MyCity » Ambulanta -> Arhiva Ambulante » [bobby] Log na prvojeru

[bobby] Log na prvojeru

Napisano na dan: 24.5.2008

Strana:
1
2
3
4
5
6
7

[bobby] Log na prvojeru

Pagination

Prethodna strana

Sledeća strana

Pagination

Odgovori

Strana:
1
2
3
4
5
6
7

nirre Poslao: 03 Jun 2008 00:10 Idi na vrh
offline nirre Super građanin Pridružio: 26 Mar 2005 Poruke: 1489 Gde živiš: Podgorica	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: sad ces da poludis,ovako,nakon enter za stavku pod rednim brojem 1,4,5,6,7 je pisalo "no maching file were found" a za stavku pod red.br. 2,3 nije nista pisalo. Dopuna: 03 Jun 2008 0:10 https://www.mycity.rs/must-login.png

Profil

bobby Poslao: 03 Jun 2008 00:15 Idi na vrh
offline bobby Administrator Pridružio: 04 Sep 2003 Poruke: 24135 Gde živiš: Wien	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Znaci da je 2 i 3 obrisao. Dodje mi da placem... Ubija me u pojam ovaj rootkit. Izgleda da on pravi sebi kopiju i menja reg. bazu pred samo gasenje sistema. Onda, po startovanju sistema on opet promeni reg. bazu i fajlove. Zato mi u logovima vidimo jedno, a na ugasenom Windowsu je nesto drugo. Moram da razmislim kako da ga se otarasimo. Sada je vec kasno, tako da cu ovo morati da ostavim za sutra. Dopuna: 03 Jun 2008 0:15 Pisali smo istovremeno. Ovaj zadnji GMER log je cist. Sta kaze ComboFix?

Profil

nirre Poslao: 03 Jun 2008 00:17 Idi na vrh
offline nirre Super građanin Pridružio: 26 Mar 2005 Poruke: 1489 Gde živiš: Podgorica	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! ComboFix 08-06-01.3 - erin 2008-06-03 0:11:40.7 - NTFSx86 Running from: C:\Documents and Settings\erin\Desktop\ComboFix.exe * Resident AV is active WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !! . ((((((((((((((((((((((((( Files Created from 2008-05-02 to 2008-06-02 ))))))))))))))))))))))))))))))) . 2008-06-02 14:54 . 2008-06-03 00:09 250 --a------ C:\WINDOWS\gmer.ini 2008-05-30 06:55 . 2008-05-30 06:55 6,144 --ahs---- C:\WINDOWS\Thumbs.db 2008-05-25 22:44 . 2008-05-25 22:44 <DIR> d-------- C:\Documents and Settings\erin\Application Data\ABBYY 2008-05-25 22:43 . 2008-05-25 22:43 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\ABBYY 2008-05-25 22:40 . 2008-05-25 22:46 <DIR> d-------- C:\Program Files\ABBYY FineReader 7.0 Professional Edition 2008-05-22 22:36 . 2004-05-14 16:53 462,848 --a------ C:\WINDOWS\system32\ltkrn13n.dll 2008-05-22 22:36 . 2004-05-14 16:53 450,560 --a------ C:\WINDOWS\system32\ltimg13n.dll 2008-05-22 22:36 . 2004-05-14 16:53 401,408 --a------ C:\WINDOWS\system32\lfcmp13n.dll 2008-05-22 22:36 . 2004-05-14 16:53 299,008 --a------ C:\WINDOWS\system32\ltdis13n.dll 2008-05-22 22:36 . 2004-01-12 02:09 206,336 --a------ C:\WINDOWS\system32\ltefx13n.dll 2008-05-22 22:36 . 2004-05-14 16:53 163,840 --a------ C:\WINDOWS\system32\ltfil13n.dll 2008-05-22 22:36 . 2003-11-04 15:10 69,632 --a------ C:\WINDOWS\system32\lfgif13n.dll 2008-05-22 22:36 . 2004-05-14 16:53 57,344 --a------ C:\WINDOWS\system32\lfbmp13n.dll 2008-05-21 12:27 . 2008-05-21 12:27 <DIR> d-------- C:\Program Files\Common Files\Skype 2008-05-21 12:27 . 2008-05-21 12:28 <DIR> d-------- C:\Documents and Settings\erin\Application Data\Skype 2008-05-21 12:27 . 2008-05-21 12:27 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Skype 2008-05-21 12:26 . 2008-05-21 12:27 <DIR> d-------- C:\Program Files\Skype 2008-05-20 14:09 . 2008-06-01 20:59 <DIR> d-------- C:\Program Files\Sony Ericsson 2008-05-20 13:55 . 2008-05-20 14:00 <DIR> d-------- C:\Program Files\Fma 2008-05-14 00:11 . 2004-08-04 00:56 221,184 --a------ C:\WINDOWS\system32\wmpns.dll 2008-05-13 10:57 . 2007-07-30 19:19 271,224 --a------ C:\WINDOWS\system32\mucltui.dll 2008-05-13 10:57 . 2007-07-30 19:19 207,736 --a------ C:\WINDOWS\system32\muweb.dll 2008-05-13 10:57 . 2007-07-30 19:19 30,072 --a------ C:\WINDOWS\system32\mucltui.dll.mui 2008-05-12 16:08 . 2008-05-12 16:08 <DIR> d-------- C:\Program Files\Spybot - Search & Destroy 2008-05-12 16:08 . 2008-05-25 12:43 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy 2008-05-12 16:03 . 2008-05-12 16:04 <DIR> d-------- C:\Program Files\Winamp 2008-05-05 19:38 . 2008-05-27 16:52 316 --a------ C:\WINDOWS\win.ini 2008-05-05 19:23 . 2006-10-18 23:47 8,231,936 --a------ C:\WINDOWS\system32\wmploc.backup 2008-05-05 19:23 . 2006-10-17 13:05 105,984 --a------ C:\WINDOWS\system32\url.backup 2008-05-05 19:21 . 2004-08-04 00:56 8,384,000 --a------ C:\WINDOWS\system32\shell32.backup 2008-05-05 19:20 . 2004-08-04 00:56 983,552 --a------ C:\WINDOWS\system32\setupapi.backup 2008-05-05 19:20 . 2004-08-04 00:56 657,920 --a------ C:\WINDOWS\system32\rasdlg.backup 2008-05-05 19:20 . 2004-08-04 00:56 343,040 --a------ C:\WINDOWS\system32\cmdial32.backup 2008-05-05 19:20 . 2004-08-04 00:56 298,496 --a------ C:\WINDOWS\system32\sysdm.backup 2008-05-05 19:20 . 2004-08-04 00:56 163,840 --a------ C:\WINDOWS\system32\credui.backup 2008-05-05 19:20 . 2004-08-04 00:56 10,752 --a------ C:\WINDOWS\hh.backup 2008-05-05 19:17 . 2008-05-10 18:11 <DIR> d-------- C:\WINDOWS\VIPv3 . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-06-02 22:05 --------- d-----w C:\Program Files\Mozilla Thunderbird 2008-06-01 19:01 --------- d-----w C:\Documents and Settings\All Users\Application Data\RFA_Backups 2008-06-01 12:43 --------- d-----w C:\Documents and Settings\erin\Application Data\LimeWire 2008-06-01 11:39 --------- d--h--w C:\Program Files\InstallShield Installation Information 2008-06-01 11:39 --------- d-----w C:\Program Files\Common Files\Teleca Shared 2008-05-17 17:25 --------- d-----w C:\Documents and Settings\All Users\Application Data\Microsoft Help 2008-04-28 23:10 --------- d-----w C:\Program Files\Common Files\NSV 2008-04-28 18:36 --------- d-----w C:\Documents and Settings\erin\Application Data\ESET 2008-04-28 18:33 --------- d-----w C:\Program Files\ESET 2008-04-28 18:33 --------- d-----w C:\Documents and Settings\All Users\Application Data\ESET 2008-04-28 11:47 --------- d-----w C:\Documents and Settings\All Users\Application Data\Lavasoft 2008-04-28 11:46 12,632 ----a-w C:\WINDOWS\system32\lsdelete.exe 2008-04-26 11:50 --------- d-----w C:\Program Files\Opera 2008-04-20 16:36 --------- d-----w C:\Documents and Settings\erin\Application Data\Teleca 2008-04-16 18:11 --------- d-----w C:\Program Files\Audacity 1.3 Beta 2008-03-27 08:12 151,583 ----a-w C:\WINDOWS\system32\msjint40.dll 2008-03-19 09:47 1,845,248 ----a-w C:\WINDOWS\system32\win32k.sys . ------- Sigcheck ------- 2004-08-04 00:56 14336 8f078ae4ed187aaabc0a305146de6716 C:\WINDOWS\system32\svchost.exe 2004-08-04 00:56 14336 8f078ae4ed187aaabc0a305146de6716 C:\WINDOWS\system32\dllcache\svchost.exe 2004-08-04 00:56 82944 2ed0b7f12a60f90092081c50fa0ec2b2 C:\WINDOWS\system32\ws2_32.dll 2004-08-04 00:56 82944 2ed0b7f12a60f90092081c50fa0ec2b2 C:\WINDOWS\system32\dllcache\ws2_32.dll 2004-08-04 00:56 502272 01c3346c241652f43aed8e2149881bfe C:\WINDOWS\system32\winlogon.exe 2004-08-04 00:56 502272 01c3346c241652f43aed8e2149881bfe C:\WINDOWS\system32\dllcache\winlogon.exe 2004-08-03 23:14 182912 558635d3af1c7546d26067d5d9b6959e C:\WINDOWS\system32\dllcache\ndis.sys 2004-08-03 23:14 182912 558635d3af1c7546d26067d5d9b6959e C:\WINDOWS\system32\drivers\ndis.sys 2004-08-03 23:00 29056 4448006b6bc60e6c027932cfc38d6855 C:\WINDOWS\system32\dllcache\ip6fw.sys 2004-08-03 23:00 29056 4448006b6bc60e6c027932cfc38d6855 C:\WINDOWS\system32\drivers\ip6fw.sys 2004-08-04 00:56 108032 c6ce6eec82f187615d1002bb3bb50ed4 C:\WINDOWS\system32\services.exe 2004-08-04 00:56 108032 c6ce6eec82f187615d1002bb3bb50ed4 C:\WINDOWS\system32\dllcache\services.exe 2004-08-04 00:56 13312 84885f9b82f4d55c6146ebf6065d75d2 C:\WINDOWS\system32\lsass.exe 2004-08-04 00:56 13312 84885f9b82f4d55c6146ebf6065d75d2 C:\WINDOWS\system32\dllcache\lsass.exe 2004-08-04 00:56 15360 24232996a38c0b0cf151c2140ae29fc8 C:\WINDOWS\system32\ctfmon.exe 2004-08-04 00:56 15360 24232996a38c0b0cf151c2140ae29fc8 C:\WINDOWS\system32\dllcache\ctfmon.exe . ((((((((((((((((((((((((((((( snapshot@2008-06-01_21.55.41.28 ))))))))))))))))))))))))))))))))))))))))) . - 2008-06-01 19:49:34 2,048 --s-a-w C:\WINDOWS\bootstat.dat + 2008-06-02 22:04:54 2,048 --s-a-w C:\WINDOWS\bootstat.dat + 2008-06-02 12:54:31 884,736 ----a-w C:\WINDOWS\gmer.dll + 2008-04-17 19:13:02 811,008 ----a-w C:\WINDOWS\gmer.exe + 2008-06-02 12:54:31 85,969 ----a-w C:\WINDOWS\system32\drivers\gmer.sys + 2008-06-02 22:05:08 16,384 ----atw C:\WINDOWS\Temp\Perflib_Perfdata_244.dat . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 00:56 15360] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "egui"="C:\Program Files\ESET\ESET Smart Security\egui.exe" [2007-12-21 08:21 1443072] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "VIDC.YV12"= yv12vfw.dll [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusDisableNotify"=dword:00000001 "UpdatesDisableNotify"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "C:\\Program Files\\LimeWire\\LimeWire.exe"= "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"= "C:\\Program Files\\Skype\\Phone\\Skype.exe"= R3 SNPHV71;PC Camera (602a VGA);C:\WINDOWS\system32\DRIVERS\snphv71.sys [2002-11-08 18:24] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1372b9e0-eaf0-11dc-9820-000ea667e277}] \Shell\AutoRun\command - F:\2ifetri.cmd \Shell\explore\Command - F:\2ifetri.cmd \Shell\open\Command - F:\2ifetri.cmd [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{15a05d2b-be2f-11dc-97af-d2a421fdc9d1}] \Shell\AutoRun\command - F:\2ifetri.cmd \Shell\explore\Command - F:\2ifetri.cmd \Shell\open\Command - F:\2ifetri.cmd [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{cecfcedf-c68c-11dc-97c8-f84ff3382347}] \Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Autorun.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e8209fca-c107-11dc-97b6-a28a6003ab52}] \Shell\AutoRun\command - F:\2ifetri.cmd \Shell\explore\Command - F:\2ifetri.cmd \Shell\open\Command - F:\2ifetri.cmd . ************************************************************************ catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-06-03 00:14:07 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************ . Completion time: 2008-06-03 0:16:21 ComboFix-quarantined-files.txt 2008-06-02 22:15:54 ComboFix2.txt 2008-06-02 21:05:42 ComboFix3.txt 2008-06-02 14:07:31 ComboFix4.txt 2008-06-01 19:56:10 Pre-Run: 16,210,444,288 bytes free Post-Run: 16,200,040,448 bytes free 148 --- E O F --- 2008-06-01 11:45:49

Profil

bobby Poslao: 03 Jun 2008 00:24 Idi na vrh
offline bobby Administrator Pridružio: 04 Sep 2003 Poruke: 24135 Gde živiš: Wien	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Otvoriti Notepad i iskopirati sledeci tekst: Registry:: [-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1372b9e0-eaf0-11dc-9820-000ea667e277}] [-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{15a05d2b-be2f-11dc-97af-d2a421fdc9d1}] [-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e8209fca-c107-11dc-97b6-a28a6003ab52}] [-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{cecfcedf-c68c-11dc-97c8-f84ff3382347}] Snimiti na Desktop fajl iz Notepada kao "CFScript" Prevuci snimljeni skript/tekst na ComboFix ikonicu kao na slici. Postaviti u sledecoj poruci log koji bude bio napravljen na kraju ciscenja/skeniranja. Dalje, na USB stickovima najverovatnije i dalje imas infekciju. Najverovatnije je imas i na mobilnom (njemu ne moze da skodi). Najbolje je da te uredjaje obrises na nekom Linux kompu. Kumim te, nemoj ih vise ubacivati u tvoj komp.

Profil

nirre Poslao: 03 Jun 2008 22:57 Idi na vrh
offline nirre Super građanin Pridružio: 26 Mar 2005 Poruke: 1489 Gde živiš: Podgorica	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! bobby ::Kumim te, nemoj ih vise ubacivati u tvoj komp. Nema tih para koje bi me sada natjerale jer samo koliko puta danas upalih gmer i combo to nije normalno. Sad cu ovo odradit Dopuna: 03 Jun 2008 0:43 ComboFix 08-06-01.3 - erin 2008-06-03 0:37:06.8 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.66 [GMT 2:00]Running from: C:\Documents and Settings\erin\Desktop\ComboFix.exe Command switches used :: C:\Documents and Settings\erin\Desktop\CFScript.txt * Created a new restore point * Resident AV is active WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !! . ((((((((((((((((((((((((( Files Created from 2008-05-02 to 2008-06-02 ))))))))))))))))))))))))))))))) . 2008-06-02 14:54 . 2008-06-03 00:09 250 --a------ C:\WINDOWS\gmer.ini 2008-05-30 06:55 . 2008-05-30 06:55 6,144 --ahs---- C:\WINDOWS\Thumbs.db 2008-05-25 22:44 . 2008-05-25 22:44 <DIR> d-------- C:\Documents and Settings\erin\Application Data\ABBYY 2008-05-25 22:43 . 2008-05-25 22:43 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\ABBYY 2008-05-25 22:40 . 2008-05-25 22:46 <DIR> d-------- C:\Program Files\ABBYY FineReader 7.0 Professional Edition 2008-05-22 22:36 . 2004-05-14 16:53 462,848 --a------ C:\WINDOWS\system32\ltkrn13n.dll 2008-05-22 22:36 . 2004-05-14 16:53 450,560 --a------ C:\WINDOWS\system32\ltimg13n.dll 2008-05-22 22:36 . 2004-05-14 16:53 401,408 --a------ C:\WINDOWS\system32\lfcmp13n.dll 2008-05-22 22:36 . 2004-05-14 16:53 299,008 --a------ C:\WINDOWS\system32\ltdis13n.dll 2008-05-22 22:36 . 2004-01-12 02:09 206,336 --a------ C:\WINDOWS\system32\ltefx13n.dll 2008-05-22 22:36 . 2004-05-14 16:53 163,840 --a------ C:\WINDOWS\system32\ltfil13n.dll 2008-05-22 22:36 . 2003-11-04 15:10 69,632 --a------ C:\WINDOWS\system32\lfgif13n.dll 2008-05-22 22:36 . 2004-05-14 16:53 57,344 --a------ C:\WINDOWS\system32\lfbmp13n.dll 2008-05-21 12:27 . 2008-05-21 12:27 <DIR> d-------- C:\Program Files\Common Files\Skype 2008-05-21 12:27 . 2008-05-21 12:28 <DIR> d-------- C:\Documents and Settings\erin\Application Data\Skype 2008-05-21 12:27 . 2008-05-21 12:27 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Skype 2008-05-21 12:26 . 2008-05-21 12:27 <DIR> d-------- C:\Program Files\Skype 2008-05-20 14:09 . 2008-06-01 20:59 <DIR> d-------- C:\Program Files\Sony Ericsson 2008-05-20 13:55 . 2008-05-20 14:00 <DIR> d-------- C:\Program Files\Fma 2008-05-14 00:11 . 2004-08-04 00:56 221,184 --a------ C:\WINDOWS\system32\wmpns.dll 2008-05-13 10:57 . 2007-07-30 19:19 271,224 --a------ C:\WINDOWS\system32\mucltui.dll 2008-05-13 10:57 . 2007-07-30 19:19 207,736 --a------ C:\WINDOWS\system32\muweb.dll 2008-05-13 10:57 . 2007-07-30 19:19 30,072 --a------ C:\WINDOWS\system32\mucltui.dll.mui 2008-05-12 16:08 . 2008-05-12 16:08 <DIR> d-------- C:\Program Files\Spybot - Search & Destroy 2008-05-12 16:08 . 2008-05-25 12:43 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy 2008-05-12 16:03 . 2008-05-12 16:04 <DIR> d-------- C:\Program Files\Winamp 2008-05-05 19:38 . 2008-05-27 16:52 316 --a------ C:\WINDOWS\win.ini 2008-05-05 19:23 . 2006-10-18 23:47 8,231,936 --a------ C:\WINDOWS\system32\wmploc.backup 2008-05-05 19:23 . 2006-10-17 13:05 105,984 --a------ C:\WINDOWS\system32\url.backup 2008-05-05 19:21 . 2004-08-04 00:56 8,384,000 --a------ C:\WINDOWS\system32\shell32.backup 2008-05-05 19:20 . 2004-08-04 00:56 983,552 --a------ C:\WINDOWS\system32\setupapi.backup 2008-05-05 19:20 . 2004-08-04 00:56 657,920 --a------ C:\WINDOWS\system32\rasdlg.backup 2008-05-05 19:20 . 2004-08-04 00:56 343,040 --a------ C:\WINDOWS\system32\cmdial32.backup 2008-05-05 19:20 . 2004-08-04 00:56 298,496 --a------ C:\WINDOWS\system32\sysdm.backup 2008-05-05 19:20 . 2004-08-04 00:56 163,840 --a------ C:\WINDOWS\system32\credui.backup 2008-05-05 19:20 . 2004-08-04 00:56 10,752 --a------ C:\WINDOWS\hh.backup 2008-05-05 19:17 . 2008-05-10 18:11 <DIR> d-------- C:\WINDOWS\VIPv3 . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-06-02 22:05 --------- d-----w C:\Program Files\Mozilla Thunderbird 2008-06-01 19:01 --------- d-----w C:\Documents and Settings\All Users\Application Data\RFA_Backups 2008-06-01 12:43 --------- d-----w C:\Documents and Settings\erin\Application Data\LimeWire 2008-06-01 11:39 --------- d--h--w C:\Program Files\InstallShield Installation Information 2008-06-01 11:39 --------- d-----w C:\Program Files\Common Files\Teleca Shared 2008-05-17 17:25 --------- d-----w C:\Documents and Settings\All Users\Application Data\Microsoft Help 2008-04-28 23:10 --------- d-----w C:\Program Files\Common Files\NSV 2008-04-28 18:36 --------- d-----w C:\Documents and Settings\erin\Application Data\ESET 2008-04-28 18:33 --------- d-----w C:\Program Files\ESET 2008-04-28 18:33 --------- d-----w C:\Documents and Settings\All Users\Application Data\ESET 2008-04-28 11:47 --------- d-----w C:\Documents and Settings\All Users\Application Data\Lavasoft 2008-04-28 11:46 12,632 ----a-w C:\WINDOWS\system32\lsdelete.exe 2008-04-26 11:50 --------- d-----w C:\Program Files\Opera 2008-04-20 16:36 --------- d-----w C:\Documents and Settings\erin\Application Data\Teleca 2008-04-16 18:11 --------- d-----w C:\Program Files\Audacity 1.3 Beta 2008-03-27 08:12 151,583 ----a-w C:\WINDOWS\system32\msjint40.dll 2008-03-19 09:47 1,845,248 ----a-w C:\WINDOWS\system32\win32k.sys . ------- Sigcheck ------- 2004-08-04 00:56 14336 8f078ae4ed187aaabc0a305146de6716 C:\WINDOWS\system32\svchost.exe 2004-08-04 00:56 14336 8f078ae4ed187aaabc0a305146de6716 C:\WINDOWS\system32\dllcache\svchost.exe 2004-08-04 00:56 82944 2ed0b7f12a60f90092081c50fa0ec2b2 C:\WINDOWS\system32\ws2_32.dll 2004-08-04 00:56 82944 2ed0b7f12a60f90092081c50fa0ec2b2 C:\WINDOWS\system32\dllcache\ws2_32.dll 2004-08-04 00:56 502272 01c3346c241652f43aed8e2149881bfe C:\WINDOWS\system32\winlogon.exe 2004-08-04 00:56 502272 01c3346c241652f43aed8e2149881bfe C:\WINDOWS\system32\dllcache\winlogon.exe 2004-08-03 23:14 182912 558635d3af1c7546d26067d5d9b6959e C:\WINDOWS\system32\dllcache\ndis.sys 2004-08-03 23:14 182912 558635d3af1c7546d26067d5d9b6959e C:\WINDOWS\system32\drivers\ndis.sys 2004-08-03 23:00 29056 4448006b6bc60e6c027932cfc38d6855 C:\WINDOWS\system32\dllcache\ip6fw.sys 2004-08-03 23:00 29056 4448006b6bc60e6c027932cfc38d6855 C:\WINDOWS\system32\drivers\ip6fw.sys 2004-08-04 00:56 108032 c6ce6eec82f187615d1002bb3bb50ed4 C:\WINDOWS\system32\services.exe 2004-08-04 00:56 108032 c6ce6eec82f187615d1002bb3bb50ed4 C:\WINDOWS\system32\dllcache\services.exe 2004-08-04 00:56 13312 84885f9b82f4d55c6146ebf6065d75d2 C:\WINDOWS\system32\lsass.exe 2004-08-04 00:56 13312 84885f9b82f4d55c6146ebf6065d75d2 C:\WINDOWS\system32\dllcache\lsass.exe 2004-08-04 00:56 15360 24232996a38c0b0cf151c2140ae29fc8 C:\WINDOWS\system32\ctfmon.exe 2004-08-04 00:56 15360 24232996a38c0b0cf151c2140ae29fc8 C:\WINDOWS\system32\dllcache\ctfmon.exe . ((((((((((((((((((((((((((((( snapshot@2008-06-01_21.55.41.28 ))))))))))))))))))))))))))))))))))))))))) . - 2008-06-01 19:49:34 2,048 --s-a-w C:\WINDOWS\bootstat.dat + 2008-06-02 22:04:54 2,048 --s-a-w C:\WINDOWS\bootstat.dat + 2008-06-02 12:54:31 884,736 ----a-w C:\WINDOWS\gmer.dll + 2008-04-17 19:13:02 811,008 ----a-w C:\WINDOWS\gmer.exe + 2008-06-02 12:54:31 85,969 ----a-w C:\WINDOWS\system32\drivers\gmer.sys + 2008-06-02 22:05:08 16,384 ----atw C:\WINDOWS\Temp\Perflib_Perfdata_244.dat . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 00:56 15360] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "egui"="C:\Program Files\ESET\ESET Smart Security\egui.exe" [2007-12-21 08:21 1443072] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "VIDC.YV12"= yv12vfw.dll [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusDisableNotify"=dword:00000001 "UpdatesDisableNotify"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "C:\\Program Files\\LimeWire\\LimeWire.exe"= "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"= "C:\\Program Files\\Skype\\Phone\\Skype.exe"= . ************************************************************************ catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-06-03 00:39:53 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************ . Completion time: 2008-06-03 0:42:42 ComboFix-quarantined-files.txt 2008-06-02 22:42:00 ComboFix2.txt 2008-06-02 22:16:23 ComboFix3.txt 2008-06-02 21:05:42 ComboFix4.txt 2008-06-02 14:07:31 ComboFix5.txt 2008-06-01 19:56:10 Pre-Run: 16,185,139,200 bytes free Post-Run: 16,176,984,064 bytes free 136 --- E O F --- 2008-06-01 11:45:49 Dopuna: 03 Jun 2008 22:57 boby,jedno pitanje. Posto ja nemam veze sa linux-om sad vidjoh na jedan micro-ov dvd da imam knopix( ii da se podize sa cd-a) da li bih mogao preko njega da obrisem tj ocistim usb??

Profil

bobby Poslao: 03 Jun 2008 22:59 Idi na vrh
offline bobby Administrator Pridružio: 04 Sep 2003 Poruke: 24135 Gde živiš: Wien	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Mozes preko Knoppixa, zasto da ne. Izbrisi sve autorun.inf fajlove, kao i onaj 2ifteri.cmd. Zapravo, ukoliko ti podaci sa USB stickova ne znace puno, najbolje je da obrises kompletan sadrzaj USB stickova.

Profil

nirre Poslao: 03 Jun 2008 23:56 Idi na vrh
offline nirre Super građanin Pridružio: 26 Mar 2005 Poruke: 1489 Gde živiš: Podgorica	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! na usb nema nicega(sem tih gadnih fajlova autorun i taj drugi ali ja ih obrisem i posle toga se virus javi

Profil

bobby Poslao: 04 Jun 2008 00:01 Idi na vrh
offline bobby Administrator Pridružio: 04 Sep 2003 Poruke: 24135 Gde živiš: Wien	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Javio se ponovo? Obrisao si autorun.inf i 2ifteri.cmd iz Knoppixa, i opet su se javili nakon brisanja?

Profil

nirre Poslao: 10 Jun 2008 01:01 Idi na vrh
offline nirre Super građanin Pridružio: 26 Mar 2005 Poruke: 1489 Gde živiš: Podgorica	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! bobby ::Javio se ponovo? Obrisao si autorun.inf i 2ifteri.cmd iz Knoppixa, i opet su se javili nakon brisanja? ne,ne nisam jos nista radio sa knopixo-om samo ti kazem kakva je situacija kada brisem iz win-a Dopuna: 10 Jun 2008 0:42 bobby da ti pricam sta se sve izdesavalo sa amvo-om u medjuvremenu naime,ja ti pokrenem linux da bih ocistio fleske ali kad je linux bio pokrenut sa cd-a meni je radio samo 1 usb ulaz na kompu(i iskoristio sam ga misa) a tastatura nije radila i ja probam tu da stavim flesku kad nece,ne poznaje opste da je prikljucena za komp i ja odustanem sa time i odustanem opste sa ciscenjem(fleske nisam opste prikljucivao na komp jer mi mrsko bilo posle sa combom sve da radim. U medjuvremenu ja vidim na forumu izasao KIS 2009 i rijesih da ga probam a i vrijeme mi vise da malo NOD32 promijenim,dosta sam ga imao i ja odradim update i full scan i on mi nadje neke trojance(sve isti) u system volume information(vidi sliku) i pobrise ih i meni bas cudno,oko 11 ih nasao.Onda sam bio primoran da prikljucim tel na komp iako to nisam htjeo jer sam znao da ce da mi zarazi komp odma i ja drzim shift,stavljam kabal u komp kad sta vidis,KIS se upali i obrisa 2ifetri ili vec kako se zove i autorun i ja opet preskeniram mobilni sa KIS i on nadje opet nesto(kad ono isti onaj trojan kao prije sto KIS nasao) i onda mi tel nije zarazio komp.Ja odlucih da tako uradim sa svakom fleskom i na sve 3 mi isto nadje(isti trojan) i obrise ga i sada stavljam fleske bez shifta i ne zarazi mi komp(za sada a nadam se da nece ni kasnije) sto po meni znaci da je problem mozda rijesen(jer mi pokazuje hidden file,po tome znam) ali cu ti ipak dostavit log od combo-a sada Dopuna: 10 Jun 2008 0:43 Zaboravih sliku da ti okacim Dopuna: 10 Jun 2008 1:01 Odradih log ali mi je kasperski izbacao ogroman broj onih obavjestenja za vrijem skeniranja i po prvi put mi je comboo restartovao racunar,a evo log-a ComboFix 08-06-01.3 - erin 2008-06-10 0:45:32.10 - NTFSx86 Running from: C:\Documents and Settings\erin\Desktop\ComboFix.exe WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !! . ((((((((((((((((((((((((( Files Created from 2008-05-09 to 2008-06-09 ))))))))))))))))))))))))))))))) . 2008-06-09 19:49 . 2008-06-09 19:58 96,966 --a------ C:\WINDOWS\system32\drivers\klin.dat 2008-06-09 19:49 . 2008-06-09 19:58 88,774 --a------ C:\WINDOWS\system32\drivers\klick.dat 2008-06-09 19:48 . 2008-06-09 19:48 <DIR> d-------- C:\Program Files\Kaspersky Lab 2008-06-09 19:48 . 2008-06-09 20:01 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab 2008-06-09 19:48 . 2008-06-10 00:49 1,989,152 --ahs---- C:\WINDOWS\system32\drivers\fidbox.dat 2008-06-09 19:48 . 2008-06-10 00:49 229,408 --ahs---- C:\WINDOWS\system32\drivers\fidbox2.dat 2008-06-09 19:48 . 2008-06-10 00:49 17,668 --ahs---- C:\WINDOWS\system32\drivers\fidbox.idx 2008-06-09 19:48 . 2008-06-10 00:49 2,912 --ahs---- C:\WINDOWS\system32\drivers\fidbox2.idx 2008-06-09 19:46 . 2008-06-09 19:46 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup Files 2008-06-08 23:34 . 2008-06-08 23:34 <DIR> d-------- C:\Program Files\Xara 2008-06-08 23:23 . 2008-06-08 23:23 32 --a------ C:\WINDOWS\tdlp32.ini 2008-06-08 19:31 . 2004-08-04 00:56 294,912 --a------ C:\WINDOWS\system32\msh263.drv 2008-06-06 22:22 . 2008-06-06 22:22 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Adobe Systems 2008-06-06 22:21 . 2008-06-06 22:21 <DIR> d-------- C:\Program Files\Common Files\Adobe Systems Shared 2008-06-06 22:20 . 2008-06-06 22:24 <DIR> d-------- C:\Program Files\Common Files\Adobe 2008-06-02 14:54 . 2008-06-03 00:09 250 --a------ C:\WINDOWS\gmer.ini 2008-05-30 06:55 . 2008-05-30 06:55 6,144 --ahs---- C:\WINDOWS\Thumbs.db 2008-05-25 22:44 . 2008-05-25 22:44 <DIR> d-------- C:\Documents and Settings\erin\Application Data\ABBYY 2008-05-25 22:43 . 2008-05-25 22:43 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\ABBYY 2008-05-25 22:40 . 2008-05-25 22:46 <DIR> d-------- C:\Program Files\ABBYY FineReader 7.0 Professional Edition 2008-05-22 22:36 . 2004-05-14 16:53 462,848 --a------ C:\WINDOWS\system32\ltkrn13n.dll 2008-05-22 22:36 . 2004-05-14 16:53 450,560 --a------ C:\WINDOWS\system32\ltimg13n.dll 2008-05-22 22:36 . 2004-05-14 16:53 401,408 --a------ C:\WINDOWS\system32\lfcmp13n.dll 2008-05-22 22:36 . 2004-05-14 16:53 299,008 --a------ C:\WINDOWS\system32\ltdis13n.dll 2008-05-22 22:36 . 2004-01-12 02:09 206,336 --a------ C:\WINDOWS\system32\ltefx13n.dll 2008-05-22 22:36 . 2004-05-14 16:53 163,840 --a------ C:\WINDOWS\system32\ltfil13n.dll 2008-05-22 22:36 . 2003-11-04 15:10 69,632 --a------ C:\WINDOWS\system32\lfgif13n.dll 2008-05-22 22:36 . 2004-05-14 16:53 57,344 --a------ C:\WINDOWS\system32\lfbmp13n.dll 2008-05-21 12:27 . 2008-05-21 12:27 <DIR> d-------- C:\Program Files\Common Files\Skype 2008-05-21 12:27 . 2008-05-21 12:28 <DIR> d-------- C:\Documents and Settings\erin\Application Data\Skype 2008-05-21 12:27 . 2008-05-21 12:27 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Skype 2008-05-21 12:26 . 2008-05-21 12:27 <DIR> d-------- C:\Program Files\Skype 2008-05-20 14:09 . 2008-06-09 19:40 <DIR> d-------- C:\Program Files\Sony Ericsson 2008-05-14 00:11 . 2004-08-04 00:56 221,184 --a------ C:\WINDOWS\system32\wmpns.dll 2008-05-13 10:57 . 2007-07-30 19:19 271,224 --a------ C:\WINDOWS\system32\mucltui.dll 2008-05-13 10:57 . 2007-07-30 19:19 207,736 --a------ C:\WINDOWS\system32\muweb.dll 2008-05-13 10:57 . 2007-07-30 19:19 30,072 --a------ C:\WINDOWS\system32\mucltui.dll.mui 2008-05-12 16:08 . 2008-05-12 16:08 <DIR> d-------- C:\Program Files\Spybot - Search & Destroy 2008-05-12 16:08 . 2008-05-25 12:43 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy 2008-05-12 16:03 . 2008-05-12 16:04 <DIR> d-------- C:\Program Files\Winamp . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-06-09 22:02 --------- d-----w C:\Program Files\Mozilla Thunderbird 2008-06-09 20:24 --------- d-----w C:\Documents and Settings\erin\Application Data\LimeWire 2008-06-09 17:41 --------- d-----w C:\Documents and Settings\All Users\Application Data\RFA_Backups 2008-06-08 21:21 --------- d--h--w C:\Program Files\InstallShield Installation Information 2008-06-01 11:39 --------- d-----w C:\Program Files\Common Files\Teleca Shared 2008-05-17 17:25 --------- d-----w C:\Documents and Settings\All Users\Application Data\Microsoft Help 2008-04-28 23:10 --------- d-----w C:\Program Files\Common Files\NSV 2008-04-26 11:50 --------- d-----w C:\Program Files\Opera 2008-04-25 16:21 26,964 ----a-w C:\WINDOWS\system32\drivers\klopp.dat 2008-04-20 16:36 --------- d-----w C:\Documents and Settings\erin\Application Data\Teleca 2008-04-16 18:11 --------- d-----w C:\Program Files\Audacity 1.3 Beta 2008-04-16 12:23 112,144 ----a-w C:\WINDOWS\system32\drivers\kl1.sys . ------- Sigcheck ------- 2004-08-04 00:56 14336 8f078ae4ed187aaabc0a305146de6716 C:\WINDOWS\system32\svchost.exe 2004-08-04 00:56 14336 8f078ae4ed187aaabc0a305146de6716 C:\WINDOWS\system32\dllcache\svchost.exe 2004-08-04 00:56 82944 2ed0b7f12a60f90092081c50fa0ec2b2 C:\WINDOWS\system32\ws2_32.dll 2004-08-04 00:56 82944 2ed0b7f12a60f90092081c50fa0ec2b2 C:\WINDOWS\system32\dllcache\ws2_32.dll 2004-08-04 00:56 502272 01c3346c241652f43aed8e2149881bfe C:\WINDOWS\system32\winlogon.exe 2004-08-04 00:56 502272 01c3346c241652f43aed8e2149881bfe C:\WINDOWS\system32\dllcache\winlogon.exe 2004-08-03 23:14 182912 558635d3af1c7546d26067d5d9b6959e C:\WINDOWS\system32\dllcache\ndis.sys 2004-08-03 23:14 182912 558635d3af1c7546d26067d5d9b6959e C:\WINDOWS\system32\drivers\ndis.sys 2004-08-03 23:00 29056 4448006b6bc60e6c027932cfc38d6855 C:\WINDOWS\system32\dllcache\ip6fw.sys 2004-08-03 23:00 29056 4448006b6bc60e6c027932cfc38d6855 C:\WINDOWS\system32\drivers\ip6fw.sys 2004-08-04 00:56 108032 c6ce6eec82f187615d1002bb3bb50ed4 C:\WINDOWS\system32\services.exe 2004-08-04 00:56 108032 c6ce6eec82f187615d1002bb3bb50ed4 C:\WINDOWS\system32\dllcache\services.exe 2004-08-04 00:56 13312 84885f9b82f4d55c6146ebf6065d75d2 C:\WINDOWS\system32\lsass.exe 2004-08-04 00:56 13312 84885f9b82f4d55c6146ebf6065d75d2 C:\WINDOWS\system32\dllcache\lsass.exe 2004-08-04 00:56 15360 24232996a38c0b0cf151c2140ae29fc8 C:\WINDOWS\system32\ctfmon.exe 2004-08-04 00:56 15360 24232996a38c0b0cf151c2140ae29fc8 C:\WINDOWS\system32\dllcache\ctfmon.exe . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note* empty entries & legit default entries are not shown REGEDIT4 [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C}] 2008-04-25 18:22 62728 --a------ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ievkbd.dll [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 00:56 15360] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "AVP"="C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe" [2008-04-25 18:21 201992] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "VIDC.YV12"= yv12vfw.dll [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusDisableNotify"=dword:00000001 "UpdatesDisableNotify"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "C:\\Program Files\\LimeWire\\LimeWire.exe"= "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"= "C:\\Program Files\\Skype\\Phone\\Skype.exe"= "C:\\Documents and Settings\\All Users\\Application Data\\Kaspersky Lab Setup Files\\Kaspersky Internet Security 2009\\english\\setup.exe"= R0 klbg;Kaspersky Lab Boot Guard Driver;C:\WINDOWS\system32\drivers\klbg.sys [2008-01-29 18:29] R3 KLFLTDEV;Kaspersky Lab KLFltDev;C:\WINDOWS\system32\DRIVERS\klfltdev.sys [2008-03-13 19:02] R3 klim5;Kaspersky Anti-Virus NDIS Filter;C:\WINDOWS\system32\DRIVERS\klim5.sys [2008-03-25 20:07] R3 SNPHV71;PC Camera (602a VGA);C:\WINDOWS\system32\DRIVERS\snphv71.sys [2002-11-08 18:24] . ************************************************************************ catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-06-10 00:51:15 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ********************************************************************** . ------------------------ Other Running Processes ------------------------ . C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe . ************************************************************************ . Completion time: 2008-06-10 0:58:32 - machine was rebooted ComboFix-quarantined-files.txt 2008-06-09 22:58:25 Pre-Run: 15,472,021,504 bytes free Post-Run: 15,407,239,168 bytes free 134 --- E O F --- 2008-06-01 11:45:49

Profil

bobby Poslao: 10 Jun 2008 19:56 Idi na vrh
offline bobby Administrator Pridružio: 04 Sep 2003 Poruke: 24135 Gde živiš: Wien	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Jel ti je HD SATA ili obican ATA?

Profil

MyCity » Ambulanta -> Arhiva Ambulante » [bobby] Log na prvojeru

Ko je trenutno na forumu

Ukupno su 935 korisnika na forumu :: 36 registrovanih, 8 sakrivenih i 891 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: A.R.Chafee.Jr., CikaKURE, darkojbn, Denaya, Dimitrise93, djboj, galerija, hologram, janbo, kjkszpj, Krvava Devetka, kybonacci, laganini123, Lieutenant, mačković, mercedesamg, Mi lao shu, mik7, mikrimaus, Milos ZA, milutin134, misa2, Mlav, mnn2, mrvica78, nenad81, NikolaGTR, panzerwaffe, raptorsi, royst33, ruger357, sasa87, Stanlio, Trpe Grozni, zixmix, šumar bk2

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by