MyCity » Ambulanta -> Arhiva Ambulante » Agent.Trojan.ORG

Agent.Trojan.ORG

Napisano na dan: 22.6.2009

Strana:
1
2

Agent.Trojan.ORG

Pagination

Prethodna strana

Odgovori

Strana:
1
2

Zelezni Poslao: 25 Jun 2009 19:14 Idi na vrh
offline Zelezni Građanin Pridružio: 08 Apr 2009 Poruke: 57 Gde živiš: Indjija	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! ComboFix 09-06-24.05 - Rasa 25.06.2009 19:01.3 - NTFSx86 Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.239.59 [GMT 2:00] Running from: c:\documents and settings\Rasa\Desktop\ComboFix.exe Command switches used :: c:\documents and settings\Rasa\Desktop\CFScript\CFScript.txt AV: ESET NOD32 Antivirus 4.0 On-access scanning disabled (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0} . ((((((((((((((((((((((((( Files Created from 2009-05-25 to 2009-06-25 ))))))))))))))))))))))))))))))) . 2009-06-25 16:41 . 2009-06-25 16:41 -------- dc----w- c:\windows\system32\dllcache\cache 2009-06-24 06:17 . 2000-01-27 16:19 1048576 ------w- c:\windows\system32\ROBOEX32.DLL 2009-06-24 06:15 . 2009-06-24 06:15 -------- d-----w- c:\program files\Ulead Systems 2009-06-24 05:59 . 2009-06-24 06:01 -------- d-----w- c:\program files\ABBYY FineReader 4.0 Sprint 2009-06-24 05:58 . 2009-06-24 05:58 -------- d-----w- c:\windows\Profiles 2009-06-24 05:54 . 1998-10-02 17:09 35328 ----a-w- c:\windows\system32\lttwn10N.dll 2009-06-24 05:54 . 1998-09-22 14:48 221696 ----a-w- c:\windows\system32\ltefx10N.dll 2009-06-24 05:54 . 2009-06-24 05:54 -------- d-----w- c:\windows\Crush'Em 2.0 2009-06-24 05:54 . 1997-04-17 13:36 81408 ----a-w- c:\windows\system\Ltimg70n.dll 2009-06-24 05:54 . 1997-04-17 13:36 25600 ----a-w- c:\windows\system\Lttwn70n.dll 2009-06-24 05:54 . 1998-08-18 22:00 109578 ----a-w- c:\windows\system32\Xcdsfx32.bin 2009-06-24 05:54 . 1998-06-18 17:01 933888 ----a-w- c:\windows\system\Mfc40.dll 2009-06-24 05:54 . 1998-06-18 17:01 344064 ----a-w- c:\windows\system\Msvcrt40.dll 2009-06-24 05:54 . 2009-06-24 05:54 -------- d-----w- c:\windows\Puzzl'Em1.0Beta2 2009-06-24 05:54 . 2002-05-21 09:33 61440 ----a-w- c:\windows\system\BPEnhan.dll 2009-06-24 05:50 . 2002-04-24 10:21 196608 ----a-r- c:\windows\system32\PS2DMiniDrv.dll 2009-06-24 05:50 . 2001-11-08 08:53 18120 ----a-r- c:\windows\system32\drivers\gt680x.sys 2009-06-22 23:16 . 2009-06-22 23:16 68608 ----a-w- c:\windows\system32\drivers\vcpfuyqradmdeomp.sys 2009-06-22 23:15 . 2009-06-22 23:15 91136 ----a-w- C:\zs.exe 2009-06-21 17:20 . 2009-06-21 17:20 -------- d-----w- c:\documents and settings\All Users\Application Data\Yahoo! Companion 2009-06-21 17:19 . 2009-06-21 00:49 56370 --sh--r- c:\windows\dllcache.exe 2009-06-19 20:14 . 2009-06-19 20:14 -------- d-----w- c:\program files\Webteh 2009-06-19 16:38 . 2009-06-19 16:38 -------- d-----w- c:\windows\SERVICE 2009-06-19 16:37 . 2006-09-29 14:26 94208 ----a-w- c:\windows\OEMDEL.EXE 2009-06-19 16:37 . 2006-12-28 12:36 78336 ----a-w- c:\windows\DEVCON.X64.EXE 2009-06-19 16:37 . 2006-12-28 12:35 73216 ----a-w- c:\windows\DEVCON.X86.EXE 2009-06-19 16:23 . 2009-06-19 16:23 -------- d-----w- c:\program files\ATI Technologies 2009-06-19 16:20 . 2009-06-19 16:20 -------- dc----w- c:\windows\system32\DRVSTORE 2009-06-19 16:19 . 2009-06-19 16:19 -------- d-----w- c:\documents and settings\Rasa\Application Data\InstallShield 2009-06-19 15:48 . 2009-06-19 15:48 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Application Data\ESET 2009-06-19 07:42 . 2009-06-19 07:42 603904 ----a-w- c:\windows\system32\TUProgSt.exe 2009-06-19 07:42 . 2008-11-12 14:44 27904 ----a-w- c:\windows\system32\uxtuneup.dll 2009-06-19 07:42 . 2009-06-19 07:42 362240 ----a-w- c:\windows\system32\TuneUpDefragService.exe 2009-06-19 07:42 . 2009-06-19 07:42 -------- d-----w- c:\documents and settings\Rasa\Application Data\TuneUp Software 2009-06-19 07:40 . 2009-06-19 07:40 -------- d-----w- c:\documents and settings\All Users\Application Data\TuneUp Software 2009-06-19 07:40 . 2009-06-19 07:42 -------- d-----w- c:\program files\TuneUp Utilities 2009 2009-06-19 07:39 . 2009-06-19 07:39 -------- d-sh--w- c:\documents and settings\All Users\Application Data\{55A29068-F2CE-456C-9148-C869879E2357} 2009-06-19 07:35 . 2009-06-19 07:35 -------- d-----w- c:\documents and settings\Rasa\Local Settings\Application Data\ACD Systems 2009-06-19 07:28 . 2009-06-19 07:28 -------- d-----w- c:\program files\Yahoo! 2009-06-19 07:27 . 2009-06-19 07:27 -------- d-----w- c:\documents and settings\All Users\Application Data\ACD Systems 2009-06-19 07:26 . 2009-06-19 07:26 -------- d-----w- c:\program files\ACD Systems 2009-06-19 05:17 . 2002-05-27 11:37 233525 ------w- c:\windows\system32\isutil.dll 2009-06-19 05:17 . 2002-05-27 11:37 90112 ------w- c:\windows\apptune.exe 2009-06-19 05:17 . 2002-05-27 11:37 36864 ------w- c:\windows\system32\zpppcl.dll 2009-06-19 05:17 . 2002-05-27 11:37 1953792 ------w- c:\windows\system32\pcldll6l.dll 2009-06-19 05:17 . 2002-05-27 11:37 45056 ------w- c:\windows\system32\zpp.dll 2009-06-19 05:17 . 2002-05-27 11:37 151552 ------w- c:\windows\system32\SDhp1000.DLL 2009-06-19 05:17 . 2009-06-19 05:17 -------- d-----w- c:\program files\hp LaserJet 1000 2009-06-19 05:16 . 2009-06-19 05:16 32768 ----a-w- c:\windows\closewnd.exe 2009-06-18 21:41 . 2009-06-18 21:41 -------- d-----w- c:\documents and settings\Rasa\Local Settings\Application Data\GHISLER 2009-06-18 20:46 . 2009-06-18 20:46 -------- d-----w- c:\documents and settings\Rasa\Local Settings\Application Data\ESET 2009-06-16 21:38 . 2009-06-16 21:38 -------- d-----w- c:\documents and settings\All Users\Application Data\ESET 2009-06-16 21:24 . 2006-03-20 07:32 30336 ----a-w- c:\windows\system32\drivers\glauiad.sys 2009-06-16 21:24 . 2005-08-22 09:22 38400 ----a-w- c:\windows\system32\CoInst.dll 2009-06-16 21:24 . 2009-06-16 21:24 -------- d-----w- c:\program files\MT882 . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-06-24 06:18 . 2006-02-24 16:30 -------- d--h--w- c:\program files\InstallShield Installation Information 2009-06-24 05:58 . 2007-04-04 06:44 -------- d-----w- c:\program files\Common Files\Adobe 2009-06-24 05:54 . 2009-06-24 05:53 -------- d-----w- c:\program files\BearPaw 2400CU Plus 2009-06-21 17:20 . 2007-03-30 23:36 -------- d--h--r- c:\documents and settings\Rasa\Application Data\yahoo! 2009-06-19 19:58 . 2006-02-24 14:21 51952 -c--a-w- c:\documents and settings\Rasa\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2009-06-19 16:17 . 2006-02-24 16:30 -------- d-----w- c:\program files\Common Files\InstallShield 2009-06-19 07:27 . 2006-02-24 16:39 -------- d-----w- c:\program files\Common Files\ACD Systems 2009-06-16 21:49 . 2008-03-05 20:08 -------- d-----w- c:\program files\ESET 2009-06-08 08:44 . 2007-03-01 08:11 -------- d-----w- c:\program files\SWiSH v2.0 2009-06-08 08:43 . 2007-12-01 19:08 -------- d-----w- c:\documents and settings\All Users\Application Data\Skype 2009-05-14 13:49 . 2009-05-14 13:49 94360 ----a-w- c:\windows\system32\drivers\epfwtdir.sys 2009-05-14 13:47 . 2009-05-14 13:47 107256 ----a-w- c:\windows\system32\drivers\ehdrv.sys 2009-05-14 13:41 . 2009-05-14 13:41 114472 ----a-w- c:\windows\system32\drivers\eamon.sys 2009-05-07 15:44 . 2004-08-04 12:00 344064 ----a-w- c:\windows\system32\localspl.dll 2009-04-29 04:56 . 2004-08-04 12:00 827392 ----a-w- c:\windows\system32\wininet.dll 2009-04-29 04:55 . 2004-08-04 12:00 78336 ----a-w- c:\windows\system32\ieencode.dll 2009-04-17 09:58 . 2004-08-04 12:00 1846656 ----a-w- c:\windows\system32\win32k.sys 2009-04-15 15:11 . 2004-08-04 12:00 584192 ----a-w- c:\windows\system32\rpcrt4.dll . ((((((((((((((((((((((((((((( SnapShot_2009-06-25_16.39.44 ))))))))))))))))))))))))))))))))))))))))) . + 2009-06-25 16:41 . 2008-10-16 12:09 51224 c:\windows\system32\dllcache\cache\wuauclt.exe + 2009-06-25 16:41 . 2004-08-04 12:00 82944 c:\windows\system32\dllcache\cache\ws2_32.dll + 2009-06-25 16:41 . 2004-08-04 12:00 24576 c:\windows\system32\dllcache\cache\userinit.exe + 2009-06-25 16:41 . 2004-08-04 12:00 14336 c:\windows\system32\dllcache\cache\svchost.exe + 2009-06-25 16:41 . 2005-06-10 23:53 57856 c:\windows\system32\dllcache\cache\spoolsv.exe + 2009-06-25 16:41 . 2004-08-04 12:00 17408 c:\windows\system32\dllcache\cache\powrprof.dll + 2009-06-25 16:41 . 2004-08-04 12:00 13312 c:\windows\system32\dllcache\cache\lsass.exe + 2009-06-25 16:41 . 2004-08-04 12:00 24576 c:\windows\system32\dllcache\cache\kbdclass.sys + 2009-06-25 16:41 . 2004-08-04 12:00 29056 c:\windows\system32\dllcache\cache\ip6fw.sys + 2009-06-25 16:41 . 2004-08-04 12:00 15360 c:\windows\system32\dllcache\cache\ctfmon.exe + 2009-06-25 16:41 . 2004-08-04 12:00 502272 c:\windows\system32\dllcache\cache\winlogon.exe + 2009-06-25 16:41 . 2009-04-29 04:56 827392 c:\windows\system32\dllcache\cache\wininet.dll + 2009-06-25 16:41 . 2007-03-08 15:36 577536 c:\windows\system32\dllcache\cache\user32.dll + 2009-06-25 16:41 . 2004-08-04 12:00 295424 c:\windows\system32\dllcache\cache\termsrv.dll + 2009-06-25 16:41 . 2008-06-20 10:45 360320 c:\windows\system32\dllcache\cache\tcpip.sys + 2009-06-25 16:41 . 2009-02-06 17:14 110592 c:\windows\system32\dllcache\cache\services.exe + 2009-06-25 16:41 . 2004-08-04 12:00 182912 c:\windows\system32\dllcache\cache\ndis.sys + 2009-06-25 16:41 . 2009-03-21 14:18 986112 c:\windows\system32\dllcache\cache\kernel32.dll + 2009-06-25 16:41 . 2004-08-04 12:00 110080 c:\windows\system32\dllcache\cache\imm32.dll + 2009-06-25 16:41 . 2004-08-04 12:00 1580544 c:\windows\system32\dllcache\cache\sfcfiles.dll + 2009-06-25 16:41 . 2009-02-06 17:24 2180480 c:\windows\system32\dllcache\cache\ntoskrnl.exe + 2009-06-25 16:41 . 2009-02-06 16:49 2057728 c:\windows\system32\dllcache\cache\ntkrnlpa.exe + 2009-06-25 16:41 . 2007-06-13 10:23 1033216 c:\windows\system32\dllcache\cache\explorer.exe . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-04 15360] "MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2004-10-13 1694208] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2009-05-14 2029640] "Custom System Service"="c:\windows\SERVICE\SERVICE.EXE" [2007-07-08 86016] "Windows Dynamic Library Cache"="dllcache.exe" - c:\windows\dllcache.exe [2009-06-21 56370] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-04 15360] c:\documents and settings\All Users\Start Menu\Programs\Startup\ Ulead Photo Express Calendar Checker For My Custom Edition.lnk - c:\program files\Ulead Systems\Ulead Photo Express 4.0 My Custom Edition\CalCheck.exe [2009-6-24 57344] [HKEY_LOCAL_MACHINE\software\microsoft\security center] "UpdatesDisableNotify"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [14.5.2009 15:47 107256] R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [14.5.2009 15:49 94360] R2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [14.5.2009 15:47 731840] R2 NwSapAgent;SAP Agent;c:\windows\system32\svchost.exe -k netsvcs [4.8.2004 14:00 14336] R2 TuneUp.ProgramStatisticsSvc;TuneUp Program Statistics Service;c:\windows\system32\TUProgSt.exe [19.6.2009 9:42 603904] R3 iadusb;MT882;c:\windows\system32\drivers\glauiad.sys [16.6.2009 23:24 30336] S3 FGUARD32;FGUARD32;\??\c:\program files\Folder Guard XP\FGUARD32.SYS --> c:\program files\Folder Guard XP\FGUARD32.SYS [?] S3 k510bus;Sony Ericsson K510 Driver driver (WDM);c:\windows\system32\drivers\k510bus.sys [7.10.2005 12:45 58288] S3 k510mdfl;Sony Ericsson K510 USB WMC Modem Filter;c:\windows\system32\drivers\k510mdfl.sys [7.10.2005 12:46 8336] S3 k510mdm;Sony Ericsson K510 USB WMC Modem Driver;c:\windows\system32\drivers\k510mdm.sys [7.10.2005 12:46 94064] S3 k510mgmt;Sony Ericsson K510 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\k510mgmt.sys [7.10.2005 12:47 85408] S3 k510obex;Sony Ericsson K510 USB WMC OBEX Interface;c:\windows\system32\drivers\k510obex.sys [7.10.2005 12:48 83344] HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs UxTuneUp . Contents of the 'Scheduled Tasks' folder 2009-06-25 c:\windows\Tasks\1-Click Maintenance.job - c:\program files\TuneUp Utilities 2009\OneClickStarter.exe [2008-11-20 14:28] . . ------- Supplementary Scan ------- . uStart Page = [Link mogu videti samo ulogovani korisnici] uSearchMigratedDefaultURL = [Link mogu videti samo ulogovani korisnici]{searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 mSearch Bar = [Link mogu videti samo ulogovani korisnici]http://www.yahoo.com/ext/search/search.html uInternet Settings,ProxyServer = [Link mogu videti samo ulogovani korisnici]:80 uSearchURL,(Default) = [Link mogu videti samo ulogovani korisnici]* IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 Trusted Zone: krstarica.com\www FF - ProfilePath - ---- FIREFOX POLICIES ---- c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.enforce_same_site_origin", false); c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.cache_size", 51200); c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.ogg.enabled", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.wave.enabled", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.autoplay.enabled", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.urlbar.autocomplete.enabled", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("capability.policy.mailnews..wholeText", "noAccess"); c:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.storage.default_quota", 5120); c:\program files\Mozilla Firefox\greprefs\all.js - pref("content.sink.event_probe_rate", 3); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.http.prompt-temp-redirect", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("layout.css.dpi", -1); c:\program files\Mozilla Firefox\greprefs\all.js - pref("layout.css.devPixelsPerPx", -1); c:\program files\Mozilla Firefox\greprefs\all.js - pref("gestures.enable_single_finger_input", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.max_chrome_script_run_time", 0); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.tcp.sendbuffer", 131072); c:\program files\Mozilla Firefox\greprefs\all.js - pref("geo.enabled", true); c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.remember_cert_checkbox_default_setting", true); c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr", "moz35"); c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-cjkt", "moz35"); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.blocklist.level", 2); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.urlbar.restrict.typed", "~"); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.urlbar.default.behavior", 0); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.history", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.formdata", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.passwords", false); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.downloads", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cookies", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cache", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.sessions", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.offlineApps", false); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.siteSettings", false); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.history", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.formdata", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.passwords", false); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.downloads", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.cookies", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.cache", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.sessions", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.offlineApps", false); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.siteSettings", false); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.sanitize.migrateFx3Prefs", false); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.ssl_override_behavior", 2); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("security.alternate_certificate_error_page", "certerror"); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.privatebrowsing.autostart", false); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.privatebrowsing.dont_prompt_on_enter", false); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("geo.wifi.uri", "https://www.google.com/loc/json"); . *********************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, [Link mogu videti samo ulogovani korisnici] Rootkit scan 2009-06-25 19:08 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************ . --------------------- DLLs Loaded Under Running Processes --------------------- - - - - - - - > 'explorer.exe'(2920) c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . Completion time: 2009-06-25 19:12 ComboFix-quarantined-files.txt 2009-06-25 17:12 ComboFix2.txt 2009-06-25 16:43 ComboFix3.txt 2009-06-22 18:21 Pre-Run: 6.644.559.872 bytes free Post-Run: 6.634.373.120 bytes free 234 --- E O F --- 2009-06-23 10:26

Profil

argus Poslao: 25 Jun 2009 20:46 Idi na vrh
rip argus Anti Malware Fighter Rank 2 Pridružio: 27 Apr 2008 Poruke: 9160 Gde živiš: Prokuplje	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Otvoriti Notepad i iskopirati sledeci tekst: `File:: c:\windows\system32\drivers\vcpfuyqradmdeomp.sys C:\zs.exe c:\windows\dllcache.exe Registry:: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Windows Dynamic Library Cache"=-` Snimiti na Desktop fajl iz Notepada kao "CFScript" Prevuci snimljeni skript/tekst na ComboFix ikonicu kao na slici. Postaviti u sledecoj poruci log koji bude bio napravljen na kraju ciscenja/skeniranja.

Profil

Zelezni Poslao: 26 Jun 2009 15:47 Idi na vrh
offline Zelezni Građanin Pridružio: 08 Apr 2009 Poruke: 57 Gde živiš: Indjija	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Napisano: 25 Jun 2009 22:53 ComboFix 09-06-25.01 - Rasa 25.06.2009 22:38.5 - NTFSx86 Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.239.56 [GMT 2:00] Running from: c:\documents and settings\Rasa\Desktop\ComboFix.exe Command switches used :: c:\documents and settings\Rasa\Desktop\CFScript\CFScript.txt AV: ESET NOD32 Antivirus 4.0 On-access scanning enabled (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0} FILE :: "c:\windows\dllcache.exe" "c:\windows\system32\drivers\vcpfuyqradmdeomp.sys" "C:\zs.exe" . ((((((((((((((((((((((((( Files Created from 2009-05-25 to 2009-06-25 ))))))))))))))))))))))))))))))) . 2009-06-25 16:41 . 2009-06-25 16:41 -------- dc----w- c:\windows\system32\dllcache\cache 2009-06-24 06:17 . 2000-01-27 16:19 1048576 ------w- c:\windows\system32\ROBOEX32.DLL 2009-06-24 06:15 . 2009-06-24 06:15 -------- d-----w- c:\program files\Ulead Systems 2009-06-24 05:59 . 2009-06-24 06:01 -------- d-----w- c:\program files\ABBYY FineReader 4.0 Sprint 2009-06-24 05:58 . 2009-06-24 05:58 -------- d-----w- c:\windows\Profiles 2009-06-24 05:54 . 1998-10-02 17:09 35328 ----a-w- c:\windows\system32\lttwn10N.dll 2009-06-24 05:54 . 1998-09-22 14:48 221696 ----a-w- c:\windows\system32\ltefx10N.dll 2009-06-24 05:54 . 2009-06-24 05:54 -------- d-----w- c:\windows\Crush'Em 2.0 2009-06-24 05:54 . 1997-04-17 13:36 81408 ----a-w- c:\windows\system\Ltimg70n.dll 2009-06-24 05:54 . 1997-04-17 13:36 25600 ----a-w- c:\windows\system\Lttwn70n.dll 2009-06-24 05:54 . 1998-08-18 22:00 109578 ----a-w- c:\windows\system32\Xcdsfx32.bin 2009-06-24 05:54 . 1998-06-18 17:01 933888 ----a-w- c:\windows\system\Mfc40.dll 2009-06-24 05:54 . 1998-06-18 17:01 344064 ----a-w- c:\windows\system\Msvcrt40.dll 2009-06-24 05:54 . 2009-06-24 05:54 -------- d-----w- c:\windows\Puzzl'Em1.0Beta2 2009-06-24 05:54 . 2002-05-21 09:33 61440 ----a-w- c:\windows\system\BPEnhan.dll 2009-06-24 05:50 . 2002-04-24 10:21 196608 ----a-r- c:\windows\system32\PS2DMiniDrv.dll 2009-06-24 05:50 . 2001-11-08 08:53 18120 ----a-r- c:\windows\system32\drivers\gt680x.sys 2009-06-21 17:20 . 2009-06-21 17:20 -------- d-----w- c:\documents and settings\All Users\Application Data\Yahoo! Companion 2009-06-19 20:14 . 2009-06-19 20:14 -------- d-----w- c:\program files\Webteh 2009-06-19 16:38 . 2009-06-19 16:38 -------- d-----w- c:\windows\SERVICE 2009-06-19 16:37 . 2006-09-29 14:26 94208 ----a-w- c:\windows\OEMDEL.EXE 2009-06-19 16:37 . 2006-12-28 12:36 78336 ----a-w- c:\windows\DEVCON.X64.EXE 2009-06-19 16:37 . 2006-12-28 12:35 73216 ----a-w- c:\windows\DEVCON.X86.EXE 2009-06-19 16:23 . 2009-06-19 16:23 -------- d-----w- c:\program files\ATI Technologies 2009-06-19 16:20 . 2009-06-19 16:20 -------- dc----w- c:\windows\system32\DRVSTORE 2009-06-19 16:19 . 2009-06-19 16:19 -------- d-----w- c:\documents and settings\Rasa\Application Data\InstallShield 2009-06-19 15:48 . 2009-06-19 15:48 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Application Data\ESET 2009-06-19 07:42 . 2009-06-19 07:42 603904 ----a-w- c:\windows\system32\TUProgSt.exe 2009-06-19 07:42 . 2008-11-12 14:44 27904 ----a-w- c:\windows\system32\uxtuneup.dll 2009-06-19 07:42 . 2009-06-19 07:42 362240 ----a-w- c:\windows\system32\TuneUpDefragService.exe 2009-06-19 07:42 . 2009-06-19 07:42 -------- d-----w- c:\documents and settings\Rasa\Application Data\TuneUp Software 2009-06-19 07:40 . 2009-06-19 07:40 -------- d-----w- c:\documents and settings\All Users\Application Data\TuneUp Software 2009-06-19 07:40 . 2009-06-19 07:42 -------- d-----w- c:\program files\TuneUp Utilities 2009 2009-06-19 07:39 . 2009-06-19 07:39 -------- d-sh--w- c:\documents and settings\All Users\Application Data\{55A29068-F2CE-456C-9148-C869879E2357} 2009-06-19 07:35 . 2009-06-19 07:35 -------- d-----w- c:\documents and settings\Rasa\Local Settings\Application Data\ACD Systems 2009-06-19 07:28 . 2009-06-19 07:28 -------- d-----w- c:\program files\Yahoo! 2009-06-19 07:27 . 2009-06-19 07:27 -------- d-----w- c:\documents and settings\All Users\Application Data\ACD Systems 2009-06-19 07:26 . 2009-06-19 07:26 -------- d-----w- c:\program files\ACD Systems 2009-06-19 05:17 . 2002-05-27 11:37 233525 ------w- c:\windows\system32\isutil.dll 2009-06-19 05:17 . 2002-05-27 11:37 90112 ------w- c:\windows\apptune.exe 2009-06-19 05:17 . 2002-05-27 11:37 36864 ------w- c:\windows\system32\zpppcl.dll 2009-06-19 05:17 . 2002-05-27 11:37 1953792 ------w- c:\windows\system32\pcldll6l.dll 2009-06-19 05:17 . 2002-05-27 11:37 45056 ------w- c:\windows\system32\zpp.dll 2009-06-19 05:17 . 2002-05-27 11:37 151552 ------w- c:\windows\system32\SDhp1000.DLL 2009-06-19 05:17 . 2009-06-19 05:17 -------- d-----w- c:\program files\hp LaserJet 1000 2009-06-19 05:16 . 2009-06-19 05:16 32768 ----a-w- c:\windows\closewnd.exe 2009-06-18 21:41 . 2009-06-18 21:41 -------- d-----w- c:\documents and settings\Rasa\Local Settings\Application Data\GHISLER 2009-06-18 20:46 . 2009-06-18 20:46 -------- d-----w- c:\documents and settings\Rasa\Local Settings\Application Data\ESET 2009-06-16 21:38 . 2009-06-16 21:38 -------- d-----w- c:\documents and settings\All Users\Application Data\ESET 2009-06-16 21:24 . 2006-03-20 07:32 30336 ----a-w- c:\windows\system32\drivers\glauiad.sys 2009-06-16 21:24 . 2005-08-22 09:22 38400 ----a-w- c:\windows\system32\CoInst.dll 2009-06-16 21:24 . 2009-06-16 21:24 -------- d-----w- c:\program files\MT882 . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-06-24 06:18 . 2006-02-24 16:30 -------- d--h--w- c:\program files\InstallShield Installation Information 2009-06-24 05:58 . 2007-04-04 06:44 -------- d-----w- c:\program files\Common Files\Adobe 2009-06-24 05:54 . 2009-06-24 05:53 -------- d-----w- c:\program files\BearPaw 2400CU Plus 2009-06-21 17:20 . 2007-03-30 23:36 -------- d--h--r- c:\documents and settings\Rasa\Application Data\yahoo! 2009-06-19 19:58 . 2006-02-24 14:21 51952 -c--a-w- c:\documents and settings\Rasa\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2009-06-19 16:17 . 2006-02-24 16:30 -------- d-----w- c:\program files\Common Files\InstallShield 2009-06-19 07:27 . 2006-02-24 16:39 -------- d-----w- c:\program files\Common Files\ACD Systems 2009-06-16 21:49 . 2008-03-05 20:08 -------- d-----w- c:\program files\ESET 2009-06-08 08:44 . 2007-03-01 08:11 -------- d-----w- c:\program files\SWiSH v2.0 2009-06-08 08:43 . 2007-12-01 19:08 -------- d-----w- c:\documents and settings\All Users\Application Data\Skype 2009-05-14 13:49 . 2009-05-14 13:49 94360 ----a-w- c:\windows\system32\drivers\epfwtdir.sys 2009-05-14 13:47 . 2009-05-14 13:47 107256 ----a-w- c:\windows\system32\drivers\ehdrv.sys 2009-05-14 13:41 . 2009-05-14 13:41 114472 ----a-w- c:\windows\system32\drivers\eamon.sys 2009-05-07 15:44 . 2004-08-04 12:00 344064 ----a-w- c:\windows\system32\localspl.dll 2009-04-29 04:56 . 2004-08-04 12:00 827392 ----a-w- c:\windows\system32\wininet.dll 2009-04-29 04:55 . 2004-08-04 12:00 78336 ----a-w- c:\windows\system32\ieencode.dll 2009-04-17 09:58 . 2004-08-04 12:00 1846656 ----a-w- c:\windows\system32\win32k.sys 2009-04-15 15:11 . 2004-08-04 12:00 584192 ----a-w- c:\windows\system32\rpcrt4.dll . ------- Sigcheck ------- [7] 2004-08-04 12:00 14336 8F078AE4ED187AAABC0A305146DE6716 c:\windows\system32\svchost.exe [7] 2004-08-04 12:00 14336 8F078AE4ED187AAABC0A305146DE6716 c:\windows\system32\dllcache\svchost.exe [7] 2004-08-04 12:00 14336 8F078AE4ED187AAABC0A305146DE6716 c:\windows\system32\dllcache\cache\svchost.exe [7] 2005-03-02 18:19 577024 1800F293BCCC8EDE8A70E12B88D80036 c:\windows\$hf_mig$\KB890859\SP2QFE\user32.dll [7] 2007-03-08 15:48 578048 7AA4F6C00405DFC4B70ED4214E7D687B c:\windows\$hf_mig$\KB925902\SP2QFE\user32.dll [7] 2004-08-04 12:00 577024 C72661F8552ACE7C5C85E16A3CF505C4 c:\windows\$NtUninstallKB890859$\user32.dll [7] 2005-03-02 18:09 577024 DE2DB164BBB35DB061AF0997E4499054 c:\windows\$NtUninstallKB925902$\user32.dll [7] 2007-03-08 15:36 577536 B409909F6E2E8A7067076ED748ABF1E7 c:\windows\system32\user32.dll [7] 2007-03-08 15:36 577536 B409909F6E2E8A7067076ED748ABF1E7 c:\windows\system32\dllcache\user32.dll [7] 2007-03-08 15:36 577536 B409909F6E2E8A7067076ED748ABF1E7 c:\windows\system32\dllcache\cache\user32.dll [7] 2004-08-04 12:00 82944 2ED0B7F12A60F90092081C50FA0EC2B2 c:\windows\system32\ws2_32.dll [7] 2004-08-04 12:00 82944 2ED0B7F12A60F90092081C50FA0EC2B2 c:\windows\system32\dllcache\ws2_32.dll [7] 2004-08-04 12:00 82944 2ED0B7F12A60F90092081C50FA0EC2B2 c:\windows\system32\dllcache\cache\ws2_32.dll [7] 2007-01-04 14:05 665088 3FFA1573FC274E5AA7467D03941C45EE c:\windows\$hf_mig$\KB928090\SP2QFE\wininet.dll [7] 2007-02-20 09:52 665600 B258C922D22DEEC880B60720531D7627 c:\windows\$hf_mig$\KB931768\SP2QFE\wininet.dll [7] 2007-04-18 12:46 665600 4261BA03AFD659DE04F0A17DFBDD454D c:\windows\$hf_mig$\KB933566\SP2QFE\wininet.dll [7] 2007-06-26 14:35 665600 E1A3DD68B5380B360A7310A64D9BB188 c:\windows\$hf_mig$\KB937143\SP2QFE\wininet.dll [7] 2007-08-22 12:55 665600 A1BC17EB3758D73C3938B2318820F5B4 c:\windows\$hf_mig$\KB939653\SP2QFE\wininet.dll [7] 2007-10-11 05:57 666112 80D660A49E0D118144423099B2A9F5DA c:\windows\$hf_mig$\KB942615\SP2QFE\wininet.dll [7] 2007-12-07 00:44 666112 085A7C37F9C6EDE1BA870B7DBEC06399 c:\windows\$hf_mig$\KB944533\SP2QFE\wininet.dll [7] 2008-06-23 16:01 827904 C66402A06B83B036C195242C0C8CF83C c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\wininet.dll [7] 2009-04-29 04:49 828928 62CCA075F44015147B8971DAFFBCFF76 c:\windows\$hf_mig$\KB969897-IE7\SP3QFE\wininet.dll [7] 2004-08-04 12:00 656384 C0823FC5469663BA63E7DB88F9919D70 c:\windows\$NtUninstallKB928090$\wininet.dll [7] 2007-01-04 13:37 658944 8C393DF5234CBCBFF1EE31902D6B40AE c:\windows\$NtUninstallKB931768$\wininet.dll [7] 2007-02-20 09:48 658944 30D1C47E40EFBB792FF8D3C3B51CE507 c:\windows\$NtUninstallKB933566$\wininet.dll [7] 2007-04-18 12:31 658944 B7156CD97E739F3014BC4D61758F868A c:\windows\$NtUninstallKB937143$\wininet.dll [7] 2007-06-26 14:09 658944 184E47C8F7B331025E6DC92740DB188F c:\windows\$NtUninstallKB939653$\wininet.dll [7] 2007-08-22 13:12 658944 1901AD51DA8BE9F8B38D5D526E5D1788 c:\windows\$NtUninstallKB942615$\wininet.dll [7] 2007-10-11 06:13 659456 2005AD86A22AEE68E21EE59F9CCB77F2 c:\windows\$NtUninstallKB944533$\wininet.dll [7] 2007-12-07 01:07 659456 57D1B5150CF6331FAC6B3E04C1FCB966 c:\windows\ie7\wininet.dll [7] 2007-08-13 16:54 818688 A4A0FC92358F39538A6494C42EF99FE9 c:\windows\ie7updates\KB953838-IE7\wininet.dll [7] 2008-06-23 16:57 826368 8C13D4A7479FA0A026EDA8ABCE82C0ED c:\windows\ie7updates\KB969897-IE7\wininet.dll [7] 2009-04-29 04:56 827392 8E2D471157B0DF329D8D0EA5D83B0DDB c:\windows\SoftwareDistribution\Download\82c738ec00f0f07f8ea182bc95439593\sp3gdr\wininet.dll [7] 2009-04-29 04:49 828928 62CCA075F44015147B8971DAFFBCFF76 c:\windows\SoftwareDistribution\Download\82c738ec00f0f07f8ea182bc95439593\sp3qfe\wininet.dll [7] 2009-04-29 04:56 827392 8E2D471157B0DF329D8D0EA5D83B0DDB c:\windows\system32\wininet.dll [7] 2009-04-29 04:56 827392 8E2D471157B0DF329D8D0EA5D83B0DDB c:\windows\system32\dllcache\wininet.dll [7] 2009-04-29 04:56 827392 8E2D471157B0DF329D8D0EA5D83B0DDB c:\windows\system32\dllcache\cache\wininet.dll [7] 2006-04-20 12:18 360576 B2220C618B42A2212A59D91EBD6FC4B4 c:\windows\$hf_mig$\KB917953\SP2QFE\tcpip.sys [7] 2007-10-30 16:53 360832 64798ECFA43D78C7178375FCDD16D8C8 c:\windows\$hf_mig$\KB941644\SP2QFE\tcpip.sys [7] 2008-06-20 10:44 360960 744E57C99232201AE98C49168B918F48 c:\windows\$hf_mig$\KB951748\SP2QFE\tcpip.sys [7] 2008-06-20 11:51 361600 9AEFA14BD6B182D61E3119FA5F436D3D c:\windows\$hf_mig$\KB951748\SP3GDR\tcpip.sys [7] 2008-06-20 11:59 361600 AD978A1B783B5719720CFF204B666C8E c:\windows\$hf_mig$\KB951748\SP3QFE\tcpip.sys [7] 2004-08-04 12:00 359040 9F4B36614A0FC234525BA224957DE55C c:\windows\$NtUninstallKB917953$\tcpip.sys [7] 2006-04-20 11:51 359808 1DBF125862891817F374F407626967F4 c:\windows\$NtUninstallKB941644$\tcpip.sys [7] 2007-10-30 17:20 360064 90CAFF4B094573449A0872A0F919B178 c:\windows\$NtUninstallKB951748$\tcpip.sys [7] 2008-06-20 10:45 360320 2A5554FC5B1E04E131230E3CE035C3F9 c:\windows\system32\dllcache\tcpip.sys [7] 2008-06-20 10:45 360320 2A5554FC5B1E04E131230E3CE035C3F9 c:\windows\system32\dllcache\cache\tcpip.sys [7] 2008-06-20 10:45 360320 2A5554FC5B1E04E131230E3CE035C3F9 c:\windows\system32\drivers\tcpip.sys [7] 2004-08-04 12:00 502272 01C3346C241652F43AED8E2149881BFE c:\windows\system32\winlogon.exe [7] 2004-08-04 12:00 502272 01C3346C241652F43AED8E2149881BFE c:\windows\system32\dllcache\winlogon.exe [7] 2004-08-04 12:00 502272 01C3346C241652F43AED8E2149881BFE c:\windows\system32\dllcache\cache\winlogon.exe [7] 2004-08-04 12:00 182912 558635D3AF1C7546D26067D5D9B6959E c:\windows\system32\dllcache\ndis.sys [7] 2004-08-04 12:00 182912 558635D3AF1C7546D26067D5D9B6959E c:\windows\system32\dllcache\cache\ndis.sys [7] 2004-08-04 12:00 182912 558635D3AF1C7546D26067D5D9B6959E c:\windows\system32\drivers\ndis.sys [7] 2004-08-04 12:00 29056 4448006B6BC60E6C027932CFC38D6855 c:\windows\system32\dllcache\ip6fw.sys [7] 2004-08-04 12:00 29056 4448006B6BC60E6C027932CFC38D6855 c:\windows\system32\dllcache\cache\ip6fw.sys [7] 2004-08-04 12:00 29056 4448006B6BC60E6C027932CFC38D6855 c:\windows\system32\drivers\ip6fw.sys [7] 2005-03-02 00:36 2056832 D8ABA3EAB509627E707A3B14F00FBB6B c:\windows\$hf_mig$\KB890859\SP2QFE\ntkrnlpa.exe [7] 2006-12-19 16:12 2059392 BA4B97C00A437C1CC3DA365D93EE1E9D c:\windows\$hf_mig$\KB929338\SP2QFE\ntkrnlpa.exe [7] 2007-02-28 09:15 2059392 4D3DBDCCBF97F5BA1E74F322B155C3BA c:\windows\$hf_mig$\KB931784\SP2QFE\ntkrnlpa.exe [7] 2009-02-06 09:49 2062976 9D832AF3FD1917DB0E1E8B2F000A2E3A c:\windows\$hf_mig$\KB956572\SP2QFE\ntkrnlpa.exe [7] 2009-02-07 17:02 2066048 5BA7F2141BC6DB06100D0E5A732C617A c:\windows\$hf_mig$\KB956572\SP3GDR\ntkrnlpa.exe [7] 2009-02-06 10:30 2066176 607352B9CB3D708C67F6039097801B5A c:\windows\$hf_mig$\KB956572\SP3QFE\ntkrnlpa.exe [7] 2004-08-04 12:00 2056832 947FB1D86D14AFCFFDB54BF837EC25D0 c:\windows\$NtUninstallKB890859$\ntkrnlpa.exe [7] 2005-03-02 00:34 2056832 81013F36B21C7F72CF784CC6731E0002 c:\windows\$NtUninstallKB929338$\ntkrnlpa.exe [7] 2006-12-19 12:55 2057600 1D659BFB788ED2BA45075624B748D249 c:\windows\$NtUninstallKB931784$\ntkrnlpa.exe [7] 2007-02-28 08:38 2057600 515D30E2C90A3665A2739309334C9283 c:\windows\$NtUninstallKB956572$\ntkrnlpa.exe [7] 2009-02-06 16:49 2057728 3006410E24772CC6953F0B5C01BEB35F c:\windows\Driver Cache\i386\ntkrnlpa.exe [7] 2009-02-06 16:49 2057728 3006410E24772CC6953F0B5C01BEB35F c:\windows\SoftwareDistribution\Download\51401b498f4675531d9efb941ee01ef3\SP2GDR\ntkrnlpa.exe [7] 2009-02-06 09:49 2062976 9D832AF3FD1917DB0E1E8B2F000A2E3A c:\windows\SoftwareDistribution\Download\51401b498f4675531d9efb941ee01ef3\SP2QFE\ntkrnlpa.exe [7] 2009-02-07 17:02 2066048 5BA7F2141BC6DB06100D0E5A732C617A c:\windows\SoftwareDistribution\Download\51401b498f4675531d9efb941ee01ef3\SP3GDR\ntkrnlpa.exe [7] 2009-02-06 10:30 2066176 607352B9CB3D708C67F6039097801B5A c:\windows\SoftwareDistribution\Download\51401b498f4675531d9efb941ee01ef3\SP3QFE\ntkrnlpa.exe [7] 2009-02-06 16:49 2057728 3006410E24772CC6953F0B5C01BEB35F c:\windows\system32\ntkrnlpa.exe [7] 2009-02-06 16:49 2057728 3006410E24772CC6953F0B5C01BEB35F c:\windows\system32\dllcache\ntkrnlpa.exe [7] 2009-02-06 16:49 2057728 3006410E24772CC6953F0B5C01BEB35F c:\windows\system32\dllcache\cache\ntkrnlpa.exe [7] 2005-03-02 01:04 2179456 28187802B7C368C0D3AEF7D4C382AABB c:\windows\$hf_mig$\KB890859\SP2QFE\ntoskrnl.exe [7] 2006-12-19 16:51 2182016 CEF243F6DEFD20BE4ADDE26C7ECACB54 c:\windows\$hf_mig$\KB929338\SP2QFE\ntoskrnl.exe [7] 2007-02-28 09:55 2182144 5A5C8DB4AA962C714C8371FBDF189FC9 c:\windows\$hf_mig$\KB931784\SP2QFE\ntoskrnl.exe [7] 2009-02-06 10:32 2186112 6A936E9D7BADAF3CAAEED1E1966EC1B0 c:\windows\$hf_mig$\KB956572\SP2QFE\ntoskrnl.exe [7] 2009-02-06 11:08 2189056 7A95B10A73737EBF24139AAA63F5212B c:\windows\$hf_mig$\KB956572\SP3GDR\ntoskrnl.exe [7] 2009-02-07 17:35 2189184 EFE8EACE83EAAD5849A7A548FB75B584 c:\windows\$hf_mig$\KB956572\SP3QFE\ntoskrnl.exe [7] 2004-08-04 12:00 2180992 CE218BC7088681FAA06633E218596CA7 c:\windows\$NtUninstallKB890859$\ntoskrnl.exe [7] 2005-03-02 00:59 2179328 4D4CF2C14550A4B7718E94A6E581856E c:\windows\$NtUninstallKB929338$\ntoskrnl.exe [7] 2006-12-19 14:17 2180352 8F0DEAB1F81FB83F9C5995853CE48B9F c:\windows\$NtUninstallKB931784$\ntoskrnl.exe [7] 2007-02-28 09:10 2180352 582A8DBAA58C3B1F176EB2817DAEE77C c:\windows\$NtUninstallKB956572$\ntoskrnl.exe [7] 2009-02-06 17:24 2180480 FACEBB0CA3154F77009CDFEE78A00BBB c:\windows\Driver Cache\i386\ntoskrnl.exe [7] 2009-02-06 17:24 2180480 FACEBB0CA3154F77009CDFEE78A00BBB c:\windows\SoftwareDistribution\Download\51401b498f4675531d9efb941ee01ef3\SP2GDR\ntoskrnl.exe [7] 2009-02-06 10:32 2186112 6A936E9D7BADAF3CAAEED1E1966EC1B0 c:\windows\SoftwareDistribution\Download\51401b498f4675531d9efb941ee01ef3\SP2QFE\ntoskrnl.exe [7] 2009-02-06 11:08 2189056 7A95B10A73737EBF24139AAA63F5212B c:\windows\SoftwareDistribution\Download\51401b498f4675531d9efb941ee01ef3\SP3GDR\ntoskrnl.exe [7] 2009-02-07 17:35 2189184 EFE8EACE83EAAD5849A7A548FB75B584 c:\windows\SoftwareDistribution\Download\51401b498f4675531d9efb941ee01ef3\SP3QFE\ntoskrnl.exe [7] 2009-02-06 17:24 2180480 FACEBB0CA3154F77009CDFEE78A00BBB c:\windows\system32\ntoskrnl.exe [7] 2009-02-06 17:24 2180480 FACEBB0CA3154F77009CDFEE78A00BBB c:\windows\system32\dllcache\ntoskrnl.exe [7] 2009-02-06 17:24 2180480 FACEBB0CA3154F77009CDFEE78A00BBB c:\windows\system32\dllcache\cache\ntoskrnl.exe [7] 2007-06-13 10:23 1033216 97BD6515465659FF8F3B7BE375B2EA87 c:\windows\explorer.exe [7] 2007-06-13 11:26 1033216 7712DF0CDDE3A5AC89843E61CD5B3658 c:\windows\$hf_mig$\KB938828\SP2QFE\explorer.exe [7] 2004-08-04 12:00 1032192 A0732187050030AE399B241436565E64 c:\windows\$NtUninstallKB938828$\explorer.exe [7] 2007-06-13 10:23 1033216 97BD6515465659FF8F3B7BE375B2EA87 c:\windows\system32\dllcache\explorer.exe [7] 2007-06-13 10:23 1033216 97BD6515465659FF8F3B7BE375B2EA87 c:\windows\system32\dllcache\cache\explorer.exe [7] 2009-02-06 10:22 110592 4712531AB7A01B7EE059853CA17D39BD c:\windows\$hf_mig$\KB956572\SP2QFE\services.exe [7] 2009-02-06 11:11 110592 65DF52F5B8B6E9BBD183505225C37315 c:\windows\$hf_mig$\KB956572\SP3GDR\services.exe [7] 2009-02-06 11:06 110592 020CEAAEDC8EB655B6506B8C70D53BB6 c:\windows\$hf_mig$\KB956572\SP3QFE\services.exe [7] 2004-08-04 12:00 108032 C6CE6EEC82F187615D1002BB3BB50ED4 c:\windows\$NtUninstallKB956572$\services.exe [7] 2009-02-06 17:14 110592 37561F8D4160D62DA86D24AE41FAE8DE c:\windows\SoftwareDistribution\Download\51401b498f4675531d9efb941ee01ef3\SP2GDR\services.exe [7] 2009-02-06 10:22 110592 4712531AB7A01B7EE059853CA17D39BD c:\windows\SoftwareDistribution\Download\51401b498f4675531d9efb941ee01ef3\SP2QFE\services.exe [7] 2009-02-06 11:11 110592 65DF52F5B8B6E9BBD183505225C37315 c:\windows\SoftwareDistribution\Download\51401b498f4675531d9efb941ee01ef3\SP3GDR\services.exe [7] 2009-02-06 11:06 110592 020CEAAEDC8EB655B6506B8C70D53BB6 c:\windows\SoftwareDistribution\Download\51401b498f4675531d9efb941ee01ef3\SP3QFE\services.exe [7] 2009-02-06 17:14 110592 37561F8D4160D62DA86D24AE41FAE8DE c:\windows\system32\services.exe [7] 2009-02-06 17:14 110592 37561F8D4160D62DA86D24AE41FAE8DE c:\windows\system32\dllcache\services.exe [7] 2009-02-06 17:14 110592 37561F8D4160D62DA86D24AE41FAE8DE c:\windows\system32\dllcache\cache\services.exe [7] 2004-08-04 12:00 13312 84885F9B82F4D55C6146EBF6065D75D2 c:\windows\system32\lsass.exe [7] 2004-08-04 12:00 13312 84885F9B82F4D55C6146EBF6065D75D2 c:\windows\system32\dllcache\lsass.exe [7] 2004-08-04 12:00 13312 84885F9B82F4D55C6146EBF6065D75D2 c:\windows\system32\dllcache\cache\lsass.exe [7] 2004-08-04 12:00 15360 24232996A38C0B0CF151C2140AE29FC8 c:\windows\system32\ctfmon.exe [7] 2004-08-04 12:00 15360 24232996A38C0B0CF151C2140AE29FC8 c:\windows\system32\dllcache\ctfmon.exe [7] 2004-08-04 12:00 15360 24232996A38C0B0CF151C2140AE29FC8 c:\windows\system32\dllcache\cache\ctfmon.exe [7] 2005-06-11 00:17 57856 AD3D9D191AEA7B5445FE1D82FFBB4788 c:\windows\$hf_mig$\KB896423\SP2QFE\spoolsv.exe [7] 2004-08-04 12:00 57856 7435B108B935E42EA92CA94F59C8E717 c:\windows\$NtUninstallKB896423$\spoolsv.exe [7] 2005-06-10 23:53 57856 DA81EC57ACD4CDC3D4C51CF3D409AF9F c:\windows\system32\spoolsv.exe [7] 2005-06-10 23:53 57856 DA81EC57ACD4CDC3D4C51CF3D409AF9F c:\windows\system32\dllcache\spoolsv.exe [7] 2005-06-10 23:53 57856 DA81EC57ACD4CDC3D4C51CF3D409AF9F c:\windows\system32\dllcache\cache\spoolsv.exe [7] 2008-10-16 12:09 51224 E654B78D2F1D791B30D0ED9A8195EC22 c:\windows\system32\wuauclt.exe [7] 2008-10-16 12:09 51224 E654B78D2F1D791B30D0ED9A8195EC22 c:\windows\system32\dllcache\wuauclt.exe [7] 2008-10-16 12:09 51224 E654B78D2F1D791B30D0ED9A8195EC22 c:\windows\system32\dllcache\cache\wuauclt.exe [7] 2004-08-04 12:00 24576 39B1FFB03C2296323832ACBAE50D2AFF c:\windows\system32\userinit.exe [7] 2004-08-04 12:00 24576 39B1FFB03C2296323832ACBAE50D2AFF c:\windows\system32\dllcache\userinit.exe [7] 2004-08-04 12:00 24576 39B1FFB03C2296323832ACBAE50D2AFF c:\windows\system32\dllcache\cache\userinit.exe [7] 2004-08-04 12:00 295424 B60C877D16D9C880B952FDA04ADF16E6 c:\windows\system32\termsrv.dll [7] 2004-08-04 12:00 295424 B60C877D16D9C880B952FDA04ADF16E6 c:\windows\system32\dllcache\termsrv.dll [7] 2004-08-04 12:00 295424 B60C877D16D9C880B952FDA04ADF16E6 c:\windows\system32\dllcache\cache\termsrv.dll [7] 2006-07-05 10:57 985088 0FDD84928A5DDE2510761B7EC76CCEC9 c:\windows\$hf_mig$\KB917422\SP2QFE\kernel32.dll [7] 2007-04-16 16:07 986112 09F7CB3687F86EDAA4CA081F7AB66C03 c:\windows\$hf_mig$\KB935839\SP2QFE\kernel32.dll [7] 2009-03-21 13:54 989184 80202858D245FF07DAA1739C57A3E19B c:\windows\$hf_mig$\KB959426\SP2QFE\kernel32.dll [7] 2009-03-21 14:06 989696 B921FB870C9AC0D509B2CCABBBBE95F3 c:\windows\$hf_mig$\KB959426\SP3GDR\kernel32.dll [7] 2009-03-21 13:59 991744 DA11D9D6ECBDF0F93436A4B7C13F7BEC c:\windows\$hf_mig$\KB959426\SP3QFE\kernel32.dll [7] 2004-08-04 12:00 983552 888190E31455FAD793312F8D087146EB c:\windows\$NtUninstallKB917422$\kernel32.dll [7] 2006-07-05 10:55 984064 D8DB5397DE07577C1CB50BA6D23B3AD4 c:\windows\$NtUninstallKB935839$\kernel32.dll [7] 2007-04-16 15:52 984576 A01F9CA902A88F7CED06884174D6419D c:\windows\$NtUninstallKB959426$\kernel32.dll [7] 2009-03-21 14:18 986112 B6ACAED7588295129791E0E6A2B0FADE c:\windows\SoftwareDistribution\Download\022593ca08eb4cd8e9681a7116f902d9\sp2gdr\kernel32.dll [7] 2009-03-21 13:54 989184 80202858D245FF07DAA1739C57A3E19B c:\windows\SoftwareDistribution\Download\022593ca08eb4cd8e9681a7116f902d9\sp2qfe\kernel32.dll [7] 2009-03-21 14:06 989696 B921FB870C9AC0D509B2CCABBBBE95F3 c:\windows\SoftwareDistribution\Download\022593ca08eb4cd8e9681a7116f902d9\sp3gdr\kernel32.dll [7] 2009-03-21 13:59 991744 DA11D9D6ECBDF0F93436A4B7C13F7BEC c:\windows\SoftwareDistribution\Download\022593ca08eb4cd8e9681a7116f902d9\sp3qfe\kernel32.dll [7] 2009-03-21 14:18 986112 B6ACAED7588295129791E0E6A2B0FADE c:\windows\system32\kernel32.dll [7] 2009-03-21 14:18 986112 B6ACAED7588295129791E0E6A2B0FADE c:\windows\system32\dllcache\kernel32.dll [7] 2009-03-21 14:18 986112 B6ACAED7588295129791E0E6A2B0FADE c:\windows\system32\dllcache\cache\kernel32.dll [7] 2004-08-04 12:00 17408 1B5F6923ABB450692E9FE0672C897AED c:\windows\system32\powrprof.dll [7] 2004-08-04 12:00 17408 1B5F6923ABB450692E9FE0672C897AED c:\windows\system32\dllcache\powrprof.dll [7] 2004-08-04 12:00 17408 1B5F6923ABB450692E9FE0672C897AED c:\windows\system32\dllcache\cache\powrprof.dll [7] 2004-08-04 12:00 110080 87CA7CE6469577F059297B9D6556D66D c:\windows\system32\imm32.dll [7] 2004-08-04 12:00 110080 87CA7CE6469577F059297B9D6556D66D c:\windows\system32\dllcache\imm32.dll [7] 2004-08-04 12:00 110080 87CA7CE6469577F059297B9D6556D66D c:\windows\system32\dllcache\cache\imm32.dll [7] 2004-08-04 12:00 1580544 30A609E00BD1D4FFC49D6B5A432BE7F2 c:\windows\system32\sfcfiles.dll [7] 2004-08-04 12:00 1580544 30A609E00BD1D4FFC49D6B5A432BE7F2 c:\windows\system32\dllcache\sfcfiles.dll [7] 2004-08-04 12:00 1580544 30A609E00BD1D4FFC49D6B5A432BE7F2 c:\windows\system32\dllcache\cache\sfcfiles.dll [7] 2004-08-04 12:00 24576 EBDEE8A2EE5393890A1ACEE971C4C246 c:\windows\system32\dllcache\cache\kbdclass.sys [7] 2004-08-04 12:00 24576 EBDEE8A2EE5393890A1ACEE971C4C246 c:\windows\system32\drivers\kbdclass.sys . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-04 15360] "MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2004-10-13 1694208] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2009-05-14 2029640] "Custom System Service"="c:\windows\SERVICE\SERVICE.EXE" [2007-07-08 86016] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-04 15360] c:\documents and settings\All Users\Start Menu\Programs\Startup\ Ulead Photo Express Calendar Checker For My Custom Edition.lnk - c:\program files\Ulead Systems\Ulead Photo Express 4.0 My Custom Edition\CalCheck.exe [2009-6-24 57344] [HKEY_LOCAL_MACHINE\software\microsoft\security center] "UpdatesDisableNotify"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [14.5.2009 15:47 107256] R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [14.5.2009 15:49 94360] R2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [14.5.2009 15:47 731840] R2 NwSapAgent;SAP Agent;c:\windows\system32\svchost.exe -k netsvcs [4.8.2004 14:00 14336] R2 TuneUp.ProgramStatisticsSvc;TuneUp Program Statistics Service;c:\windows\system32\TUProgSt.exe [19.6.2009 9:42 603904] R3 iadusb;MT882;c:\windows\system32\drivers\glauiad.sys [16.6.2009 23:24 30336] S3 FGUARD32;FGUARD32;\??\c:\program files\Folder Guard XP\FGUARD32.SYS --> c:\program files\Folder Guard XP\FGUARD32.SYS [?] S3 k510bus;Sony Ericsson K510 Driver driver (WDM);c:\windows\system32\drivers\k510bus.sys [7.10.2005 12:45 58288] S3 k510mdfl;Sony Ericsson K510 USB WMC Modem Filter;c:\windows\system32\drivers\k510mdfl.sys [7.10.2005 12:46 8336] S3 k510mdm;Sony Ericsson K510 USB WMC Modem Driver;c:\windows\system32\drivers\k510mdm.sys [7.10.2005 12:46 94064] S3 k510mgmt;Sony Ericsson K510 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\k510mgmt.sys [7.10.2005 12:47 85408] S3 k510obex;Sony Ericsson K510 USB WMC OBEX Interface;c:\windows\system32\drivers\k510obex.sys [7.10.2005 12:48 83344] HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs UxTuneUp . Contents of the 'Scheduled Tasks' folder 2009-06-25 c:\windows\Tasks\1-Click Maintenance.job - c:\program files\TuneUp Utilities 2009\OneClickStarter.exe [2008-11-20 14:28] . . ------- Supplementary Scan ------- . uStart Page = [Link mogu videti samo ulogovani korisnici] uSearchMigratedDefaultURL = [Link mogu videti samo ulogovani korisnici]{searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 mSearch Bar = [Link mogu videti samo ulogovani korisnici]http://www.yahoo.com/ext/search/search.html uInternet Settings,ProxyServer = [Link mogu videti samo ulogovani korisnici]:80 uSearchURL,(Default) = [Link mogu videti samo ulogovani korisnici]* IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 Trusted Zone: krstarica.com\www FF - ProfilePath - ---- FIREFOX POLICIES ---- c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.enforce_same_site_origin", false); c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.cache_size", 51200); c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.ogg.enabled", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.wave.enabled", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.autoplay.enabled", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.urlbar.autocomplete.enabled", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("capability.policy.mailnews..wholeText", "noAccess"); c:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.storage.default_quota", 5120); c:\program files\Mozilla Firefox\greprefs\all.js - pref("content.sink.event_probe_rate", 3); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.http.prompt-temp-redirect", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("layout.css.dpi", -1); c:\program files\Mozilla Firefox\greprefs\all.js - pref("layout.css.devPixelsPerPx", -1); c:\program files\Mozilla Firefox\greprefs\all.js - pref("gestures.enable_single_finger_input", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.max_chrome_script_run_time", 0); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.tcp.sendbuffer", 131072); c:\program files\Mozilla Firefox\greprefs\all.js - pref("geo.enabled", true); c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.remember_cert_checkbox_default_setting", true); c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr", "moz35"); c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-cjkt", "moz35"); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.blocklist.level", 2); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.urlbar.restrict.typed", "~"); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.urlbar.default.behavior", 0); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.history", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.formdata", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.passwords", false); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.downloads", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cookies", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cache", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.sessions", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.offlineApps", false); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.siteSettings", false); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.history", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.formdata", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.passwords", false); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.downloads", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.cookies", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.cache", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.sessions", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.offlineApps", false); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.siteSettings", false); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.sanitize.migrateFx3Prefs", false); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.ssl_override_behavior", 2); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("security.alternate_certificate_error_page", "certerror"); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.privatebrowsing.autostart", false); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.privatebrowsing.dont_prompt_on_enter", false); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("geo.wifi.uri", "https://www.google.com/loc/json"); . *********************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, [Link mogu videti samo ulogovani korisnici] Rootkit scan 2009-06-25 22:45 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************ . --------------------- DLLs Loaded Under Running Processes --------------------- - - - - - - - > 'explorer.exe'(456) c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . Completion time: 2009-06-25 22:50 ComboFix-quarantined-files.txt 2009-06-25 20:50 ComboFix2.txt 2009-06-25 20:05 ComboFix3.txt 2009-06-25 17:12 ComboFix4.txt 2009-06-25 16:43 ComboFix5.txt 2009-06-25 20:36 Pre-Run: 6.614.892.544 bytes free Post-Run: 6.603.202.560 bytes free 367 --- E O F --- 2009-06-23 10:26 Dopuna: 26 Jun 2009 15:47 NOD32 Scan nije nasao nista da li je to znak da smo ocistili trojance?

Profil

argus Poslao: 26 Jun 2009 16:21 Idi na vrh
rip argus Anti Malware Fighter Rank 2 Pridružio: 27 Apr 2008 Poruke: 9160 Gde živiš: Prokuplje	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Ovde je sve cisto. Potrebno je deinstalirati ComboFix: klikni start (ili ), a zatim RUN. Na Visti koristiti Start Search polje ukoliko Run nije dostupan. U liniju za unos teksta ukucaj (iskopiraj) sledeće: combofix /u Primeti da postoji razmak između "ComboFix" i "/u". a zatim klikni OK (ili pritisni Enter). Sačekaj da se proces deinstalacije završi.

Profil

Zelezni Poslao: 26 Jun 2009 20:46 Idi na vrh
offline Zelezni Građanin Pridružio: 08 Apr 2009 Poruke: 57 Gde živiš: Indjija	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Hvala na pomoci. PS. prosli put je bio drugi racunar koga ste isto uspesno ocistili.

Profil

MyCity » Ambulanta -> Arhiva Ambulante » Agent.Trojan.ORG

Ko je trenutno na forumu

Ukupno su 979 korisnika na forumu :: 74 registrovanih, 12 sakrivenih i 893 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: A.R.Chafee.Jr., Aleksandar Tomić, arsa, Avalon015, B61, Bacac, Belac91, bojank, Bubimir, bukefal, Centauro, chervoncy, cyprus, d.arsenal321, dankisha, Django777, Duh16, FileFinder, FOX, GeoM, Georgius, Haris, ILGromovnik, ivan1973, Jeremiah, jodzula, Jovan1983, kybonacci, laurusri, Lazarus, LostInSpaceandTime, luja, M74AB3, Mcdado, mercedesamg, mikrimaus, Milos ZA, milutin134, MiroslavD, Mitogna, mkukoleca, morava_01, mux, Natuzzi, ozzy, Panter, Pavle29L, PMsnow, Polemarchoi, Povratak1912, Prečanin30, proka89, raketaš, Razdroid, Rectifier, royst33, sasa87, Sirius, SpeedyGonzales, srpskasparta, stalja, TalicniTom, tamno.nebo, taomaster, TBoy, Tribal, Trpe Grozni, umpah-pah, vidra1, Vlada78, volimpivuvolimrakiju, x011, zoran77, Zvrk

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by