MyCity » Ambulanta -> Arhiva Ambulante » Pomoć

Pomoć

Napisano na dan: 5.1.2009

Pomoć

Odgovori

cvetko_a Poslao: 05 Jan 2009 18:53 Idi na vrh
offline cvetko_a Građanin Pridružio: 20 Feb 2005 Poruke: 297 Gde živiš: Vranje	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Moj mali sinčić je sa internete(čuvši od svojih drugova za torent)skinuo neku instalaciju i napravio haos na IE. Pa vas molim da mi pomognete da očistim I.E. Znam odprilike šta bi trebalo ukloniti ali vi kao stručniji ljudi tražim od vas pomoć i savet. Evo logfaila : Logfile of HijackThis v1.99.1 Scan saved at 18:37:50, on 5.1.2009 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.5730.0013) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\AGRSMMSG.exe C:\WINDOWS\RTHDCPL.EXE C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe E:\Sat-budilnik\AtomicAlarmClock\Atomic Alarm Clock\AtomicAlarmClock.exe C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\oodag.exe C:\Program Files\CyberLink\Shared Files\RichVideo.exe C:\Program Files\Internet Explorer\iexplore.exe C:\WINDOWS\system32\svchost.exe E:\Hijack\Promena.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = [Link mogu videti samo ulogovani korisnici] R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [Link mogu videti samo ulogovani korisnici] R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [Link mogu videti samo ulogovani korisnici] R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [Link mogu videti samo ulogovani korisnici] R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [Link mogu videti samo ulogovani korisnici] R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = [Link mogu videti samo ulogovani korisnici] R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file) R3 - URLSearchHook: Torrent-Search Toolbar - {e0c7b854-d5ce-4db6-9804-be1438603d89} - C:\Program Files\Torrent-Search\tbTorr.dll O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - D:\Download\DownloadManager\Orbit\Orbitdownloader\orbitcth.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ievkbd.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O2 - BHO: Torrent-Search Toolbar - {e0c7b854-d5ce-4db6-9804-be1438603d89} - C:\Program Files\Torrent-Search\tbTorr.dll O2 - BHO: PicLens plug-in for Internet Explorer - {EAEE5C74-6D0D-4aca-9232-0DA4A7B866BA} - C:\Program Files\PicLensIE\PicLens.dll O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O3 - Toolbar: Torrent-Search Toolbar - {e0c7b854-d5ce-4db6-9804-be1438603d89} - C:\Program Files\Torrent-Search\tbTorr.dll O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe O4 - HKLM\..\Run: [LtMoh] C:\Program Files\ltmoh\Ltmoh.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [SmartSync - ScheduleSync] C:\PROGRA~1\Mobile Phone Manager\SmartSync\ScheduleSync.exe O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe" O4 - HKLM\..\Run: [TrueImageMonitor.exe] C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe O4 - HKLM\..\Run: [AcronisTimounterMonitor] C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe" O4 - HKLM\..\Run: [QuickTime Task] "D:\ObradaFilma\PowerDirector\qttask.exe" -atboottime O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [SkinClock] E:\Sat-budilnik\AtomicAlarmClock\Atomic Alarm Clock\AtomicAlarmClock.exe O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O8 - Extra context menu item: &Windows Live Search - [Link mogu videti samo ulogovani korisnici]\Program Files\Windows Live Toolbar\msntb.dll/search.htm O8 - Extra context menu item: Add to Banner Ad Blocker - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ie_banner_deny.htm O8 - Extra context menu item: E&xport to Microsoft Excel - [Link mogu videti samo ulogovani korisnici]\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: Web traffic protection statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\SCIEPlgn.dll O9 - Extra button: Launch PicLens - {3437D640-C91A-458f-89F5-B9095EA4C28B} - C:\Program Files\PicLensIE\PicLens.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - E:\Games\Poker\Inst\PartyPoker\RunApp.exe (file missing) O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - E:\Games\Poker\Inst\PartyPoker\RunApp.exe (file missing) O9 - Extra button: RealGuide - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O10 - Unknown file in Winsock LSP: c:\program files\bonjour\mdnsnsp.dll O11 - Options group: [INTERNATIONAL] International* O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} - [Link mogu videti samo ulogovani korisnici] O16 - DPF: {5D69485C-EAB1-42AE-93C1-B5A53F238C5A} (FileInterface Class) - [Link mogu videti samo ulogovani korisnici] O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} - [Link mogu videti samo ulogovani korisnici] O16 - DPF: {8BA2FE8E-8506-11D4-BFE2-CB5FED326646} (Archive Class) - [Link mogu videti samo ulogovani korisnici] O16 - DPF: {A42DDE4E-DF36-4592-83B6-CCA28E770ABD} (Ebanking.Utility) - [Link mogu videti samo ulogovani korisnici] O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} (ArmHelper Control) - [Link mogu videti samo ulogovani korisnici] O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - [Link mogu videti samo ulogovani korisnici] O16 - DPF: {EAC139A9-D22D-4C29-8D1C-252BE63750F9} - [Link mogu videti samo ulogovani korisnici] O16 - DPF: {F6FFAC18-CAD4-4054-9D49-D610286CE323} (SecAPI Class) - [Link mogu videti samo ulogovani korisnici] O17 - HKLM\System\CCS\Services\Tcpip\..\{A83A36A2-2A64-4EB1-AFE9-C1A2B94E5A28}: NameServer = 213.244.255.2,213.244.255.3 O17 - HKLM\System\CCS\Services\Tcpip\..\{BA42E8A0-DE81-4909-83F2-8C72A285A168}: NameServer = 213.244.255.2,213.244.255.3 O17 - HKLM\System\CCS\Services\Tcpip\..\{CFA5F76F-555B-4FFD-9955-C8FD42DC5452}: NameServer = 213.244.255.2,213.244.255.3 O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\msgrapp.8.1.0178.00.dll O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\msgrapp.8.1.0178.00.dll O20 - AppInit_DLLs: C:\PROGRA~1\Kaspersky Lab\Kaspersky Internet Security 2009\mzvkbd.dll,C:\PROGRA~1\Kaspersky Lab\Kaspersky Internet Security 2009\mzvkbd3.dll,C:\PROGRA~1\Kaspersky Lab\Kaspersky Internet Security 2009\adialhk.dll,C:\PROGRA~1\Kaspersky Lab\Kaspersky Internet Security 2009\kloehk.dll O20 - Winlogon Notify: klogon - C:\WINDOWS\system32\klogon.dll O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Kaspersky Internet Security (AVP) - Unknown owner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe" -r (file missing) O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - D:\Magix\Common\Database\bin\fbserver.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: PIXMA Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE (file missing) O23 - Service: Ma-Config Service (maconfservice) - Unknown owner - E:\New Folder (3)\maconfservice.exe (file missing) O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe O23 - Service: UPnPService - Magix AG - C:\Program Files\Common Files\MAGIX Shared\UPnPService\UPnPService.exe Dopuna: 05 Jan 2009 18:53 A evo i posle mog čišćenja: Logfile of HijackThis v1.99.1 Scan saved at 18:47:02, on 5.1.2009 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.5730.0013) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\AGRSMMSG.exe C:\WINDOWS\RTHDCPL.EXE C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe E:\Sat-budilnik\AtomicAlarmClock\Atomic Alarm Clock\AtomicAlarmClock.exe C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\oodag.exe C:\Program Files\CyberLink\Shared Files\RichVideo.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Internet Explorer\iexplore.exe E:\Hijack\Promena.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = [Link mogu videti samo ulogovani korisnici] R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [Link mogu videti samo ulogovani korisnici] R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [Link mogu videti samo ulogovani korisnici] R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [Link mogu videti samo ulogovani korisnici] R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [Link mogu videti samo ulogovani korisnici] R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = [Link mogu videti samo ulogovani korisnici] R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file) O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - D:\Download\DownloadManager\Orbit\Orbitdownloader\orbitcth.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ievkbd.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O2 - BHO: PicLens plug-in for Internet Explorer - {EAEE5C74-6D0D-4aca-9232-0DA4A7B866BA} - C:\Program Files\PicLensIE\PicLens.dll O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe O4 - HKLM\..\Run: [LtMoh] C:\Program Files\ltmoh\Ltmoh.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [SmartSync - ScheduleSync] C:\PROGRA~1\Mobile Phone Manager\SmartSync\ScheduleSync.exe O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe" O4 - HKLM\..\Run: [TrueImageMonitor.exe] C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe O4 - HKLM\..\Run: [AcronisTimounterMonitor] C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe" O4 - HKLM\..\Run: [QuickTime Task] "D:\ObradaFilma\PowerDirector\qttask.exe" -atboottime O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [SkinClock] E:\Sat-budilnik\AtomicAlarmClock\Atomic Alarm Clock\AtomicAlarmClock.exe O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O8 - Extra context menu item: &Windows Live Search - [Link mogu videti samo ulogovani korisnici]\Program Files\Windows Live Toolbar\msntb.dll/search.htm O8 - Extra context menu item: Add to Banner Ad Blocker - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ie_banner_deny.htm O8 - Extra context menu item: E&xport to Microsoft Excel - [Link mogu videti samo ulogovani korisnici]\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: Web traffic protection statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\SCIEPlgn.dll O9 - Extra button: Launch PicLens - {3437D640-C91A-458f-89F5-B9095EA4C28B} - C:\Program Files\PicLensIE\PicLens.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - E:\Games\Poker\Inst\PartyPoker\RunApp.exe (file missing) O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - E:\Games\Poker\Inst\PartyPoker\RunApp.exe (file missing) O9 - Extra button: RealGuide - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O10 - Unknown file in Winsock LSP: c:\program files\bonjour\mdnsnsp.dll O11 - Options group: [INTERNATIONAL] International* O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} - [Link mogu videti samo ulogovani korisnici] O16 - DPF: {5D69485C-EAB1-42AE-93C1-B5A53F238C5A} (FileInterface Class) - [Link mogu videti samo ulogovani korisnici] O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} - [Link mogu videti samo ulogovani korisnici] O16 - DPF: {8BA2FE8E-8506-11D4-BFE2-CB5FED326646} (Archive Class) - [Link mogu videti samo ulogovani korisnici] O16 - DPF: {A42DDE4E-DF36-4592-83B6-CCA28E770ABD} (Ebanking.Utility) - [Link mogu videti samo ulogovani korisnici] O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} (ArmHelper Control) - [Link mogu videti samo ulogovani korisnici] O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - [Link mogu videti samo ulogovani korisnici] O16 - DPF: {EAC139A9-D22D-4C29-8D1C-252BE63750F9} - [Link mogu videti samo ulogovani korisnici] O16 - DPF: {F6FFAC18-CAD4-4054-9D49-D610286CE323} (SecAPI Class) - [Link mogu videti samo ulogovani korisnici] O17 - HKLM\System\CCS\Services\Tcpip\..\{A83A36A2-2A64-4EB1-AFE9-C1A2B94E5A28}: NameServer = 213.244.255.2,213.244.255.3 O17 - HKLM\System\CCS\Services\Tcpip\..\{BA42E8A0-DE81-4909-83F2-8C72A285A168}: NameServer = 213.244.255.2,213.244.255.3 O17 - HKLM\System\CCS\Services\Tcpip\..\{CFA5F76F-555B-4FFD-9955-C8FD42DC5452}: NameServer = 213.244.255.2,213.244.255.3 O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\msgrapp.8.1.0178.00.dll O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\msgrapp.8.1.0178.00.dll O20 - AppInit_DLLs: C:\PROGRA~1\Kaspersky Lab\Kaspersky Internet Security 2009\mzvkbd.dll,C:\PROGRA~1\Kaspersky Lab\Kaspersky Internet Security 2009\mzvkbd3.dll,C:\PROGRA~1\Kaspersky Lab\Kaspersky Internet Security 2009\adialhk.dll,C:\PROGRA~1\Kaspersky Lab\Kaspersky Internet Security 2009\kloehk.dll O20 - Winlogon Notify: klogon - C:\WINDOWS\system32\klogon.dll O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Kaspersky Internet Security (AVP) - Unknown owner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe" -r (file missing) O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - D:\Magix\Common\Database\bin\fbserver.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: PIXMA Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE (file missing) O23 - Service: Ma-Config Service (maconfservice) - Unknown owner - E:\New Folder (3)\maconfservice.exe (file missing) O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe O23 - Service: UPnPService - Magix AG - C:\Program Files\Common Files\MAGIX Shared\UPnPService\UPnPService.exe

Profil

helen1 Poslao: 05 Jan 2009 20:04 Idi na vrh
offline helen1 Anti Malware Fighter Rank 2 Master učitelj Pridružio: 27 Avg 2005 Poruke: 8653 Gde živiš: Novi Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Zdravo, nemoj molim te vise nista da radis na svoju ruku: * Klikni desnim tasterom na Kaspersky ikonicu ( ) u donjem, desnom uglu ekrana i izaberi Pause Protection. * U prozoru koji se otvori, izaberi By User Request. Napomena: Ne zaboravi da uključiš ovu opciju po završetku čišćenja. -------------------------------------- Skini ComboFix sa jedne od sledecih adresa na Desktop: [Link mogu videti samo ulogovani korisnici] [Link mogu videti samo ulogovani korisnici] [Link mogu videti samo ulogovani korisnici] Startuj ga i ne diraj prozor programa dok skenira. Sledi uputstva na ekranu. Kada zavrsi pojavice se log (C:\ComboFix.txt) koji ces nam ovde iskopirati.

Profil

cvetko_a Poslao: 05 Jan 2009 20:39 Idi na vrh
offline cvetko_a Građanin Pridružio: 20 Feb 2005 Poruke: 297 Gde živiš: Vranje	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! ComboFix 09-01-05.02 - korisnik 2009-01-05 20:26:53.1 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.2047.1567 [GMT 1:00] Running from: c:\documents and settings\korisnik\Desktop\ComboFix.exe AV: Kaspersky Internet Security On-access scanning disabled (Updated) FW: Kaspersky Internet Security disabled * Created a new restore point WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !! . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\windows\jestertb.dll . ((((((((((((((((((((((((( Files Created from 2008-12-05 to 2009-01-05 ))))))))))))))))))))))))))))))) . 2063-09-19 06:50 . 2063-09-19 06:50 5,501 --a------ c:\windows\system32\rtclmg32.dll 2009-01-05 17:48 . 2009-01-05 17:48 <DIR> d-------- c:\windows\MyFreeWeather 2008-12-23 23:58 . 2008-12-23 23:58 <DIR> d-------- c:\documents and settings\korisnik\Application Data\Samsung 2008-12-23 23:48 . 2005-08-13 05:06 22,486 -ra------ c:\windows\system32\UnInstall_Driver.ico 2008-12-23 23:43 . 2008-12-23 23:53 <DIR> d-------- c:\windows\system32\Samsung PC Studio Codecs 2008-12-23 23:43 . 2005-11-29 16:17 2,067,140 -ra------ c:\windows\system32\avcodec.dll 2008-12-23 23:43 . 2006-01-09 13:27 679,936 --a------ c:\windows\system32\fun_mp4_enc.dll 2008-12-23 23:43 . 2006-02-07 15:53 659,456 --a------ c:\windows\system32\FunDecFilter.ax 2008-12-23 23:43 . 2006-02-07 15:54 532,480 --a------ c:\windows\system32\FunEncFilter.ax 2008-12-23 23:43 . 2005-12-28 13:36 188,416 --a------ c:\windows\system32\FunOggDecFilter.ax 2008-12-23 23:43 . 2005-12-15 16:53 69,632 --a------ c:\windows\system32\FunEQFilter.ax 2008-12-23 23:43 . 2006-02-07 15:53 61,440 --a------ c:\windows\system32\mp4_vcodec.dll 2008-12-23 23:43 . 2005-12-15 16:53 57,344 --a------ c:\windows\system32\FunVideoAdjustFilter.ax 2008-12-23 23:43 . 2005-12-17 19:40 53,248 --a------ c:\windows\system32\FunVideoResizeFilter.ax 2008-12-23 23:43 . 2005-12-15 16:54 53,248 --a------ c:\windows\system32\FunImgFilter.ax 2008-12-23 23:11 . 2008-12-23 23:48 <DIR> d-------- c:\windows\system32\Samsung_USB_Drivers 2008-12-23 23:11 . 2005-08-28 20:51 766 --a------ c:\windows\system32\Uninstall.ico 2008-12-18 22:59 . 2008-12-18 22:59 <DIR> d-------- c:\documents and settings\All Users\Application Data\SpinTop Games 2008-12-18 22:58 . 2008-12-18 22:58 <DIR> d-------- c:\documents and settings\korisnik\Application Data\SpinTop 2008-12-12 11:53 . 2008-12-12 11:53 2,069,272 --a------ c:\windows\system32\AutoPartNt.exe 2008-12-12 11:53 . 2008-12-12 11:57 1,024 --a------ c:\windows\system32\AutoPartNt.let 2008-12-10 12:02 . 2008-12-10 12:02 <DIR> d-------- c:\documents and settings\korisnik\Application Data\Acronis 2008-12-10 12:01 . 2008-12-10 12:01 <DIR> d-------- c:\documents and settings\All Users\Application Data\Acronis 2008-12-10 11:59 . 2008-12-10 11:59 971,552 --a------ c:\windows\system32\drivers\tdrpm174.sys 2008-12-10 11:59 . 2008-12-10 11:59 540,000 --a------ c:\windows\system32\drivers\timntr.sys 2008-12-10 11:59 . 2008-12-10 11:59 134,272 --a------ c:\windows\system32\drivers\snman380.sys 2008-12-10 11:59 . 2008-12-10 11:59 44,704 --a------ c:\windows\system32\drivers\tifsfilt.sys 2008-12-10 11:58 . 2008-12-10 11:58 <DIR> d-------- c:\program files\Common Files\Acronis 2008-12-10 11:58 . 2008-12-10 11:58 <DIR> d-------- c:\program files\Acronis . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-01-05 19:30 794,656 --sha-w c:\windows\system32\drivers\fidbox2.dat 2009-01-05 19:30 4,844 --sha-w c:\windows\system32\drivers\fidbox2.idx 2009-01-05 19:30 --------- d-----w c:\documents and settings\All Users\Application Data\Kaspersky Lab 2009-01-05 19:29 32,368 --sha-w c:\windows\system32\drivers\fidbox.idx 2009-01-05 19:29 3,870,752 --sha-w c:\windows\system32\drivers\fidbox.dat 2009-01-05 19:28 --------- d-----w c:\documents and settings\korisnik\Application Data\Orbit 2008-12-30 21:46 --------- d-----w c:\documents and settings\korisnik\Application Data\X3mE Yamb 2008-12-30 21:46 --------- d-----w c:\documents and settings\All Users\Application Data\X3mE Yamb 2008-12-23 22:43 --------- d--h--w c:\program files\InstallShield Installation Information 2008-12-19 16:28 --------- d---a-w c:\documents and settings\All Users\Application Data\Temp 2008-12-06 12:12 --------- d-----w c:\documents and settings\korisnik\Application Data\cerasus.media 2008-11-30 09:41 --------- d-----w c:\documents and settings\All Users\Application Data\Gameeel 2008-11-28 09:49 --------- d-----w c:\program files\Paint.NET 2008-11-26 22:00 --------- d-----w c:\program files\Image-Line 2008-11-12 10:02 499,712 ----a-w c:\windows\system32\msvcp71.dll 2008-11-12 10:02 348,160 ----a-w c:\windows\system32\msvcr71.dll 2008-11-12 10:02 --------- d-----w c:\program files\Common Files\Real 2008-11-08 08:23 --------- d-----w c:\program files\easycalendarmaker 2008-11-05 14:31 --------- d-----w c:\documents and settings\korisnik\Application Data\AdobeUM 2007-11-24 23:01 32 ----a-w c:\documents and settings\All Users\Application Data\ezsid.dat 2007-02-03 14:15 47,360 ----a-w c:\documents and settings\korisnik\Application Data\pcouffin.sys 2006-06-29 15:49 212 ------w c:\program files\setup.reg 2007-02-03 15:42 8 --sh--r c:\windows\system32\126D830821.sys 2007-02-03 15:54 848 --sha-w c:\windows\system32\KGyGaAvL.sys . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-03 15360] "SkinClock"="e:\sat-budilnik\AtomicAlarmClock\Atomic Alarm Clock\AtomicAlarmClock.exe" [2008-09-11 1739264] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NeroCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648] "LtMoh"="c:\program files\ltmoh\Ltmoh.exe" [2005-05-18 188416] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-12-05 8523776] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-12-05 81920] "SmartSync - ScheduleSync"="c:\progra~1\Mobile Phone Manager\SmartSync\ScheduleSync.exe" [2006-03-30 45056] "AVP"="c:\program files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe" [2008-07-29 206088] "TrueImageMonitor.exe"="c:\program files\Acronis\TrueImageHome\TrueImageMonitor.exe" [2008-11-21 4352832] "AcronisTimounterMonitor"="c:\program files\Acronis\TrueImageHome\TimounterMonitor.exe" [2008-11-21 960528] "Acronis Scheduler2 Service"="c:\program files\Common Files\Acronis\Schedule2\schedhlp.exe" [2008-11-21 165144] "QuickTime Task"="d:\obradafilma\PowerDirector\qttask.exe" [2008-05-27 413696] "AGRSMMSG"="AGRSMMSG.exe" [2005-06-30 c:\windows\AGRSMMSG.exe] "nwiz"="nwiz.exe" [2007-12-05 c:\windows\system32\nwiz.exe] "RTHDCPL"="RTHDCPL.EXE" [2006-06-13 c:\windows\RTHDCPL.exe] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-03 15360] c:\documents and settings\korisnik\Start Menu\Programs\Startup\ Adobe Gamma.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2006-09-07 113664] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "DisableStatusMessages"= 1 (0x1) [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer] "MaxRecentDocs"= 15 (0xf) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "vidc.DIV3"= DivXc32.dll "vidc.DIV4"= DivXc32f.dll "msacm.divxa32"= DivXa32.acm [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecute REG_MULTI_SZ autocheck autochk \0OODBS [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Home Theater SchSvr] --a------ 2004-04-16 01:00 155648 c:\program files\Common Files\InterVideo\SchSvr\SchSvr.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] --a------ 2008-05-27 09:50 413696 d:\obradafilma\PowerDirector\QTTask.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe] --a------ 2008-11-12 11:02 185872 c:\program files\Common Files\Real\Update_OB\realsched.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WINCINEMAMGR] --a------ 2004-04-16 01:04 192512 d:\common\Bin\WinCinemaMgr.exe [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusDisableNotify"=dword:00000001 "UpdatesDisableNotify"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "c:\\WINDOWS\\system32\\sessmgr.exe"= "c:\\Program Files\\Messenger\\msmsgs.exe"= "c:\\Program Files\\MSN Messenger\\msnmsgr.exe"= "c:\\Program Files\\MSN Messenger\\livecall.exe"= "d:\\ObradaFilma\\PowerDirector\\PowerDirector\\PDR.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009 R0 klbg;Kaspersky Lab Boot Guard Driver;c:\windows\system32\drivers\klbg.sys [2008-01-29 32784] R0 snapman380;Acronis Snapshots Manager (Build 380);c:\windows\system32\drivers\snman380.sys [2008-12-10 134272] R0 tdrpman174;Acronis Try&Decide and Restore Points filter (build 174);c:\windows\system32\drivers\tdrpm174.sys [2008-12-10 971552] R1 SpyEmrg;Spy Emergency Driver;c:\windows\system32\drivers\spyemrg.sys [2005-02-27 5184] R3 Cap713x;Cap713x Video Capture;c:\windows\system32\drivers\Cap713x.sys [2008-03-26 328320] R3 FVDSCSI;FVDSCSI;c:\windows\system32\drivers\fvdscsi.sys [2006-09-07 60008] R3 KLFLTDEV;Kaspersky Lab KLFltDev;c:\windows\system32\drivers\klfltdev.sys [2008-03-13 26640] R3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\windows\system32\drivers\klim5.sys [2008-04-30 24592] S3 3xHybrid;ASUSTek SAA713x PCI Card;c:\windows\system32\DRIVERS\3xHybrid.sys --> c:\windows\system32\DRIVERS\3xHybrid.sys [?] S3 e4usbaw;USB ADSL2 WAN Adapter;c:\windows\system32\DRIVERS\e4usbaw.sys --> c:\windows\system32\DRIVERS\e4usbaw.sys [?] S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;d:\magix\Common\Database\bin\fbserver.exe [2008-09-12 1527900] S3 FlyPCI;FlyPCI;c:\windows\system32\drivers\FlyPCI.sys [2007-10-07 4134] S3 FXDrv32;FXDrv32; [x] S3 maconfservice;Ma-Config Service;"e:\new folder (3)\maconfservice.exe" --> e:\new folder (3)\maconfservice.exe [?] S3 S3GIGP;S3GIGP;c:\windows\system32\DRIVERS\S3gIGPm.sys --> c:\windows\system32\DRIVERS\S3gIGPm.sys [?] S3 SmartCd;SmartCd;c:\windows\system32\drivers\SmartCd.sys [2003-07-30 6397] S3 UPnPService;UPnPService;c:\program files\Common Files\MAGIX Shared\UPnPService\UPnPService.exe [2008-09-12 548864] S3 usnjsvc;Messenger Sharing Folders USN Journal Reader service;c:\program files\MSN Messenger\usnsvc.exe [2007-01-19 97136] S4 IKANLOADER2;General Purpose USB Driver (e4ldr.sys);c:\windows\system32\Drivers\e4ldr.sys --> c:\windows\system32\Drivers\e4ldr.sys [?] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\J] \Shell\AutoRun\command - J:\Autorun.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ac19cd24-5b4a-11dd-8a7d-4d6564696130}] \Shell\AutoOpen\command - k:\.\MSOCache\90000804-6000-11D3-8CFE-0150048383C9\KB915865.exe \Shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL .\MSOCache\90000804-6000-11D3-8CFE-0150048383C9\KB915865.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d4e05f26-056d-11dd-89c0-4d6564696130}] \Shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript.exe killVBS.vbs . Contents of the 'Scheduled Tasks' folder 2008-12-09 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-04-11 16:57] 2009-01-05 c:\windows\Tasks\Check Updates for Windows Live Toolbar.job - c:\program files\Windows Live Toolbar\MSNTBUP.EXE [2006-09-27 17:39] . . ------- Supplementary Scan ------- . uStart Page = about:blank uSearchMigratedDefaultURL = [Link mogu videti samo ulogovani korisnici]{searchTerms}&src={referrer:source?} uInternet Connection Wizard,ShellNext = iexplore uSearchURL,(Default) = [Link mogu videti samo ulogovani korisnici]* IE: &Download by Orbit IE: &Grab video by Orbit IE: &Windows Live Search - c:\program files\Windows Live Toolbar\msntb.dll/search.htm IE: Do&wnload selected by Orbit IE: Down&load all by Orbit IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 Trusted Zone: rol.raiffeisenbank.rs TCP: {A83A36A2-2A64-4EB1-AFE9-C1A2B94E5A28} = 213.244.255.2,213.244.255.3 TCP: {BA42E8A0-DE81-4909-83F2-8C72A285A168} = 213.244.255.2,213.244.255.3 TCP: {CFA5F76F-555B-4FFD-9955-C8FD42DC5452} = 213.244.255.2,213.244.255.3 O16 -: Microsoft XML Parser for Java - c:\windows\Downloaded Program Files\Microsoft XML Parser for Java.osd c:\windows\Downloaded Program Files\CONFLICT.9\stg_drm.ocx - O16 -: {149E45D8-163E-4189-86FC-45022AB2B6C9} [Link mogu videti samo ulogovani korisnici] c:\windows\Downloaded Program Files\FSINT.dll - O16 -: {5D69485C-EAB1-42AE-93C1-B5A53F238C5A} [Link mogu videti samo ulogovani korisnici] O16 -: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} - [Link mogu videti samo ulogovani korisnici] c:\windows\Downloaded Program Files\hardwaredetection.inf c:\windows\Downloaded Program Files\SAWZip.dll - O16 -: {8BA2FE8E-8506-11D4-BFE2-CB5FED326646} [Link mogu videti samo ulogovani korisnici] c:\windows\Downloaded Program Files\CONFLICT.1\EbankingWWW.dll - O16 -: {A42DDE4E-DF36-4592-83B6-CCA28E770ABD} [Link mogu videti samo ulogovani korisnici] c:\windows\Downloaded Program Files\CONFLICT.5\armhelper.ocx - O16 -: {CC450D71-CC90-424C-8638-1F2DBAC87A54} [Link mogu videti samo ulogovani korisnici] c:\windows\Downloaded Program Files\plinstll.dll - O16 -: {EAC139A9-D22D-4C29-8D1C-252BE63750F9} [Link mogu videti samo ulogovani korisnici] c:\windows\Downloaded Program Files\plinstll.inf c:\windows\Downloaded Program Files\EBCSCC2A.dll - O16 -: {F6FFAC18-CAD4-4054-9D49-D610286CE323} [Link mogu videti samo ulogovani korisnici] . ************************************************************************ catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, [Link mogu videti samo ulogovani korisnici] Rootkit scan 2009-01-05 20:30:39 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ********************************************************************** [HKEY_LOCAL_MACHINE\System\ControlSet001\Services\OMSCAN] "ImagePath"="\Sys" . ------------------------ Other Running Processes ------------------------ . c:\program files\Common Files\Acronis\Schedule2\schedul2.exe c:\program files\Bonjour\mDNSResponder.exe c:\windows\system32\nvsvc32.exe c:\windows\system32\oodag.exe c:\program files\CyberLink\Shared Files\RichVideo.exe c:\windows\system32\wdfmgr.exe c:\windows\system32\rundll32.exe . ************************************************************************ . Completion time: 2009-01-05 20:32:29 - machine was rebooted ComboFix-quarantined-files.txt 2009-01-05 19:32:26 Pre-Run: 13.073.776.640 bytes free Post-Run: 12,898,893,824 bytes free 228

Profil

helen1 Poslao: 05 Jan 2009 22:50 Idi na vrh
offline helen1 Anti Malware Fighter Rank 2 Master učitelj Pridružio: 27 Avg 2005 Poruke: 8653 Gde živiš: Novi Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Iskljuci ponovo Antivirus. Otvoriti Notepad i iskopirati sledeci tekst: `Registry:: [-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ac19cd24-5b4a-11dd-8a7d-4d6564696130}] [-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d4e05f26-056d-11dd-89c0-4d6564696130}]` Snimiti na Desktop fajl iz Notepada kao "CFScript" Prevuci snimljeni skript/tekst na ComboFix ikonicu kao na slici. Postaviti u sledecoj poruci log koji bude bio napravljen na kraju ciscenja/skeniranja.

Profil

cvetko_a Poslao: 05 Jan 2009 23:02 Idi na vrh
offline cvetko_a Građanin Pridružio: 20 Feb 2005 Poruke: 297 Gde živiš: Vranje	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! ComboFix 09-01-05.02 - korisnik 2009-01-05 22:52:48.2 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.2047.1554 [GMT 1:00] Running from: c:\documents and settings\korisnik\Desktop\ComboFix.exe Command switches used :: c:\documents and settings\korisnik\Desktop\CFScript.txt AV: Kaspersky Internet Security On-access scanning disabled (Updated) FW: Kaspersky Internet Security disabled * Created a new restore point WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !! . ((((((((((((((((((((((((( Files Created from 2008-12-05 to 2009-01-05 ))))))))))))))))))))))))))))))) . 2063-09-19 06:50 . 2063-09-19 06:50 5,501 --a------ c:\windows\system32\rtclmg32.dll 2009-01-05 17:48 . 2009-01-05 17:48 <DIR> d-------- c:\windows\MyFreeWeather 2008-12-23 23:58 . 2008-12-23 23:58 <DIR> d-------- c:\documents and settings\korisnik\Application Data\Samsung 2008-12-23 23:48 . 2005-08-13 05:06 22,486 -ra------ c:\windows\system32\UnInstall_Driver.ico 2008-12-23 23:43 . 2008-12-23 23:53 <DIR> d-------- c:\windows\system32\Samsung PC Studio Codecs 2008-12-23 23:43 . 2005-11-29 16:17 2,067,140 -ra------ c:\windows\system32\avcodec.dll 2008-12-23 23:43 . 2006-01-09 13:27 679,936 --a------ c:\windows\system32\fun_mp4_enc.dll 2008-12-23 23:43 . 2006-02-07 15:53 659,456 --a------ c:\windows\system32\FunDecFilter.ax 2008-12-23 23:43 . 2006-02-07 15:54 532,480 --a------ c:\windows\system32\FunEncFilter.ax 2008-12-23 23:43 . 2005-12-28 13:36 188,416 --a------ c:\windows\system32\FunOggDecFilter.ax 2008-12-23 23:43 . 2005-12-15 16:53 69,632 --a------ c:\windows\system32\FunEQFilter.ax 2008-12-23 23:43 . 2006-02-07 15:53 61,440 --a------ c:\windows\system32\mp4_vcodec.dll 2008-12-23 23:43 . 2005-12-15 16:53 57,344 --a------ c:\windows\system32\FunVideoAdjustFilter.ax 2008-12-23 23:43 . 2005-12-17 19:40 53,248 --a------ c:\windows\system32\FunVideoResizeFilter.ax 2008-12-23 23:43 . 2005-12-15 16:54 53,248 --a------ c:\windows\system32\FunImgFilter.ax 2008-12-23 23:11 . 2008-12-23 23:48 <DIR> d-------- c:\windows\system32\Samsung_USB_Drivers 2008-12-23 23:11 . 2005-08-28 20:51 766 --a------ c:\windows\system32\Uninstall.ico 2008-12-18 22:59 . 2008-12-18 22:59 <DIR> d-------- c:\documents and settings\All Users\Application Data\SpinTop Games 2008-12-18 22:58 . 2008-12-18 22:58 <DIR> d-------- c:\documents and settings\korisnik\Application Data\SpinTop 2008-12-12 11:53 . 2008-12-12 11:53 2,069,272 --a------ c:\windows\system32\AutoPartNt.exe 2008-12-12 11:53 . 2008-12-12 11:57 1,024 --a------ c:\windows\system32\AutoPartNt.let 2008-12-10 12:02 . 2008-12-10 12:02 <DIR> d-------- c:\documents and settings\korisnik\Application Data\Acronis 2008-12-10 12:01 . 2008-12-10 12:01 <DIR> d-------- c:\documents and settings\All Users\Application Data\Acronis 2008-12-10 11:59 . 2008-12-10 11:59 971,552 --a------ c:\windows\system32\drivers\tdrpm174.sys 2008-12-10 11:59 . 2008-12-10 11:59 540,000 --a------ c:\windows\system32\drivers\timntr.sys 2008-12-10 11:59 . 2008-12-10 11:59 134,272 --a------ c:\windows\system32\drivers\snman380.sys 2008-12-10 11:59 . 2008-12-10 11:59 44,704 --a------ c:\windows\system32\drivers\tifsfilt.sys 2008-12-10 11:58 . 2008-12-10 11:58 <DIR> d-------- c:\program files\Common Files\Acronis 2008-12-10 11:58 . 2008-12-10 11:58 <DIR> d-------- c:\program files\Acronis . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-01-05 20:09 --------- d-----w c:\documents and settings\All Users\Application Data\Kaspersky Lab 2009-01-05 20:07 794,656 --sha-w c:\windows\system32\drivers\fidbox2.dat 2009-01-05 20:07 4,844 --sha-w c:\windows\system32\drivers\fidbox2.idx 2009-01-05 20:07 32,368 --sha-w c:\windows\system32\drivers\fidbox.idx 2009-01-05 20:07 3,870,752 --sha-w c:\windows\system32\drivers\fidbox.dat 2009-01-05 19:28 --------- d-----w c:\documents and settings\korisnik\Application Data\Orbit 2008-12-30 21:46 --------- d-----w c:\documents and settings\korisnik\Application Data\X3mE Yamb 2008-12-30 21:46 --------- d-----w c:\documents and settings\All Users\Application Data\X3mE Yamb 2008-12-23 22:43 --------- d--h--w c:\program files\InstallShield Installation Information 2008-12-19 16:28 --------- d---a-w c:\documents and settings\All Users\Application Data\Temp 2008-12-06 12:12 --------- d-----w c:\documents and settings\korisnik\Application Data\cerasus.media 2008-11-30 09:41 --------- d-----w c:\documents and settings\All Users\Application Data\Gameeel 2008-11-28 09:49 --------- d-----w c:\program files\Paint.NET 2008-11-26 22:00 --------- d-----w c:\program files\Image-Line 2008-11-12 10:02 499,712 ----a-w c:\windows\system32\msvcp71.dll 2008-11-12 10:02 348,160 ----a-w c:\windows\system32\msvcr71.dll 2008-11-12 10:02 --------- d-----w c:\program files\Common Files\Real 2008-11-08 08:23 --------- d-----w c:\program files\easycalendarmaker 2008-11-05 14:31 --------- d-----w c:\documents and settings\korisnik\Application Data\AdobeUM 2007-11-24 23:01 32 ----a-w c:\documents and settings\All Users\Application Data\ezsid.dat 2007-02-03 14:15 47,360 ----a-w c:\documents and settings\korisnik\Application Data\pcouffin.sys 2006-06-29 15:49 212 ------w c:\program files\setup.reg 2007-02-03 15:42 8 --sh--r c:\windows\system32\126D830821.sys 2007-02-03 15:54 848 --sha-w c:\windows\system32\KGyGaAvL.sys . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-03 15360] "SkinClock"="e:\sat-budilnik\AtomicAlarmClock\Atomic Alarm Clock\AtomicAlarmClock.exe" [2008-09-11 1739264] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NeroCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648] "LtMoh"="c:\program files\ltmoh\Ltmoh.exe" [2005-05-18 188416] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-12-05 8523776] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-12-05 81920] "SmartSync - ScheduleSync"="c:\progra~1\Mobile Phone Manager\SmartSync\ScheduleSync.exe" [2006-03-30 45056] "AVP"="c:\program files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe" [2008-07-29 206088] "TrueImageMonitor.exe"="c:\program files\Acronis\TrueImageHome\TrueImageMonitor.exe" [2008-11-21 4352832] "AcronisTimounterMonitor"="c:\program files\Acronis\TrueImageHome\TimounterMonitor.exe" [2008-11-21 960528] "Acronis Scheduler2 Service"="c:\program files\Common Files\Acronis\Schedule2\schedhlp.exe" [2008-11-21 165144] "QuickTime Task"="d:\obradafilma\PowerDirector\qttask.exe" [2008-05-27 413696] "AGRSMMSG"="AGRSMMSG.exe" [2005-06-30 c:\windows\AGRSMMSG.exe] "nwiz"="nwiz.exe" [2007-12-05 c:\windows\system32\nwiz.exe] "RTHDCPL"="RTHDCPL.EXE" [2006-06-13 c:\windows\RTHDCPL.exe] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-03 15360] c:\documents and settings\korisnik\Start Menu\Programs\Startup\ Adobe Gamma.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2006-09-07 113664] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "DisableStatusMessages"= 1 (0x1) [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer] "MaxRecentDocs"= 15 (0xf) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "vidc.DIV3"= DivXc32.dll "vidc.DIV4"= DivXc32f.dll "msacm.divxa32"= DivXa32.acm [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecute REG_MULTI_SZ autocheck autochk \0OODBS [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Home Theater SchSvr] --a------ 2004-04-16 01:00 155648 c:\program files\Common Files\InterVideo\SchSvr\SchSvr.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] --a------ 2008-05-27 09:50 413696 d:\obradafilma\PowerDirector\QTTask.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe] --a------ 2008-11-12 11:02 185872 c:\program files\Common Files\Real\Update_OB\realsched.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WINCINEMAMGR] --a------ 2004-04-16 01:04 192512 d:\common\Bin\WinCinemaMgr.exe [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusDisableNotify"=dword:00000001 "UpdatesDisableNotify"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "c:\\WINDOWS\\system32\\sessmgr.exe"= "c:\\Program Files\\Messenger\\msmsgs.exe"= "c:\\Program Files\\MSN Messenger\\msnmsgr.exe"= "c:\\Program Files\\MSN Messenger\\livecall.exe"= "d:\\ObradaFilma\\PowerDirector\\PowerDirector\\PDR.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009 R0 klbg;Kaspersky Lab Boot Guard Driver;c:\windows\system32\drivers\klbg.sys [2008-01-29 32784] R0 snapman380;Acronis Snapshots Manager (Build 380);c:\windows\system32\drivers\snman380.sys [2008-12-10 134272] R0 tdrpman174;Acronis Try&Decide and Restore Points filter (build 174);c:\windows\system32\drivers\tdrpm174.sys [2008-12-10 971552] R1 SpyEmrg;Spy Emergency Driver;c:\windows\system32\drivers\spyemrg.sys [2005-02-27 5184] R3 Cap713x;Cap713x Video Capture;c:\windows\system32\drivers\Cap713x.sys [2008-03-26 328320] R3 FVDSCSI;FVDSCSI;c:\windows\system32\drivers\fvdscsi.sys [2006-09-07 60008] R3 KLFLTDEV;Kaspersky Lab KLFltDev;c:\windows\system32\drivers\klfltdev.sys [2008-03-13 26640] R3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\windows\system32\drivers\klim5.sys [2008-04-30 24592] S3 3xHybrid;ASUSTek SAA713x PCI Card;c:\windows\system32\DRIVERS\3xHybrid.sys --> c:\windows\system32\DRIVERS\3xHybrid.sys [?] S3 e4usbaw;USB ADSL2 WAN Adapter;c:\windows\system32\DRIVERS\e4usbaw.sys --> c:\windows\system32\DRIVERS\e4usbaw.sys [?] S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;d:\magix\Common\Database\bin\fbserver.exe [2008-09-12 1527900] S3 FlyPCI;FlyPCI;c:\windows\system32\drivers\FlyPCI.sys [2007-10-07 4134] S3 FXDrv32;FXDrv32; [x] S3 maconfservice;Ma-Config Service;"e:\new folder (3)\maconfservice.exe" --> e:\new folder (3)\maconfservice.exe [?] S3 S3GIGP;S3GIGP;c:\windows\system32\DRIVERS\S3gIGPm.sys --> c:\windows\system32\DRIVERS\S3gIGPm.sys [?] S3 SmartCd;SmartCd;c:\windows\system32\drivers\SmartCd.sys [2003-07-30 6397] S3 UPnPService;UPnPService;c:\program files\Common Files\MAGIX Shared\UPnPService\UPnPService.exe [2008-09-12 548864] S3 usnjsvc;Messenger Sharing Folders USN Journal Reader service;c:\program files\MSN Messenger\usnsvc.exe [2007-01-19 97136] S4 IKANLOADER2;General Purpose USB Driver (e4ldr.sys);c:\windows\system32\Drivers\e4ldr.sys --> c:\windows\system32\Drivers\e4ldr.sys [?] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\J] \Shell\AutoRun\command - J:\Autorun.exe . Contents of the 'Scheduled Tasks' folder 2008-12-09 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-04-11 16:57] 2009-01-05 c:\windows\Tasks\Check Updates for Windows Live Toolbar.job - c:\program files\Windows Live Toolbar\MSNTBUP.EXE [2006-09-27 17:39] . . ------- Supplementary Scan ------- . uStart Page = about:blank uSearchMigratedDefaultURL = [Link mogu videti samo ulogovani korisnici]{searchTerms}&src={referrer:source?} uInternet Connection Wizard,ShellNext = iexplore uSearchURL,(Default) = [Link mogu videti samo ulogovani korisnici]* IE: &Download by Orbit IE: &Grab video by Orbit IE: &Windows Live Search - c:\program files\Windows Live Toolbar\msntb.dll/search.htm IE: Do&wnload selected by Orbit IE: Down&load all by Orbit IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 Trusted Zone: rol.raiffeisenbank.rs TCP: {A83A36A2-2A64-4EB1-AFE9-C1A2B94E5A28} = 213.244.255.2,213.244.255.3 TCP: {BA42E8A0-DE81-4909-83F2-8C72A285A168} = 213.244.255.2,213.244.255.3 TCP: {CFA5F76F-555B-4FFD-9955-C8FD42DC5452} = 213.244.255.2,213.244.255.3 O16 -: Microsoft XML Parser for Java - c:\windows\Downloaded Program Files\Microsoft XML Parser for Java.osd c:\windows\Downloaded Program Files\CONFLICT.9\stg_drm.ocx - O16 -: {149E45D8-163E-4189-86FC-45022AB2B6C9} [Link mogu videti samo ulogovani korisnici] c:\windows\Downloaded Program Files\FSINT.dll - O16 -: {5D69485C-EAB1-42AE-93C1-B5A53F238C5A} [Link mogu videti samo ulogovani korisnici] O16 -: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} - [Link mogu videti samo ulogovani korisnici] c:\windows\Downloaded Program Files\hardwaredetection.inf c:\windows\Downloaded Program Files\SAWZip.dll - O16 -: {8BA2FE8E-8506-11D4-BFE2-CB5FED326646} [Link mogu videti samo ulogovani korisnici] c:\windows\Downloaded Program Files\CONFLICT.1\EbankingWWW.dll - O16 -: {A42DDE4E-DF36-4592-83B6-CCA28E770ABD} [Link mogu videti samo ulogovani korisnici] c:\windows\Downloaded Program Files\CONFLICT.5\armhelper.ocx - O16 -: {CC450D71-CC90-424C-8638-1F2DBAC87A54} [Link mogu videti samo ulogovani korisnici] c:\windows\Downloaded Program Files\plinstll.dll - O16 -: {EAC139A9-D22D-4C29-8D1C-252BE63750F9} [Link mogu videti samo ulogovani korisnici] c:\windows\Downloaded Program Files\plinstll.inf c:\windows\Downloaded Program Files\EBCSCC2A.dll - O16 -: {F6FFAC18-CAD4-4054-9D49-D610286CE323} [Link mogu videti samo ulogovani korisnici] . ************************************************************************ catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, [Link mogu videti samo ulogovani korisnici] Rootkit scan 2009-01-05 22:54:11 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************ [HKEY_LOCAL_MACHINE\System\ControlSet001\Services\OMSCAN] "ImagePath"="\Sys" . Completion time: 2009-01-05 22:55:02 ComboFix-quarantined-files.txt 2009-01-05 21:54:59 ComboFix2.txt 2009-01-05 19:32:30 Pre-Run: 12.944.375.808 bytes free Post-Run: 12,862,517,248 bytes free 209

Profil

helen1 Poslao: 05 Jan 2009 23:13 Idi na vrh
offline helen1 Anti Malware Fighter Rank 2 Master učitelj Pridružio: 27 Avg 2005 Poruke: 8653 Gde živiš: Novi Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Kakvo je sad stanje?

Profil

cvetko_a Poslao: 05 Jan 2009 23:19 Idi na vrh
offline cvetko_a Građanin Pridružio: 20 Feb 2005 Poruke: 297 Gde živiš: Vranje	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Dobro,hvala na pomoći.

Profil

helen1 Poslao: 05 Jan 2009 23:22 Idi na vrh
offline helen1 Anti Malware Fighter Rank 2 Master učitelj Pridružio: 27 Avg 2005 Poruke: 8653 Gde živiš: Novi Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uradi jos ovo: Klikni START a zatim RUN U liniju za unos teksta ukucaj Combofix /u i klikni OK Sačekaj da se proces deinstalacije završi Gornja procedura će: Obrisati sledeće: ComboFix i njegove file-ove i foldere VundoFix Backups folder, ako postoji C:\Deckard folder, ako postoji C:\OtMoveIt folder, ako postoji Resetovati podešavanja sata na kompjuteru Sakriti ekstenzije file-ova, ako je potrebno Sakriti sistemske/skrivene file-ove/foldere, ako je potrebno Resetovati System Restore Ako bude problema znas gde smo.

Profil

cvetko_a Poslao: 05 Jan 2009 23:27 Idi na vrh
offline cvetko_a Građanin Pridružio: 20 Feb 2005 Poruke: 297 Gde živiš: Vranje	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Urađeno.Hvala još jednom.

Profil

MyCity » Ambulanta -> Arhiva Ambulante » Pomoć

Ko je trenutno na forumu

Ukupno su 2588 korisnika na forumu :: 74 registrovanih, 6 sakrivenih i 2508 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 20624 - dana 04 Apr 2026 04:18

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: Antoni S, Apok, bankulen, bigfoot, blankspace, bobomicek, bojank, Borski1977, BOXRR, BSD, C-Gun, Cirkon, crazydkure, cvrle312, dankisha, DeerHunter, dejankm, Devil city 1989, Dioniss, Dogma21, doom83, Electron, FOX, Georgius, ginjica, GT, HawX, howyesno, Insan, Ivanmateja, Jaz, Jomini, jon istvan, Kalem, klepesina, Kontrausluga, Kruger, lima, luka35, M74AB3, MadMike, Makarid, MaschinenPistole, mercedesamg, Milan 84, milenko crazy north, Miler88, MILO-VAN, Milometer, mm1811, Moldovan, Ne doznajem se u oružje, nekdo, obsc, oldtimer, orjen, Paklenica, pceklic, pein, Prečanin30, proka89, SamoGledam, sekretar, Sevatar, stegonosa, Tetrijeb, Trpe Grozni, vathra, Velibor Radoja, Velizar Laro, VojaeZ, wolverined4, zokizemun, 79693

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by