Kako da upalim Security u Windows 7

4

Kako da upalim Security u Windows 7

offline
  • Miloš
  • Pridružio: 26 Jan 2011
  • Poruke: 1390
  • Gde živiš: Beograd, Zvezdara

Uspesno sam Upload-ovao fajlove

offline
  • Pridružio: 02 Feb 2008
  • Poruke: 14018
  • Gde živiš: Nish

Izvinjavam se sto malo kasnim sa odgovorom.



Arrow



Otvoriti Notepad i iskopirati sledeci tekst:

SecCenter::
{C37D8F93-0602-E43C-40AA-47DAD597F308}
{77DEAFED-8149-104B-25A1-21771CA47CD1}
{781C6E77-2038-EBB2-7A1A-7CA8AE10B9B5}
{CCBF4E09-A773-1FC5-1F11-1A056723366C}

KillAll::

File::
c:\windows\Xtahyg.exe
c:\windows\Xtahyf.exe
c:\windows\Xtahye.exe
c:\windows\Xtahyd.exe
c:\windows\Xtahyc.exe
c:\windows\Xtahyb.exe
c:\windows\Xtahya.exe

DirLook::
c:\programdata\jFlJhAn08501
c:\windows\system32\%APPDATA%


DDS::
uStart Page = hxxp://start.facemoods.com/?a=wbst

Firefox::
FF - ProfilePath - c:\users\lelic\AppData\Roaming\Mozilla\Firefox\Profiles\rcmc0tal.default\
FF - prefs.js: browser.startup.homepage - hxxp://start.facemoods.com/?a=wbst
FF - prefs.js: keyword.URL - hxxp://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=ZLman000&ptb=5TNF9DFAo.9gt1GP0UVApA&psa=&ind=2010111506&ptnrS=ZLman000&si=&st=kwd&n=77cfde12&searchfor=
FF - Ext: Facemoods: ffxtlbr@Facemoods.com - %profile%\extensions\ffxtlbr@Facemoods.com

RegLock::
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,d8,9e,da,34,95,c5,50,4c,b7,1a,cf,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,d8,9e,da,34,95,c5,50,4c,b7,1a,cf,\
[HKEY_USERS\S-1-5-21-83685119-447350358-3884237969-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"
[HKEY_USERS\S-1-5-21-83685119-447350358-3884237969-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)


Snimiti na Desktop fajl iz Notepada kao "CFScript"




Prevuci snimljeni skript/tekst na ComboFix ikonicu kao na slici.
Postaviti u sledecoj poruci log koji bude bio napravljen na kraju ciscenja/skeniranja.







goran9888 (AMF Tim)

offline
  • Miloš
  • Pridružio: 26 Jan 2011
  • Poruke: 1390
  • Gde živiš: Beograd, Zvezdara

ComboFix 11-02-08.02 - lelic 02/08/2011 22:17:32.2.2 - x86
Microsoft Windows 7 Ultimate 6.1.7600.0.1252.1.1033.18.2046.1326 [GMT 1:00]
Running from: c:\users\lelic\Downloads\ComboFix.exe
Command switches used :: c:\users\lelic\Documents\Desktop\CFScript.txt
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point

FILE ::
"c:\windows\Xtahya.exe"
"c:\windows\Xtahyb.exe"
"c:\windows\Xtahyc.exe"
"c:\windows\Xtahyd.exe"
"c:\windows\Xtahye.exe"
"c:\windows\Xtahyf.exe"
"c:\windows\Xtahyg.exe"
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\users\lelic\AppData\Roaming\Mozilla\Firefox\Profiles\rcmc0tal.default\extensions\ffxtlbr@Facemoods.com
c:\users\lelic\AppData\Roaming\Mozilla\Firefox\Profiles\rcmc0tal.default\extensions\ffxtlbr@Facemoods.com\chrome.manifest
c:\users\lelic\AppData\Roaming\Mozilla\Firefox\Profiles\rcmc0tal.default\extensions\ffxtlbr@Facemoods.com\components\FFHst.dll
c:\users\lelic\AppData\Roaming\Mozilla\Firefox\Profiles\rcmc0tal.default\extensions\ffxtlbr@Facemoods.com\components\FFHst.xpt
c:\users\lelic\AppData\Roaming\Mozilla\Firefox\Profiles\rcmc0tal.default\extensions\ffxtlbr@Facemoods.com\content\facemoods.css
c:\users\lelic\AppData\Roaming\Mozilla\Firefox\Profiles\rcmc0tal.default\extensions\ffxtlbr@Facemoods.com\content\facemoods.png
c:\users\lelic\AppData\Roaming\Mozilla\Firefox\Profiles\rcmc0tal.default\extensions\ffxtlbr@Facemoods.com\content\facemoods.xul
c:\users\lelic\AppData\Roaming\Mozilla\Firefox\Profiles\rcmc0tal.default\extensions\ffxtlbr@Facemoods.com\content\fcmdDef.js
c:\users\lelic\AppData\Roaming\Mozilla\Firefox\Profiles\rcmc0tal.default\extensions\ffxtlbr@Facemoods.com\content\images\facebook_But.png
c:\users\lelic\AppData\Roaming\Mozilla\Firefox\Profiles\rcmc0tal.default\extensions\ffxtlbr@Facemoods.com\content\images\facebook_But2.png
c:\users\lelic\AppData\Roaming\Mozilla\Firefox\Profiles\rcmc0tal.default\extensions\ffxtlbr@Facemoods.com\content\images\facemoods.png
c:\users\lelic\AppData\Roaming\Mozilla\Firefox\Profiles\rcmc0tal.default\extensions\ffxtlbr@Facemoods.com\content\images\fb.gif
c:\users\lelic\AppData\Roaming\Mozilla\Firefox\Profiles\rcmc0tal.default\extensions\ffxtlbr@Facemoods.com\content\images\fbhome.gif
c:\users\lelic\AppData\Roaming\Mozilla\Firefox\Profiles\rcmc0tal.default\extensions\ffxtlbr@Facemoods.com\content\images\fbmsgs.gif
c:\users\lelic\AppData\Roaming\Mozilla\Firefox\Profiles\rcmc0tal.default\extensions\ffxtlbr@Facemoods.com\content\images\fbphotos.gif
c:\users\lelic\AppData\Roaming\Mozilla\Firefox\Profiles\rcmc0tal.default\extensions\ffxtlbr@Facemoods.com\content\images\fbprofile.gif
c:\users\lelic\AppData\Roaming\Mozilla\Firefox\Profiles\rcmc0tal.default\extensions\ffxtlbr@Facemoods.com\content\images\fbsettings.gif
c:\users\lelic\AppData\Roaming\Mozilla\Firefox\Profiles\rcmc0tal.default\extensions\ffxtlbr@Facemoods.com\content\images\fbshare.gif
c:\users\lelic\AppData\Roaming\Mozilla\Firefox\Profiles\rcmc0tal.default\extensions\ffxtlbr@Facemoods.com\content\images\fbuploads.gif
c:\users\lelic\AppData\Roaming\Mozilla\Firefox\Profiles\rcmc0tal.default\extensions\ffxtlbr@Facemoods.com\content\images\help_16.gif
c:\users\lelic\AppData\Roaming\Mozilla\Firefox\Profiles\rcmc0tal.default\extensions\ffxtlbr@Facemoods.com\content\images\home.gif
c:\users\lelic\AppData\Roaming\Mozilla\Firefox\Profiles\rcmc0tal.default\extensions\ffxtlbr@Facemoods.com\content\images\ibario_ball.png
c:\users\lelic\AppData\Roaming\Mozilla\Firefox\Profiles\rcmc0tal.default\extensions\ffxtlbr@Facemoods.com\content\images\logo.png
c:\users\lelic\AppData\Roaming\Mozilla\Firefox\Profiles\rcmc0tal.default\extensions\ffxtlbr@Facemoods.com\content\images\moodsIcon.png
c:\users\lelic\AppData\Roaming\Mozilla\Firefox\Profiles\rcmc0tal.default\extensions\ffxtlbr@Facemoods.com\content\images\pref.jpg
c:\users\lelic\AppData\Roaming\Mozilla\Firefox\Profiles\rcmc0tal.default\extensions\ffxtlbr@Facemoods.com\content\images\privecy_16_hot.gif
c:\users\lelic\AppData\Roaming\Mozilla\Firefox\Profiles\rcmc0tal.default\extensions\ffxtlbr@Facemoods.com\content\images\stripicons.png
c:\users\lelic\AppData\Roaming\Mozilla\Firefox\Profiles\rcmc0tal.default\extensions\ffxtlbr@Facemoods.com\content\images\tellafriend.gif
c:\users\lelic\AppData\Roaming\Mozilla\Firefox\Profiles\rcmc0tal.default\extensions\ffxtlbr@Facemoods.com\content\images\Thumbs.db
c:\users\lelic\AppData\Roaming\Mozilla\Firefox\Profiles\rcmc0tal.default\extensions\ffxtlbr@Facemoods.com\content\images\vssver.scc
c:\users\lelic\AppData\Roaming\Mozilla\Firefox\Profiles\rcmc0tal.default\extensions\ffxtlbr@Facemoods.com\content\instlgc.js
c:\users\lelic\AppData\Roaming\Mozilla\Firefox\Profiles\rcmc0tal.default\extensions\ffxtlbr@Facemoods.com\content\JSonButtons.js
c:\users\lelic\AppData\Roaming\Mozilla\Firefox\Profiles\rcmc0tal.default\extensions\ffxtlbr@Facemoods.com\content\Loader.js
c:\users\lelic\AppData\Roaming\Mozilla\Firefox\Profiles\rcmc0tal.default\extensions\ffxtlbr@Facemoods.com\content\mtrprt.js
c:\users\lelic\AppData\Roaming\Mozilla\Firefox\Profiles\rcmc0tal.default\extensions\ffxtlbr@Facemoods.com\content\newTabLgc.js
c:\users\lelic\AppData\Roaming\Mozilla\Firefox\Profiles\rcmc0tal.default\extensions\ffxtlbr@Facemoods.com\content\PPCB.js
c:\users\lelic\AppData\Roaming\Mozilla\Firefox\Profiles\rcmc0tal.default\extensions\ffxtlbr@Facemoods.com\content\preferences\preferences.js
c:\users\lelic\AppData\Roaming\Mozilla\Firefox\Profiles\rcmc0tal.default\extensions\ffxtlbr@Facemoods.com\content\preferences\preferences.xul
c:\users\lelic\AppData\Roaming\Mozilla\Firefox\Profiles\rcmc0tal.default\extensions\ffxtlbr@Facemoods.com\content\prefman.js
c:\users\lelic\AppData\Roaming\Mozilla\Firefox\Profiles\rcmc0tal.default\extensions\ffxtlbr@Facemoods.com\content\script-compiler.js
c:\users\lelic\AppData\Roaming\Mozilla\Firefox\Profiles\rcmc0tal.default\extensions\ffxtlbr@Facemoods.com\content\Thumbs.db
c:\users\lelic\AppData\Roaming\Mozilla\Firefox\Profiles\rcmc0tal.default\extensions\ffxtlbr@Facemoods.com\content\utils.js
c:\users\lelic\AppData\Roaming\Mozilla\Firefox\Profiles\rcmc0tal.default\extensions\ffxtlbr@Facemoods.com\content\vssver.scc
c:\users\lelic\AppData\Roaming\Mozilla\Firefox\Profiles\rcmc0tal.default\extensions\ffxtlbr@Facemoods.com\content\xmlhttprequester.js
c:\users\lelic\AppData\Roaming\Mozilla\Firefox\Profiles\rcmc0tal.default\extensions\ffxtlbr@Facemoods.com\content\xpiInstallLgc.js
c:\users\lelic\AppData\Roaming\Mozilla\Firefox\Profiles\rcmc0tal.default\extensions\ffxtlbr@Facemoods.com\defaults\preferences\instlPref.js
c:\users\lelic\AppData\Roaming\Mozilla\Firefox\Profiles\rcmc0tal.default\extensions\ffxtlbr@Facemoods.com\defaults\preferences\vssver.scc
c:\users\lelic\AppData\Roaming\Mozilla\Firefox\Profiles\rcmc0tal.default\extensions\ffxtlbr@Facemoods.com\install.rdf
c:\users\lelic\AppData\Roaming\Mozilla\Firefox\Profiles\rcmc0tal.default\extensions\ffxtlbr@Facemoods.com\vssver.scc
c:\windows\Tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job
c:\windows\Xtahya.exe
c:\windows\Xtahyb.exe
c:\windows\Xtahyc.exe
c:\windows\Xtahyd.exe
c:\windows\Xtahye.exe
c:\windows\Xtahyf.exe
c:\windows\Xtahyg.exe

.
((((((((((((((((((((((((( Files Created from 2011-01-08 to 2011-02-08 )))))))))))))))))))))))))))))))
.

2011-02-08 21:22 . 2011-02-08 21:22 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-02-08 11:26 . 2011-02-08 11:26 -------- d-----w- c:\windows\W7FBC
2011-02-07 22:27 . 2011-02-07 22:27 -------- d-----w- c:\users\lelic\AppData\Local\{8570ADB7-CF80-4724-B1C2-2F17938E5BF7}
2011-02-07 22:18 . 2011-02-07 22:18 -------- d-----w- c:\users\lelic\AppData\Local\{C59FCCA1-8F11-4AFB-AF00-43AD4ED8E546}
2011-02-07 22:16 . 2011-02-08 21:24 -------- d-----w- c:\users\lelic\AppData\Local\temp
2011-02-07 14:38 . 2011-02-07 14:38 -------- d-----w- c:\users\lelic\AppData\Local\{C077B9DF-16E7-49D2-941B-B2987FF10DC2}
2011-02-07 13:52 . 2011-02-07 13:52 -------- d-----w- c:\users\lelic\Sisanje (2)
2011-02-07 13:48 . 2011-02-07 13:48 -------- d-----w- c:\users\lelic\AppData\Local\{317A4183-8F68-4ABF-A3B2-FE45403B4E7B}
2011-02-07 10:08 . 2011-02-07 10:12 -------- d-----w- c:\users\lelic\New folder
2011-02-07 09:06 . 2011-02-07 09:06 -------- d-sh--w- c:\windows\system32\%APPDATA%
2011-02-07 09:06 . 2011-02-07 09:06 -------- d-----w- c:\users\lelic\AppData\Local\{436EFF75-7F23-490A-8405-47DC7E5104B3}
2011-02-06 14:37 . 2011-02-06 14:37 -------- d-----w- c:\program files\My Lockbox
2011-02-06 14:37 . 2010-07-22 15:13 41912 ----a-w- c:\windows\system32\drivers\FSPFltd.sys
2011-02-06 11:39 . 2011-02-06 11:39 -------- d-----w- c:\users\lelic\AppData\Local\{2ECF135B-FE7E-4F2A-8303-D826992FEFF0}
2011-02-05 21:20 . 2011-02-05 21:20 -------- d-----w- c:\users\lelic\AppData\Roaming\Publish Providers
2011-02-05 20:44 . 2011-02-05 20:44 -------- d-----w- c:\users\lelic\AppData\Local\{E9349233-3960-44C9-86D8-AFD6BB6A9A88}
2011-02-05 19:53 . 2011-02-05 19:54 -------- d-----w- c:\users\lelic\AppData\Local\{B60F1F44-14E6-4A5C-B34D-248AE4CDD4D7}
2011-02-05 17:44 . 2011-02-05 17:44 -------- d-----w- c:\users\lelic\AppData\Local\{F599234E-8557-42A5-B273-6CCD1F4E06A0}
2011-02-05 14:20 . 2011-02-05 14:20 -------- d-----w- c:\users\lelic\AppData\Local\{566D7D25-CB59-416F-B87E-CC81C12465D2}
2011-02-05 10:25 . 2011-02-05 10:25 -------- d-----w- C:\$AVG
2011-02-05 10:08 . 2011-02-05 10:08 -------- d--h--w- c:\programdata\Common Files
2011-02-05 10:06 . 2011-02-05 20:39 -------- d-----w- c:\programdata\AVG10
2011-02-05 10:05 . 2011-02-05 20:37 -------- d-----w- c:\program files\AVG
2011-02-05 09:36 . 2011-02-05 20:39 -------- d-----w- c:\programdata\MFAData
2011-02-05 09:21 . 2011-02-05 09:21 -------- d-----w- c:\users\lelic\AppData\Local\{8C613668-C84A-4C54-8898-D79CFB5A19AD}
2011-02-04 18:08 . 2011-02-05 20:39 -------- d-----w- c:\program files\PC Tools Security
2011-02-04 18:08 . 2011-02-05 20:39 -------- d-----w- c:\program files\Common Files\PC Tools
2011-02-04 17:31 . 1997-07-19 16:00 604432 ----a-w- c:\windows\system32\COMCTL32.OCX
2011-02-04 17:31 . 2011-02-05 20:37 -------- d-----w- c:\program files\WebSite X5 v8 - Evolution
2011-02-04 17:30 . 2001-08-31 13:00 1355776 ----a-w- c:\windows\system32\MSVBVM50.dll
2011-02-04 17:30 . 1997-01-15 23:00 29696 ----a-w- c:\windows\system32\VB5STKIT.DLL
2011-02-04 17:30 . 2009-03-15 16:35 207872 ----a-w- c:\windows\system32\iwpsetup.exe
2011-02-04 17:24 . 2011-02-05 09:27 -------- d-----w- c:\programdata\jFlJhAn08501
2011-02-04 10:10 . 2011-02-04 10:10 -------- d-----w- c:\users\lelic\AppData\Local\{1BD4063F-0603-4089-AC00-45A851328FD8}
2011-02-04 08:18 . 2011-02-04 08:18 -------- d-----w- c:\users\lelic\AppData\Local\{5C995F05-E648-427D-9E56-E85F48698FB7}
2011-02-03 09:04 . 2011-02-03 09:07 -------- d-----w- C:\My Folder
2011-02-03 01:16 . 2011-02-03 01:16 -------- d-----w- c:\users\lelic\AppData\Local\{20F7ABCA-2B79-4C87-A56B-5B7AFDF22CE5}
2011-02-03 01:16 . 2011-02-03 01:16 -------- d-----w- c:\users\lelic\AppData\Local\Windows Live Writer
2011-02-03 01:16 . 2011-02-03 01:16 -------- d-----w- c:\users\lelic\AppData\Roaming\Windows Live Writer
2011-02-02 18:55 . 2011-02-02 18:55 -------- d-----w- c:\users\lelic\AppData\Local\{903A3E21-124D-422A-B02C-A2E5540AC892}
2011-02-02 09:34 . 2011-02-02 09:34 -------- d-----w- c:\users\lelic\AppData\Local\{D66A4F2B-C835-4C3C-87F6-DF05199971A1}
2011-02-01 08:25 . 2011-02-01 08:25 -------- d-----w- c:\users\lelic\AppData\Local\{FBA7577F-E27B-4692-BEC7-C8CEA1706D90}
2011-01-31 08:39 . 2011-01-31 08:39 -------- d-----w- c:\users\lelic\AppData\Local\{AA20A132-1B5A-4145-B466-2F4645C51170}
2011-01-31 08:39 . 2011-01-31 08:39 -------- d-----w- c:\users\lelic\AppData\Local\{73BA6324-1E08-4E2E-B713-D544D6BF45ED}
2011-01-30 16:11 . 2011-01-30 16:11 -------- d-----w- c:\users\lelic\AppData\Local\{B7AA6E90-5A14-46BF-AE60-B59DB3C23652}
2011-01-30 13:53 . 2011-02-05 20:48 -------- d-----w- C:\wamp
2011-01-30 13:00 . 2011-02-05 20:39 -------- d-----w- c:\program files\trend micro
2011-01-30 13:00 . 2011-01-30 13:01 -------- d-----w- C:\rsit
2011-01-30 09:47 . 2011-01-30 09:47 -------- d-----w- c:\users\lelic\AppData\Local\{CFF29529-05D9-4EEF-AC56-9FC1BF341568}
2011-01-29 17:54 . 2011-02-05 20:37 -------- d-----w- c:\program files\Counter-Strike Source
2011-01-29 10:06 . 2011-01-29 10:06 -------- d-----w- c:\users\lelic\AppData\Local\{0F143118-022F-4734-988A-0D18A64CFABB}
2011-01-29 09:46 . 2011-01-29 09:46 -------- d-----w- c:\users\lelic\AppData\Local\{E224A9D2-9A80-45F0-AB9A-CE346DA7BA55}
2011-01-28 20:26 . 2011-01-28 20:26 -------- d-----w- c:\users\lelic\AppData\Local\{DC32CDAC-8B9D-484F-8193-02D3FE416EAF}
2011-01-28 20:25 . 2011-02-08 21:24 -------- d-----w- c:\users\lelic\Tracing
2011-01-28 19:21 . 2011-02-05 20:37 -------- d-----w- c:\program files\Windows Live
2011-01-28 19:21 . 2011-01-28 19:21 -------- d-----w- c:\windows\PCHEALTH
2011-01-28 19:18 . 2011-02-06 16:39 -------- d-----w- c:\users\lelic\AppData\Local\Windows Live
2011-01-28 19:18 . 2011-02-05 20:37 -------- d-----w- c:\program files\Common Files\Windows Live
2011-01-21 11:31 . 2011-02-05 20:37 -------- d-----w- c:\program files\Game House
2011-01-21 11:30 . 2011-01-21 11:30 -------- d-----w- c:\programdata\PopCap Games
2011-01-19 19:54 . 2011-02-05 20:37 -------- d-----w- c:\program files\KONAMI
2011-01-19 19:54 . 2011-01-19 19:54 -------- d-----w- c:\programdata\KONAMI
2011-01-17 15:05 . 2011-02-05 20:37 -------- d-----w- c:\program files\Counter-Strike
2011-01-17 13:47 . 2011-02-05 20:37 -------- d-----w- c:\program files\REDEMAX
2011-01-16 12:27 . 2011-01-16 12:27 -------- d-----w- c:\program files\BitTorrent
2011-01-16 10:16 . 2011-02-05 20:37 -------- d-----w- c:\program files\NJ Soft
2011-01-14 11:52 . 2011-02-05 20:37 -------- d-----w- c:\programdata\Sony

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-01-07 22:27 . 2010-12-20 20:06 4277016 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\markup.dll
2011-01-07 22:26 . 2010-12-20 20:05 42776 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM-2\StartResources.dll
2011-01-07 21:26 . 2010-08-09 17:26 737072 ----a-w- c:\programdata\Microsoft\eHome\Packages\SportsV2\SportsTemplateCore\Microsoft.MediaCenter.Sports.UI.dll
2011-01-07 21:25 . 2010-08-09 17:26 4277016 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\markup.dll
2011-01-07 21:24 . 2010-08-09 17:25 42776 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM\StartResources.dll
2010-12-30 19:08 . 2010-09-26 20:37 138184 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2010-12-30 19:08 . 2010-09-26 20:37 183112 ----a-w- c:\windows\system32\PnkBstrB.exe
2010-12-20 20:07 . 2010-12-20 20:07 737072 ----a-w- c:\programdata\Microsoft\eHome\Packages\SportsV2\SportsTemplateCore-2\Microsoft.MediaCenter.Sports.UI.dll
2010-12-09 19:06 . 2010-12-09 19:06 539968 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
.

(((((((((((((((((((((((((((((((((((((((((((( Look )))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
---- Directory of c:\programdata\jFlJhAn08501 ----

2011-02-04 17:24 . 2011-02-04 17:33 94 ----a-w- c:\programdata\jFlJhAn08501\jFlJhAn08501

---- Directory of c:\windows\system32\%APPDATA% ----

2011-02-07 09:06 . 2011-02-07 21:51 16384 --sha-w- c:\windows\system32\%APPDATA%\Microsoft\Windows\IETldCache\index.dat


((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{00000000-6E41-4FD3-8538-502F5495E5FC}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2010-09-28 1400712]
"{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}"= "c:\program files\Softonic-Eng7\tbSoft.dll" [2010-10-10 3906656]

[HKEY_CLASSES_ROOT\clsid\{00000000-6e41-4fd3-8538-502f5495e5fc}]

[HKEY_CLASSES_ROOT\clsid\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
2010-10-10 14:51 3906656 ----a-w- c:\program files\ConduitEngine\ConduitEngine.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}]
2010-10-10 14:51 3906656 ----a-w- c:\program files\Softonic-Eng7\tbSoft.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2010-09-28 20:44 1400712 ----a-w- c:\program files\Ask.com\GenericAskToolbar.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2010-09-28 1400712]
"{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}"= "c:\program files\Softonic-Eng7\tbSoft.dll" [2010-10-10 3906656]
"{30F9B915-B755-4826-820B-08FBA6BD249D}"= "c:\program files\ConduitEngine\ConduitEngine.dll" [2010-10-10 3906656]

[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]

[HKEY_CLASSES_ROOT\clsid\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}]

[HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2010-09-28 1400712]
"{414B6D9D-4A95-4E8D-B5B1-149DD2D93BB3}"= "c:\program files\Softonic-Eng7\tbSoft.dll" [2010-10-10 3906656]

[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]

[HKEY_CLASSES_ROOT\clsid\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2007-05-16 153136]
"BitTorrent"="c:\program files\BitTorrent\BitTorrent.exe" [2011-01-16 4771184]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2010-04-01 357696]
"Steam"="c:\program files\Steam\Steam.exe" [2011-01-05 1242448]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2010-11-10 4240760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-03-01 153136]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
"BroadCam"="c:\program files\NCH Software\BroadCam\broadcam.exe" [2010-08-23 1052676]
"MFARestart"="c:\programdata\MFAData\pack\avgrunasx.exe" [2010-11-24 241504]
"mylbx"="c:\program files\My Lockbox\mylbx.exe" [2010-11-09 1792224]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\SharedTaskScheduler]
"{73526E5A-FD53-4BE7-B5E2-D3C89D7413DC}"= "c:\windows\W7FBC\dll.dll" [2011-02-08 184320]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer5"=wdmaud.drv

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2010-09-20 22:07 932288 ----a-r- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2010-09-23 03:47 35760 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2010-08-07 17:10 136176 ----atw- c:\users\lelic\AppData\Local\Google\Update\GoogleUpdate.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2009-11-10 21:08 417792 ----a-w- c:\program files\QuickTime\QTTask.exe

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 gupdate;?????? Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-08-07 136176]
R3 CFcatchme;CFcatchme;c:\users\lelic\AppData\Local\Temp\CFcatchme.sys [x]
R3 SCREAMINGBDRIVER;Screaming Bee Audio;c:\windows\system32\drivers\ScreamingBAudio.sys [2009-12-01 34384]
S0 FSProFilter;FSPro File Filter;c:\windows\System32\Drivers\FSPFltd.sys [2010-07-22 41912]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-10-14 691696]
S2 BroadCamService;BroadCam Video Streaming Server;c:\program files\NCH Software\BroadCam\broadcam.exe [2010-08-23 1052676]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2010-03-22 278560]
S3 VCSVADHWSer;Avnex Virtual Audio Device (WDM);c:\windows\system32\DRIVERS\vcsvad.sys [2008-12-26 17792]

.
Contents of the 'Scheduled Tasks' folder

2011-02-08 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-10-04 17:10]

2011-02-08 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-10-04 17:10]

2010-10-20 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-83685119-447350358-3884237969-1000Core.job
- c:\users\lelic\AppData\Local\Google\Update\GoogleUpdate.exe [2010-08-07 17:10]

2011-02-08 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-83685119-447350358-3884237969-1000UA.job
- c:\users\lelic\AppData\Local\Google\Update\GoogleUpdate.exe [2010-08-07 17:10]
.
.
------- Supplementary Scan -------
.
TCP: {5E7F5318-16F4-4915-812C-80587BBC88F8} = 10.151.56.2
FF - ProfilePath - c:\users\lelic\AppData\Roaming\Mozilla\Firefox\Profiles\rcmc0tal.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2405280&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - Ask.com
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Skype extension for Firefox: {AB2CE124-6272-4b12-94A9-7303C7397BD1} - c:\program files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
FF - Ext: Conduit Engine : engine@conduit.com - %profile%\extensions\engine@conduit.com
FF - Ext: Ask Toolbar: toolbar@ask.com - %profile%\extensions\toolbar@ask.com
FF - Ext: YouTube to MP3: youtube2mp3@mondayx.de - %profile%\extensions\youtube2mp3@mondayx.de
FF - Ext: Softonic-Eng7 Toolbar: {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - %profile%\extensions\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}
FF - Ext: Stylish: {46551EC9-40F0-4e47-8E18-8E5CF550CFB8} - %profile%\extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}
FF - Ext: Metal3D: {48e23fba-bb14-4745-b768-382150cd83fb} - %profile%\extensions\{48e23fba-bb14-4745-b768-382150cd83fb}
FF - Ext: Oskar: {5b175400-2368-11de-8c30-0800200c9a66} - %profile%\extensions\{5b175400-2368-11de-8c30-0800200c9a66}
.
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'Explorer.exe'(3468-)
c:\windows\W7FBC\dll.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\rundll32.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\windows\system32\taskhost.exe
c:\windows\system32\conhost.exe
c:\program files\Common Files\Ahead\Lib\NMIndexingService.exe
c:\program files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
c:\windows\system32\sppsvc.exe
.
**************************************************************************
.
Completion time: 2011-02-08 22:27:18 - machine was rebooted
ComboFix-quarantined-files.txt 2011-02-08 21:27
ComboFix2.txt 2011-02-07 22:21

Pre-Run: 100,606,894,080 bytes free
Post-Run: 100,413,394,944 bytes free

- - End Of File - - 7A21F0C2B50168B8920E6C861B960C1D

offline
  • Pridružio: 02 Feb 2008
  • Poruke: 14018
  • Gde živiš: Nish

Arrow


Instaliraj sada Anti-Virus.
Moja preporuka ti je da instaliras (samo) jedan od besplatnih varijanti tipa: Avast, Avira, AVG, Panda Cloud, Microsoft Security Essentials, itd ...



Arrow


Kakvo je sada stanje racunara?




Arrow Ukoliko zelis da proverimo USB memorijske uredjaje ...


- Preuzmi USBNoRisk na Desktop i pokreni ga duplim klikom na ikonicu programa.
- Sacekaj koji sekund dok program izvrsi inicijalno skeniranje.
- Ubacuj sve USB memorijske uredjaje redom u USB slot i svaki zadrzi u slotu po 10 sekundi.
- Ukoliko imas vise uredjaja za proveru, onda na parcetu papira zapisi kojim redom su ubacivani jer ce nam kasnije trebati taj podatak
- Kada zavrsis sa svim uredjajima, klikni desno dugme misa na sred prozora programa i odaberi opciju Save scrambled log. To ce automatski otvoriti log u Notepadu. Iskopiraj nam taj log iz Notepada na forum.

Objasnjenje: U USB memorijske uredjaje spadaju svi oni uredjaji koji po prikljucivanju na kompjuter dobijaju svoju oznaku particije. Tu spadaju USB flash drajvovi, eksterni hard-diskovi, memorijske kartice, MP3 i MP4 plejeri, neki mobilni telefoni, neki GPS (navigacioni) uredjaji itd.






goran9888 (AMF Tim)

offline
  • Miloš
  • Pridružio: 26 Jan 2011
  • Poruke: 1390
  • Gde živiš: Beograd, Zvezdara

pa sve je normalno nemam nijedan usb uredjaj sve je isto kao pre nemogu da upalim Security....da li mogu jos nesto da ucinim

offline
  • Pridružio: 02 Feb 2008
  • Poruke: 14018
  • Gde živiš: Nish

Arrow

Uradi sada ovo sto ti je kolega predlozio:

helen1 ::Probaj sledece:

Start > Search programs and files:

Internet options


U prozoru koji se otvori, na Security tabu, klikni "Reset all zones to default level", a zatim OK.



Nakon toga restartuj racunar i proveri da li je problem resen.



Arrow


Definisi mi konkretno sta je to "Security"? Security Center ili nesto drugo? Pokusao si pokretanje servisa? Koju gresku dobijes?




Arrow


Postavi mi svez DDS log da pogledam.









goran9888 (AMF Tim)

offline
  • Miloš
  • Pridružio: 26 Jan 2011
  • Poruke: 1390
  • Gde živiš: Beograd, Zvezdara

Sve mi je Kao pre!Konkretan problem je u tome da kada hocu da upalim neki program Windows Security nece da mi dozvoli da otvorim taj program!
Sto se tice Action Centra:nece da mi se upali izbaci mi sledece:"The Windows Security Center service can't be started"
_______________________________________________________________
Da li postoji neko resenje
_______________________________________________________________


DDS (Ver_10-12-12.02) - NTFSx86
Run by lelic at 22:03:01.45 on Wed 02/09/2011
Internet Explorer: 8.0.7600.16385 BrowserJavaVersion: 1.6.0_22
Microsoft Windows 7 Ultimate 6.1.7600.0.1252.1.1033.18.2046.1291 [GMT 1:00]

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\rundll32.exe
C:\Program Files\NCH Software\BroadCam\broadcam.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\NCH Software\BroadCam\broadcam.exe
C:\Program Files\My Lockbox\mylbx.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\BitTorrent\BitTorrent.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Windows\system32\SearchIndexer.exe
C:\Users\lelic\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\lelic\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\lelic\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\Common Files\Java\Java Update\jucheck.exe
C:\Users\lelic\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\taskeng.exe
C:\Users\lelic\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Users\lelic\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Users\lelic\Downloads\dds.scr
C:\Windows\system32\conhost.exe

============== Pseudo HJT Report ===============

uURLSearchHooks: UrlSearchHook Class: {00000000-6e41-4fd3-8538-502f5495e5fc} - c:\program files\ask.com\GenericAskToolbar.dll
uURLSearchHooks: Softonic-Eng7 Toolbar: {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - c:\program files\softonic-eng7\tbSoft.dll
uURLSearchHooks: H - No File
mURLSearchHooks: Softonic-Eng7 Toolbar: {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - c:\program files\softonic-eng7\tbSoft.dll
mURLSearchHooks: H - No File
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Conduit Engine: {30f9b915-b755-4826-820b-08fba6bd249d} - c:\program files\conduitengine\ConduitEngine.dll
BHO: Softonic-Eng7 Toolbar: {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - c:\program files\softonic-eng7\tbSoft.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - c:\program files\windows live\companion\companioncore.dll
BHO: Skype add-on for Internet Explorer: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - c:\program files\ask.com\GenericAskToolbar.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
TB: Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - c:\program files\ask.com\GenericAskToolbar.dll
TB: Softonic-Eng7 Toolbar: {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - c:\program files\softonic-eng7\tbSoft.dll
TB: Conduit Engine: {30f9b915-b755-4826-820b-08fba6bd249d} - c:\program files\conduitengine\ConduitEngine.dll
TB: {32099AAC-C132-4136-9E9A-4E364A424E17} - No File
uRun: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "c:\program files\common files\ahead\lib\NMBgMonitor.exe"
uRun: [BitTorrent] "c:\program files\bittorrent\BitTorrent.exe"
uRun: [DAEMON Tools Lite] c:\program files\daemon tools lite\DTLite.exe -autorun
uRun: [Steam] "c:\program files\steam\Steam.exe" -silent
uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background
mRun: [NeroFilterCheck] c:\program files\common files\ahead\lib\NeroCheck.exe
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [BroadCam] "c:\program files\nch software\broadcam\broadcam.exe" -logon
mRun: [MFARestart] "c:\programdata\mfadata\pack\avgrunasx.exe" /usereg
mRun: [mylbx] c:\program files\my lockbox\mylbx.exe /a
mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - c:\program files\windows live\companion\companioncore.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
TCP: {5E7F5318-16F4-4915-812C-80587BBC88F8} = 10.151.56.2
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
STS: AveVistaBackgroundFolder Class: {73526e5a-fd53-4be7-b5e2-d3c89d7413dc} - c:\windows\w7fbc\dll.dll

================= FIREFOX ===================

FF - ProfilePath - c:\users\lelic\appdata\roaming\mozilla\firefox\profiles\rcmc0tal.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2405280&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - Ask.com
FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\google\update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\users\lelic\appdata\local\google\update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: c:\users\lelic\appdata\locallow\unity\webplayer\loader\npUnity3D32.dll
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Skype extension for Firefox: {AB2CE124-6272-4b12-94A9-7303C7397BD1} - c:\program files\mozilla firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
FF - Ext: Conduit Engine : engine@conduit.com - %profile%\extensions\engine@conduit.com
FF - Ext: Ask Toolbar: toolbar@ask.com - %profile%\extensions\toolbar@ask.com
FF - Ext: YouTube to MP3: youtube2mp3@mondayx.de - %profile%\extensions\youtube2mp3@mondayx.de
FF - Ext: Softonic-Eng7 Toolbar: {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - %profile%\extensions\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}
FF - Ext: Stylish: {46551EC9-40F0-4e47-8E18-8E5CF550CFB8} - %profile%\extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}
FF - Ext: Metal3D: {48e23fba-bb14-4745-b768-382150cd83fb} - %profile%\extensions\{48e23fba-bb14-4745-b768-382150cd83fb}
FF - Ext: Oskar: {5b175400-2368-11de-8c30-0800200c9a66} - %profile%\extensions\{5b175400-2368-11de-8c30-0800200c9a66}

============= SERVICES / DRIVERS ===============

R0 FSProFilter;FSPro File Filter;c:\windows\system32\drivers\FSPFltd.sys [2011-2-6 41912]
R1 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2010-10-24 165264]
R2 BroadCamService;BroadCam Video Streaming Server;c:\program files\nch software\broadcam\broadcam.exe [2010-8-23 1052676]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\drivers\Rt86win7.sys [2010-8-29 278560]
R3 VCSVADHWSer;Avnex Virtual Audio Device (WDM);c:\windows\system32\drivers\vcsvad.sys [2010-12-19 17792]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
S3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\drivers\MpNWMon.sys [2010-10-24 43392]
S3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\drivers\NisDrvWFP.sys [2010-10-24 54144]
S3 NisSrv;Microsoft Network Inspection;c:\program files\microsoft security client\antimalware\NisSrv.exe [2010-11-11 206360]
S3 SCREAMINGBDRIVER;Screaming Bee Audio;c:\windows\system32\drivers\ScreamingBAudio.sys [2009-12-1 34384]

=============== Created Last 30 ================

2011-02-09 20:42:33 -------- d-----w- c:\program files\Zeallsoft
2011-02-09 20:37:50 -------- d-----w- c:\users\lelic\appdata\local\{DD0CB605-B672-49B8-8C0E-05D933A21F40}
2011-02-09 14:28:43 -------- d-----w- c:\users\lelic\appdata\local\{5BC92053-183B-48B3-B958-2680365A0960}
2011-02-09 14:25:50 -------- d-----w- c:\program files\Microsoft Security Client
2011-02-09 14:25:33 240008 ----a-w- c:\windows\system32\drivers\netio.sys
2011-02-09 11:00:02 3957120 ----a-w- c:\windows\system32\ntkrnlpa.exe
2011-02-09 11:00:02 3901824 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-02-09 11:00:02 34304 ----a-w- c:\windows\system32\atmlib.dll
2011-02-09 11:00:02 294400 ----a-w- c:\windows\system32\atmfd.dll
2011-02-09 11:00:02 1289536 ----a-w- c:\windows\system32\ntdll.dll
2011-02-09 10:59:51 981504 ----a-w- c:\windows\system32\wininet.dll
2011-02-09 10:59:51 204288 ----a-w- c:\windows\system32\upnp.dll
2011-02-09 10:59:51 1389568 ----a-w- c:\windows\system32\msxml6.dll
2011-02-09 10:59:51 1236992 ----a-w- c:\windows\system32\msxml3.dll
2011-02-09 10:59:50 80384 ----a-w- c:\windows\system32\davclnt.dll
2011-02-09 10:59:50 73728 ----a-w- c:\windows\system32\wscsvc.dll
2011-02-09 10:59:50 51200 ----a-w- c:\windows\system32\wscapi.dll
2011-02-09 10:59:50 350720 ----a-w- c:\windows\system32\winhttp.dll
2011-02-09 10:59:50 204800 ----a-w- c:\windows\system32\WebClnt.dll
2011-02-09 10:59:50 14336 ----a-w- c:\windows\system32\slwga.dll
2011-02-09 10:52:18 -------- d-----w- c:\users\lelic\appdata\local\{B560FFF4-797D-4C25-8461-C88B6444B66F}
2011-02-09 08:32:20 -------- d-----w- c:\users\lelic\appdata\local\{ACE6E37D-B542-43D8-BB70-5FFB8490D805}
2011-02-08 21:31:13 -------- d-----w- c:\users\lelic\appdata\local\{9FBCB067-E4CD-4E09-9C3F-0573177A7A0D}
2011-02-08 21:26:56 -------- d-sh--w- C:\$RECYCLE.BIN
2011-02-08 21:24:46 -------- d-----w- c:\users\lelic\appdata\local\{6484C3E4-D454-4720-81C3-17F7FF1C8AC9}
2011-02-08 11:26:32 -------- d-----w- c:\windows\W7FBC
2011-02-07 22:27:29 -------- d-----w- c:\users\lelic\appdata\local\{8570ADB7-CF80-4724-B1C2-2F17938E5BF7}
2011-02-07 22:18:43 -------- d-----w- c:\users\lelic\appdata\local\{C59FCCA1-8F11-4AFB-AF00-43AD4ED8E546}
2011-02-07 22:16:42 -------- d-----w- c:\users\lelic\appdata\local\temp
2011-02-07 21:51:52 98816 ----a-w- c:\windows\sed.exe
2011-02-07 21:51:52 89088 ----a-w- c:\windows\MBR.exe
2011-02-07 21:51:52 256512 ----a-w- c:\windows\PEV.exe
2011-02-07 21:51:52 161792 ----a-w- c:\windows\SWREG.exe
2011-02-07 14:38:44 -------- d-----w- c:\users\lelic\appdata\local\{C077B9DF-16E7-49D2-941B-B2987FF10DC2}
2011-02-07 13:52:04 -------- d-----w- c:\users\lelic\Sisanje (2)
2011-02-07 13:48:31 -------- d-----w- c:\users\lelic\appdata\local\{317A4183-8F68-4ABF-A3B2-FE45403B4E7B}
2011-02-07 10:08:35 -------- d-----w- c:\users\lelic\New folder
2011-02-07 09:06:53 -------- d-sh--w- c:\windows\system32\%APPDATA%
2011-02-07 09:06:30 -------- d-----w- c:\users\lelic\appdata\local\{436EFF75-7F23-490A-8405-47DC7E5104B3}
2011-02-06 14:37:29 41912 ----a-w- c:\windows\system32\drivers\FSPFltd.sys
2011-02-06 14:37:29 -------- d-----w- c:\program files\My Lockbox
2011-02-06 11:39:35 -------- d-----w- c:\users\lelic\appdata\local\{2ECF135B-FE7E-4F2A-8303-D826992FEFF0}
2011-02-05 20:44:42 -------- d-----w- c:\users\lelic\appdata\local\{E9349233-3960-44C9-86D8-AFD6BB6A9A88}
2011-02-05 19:53:54 -------- d-----w- c:\users\lelic\appdata\local\{B60F1F44-14E6-4A5C-B34D-248AE4CDD4D7}
2011-02-05 17:44:48 -------- d-----w- c:\users\lelic\appdata\local\{F599234E-8557-42A5-B273-6CCD1F4E06A0}
2011-02-05 14:20:16 -------- d-----w- c:\users\lelic\appdata\local\{566D7D25-CB59-416F-B87E-CC81C12465D2}
2011-02-05 10:25:32 -------- d-----w- C:\$AVG
2011-02-05 10:08:15 -------- d--h--w- c:\progra~2\Common Files
2011-02-05 10:06:41 -------- d-----w- c:\progra~2\AVG10
2011-02-05 09:36:19 -------- d-----w- c:\progra~2\MFAData
2011-02-05 09:21:15 -------- d-----w- c:\users\lelic\appdata\local\{8C613668-C84A-4C54-8898-D79CFB5A19AD}
2011-02-04 18:08:55 -------- d-----w- c:\program files\PC Tools Security
2011-02-04 18:08:55 -------- d-----w- c:\program files\common files\PC Tools
2011-02-04 17:31:10 604432 ----a-w- c:\windows\system32\COMCTL32.OCX
2011-02-04 17:31:09 -------- d-----w- c:\program files\WebSite X5 v8 - Evolution
2011-02-04 17:30:42 29696 ----a-w- c:\windows\system32\VB5STKIT.DLL
2011-02-04 17:30:42 1355776 ----a-w- c:\windows\system32\MSVBVM50.dll
2011-02-04 17:30:41 207872 ----a-w- c:\windows\system32\iwpsetup.exe
2011-02-04 17:24:48 -------- d-----w- c:\progra~2\jFlJhAn08501
2011-02-04 10:10:33 -------- d-----w- c:\users\lelic\appdata\local\{1BD4063F-0603-4089-AC00-45A851328FD8}
2011-02-04 08:18:51 -------- d-----w- c:\users\lelic\appdata\local\{5C995F05-E648-427D-9E56-E85F48698FB7}
2011-02-03 09:04:47 -------- d-----w- C:\My Folder
2011-02-03 01:16:32 -------- d-----w- c:\users\lelic\appdata\local\{20F7ABCA-2B79-4C87-A56B-5B7AFDF22CE5}
2011-02-03 01:16:20 -------- d-----w- c:\users\lelic\appdata\roaming\Windows Live Writer
2011-02-03 01:16:20 -------- d-----w- c:\users\lelic\appdata\local\Windows Live Writer
2011-02-02 18:55:39 -------- d-----w- c:\users\lelic\appdata\local\{903A3E21-124D-422A-B02C-A2E5540AC892}
2011-02-02 09:34:29 -------- d-----w- c:\users\lelic\appdata\local\{D66A4F2B-C835-4C3C-87F6-DF05199971A1}
2011-02-01 08:25:50 -------- d-----w- c:\users\lelic\appdata\local\{FBA7577F-E27B-4692-BEC7-C8CEA1706D90}
2011-01-31 08:39:56 -------- d-----w- c:\users\lelic\appdata\local\{AA20A132-1B5A-4145-B466-2F4645C51170}
2011-01-31 08:39:56 -------- d-----w- c:\users\lelic\appdata\local\{73BA6324-1E08-4E2E-B713-D544D6BF45ED}
2011-01-30 16:11:17 -------- d-----w- c:\users\lelic\appdata\local\{B7AA6E90-5A14-46BF-AE60-B59DB3C23652}
2011-01-30 13:53:42 -------- d-----w- C:\wamp
2011-01-30 13:00:39 -------- d-----w- c:\program files\trend micro
2011-01-30 09:47:10 -------- d-----w- c:\users\lelic\appdata\local\{CFF29529-05D9-4EEF-AC56-9FC1BF341568}
2011-01-29 17:54:40 -------- d-----w- c:\program files\Counter-Strike Source
2011-01-29 10:06:45 -------- d-----w- c:\users\lelic\appdata\local\{0F143118-022F-4734-988A-0D18A64CFABB}
2011-01-29 09:46:30 -------- d-----w- c:\users\lelic\appdata\local\{E224A9D2-9A80-45F0-AB9A-CE346DA7BA55}
2011-01-28 20:26:03 -------- d-----w- c:\users\lelic\appdata\local\{DC32CDAC-8B9D-484F-8193-02D3FE416EAF}
2011-01-28 20:25:49 -------- d-----w- c:\users\lelic\Tracing
2011-01-28 19:21:20 -------- d-----w- c:\windows\PCHEALTH
2011-01-28 19:18:43 -------- d-----w- c:\users\lelic\appdata\local\Windows Live
2011-01-28 19:18:41 -------- d-----w- c:\program files\common files\Windows Live
2011-01-21 11:31:28 -------- d-----w- c:\program files\Game House
2011-01-21 11:30:04 -------- d-----w- c:\progra~2\PopCap Games
2011-01-19 19:54:16 -------- d-----w- c:\program files\KONAMI
2011-01-19 19:54:16 -------- d-----w- c:\progra~2\KONAMI
2011-01-17 15:05:51 -------- d-----w- c:\program files\Counter-Strike
2011-01-17 13:47:21 -------- d-----w- c:\program files\REDEMAX
2011-01-16 12:27:42 -------- d-----w- c:\program files\BitTorrent
2011-01-16 10:16:13 -------- d-----w- c:\program files\NJ Soft

==================== Find3M ====================

2011-01-05 05:37:33 428032 ----a-w- c:\windows\system32\vbscript.dll
2011-01-05 03:37:38 2329088 ----a-w- c:\windows\system32\win32k.sys
2010-12-30 19:08:21 183112 ----a-w- c:\windows\system32\PnkBstrB.exe
2010-12-19 17:33:52 126464 --sha-r- c:\windows\system32\KBDFI19.dll
2010-12-18 05:29:40 44544 ----a-w- c:\windows\system32\licmgr10.dll
2010-12-18 05:29:31 541184 ----a-w- c:\windows\system32\kerberos.dll
2010-12-18 04:20:55 386048 ----a-w- c:\windows\system32\html.iec
2010-12-18 03:47:59 1638912 ----a-w- c:\windows\system32\mshtml.tlb

============= FINISH: 22:03:33.48 ===============

https://www.mycity.rs/must-login.png

offline
  • Pridružio: 02 Feb 2008
  • Poruke: 14018
  • Gde živiš: Nish

I dalje nisi konkretan ...


Pokusaj sto detaljnije da nam objasnis u cemu je problem.


Da li je problem i dalje ovakve prirode: http://www.mycity.rs/Ambulanta/Kako-da-upalim-Security-u-Windows-7.html#1121545




Da li si pokusao da instaliras AV? Vidim da ga i dalje nemas!
Da li si poslusao predloge iz moje prethodne poruke?





Arrow Idemo opet isto ...


Pritisni dugme i R ;

Ukucaj regedit -> pritisni Enter;

Sa leve strane, klikci na + prateci sledecu putanju:

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\

Kada stignes do kljuca Zones, klikni desni klik -> Export.

Sacuvaj fajl na Desktop i upload-uj mi u sledecoj poruci opcijom Prikaci fajl.





Arrow

Preuzmi instalaciju za program Malwarebytes Anti-Malware sa sledećeg linka:
http://www.besttechie.net/tools/mbam-setup.exe

Dvoklikom pokreni instalaciju - na samom kraju procesa, proveri da su obeležene opcije:
Update Malwarebytes' Anti-Malware;
Launch Malwarebytes Anti-Malware;

a zatim klikni Finish.

Nakon završenog ažuriranja program će se pokrenuti.

Izaberi opciju Perform Quick Scan i klikni Scan.

Po završetku procesa klikni OK, Show Results: u listi detektovanog malware-a, obeleži sve stavke i klikni Remove Selected.

Po završetku procesa, logfile će se otvoriti u Notepad-u; iskopiraj ga u temu na forumu.
Ukoliko program zatraži restart kako bi se završio proces čišćenja, obavezno ga dozvoliti.

Napomena: ako dođe do restarta na kraju procesa čišćenja, logfile će biti dostupan na Logs kartici (obeleži ga i klikni Open).






goran9888 (AMF Tim)

offline
  • Miloš
  • Pridružio: 26 Jan 2011
  • Poruke: 1390
  • Gde živiš: Beograd, Zvezdara

Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Verzija baze: 5735

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

2/10/2011 8:30:10 PM
mbam-log-2011-02-10 (20-30-09).txt

Naèin skeniranja: Brzo skeniranje
Skeniranih objekata 144947
Proteklo vreme 3 minuta(e), 3 sekundi

Inficirani procesi u memoriji: 1
Inficirani moduli u memoriji: 0
Inficirani kljuèevi u registru: 11
Inficirane vrednosti u registru: 1
Inficirani podaci u registru: 0
Inficirane fascikle: 0
Inficirane datoteke: 3

Inficirani procesi u memoriji:
c:\program files\blueberry software\bb flashback 2\flashback recorder.exe (Trojan.Zbot) -> 3948 -> Unloaded process successfully.

Inficirani moduli u memoriji:
(Maliciozne stavke nisu pronaðene)

Inficirani kljuèevi u registru:
HKEY_CLASSES_ROOT\CLSID\{1E0DE227-5CE4-4ea3-AB0C-8B03E1AA76BC} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{D518921A-4A03-425E-9873-B9A71756821E} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{CF54BE1C-9359-4395-8533-1657CF209CFE} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{E47CAEE0-DEEA-464A-9326-3F2801535A4D} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{3E1656ED-F60E-4597-B6AA-B6A58E171495} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{F42228FB-E84E-479E-B922-FBBD096E792C} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{6E74766C-4D93-4CC0-96D1-47B8E07FF9CA} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\CE8SIIFGSU (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\VXEG3ZNNE5 (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Z30KYPG3WS (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully.

Inficirane vrednosti u registru:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Media\WMSDK\Sources\f3PopularScreensavers (Adware.MyWebSearch) -> Value: f3PopularScreensavers -> Quarantined and deleted successfully.

Inficirani podaci u registru:
(Maliciozne stavke nisu pronaðene)

Inficirane fascikle:
(Maliciozne stavke nisu pronaðene)

Inficirane datoteke:
c:\program files\blueberry software\bb flashback 2\flashback recorder.exe (Trojan.Zbot) -> Quarantined and deleted successfully.
c:\Windows\System32\KBDFI19.dll (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\lelic\downloads\facebook-pic000934519.exe (Trojan.IrcBrute) -> Quarantined and deleted successfully.

https://www.mycity.rs/must-login.png
_____________________________________________________________
evo napravio sam klip u cemu je problem
http://www.youtube.com/watch?v=Y8fdZeTeZOc

offline
  • Pridružio: 02 Feb 2008
  • Poruke: 14018
  • Gde živiš: Nish

Arrow


Pritisni dugme i R ;

Ukucaj services.msc -> pritisni Enter;

Nadji service pod imenom Security Center, dvoklikom je otvori;

Startup Type namesti na Automatic;
Services Status -> Start (PRIMER)

Restartuj racunar.


Da li je problem resen?




Arrow


Posto izgleda imas problema sa izmenjanim servisima, moj predlog ti je da posetis ovu temu: LINK, skines odgovarajuci .reg fajl (obavezno za tvoju verziju Windows-a) i pokrenes. Nakon toga restartujes racunar.






goran9888 (AMF Tim)

Ko je trenutno na forumu
 

Ukupno su 936 korisnika na forumu :: 40 registrovanih, 5 sakrivenih i 891 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: A.R.Chafee.Jr., BlekMen, Brana01, bufanje, Dimitrije Paunovic, FOX, Frunze, Georgius, ivan979, Ivica1102, Karla, kovinacc, kybonacci, laurusri, Leonov, ljuba, ljubacv, Luka Blažević, M1los, milenko crazy north, milutin134, Mlav, nemkea71, nenad81, opt1, pein, Rakenica, raptorsi, sasa87, solic, sombrero, Srky Boy, Srle993, Steeeefan, vathra, Vlad000, Vlajman1957, YU-UKI, YugoSlav, zillbg