MyCity » Ambulanta -> Arhiva Ambulante » Win32/Malagent

Win32/Malagent

Napisano na dan: 6.10.2010

Strana:
1
2

Win32/Malagent

Sledeća strana

Pagination

Odgovori

Strana:
1
2

crossover Poslao: 06 Okt 2010 16:58 Idi na vrh
offline crossover Legendarni građanin Data Center Engineer Pridružio: 13 Avg 2004 Poruke: 3050 Gde živiš: Holandija	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Pozdrav, Odnedavno imam ovaj virus na laptopu. Do sad sam koristio MS Security Essentials, koji očigledno ne može da očisti virus jer ga stalno prijavljuje. TrendMicro HouseCall ga ne nalazi. MalwareBytes nađe, ali samo obriše registry entry-e koji se odmah posle ponovo pojavljuju. Ne bi ni bio problem, instalirao bih neki 'normalan' AV ali - ne mogu. Koji god da probam, prijavljuje da koristim pogrešnu verziju Windowsa (a imam Win7 Ultimate na kojem radi svaki AV). Evo vam sve od logova, nadam se da ćete uspeti da pomognete BTW, znam gde se virus nalazi i pod kojim imenom se krije (svchost.exe u documents-u, users\crossover\appdata\roaming\system32\), ali čim ga obrišem, eto ga ponovo. DDS DDS (Ver_10-03-17.01) - NTFSx86 Run by crossover at 15:19:01.00 on Wed 10/06/2010 Internet Explorer: 8.0.7600.16385 BrowserJavaVersion: 1.6.0_20 Microsoft Windows 7 Ultimate 6.1.7600.0.1252.1.1033.18.1526.366 [GMT 2:00] ============== Running Processes =============== C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Program Files\Microsoft Security Essentials\MsMpEng.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\taskhost.exe C:\xampp\apache\bin\httpd.exe C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\xampp\mysql\bin\mysqld.exe C:\Program Files\CDBurnerXP\NMSAccessU.exe C:\Windows\system32\sppsvc.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Windows\explorer.exe C:\Windows\System32\igfxtray.exe C:\Users\crossover\AppData\Local\Google\Chrome\Application\chrome.exe C:\Windows\System32\igfxpers.exe C:\Windows\system32\igfxsrvc.exe C:\Program Files\Microsoft Security Essentials\msseces.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Program Files\DAEMON Tools Lite\DTLite.exe C:\xampp\apache\bin\httpd.exe C:\Program Files\Wakoopa\Wakoopa.exe C:\Program Files\WhatPulse\WhatPulse.exe C:\Program Files\Internet Download Manager\IDMan.exe C:\Program Files\iPod\bin\iPodService.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\system32\SearchIndexer.exe C:\Program Files\Internet Download Manager\IEMonitor.exe C:\Program Files\Skype\Phone\Skype.exe C:\Program Files\Skype\Plugin Manager\skypePM.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files\Common Files\Java\Java Update\jucheck.exe C:\Program Files\Opera\opera.exe C:\Users\crossover\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe C:\Windows\system32\wuauclt.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Windows\system32\DllHost.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Program Files\Microsoft Security Essentials\MpCmdRun.exe C:\Windows\system32\vssvc.exe C:\Windows\System32\svchost.exe -k swprv D:\Downloads\dds.scr C:\Windows\system32\conhost.exe ============== Pseudo HJT Report =============== uStart Page = about:blank uInternet Settings,ProxyServer = 174.142.24.201:3128 uInternet Settings,ProxyOverride = *.local BHO: IDMIEHlprObj Class: {0055c089-8582-441b-a0bf-17b458c2a3a8} - c:\program files\internet download manager\IDMIECC.dll BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: FGCatchUrl: {2f364306-aa45-47b5-9f9d-39a8b94e7ef7} - c:\program files\flashget\jccatch.dll BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll BHO: IE Developer Toolbar BHO: {cc7e636d-39aa-49b6-b511-65413da137a1} - c:\program files\microsoft\internet explorer developer toolbar\IEDevToolbar.dll BHO: PandoraTV Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - c:\program files\ask.com\GenericAskToolbar.dll BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll BHO: FlashGet GetFlash Class: {f156768e-81ef-470c-9057-481ba8380dba} - c:\program files\flashget\getflash.dll TB: PandoraTV Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - c:\program files\ask.com\GenericAskToolbar.dll EB: IE Developer Toolbar: {a202b231-ef71-4a08-bdb9-4ce5ae8bde0a} - c:\program files\microsoft\internet explorer developer toolbar\IEDevToolbar.dll uRun: [Google Update] "c:\users\crossover\appdata\local\google\update\GoogleUpdate.exe" /c uRun: [DAEMON Tools Lite] "c:\program files\daemon tools lite\DTLite.exe" -autorun uRun: [Wakoopa] c:\program files\wakoopa\Wakoopa.exe uRun: [WhatPulse] c:\program files\whatpulse\WhatPulse.exe uRun: [IDMan] c:\program files\internet download manager\IDMan.exe /onboot uRun: [HKCU] c:\users\crossover\appdata\roaming\system32\svchost.exe mRun: [IgfxTray] c:\windows\system32\igfxtray.exe mRun: [Persistence] c:\windows\system32\igfxpers.exe mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe" mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe" mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe" mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe" mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe" mRun: [AdobeCS4ServiceManager] "c:\program files\common files\adobe\cs4servicemanager\CS4ServiceManager.exe" -launchedbylogin mRun: [Malwarebytes Anti-Malware (reboot)] "c:\program files\malwarebytes' anti-malware\mbam.exe" /runcleanupscript mRun: [HKLM] c:\users\crossover\appdata\roaming\system32\svchost.exe uExplorerRun: [Policies] c:\users\crossover\appdata\roaming\system32\svchost.exe mExplorerRun: [Policies] c:\users\crossover\appdata\roaming\system32\svchost.exe mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableLUA = 0 (0x0) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) mPolicies-system: PromptOnSecureDesktop = 0 (0x0) IE: &Download All with FlashGet - c:\program files\flashget\jc_all.htm IE: &Download with FlashGet - c:\program files\flashget\jc_link.htm IE: Download all links with IDM - c:\program files\internet download manager\IEGetAll.htm IE: Download FLV video content with IDM - c:\program files\internet download manager\IEGetVL.htm IE: Download with IDM - c:\program files\internet download manager\IEExt.htm IE: E&xport to Microsoft Excel - c:\progra~1\mif5ba~1\office12\EXCEL.EXE/3000 IE: {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe IE: {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - c:\program files\flashget\FlashGet.exe IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\mif5ba~1\office12\ONBttnIE.dll IE: {48FFE35F-36D9-44bd-A6CC-1D34414EAC0D} - {CC962137-2E78-4F94-975E-FC0C07DBD78F} - c:\program files\microsoft\internet explorer developer toolbar\IEDevToolbar.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\mif5ba~1\office12\REFIEBAR.DLL Trusted Zone: bancaintesabeograd.com\online DPF: {1842B0EE-B597-11D4-8997-00104BD12D94} - hxxp://www.pcpitstop.com/internet/pcpConnCheck.cab DPF: {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} - hxxp://quickscan.bitdefender.com/qsax/qsax.cab DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} - hxxp://download.bitdefender.com/resources/scanner/sources/en/scan8/oscan8.cab DPF: {76326493-E84F-4D4B-939C-1E07B50037F2} - hxxps://online.bancaintesabeograd.com/RetailDLL/SGCMSCCD.DLL DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab DPF: {9191F686-7F0A-441D-8A98-2FE3AC1BD913} - hxxp://acs.pandasoftware.com/activescan/cabs/as2stubie.cab DPF: {99FE5072-78AA-4FEE-89BA-69A5FA55343F} - hxxp://download.microsoft.com/download/B/3/A/B3A2EA73-793D-4ABE-992D-C81140384044/igdtoolx.cab DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab TCP: {02BFB1AE-1A93-48F6-9010-E8954C1E6361} = 8.8.8.8,8.8.4.4 Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL Notify: igfxcui - igfxdev.dll SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll mASetup: {H5RM742C-PA4R-00OL-4088-466LBPQ6E717} - c:\users\crossover\appdata\roaming\system32\svchost.exe ================= FIREFOX =================== FF - ProfilePath - c:\users\crosso~1\appdata\roaming\mozilla\firefox\profiles\litkcbbi.default\ FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: browser.startup.homepage - hxxp://posta.pcigre.com/ FF - prefs.js: keyword.URL - hxxp://www.google.com/search?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q= FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll FF - plugin: c:\program files\mozilla firefox\plugins\npwachk.dll FF - plugin: c:\users\crossover\appdata\local\google\update\1.2.183.29\npGoogleOneClick8.dll FF - plugin: c:\users\crossover\appdata\roaming\mozilla\plugins\npgoogletalk.dll FF - plugin: c:\users\crossover\appdata\roaming\mozilla\plugins\npgtpo3dautoplugin.dll FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} ---- FIREFOX POLICIES ---- c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.lu", true); c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.nu", true); c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.nz", true); c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true); c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true); c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--p1ai", true); c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbayh7gpa", true); c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.tel", true); c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true); c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", ""); c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false); c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false); c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true); c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com"); ============= SERVICES / DRIVERS =============== R1 ExpanDrive;ExpanDrive;c:\windows\system32\drivers\ExpanDrive.sys [2009-3-19 294472] R1 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2009-6-18 142832] R1 VD_FileDisk;VD_FileDisk;c:\windows\system32\drivers\vd_filedisk.sys [2009-11-7 15872] R1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\drivers\vwififlt.sys [2009-7-14 48128] R2 Apache2.2;Apache2.2;c:\xampp\apache\bin\httpd.exe [2010-8-17 29416] R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-14 229888] R3 ManyCam;ManyCam Virtual Webcam, WDM Video Capture Driver;c:\windows\system32\drivers\ManyCam.sys [2008-1-14 21632] R3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\drivers\MpNWMon.sys [2009-6-18 42480] S3 KMWDFILTERx86;HIDServiceDesc;c:\windows\system32\drivers\KMWDFILTER.sys [2009-4-29 25088] S3 TS_AR5416;[CommView] Atheros AR5008 Wireless Network Adapter Service;c:\windows\system32\drivers\ts_athw.sys [2010-1-21 1351104] S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\drivers\vwifimp.sys [2009-7-14 14336] =============== Created Last 30 ================ 2010-10-06 12:39:35 54016 ----a-w- c:\windows\system32\drivers\oatjvvav.sys 2010-10-06 12:32:04 28552 ----a-w- c:\windows\system32\drivers\pavboot.sys 2010-10-06 12:31:50 0 d-----w- c:\program files\Panda Security 2010-10-06 12:24:37 0 d-----w- c:\users\crosso~1\appdata\roaming\QuickScan 2010-10-06 12:20:26 0 d-----w- c:\programdata\Kaspersky Lab Setup Files 2010-10-06 11:50:14 0 d--h--w- c:\windows\PIF 2010-10-06 11:28:04 0 d-----w- c:\program files\Registry Easy 2010-10-01 15:39:35 0 d-----w- c:\users\crosso~1\appdata\roaming\ZombiePirates 2010-10-01 15:36:51 0 d-----w- c:\programdata\DustDevil 2010-10-01 10:51:35 0 d-----w- c:\program files\Microsoft XNA 2010-09-29 18:56:49 210272 ----a-w- c:\windows\system32\idmmbc.dll 2010-09-29 08:41:38 5459003 ----a-w- c:\users\crosso~1\appdata\roaming\horny-afternoon-2.exe 2010-09-26 18:33:20 0 d-----w- c:\program files\Visual CertExam Suite 2010-09-26 15:11:38 12464 ----a-w- c:\windows\system32\drivers\SECDRV.SYS 2010-09-24 10:53:11 0 d-----w- C:\Snakes On A Plane 2010-09-17 21:38:12 0 d-----w- c:\program files\common files\SWF Studio 2010-09-16 17:32:03 0 d-----w- c:\users\crosso~1\appdata\roaming\Big Fish Games 2010-09-16 17:20:34 0 d-----w- c:\program files\Drawn - The Painted Tower 2010-09-16 16:28:12 0 d-----w- c:\programdata\PICTUREKA! MUSEUM MAYHEM 2010-09-16 16:28:04 0 d-----w- c:\users\crosso~1\appdata\roaming\Pogo Games 2010-09-16 16:27:27 0 d-----w- c:\program files\Pictureka! Museum Mayhem 2010-09-10 22:56:29 0 d-----w- c:\users\crosso~1\appdata\roaming\Artogon 2010-09-09 22:39:03 0 d-----w- c:\program files\Webteh 2010-09-09 12:37:32 56 ---ha-w- c:\windows\system32\ezsidmv.dat 2010-09-07 17:16:57 0 d-----w- c:\users\crosso~1\appdata\roaming\RobinsonCrusoe ==================== Find3M ==================== 2010-10-06 13:18:43 296710 ---ha-w- c:\users\crosso~1\appdata\roaming\cglogs.dat 2009-07-14 04:56:42 31548 ----a-w- c:\windows\inf\perflib\0409\perfd.dat 2009-07-14 04:56:42 31548 ----a-w- c:\windows\inf\perflib\0409\perfc.dat 2009-07-14 04:56:42 291294 ----a-w- c:\windows\inf\perflib\0409\perfi.dat 2009-07-14 04:56:42 291294 ----a-w- c:\windows\inf\perflib\0409\perfh.dat 2009-07-14 04:41:57 174 --sha-w- c:\program files\desktop.ini 2009-07-14 00:34:40 291294 ----a-w- c:\windows\inf\perflib\0000\perfi.dat 2009-07-14 00:34:40 291294 ----a-w- c:\windows\inf\perflib\0000\perfh.dat 2009-07-14 00:34:38 31548 ----a-w- c:\windows\inf\perflib\0000\perfd.dat 2009-07-14 00:34:38 31548 ----a-w- c:\windows\inf\perflib\0000\perfc.dat 2009-06-10 21:26:35 9633792 --sha-r- c:\windows\fonts\StaticCache.dat 2009-12-18 12:30:56 16384 --sha-w- c:\windows\serviceprofiles\localservice\appdata\local\temp\cookies\index.dat 2009-12-18 12:30:56 16384 --sha-w- c:\windows\serviceprofiles\localservice\appdata\local\temp\history\history.ie5\index.dat 2009-12-18 12:30:56 32768 --sha-w- c:\windows\serviceprofiles\localservice\appdata\local\temp\temporary internet files\content.ie5\index.dat 2010-04-25 22:10:13 245760 --sha-w- c:\windows\serviceprofiles\localservice\appdata\roaming\microsoft\windows\ietldcache\index.dat 2009-11-07 13:18:45 16384 --sha-w- c:\windows\serviceprofiles\networkservice\appdata\local\microsoft\windows\history\history.ie5\index.dat 2009-11-07 13:18:45 32768 --sha-w- c:\windows\serviceprofiles\networkservice\appdata\local\microsoft\windows\temporary internet files\content.ie5\index.dat 2009-11-07 13:18:45 16384 --sha-w- c:\windows\serviceprofiles\networkservice\appdata\roaming\microsoft\windows\cookies\index.dat 2009-11-07 13:18:45 245760 --sha-w- c:\windows\serviceprofiles\networkservice\appdata\roaming\microsoft\windows\ietldcache\index.dat 2010-03-02 22:15:33 16384 --sha-w- c:\windows\temp\cookies\index.dat 2010-03-02 22:15:33 16384 --sha-w- c:\windows\temp\history\history.ie5\index.dat 2010-03-02 22:15:33 16384 --sha-w- c:\windows\temp\temporary internet files\content.ie5\index.dat 2009-07-14 01:14:45 396800 --sha-w- c:\windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_f12e83abb108c86c\WinMail.exe ============= FINISH: 15:19:21.04 =============== Ostali logovi https://www.mycity.rs/must-login.png https://www.mycity.rs/must-login.png https://www.mycity.rs/must-login.png https://www.mycity.rs/must-login.png

Profil

1l padr1n0 Poslao: 06 Okt 2010 19:56 Idi na vrh
offline 1l padr1n0 Anti Malware Fighter Rank 2 Pridružio: 02 Feb 2008 Poruke: 14018 Gde živiš: Nish	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Pozdrav i dobro dosao u Ambulantu MyCity foruma. U toku resavanja slucaja, zamolio bih te da se pridrzavas sledeceg: Detaljno citati moja uputstva (ili uputstva kolega koji ce me zamenjivati) i raditi iskljucivo po njima; Ne traziti istovremeno pomoc na drugom mestu; Nemoj koristiti druge programe za uklanjanje malware-a, osim onih za koje budes dobio uputstvo; U toku intervencije ne koristiti USB memorijske uredjaje, dok to ne budem zatrazio; Ukoliko ne odgovorim u roku od 48h, osvezi temu novim post-om; Ukoliko se ne javis u roku od 5 dana, zatvoricemo slucaj. Za vise informacija o pravilima Ambulante MyCity foruma: LINK ------------------------------------------------------------------------------------- Korak 1 Start -> Run -> %AppData%\Malwarebytes\Malwarebytes' Anti-Malware\Logs -> Enter Opcijom Prikaci fajl mi okaci MBAM log-ove uz sledecu poruku. Korak 2 Preuzmi sUBs-ov ComboFix sa sledeće adrese na Desktop: Bleeping Computer Klikni desnim tasterom na link i odaberi opciju Save Target As... (Save Link As..., Save Linked Content As... ili sličnu); Kada se otvori dijalog za izbor lokacije na kojoj treba sačuvati file, odaberi Desktop i klikni Save. Kada preuzimanje programa bude završeno: deaktiviraj zaštitni softver (uputstvo); zatvori pokrenute programe; dvoklikom pokreni program ComboFix. U toku rada, ComboFix će:proveriti postoji li novija verzija programa: klikni Yes ako bude ponuđeno preuzimanje iste. prikazati DISCLAIMER OF WARRANTY ON SOFTWARE: klikni Yes kako bi proces bio nastavljen.ako Recovery Console nije instalirana, ponuditi instalaciju: obavezno prihvati klikom na Yes i isprati postupak.postaviti/dati određeni broj upita/obaveštenja: prihvati klikom na Yes ili OK.po potrebi, restartovati Windows (više puta); na kraju rada, otvoriti Notepad sa izveštajem o skeniranju. Iskopiraj izveštaj koji je ComboFix napravio u temu na forumu: klikni desnim tasterom miša u prozor Notepad-a i izaberi Select All; klikni desnim tasterom miša na obeleženi tekst i izaberi Copy; klikni desnim tasterom miša u polje za pisanje poruke i izaberi Paste. Napomena:Izveštaj će biti sačuvan pod nazivom ComboFix.txt na sistemskoj particiji (tipična lokacija: C:\ComboFix.txt); Ukoliko nakon slanja poruke primetiš da izveštaj nije kompletan, iskoristi opciju Prikači fajl za prilaganje file-a C:\ComboFix.txt uz poruku. goran9888 (AMF Tim)

Profil

crossover Poslao: 07 Okt 2010 02:26 Idi na vrh
offline crossover Legendarni građanin Data Center Engineer Pridružio: 13 Avg 2004 Poruke: 3050 Gde živiš: Holandija	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: ComboFix ne radi, naravno da prijavljuje da koristim nekompatibilni OS. Evo MBAM logova: https://www.mycity.rs/must-login.png https://www.mycity.rs/must-login.png https://www.mycity.rs/must-login.png https://www.mycity.rs/must-login.png

Profil

1l padr1n0 Poslao: 07 Okt 2010 13:17 Idi na vrh
offline 1l padr1n0 Anti Malware Fighter Rank 2 Pridružio: 02 Feb 2008 Poruke: 14018 Gde živiš: Nish	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Pokusaj sledece: - Skini novu verziju Combofix-a na Desktop - Desni klik na Combofix ikonicu i iz padajuceg menija izaberi opciju Run as Administrator - Isprati uputstvo za pokretanje CF-a i postavljanje log-a iz moje prethodne poruke. goran9888 (AMF Tim)

Profil

crossover Poslao: 07 Okt 2010 13:20 Idi na vrh
offline crossover Legendarni građanin Data Center Engineer Pridružio: 13 Avg 2004 Poruke: 3050 Gde živiš: Holandija	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Istu grešku prijavljuje.

Profil

1l padr1n0 Poslao: 07 Okt 2010 17:47 Idi na vrh
offline 1l padr1n0 Anti Malware Fighter Rank 2 Pridružio: 02 Feb 2008 Poruke: 14018 Gde živiš: Nish	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Ok. Onda cemo pokusati drugacije. ------------------------------------------------------------------------------------ Korak 1 Preuzmi The Avenger na Desktop. Raspakuj arhivu u neki folder Dvoklikom pokreni avenger.exe Iskopiraj tekst koji se nalazi unutar Kod polja u (beli) prozor programa: `Folders to delete: c:\users\crossover\appdata\roaming\system32` Klikni Execute, a zatim Yes u sledeća dva prozora koji će se otvoriti Kompjuter će se restartovati (u određenim slučajevima: dva puta) i započeti će proces čišćenja/skeniranja Kada proces bude završen, logfile C:\avenger.txt će se otvoriti u Notepad-u Iskopiraj sadržaj dobijenog loga u temu na forumu. Korak 2 Posto vidim da imas Malwarebytes' Anti-Malware instaliran na racunaru pokreni ga, update-uj program, izvrsi Full scan i okaci log koji MBAM izbaci u sledecoj poruci. Korak 3 Upload-uj mi fajl: c:\windows\system32\drivers\oatjvvav.sys preko ovog linka: http://www.mycity.rs/ambulanta-upload.php goran9888 (AMF Tim)

Profil

crossover Poslao: 07 Okt 2010 19:36 Idi na vrh
offline crossover Legendarni građanin Data Center Engineer Pridružio: 13 Avg 2004 Poruke: 3050 Gde živiš: Holandija	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Nemam takav fajl u tom folderu, gledao sam preko Total Commandera i Command Prompta. Evo logova: avenger.txt Logfile of The Avenger Version 2.0, (c) by Swandog46 http://swandog46.geekstogo.com Platform: Windows Vista ***************** Script file opened successfully. Script file read successfully. Backups directory opened successfully at C:\Avenger *************** Beginning to process script file: Rootkit scan active. No rootkits found! Folder "c:\users\crossover\appdata\roaming\system32" deleted successfully. Completed script processing. ***************** Finished! Terminate. mbam-log-2010-10-07 (19-30-15).txt Malwarebytes' Anti-Malware 1.46 www.malwarebytes.org Database version: 4770 Windows 6.1.7600 Internet Explorer 8.0.7600.16385 10/7/2010 7:30:15 PM mbam-log-2010-10-07 (19-30-15).txt Scan type: Full scan (C:\\|D:\ Objects scanned: 277388 Time elapsed: 1 hour(s), 13 minute(s), 45 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 13 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: C:\Program Files\TC UP\PLUGINS\Tools\Revelation\Revelation.exe (HackTool.Snadboy) -> No action taken. D:\IvanaMegaBook\Games\Butterfly\Part1\NFOviewer.exe (Malware.Packer.Krunchy) -> No action taken. D:\IvanaMegaBook\Games\Coyotes\Part1\NFOviewer.exe (Malware.Packer.Krunchy) -> No action taken. D:\IvanaMegaBook\Games\Coyotes\Part2\NFOviewer.exe (Malware.Packer.Krunchy) -> No action taken. D:\IvanaMegaBook\Games\Flux\Part1\NFOviewer.exe (Malware.Packer.Krunchy) -> No action taken. D:\IvanaMegaBook\Games\Flux\Part2\NFOviewer.exe (Malware.Packer.Krunchy) -> No action taken. D:\IvanaMegaBook\Games\History\Part1\NFOviewer.exe (Malware.Packer.Krunchy) -> No action taken. D:\IvanaMegaBook\Games\History\Part2\NFOviewer.exe (Malware.Packer.Krunchy) -> No action taken. C:\Users\crossover\AppData\Roaming\cglogs.dat (Malware.Trace) -> No action taken. C:\Users\crossover\AppData\Roaming\chrtmp (Malware.Trace) -> No action taken. C:\Users\crossover\AppData\Local\Temp\MSN.abc (Malware.Trace) -> No action taken. C:\Users\crossover\AppData\Local\Temp\UuU.uUu (Malware.Trace) -> No action taken. C:\Users\crossover\AppData\Local\Temp\xxxyyyzzz.dat (Malware.Trace) -> No action taken.

Profil

1l padr1n0 Poslao: 07 Okt 2010 21:59 Idi na vrh
offline 1l padr1n0 Anti Malware Fighter Rank 2 Pridružio: 02 Feb 2008 Poruke: 14018 Gde živiš: Nish	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Korak 1 - Ponovo pokreni MBAM i izvrsi skeniranje - Nakon zavrsenog skeniranja, stikliraj sledece stavke i klikni na Remove Selected Citat:C:\Users\crossover\AppData\Roaming\cglogs.dat (Malware.Trace) C:\Users\crossover\AppData\Roaming\chrtmp (Malware.Trace) C:\Users\crossover\AppData\Local\Temp\MSN.abc (Malware.Trace) C:\Users\crossover\AppData\Local\Temp\UuU.uUu (Malware.Trace) C:\Users\crossover\AppData\Local\Temp\xxxyyyzzz.dat (Malware.Trace) - Okaci sadrzaj log-a koji MBAM bude izbacio u sledecoj poruci. Korak 2 Postavi mi sadrzaj svezeg DDS log-a u sledecoj poruci. goran9888 (AMF Tim)

Profil

crossover Poslao: 08 Okt 2010 20:55 Idi na vrh
offline crossover Legendarni građanin Data Center Engineer Pridružio: 13 Avg 2004 Poruke: 3050 Gde živiš: Holandija	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Nisi rekao koji DDS log tako da sam okačio oba. mbam-log-2010-10-08 (20-47-26).txt Malwarebytes' Anti-Malware 1.46 www.malwarebytes.org Database version: 4770 Windows 6.1.7600 Internet Explorer 8.0.7600.16385 10/8/2010 8:47:26 PM mbam-log-2010-10-08 (20-47-26).txt Scan type: Full scan (C:\\|D:\ Objects scanned: 270843 Time elapsed: 1 hour(s), 5 minute(s), 6 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 13 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: C:\Program Files\TC UP\PLUGINS\Tools\Revelation\Revelation.exe (HackTool.Snadboy) -> Not selected for removal. D:\IvanaMegaBook\Games\Butterfly\Part1\NFOviewer.exe (Malware.Packer.Krunchy) -> Not selected for removal. D:\IvanaMegaBook\Games\Coyotes\Part1\NFOviewer.exe (Malware.Packer.Krunchy) -> Not selected for removal. D:\IvanaMegaBook\Games\Coyotes\Part2\NFOviewer.exe (Malware.Packer.Krunchy) -> Not selected for removal. D:\IvanaMegaBook\Games\Flux\Part1\NFOviewer.exe (Malware.Packer.Krunchy) -> Not selected for removal. D:\IvanaMegaBook\Games\Flux\Part2\NFOviewer.exe (Malware.Packer.Krunchy) -> Not selected for removal. D:\IvanaMegaBook\Games\History\Part1\NFOviewer.exe (Malware.Packer.Krunchy) -> Not selected for removal. D:\IvanaMegaBook\Games\History\Part2\NFOviewer.exe (Malware.Packer.Krunchy) -> Not selected for removal. C:\Users\crossover\AppData\Roaming\cglogs.dat (Malware.Trace) -> Quarantined and deleted successfully. C:\Users\crossover\AppData\Roaming\chrtmp (Malware.Trace) -> Quarantined and deleted successfully. C:\Users\crossover\AppData\Local\Temp\MSN.abc (Malware.Trace) -> Quarantined and deleted successfully. C:\Users\crossover\AppData\Local\Temp\UuU.uUu (Malware.Trace) -> Quarantined and deleted successfully. C:\Users\crossover\AppData\Local\Temp\xxxyyyzzz.dat (Malware.Trace) -> Quarantined and deleted successfully. DDS.txt DDS (Ver_10-03-17.01) - NTFSx86 Run by crossover at 20:51:01.32 on Fri 10/08/2010 Internet Explorer: 8.0.7600.16385 BrowserJavaVersion: 1.6.0_21 Microsoft Windows 7 Ultimate 6.1.7600.0.1252.1.1033.18.1526.640 [GMT 2:00] ============== Running Processes =============== C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Program Files\Microsoft Security Essentials\MsMpEng.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\xampp\apache\bin\httpd.exe C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\xampp\mysql\bin\mysqld.exe C:\Program Files\CDBurnerXP\NMSAccessU.exe C:\Windows\system32\sppsvc.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Windows\System32\igfxtray.exe C:\Windows\System32\igfxpers.exe C:\Windows\system32\igfxsrvc.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Program Files\DAEMON Tools Lite\DTLite.exe C:\Program Files\Wakoopa\Wakoopa.exe C:\Program Files\WhatPulse\WhatPulse.exe C:\xampp\apache\bin\httpd.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files\iPod\bin\iPodService.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Program Files\Opera\opera.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Users\crossover\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe C:\Windows\system32\wuauclt.exe C:\Program Files\Microsoft Security Essentials\msseces.exe D:\Downloads\dds.scr C:\Windows\system32\conhost.exe C:\Windows\system32\wbem\wmiprvse.exe ============== Pseudo HJT Report =============== uStart Page = about:blank uInternet Settings,ProxyServer = 174.142.24.201:3128 uInternet Settings,ProxyOverride = *.local BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: FGCatchUrl: {2f364306-aa45-47b5-9f9d-39a8b94e7ef7} - c:\program files\flashget\jccatch.dll BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll BHO: IE Developer Toolbar BHO: {cc7e636d-39aa-49b6-b511-65413da137a1} - c:\program files\microsoft\internet explorer developer toolbar\IEDevToolbar.dll BHO: PandoraTV Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - c:\program files\ask.com\GenericAskToolbar.dll BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll BHO: FlashGet GetFlash Class: {f156768e-81ef-470c-9057-481ba8380dba} - c:\program files\flashget\getflash.dll TB: PandoraTV Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - c:\program files\ask.com\GenericAskToolbar.dll EB: IE Developer Toolbar: {a202b231-ef71-4a08-bdb9-4ce5ae8bde0a} - c:\program files\microsoft\internet explorer developer toolbar\IEDevToolbar.dll uRun: [Google Update] "c:\users\crossover\appdata\local\google\update\GoogleUpdate.exe" /c uRun: [DAEMON Tools Lite] "c:\program files\daemon tools lite\DTLite.exe" -autorun uRun: [Wakoopa] c:\program files\wakoopa\Wakoopa.exe uRun: [WhatPulse] c:\program files\whatpulse\WhatPulse.exe mRun: [IgfxTray] c:\windows\system32\igfxtray.exe mRun: [Persistence] c:\windows\system32\igfxpers.exe mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe" mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe" mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe" mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe" mRun: [AdobeCS4ServiceManager] "c:\program files\common files\adobe\cs4servicemanager\CS4ServiceManager.exe" -launchedbylogin mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe" mRun: [Malwarebytes Anti-Malware (reboot)] "c:\program files\malwarebytes' anti-malware\mbam.exe" /runcleanupscript mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableLUA = 0 (0x0) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) mPolicies-system: PromptOnSecureDesktop = 0 (0x0) IE: &Download All with FlashGet - c:\program files\flashget\jc_all.htm IE: &Download with FlashGet - c:\program files\flashget\jc_link.htm IE: E&xport to Microsoft Excel - c:\progra~1\mif5ba~1\office12\EXCEL.EXE/3000 IE: {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe IE: {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - c:\program files\flashget\FlashGet.exe IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\mif5ba~1\office12\ONBttnIE.dll IE: {48FFE35F-36D9-44bd-A6CC-1D34414EAC0D} - {CC962137-2E78-4F94-975E-FC0C07DBD78F} - c:\program files\microsoft\internet explorer developer toolbar\IEDevToolbar.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\mif5ba~1\office12\REFIEBAR.DLL Trusted Zone: bancaintesabeograd.com\online DPF: {1842B0EE-B597-11D4-8997-00104BD12D94} - hxxp://www.pcpitstop.com/internet/pcpConnCheck.cab DPF: {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} - hxxp://quickscan.bitdefender.com/qsax/qsax.cab DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} - hxxp://download.bitdefender.com/resources/scanner/sources/en/scan8/oscan8.cab DPF: {76326493-E84F-4D4B-939C-1E07B50037F2} - hxxps://online.bancaintesabeograd.com/RetailDLL/SGCMSCCD.DLL DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab DPF: {9191F686-7F0A-441D-8A98-2FE3AC1BD913} - hxxp://acs.pandasoftware.com/activescan/cabs/as2stubie.cab DPF: {99FE5072-78AA-4FEE-89BA-69A5FA55343F} - hxxp://download.microsoft.com/download/B/3/A/B3A2EA73-793D-4ABE-992D-C81140384044/igdtoolx.cab DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab TCP: {02BFB1AE-1A93-48F6-9010-E8954C1E6361} = 8.8.8.8,8.8.4.4 TCP: 1427479624576716 = 8.8.8.8,8.8.4.4 Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL Notify: igfxcui - igfxdev.dll SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll ================= FIREFOX =================== FF - ProfilePath - c:\users\crosso~1\appdata\roaming\mozilla\firefox\profiles\litkcbbi.default\ FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: browser.startup.homepage - hxxp://posta.pcigre.com/ FF - prefs.js: keyword.URL - hxxp://www.google.com/search?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q= FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll FF - plugin: c:\program files\mozilla firefox\plugins\npwachk.dll FF - plugin: c:\users\crossover\appdata\local\google\update\1.2.183.29\npGoogleOneClick8.dll FF - plugin: c:\users\crossover\appdata\roaming\mozilla\plugins\npgoogletalk.dll FF - plugin: c:\users\crossover\appdata\roaming\mozilla\plugins\npgtpo3dautoplugin.dll FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} ---- FIREFOX POLICIES ---- c:\program files\mozilla firefox\greprefs\all.js - pref("ui.use_native_colors", true); c:\program files\mozilla firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false); c:\program files\mozilla firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true); c:\program files\mozilla firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true); c:\program files\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32); c:\program files\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600); c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.lu", true); c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.nu", true); c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.nz", true); c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true); c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true); c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--p1ai", true); c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbayh7gpa", true); c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.tel", true); c:\program files\mozilla firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false); c:\program files\mozilla firefox\greprefs\all.js - pref("network.proxy.type", 5); c:\program files\mozilla firefox\greprefs\all.js - pref("network.buffer.cache.count", 24); c:\program files\mozilla firefox\greprefs\all.js - pref("network.buffer.cache.size", 4096); c:\program files\mozilla firefox\greprefs\all.js - pref("dom.ipc.plugins.timeoutSecs", 45); c:\program files\mozilla firefox\greprefs\all.js - pref("svg.smil.enabled", false); c:\program files\mozilla firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1); c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.debug", false); c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2); c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1); c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25); c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800); c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25); c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5); c:\program files\mozilla firefox\greprefs\all.js - pref("accelerometer.enabled", true); c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true); c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", ""); c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false); c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false); c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true); c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600); c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com"); c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff"); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties"); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties"); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org"); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com"); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.nptest.dll", true); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npswf32.dll", true); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npctrl.dll", true); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npqtplugin.dll", true); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20); ============= SERVICES / DRIVERS =============== R0 pavboot;pavboot;c:\windows\system32\drivers\pavboot.sys [2010-10-6 28552] R1 ExpanDrive;ExpanDrive;c:\windows\system32\drivers\ExpanDrive.sys [2009-3-19 294472] R1 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2009-6-18 142832] R1 VD_FileDisk;VD_FileDisk;c:\windows\system32\drivers\vd_filedisk.sys [2009-11-7 15872] R1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\drivers\vwififlt.sys [2009-7-14 48128] R2 Apache2.2;Apache2.2;c:\xampp\apache\bin\httpd.exe [2010-8-17 29416] R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-14 229888] R3 ManyCam;ManyCam Virtual Webcam, WDM Video Capture Driver;c:\windows\system32\drivers\ManyCam.sys [2008-1-14 21632] R3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\drivers\MpNWMon.sys [2009-6-18 42480] S3 KMWDFILTERx86;HIDServiceDesc;c:\windows\system32\drivers\KMWDFILTER.sys [2009-4-29 25088] S3 TS_AR5416;[CommView] Atheros AR5008 Wireless Network Adapter Service;c:\windows\system32\drivers\ts_athw.sys [2010-1-21 1351104] S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\drivers\vwifimp.sys [2009-7-14 14336] =============== Created Last 30 ================ 2010-10-08 18:50:41 54016 ----a-w- c:\windows\system32\drivers\bplvmvmk.sys 2010-10-07 16:13:35 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2010-10-07 16:13:32 20952 ----a-w- c:\windows\system32\drivers\mbam.sys 2010-10-07 16:13:32 0 d-----w- c:\program files\Malwarebytes' Anti-Malware 2010-10-06 12:32:04 28552 ----a-w- c:\windows\system32\drivers\pavboot.sys 2010-10-06 12:31:50 0 d-----w- c:\program files\Panda Security 2010-10-06 12:24:37 0 d-----w- c:\users\crosso~1\appdata\roaming\QuickScan 2010-10-06 12:20:26 0 d-----w- c:\programdata\Kaspersky Lab Setup Files 2010-10-06 11:50:14 0 d--h--w- c:\windows\PIF 2010-10-06 11:28:04 0 d-----w- c:\program files\Registry Easy 2010-10-01 15:39:35 0 d-----w- c:\users\crosso~1\appdata\roaming\ZombiePirates 2010-10-01 15:36:51 0 d-----w- c:\programdata\DustDevil 2010-10-01 10:51:35 0 d-----w- c:\program files\Microsoft XNA 2010-09-29 08:41:38 5459003 ----a-w- c:\users\crosso~1\appdata\roaming\horny-afternoon-2.exe 2010-09-26 18:33:20 0 d-----w- c:\program files\Visual CertExam Suite 2010-09-26 15:11:38 12464 ----a-w- c:\windows\system32\drivers\SECDRV.SYS 2010-09-17 21:38:12 0 d-----w- c:\program files\common files\SWF Studio 2010-09-16 17:32:03 0 d-----w- c:\users\crosso~1\appdata\roaming\Big Fish Games 2010-09-16 17:20:34 0 d-----w- c:\program files\Drawn - The Painted Tower 2010-09-16 16:28:12 0 d-----w- c:\programdata\PICTUREKA! MUSEUM MAYHEM 2010-09-16 16:28:04 0 d-----w- c:\users\crosso~1\appdata\roaming\Pogo Games 2010-09-16 16:27:27 0 d-----w- c:\program files\Pictureka! Museum Mayhem 2010-09-10 22:56:29 0 d-----w- c:\users\crosso~1\appdata\roaming\Artogon 2010-09-09 22:39:03 0 d-----w- c:\program files\Webteh 2010-09-09 12:37:32 56 ---ha-w- c:\windows\system32\ezsidmv.dat ==================== Find3M ==================== 2010-07-17 03:00:04 423656 ----a-w- c:\windows\system32\deployJava1.dll 2009-07-14 04:56:42 31548 ----a-w- c:\windows\inf\perflib\0409\perfd.dat 2009-07-14 04:56:42 31548 ----a-w- c:\windows\inf\perflib\0409\perfc.dat 2009-07-14 04:56:42 291294 ----a-w- c:\windows\inf\perflib\0409\perfi.dat 2009-07-14 04:56:42 291294 ----a-w- c:\windows\inf\perflib\0409\perfh.dat 2009-07-14 04:41:57 174 --sha-w- c:\program files\desktop.ini 2009-07-14 00:34:40 291294 ----a-w- c:\windows\inf\perflib\0000\perfi.dat 2009-07-14 00:34:40 291294 ----a-w- c:\windows\inf\perflib\0000\perfh.dat 2009-07-14 00:34:38 31548 ----a-w- c:\windows\inf\perflib\0000\perfd.dat 2009-07-14 00:34:38 31548 ----a-w- c:\windows\inf\perflib\0000\perfc.dat 2009-06-10 21:26:35 9633792 --sha-r- c:\windows\fonts\StaticCache.dat 2009-12-18 12:30:56 16384 --sha-w- c:\windows\serviceprofiles\localservice\appdata\local\temp\cookies\index.dat 2009-12-18 12:30:56 16384 --sha-w- c:\windows\serviceprofiles\localservice\appdata\local\temp\history\history.ie5\index.dat 2009-12-18 12:30:56 32768 --sha-w- c:\windows\serviceprofiles\localservice\appdata\local\temp\temporary internet files\content.ie5\index.dat 2010-04-25 22:10:13 245760 --sha-w- c:\windows\serviceprofiles\localservice\appdata\roaming\microsoft\windows\ietldcache\index.dat 2009-11-07 13:18:45 16384 --sha-w- c:\windows\serviceprofiles\networkservice\appdata\local\microsoft\windows\history\history.ie5\index.dat 2009-11-07 13:18:45 32768 --sha-w- c:\windows\serviceprofiles\networkservice\appdata\local\microsoft\windows\temporary internet files\content.ie5\index.dat 2009-11-07 13:18:45 16384 --sha-w- c:\windows\serviceprofiles\networkservice\appdata\roaming\microsoft\windows\cookies\index.dat 2009-11-07 13:18:45 245760 --sha-w- c:\windows\serviceprofiles\networkservice\appdata\roaming\microsoft\windows\ietldcache\index.dat 2010-03-02 22:15:33 16384 --sha-w- c:\windows\temp\cookies\index.dat 2010-03-02 22:15:33 16384 --sha-w- c:\windows\temp\history\history.ie5\index.dat 2010-03-02 22:15:33 16384 --sha-w- c:\windows\temp\temporary internet files\content.ie5\index.dat 2009-07-14 01:14:45 396800 --sha-w- c:\windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_f12e83abb108c86c\WinMail.exe ============= FINISH: 20:51:44.16 =============== Attach.txt UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT DDS (Ver_10-03-17.01) Microsoft Windows 7 Ultimate Boot Device: \Device\HarddiskVolume1 Install Date: 11/7/2009 2:15:34 PM System Uptime: 10/8/2010 6:35:23 PM (2 hours ago) Motherboard: Acer \| \| Acadia Processor: Intel(R) Pentium(R) Dual CPU T2330 @ 1.60GHz \| uPGA-478 \| 1600/133mhz ==== Disk Partitions ========================= C: is FIXED (NTFS) - 39 GiB total, 17.469 GiB free. D: is FIXED (NTFS) - 194 GiB total, 157.119 GiB free. E: is CDROM () F: is CDROM () G: is CDROM () ==== Disabled Device Manager Items ============= ==== System Restore Points =================== RP194: 9/26/2010 5:02:36 PM - Installed Post Mortem RP196: 9/26/2010 5:59:16 PM - Removed Call Of Cthulhu DCoTE RP198: 9/26/2010 6:00:58 PM - Removed Post Mortem RP199: 9/26/2010 8:33:29 PM - Windows Update RP200: 9/26/2010 11:49:53 PM - Windows Update RP201: 9/27/2010 11:21:09 PM - Installed Opera 10.62. RP202: 9/28/2010 4:43:26 PM - Windows Update RP204: 9/29/2010 3:31:28 PM - Microsoft Antimalware Checkpoint RP205: 9/29/2010 11:50:13 PM - Windows Update RP206: 10/1/2010 12:50:46 PM - Installed Microsoft XNA Framework Redistributable 3.1 RP207: 10/1/2010 8:41:43 PM - Windows Update RP208: 10/4/2010 8:25:07 PM - Windows Update RP209: 10/5/2010 7:50:27 AM - Windows Update RP210: 10/5/2010 5:25:48 PM - Windows Update RP211: 10/5/2010 9:09:29 PM - Windows Update RP213: 10/5/2010 9:10:03 PM - Microsoft Antimalware Checkpoint RP214: 10/6/2010 10:53:43 AM - Windows Update RP215: 10/7/2010 11:34:06 AM - Windows Update RP216: 10/7/2010 6:24:28 PM - Windows Update RP217: 10/7/2010 8:12:10 PM - Installed Java(TM) 6 Update 21 ==== Installed Programs ====================== Adobe AIR Adobe Anchor Service CS4 Adobe Bridge CS4 Adobe CMaps CS4 Adobe Color EU Extra Settings CS4 Adobe Color JA Extra Settings CS4 Adobe Color NA Recommended Settings CS4 Adobe CSI CS4 Adobe Default Language CS4 Adobe Device Central CS4 Adobe Drive CS4 Adobe ExtendScript Toolkit CS4 Adobe Extension Manager CS4 Adobe Flash Player 10 ActiveX Adobe Flash Player 10 Plugin Adobe Fonts All Adobe Illustrator CS4 Adobe Linguistics CS4 Adobe Media Player Adobe Output Module Adobe PDF Library Files CS4 Adobe Reader 9.3.4 Adobe Search for Help Adobe Service Manager Extension Adobe Setup Adobe Type Support CS4 Adobe Update Manager CS4 Adobe WinSoft Linguistics Plugin Adobe XMP Panels CS4 AdobeColorCommonSetCMYK AdobeColorCommonSetRGB Alt.Binz 0.25.0 Apple Application Support Apple Mobile Device Support Apple Software Update Arx Fatalis Ask Toolbar Bonjour BS.Player FREE CDBurnerXP Cheat Engine 5.5 Cisco Packet Tracer 5.2.1 Commander Keen: Complete Pack Connect ExpanDrive Fantastic Farm FeedReader FileZilla Client 3.3.4.1 FlashGet 1.9.6.1073 Freedom Force GIMP 2.6.8 GOG.com Downloader Google Chrome Google Talk Plugin ImageShak Uploader 2.2.0 Indeo® Software Intel(R) Graphics Media Accelerator Driver Internet Explorer Developer Toolbar IrfanView (remove only) iTunes iTunes Backup Manager 1.6.1 Java Auto Updater Java(TM) 6 Update 21 JDownloader kuler Malwarebytes' Anti-Malware ManyCam 2.4 (remove only) Microsoft Antimalware Microsoft Application Error Reporting Microsoft Choice Guard Microsoft Office 2007 Service Pack 2 (SP2) Microsoft Office Access MUI (English) 2007 Microsoft Office Access Setup Metadata MUI (English) 2007 Microsoft Office Enterprise 2007 Microsoft Office Excel MUI (English) 2007 Microsoft Office Groove MUI (English) 2007 Microsoft Office Groove Setup Metadata MUI (English) 2007 Microsoft Office InfoPath MUI (English) 2007 Microsoft Office OneNote MUI (English) 2007 Microsoft Office Outlook MUI (English) 2007 Microsoft Office PowerPoint MUI (English) 2007 Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (Spanish) 2007 Microsoft Office Proofing (English) 2007 Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) Microsoft Office Publisher MUI (English) 2007 Microsoft Office Shared MUI (English) 2007 Microsoft Office Shared Setup Metadata MUI (English) 2007 Microsoft Office Word MUI (English) 2007 Microsoft Office Word Viewer 2003 Microsoft Security Essentials Microsoft Silverlight Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft XNA Framework Redistributable 3.1 Mozilla Firefox (3.6.10) MSVCRT MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688-) MSXML 4.0 SP2 Parser and SDK MSXML4 Parser NAT32E Version 1.8 Network Stumbler 0.4.0 (remove only) Nokia Connectivity Cable Driver One Unit Whole Blood OpenAL Opera 10.62 Panda ActiveScan 2.0 PDF Settings CS4 PE Builder 3.1.10a Photoshop Camera Raw QuickTime Registry Easy v5.6 Security Update for 2007 Microsoft Office System (KB2277947) Security Update for 2007 Microsoft Office System (KB2288621) Security Update for 2007 Microsoft Office System (KB969559) Security Update for 2007 Microsoft Office System (KB976321) Security Update for 2007 Microsoft Office System (KB982312) Security Update for 2007 Microsoft Office System (KB982331) Security Update for CAPICOM (KB931906) Security Update for Microsoft Office Access 2007 (KB979440) Security Update for Microsoft Office Excel 2007 (KB982308-) Security Update for Microsoft Office InfoPath 2007 (KB979441) Security Update for Microsoft Office Outlook 2007 (KB2288953) Security Update for Microsoft Office PowerPoint 2007 (KB982158-) Security Update for Microsoft Office Publisher 2007 (KB982124) Security Update for Microsoft Office system 2007 (972581) Security Update for Microsoft Office system 2007 (KB974234) Security Update for Microsoft Office Visio Viewer 2007 (KB973709) Security Update for Microsoft Office Word 2007 (KB2251419) Skype™ 4.2 Steam Suite Shared Configuration CS4 Swiff Player 1.5 TC UP The KMPlayer (remove only) UltraISO Premium V9.35 Update for 2007 Microsoft Office System (KB967642) Update for Microsoft Office 2007 Help for Common Features (KB963673) Update for Microsoft Office Access 2007 Help (KB963663) Update for Microsoft Office Excel 2007 Help (KB963678-) Update for Microsoft Office Infopath 2007 Help (KB963662) Update for Microsoft Office OneNote 2007 (KB980729) Update for Microsoft Office OneNote 2007 Help (KB963670) Update for Microsoft Office Outlook 2007 Help (KB963677) Update for Microsoft Office Powerpoint 2007 Help (KB963669) Update for Microsoft Office Publisher 2007 Help (KB963667) Update for Microsoft Office Script Editor Help (KB963671) Update for Microsoft Office Word 2007 Help (KB963665) Update for Outlook 2007 Junk Email Filter (kb2291599) Visual CertExam Suite 1.9 Wakoopa WBFS Manager 2.5 WhatPulse 1.6.2.1 Winamp Winamp Application Detect Windows Live Call Windows Live Communications Platform Windows Live Essentials Windows Live Messenger Windows Live OneCare safety scanner Windows Live Sign-in Assistant Windows Live Upload Tool WinPcap 4.1.1 WinSCP 4.2.7 World of Zellians xVideos Video Downloader 3.19 Zombie Pirates 1.0 ==== Event Viewer Messages From Past Week ======== 10/7/2010 8:03:55 PM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start. 10/7/2010 8:03:49 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030} 10/7/2010 8:03:49 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39} 10/7/2010 8:03:39 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF} 10/7/2010 8:03:28 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC} 10/7/2010 8:03:23 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: discache MpFilter pavboot spldr sptd VD_FileDisk Wanarpv6 10/7/2010 8:02:58 PM, Error: sptd [4] - Driver detected an internal error in its data structures for . 10/7/2010 8:01:53 PM, Error: Service Control Manager [7024] - The Apache2.2 service terminated with service-specific error Incorrect function.. 10/7/2010 5:57:01 PM, Error: Microsoft-Windows-Iphlpsvc [4202] - Unable to update the IP address on Isatap interface isatap.{02BFB1AE-1A93-48F6-9010-E8954C1E6361}. Update Type: 0. Error Code: 0x57. 10/7/2010 11:35:51 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Microsoft Security Essentials Client update package - KB2019198. 10/7/2010 11:34:36 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Microsoft Security Essentials Client update package - KB2254596. 10/6/2010 10:53:30 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service. ==== End Of File ===========================

Profil

1l padr1n0 Poslao: 08 Okt 2010 22:25 Idi na vrh
offline 1l padr1n0 Anti Malware Fighter Rank 2 Pridružio: 02 Feb 2008 Poruke: 14018 Gde živiš: Nish	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Upload-uj mi fajl: c:\windows\system32\drivers\bplvmvmk.sys preko ovog linka: http://www.mycity.rs/ambulanta-upload.php goran9888 (AMF Tim)

Profil

MyCity » Ambulanta -> Arhiva Ambulante » Win32/Malagent

Ko je trenutno na forumu

Ukupno su 957 korisnika na forumu :: 45 registrovanih, 9 sakrivenih i 903 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: _Petar, anbeast, Apok, babaroga, cavatina, croato, DejanSt, dejina811, Denaya, Doca, doklevise, Dorcolac, dragoljub11987, Duh sa sekirom, Dukelander, Džordžino, elenemste, goranperović66, Helket, hyla, ikan, kalens021, Karla, kunktator, LUDI, maiden6657, mercedesamg, Ne doznajem se u oružje, panzerwaffe, pein, raptorsi, S2M, sasa87, Shinobi, Srle993, stegonosa, StepskiVuk, suton, Tandrkalo, theNedjeljko, Tores, virked, VJ, vladulns, šumar bk2

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by