|
| |||||||
| Registracija | Mapa Spy | Member List | Donacije | Pretraživanje | Today's Posts | Označi Sve Forume Kao Pročitane | Forum Rules |
 |
 |
| | Thread Tools |
|
#1
21. listopada 2008, 10:48
| |||
| |||
| Zaraženo Heur.trojan.generic Molimo Pomoć moj računalo na poslu hasn't imao dobar anti-virus i nakon što sam instalirao kaspersky utvrdio da moj lsass.exe \ qoMghecb.dll kartoteka jesu okužen sa virus heur.trojan.generic. Nema informacija o tome na većini web stranice o virusu i kako ga ukloniti. Može netko ugoditi pomoć mene vanjska strana? |
|
#2
21. listopada 2008, 10:49
| ||||||||||||
| ||||||||||||
| Zaraženo Heur.trojan.generic Molimo Pomoć http://www.computer-juice.com/forums...-posting-7476/
__________________
Slijedite vodič, instalirati besplatan softver i post log datoteke. Tada je momčad štetnih sadržaja može vidjeti što nije u redu sa vašim sustavom. My System: Hybr! D
|
|
#3
27. listopada 2008, 08:58
| |||
| |||
| Zaraženo Heur.trojan.generic Molimo Pomoć ok tu su skenirane iz ove oteti, super spyware i malware odnosno Logfile of Trend Micro HijackThis v2.0.2 Skenirajte spremljena u 11:48:36, dana 10/27/2008 Platforma: Windows XP SP2 (Winnt 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Pokretanje procesa: C: \ WINDOWS \ System32 \ smss.exe C: \ WINDOWS \ system32 \ Winlogon.exe C: \ WINDOWS \ system32 \ services.exe C: \ WINDOWS \ system32 \ lsass.exe C: \ WINDOWS \ system32 \ Svchost.exe C: \ Program Files \ Microsoft Windowsi Živ OneCare \ AntiVirus \ MsMpEng.exe C: \ WINDOWS \ System32 \ Svchost.exe C: \ WINDOWS \ explorer.exe C: \ WINDOWS \ system32 \ spoolsv.exe C: \ Program Files \ Kaspersky Lab \ Kaspersky Internet Security 2009 \ avp.exe C: \ WINDOWS \ system32 \ Ctfmon.exe C: \ programa ~ 1 \ UOBIČAJENA ~ 1 \ AOL \ ACS \ AOLacsd.exe C: \ Program Files \ Kaspersky Lab \ Kaspersky Internet Security 2009 \ avp.exe C: \ Program Files \ Common Files \ Microsoft Shared \ VS7DEBUG \ MDM.EXE C: \ WINDOWS \ system32 \ nvsvc32.exe C: \ Program Files \ Microsoft Windowsi Živ OneCare \ Firewall \ msfwsvc.exe C: \ WINDOWS \ system32 \ wscntfy.exe C: \ Program Files \ Western Union \ Universal-Izdanje \ Translink.exe C: \ Program Files \ Internet Explorer \ iexplore.exe C: \ Program Files \ Mozilla Firefox \ firefox.exe C: \ Program Files \ Trend Micro \ HijackThis \ sniper.exe.exe R1 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Default_Page_URL = http://www.google.com/ig/dell?hl=en&...us&ibd=6061025 R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://www.yahoo.com/ R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://www.dell.com R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Search, Default_Page_URL = http://www.google.com/ig/dell?hl=en&...us&ibd=6061025 O2 - BHO: Yahoo! Toolbar Helper - (02478D38-C3F9-4EFB-9B51-7695ECA05670) - C: \ Program Files \ Yahoo! \ Companion \ Instalira \ cpn \ yt.dll O2 - BHO: Adobe PDF Reader Link Helper - (06849E9F-C8D7-4D59-B87D-784B7D6BE0B3) - C: \ Program Files \ Adobe \ Acrobat 7,0 \ ActiveX \ AcroIEHelper.dll O2 - BHO: SSVHelper Class - (761497BB-D6F0-462C-B6EB-D4DAF1D92D43) - C: \ Program Files \ Java \ jre1.5.0_09 \ bin \ ssv.dll O2 - BHO: Google Toolbar Helper - (AA58ED58-01DD-4d91-8333-CF10577473F7) - c: \ program files \ google \ googletoolbar3.dll O2 - BHO: Google Toolbar Notifier BHO - (AF69DE43-7D58-4638-B6FA-CE66B5AD205D) - C: \ Program Files \ Google \ GoogleToolbarNotifier \ 3.1.807.1746 \ sw g.dll O2 - BHO: CBrowserHelperObject Object - (CA6319C0-31B7-401E-A518-A07C3DB8F777) - C: \ Program Files \ BAE \ BAE.dll O3 - Toolbar: Yahoo! Toolbar - (EF99BD32-C1FB-11D2-892F-0090271D4F88) - C: \ Program Files \ Yahoo! \ Companion \ Instalira \ cpn \ yt.dll O3 - Toolbar: & Google - (2318C2B1-4965-11d4-9B18-009027A5CD4F) - c: \ program files \ google \ googletoolbar3.dll O4 - HKLM \ .. \ Run: [NvCplDaemon] RUNDLL32.EXE C: \ WINDOWS \ system32 \ NvCpl.dll, NvStartup O4 - HKLM \ .. \ Run: [QuickTime Task] "C: \ Program Files \ QuickTime \ qttask.exe"-atboottime O4 - HKLM \ .. \ Run: [AVP] "C: \ Program Files \ Kaspersky Lab \ Kaspersky Internet Security 2009 \ avp.exe" O4 - HKCU \ .. \ Run: [Ctfmon.exe] C: \ WINDOWS \ system32 \ Ctfmon.exe O8 - Extra kontekst meni stavka: Add to Banner Ad Blocker - C: \ Program Files \ Kaspersky Lab \ Kaspersky Internet Security 2009 \ ie_banner_deny.htm O8 - Extra kontekst meni stavka: E & zvezi u Microsoft Excel - res: / / C: \ programa ~ 1 \ MI1933 ~ 1 \ OFFICE11 \ EXCEL.EXE/3000 O9 - Extra button: (no name) - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Program Files \ Java \ jre1.5.0_09 \ bin \ ssv.dll O9 - Extra 'Tools' MENUITEM: Sun Java Console - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Program Files \ Java \ jre1.5.0_09 \ bin \ ssv.dll O9 - Extra button: Web statistika prometa zaštita - (1F460357-8A94-4D71-9CA3-AA4ACF32ED8E) - C: \ Program Files \ Kaspersky Lab \ Kaspersky Internet Security 2009 \ SCIEPlgn.dll O9 - Extra button: Research - (92780B25-18CC-41C8-B9BE-3C9C571A8263) - C: \ programa ~ 1 \ MI1933 ~ 1 \ OFFICE11 \ REFIEBAR.DLL O9 - Extra button: Real.com - (CD67F990-D8E9-11D2-98FE-00C0F0318AFE) - C: \ WINDOWS \ system32 \ Shdocvw.dll O9 - Extra button: Messenger - (FB5F1910-F110-11D2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe O9 - Extra 'Tools' MENUITEM: Windows Messenger - (FB5F1910-F110-11D2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe O16 - DPF: (05D44720-58E3-49E6-BDF6-D00330E511D3) (StagingUI Object) -- http://zone.msn.com/binFrameWork/v10...I.cab55579.cab O16 - DPF: (3BB54395-5982-4788-8AF4-B5388FFDD0D8) (MSN Games - Buddy Invite) -- http://zone.msn.com/BinFrameWork/v10...y.cab55579.cab O16 - DPF: (3C1F44A9-D1FD-4AA5-BC66-69816B58680C) (Printer Class) -- https: / / webcenter.ipponline.com / ippo...iptPrinter.cab O16 - DPF: (5736C456-EA94-4AAC-BB08-917ABDD035B3) (ZonePAChat Object) -- http://zone.msn.com/binframework/v10...t.cab55579.cab O16 - DPF: (6B0228D7-D6D5-4B97-82E7-79557E4314D0) (ScannerDll.CheckScanner) -- https: / / webcenter.ipponline.com / ippo...ScannerDll.CAB O16 - DPF: (B8BE5E93-A60C-4D26-A2DC-220313175592) (MSN Games - Installer) -- http://cdn2.zone.msn.com/binFramewor...o.cab56649.cab O16 - DPF: (DA2AA6CF-5C7A-4B71-BC3B-C771BB369937) (MSN Games - Game Communicator) -- http://zone.msn.com/binframework/v10...y.cab55579.cab O16 - DPF: (F773E7B2-62A9-4524-9109-87D2F0BEFAA4) (ChessControl Class) -- http://zone.msn.com/bingame/zpagames...p.cab56961.cab O18 - Filter hijack: text / html - (59610584-cc18-436f-b031-a6893781f08d) - C: \ WINDOWS \ system32 \ msziptools.dll Ø20 - AppInit_DLLs: C: \ Program ~ 1 \ Google \ GOOGLE ~ 1 \ GOEC62 ~ 1.DLL, C: \ Program ~ 1 \ KASPER ~ 1 \ KASPER ~ 1 \ mzvkbd.dll, C: \ Program ~ 1 \ KASPER ~ 1 \ KASPER ~ 1 \ mzvkbd3.dll, C: \ Program ~ 1 \ KASPER ~ 1 \ KASPE R ~ 1 \ adialhk.dll, C: \ Program ~ 1 \ KASPER ~ 1 \ KASPER ~ 1 \ kloe hk.dll dwolhm.dll O20 - Winlogon Obavijesti:! SASWinLogon - C: \ Program Files \ SUPERAntiSpyware \ SASWINLO.dll O23 - Service: AOL Povezivanje Service (ACS AOL) - America Online, Inc - C: \ programa ~ 1 \ UOBIČAJENA ~ 1 \ AOL \ ACS \ AOLacsd.exe O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C: \ Program Files \ Kaspersky Lab \ Kaspersky Internet Security 2009 \ avp.exe O23 - Service: Google Updater Service (gusvc) - Google - C: \ Program Files \ Google \ Common \ Google Updater \ GoogleUpdaterService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C: \ WINDOWS \ system32 \ nvsvc32.exe -- End of file - 6163 bytes |
|
#4
27. listopada 2008, 08:58
| |||
| |||
| Zaraženo Heur.trojan.generic Molimo Pomoć SUPERAntiSpyware Scan Prijava http://www.superantispyware.com Generated 10/23/2008 at 11:31 Application Version: 4/21/1004 Core Pravila Database Version: 3.606 Trace Pravila Database Version: 1592 Scan type: Cijela Scan Ukupno Scan Time: 00:36:11 Memorija stavke skenirane: 460 Memorija prijetnje otkrivena: 3 Registry stavke skenirane: 5.191 Registar prijetnje detected: 385 File stavke skenirane: 37.221 File prijetnje detected: 260 Trojan.Downloader-NewJuan/VM C: \ WINDOWS \ system32 \ SZNQNJ.DLL C: \ WINDOWS \ system32 \ SZNQNJ.DLL Trojan.Vundo-Variant/Small-GEN C: \ WINDOWS \ system32 \ RQRIJAST.DLL C: \ WINDOWS \ system32 \ RQRIJAST.DLL Adware.Vundo Varijanta / Resident C: \ WINDOWS \ system32 \ QOMGHECB.DLL C: \ WINDOWS \ system32 \ QOMGHECB.DLL Trojan.Vundo-Variant/NextGen HKLM \ Software \ Microsoft \ Windows \ CurrentVersion \ Exp lorer \ Browser Helper Objects \ (14F3A19A-1552-46C1-A1C8-A2179A397038) HKCR \ CLSID \ (14F3A19A-1552-46C1-A1C8-A2179A397038) HKCR \ CLSID \ (14F3A19A-1552-46C1-A1C8-A2179A397038) \ InprocServer32 HKCR \ CLSID \ (14F3A19A-1552-46C1-A1C8-A2179A397038) \ InprocServer32 # ThreadingModel HKLM \ Software \ Microsoft \ Windows \ CurrentVersion \ Exp lorer \ Browser Helper Objects \ (9AD7FC7F-1FE1-4414-9AC5-EC51457528E4) HKCR \ CLSID \ (9AD7FC7F-1FE1-4414-9AC5-EC51457528E4) HKCR \ CLSID \ (9AD7FC7F-1FE1-4414-9AC5-EC51457528E4) \ InprocServer32 HKCR \ CLSID \ (9AD7FC7F-1FE1-4414-9AC5-EC51457528E4) \ InprocServer32 # ThreadingModel HKLM \ Software \ Microsoft \ Windows \ CurrentVersion \ Exp lorer \ ShellExecuteHooks # (9AD7FC7F-1FE1-4414-9AC5-EC51457528E4) Software \ Microsoft \ Windows NT \ CurrentVersion \ Winlogon \ Notify \ rqRiJAst Trojan.Vundo-Variant/NextGen-Six HKLM \ Software \ Microsoft \ Windows \ CurrentVersion \ Exp lorer \ Browser Helper Objects \ (f904655c-8a31-4df9-be6d-8b5cb123d208) HKCR \ CLSID \ (F904655C-8A31-4DF9-BE6D-8B5CB123D208) HKCR \ CLSID \ (F904655C-8A31-4DF9-BE6D-8B5CB123D208) \ InprocServer32 HKCR \ CLSID \ (F904655C-8A31-4DF9-BE6D-8B5CB123D208) \ InprocServer32 # ThreadingModel C: \ WINDOWS \ system32 \ PNSWWF.DLL Trojan.Smitfraud Varijanta / IE Anti-Spyware HKLM \ Software \ Microsoft \ Internet Explorer \ Extensions \ (9034A523-D068-4BE8-A284-9DF278BE776E) Adware.Tracking Cookie C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@dynamic.media.a drevolver [2]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline @ html [2]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline @ oglašavanja [2]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline @ Chitika [2]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@server.iad.live osobi [2]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline @ linksynergy [2]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline @ questionmarket [2]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@trvlnet.adburea u [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@statse.webtrend slive [2]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline @ fastclick [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline @ specificclick [2]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@iacas.adbureau [2]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@ad.adocean [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@citi.bridgetrac k [2]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@banners.andomed ia [2]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline @ posluživanje-SYS [2]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline @ trafficmp [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@ads.addynamix [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline @ zedo [2]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@ads.pointroll [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@glb.adtechus [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline @ interclick [2]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@ehg-hyundaiusa.hitbox [2]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@media.ntsserve [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@www.shopica [2]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline @ 60960915 [2]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@bs.serving-sys [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline @ bluestreak [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline @ roiservice [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline @ superrewards [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline @ atdmt [2]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline @ trackalyzer [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline @ tacoda [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@sparknetworks.1 12.2o7 [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline @ kolektivno-media [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline @ atwola [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline @ 35668663 [2]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@web4.realtracke r [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline @ checkingsaccoun tsfree [2]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@track.bestbuy [2]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@ads.as4x.tmcs [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline @ Adbrite [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@ehg-spyderactivesportinc.hitbox [2]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline @ media6degrees [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline @ dvaput [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@edge.ru4 [2]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline @ casalemedia [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline @ prihoda [2]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@homeaway.112.2o 7 [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline @ insightexpressa i [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline @ 2o7 [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@adserver.adreac tor [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@media.mtvnservi ces [2]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline @ adinterax [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@tremor.adbureau [2]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@optimize.indiec lizati [2]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline @ valueclick [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline @ 44153975 [2]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@www.travelcount ry [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@media.adrevolve r [2]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@hearstugo.112.2 o7 [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline @ molim [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@ehg-hollywoodmedia.hitbox [2]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline @ waterfrontmedia .112.2 o7 [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@anat.tacoda [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@snapfish.112.2o 7 [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@ad.yieldmanager [2]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@ads.cnn [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@ads.bridgetrack [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline @ nextag [2]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@data.coremetric s [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline @ burstnet [2]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline @ azjmp [2]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline @ 247realmedia [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline @ tradedoubler [2]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline @ cgi-bin [2]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@ehg-dig.hitbox [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@adopt.euroclick [2]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline @ adrevolver [2]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@anad.tacoda [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline @ pro-market [2]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@viavh1com.112.2 o7 [2]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline @ adrevolver [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline @ RealMedia [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@viavh1comdev.11 2.2o7 [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@e-2dj6wdl4umcjogo.stats.esomniture [2]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@adopt.specificc lizati [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@ehg.hitbox [2]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline @ StatCounter [2]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@rm.yieldmanager [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline @ uvertira [2]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline @ revsci [2]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline @ 27467505 [2]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@extrovert.122.2 o7 [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@tracking.keywor Dmax [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline @ tribalfusion [2]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline @ hitbox [2]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@208.122.40 [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline @ Mediaplex [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@richmedia.yahoo [2]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline @ apmebf [2]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@at.atwola [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@www.calorie-count [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline @ 1071868927 [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline @ naprava [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@www.mynetfinder [2]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline @ adlegend [2]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline @ Kontera [2]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline @ backcountry [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline @ SPD0478 [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline @ moj-kalorija-counter [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@www.polygonelit e [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@mlarmani.122.2o 7 [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@ads.o2 [2]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@aerlingus.122.2 o7 [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@ads.widgetbucks [2]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@prospect.adbure au [2]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@wunderloop.zano x [2]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@tracking.fathom SEO [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline @ valeantpharmace uticals.112.2o7 [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline @ 1072676049 [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@pai.112.2o7 [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@shopping.112.2o 7 [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@ads.cheapflight s [2]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@stampscom.112.2 o7 [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline @ 27814325 [2]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@ordie.adbureau [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@www.backcountry izlaz [3]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@www.backcountry izlaz [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline @ 60960915 [3]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@ads.mediamayhem corp [2]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@counter.surfcou nters [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@msnportal.112.2 o7 [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@ad.associatedco ntent [2]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@hit.stat [2]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@e-2dj6wjnyekc5ogo.stats.esomniture [2]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline @ showit [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline @ 41586732 [2]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@tracking.foundr y42 [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@ads.scribefire [2]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline @ 1070515056 [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline @ bizrate [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@ehg-homesandland.hitbox [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@homestore.122.2 o7 [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@te.kontera [2]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@perf.overture [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@112.2o7 [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@redirect.clicks hield [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline @ hypertracker [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline @ 1069204868 [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline @ 1070848910 [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline @ joyforouryouth. 112.2o7 [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ n lifeline@sales.liveperso [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline @ print [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline @ 1070932382 [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@www.backcountry [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@www.backcountry [2]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@warnerbros.112. 2o7 [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@zbox.zanox [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline @ 1068787440 [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@ehg-officeworld.hitbox [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@ehg-warnerbrothers.hitbox [2]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline @ directtrack [2]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline @ microsoftwindow s.112.2o7 [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline @ qnsr [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline @ media303 [2]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline @ LPneimanmarcus [2]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@ehg-foxsports.hitbox [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline @ kalorija-count [2]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@bridge.admarket mjesto [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ nama lifeline@adserver.adtech [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@viacom.adbureau [2]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@healthgrades.11 2.2o7 [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@ford.112.2o7 [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline @ partner2profit [2]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline @ backcountryoutl et [2]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@viator.122.2o7 [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@www.burstnet [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@blackstone.122. 2o7 [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@ssm.directtrack [2]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline @ yadro [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline @ yieldmanager [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@ad.yoyo [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline @ mediapromoter [2]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline @ rotator [2]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline @ angleinteractiv e.directtrack [2]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@amazonbebe.122. 2o7 [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline @ clickbooth [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline @ sharewellgroup. 112.2o7 [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@ehg-guess.hitbox [2]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@ads.quixsurf [2]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline @ 1068951109 [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline @ cgi-bin [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline @ socialmedia [2]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline @ adtrafficdriver [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline @ pcvirusremover2 008 [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@login.tracking1 01 [2]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@www.burstbeacon [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline @ efashionsolutio ns.122.2o7 [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline @ polygonelite [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@www.penis.com [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@stat.dealtime [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline @ clicktorrent [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline @ 56294818 [2]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@sixapart.adbure au [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@ad1.clickhype [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@kaboose.112.2o7 [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@ehg-groupernetworks.hitbox [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@afe.specificcli ck [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline @ unaprijediti [2]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@videoegg.adbure au [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@208.122.40 [2]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline @ eyewonder [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline @ hornymatches [2]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline @ adserver [2]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@adserver.easyad [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline @ 33069911 [2]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline @ specificmedia [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline @ MO-media [2]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@test.coremetric s [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@counter.hitslin k [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@ad.zanox [2]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@ads.monster [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline @ molim [3]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@www.findgift [2]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline @ pricesexposed [2]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline @ shopica [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline @ wmvmedialease [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline @ 1052094474 [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline @ watchmyclicks [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@ads.ovguide [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline @ pucketati [2]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@ehg-advertisementbv.hitbox [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline @ quick-skener [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline @ 1066497271 [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@clickz.lonelych eatingwives [2]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline @ 76226072 [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@tracking.novem [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@viamtvcom.112.2 o7 [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@www.findit-quick [2]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline @ računa [2]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@ad.adocean [2]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@ad.yieldmanager [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@media.licenseac quisition [2]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline @ posluživanje-SYS [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline @ webstats [1]. Txt C: \ Documents and Settings \ LocalService \ Cookies \ SYSTEM @ 2o7 [1]. Txt CommonName Toolbar / Browser Helper Object HKCR \ CLSID \ (00000000-0000-0000-0000-000000000000) Trojan.MalwareWipe HKCR \ AppId \ (70F17C8C-1744-41B6-9D07-575DB448DCC5) Malware.AntiVirusGolden HKCR \ Cerberus.EngineListener HKCR \ Cerberus.EngineListener \ CLSID HKCR \ Cerberus.EngineListener \ CurVer HKCR \ Cerberus.EngineListener.1 HKCR \ Cerberus.EngineListener.1 \ CLSID HKCR \ Cerberus.Scanner HKCR \ Cerberus.Scanner \ CLSID HKCR \ Cerberus.Scanner \ CurVer HKCR \ Cerberus.Scanner.1 HKCR \ Cerberus.Scanner.1 \ CLSID HKCR \ Cerberus.ThreatCollection HKCR \ Cerberus.ThreatCollection \ CLSID HKCR \ Cerberus.ThreatCollection \ CurVer HKCR \ Cerberus.ThreatCollection.1 HKCR \ Cerberus.ThreatCollection.1 \ CLSID HKCR \ Engine.Backup HKCR \ Engine.Backup \ CLSID HKCR \ Engine.Backup \ CurVer HKCR \ Engine.Backup.1 HKCR \ Engine.Backup.1 \ CLSID HKCR \ Engine.IgnoreList HKCR \ Engine.IgnoreList \ CLSID HKCR \ Engine.IgnoreList \ CurVer HKCR \ Engine.IgnoreList.1 HKCR \ Engine.IgnoreList.1 \ CLSID HKCR \ Engine.Log HKCR \ Engine.Log \ CLSID HKCR \ Engine.Log \ CurVer HKCR \ Engine.Log.1 HKCR \ Engine.Log.1 \ CLSID HKCR \ Engine.LogRecord HKCR \ Engine.LogRecord \ CLSID HKCR \ Engine.LogRecord \ CurVer HKCR \ Engine.LogRecord.1 HKCR \ Engine.LogRecord.1 \ CLSID HKCR \ Engine.Paths HKCR \ Engine.Paths \ CLSID HKCR \ Engine.Paths \ CurVer HKCR \ Engine.Paths.1 HKCR \ Engine.Paths.1 \ CLSID HKCR \ Engine.Quarantine HKCR \ Engine.Quarantine \ CLSID HKCR \ Engine.Quarantine \ CurVer HKCR \ Engine.Quarantine.1 HKCR \ Engine.Quarantine.1 \ CLSID HKCR \ Engine.RunAs HKCR \ Engine.RunAs \ CLSID HKCR \ Engine.RunAs \ CurVer HKCR \ Engine.RunAs.1 HKCR \ Engine.RunAs.1 \ CLSID HKCR \ Engine.SearchItem HKCR \ Engine.SearchItem \ CLSID HKCR \ Engine.SearchItem \ CurVer HKCR \ Engine.SearchItem.1 HKCR \ Engine.SearchItem.1 \ CLSID HKCR \ Engine.Threat HKCR \ Engine.Threat \ CLSID HKCR \ Engine.Threat \ CurVer HKCR \ Engine.Threat.1 HKCR \ Engine.Threat.1 \ CLSID HKCR \ CLSID \ (020B1227-417D-4682-9AC3-61F43CB5B6B1) HKCR \ CLSID \ (020B1227-417D-4682-9AC3-61F43CB5B6B1) # AppID HKCR \ CLSID \ (020B1227-417D-4682-9AC3-61F43CB5B6B1) \ LocalServer32 HKCR \ CLSID \ (020B1227-417D-4682-9AC3-61F43CB5B6B1) \ LocalServer32 # ThreadingModel HKCR \ CLSID \ (020B1227-417D-4682-9AC3-61F43CB5B6B1) \ ProgID HKCR \ CLSID \ (020B1227-417D-4682-9AC3-61F43CB5B6B1) \ Programabilni HKCR \ CLSID \ (020B1227-417D-4682-9AC3-61F43CB5B6B1) \ TypeLib HKCR \ CLSID \ (020B1227-417D-4682-9AC3-61F43CB5B6B1) \ VersionIndependentProgID HKCR \ CLSID \ (125494B2-Acad-414c-98B9-452F3EF7703A) HKCR \ CLSID \ (125494B2-Acad-414c-98B9-452F3EF7703A) # AppID HKCR \ CLSID \ (125494B2-Acad-414c-98B9-452F3EF7703A) \ LocalServer32 HKCR \ CLSID \ (125494B2-Acad-414c-98B9-452F3EF7703A) \ LocalServer32 # ThreadingModel HKCR \ CLSID \ (125494B2-Acad-414c-98B9-452F3EF7703A) \ ProgID HKCR \ CLSID \ (125494B2-Acad-414c-98B9-452F3EF7703A) \ Programabilni HKCR \ CLSID \ (125494B2-Acad-414c-98B9-452F3EF7703A) \ TypeLib HKCR \ CLSID \ (125494B2-Acad-414c-98B9-452F3EF7703A) \ VersionIndependentProgID HKCR \ CLSID \ (20A3D913-30EF-4e69-B3F7-93B3F1FB9D5C) HKCR \ CLSID \ (20A3D913-30EF-4e69-B3F7-93B3F1FB9D5C) # AppID HKCR \ CLSID \ (20A3D913-30EF-4e69-B3F7-93B3F1FB9D5C) \ LocalServer32 HKCR \ CLSID \ (20A3D913-30EF-4e69-B3F7-93B3F1FB9D5C) \ LocalServer32 # ThreadingModel HKCR \ CLSID \ (20A3D913-30EF-4e69-B3F7-93B3F1FB9D5C) \ ProgID HKCR \ CLSID \ (20A3D913-30EF-4e69-B3F7-93B3F1FB9D5C) \ Programabilni HKCR \ CLSID \ (20A3D913-30EF-4e69-B3F7-93B3F1FB9D5C) \ TypeLib HKCR \ CLSID \ (20A3D913-30EF-4e69-B3F7-93B3F1FB9D5C) \ VersionIndependentProgID HKCR \ CLSID \ (3D00A39C-655B-428b-AEB2-2FBA03DCC49C) HKCR \ CLSID \ (3D00A39C-655B-428b-AEB2-2FBA03DCC49C) # AppID HKCR \ CLSID \ (3D00A39C-655B-428b-AEB2-2FBA03DCC49C) \ LocalServer32 HKCR \ CLSID \ (3D00A39C-655B-428b-AEB2-2FBA03DCC49C) \ LocalServer32 # ThreadingModel HKCR \ CLSID \ (3D00A39C-655B-428b-AEB2-2FBA03DCC49C) \ ProgID HKCR \ CLSID \ (3D00A39C-655B-428b-AEB2-2FBA03DCC49C) \ TypeLib HKCR \ CLSID \ (3D00A39C-655B-428b-AEB2-2FBA03DCC49C) \ VersionIndependentProgID HKCR \ CLSID \ (408F660A-9465-44a3-B557-8709DFD992BC) HKCR \ CLSID \ (408F660A-9465-44a3-B557-8709DFD992BC) # AppID HKCR \ CLSID \ (408F660A-9465-44a3-B557-8709DFD992BC) \ LocalServer32 HKCR \ CLSID \ (408F660A-9465-44a3-B557-8709DFD992BC) \ LocalServer32 # ThreadingModel HKCR \ CLSID \ (408F660A-9465-44a3-B557-8709DFD992BC) \ ProgID HKCR \ CLSID \ (408F660A-9465-44a3-B557-8709DFD992BC) \ TypeLib HKCR \ CLSID \ (408F660A-9465-44a3-B557-8709DFD992BC) \ VersionIndependentProgID HKCR \ CLSID \ (5F6BBD8A-18CF-4d55-8B4C-C9B4C9328DFE) HKCR \ CLSID \ (5F6BBD8A-18CF-4d55-8B4C-C9B4C9328DFE) # AppID HKCR \ CLSID \ (5F6BBD8A-18CF-4d55-8B4C-C9B4C9328DFE) \ LocalServer32 HKCR \ CLSID \ (5F6BBD8A-18CF-4d55-8B4C-C9B4C9328DFE) \ LocalServer32 # ThreadingModel HKCR \ CLSID \ (5F6BBD8A-18CF-4d55-8B4C-C9B4C9328DFE) \ ProgID HKCR \ CLSID \ (5F6BBD8A-18CF-4d55-8B4C-C9B4C9328DFE) \ TypeLib HKCR \ CLSID \ (5F6BBD8A-18CF-4d55-8B4C-C9B4C9328DFE) \ VersionIndependentProgID HKCR \ CLSID \ (8C56B6CE-C53F-44c4-9BDC-A9BC1711D05A) HKCR \ CLSID \ (8C56B6CE-C53F-44c4-9BDC-A9BC1711D05A) # AppID HKCR \ CLSID \ (8C56B6CE-C53F-44c4-9BDC-A9BC1711D05A) \ LocalServer32 HKCR \ CLSID \ (8C56B6CE-C53F-44c4-9BDC-A9BC1711D05A) \ LocalServer32 # ThreadingModel HKCR \ CLSID \ (8C56B6CE-C53F-44c4-9BDC-A9BC1711D05A) \ ProgID HKCR \ CLSID \ (8C56B6CE-C53F-44c4-9BDC-A9BC1711D05A) \ TypeLib HKCR \ CLSID \ (8C56B6CE-C53F-44c4-9BDC-A9BC1711D05A) \ VersionIndependentProgID HKCR \ CLSID \ (8EE6BF73-B370-4d13-9126-EB0071178F2E) HKCR \ CLSID \ (8EE6BF73-B370-4d13-9126-EB0071178F2E) # AppID HKCR \ CLSID \ (8EE6BF73-B370-4d13-9126-EB0071178F2E) \ LocalServer32 HKCR \ CLSID \ (8EE6BF73-B370-4d13-9126-EB0071178F2E) \ LocalServer32 # ThreadingModel HKCR \ CLSID \ (8EE6BF73-B370-4d13-9126-EB0071178F2E) \ ProgID HKCR \ CLSID \ (8EE6BF73-B370-4d13-9126-EB0071178F2E) \ TypeLib HKCR \ CLSID \ (8EE6BF73-B370-4d13-9126-EB0071178F2E) \ VersionIndependentProgID HKCR \ CLSID \ (97F56E12-C706-4aeb-9FFB-133C05EE5D38) HKCR \ CLSID \ (97F56E12-C706-4aeb-9FFB-133C05EE5D38) # AppID HKCR \ CLSID \ (97F56E12-C706-4aeb-9FFB-133C05EE5D38) \ LocalServer32 HKCR \ CLSID \ (97F56E12-C706-4aeb-9FFB-133C05EE5D38) \ LocalServer32 # ThreadingModel HKCR \ CLSID \ (97F56E12-C706-4aeb-9FFB-133C05EE5D38) \ ProgID HKCR \ CLSID \ (97F56E12-C706-4aeb-9FFB-133C05EE5D38) \ Programabilni HKCR \ CLSID \ (97F56E12-C706-4aeb-9FFB-133C05EE5D38) \ TypeLib HKCR \ CLSID \ (97F56E12-C706-4aeb-9FFB-133C05EE5D38) \ VersionIndependentProgID HKCR \ CLSID \ (9BB7E700-4E48-476d-B75C-6F47606BE988) HKCR \ CLSID \ (9BB7E700-4E48-476d-B75C-6F47606BE988) # AppID HKCR \ CLSID \ (9BB7E700-4E48-476d-B75C-6F47606BE988) \ LocalServer32 HKCR \ CLSID \ (9BB7E700-4E48-476d-B75C-6F47606BE988) \ LocalServer32 # ThreadingModel HKCR \ CLSID \ (9BB7E700-4E48-476d-B75C-6F47606BE988) \ ProgID HKCR \ CLSID \ (9BB7E700-4E48-476d-B75C-6F47606BE988) \ TypeLib HKCR \ CLSID \ (9BB7E700-4E48-476d-B75C-6F47606BE988) \ VersionIndependentProgID HKCR \ CLSID \ (CBCACA58-1AEE-4600-8CF0-E8B30BFF1535) HKCR \ CLSID \ (CBCACA58-1AEE-4600-8CF0-E8B30BFF1535) # AppID HKCR \ CLSID \ (CBCACA58-1AEE-4600-8CF0-E8B30BFF1535) \ LocalServer32 HKCR \ CLSID \ (CBCACA58-1AEE-4600-8CF0-E8B30BFF1535) \ ProgID HKCR \ CLSID \ (CBCACA58-1AEE-4600-8CF0-E8B30BFF1535) \ Programabilni HKCR \ CLSID \ (CBCACA58-1AEE-4600-8CF0-E8B30BFF1535) \ TypeLib HKCR \ CLSID \ (CBCACA58-1AEE-4600-8CF0-E8B30BFF1535) \ VersionIndependentProgID HKCR \ CLSID \ (D6D64CDF-0363-4261-B723-29A3AF365E1D) HKCR \ CLSID \ (D6D64CDF-0363-4261-B723-29A3AF365E1D) # AppID HKCR \ CLSID \ (D6D64CDF-0363-4261-B723-29A3AF365E1D) \ LocalServer32 HKCR \ CLSID \ (D6D64CDF-0363-4261-B723-29A3AF365E1D) \ LocalServer32 # ThreadingModel HKCR \ CLSID \ (D6D64CDF-0363-4261-B723-29A3AF365E1D) \ ProgID HKCR \ CLSID \ (D6D64CDF-0363-4261-B723-29A3AF365E1D) \ TypeLib HKCR \ CLSID \ (D6D64CDF-0363-4261-B723-29A3AF365E1D) \ VersionIndependentProgID HKCR \ TypeLib \ (60F94D7D-563E-4942-B5EC-2DE9C135C139) HKCR \ TypeLib \ (60F94D7D-563E-4942-B5EC-2DE9C135C139) \ 1,0 HKCR \ TypeLib \ (60F94D7D-563E-4942-B5EC-2DE9C135C139) \ 1.0 \ 0 HKCR \ TypeLib \ (60F94D7D-563E-4942-B5EC-2DE9C135C139) \ 1.0 \ 0 \ Win32 HKCR \ TypeLib \ (60F94D7D-563E-4942-B5EC-2DE9C135C139) \ 1.0 \ ZASTAVE HKCR \ TypeLib \ (60F94D7D-563E-4942-B5EC-2DE9C135C139) \ 1.0 \ HELPDIR HKCR \ Interface \ (27ED4AC2-B6D8-4079-9831-017A100B391E) HKCR \ Interface \ (27ED4AC2-B6D8-4079-9831-017A100B391E) \ ProxyStubClsid HKCR \ Interface \ (27ED4AC2-B6D8-4079-9831-017A100B391E) \ ProxyStubClsid32 HKCR \ Interface \ (27ED4AC2-B6D8-4079-9831-017A100B391E) \ TypeLib HKCR \ Interface \ (27ED4AC2-B6D8-4079-9831-017A100B391E) \ TypeLib # Version HKCR \ Interface \ (3F6D6C35-FB73-45E6-9473-BB4CC25CE019) HKCR \ Interface \ (3F6D6C35-FB73-45E6-9473-BB4CC25CE019) \ ProxyStubClsid HKCR \ Interface \ (3F6D6C35-FB73-45E6-9473-BB4CC25CE019) \ ProxyStubClsid32 HKCR \ Interface \ (3F6D6C35-FB73-45E6-9473-BB4CC25CE019) \ TypeLib HKCR \ Interface \ (3F6D6C35-FB73-45E6-9473-BB4CC25CE019) \ TypeLib # Version HKCR \ Interface \ (715D709B-2B10-42FA-A069-297D25D93601) HKCR \ Interface \ (715D709B-2B10-42FA-A069-297D25D93601) \ ProxyStubClsid HKCR \ Interface \ (715D709B-2B10-42FA-A069-297D25D93601) \ ProxyStubClsid32 HKCR \ Interface \ (715D709B-2B10-42FA-A069-297D25D93601) \ TypeLib HKCR \ Interface \ (715D709B-2B10-42FA-A069-297D25D93601) \ TypeLib # Version HKCR \ Interface \ (872C1B1E-3CF0-4D3A-95E5-A0C662D2854C) HKCR \ Interface \ (872C1B1E-3CF0-4D3A-95E5-A0C662D2854C) \ ProxyStubClsid HKCR \ Interface \ (872C1B1E-3CF0-4D3A-95E5-A0C662D2854C) \ ProxyStubClsid32 HKCR \ Interface \ (872C1B1E-3CF0-4D3A-95E5-A0C662D2854C) \ TypeLib HKCR \ Interface \ (872C1B1E-3CF0-4D3A-95E5-A0C662D2854C) \ TypeLib # Version HKCR \ Interface \ (886B1D08-B404-40F0-AA18-4E416682A2E9) HKCR \ Interface \ (886B1D08-B404-40F0-AA18-4E416682A2E9) \ ProxyStubClsid HKCR \ Interface \ (886B1D08-B404-40F0-AA18-4E416682A2E9) \ ProxyStubClsid32 HKCR \ Interface \ (886B1D08-B404-40F0-AA18-4E416682A2E9) \ TypeLib HKCR \ Interface \ (886B1D08-B404-40F0-AA18-4E416682A2E9) \ TypeLib # Version HKCR \ Interface \ (8B5F65CF-0B0A-4291-8DA2-86D7F7B0A6DB) HKCR \ Interface \ (8B5F65CF-0B0A-4291-8DA2-86D7F7B0A6DB) \ ProxyStubClsid HKCR \ Interface \ (8B5F65CF-0B0A-4291-8DA2-86D7F7B0A6DB) \ ProxyStubClsid32 HKCR \ Interface \ (8B5F65CF-0B0A-4291-8DA2-86D7F7B0A6DB) \ TypeLib HKCR \ Interface \ (8B5F65CF-0B0A-4291-8DA2-86D7F7B0A6DB) \ TypeLib # Version HKCR \ Interface \ (925B0211-A1C1-4712-8FCA-5F5B8101736D) HKCR \ Interface \ (925B0211-A1C1-4712-8FCA-5F5B8101736D) \ ProxyStubClsid HKCR \ Interface \ (925B0211-A1C1-4712-8FCA-5F5B8101736D) \ ProxyStubClsid32 HKCR \ Interface \ (925B0211-A1C1-4712-8FCA-5F5B8101736D) \ TypeLib HKCR \ Interface \ (925B0211-A1C1-4712-8FCA-5F5B8101736D) \ TypeLib # Version HKCR \ Interface \ (B01E37C4-5497-4D58-9FFD-D5653B8DC866) HKCR \ Interface \ (B01E37C4-5497-4D58-9FFD-D5653B8DC866) \ ProxyStubClsid HKCR \ Interface \ (B01E37C4-5497-4D58-9FFD-D5653B8DC866) \ ProxyStubClsid32 HKCR \ Interface \ (B01E37C4-5497-4D58-9FFD-D5653B8DC866) \ TypeLib HKCR \ Interface \ (B01E37C4-5497-4D58-9FFD-D5653B8DC866) \ TypeLib # Version HKCR \ Interface \ (CCAA201C-C48D-48A8-A1E8-846562CBF1C1) HKCR \ Interface \ (CCAA201C-C48D-48A8-A1E8-846562CBF1C1) \ ProxyStubClsid HKCR \ Interface \ (CCAA201C-C48D-48A8-A1E8-846562CBF1C1) \ ProxyStubClsid32 HKCR \ Interface \ (CCAA201C-C48D-48A8-A1E8-846562CBF1C1) \ TypeLib HKCR \ Interface \ (CCAA201C-C48D-48A8-A1E8-846562CBF1C1) \ TypeLib # Version HKCR \ Interface \ (D483521B-D5CC-43FF-A45A-9BE4A8E6606E) HKCR \ Interface \ (D483521B-D5CC-43FF-A45A-9BE4A8E6606E) \ ProxyStubClsid HKCR \ Interface \ (D483521B-D5CC-43FF-A45A-9BE4A8E6606E) \ ProxyStubClsid32 HKCR \ Interface \ (D483521B-D5CC-43FF-A45A-9BE4A8E6606E) \ TypeLib HKCR \ Interface \ (D483521B-D5CC-43FF-A45A-9BE4A8E6606E) \ TypeLib # Version HKCR \ Interface \ (ED2AFF47-B7BE-4273-A203-C796E87F72D2) HKCR \ Interface \ (ED2AFF47-B7BE-4273-A203-C796E87F72D2) \ ProxyStubClsid HKCR \ Interface \ (ED2AFF47-B7BE-4273-A203-C796E87F72D2) \ ProxyStubClsid32 HKCR \ Interface \ (ED2AFF47-B7BE-4273-A203-C796E87F72D2) \ TypeLib HKCR \ Interface \ (ED2AFF47-B7BE-4273-A203-C796E87F72D2) \ TypeLib # Version HKCR \ Interface \ (F0FA7ED9-5A0A-4374-B63E-BEBAFD52192E) HKCR \ Interface \ (F0FA7ED9-5A0A-4374-B63E-BEBAFD52192E) \ ProxyStubClsid HKCR \ Interface \ (F0FA7ED9-5A0A-4374-B63E-BEBAFD52192E) \ ProxyStubClsid32 HKCR \ Interface \ (F0FA7ED9-5A0A-4374-B63E-BEBAFD52192E) \ TypeLib HKCR \ Interface \ (F0FA7ED9-5A0A-4374-B63E-BEBAFD52192E) \ TypeLib # Version HKCR \ Interface \ (F5DEE77C-87EB-4E00-BBF9-8CBF3BDEA7AF) HKCR \ Interface \ (F5DEE77C-87EB-4E00-BBF9-8CBF3BDEA7AF) \ ProxyStubClsid HKCR \ Interface \ (F5DEE77C-87EB-4E00-BBF9-8CBF3BDEA7AF) \ ProxyStubClsid32 HKCR \ Interface \ (F5DEE77C-87EB-4E00-BBF9-8CBF3BDEA7AF) \ TypeLib HKCR \ Interface \ (F5DEE77C-87EB-4E00-BBF9-8CBF3BDEA7AF) \ TypeLib # Version HKCR \ Interface \ (FB5DDAB7-6AA5-4E97-9541-5A75ADDF4ABA) HKCR \ Interface \ (FB5DDAB7-6AA5-4E97-9541-5A75ADDF4ABA) \ ProxyStubClsid HKCR \ Interface \ (FB5DDAB7-6AA5-4E97-9541-5A75ADDF4ABA) \ ProxyStubClsid32 HKCR \ Interface \ (FB5DDAB7-6AA5-4E97-9541-5A75ADDF4ABA) \ TypeLib HKCR \ Interface \ (FB5DDAB7-6AA5-4E97-9541-5A75ADDF4ABA) \ TypeLib # Version HKCR \ Interface \ (FDDF521B-0EBE-4D15-838C-73E2D851161B) HKCR \ Interface \ (FDDF521B-0EBE-4D15-838C-73E2D851161B) \ ProxyStubClsid HKCR \ Interface \ (FDDF521B-0EBE-4D15-838C-73E2D851161B) \ ProxyStubClsid32 HKCR \ Interface \ (FDDF521B-0EBE-4D15-838C-73E2D851161B) \ TypeLib HKCR \ Interface \ (FDDF521B-0EBE-4D15-838C-73E2D851161B) \ TypeLib # Version HKCR \ Interface \ (FF609434-EB47-481B-BA0E-1D2B467629A5) HKCR \ Interface \ (FF609434-EB47-481B-BA0E-1D2B467629A5) \ ProxyStubClsid HKCR \ Interface \ (FF609434-EB47-481B-BA0E-1D2B467629A5) \ ProxyStubClsid32 HKCR \ Interface \ (FF609434-EB47-481B-BA0E-1D2B467629A5) \ TypeLib HKCR \ Interface \ (FF609434-EB47-481B-BA0E-1D2B467629A5) \ TypeLib # Version HKCR \ AppId \ Cerberus.EXE HKCR \ AppId \ Cerberus.EXE # AppID Trojan.Media-Codec C: \ Documents and Settings \ Lifeline \ favoriti \ Online sigurnost Test.url Adware.180solutions/Seekmo HKU \ S-1-5-21-4234981574-39719586-4263454222-1007 \ Software \ seekmo HKLM \ Software \ seekmo HKLM \ Software \ seekmo # CVF HKLM \ Software \ seekmo # install_embedded HKLM \ Software \ seekmo # UMT HKLM \ Software \ seekmo # duid HKLM \ Software \ seekmo # partner_id HKLM \ Software \ seekmo # product_id C: \ Program Files \ Seekmo \ seekmoau.dat C: \ Program Files \ Seekmo \ seekmo_gdf.dat C: \ Program Files \ Seekmo \ seekmo_kyf.dat C: \ Program Files \ Seekmo C: \ Documents and Settings \ All Users \ Start Menu \ Programs \ Seekmo Search Assistant \ Seekmo Ocjena Support.url C: \ Documents and Settings \ All Users \ Start Menu \ Programs \ Seekmo Search Assistant \ Seekmo.com.url C: \ Documents and Settings \ All Users \ Start Menu \ Programs \ Seekmo Search Assistant \ Uninstall Seekmo Instructions.lnk C: \ Documents and Settings \ All Users \ Start Menu \ Programs \ Seekmo Search Assistant Trojan.DNSChanger-Codec HKCR \ CLSID \ E404.e404mgr HKCR \ CLSID \ E404.e404mgr # Id Trojan.Media-Codec/V4 HKCR \ videoPl.chl HKCR \ videoPl.chl \ CLSID HKLM \ SOFTWARE \ Microsoft \ Windows \ CurrentVersion \ Uni nstall \ MultiMedia Software HKLM \ SOFTWARE \ Microsoft \ Windows \ CurrentVersion \ Uni nstall \ Software # MultiMedia ProductionEnvironment HKLM \ SOFTWARE \ Microsoft \ Windows \ CurrentVersion \ Uni nstall \ Software # MultiMedia DisplayName HKLM \ SOFTWARE \ Microsoft \ Windows \ CurrentVersion \ Uni nstall \ Software # MultiMedia UninstallString HKLM \ SOFTWARE \ Microsoft \ Windows \ CurrentVersion \ Uni nstall \ Software # MultiMedia DisplayIcon HKLM \ SOFTWARE \ Microsoft \ Windows \ CurrentVersion \ Uni nstall \ Software # MultiMedia DisplayVersion HKLM \ SOFTWARE \ Microsoft \ Windows \ CurrentVersion \ Uni nstall \ Software # MultiMedia Izdavač Rogue.AntiSpyKit HKCR \ CLSID \ (3935B537-3E6D-04ED-ABB3-ACB16A699E3B) HKCR \ CLSID \ (3935B537-3E6D-04ED-ABB3-ACB16A699E3B) \ cnreqoyLmwnuv HKCR \ CLSID \ (3935B537-3E6D-04ED-ABB3-ACB16A699E3B) \ crrmlfrwzfxhg HKCR \ CLSID \ (3935B537-3E6D-04ED-ABB3-ACB16A699E3B) \ gizbuobfa HKCR \ CLSID \ (3935B537-3E6D-04ED-ABB3-ACB16A699E3B) \ InprocServer32 HKCR \ CLSID \ (3935B537-3E6D-04ED-ABB3-ACB16A699E3B) \ KIcbv HKCR \ CLSID \ (3935B537-3E6D-04ED-ABB3-ACB16A699E3B) \ nfjRol HKCR \ CLSID \ (3935B537-3E6D-04ED-ABB3-ACB16A699E3B) \ rDkSqA Rogue.VirusHeat HKCR \ CLSID \ (E94EB13E-D78F-0857-7734-5E67A49FFFF1) HKCR \ CLSID \ (E94EB13E-D78F-0857-7734-5E67A49FFFF1) \ hwuhrcdfh HKCR \ CLSID \ (E94EB13E-D78F-0857-7734-5E67A49FFFF1) \ hxgfzhjfHrx HKCR \ CLSID \ (E94EB13E-D78F-0857-7734-5E67A49FFFF1) \ InprocServer32 HKCR \ CLSID \ (E94EB13E-D78F-0857-7734-5E67A49FFFF1) \ InprocServer32 # ThreadingModel HKCR \ CLSID \ (E94EB13E-D78F-0857-7734-5E67A49FFFF1) \ iTzlTI HKCR \ CLSID \ (E94EB13E-D78F-0857-7734-5E67A49FFFF1) \ nMnkE HKCR \ CLSID \ (E94EB13E-D78F-0857-7734-5E67A49FFFF1) \ OufPqTb HKCR \ CLSID \ (E94EB13E-D78F-0857-7734-5E67A49FFFF1) \ sBnix HKCR \ CLSID \ (E94EB13E-D78F-0857-7734-5E67A49FFFF1) \ uAEeiihPke HKCR \ TypeLib \ (CBD02E9B-37EF-96B0-47D2-3ABBB2EB92BF) HKCR \ TypeLib \ (CBD02E9B-37EF-96B0-47D2-3ABBB2EB92BF) \ 1,0 HKCR \ TypeLib \ (CBD02E9B-37EF-96B0-47D2-3ABBB2EB92BF) \ 1.0 \ 0 HKCR \ TypeLib \ (CBD02E9B-37EF-96B0-47D2-3ABBB2EB92BF) \ 1.0 \ 0 \ Win32 HKCR \ TypeLib \ (CBD02E9B-37EF-96B0-47D2-3ABBB2EB92BF) \ 1.0 \ ZASTAVE HKCR \ TypeLib \ (CBD02E9B-37EF-96B0-47D2-3ABBB2EB92BF) \ 1.0 \ HELPDIR HKCR \ Interface \ (0EC085A8-9818-43B7-B975-EC7555EDA4D2) HKCR \ Interface \ (0EC085A8-9818-43B7-B975-EC7555EDA4D2) \ ProxyStubClsid HKCR \ Interface \ (0EC085A8-9818-43B7-B975-EC7555EDA4D2) \ ProxyStubClsid32 HKCR \ Interface \ (0EC085A8-9818-43B7-B975-EC7555EDA4D2) \ TypeLib HKCR \ Interface \ (0EC085A8-9818-43B7-B975-EC7555EDA4D2) \ TypeLib # Version HKCR \ Interface \ (1A74C41C-0837-4FBE-BA50-621EB70F01CE) HKCR \ Interface \ (1A74C41C-0837-4FBE-BA50-621EB70F01CE) \ ProxyStubClsid HKCR \ Interface \ (1A74C41C-0837-4FBE-BA50-621EB70F01CE) \ ProxyStubClsid32 HKCR \ Interface \ (1A74C41C-0837-4FBE-BA50-621EB70F01CE) \ TypeLib HKCR \ sučelje \ 1A74C41C (-0837-4FBE-BA50-621EB70F01CE) \ TypeLib # Version HKCR \ Interface \ (25297614-1B76-4C2C-82C6-62738AA0E8F0) HKCR \ Interface \ (25297614-1B76-4C2C-82C6-62738AA0E8F0) \ ProxyStubClsid HKCR \ Interface \ (25297614-1B76-4C2C-82C6-62738AA0E8F0) \ ProxyStubClsid32 HKCR \ Interface \ (25297614-1B76-4C2C-82C6-62738AA0E8F0) \ TypeLib HKCR \ Interface \ (25297614-1B76-4C2C-82C6-62738AA0E8F0) \ TypeLib # Version HKCR \ Interface \ (37F89457-1208-4670-9245-58C62BD6D870) HKCR \ Interface \ (37F89457-1208-4670-9245-58C62BD6D870) \ ProxyStubClsid HKCR \ Interface \ (37F89457-1208-4670-9245-58C62BD6D870) \ ProxyStubClsid32 HKCR \ Interface \ (37F89457-1208-4670-9245-58C62BD6D870) \ TypeLib HKCR \ Interface \ (37F89457-1208-4670-9245-58C62BD6D870) \ TypeLib # Version HKCR \ Interface \ (45477032-454D-ABD0-9CE4-EA34C10322F8) HKCR \ Interface \ (45477032-454D-ABD0-9CE4-EA34C10322F8) \ ProxyStubClsid HKCR \ Interface \ (45477032-454D-ABD0-9CE4-EA34C10322F8) \ ProxyStubClsid32 HKCR \ Interface \ (45477032-454D-ABD0-9CE4-EA34C10322F8) \ TypeLib HKCR \ Interface \ (45477032-454D-ABD0-9CE4-EA34C10322F8) \ TypeLib # Version HKCR \ Interface \ (69E34747-0B27-4B30-AE20-1023BF29E246) HKCR \ Interface \ (69E34747-0B27-4B30-AE20-1023BF29E246) \ ProxyStubClsid HKCR \ Interface \ (69E34747-0B27-4B30-AE20-1023BF29E246) \ ProxyStubClsid32 HKCR \ Interface \ (69E34747-0B27-4B30-AE20-1023BF29E246) \ TypeLib HKCR \ Interface \ (69E34747-0B27-4B30-AE20-1023BF29E246) \ TypeLib # Version HKCR \ Interface \ (79BE5B3B-80B2-4B77-A042-EFC90F6E0DE7) HKCR \ Interface \ (79BE5B3B-80B2-4B77-A042-EFC90F6E0DE7) \ ProxyStubClsid HKCR \ Interface \ (79BE5B3B-80B2-4B77-A042-EFC90F6E0DE7) \ ProxyStubClsid32 HKCR \ Interface \ (79BE5B3B-80B2-4B77-A042-EFC90F6E0DE7) \ TypeLib HKCR \ Interface \ (79BE5B3B-80B2-4B77-A042-EFC90F6E0DE7) \ TypeLib # Version HKCR \ Interface \ (7C0EC6BF-81B9-4FE0-9447-4ED29A36BF5D) HKCR \ Interface \ (7C0EC6BF-81B9-4FE0-9447-4ED29A36BF5D) \ ProxyStubClsid HKCR \ Interface \ (7C0EC6BF-81B9-4FE0-9447-4ED29A36BF5D) \ ProxyStubClsid32 HKCR \ Interface \ (7C0EC6BF-81B9-4FE0-9447-4ED29A36BF5D) \ TypeLib HKCR \ Interface \ (7C0EC6BF-81B9-4FE0-9447-4ED29A36BF5D) \ TypeLib # Version HKCR \ Interface \ (7EBB34CF-1728-4136-A968-48F231DAD1B4) HKCR \ Interface \ (7EBB34CF-1728-4136-A968-48F231DAD1B4) \ ProxyStubClsid HKCR \ Interface \ (7EBB34CF-1728-4136-A968-48F231DAD1B4) \ ProxyStubClsid32 HKCR \ Interface \ (7EBB34CF-1728-4136-A968-48F231DAD1B4) \ TypeLib HKCR \ Interface \ (7EBB34CF-1728-4136-A968-48F231DAD1B4) \ TypeLib # Version HKCR \ Interface \ (88DAA291-B413-B378-4C46-3BE66F65369E) HKCR \ Interface \ (88DAA291-B413-B378-4C46-3BE66F65369E) \ ProxyStubClsid HKCR \ Interface \ (88DAA291-B413-B378-4C46-3BE66F65369E) \ ProxyStubClsid32 HKCR \ Interface \ (88DAA291-B413-B378-4C46-3BE66F65369E) \ TypeLib HKCR \ Interface \ (88DAA291-B413-B378-4C46-3BE66F65369E) \ TypeLib # Version HKCR \ Interface \ (936A2F4A-53F8-4D2F-92AA-2F9DE889841C) HKCR \ Interface \ (936A2F4A-53F8-4D2F-92AA-2F9DE889841C) \ ProxyStubClsid HKCR \ Interface \ (936A2F4A-53F8-4D2F-92AA-2F9DE889841C) \ ProxyStubClsid32 HKCR \ Interface \ (936A2F4A-53F8-4D2F-92AA-2F9DE889841C) \ TypeLib HKCR \ Interface \ (936A2F4A-53F8-4D2F-92AA-2F9DE889841C) \ TypeLib # Version HKCR \ Interface \ (AFCC3FA7-82A9-42D5-A405-78711E97A5D6) HKCR \ Interface \ (AFCC3FA7-82A9-42D5-A405-78711E97A5D6) \ ProxyStubClsid HKCR \ Interface \ (AFCC3FA7-82A9-42D5-A405-78711E97A5D6) \ ProxyStubClsid32 HKCR \ Interface \ (AFCC3FA7-82A9-42D5-A405-78711E97A5D6) \ TypeLib HKCR \ Interface \ (AFCC3FA7-82A9-42D5-A405-78711E97A5D6) \ TypeLib # Version HKCR \ Interface \ (CC05A4A3-7B28-488F-AB02-6AAEDB86ACCF) HKCR \ Interface \ (CC05A4A3-7B28-488F-AB02-6AAEDB86ACCF) \ ProxyStubClsid HKCR \ Interface \ (CC05A4A3-7B28-488F-AB02-6AAEDB86ACCF) \ ProxyStubClsid32 HKCR \ Interface \ (CC05A4A3-7B28-488F-AB02-6AAEDB86ACCF) \ TypeLib HKCR \ Interface \ (CC05A4A3-7B28-488F-AB02-6AAEDB86ACCF) \ TypeLib # Version HKCR \ Interface \ (E80114AA-6653-4952-9E97-5F1DC63BEE0F) HKCR \ Interface \ (E80114AA-6653-4952-9E97-5F1DC63BEE0F) \ ProxyStubClsid HKCR \ Interface \ (E80114AA-6653-4952-9E97-5F1DC63BEE0F) \ ProxyStubClsid32 HKCR \ Interface \ (E80114AA-6653-4952-9E97-5F1DC63BEE0F) \ TypeLib HKCR \ Interface \ (E80114AA-6653-4952-9E97-5F1DC63BEE0F) \ TypeLib # Version HKCR \ Interface \ (F9109A2A-432B-4ADD-A6FA-06BA22DCD2D9) HKCR \ Interface \ (F9109A2A-432B-4ADD-A6FA-06BA22DCD2D9) \ ProxyStubClsid HKCR \ Interface \ (F9109A2A-432B-4ADD-A6FA-06BA22DCD2D9) \ ProxyStubClsid32 HKCR \ Interface \ (F9109A2A-432B-4ADD-A6FA-06BA22DCD2D9) \ TypeLib HKCR \ Interface \ (F9109A2A-432B-4ADD-A6FA-06BA22DCD2D9) \ TypeLib # Version HKCR \ Interface \ (FCA3958A-8D38-4D14-8B81-CCD7F68A8A01) HKCR \ Interface \ (FCA3958A-8D38-4D14-8B81-CCD7F68A8A01) \ ProxyStubClsid HKCR \ Interface \ (FCA3958A-8D38-4D14-8B81-CCD7F68A8A01) \ ProxyStubClsid32 HKCR \ Interface \ (FCA3958A-8D38-4D14-8B81-CCD7F68A8A01) \ TypeLib HKCR \ Interface \ (FCA3958A-8D38-4D14-8B81-CCD7F68A8A01) \ TypeLib # Version Trojan.Media-Codec/V5 HKU \ S-1-5-21-4234981574-39719586-4263454222-1007 \ Software \ NetProject HKLM \ SOFTWARE \ Microsoft \ Windows \ CurrentVersion \ Uni nstall \ Internet Service HKLM \ SOFTWARE \ Microsoft \ Windows \ CurrentVersion \ Uni nstall \ Internet Service DisplayName # HKLM \ SOFTWARE \ Microsoft \ Windows \ CurrentVersion \ Uni nstall \ Internet Service UninstallString # HKLM \ SOFTWARE \ Microsoft \ Windows \ CurrentVersion \ Uni nstall \ Secure Pregledavanje HKLM \ SOFTWARE \ Microsoft \ Windows \ CurrentVersion \ Uni nstall \ Secure Pregledavanje # DisplayName HKLM \ SOFTWARE \ Microsoft \ Windows \ CurrentVersion \ Uni nstall \ Secure Pregledavanje # UninstallString Adware.Vundo Varijanta / rel HKLM \ SOFTWARE \ Microsoft \ FCOVM HKLM \ SOFTWARE \ Microsoft \ RemoveRP |
|
#5
27. listopada 2008, 08:59
| |||
| |||
| Zaraženo Heur.trojan.generic Molimo Pomoć Malwarebytes' Anti-zaštita od zlonamjernih programa 1,30 Database version: 1310 5/1/2600 Windows Service Pack 2 10/23/2008 12:24:55 mbam-log-2008-10-23 (12-24-55). txt Scan type: Quick Scan Objekti skenirane: 52.051 Vrijeme proteklo: 6 minute (s), 54 Drugi (a / e) Memory Processes zaraženih: 0 Memory Modules Infected: 7 Registry Keys Infected: 124 Registry Values Infected: 15 Registry Data Items zaraženih: 2 Mape zaraženih: 6 Files Infected: 56 Memory Processes zaraženih: (Nema stavki otkrivenih zlonamjernih) Memorijske module zaraženih: C: \ WINDOWS \ system32 \ lptjntqu.dll (Trojan.Vundo.H) -> Delete on reboot. C: \ WINDOWS \ system32 \ qoMghecb.dll (Trojan.Vundo.H) -> Delete on reboot. C: \ WINDOWS \ system32 \ pnswwf.dll (Trojan.Vundo) -> Delete on reboot. C: \ WINDOWS \ system32 \ rqRiJAst.dll (Trojan.Vundo.H) -> Delete on reboot. C: \ WINDOWS \ system32 \ emufbyex.dll (Trojan.Vundo) -> Delete on reboot. C: \ WINDOWS \ system32 \ dwolhm.dll (Trojan.Vundo) -> Delete on reboot. C: \ WINDOWS \ system32 \ cryptuik.dll (Trojan.Vundo.H) -> Delete on reboot. Ključevi registra zaraženih: HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Explorer \ Browser Helper Objects \ (06ef2cab-3340-4eb1-a740-c33ac922fa1f) (Trojan.Vundo.H) -> Delete on reboot. HKEY_CLASSES_ROOT \ CLSID \ (06ef2cab-3340-4eb1-a740-c33ac922fa1f) (Trojan.Vundo.H) -> Delete on reboot. HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Explorer \ Browser Helper Objects \ (9ad7fc7f-1fe1-4414-9ac5-ec51457528e4) (Trojan.Vundo.H) -> Delete on reboot. HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ Winlogon \ Notify \ rqrijast (Trojan.Vundo.H) -> Delete on reboot. HKEY_CLASSES_ROOT \ CLSID \ (9ad7fc7f-1fe1-4414-9ac5-ec51457528e4) (Trojan.Vundo.H) -> Delete on reboot. HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Explorer \ Browser Helper Objects \ (b8c54c47-9d3c-40f3-baf6-2443d2941e84) (Trojan.Vundo.H) -> Delete on reboot. HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ Winlogon \ Notify \ jvkuajdi (Trojan.Vundo.H) -> Delete on reboot. HKEY_CLASSES_ROOT \ CLSID \ (b8c54c47-9d3c-40f3-baf6-2443d2941e84) (Trojan.Vundo.H) -> Delete on reboot. HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Explorer \ Browser Helper Objects \ (c8a09740-1b82-4f12-8249-39844419ed2d) (Trojan.Vundo.H) -> u karanteni i uspješno izbrisan. HKEY_CLASSES_ROOT \ CLSID \ (c8a09740-1b82-4f12-8249-39844419ed2d) (Trojan.Vundo.H) -> u karanteni i uspješno izbrisan. HKEY_CURRENT_USER \ SOFTWARE \ Microsoft \ Windows \ Curre ntVersion \ Ext \ Stats \ (9ad7fc7f-1fe1-4414-9ac5-ec51457528e4) (Trojan.Vundo.H) -> u karanteni i uspješno izbrisan. HKEY_CURRENT_USER \ SOFTWARE \ Microsoft \ Windows \ Curre ntVersion \ Ext \ Stats \ (06ef2cab-3340-4eb1-a740-c33ac922fa1f) (Trojan.Vundo) -> u karanteni i uspješno izbrisan. HKEY_CURRENT_USER \ SOFTWARE \ Microsoft \ Windows \ Curre ntVersion \ Ext \ Stats \ (c8a09740-1b82-4f12-8249-39844419ed2d) (Trojan.Vundo) -> u karanteni i uspješno izbrisan. HKEY_CLASSES_ROOT \ cerberus.enginelistener (Rogue.Antivirus.Gold) -> karanteni i uspješno izbrisan. HKEY_CLASSES_ROOT \ cerberus.enginelistener.1 (Rogue.Antivirus.Gold) -> karanteni i uspješno izbrisan. HKEY_CLASSES_ROOT \ cerberus.scanner (Rogue.Antivirus.Gold) -> karanteni i uspješno izbrisan. HKEY_CLASSES_ROOT \ cerberus.scanner.1 (Rogue.Antivirus.Gold) -> karanteni i uspješno izbrisan. HKEY_CLASSES_ROOT \ cerberus.threatcollection (Rogue.Antivirus.Gold) -> karanteni i uspješno izbrisan. HKEY_CLASSES_ROOT \ cerberus.threatcollection.1 (Rogue.Antivirus.Gold) -> karanteni i uspješno izbrisan. HKEY_CLASSES_ROOT \ engine.backup (Rogue.Antivirus.Gold) -> karanteni i uspješno izbrisan. HKEY_CLASSES_ROOT \ engine.backup.1 (Rogue.Antivirus.Gold) -> karanteni i uspješno izbrisan. HKEY_CLASSES_ROOT \ engine.ignorelist (Rogue.Antivirus.Gold) -> karanteni i uspješno izbrisan. HKEY_CLASSES_ROOT \ engine.ignorelist.1 (Rogue.Antivirus.Gold) -> karanteni i uspješno izbrisan. HKEY_CLASSES_ROOT \ engine.log (Rogue.Antivirus.Gold) -> karanteni i uspješno izbrisan. HKEY_CLASSES_ROOT \ engine.log.1 (Rogue.Antivirus.Gold) -> karanteni i uspješno izbrisan. HKEY_CLASSES_ROOT \ engine.logrecord (Rogue.Antivirus.Gold) -> karanteni i uspješno izbrisan. HKEY_CLASSES_ROOT \ engine.logrecord.1 (Rogue.Antivirus.Gold) -> karanteni i uspješno izbrisan. HKEY_CLASSES_ROOT \ engine.paths (Rogue.Antivirus.Gold) -> karanteni i uspješno izbrisan. HKEY_CLASSES_ROOT \ engine.paths.1 (Rogue.Antivirus.Gold) -> karanteni i uspješno izbrisan. HKEY_CLASSES_ROOT \ engine.quarantine (Rogue.Antivirus.Gold) -> karanteni i uspješno izbrisan. HKEY_CLASSES_ROOT \ engine.quarantine.1 (Rogue.Antivirus.Gold) -> karanteni i uspješno izbrisan. HKEY_CLASSES_ROOT \ engine.runas (Rogue.Antivirus.Gold) -> karanteni i uspješno izbrisan. HKEY_CLASSES_ROOT \ engine.runas.1 (Rogue.Antivirus.Gold) -> karanteni i uspješno izbrisan. HKEY_CLASSES_ROOT \ engine.searchitem (Rogue.Antivirus.Gold) -> karanteni i uspješno izbrisan. HKEY_CLASSES_ROOT \ engine.searchitem.1 (Rogue.Antivirus.Gold) -> karanteni i uspješno izbrisan. HKEY_CLASSES_ROOT \ engine.threat (Rogue.Antivirus.Gold) -> karanteni i uspješno izbrisan. HKEY_CLASSES_ROOT \ engine.threat.1 (Rogue.Antivirus.Gold) -> karanteni i uspješno izbrisan. HKEY_CLASSES_ROOT \ main.bho (Trojan.BHO) -> u karanteni i uspješno izbrisan. HKEY_CLASSES_ROOT \ main.bho.1 (Trojan.BHO) -> u karanteni i uspješno izbrisan. HKEY_CLASSES_ROOT \ Interface \ (0ec085a8-9818-43b7-b975-ec7555eda4d2) (Rogue.VirusHeat) -> u karanteni i uspješno izbrisan. HKEY_CLASSES_ROOT \ Interface \ (1a74c41c-0837-4fbe-ba50-621eb70f01ce) (Rogue.VirusHeat) -> u karanteni i uspješno izbrisan. HKEY_CLASSES_ROOT \ Interface \ (25297614-1b76-4c2c-82c6-62738aa0e8f0) (Rogue.VirusHeat) -> u karanteni i uspješno izbrisan. HKEY_CLASSES_ROOT \ Interface \ (27ed4ac2-b6d8-4079-9831-017a100b391e) (Rogue.Antivirus.Gold) -> karanteni i uspješno izbrisan. HKEY_CLASSES_ROOT \ Interface \ (37f89457-1208-4670-9245-58c62bd6d870) (Rogue.VirusHeat) -> u karanteni i uspješno izbrisan. HKEY_CLASSES_ROOT \ Interface \ (3f6d6c35-fb73-45e6-9473-bb4cc25ce019) (Rogue.Antivirus.Gold) -> karanteni i uspješno izbrisan. HKEY_CLASSES_ROOT \ Interface \ (45477032-abd0-454d-9ce4-ea34c10322f8) (Rogue.VirusHeat) -> u karanteni i uspješno izbrisan. HKEY_CLASSES_ROOT \ Interface \ (69e34747-0b27-4b30-ae20-1023bf29e246) (Rogue.VirusHeat) -> u karanteni i uspješno izbrisan. HKEY_CLASSES_ROOT \ Interface \ (715d709b-42fa-2b10-a069-297d25d93601) (Rogue.Antivirus.Gold) -> karanteni i uspješno izbrisan. HKEY_CLASSES_ROOT \ Interface \ (79be5b3b-80b2-4b77-a042-efc90f6e0de7) (Rogue.VirusHeat) -> u karanteni i uspješno izbrisan. HKEY_CLASSES_ROOT \ Interface \ (7c0ec6bf-81b9-4fe0-9447-4ed29a36bf5d) (Rogue.VirusHeat) -> u karanteni i uspješno izbrisan. HKEY_CLASSES_ROOT \ Interface \ (7ebb34cf-1728-4136-a968-48f231dad1b4) (Rogue.VirusHeat) -> u karanteni i uspješno izbrisan. HKEY_CLASSES_ROOT \ Interface \ (872c1b1e-3cf0-4d3a-95e5-a0c662d2854c) (Rogue.Antivirus.Gold) -> karanteni i uspješno izbrisan. HKEY_CLASSES_ROOT \ Interface \ (886b1d08-b404-40f0-aa18-4e416682a2e9) (Rogue.Antivirus.Gold) -> karanteni i uspješno izbrisan. HKEY_CLASSES_ROOT \ Interface \ (88daa291-b413-4c46-b378-3be66f65369e) (Rogue.VirusHeat) -> u karanteni i uspješno izbrisan. HKEY_CLASSES_ROOT \ Interface \ (8b5f65cf-0b0a-4291-8da2-86d7f7b0a6db) (Rogue.Antivirus.Gold) -> karanteni i uspješno izbrisan. HKEY_CLASSES_ROOT \ Interface \ (925b0211-a1c1-4712-8fca-5f5b8101736d) (Rogue.Antivirus.Gold) -> karanteni i uspješno izbrisan. HKEY_CLASSES_ROOT \ Interface \ (936a2f4a-53f8-4d2f-92aa-2f9de889841c) (Rogue.VirusHeat) -> u karanteni i uspješno izbrisan. HKEY_CLASSES_ROOT \ Interface \ (986a8ac1-ab4d-4f41-9068-4b01c0197867) (Trojan.BHO) -> u karanteni i uspješno izbrisan. HKEY_CLASSES_ROOT \ Interface \ (afcc3fa7-82a9-42d5-a405-78711e97a5d6) (Rogue.VirusHeat) -> u karanteni i uspješno izbrisan. HKEY_CLASSES_ROOT \ Interface \ (b01e37c4-5497-4d58-9ffd-d5653b8dc866) (Rogue.Antivirus.Gold) -> karanteni i uspješno izbrisan. HKEY_CLASSES_ROOT \ Interface \ (cc05a4a3-7b28-488f-ab02-6aaedb86accf) (Rogue.VirusHeat) -> u karanteni i uspješno izbrisan. HKEY_CLASSES_ROOT \ Interface \ (ccaa201c-c48d-48a8-a1e8-846562cbf1c1) (Rogue.Antivirus.Gold) -> karanteni i uspješno izbrisan. HKEY_CLASSES_ROOT \ Interface \ (d483521b-d5cc-43ff-a45a-9be4a8e6606e) (Rogue.Antivirus.Gold) -> karanteni i uspješno izbrisan. HKEY_CLASSES_ROOT \ Interface \ (e80114aa-6653-4952-9e97-5f1dc63bee0f) (Rogue.VirusHeat) -> u karanteni i uspješno izbrisan. HKEY_CLASSES_ROOT \ Interface \ (ed2aff47-b7be-4273-a203-c796e87f72d2) (Rogue.Antivirus.Gold) -> karanteni i uspješno izbrisan. HKEY_CLASSES_ROOT \ Interface \ (f0fa7ed9-5a0a-4374-b63e-bebafd52192e) (Rogue.Antivirus.Gold) -> karanteni i uspješno izbrisan. HKEY_CLASSES_ROOT \ Interface \ (f5dee77c-87eb-4e00-bbf9-8cbf3bdea7af) (Rogue.Antivirus.Gold) -> karanteni i uspješno izbrisan. HKEY_CLASSES_ROOT \ Interface \ (f9109a2a-432b-4add-a6fa-06ba22dcd2d9) (Rogue.VirusHeat) -> u karanteni i uspješno izbrisan. HKEY_CLASSES_ROOT \ Interface \ (fb5ddab7-6aa5-4e97-9541-5a75addf4aba) (Rogue.Antivirus.Gold) -> karanteni i uspješno izbrisan. HKEY_CLASSES_ROOT \ Interface \ (fca3958a-8d38-4d14-8b81-ccd7f68a8a01) (Rogue.VirusHeat) -> u karanteni i uspješno izbrisan. HKEY_CLASSES_ROOT \ Interface \ (fddf521b-0ebe-4d15-838c-73e2d851161b) (Rogue.Antivirus.Gold) -> karanteni i uspješno izbrisan. HKEY_CLASSES_ROOT \ Interface \ (ff609434-eb47-481b-ba0e-1d2b467629a5) (Rogue.Antivirus.Gold) -> karanteni i uspješno izbrisan. HKEY_CLASSES_ROOT \ CLSID \ (6743c36c-cbfe-11db-9705-005056c00008) (Rogue.AdwareAlert) -> u karanteni i uspješno izbrisan. HKEY_CLASSES_ROOT \ CLSID \ (3935B537-3E6D-04ED-ABB3-ACB16A699E3B) (Rogue.Multiple) -> u karanteni i uspješno izbrisan. HKEY_CLASSES_ROOT \ CLSID \ (E94EB13E-D78F-0857-7734-5E67A49FFFF1) (Trojan.Zlob) -> u karanteni i uspješno izbrisan. HKEY_CLASSES_ROOT \ CLSID \ (020b1227-417d-4682-9ac3-61f43cb5b6b1) (Rogue.Antivirus.Gold) -> karanteni i uspješno izbrisan. HKEY_CLASSES_ROOT \ CLSID \ (125494b2-Acad-414c-98b9-452f3ef7703a) (Rogue.Antivirus.Gold) -> karanteni i uspješno izbrisan. HKEY_CLASSES_ROOT \ CLSID \ (20a3d913-30ef-4e69-b3f7-93b3f1fb9d5c) (Rogue.Antivirus.Gold) -> karanteni i uspješno izbrisan. HKEY_CLASSES_ROOT \ CLSID \ (3d00a39c-655b-428b-aeb2-2fba03dcc49c) (Rogue.Antivirus.Gold) -> karanteni i uspješno izbrisan. HKEY_CLASSES_ROOT \ CLSID \ (408f660a-9465-44a3-b557-8709dfd992bc) (Rogue.Antivirus.Gold) -> karanteni i uspješno izbrisan. HKEY_CLASSES_ROOT \ CLSID \ (5f6bbd8a-18cf-4d55-8b4c-c9b4c9328dfe) (Rogue.Antivirus.Gold) -> karanteni i uspješno izbrisan. HKEY_CLASSES_ROOT \ CLSID \ (8c56b6ce-c53f-44c4-9bdc-a9bc1711d05a) (Rogue.Antivirus.Gold) -> karanteni i uspješno izbrisan. HKEY_CLASSES_ROOT \ CLSID \ (8ee6bf73-b370-4d13-9126-eb0071178f2e) (Rogue.Antivirus.Gold) -> karanteni i uspješno izbrisan. HKEY_CLASSES_ROOT \ CLSID \ (97f56e12-c706-4aeb-9ffb-133c05ee5d38) (Rogue.Antivirus.Gold) -> karanteni i uspješno izbrisan. HKEY_CLASSES_ROOT \ CLSID \ (9bb7e700-4e48-476d-b75c-6f47606be988) (Rogue.Antivirus.Gold) -> karanteni i uspješno izbrisan. HKEY_CLASSES_ROOT \ CLSID \ (cbcaca58-1aee-4600-8cf0-e8b30bff1535) (Rogue.Antivirus.Gold) -> karanteni i uspješno izbrisan. HKEY_CLASSES_ROOT \ CLSID \ (d6d64cdf-0363-4261-b723-29a3af365e1d) (Rogue.Antivirus.Gold) -> karanteni i uspješno izbrisan. HKEY_CLASSES_ROOT \ Typelib \ (8e3c68cd-f500-4a2a-8cb9-132bb38c3573) (Trojan.BHO) -> u karanteni i uspješno izbrisan. HKEY_CLASSES_ROOT \ Typelib \ (60f94d7d-563e-4942-b5ec-2de9c135c139) (Rogue.Antivirus.Gold) -> karanteni i uspješno izbrisan. HKEY_CLASSES_ROOT \ Typelib \ (cbd02e9b-37ef-47d2-96b0-3abbb2eb92bf) (Rogue.VirusHeat) -> u karanteni i uspješno izbrisan. HKEY_CLASSES_ROOT \ AppID \ (a0e1054b-01ee-4d57-a059-4d99f339709f) (Trojan.BHO) -> u karanteni i uspješno izbrisan. HKEY_CLASSES_ROOT \ AppID \ (70f17c8c-1744-41b6-9d07-575db448dcc5) (Rogue.Multiple) -> karanteni i uspješno izbrisan. HKEY_CLASSES_ROOT \ Installer \ UpgradeCodes \ 7c673a5b8 71b8cd419f47dd0de5a6d18 (Rogue.AdwareAlert) -> u karanteni i uspješno izbrisan. HKEY_CURRENT_USER \ SOFTWARE \ Microsoft \ Windows \ Curre ntVersion \ Ext \ Stats \ (afd4ad01-58c1-47db-a404-fbe00a6c5486) (Trojan.BHO) -> u karanteni i uspješno izbrisan. HKEY_CURRENT_USER \ SOFTWARE \ Microsoft \ Windows \ Curre ntVersion \ Ext \ Stats \ (9034a523-d068-4be8-a284-9df278be776e) (Trojan.Zlob) -> u karanteni i uspješno izbrisan. HKEY_CURRENT_USER \ SOFTWARE \ Microsoft \ Windows \ Curre ntVersion \ Ext \ Stats \ (c2a1c5cb-c0ef-4689-9436-f62cca1c5383) (Trojan.Zlob) -> u karanteni i uspješno izbrisan. HKEY_CURRENT_USER \ SOFTWARE \ Microsoft \ Internet Explorer \ SearchScopes \ (daed9266-8c28-8b58-4c1c-5c66eff1d302) (Search.Hijack) -> u karanteni i uspješno izbrisan. HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Installer \ UpgradeCodes \ 7c673a5b871b8cd4 19f47dd0de5a6d18 (Rogue.AdwareAlert) -> u karanteni i uspješno izbrisan. HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Explorer \ ControlPanel \ Namespace \ (6743c3 6c-cbfe-11db-9705-005056c00008) (Rogue.AdwareAlert) -> u karanteni i uspješno izbrisan. HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Ext \ PreApproved \ (0ac49246-419b-4ee0-8917-8818daad6a4e) (Adware.180Solutions) -> karanteni i uspješno izbrisan. HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Ext \ PreApproved \ (99410cde-42ce-6f16-9d49-3807f78f0287) (Adware.180Solutions) -> karanteni i uspješno izbrisan. HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Ext \ PreApproved \ (f31a5d11-bf0b-4a4e-90af-274f2090aaa6) (Adware.180Solutions) -> u karanteni i uspješno izbrisan. HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Internet Explorer \ Extensions \ (9034a523-d068-4be8-a284-9df278be776e) (Trojan.Zlob) -> u karanteni i uspješno izbrisan. HKEY_LOCAL_MACHINE \ SYSTEM \ ControlSet001 \ Services \ j qvxedzb (Trojan.Vundo.H) -> Delete on reboot. HKEY_LOCAL_MACHINE \ SYSTEM \ ControlSet003 \ Services \ j qvxedzb (Trojan.Vundo.H) -> u karanteni i uspješno izbrisan. HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ servic es \ jqvxedzb (Trojan.Vundo.H) -> Delete on reboot. HKEY_CURRENT_USER \ SOFTWARE \ Microsoft \ Windows \ Curre ntVersion \ Ext \ Stats \ (b8c54c47-9d3c-40f3-baf6-2443d2941e84) (Trojan.Vundo.H) -> u karanteni i uspješno izbrisan. HKEY_CURRENT_USER \ SOFTWARE \ seekmo (Adware.Seekmo) -> u karanteni i uspješno izbrisan. HKEY_CURRENT_USER \ SOFTWARE \ AdwareAlert (Rogue.AdwareAlert) -> u karanteni i uspješno izbrisan. HKEY_CURRENT_USER \ SOFTWARE \ NetProject (Trojan.Zlob) -> u karanteni i uspješno izbrisan. HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Uninstall \ Internet Service (Trojan.Zlob) -> u karanteni i uspješno izbrisan. HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Uninstall \ Secure Pregledavanje (Trojan.Zlob) -> u karanteni i uspješno izbrisan. HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Uninstall \ web aplikacija (Trojan.Zlob) -> u karanteni i uspješno izbrisan. HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ MS Juan (Malware.Trace) -> karanteni i uspješno izbrisan. HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ contim (Trojan.Vundo) -> karanteni i uspješno izbrisan. HKEY_CURRENT_USER \ SOFTWARE \ Microsoft \ instkey (Trojan.Vundo) -> karanteni i uspješno izbrisan. HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ MS Track sustava (Trojan.Vundo) -> karanteni i uspješno izbrisan. HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ rdfa (Trojan.Vundo) -> karanteni i uspješno izbrisan. HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ FCOVM (Trojan.Vundo) -> karanteni i uspješno izbrisan. HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ RemoveRP (Trojan.Vundo) -> karanteni i uspješno izbrisan. HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Uninstall \ Multimedija Software (Trojan.Zlob) -> karanteni i uspješno izbrisan. HKEY_LOCAL_MACHINE \ SOFTWARE \ seekmo (Adware.Seekmo) -> u karanteni i uspješno izbrisan. HKEY_CLASSES_ROOT \ videoPl.chl (Trojan.Zlob) -> u karanteni i uspješno izbrisan. HKEY_CLASSES_ROOT \ AppID \ Cerberus.EXE (Rogue.Antivirus.Gold) -> karanteni i uspješno izbrisan. Registry Values zaraženih: HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Run \ b0c087c0 (Trojan.Vundo.H) -> u karanteni i uspješno izbrisan. HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Explorer \ ShellExecuteHooks \ (9ad7fc7f-1fe1-4414-9ac5-ec51457528e4) (Trojan.Vundo.H) -> Delete on reboot. HKEY_CURRENT_USER \ SOFTWARE \ Microsoft \ Internet Explorer \ Extensions \ CmdMapping \ (9034a523-d068-4be8-a284-9df278be776e) (Trojan.Zlob) -> u karanteni i uspješno izbrisan. HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Explorer \ SharedTaskScheduler \ (ee9f7cf5-cd49-4cd8-8ba6-1514e7a5c22c) (Trojan.Zlob) -> u karanteni i uspješno izbrisan. HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Explorer \ Browser Settings \ bf (Trojan.Agent) -> karanteni i uspješno izbrisan. HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Explorer \ Browser Settings \ BK (Trojan.Agent) -> karanteni i uspješno izbrisan. HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Explorer \ Browser Settings \ iu (Trojan.Agent) -> karanteni i uspješno izbrisan. HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Explorer \ Browser Settings \ mu (Trojan.Agent) -> karanteni i uspješno izbrisan. HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Installer \ Folders \ c: \ program files \ adwarealert \ (Rogue.AdwareAlert) -> u karanteni i uspješno izbrisan. HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Installer \ Folders \ c: \ program files \ adwarealert \ filterdrv \ (Rogue.AdwareAlert) -> u karanteni i uspješno izbrisan. HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Installer \ Folders \ c: \ Documents and Settings \ All Users \ start menu \ Programs \ adwarealert \ (Rogue.AdwareAlert) -> u karanteni i uspješno izbrisan. HKEY_CURRENT_USER \ SOFTWARE \ Microsoft \ Windows \ Curre ntVersion \ ADP (Rogue.Multiple) -> u karanteni i uspješno izbrisan. HKEY_CURRENT_USER \ SOFTWARE \ Microsoft \ Internet Explorer \ Novi Windows \ Dopusti \ *. securewebinfo.com (Trojan.Zlob) -> karanteni i uspješno izbrisan. HKEY_CURRENT_USER \ SOFTWARE \ Microsoft \ Internet Explorer \ Novi Windows \ Dopusti \ *. safetyincludes.com (Trojan.Zlob) -> karanteni i uspješno izbrisan. HKEY_CURRENT_USER \ SOFTWARE \ Microsoft \ Internet Explorer \ Novi Windows \ Dopusti \ *. securemanaging.com (Trojan.Zlob) -> karanteni i uspješno izbrisan. Registry Data Items zaraženih: HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ contro l \ LSA \ Notification Packages (Trojan.Vundo.H) -> Data: c: \ windows \ system32 \ qomghecb -> karanteni i uspješno izbrisan. HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ contro l \ LSA \ Authentication Packages (Trojan.Vundo) -> Data: c: \ windows \ system32 \ qomghecb -> Delete on reboot. Mape zaraženih: C: \ Program Files \ Seekmo (Adware.180Solutions) -> u karanteni i uspješno izbrisan. C: \ WINDOWS \ system32 \ AppCert (Trojan.Downloader) -> u karanteni i uspješno izbrisan. C: \ Documents and Settings \ All Users \ Start Menu \ Programs \ AdwareAlert (Rogue.AdwareAlert) -> u karanteni i uspješno izbrisan. C: \ Documents and Settings \ Lifeline \ Application Data \ AdwareAlert (Rogue.AdwareAlert) -> u karanteni i uspješno izbrisan. C: \ Documents and Settings \ Lifeline \ Application Data \ AdwareAlert \ log (Rogue.AdwareAlert) -> u karanteni i uspješno izbrisan. C: \ Documents and Settings \ Lifeline \ Application Data \ AdwareAlert \ Settings (Rogue.AdwareAlert) -> u karanteni i uspješno izbrisan. Zaražene datoteke: C: \ WINDOWS \ system32 \ qoMghecb.dll (Trojan.Vundo.H) -> Delete on reboot. C: \ WINDOWS \ system32 \ bcehgMoq.ini (Trojan.Vundo.H) -> u karanteni i uspješno izbrisan. C: \ WINDOWS \ system32 \ bcehgMoq.ini2 (Trojan.Vundo.H) -> u karanteni i uspješno izbrisan. C: \ WINDOWS \ system32 \ rqRiJAst.dll (Trojan.Vundo.H) -> Delete on reboot. C: \ WINDOWS \ system32 \ cryptuik.dll (Trojan.Vundo.H) -> Delete on reboot. C: \ WINDOWS \ system32 \ dwolhm.dll (Trojan.Vundo.H) -> Delete on reboot. C: \ WINDOWS \ system32 \ evhuoman.dll (Trojan.Vundo.H) -> u karanteni i uspješno izbrisan. C: \ WINDOWS \ system32 \ namouhve.ini (Trojan.Vundo.H) -> u karanteni i uspješno izbrisan. C: \ WINDOWS \ system32 \ lptjntqu.dll (Trojan.Vundo.H) -> Delete on reboot. C: \ WINDOWS \ system32 \ uqtnjtpl.ini (Trojan.Vundo.H) -> u karanteni i uspješno izbrisan. C: \ WINDOWS \ system32 \ pnswwf.dll (Trojan.Vundo) -> Delete on reboot. C: \ WINDOWS \ system32 \ emufbyex.dll (Trojan.Vundo) -> Delete on reboot. C: \ Program Files \ Common \ _helper.dll (Trojan.BHO) -> u karanteni i uspješno izbrisan. C: \ Windows \ Installer \ (AD4149B3-56B1-4E2A-A8A4-54FF9DE92C87) \ Icon.exe (Rogue.AdwareAlert) -> u karanteni i uspješno izbrisan. C: \ WINDOWS \ system32 \ ywpnxpys.dll (Trojan.Vundo) -> u karanteni i uspješno izbrisan. C: \ WINDOWS \ system32 \ cwokkj.dll (Trojan.Vundo) -> u karanteni i uspješno izbrisan. C: \ WINDOWS \ system32 \ cypdyp.dll (Trojan.Vundo) -> u karanteni i uspješno izbrisan. C: \ WINDOWS \ system32 \ dhebaasf.dll (Trojan.Vundo) -> u karanteni i uspješno izbrisan. C: \ WINDOWS \ system32 \ fdbgbvkj.exe (Trojan.LowZones) -> u karanteni i uspješno izbrisan. C: \ WINDOWS \ system32 \ mpasahjl.exe (Trojan.LowZones) -> u karanteni i uspješno izbrisan. C: \ WINDOWS \ system32 \ sznqnj.dll (Trojan.Vundo) -> u karanteni i uspješno izbrisan. C: \ WINDOWS \ system32 \ nuuwnrfb.exe (Trojan.LowZones) -> u karanteni i uspješno izbrisan. C: \ WINDOWS \ system32 \ opcapbye.dll (Trojan.Vundo) -> u karanteni i uspješno izbrisan. C: \ WINDOWS \ system32 \ plljru.dll (Trojan.Vundo) -> u karanteni i uspješno izbrisan. C: \ WINDOWS \ system32 \ tgycffmw.exe (Trojan.LowZones) -> u karanteni i uspješno izbrisan. C: \ WINDOWS \ system32 \ blukkoij.exe (Trojan.LowZones) -> u karanteni i uspješno izbrisan. C: \ WINDOWS \ system32 \ bxdiyfrs.dll (Trojan.Vundo) -> u karanteni i uspješno izbrisan. C: \ WINDOWS \ system32 \ ftvwbfjg.exe (Trojan.LowZones) -> u karanteni i uspješno izbrisan. C: \ WINDOWS \ system32 \ vgrksjuc.dll (Trojan.Vundo) -> u karanteni i uspješno izbrisan. C: \ WINDOWS \ system32 \ ulmxavjt.exe (Trojan.LowZones) -> u karanteni i uspješno izbrisan. C: \ Documents and Settings \ Lifeline \ Local Settings \ Temporary Internet Files \ Content.IE5 \ LMQL183J \ upd105320 [1] (Trojan.Vundo) -> u karanteni i uspješno izbrisan. C: \ Program Files \ Seekmo \ seekmoau.dat (Adware.180Solutions) -> u karanteni i uspješno izbrisan. C: \ Program Files \ Seekmo \ seekmo_gdf.dat (Adware.180Solutions) -> u karanteni i uspješno izbrisan. C: \ Program Files \ Seekmo \ seekmo_kyf.dat (Adware.180Solutions) -> u karanteni i uspješno izbrisan. C: \ WINDOWS \ system32 \ AppCert \ filter.drv (Trojan.Downloader) -> u karanteni i uspješno izbrisan. C: \ WINDOWS \ system32 \ AppCert \ options.dat (Trojan.Downloader) -> u karanteni i uspješno izbrisan. C: \ Documents and Settings \ All Users \ Start Menu \ Programs \ AdwareAlert \ AdwareAlert na Web.lnk (Rogue.AdwareAlert) -> u karanteni i uspješno izbrisan. C: \ Documents and Settings \ All Users \ Start Menu \ Programs \ AdwareAlert \ AdwareAlert.lnk (Rogue.AdwareAlert) -> u karanteni i uspješno izbrisan. C: \ Documents and Settings \ Lifeline \ Application Data \ AdwareAlert \ rs.dat (Rogue.AdwareAlert) -> u karanteni i uspješno izbrisan. C: \ Documents and Settings \ Lifeline \ Application Data \ AdwareAlert \ Zapisnik \ 2008 19 travnja - 03_00_00 AM_625.log (Rogue.AdwareAlert) -> u karanteni i uspješno izbrisan. C: \ Documents and Settings \ Lifeline \ Application Data \ AdwareAlert \ Zapisnik \ 2008 19 travnja - 03_00_01 AM_046.log (Rogue.AdwareAlert) -> u karanteni i uspješno izbrisan. C: \ Documents and Settings \ Lifeline \ Application Data \ AdwareAlert \ Zapisnik \ 2008 20 travnja - 03_00_00 AM_609.log (Rogue.AdwareAlert) -> u karanteni i uspješno izbrisan. C: \ Documents and Settings \ Lifeline \ Application Data \ AdwareAlert \ Zapisnik \ 2008 20 travnja - 03_00_01 AM_046.log (Rogue.AdwareAlert) -> u karanteni i uspješno izbrisan. C: \ Documents and Settings \ Lifeline \ Application Data \ AdwareAlert \ Zapisnik \ 2008 21 travnja - 03_00_00 AM_484.log (Rogue.AdwareAlert) -> u karanteni i uspješno izbrisan. C: \ Documents and Settings \ Lifeline \ Application Data \ AdwareAlert \ Zapisnik \ 2008 21 travnja - 03_00_01 AM_203.log (Rogue.AdwareAlert) -> u karanteni i uspješno izbrisan. C: \ Documents and Settings \ Lifeline \ Application Data \ AdwareAlert \ Zapisnik \ 2008 22 travnja - 03_00_00 AM_250.log (Rogue.AdwareAlert) -> u karanteni i uspješno izbrisan. C: \ Documents and Settings \ Lifeline \ Application Data \ AdwareAlert \ Zapisnik \ 2008 22 travnja - 03_00_00 AM_562.log (Rogue.AdwareAlert) -> u karanteni i uspješno izbrisan. C: \ Documents and Settings \ Lifeline \ Application Data \ AdwareAlert \ Zapisnik \ 2008 23 travnja - 03_00_00 AM_281.log (Rogue.AdwareAlert) -> u karanteni i uspješno izbrisan. C: \ Documents and Settings \ Lifeline \ Application Data \ AdwareAlert \ Zapisnik \ 2008 23 travnja - 03_00_00 AM_640.log (Rogue.AdwareAlert) -> u karanteni i uspješno izbrisan. C: \ Documents and Settings \ Lifeline \ Application Data \ AdwareAlert \ Zapisnik \ 2008 23 travnja - 11_06_53 AM_968.log (Rogue.AdwareAlert) -> u karanteni i uspješno izbrisan. C: \ Documents and Settings \ Lifeline \ Application Data \ AdwareAlert \ Zapisnik \ 2008 23 travnja - 11_12_02 AM_000.log (Rogue.AdwareAlert) -> u karanteni i uspješno izbrisan. C: \ Documents and Settings \ Lifeline \ Application Data \ AdwareAlert \ Settings \ ScanResults.pie (Rogue.AdwareAlert) -> u karanteni i uspješno izbrisan. C: \ Program Files \ Common \ helper.dll (Trojan.BHO) -> u karanteni i uspješno izbrisan. C: \ WINDOWS \ Tasks \ AdwareAlert Planirano Scan.job (Trojan.Downloader) -> u karanteni i uspješno izbrisan. C: \ Documents and Settings \ Lifeline \ favoriti \ Online Sigurnost Test.url (Rogue.Link) -> u karanteni i uspješno izbrisan. C: \ Documents and Settings \ All Users \ Desktop \ AdwareAlert.lnk (Rogue.AdwareAlert) -> u karanteni i uspješno izbrisan. |
|
#6
27. listopada 2008, 09:04
| |||
| |||
| Zaraženo Heur.trojan.generic Molimo Pomoć Vi ste koristeći dva AntiVirus i dva firewall (sigurnost svita). Molimo deinstalirati jedan od njih sada a zatim post svježe HijackThis log.
__________________  |
|
#7
27. listopada 2008, 09:11
| |||
| |||
| Zaraženo Heur.trojan.generic Molimo Pomoć izvor ja imati instaliran kaspersky AntiVirus i na taj način svoju vatru zid i im 'nagađanje Vatrozid za Windows je na i ja dont znati što drugi AntiVirus ja imati instaliran im ne radi ništa drugo može u biti više specifičnih? |
|
#8
27. listopada 2008, 09:17
| |||
| |||
| Zaraženo Heur.trojan.generic Molimo Pomoć Microsoft Windows Živ OneCare Također je antivirus / firewall kombinacija.
__________________ |
|
#9
29. listopad 2008, 08:01
| |||
| |||
| Zaraženo Heur.trojan.generic Molimo Pomoć u redu ja gledao ali jedna briga nije instaliran ja je to de-instalirati kad sam bio instalacija kaspersky ovdje je nova HijackThis anyway. Logfile of Trend Micro HijackThis v2.0.2 Skenirajte spremljena u 11:02:53, dana 10/29/2008 Platforma: Windows XP SP2 (Winnt 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Pokretanje procesa: C: \ WINDOWS \ System32 \ smss.exe C: \ WINDOWS \ system32 \ Winlogon.exe C: \ WINDOWS \ system32 \ services.exe C: \ WINDOWS \ system32 \ lsass.exe C: \ WINDOWS \ system32 \ Svchost.exe C: \ WINDOWS \ System32 \ Svchost.exe C: \ WINDOWS \ explorer.exe C: \ WINDOWS \ system32 \ spoolsv.exe C: \ Program Files \ Kaspersky Lab \ Kaspersky Internet Security 2009 \ avp.exe C: \ WINDOWS \ system32 \ Ctfmon.exe C: \ programa ~ 1 \ UOBIČAJENA ~ 1 \ AOL \ ACS \ AOLacsd.exe C: \ Program Files \ Kaspersky Lab \ Kaspersky Internet Security 2009 \ avp.exe C: \ Program Files \ Common Files \ Microsoft Shared \ VS7DEBUG \ MDM.EXE C: \ WINDOWS \ system32 \ nvsvc32.exe C: \ WINDOWS \ system32 \ wscntfy.exe C: \ Program Files \ Western Union \ Universal-Izdanje \ Translink.exe C: \ Program Files \ Internet Explorer \ iexplore.exe C: \ Program Files \ Mozilla Firefox \ firefox.exe C: \ Program Files \ Trend Micro \ HijackThis \ sniper.exe.exe R1 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Default_Page_URL = http://www.google.com/ig/dell?hl=en&...us&ibd=6061025 R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://www.yahoo.com/ R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://www.dell.com R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Search, Default_Page_URL = http://www.google.com/ig/dell?hl=en&...us&ibd=6061025 O2 - BHO: Yahoo! Toolbar Helper - (02478D38-C3F9-4EFB-9B51-7695ECA05670) - C: \ Program Files \ Yahoo! \ Companion \ Instalira \ cpn \ yt.dll O2 - BHO: Adobe PDF Reader Link Helper - (06849E9F-C8D7-4D59-B87D-784B7D6BE0B3) - C: \ Program Files \ Adobe \ Acrobat 7,0 \ ActiveX \ AcroIEHelper.dll O2 - BHO: SSVHelper Class - (761497BB-D6F0-462C-B6EB-D4DAF1D92D43) - C: \ Program Files \ Java \ jre1.5.0_09 \ bin \ ssv.dll O2 - BHO: Google Toolbar Helper - (AA58ED58-01DD-4d91-8333-CF10577473F7) - c: \ program files \ google \ googletoolbar3.dll O2 - BHO: Google Toolbar Notifier BHO - (AF69DE43-7D58-4638-B6FA-CE66B5AD205D) - C: \ Program Files \ Google \ GoogleToolbarNotifier \ 3.1.807.1746 \ sw g.dll O2 - BHO: CBrowserHelperObject Object - (CA6319C0-31B7-401E-A518-A07C3DB8F777) - C: \ Program Files \ BAE \ BAE.dll O3 - Toolbar: Yahoo! Toolbar - (EF99BD32-C1FB-11D2-892F-0090271D4F88) - C: \ Program Files \ Yahoo! \ Companion \ Instalira \ cpn \ yt.dll O3 - Toolbar: & Google - (2318C2B1-4965-11d4-9B18-009027A5CD4F) - c: \ program files \ google \ googletoolbar3.dll O4 - HKLM \ .. \ Run: [NvCplDaemon] RUNDLL32.EXE C: \ WINDOWS \ system32 \ NvCpl.dll, NvStartup O4 - HKLM \ .. \ Run: [QuickTime Task] "C: \ Program Files \ QuickTime \ qttask.exe"-atboottime O4 - HKLM \ .. \ Run: [AVP] "C: \ Program Files \ Kaspersky Lab \ Kaspersky Internet Security 2009 \ avp.exe" O4 - HKCU \ .. \ Run: [Ctfmon.exe] C: \ WINDOWS \ system32 \ Ctfmon.exe O8 - Extra kontekst meni stavka: Add to Banner Ad Blocker - C: \ Program Files \ Kaspersky Lab \ Kaspersky Internet Security 2009 \ ie_banner_deny.htm O8 - Extra kontekst meni stavka: E & zvezi u Microsoft Excel - res: / / C: \ programa ~ 1 \ MI1933 ~ 1 \ OFFICE11 \ EXCEL.EXE/3000 O9 - Extra button: (no name) - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Program Files \ Java \ jre1.5.0_09 \ bin \ ssv.dll O9 - Extra 'Tools' MENUITEM: Sun Java Console - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Program Files \ Java \ jre1.5.0_09 \ bin \ ssv.dll O9 - Extra button: Web statistika prometa zaštita - (1F460357-8A94-4D71-9CA3-AA4ACF32ED8E) - C: \ Program Files \ Kaspersky Lab \ Kaspersky Internet Security 2009 \ SCIEPlgn.dll O9 - Extra button: Research - (92780B25-18CC-41C8-B9BE-3C9C571A8263) - C: \ programa ~ 1 \ MI1933 ~ 1 \ OFFICE11 \ REFIEBAR.DLL O9 - Extra button: Real.com - (CD67F990-D8E9-11D2-98FE-00C0F0318AFE) - C: \ WINDOWS \ system32 \ Shdocvw.dll O9 - Extra button: Messenger - (FB5F1910-F110-11D2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe O9 - Extra 'Tools' MENUITEM: Windows Messenger - (FB5F1910-F110-11D2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe O16 - DPF: (05D44720-58E3-49E6-BDF6-D00330E511D3) (StagingUI Object) -- http://zone.msn.com/binFrameWork/v10...I.cab55579.cab O16 - DPF: (3BB54395-5982-4788-8AF4-B5388FFDD0D8) (MSN Games - Buddy Invite) -- http://zone.msn.com/BinFrameWork/v10...y.cab55579.cab O16 - DPF: (3C1F44A9-D1FD-4AA5-BC66-69816B58680C) (Printer Class) -- https: / / webcenter.ipponline.com / ippo...iptPrinter.cab O16 - DPF: (5736C456-EA94-4AAC-BB08-917ABDD035B3) (ZonePAChat Object) -- http://zone.msn.com/binframework/v10...t.cab55579.cab O16 - DPF: (6B0228D7-D6D5-4B97-82E7-79557E4314D0) (ScannerDll.CheckScanner) -- https: / / webcenter.ipponline.com / ippo...ScannerDll.CAB O16 - DPF: (B8BE5E93-A60C-4D26-A2DC-220313175592) (MSN Games - Installer) -- http://cdn2.zone.msn.com/binFramewor...o.cab56649.cab O16 - DPF: (DA2AA6CF-5C7A-4B71-BC3B-C771BB369937) (MSN Games - Game Communicator) -- http://zone.msn.com/binframework/v10...y.cab55579.cab O16 - DPF: (F773E7B2-62A9-4524-9109-87D2F0BEFAA4) (ChessControl Class) -- http://zone.msn.com/bingame/zpagames...p.cab56961.cab O18 - Filter hijack: text / html - (59610584-cc18-436f-b031-a6893781f08d) - C: \ WINDOWS \ system32 \ msziptools.dll Ø20 - AppInit_DLLs: C: \ Program ~ 1 \ Google \ GOOGLE ~ 1 \ GOEC62 ~ 1.DLL, C: \ Program ~ 1 \ KASPER ~ 1 \ KASPER ~ 1 \ mzvkbd.dll, C: \ Program ~ 1 \ KASPER ~ 1 \ KASPER ~ 1 \ mzvkbd3.dll, C: \ Program ~ 1 \ KASPER ~ 1 \ KASPE R ~ 1 \ adialhk.dll, C: \ Program ~ 1 \ KASPER ~ 1 \ KASPER ~ 1 \ kloe hk.dll dwolhm.dll O20 - Winlogon Obavijesti:! SASWinLogon - C: \ Program Files \ SUPERAntiSpyware \ SASWINLO.dll O23 - Service: AOL Povezivanje Service (ACS AOL) - America Online, Inc - C: \ programa ~ 1 \ UOBIČAJENA ~ 1 \ AOL \ ACS \ AOLacsd.exe O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C: \ Program Files \ Kaspersky Lab \ Kaspersky Internet Security 2009 \ avp.exe O23 - Service: Google Updater Service (gusvc) - Google - C: \ Program Files \ Google \ Common \ Google Updater \ GoogleUpdaterService.exe O23 - Service: OneCare Firewall (msfwsvc) - Unknown owner - C: \ Program Files \ Microsoft Windowsi Živ OneCare \ Firewall \ msfwsvc.exe (file missing) O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C: \ WINDOWS \ system32 \ nvsvc32.exe O23 - Service: OneCare AntiSpyware i AntiVirus (OneCareMP) - Unknown owner - C: \ Program Files \ Microsoft Windowsi Živ OneCare \ AntiVirus \ MsMpEng.exe (file missing) -- End of file - 6332 bytes |
|
#10
29. listopada 2008, 09:55
| |||
| |||
| Zaraženo Heur.trojan.generic Molimo Pomoć Otvori HijackThis i odaberite Da li je sustav skenirati samo. Stavite oznaku uz sljedeće stavke: (ako postoji) - O18 - Filter hijack: text / html - (59610584-cc18-436f-b031-a6893781f08d) - C: \ WINDOWS \ system32 \ msziptools.dll - O23 - Service: OneCare Firewall (msfwsvc) - Unknown owner - C: \ Program Files \ Microsoft Windowsi Živ OneCare \ Firewall \ msfwsvc.exe (file missing) - O23 - Service: OneCare AntiSpyware i AntiVirus (OneCareMP) - Unknown owner - C: \ Program Files \ Microsoft Windowsi Živ OneCare \ AntiVirus \ MsMpEng.exe (file missing) Važno: Zatvori sve prozore osim HijackThis, a zatim kliknite Fix checked. Izlaz HijackThis. ---------- Idi na Start> Run i tip Notepad.exe zatim pritisnite U redu. Kopirajte i zalijepite sljedeći tekst u box kod u novi Notepad datoteka. Code: @ ECHO OFF sc stop "msfwsvc" sc izbrisati "msfwsvc" sc stop "OneCareMP" sc izbrisati "OneCareMP" izlaz Odaberite Spremi na lokaciji biti i za Desktop Naziv datoteke: utipkajte fixme.bat da osiguraju da Spremi kao vrstu polje govori Sve datoteke. Sljedeća Dvoklik fixservice.bat da ga vode. Crna kutija bi trebalo otvoriti i zatvoriti nakon kratkog vremena, to je normalno. Nemojte se nastaviti sve dok se crna kutija je zatvorena Izbriši fixservice.bat iz Desktop. ---------- Preuzimanje OTMoveIt2 la Oldtimer i spremite je na svoje Desktop. Napomena: Ako radite na Vista, desnom tipkom miša kliknite na OTMoveIt2.exe i odabrati Pokreni kao administrator. 1. Dvokliknite OTMoveIt2.exe da ga vode. 2. Kopirajte linije u codebox ispod. Code: [ubiti istraživač] C: \ Program Files \ Microsoft Windowsi Živ OneCare EmptyTemp [start istraživač] 4. Kliknite na crvenu Moveit! gumb. 5. Kopiraj sve u prozor Stranice (u zelenoj traci) i zalijepite ga u svoj sljedeći odgovor. 6. Zatvoriti OTMoveIt2 Napomena: Ako je datoteka ili mapa se ne mogu premjestiti odmah vam svibanj biti zatraženo da ponovno pokrenuti računalo kako bi završili proces potez. Ako zamoljeni da ponovno podizanje sustava, odaberite Da. Ako ne, ponovno podizanje sustava anyway. ---------- Download ComboFix by sUBs jedan od linkova ispod. Budite sigurni da ste na vrhu u Desktop. Link # 1 Link # 2 ** Napomena: Važno je da se sprema izravno na svoj Desktop Zatvori otvoriti bilo koju web preglednicima. (Firefox, Internet Explorer, etc) prije početka ComboFix. Privremeno onemogućiti tvoj AntiVirus, A svaka protušpijunskih Zaštita u stvarnom vremenu prije obavlja scan. Kliknite ovaj link da biste vidjeli popis sigurnosne programe, koji bi trebao biti onemogućen i kako onemogućiti ih. Dvaput kliknite combofix.exe i slijedite upute. Za instalaciju sustava Windows XP Recovery Console: - Ako koristite sustav Windows XP i već nemate instaliranu konzolu za oporavak, provjerite Vašu internetsku vezu je aktivna (ako je moguće) i kliknite na Da. - Ako za neki razlog Internet nije rad klik Ne. -- Ako ne koristite Windows XP, nećete biti upozoreni. - Kada se od vas zatraži da prihvatite LUKK-klikni U redu. - Prihvatiti Microsoft EULA (Klikni Da). - Kada su rekli da RC je ispravno instaliran kliknite DA da nastavi skeniranje za štetne sadržaje. Kada završite ComboFix će proizvesti prijava za vas. Objaviti ComboFix log u sljedećem odgovoru. Važno: Ne mouseclick ComboFix's prozor dok je pokrenut. Svibanj uzrokovati da ga zatajiti. Ne zaboravite ponovo uključili vaš protuvirusni i protušpijunski ComboFix zaštita kada je završeno.
__________________ |
