MyCity » Ambulanta -> Arhiva Ambulante » Trojan-Spy.Win32.KeyLogger.aa

Trojan-Spy.Win32.KeyLogger.aa

Napisano na dan: 8.9.2008

Strana:
1
2

Trojan-Spy.Win32.KeyLogger.aa

Sledeća strana

Pagination

Odgovori

Strana:
1
2

Lucator Poslao: 08 Sep 2008 20:59 Idi na vrh
offline Lucator Novi MyCity građanin Pridružio: 08 Sep 2008 Poruke: 22	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! ime: Trojan-Spy.Win32.KeyLogger.aa Risk Level: CRITICAL Description: This Trojan Has a keyboard logging function, which is intended to steal information from users of a range of on-line payment systems. DUGMICI KEEP BLOCKING I UNBLOCK su disablead nemogu da kliknem na njih jedino mogu ENEBLE PROTECTION i onda mi otvara Windows Explorer procitajte nastavak. ovako virus mi je usao pomocu pokretanja nekog keygena. Odma mi je TASK MANAGER bio DISABLED by ADMIN. i Non-stop mi izbacuje poruku kao iz Windows Firewall da imam critical virus[You have a security problem] onda mi non stop otvara Windows Explorer da idem da skinem neke kao Anti Viruse. Znaci svakih 2 minuta..Sta da radim!? Molim vas pomagajte! HiJack sam pokrenuo on izbaci HIJack. i kaze da je HIJACK vec pokrenut a ja ga uopste nevidim?! kad uspem hijack kacim do tad POMOC!

Profil

dr_Bora Poslao: 08 Sep 2008 21:07 Idi na vrh
offline dr_Bora Anti Malware Fighter Rank 2 Pridružio: 24 Jul 2007 Poruke: 12280 Gde živiš: Höganäs, SE	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Poz... Restartuj kompjuter i nakon toga preimenuj program HijackThis.exe u TR3.exe - pokreni ga i postavi log.

Profil

Lucator Poslao: 09 Sep 2008 11:23 Idi na vrh
offline Lucator Novi MyCity građanin Pridružio: 08 Sep 2008 Poruke: 22	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 11:17:16 AM, on 9/9/2008 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Documents and Settings\All Users\Application Data\dstexyto\xgpqnsti.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\WINDOWS\Mixer.exe C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe C:\Warcraft III\w3dr.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Skype\Phone\Skype.exe C:\Program Files\MSN Messenger\MsnMsgr.Exe C:\Documents and Settings\Luka\Local Settings\Application Data\Google\Update\GoogleUpdate.exe C:\DOCUME~1\Luka\LOCALS~1\Temp\1C.tmp.exe C:\WINDOWS\system32\hcxwhaho.exe C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe C:\WINDOWS\system32\svchost.exe C:\DOCUME~1\Luka\LOCALS~1\Temp\c.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Skype\Plugin Manager\skypePM.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\Program Files\MSN Messenger\usnsvc.exe C:\Documents and Settings\Luka\Desktop\TR3.exe C:\Program Files\Mozilla Firefox\firefox.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.rs/ O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: XML module - {500BCA15-57A7-4eaf-8143-8C619470B13D} - C:\WINDOWS\system32\msxml71.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [zzzHPSETUP] G:\Setup.exe O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [w3dr.exe] C:\Warcraft III\w3dr.exe O4 - HKLM\..\Run: [CorelDRAW Graphics Suite 11b] C:\Program Files\Corel\Corel Graphics 12\Languages\EN\Programs\Registration.exe /title="CorelDRAW Graphics Suite 12" /date=092108 serial=dr12wex-1504397-kty lang=EN O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Luka\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [Somefox] C:\DOCUME~1\Luka\LOCALS~1\Temp\1C.tmp.exe O4 - HKCU\..\Run: [SetActGen] C:\WINDOWS\system32\hcxwhaho.exe O4 - HKLM\..\Policies\Explorer\Run: [bWMJPabFcz] C:\Documents and Settings\All Users\Application Data\dstexyto\xgpqnsti.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O17 - HKLM\System\CCS\Services\Tcpip\..\{0A423E88-2A39-45B1-AA36-D8DC09370514}: NameServer = 192.168.1.2,192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\..\{F2997010-C85E-4427-8EBD-3BCD6056891B}: NameServer = 192.168.1.2,192.168.1.1 O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- End of file - 6100 bytes To bi bilo sve sto mi je rekao ...sad pomoc plz..usput izbacuje mi SECURITY CENTAR poruku You have a security problem. i ja kliknem na to i on oce da skinem nesto na netu...neki antivirus. plz pomoc

Profil

dr_Bora Poslao: 09 Sep 2008 17:47 Idi na vrh
offline dr_Bora Anti Malware Fighter Rank 2 Pridružio: 24 Jul 2007 Poruke: 12280 Gde živiš: Höganäs, SE	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Pomoć stiže... Samo opušteno. Klikni desnim tasterom miša na avast! ikonicu ( ) u donjem, desnom uglu ekrana i izaberi Program settings.... U prozoru koji se otvori, pod Troubleshooting, čekiraj opciju Disable avast! self-defence i klikni OK. Takođe, klikni desnim tasterom miša na avast! ikonicu ( ) u donjem, desnom uglu ekrana i izaberi Stop OnAccess Protection. Napomena: Ne zaboravi da uključiš ove opcije po završetku čišćenja. Skini ComboFix sa jedne od sledecih adresa na Desktop: http://download.bleepingcomputer.com/sUBs/ComboFix.exe http://www.forospyware.com/sUBs/ComboFix.exe http://subs.geekstogo.com/ComboFix.exe Startuj ga i ne diraj prozor programa dok skenira. Sledi uputstva na ekranu. Kada zavrsi pojavice se log (C:\ComboFix.txt) koji ces nam ovde iskopirati.

Profil

Lucator Poslao: 09 Sep 2008 18:43 Idi na vrh
offline Lucator Novi MyCity građanin Pridružio: 08 Sep 2008 Poruke: 22	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! ComboFix 08-09-05.12 - Luka 2008-09-09 18:33:08.1 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.182 [GMT 2:00] Running from: C:\Documents and Settings\Luka\Desktop\ComboFix.exe * Created a new restore point WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !! . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . C:\Program Files\akl C:\Program Files\akl\akl.dll C:\Program Files\akl\akl.exe C:\Program Files\akl\uninstall.exe C:\Program Files\akl\unsetup.exe C:\Program Files\Inet Delivery C:\Program Files\Inet Delivery\inetdl.exe C:\Program Files\Inet Delivery\intdel.exe C:\WINDOWS\a.bat C:\WINDOWS\base64.tmp C:\WINDOWS\bdn.com C:\WINDOWS\FVProtect.exe C:\WINDOWS\iTunesMusic.exe C:\WINDOWS\mslagent C:\WINDOWS\mslagent\2_mslagent.dll C:\WINDOWS\mslagent\mslagent.exe C:\WINDOWS\mslagent\uninstall.exe C:\WINDOWS\mssecu.exe C:\WINDOWS\OPTIONS\CABS\_desktop.ini C:\WINDOWS\system32\akttzn.exe C:\WINDOWS\system32\anticipator.dll C:\WINDOWS\system32\awtoolb.dll C:\WINDOWS\system32\bdn.com C:\WINDOWS\system32\bsva-egihsg52.exe C:\WINDOWS\system32\dpcproxy.exe C:\WINDOWS\system32\emesx.dll C:\WINDOWS\system32\h@tkeysh@@k.dll C:\WINDOWS\system32\hoproxy.dll C:\WINDOWS\system32\hxiwlgpm.dat C:\WINDOWS\system32\hxiwlgpm.exe C:\WINDOWS\system32\mdm.exe C:\WINDOWS\system32\medup012.dll C:\WINDOWS\system32\medup020.dll C:\WINDOWS\system32\msgp.exe C:\WINDOWS\system32\msnbho.dll C:\WINDOWS\system32\mssecu.exe C:\WINDOWS\system32\msvchost.exe C:\WINDOWS\system32\mtr2.exe C:\WINDOWS\system32\mwin32.exe C:\WINDOWS\system32\netode.exe C:\WINDOWS\system32\newsd32.exe C:\WINDOWS\system32\ps1.exe C:\WINDOWS\system32\psof1.exe C:\WINDOWS\system32\psoft1.exe C:\WINDOWS\system32\regc64.dll C:\WINDOWS\system32\regm64.dll C:\WINDOWS\system32\Rundl1.exe C:\WINDOWS\system32\smp C:\WINDOWS\system32\smp\msrc.exe C:\WINDOWS\system32\sncntr.exe C:\WINDOWS\system32\ssurf022.dll C:\WINDOWS\system32\ssvchost.com C:\WINDOWS\system32\ssvchost.exe C:\WINDOWS\system32\sysreq.exe C:\WINDOWS\system32\taack.dat C:\WINDOWS\system32\taack.exe C:\WINDOWS\system32\temp#01.exe C:\WINDOWS\system32\thun.dll C:\WINDOWS\system32\thun32.dll C:\WINDOWS\system32\VBIEWER.OCX C:\WINDOWS\system32\vbsys2.dll C:\WINDOWS\system32\vcatchpi.dll C:\WINDOWS\system32\winlogonpc.exe C:\WINDOWS\system32\winsystem.exe C:\WINDOWS\system32\WINWGPX.EXE C:\WINDOWS\userconfig9x.dll C:\WINDOWS\winsystem.exe C:\WINDOWS\zip1.tmp C:\WINDOWS\zip2.tmp C:\WINDOWS\zip3.tmp C:\WINDOWS\zipped.tmp . ((((((((((((((((((((((((( Files Created from 2008-08-09 to 2008-09-09 ))))))))))))))))))))))))))))))) . 2008-09-09 12:04 . 2008-09-09 12:04 265,728 --a------ C:\WINDOWS\system32\MSCOMCTL.oca 2008-09-09 12:04 . 2008-09-09 12:04 64,000 --a------ C:\WINDOWS\system32\RICHTX32.oca 2008-09-08 20:03 . 2008-09-08 20:05 <DIR> d-------- C:\Program Files\SAV 2008-09-08 20:02 . 2008-09-08 20:02 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\dstexyto 2008-09-08 20:02 . 2008-09-08 20:02 81,920 --a------ C:\WINDOWS\system32\hcxwhaho.exe 2008-09-08 20:01 . 2008-09-08 20:01 113,668 --a------ C:\WINDOWS\system32\msxml71.dll 2008-09-07 03:01 . 2008-09-07 03:01 <DIR> d-------- C:\Program Files\Testovi Srpski 2008-09-06 23:30 . 2008-09-06 23:30 <DIR> d-------- C:\Documents and Settings\Luka\Application Data\Corel 2008-09-06 23:26 . 2008-09-06 23:26 <DIR> d-------- C:\Program Files\Common Files\Corel 2008-09-06 23:25 . 2008-09-06 23:25 <DIR> d-------- C:\Program Files\Corel 2008-08-27 17:26 . 2008-08-27 17:26 35,840 --a------ C:\WINDOWS\system32\COMDLG32.oca 2008-08-27 17:26 . 2008-08-27 17:27 628 --a------ C:\Breakout.dat 2008-08-23 00:57 . 2008-08-23 00:57 <DIR> d-------- C:\WINDOWS\Eurobattle.net Installer 2008-08-21 13:24 . 2008-08-21 13:24 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Adobe Systems 2008-08-20 22:15 . 2008-08-20 22:15 <DIR> d-------- C:\Program Files\Common Files\Adobe Systems Shared 2008-08-17 16:08 . 1999-12-17 10:13 86,016 --a------ C:\WINDOWS\unvise32.exe 2008-08-17 16:07 . 2008-08-17 16:07 <DIR> d-------- C:\WINDOWS\system32\Cleaner Support 2008-08-17 16:07 . 2008-08-17 16:07 <DIR> d-------- C:\Program Files\Windows Media Components 2008-08-17 16:07 . 2008-08-17 16:07 <DIR> d-------- C:\Program Files\Common Files\Vbox 2008-08-17 16:07 . 2008-08-17 16:08 <DIR> d-------- C:\Program Files\Cleaner 5 EZ 2008-08-17 16:06 . 2008-08-17 16:06 <DIR> d-------- C:\Program Files\directx 2008-08-17 16:05 . 2001-01-26 13:09 299,520 --a------ C:\WINDOWS\uninst.exe 2008-08-15 21:30 . 2008-08-15 21:58 <DIR> d-------- C:\Documents and Settings\Luka\Application Data\Dev-Cpp 2008-08-15 21:30 . 2008-09-08 12:11 <DIR> d-------- C:\Dev-Cpp 2008-08-14 21:27 . 2008-08-14 21:27 <DIR> d-------- C:\WINDOWS\Sun 2008-08-14 20:15 . 2008-08-14 20:15 63,488 --a------ C:\WINDOWS\system32\shdocvw.oca 2008-08-14 18:05 . 2008-08-18 20:56 126 --a------ C:\WINDOWS\mdm.ini 2008-08-14 17:59 . 2008-08-14 17:59 <DIR> d-------- C:\Program Files\Web Publish 2008-08-14 15:08 . 1998-06-02 12:05 103,424 --a------ C:\WINDOWS\extrac32.exe . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-09-09 16:27 --------- d-----w C:\Documents and Settings\Luka\Application Data\Skype 2008-09-09 16:25 --------- d-----w C:\Documents and Settings\Luka\Application Data\skypePM 2008-09-06 22:09 --------- d-----w C:\Documents and Settings\Luka\Application Data\BearShare 2008-09-06 21:27 --------- d--h--w C:\Program Files\InstallShield Installation Information 2008-09-06 21:26 --------- d-----w C:\Program Files\Common Files\InstallShield 2008-08-31 08:55 --------- d-----w C:\Documents and Settings\Luka\Application Data\BitTorrent 2008-08-30 13:13 --------- d-----w C:\Documents and Settings\Luka\Application Data\DNA 2008-08-30 08:13 --------- d-----w C:\Program Files\DNA 2008-08-21 11:32 --------- d-----w C:\Program Files\Common Files\Adobe 2008-08-14 18:01 --------- d-----w C:\Documents and Settings\Luka\Application Data\XnView 2008-07-28 17:08 --------- d-----w C:\Documents and Settings\Luka\Application Data\GARMIN 2008-07-27 16:18 --------- d-----w C:\Program Files\AudioConverter Studio 2008-07-27 16:15 --------- d-----w C:\Program Files\BFG 2008-07-27 16:14 --------- d-----w C:\Program Files\SpongeBob SquarePants Obstacle Odyssey 2008-07-27 16:14 --------- d-----w C:\Documents and Settings\All Users\Application Data\Trymedia 2008-07-27 16:09 --------- d-----w C:\Program Files\Xilisoft 2008-07-23 13:13 --------- d-----w C:\Documents and Settings\Luka\Application Data\Cyberlink 2008-07-22 10:56 65,344 ----a-w C:\WINDOWS\system32\drivers\snapman.sys 2008-07-22 10:56 37,888 ----a-w C:\WINDOWS\system32\setupnt.dll 2008-07-19 09:33 --------- d-----w C:\Program Files\Futuremark 2008-07-13 18:40 393 ---ha-w C:\hpothb07.dat 2008-07-13 18:38 --------- d-----w C:\Documents and Settings\Luka\Application Data\Hewlett-Packard 2008-07-13 18:35 82,380 ----a-w C:\WINDOWS\system32\drivers\AFS2K.SYS 2008-07-13 18:35 --------- d-----w C:\Program Files\Hewlett-Packard 2008-07-13 18:32 --------- d-----w C:\Documents and Settings\Luka\Application Data\Share-to-Web Upload Folder 2008-07-13 18:30 --------- d-----w C:\Program Files\Common Files\Hewlett-Packard 2008-07-12 10:04 --------- d-----w C:\Program Files\PFConfig 2008-07-11 19:39 --------- d-----w C:\Documents and Settings\Luka\Application Data\Winamp 2008-07-02 18:52 2,829 ----a-w C:\WINDOWS\War3Unin.pif 2008-07-02 18:52 139,264 ----a-w C:\WINDOWS\War3Unin.exe . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2008-04-14 15360] "Skype"="C:\Program Files\Skype\Phone\Skype.exe" [2008-05-30 21718312] "MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.Exe" [2007-01-19 5674352] "Google Update"="C:\Documents and Settings\Luka\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [2008-09-05 133104] "SetActGen"="C:\WINDOWS\system32\hcxwhaho.exe" [2008-09-08 81920] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2008-07-19 78008] "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-10-10 39792] "Share-to-Web Namespace Daemon"="C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe" [2002-04-17 69632] "w3dr.exe"="C:\Warcraft III\w3dr.exe" [2008-08-03 61440] "CorelDRAW Graphics Suite 11b"="C:\Program Files\Corel\Corel Graphics 12\Languages\EN\Programs\Registration.exe" [2003-11-25 729088] "C-Media Mixer"="Mixer.exe" [2001-12-07 C:\WINDOWS\Mixer.exe] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2008-04-14 15360] [HKEY_LOCAL_MACHINE\software\microsoft\windows\Currentversion\policies\explorer\Run] "bWMJPabFcz"="C:\Documents and Settings\All Users\Application Data\dstexyto\xgpqnsti.exe" [2008-09-08 69632] C:\Documents and Settings\Luka\Start Menu\Programs\Startup\ Adobe Gamma.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-03-16 113664] HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck] --a------ 2006-01-12 15:40 155648 C:\WINDOWS\system32\NeroCheck.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl] --a------ 2004-11-02 20:24 32768 C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [HKEY_LOCAL_MACHINE\software\microsoft\security center] "UpdatesDisableNotify"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "C:\\Program Files\\Messenger\\msmsgs.exe"= "C:\\Program Files\\Warcraft III\\w3l.exe"= "C:\\Program Files\\DNA\\btdna.exe"= "C:\\Program Files\\BitTorrent\\bittorrent.exe"= "C:\\Program Files\\MSN Messenger\\msnmsgr.exe"= "C:\\Program Files\\MSN Messenger\\livecall.exe"= "C:\\Program Files\\BearShare Applications\\BearShare\\BearShare.exe"= "C:\\Warcraft III\\Frozen Throne.exe"= "C:\\Warcraft III\\worldedit.exe"= "C:\\Warcraft III\\w3l.exe"= "C:\\Warcraft III\\war3.exe"= "C:\\Program Files\\Microsoft Visual Studio\\Common\\Tools\\VS-Ent98\\Vanalyzr\\VARPC.EXE"= "C:\\Documents and Settings\\Luka\\Desktop\\GHost 0.12beta\\LainEthLite.exe"= "C:\\Documents and Settings\\Luka\\Desktop\\GHost 0.13(0.14)beta\\LainEthLite.exe"= "C:\\Warcraft III\\euroloader.exe"= "C:\\Program Files\\Skype\\Phone\\Skype.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "6112:TCP"= 6112:TCP:luka1 "6112:UDP"= 6112:UDP:luka2 "6119:TCP"= 6119:TCP:luka3 "6119:UDP"= 6119:UDP:luka4 "3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009 "3724:TCP"= 3724:TCP:WoW "3724:UDP"= 3724:UDP:wow1 "116:TCP"= 116:TCP:luxa "118:TCP"= 118:TCP:luxa2 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings] "AllowInboundTimestampRequest"= 1 (0x1) "AllowInboundMaskRequest"= 1 (0x1) "AllowInboundRouterRequest"= 1 (0x1) "AllowOutboundDestinationUnreachable"= 1 (0x1) "AllowOutboundSourceQuench"= 1 (0x1) "AllowOutboundParameterProblem"= 1 (0x1) "AllowOutboundTimeExceeded"= 1 (0x1) "AllowRedirect"= 1 (0x1) "AllowOutboundPacketTooBig"= 1 (0x1) R1 aswSP;avast! Self Protection;C:\WINDOWS\system32\drivers\aswSP.sys [2008-07-19 78416] R2 aswFsBlk;aswFsBlk;C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-07-19 20560] S3 iadusb;MT882;C:\WINDOWS\system32\DRIVERS\glauiad.sys [2006-03-20 30336] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1be2ab70-580a-11dd-951f-0019e07323ae}] \Shell\Auto\command - Config.exe \Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Config.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{3c064384-7a54-11dd-9591-0019e07323ae}] \Shell\Auto\command - G:\Config.exe \Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Config.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c4be1000-69e0-11dd-955b-0019e07323ae}] \Shell\Auto\command - Config.exe \Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Config.exe Newly Created Service - CATCHME Newly Created Service - PROCEXP90 . Contents of the 'Scheduled Tasks' folder . - - - - ORPHANS REMOVED - - - - HKLM-Run-zzzHPSETUP - G:\Setup.exe . ------- Supplementary Scan ------- . FireFox -: Profile - C:\Documents and Settings\Luka\Application Data\Mozilla\Firefox\Profiles\t9cem2ce.default\ FireFox -: prefs.js - STARTUP.HOMEPAGE - hxxp://www.google.rs FF -: plugin - C:\Documents and Settings\Luka\Local Settings\Application Data\Google\Update\1.2.131.11\npGoogleOneClick5.dll FF -: plugin - C:\Program Files\DNA\plugins\npbtdna.dll FF -: plugin - C:\Program Files\Mozilla Firefox\plugins\npbittorrent.dll . ************************************************************************ catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, gmer.net Rootkit scan 2008-09-09 18:35:46 Windows 5.1.2600 Service Pack 3 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************ . Completion time: 2008-09-09 18:37:45 ComboFix-quarantined-files.txt 2008-09-09 16:37:39 Pre-Run: 4,651,814,912 bytes free Post-Run: 4,973,875,200 bytes free 258

Profil

dr_Bora Poslao: 09 Sep 2008 19:04 Idi na vrh
offline dr_Bora Anti Malware Fighter Rank 2 Pridružio: 24 Jul 2007 Poruke: 12280 Gde živiš: Höganäs, SE	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Otvoriti Notepad i iskopirati sledeci tekst: File:: C:\WINDOWS\system32\hcxwhaho.exe Folder:: C:\Program Files\SAV C:\Documents and Settings\All Users\Application Data\dstexyto FileLook:: C:\WINDOWS\system32\msxml71.dll C:\WINDOWS\extrac32.exe Registry:: [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SetActGen"=- [HKEY_LOCAL_MACHINE\software\microsoft\windows\Currentversion\policies\explorer\Run] "bWMJPabFcz"=- [-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1be2ab70-580a-11dd-951f-0019e07323ae}] [-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{3c064384-7a54-11dd-9591-0019e07323ae}] [-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c4be1000-69e0-11dd-955b-0019e07323ae}] Snimiti na Desktop fajl iz Notepada kao "CFScript" Prevuci snimljeni skript/tekst na ComboFix ikonicu kao na slici. Postaviti u sledecoj poruci log koji bude bio napravljen na kraju ciscenja/skeniranja.

Profil

Lucator Poslao: 09 Sep 2008 19:13 Idi na vrh
offline Lucator Novi MyCity građanin Pridružio: 08 Sep 2008 Poruke: 22	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! ComboFix 08-09-05.12 - Luka 2008-09-09 19:05:43.2 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.144 [GMT 2:00] Running from: C:\Documents and Settings\Luka\Desktop\ComboFix.exe Command switches used :: C:\Documents and Settings\Luka\Desktop\CFScript.txt * Created a new restore point WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !! . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . C:\Documents and Settings\All Users\Application Data\dstexyto C:\Documents and Settings\All Users\Application Data\dstexyto\xgpqnsti.exe C:\Program Files\SAV C:\Program Files\SAV\sav.cpl C:\Program Files\SAV\sav.ooo C:\Program Files\SAV\sav0.dat C:\Program Files\SAV\sav1.dat C:\WINDOWS\system32\hcxwhaho.exe . ((((((((((((((((((((((((( Files Created from 2008-08-09 to 2008-09-09 ))))))))))))))))))))))))))))))) . 2008-09-09 12:04 . 2008-09-09 12:04 265,728 --a------ C:\WINDOWS\system32\MSCOMCTL.oca 2008-09-09 12:04 . 2008-09-09 12:04 64,000 --a------ C:\WINDOWS\system32\RICHTX32.oca 2008-09-08 20:01 . 2008-09-08 20:01 113,668 --a------ C:\WINDOWS\system32\msxml71.dll 2008-09-07 03:01 . 2008-09-07 03:01 <DIR> d-------- C:\Program Files\Testovi Srpski 2008-09-06 23:30 . 2008-09-06 23:30 <DIR> d-------- C:\Documents and Settings\Luka\Application Data\Corel 2008-09-06 23:26 . 2008-09-06 23:26 <DIR> d-------- C:\Program Files\Common Files\Corel 2008-09-06 23:25 . 2008-09-06 23:25 <DIR> d-------- C:\Program Files\Corel 2008-08-27 17:26 . 2008-08-27 17:26 35,840 --a------ C:\WINDOWS\system32\COMDLG32.oca 2008-08-27 17:26 . 2008-08-27 17:27 628 --a------ C:\Breakout.dat 2008-08-23 00:57 . 2008-08-23 00:57 <DIR> d-------- C:\WINDOWS\Eurobattle.net Installer 2008-08-21 13:24 . 2008-08-21 13:24 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Adobe Systems 2008-08-20 22:15 . 2008-08-20 22:15 <DIR> d-------- C:\Program Files\Common Files\Adobe Systems Shared 2008-08-17 16:08 . 1999-12-17 10:13 86,016 --a------ C:\WINDOWS\unvise32.exe 2008-08-17 16:07 . 2008-08-17 16:07 <DIR> d-------- C:\WINDOWS\system32\Cleaner Support 2008-08-17 16:07 . 2008-08-17 16:07 <DIR> d-------- C:\Program Files\Windows Media Components 2008-08-17 16:07 . 2008-08-17 16:07 <DIR> d-------- C:\Program Files\Common Files\Vbox 2008-08-17 16:07 . 2008-08-17 16:08 <DIR> d-------- C:\Program Files\Cleaner 5 EZ 2008-08-17 16:06 . 2008-08-17 16:06 <DIR> d-------- C:\Program Files\directx 2008-08-17 16:05 . 2001-01-26 13:09 299,520 --a------ C:\WINDOWS\uninst.exe 2008-08-15 21:30 . 2008-08-15 21:58 <DIR> d-------- C:\Documents and Settings\Luka\Application Data\Dev-Cpp 2008-08-15 21:30 . 2008-09-08 12:11 <DIR> d-------- C:\Dev-Cpp 2008-08-14 21:27 . 2008-08-14 21:27 <DIR> d-------- C:\WINDOWS\Sun 2008-08-14 20:15 . 2008-08-14 20:15 63,488 --a------ C:\WINDOWS\system32\shdocvw.oca 2008-08-14 18:05 . 2008-08-18 20:56 126 --a------ C:\WINDOWS\mdm.ini 2008-08-14 17:59 . 2008-08-14 17:59 <DIR> d-------- C:\Program Files\Web Publish 2008-08-14 15:08 . 1998-06-02 12:05 103,424 --a------ C:\WINDOWS\extrac32.exe . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-09-09 17:07 --------- d-----w C:\Documents and Settings\Luka\Application Data\Skype 2008-09-09 16:25 --------- d-----w C:\Documents and Settings\Luka\Application Data\skypePM 2008-09-06 22:09 --------- d-----w C:\Documents and Settings\Luka\Application Data\BearShare 2008-09-06 21:27 --------- d--h--w C:\Program Files\InstallShield Installation Information 2008-09-06 21:26 --------- d-----w C:\Program Files\Common Files\InstallShield 2008-08-31 08:55 --------- d-----w C:\Documents and Settings\Luka\Application Data\BitTorrent 2008-08-30 13:13 --------- d-----w C:\Documents and Settings\Luka\Application Data\DNA 2008-08-30 08:13 --------- d-----w C:\Program Files\DNA 2008-08-21 11:32 --------- d-----w C:\Program Files\Common Files\Adobe 2008-08-14 18:01 --------- d-----w C:\Documents and Settings\Luka\Application Data\XnView 2008-07-28 17:08 --------- d-----w C:\Documents and Settings\Luka\Application Data\GARMIN 2008-07-27 16:18 --------- d-----w C:\Program Files\AudioConverter Studio 2008-07-27 16:15 --------- d-----w C:\Program Files\BFG 2008-07-27 16:14 --------- d-----w C:\Program Files\SpongeBob SquarePants Obstacle Odyssey 2008-07-27 16:14 --------- d-----w C:\Documents and Settings\All Users\Application Data\Trymedia 2008-07-27 16:09 --------- d-----w C:\Program Files\Xilisoft 2008-07-23 13:13 --------- d-----w C:\Documents and Settings\Luka\Application Data\Cyberlink 2008-07-22 10:56 65,344 ----a-w C:\WINDOWS\system32\drivers\snapman.sys 2008-07-22 10:56 37,888 ----a-w C:\WINDOWS\system32\setupnt.dll 2008-07-19 09:33 --------- d-----w C:\Program Files\Futuremark 2008-07-13 18:40 393 ---ha-w C:\hpothb07.dat 2008-07-13 18:38 --------- d-----w C:\Documents and Settings\Luka\Application Data\Hewlett-Packard 2008-07-13 18:35 82,380 ----a-w C:\WINDOWS\system32\drivers\AFS2K.SYS 2008-07-13 18:35 --------- d-----w C:\Program Files\Hewlett-Packard 2008-07-13 18:32 --------- d-----w C:\Documents and Settings\Luka\Application Data\Share-to-Web Upload Folder 2008-07-13 18:30 --------- d-----w C:\Program Files\Common Files\Hewlett-Packard 2008-07-12 10:04 --------- d-----w C:\Program Files\PFConfig 2008-07-11 19:39 --------- d-----w C:\Documents and Settings\Luka\Application Data\Winamp 2008-07-02 18:52 2,829 ----a-w C:\WINDOWS\War3Unin.pif 2008-07-02 18:52 139,264 ----a-w C:\WINDOWS\War3Unin.exe . (((((((((((((((((((((((((((((((((((((((((((( Look ))))))))))))))))))))))))))))))))))))))))))))))))))))))))) . ---- C:\WINDOWS\extrac32.exe ---- Company: Microsoft Corporation File Description: CAB File Extract Utility File Version: 4.11.0603.3 Product Name: Microsoft (R) CAB File Extract Utility Copyright: Copyright (c) Microsoft Corporation, 1994-1997 Original file name: EXTRAC32.EXE MD5: 27751f059e235b599734371eba8b50db C:\WINDOWS\system32\msxml71.dll -- Unable to find file version info. MD5: af01a61042c88821325a491d060bc9f7 ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2008-04-14 15360] "Skype"="C:\Program Files\Skype\Phone\Skype.exe" [2008-05-30 21718312] "MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.Exe" [2007-01-19 5674352] "Google Update"="C:\Documents and Settings\Luka\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [2008-09-05 133104] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2008-07-19 78008] "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-10-10 39792] "Share-to-Web Namespace Daemon"="C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe" [2002-04-17 69632] "w3dr.exe"="C:\Warcraft III\w3dr.exe" [2008-08-03 61440] "CorelDRAW Graphics Suite 11b"="C:\Program Files\Corel\Corel Graphics 12\Languages\EN\Programs\Registration.exe" [2003-11-25 729088] "C-Media Mixer"="Mixer.exe" [2001-12-07 C:\WINDOWS\Mixer.exe] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2008-04-14 15360] C:\Documents and Settings\Luka\Start Menu\Programs\Startup\ Adobe Gamma.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-03-16 113664] HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck] --a------ 2006-01-12 15:40 155648 C:\WINDOWS\system32\NeroCheck.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl] --a------ 2004-11-02 20:24 32768 C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [HKEY_LOCAL_MACHINE\software\microsoft\security center] "UpdatesDisableNotify"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "C:\\Program Files\\Messenger\\msmsgs.exe"= "C:\\Program Files\\Warcraft III\\w3l.exe"= "C:\\Program Files\\DNA\\btdna.exe"= "C:\\Program Files\\BitTorrent\\bittorrent.exe"= "C:\\Program Files\\MSN Messenger\\msnmsgr.exe"= "C:\\Program Files\\MSN Messenger\\livecall.exe"= "C:\\Program Files\\BearShare Applications\\BearShare\\BearShare.exe"= "C:\\Warcraft III\\Frozen Throne.exe"= "C:\\Warcraft III\\worldedit.exe"= "C:\\Warcraft III\\w3l.exe"= "C:\\Warcraft III\\war3.exe"= "C:\\Program Files\\Microsoft Visual Studio\\Common\\Tools\\VS-Ent98\\Vanalyzr\\VARPC.EXE"= "C:\\Documents and Settings\\Luka\\Desktop\\GHost 0.12beta\\LainEthLite.exe"= "C:\\Documents and Settings\\Luka\\Desktop\\GHost 0.13(0.14)beta\\LainEthLite.exe"= "C:\\Warcraft III\\euroloader.exe"= "C:\\Program Files\\Skype\\Phone\\Skype.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "6112:TCP"= 6112:TCP:luka1 "6112:UDP"= 6112:UDP:luka2 "6119:TCP"= 6119:TCP:luka3 "6119:UDP"= 6119:UDP:luka4 "3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009 "3724:TCP"= 3724:TCP:WoW "3724:UDP"= 3724:UDP:wow1 "116:TCP"= 116:TCP:luxa "118:TCP"= 118:TCP:luxa2 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings] "AllowInboundTimestampRequest"= 1 (0x1) "AllowInboundMaskRequest"= 1 (0x1) "AllowInboundRouterRequest"= 1 (0x1) "AllowOutboundDestinationUnreachable"= 1 (0x1) "AllowOutboundSourceQuench"= 1 (0x1) "AllowOutboundParameterProblem"= 1 (0x1) "AllowOutboundTimeExceeded"= 1 (0x1) "AllowRedirect"= 1 (0x1) "AllowOutboundPacketTooBig"= 1 (0x1) R1 aswSP;avast! Self Protection;C:\WINDOWS\system32\drivers\aswSP.sys [2008-07-19 78416] R2 aswFsBlk;aswFsBlk;C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-07-19 20560] S3 iadusb;MT882;C:\WINDOWS\system32\DRIVERS\glauiad.sys [2006-03-20 30336] Newly Created Service - CATCHME Newly Created Service - PROCEXP90 . Contents of the 'Scheduled Tasks' folder . ************************************************************************ catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, gmer.net Rootkit scan 2008-09-09 19:07:22 Windows 5.1.2600 Service Pack 3 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************ . Completion time: 2008-09-09 19:09:05 ComboFix-quarantined-files.txt 2008-09-09 17:08:38 ComboFix2.txt 2008-09-09 16:37:47 Pre-Run: 5,447,208,960 bytes free Post-Run: 5,617,299,456 bytes free 183

Profil

dr_Bora Poslao: 09 Sep 2008 21:36 Idi na vrh
offline dr_Bora Anti Malware Fighter Rank 2 Pridružio: 24 Jul 2007 Poruke: 12280 Gde živiš: Höganäs, SE	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Upload-uj sledeći file na proveru: C:\WINDOWS\system32\msxml71.dll Upload link: http://www.mycity.rs/ambulanta-upload.php

Profil

Lucator Poslao: 10 Sep 2008 10:10 Idi na vrh
offline Lucator Novi MyCity građanin Pridružio: 08 Sep 2008 Poruke: 22	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Citat:Vas fajl je uspesno uploadovan. Molimo Vas da u temi u kojoj je od Vas zahtevano da uploadujete fajl, obavestite lice koje Vam pomaze da ste to uspesno uradili. Hvala Vam. evo zavrsio sam

Profil

dr_Bora Poslao: 10 Sep 2008 17:00 Idi na vrh
offline dr_Bora Anti Malware Fighter Rank 2 Pridružio: 24 Jul 2007 Poruke: 12280 Gde živiš: Höganäs, SE	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Obriši file: C:\WINDOWS\system32\msxml71.dll Kakvo je sada stanje?

Profil

MyCity » Ambulanta -> Arhiva Ambulante » Trojan-Spy.Win32.KeyLogger.aa

Ko je trenutno na forumu

Ukupno su 1040 korisnika na forumu :: 35 registrovanih, 4 sakrivenih i 1001 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: 357magnum, A.R.Chafee.Jr., Albin0, bolenbgd, Boris BM, cenejac111, crnitrn, darkangel, djboj, draganca, FileFinder, ivica976, JOntra, Kibice, Kubovac, Mercury, Milometer, mkukoleca, moldway, nenad81, nenaddz, Panter, panzerwaffe, Parker, Primus17, raketaš, repac, skvara, sombrero, sosko, srbijaiznadsvega, stegonosa, Tas011, Vlada78, Yellow Pinky

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by