Možda tražite i:
spoolsv.exe problem
svchost.exe problem
problem sa stbapp.exe ili stbsvc.exe
Problem sa Scheduled.exe

MyCity » Ambulanta -> Arhiva Ambulante » problem sa userini.exe

problem sa userini.exe

Napisano na dan: 4.8.2010

problem sa userini.exe

Sledeća strana

Pagination

Odgovori

GTA Poslao: 04 Avg 2010 13:24 Idi na vrh
offline GTA Počasni građanin Pridružio: 14 Avg 2008 Poruke: 717	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Prvi problem koji sam uocio na ovom racunaru(koji inace nije moj) je proces se i task manegery koji se zove userini.exe Taj fajl userini.exe sa uspesno obrisao iz system 32 on on veise nije pojavljivao ali racunar uopste nije hteo na iternet; to sam takode resio instalacijom drajvera za mreznu karticu. Posle konekciji na internet ponovo se u task menageru pojavio ovaj userini.exe avira je prijavila par puta nesto DDS (Ver_10-03-17.01) - NTFSx86 Run by Jovana at 20:31:07,00 on 01.08.2010 Internet Explorer: 8.0.6001.18702 Microsoft Windows XP Professional 5.1.2600.3.1254.90.1033.18.765.199 [GMT 2:00] AV: AntiVir Desktop On-access scanning enabled (Outdated) {AD166499-45F9-482A-A743-FDD3350758C7} ============== Running Processes =============== C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost -k DcomLaunch svchost.exe C:\WINDOWS\System32\svchost.exe -k netsvcs svchost.exe C:\WINDOWS\System32\svchost.exe -k eapsvcs svchost.exe C:\WINDOWS\System32\svchost.exe -k dot3svc C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\spoolsv.exe c:\program files\idt\wdm\STacSV.exe C:\Program Files\Avira\AntiVir Desktop\sched.exe svchost.exe C:\Program Files\Stardock\MyColors\wbload.exe C:\WINDOWS\Explorer.EXE C:\Program Files\LSI SoftModem\agrsmsvc.exe C:\Program Files\Avira\AntiVir Desktop\avguard.exe C:\WINDOWS\system32\userini.exe C:\WINDOWS\system32\AESTFltr.exe C:\WINDOWS\system32\svchost.exe -k imgsvc C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe C:\WINDOWS\system32\userini.exe C:\WINDOWS\system32\userini.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\Temp\wpv281280583757.exe C:\Program Files\Messenger\msmsgs.exe C:\WINDOWS\system32\userini.exe C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe C:\Program Files\Stardock\DesktopGadgets\Think Green Weather\Think Green Weather.exe C:\WINDOWS\system32\4c5719.exe C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe C:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe C:\WINDOWS\system32\wscntfy.exe C:\Program Files\Hewlett-Packard\Shared\hpqToaster.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe C:\WINDOWS\system32\hifywoos.exe C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe C:\Program Files\Opera\Opera.exe C:\Documents and Settings\Jovana\Desktop\dds.scr ============== Pseudo HJT Report =============== uStart Page = hxxp://www.windowsxlive.net mWinlogon: Taskman=c:\documents and settings\jovana\application data\oreaw.exe uWinlogon: Shell=c:\documents and settings\jovana\application data\ibnzs.exe,c:\documents and settings\jovana\csrss.exe,explorer.exe,c:\documents and settings\jovana\application data\oreaw.exe BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll uRun: [CTFMON.EXE] c:\windows\system32\ctfmon.exe uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background uRun: [userini] c:\windows\system32\userini.exe mRun: [AESTFltr] %SystemRoot%\system32\AESTFltr.exe /NoDlg mRun: [StartCCC] "c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe" MSRun mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe" mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe" mRun: [avgnt] "c:\program files\avira\antivir desktop\avgnt.exe" /min mRun: [zCpqset] c:\program files\hewlett-packard\default settings\cpqset.exe mRun: [WirelessAssistant] c:\program files\hewlett-packard\hp wireless assistant\HPWAMain.exe mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime mRun: [Microsoft(R) System Manager] c:\windows\system32\4c5719.exe mRun: [userini] c:\windows\system32\userini.exe mRun: [zoujyg] c:\windows\system32\cakouzyryj.exe dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE uExplorerRun: [userini] c:\windows\system32\userini.exe mExplorerRun: [userini] c:\windows\system32\userini.exe StartupFolder: c:\docume~1\jovana\startm~1\programs\startup\thinkg~1.lnk - c:\program files\stardock\desktopgadgets\think green weather\Think Green Weather.exe StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\blueto~1.lnk - c:\program files\widcomm\bluetooth software\BTTray.exe IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000 IE: Send to &Bluetooth Device... - c:\program files\widcomm\bluetooth software\btsendto_ie_ctx.htm IE: Send To Bluetooth - c:\program files\widcomm\bluetooth software\btsendto_ie.htm IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\program files\widcomm\bluetooth software\btsendto_ie.htm IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL Notify: AtiExtEvent - Ati2evxx.dll Notify: WB - c:\program files\stardock\mycolors\fastload.dll LSA: Authentication Packages = msv1_0 nwprovau ============= SERVICES / DRIVERS =============== R1 avgio;avgio;c:\program files\avira\antivir desktop\avgio.sys [2009-12-19 11608] R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\avira\antivir desktop\sched.exe [2009-12-19 108289] R2 AntiVirService;Avira AntiVir Guard;c:\program files\avira\antivir desktop\avguard.exe [2009-12-19 185089] R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgntflt.sys [2009-12-19 56816] R3 5U876UVC;HP Webcam [2 MP series];c:\windows\system32\drivers\5U876.sys [2009-12-18 118656] R3 AESTAud;AE Audio Service;c:\windows\system32\drivers\AESTAud.sys [2009-12-18 113536] S2 pcocggkbd;\??\c:\do;\??\c:\docume~1\jovana\locals~1\temp\wwlusnajtymbbfk.sys --> c:\docume~1\jovana\locals~1\temp\wwlusnajtymbbfk.sys [?] S2 y6iauioudtybe;Creative ALchemy AL1 Licensing Service;c:\windows\system32\suvof.exe [2010-8-1 254976] S3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\drivers\ewusbdev.sys --> c:\windows\system32\drivers\ewusbdev.sys [?] =============== Created Last 30 ================ 2010-08-01 18:21:37 254976 ----a-w- c:\windows\system32\suvof.exe 2010-08-01 18:20:54 254976 ----a-w- c:\windows\system32\cakouzyryj.exe 2010-08-01 18:11:41 52224 ----a-w- c:\windows\system32\userini.exe 2010-08-01 18:09:52 57384 ----a-w- c:\windows\system32\drivers\btwhid.sys 2010-08-01 18:09:52 37032 ----a-w- c:\windows\system32\drivers\btwmodem.sys 2010-08-01 18:09:51 91304 ----a-w- c:\windows\system32\drivers\btserial.sys 2010-08-01 18:09:51 534568 ----a-w- c:\windows\system32\drivers\btaudio.sys 2010-08-01 18:09:51 37160 ----a-w- c:\windows\system32\drivers\btport.sys 2010-08-01 18:09:51 156816 ----a-w- c:\windows\system32\drivers\btwdndis.sys 2010-08-01 17:11:05 0 d-sh--w- c:\documents and settings\jovana\PrivacIE 2010-08-01 13:03:02 0 d-----w- c:\docume~1\jovana\applic~1\TuneUp Software 2010-08-01 13:02:54 306432 ----a-w- c:\windows\system32\TuneUpDefragService.exe 2010-08-01 13:02:53 29440 ----a-w- c:\windows\system32\uxtuneup.dll 2010-08-01 13:02:44 0 d-----w- c:\docume~1\alluse~1\applic~1\TuneUp Software 2010-08-01 13:02:31 0 d-----w- c:\program files\TuneUp Utilities 2008 2010-08-01 13:01:25 0 d-----w- c:\program files\common files\Wise Installation Wizard 2010-08-01 12:25:51 0 d-sh--w- c:\documents and settings\jovana\IETldCache 2010-08-01 11:58:58 0 dc-h--w- c:\windows\ie8 ==================== Find3M ==================== 2010-08-01 18:14:20 1735040 ----a-w- c:\windows\system32\drivers\BCMWL5.SYS 2010-06-29 23:09:06 1033728 ----a-w- c:\windows\explorer.exe 2010-06-25 07:51:28 413756 ----a-w- c:\windows\system32\drivers\str.sys 2010-06-25 07:29:46 129024 --sh--r- c:\docume~1\jovana\applic~1\ibnzs.exe 2010-06-24 22:32:33 54272 ----a-w- c:\windows\system32\4c5719.exe 2010-06-24 22:32:33 102408 ----a-w- c:\windows\system32\msvcrt2.dll 2010-06-24 22:32:02 163781 --sh--r- c:\docume~1\jovana\applic~1\oreaw.exe 2010-06-21 16:51:58 38808920 ----a-w- C:\FileFormatConverters.exe ============= FINISH: 20:31:30,40 =============== https://www.mycity.rs/must-login.png https://www.mycity.rs/must-login.png nije hteo da radi ovaj gmer sve zivo mi je zablokirao zato sam koristio root repeal

Profil

1l padr1n0 Poslao: 04 Avg 2010 17:31 Idi na vrh
offline 1l padr1n0 Anti Malware Fighter Rank 2 Pridružio: 02 Feb 2008 Poruke: 14018 Gde živiš: Nish	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Pozdrav i dobro dosao u Ambulantu MyCity foruma. U toku resavanja slucaja, zamolio bih te da se pridrzavas sledeceg: Detaljno citati moja uputstva ( ili uputstva kolega koji ce me zamenjivati) i raditi iskljucivo po njima; Ne traziti istovremeno pomoc na drugom mestu; Nemoj koristiti druge programe za uklanjanje malware-a, osim onih za koje budes dobio/la uputstvo; U toku intervencije ne koristiti USB memorijske uredjaje, dok to ne budem zatrazio; Ukoliko ne odgovorim u roku od 48h, osvezi temu novim post-om; Ukoliko se ne javis u roku od 5 dana, zatvoricemo slucaj. Za vise informacija o pravilima Ambulante MyCity foruma: LINK ----------------------------------------------------------------------------------- Preuzmi sUBs-ov ComboFix sa sledeće adrese na Desktop: Bleeping Computer Klikni desnim tasterom na link i odaberi opciju Save Target As... (Save Link As..., Save Linked Content As... ili sličnu); Kada se otvori dijalog za izbor lokacije na kojoj treba sačuvati file, odaberi Desktop i klikni Save. Kada preuzimanje programa bude završeno: deaktiviraj zaštitni softver (uputstvo); zatvori pokrenute programe; dvoklikom pokreni program ComboFix. U toku rada, ComboFix će:proveriti postoji li novija verzija programa: klikni Yes ako bude ponuđeno preuzimanje iste. prikazati DISCLAIMER OF WARRANTY ON SOFTWARE: klikni Yes kako bi proces bio nastavljen.ako Recovery Console nije instalirana, ponuditi instalaciju: obavezno prihvati klikom na Yes i isprati postupak.postaviti/dati određeni broj upita/obaveštenja: prihvati klikom na Yes ili OK.po potrebi, restartovati Windows (više puta); na kraju rada, otvoriti Notepad sa izveštajem o skeniranju. Iskopiraj izveštaj koji je ComboFix napravio u temu na forumu: klikni desnim tasterom miša u prozor Notepad-a i izaberi Select All; klikni desnim tasterom miša na obeleženi tekst i izaberi Copy; klikni desnim tasterom miša u polje za pisanje poruke i izaberi Paste. Napomena:Izveštaj će biti sačuvan pod nazivom ComboFix.txt na sistemskoj particiji (tipična lokacija: C:\ComboFix.txt); Ukoliko nakon slanja poruke primetiš da izveštaj nije kompletan, iskoristi opciju Prikači fajl za prilaganje file-a C:\ComboFix.txt uz poruku. goran9888 (AMF Tim)

Profil

GTA Poslao: 05 Avg 2010 14:08 Idi na vrh
offline GTA Počasni građanin Pridružio: 14 Avg 2008 Poruke: 717	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! ComboFix 10-08-04.05 - Jovana 05.08.2010 13:57:37.1.2 - x86 Microsoft Windows XP Professional 5.1.2600.3.1254.90.1033.18.765.246 [GMT 2:00] Running from: c:\documents and settings\Jovana\Desktop\ComboFix.exe AV: AntiVir Desktop On-access scanning disabled (Outdated) {AD166499-45F9-482A-A743-FDD3350758C7} WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !! . ADS - explorer.exe: deleted 56320 bytes in 1 streams. ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\docume~1\Jovana\LOCALS~1\Temp\502.exe c:\documents and settings\Jovana\Application Data\wiaservg.log c:\documents and settings\Jovana\msgvn.exe c:\windows\system32\drivers\str.sys c:\windows\system32\msvcrt2.dll c:\windows\system32\userini.exe c:\windows\system32\wbem\grpconv.exe c:\windows\system32\grpconv.exe . . . is missing!! . ((((((((((((((((((((((((( Files Created from 2010-07-05 to 2010-08-05 ))))))))))))))))))))))))))))))) . 2010-08-05 11:44 . 2010-08-05 11:47 -------- d-----w- c:\windows\ie8updates 2010-08-05 11:43 . 2010-08-05 11:43 -------- d-----w- c:\windows\LastGood.Tmp 2010-08-04 11:13 . 2010-05-06 10:41 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll 2010-08-04 11:13 . 2010-05-06 10:41 599040 -c----w- c:\windows\system32\dllcache\msfeeds.dll 2010-08-04 11:13 . 2010-05-06 10:41 55296 -c----w- c:\windows\system32\dllcache\msfeedsbs.dll 2010-08-04 11:13 . 2010-05-06 10:41 247808 -c----w- c:\windows\system32\dllcache\ieproxy.dll 2010-08-04 11:13 . 2010-05-06 10:41 743424 -c----w- c:\windows\system32\dllcache\iedvtool.dll 2010-08-04 11:13 . 2010-05-06 10:41 1985536 -c----w- c:\windows\system32\dllcache\iertutil.dll 2010-08-04 11:13 . 2010-05-06 10:41 11076096 -c----w- c:\windows\system32\dllcache\ieframe.dll 2010-08-01 18:55 . 2010-08-01 18:55 -------- d-sh--w- c:\documents and settings\LocalService\IETldCache 2010-08-01 18:21 . 2010-08-01 18:20 254976 ----a-w- c:\windows\system32\suvof.exe 2010-08-01 18:20 . 2010-08-01 18:20 254976 ----a-w- c:\windows\system32\cakouzyryj.exe 2010-08-01 18:09 . 2009-01-14 13:16 57384 ----a-w- c:\windows\system32\drivers\btwhid.sys 2010-08-01 18:09 . 2009-01-14 13:16 37032 ----a-w- c:\windows\system32\drivers\btwmodem.sys 2010-08-01 18:09 . 2009-01-14 13:16 156816 ----a-w- c:\windows\system32\drivers\btwdndis.sys 2010-08-01 18:09 . 2009-01-14 13:16 534568 ----a-w- c:\windows\system32\drivers\btaudio.sys 2010-08-01 18:09 . 2009-01-14 13:16 37160 ----a-w- c:\windows\system32\drivers\btport.sys 2010-08-01 18:09 . 2008-12-11 12:52 91304 ----a-w- c:\windows\system32\drivers\btserial.sys 2010-08-01 17:11 . 2010-08-01 17:11 -------- d-sh--w- c:\documents and settings\Jovana\PrivacIE 2010-08-01 13:03 . 2010-08-01 13:03 -------- d-----w- c:\documents and settings\Jovana\Application Data\TuneUp Software 2010-08-01 13:02 . 2010-08-01 13:02 306432 ----a-w- c:\windows\system32\TuneUpDefragService.exe 2010-08-01 13:02 . 2007-12-20 08:41 29440 ----a-w- c:\windows\system32\uxtuneup.dll 2010-08-01 13:02 . 2010-08-01 13:02 -------- d-----w- c:\documents and settings\All Users\Application Data\TuneUp Software 2010-08-01 13:02 . 2010-08-01 13:02 -------- d-----w- c:\program files\TuneUp Utilities 2008 2010-08-01 13:01 . 2010-08-01 13:01 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard 2010-08-01 12:26 . 2010-08-01 12:26 -------- d-sh--w- c:\documents and settings\NetworkService\IETldCache 2010-08-01 12:25 . 2010-08-01 12:25 -------- d-sh--w- c:\documents and settings\Jovana\IETldCache 2010-08-01 11:58 . 2010-08-01 12:00 -------- dc-h--w- c:\windows\ie8 . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2010-08-05 12:02 . 2010-08-05 12:02 54272 ----a-w- c:\windows\system32\4ecfbe.exe 2010-08-05 12:02 . 2010-08-05 12:02 102522 ----a-w- c:\windows\system32\msvcrt2.dll 2010-08-01 18:14 . 2009-12-18 20:10 1735040 ----a-w- c:\windows\system32\drivers\BCMWL5.SYS 2010-08-01 11:13 . 2010-01-09 13:00 -------- d-----w- c:\program files\mts mobilni internet 2010-06-29 23:09 . 2008-04-14 12:00 1033728 ----a-w- c:\windows\explorer.exe 2010-06-22 08:42 . 2009-12-18 19:40 22328 ----a-w- c:\documents and settings\Jovana\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2010-06-21 17:34 . 2010-06-21 17:34 -------- d-----w- c:\program files\MSECache 2010-06-21 16:51 . 2010-06-21 15:11 38808920 ----a-w- C:\FileFormatConverters.exe 2010-06-14 14:31 . 2009-12-18 11:06 744448 ----a-w- c:\windows\pchealth\helpctr\binaries\helpsvc.exe . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "AESTFltr"="c:\windows\system32\AESTFltr.exe" [2009-02-18 737280] "StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-04-01 61440] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-10-03 35696] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-06-09 976832] "avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153] "zCpqset"="c:\program files\Hewlett-Packard\Default Settings\cpqset.exe" [2008-12-11 81920] "WirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2009-07-23 498744] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-11-10 417792] "Microsoft(R) System Manager"="c:\windows\system32\4ecfbe.exe" [2010-08-05 54272] "zoujyg"="c:\windows\system32\cakouzyryj.exe" [2010-08-01 254976] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] c:\documents and settings\Jovana\Start Menu\Programs\Startup\ Think Green Weather.lnk - c:\program files\Stardock\DesktopGadgets\Think Green Weather\Think Green Weather.exe [2010-1-12 728576] c:\documents and settings\All Users\Start Menu\Programs\Startup\ Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2008-12-11 604776] c:\documents and settings\Default User\Start Menu\Programs\Startup\ IconPackager.lnk - c:\program files\Stardock\MyColors\IconPackager.exe [2009-10-14 1389944] Think Green Weather.lnk - c:\program files\Stardock\DesktopGadgets\Think Green Weather\Think Green Weather.exe [2010-1-12 728576] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\WB] 2009-06-09 08:55 30000 ----a-w- c:\program files\Stardock\MyColors\fastload.dll [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Authentication Packages REG_MULTI_SZ msv1_0 nwprovau [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Opera\\opera.exe"= R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [19.12.2009 13:12 108289] R3 5U876UVC;HP Webcam [2 MP series];c:\windows\system32\drivers\5U876.sys [18.12.2009 21:53 118656] R3 AESTAud;AE Audio Service;c:\windows\system32\drivers\AESTAud.sys [18.12.2009 21:42 113536] S2 pcocggkbd;\??\c:\do;\??\c:\docume~1\Jovana\LOCALS~1\Temp\wwlusnajtymbbfk.sys --> c:\docume~1\Jovana\LOCALS~1\Temp\wwlusnajtymbbfk.sys [?] S2 y6iauioudtybe;Creative ALchemy AL1 Licensing Service;c:\windows\system32\suvof.exe [01.08.2010 20:21 254976] S3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\DRIVERS\ewusbdev.sys --> c:\windows\system32\DRIVERS\ewusbdev.sys [?] HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs UxTuneUp . Contents of the 'Scheduled Tasks' folder 2010-08-01 c:\windows\Tasks\1-Click Maintenance.job - c:\program files\TuneUp Utilities 2008\OneClick.exe [2007-12-21 13:17] . . ------- Supplementary Scan ------- . uStart Page = hxxp://www.windowsxlive.net IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 IE: Send to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm IE: Send To Bluetooth - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm . - - - - ORPHANS REMOVED - - - - HKCU-Run-userini - c:\windows\system32\userini.exe HKLM-Run-userini - c:\windows\system32\userini.exe HKLM-Explorer_Run-userini - c:\windows\system32\userini.exe AddRemove-Agere Systems Soft Modem - c:\windows\agrsmdel ************************************************************************ catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2010-08-05 14:02 Windows 5.1.2600 Service Pack 3 NTFS scanning hidden processes ... scanning hidden autostart entries ... HKLM\Software\Microsoft\Windows\CurrentVersion\Run zCpqset = c:\program files\Hewlett-Packard\Default Settings\cpqset.exe????????????????????????????????????????????????????????? ????????????????????????????????????????????????????????????????????? ????????????????????????????????????????????????????????????????????????? scanning hidden files ... scan completed successfully hidden files: 0 ********************************************************************** . --------------------- LOCKED REGISTRY KEYS --------------------- [HKEY_USERS\S-1-5-21-1202660629-261478967-1801674531-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\CLSID] @Denied: (Full) (LocalSystem) . --------------------- DLLs Loaded Under Running Processes --------------------- - - - - - - - > 'winlogon.exe'(1060) c:\windows\system32\Ati2evxx.dll c:\program files\Stardock\MyColors\fastload.dll - - - - - - - > 'explorer.exe'(2584) c:\windows\system32\WININET.dll c:\windows\system32\btmmhook.dll c:\windows\system32\ieframe.dll c:\windows\system32\webcheck.dll . ------------------------ Other Running Processes ------------------------ . c:\windows\system32\Ati2evxx.exe c:\windows\system32\Ati2evxx.exe c:\program files\idt\wdm\STacSV.exe c:\progra~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE c:\program files\LSI SoftModem\agrsmsvc.exe c:\program files\Avira\AntiVir Desktop\avguard.exe c:\program files\WIDCOMM\Bluetooth Software\bin\btwdins.exe c:\windows\system32\wscntfy.exe c:\program files\Hewlett-Packard\Shared\hpqwmiex.exe c:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe c:\program files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe c:\program files\Hewlett-Packard\Shared\hpqToaster.exe . ************************************************************************ . Completion time: 2010-08-05 14:05:04 - machine was rebooted ComboFix-quarantined-files.txt 2010-08-05 12:04 Pre-Run: 29.537.685.504 bytes free Post-Run: 29.801.439.232 bytes free - - End Of File - - 2F7379D2BE1D835D16BC903675E710D8

Profil

1l padr1n0 Poslao: 05 Avg 2010 16:42 Idi na vrh
offline 1l padr1n0 Anti Malware Fighter Rank 2 Pridružio: 02 Feb 2008 Poruke: 14018 Gde živiš: Nish	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Otvoriti Notepad i iskopirati sledeci tekst: `File:: c:\windows\system32\suvof.exe c:\windows\system32\cakouzyryj.exe c:\windows\system32\msvcrt2.dll c:\windows\system32\4ecfbe.exe c:\docume~1\Jovana\LOCALS~1\Temp\wwlusnajtymbbfk.sys Registry:: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "zoujyg"=- "Microsoft(R) System Manager"=- Driver:: pcocggkbd y6iauioudtybe` Snimiti na Desktop fajl iz Notepada kao "CFScript" Prevuci snimljeni skript/tekst na ComboFix ikonicu kao na slici. Postaviti u sledecoj poruci log koji bude bio napravljen na kraju ciscenja/skeniranja.

Profil

GTA Poslao: 05 Avg 2010 20:40 Idi na vrh
offline GTA Počasni građanin Pridružio: 14 Avg 2008 Poruke: 717	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! ComboFix 10-08-05.01 - Jovana 05.08.2010 20:06:08.2.2 - x86 Microsoft Windows XP Professional 5.1.2600.3.1254.90.1033.18.765.303 [GMT 2:00] Running from: c:\documents and settings\Jovana\Desktop\ComboFix.exe Command switches used :: c:\documents and settings\Jovana\Desktop\CFScript.txt AV: AntiVir Desktop On-access scanning disabled (Outdated) {AD166499-45F9-482A-A743-FDD3350758C7} FILE :: "c:\docume~1\Jovana\LOCALS~1\Temp\wwlusnajtymbbfk.sys" "c:\windows\system32\4ecfbe.exe" "c:\windows\system32\cakouzyryj.exe" "c:\windows\system32\msvcrt2.dll" "c:\windows\system32\suvof.exe" . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\windows\system32\4ecfbe.exe c:\windows\system32\cakouzyryj.exe c:\windows\system32\msvcrt2.dll c:\windows\system32\suvof.exe c:\windows\system32\grpconv.exe . . . is missing!! . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Legacy_PCOCGGKBD -------\Legacy_Y6IAUIOUDTYBE -------\Service_pcocggkbd -------\Service_y6iauioudtybe ((((((((((((((((((((((((( Files Created from 2010-07-05 to 2010-08-05 ))))))))))))))))))))))))))))))) . 2010-08-05 11:44 . 2010-08-05 11:47 -------- d-----w- c:\windows\ie8updates 2010-08-04 11:13 . 2010-05-06 10:41 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll 2010-08-04 11:13 . 2010-05-06 10:41 599040 -c----w- c:\windows\system32\dllcache\msfeeds.dll 2010-08-04 11:13 . 2010-05-06 10:41 55296 -c----w- c:\windows\system32\dllcache\msfeedsbs.dll 2010-08-04 11:13 . 2010-05-06 10:41 247808 -c----w- c:\windows\system32\dllcache\ieproxy.dll 2010-08-04 11:13 . 2010-05-06 10:41 743424 -c----w- c:\windows\system32\dllcache\iedvtool.dll 2010-08-04 11:13 . 2010-05-06 10:41 1985536 -c----w- c:\windows\system32\dllcache\iertutil.dll 2010-08-04 11:13 . 2010-05-06 10:41 11076096 -c----w- c:\windows\system32\dllcache\ieframe.dll 2010-08-01 18:55 . 2010-08-01 18:55 -------- d-sh--w- c:\documents and settings\LocalService\IETldCache 2010-08-01 18:09 . 2009-01-14 13:16 57384 ----a-w- c:\windows\system32\drivers\btwhid.sys 2010-08-01 18:09 . 2009-01-14 13:16 37032 ----a-w- c:\windows\system32\drivers\btwmodem.sys 2010-08-01 18:09 . 2009-01-14 13:16 156816 ----a-w- c:\windows\system32\drivers\btwdndis.sys 2010-08-01 18:09 . 2009-01-14 13:16 534568 ----a-w- c:\windows\system32\drivers\btaudio.sys 2010-08-01 18:09 . 2009-01-14 13:16 37160 ----a-w- c:\windows\system32\drivers\btport.sys 2010-08-01 18:09 . 2008-12-11 12:52 91304 ----a-w- c:\windows\system32\drivers\btserial.sys 2010-08-01 17:11 . 2010-08-01 17:11 -------- d-sh--w- c:\documents and settings\Jovana\PrivacIE 2010-08-01 13:03 . 2010-08-01 13:03 -------- d-----w- c:\documents and settings\Jovana\Application Data\TuneUp Software 2010-08-01 13:02 . 2010-08-01 13:02 306432 ----a-w- c:\windows\system32\TuneUpDefragService.exe 2010-08-01 13:02 . 2007-12-20 08:41 29440 ----a-w- c:\windows\system32\uxtuneup.dll 2010-08-01 13:02 . 2010-08-01 13:02 -------- d-----w- c:\documents and settings\All Users\Application Data\TuneUp Software 2010-08-01 13:02 . 2010-08-01 13:02 -------- d-----w- c:\program files\TuneUp Utilities 2008 2010-08-01 13:01 . 2010-08-01 13:01 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard 2010-08-01 12:26 . 2010-08-01 12:26 -------- d-sh--w- c:\documents and settings\NetworkService\IETldCache 2010-08-01 12:25 . 2010-08-01 12:25 -------- d-sh--w- c:\documents and settings\Jovana\IETldCache 2010-08-01 11:58 . 2010-08-01 12:00 -------- dc-h--w- c:\windows\ie8 . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2010-08-01 18:14 . 2009-12-18 20:10 1735040 ----a-w- c:\windows\system32\drivers\BCMWL5.SYS 2010-08-01 11:13 . 2010-01-09 13:00 -------- d-----w- c:\program files\mts mobilni internet 2010-06-29 23:09 . 2008-04-14 12:00 1033728 ----a-w- c:\windows\explorer.exe 2010-06-22 08:42 . 2009-12-18 19:40 22328 ----a-w- c:\documents and settings\Jovana\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2010-06-21 17:34 . 2010-06-21 17:34 -------- d-----w- c:\program files\MSECache 2010-06-21 16:51 . 2010-06-21 15:11 38808920 ----a-w- C:\FileFormatConverters.exe 2010-06-14 14:31 . 2009-12-18 11:06 744448 ----a-w- c:\windows\pchealth\helpctr\binaries\helpsvc.exe . ((((((((((((((((((((((((((((( SnapShot@2010-08-05_12.02.04 ))))))))))))))))))))))))))))))))))))))))) . + 2010-08-05 18:20 . 2010-08-05 18:20 16384 c:\windows\temp\Perflib_Perfdata_d54.dat + 2008-04-14 12:00 . 2010-08-05 18:14 58794 c:\windows\system32\perfc009.dat - 2008-04-14 12:00 . 2010-08-05 11:46 58794 c:\windows\system32\perfc009.dat + 2008-04-14 12:00 . 2010-08-05 18:14 392494 c:\windows\system32\perfh009.dat - 2008-04-14 12:00 . 2010-08-05 11:46 392494 c:\windows\system32\perfh009.dat . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "AESTFltr"="c:\windows\system32\AESTFltr.exe" [2009-02-18 737280] "StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-04-01 61440] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-10-03 35696] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-06-09 976832] "avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153] "zCpqset"="c:\program files\Hewlett-Packard\Default Settings\cpqset.exe" [2008-12-11 81920] "WirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2009-07-23 498744] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-11-10 417792] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] c:\documents and settings\Jovana\Start Menu\Programs\Startup\ Think Green Weather.lnk - c:\program files\Stardock\DesktopGadgets\Think Green Weather\Think Green Weather.exe [2010-1-12 728576] c:\documents and settings\All Users\Start Menu\Programs\Startup\ Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2008-12-11 604776] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\WB] 2009-06-09 08:55 30000 ----a-w- c:\program files\Stardock\MyColors\fastload.dll [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Authentication Packages REG_MULTI_SZ msv1_0 nwprovau [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Opera\\opera.exe"= R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [19.12.2009 13:12 108289] R3 5U876UVC;HP Webcam [2 MP series];c:\windows\system32\drivers\5U876.sys [18.12.2009 21:53 118656] R3 AESTAud;AE Audio Service;c:\windows\system32\drivers\AESTAud.sys [18.12.2009 21:42 113536] S3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\DRIVERS\ewusbdev.sys --> c:\windows\system32\DRIVERS\ewusbdev.sys [?] HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs UxTuneUp . Contents of the 'Scheduled Tasks' folder 2010-08-01 c:\windows\Tasks\1-Click Maintenance.job - c:\program files\TuneUp Utilities 2008\OneClick.exe [2007-12-21 13:17] . . ------- Supplementary Scan ------- . uStart Page = hxxp://www.windowsxlive.net IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 IE: Send to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm IE: Send To Bluetooth - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm . ************************************************************************ catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2010-08-05 20:19 Windows 5.1.2600 Service Pack 3 NTFS scanning hidden processes ... scanning hidden autostart entries ... HKLM\Software\Microsoft\Windows\CurrentVersion\Run zCpqset = c:\program files\Hewlett-Packard\Default Settings\cpqset.exe????????????????????????????????????????????????????????????????????????? ????????????????????????????????????????????????????????????????????????????????????? ????????????????????????????????????????? scanning hidden files ... scan completed successfully hidden files: 0 ********************************************************************** . --------------------- LOCKED REGISTRY KEYS --------------------- [HKEY_USERS\S-1-5-21-1202660629-261478967-1801674531-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\CLSID] @Denied: (Full) (LocalSystem) . --------------------- DLLs Loaded Under Running Processes --------------------- - - - - - - - > 'winlogon.exe'(1060) c:\windows\system32\Ati2evxx.dll c:\program files\Stardock\MyColors\fastload.dll - - - - - - - > 'explorer.exe'(3804) c:\windows\system32\WININET.dll c:\windows\system32\btmmhook.dll c:\windows\system32\ieframe.dll c:\windows\system32\webcheck.dll . ------------------------ Other Running Processes ------------------------ . c:\windows\system32\Ati2evxx.exe c:\windows\system32\Ati2evxx.exe c:\program files\idt\wdm\STacSV.exe c:\program files\LSI SoftModem\agrsmsvc.exe c:\program files\Avira\AntiVir Desktop\avguard.exe c:\program files\WIDCOMM\Bluetooth Software\bin\btwdins.exe c:\windows\system32\wscntfy.exe c:\progra~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE c:\program files\Hewlett-Packard\Shared\hpqwmiex.exe c:\program files\Hewlett-Packard\Shared\hpqToaster.exe c:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe c:\program files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe . ************************************************************************ . Completion time: 2010-08-05 20:21:55 - machine was rebooted ComboFix-quarantined-files.txt 2010-08-05 18:21 ComboFix2.txt 2010-08-05 12:05 Pre-Run: 29.746.929.664 bytes free Post-Run: 29.689.835.520 bytes free WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect - - End Of File - - 225B9939D164CD9376BB3CA64D478CC0

Profil

1l padr1n0 Poslao: 06 Avg 2010 10:41 Idi na vrh
offline 1l padr1n0 Anti Malware Fighter Rank 2 Pridružio: 02 Feb 2008 Poruke: 14018 Gde živiš: Nish	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Kakvo je sada stanje racunara? Preuzmi USBNoRisk na Desktop i pokreni ga duplim klikom na ikonicu programa. - Sacekaj koji sekund dok program izvrsi inicijalno skeniranje. - Ubacuj sve USB memorijske uredjaje redom u USB slot i svaki zadrzi u slotu po 10 sekundi. - Ukoliko imas vise uredjaja za proveru, onda na parcetu papira zapisi kojim redom su ubacivani jer ce nam kasnije trebati taj podatak - Kada zavrsis sa svim uredjajima, klikni desno dugme misa na sred prozora programa i odaberi opciju Save log. To ce automatski otvoriti log u Notepadu. Iskopiraj nam taj log iz Notepada na forum. Objasnjenje: U USB memorijske uredjaje spadaju svi oni uredjaji koji po prikljucivanju na kompjuter dobijaju svoju oznaku particije. Tu spadaju USB flash drajvovi, eksterni hard-diskovi, memorijske kartice, MP3 i MP4 plejeri, neki mobilni telefoni, neki GPS (navigacioni) uredjaji itd. goran9888 (AMF Tim)

Profil

GTA Poslao: 06 Avg 2010 13:40 Idi na vrh
offline GTA Počasni građanin Pridružio: 14 Avg 2008 Poruke: 717	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Utoku dana cu jos malo da testiram racunar pa cu ti u toku suttrasnjeg dana preneti utuske alj do sada nije pokazivao nikakav problem u njega je povremeno bio ukljucen jedan mp4 ali on trenutno nije kod mene pa necu moci da ga testiram

Profil

1l padr1n0 Poslao: 06 Avg 2010 14:32 Idi na vrh
offline 1l padr1n0 Anti Malware Fighter Rank 2 Pridružio: 02 Feb 2008 Poruke: 14018 Gde živiš: Nish	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Javi rezultate, jer imamo jos jedan korak da uradimo pre nego proglasimo slucaj zavrsenim.

Profil

GTA Poslao: 07 Avg 2010 12:14 Idi na vrh
offline GTA Počasni građanin Pridružio: 14 Avg 2008 Poruke: 717	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! kompjuter normalno radi, antivirus nista ne pokasuje

Profil

1l padr1n0 Poslao: 07 Avg 2010 12:34 Idi na vrh
offline 1l padr1n0 Anti Malware Fighter Rank 2 Pridružio: 02 Feb 2008 Poruke: 14018 Gde živiš: Nish	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Potrebno je deinstalirati ComboFix: klikni start (ili ), a zatim RUN. Na Visti koristiti Start Search polje ukoliko Run nije dostupan. U liniju za unos teksta ukucaj (iskopiraj) sledeće: ComboFix /Uninstall Primeti da postoji razmak između "ComboFix" i "/Uninstall". a zatim klikni OK (ili pritisni Enter). Sačekaj da se proces deinstalacije završi. Napomena: -Gledaj da ti antivirus program bude uvek update-ovan. -Infekcija koju si imao se najverovatnije (ne mora da znaci) prenela putem USB memorijskog uredjaja koga nismo proverili. S'obzirom da se malware najcesce prenosi ovom metodom, preko USB uredjaja, predlazem ti da instaliras i koristis MCShield za zastitu USB memorijskih uredjaja. Link do programa: http://amf.mycity.rs/programs/mc/mcshield/ Ovim mojim post-om zavrsavamo slucaj samim tim i diskusiju u ovoj temi. Hvala sto verujes AMF Timu. Pozdrav, goran9888 (AMF Tim)

Profil

MyCity » Ambulanta -> Arhiva Ambulante » problem sa userini.exe

Ko je trenutno na forumu

Ukupno su 780 korisnika na forumu :: 4 registrovanih, 0 sakrivenih i 776 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: acatomic, Magistar78, vathra, zlaya011

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by