MyCity » Ambulanta -> Arhiva Ambulante » Antivirus XP 2008 ili nesto sl.

Antivirus XP 2008 ili nesto sl.

Napisano na dan: 24.8.2008

Strana:
1
2
3

Antivirus XP 2008 ili nesto sl.

Pagination

Prethodna strana

Sledeća strana

Pagination

Odgovori

Strana:
1
2
3

zrdesing Poslao: 25 Avg 2008 20:46 Idi na vrh
offline zrdesing Građanin Pridružio: 21 Apr 2008 Poruke: 102 Gde živiš: Maklosevac, Nasice, Hrvatska	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! E internet mi je u totalnom k...... uspio sam nesto smrljat s gmerom...... sad cu i ovo s avenger-om i spykiller-om napravit..... evo log od gmer-a... filove nisam uspio okacit pa ih tu stavljam...... Dopuna: 25 Avg 2008 19:56 ... evo fileovi u zipu su oba dva Dopuna: 25 Avg 2008 20:08 Logfile of The Avenger Version 2.0, (c) by Swandog46 [Link mogu videti samo ulogovani korisnici] Platform: Windows XP ***************** Script file opened successfully. Script file read successfully. Backups directory opened successfully at C:\Avenger *************** Beginning to process script file: Rootkit scan active. Hidden driver "tdssserv" found! ImagePath: \systemroot\system32\drivers\tdssserv.sys Start Type: 1 (System) Rootkit scan completed. File "C:\WINDOWS\system32\drivers\svchost.exe" deleted successfully. Completed script processing. *************** Finished! Terminate. Dopuna: 25 Avg 2008 20:12 catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, [Link mogu videti samo ulogovani korisnici]** Rootkit scan 2008-08-25 20:15:43 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden services & system hive ... disk error: C:\WINDOWS\system32\config\system, 0 scanning hidden registry entries ... disk error: C:\WINDOWS\system32\config\software, 0 disk error: C:\Documents and Settings\Zoran.ZRDESING\ntuser.dat, 0 scanning hidden files ... disk error: C:\ please note that you need administrator rights to perform deep scan Dali su se uploadali fileovi? Dopuna: 25 Avg 2008 20:46 e uopce nece okacit fileove...... nakon sto ih okacim ne izbaci uopce link

Profil

dr_Bora Poslao: 25 Avg 2008 20:50 Idi na vrh
offline dr_Bora Anti Malware Fighter Rank 2 Pridružio: 24 Jul 2007 Poruke: 12280 Gde živiš: Höganäs, SE	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! To može da sačeka za sada... Ponovo ćemo koristiti program The Avenger. Dvoklikom pokreni avenger.exe Iskopiraj tekst koji se nalazi unutar Kod polja u (beli) prozor programa: `Drivers to delete: tdssserv Files to delete: C:\WINDOWS\system32\drivers\tdssserv.sys` Klikni Execute, a zatim Yes u sledeća dva prozora koji će se otvoriti Kompjuter će se restartovati (dva puta) i započeti će proces čišćenja/skeniranja Kada proces bude završen, logfile C:\avenger.txt će se otvoriti u Notepad-u Iskopiraj sadržaj dobijenog loga u temu na forumu.

Profil

zrdesing Poslao: 25 Avg 2008 21:03 Idi na vrh
offline zrdesing Građanin Pridružio: 21 Apr 2008 Poruke: 102 Gde živiš: Maklosevac, Nasice, Hrvatska	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Logfile of The Avenger Version 2.0, (c) by Swandog46 [Link mogu videti samo ulogovani korisnici] Platform: Windows XP ***************** Script file opened successfully. Script file read successfully. Backups directory opened successfully at C:\Avenger *************** Beginning to process script file: Rootkit scan active. Hidden driver "tdssserv" found! ImagePath: \systemroot\system32\drivers\tdssserv.sys Start Type: 4 (Disabled) Rootkit scan completed. Driver "tdssserv" deleted successfully. File "C:\WINDOWS\system32\drivers\tdssserv.sys" deleted successfully. Completed script processing. ***************** Finished! Terminate. Gmer je isto nasao taj file pod rootkit/malware...... to je jedino bilo crvenom bojom

Profil

dr_Bora Poslao: 25 Avg 2008 21:15 Idi na vrh
offline dr_Bora Anti Malware Fighter Rank 2 Pridružio: 24 Jul 2007 Poruke: 12280 Gde živiš: Höganäs, SE	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Ok, jedan rootkit manje. Pokreni HijackThis, skeniraj i čekiraj sledeće linije: O4 - HKLM\..\Run: [combofix] "C:\WINDOWS\system32\CF9670.exe" /c "C:\327882R2FWJFW\C.bat" O4 - HKCU\..\Run: [SVCHOST.EXE] C:\WINDOWS\system32\drivers\svchost.exe (file missing) Klikni Fix checked. Probaj sada da pokreneš ComboFix (tj. TheCat.exe).

Profil

zrdesing Poslao: 25 Avg 2008 21:33 Idi na vrh
offline zrdesing Građanin Pridružio: 21 Apr 2008 Poruke: 102 Gde živiš: Maklosevac, Nasice, Hrvatska	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! uspio sam pokrenuti combofix....... evo log ComboFix 08-08-23.03 - Zoran 2008-08-25 21:21:01.16 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.2.1250.1.1033.18.265 [GMT 2:00] Running from: C:\Documents and Settings\Zoran.ZRDESING\Desktop\TheCat.exe * Created a new restore point WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !! . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . C:\WINDOWS\system32\tdssadw.dll C:\WINDOWS\system32\tdssinit.dll C:\WINDOWS\system32\tdssl.dll C:\WINDOWS\system32\tdsslog.dll C:\WINDOWS\system32\tdssmain.dll C:\WINDOWS\system32\tdssservers.dat . ((((((((((((((((((((((((( Files Created from 2008-07-25 to 2008-08-25 ))))))))))))))))))))))))))))))) . 2008-08-25 17:32 . 2008-08-25 17:32 <DIR> d-------- C:\tr 2008-08-24 18:49 . 2008-08-24 18:49 <DIR> d-------- C:\Program Files\Malwarebytes' Anti-Malware 2008-08-24 18:49 . 2008-08-24 18:49 <DIR> d-------- C:\Documents and Settings\Zoran.ZRDESING\Application Data\Malwarebytes 2008-08-24 18:49 . 2008-08-24 18:49 <DIR> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Malwarebytes 2008-08-24 18:49 . 2008-08-17 15:01 38,472 --a------ C:\WINDOWS\system32\drivers\mbamswissarmy.sys 2008-08-24 18:49 . 2008-08-17 15:01 17,144 --a------ C:\WINDOWS\system32\drivers\mbam.sys 2008-08-23 20:20 . 2008-08-23 20:20 <DIR> d-------- C:\VundoFix Backups 2008-08-23 19:23 . 2008-08-23 20:58 9,216 --ahs---- C:\WINDOWS\Thumbs.db 2008-08-23 19:23 . 2008-08-24 17:03 5,120 --ahs---- C:\WINDOWS\system32\Thumbs.db 2008-08-23 17:54 . 2008-08-25 20:11 12,288 --a------ C:\WINDOWS\system32\tdssserf.dll 2008-08-02 11:52 . 2008-08-02 11:52 <DIR> d-------- C:\Program Files\Gold Miner Joe 2008-08-02 11:49 . 2008-08-02 11:50 <DIR> d-------- C:\Program Files\Passage 3 . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-08-16 20:24 --------- d-----w C:\Program Files\Jigsaw365 2008-08-16 12:29 --------- d-----w C:\Program Files\Snail Mail 2008-08-12 06:56 --------- d-----w C:\Documents and Settings\Zoran.ZRDESING\Application Data\Xfire 2008-08-06 19:13 --------- d-----w C:\Program Files\EA GAMES 2008-08-02 08:15 --------- d-----w C:\Program Files\Wonderland Secret Worlds 2008-07-21 09:42 --------- d-----w C:\Program Files\uTorrent 2008-07-19 18:09 --------- d-----w C:\Program Files\Spybot - Search & Destroy 2008-07-19 18:08 --------- d-----w C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy 2008-07-14 01:05 4,096 ----a-w C:\WINDOWS\system32\drivers\nocashio.sys 2008-07-10 13:36 --------- d-----w C:\Program Files\Lavasoft 2008-07-10 13:35 --------- d-----w C:\Program Files\Common Files\Wise Installation Wizard 2008-07-10 13:32 --------- d-----w C:\Documents and Settings\All Users.WINDOWS\Application Data\Lavasoft 2008-07-08 10:26 --------- d-----w C:\Program Files\Xfire 2008-07-06 14:35 --------- d-----w C:\Documents and Settings\Zoran.ZRDESING\Application Data\uTorrent 2008-07-02 16:57 --------- d-----w C:\Program Files\Fresco Wizard 2008-06-26 20:09 42,320 ----a-w C:\WINDOWS\system32\xfcodec.dll 2008-06-26 15:15 --------- d-----w C:\Program Files\Jnes 2008-06-25 22:05 --------- d-----w C:\Program Files\GBA 2008-06-25 15:24 --------- d-----w C:\Program Files\TextStat 2008-06-25 11:21 --------- d-----w C:\Documents and Settings\Zoran.ZRDESING\Application Data\BitTorrent 2008-06-25 10:09 --------- d-----w C:\Program Files\PSX emu 2008-06-25 09:40 --------- d--h--w C:\Program Files\InstallShield Installation Information 2008-06-25 09:40 --------- d-----w C:\Program Files\Click-2U 2008-06-03 17:15 98,304 ----a-w C:\WINDOWS\system32\CmdLineExt.dll 2007-12-23 18:21 19,936 ----a-w C:\Documents and Settings\Zoran.ZRDESING\Application Data\GDIPFONTCACHEV1.DAT 2003-12-31 22:43 24,192 -c--a-w C:\Documents and Settings\Zoran\usbsermptxp.sys 2003-12-31 22:43 22,768 -c--a-w C:\Documents and Settings\Zoran\usbsermpt.sys . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2002-12-31 14:00 15360] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "MULTIMEDIA KEYBOARD"="C:\Program Files\Netropa\Multimedia Keyboard\MMKeybd.exe" [2000-09-28 13:11 135168] "NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 11:50 155648] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 02:11 132496] "ATIPTA"="C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2004-08-12 21:10 339968] "DAEMON Tools"="C:\Program Files\DAEMON Tools\daemon.exe" [2006-09-14 22:09 157592] "HydraVisionDesktopManager"="C:\Program Files\ATI Technologies\ATI HYDRAVISION\HydraDM.exe" [2003-09-15 21:00 270336] "SoundMan"="SOUNDMAN.EXE" [2003-06-11 04:12 55296 C:\WINDOWS\SOUNDMAN.EXE] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2002-12-31 14:00 15360] C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Startup\ Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-09-23 23:05:26 29696] Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [2001-02-13 11:01:04 83360] WinZip Quick Pick.lnk - C:\Program Files\WinZip\WZQKPICK.EXE [2007-05-01 09:06:50 122880] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "vidc.I420"= i263_32.drv "vidc.DIV3"= DivXc32.dll "vidc.DIV4"= DivXc32f.dll "vidc.3iv2"= 3ivxVfWCodec.dll "msacm.divxa32"= divxa32.acm "VIDC.HFYU"= huffyuv.dll "VIDC.i263"= i263_32.drv "msacm.imc"= imc32.acm "VIDC.VP31"= vp31vfw.dll "VIDC.XFR1"= xfcodec.dll [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Authentication Packages REG_MULTI_SZ msv1_0 nwprovau [HKEY_LOCAL_MACHINE\software\microsoft\security center] "UpdatesDisableNotify"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "\\\\RAJIC-510981905\\E\\Program Files\\EA GAMES\\Need For Speed Underground\\Speed.exe"= "C:\\Program Files\\Mad Cars\\madcars.exe"= "C:\\Program Files\\Activision\\Call of Duty 2\\CoD2MP_s.exe"= "C:\\WINDOWS\\system32\\sessmgr.exe"= "E:\\Program Files\\Bela\\bela.exe"= "C:\\Program Files\\Messenger\\msmsgs.exe"= "C:\\Program Files\\NetMeeting\\conf.exe"= "E:\\Program Files\\EA GAMES\\Need for Speed Most Wanted\\speed.exe"= "C:\\UnrealTournament\\System\\UnrealTournament.exe"= "C:\\Program Files\\Xfire\\xfire.exe"= "C:\\Program Files\\BitTorrent\\bittorrent.exe"= "C:\\Program Files\\uTorrent\\uTorrent.exe"= "E:\\Program Files\\EA GAMES\\Need for Speed Underground 2\\speed2.exe"= "D:\\Program Files\\Call of Duty\\CoDMP.exe"= "E:\\Program Files\\Croteam\\Serious Sam\\Bin\\SeriousSam.exe"= "E:\\Program Files\\Unreal Tournament 2004\\System\\UT2004.exe"= "E:\\Program Files\\Counter-Strike 1.6\\hl.exe"= "C:\\Program Files\\DNA\\btdna.exe"= "C:\\WINDOWS\\system32\\dplaysvr.exe"= "C:\\WINDOWS\\system32\\dpnsvr.exe"= "C:\\WINDOWS\\system32\\dxdiag.exe"= "C:\\Program Files\\Carls Classics\\chess.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "3389:TCP"= 3389:TCP::Disabled:@xpsp2res.dll,-22009 "25600:TCP"= 25600:TCP::Disabled:class R1 aswSP;avast! Self Protection;C:\WINDOWS\system32\drivers\aswSP.sys [2008-07-19 16:35] R1 msikbd2k;Multimedia Keyboard Filter Driver;C:\WINDOWS\system32\DRIVERS\msikbd2k.sys [2000-06-06 14:51] R2 aswFsBlk;aswFsBlk;C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-07-19 16:37] R2 AVMPORT;AVMPORT;C:\WINDOWS\system32\drivers\avmport.sys [2000-11-14 00:00] R2 MBAMDrvService;MBAMDrvService;C:\WINDOWS\system32\drivers\mbam.sys [2008-08-17 15:01] R2 nhksrv;Netropa NHK Server;C:\Program Files\Netropa\Multimedia Keyboard\nhksrv.exe [2000-09-13 17:18] Newly Created Service - A347SCSI . . ------- Supplementary Scan ------- . FireFox -: Profile - C:\Documents and Settings\Zoran.ZRDESING\Application Data\Mozilla\Firefox\Profiles\65atepfg.default\ FireFox -: prefs.js - SEARCH.DEFAULTURL - [Link mogu videti samo ulogovani korisnici] FireFox -: prefs.js - STARTUP.HOMEPAGE - [Link mogu videti samo ulogovani korisnici] . ************************************************************************ catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, [Link mogu videti samo ulogovani korisnici] Rootkit scan 2008-08-25 21:24:06 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ********************************************************************** . ------------------------ Other Running Processes ------------------------ . C:\WINDOWS\system32\ati2evxx.exe C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe C:\WINDOWS\system32\snmp.exe C:\WINDOWS\system32\wdfmgr.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\Program Files\Netropa\Multimedia Keyboard\Traymon.exe C:\WINDOWS\system32\wscntfy.exe C:\Program Files\Netropa\Onscreen Display\osd.exe . ********************************************************************** . Completion time: 2008-08-25 21:27:36 - machine was rebooted ComboFix-quarantined-files.txt 2008-08-25 19:27:31 ComboFix2.txt 2008-08-22 11:54:28 Pre-Run: 2,751,750,144 bytes free Post-Run: 2,702,684,160 bytes free 170 --- E O F --- 2008-06-23 21:51:18 Dopuna: 25 Avg 2008 21:33 Evo i friski HT log...... Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 21:36:18, on 25.8.2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Netropa\Multimedia Keyboard\nhksrv.exe C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe C:\WINDOWS\System32\snmp.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Netropa\Multimedia Keyboard\MMKeybd.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\Program Files\DAEMON Tools\daemon.exe C:\Program Files\ATI Technologies\ATI HYDRAVISION\HydraDM.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Netropa\Multimedia Keyboard\TrayMon.exe C:\WINDOWS\system32\wscntfy.exe C:\Program Files\Netropa\Onscreen Display\OSD.exe C:\Program Files\WinZip\WZQKPICK.EXE C:\WINDOWS\System32\svchost.exe C:\WINDOWS\explorer.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [Link mogu videti samo ulogovani korisnici] R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [Link mogu videti samo ulogovani korisnici] R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [Link mogu videti samo ulogovani korisnici] R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = [Link mogu videti samo ulogovani korisnici] R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = [Link mogu videti samo ulogovani korisnici] R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [Link mogu videti samo ulogovani korisnici]** R3 - URLSearchHook: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - (no file) O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (file missing) O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O4 - HKLM\..\Run: [MULTIMEDIA KEYBOARD] C:\Program Files\Netropa\Multimedia Keyboard\MMKeybd.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033 O4 - HKLM\..\Run: [HydraVisionDesktopManager] C:\Program Files\ATI Technologies\ATI HYDRAVISION\HydraDM.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: Netropa NHK Server (nhksrv) - Unknown owner - C:\Program Files\Netropa\Multimedia Keyboard\nhksrv.exe -- End of file - 5252 bytes

Profil

dr_Bora Poslao: 25 Avg 2008 21:46 Idi na vrh
offline dr_Bora Anti Malware Fighter Rank 2 Pridružio: 24 Jul 2007 Poruke: 12280 Gde živiš: Höganäs, SE	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Otvoriti Notepad i iskopirati sledeci tekst: `File:: C:\WINDOWS\system32\tdssserf.dll Folder:: C:\VundoFix Backups FileLook:: C:\Documents and Settings\Zoran\usbsermptxp.sys C:\Documents and Settings\Zoran\usbsermpt.sys` Snimiti na Desktop fajl iz Notepada kao "CFScript" Prevuci snimljeni skript/tekst na ComboFix ikonicu kao na slici. Postaviti u sledecoj poruci log koji bude bio napravljen na kraju ciscenja/skeniranja.

Profil

zrdesing Poslao: 25 Avg 2008 22:07 Idi na vrh
offline zrdesing Građanin Pridružio: 21 Apr 2008 Poruke: 102 Gde živiš: Maklosevac, Nasice, Hrvatska	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! ComboFix 08-08-23.03 - Zoran 2008-08-25 21:59:09.17 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.2.1250.1.1033.18.188 [GMT 2:00] Running from: C:\Documents and Settings\Zoran.ZRDESING\Desktop\TheCat.exe Command switches used :: C:\Documents and Settings\Zoran.ZRDESING\Desktop\CFScript.txt * Created a new restore point WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !! FILE :: C:\WINDOWS\system32\tdssserf.dll . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . C:\VundoFix Backups C:\WINDOWS\system32\tdssserf.dll . ((((((((((((((((((((((((( Files Created from 2008-07-25 to 2008-08-25 ))))))))))))))))))))))))))))))) . 2008-08-25 17:32 . 2008-08-25 17:32 <DIR> d-------- C:\tr 2008-08-24 18:49 . 2008-08-24 18:49 <DIR> d-------- C:\Program Files\Malwarebytes' Anti-Malware 2008-08-24 18:49 . 2008-08-24 18:49 <DIR> d-------- C:\Documents and Settings\Zoran.ZRDESING\Application Data\Malwarebytes 2008-08-24 18:49 . 2008-08-24 18:49 <DIR> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Malwarebytes 2008-08-24 18:49 . 2008-08-17 15:01 38,472 --a------ C:\WINDOWS\system32\drivers\mbamswissarmy.sys 2008-08-24 18:49 . 2008-08-17 15:01 17,144 --a------ C:\WINDOWS\system32\drivers\mbam.sys 2008-08-23 19:23 . 2008-08-23 20:58 9,216 --ahs---- C:\WINDOWS\Thumbs.db 2008-08-23 19:23 . 2008-08-24 17:03 5,120 --ahs---- C:\WINDOWS\system32\Thumbs.db 2008-08-02 11:52 . 2008-08-02 11:52 <DIR> d-------- C:\Program Files\Gold Miner Joe 2008-08-02 11:49 . 2008-08-02 11:50 <DIR> d-------- C:\Program Files\Passage 3 . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-08-16 20:24 --------- d-----w C:\Program Files\Jigsaw365 2008-08-16 12:29 --------- d-----w C:\Program Files\Snail Mail 2008-08-12 06:56 --------- d-----w C:\Documents and Settings\Zoran.ZRDESING\Application Data\Xfire 2008-08-06 19:13 --------- d-----w C:\Program Files\EA GAMES 2008-08-02 08:15 --------- d-----w C:\Program Files\Wonderland Secret Worlds 2008-07-21 09:42 --------- d-----w C:\Program Files\uTorrent 2008-07-19 18:09 --------- d-----w C:\Program Files\Spybot - Search & Destroy 2008-07-19 18:08 --------- d-----w C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy 2008-07-14 01:05 4,096 ----a-w C:\WINDOWS\system32\drivers\nocashio.sys 2008-07-10 13:36 --------- d-----w C:\Program Files\Lavasoft 2008-07-10 13:35 --------- d-----w C:\Program Files\Common Files\Wise Installation Wizard 2008-07-10 13:32 --------- d-----w C:\Documents and Settings\All Users.WINDOWS\Application Data\Lavasoft 2008-07-08 10:26 --------- d-----w C:\Program Files\Xfire 2008-07-06 14:35 --------- d-----w C:\Documents and Settings\Zoran.ZRDESING\Application Data\uTorrent 2008-07-02 16:57 --------- d-----w C:\Program Files\Fresco Wizard 2008-06-26 20:09 42,320 ----a-w C:\WINDOWS\system32\xfcodec.dll 2008-06-26 15:15 --------- d-----w C:\Program Files\Jnes 2008-06-25 22:05 --------- d-----w C:\Program Files\GBA 2008-06-25 15:24 --------- d-----w C:\Program Files\TextStat 2008-06-25 11:21 --------- d-----w C:\Documents and Settings\Zoran.ZRDESING\Application Data\BitTorrent 2008-06-25 10:09 --------- d-----w C:\Program Files\PSX emu 2008-06-25 09:40 --------- d--h--w C:\Program Files\InstallShield Installation Information 2008-06-25 09:40 --------- d-----w C:\Program Files\Click-2U 2008-06-03 17:15 98,304 ----a-w C:\WINDOWS\system32\CmdLineExt.dll 2007-12-23 18:21 19,936 ----a-w C:\Documents and Settings\Zoran.ZRDESING\Application Data\GDIPFONTCACHEV1.DAT 2003-12-31 22:43 24,192 -c--a-w C:\Documents and Settings\Zoran\usbsermptxp.sys 2003-12-31 22:43 22,768 -c--a-w C:\Documents and Settings\Zoran\usbsermpt.sys . (((((((((((((((((((((((((((((((((((((((((((( Look ))))))))))))))))))))))))))))))))))))))))))))))))))))))))) . ---- C:\Documents and Settings\Zoran\usbsermpt.sys ---- Company: Microsoft Corporation File Description: USB Modem Driver File Version: 5.00.2195.6655 Product Name: Microsoft(R) Windows (R) 2000 Operating System Copyright: Copyright (C) Microsoft Corp. 1981-1999 Original file name: usbser.sys MD5: caad3467fbfae8a380f67e9c7150a85e ---- C:\Documents and Settings\Zoran\usbsermptxp.sys ---- Company: Microsoft Corporation File Description: USB Modem Driver File Version: 5.1.2600.1330 (xpsp2.031208-2000) Product Name: MicrosoftR WindowsR Operating System Copyright: c Microsoft Corporation. All rights reserved. Original file name: usbser.sys MD5: af4b8cc5ea40c57208796920068ddcd5 ((((((((((((((((((((((((((((( [Link mogu videti samo ulogovani korisnici] ))))))))))))))))))))))))))))))))))))))))) . + 2008-08-25 20:02:33 16,384 ----atw C:\WINDOWS\Temp\Perflib_Perfdata_198.dat + 2008-08-25 20:02:13 16,384 ----atw C:\WINDOWS\Temp\Perflib_Perfdata_5b4.dat . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2002-12-31 14:00 15360] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "MULTIMEDIA KEYBOARD"="C:\Program Files\Netropa\Multimedia Keyboard\MMKeybd.exe" [2000-09-28 13:11 135168] "NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 11:50 155648] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 02:11 132496] "ATIPTA"="C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2004-08-12 21:10 339968] "DAEMON Tools"="C:\Program Files\DAEMON Tools\daemon.exe" [2006-09-14 22:09 157592] "HydraVisionDesktopManager"="C:\Program Files\ATI Technologies\ATI HYDRAVISION\HydraDM.exe" [2003-09-15 21:00 270336] "SoundMan"="SOUNDMAN.EXE" [2003-06-11 04:12 55296 C:\WINDOWS\SOUNDMAN.EXE] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2002-12-31 14:00 15360] C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Startup\ Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-09-23 23:05:26 29696] Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [2001-02-13 11:01:04 83360] WinZip Quick Pick.lnk - C:\Program Files\WinZip\WZQKPICK.EXE [2007-05-01 09:06:50 122880] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "vidc.I420"= i263_32.drv "vidc.DIV3"= DivXc32.dll "vidc.DIV4"= DivXc32f.dll "vidc.3iv2"= 3ivxVfWCodec.dll "msacm.divxa32"= divxa32.acm "VIDC.HFYU"= huffyuv.dll "VIDC.i263"= i263_32.drv "msacm.imc"= imc32.acm "VIDC.VP31"= vp31vfw.dll "VIDC.XFR1"= xfcodec.dll [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Authentication Packages REG_MULTI_SZ msv1_0 nwprovau [HKEY_LOCAL_MACHINE\software\microsoft\security center] "UpdatesDisableNotify"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "\\\\RAJIC-510981905\\E\\Program Files\\EA GAMES\\Need For Speed Underground\\Speed.exe"= "C:\\Program Files\\Mad Cars\\madcars.exe"= "C:\\Program Files\\Activision\\Call of Duty 2\\CoD2MP_s.exe"= "C:\\WINDOWS\\system32\\sessmgr.exe"= "E:\\Program Files\\Bela\\bela.exe"= "C:\\Program Files\\Messenger\\msmsgs.exe"= "C:\\Program Files\\NetMeeting\\conf.exe"= "E:\\Program Files\\EA GAMES\\Need for Speed Most Wanted\\speed.exe"= "C:\\UnrealTournament\\System\\UnrealTournament.exe"= "C:\\Program Files\\Xfire\\xfire.exe"= "C:\\Program Files\\BitTorrent\\bittorrent.exe"= "C:\\Program Files\\uTorrent\\uTorrent.exe"= "E:\\Program Files\\EA GAMES\\Need for Speed Underground 2\\speed2.exe"= "D:\\Program Files\\Call of Duty\\CoDMP.exe"= "E:\\Program Files\\Croteam\\Serious Sam\\Bin\\SeriousSam.exe"= "E:\\Program Files\\Unreal Tournament 2004\\System\\UT2004.exe"= "E:\\Program Files\\Counter-Strike 1.6\\hl.exe"= "C:\\Program Files\\DNA\\btdna.exe"= "C:\\WINDOWS\\system32\\dplaysvr.exe"= "C:\\WINDOWS\\system32\\dpnsvr.exe"= "C:\\WINDOWS\\system32\\dxdiag.exe"= "C:\\Program Files\\Carls Classics\\chess.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "3389:TCP"= 3389:TCP::Disabled:@xpsp2res.dll,-22009 "25600:TCP"= 25600:TCP::Disabled:class R1 aswSP;avast! Self Protection;C:\WINDOWS\system32\drivers\aswSP.sys [2008-07-19 16:35] R1 msikbd2k;Multimedia Keyboard Filter Driver;C:\WINDOWS\system32\DRIVERS\msikbd2k.sys [2000-06-06 14:51] R2 aswFsBlk;aswFsBlk;C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-07-19 16:37] R2 AVMPORT;AVMPORT;C:\WINDOWS\system32\drivers\avmport.sys [2000-11-14 00:00] R2 MBAMDrvService;MBAMDrvService;C:\WINDOWS\system32\drivers\mbam.sys [2008-08-17 15:01] R2 nhksrv;Netropa NHK Server;C:\Program Files\Netropa\Multimedia Keyboard\nhksrv.exe [2000-09-13 17:18] . ************************************************************************ catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, [Link mogu videti samo ulogovani korisnici] Rootkit scan 2008-08-25 22:02:35 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ********************************************************************** . ------------------------ Other Running Processes ------------------------ . C:\WINDOWS\system32\ati2evxx.exe C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe C:\WINDOWS\system32\snmp.exe C:\WINDOWS\system32\wdfmgr.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\Program Files\Netropa\Multimedia Keyboard\Traymon.exe C:\Program Files\Netropa\Onscreen Display\osd.exe . ************************************************************************ . Completion time: 2008-08-25 22:06:09 - machine was rebooted ComboFix-quarantined-files.txt 2008-08-25 20:06:04 ComboFix2.txt 2008-08-25 19:27:37 ComboFix3.txt 2008-08-22 11:54:28 Pre-Run: 2,687,459,328 bytes free Post-Run: 2,668,265,472 bytes free 182 --- E O F --- 2008-06-23 21:51:18

Profil

dr_Bora Poslao: 25 Avg 2008 22:17 Idi na vrh
offline dr_Bora Anti Malware Fighter Rank 2 Pridružio: 24 Jul 2007 Poruke: 12280 Gde živiš: Höganäs, SE	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Ovo izgleda puno bolje. Znaš li šta je u folderu C:\tr ? Hajde da odradimo jedan av-scan... Preuzmi Dr.Web CureIt (~10 MB). Restartuj kompjuter u Safe Mode (uputstvo za Safe Mode) Dvoklikom pokreni cureit.exe, nakon čega će se pojaviti uvodni prozor - klikni Start Pojaviće se obaveštenje o započinjanju uvodnog skeniranja - klikni OK Sačekaj nekoliko minuta da Dr.Web CureIt izvrši Express Scan; ukoliko malware bude pronađen, klikom na taster Yes to All u prozoru koji se pojavi dozvoli programu da izvrši dezinfekciju Klikni Options > Change settings F9; u prozoru koji će se otvoriti, dečekiraj opciju Heuristic Analysis a zatim klikni OK U glavnom prozoru obeleži opciju Complete scan a zatim klikni i Dr.Web CureIt će započeti skeniranje Ukoliko malware bude pronađen, klikom na taster Yes to All u prozoru koji se pojavi dozvoli programu da izvrši dezinfekciju Kada skeniranje bude završeno, klikni Select all taster (ukoliko je dostupan), a zatim klikni Cure i, u meniju koji se otvori, klikni Move incurable: Po završetku procesa, klikni File > Save report list i sačuvaj log na Desktopu Iskopiraj sadržaj Dr.Web CureIt loga u temu na forumu. Nakon svega, javi i kakvo je stanje na kompjuteru.

Profil

zrdesing Poslao: 26 Avg 2008 13:37 Idi na vrh
offline zrdesing Građanin Pridružio: 21 Apr 2008 Poruke: 102 Gde živiš: Maklosevac, Nasice, Hrvatska	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! u mapi C:\tr je system restore od combofix-a...... to sam ja rucno napravio..... nista vazno.... OK..... al trebat ce mi 30 minuta da mi skine DR.Web...... brz net Dopuna: 26 Avg 2008 13:37 TheCat.exe\327882R2FWJFW\psexec.cfexe C:\Documents and Settings\Zoran.ZRDESING\Desktop\TheCat.exe Program.PsExec.171 TheCat.exe C:\Documents and Settings\Zoran.ZRDESING\Desktop Archive contains infected objects Moved. tdssadw.dll.vir C:\QooBox\Quarantine\C\WINDOWS\system32 Trojan.Packed.612 Deleted. tdssl.dll.vir C:\QooBox\Quarantine\C\WINDOWS\system32 Trojan.Packed.612 Deleted. tdsslog.dll.vir C:\QooBox\Quarantine\C\WINDOWS\system32 Trojan.Packed.612 Deleted. tdssmain.dll.vir C:\QooBox\Quarantine\C\WINDOWS\system32 Trojan.Packed.612 Deleted. tdssserf.dll.vir C:\QooBox\Quarantine\C\WINDOWS\system32 Trojan.Packed.612 Deleted. A0000115.dll C:\System Volume Information\_restore{E5E46525-A299-4347-95C8-BAABA7F331C9}\RP4 Trojan.Packed.612 Deleted. A0000117.dll C:\System Volume Information\_restore{E5E46525-A299-4347-95C8-BAABA7F331C9}\RP4 Trojan.Packed.612 Deleted. A0000118.dll C:\System Volume Information\_restore{E5E46525-A299-4347-95C8-BAABA7F331C9}\RP4 Trojan.Packed.612 Deleted. A0000119.dll C:\System Volume Information\_restore{E5E46525-A299-4347-95C8-BAABA7F331C9}\RP4 Trojan.Packed.612 Deleted. A0000143.EXE C:\System Volume Information\_restore{E5E46525-A299-4347-95C8-BAABA7F331C9}\RP4 Program.PsExec.170 Incurable.Moved. A0000188.dll C:\System Volume Information\_restore{E5E46525-A299-4347-95C8-BAABA7F331C9}\RP5 Trojan.Packed.612 Deleted. A0000212.EXE C:\System Volume Information\_restore{E5E46525-A299-4347-95C8-BAABA7F331C9}\RP5 Program.PsExec.170 Incurable.Moved. A0000263.exe\327882R2FWJFW\psexec.cfexe C:\System Volume Information\_restore{E5E46525-A299-4347-95C8-BAABA7F331C9}\RP5\A0000263.exe Program.PsExec.171 A0000263.exe C:\System Volume Information\_restore{E5E46525-A299-4347-95C8-BAABA7F331C9}\RP5 Archive contains infected objects Moved. ComboFix.exe\327882R2FWJFW\psexec.cfexe E:\ComboFix.exe Program.PsExec.171 ComboFix.exe E:\ Archive contains infected objects Moved. TheCat.exe\327882R2FWJFW\psexec.cfexe E:\TheCat.exe Program.PsExec.171 TheCat.exe E:\ Archive contains infected objects Moved. A0000264.exe\327882R2FWJFW\psexec.cfexe E:\System Volume Information\_restore{E5E46525-A299-4347-95C8-BAABA7F331C9}\RP5\A0000264.exe Program.PsExec.171 A0000264.exe E:\System Volume Information\_restore{E5E46525-A299-4347-95C8-BAABA7F331C9}\RP5 Archive contains infected objects Moved. A0000265.exe\327882R2FWJFW\psexec.cfexe E:\System Volume Information\_restore{E5E46525-A299-4347-95C8-BAABA7F331C9}\RP5\A0000265.exe Program.PsExec.171 A0000265.exe E:\System Volume Information\_restore{E5E46525-A299-4347-95C8-BAABA7F331C9}\RP5 Archive contains infected objects Moved. Isuse...... Ovo je 5 sati sinoc skenirao..... Sad je stanje u kompu mnogo bolje nego kad sam dosao otvorit temu..... Zapravo.... radi po starom, kao i prije infekcije....... Nije mi jasno zasto je DR.WEB nasao infekciju u combofix.exe, odn. TheCat.exe......

Profil

dr_Bora Poslao: 26 Avg 2008 16:34 Idi na vrh
offline dr_Bora Anti Malware Fighter Rank 2 Pridružio: 24 Jul 2007 Poruke: 12280 Gde živiš: Höganäs, SE	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Mnogi AV-ovi prepoznaju određene komponente programa koje koristimo kao potencijalno opasne (pošto mogu biti korišćeni i od strane malware-a). Obriši foldere: C:\Documents and Settings\Zoran.ZRDESING\DoctorWeb C:\QooBox C:\Avenger Isključi i zatim ponovo uključi System Restore: [Link mogu videti samo ulogovani korisnici] To je sve...

Profil

MyCity » Ambulanta -> Arhiva Ambulante » Antivirus XP 2008 ili nesto sl.

Ko je trenutno na forumu

Ukupno su 974 korisnika na forumu :: 91 registrovanih, 12 sakrivenih i 871 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: 4fat, Abebe Bikila, alternator, Andrija357, Asteker, avijacija, binfa, Bokiboks, boromir, boza_britva, Citalac, Coabelgrade, crnitrn, Dambi, Darko_X, dejanbenkovic, DejanSt, dekan.m, Djordje Meyo Mijailovic, draganl, dule10savic, dusan.l, Dzoni70, EXIT78, Frunze, gobrad, gomago, havoc995, HrcAk47, Ilija Cvorovic, ivan1973, jalos, JankoS, jodzula, Jozo74, Kandrbandrdzilo, kljift, Kobrim, Kvazar, M74AB3, Magistar78, Marko Marković, mercedesamg, mikidragi, Milan Miscevic, Milos1987, milutin134, mrdaak, MrNo, museum, mux, Nadla, nenad81, niksa517, nuke92, Panter, Phalanx, Plavi Jadran, Pv123, raster12, repac, Romibrat, s0ne, sale76, samsung, sekretar, Semprini, Shadow soldier, Sitan_Lopov, Siti2, Sićko, Soncogor, Steeeefan, stegonosa, stevo svinja, stibium51, suton, Szigetwar, takini, The Boss, TheBeastOfMG, travisrise, varda, vathra, vidra boy, VJ, Vlada1389, Vrač, Yellow Pinky, Zmaj Tolak, Žrnov

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by