MyCity » Ambulanta -> Arhiva Ambulante » Problem sa Task Manager-om

Problem sa Task Manager-om

Napisano na dan: 19.1.2009

Strana:
1
2
3

Problem sa Task Manager-om

Pagination

Prethodna strana

Sledeća strana

Pagination

Odgovori

Strana:
1
2
3

TeoDos Poslao: 22 Jan 2009 08:51 Idi na vrh
offline TeoDos Građanin Pridružio: 23 Jan 2008 Poruke: 65 Gde živiš: Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! evo sadrzaja iz ComboFix-qua 2008-12-26 13:22:55 A------- 2008-12-26 13:22:55 A------- 2008-12-26 13:22:55 A------- 2008-12-26 13:22:55 A------- 2008-12-26 13:22:55 A------- 2008-12-26 13:22:55 A------- 2008-12-26 13:22:55 A------- 2008-12-26 13:22:55 A------- 2008-12-26 13:22:55 A------- 2008-12-26 13:22:55 A------- 2008-12-26 13:22:56 A------- 2008-12-26 13:22:56 A------- 2008-12-26 13:22:56 A------- 2008-12-26 13:22:56 A------- 2008-12-26 13:22:56 A------- 2008-12-26 13:22:56 A------- 2008-12-26 13:22:56 A------- 2008-12-26 13:22:56 A------- 2008-12-26 13:22:56 A------- 2008-12-26 13:22:56 A------- 2008-12-26 13:22:56 A------- 2008-12-26 13:22:56 A------- 2008-12-26 13:22:56 A------- 2008-12-26 13:22:56 A------- 2008-12-26 13:22:56 A------- 2008-12-26 13:22:56 A------- 2008-12-26 13:22:56 A------- 2008-12-26 13:22:56 A------- 2008-12-26 13:22:56 A------- 2008-12-26 13:22:56 A------- 2008-12-26 13:22:56 A------- 2008-12-26 13:22:56 A------- 2008-12-26 13:22:56 A------- 2008-12-26 13:22:56 A------- 2008-12-26 13:22:56 A------- 2008-12-26 13:22:56 A------- 2008-12-26 13:22:56 A------- 2008-12-26 13:22:56 A------- 2008-12-26 13:22:56 A------- 2008-12-26 13:22:56 A------- 2008-12-26 13:22:56 A------- 2008-12-26 13:22:56 A------- 2008-12-26 13:22:56 A------- 2008-12-26 13:22:56 A------- 2008-12-26 13:22:56 A------- 2008-12-26 13:22:56 A------- 2008-12-26 13:22:56 A------- 2008-12-26 13:22:56 A------- 2008-12-26 13:22:56 A------- 2008-12-26 13:22:56 A------- 2008-12-26 13:22:56 A------- 2008-12-26 13:22:56 A------- 2008-12-26 13:22:56 A------- 2008-12-26 13:22:56 A------- 2008-12-26 13:22:56 A------- 2008-12-26 13:22:56 A------- 2008-12-26 13:22:56 A------- 2008-12-26 13:22:56 A------- 2008-12-26 13:22:56 A------- 2009-01-19 13:25:31 A------- 2009-01-19 13:27:23 A------- Zdravo, rantined-files.txt: 3 C:\Qoobox\Quarantine\C\Program Files\2009\Notes.txt.vir 5,957 C:\Qoobox\Quarantine\C\Program Files\2009\unins000.dat.vir 12,208 C:\Qoobox\Quarantine\C\Program Files\2009\start.dxr.vir 51,262 C:\Qoobox\Quarantine\C\Program Files\2009\PF2009.ico.vir 114,688 C:\Qoobox\Quarantine\C\Program Files\2009\editor\calc.exe.vir 142,838 C:\Qoobox\Quarantine\C\Program Files\2009\img.cxt.vir 407,175 C:\Qoobox\Quarantine\C\Program Files\2009\agenda.dxr.vir 552,960 C:\Qoobox\Quarantine\C\Program Files\2009\editor\Notepad2.exe.vir 720,138 C:\Qoobox\Quarantine\C\Program Files\2009\unins000.exe.vir 2,249,384 C:\Qoobox\Quarantine\C\Program Files\2009\2009.exe.vir 6 C:\Qoobox\Quarantine\C\Program Files\2009\files\mjeseci\MAJ.txt.vir 7 C:\Qoobox\Quarantine\C\Program Files\2009\files\mjeseci\JULI.txt.vir 7 C:\Qoobox\Quarantine\C\Program Files\2009\files\mjeseci\JUNI.txt.vir 8 C:\Qoobox\Quarantine\C\Program Files\2009\files\mjeseci\APRIL.txt.vir 8 C:\Qoobox\Quarantine\C\Program Files\2009\files\mjeseci\MART.txt.vir 9 C:\Qoobox\Quarantine\C\Program Files\2009\files\meseci\july.txt.vir 9 C:\Qoobox\Quarantine\C\Program Files\2009\files\meseci\june.txt.vir 9 C:\Qoobox\Quarantine\C\Program Files\2009\files\meseci\may.txt.vir 9 C:\Qoobox\Quarantine\C\Program Files\2009\files\mjeseci\AVGUST.txt.vir 10 C:\Qoobox\Quarantine\C\Program Files\2009\files\meseci\march.txt.vir 10 C:\Qoobox\Quarantine\C\Program Files\2009\files\mjeseci\OKTOBAR.txt.vir 11 C:\Qoobox\Quarantine\C\Program Files\2009\files\meseci\april.txt.vir 11 C:\Qoobox\Quarantine\C\Program Files\2009\files\mjeseci\DECEMBAR.txt.vir 11 C:\Qoobox\Quarantine\C\Program Files\2009\files\mjeseci\FEBRUAR.txt.vir 11 C:\Qoobox\Quarantine\C\Program Files\2009\files\mjeseci\NOVEMBAR.txt.vir 12 C:\Qoobox\Quarantine\C\Program Files\2009\files\meseci\august.txt.vir 12 C:\Qoobox\Quarantine\C\Program Files\2009\files\meseci\january.txt.vir 12 C:\Qoobox\Quarantine\C\Program Files\2009\files\mjeseci\NOTES.txt.vir 12 C:\Qoobox\Quarantine\C\Program Files\2009\files\mjeseci\SEPTEMBAR.txt.vir 13 C:\Qoobox\Quarantine\C\Program Files\2009\files\meseci\february.txt.vir 13 C:\Qoobox\Quarantine\C\Program Files\2009\files\meseci\october.txt.vir 14 C:\Qoobox\Quarantine\C\Program Files\2009\files\meseci\december.txt.vir 14 C:\Qoobox\Quarantine\C\Program Files\2009\files\meseci\november.txt.vir 15 C:\Qoobox\Quarantine\C\Program Files\2009\files\meseci\september.txt.vir 15 C:\Qoobox\Quarantine\C\Program Files\2009\files\mjeseci\CONTACTS.txt.vir 26 C:\Qoobox\Quarantine\C\Program Files\2009\files\mjeseci\JANUAR.txt.vir 43 C:\Qoobox\Quarantine\C\Program Files\2009\Xtras\PMATIC.reg.vir 49 C:\Qoobox\Quarantine\C\Program Files\2009\kLODOVIK.url.vir 164 C:\Qoobox\Quarantine\C\Program Files\2009\files\prezentacija\3.txt.vir 429 C:\Qoobox\Quarantine\C\Program Files\2009\files\prezentacija\1.txt.vir 988 C:\Qoobox\Quarantine\C\Program Files\2009\files\licencesr.txt.vir 4,271 C:\Qoobox\Quarantine\C\Program Files\2009\editor\Notepad2.reg.vir 40,960 C:\Qoobox\Quarantine\C\Program Files\2009\Xtras\Media Support\FileIo.x32.vir 49,152 C:\Qoobox\Quarantine\C\Program Files\2009\Xtras\Media Support\LZComprs.x32.vir 49,152 C:\Qoobox\Quarantine\C\Program Files\2009\Xtras\Media Support\ZipXtra.x32.vir 53,248 C:\Qoobox\Quarantine\C\Program Files\2009\Xtras\Media Support\Squish.x32.vir 61,440 C:\Qoobox\Quarantine\C\Program Files\2009\Xtras\Media Support\Actor Control.x32.vir 65,536 C:\Qoobox\Quarantine\C\Program Files\2009\Xtras\Media Support\Cursor Asset.x32.vir 69,632 C:\Qoobox\Quarantine\C\Program Files\2009\Xtras\Media Support\Font Asset.x32.vir 69,632 C:\Qoobox\Quarantine\C\Program Files\2009\Xtras\Media Support\SWADCmpr.x32.vir 90,112 C:\Qoobox\Quarantine\C\Program Files\2009\Xtras\Media Support\TextAuth.x32.vir 98,304 C:\Qoobox\Quarantine\C\Program Files\2009\Xtras\Media Support\Text Asset.x32.vir 110,592 C:\Qoobox\Quarantine\C\Program Files\2009\Xtras\Media Support\Cursor Options.x32.vir 126,976 C:\Qoobox\Quarantine\C\Program Files\2009\Xtras\Media Support\Font Asset Dialog.x32.vir 200,704 C:\Qoobox\Quarantine\C\Program Files\2009\Xtras\budapi.x32.vir 282,624 C:\Qoobox\Quarantine\C\Program Files\2009\Xtras\Media Support\Font Xtra.x32.vir 339,968 C:\Qoobox\Quarantine\C\Program Files\2009\Xtras\Flash Asset\Flash Asset.x32.vir 348,160 C:\Qoobox\Quarantine\C\Program Files\2009\Xtras\Media Support\TextXtra.x32.vir 351,744 C:\Qoobox\Quarantine\C\Program Files\2009\Xtras\PMATIC.X32.vir 162 C:\Qoobox\Quarantine\catchme.log 4,629 C:\Qoobox\Quarantine\Registry_backups\tcpip.reg

Profil

helen1 Poslao: 22 Jan 2009 17:52 Idi na vrh
offline helen1 Anti Malware Fighter Rank 2 Master učitelj Pridružio: 27 Avg 2005 Poruke: 8620 Gde živiš: Novi Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Iskljuci Antivirus. Otvoriti Notepad i iskopirati sledeci tekst: `DeQuarantine:: C:\Qoobox\Quarantine\C\Program Files\2009 File:: c:\windows\system32\drivers\SbCtri.exe c:\windows\system32\drivers\trz1.tmp Driver:: Service Controler` Snimiti na Desktop fajl iz Notepada kao "CFScript" Prevuci snimljeni skript/tekst na ComboFix ikonicu kao na slici. Postaviti u sledecoj poruci log koji bude bio napravljen na kraju ciscenja/skeniranja.

Profil

TeoDos Poslao: 23 Jan 2009 09:08 Idi na vrh
offline TeoDos Građanin Pridružio: 23 Jan 2008 Poruke: 65 Gde živiš: Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Sada sam dobio dva izvestaja: ComboFix 09-01-20.05 - user 2009-01-23 8:57:09.3 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.1534.999 [GMT 1:00] Running from: c:\documents and settings\user\Desktop\ComboFix.exe Command switches used :: c:\documents and settings\user\Desktop\CFScript.txt AV: avast! antivirus 4.8.1296 [VPS 090122-0] On-access scanning disabled (Updated) * Created a new restore point WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !! FILE :: c:\windows\system32\drivers\SbCtri.exe c:\windows\system32\drivers\trz1.tmp . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\windows\system32\drivers\SbCtri.exe . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Legacy_SERVICE_CONTROLER -------\Service_Service Controler ((((((((((((((((((((((((( Files Created from 2008-12-23 to 2009-01-23 ))))))))))))))))))))))))))))))) . 2009-01-23 08:56 . 2009-01-23 08:56 <DIR> d-------- c:\program files\2009 2009-01-22 15:51 . 2009-01-22 16:19 <DIR> d-------- c:\windows\system32\CatRoot_bak 2009-01-22 15:45 . 2008-09-17 23:55 453,152 --a------ c:\windows\system32\nvuninst.exe 2009-01-22 15:45 . 2008-09-17 23:55 201,050 --a------ c:\windows\system32\nvapps.nvb 2009-01-22 08:40 . 2009-01-22 08:40 2,878,213 --a------ C:\Qoobox.rar 2009-01-19 11:58 . 2009-01-19 11:58 <DIR> d-------- c:\documents and settings\user\Application Data\Malwarebytes 2009-01-19 11:57 . 2009-01-19 11:57 <DIR> d-------- c:\program files\Malwarebytes' Anti-Malware 2009-01-19 11:57 . 2009-01-19 11:57 <DIR> d-------- c:\documents and settings\All Users\Application Data\Malwarebytes 2009-01-19 11:57 . 2009-01-14 16:11 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys 2009-01-19 11:57 . 2009-01-14 16:11 15,504 --a------ c:\windows\system32\drivers\mbam.sys 2009-01-19 11:27 . 2009-01-19 11:27 1,409 --a------ c:\windows\system32\tmpE1028.FOT 2009-01-19 11:27 . 2009-01-19 11:27 1,409 --a------ c:\windows\system32\tmp54428.FOT 2009-01-19 09:48 . 2009-01-19 09:48 1,409 --a------ c:\windows\system32\tmpCD9A0.FOT 2009-01-19 09:48 . 2009-01-19 09:48 1,409 --a------ c:\windows\system32\tmp039A0.FOT 2009-01-19 09:22 . 2009-01-19 09:22 1,409 --a------ c:\windows\system32\tmpE41B0.FOT 2009-01-19 09:22 . 2009-01-19 09:22 1,409 --a------ c:\windows\system32\tmp333B0.FOT 2009-01-19 08:43 . 2009-01-19 08:43 1,409 --a------ c:\windows\system32\tmpA66D0.FOT 2008-12-31 10:32 . 2008-12-31 10:32 1,409 --a------ c:\windows\system32\tmpFC3D5.FOT 2008-12-31 10:32 . 2008-12-31 10:32 1,409 --a------ c:\windows\system32\tmpD14D5.FOT 2008-12-27 08:38 . 2008-12-27 08:38 1,409 --a------ c:\windows\system32\tmp6A801.FOT 2008-12-27 08:38 . 2008-12-27 08:38 1,409 --a------ c:\windows\system32\tmp2A601.FOT . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-01-23 08:01 --------- d-----w c:\documents and settings\user\Application Data\OpenOffice.org2 2009-01-23 07:50 --------- d-----w c:\documents and settings\user\Application Data\Skype 2009-01-19 11:41 --------- d-----w c:\program files\CCLEANER 2008-12-11 11:57 333,184 ----a-w c:\windows\system32\drivers\srv.sys 2008-04-03 08:04 14,290 ----a-w c:\program files\settings.dat 2007-07-10 08:40 114 -c--a-w c:\program files\plugin.ini 2004-10-05 15:12 138,430 -c--a-w c:\program files\Readme.rtf . ((((((((((((((((((((((((((((( snapshot@2009-01-19_13.28.12.76 ))))))))))))))))))))))))))))))))))))))))) . + 2005-10-20 19:02:28 163,328 ----a-w c:\windows\ERDNT\subs\ERDNT.EXE - 2007-03-15 16:16:42 236,928 -c----w c:\windows\system32\dllcache\WgaLogon.dll + 2008-09-05 22:30:42 241,704 ------w c:\windows\system32\dllcache\wgaLogon.dll - 2007-03-15 16:17:08 336,768 -c----w c:\windows\system32\dllcache\WgaTray.exe + 2008-09-05 22:29:58 917,032 ------w c:\windows\system32\dllcache\WgaTray.exe - 2005-08-02 08:35:00 3,198,560 ----a-w c:\windows\system32\drivers\nv4_mini.sys + 2008-09-17 22:55:00 6,132,576 ----a-w c:\windows\system32\drivers\nv4_mini.sys - 2005-08-02 08:35:00 393,216 -c--a-w c:\windows\system32\keystone.exe + 2008-09-17 22:55:00 436,768 ----a-w c:\windows\system32\keystone.exe - 2007-10-11 13:12:48 1,468,968 ------w c:\windows\system32\LegitCheckControl.dll + 2008-09-05 22:30:06 1,480,232 ----a-w c:\windows\system32\LegitCheckControl.dll - 2005-08-02 08:35:00 3,908,864 ----a-w c:\windows\system32\nv4_disp.dll + 2008-09-17 22:55:00 6,057,472 ----a-w c:\windows\system32\nv4_disp.dll + 2008-09-17 22:55:00 475,136 ----a-w c:\windows\system32\nvapi.dll - 2005-08-02 08:35:00 442,368 -c--a-w c:\windows\system32\nvappbar.exe + 2008-09-17 22:55:00 449,056 ----a-w c:\windows\system32\nvappbar.exe - 2005-08-02 08:35:00 32,768 ----a-w c:\windows\system32\nvcod.dll + 2008-09-17 22:55:00 122,880 ----a-w c:\windows\system32\nvcod.dll - 2005-08-02 08:35:00 32,768 -c--a-w c:\windows\system32\nvcodins.dll + 2008-09-17 22:55:00 122,880 ----a-w c:\windows\system32\nvcodins.dll - 2005-08-02 08:35:00 147,456 -c--a-w c:\windows\system32\nvcolor.exe + 2008-09-17 22:55:00 143,360 ----a-w c:\windows\system32\nvcolor.exe - 2005-08-02 08:35:00 7,110,656 ----a-w c:\windows\system32\nvcpl.dll + 2008-09-17 22:55:00 13,574,144 ----a-w c:\windows\system32\nvcpl.dll + 2008-09-17 22:55:00 797,216 ----a-w c:\windows\system32\nvcplui.exe + 2008-09-17 22:55:00 1,108,512 ----a-w c:\windows\system32\nvcpluir.dll + 2008-09-17 22:55:00 1,368,064 ----a-w c:\windows\system32\nvcuda.dll + 2008-09-17 22:55:00 3,989,504 ----a-w c:\windows\system32\nvdisps.dll + 2008-09-17 22:55:00 5,799,936 ----a-w c:\windows\system32\nvdispsr.dll - 2005-08-02 08:35:00 1,339,392 -c--a-w c:\windows\system32\nvdspsch.exe + 2008-09-17 22:55:00 1,346,080 ----a-w c:\windows\system32\nvdspsch.exe + 2008-09-17 22:55:00 3,444,736 ----a-w c:\windows\system32\nvgames.dll + 2008-09-17 22:55:00 3,457,024 ----a-w c:\windows\system32\nvgamesr.dll - 2005-08-02 08:35:00 1,466,368 ----a-w c:\windows\system32\nview.dll + 2008-09-17 22:55:00 1,503,232 ----a-w c:\windows\system32\nview.dll + 2008-09-17 22:55:00 229,376 ----a-w c:\windows\system32\nvmccs.dll + 2008-09-17 22:55:00 45,056 ----a-w c:\windows\system32\nvmccsrs.dll + 2008-09-17 22:55:00 188,416 ----a-w c:\windows\system32\nvmccss.dll + 2008-09-17 22:55:00 458,752 ----a-w c:\windows\system32\nvmccssr.dll - 2005-08-02 08:35:00 86,016 ----a-w c:\windows\system32\nvmctray.dll + 2008-09-17 22:55:00 86,016 ----a-w c:\windows\system32\nvmctray.dll + 2008-09-17 22:55:00 1,257,472 ----a-w c:\windows\system32\nvmobls.dll + 2008-09-17 22:55:00 2,854,912 ----a-w c:\windows\system32\nvmoblsr.dll - 2005-08-02 08:35:00 286,720 -c--a-w c:\windows\system32\nvnt4cpl.dll + 2008-09-17 22:55:00 286,720 ----a-w c:\windows\system32\nvnt4cpl.dll - 2005-08-02 08:35:00 5,140,480 ----a-w c:\windows\system32\nvoglnt.dll + 2008-09-17 22:55:00 8,826,880 ----a-w c:\windows\system32\nvoglnt.dll - 2005-08-02 08:35:00 315,392 -c--a-w c:\windows\system32\nvrsar.dll + 2008-09-17 22:55:00 331,776 ----a-w c:\windows\system32\nvrsar.dll - 2005-08-02 08:35:00 233,472 ----a-w c:\windows\system32\nvrscs.dll + 2008-09-17 22:55:00 245,760 ----a-w c:\windows\system32\nvrscs.dll - 2005-08-02 08:35:00 241,664 -c--a-w c:\windows\system32\nvrsda.dll + 2008-09-17 22:55:00 253,952 ----a-w c:\windows\system32\nvrsda.dll - 2005-08-02 08:35:00 266,240 -c--a-w c:\windows\system32\nvrsde.dll + 2008-09-17 22:55:00 278,528 ----a-w c:\windows\system32\nvrsde.dll - 2005-08-02 08:35:00 270,336 -c--a-w c:\windows\system32\nvrsel.dll + 2008-09-17 22:55:00 282,624 ----a-w c:\windows\system32\nvrsel.dll - 2005-08-02 08:35:00 237,568 ----a-w c:\windows\system32\nvrseng.dll + 2008-09-17 22:55:00 245,760 ----a-w c:\windows\system32\nvrseng.dll - 2005-08-02 08:35:00 270,336 ----a-w c:\windows\system32\nvrses.dll + 2008-09-17 22:55:00 282,624 ----a-w c:\windows\system32\nvrses.dll - 2005-08-02 08:35:00 262,144 -c--a-w c:\windows\system32\nvrsesm.dll + 2008-09-17 22:55:00 274,432 ----a-w c:\windows\system32\nvrsesm.dll - 2005-08-02 08:35:00 237,568 -c--a-w c:\windows\system32\nvrsfi.dll + 2008-09-17 22:55:00 249,856 ----a-w c:\windows\system32\nvrsfi.dll - 2005-08-02 08:35:00 270,336 -c--a-w c:\windows\system32\nvrsfr.dll + 2008-09-17 22:55:00 282,624 ----a-w c:\windows\system32\nvrsfr.dll - 2005-08-02 08:35:00 311,296 -c--a-w c:\windows\system32\nvrshe.dll + 2008-09-17 22:55:00 331,776 ----a-w c:\windows\system32\nvrshe.dll - 2005-08-02 08:35:00 245,760 -c--a-w c:\windows\system32\nvrshu.dll + 2008-09-17 22:55:00 258,048 ----a-w c:\windows\system32\nvrshu.dll - 2005-08-02 08:35:00 270,336 -c--a-w c:\windows\system32\nvrsit.dll + 2008-09-17 22:55:00 278,528 ----a-w c:\windows\system32\nvrsit.dll - 2005-08-02 08:35:00 253,952 -c--a-w c:\windows\system32\nvrsja.dll + 2008-09-17 22:55:00 270,336 ----a-w c:\windows\system32\nvrsja.dll - 2005-08-02 08:35:00 249,856 -c--a-w c:\windows\system32\nvrsko.dll + 2008-09-17 22:55:00 262,144 ----a-w c:\windows\system32\nvrsko.dll - 2005-08-02 08:35:00 262,144 -c--a-w c:\windows\system32\nvrsnl.dll + 2008-09-17 22:55:00 274,432 ----a-w c:\windows\system32\nvrsnl.dll - 2005-08-02 08:35:00 241,664 -c--a-w c:\windows\system32\nvrsno.dll + 2008-09-17 22:55:00 253,952 ----a-w c:\windows\system32\nvrsno.dll - 2005-08-02 08:35:00 241,664 -c--a-w c:\windows\system32\nvrspl.dll + 2008-09-17 22:55:00 253,952 ----a-w c:\windows\system32\nvrspl.dll - 2005-08-02 08:35:00 262,144 -c--a-w c:\windows\system32\nvrspt.dll + 2008-09-17 22:55:00 270,336 ----a-w c:\windows\system32\nvrspt.dll - 2005-08-02 08:35:00 253,952 -c--a-w c:\windows\system32\nvrsptb.dll + 2008-09-17 22:55:00 266,240 ----a-w c:\windows\system32\nvrsptb.dll - 2005-08-02 08:35:00 258,048 -c--a-w c:\windows\system32\nvrsru.dll + 2008-09-17 22:55:00 266,240 ----a-w c:\windows\system32\nvrsru.dll - 2005-08-02 08:35:00 245,760 -c--a-w c:\windows\system32\nvrssk.dll + 2008-09-17 22:55:00 258,048 ----a-w c:\windows\system32\nvrssk.dll - 2005-08-02 08:35:00 241,664 -c--a-w c:\windows\system32\nvrssl.dll + 2008-09-17 22:55:00 258,048 ----a-w c:\windows\system32\nvrssl.dll - 2005-08-02 08:35:00 241,664 -c--a-w c:\windows\system32\nvrssv.dll + 2008-09-17 22:55:00 253,952 ----a-w c:\windows\system32\nvrssv.dll + 2008-09-17 22:55:00 253,952 ----a-w c:\windows\system32\nvrsth.dll - 2005-08-02 08:35:00 245,760 -c--a-w c:\windows\system32\nvrstr.dll + 2008-09-17 22:55:00 253,952 ----a-w c:\windows\system32\nvrstr.dll - 2005-08-02 08:35:00 212,992 -c--a-w c:\windows\system32\nvrszhc.dll + 2008-09-17 22:55:00 225,280 ----a-w c:\windows\system32\nvrszhc.dll - 2005-08-02 08:35:00 114,688 -c--a-w c:\windows\system32\nvrszht.dll + 2008-09-17 22:55:00 122,880 ----a-w c:\windows\system32\nvrszht.dll - 2005-08-02 08:35:00 466,944 ----a-w c:\windows\system32\nvshell.dll + 2008-09-17 22:55:00 466,944 ----a-w c:\windows\system32\nvshell.dll - 2005-08-02 08:35:00 127,043 ----a-w c:\windows\system32\nvsvc32.exe + 2008-09-17 22:55:00 163,908 ----a-w c:\windows\system32\nvsvc32.exe - 2005-08-02 08:35:00 176,128 ----a-w c:\windows\system32\nvudisp.exe + 2008-09-17 22:55:00 453,152 ----a-w c:\windows\system32\nvudisp.exe + 2008-09-17 22:55:00 3,764,224 ----a-w c:\windows\system32\nvvitvs.dll + 2008-09-17 22:55:00 4,149,248 ----a-w c:\windows\system32\nvvitvsr.dll - 2005-08-02 08:35:00 81,920 ----a-w c:\windows\system32\nvwddi.dll + 2008-09-17 22:55:00 81,920 ----a-w c:\windows\system32\nvwddi.dll - 2005-08-02 08:35:00 1,662,976 -c--a-w c:\windows\system32\nvwdmcpl.dll + 2008-09-17 22:55:00 1,724,416 ----a-w c:\windows\system32\nvwdmcpl.dll - 2005-08-02 08:35:00 1,019,904 -c--a-w c:\windows\system32\nvwimg.dll + 2008-09-17 22:55:00 1,101,824 ----a-w c:\windows\system32\nvwimg.dll - 2005-08-02 08:35:00 282,624 -c--a-w c:\windows\system32\nvwrsar.dll + 2008-09-17 22:55:00 282,624 ----a-w c:\windows\system32\nvwrsar.dll - 2005-08-02 08:35:00 286,720 -c--a-w c:\windows\system32\nvwrscs.dll + 2008-09-17 22:55:00 286,720 ----a-w c:\windows\system32\nvwrscs.dll - 2005-08-02 08:35:00 294,912 -c--a-w c:\windows\system32\nvwrsda.dll + 2008-09-17 22:55:00 294,912 ----a-w c:\windows\system32\nvwrsda.dll - 2005-08-02 08:35:00 311,296 -c--a-w c:\windows\system32\nvwrsde.dll + 2008-09-17 22:55:00 311,296 ----a-w c:\windows\system32\nvwrsde.dll - 2005-08-02 08:35:00 335,872 -c--a-w c:\windows\system32\nvwrsel.dll + 2008-09-17 22:55:00 335,872 ----a-w c:\windows\system32\nvwrsel.dll - 2005-08-02 08:35:00 286,720 ----a-w c:\windows\system32\nvwrseng.dll + 2008-09-17 22:55:00 286,720 ----a-w c:\windows\system32\nvwrseng.dll - 2005-08-02 08:35:00 335,872 -c--a-w c:\windows\system32\nvwrses.dll + 2008-09-17 22:55:00 335,872 ----a-w c:\windows\system32\nvwrses.dll - 2005-08-02 08:35:00 327,680 -c--a-w c:\windows\system32\nvwrsesm.dll + 2008-09-17 22:55:00 327,680 ----a-w c:\windows\system32\nvwrsesm.dll - 2005-08-02 08:35:00 303,104 -c--a-w c:\windows\system32\nvwrsfi.dll + 2008-09-17 22:55:00 303,104 ----a-w c:\windows\system32\nvwrsfi.dll - 2005-08-02 08:35:00 327,680 -c--a-w c:\windows\system32\nvwrsfr.dll + 2008-09-17 22:55:00 327,680 ----a-w c:\windows\system32\nvwrsfr.dll - 2005-08-02 08:35:00 278,528 -c--a-w c:\windows\system32\nvwrshe.dll + 2008-09-17 22:55:00 278,528 ----a-w c:\windows\system32\nvwrshe.dll - 2005-08-02 08:35:00 315,392 -c--a-w c:\windows\system32\nvwrshu.dll + 2008-09-17 22:55:00 315,392 ----a-w c:\windows\system32\nvwrshu.dll - 2005-08-02 08:35:00 323,584 -c--a-w c:\windows\system32\nvwrsit.dll + 2008-09-17 22:55:00 323,584 ----a-w c:\windows\system32\nvwrsit.dll - 2005-08-02 08:35:00 212,992 -c--a-w c:\windows\system32\nvwrsja.dll + 2008-09-17 22:55:00 212,992 ----a-w c:\windows\system32\nvwrsja.dll - 2005-08-02 08:35:00 196,608 -c--a-w c:\windows\system32\nvwrsko.dll + 2008-09-17 22:55:00 196,608 ----a-w c:\windows\system32\nvwrsko.dll - 2005-08-02 08:35:00 319,488 -c--a-w c:\windows\system32\nvwrsnl.dll + 2008-09-17 22:55:00 319,488 ----a-w c:\windows\system32\nvwrsnl.dll - 2005-08-02 08:35:00 299,008 -c--a-w c:\windows\system32\nvwrsno.dll + 2008-09-17 22:55:00 299,008 ----a-w c:\windows\system32\nvwrsno.dll - 2005-08-02 08:35:00 294,912 -c--a-w c:\windows\system32\nvwrspl.dll + 2008-09-17 22:55:00 294,912 ----a-w c:\windows\system32\nvwrspl.dll - 2005-08-02 08:35:00 323,584 -c--a-w c:\windows\system32\nvwrspt.dll + 2008-09-17 22:55:00 323,584 ----a-w c:\windows\system32\nvwrspt.dll - 2005-08-02 08:35:00 319,488 -c--a-w c:\windows\system32\nvwrsptb.dll + 2008-09-17 22:55:00 319,488 ----a-w c:\windows\system32\nvwrsptb.dll - 2005-08-02 08:35:00 315,392 -c--a-w c:\windows\system32\nvwrsru.dll + 2008-09-17 22:55:00 315,392 ----a-w c:\windows\system32\nvwrsru.dll - 2005-08-02 08:35:00 299,008 -c--a-w c:\windows\system32\nvwrssk.dll + 2008-09-17 22:55:00 299,008 ----a-w c:\windows\system32\nvwrssk.dll - 2005-08-02 08:35:00 303,104 -c--a-w c:\windows\system32\nvwrssl.dll + 2008-09-17 22:55:00 303,104 ----a-w c:\windows\system32\nvwrssl.dll - 2005-08-02 08:35:00 294,912 -c--a-w c:\windows\system32\nvwrssv.dll + 2008-09-17 22:55:00 294,912 ----a-w c:\windows\system32\nvwrssv.dll + 2008-09-17 22:55:00 290,816 ----a-w c:\windows\system32\nvwrsth.dll - 2005-08-02 08:35:00 303,104 -c--a-w c:\windows\system32\nvwrstr.dll + 2008-09-17 22:55:00 303,104 ----a-w c:\windows\system32\nvwrstr.dll - 2005-08-02 08:35:00 163,840 -c--a-w c:\windows\system32\nvwrszhc.dll + 2008-09-17 22:55:00 163,840 ----a-w c:\windows\system32\nvwrszhc.dll - 2005-08-02 08:35:00 167,936 -c--a-w c:\windows\system32\nvwrszht.dll + 2008-09-17 22:55:00 167,936 ----a-w c:\windows\system32\nvwrszht.dll + 2008-09-17 22:55:00 2,686,976 ----a-w c:\windows\system32\nvwss.dll + 2008-09-17 22:55:00 2,981,888 ----a-w c:\windows\system32\nvwssr.dll - 2005-08-02 08:35:00 1,519,616 ----a-w c:\windows\system32\nwiz.exe + 2008-09-17 22:55:00 1,657,376 ----a-w c:\windows\system32\nwiz.exe + 2005-08-02 08:35:00 3,908,864 ----a-w c:\windows\system32\ReinstallBackups\0004\DriverFiles\nv4_disp.dll + 2005-08-02 08:35:00 3,198,560 ----a-w c:\windows\system32\ReinstallBackups\0004\DriverFiles\nv4_mini.sys + 2005-08-02 08:35:00 32,768 ----a-w c:\windows\system32\ReinstallBackups\0004\DriverFiles\nvcod.dll + 2005-08-02 08:35:00 7,110,656 ----a-w c:\windows\system32\ReinstallBackups\0004\DriverFiles\nvcpl.dll + 2005-08-02 08:35:00 540,672 ----a-w c:\windows\system32\ReinstallBackups\0004\DriverFiles\nvhwvid.dll + 2005-08-02 08:35:00 86,016 ----a-w c:\windows\system32\ReinstallBackups\0004\DriverFiles\nvmctray.dll + 2005-08-02 08:35:00 286,720 ----a-w c:\windows\system32\ReinstallBackups\0004\DriverFiles\nvnt4cpl.dll + 2005-08-02 08:35:00 5,140,480 ----a-w c:\windows\system32\ReinstallBackups\0004\DriverFiles\nvoglnt.dll + 2005-08-02 08:35:00 127,043 ----a-w c:\windows\system32\ReinstallBackups\0004\DriverFiles\nvsvc32.exe + 2005-08-02 08:35:00 81,920 ----a-w c:\windows\system32\ReinstallBackups\0004\DriverFiles\nvwddi.dll - 2007-03-15 16:16:42 236,928 ------w c:\windows\system32\WgaLogon.dll + 2008-09-05 22:30:42 241,704 ----a-w c:\windows\system32\WgaLogon.dll - 2007-03-15 16:17:08 336,768 ------w c:\windows\system32\WgaTray.exe + 2008-09-05 22:29:58 917,032 ------w c:\windows\system32\WgaTray.exe + 2009-01-23 08:01:10 16,384 ----atw c:\windows\Temp\Perflib_Perfdata_55c.dat . -- Snapshot reset to current date -- . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-04 15360] "Skype"="c:\program files\Skype\Phone\Skype.exe" [2007-09-13 22880040] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-09-17 13574144] "LtMoh"="c:\program files\ltmoh\Ltmoh.exe" [2003-01-22 184320] "RestoreIT!"="c:\program files\Phoenix Technologies Ltd\RecoverPro_XP\VBPTASK.EXE" [2004-05-27 114688] "NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648] "Picasa Media Detector"="c:\program files\Picasa2\PicasaMediaDetector.exe" [2006-09-14 249927] "googletalk"="c:\program files\Google\Google Talk\googletalk.exe" [2007-01-01 3739648] "avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2008-11-26 81000] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-09-17 86016] "RTHDCPL"="RTHDCPL.EXE" [2005-03-23 c:\windows\RTHDCPL.EXE] "nwiz"="nwiz.exe" [2008-09-17 c:\windows\system32\nwiz.exe] "LTMSG"="LTMSG.exe" [2003-07-14 c:\windows\ltmsg.exe] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-04 15360] c:\documents and settings\user\Start Menu\Programs\Startup\ Adobe Gamma.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2006-05-03 113664] OpenOffice.org 2.3.lnk - c:\program files\OpenOffice.org 2.3\program\quickstart.exe [2007-08-17 393216] Yahoo! Widgets.lnk - c:\program files\Yahoo!\Widgets\YahooWidgets.exe [2007-12-11 3746856] c:\documents and settings\All Users\Start Menu\Programs\Startup\ Adobe Gamma Loader.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2006-05-03 113664] AutoCAD Startup Accelerator.lnk - c:\program files\Common Files\Autodesk Shared\acstart16.exe [2005-03-05 10872] [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecute REG_MULTI_SZ autocheck autochk \0oodbs [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusDisableNotify"=dword:00000001 "UpdatesDisableNotify"=dword:00000001 "AntiVirusOverride"=dword:00000001 "FirewallOverride"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Messenger\\msmsgs.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\Google\\Google Talk\\googletalk.exe"= "c:\\Program Files\\3d max\\3dsmax.exe"= "c:\\Program Files\\backburner 2\\monitor.exe"= "c:\\Program Files\\backburner 2\\manager.exe"= "c:\\Program Files\\backburner 2\\server.exe"= "c:\\Program Files\\Skype\\Phone\\Skype.exe"= R0 RITCPT;RITCPT;c:\windows\system32\drivers\RITCPT.SYS [2006-04-14 43512] R0 VVBackd5;VVBackd5;c:\windows\system32\drivers\VVBackd5.sys [2006-04-14 179482] R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2008-04-02 111184] R3 SMBus_2k;SMBus_2k;c:\windows\system32\drivers\SMBus_2k.sys [2006-04-04 14208] R4 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2008-04-02 20560] R4 FBAPI;FBAPI;c:\windows\system32\drivers\FBAPI.sys [2006-04-14 5088] R4 HDDFC;Hard Disk Noise Control;c:\program files\Fujitsu Siemens\Hard Disk Noise Control\HDDFC.exe [2005-03-22 155745] R4 TeamViewer;TeamViewer 3;c:\program files\TeamViewer3\TeamViewer_Host.exe [2008-03-12 181544] . . ------- Supplementary Scan ------- . uStart Page = hxxp://www.yahoo.com uDefault_Search_URL = hxxp://www.google.com/ie uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 mStart Page = hxxp://www.yahoo.com mSearch Bar = hxxp://us.rd.yahoo.com/customize/ie/defaults/sb/msgr7/http://www.yahoo.com/ext/search/search.html uInternet Connection Wizard,ShellNext = iexplore uSearchURL,(Default) = hxxp://us.rd.yahoo.com/customize/ie/defaults/su/msgr7/http://www.yahoo.com IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 TCP: {11E41D21-F58E-4956-938C-41741B79A8A7} = 192.168.0.11,91.150.90.2,91.150.90.3 FF - ProfilePath - c:\documents and settings\user\Application Data\Mozilla\Firefox\Profiles\ltag9nch.default\ FF - prefs.js: browser.search.selectedEngine - Google FF - plugin: c:\program files\Mozilla Firefox\plugins\npyaxmpb.dll . *********************************************************************** catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, gmer.net Rootkit scan 2009-01-23 09:01:38 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ********************************************************************** . ------------------------ Other Running Processes ------------------------ . c:\program files\Alwil Software\Avast4\aswUpdSv.exe c:\program files\Alwil Software\Avast4\ashServ.exe c:\windows\ATKKBService.exe c:\program files\Common Files\Autodesk Shared\Service\AdskScSrv.exe c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE c:\windows\system32\nvsvc32.exe c:\windows\system32\oodag.exe c:\windows\system32\rundll32.exe c:\program files\TeamViewer3\TeamViewer.exe c:\program files\OpenOffice.org 2.3\program\soffice.exe c:\program files\OpenOffice.org 2.3\program\soffice.bin c:\program files\Alwil Software\Avast4\ashMaiSv.exe c:\program files\Alwil Software\Avast4\ashWebSv.exe c:\program files\Microsoft Office\OFFICE11\OUTLOOK.EXE c:\program files\Skype\Plugin Manager\skypePM.exe . ************************************************************************ . Completion time: 2009-01-23 9:04:42 - machine was rebooted ComboFix-quarantined-files.txt 2009-01-23 08:04:39 ComboFix2.txt 2009-01-21 07:52:13 ComboFix3.txt 2009-01-19 12:29:35 C:\DeQuarantine.txt Pre-Run: 9,241,972,736 bytes free Post-Run: 9,185,353,728 bytes free 359 --- E O F --- 2009-01-14 15:04:03 i: C:\Qoobox\Quarantine\C\Program Files\2009\2009.exe -> C:\Program Files\2009\2009.exe C:\Qoobox\Quarantine\C\Program Files\2009\agenda.dxr -> C:\Program Files\2009\agenda.dxr C:\Qoobox\Quarantine\C\Program Files\2009\img.cxt -> C:\Program Files\2009\img.cxt C:\Qoobox\Quarantine\C\Program Files\2009\kLODOVIK.url -> C:\Program Files\2009\kLODOVIK.url C:\Qoobox\Quarantine\C\Program Files\2009\Notes.txt -> C:\Program Files\2009\Notes.txt C:\Qoobox\Quarantine\C\Program Files\2009\PF2009.ico -> C:\Program Files\2009\PF2009.ico C:\Qoobox\Quarantine\C\Program Files\2009\start.dxr -> C:\Program Files\2009\start.dxr C:\Qoobox\Quarantine\C\Program Files\2009\unins000.dat -> C:\Program Files\2009\unins000.dat C:\Qoobox\Quarantine\C\Program Files\2009\unins000.exe -> C:\Program Files\2009\unins000.exe C:\Qoobox\Quarantine\C\Program Files\2009\editor\calc.exe -> C:\Program Files\2009\editor\calc.exe C:\Qoobox\Quarantine\C\Program Files\2009\editor\Notepad2.exe -> C:\Program Files\2009\editor\Notepad2.exe C:\Qoobox\Quarantine\C\Program Files\2009\editor\Notepad2.reg -> C:\Program Files\2009\editor\Notepad2.reg C:\Qoobox\Quarantine\C\Program Files\2009\files\licencesr.txt -> C:\Program Files\2009\files\licencesr.txt C:\Qoobox\Quarantine\C\Program Files\2009\files\meseci\april.txt -> C:\Program Files\2009\files\meseci\april.txt C:\Qoobox\Quarantine\C\Program Files\2009\files\meseci\august.txt -> C:\Program Files\2009\files\meseci\august.txt C:\Qoobox\Quarantine\C\Program Files\2009\files\meseci\december.txt -> C:\Program Files\2009\files\meseci\december.txt C:\Qoobox\Quarantine\C\Program Files\2009\files\meseci\february.txt -> C:\Program Files\2009\files\meseci\february.txt C:\Qoobox\Quarantine\C\Program Files\2009\files\meseci\january.txt -> C:\Program Files\2009\files\meseci\january.txt C:\Qoobox\Quarantine\C\Program Files\2009\files\meseci\july.txt -> C:\Program Files\2009\files\meseci\july.txt C:\Qoobox\Quarantine\C\Program Files\2009\files\meseci\june.txt -> C:\Program Files\2009\files\meseci\june.txt C:\Qoobox\Quarantine\C\Program Files\2009\files\meseci\march.txt -> C:\Program Files\2009\files\meseci\march.txt C:\Qoobox\Quarantine\C\Program Files\2009\files\meseci\may.txt -> C:\Program Files\2009\files\meseci\may.txt C:\Qoobox\Quarantine\C\Program Files\2009\files\meseci\november.txt -> C:\Program Files\2009\files\meseci\november.txt C:\Qoobox\Quarantine\C\Program Files\2009\files\meseci\october.txt -> C:\Program Files\2009\files\meseci\october.txt C:\Qoobox\Quarantine\C\Program Files\2009\files\meseci\september.txt -> C:\Program Files\2009\files\meseci\september.txt C:\Qoobox\Quarantine\C\Program Files\2009\files\mjeseci\APRIL.txt -> C:\Program Files\2009\files\mjeseci\APRIL.txt C:\Qoobox\Quarantine\C\Program Files\2009\files\mjeseci\AVGUST.txt -> C:\Program Files\2009\files\mjeseci\AVGUST.txt C:\Qoobox\Quarantine\C\Program Files\2009\files\mjeseci\CONTACTS.txt -> C:\Program Files\2009\files\mjeseci\CONTACTS.txt C:\Qoobox\Quarantine\C\Program Files\2009\files\mjeseci\DECEMBAR.txt -> C:\Program Files\2009\files\mjeseci\DECEMBAR.txt C:\Qoobox\Quarantine\C\Program Files\2009\files\mjeseci\FEBRUAR.txt -> C:\Program Files\2009\files\mjeseci\FEBRUAR.txt C:\Qoobox\Quarantine\C\Program Files\2009\files\mjeseci\JANUAR.txt -> C:\Program Files\2009\files\mjeseci\JANUAR.txt C:\Qoobox\Quarantine\C\Program Files\2009\files\mjeseci\JULI.txt -> C:\Program Files\2009\files\mjeseci\JULI.txt C:\Qoobox\Quarantine\C\Program Files\2009\files\mjeseci\JUNI.txt -> C:\Program Files\2009\files\mjeseci\JUNI.txt C:\Qoobox\Quarantine\C\Program Files\2009\files\mjeseci\MAJ.txt -> C:\Program Files\2009\files\mjeseci\MAJ.txt C:\Qoobox\Quarantine\C\Program Files\2009\files\mjeseci\MART.txt -> C:\Program Files\2009\files\mjeseci\MART.txt C:\Qoobox\Quarantine\C\Program Files\2009\files\mjeseci\NOTES.txt -> C:\Program Files\2009\files\mjeseci\NOTES.txt C:\Qoobox\Quarantine\C\Program Files\2009\files\mjeseci\NOVEMBAR.txt -> C:\Program Files\2009\files\mjeseci\NOVEMBAR.txt C:\Qoobox\Quarantine\C\Program Files\2009\files\mjeseci\OKTOBAR.txt -> C:\Program Files\2009\files\mjeseci\OKTOBAR.txt C:\Qoobox\Quarantine\C\Program Files\2009\files\mjeseci\SEPTEMBAR.txt -> C:\Program Files\2009\files\mjeseci\SEPTEMBAR.txt C:\Qoobox\Quarantine\C\Program Files\2009\files\prezentacija\1.txt -> C:\Program Files\2009\files\prezentacija\1.txt C:\Qoobox\Quarantine\C\Program Files\2009\files\prezentacija\3.txt -> C:\Program Files\2009\files\prezentacija\3.txt C:\Qoobox\Quarantine\C\Program Files\2009\Xtras\budapi.x32 -> C:\Program Files\2009\Xtras\budapi.x32 C:\Qoobox\Quarantine\C\Program Files\2009\Xtras\PMATIC.reg -> C:\Program Files\2009\Xtras\PMATIC.reg C:\Qoobox\Quarantine\C\Program Files\2009\Xtras\PMATIC.X32 -> C:\Program Files\2009\Xtras\PMATIC.X32 C:\Qoobox\Quarantine\C\Program Files\2009\Xtras\Flash Asset\Flash Asset.x32 -> C:\Program Files\2009\Xtras\Flash Asset\Flash Asset.x32 C:\Qoobox\Quarantine\C\Program Files\2009\Xtras\Media Support\Actor Control.x32 -> C:\Program Files\2009\Xtras\Media Support\Actor Control.x32 C:\Qoobox\Quarantine\C\Program Files\2009\Xtras\Media Support\Cursor Asset.x32 -> C:\Program Files\2009\Xtras\Media Support\Cursor Asset.x32 C:\Qoobox\Quarantine\C\Program Files\2009\Xtras\Media Support\Cursor Options.x32 -> C:\Program Files\2009\Xtras\Media Support\Cursor Options.x32 C:\Qoobox\Quarantine\C\Program Files\2009\Xtras\Media Support\FileIo.x32 -> C:\Program Files\2009\Xtras\Media Support\FileIo.x32 C:\Qoobox\Quarantine\C\Program Files\2009\Xtras\Media Support\Font Asset Dialog.x32 -> C:\Program Files\2009\Xtras\Media Support\Font Asset Dialog.x32 C:\Qoobox\Quarantine\C\Program Files\2009\Xtras\Media Support\Font Asset.x32 -> C:\Program Files\2009\Xtras\Media Support\Font Asset.x32 C:\Qoobox\Quarantine\C\Program Files\2009\Xtras\Media Support\Font Xtra.x32 -> C:\Program Files\2009\Xtras\Media Support\Font Xtra.x32 C:\Qoobox\Quarantine\C\Program Files\2009\Xtras\Media Support\LZComprs.x32 -> C:\Program Files\2009\Xtras\Media Support\LZComprs.x32 C:\Qoobox\Quarantine\C\Program Files\2009\Xtras\Media Support\Squish.x32 -> C:\Program Files\2009\Xtras\Media Support\Squish.x32 C:\Qoobox\Quarantine\C\Program Files\2009\Xtras\Media Support\SWADCmpr.x32 -> C:\Program Files\2009\Xtras\Media Support\SWADCmpr.x32 C:\Qoobox\Quarantine\C\Program Files\2009\Xtras\Media Support\Text Asset.x32 -> C:\Program Files\2009\Xtras\Media Support\Text Asset.x32 C:\Qoobox\Quarantine\C\Program Files\2009\Xtras\Media Support\TextAuth.x32 -> C:\Program Files\2009\Xtras\Media Support\TextAuth.x32 C:\Qoobox\Quarantine\C\Program Files\2009\Xtras\Media Support\TextXtra.x32 -> C:\Program Files\2009\Xtras\Media Support\TextXtra.x32 C:\Qoobox\Quarantine\C\Program Files\2009\Xtras\Media Support\ZipXtra.x32 -> C:\Program Files\2009\Xtras\Media Support\ZipXtra.x32 59 File(s) copied

Profil

helen1 Poslao: 23 Jan 2009 10:15 Idi na vrh
offline helen1 Anti Malware Fighter Rank 2 Master učitelj Pridružio: 27 Avg 2005 Poruke: 8620 Gde živiš: Novi Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Da li ima nekih problema sada?

Profil

TeoDos Poslao: 23 Jan 2009 10:26 Idi na vrh
offline TeoDos Građanin Pridružio: 23 Jan 2008 Poruke: 65 Gde živiš: Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Imam sa mrezom tj. ne mogu da mu pristupim sa drugog racunara i nije moguce koristiti stampac koji je na njemu preko mreze.

Profil

helen1 Poslao: 23 Jan 2009 16:51 Idi na vrh
offline helen1 Anti Malware Fighter Rank 2 Master učitelj Pridružio: 27 Avg 2005 Poruke: 8620 Gde živiš: Novi Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Zipuj/raruj mi sledeci folder: C:\qoobox\quarantine i posalji ga preko sledeceg linka: http://www.mycity.rs/ambulanta-upload.php

Profil

TeoDos Poslao: 26 Jan 2009 08:54 Idi na vrh
offline TeoDos Građanin Pridružio: 23 Jan 2008 Poruke: 65 Gde živiš: Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uradio sam po uputstvu.

Profil

helen1 Poslao: 26 Jan 2009 18:15 Idi na vrh
offline helen1 Anti Malware Fighter Rank 2 Master učitelj Pridružio: 27 Avg 2005 Poruke: 8620 Gde živiš: Novi Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Skinuti SDFix na Desktop. Dupli klik na SDFix.exe ce raspakovati program u folder C:\SDFix, osim ukoliko putanja nije drugacije odredjena pri raspakivanju. Restartovati kompjuter u Safe Mode Uci u folder u kojem je raspakovan SDFix i startovati RunThis.bat Stisnuti Y da bi se zapocelo skeniranje Nakon skeniranja ce se pojaviti poruka da ce kompjuter biti restartovan Pritisnuti bilo koji taster da bi se kompjuter restartovao Nakon restarta ce se automatski pokrenuti jos jedno skeniranje, i po njegovom zavrsetku ce se pojaviti poruka Finished Nakon ucitavanja desktop ikonica, na ekranu ce se pojaviti izvestaj. Izvestaj ce ujedno biti snimljen i kao Report.txt u folderu u kojem je SDFix raspakovan Iskopirati izvestaj u poruku na forumu, i postaviti i nov log programa HijackThis

Profil

TeoDos Poslao: 27 Jan 2009 08:56 Idi na vrh
offline TeoDos Građanin Pridružio: 23 Jan 2008 Poruke: 65 Gde živiš: Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Zdravo, uradjeno po uputstvu i evo izvestaja. SDFix: Version 1.240 Run by Administrator on 27/01/2009 at 08:39 Microsoft Windows XP [Version 5.1.2600] Running From: C:\SDFix Checking Services : Restoring Default Security Values Restoring Default Hosts File Rebooting Checking Files : No Trojan Files Found Removing Temp Files ADS Check : Final Check : catchme 0.3.1361.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, gmer.net Rootkit scan 2009-01-27 08:45:06 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden services & system hive ... scanning hidden registry entries ... scanning hidden files ... scan completed successfully hidden processes: 0 hidden services: 0 hidden files: 0 Remaining Services : Authorized Application Key Export: [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe::enabled:@xpsp2res.dll,-22019" "C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe::Enabled:Windows Messenger" "%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe::Enabled:@xpsp3res.dll,-20000" "C:\\Program Files\\Google\\Google Talk\\googletalk.exe"="C:\\Program Files\\Google\\Google Talk\\googletalk.exe::Enabled:Google Talk" "C:\\Program Files\\3d max\\3dsmax.exe"="C:\\Program Files\\3d max\\3dsmax.exe::Enabled:3ds max 7" "C:\\Program Files\\backburner 2\\monitor.exe"="C:\\Program Files\\backburner 2\\monitor.exe::Enabled:backburner 2.3 monitor" "C:\\Program Files\\backburner 2\\manager.exe"="C:\\Program Files\\backburner 2\\manager.exe::Enabled:backburner 2.3 manager" "C:\\Program Files\\backburner 2\\server.exe"="C:\\Program Files\\backburner 2\\server.exe::Enabled:backburner 2.3 server" "C:\\Program Files\\Skype\\Phone\\Skype.exe"="C:\\Program Files\\Skype\\Phone\\Skype.exe::Enabled:Skype" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe::enabled:@xpsp2res.dll,-22019" "%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe::Enabled:@xpsp3res.dll,-20000" Remaining Files : Files with Hidden Attributes : Finished! i drugi Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 08:48:35, on 27/01/2009 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16762) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\ATKKBService.exe C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe c:\Program Files\Fujitsu Siemens\Hard Disk Noise Control\HDDFC.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\oodag.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\TeamViewer3\TeamViewer_Host.exe C:\Program Files\TeamViewer3\TeamViewer.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\system32\notepad.exe C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe C:\WINDOWS\RTHDCPL.EXE C:\Program Files\ltmoh\Ltmoh.exe C:\Program Files\Phoenix Technologies Ltd\RecoverPro_XP\VBPTASK.EXE C:\Program Files\Picasa2\PicasaMediaDetector.exe C:\WINDOWS\LTMSG.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Skype\Phone\Skype.exe C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe C:\Program Files\OpenOffice.org 2.3\program\soffice.exe C:\Program Files\OpenOffice.org 2.3\program\soffice.BIN C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE C:\Program Files\Skype\Plugin Manager\skypePM.exe C:\Documents and Settings\user\Desktop\New Folder\Azra.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = yahoo.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = us.rd.yahoo.com/customize/ie/defaults/sb/msgr7/http://www.yahoo.com/ext/search/search.html R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = yahoo.com R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = us.rd.yahoo.com/customize/ie/defaults/su/msgr7/*http://www.yahoo.com O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [LtMoh] C:\Program Files\ltmoh\Ltmoh.exe O4 - HKLM\..\Run: [RestoreIT!] "C:\Program Files\Phoenix Technologies Ltd\RecoverPro_XP\VBPTASK.EXE" VBStart O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe O4 - HKLM\..\Run: [googletalk] C:\Program Files\Google\Google Talk\googletalk.exe /autostart O4 - HKLM\..\Run: [LTMSG] LTMSG.exe 7 O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - S-1-5-18 Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (User 'SYSTEM') O4 - S-1-5-18 Startup: OpenOffice.org 2.3.lnk = C:\Program Files\OpenOffice.org 2.3\program\quickstart.exe (User 'SYSTEM') O4 - S-1-5-18 Startup: Yahoo! Widgets.lnk = C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe (User 'SYSTEM') O4 - .DEFAULT Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (User 'Default user') O4 - .DEFAULT Startup: OpenOffice.org 2.3.lnk = C:\Program Files\OpenOffice.org 2.3\program\quickstart.exe (User 'Default user') O4 - .DEFAULT Startup: Yahoo! Widgets.lnk = C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe (User 'Default user') O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Startup: OpenOffice.org 2.3.lnk = C:\Program Files\OpenOffice.org 2.3\program\quickstart.exe O4 - Startup: Yahoo! Widgets.lnk = C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: AutoCAD Startup Accelerator.lnk = C:\Program Files\Common Files\Autodesk Shared\acstart16.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll O17 - HKLM\System\CCS\Services\Tcpip\..\{11E41D21-F58E-4956-938C-41741B79A8A7}: NameServer = 192.168.0.11,91.150.90.2,91.150.90.3 O17 - HKLM\System\CS1\Services\Tcpip\..\{11E41D21-F58E-4956-938C-41741B79A8A7}: NameServer = 192.168.0.11,91.150.90.2,91.150.90.3 O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: Hard Disk Noise Control (HDDFC) - Fujitsu Siemens Computers - c:\Program Files\Fujitsu Siemens\Hard Disk Noise Control\HDDFC.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe O23 - Service: TeamViewer 3 (TeamViewer) - TeamViewer GmbH - C:\Program Files\TeamViewer3\TeamViewer_Host.exe -- End of file - 8686 bytes Jedina promena koju sam primetio posle restarta tj. skeniranja SDFix-a je ta da je iskljucen ``Automatic Updates``.

Profil

helen1 Poslao: 27 Jan 2009 09:03 Idi na vrh
offline helen1 Anti Malware Fighter Rank 2 Master učitelj Pridružio: 27 Avg 2005 Poruke: 8620 Gde živiš: Novi Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Jel imas jos problema sa mrezom?

Profil

MyCity » Ambulanta -> Arhiva Ambulante » Problem sa Task Manager-om

Ko je trenutno na forumu

Ukupno su 1116 korisnika na forumu :: 45 registrovanih, 8 sakrivenih i 1063 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: A.R.Chafee.Jr., ajo baba, arsa, babaroga, bobomicek, Bobrock1, bojankrstc, bokisha253, BORUTUS, brundo65, Bubimir, darcaud, Denaya, djolew, djuradj, Dogma21, Dorcolac, draganca, dragoljub11987, DragoslavS, Fabius, h8propaganda, HrcAk47, Istman, Kibice, kybonacci, Leonov, lord sir giga, miki87, mrmr, nazgul75, Neutral-M, nick79, Niko Bitan, Panter, raketaš, sabros, shaja1, sombrero, StepskiVuk, Tila Painen, vladas87, voja64, zafon031, 79693

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by