MyCity » Ambulanta -> Arhiva Ambulante » hijack this log-provera

hijack this log-provera

Napisano na dan: 26.4.2009

hijack this log-provera

Sledeća strana

Pagination

Odgovori

iamrmot Poslao: 26 Apr 2009 23:15 Idi na vrh
offline iamrmot Novi MyCity građanin Pridružio: 26 Apr 2009 Poruke: 13	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! poz, danas sam se vratio kuci i zatekao sam zabranu acounta na wow-u, od tri sata, a nije me bilo kuci 7 dana, niko drugi ne zna moju sufru, molim da mi pomognete, hvala... Logfile of HijackThis v1.97.7 Scan saved at 23:15:13, on 26.4.2009 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\RUNDLL32.EXE C:\WINDOWS\RTHDCPL.EXE C:\Program Files\Google\Google Talk\googletalk.exe C:\Program Files\ESET\ESET Smart Security\egui.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\WINDOWS\system32\ctfmon.exe C:\Documents and Settings\patar\Local Settings\Application Data\Google\Update\GoogleUpdate.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\DAEMON Tools Lite\daemon.exe C:\Program Files\Skype\Phone\Skype.exe C:\Program Files\ESET\ESET Smart Security\ekrn.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\IoctlSvc.exe C:\WINDOWS\system32\PnkBstrA.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Skype\Plugin Manager\skypePM.exe C:\Program Files\uTorrent\uTorrent.exe C:\WINDOWS\system32\rundll32.exe C:\Documents and Settings\patar\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\patar\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\patar\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\patar\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe C:\Documents and Settings\patar\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\patar\Local Settings\Application Data\Google\Chrome\Application\chrome.exe D:\load\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = runonce.msn.com/?v=msgrv75 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = yahoo.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = yahoo.com R1 - HKCU\Software\Microsoft\Internet Connection Wizard,Shellnext = yahoo.com/ R3 - URLSearchHook: Winamp Search Class - {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_6_0_1.dll O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll O2 - BHO: (no name) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll O2 - BHO: (no name) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll O2 - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: &Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_6_0_1.dll O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [googletalk] C:\Program Files\Google\Google Talk\googletalk.exe /autostart O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\patar\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] c:\windows\system32\macromed\flash\NPSWF32_FlashUtil.exe -p O8 - Extra context menu item: &Winamp Search - C:\Documents and Settings\All Users.WINDOWS\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: Send to OneNote (HKLM) O9 - Extra 'Tools' menuitem: S&end to OneNote (HKLM) O9 - Extra button: Research (HKLM) O9 - Extra button: Messenger (HKLM) O9 - Extra 'Tools' menuitem: Windows Messenger (HKLM) O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab

Profil

dr_Bora Poslao: 26 Apr 2009 23:27 Idi na vrh
offline dr_Bora Anti Malware Fighter Rank 2 Pridružio: 24 Jul 2007 Poruke: 12280 Gde živiš: Höganäs, SE	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Pozdrav... Zamolio bih te da doslovce ispratiš uputstvo za otvaranje teme: http://www.mycity.rs/Ambulanta/Kako-otvoriti-temu-u-Ambulanti.html

Profil

iamrmot Poslao: 26 Apr 2009 23:44 Idi na vrh
offline iamrmot Novi MyCity građanin Pridružio: 26 Apr 2009 Poruke: 13	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! ja se nadam da sam sad uradio kako treba, uprincipu sve sam ispratio sto je tamo pisalo... hvala na prvobitnom obavestenju..Logfile of HijackThis v1.97.7 Scan saved at 23:43:36, on 26.4.2009 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\RUNDLL32.EXE C:\WINDOWS\RTHDCPL.EXE C:\Program Files\Google\Google Talk\googletalk.exe C:\Program Files\ESET\ESET Smart Security\egui.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\WINDOWS\system32\ctfmon.exe C:\Documents and Settings\patar\Local Settings\Application Data\Google\Update\GoogleUpdate.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\DAEMON Tools Lite\daemon.exe C:\Program Files\Skype\Phone\Skype.exe C:\Program Files\ESET\ESET Smart Security\ekrn.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\IoctlSvc.exe C:\WINDOWS\system32\PnkBstrA.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Skype\Plugin Manager\skypePM.exe C:\Program Files\uTorrent\uTorrent.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe C:\Documents and Settings\patar\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\patar\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\patar\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\patar\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\WINDOWS\system32\NOTEPAD.EXE C:\Documents and Settings\patar\Desktop\Logs\tr3.exe.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = runonce.msn.com/?v=msgrv75 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = yahoo.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = yahoo.com R1 - HKCU\Software\Microsoft\Internet Connection Wizard,Shellnext = yahoo.com/ R3 - URLSearchHook: Winamp Search Class - {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_6_0_1.dll O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll O2 - BHO: (no name) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll O2 - BHO: (no name) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll O2 - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: &Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_6_0_1.dll O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [googletalk] C:\Program Files\Google\Google Talk\googletalk.exe /autostart O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\patar\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] c:\windows\system32\macromed\flash\NPSWF32_FlashUtil.exe -p O8 - Extra context menu item: &Winamp Search - C:\Documents and Settings\All Users.WINDOWS\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: Send to OneNote (HKLM) O9 - Extra 'Tools' menuitem: S&end to OneNote (HKLM) O9 - Extra button: Research (HKLM) O9 - Extra button: Messenger (HKLM) O9 - Extra 'Tools' menuitem: Windows Messenger (HKLM) O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab

Profil

dr_Bora Poslao: 27 Apr 2009 16:47 Idi na vrh
offline dr_Bora Anti Malware Fighter Rank 2 Pridružio: 24 Jul 2007 Poruke: 12280 Gde živiš: Höganäs, SE	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! U temi je dat link sa koga treba da se preuzme program HijackThis. To što ti koristiš je prastara verzija koja je meni pokazala... Ništa. No... Da ne gubimo vreme. Pažljivo isprati sledeće uputstvo. Pokreni ESET Smart Security/ESET NOD32 na sledeci nacin : Start>All Programs>ESET>ESET Smart Security ili pak ESET NOD32 Antivirus(ukoliko koristis samo Antivirus resenje). * Kada ti se otvori glavni prozor programa, klikni na Setup opciju sa leve strane prozora; * Izaberi Antivirus and antispyware opciju i klikni na Temporarily disable Antivirus and antispyware protection. * Na sledece pitanje klikni Yes. Isključi MBAM Protection (desnim klikom na ikonicu u tray-u i izborom odgovarajuće opcije). Skini ComboFix sa jedne od sledecih adresa na Desktop: http://download.bleepingcomputer.com/sUBs/ComboFix.exe http://www.forospyware.com/sUBs/ComboFix.exe http://subs.geekstogo.com/ComboFix.exe Startuj ga i ne diraj prozor programa dok skenira. Sledi uputstva na ekranu. Kada zavrsi pojavice se log (C:\ComboFix.txt) koji ces nam ovde iskopirati.

Profil

iamrmot Poslao: 27 Apr 2009 17:59 Idi na vrh
offline iamrmot Novi MyCity građanin Pridružio: 26 Apr 2009 Poruke: 13	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 17:43:08, on 27.4.2009 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\RUNDLL32.EXE C:\WINDOWS\RTHDCPL.EXE C:\Program Files\Google\Google Talk\googletalk.exe C:\Program Files\ESET\ESET Smart Security\egui.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\WINDOWS\system32\ctfmon.exe C:\Documents and Settings\patar\Local Settings\Application Data\Google\Update\GoogleUpdate.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\DAEMON Tools Lite\daemon.exe C:\Program Files\Skype\Phone\Skype.exe C:\Program Files\ESET\ESET Smart Security\ekrn.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\IoctlSvc.exe C:\WINDOWS\system32\PnkBstrA.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Skype\Plugin Manager\skypePM.exe C:\Program Files\uTorrent\uTorrent.exe C:\Documents and Settings\patar\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\patar\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\patar\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\patar\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\patar\Local Settings\Application Data\Google\Chrome\Application\chrome.exe D:\load\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = runonce.msn.com/?v=msgrv75 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = yahoo.com R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = yahoo.com R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = yahoo.com/ R3 - URLSearchHook: Winamp Search Class - {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_6_0_1.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: &Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_6_0_1.dll O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [googletalk] C:\Program Files\Google\Google Talk\googletalk.exe /autostart O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\patar\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] c:\windows\system32\macromed\flash\NPSWF32_FlashUtil.exe -p O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O8 - Extra context menu item: &Winamp Search - C:\Documents and Settings\All Users.WINDOWS\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exe O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe -- End of file - 8705 bytes ovako, skinuo svezi hijack, uradio sam to sto treba i kopirao ga, skinuo sam combo fix i njega pustio da odradi svoje, pratio sam gore navedena uputstva, hvala unapred... ComboFix 09-04-25.A3 - patar 27.04.2009 17:50.1 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.2046.535 [GMT 2:00] Running from: d:\load\ComboFix.exe AV: ESET Smart Security 3.0 On-access scanning disabled (Updated) FW: ESET Personal firewall enabled * Created a new restore point . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\windows\system32\drivers\npf.sys c:\windows\system32\Packet.dll c:\windows\system32\wpcap.dll . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Service_NPF ((((((((((((((((((((((((( Files Created from 2009-05-27 to 2009-4-27 ))))))))))))))))))))))))))))))) . No new files created in this timespan . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-04-27 15:54 . 2008-12-20 21:18 -------- d-----w c:\documents and settings\patar\Application Data\skypePM 2009-04-27 15:53 . 2008-01-21 15:59 -------- d-----w c:\program files\Google 2009-04-27 15:52 . 2008-09-16 15:52 -------- d-----w c:\documents and settings\patar\Application Data\uTorrent 2009-04-27 15:41 . 2008-12-20 21:16 -------- d-----w c:\documents and settings\patar\Application Data\Skype 2009-04-26 21:55 . 2008-11-03 22:06 -------- d-----w c:\program files\DAEMON Tools Toolbar 2009-04-06 14:35 . 2008-01-21 16:07 -------- d-----w c:\program files\DC++ 2009-03-30 10:32 . 2008-03-15 13:10 -------- d-----w c:\program files\Java 2009-03-27 01:17 . 2009-03-05 01:30 138944 ----a-w c:\windows\system32\drivers\PnkBstrK.sys 2009-03-27 01:17 . 2009-03-05 01:29 189784 ----a-w c:\windows\system32\PnkBstrB.exe 2009-03-27 00:55 . 2009-03-05 01:30 22328 ----a-w c:\documents and settings\patar\Application Data\PnkBstrK.sys 2009-03-27 00:54 . 2009-03-05 01:29 2246144 ----a-w c:\windows\system32\pbsvc.exe 2009-03-27 00:54 . 2009-03-27 00:54 -------- d-----w c:\documents and settings\All Users.WINDOWS\Application Data\id Software 2009-03-24 17:14 . 2009-03-24 17:14 -------- d-----w c:\program files\Common Files\Skype 2009-03-24 17:14 . 2008-12-20 21:16 -------- d-----r c:\program files\Skype 2009-03-23 14:56 . 2009-03-05 01:29 75064 ----a-w c:\windows\system32\PnkBstrA.exe 2009-03-23 00:37 . 2008-02-03 12:21 -------- d-----w c:\program files\SpeedFan 2009-03-18 01:00 . 2008-01-22 00:16 -------- d-----w c:\program files\Winamp 2009-03-18 00:59 . 2009-01-22 15:59 -------- d-----w c:\documents and settings\patar\Application Data\Winamp 2009-03-16 20:04 . 2009-01-22 15:48 -------- d-----w c:\program files\Common Files\Nero 2009-03-16 20:03 . 2009-01-22 15:48 -------- d-----w c:\documents and settings\All Users.WINDOWS\Application Data\Nero 2009-03-14 19:21 . 2008-12-10 23:39 -------- d-----w c:\documents and settings\patar\Application Data\dvdcss 2009-03-11 18:02 . 2009-03-11 18:02 132096 --sh--w c:\windows\system32\d3d7.dll 2009-03-09 03:19 . 2008-12-07 19:32 410984 ----a-w c:\windows\system32\deploytk.dll 2009-03-05 21:01 . 2009-03-05 21:01 -------- d-----w c:\documents and settings\patar\Application Data\id Software 2009-01-22 16:27 . 2008-09-16 12:51 68456 ----a-w c:\documents and settings\patar\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2008-07-26 17:11 . 2008-01-21 15:36 22024 ----a-w c:\documents and settings\petar pilipovic\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2008-04-19 11:51 . 2008-04-19 11:51 9232 ----a-w c:\documents and settings\petar pilipovic\mqdmmdfl.sys 2008-04-19 11:51 . 2008-04-19 11:51 92064 ----a-w c:\documents and settings\petar pilipovic\mqdmmdm.sys 2008-04-19 11:51 . 2008-04-19 11:51 79328 ----a-w c:\documents and settings\petar pilipovic\mqdmserd.sys 2008-04-19 11:51 . 2008-04-19 11:51 66656 ----a-w c:\documents and settings\petar pilipovic\mqdmbus.sys 2008-04-19 11:51 . 2008-04-19 11:51 6208 ----a-w c:\documents and settings\petar pilipovic\mqdmcmnt.sys 2008-04-19 11:51 . 2008-04-19 11:51 5936 ----a-w c:\documents and settings\petar pilipovic\mqdmwhnt.sys 2008-04-19 11:51 . 2008-04-19 11:51 4048 ----a-w c:\documents and settings\petar pilipovic\mqdmcr.sys 2008-04-19 11:51 . 2008-04-01 13:52 25600 ----a-w c:\documents and settings\petar pilipovic\usbsermptxp.sys 2008-04-19 11:51 . 2008-04-01 13:52 22768 ----a-w c:\documents and settings\petar pilipovic\usbsermpt.sys . ------- Sigcheck ------- [-] 2008-09-16 14:21 502272 6225F14B8CE08CCBA8B25AD27843C674 c:\windows\system32\winlogon.exe . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2004-08-12 15360] "Google Update"="c:\documents and settings\patar\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [2008-09-16 133104] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-12-07 68856] "DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\daemon.exe" [2008-08-08 490952] "Skype"="c:\program files\Skype\Phone\Skype.exe" [2009-03-16 24095528] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-11-12 8523776] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-11-12 81920] "googletalk"="c:\program files\Google\Google Talk\googletalk.exe" [2007-01-01 3739648] "egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2007-12-21 1443072] "Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2009-01-14 399504] "GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2007-08-24 33648] "NBKeyScan"="c:\program files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2008-02-18 2221352] "NeroFilterCheck"="c:\program files\Common Files\Nero\Lib\NeroCheck.exe" [2008-04-28 570664] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-15 39792] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-03-09 148888] "nwiz"="nwiz.exe" - c:\windows\system32\nwiz.exe [2007-11-12 1626112] "RTHDCPL"="RTHDCPL.EXE" - c:\windows\RTHDCPL.exe [2007-04-12 16132608] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-12 15360] c:\documents and settings\petar pilipovic\Start Menu\Programs\Startup\ OpenOffice.org 2.4.lnk - c:\program files\OpenOffice.org 2.4\program\quickstart.exe [2008-1-21 393216] [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusDisableNotify"=dword:00000001 "UpdatesDisableNotify"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Google\\Google Talk\\googletalk.exe"= "c:\\Program Files\\uTorrent\\uTorrent.exe"= "c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"= "c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"= "c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"= "c:\\WINDOWS\\system32\\PnkBstrA.exe"= "c:\\WINDOWS\\system32\\PnkBstrB.exe"= "c:\\Program Files\\Skype\\Phone\\Skype.exe"= R2 RPCHE;Remote Procedure Call (RPCE);c:\program files\Common Files\Microsoft Shared\Speech\csvd.exe [2009-03-02 11573248] S2 ekrn;Eset Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [2007-12-21 468224] S2 LasMan;Local Connection Manager;c:\windows\System32\svchost.exe [2004-08-12 14336] S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2009-01-14 170640] S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2009-01-14 15504] HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs LasMan [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{55fd6c70-83f9-11dd-98ad-001d7d960ccc}] \Shell\AutoRun\command - F:\autorun.exe . Contents of the 'Scheduled Tasks' folder 2009-04-25 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2007-08-29 13:57] 2009-04-27 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-515967899-1482476501-725345543-1003.job - c:\documents and settings\patar\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2008-09-16 13:37] . - - - - ORPHANS REMOVED - - - - HKCU-Run-MsnMsgr - c:\program files\MSN Messenger\MsnMsgr.Exe Notify-WgaLogon - (no file) . ------- Supplementary Scan ------- . uSearch Page = hxxp://www.google.com uSearch Bar = hxxp://www.google.com/ie mStart Page = hxxp://www.yahoo.com uInternet Connection Wizard,ShellNext = hxxp://www.yahoo.com/ uSearchURL,(Default) = hxxp://www.google.com/search?q=%s IE: &Winamp Search - c:\documents and settings\All Users.WINDOWS\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 FF - ProfilePath - c:\documents and settings\patar\Application Data\Mozilla\Firefox\Profiles\audf8c1j.default\ FF - prefs.js: browser.search.defaulturl - hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&invocationType=tb50ffwinampie7&query= FF - prefs.js: browser.search.selectedEngine - Winamp Search FF - prefs.js: keyword.URL - hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&invocationType=tb50ffwinampab&query= FF - component: c:\documents and settings\patar\Application Data\Mozilla\Firefox\Profiles\audf8c1j.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f}\components\WinampTBPlayer.dll FF - component: c:\program files\Mozilla Firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}\components\NPComponent.dll FF - plugin: c:\documents and settings\All Users.WINDOWS\Application Data\id Software\QuakeLive\npquakezero.dll FF - plugin: c:\documents and settings\patar\Local Settings\Application Data\Google\Update\1.2.141.5\npGoogleOneClick7.dll . ************************************************************************ catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, gmer.net Rootkit scan 2009-04-27 17:54 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ********************************************************************** . --------------------- DLLs Loaded Under Running Processes --------------------- - - - - - - - > 'explorer.exe'(2784) c:\windows\system32\msi.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . ------------------------ Other Running Processes ------------------------ . c:\windows\system32\rundll32.exe c:\program files\Java\jre6\bin\jqs.exe c:\program files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe c:\program files\Nero\Nero8\Nero BackItUp\NBService.exe c:\windows\system32\nvsvc32.exe c:\windows\system32\IoctlSvc.exe c:\windows\system32\PnkBstrA.exe c:\program files\Skype\Plugin Manager\skypePM.exe . ************************************************************************ . Completion time: 2009-04-27 17:54 - machine was rebooted ComboFix-quarantined-files.txt 2009-04-27 15:54 Pre-Run: 2.699.030.528 bytes free Post-Run: 13.396.643.840 bytes free WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect 184 --- E O F --- 2008-12-18 02:00 ovo je od combofix sa... poz...

Profil

dr_Bora Poslao: 27 Apr 2009 19:17 Idi na vrh
offline dr_Bora Anti Malware Fighter Rank 2 Pridružio: 24 Jul 2007 Poruke: 12280 Gde živiš: Höganäs, SE	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Otvoriti Notepad i iskopirati sledeci tekst: `File:: c:\windows\system32\d3d7.dll c:\program files\Common Files\Microsoft Shared\Speech\csvd.exe Driver:: RPCHE LasMan NetSvc:: LasMan` Snimiti na Desktop fajl iz Notepada kao "CFScript" Prevuci snimljeni skript/tekst na ComboFix ikonicu kao na slici. Postaviti u sledecoj poruci log koji bude bio napravljen na kraju ciscenja/skeniranja.

Profil

iamrmot Poslao: 27 Apr 2009 20:46 Idi na vrh
offline iamrmot Novi MyCity građanin Pridružio: 26 Apr 2009 Poruke: 13	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! uradio po uputstvu, izvolite log, poz... jos samo da iskoristim priliku da se zahvalim na vasoj pomoci, hvala vam puno... ComboFix 09-04-25.A3 - patar 27.04.2009 20:37.2 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.2046.1358 [GMT 2:00] Running from: d:\load\ComboFix.exe Command switches used :: c:\documents and settings\patar\Desktop\CFScript.txt AV: ESET Smart Security 3.0 On-access scanning disabled (Updated) FW: ESET Personal firewall enabled * Created a new restore point FILE :: c:\program files\Common Files\Microsoft Shared\Speech\csvd.exe c:\windows\system32\d3d7.dll . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\program files\Common Files\Microsoft Shared\Speech\csvd.exe c:\windows\system32\d3d7.dll . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Legacy_LASMAN -------\Legacy_RPCHE -------\Service_LasMan -------\Service_RPCHE ((((((((((((((((((((((((( Files Created from 2009-05-27 to 2009-4-27 ))))))))))))))))))))))))))))))) . No new files created in this timespan . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-04-27 18:39 . 2008-09-16 15:52 -------- d-----w c:\documents and settings\patar\Application Data\uTorrent 2009-04-27 18:36 . 2008-12-20 21:16 -------- d-----w c:\documents and settings\patar\Application Data\Skype 2009-04-27 15:54 . 2008-12-20 21:18 -------- d-----w c:\documents and settings\patar\Application Data\skypePM 2009-04-27 15:53 . 2008-01-21 15:59 -------- d-----w c:\program files\Google 2009-04-26 21:55 . 2008-11-03 22:06 -------- d-----w c:\program files\DAEMON Tools Toolbar 2009-04-06 14:35 . 2008-01-21 16:07 -------- d-----w c:\program files\DC++ 2009-03-30 10:32 . 2008-03-15 13:10 -------- d-----w c:\program files\Java 2009-03-27 01:17 . 2009-03-05 01:30 138944 ----a-w c:\windows\system32\drivers\PnkBstrK.sys 2009-03-27 01:17 . 2009-03-05 01:29 189784 ----a-w c:\windows\system32\PnkBstrB.exe 2009-03-27 00:55 . 2009-03-05 01:30 22328 ----a-w c:\documents and settings\patar\Application Data\PnkBstrK.sys 2009-03-27 00:54 . 2009-03-05 01:29 2246144 ----a-w c:\windows\system32\pbsvc.exe 2009-03-27 00:54 . 2009-03-27 00:54 -------- d-----w c:\documents and settings\All Users.WINDOWS\Application Data\id Software 2009-03-24 17:14 . 2009-03-24 17:14 -------- d-----w c:\program files\Common Files\Skype 2009-03-24 17:14 . 2008-12-20 21:16 -------- d-----r c:\program files\Skype 2009-03-23 14:56 . 2009-03-05 01:29 75064 ----a-w c:\windows\system32\PnkBstrA.exe 2009-03-23 00:37 . 2008-02-03 12:21 -------- d-----w c:\program files\SpeedFan 2009-03-18 01:00 . 2008-01-22 00:16 -------- d-----w c:\program files\Winamp 2009-03-18 00:59 . 2009-01-22 15:59 -------- d-----w c:\documents and settings\patar\Application Data\Winamp 2009-03-16 20:04 . 2009-01-22 15:48 -------- d-----w c:\program files\Common Files\Nero 2009-03-16 20:03 . 2009-01-22 15:48 -------- d-----w c:\documents and settings\All Users.WINDOWS\Application Data\Nero 2009-03-14 19:21 . 2008-12-10 23:39 -------- d-----w c:\documents and settings\patar\Application Data\dvdcss 2009-03-09 03:19 . 2008-12-07 19:32 410984 ----a-w c:\windows\system32\deploytk.dll 2009-03-05 21:01 . 2009-03-05 21:01 -------- d-----w c:\documents and settings\patar\Application Data\id Software 2009-01-22 16:27 . 2008-09-16 12:51 68456 ----a-w c:\documents and settings\patar\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2008-07-26 17:11 . 2008-01-21 15:36 22024 ----a-w c:\documents and settings\petar pilipovic\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2008-04-19 11:51 . 2008-04-19 11:51 9232 ----a-w c:\documents and settings\petar pilipovic\mqdmmdfl.sys 2008-04-19 11:51 . 2008-04-19 11:51 92064 ----a-w c:\documents and settings\petar pilipovic\mqdmmdm.sys 2008-04-19 11:51 . 2008-04-19 11:51 79328 ----a-w c:\documents and settings\petar pilipovic\mqdmserd.sys 2008-04-19 11:51 . 2008-04-19 11:51 66656 ----a-w c:\documents and settings\petar pilipovic\mqdmbus.sys 2008-04-19 11:51 . 2008-04-19 11:51 6208 ----a-w c:\documents and settings\petar pilipovic\mqdmcmnt.sys 2008-04-19 11:51 . 2008-04-19 11:51 5936 ----a-w c:\documents and settings\petar pilipovic\mqdmwhnt.sys 2008-04-19 11:51 . 2008-04-19 11:51 4048 ----a-w c:\documents and settings\petar pilipovic\mqdmcr.sys 2008-04-19 11:51 . 2008-04-01 13:52 25600 ----a-w c:\documents and settings\petar pilipovic\usbsermptxp.sys 2008-04-19 11:51 . 2008-04-01 13:52 22768 ----a-w c:\documents and settings\petar pilipovic\usbsermpt.sys . ------- Sigcheck ------- [-] 2008-09-16 14:21 502272 6225F14B8CE08CCBA8B25AD27843C674 c:\windows\system32\winlogon.exe . ((((((((((((((((((((((((((((( SnapShot@2009-04-27_15.52.31 ))))))))))))))))))))))))))))))))))))))))) . + 2009-04-27 18:40 . 2009-04-27 18:40 16384 c:\windows\Temp\Perflib_Perfdata_5c0.dat . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] 2009-02-26 00:03 251504 ----a-w c:\program files\Google\Google Toolbar\GoogleToolbar.dll [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}] 2009-04-05 22:59 668656 ----a-w c:\program files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}] 2009-02-26 00:03 522224 ----a-w c:\program files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] 2009-03-09 03:18 35840 ----a-w c:\program files\Java\jre6\bin\jp2ssv.dll [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}] 2009-03-09 03:18 73728 ----a-w c:\program files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{EF99BD32-C1FB-11D2-892F-0090271D4F88}"= "c:\program files\Yahoo!\Companion\Installs\cpn\ycomp5_6_0_1.dll" [2005-04-13 327748] "{EBF2BA02-9094-4c5a-858B-BB198F3D8DE2}"= "c:\program files\Winamp Toolbar\winamptb.dll" [2008-07-16 1266992] [HKEY_CLASSES_ROOT\clsid\{ef99bd32-c1fb-11d2-892f-0090271d4f88}] [HKEY_CLASSES_ROOT\YBIOCtrl.YBIOCtrl.2] [HKEY_CLASSES_ROOT\TypeLib\{EF99BD24-C1FB-11D2-892F-0090271D4F88}] [HKEY_CLASSES_ROOT\YBIOCtrl.YBIOCtrl] [HKEY_CLASSES_ROOT\clsid\{ebf2ba02-9094-4c5a-858b-bb198f3d8de2}] [HKEY_CLASSES_ROOT\WINAMPTB.AOLToolBand.1] [HKEY_CLASSES_ROOT\TypeLib\{538CD77C-BFDD-49b0-9562-77419CAB89D1}] [HKEY_CLASSES_ROOT\WINAMPTB.AOLToolBand] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser] "{EF99BD32-C1FB-11D2-892F-0090271D4F88}"= "c:\program files\Yahoo!\Companion\Installs\cpn\ycomp5_6_0_1.dll" [2005-04-13 327748] "{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}"= "c:\program files\Winamp Toolbar\winamptb.dll" [2008-07-16 1266992] [HKEY_CLASSES_ROOT\clsid\{ef99bd32-c1fb-11d2-892f-0090271d4f88}] [HKEY_CLASSES_ROOT\YBIOCtrl.YBIOCtrl.2] [HKEY_CLASSES_ROOT\TypeLib\{EF99BD24-C1FB-11D2-892F-0090271D4F88}] [HKEY_CLASSES_ROOT\YBIOCtrl.YBIOCtrl] [HKEY_CLASSES_ROOT\clsid\{ebf2ba02-9094-4c5a-858b-bb198f3d8de2}] [HKEY_CLASSES_ROOT\WINAMPTB.AOLToolBand.1] [HKEY_CLASSES_ROOT\TypeLib\{538CD77C-BFDD-49b0-9562-77419CAB89D1}] [HKEY_CLASSES_ROOT\WINAMPTB.AOLToolBand] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2004-08-12 15360] "Google Update"="c:\documents and settings\patar\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [2008-09-16 133104] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-12-07 68856] "DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\daemon.exe" [2008-08-08 490952] "Skype"="c:\program files\Skype\Phone\Skype.exe" [2009-03-16 24095528] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-11-12 8523776] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-11-12 81920] "googletalk"="c:\program files\Google\Google Talk\googletalk.exe" [2007-01-01 3739648] "egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2007-12-21 1443072] "Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2009-01-14 399504] "GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2007-08-24 33648] "NBKeyScan"="c:\program files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2008-02-18 2221352] "NeroFilterCheck"="c:\program files\Common Files\Nero\Lib\NeroCheck.exe" [2008-04-28 570664] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-15 39792] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-03-09 148888] "nwiz"="nwiz.exe" - c:\windows\system32\nwiz.exe [2007-11-12 1626112] "RTHDCPL"="RTHDCPL.EXE" - c:\windows\RTHDCPL.exe [2007-04-12 16132608] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-12 15360] c:\documents and settings\petar pilipovic\Start Menu\Programs\Startup\ OpenOffice.org 2.4.lnk - c:\program files\OpenOffice.org 2.4\program\quickstart.exe [2008-1-21 393216] [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks] "{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"= "c:\program files\Microsoft Office\Office12\GrooveShellExtensions.dll" [2007-08-24 2212224] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] "WPDShServiceObj"= {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll [2006-10-18 133632] [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusDisableNotify"=dword:00000001 "UpdatesDisableNotify"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Google\\Google Talk\\googletalk.exe"= "c:\\Program Files\\uTorrent\\uTorrent.exe"= "c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"= "c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"= "c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"= "c:\\WINDOWS\\system32\\PnkBstrA.exe"= "c:\\WINDOWS\\system32\\PnkBstrB.exe"= "c:\\Program Files\\Skype\\Phone\\Skype.exe"= S2 ekrn;Eset Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [2007-12-21 468224] S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2009-01-14 170640] S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2009-01-14 15504] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{55fd6c70-83f9-11dd-98ad-001d7d960ccc}] \Shell\AutoRun\command - F:\autorun.exe . Contents of the 'Scheduled Tasks' folder 2009-04-25 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2007-08-29 13:57] 2009-04-27 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-515967899-1482476501-725345543-1003.job - c:\documents and settings\patar\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2008-09-16 13:37] . - - - - ORPHANS REMOVED - - - - ShellExecuteHooks-{AEB6717E-7E19-11d0-97EE-00C04FD91972} - shell32.dll SSODL-CDBurn-{fbeb8a05-beee-4442-804e-409d6c4515e9} - %SystemRoot%\system32\SHELL32.dll SSODL-WebCheck-{E6FB5E20-DE35-11CF-9C87-00AA005127ED} - %SystemRoot%\system32\webcheck.dll . ------- Supplementary Scan ------- . uSearch Page = hxxp://www.google.com uSearch Bar = hxxp://www.google.com/ie mStart Page = hxxp://www.yahoo.com uInternet Connection Wizard,ShellNext = hxxp://www.yahoo.com/ uSearchURL,(Default) = hxxp://www.google.com/search?q=%s IE: &Winamp Search - c:\documents and settings\All Users.WINDOWS\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 IE: {{FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\Messenger\msmsgs.exe Handler: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - c:\progra~1\COMMON~1\System\OLEDB~1\MSDAIPP.DLL Handler: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - c:\progra~1\COMMON~1\System\OLEDB~1\MSDAIPP.DLL Handler: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - c:\progra~1\COMMON~1\System\OLEDB~1\MSDAIPP.DLL Handler: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - c:\progra~1\COMMON~1\System\OLEDB~1\MSDAIPP.DLL Handler: ipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - c:\progra~1\COMMON~1\System\OLEDB~1\MSDAIPP.DLL Handler: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - c:\windows\system32\itss.dll Handler: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - c:\windows\system32\itss.dll Handler: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - c:\progra~1\COMMON~1\System\OLEDB~1\MSDAIPP.DLL Handler: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - c:\progra~1\COMMON~1\System\OLEDB~1\MSDAIPP.DLL Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\COMMON~1\Skype\SKYPE4~1.DLL Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - c:\windows\system32\msvidctl.dll Name-Space Handler: mk\* - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - c:\windows\system32\itss.dll FF - ProfilePath - c:\documents and settings\patar\Application Data\Mozilla\Firefox\Profiles\audf8c1j.default\ FF - prefs.js: browser.search.defaulturl - hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&invocationType=tb50ffwinampie7&query= FF - prefs.js: browser.search.selectedEngine - Winamp Search FF - prefs.js: keyword.URL - hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&invocationType=tb50ffwinampab&query= FF - component: c:\documents and settings\patar\Application Data\Mozilla\Firefox\Profiles\audf8c1j.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f}\components\WinampTBPlayer.dll FF - component: c:\program files\Mozilla Firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}\components\NPComponent.dll FF - plugin: c:\documents and settings\All Users.WINDOWS\Application Data\id Software\QuakeLive\npquakezero.dll FF - plugin: c:\documents and settings\patar\Local Settings\Application Data\Google\Update\1.2.141.5\npGoogleOneClick7.dll . ************************************************************************ catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, gmer.net Rootkit scan 2009-04-27 20:40 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ********************************************************************** . --------------------- DLLs Loaded Under Running Processes --------------------- - - - - - - - > 'explorer.exe'(644) c:\windows\system32\msi.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . ------------------------ Other Running Processes ------------------------ . c:\windows\system32\rundll32.exe c:\program files\Java\jre6\bin\jqs.exe c:\program files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe c:\program files\Nero\Nero8\Nero BackItUp\NBService.exe c:\windows\system32\nvsvc32.exe c:\windows\system32\IoctlSvc.exe c:\windows\system32\PnkBstrA.exe c:\program files\Skype\Plugin Manager\skypePM.exe . ************************************************************************ . Completion time: 2009-04-27 20:42 - machine was rebooted ComboFix-quarantined-files.txt 2009-04-27 18:42 ComboFix2.txt 2009-04-27 15:54 Pre-Run: 13.388.767.232 bytes free Post-Run: 13.365.350.400 bytes free 233 --- E O F --- 2008-12-18 02:00

Profil

dr_Bora Poslao: 27 Apr 2009 21:45 Idi na vrh
offline dr_Bora Anti Malware Fighter Rank 2 Pridružio: 24 Jul 2007 Poruke: 12280 Gde živiš: Höganäs, SE	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Ok, ovo bi sada trebalo biti čisto. Deinstalacija ComboFix-a: Klikni START a zatim RUN. U liniju za unos teksta ukucaj (iskopiraj) sledeće: Combofix /u a zatim klikni OK. Sačekaj da se proces deinstalacije završi.

Profil

iamrmot Poslao: 28 Apr 2009 00:58 Idi na vrh
offline iamrmot Novi MyCity građanin Pridružio: 26 Apr 2009 Poruke: 13	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! hvala jos jednom... poz...

Profil

MyCity » Ambulanta -> Arhiva Ambulante » hijack this log-provera

Ko je trenutno na forumu

Ukupno su 1180 korisnika na forumu :: 55 registrovanih, 8 sakrivenih i 1117 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: 100ka, _Rade, AK - 230, avijacija, babaroga, Bahuss, Bane san, bestguarder, cvrle312, damirZR, darcaud, DENIRO, djboj, dok80, Dorcolac, DPera, draganl, Excalibur13, Frunze, GORDI, goxsys, hyla, ILGromovnik, joca83, Karla, Koja79, Krusarac, Kubovac, kybonacci, Marko Marković, Matija, mercedesamg, MiGac, mikrimaus, Millennium, mkukoleca, mustangkg, Nemanja.M, nick79, Nikolaa11, nikoladim, nuke92, ozzy, pein, Penzula, pera bager, powSrb, raketaš, Ripanjac, samsung, solic, tubular, vathra, vukovi, Zimbabwe

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by