc.exe" -uninstall Mozilla Firefox (2.0.0.6) --> C:\Program Files\Mozilla Firefox\uninstall\helper.exe MP3 Player Utilities 4.00 --> MsiExec.exe /I{7784A172-61F1-445E-8368-601607E0DD22} MV2Player (remove only) --> C:\Program Files\Mv2Player\uninst.exe Native XDS-x86 2.51 --> C:\WINDOWS\ISUNINST.EXE -f"C:\XDS\Uninst1.isu" -c"C:\XDS\BIN\UnInst.DLL" Native XDS-x86 TopSpeed Compatibility Pack --> C:\WINDOWS\ISUNINST.EXE -f"C:\XDS\Uninst3.isu" -c"C:\XDS\BIN\UnInst.DLL" Need for Speed Underground 2 --> C:\Program Files\EA GAMES\Need for Speed Underground 2\EAUninstall.exe Nero 7 Ultra Edition --> MsiExec.exe /I{ACE0935B-2B99-4D0A-B173-8CACC6051033} NOD32 antivirus system --> C:\Program Files\Eset\Setup\setup.exe /UNINSTALL NOD32 FiX v1.9 --> "C:\Program Files\Eset\unins000.exe" PDF Settings --> MsiExec.exe /I{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5} PowerDVD --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\Setup.exe" -uninstall Prezentacija DMI version 1.5 --> "C:\Program Files\PMF\DMI\unins000.exe" Prost telefonski imenik --> "C:\Program Files\Prost telefonski imenik\uninstall.exe" QuickTime --> MsiExec.exe /I{F07B861C-72B9-40A4-8B1A-AAED4C06A7E8} RealPlayer --> C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks\|RealPlayer\|6.0 Realtek High Definition Audio Driver --> RtlUpd.exe -r -m RssReader --> MsiExec.exe /I{D88857C8-B36B-42CE-AC26-9FFFEEDB181A} SAMSUNG Mobile USB Modem 1.0 Software --> C:\WINDOWS\system32\Samsung\SS_Uninstall.exe Samsung PC Studio --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C4A4722E-79F9-417C-BD72-8D359A090C97}\setup.exe" -l0x9 -removeonly Samsung PC Studio 3 USB Driver Installer --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EBA29752-DDD2-4B62-B2E3-9841F92A3E3A}\setup.exe" -l0x9 -removeonly Security Update for Excel 2007 (KB936509) --> msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {A00724F5-82C4-4924-B707-0E5A84B52471} Security Update for Office 2007 (KB934062) --> msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {305D509B-F194-4638-9F0F-D9E4C05F9D33} Security Update for Office 2007 (KB936514) --> msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {C7A78F7F-EF32-4477-BAD7-3439EA7571BF} Security Update for Publisher 2007 (KB936646) --> msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {A32E4BAF-6477-45FA-B8AB-E743FA8D63FF} Security Update for the 2007 Microsoft Office System (KB936960) --> msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {5E5BD655-7AA9-47F9-BB6D-A1D8CE29AC86} SereneScreen Aquarium --> "C:\Program Files\SereneScreen\Aquarium\unins000.exe" Skype™ 3.2 --> MsiExec.exe /X{5C82DAE5-6EB0-4374-9254-BE3319BA4E82} SUPERAntiSpyware Free Edition --> MsiExec.exe /X{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA} Total Commander (Remove or Repair) --> c:\totalcmd\tcuninst.exe Unix Utilities for Yahoo! Widgets --> C:\Program Files\Yahoo!\Yahoo! Widget Engine\UnixUtils\uninstall.exe Update for Office 2007 (KB932080) --> msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {EDC9CA29-6BC1-471C-828C-7A36109005D7} Update for Office 2007 (KB934391) --> msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {B3091818-7C56-4C45-BE7D-CA23027A5EA5} Update for Office 2007 (KB934393) --> msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {92FBAD46-E7F6-49FA-89B5-C39FC5BFAD15} Update for Outlook 2007 (KB937608) --> msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {CBB2454D-193F-4523-8A31-FEB343B7C30E} Update for Outlook 2007 Junk Email Filter (kb936644) --> msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {2B581052-BF85-4AA6-91C5-7B0090712B65} Update for Word 2007 (KB934173) --> msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {C6A89125-5473-45E3-B413-ED8186437475} Winamp (remove only) --> "C:\Program Files\Winamp\UninstWA.exe" Windows Live Messenger --> MsiExec.exe /I{571700F0-DB9D-4B3A-B03D-35A14BB5939F} Windows Live Sign-in Assistant --> MsiExec.exe /I{F652D238-5F29-42D5-BAF3-0115EF977EC2} Windows Media Format 11 runtime --> "C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe" Windows Safety Alert --> C:\Documents and Settings\Korisnik\Local Settings\Temp\laf1.exe /del WinRAR arhiver --> C:\Program Files\WinRAR\uninstall.exe Wolfram Notebook Indexer 1.1 --> MsiExec.exe /I{E24A7D40-D12E-4A11-8DEC-7BB21BE4614D} XviD MPEG4 Video Codec (remove only) --> "C:\WINDOWS\system32\xvid-uninstall.exe" XviD Video Codec 19062003-1 (Koepi's developer build) --> "C:\Program Files\XviD\UninstXviD.exe" Yahoo! Widgets --> C:\PROGRA~1\Yahoo!\YAHOO!~1\uninstall.exe -- Application Event Log ------------------------------------------------------- Event Record #/Type4174 / Success Event Submitted/Written: 08/21/2007 07:13:47 PM Event ID/Source: 12001 / usnjsvc Event Description: The Messenger Sharing USN Journal Reader service started successfully. Event Record #/Type4170 / Warning Event Submitted/Written: 08/21/2007 07:09:13 PM Event ID/Source: 100 / MySQL Event Description: Changed limits: max_open_files: 2048 max_connections: 2038 table_cache: 64 For more information, see Help and Support Center at http://www.mysql.com. Event Record #/Type4164 / Success Event Submitted/Written: 08/21/2007 06:59:58 PM Event ID/Source: 12001 / usnjsvc Event Description: The Messenger Sharing USN Journal Reader service started successfully. Event Record #/Type4159 / Warning Event Submitted/Written: 08/21/2007 06:36:25 PM Event ID/Source: 100 / MySQL Event Description: Changed limits: max_open_files: 2048 max_connections: 2038 table_cache: 64 For more information, see Help and Support Center at http://www.mysql.com. Event Record #/Type4146 / Success Event Submitted/Written: 08/21/2007 05:24:10 PM Event ID/Source: 12001 / usnjsvc Event Description: The Messenger Sharing USN Journal Reader service started successfully. -- Security Event Log ---------------------------------------------------------- No Errors/Warnings found. -- System Event Log ------------------------------------------------------------ Event Record #/Type14440 / Warning Event Submitted/Written: 08/21/2007 07:09:30 PM Event ID/Source: 1003 / Dhcp Event Description: Your computer was not able to renew its address from the network (from the DHCP Server) for the Network Card with network address 0006F40BEFD0. The following error occurred: %%121. Your computer will continue to try and obtain an address on its own from the network address (DHCP) server. Event Record #/Type14420 / Error Event Submitted/Written: 08/21/2007 07:08:16 PM Event ID/Source: 10005 / DCOM Event Description: DCOM got error "%%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF} Event Record #/Type14419 / Error Event Submitted/Written: 08/21/2007 07:08:04 PM Event ID/Source: 7026 / Service Control Manager Event Description: The following boot-start or system-start driver(s) failed to load: AFD Fips intelppm IPSec MRxSmb NetBIOS NetBT RasAcd Rdbss SASDIFSV SASKUTIL Tcpip WS2IFSL Event Record #/Type14418 / Error Event Submitted/Written: 08/21/2007 07:08:04 PM Event ID/Source: 7001 / Service Control Manager Event Description: The IPSEC Services service depends on the IPSEC driver service which failed to start because of the following error: %%31 Event Record #/Type14417 / Error Event Submitted/Written: 08/21/2007 07:08:04 PM Event ID/Source: 7001 / Service Control Manager Event Description: The ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: %%31 -- End of Deckard's System Scanner: finished at 2007-08-21 20:09:56 ------------ Ovaj fajl fwrkqfl.dll ne mogu nikako da nadjem i kad mi iskljucena opcija, ali zato mi je javio opet neki threat na C:\WINDOWS\System32\svchost.exe a u opisu je stojalo WIN32/TrojanDownloader.Zlob.BBU trojan Evo i ovaj drugi log GMER 1.0.13.12551 - http://www.gmer.net Rootkit scan 2007-08-21 20:48:33 Windows 5.1.2600 Service Pack 2 ---- User code sections - GMER 1.0.13 ---- .text C:\Program Files\MSN Messenger\msnmsgr.exe[3376] kernel32.dll!SetUnhandledExceptionFilter 7C84467D 5 Bytes JMP 004DE392 C:\Program Files\MSN Messenger\msnmsgr.exe AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_CREATE [AA092BCC] amon.sys AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_CREATE_NAMED_PIPE [AA0931CC] amon.sys AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_CLOSE [AA0931CC] amon.sys AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_READ [AA0931CC] amon.sys AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_WRITE [AA0931CC] amon.sys AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_INFORMATION [AA0931CC] amon.sys AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_SET_INFORMATION [AA0931CC] amon.sys AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_EA [AA0931CC] amon.sys AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_SET_EA [AA0931CC] amon.sys AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_FLUSH_BUFFERS [AA0931CC] amon.sys AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_VOLUME_INFORMATION [AA0931CC] amon.sys AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_SET_VOLUME_INFORMATION [AA0931CC] amon.sys AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_DIRECTORY_CONTROL [AA0931CC] amon.sys AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_FILE_SYSTEM_CONTROL [AA0927D6] amon.sys AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_DEVICE_CONTROL [AA0931CC] amon.sys AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_INTERNAL_DEVICE_CONTROL [AA0931CC] amon.sys AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_SHUTDOWN [AA0931CC] amon.sys AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_LOCK_CONTROL [AA0931CC] amon.sys AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_CLEANUP [AA092F94] amon.sys AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_CREATE_MAILSLOT [AA0931CC] amon.sys AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_SECURITY [AA0931CC] amon.sys AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_SET_SECURITY [AA0931CC] amon.sys AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_POWER [AA0931CC] amon.sys AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_SYSTEM_CONTROL [AA0931CC] amon.sys AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_DEVICE_CHANGE [AA0931CC] amon.sys AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_QUOTA [AA0931CC] amon.sys AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_SET_QUOTA [AA0931CC] amon.sys AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_CREATE [AA092BCC] amon.sys AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_CREATE_NAMED_PIPE [AA0931CC] amon.sys AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_CLOSE [AA0931CC] amon.sys AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_READ [AA0931CC] amon.sys AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_WRITE [AA0931CC] amon.sys AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_QUERY_INFORMATION [AA0931CC] amon.sys AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_SET_INFORMATION [AA0931CC] amon.sys AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_QUERY_EA [AA0931CC] amon.sys AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_SET_EA [AA0931CC] amon.sys AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_FLUSH_BUFFERS [AA0931CC] amon.sys AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_QUERY_VOLUME_INFORMATION [AA0931CC] amon.sys AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_SET_VOLUME_INFORMATION [AA0931CC] amon.sys AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_DIRECTORY_CONTROL [AA0931CC] amon.sys AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_FILE_SYSTEM_CONTROL [AA0927D6] amon.sys AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_DEVICE_CONTROL [AA0931CC] amon.sys AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_INTERNAL_DEVICE_CONTROL [AA0931CC] amon.sys AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_SHUTDOWN [AA0931CC] amon.sys AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_LOCK_CONTROL [AA0931CC] amon.sys AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_CLEANUP [AA092F94] amon.sys AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_CREATE_MAILSLOT [AA0931CC] amon.sys AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_QUERY_SECURITY [AA0931CC] amon.sys AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_SET_SECURITY [AA0931CC] amon.sys AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_POWER [AA0931CC] amon.sys AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_SYSTEM_CONTROL [AA0931CC] amon.sys AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_DEVICE_CHANGE [AA0931CC] amon.sys AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_QUERY_QUOTA [AA0931CC] amon.sys AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_SET_QUOTA [AA0931CC] amon.sys ---- EOF - GMER 1.0.13 ----

Profil

bobby Poslao: 21 Avg 2007 21:31 Idi na vrh
offline bobby Administrator Pridružio: 04 Sep 2003 Poruke: 24135 Gde živiš: Wien	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Skini Ewido micro (8Mb) : http://downloads.ewido.net/ewido_micro.exe Kako se radi sa Ewido micro: - na prvom ekranu odaberi sve particije (štikliraj polja ispred njih) - klikni na dugme Start Scan - nakon završenog skeniranja klikni na Save Report i snimi log fajl na sigurno mesto - klikni na Remove Infections - iskopiraj nam ovde sadržaj log fajla koji je malopre snimljen Nakon skeniranja sa Ewidom i postavljanja log fajla, postavi nam i svez log programa HijackThis.

Profil

dorothy Poslao: 22 Avg 2007 00:22 Idi na vrh
offline dorothy Građanin Pridružio: 07 Feb 2007 Poruke: 144 Gde živiš: u Ozu...	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Wow bilo je 219 infected files...Evo ga log __________________________________________________ ewido anti-spyware online scanner http://www.ewido.net __________________________________________________ Name: TrackingCookie.Cqcounter Path: :mozilla.8:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.Paypal Path: :mozilla.27:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.Live Path: :mozilla.60:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.Live Path: :mozilla.62:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.Live Path: :mozilla.63:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.Live Path: :mozilla.64:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.Live Path: :mozilla.65:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.Live Path: :mozilla.67:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.Live Path: :mozilla.68:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.Live Path: :mozilla.69:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.Adbrite Path: :mozilla.83:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.Adbrite Path: :mozilla.84:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.Adbrite Path: :mozilla.85:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.Statcounter Path: :mozilla.96:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.Statcounter Path: :mozilla.97:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.Statcounter Path: :mozilla.98:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.Statcounter Path: :mozilla.99:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.Statcounter Path: :mozilla.100:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.Statcounter Path: :mozilla.101:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.Statcounter Path: :mozilla.102:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.Statcounter Path: :mozilla.103:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.Statcounter Path: :mozilla.104:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.Statcounter Path: :mozilla.105:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.Statcounter Path: :mozilla.106:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.Statcounter Path: :mozilla.107:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.Statcounter Path: :mozilla.108:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.Statcounter Path: :mozilla.109:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.Statcounter Path: :mozilla.110:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.Statcounter Path: :mozilla.111:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.Statcounter Path: :mozilla.112:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.Statcounter Path: :mozilla.113:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.Statcounter Path: :mozilla.114:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.Statcounter Path: :mozilla.115:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.Statcounter Path: :mozilla.116:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.Statcounter Path: :mozilla.117:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.Statcounter Path: :mozilla.118:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.Statcounter Path: :mozilla.119:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.Statcounter Path: :mozilla.120:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.Statcounter Path: :mozilla.121:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.Statcounter Path: :mozilla.122:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.Statcounter Path: :mozilla.123:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.Statcounter Path: :mozilla.124:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.Statcounter Path: :mozilla.125:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.Statcounter Path: :mozilla.126:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.Statcounter Path: :mozilla.127:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.Statcounter Path: :mozilla.128:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.Statcounter Path: :mozilla.129:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.Statcounter Path: :mozilla.130:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.Statcounter Path: :mozilla.131:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.Statcounter Path: :mozilla.132:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.Statcounter Path: :mozilla.133:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.Statcounter Path: :mozilla.134:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.Statcounter Path: :mozilla.135:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.Statcounter Path: :mozilla.136:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.Statcounter Path: :mozilla.137:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.Statcounter Path: :mozilla.138:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.Statcounter Path: :mozilla.139:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.Statcounter Path: :mozilla.140:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.Statcounter Path: :mozilla.141:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.Statcounter Path: :mozilla.142:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.Statcounter Path: :mozilla.143:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.Statcounter Path: :mozilla.144:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.Statcounter Path: :mozilla.145:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.Live Path: :mozilla.168:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.Live Path: :mozilla.169:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.Live Path: :mozilla.170:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.Doubleclick Path: :mozilla.175:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.Zedo Path: :mozilla.206:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.Zedo Path: :mozilla.207:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.Zedo Path: :mozilla.208:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.Zedo Path: :mozilla.209:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.Zedo Path: :mozilla.210:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.Zedo Path: :mozilla.211:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.2o7 Path: :mozilla.213:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.2o7 Path: :mozilla.214:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.2o7 Path: :mozilla.215:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.2o7 Path: :mozilla.216:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.2o7 Path: :mozilla.217:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.2o7 Path: :mozilla.218:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.2o7 Path: :mozilla.219:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.2o7 Path: :mozilla.220:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.2o7 Path: :mozilla.221:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.2o7 Path: :mozilla.222:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.2o7 Path: :mozilla.223:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.2o7 Path: :mozilla.224:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.2o7 Path: :mozilla.225:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.2o7 Path: :mozilla.226:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.2o7 Path: :mozilla.227:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.2o7 Path: :mozilla.228:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.2o7 Path: :mozilla.229:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.2o7 Path: :mozilla.230:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.2o7 Path: :mozilla.231:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.2o7 Path: :mozilla.232:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.2o7 Path: :mozilla.233:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.2o7 Path: :mozilla.234:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.2o7 Path: :mozilla.235:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.2o7 Path: :mozilla.236:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.2o7 Path: :mozilla.237:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.2o7 Path: :mozilla.238:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.2o7 Path: :mozilla.239:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.2o7 Path: :mozilla.240:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.Tacoda Path: :mozilla.254:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.Tacoda Path: :mozilla.255:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.Tacoda Path: :mozilla.256:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.Tacoda Path: :mozilla.257:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.Tacoda Path: :mozilla.258:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.Atdmt Path: :mozilla.300:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.Yieldmanager Path: :mozilla.314:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.Yieldmanager Path: :mozilla.315:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.Yieldmanager Path: :mozilla.316:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.Yieldmanager Path: :mozilla.318:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.Yieldmanager Path: :mozilla.319:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.Casalemedia Path: :mozilla.329:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.Casalemedia Path: :mozilla.330:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.Casalemedia Path: :mozilla.331:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.Casalemedia Path: :mozilla.332:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.Casalemedia Path: :mozilla.333:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.Casalemedia Path: :mozilla.334:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.Fastclick Path: :mozilla.335:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.Fastclick Path: :mozilla.336:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.Fastclick Path: :mozilla.337:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.Tribalfusion Path: :mozilla.346:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.Ivwbox Path: :mozilla.371:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.Atdmt Path: :mozilla.379:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.Revsci Path: :mozilla.382:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.Revsci Path: :mozilla.383:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.Revsci Path: :mozilla.389:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.Revsci Path: :mozilla.390:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.Revsci Path: :mozilla.391:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.Revsci Path: :mozilla.392:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.Revsci Path: :mozilla.393:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.Com Path: :mozilla.394:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.Com Path: :mozilla.395:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.Yadro Path: :mozilla.411:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.Questionmarket Path: :mozilla.415:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.Questionmarket Path: :mozilla.416:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.Hitbox Path: :mozilla.447:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.Hitbox Path: :mozilla.448:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.Mediaplex Path: :mozilla.468:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.Mediaplex Path: :mozilla.469:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.2o7 Path: :mozilla.497:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.Googleadservices Path: :mozilla.518:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.2o7 Path: :mozilla.529:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.Linksynergy Path: :mozilla.540:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.Linksynergy Path: :mozilla.541:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.Onestat Path: :mozilla.544:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.Onestat Path: :mozilla.545:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.Serving-sys Path: :mozilla.576:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.Serving-sys Path: :mozilla.577:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.Serving-sys Path: :mozilla.578:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.Serving-sys Path: :mozilla.579:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.Serving-sys Path: :mozilla.580:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.Serving-sys Path: :mozilla.581:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.Imrworldwide Path: :mozilla.584:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.Imrworldwide Path: :mozilla.585:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.Pointroll Path: :mozilla.623:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.Pointroll Path: :mozilla.624:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.Pointroll Path: :mozilla.625:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.Pointroll Path: :mozilla.626:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.Pointroll Path: :mozilla.627:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.Pointroll Path: :mozilla.628:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.Pointroll Path: :mozilla.629:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.Pointroll Path: :mozilla.630:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.Pointroll Path: :mozilla.631:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.Advertising Path: :mozilla.642:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.Advertising Path: :mozilla.643:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.Advertising Path: :mozilla.644:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.Advertising Path: :mozilla.645:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.Advertising Path: :mozilla.646:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.Revsci Path: :mozilla.647:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.Hitbox Path: :mozilla.689:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.Googleadservices Path: :mozilla.722:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.Hitbox Path: :mozilla.723:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.Liveperson Path: :mozilla.726:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.Liveperson Path: :mozilla.727:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.2o7 Path: :mozilla.737:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.247realmedia Path: :mozilla.740:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.247realmedia Path: :mozilla.741:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.Adviva Path: :mozilla.746:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.Adjuggler Path: :mozilla.749:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.Adjuggler Path: :mozilla.750:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.Adjuggler Path: :mozilla.751:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.Hitbox Path: :mozilla.761:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.Hitbox Path: :mozilla.766:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.Hitbox Path: :mozilla.767:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.Specificclick Path: :mozilla.773:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.Specificclick Path: :mozilla.774:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.Specificclick Path: :mozilla.775:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.Specificclick Path: :mozilla.776:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.Tradedoubler Path: :mozilla.801:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.Tradedoubler Path: :mozilla.802:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.Tradedoubler Path: :mozilla.803:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.Adrevolver Path: :mozilla.806:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.Adrevolver Path: :mozilla.807:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.Adrevolver Path: :mozilla.808:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.Adrevolver Path: :mozilla.809:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.Adrevolver Path: :mozilla.810:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.Adrevolver Path: :mozilla.811:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.Adrevolver Path: :mozilla.812:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.Liveperson Path: :mozilla.828:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.2o7 Path: :mozilla.839:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.Hotlog Path: :mozilla.842:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.Overture Path: :mozilla.867:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.Hitbox Path: :mozilla.869:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.Hitbox Path: :mozilla.870:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.Liveperson Path: :mozilla.871:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.2o7 Path: :mozilla.872:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.Weborama Path: :mozilla.893:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.Weborama Path: :mozilla.894:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.Weborama Path: :mozilla.895:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.Webtrends Path: :mozilla.931:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.Burstnet Path: :mozilla.938:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.Burstnet Path: :mozilla.939:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.Skype Path: :mozilla.941:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.Skype Path: :mozilla.942:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.Skype Path: :mozilla.943:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.Skype Path: :mozilla.944:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.Skype Path: :mozilla.945:C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\owkgrn4q.default\cookies.txt Risk: Medium Name: TrackingCookie.Skype Path: C:\WINDOWS\system32\config\systemprofile\Cookies\system@skype[1].txt Risk: Medium HijackThis log Logfile of HijackThis v1.99.1 Scan saved at 00:17:31, on 22.08.2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\igfxtray.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxpers.exe C:\WINDOWS\RTHDCPL.EXE C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\RssReader\RssReader.exe C:\AppServ\Apache2.2\bin\httpd.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\AppServ\MySQL\bin\mysqld-nt.exe C:\AppServ\Apache2.2\bin\httpd.exe C:\Program Files\Eset\nod32krn.exe C:\Program Files\CyberLink\Shared files\RichVideo.exe C:\PROGRA~1\Lavasoft\AD-AWA~1\Ad-Watch.exe C:\Program Files\Yahoo!\Yahoo! Widget Engine\YahooWidgetEngine.exe C:\Program Files\MSN Messenger\usnsvc.exe C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe C:\Program Files\ESET\nod32kui.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\Documents and Settings\Korisnik\Desktop\New Folder\HijackThis.exe R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file) O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {5DDE5591-A8AB-4897-93EF-1E4E943F85A7} - C:\Program Files\Video ActiveX Access\iesplg.dll (file missing) O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O3 - Toolbar: Protection Bar - {CC18AE76-7E65-4258-A193-9EA0C52DA6B8} - C:\Program Files\Video ActiveX Access\iesbpl.dll (file missing) O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe" O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [SweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe O4 - HKCU\..\Run: [MsnMsgr] ~"C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [RssReader] C:\Program Files\RssReader\RssReader.exe O4 - HKCU\..\Run: [BitTorrent] "C:\Program Files\BitTorrent\bittorrent.exe" --force_start_minimized O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [AWMON] "C:\PROGRA~1\Lavasoft\AD-AWA~1\Ad-Watch.exe" O4 - HKCU\..\Run: [SweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE O4 - Startup: Yahoo! Widget Engine.lnk = C:\Program Files\Yahoo!\Yahoo! Widget Engine\YahooWidgetEngine.exe O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O8 - Extra context menu item: &NeoTrace It! - C:\PROGRA~1\NEOTRA~1\NTXcontext.htm O8 - Extra context menu item: Add to AMV Convert Tool... - C:\Program Files\MP3 Player Utilities 4.00\AMVConverter\grab.html O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: MediaManager tool grab multimedia file - C:\Program Files\MP3 Player Utilities 4.00\MediaManager\grab.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra button: NeoTrace It! - {9885224C-1217-4c5f-83C2-00002E6CEF2B} - C:\PROGRA~1\NEOTRA~1\NTXtoolbar.htm (file missing) (HKCU) O10 - Unknown file in Winsock LSP: c:\program files\bonjour\mdnsnsp.dll O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1164012359218 O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://d-dragana.spaces.live.com/PhotoUpload/MsnPUpld.cab O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\ O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: Apache2.2 - Unknown owner - C:\AppServ\Apache2.2\bin\httpd.exe" -k runservice (file missing) O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe O23 - Service: mysql - Unknown owner - C:\AppServ\MySQL\bin\mysqld-nt.exe O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe Svaka Vama čast što Vi ovo razumete...ja bih se ovde jako tesko snasla Sta dalje?

Profil

bobby Poslao: 22 Avg 2007 17:19 Idi na vrh
offline bobby Administrator Pridružio: 04 Sep 2003 Poruke: 24135 Gde živiš: Wien	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! @dorothy Jos uvek mi se ne svidja stanje, tj. nisam potpuno siguran da je racunar cist 100% sto se tice ove infekcije. Zamolio sam jednog od kolega da se javi u temi i da ti objasni kako se pravilno iskljucuje NOD32 tako da taj download SmitFraudFix-a odradimo, posto nam je taj program jedini pokazatelj kojem verujem kada je ova infekcija u pitanju. Za sada jedino nemoj koristiti Internet Explorer, sve dok ne budemo sigurni da smo lepo ocistili racunar.

Profil

dorothy Poslao: 22 Avg 2007 17:24 Idi na vrh
offline dorothy Građanin Pridružio: 07 Feb 2007 Poruke: 144 Gde živiš: u Ozu...	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! hvala na trudu. Ne znam da li sam sinoc napomenula da mi se pojavilo opet dva thereate na c:\WINDOWS\System32\svchost.exe i javi WIN32/Trojan.Downlaodae.Zlob.BBu trojan i na C:\Deckard\SysremScaner\backup\...\rle.dll isti threat. Taj svchost.exe sam videla u onom logu iznad...da li to treba da izbrisem ili? Hvala unapred, one more time ...

Profil

bobby Poslao: 22 Avg 2007 17:33 Idi na vrh
offline bobby Administrator Pridružio: 04 Sep 2003 Poruke: 24135 Gde živiš: Wien	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Za sada nemoj nista dirati dok ne dobijes uputstva kako se pravilno gasi NOD32, pa da stvar nakon toga resimo SmitFraudFixom.

Profil

MyCity » Ambulanta -> Arhiva Ambulante » Video ActiveX Access ??? Sta je ovo sad?

Ko je trenutno na forumu

Ukupno su 1398 korisnika na forumu :: 56 registrovanih, 12 sakrivenih i 1330 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: 357magnum, Aleksandar Tomić, amstel, Atomski čoban, bladesu, bojcistv, bokisha253, Boris90, brundo65, ccoogg123, cenejac111, comi_pfc, Dorcolac, dozorni, dule10savic, Faki-Valjevo, GandorCC, hatman, hologram, ikan, JimmyNapoli, Joco Skljoco, kalens021, kokodakalo, Krusarac, Kubovac, kunktator, kybonacci, Luka Blažević, mercedesamg, mile23, MILICAT, nemkea71, oldtimer, Panter, panzerwaffe, Parker, raptorsi, rasok, Romibrat, rovac, ruma, ruso, ser.hill, solic, SR-3m, Srle993, Stoilkovic, t84dar, vathra, virked, vlad4, Vladko, vukovi, Wrangler, Zimbabwe

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by