MyCity » Ambulanta -> Arhiva Ambulante » virus win32/heur kako se resiti

virus win32/heur kako se resiti

Napisano na dan: 18.3.2008

virus win32/heur kako se resiti

Sledeća strana

Pagination

Odgovori

smz Poslao: 18 Mar 2008 15:24 Idi na vrh
offline smz Građanin Pridružio: 18 Mar 2008 Poruke: 57	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Antivirusni programmi stalno signalizira prisutnost virusa win32/heur u datoteci windows/system32/clusapik.dll no program ga ne moze ukloniti,stadaradim? Logfile of HijackThis v1.99.1 Scan saved at 15:07:49, on 18.03.2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Programme\QuickTime\qttask.exe C:\Programme\Real\RealPlayer\RealPlay.exe C:\Programme\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe C:\Programme\Gemeinsame Dateien\AOL\1202658926\ee\AOLSoftware.exe C:\Programme\Winamp\winampa.exe C:\PROGRA~1\AVG\AVG8\avgtray.exe C:\WINDOWS\system32\ctfmon.exe C:\Programme\Messenger\msmsgs.exe C:\Programme\Gemeinsame Dateien\Ahead\Lib\NMBgMonitor.exe C:\Programme\Gemeinsame Dateien\Ahead\Lib\NMIndexStoreSvr.exe C:\Programme\AOL 9.0a\aoltray.exe C:\Programme\Gemeinsame Dateien\AOL\ACS\AOLAcsd.exe C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe C:\WINDOWS\System32\nvsvc32.exe C:\WINDOWS\System32\svchost.exe C:\PROGRA~1\AVG\AVG8\avgam.exe C:\PROGRA~1\AVG\AVG8\avgrsx.exe C:\PROGRA~1\AVG\AVG8\avgnsx.exe C:\PROGRA~1\AVG\AVG8\avgemc.exe C:\Programme\AOL 9.0a\waol.exe C:\Programme\AOL 9.0a\shellmon.exe C:\Programme\Gemeinsame Dateien\Aol\aoltpspd.exe C:\Programme\Internet Explorer\iexplore.exe C:\Programme\AVG\AVG8\aAvgApi.exe C:\Dokumente und Einstellungen\Besitzer\Desktop\sava\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = google.de/ O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Programme\AVG\AVG8\avgssie.dll O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - (no file) O2 - BHO: (no name) - {8310169C-12C3-4E0A-AECD-CD63EF9295BD} - C:\WINDOWS\System32\CTWFLT32p.dll (file missing) O2 - BHO: AVGTOOLBAR - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\Programme\AVG\AVG8\avgtoolbar.dll O2 - BHO: (no name) - {D3257DCF-AFC2-49A5-822F-0D2CB1316424} - c:\windows\system32\clusapik.dll O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - (no file) O3 - Toolbar: AVGTOOLBAR - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\Programme\AVG\AVG8\avgtoolbar.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [QuickTime Task] "C:\Programme\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [routcnf] C:\Programme\Telekom\T-Eumex 220PC\routcnf.exe /capiactive O4 - HKLM\..\Run: [Launch] "D:\SETUP.EXE" O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE O4 - HKLM\..\Run: [RealTray] C:\Programme\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Programme\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe" O4 - HKLM\..\Run: [AOLDialer] C:\Programme\Gemeinsame Dateien\AOL\ACS\AOLDial.exe O4 - HKLM\..\Run: [HostManager] C:\Programme\Gemeinsame Dateien\AOL\1202658926\ee\AOLSoftware.exe O4 - HKLM\..\Run: [WinampAgent] C:\Programme\Winamp\winampa.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\Programme\Gemeinsame Dateien\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Programme\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Programme\Gemeinsame Dateien\Ahead\Lib\NMBgMonitor.exe" O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Programme\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: AOL 9.0 Tray-Symbol.lnk = C:\Programme\AOL 9.0a\aoltray.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} (Symantec Download Manager) - webdl.symantec.com/activex/symdlmgr.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - update.microsoft.com/microsoftupdate/v6.....8772243765 O17 - HKLM\System\CCS\Services\Tcpip\..\{62A6376D-2A28-414D-AB56-ABEB21DA5F38}: NameServer = 205.188.146.145 O17 - HKLM\System\CCS\Services\Tcpip\..\{DFF16C3D-ACAD-4901-BA83-FF1503AF7694}: NameServer = 213.191.92.86 62.109.123.7 O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Programme\AVG\AVG8\avgpp.dll O20 - AppInit_DLLs: avgrsstx.dll O20 - Winlogon Notify: wibetlfb - C:\WINDOWS\SYSTEM32\clusapik.dll O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\Programme\Gemeinsame Dateien\AOL\ACS\AOLAcsd.exe O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe O23 - Service: NBService - Nero AG - C:\Programme\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe

Profil

DEMIAN Poslao: 18 Mar 2008 16:12 Idi na vrh
offline DEMIAN Legendarni građanin IT Manager Pridružio: 25 Mar 2005 Poruke: 3706 Gde živiš: The darkest place on earth..	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Pozdrav smz, Pronađi fajl koji ti je AV detektovao po putanji koju si naveo i upload-uj ga preko sledećeg linka. http://www.mycity.rs/ambulanta-upload.php Ako ti AV stalno javlja detekciju na ovaj malware možda će biti potrebno da ga isključis kako bi mogao da nam ga pošalješ. Izvesti kada fajl bude poslat. Za to vreme ja ću da pogledam ovo što si postavio, pa da krenemo u rešavanje problema.

Profil

smz Poslao: 19 Mar 2008 08:18 Idi na vrh
offline smz Građanin Pridružio: 18 Mar 2008 Poruke: 57	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Poslao sam upravo. Primetio sam da se tu osim clusapik.dll nalazi i jedan clusapik.dll.bak pa sam i njega poslao.Dobijao sam obavestenje da je fail prevelik i nisam mogao poslati dok nisam iskljucio stalni stit u AV programu. Hvala unapred

Profil

DEMIAN Poslao: 19 Mar 2008 15:04 Idi na vrh
offline DEMIAN Legendarni građanin IT Manager Pridružio: 25 Mar 2005 Poruke: 3706 Gde živiš: The darkest place on earth..	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Skini ComboFix sa jedne od sledecih adresa na Desktop: http://www.techsupportforum.com/sectools/sUBs/ComboFix.exe http://download.bleepingcomputer.com/sUBs/ComboFix.exe Startuj ga i ne diraj prozor programa dok skenira. Sledi uputstva na ekranu. Kada zavrsi pojavice se log (C:\ComboFix.txt) koji ces nam ovde iskopirati.

Profil

smz Poslao: 20 Mar 2008 14:48 Idi na vrh
offline smz Građanin Pridružio: 18 Mar 2008 Poruke: 57	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! evo odradio sam i to... ---------------- ComboFix 08-03-18.1 - Besitzer 2008-03-20 14:30:06.1 - NTFSx86 Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1031.18.700 [GMT 1:00] ausgeführt von:: C:\Dokumente und Einstellungen\Besitzer\Desktop\ComboFix1.exe * Neuer Wiederherstellungspunkt wurde erstellt WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !! . (((((((((((((((((((((((((((((((((((( Weitere Löschungen )))))))))))))))))))))))))))))))))))))))))))))))) . C:\WINDOWS\system32\appcert C:\WINDOWS\system32\clusapik.dll . . . . Nicht in der Lage zu löschen . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Legacy_FMTR -------\Legacy_MIUFXMOC -------\Service_miufxmoc ((((((((((((((((((((((( Dateien erstellt von 2008-02-20 bis 2008-03-20 )))))))))))))))))))))))))))))) . 2008-03-20 14:14 . 2008-03-20 14:14 <DIR> d-------- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\ImgBurn 2008-03-20 14:12 . 2008-03-20 14:21 <DIR> d-------- C:\Programme\ImgBurn 2008-03-19 09:20 . 2008-03-19 09:20 <DIR> d-------- C:\Programme\Portrait Professional 2008-03-18 14:53 . 2008-03-18 14:53 <DIR> d-------- C:\Programme\Trend Micro 2008-03-18 10:35 . 2008-03-18 10:58 <DIR> d-------- C:\Programme\AOL 9.0a 2008-03-18 08:57 . 2001-08-18 04:22 12,288 --a------ C:\WINDOWS\system32\drivers\mouhid.sys 2008-03-18 08:57 . 2001-08-18 04:22 12,288 --a--c--- C:\WINDOWS\system32\dllcache\mouhid.sys 2008-03-14 09:43 . 2008-03-19 08:46 75,272 --a------ C:\WINDOWS\system32\drivers\avgtdix.sys 2008-03-14 09:43 . 2008-03-14 09:43 12,424 --a------ C:\WINDOWS\system32\drivers\avgrkx86.sys 2008-03-14 09:43 . 2008-03-14 09:43 10,520 --a------ C:\WINDOWS\system32\avgrsstx.dll 2008-03-14 09:42 . 2008-03-19 07:59 <DIR> d-------- C:\WINDOWS\system32\drivers\Avg 2008-03-14 09:42 . 2008-03-14 09:42 <DIR> d-------- C:\Programme\AVG 2008-03-14 09:42 . 2008-03-14 09:48 <DIR> d-------- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\AVGTOOLBAR 2008-03-14 09:42 . 2008-03-14 09:42 <DIR> d-------- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\avg8 2008-03-14 09:42 . 2008-03-14 09:42 96,520 --a------ C:\WINDOWS\system32\drivers\avgldx86.sys 2008-03-13 11:47 . 2008-03-13 11:47 69 --a------ C:\WINDOWS\NeroDigital.ini 2008-03-11 09:11 . 2008-03-11 09:11 <DIR> d-------- C:\totalcmd 2008-03-11 09:11 . 2008-03-14 10:21 703 --a------ C:\WINDOWS\wincmd.ini 2008-03-11 09:11 . 2005-05-31 06:53 545 --a------ C:\WINDOWS\UC.PIF 2008-03-11 09:11 . 2005-05-31 06:53 545 --a------ C:\WINDOWS\RAR.PIF 2008-03-11 09:11 . 2005-05-31 06:53 545 --a------ C:\WINDOWS\PKZIP.PIF 2008-03-11 09:11 . 2005-05-31 06:53 545 --a------ C:\WINDOWS\PKUNZIP.PIF 2008-03-11 09:11 . 2005-05-31 06:53 545 --a------ C:\WINDOWS\NOCLOSE.PIF 2008-03-11 09:11 . 2005-05-31 06:53 545 --a------ C:\WINDOWS\LHA.PIF 2008-03-11 09:11 . 2005-05-31 06:53 545 --a------ C:\WINDOWS\ARJ.PIF 2008-03-10 10:12 . 2008-03-10 10:12 151 --a------ C:\WINDOWS\PhotoSnapViewer.INI 2008-03-07 10:06 . 2008-03-07 10:06 <DIR> d-------- C:\Programme\HD Tune 2008-03-07 09:43 . 2008-03-07 09:47 4,212 ---h----- C:\WINDOWS\system32\zllictbl.dat 2008-03-07 09:42 . 2008-03-07 10:03 <DIR> d-------- C:\WINDOWS\Internet Logs 2008-03-07 08:06 . 2008-03-14 09:29 <DIR> d-------- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\Lavasoft 2008-03-06 16:21 . 2008-03-10 10:30 86,528 --a------ C:\WINDOWS\system32\clusapik.dll.bak 2008-03-06 16:21 . 2008-03-20 14:31 86,528 --a------ C:\WINDOWS\system32\clusapik.dll 2008-03-06 14:00 . 2008-03-06 14:00 <DIR> d-------- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Avira 2008-03-06 13:41 . 2008-03-06 13:41 <DIR> d-------- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\AdobeUM 2008-03-06 13:40 . 2008-03-06 13:40 <DIR> d-------- C:\Programme\Gemeinsame Dateien\Adobe 2008-03-06 13:32 . 2008-03-06 13:32 376 --a------ C:\WINDOWS\ODBC.INI 2008-03-06 13:01 . 2008-03-06 13:06 <DIR> d-------- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\Ahead 2008-03-06 13:00 . 2008-03-06 13:00 <DIR> d-------- C:\Programme\Nero 2008-03-06 13:00 . 2008-03-06 13:01 <DIR> d-------- C:\Programme\Gemeinsame Dateien\Ahead 2008-03-06 12:52 . 2008-03-06 12:52 <DIR> d-------- C:\Programme\Winamp 2008-03-06 12:52 . 2004-12-20 19:37 20,016 --------- C:\WINDOWS\system32\drivers\pxhelp20.sys 2008-03-06 12:52 . 2008-03-13 11:49 192 --a------ C:\WINDOWS\winamp.ini . (((((((((((((((((((((((((((((((((((( Find3M Bericht )))))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-03-19 08:24 --------- d---a-w C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP 2008-03-18 12:21 --------- d-----w C:\Programme\Google 2008-03-18 09:36 --------- d-----w C:\Programme\Gemeinsame Dateien\aolshare 2008-03-18 09:36 --------- d-----w C:\Programme\Gemeinsame Dateien\aol 2008-03-18 09:35 --------- d-----w C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\AOL 2008-03-14 08:35 44,288 ----a-w C:\WINDOWS\system32\drivers\cdr4_xp.sys 2008-03-06 12:16 --------- d--h--w C:\Programme\InstallShield Installation Information 2008-03-06 11:13 --------- d-----w C:\Programme\Gemeinsame Dateien\Symantec Shared 2008-03-06 10:50 --------- d-----w C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Symantec 2008-03-05 11:49 19,712 ----a-w C:\WINDOWS\system32\drivers\otljuwpo.dat 2008-02-10 15:55 --------- d-----w C:\Programme\AOL 9.0 2008-02-10 15:53 --------- d-----w C:\Programme\LizardTech 2008-02-10 15:09 --------- d-----w C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\AOL 2008-02-10 15:08 8,552 ----a-w C:\WINDOWS\system32\drivers\asctrm.sys 2008-02-10 15:08 --------- d-----w C:\Programme\Real 2008-02-10 15:08 --------- d-----w C:\Programme\Gemeinsame Dateien\Real 2008-02-10 14:20 --------- d-----w C:\Programme\Gemeinsame Dateien\InstallShield 2008-02-10 14:15 19,584 ----a-w C:\WINDOWS\system32\drivers\yfyxvpim.dat 2008-01-12 04:08 357,768 ----a-w C:\Dokumente und Einstellungen\Besitzer\SymXPep2.dll 2008-01-08 16:48 357,768 ----a-w C:\WINDOWS\system32\SymXPep2.dll 2008-01-08 16:15 57,344 ----a-w C:\WINDOWS\uneng.exe 2007-12-22 15:13 246,545 ----a-w C:\WINDOWS\system32\libssl32.dll 2007-12-22 15:13 1,188,375 ----a-w C:\WINDOWS\system32\libeay32.dll . (((((((((((((((((((((((((((( Autostart Punkte der Registrierung )))))))))))))))))))))))))))))))))))))))) . . REGEDIT4 Hinweis leere Eintrage & legitime Standardeintrage werden nicht angezeigt. [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{8310169C-12C3-4E0A-AECD-CD63EF9295BD}] C:\WINDOWS\System32\CTWFLT32p.dll [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A057A204-BACC-4D26-9990-79A187E2698E}] 2008-03-19 08:46 2041600 --a------ C:\Programme\AVG\AVG8\avgtoolbar.dll [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D3257DCF-AFC2-49A5-822F-0D2CB1316424}] 2008-03-20 14:31 86528 --a------ c:\windows\system32\clusapik.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{A057A204-BACC-4D26-9990-79A187E2698E}"= "C:\Programme\AVG\AVG8\avgtoolbar.dll" [2008-03-19 08:46 2041600] [HKEY_CLASSES_ROOT\clsid\{a057a204-bacc-4d26-9990-79a187e2698e}] [HKEY_CLASSES_ROOT\avgtoolbar.AVGTOOLBAR] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser] "{A057A204-BACC-4D26-9990-79A187E2698E}"= C:\Programme\AVG\AVG8\avgtoolbar.dll [2008-03-19 08:46 2041600] [HKEY_CLASSES_ROOT\clsid\{a057a204-bacc-4d26-9990-79a187e2698e}] [HKEY_CLASSES_ROOT\avgtoolbar.AVGTOOLBAR] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 00:57 15360] "MSMSGS"="C:\Programme\Messenger\msmsgs.exe" [2004-10-13 17:24 1694208] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Programme\Gemeinsame Dateien\Ahead\Lib\NMBgMonitor.exe" [2006-09-13 11:12 139264] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NvCplDaemon"="C:\WINDOWS\System32\NvCpl.dll" [2003-04-24 15:58 4616192] "QuickTime Task"="C:\Programme\QuickTime\qttask.exe" [2007-08-22 17:15 98304] "routcnf"="C:\Programme\Telekom\T-Eumex 220PC\routcnf.exe" [ ] "Launch"="D:\SETUP.EXE" [ ] "UpdReg"="C:\WINDOWS\UpdReg.EXE" [2000-05-11 00:00 90112] "RealTray"="C:\Programme\Real\RealPlayer\RealPlay.exe" [2008-02-10 16:08 26112] "AdaptecDirectCD"="C:\Programme\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe" [2002-12-17 12:28 684032] "AOLDialer"="C:\Programme\Gemeinsame Dateien\AOL\ACS\AOLDial.exe" [2007-06-21 13:42 70952] "HostManager"="C:\Programme\Gemeinsame Dateien\AOL\1202658926\ee\AOLSoftware.exe" [2006-09-26 01:52 50736] "WinampAgent"="C:\Programme\Winamp\winampa.exe" [2004-12-20 19:41 33792] "NeroFilterCheck"="C:\Programme\Gemeinsame Dateien\Ahead\Lib\NeroCheck.exe" [2006-01-12 16:40 155648] "AVG8_TRAY"="C:\PROGRA~1\AVG\AVG8\avgtray.exe" [2008-03-14 09:42 1172760] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2004-08-04 00:57 15360] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=avgrsstx.dll [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "C:\\Programme\\Gemeinsame Dateien\\aol\\ACS\\AOLacsd.exe"= "C:\\Programme\\Gemeinsame Dateien\\aol\\ACS\\AOLDial.exe"= "C:\\Programme\\AOL 9.0\\waol.exe"= "C:\\Programme\\Gemeinsame Dateien\\aol\\1202658926\\ee\\aolsoftware.exe"= "C:\\WINDOWS\\explorer.exe"= "C:\\Programme\\AVG\\AVG8\\avgupd.exe"= "C:\\Programme\\AVG\\AVG8\\avgemc.exe"= "C:\\Programme\\AVG\\AVG8\\avgnsx.exe"= "C:\\Programme\\AOL 9.0a\\waol.exe"= R0 AvgRkx86;avgrkx86.sys;C:\WINDOWS\system32\Drivers\avgrkx86.sys [2008-03-14 09:43] R0 vdoltrph;vdoltrph;C:\WINDOWS\system32\drivers\otljuwpo.dat [] R1 AvgLdx86;AVG AVI Loader Driver x86;C:\WINDOWS\system32\Drivers\avgldx86.sys [2008-03-14 09:42] R2 avg8emc;AVG8 E-mail Scanner;C:\PROGRA~1\AVG\AVG8\avgemc.exe [2008-03-14 09:42] R2 avg8wd;AVG8 WatchDog;C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2008-03-14 09:42] R2 AvgTdiX;AVG8 Network Redirector;C:\WINDOWS\system32\Drivers\avgtdix.sys [2008-03-19 08:46] R3 AVMUNET;AVM FRITZ!Box;C:\WINDOWS\system32\DRIVERS\avmunet.sys [2004-11-24 02:00] S3 EraserUtilDrvI3;EraserUtilDrvI3;C:\Programme\Gemeinsame Dateien\Symantec Shared\EENGINE\EraserUtilDrvI3.sys [] S3 SymIM;Symantec Network Security Intermediate Filter Service;C:\WINDOWS\system32\DRIVERS\SymIM.sys [] S3 SymIMMP;SymIMMP;C:\WINDOWS\system32\DRIVERS\SymIM.sys [] . ************************************************************************ catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, gmer.net Rootkit scan 2008-03-20 14:34:04 Windows 5.1.2600 Service Pack 2 NTFS Scanne versteckte Prozesse... Scanne versteckte Autostart Einträge... Scanne versteckte Dateien... Scan erfolgreich abgeschlossen versteckte Dateien: 0 ********************************************************************** [HKEY_LOCAL_MACHINE\System\ControlSet004\Services\SAVRT] "ImagePath"="-" [HKEY_LOCAL_MACHINE\System\ControlSet004\Services\SNDSrvc] "ImagePath"="-" [HKEY_LOCAL_MACHINE\System\ControlSet004\Services\vdoltrph] "ImagePath"="system32\drivers\otljuwpo.dat" . ------------------------ Other Running Processes ------------------------ . C:\Programme\Gemeinsame Dateien\AOL\ACS\AOLAcsd.exe C:\WINDOWS\System32\nvsvc32.exe C:\Programme\Adobe\Acrobat 7.0\Reader\reader_sl.exe C:\Programme\AOL 9.0a\aoltray.exe C:\Programme\Gemeinsame Dateien\Ahead\Lib\NMIndexStoreSvr.exe C:\PROGRA~1\AVG\AVG8\avgam.exe C:\PROGRA~1\AVG\AVG8\avgnsx.exe C:\WINDOWS\system32\wscntfy.exe C:\Programme\AVG\AVG8\avgrsx.exe C:\Programme\AVG\AVG8\avgrsx.exe C:\PROGRA~1\AVG\AVG8\avgupd.exe . ************************************************************************ . Zeit der Fertigstellung: 2008-03-20 14:35:18 - machine was rebooted ComboFix-quarantined-files.txt 2008-03-20 13:35:15 . 2008-03-10 18:57:08 --- E O F ---

Profil

DEMIAN Poslao: 20 Mar 2008 16:48 Idi na vrh
offline DEMIAN Legendarni građanin IT Manager Pridružio: 25 Mar 2005 Poruke: 3706 Gde živiš: The darkest place on earth..	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Otvoriti Notepad i iskopirati sledeci tekst: `File:: C:\WINDOWS\system32\clusapik.dll C:\WINDOWS\system32\clusapik.dll.bak Driver:: vdoltrph Registry:: [-HKEY_LOCAL_MACHINE\System\ControlSet004\Services\vdoltrph] [-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D3257DCF-AFC2-49A5-822F-0D2CB1316424}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Launch"=- Rootkit:: C:\WINDOWS\system32\drivers\otljuwpo.dat C:\WINDOWS\system32\drivers\yfyxvpim.dat` Snimiti na Desktop fajl iz Notepada kao "CFScript" Prevuci snimljeni skript/tekst na ComboFix ikonicu kao na slici. Postaviti u sledecoj poruci log koji bude bio napravljen na kraju ciscenja/skeniranja.

Profil

smz Poslao: 21 Mar 2008 11:03 Idi na vrh
offline smz Građanin Pridružio: 18 Mar 2008 Poruke: 57	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! ComboFix 08-03-18.1 - Besitzer 2008-03-21 10:23:25.2 - NTFSx86 Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1031.18.718 [GMT 1:00] ausgeführt von:: C:\Dokumente und Einstellungen\Besitzer\Desktop\ComboFix1.exe Command switches used :: C:\Dokumente und Einstellungen\Besitzer\Desktop\CFScript.txt * Neuer Wiederherstellungspunkt wurde erstellt WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !! FILE :: C:\WINDOWS\system32\clusapik.dll C:\WINDOWS\system32\clusapik.dll.bak . (((((((((((((((((((((((((((((((((((( Weitere Löschungen )))))))))))))))))))))))))))))))))))))))))))))))) . C:\WINDOWS\system32\clusapik.dll C:\WINDOWS\system32\clusapik.dll.bak C:\WINDOWS\system32\drivers\otljuwpo.dat C:\WINDOWS\system32\drivers\yfyxvpim.dat . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Legacy_MIUFXMOC -------\Legacy_VDOLTRPH -------\Service_miufxmoc -------\Service_vdoltrph ((((((((((((((((((((((( Dateien erstellt von 2008-02-21 bis 2008-03-21 )))))))))))))))))))))))))))))) . 2008-03-20 15:11 . 2008-03-20 15:11 1,540,096 --a------ C:\HDDR.ISO 2008-03-20 14:14 . 2008-03-20 14:14 <DIR> d-------- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\ImgBurn 2008-03-20 14:12 . 2008-03-20 14:21 <DIR> d-------- C:\Programme\ImgBurn 2008-03-19 09:20 . 2008-03-19 09:20 <DIR> d-------- C:\Programme\Portrait Professional 2008-03-18 14:53 . 2008-03-18 14:53 <DIR> d-------- C:\Programme\Trend Micro 2008-03-18 10:35 . 2008-03-18 10:58 <DIR> d-------- C:\Programme\AOL 9.0a 2008-03-18 08:57 . 2001-08-18 04:22 12,288 --a------ C:\WINDOWS\system32\drivers\mouhid.sys 2008-03-18 08:57 . 2001-08-18 04:22 12,288 --a--c--- C:\WINDOWS\system32\dllcache\mouhid.sys 2008-03-14 09:43 . 2008-03-19 08:46 75,272 --a------ C:\WINDOWS\system32\drivers\avgtdix.sys 2008-03-14 09:43 . 2008-03-14 09:43 12,424 --a------ C:\WINDOWS\system32\drivers\avgrkx86.sys 2008-03-14 09:43 . 2008-03-14 09:43 10,520 --a------ C:\WINDOWS\system32\avgrsstx.dll 2008-03-14 09:42 . 2008-03-21 10:06 <DIR> d-------- C:\WINDOWS\system32\drivers\Avg 2008-03-14 09:42 . 2008-03-14 09:42 <DIR> d-------- C:\Programme\AVG 2008-03-14 09:42 . 2008-03-14 09:48 <DIR> d-------- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\AVGTOOLBAR 2008-03-14 09:42 . 2008-03-14 09:42 <DIR> d-------- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\avg8 2008-03-14 09:42 . 2008-03-14 09:42 96,520 --a------ C:\WINDOWS\system32\drivers\avgldx86.sys 2008-03-13 11:47 . 2008-03-13 11:47 69 --a------ C:\WINDOWS\NeroDigital.ini 2008-03-11 09:11 . 2008-03-11 09:11 <DIR> d-------- C:\totalcmd 2008-03-11 09:11 . 2008-03-14 10:21 703 --a------ C:\WINDOWS\wincmd.ini 2008-03-11 09:11 . 2005-05-31 06:53 545 --a------ C:\WINDOWS\UC.PIF 2008-03-11 09:11 . 2005-05-31 06:53 545 --a------ C:\WINDOWS\RAR.PIF 2008-03-11 09:11 . 2005-05-31 06:53 545 --a------ C:\WINDOWS\PKZIP.PIF 2008-03-11 09:11 . 2005-05-31 06:53 545 --a------ C:\WINDOWS\PKUNZIP.PIF 2008-03-11 09:11 . 2005-05-31 06:53 545 --a------ C:\WINDOWS\NOCLOSE.PIF 2008-03-11 09:11 . 2005-05-31 06:53 545 --a------ C:\WINDOWS\LHA.PIF 2008-03-11 09:11 . 2005-05-31 06:53 545 --a------ C:\WINDOWS\ARJ.PIF 2008-03-10 10:12 . 2008-03-10 10:12 151 --a------ C:\WINDOWS\PhotoSnapViewer.INI 2008-03-07 10:06 . 2008-03-07 10:06 <DIR> d-------- C:\Programme\HD Tune 2008-03-07 09:43 . 2008-03-07 09:47 4,212 ---h----- C:\WINDOWS\system32\zllictbl.dat 2008-03-07 09:42 . 2008-03-07 10:03 <DIR> d-------- C:\WINDOWS\Internet Logs 2008-03-07 08:06 . 2008-03-14 09:29 <DIR> d-------- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\Lavasoft 2008-03-06 14:00 . 2008-03-06 14:00 <DIR> d-------- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Avira 2008-03-06 13:41 . 2008-03-06 13:41 <DIR> d-------- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\AdobeUM 2008-03-06 13:40 . 2008-03-06 13:40 <DIR> d-------- C:\Programme\Gemeinsame Dateien\Adobe 2008-03-06 13:32 . 2008-03-06 13:32 376 --a------ C:\WINDOWS\ODBC.INI 2008-03-06 13:01 . 2008-03-06 13:06 <DIR> d-------- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\Ahead 2008-03-06 13:00 . 2008-03-06 13:00 <DIR> d-------- C:\Programme\Nero 2008-03-06 13:00 . 2008-03-06 13:01 <DIR> d-------- C:\Programme\Gemeinsame Dateien\Ahead 2008-03-06 12:52 . 2008-03-06 12:52 <DIR> d-------- C:\Programme\Winamp 2008-03-06 12:52 . 2004-12-20 19:37 20,016 --------- C:\WINDOWS\system32\drivers\pxhelp20.sys 2008-03-06 12:52 . 2008-03-13 11:49 192 --a------ C:\WINDOWS\winamp.ini . (((((((((((((((((((((((((((((((((((( Find3M Bericht )))))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-03-19 08:24 --------- d---a-w C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP 2008-03-18 12:21 --------- d-----w C:\Programme\Google 2008-03-18 09:36 --------- d-----w C:\Programme\Gemeinsame Dateien\aolshare 2008-03-18 09:36 --------- d-----w C:\Programme\Gemeinsame Dateien\aol 2008-03-18 09:35 --------- d-----w C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\AOL 2008-03-14 08:35 44,288 ----a-w C:\WINDOWS\system32\drivers\cdr4_xp.sys 2008-03-06 12:16 --------- d--h--w C:\Programme\InstallShield Installation Information 2008-03-06 11:13 --------- d-----w C:\Programme\Gemeinsame Dateien\Symantec Shared 2008-03-06 10:50 --------- d-----w C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Symantec 2008-02-10 15:55 --------- d-----w C:\Programme\AOL 9.0 2008-02-10 15:53 --------- d-----w C:\Programme\LizardTech 2008-02-10 15:09 --------- d-----w C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\AOL 2008-02-10 15:08 8,552 ----a-w C:\WINDOWS\system32\drivers\asctrm.sys 2008-02-10 15:08 --------- d-----w C:\Programme\Real 2008-02-10 15:08 --------- d-----w C:\Programme\Gemeinsame Dateien\Real 2008-02-10 14:20 --------- d-----w C:\Programme\Gemeinsame Dateien\InstallShield 2008-01-12 04:08 357,768 ----a-w C:\Dokumente und Einstellungen\Besitzer\SymXPep2.dll 2008-01-08 16:48 357,768 ----a-w C:\WINDOWS\system32\SymXPep2.dll 2008-01-08 16:15 57,344 ----a-w C:\WINDOWS\uneng.exe 2007-12-22 15:13 246,545 ----a-w C:\WINDOWS\system32\libssl32.dll 2007-12-22 15:13 1,188,375 ----a-w C:\WINDOWS\system32\libeay32.dll . (((((((((((((((((((((((((((( Autostart Punkte der Registrierung )))))))))))))))))))))))))))))))))))))))) . . REGEDIT4 Hinweis leere Eintrage & legitime Standardeintrage werden nicht angezeigt. [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{8310169C-12C3-4E0A-AECD-CD63EF9295BD}] C:\WINDOWS\System32\CTWFLT32p.dll [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A057A204-BACC-4D26-9990-79A187E2698E}] 2008-03-19 08:46 2041600 --a------ C:\Programme\AVG\AVG8\avgtoolbar.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{A057A204-BACC-4D26-9990-79A187E2698E}"= "C:\Programme\AVG\AVG8\avgtoolbar.dll" [2008-03-19 08:46 2041600] [HKEY_CLASSES_ROOT\clsid\{a057a204-bacc-4d26-9990-79a187e2698e}] [HKEY_CLASSES_ROOT\avgtoolbar.AVGTOOLBAR] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser] "{A057A204-BACC-4D26-9990-79A187E2698E}"= C:\Programme\AVG\AVG8\avgtoolbar.dll [2008-03-19 08:46 2041600] [HKEY_CLASSES_ROOT\clsid\{a057a204-bacc-4d26-9990-79a187e2698e}] [HKEY_CLASSES_ROOT\avgtoolbar.AVGTOOLBAR] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 00:57 15360] "MSMSGS"="C:\Programme\Messenger\msmsgs.exe" [2004-10-13 17:24 1694208] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Programme\Gemeinsame Dateien\Ahead\Lib\NMBgMonitor.exe" [2006-09-13 11:12 139264] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NvCplDaemon"="C:\WINDOWS\System32\NvCpl.dll" [2003-04-24 15:58 4616192] "QuickTime Task"="C:\Programme\QuickTime\qttask.exe" [2007-08-22 17:15 98304] "routcnf"="C:\Programme\Telekom\T-Eumex 220PC\routcnf.exe" [ ] "UpdReg"="C:\WINDOWS\UpdReg.EXE" [2000-05-11 00:00 90112] "RealTray"="C:\Programme\Real\RealPlayer\RealPlay.exe" [2008-02-10 16:08 26112] "AdaptecDirectCD"="C:\Programme\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe" [2002-12-17 12:28 684032] "AOLDialer"="C:\Programme\Gemeinsame Dateien\AOL\ACS\AOLDial.exe" [2007-06-21 13:42 70952] "HostManager"="C:\Programme\Gemeinsame Dateien\AOL\1202658926\ee\AOLSoftware.exe" [2006-09-26 01:52 50736] "WinampAgent"="C:\Programme\Winamp\winampa.exe" [2004-12-20 19:41 33792] "NeroFilterCheck"="C:\Programme\Gemeinsame Dateien\Ahead\Lib\NeroCheck.exe" [2006-01-12 16:40 155648] "AVG8_TRAY"="C:\PROGRA~1\AVG\AVG8\avgtray.exe" [2008-03-14 09:42 1172760] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2004-08-04 00:57 15360] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=avgrsstx.dll [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "C:\\Programme\\Gemeinsame Dateien\\aol\\ACS\\AOLacsd.exe"= "C:\\Programme\\Gemeinsame Dateien\\aol\\ACS\\AOLDial.exe"= "C:\\Programme\\AOL 9.0\\waol.exe"= "C:\\Programme\\Gemeinsame Dateien\\aol\\1202658926\\ee\\aolsoftware.exe"= "C:\\WINDOWS\\explorer.exe"= "C:\\Programme\\AVG\\AVG8\\avgupd.exe"= "C:\\Programme\\AVG\\AVG8\\avgemc.exe"= "C:\\Programme\\AVG\\AVG8\\avgnsx.exe"= "C:\\Programme\\AOL 9.0a\\waol.exe"= R0 AvgRkx86;avgrkx86.sys;C:\WINDOWS\system32\Drivers\avgrkx86.sys [2008-03-14 09:43] R1 AvgLdx86;AVG AVI Loader Driver x86;C:\WINDOWS\system32\Drivers\avgldx86.sys [2008-03-14 09:42] R2 avg8emc;AVG8 E-mail Scanner;C:\PROGRA~1\AVG\AVG8\avgemc.exe [2008-03-14 09:42] R2 avg8wd;AVG8 WatchDog;C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2008-03-14 09:42] R2 AvgTdiX;AVG8 Network Redirector;C:\WINDOWS\system32\Drivers\avgtdix.sys [2008-03-19 08:46] R3 AVMUNET;AVM FRITZ!Box;C:\WINDOWS\system32\DRIVERS\avmunet.sys [2004-11-24 02:00] S3 EraserUtilDrvI3;EraserUtilDrvI3;C:\Programme\Gemeinsame Dateien\Symantec Shared\EENGINE\EraserUtilDrvI3.sys [] S3 SymIM;Symantec Network Security Intermediate Filter Service;C:\WINDOWS\system32\DRIVERS\SymIM.sys [] S3 SymIMMP;SymIMMP;C:\WINDOWS\system32\DRIVERS\SymIM.sys [] . ************************************************************************ catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, gmer.net Rootkit scan 2008-03-21 10:26:11 Windows 5.1.2600 Service Pack 2 NTFS Scanne versteckte Prozesse... Scanne versteckte Autostart Einträge... Scanne versteckte Dateien... Scan erfolgreich abgeschlossen versteckte Dateien: 0 ********************************************************************** [HKEY_LOCAL_MACHINE\System\ControlSet004\Services\SAVRT] "ImagePath"="-" [HKEY_LOCAL_MACHINE\System\ControlSet004\Services\SNDSrvc] "ImagePath"="-" . ------------------------ Other Running Processes ------------------------ . C:\Programme\Gemeinsame Dateien\AOL\ACS\AOLAcsd.exe C:\WINDOWS\System32\nvsvc32.exe C:\Programme\Adobe\Acrobat 7.0\Reader\reader_sl.exe C:\Programme\AOL 9.0a\aoltray.exe C:\Programme\Gemeinsame Dateien\Ahead\Lib\NMIndexStoreSvr.exe C:\PROGRA~1\AVG\AVG8\avgam.exe C:\PROGRA~1\AVG\AVG8\avgnsx.exe C:\WINDOWS\system32\wscntfy.exe C:\Programme\AVG\AVG8\avgrsx.exe C:\Programme\AVG\AVG8\avgrsx.exe . ************************************************************************ . Zeit der Fertigstellung: 2008-03-21 10:27:22 - machine was rebooted ComboFix-quarantined-files.txt 2008-03-21 09:27:13 ComboFix2.txt 2008-03-20 13:35:19 . 2008-03-10 18:57:08 --- E O F ---

Profil

DEMIAN Poslao: 21 Mar 2008 22:19 Idi na vrh
offline DEMIAN Legendarni građanin IT Manager Pridružio: 25 Mar 2005 Poruke: 3706 Gde živiš: The darkest place on earth..	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl:

Profil

smz Poslao: 25 Mar 2008 12:27 Idi na vrh
offline smz Građanin Pridružio: 18 Mar 2008 Poruke: 57	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Ok sve reseno, izgleda da sve radi kako treba...puno se zahvaljujem

Profil

MyCity » Ambulanta -> Arhiva Ambulante » virus win32/heur kako se resiti

Ko je trenutno na forumu

Ukupno su 1013 korisnika na forumu :: 42 registrovanih, 5 sakrivenih i 966 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: airsuba, aramis s, babaroga, Bobrock1, cenejac111, darkangel, Duh sa sekirom, GAGI, galerija, Georgius, kraJo, Krusarac, laurusri, loon123, Mad Serb, maiden6657, MB120mm, mercedesamg, Metanoja, Milometer, moldway, ObelixSRB, Panter, Parker, Posmatrac77OKB, predragc, pristinski korpus, procesor, proka89, robertino, Silvertooth, Sirius, SlaKoj, Tila Painen, vandrej, vathra, vladaa012, vladetije, voja64, vukdra, Wrangler, x9

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by