MyCity » Ambulanta -> Arhiva Ambulante » neizbrisiv csrss file na usb-u

neizbrisiv csrss file na usb-u

Napisano na dan: 4.11.2009

Strana:
1
2

neizbrisiv csrss file na usb-u

Sledeća strana

Pagination

Odgovori

Strana:
1
2

rasho75 Poslao: 04 Nov 2009 09:42 Idi na vrh
offline rasho75 Novi MyCity građanin Pridružio: 03 Nov 2009 Poruke: 8	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Pozdrav dobri ljudi, zadnjih mjesec dana sam primjetio par cudnih stvari na kompu. Imam brzu vezu i flat rate tako da sam stalno ne netu. Windowi xp profesional,avast antivirus kojim otprilike jednom mjesecno cistim komp. Ocistio sam ga i sada i nista nije nasao, ni na disku ni na usb-u. Dakle, -Ponekad mi javi da mi je firefox ukljucen i da ga prvo iskljucim kako bi mogao nastaviti sa updateom. Firefox mi u tom trenutku uopce nije ukljucen?! -kod prijatelja sam ukljucio usb na njegov komp i bitdefender pronadje neki CSRSS file (worm,virus ili sta je vec) na njemu i izbrise ga bez problema. Kad sam ga prikljucio na moj komp, taj isti file se opet pojavi. Pokusao ga brisati, svaki put se vrati skupa sa autorun fileom. -pokusao sam cistiti ccleaner-om i on to svasta nesto nadje i ocistim ali csrss file se nisam mogao rijestit ali sam i vidio preko cccleanera da je podeseno da se pokrece s racunalom. Takoder sam pronasao i u task menageru da je aktivan. -jos jedna cudna stvar, zadnje vrijeme kad preko mycomputer-a zelim otvoriti taj isti usb stick, nista se ne desava i ne mogu ga otvoriti dvoklikom ili opcijom OPEN vec samo EXPLORE Prema uputama sa foruma sam napravio sve radnje za 32 bitni windows i svi potrebni izvjestaji su tu. Ako jos sta treba samo javite a ako koji put kazem nesto glupo nemojte se previse rugati. mycity.rs/must-login.png mycity.rs/must-login.png mycity.rs/must-login.png mycity.rs/must-login.png mycity.rs/must-login.png mycity.rs/must-login.png

Profil

diarno Poslao: 04 Nov 2009 11:12 Idi na vrh
offline diarno Anti Malware Fighter Rank 2 Pridružio: 15 Jun 2007 Poruke: 5572	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Pozdrav i dobrodosao na forum Uradi sledece : Preuzmi sUBs-ov ComboFix sa sledeće adrese na Desktop: Bleeping Computer Klikni desnim tasterom na link i odaberi opciju Save Target As... (Save Link As..., Save Linked Content As... ili sličnu); Kada se otvori dijalog za izbor lokacije na kojoj treba sačuvati file, odaberi Desktop i klikni Save. Kada preuzimanje programa bude završeno: deaktiviraj zaštitni softver (uputstvo); zatvori pokrenute programe; dvoklikom pokreni program ComboFix. U toku rada, ComboFix će:proveriti postoji li novija verzija programa: klikni Yes ako bude ponuđeno preuzimanje iste. prikazati DISCLAIMER OF WARRANTY ON SOFTWARE: klikni Yes kako bi proces bio nastavljen.ako Recovery Console nije instalirana, ponuditi instalaciju: obavezno prihvati klikom na Yes i isprati postupak.postaviti/dati određeni broj upita/obaveštenja: prihvati klikom na Yes ili OK.po potrebi, restartovati Windows (više puta); na kraju rada, otvoriti Notepad sa izveštajem o skeniranju. Iskopiraj izveštaj koji je ComboFix napravio u temu na forumu: klikni desnim tasterom miša u prozor Notepad-a i izaberi Select All; klikni desnim tasterom miša na obeleženi tekst i izaberi Copy; klikni desnim tasterom miša u polje za pisanje poruke i izaberi Paste. Napomena:Izveštaj će biti sačuvan pod nazivom ComboFix.txt na sistemskoj particiji (tipična lokacija: C:\ComboFix.txt); Ukoliko nakon slanja poruke primetiš da izveštaj nije kompletan, iskoristi opciju Prikači fajl za prilaganje file-a C:\ComboFix.txt uz poruku.

Profil

rasho75 Poslao: 04 Nov 2009 11:51 Idi na vrh
offline rasho75 Novi MyCity građanin Pridružio: 03 Nov 2009 Poruke: 8	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Pozdrav, evo izvjestaj slijedi: ComboFix 09-11-03.03 - Saša 04.11.2009 11:37.1.1 - FAT32x86 Microsoft Windows XP Professional 5.1.2600.2.1250.385.1033.18.2038.1519 [GMT 1:00] Running from: c:\documents and settings\Saša\Desktop\ComboFix.exe AV: avast! antivirus 4.8.1356 [VPS 091103-1] On-access scanning disabled (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D} WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !! . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\documents and settings\Saša\Application Data\Microsoft\csrss.exe c:\program files\AskSearch\bin\DefaultSearch.dll C:\test.txt c:\windows\qpprqr.ini c:\windows\server.exe c:\windows\tsrsru.ini c:\windows\uxxbdd.ini c:\windows\vyxxay.ini c:\windows\ybdggh.ini . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Legacy_DOMAINSERVICE ((((((((((((((((((((((((( Files Created from 2009-10-04 to 2009-11-04 ))))))))))))))))))))))))))))))) . 2009-11-03 11:21 . 2009-11-03 11:21 -------- d-----w- c:\program files\Trend Micro 2009-10-26 19:50 . 2009-10-26 19:50 -------- d-----w- c:\program files\PowerISO 2009-10-24 22:40 . 2009-10-24 22:40 -------- d--h--w- c:\windows\PIF . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-09-26 09:58 . 2007-02-03 18:44 3348 --sha-w- c:\windows\system32\KGyGaAvL.sys 2009-09-20 13:27 . 2009-09-20 13:27 -------- d-----w- c:\documents and settings\Guest\Application Data\Outertech 2009-09-20 12:33 . 2009-09-20 12:33 -------- d-----w- c:\documents and settings\Guest\Application Data\Winamp 2009-09-15 11:59 . 2007-01-13 17:15 1279968 ----a-w- c:\windows\system32\aswBoot.exe 2009-09-15 11:56 . 2007-01-13 17:15 93424 ----a-w- c:\windows\system32\drivers\aswmon.sys 2009-09-15 11:56 . 2007-01-13 17:15 94160 ----a-w- c:\windows\system32\drivers\aswmon2.sys 2009-09-15 11:55 . 2008-04-12 14:44 114768 ----a-w- c:\windows\system32\drivers\aswSP.sys 2009-09-15 11:55 . 2008-04-12 14:44 20560 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys 2009-09-15 11:54 . 2007-01-13 17:15 52368 ----a-w- c:\windows\system32\drivers\aswTdi.sys 2009-09-15 11:54 . 2007-01-13 17:15 23152 ----a-w- c:\windows\system32\drivers\aswRdr.sys 2009-09-15 11:53 . 2007-01-13 17:15 27408 ----a-w- c:\windows\system32\drivers\aavmker4.sys 2009-09-15 11:53 . 2007-01-13 17:15 97480 ----a-w- c:\windows\system32\AVASTSS.scr 2009-09-07 09:41 . 2009-09-07 09:41 -------- d-----w- c:\documents and settings\All Users\Application Data\Google Updater 2009-08-27 11:42 . 2009-08-27 11:42 148736 ----a-w- c:\documents and settings\All Users\Application Data\hpeBE.dll . ((((((((((((((((((((((((((((((((((((((((((((( AWF )))))))))))))))))))))))))))))))))))))))))))))))))))))))))) . 2004-08-03 21:56 . 2004-08-03 21:56 15360 c:\windows\system32\bak\ctfmon.exe 2004-08-03 21:56 . 2004-08-03 21:56 15360 c:\windows\system32\ctfmon.exe 2007-01-13 16:22 . 2001-07-09 09:50 155648 c:\windows\system32\bak\NeroCheck.exe 2007-01-13 16:39 . 2006-03-23 04:17 94208 c:\windows\system32\bak\igfxtray.exe 2007-01-13 16:39 . 2006-03-23 04:13 77824 c:\windows\system32\bak\hkcmd.exe 2007-01-13 16:39 . 2006-03-23 04:17 118784 c:\windows\system32\bak\igfxpers.exe 2005-08-11 15:30 . 2005-08-11 15:30 249856 c:\program files\Common Files\InstallShield\UpdateService\bak\isuspm.exe 2005-08-11 15:30 . 2005-08-11 15:30 81920 c:\program files\Common Files\InstallShield\UpdateService\bak\issch.exe 2007-01-13 17:15 . 2007-01-12 11:24 108160 c:\program files\Alwil Software\Avast4\bak\ashDisp.exe 2007-01-13 17:15 . 2009-09-15 11:56 81000 c:\program files\Alwil Software\Avast4\ashDisp.exe 2007-01-13 17:17 . 2006-08-23 15:21 3208192 c:\program files\Ashampoo\Ashampoo FireWall\bak\FireWall.exe 2007-01-18 19:18 . 2005-12-21 07:02 53248 c:\program files\Realtek\InstallShield\bak\AzMixerSel.exe 2007-01-23 18:03 . 2006-03-06 23:52 36864 c:\program files\Ulead Systems\Ulead VideoStudio 10\bak\uvPL.exe 2007-01-23 18:05 . 2007-01-23 18:05 155648 c:\program files\QuickTime\bak\qttask.exe 2006-09-01 14:57 . 2006-09-01 14:57 282624 c:\program files\QuickTime\qttask.exe . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}] 2008-07-17 16:20 279944 ----a-w- c:\program files\AskBarDis\bar\bin\askBar.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{3041d03e-fd4b-44e0-b742-2d9b88305f98}"= "c:\program files\AskBarDis\bar\bin\askBar.dll" [2008-07-17 279944] [HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}] [HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser] "{3041D03E-FD4B-44E0-B742-2D9B88305F98}"= "c:\program files\AskBarDis\bar\bin\askBar.dll" [2008-07-17 279944] [HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}] [HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "OM2_Monitor"="c:\program files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe" [2008-02-22 95536] "BitTorrent DNA"="c:\program files\DNA\btdna.exe" [2009-02-27 321344] "Google Update"="c:\documents and settings\Saša\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [2009-03-29 133104] "Windows Defender"="c:\windows\server.exe" [N/A] "Sony Ericsson PC Suite"="c:\program files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe" [2009-06-23 434176] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-09-07 39408] "csrss.exe"="c:\documents and settings\Saša\Application Data\Microsoft\csrss.exe" [N/A] "AdobeBridge"="" [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-09-15 81000] "QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2006-09-01 282624] "AdobeCS4ServiceManager"="c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2008-08-14 611712] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-07-31 149280] "PWRISOVM.EXE"="c:\program files\PowerISO\PWRISOVM.EXE" [2008-07-07 167936] "RTHDCPL"="RTHDCPL.EXE" - c:\windows\RTHDCPL.exe [2006-06-28 16248320] "SkyTel"="SkyTel.EXE" - c:\windows\SkyTel.exe [2006-05-16 2879488] "PD0620 STISvc"="P0620Pin.dll" - c:\windows\system32\P0620Pin.dll [2005-05-10 36864] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-03 15360] "Picasa Media Detector"="c:\program files\Picasa2\PicasaMediaDetector.exe" [2008-02-26 443968] [HKEY_CURRENT_USER\software\microsoft\windows\Currentversion\policies\explorer\Run] "Microsoft Corp"="c:\windows\server.exe" [N/A] c:\documents and settings\Guest\Start Menu\Programs\Startup\ Yahoo! Widget Engine.lnk - c:\program files\Yahoo!\Widgets\YahooWidgetEngine.exe [2007-7-20 2913584] c:\documents and settings\All Users\Start Menu\Programs\Startup\ Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2004-12-14 29696] Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360] InterVideo WinCinema Manager.lnk - c:\program files\InterVideo\Common\Bin\WinCinemaMgr.exe [2007-1-13 303104] [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Shareaza Applications\\Shareaza\\Shareaza.exe"= "c:\\Program Files\\Bonjour\\mDNSResponder.exe"= "c:\\Program Files\\DNA\\btdna.exe"= "c:\\Program Files\\BitTorrent\\bittorrent.exe"= "c:\\Documents and Settings\\Saša\\Local Settings\\Application Data\\Google\\Google Talk Plugin\\googletalkplugin.dll"= "c:\\Documents and Settings\\Saša\\Local Settings\\Application Data\\Google\\Google Talk Plugin\\googletalkplugin.exe"= "c:\\Program Files\\FreshWebmaster\\FreshFTP\\freshftp.exe"= "c:\\Program Files\\Common Files\\Adobe\\CS4ServiceManager\\CS4ServiceManager.exe"= "c:\\WINDOWS\\system32\\winver.exe"= "c:\\Program Files\\SightSpeed\\SightSpeed.exe"= "c:\\Program Files\\Skype\\Phone\\Skype.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "5353:TCP"= 5353:TCP:Adobe CSI CS4 R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [12.4.2008 15:44 114768] R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [12.4.2008 15:44 20560] R3 seehcri;Sony Ericsson seehcri Device Driver;c:\windows\system32\drivers\seehcri.sys [27.8.2009 12:43 27632] S2 gupdate1ca2f971662db28;Usluga Google ažuriranje (gupdate1ca2f971662db28-);c:\program files\Google\Update\GoogleUpdate.exe [7.9.2009 10:42 133104] S2 OMSI download service;Sony Ericsson OMSI download service;c:\program files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe [27.8.2009 12:42 90112] S3 Msc7filrc;Msc7filrc; [x] S3 s0017bus;Sony Ericsson Device 0017 driver (WDM);c:\windows\system32\drivers\s0017bus.sys [27.8.2009 12:42 86824] S3 s0017mdfl;Sony Ericsson Device 0017 USB WMC Modem Filter;c:\windows\system32\drivers\s0017mdfl.sys [27.8.2009 12:42 15016] S3 s0017mdm;Sony Ericsson Device 0017 USB WMC Modem Driver;c:\windows\system32\drivers\s0017mdm.sys [27.8.2009 12:42 114600] S3 s0017mgmt;Sony Ericsson Device 0017 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s0017mgmt.sys [27.8.2009 12:42 108328] S3 s0017nd5;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (NDIS);c:\windows\system32\drivers\s0017nd5.sys [27.8.2009 12:42 26024] S3 s0017obex;Sony Ericsson Device 0017 USB WMC OBEX Interface;c:\windows\system32\drivers\s0017obex.sys [27.8.2009 12:42 104616] S3 s0017unic;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (WDM);c:\windows\system32\drivers\s0017unic.sys [27.8.2009 12:42 109736] --- Other Services/Drivers In Memory --- NewlyCreated - MBR Deregistered - mbr [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{RVV2Q1Y7-X2FT-B4F2-6S7L-W7E8O1027L7C}] "c:\windows\server.exe" . Contents of the 'Scheduled Tasks' folder 2009-11-04 c:\windows\Tasks\Google Software Updater.job - c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2004-09-29 09:41] 2009-11-04 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-09-07 09:42] 2009-11-04 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-09-07 09:42] . . ------- Supplementary Scan ------- . uStart Page = hxxp://www.google.hr/search?source=ig&hl=hr&rlz=&q=yourube&meta=lr=&aq=f&oq= uInternet Settings,ProxyOverride = .local uSearchURL,(Default) = hxxp://toolbar.ask.com/toolbarv/askRedirect?o=101728&gct=&gc=1&q=%s IE: &Winamp Toolbar Search - c:\documents and settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000 FF - ProfilePath - c:\documents and settings\Saša\Application Data\Mozilla\Firefox\Profiles\nizwb8wd.default\ FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: browser.startup.homepage - hxxp://www.google.hr/ FF - prefs.js: keyword.URL - hxxp://toolbar.ask.com/toolbarv/askRedirect?o=101728&gct=&gc=1&q= FF - component: c:\documents and settings\Saša\Application Data\Mozilla\Firefox\Profiles\nizwb8wd.default\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}\platform\WINNT_x86-msvc\components\ipc.dll FF - plugin: c:\program files\Google\Google Updater\2.4.1698.5652\npCIDetect13.dll FF - plugin: c:\program files\Google\Update\1.2.183.13\npGoogleOneClick8.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\npbittorrent.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\npyaxmpb.dll . - - - - ORPHANS REMOVED - - - - BHO-{788edcfa-e001-4712-aed0-fc2deb34852a} - (no file) Notify-danops - danops.dll Notify-winmyy32 - winmyy32.dll *********************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, gmer.net Rootkit scan 2009-11-04 11:45 Windows 5.1.2600 Service Pack 2 FAT NTAPI scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ********************************************************************** . --------------------- DLLs Loaded Under Running Processes --------------------- - - - - - - - > 'explorer.exe'(1688-) c:\windows\system32\msi.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . ------------------------ Other Running Processes ------------------------ . c:\program files\Alwil Software\Avast4\aswUpdSv.exe c:\program files\Alwil Software\Avast4\ashServ.exe c:\windows\system32\RunDLL32.exe c:\docume~1\SAŠA\LOCALS~1\Temp\RtkBtMnt.exe c:\program files\Bonjour\mDNSResponder.exe c:\program files\Java\jre6\bin\jqs.exe c:\program files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe c:\program files\Alwil Software\Avast4\ashMaiSv.exe c:\program files\Alwil Software\Avast4\ashWebSv.exe c:\windows\system32\wscntfy.exe . ************************************************************************ . Completion time: 2009-11-04 11:46 - machine was rebooted ComboFix-quarantined-files.txt 2009-11-04 10:46 Pre-Run: 5.268.553.728 bytes free Post-Run: 5.137.678.336 bytes free

Profil

diarno Poslao: 04 Nov 2009 17:42 Idi na vrh
offline diarno Anti Malware Fighter Rank 2 Pridružio: 15 Jun 2007 Poruke: 5572	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Otvoriti Notepad i iskopirati sledeci tekst: `FileLook:: c:\program files\Alwil Software\Avast4\ashDisp.exe c:\program files\QuickTime\qttask.exe Registry:: [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Windows Defender"=- "csrss.exe"=- [HKEY_CURRENT_USER\software\microsoft\windows\Currentversion\policies\explorer\Run] "Microsoft Corp"=- [-HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{RVV2Q1Y7-X2FT-B4F2-6S7L-W7E8O1027L7C}]` Snimiti na Desktop fajl iz Notepada kao "CFScript" Prevuci snimljeni skript/tekst na ComboFix ikonicu kao na slici. Postaviti u sledecoj poruci log koji bude bio napravljen na kraju ciscenja/skeniranja.

Profil

rasho75 Poslao: 04 Nov 2009 18:28 Idi na vrh
offline rasho75 Novi MyCity građanin Pridružio: 03 Nov 2009 Poruke: 8	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! evo ga novi log: ComboFix 09-11-03.03 - Saša 04.11.2009 18:04.2.1 - FAT32x86 Microsoft Windows XP Professional 5.1.2600.2.1250.385.1033.18.2038.1585 [GMT 1:00] Running from: c:\documents and settings\Saša\Desktop\ComboFix.exe Command switches used :: c:\documents and settings\Saša\Desktop\CFScript.txt AV: avast! antivirus 4.8.1356 [VPS 091103-1] On-access scanning disabled (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D} WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !! . ((((((((((((((((((((((((( Files Created from 2009-10-04 to 2009-11-04 ))))))))))))))))))))))))))))))) . 2009-11-03 11:21 . 2009-11-03 11:21 -------- d-----w- c:\program files\Trend Micro 2009-10-26 19:50 . 2009-10-26 19:50 -------- d-----w- c:\program files\PowerISO 2009-10-24 22:40 . 2009-10-24 22:40 -------- d--h--w- c:\windows\PIF . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-09-26 09:58 . 2007-02-03 18:44 3348 --sha-w- c:\windows\system32\KGyGaAvL.sys 2009-09-20 13:27 . 2009-09-20 13:27 -------- d-----w- c:\documents and settings\Guest\Application Data\Outertech 2009-09-20 12:33 . 2009-09-20 12:33 -------- d-----w- c:\documents and settings\Guest\Application Data\Winamp 2009-09-15 11:59 . 2007-01-13 17:15 1279968 ----a-w- c:\windows\system32\aswBoot.exe 2009-09-15 11:56 . 2007-01-13 17:15 93424 ----a-w- c:\windows\system32\drivers\aswmon.sys 2009-09-15 11:56 . 2007-01-13 17:15 94160 ----a-w- c:\windows\system32\drivers\aswmon2.sys 2009-09-15 11:55 . 2008-04-12 14:44 114768 ----a-w- c:\windows\system32\drivers\aswSP.sys 2009-09-15 11:55 . 2008-04-12 14:44 20560 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys 2009-09-15 11:54 . 2007-01-13 17:15 52368 ----a-w- c:\windows\system32\drivers\aswTdi.sys 2009-09-15 11:54 . 2007-01-13 17:15 23152 ----a-w- c:\windows\system32\drivers\aswRdr.sys 2009-09-15 11:53 . 2007-01-13 17:15 27408 ----a-w- c:\windows\system32\drivers\aavmker4.sys 2009-09-15 11:53 . 2007-01-13 17:15 97480 ----a-w- c:\windows\system32\AVASTSS.scr 2009-09-07 09:41 . 2009-09-07 09:41 -------- d-----w- c:\documents and settings\All Users\Application Data\Google Updater 2009-08-27 11:42 . 2009-08-27 11:42 148736 ----a-w- c:\documents and settings\All Users\Application Data\hpeBE.dll . (((((((((((((((((((((((((((((((((((((((((((( Look ))))))))))))))))))))))))))))))))))))))))))))))))))))))))) . --- c:\program files\Alwil Software\Avast4\ashDisp.exe --- Company: ALWIL Software File Description: avast! service GUI component File Version: 4, 8, 1356, 0 Product Name: avast! Antivirus Copyright: Copyright (c) 2009 ALWIL Software Original Filename: aswDisp.exe File size: 81000 Created time: 2007-01-13 17:15 Modified time: 2009-09-15 11:56 MD5: 28E9092D50AE450662EEA4719E5AA304 SHA1: 6D3D8D527A330B7FE0DC9E88076DE410EB75F6F1 --- c:\program files\QuickTime\qttask.exe --- Company: Apple Computer, Inc. File Description: QuickTime Task File Version: 7.1.3 Product Name: QuickTime Copyright: Copyright Apple Computer, Inc. 1989-2006 Original Filename: QTTask.exe File size: 282624 Created time: 2006-09-01 14:57 Modified time: 2006-09-01 14:57 MD5: CAF03357DE72F8F19FA099581A685C1A SHA1: 33F6F26E068AAEEF1012DE235F71CBA7BEE61754 ((((((((((((((((((((((((((((( SnapShot@2009-11-04_10.43.22 ))))))))))))))))))))))))))))))))))))))))) . + 2009-11-04 13:54 . 2009-11-04 13:54 16384 c:\windows\Temp\Perflib_Perfdata_690.dat . ((((((((((((((((((((((((((((((((((((((((((((( AWF )))))))))))))))))))))))))))))))))))))))))))))))))))))))))) . 2004-08-03 21:56 . 2004-08-03 21:56 15360 c:\windows\system32\bak\ctfmon.exe 2004-08-03 21:56 . 2004-08-03 21:56 15360 c:\windows\system32\ctfmon.exe 2007-01-13 16:22 . 2001-07-09 09:50 155648 c:\windows\system32\bak\NeroCheck.exe 2007-01-13 16:39 . 2006-03-23 04:17 94208 c:\windows\system32\bak\igfxtray.exe 2007-01-13 16:39 . 2006-03-23 04:13 77824 c:\windows\system32\bak\hkcmd.exe 2007-01-13 16:39 . 2006-03-23 04:17 118784 c:\windows\system32\bak\igfxpers.exe 2005-08-11 15:30 . 2005-08-11 15:30 249856 c:\program files\Common Files\InstallShield\UpdateService\bak\isuspm.exe 2005-08-11 15:30 . 2005-08-11 15:30 81920 c:\program files\Common Files\InstallShield\UpdateService\bak\issch.exe 2007-01-13 17:15 . 2007-01-12 11:24 108160 c:\program files\Alwil Software\Avast4\bak\ashDisp.exe 2007-01-13 17:15 . 2009-09-15 11:56 81000 c:\program files\Alwil Software\Avast4\ashDisp.exe 2007-01-13 17:17 . 2006-08-23 15:21 3208192 c:\program files\Ashampoo\Ashampoo FireWall\bak\FireWall.exe 2007-01-18 19:18 . 2005-12-21 07:02 53248 c:\program files\Realtek\InstallShield\bak\AzMixerSel.exe 2007-01-23 18:03 . 2006-03-06 23:52 36864 c:\program files\Ulead Systems\Ulead VideoStudio 10\bak\uvPL.exe 2007-01-23 18:05 . 2007-01-23 18:05 155648 c:\program files\QuickTime\bak\qttask.exe 2006-09-01 14:57 . 2006-09-01 14:57 282624 c:\program files\QuickTime\qttask.exe . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}] 2008-07-17 16:20 279944 ----a-w- c:\program files\AskBarDis\bar\bin\askBar.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{3041d03e-fd4b-44e0-b742-2d9b88305f98}"= "c:\program files\AskBarDis\bar\bin\askBar.dll" [2008-07-17 279944] [HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}] [HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser] "{3041D03E-FD4B-44E0-B742-2D9B88305F98}"= "c:\program files\AskBarDis\bar\bin\askBar.dll" [2008-07-17 279944] [HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}] [HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "OM2_Monitor"="c:\program files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe" [2008-02-22 95536] "BitTorrent DNA"="c:\program files\DNA\btdna.exe" [2009-02-27 321344] "Google Update"="c:\documents and settings\Saša\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [2009-03-29 133104] "Sony Ericsson PC Suite"="c:\program files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe" [2009-06-23 434176] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-09-07 39408] "AdobeBridge"="" [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-09-15 81000] "QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2006-09-01 282624] "AdobeCS4ServiceManager"="c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2008-08-14 611712] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-07-31 149280] "PWRISOVM.EXE"="c:\program files\PowerISO\PWRISOVM.EXE" [2008-07-07 167936] "RTHDCPL"="RTHDCPL.EXE" - c:\windows\RTHDCPL.exe [2006-06-28 16248320] "SkyTel"="SkyTel.EXE" - c:\windows\SkyTel.exe [2006-05-16 2879488] "PD0620 STISvc"="P0620Pin.dll" - c:\windows\system32\P0620Pin.dll [2005-05-10 36864] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-03 15360] "Picasa Media Detector"="c:\program files\Picasa2\PicasaMediaDetector.exe" [2008-02-26 443968] c:\documents and settings\Guest\Start Menu\Programs\Startup\ Yahoo! Widget Engine.lnk - c:\program files\Yahoo!\Widgets\YahooWidgetEngine.exe [2007-7-20 2913584] c:\documents and settings\All Users\Start Menu\Programs\Startup\ Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2004-12-14 29696] Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360] InterVideo WinCinema Manager.lnk - c:\program files\InterVideo\Common\Bin\WinCinemaMgr.exe [2007-1-13 303104] [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Shareaza Applications\\Shareaza\\Shareaza.exe"= "c:\\Program Files\\Bonjour\\mDNSResponder.exe"= "c:\\Program Files\\DNA\\btdna.exe"= "c:\\Program Files\\BitTorrent\\bittorrent.exe"= "c:\\Documents and Settings\\Saša\\Local Settings\\Application Data\\Google\\Google Talk Plugin\\googletalkplugin.dll"= "c:\\Documents and Settings\\Saša\\Local Settings\\Application Data\\Google\\Google Talk Plugin\\googletalkplugin.exe"= "c:\\Program Files\\FreshWebmaster\\FreshFTP\\freshftp.exe"= "c:\\Program Files\\Common Files\\Adobe\\CS4ServiceManager\\CS4ServiceManager.exe"= "c:\\WINDOWS\\system32\\winver.exe"= "c:\\Program Files\\SightSpeed\\SightSpeed.exe"= "c:\\Program Files\\Skype\\Phone\\Skype.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "5353:TCP"= 5353:TCP:Adobe CSI CS4 R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [12.4.2008 15:44 114768] R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [12.4.2008 15:44 20560] R3 seehcri;Sony Ericsson seehcri Device Driver;c:\windows\system32\drivers\seehcri.sys [27.8.2009 12:43 27632] S2 gupdate1ca2f971662db28;Usluga Google ažuriranje (gupdate1ca2f971662db28-);c:\program files\Google\Update\GoogleUpdate.exe [7.9.2009 10:42 133104] S2 OMSI download service;Sony Ericsson OMSI download service;c:\program files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe [27.8.2009 12:42 90112] S3 Msc7filrc;Msc7filrc; [x] S3 s0017bus;Sony Ericsson Device 0017 driver (WDM);c:\windows\system32\drivers\s0017bus.sys [27.8.2009 12:42 86824] S3 s0017mdfl;Sony Ericsson Device 0017 USB WMC Modem Filter;c:\windows\system32\drivers\s0017mdfl.sys [27.8.2009 12:42 15016] S3 s0017mdm;Sony Ericsson Device 0017 USB WMC Modem Driver;c:\windows\system32\drivers\s0017mdm.sys [27.8.2009 12:42 114600] S3 s0017mgmt;Sony Ericsson Device 0017 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s0017mgmt.sys [27.8.2009 12:42 108328] S3 s0017nd5;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (NDIS);c:\windows\system32\drivers\s0017nd5.sys [27.8.2009 12:42 26024] S3 s0017obex;Sony Ericsson Device 0017 USB WMC OBEX Interface;c:\windows\system32\drivers\s0017obex.sys [27.8.2009 12:42 104616] S3 s0017unic;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (WDM);c:\windows\system32\drivers\s0017unic.sys [27.8.2009 12:42 109736] --- Other Services/Drivers In Memory --- Deregistered - mbr Deregistered - PROCEXP113 . Contents of the 'Scheduled Tasks' folder 2009-11-04 c:\windows\Tasks\Google Software Updater.job - c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2004-09-29 09:41] 2009-11-04 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-09-07 09:42] 2009-11-04 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-09-07 09:42] . . ------- Supplementary Scan ------- . uStart Page = hxxp://www.google.hr/search?source=ig&hl=hr&rlz=&q=yourube&meta=lr=&aq=f&oq= uInternet Settings,ProxyOverride = .local uSearchURL,(Default) = hxxp://toolbar.ask.com/toolbarv/askRedirect?o=101728&gct=&gc=1&q=%s IE: &Winamp Toolbar Search - c:\documents and settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000 FF - ProfilePath - c:\documents and settings\Saša\Application Data\Mozilla\Firefox\Profiles\nizwb8wd.default\ FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: browser.startup.homepage - hxxp://www.google.hr/ FF - prefs.js: keyword.URL - hxxp://toolbar.ask.com/toolbarv/askRedirect?o=101728&gct=&gc=1&q= FF - component: c:\documents and settings\Saša\Application Data\Mozilla\Firefox\Profiles\nizwb8wd.default\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}\platform\WINNT_x86-msvc\components\ipc.dll FF - plugin: c:\program files\Google\Google Updater\2.4.1698.5652\npCIDetect13.dll FF - plugin: c:\program files\Google\Update\1.2.183.13\npGoogleOneClick8.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\npbittorrent.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\npyaxmpb.dll . *********************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, gmer.net Rootkit scan 2009-11-04 18:07 Windows 5.1.2600 Service Pack 2 FAT NTAPI scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************ . --------------------- DLLs Loaded Under Running Processes --------------------- - - - - - - - > 'winlogon.exe'(576) c:\windows\system32\igfxdev.dll - - - - - - - > 'explorer.exe'(1240) c:\windows\system32\msi.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . Completion time: 2009-11-04 18:09 ComboFix-quarantined-files.txt 2009-11-04 17:09 ComboFix2.txt 2009-11-04 10:46 Pre-Run: 5.157.683.200 bytes free Post-Run: 5.121.277.952 bytes free

Profil

diarno Poslao: 04 Nov 2009 18:46 Idi na vrh
offline diarno Anti Malware Fighter Rank 2 Pridružio: 15 Jun 2007 Poruke: 5572	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Kakvo je sad stanje?

Profil

rasho75 Poslao: 05 Nov 2009 09:28 Idi na vrh
offline rasho75 Novi MyCity građanin Pridružio: 03 Nov 2009 Poruke: 8	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Stanje isto. Sa usb-a ne mogu izbrisat (skrivena file-a, vidi sliku-bolju nisam uspio dobit) a kad komp prepozna usb ne mogu ga otvorit ni dvoklikom ni desni klik pa open, nego samo explore. U task manageru su jos uvijek dva csrss.exe file-a, jedan je csrss.exe drugi CSRSS.EXE (slika prilozena). Mozda da instaliram bit defender i pokusam s njim ocistit komp??

Profil

diarno Poslao: 05 Nov 2009 10:29 Idi na vrh
offline diarno Anti Malware Fighter Rank 2 Pridružio: 15 Jun 2007 Poruke: 5572	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Nema potrebe za bitdefenderom trenutno..... Izvadi taj usb, zatim ponovo pokreni Combofix log i okaci mi izvestaj... Posle toga - Preuzmi USBNoRisk na Desktop i pokreni ga duplim klikom na ikonicu programa. - Sacekaj koji sekund dok program izvrsi inicijalno skeniranje. - Ubacuj sve USB memorijske uredjaje redom u USB slot i svaki zadrzi u slotu po 10 sekundi. - Ukoliko imas vise uredjaja za proveru, onda na parcetu papira zapisi kojim redom su ubacivani jer ce nam kasnije trebati taj podatak - Kada zavrsis sa svim uredjajima, klikni desno dugme misa na sred prozora programa i odaberi opciju Save log. To ce automatski otvoriti log u Notepadu. Iskopiraj nam taj log iz Notepada na forum. Objasnjenje: U USB memorijske uredjaje spadaju svi oni uredjaji koji po prikljucivanju na kompjuter dobijaju svoju oznaku particije. Tu spadaju USB flash drajvovi, eksterni hard-diskovi, memorijske kartice, MP3 i MP4 plejeri, neki mobilni telefoni, neki GPS (navigacioni) uredjaji itd.

Profil

rasho75 Poslao: 05 Nov 2009 21:17 Idi na vrh
offline rasho75 Novi MyCity građanin Pridružio: 03 Nov 2009 Poruke: 8	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Napisano: 05 Nov 2009 21:02 Evo ga prvo ComboFix: USBnorisk log ide odma ispod ovo log-a: ComboFix 09-11-03.03 - Saša 05.11.2009 20:47.3.1 - FAT32x86 Microsoft Windows XP Professional 5.1.2600.2.1250.385.1033.18.2038.1595 [GMT 1:00] Running from: c:\documents and settings\Saša\Desktop\ComboFix.exe AV: avast! antivirus 4.8.1356 [VPS 091105-1] On-access scanning disabled (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D} WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !! . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\documents and settings\Saša\Application Data\Microsoft\csrss.exe . ((((((((((((((((((((((((( Files Created from 2009-10-05 to 2009-11-05 ))))))))))))))))))))))))))))))) . 2009-11-03 11:21 . 2009-11-03 11:21 -------- d-----w- c:\program files\Trend Micro 2009-10-26 19:50 . 2009-10-26 19:50 -------- d-----w- c:\program files\PowerISO 2009-10-24 22:40 . 2009-10-24 22:40 -------- d--h--w- c:\windows\PIF . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-09-26 09:58 . 2007-02-03 18:44 3348 --sha-w- c:\windows\system32\KGyGaAvL.sys 2009-09-20 13:27 . 2009-09-20 13:27 -------- d-----w- c:\documents and settings\Guest\Application Data\Outertech 2009-09-20 12:33 . 2009-09-20 12:33 -------- d-----w- c:\documents and settings\Guest\Application Data\Winamp 2009-09-15 11:59 . 2007-01-13 17:15 1279968 ----a-w- c:\windows\system32\aswBoot.exe 2009-09-15 11:56 . 2007-01-13 17:15 93424 ----a-w- c:\windows\system32\drivers\aswmon.sys 2009-09-15 11:56 . 2007-01-13 17:15 94160 ----a-w- c:\windows\system32\drivers\aswmon2.sys 2009-09-15 11:55 . 2008-04-12 14:44 114768 ----a-w- c:\windows\system32\drivers\aswSP.sys 2009-09-15 11:55 . 2008-04-12 14:44 20560 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys 2009-09-15 11:54 . 2007-01-13 17:15 52368 ----a-w- c:\windows\system32\drivers\aswTdi.sys 2009-09-15 11:54 . 2007-01-13 17:15 23152 ----a-w- c:\windows\system32\drivers\aswRdr.sys 2009-09-15 11:53 . 2007-01-13 17:15 27408 ----a-w- c:\windows\system32\drivers\aavmker4.sys 2009-09-15 11:53 . 2007-01-13 17:15 97480 ----a-w- c:\windows\system32\AVASTSS.scr 2009-09-07 09:41 . 2009-09-07 09:41 -------- d-----w- c:\documents and settings\All Users\Application Data\Google Updater 2009-08-27 11:42 . 2009-08-27 11:42 148736 ----a-w- c:\documents and settings\All Users\Application Data\hpeBE.dll . ((((((((((((((((((((((((((((( SnapShot@2009-11-04_10.43.22 ))))))))))))))))))))))))))))))))))))))))) . + 2009-11-04 19:58 . 2009-11-04 19:58 16384 c:\windows\Temp\Perflib_Perfdata_690.dat . ((((((((((((((((((((((((((((((((((((((((((((( AWF )))))))))))))))))))))))))))))))))))))))))))))))))))))))))) . 2004-08-03 21:56 . 2004-08-03 21:56 15360 c:\windows\system32\bak\ctfmon.exe 2004-08-03 21:56 . 2004-08-03 21:56 15360 c:\windows\system32\ctfmon.exe 2007-01-13 16:22 . 2001-07-09 09:50 155648 c:\windows\system32\bak\NeroCheck.exe 2007-01-13 16:39 . 2006-03-23 04:17 94208 c:\windows\system32\bak\igfxtray.exe 2007-01-13 16:39 . 2006-03-23 04:13 77824 c:\windows\system32\bak\hkcmd.exe 2007-01-13 16:39 . 2006-03-23 04:17 118784 c:\windows\system32\bak\igfxpers.exe 2005-08-11 15:30 . 2005-08-11 15:30 249856 c:\program files\Common Files\InstallShield\UpdateService\bak\isuspm.exe 2005-08-11 15:30 . 2005-08-11 15:30 81920 c:\program files\Common Files\InstallShield\UpdateService\bak\issch.exe 2007-01-13 17:15 . 2007-01-12 11:24 108160 c:\program files\Alwil Software\Avast4\bak\ashDisp.exe 2007-01-13 17:15 . 2009-09-15 11:56 81000 c:\program files\Alwil Software\Avast4\ashDisp.exe 2007-01-13 17:17 . 2006-08-23 15:21 3208192 c:\program files\Ashampoo\Ashampoo FireWall\bak\FireWall.exe 2007-01-18 19:18 . 2005-12-21 07:02 53248 c:\program files\Realtek\InstallShield\bak\AzMixerSel.exe 2007-01-23 18:03 . 2006-03-06 23:52 36864 c:\program files\Ulead Systems\Ulead VideoStudio 10\bak\uvPL.exe 2007-01-23 18:05 . 2007-01-23 18:05 155648 c:\program files\QuickTime\bak\qttask.exe 2006-09-01 14:57 . 2006-09-01 14:57 282624 c:\program files\QuickTime\qttask.exe . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}] 2008-07-17 16:20 279944 ----a-w- c:\program files\AskBarDis\bar\bin\askBar.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{3041d03e-fd4b-44e0-b742-2d9b88305f98}"= "c:\program files\AskBarDis\bar\bin\askBar.dll" [2008-07-17 279944] [HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}] [HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser] "{3041D03E-FD4B-44E0-B742-2D9B88305F98}"= "c:\program files\AskBarDis\bar\bin\askBar.dll" [2008-07-17 279944] [HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}] [HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "OM2_Monitor"="c:\program files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe" [2008-02-22 95536] "BitTorrent DNA"="c:\program files\DNA\btdna.exe" [2009-02-27 321344] "Google Update"="c:\documents and settings\Saša\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [2009-03-29 133104] "Sony Ericsson PC Suite"="c:\program files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe" [2009-06-23 434176] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-09-07 39408] "csrss.exe"="c:\documents and settings\Saša\Application Data\Microsoft\csrss.exe" [N/A] "AdobeBridge"="" [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-09-15 81000] "QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2006-09-01 282624] "AdobeCS4ServiceManager"="c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2008-08-14 611712] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-07-31 149280] "PWRISOVM.EXE"="c:\program files\PowerISO\PWRISOVM.EXE" [2008-07-07 167936] "RTHDCPL"="RTHDCPL.EXE" - c:\windows\RTHDCPL.exe [2006-06-28 16248320] "SkyTel"="SkyTel.EXE" - c:\windows\SkyTel.exe [2006-05-16 2879488] "PD0620 STISvc"="P0620Pin.dll" - c:\windows\system32\P0620Pin.dll [2005-05-10 36864] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-03 15360] "Picasa Media Detector"="c:\program files\Picasa2\PicasaMediaDetector.exe" [2008-02-26 443968] c:\documents and settings\Guest\Start Menu\Programs\Startup\ Yahoo! Widget Engine.lnk - c:\program files\Yahoo!\Widgets\YahooWidgetEngine.exe [2007-7-20 2913584] c:\documents and settings\All Users\Start Menu\Programs\Startup\ Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2004-12-14 29696] Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360] InterVideo WinCinema Manager.lnk - c:\program files\InterVideo\Common\Bin\WinCinemaMgr.exe [2007-1-13 303104] [HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\0] Source= file:///c:\docume~1\SAŠA\LOCALS~1\Temp\msohtml1\01\clip_image002.jpg FriendlyName= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Shareaza Applications\\Shareaza\\Shareaza.exe"= "c:\\Program Files\\Bonjour\\mDNSResponder.exe"= "c:\\Program Files\\DNA\\btdna.exe"= "c:\\Program Files\\BitTorrent\\bittorrent.exe"= "c:\\Documents and Settings\\Saša\\Local Settings\\Application Data\\Google\\Google Talk Plugin\\googletalkplugin.dll"= "c:\\Documents and Settings\\Saša\\Local Settings\\Application Data\\Google\\Google Talk Plugin\\googletalkplugin.exe"= "c:\\Program Files\\FreshWebmaster\\FreshFTP\\freshftp.exe"= "c:\\Program Files\\Common Files\\Adobe\\CS4ServiceManager\\CS4ServiceManager.exe"= "c:\\WINDOWS\\system32\\winver.exe"= "c:\\Program Files\\SightSpeed\\SightSpeed.exe"= "c:\\Program Files\\Skype\\Phone\\Skype.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "5353:TCP"= 5353:TCP:Adobe CSI CS4 R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [12.4.2008 15:44 114768] R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [12.4.2008 15:44 20560] R3 seehcri;Sony Ericsson seehcri Device Driver;c:\windows\system32\drivers\seehcri.sys [27.8.2009 12:43 27632] S2 gupdate1ca2f971662db28;Usluga Google ažuriranje (gupdate1ca2f971662db28-);c:\program files\Google\Update\GoogleUpdate.exe [7.9.2009 10:42 133104] S2 OMSI download service;Sony Ericsson OMSI download service;c:\program files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe [27.8.2009 12:42 90112] S3 Msc7filrc;Msc7filrc; [x] S3 s0017bus;Sony Ericsson Device 0017 driver (WDM);c:\windows\system32\drivers\s0017bus.sys [27.8.2009 12:42 86824] S3 s0017mdfl;Sony Ericsson Device 0017 USB WMC Modem Filter;c:\windows\system32\drivers\s0017mdfl.sys [27.8.2009 12:42 15016] S3 s0017mdm;Sony Ericsson Device 0017 USB WMC Modem Driver;c:\windows\system32\drivers\s0017mdm.sys [27.8.2009 12:42 114600] S3 s0017mgmt;Sony Ericsson Device 0017 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s0017mgmt.sys [27.8.2009 12:42 108328] S3 s0017nd5;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (NDIS);c:\windows\system32\drivers\s0017nd5.sys [27.8.2009 12:42 26024] S3 s0017obex;Sony Ericsson Device 0017 USB WMC OBEX Interface;c:\windows\system32\drivers\s0017obex.sys [27.8.2009 12:42 104616] S3 s0017unic;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (WDM);c:\windows\system32\drivers\s0017unic.sys [27.8.2009 12:42 109736] --- Other Services/Drivers In Memory --- Deregistered - mbr Deregistered - PROCEXP113 . Contents of the 'Scheduled Tasks' folder 2009-11-05 c:\windows\Tasks\Google Software Updater.job - c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2004-09-29 09:41] 2009-11-05 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-09-07 09:42] 2009-11-05 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-09-07 09:42] . . ------- Supplementary Scan ------- . uStart Page = hxxp://www.google.hr/search?source=ig&hl=hr&rlz=&q=yourube&meta=lr=&aq=f&oq= uInternet Settings,ProxyOverride = .local uSearchURL,(Default) = hxxp://toolbar.ask.com/toolbarv/askRedirect?o=101728&gct=&gc=1&q=%s IE: &Winamp Toolbar Search - c:\documents and settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000 FF - ProfilePath - c:\documents and settings\Saša\Application Data\Mozilla\Firefox\Profiles\nizwb8wd.default\ FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: browser.startup.homepage - hxxp://www.google.hr/ FF - prefs.js: keyword.URL - hxxp://toolbar.ask.com/toolbarv/askRedirect?o=101728&gct=&gc=1&q= FF - component: c:\documents and settings\Saša\Application Data\Mozilla\Firefox\Profiles\nizwb8wd.default\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}\platform\WINNT_x86-msvc\components\ipc.dll FF - plugin: c:\program files\Google\Google Updater\2.4.1698.5652\npCIDetect13.dll FF - plugin: c:\program files\Google\Update\1.2.183.13\npGoogleOneClick8.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\npbittorrent.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\npyaxmpb.dll . *********************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, gmer.net Rootkit scan 2009-11-05 20:51 Windows 5.1.2600 Service Pack 2 FAT NTAPI scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************ . Completion time: 2009-11-05 20:52 ComboFix-quarantined-files.txt 2009-11-05 19:52 ComboFix2.txt 2009-11-04 17:09 ComboFix3.txt 2009-11-04 10:46 Pre-Run: 5.022.957.568 bytes free Post-Run: 4.985.061.376 bytes free USBNoRisk 2.5 (26 July 2009) by bobby Started at 5.11.2009 20:57:22 Searching for connected USB Mass storage... ---------------------------------------- ======================================== Searching for other storage... ---------------------------------------- C: {ac2d61bd-a35f-11db-822e-806d6172696f} D: {ac2d61be-a35f-11db-822e-806d6172696f} ======================================== Scanning fixed storage... ---------------------------------------- No blocked files found on C: No Autorun.inf files found on C: No mountpoint found for C: No mountpoint found for ac2d61bd-a35f-11db-822e-806d6172696f ---------------------------------------- Desktop.ini found at C:\Recycled\ contains interesting CLSID string ---------------------------------------- [.ShellClassInfo] CLSID={645FF040-5081-101B-9F08-00AA002F954E} ---------------------------------------- HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},InfoTip = @%SystemRoot%\system32\SHELL32.dll,-22915 HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},IntroText = @%SystemRoot%\system32\SHELL32.dll,-31748 HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},LocalizedString = @%SystemRoot%\system32\SHELL32.dll,-8964 HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,@ = %SystemRoot%\System32\shell32.dll,31 HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,Empty = %SystemRoot%\System32\shell32.dll,31 HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,Full = %SystemRoot%\System32\shell32.dll,32 HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\InProcServer32,@ = shell32.dll HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\Shell\Otvori CCleaner...\command,@ = C:\Program Files\CCleaner\ccleaner.exe HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\Shell\Pokreni CCleaner\command,@ = C:\Program Files\CCleaner\ccleaner.exe /AUTO HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},InfoTip = @%SystemRoot%\system32\SHELL32.dll,-22915 HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},IntroText = @%SystemRoot%\system32\SHELL32.dll,-31748 HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},LocalizedString = @%SystemRoot%\system32\SHELL32.dll,-8964 HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,@ = %SystemRoot%\System32\shell32.dll,31 HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,Empty = %SystemRoot%\System32\shell32.dll,31 HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,Full = %SystemRoot%\System32\shell32.dll,32 HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\InProcServer32,@ = shell32.dll HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\Shell\Otvori CCleaner...\command,@ = C:\Program Files\CCleaner\ccleaner.exe HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\Shell\Pokreni CCleaner\command,@ = C:\Program Files\CCleaner\ccleaner.exe /AUTO ---------------------------------------- No blocked files found on D: No Autorun.inf files found on D: No mountpoint found for D: No mountpoint found for ac2d61be-a35f-11db-822e-806d6172696f ---------------------------------------- Desktop.ini found at D:\Recycled\ contains interesting CLSID string ---------------------------------------- [.ShellClassInfo] CLSID={645FF040-5081-101B-9F08-00AA002F954E} ---------------------------------------- HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},InfoTip = @%SystemRoot%\system32\SHELL32.dll,-22915 HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},IntroText = @%SystemRoot%\system32\SHELL32.dll,-31748 HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},LocalizedString = @%SystemRoot%\system32\SHELL32.dll,-8964 HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,@ = %SystemRoot%\System32\shell32.dll,31 HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,Empty = %SystemRoot%\System32\shell32.dll,31 HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,Full = %SystemRoot%\System32\shell32.dll,32 HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\InProcServer32,@ = shell32.dll HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\Shell\Otvori CCleaner...\command,@ = C:\Program Files\CCleaner\ccleaner.exe HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\Shell\Pokreni CCleaner\command,@ = C:\Program Files\CCleaner\ccleaner.exe /AUTO HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},InfoTip = @%SystemRoot%\system32\SHELL32.dll,-22915 HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},IntroText = @%SystemRoot%\system32\SHELL32.dll,-31748 HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},LocalizedString = @%SystemRoot%\system32\SHELL32.dll,-8964 HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,@ = %SystemRoot%\System32\shell32.dll,31 HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,Empty = %SystemRoot%\System32\shell32.dll,31 HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,Full = %SystemRoot%\System32\shell32.dll,32 HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\InProcServer32,@ = shell32.dll HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\Shell\Otvori CCleaner...\command,@ = C:\Program Files\CCleaner\ccleaner.exe HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\Shell\Pokreni CCleaner\command,@ = C:\Program Files\CCleaner\ccleaner.exe /AUTO ---------------------------------------- ======================================== Initial scan finished! ======================================== New device connected at 5.11.2009 20:58:05 Scanning for connected USB mass storage... ---------------------------------------- I: {2e0ed46e-4062-11dc-abfb-005056c00008} Added I: ======================================== Scanning USB mass storage for files... ---------------------------------------- No blocked files found on I: ---------------------------------------- autorun.inf found on I: ---------------------------------------- File I:\autorun.inf renamed successfully Content of I:\autorun.inf.blocked ---------------------------------------- [autorun] open=csrss.exe icon=%SystemRoot%\system32\SHELL32.dll,4 action=Open folder to view files shell\open=Open shell\open\command=csrss.exe shell\open\default=1 ---------------------------------------- Files referenced from I:\autorun.inf.blocked ---------------------------------------- I:\csrss.exe ---h- 1136164 ---------------------------------------- Sanitized mountpoint for 2e0ed46e-4062-11dc-abfb-005056c00008 ---------------------------------------- No Desktop.ini files found on I: ---------------------------------------- No mimics found on drive I: ======================================== ======================================== Removed I: ======================================== New device connected at 5.11.2009 20:58:49 Scanning for connected USB mass storage... ---------------------------------------- H: {5b854920-412b-11de-ae6b-0016d45cca62} Added H: ======================================== Scanning USB mass storage for files... ---------------------------------------- No blocked files found on H: ---------------------------------------- No Autorun.inf files found on H: No mountpoint found for H: No mountpoint found for 5b854920-412b-11de-ae6b-0016d45cca62 ---------------------------------------- No Desktop.ini files found on H: ---------------------------------------- No mimics found on drive H: ======================================== ======================================== Removed H: ======================================== Dopuna: 05 Nov 2009 21:17 situacija je sad sljedeca: nakonos sto sam sve oodradio po uputama, restartao sam komp (za svaki slucaj) i ponovo spojio usb te sam ga uspio otvoriti dvoklikom!!! :-)) Na njemu je jos uvijek csrss.exe file i autorun koji je blokiran. Trecu promjenu sam primjetio u task manageru sada postoji samo jedan csrss.exe file i to samo onaj cije ime je ispisano velikim slovima (zbilja nemam pojma jel format slova nesto znaci ali onaj pisan malim slovima je nestao). Sta dalje?

Profil

diarno Poslao: 05 Nov 2009 22:06 Idi na vrh
offline diarno Anti Malware Fighter Rank 2 Pridružio: 15 Jun 2007 Poruke: 5572	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Pokreni ponovo USBNoRisk..Sacekaj da se zavrsi inicijalno skeniranje...Ubaci zarazeni USB Sacekaj par sekundi Klikni na karticu/tab Script U beli okvir prozora kopiraj sledece : `{2e0ed46e-4062-11dc-abfb-005056c00008} f_delete: %DRIVE%csrss.exe delete_blocked:` Klikni na Run Skript; Kada te program prebaci na karticu/tab Monitor, klikni desnim klikom negde unutar belog okvira koji sadrzi log i izaberi Save Log Automatski ce se otvoriti Notepad sa textom koji ces iskopirati na forum;

Profil

MyCity » Ambulanta -> Arhiva Ambulante » neizbrisiv csrss file na usb-u

Ko je trenutno na forumu

Ukupno su 999 korisnika na forumu :: 21 registrovanih, 5 sakrivenih i 973 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: Areal84, bokisha253, Bubimir, djuradj, draganca, galerija, galijot, Georgius, Kubovac, Mercury, milos97, moldway, nenad81, nenaddz, raketaš, repac, Sirius, t84dar, Tvrtko I, vathra, Žoržo

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by