Komp se restartuje sam

Komp se restartuje sam

offline
  • Pridružio: 07 Sep 2008
  • Poruke: 49

Ovo se vec desilo jednom pre mesec, dva nisam sigurna, jutros se opet restartovao sam, ali nije hteo da pokrene windows. Tj. dodje ona poruka da za windows i onda se ponovo restartuje. Sinoc sam ga skenirala AVG-om pronasla nekih 4 virusa, obrisala (al to nije imalo veze sa ovim jutros). Ne znam da li je povezano, ali vec nekoliko dana me internet zeza, samo odjednom nece da prikaze stranice a sa konekcijom je sve u redu, onda restartujem komp i sve je normalno. Brzina konekcije mi je 3mb.

Juce sam morala da ga restartujem jer su odjednom sve ikonice nestale i nisu se vratile, odnosno vratile su se kada je krenuo da se gasi.


Jos nesto. Kada se restartovao jutros morala sam da restartujem i monitor, tj. da ga ugasim i upalim ponovo. To obicno ne moram da radim.


DDS (Ver_09-07-30.01) - NTFSx86
Run by Administrator at 12:27:49.31 on Sun 08/30/2009
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_13
Microsoft Windows XP Professional 5.1.2600.3.1252.44.1033.18.3327.2625 [GMT 2:00]

AV: AVG Anti-Virus *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
FW: AVG Firewall *disabled* {8decf618-9569-4340-b34a-d78d28969b66}

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\COMMON~1\Stardock\SDMCP.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe
C:\Program Files\EVGA Precision\EVGAPrecision.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\usbmngr.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe
C:\WINDOWS\traymanager.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\PROGRA~1\AVG\AVG8\avgfws8.exe
C:\PROGRA~1\AVG\AVG8\avgam.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\oodag.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Administrator\Desktop\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.yahoo.com/
uInternet Settings,ProxyOverride = *.local
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: ContributeBHO Class: {074c1dc5-9320-4a9a-947d-c042949c6216} - c:\program files\adobe\/Adobe Contribute CS4/contributeieplugin.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\program files\real\realplayer\rpbrowserrecordplugin.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg8\avgssie.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\progra~1\micros~1\office12\GRA8E1~1.DLL
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Megaupload Toolbar: {a057a204-bacc-4d26-c39e-35f1d2a32ec8} - c:\progra~1\megaup~2\MEGAUP~1.DLL
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\googletoolbar1.dll
BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll
BHO: IeMonitorBho Class: {bf00e119-21a3-4fd1-b178-3b8537e75c92} - c:\program files\megaupload\mega manager\MegaIEMn.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
BHO: SmartSelect Class: {f4971ee7-daa0-4053-9964-665d8ee6a077} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll
TB: &Google: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\googletoolbar1.dll
TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll
TB: Contribute Toolbar: {517bdde4-e3a7-4570-b21e-2b52b6139fc7} - c:\program files\adobe\/Adobe Contribute CS4/contributeieplugin.dll
TB: Megaupload Toolbar: {a057a204-bacc-4d26-c39e-35f1d2a32ec8} - c:\progra~1\megaup~2\MEGAUP~1.DLL
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "c:\program files\common files\ahead\lib\NMBgMonitor.exe"
uRun: [Real Desktop] "c:\program files\real desktop\Real Desktop.exe"
uRun: [AdobeBridge]
uRun: [Microsoft Drive Guard] c:\documents and settings\administrator\DrvGuard.exe
uRun: [DLD.EXE] c:\program files\download direct\DLD.exe
mRun: [LClock] c:\program files\lclock\LClock.exe
mRun: [RTHDCPL] RTHDCPL.EXE
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [nwiz] nwiz.exe /install
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"
mRun: [AVG8_TRAY] c:\progra~1\avg\avg8\avgtray.exe
mRun: [AdobeCS4ServiceManager] "c:\program files\common files\adobe\cs4servicemanager\CS4ServiceManager.exe" -launchedbylogin
mRun: [Adobe Acrobat Speed Launcher] "c:\program files\adobe\acrobat 9.0\acrobat\Acrobat_sl.exe"
mRun: [<NO NAME>]
mRun: [Acrobat Assistant 8.0] "c:\program files\adobe\acrobat 9.0\acrobat\Acrotray.exe"
mRun: [Adobe_ID0ENQBO] c:\progra~1\common~1\adobe\adobev~1\server\bin\VERSIO~2.EXE
mRun: [Launch LGDCore] "c:\program files\common files\logitech\g-series software\LGDCore.exe" /SHOWHIDE
mRun: [Launch LCDMon] "c:\program files\common files\logitech\lcd manager\lcdmon.exe"
mRun: [NeroFilterCheck] c:\windows\system32\NeroCheck.exe
mRun: [EVGAPrecision] "c:\program files\evga precision\EVGAPrecision.exe" /s
mRun: [Windows Data Serivce] usbmngr.exe
mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot
mRun: [QuickTime Task] "c:\program files\quicktime alternative\qttask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [Service] Svchosts
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
mRun: [traymanager] traymanager.exe
StartupFolder: c:\docume~1\admini~1\startm~1\programs\startup\onenot~1.lnk - c:\program files\microsoft office\office12\ONENOTEM.EXE
StartupFolder: c:\docume~1\admini~1\startm~1\programs\startup\realde~1.lnk - c:\program files\real desktop\Real Desktop.exe
IE: &Google Search - c:\program files\google\GoogleToolbar1.dll/cmsearch.html
IE: &Translate English Word - c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html
IE: Append Link Target to Existing PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIEAppend.html
IE: Backward Links - c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
IE: Cached Snapshot of Page - c:\program files\google\GoogleToolbar1.dll/cmcache.html
IE: Convert Link Target to Adobe PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xport to Microsoft Excel - c:\progra~1\micros~1\office12\EXCEL.EXE/3000
IE: Similar Pages - c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
IE: Translate Page into English - c:\program files\google\GoogleToolbar1.dll/cmtrans.html
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~1\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~1\office12\REFIEBAR.DLL
DPF: Microsoft XML Parser for Java - file://c:\windows\java\classes\xmldso.cab
DPF: {5D6F45B3-9043-443D-A792-115447494D24} - hxxp://messenger.zone.msn.com/EN-US/a-UNO1/GAME_UNO1.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\progra~1\micros~1\office12\GR99D3~1.DLL
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg8\avgpp.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Notify: avgrsstarter - avgrsstx.dll
Notify: MCPClient - c:\progra~1\common~1\stardock\mcpstub.dll
Notify: WBSrv - c:\program files\stardock\object desktop\windowblinds\wbsrv.dll
AppInit_DLLs: wbsys.dll
SSODL: 0aMCPClient - {F5DF91F9-15E9-416B-A7C3-7519B11ECBFC} - c:\progra~1\common~1\stardock\MCPCore.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\progra~1\micros~1\office12\GRA8E1~1.DLL

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\admini~1\applic~1\mozilla\firefox\profiles\pxdgk9ry.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - yahoo.com
FF - prefs.js: keyword.URL - about:neterror?e=query&u=
FF - component: c:\program files\avg\avg8\firefox\components\avgssff.dll
FF - component: c:\program files\real\realplayer\browserrecord\firefox\ext\components\nprpffbrowserrecordext.dll
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}

============= SERVICES / DRIVERS ===============

R0 AvgRkx86;avgrkx86.sys;c:\windows\system32\drivers\avgrkx86.sys [2009-3-8 12552]
R1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2009-3-8 335240]
R1 AvgMfx86;AVG On-access Scanner Minifilter Driver x86;c:\windows\system32\drivers\avgmfx86.sys [2009-3-8 27784]
R1 AvgTdiX;AVG8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2009-3-8 108552]
R2 avg8wd;AVG8 WatchDog;c:\progra~1\avg\avg8\avgwdsvc.exe [2009-3-10 297752]
R2 avgfws8;AVG8 Firewall;c:\progra~1\avg\avg8\avgfws8.exe [2009-4-30 1370488]
R3 Avgfwdx;Avgfwdx;c:\windows\system32\drivers\avgfwdx.sys [2009-3-8 29208]
R3 L1e;Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller;c:\windows\system32\drivers\l1e51x86.sys [2009-3-6 38400]
R3 RTCore32;RTCore32;c:\program files\evga precision\RTCore32.sys [2005-5-25 4608]
S3 Adobe Version Cue CS4;Adobe Version Cue CS4;c:\program files\common files\adobe\adobe version cue cs4\server\bin\VersionCueCS4.exe [2008-8-15 288112]
S3 ASPI;Advanced SCSI Programming Interface Driver;c:\windows\system32\drivers\ASPI32.SYS [2009-3-17 16512]
S3 Avgfwfd;AVG network filter service;c:\windows\system32\drivers\avgfwdx.sys [2009-3-8 29208]

=============== Created Last 30 ================

2009-08-26 12:07 118,829 ---shr-- c:\windows\traymanager.exe
2009-08-26 12:07 217,133 a------- c:\windows\msauo.exe
2009-08-25 21:40 <DIR> --d----- c:\program files\CamStudio
2009-08-25 21:34 <DIR> --d----- c:\program files\Kursevi
2009-08-25 21:23 <DIR> --d----- c:\docume~1\admini~1\applic~1\Any Video Converter
2009-08-25 21:23 <DIR> --d----- c:\program files\Any Video Converter
2009-08-17 18:59 5,632 a------- c:\windows\system32\ptpusb.dll
2009-08-17 18:59 159,232 a------- c:\windows\system32\ptpusd.dll
2009-08-17 00:06 <DIR> --d----- C:\Downloads
2009-08-16 23:32 <DIR> --d----- c:\program files\Xilisoft
2009-08-16 20:21 <DIR> --d----- c:\program files\Plato DVD Ripper Professional
2009-08-16 20:13 <DIR> --d----- C:\platodvdripper
2009-08-12 21:09 <DIR> --d----- c:\program files\NewBlue
2009-08-12 00:19 <DIR> --d----- c:\program files\The KMPlayer
2009-08-03 20:54 73,728 a------- c:\windows\system32\javacpl.cpl
2009-08-03 20:54 410,984 a------- c:\windows\system32\deploytk.dll
2009-08-03 19:59 500 a------- c:\windows\wcx_ftp.ini
2009-08-01 17:59 1,772,288 a------- c:\docume~1\admini~1\applic~1\Integrator.exe
2009-08-01 17:52 <DIR> --d----- c:\program files\Download Direct

==================== Find3M ====================

2009-08-13 03:31 45,056 a------- c:\windows\system32\WNASPI32.DLL
2009-08-13 03:31 16,512 a------- c:\windows\system32\drivers\ASPI32.SYS
2009-07-31 08:33 335,240 a------- c:\windows\system32\drivers\avgldx86.sys
2009-07-31 08:33 11,952 a------- c:\windows\system32\avgrsstx.dll
2009-07-10 00:19 499,712 a------- c:\windows\system32\msvcp71.dll
2009-07-10 00:19 348,160 a------- c:\windows\system32\msvcr71.dll
2009-06-24 01:46 65,074 ---shr-- c:\windows\usbmngr.exe
2006-06-25 16:48 32,768 a----r-- c:\windows\inf\UpdateUSB.exe
2009-03-11 21:18 56 ---shr-- c:\windows\system32\56CD60389B.sys

============= FINISH: 12:28:10.03 ===============

mycity.rs/must-login.png

mycity.rs/must-login.png

mycity.rs/must-login.png

mycity.rs/must-login.png

offline
  • Pridružio: 04 Jan 2009
  • Poruke: 2168

Pozdrav...


Preuzmi sUBs-ov ComboFix sa sledeće adrese na Desktop:


Bleeping Computer
Klikni desnim tasterom na link i odaberi opciju Save Target As... (Save Link As..., Save Linked Content As... ili sličnu);
Kada se otvori dijalog za izbor lokacije na kojoj treba sačuvati file, odaberi Desktop i klikni Save.




Kada preuzimanje programa bude završeno:
deaktiviraj zaštitni softver (uputstvo);
zatvori pokrenute programe;
dvoklikom pokreni program ComboFix.

U toku rada, ComboFix će:proveriti postoji li novija verzija programa:
klikni Yes ako bude ponuđeno preuzimanje iste.
prikazati DISCLAIMER OF WARRANTY ON SOFTWARE:
klikni Yes kako bi proces bio nastavljen.
ako Recovery Console nije instalirana, ponuditi instalaciju:
obavezno prihvati klikom na Yes i isprati postupak.
postaviti/dati određeni broj upita/obaveštenja:
prihvati klikom na Yes ili OK.
po potrebi, restartovati Windows (više puta);
na kraju rada, otvoriti Notepad sa izveštajem o skeniranju.


Iskopiraj izveštaj koji je ComboFix napravio u temu na forumu:
klikni desnim tasterom miša u prozor Notepad-a i izaberi Select All;
klikni desnim tasterom miša na obeleženi tekst i izaberi Copy;
klikni desnim tasterom miša u polje za pisanje poruke i izaberi Paste.


Napomena:Izveštaj će biti sačuvan pod nazivom ComboFix.txt na sistemskoj particiji (tipična lokacija: C:\ComboFix.txt);
Ukoliko nakon slanja poruke primetiš da izveštaj nije kompletan, iskoristi opciju Prikači fajl za prilaganje file-a C:\ComboFix.txt uz poruku.

offline
  • Pridružio: 07 Sep 2008
  • Poruke: 49

Pozz, hvala ti sto si odgovorio. Smile Evo ga izvestaj.


ComboFix 09-08-29.01 - Administrator 08/30/2009 16:14.3.4 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1252.44.1033.18.3327.2087 [GMT 2:00]
Running from: c:\documents and settings\Administrator\Desktop\ComboFix.exe
AV: AVG Anti-Virus *On-access scanning disabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
FW: AVG Firewall *disabled* {8decf618-9569-4340-b34a-d78d28969b66}
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\Administrator\Local Settings\Temporary Internet Files\TestBrowser.html
c:\documents and settings\All Users\Application Data\Seekapp
c:\documents and settings\All Users\Application Data\Seekapp\seekapp132.exe
c:\recycler\k-1-3542-4232123213-7676767-8888886
c:\windows\system32\lsprst7.dll
c:\windows\system32\ssprs.dll


.
((((((((((((((((((((((((( Files Created from 2009-07-28 to 2009-08-30 )))))))))))))))))))))))))))))))
.

2009-08-26 10:07 . 2009-08-26 10:07 118829 --sh--r- c:\windows\traymanager.exe
2009-08-26 10:07 . 2009-08-26 10:08 217133 ----a-w- c:\windows\msauo.exe
2009-08-25 19:40 . 2009-08-25 19:45 -------- d-----w- c:\program files\CamStudio
2009-08-25 19:34 . 2009-08-25 19:34 -------- d-----w- c:\program files\Kursevi
2009-08-25 19:23 . 2009-08-26 13:20 -------- d-----w- c:\documents and settings\Administrator\Application Data\Any Video Converter
2009-08-25 19:23 . 2009-08-25 19:23 -------- d-----w- c:\program files\Any Video Converter
2009-08-23 00:11 . 2009-08-23 00:11 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Temp
2009-08-19 20:58 . 2009-08-19 21:00 -------- d-----w- c:\documents and settings\Administrator\Application Data\Move Networks
2009-08-19 20:57 . 2009-03-09 09:34 971776 ----a-w- c:\documents and settings\Administrator\Application Data\Mozilla\Firefox\Profiles\pxdgk9ry.default\extensions\moveplayer@movenetworks.com\platform\WINNT_x86-msvc\plugins\npmnqmp071303000006.dll
2009-08-17 16:59 . 2001-08-17 20:36 5632 ----a-w- c:\windows\system32\ptpusb.dll
2009-08-17 16:59 . 2008-04-14 03:42 159232 ----a-w- c:\windows\system32\ptpusd.dll
2009-08-16 22:06 . 2009-08-16 22:06 -------- d-----w- C:\Downloads
2009-08-16 21:32 . 2009-08-16 21:32 -------- d-----w- c:\program files\Xilisoft
2009-08-16 18:21 . 2009-08-16 18:22 -------- d-----w- c:\program files\Plato DVD Ripper Professional
2009-08-16 18:13 . 2009-08-16 18:39 -------- d-----w- C:\platodvdripper
2009-08-12 19:09 . 2009-08-12 20:05 -------- d-----w- c:\program files\NewBlue
2009-08-11 22:19 . 2009-08-11 22:20 -------- d-----w- c:\program files\The KMPlayer
2009-08-11 14:26 . 2009-08-11 14:26 -------- d-----w- c:\documents and settings\Administrator\Application Data\Publish Providers
2009-08-07 22:09 . 2009-08-26 13:21 -------- d-----w- c:\documents and settings\Administrator\Application Data\dvdcss
2009-08-03 18:54 . 2009-08-03 18:54 410984 ----a-w- c:\windows\system32\deploytk.dll
2009-08-03 18:53 . 2009-08-03 18:53 152576 ----a-w- c:\documents and settings\Administrator\Application Data\Sun\Java\jre1.6.0_13\lzma.dll
2009-08-03 18:10 . 2009-08-03 18:10 -------- d-----w- c:\windows\Sun
2009-08-03 13:42 . 2009-08-03 13:42 38208 ----a-w- c:\documents and settings\Default User\Application Data\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
2009-08-03 13:39 . 2009-08-03 13:39 -------- d-----w- c:\program files\Adobe Media Player
2009-08-02 19:52 . 2009-08-02 19:52 -------- d-sh--w- c:\documents and settings\LocalService\IETldCache
2009-08-01 15:59 . 2009-08-01 16:13 1772288 ----a-w- c:\documents and settings\Administrator\Application Data\Integrator.exe
2009-08-01 15:52 . 2009-08-01 15:54 -------- d-----w- c:\program files\Download Direct

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-08-30 12:47 . 2009-03-06 23:53 -------- d-----w- c:\documents and settings\Administrator\Application Data\uTorrent
2009-08-26 13:21 . 2009-07-23 10:35 -------- d-----w- c:\documents and settings\Administrator\Application Data\vlc
2009-08-13 01:31 . 2009-03-17 20:26 45056 ----a-w- c:\windows\system32\WNASPI32.DLL
2009-08-13 01:31 . 2009-03-17 20:26 16512 ----a-w- c:\windows\system32\drivers\ASPI32.SYS
2009-08-12 00:02 . 2009-03-06 21:13 -------- d-----w- c:\program files\Sony
2009-08-11 23:19 . 2009-03-06 21:10 -------- d-----w- c:\program files\Sony Setup
2009-08-11 22:06 . 2009-03-07 14:32 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2009-08-04 14:36 . 2009-03-06 21:08 -------- d-----w- c:\program files\FormatFactory
2009-08-03 18:53 . 2009-03-06 04:30 -------- d-----w- c:\program files\Java
2009-08-03 13:42 . 2009-07-09 02:10 -------- d-----w- c:\program files\Common Files\Adobe AIR
2009-08-03 13:42 . 2009-03-12 23:17 38208 ----a-w- c:\documents and settings\Administrator\Application Data\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
2009-08-03 11:16 . 2009-03-06 20:24 -------- d-----w- c:\program files\Winamp
2009-08-02 20:33 . 2009-03-06 04:48 96584 ----a-w- c:\documents and settings\Administrator\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-08-02 16:41 . 2009-04-01 08:28 -------- d-----w- c:\documents and settings\Administrator\Application Data\gtk-2.0
2009-07-31 06:33 . 2009-03-08 19:07 11952 ----a-w- c:\windows\system32\avgrsstx.dll
2009-07-31 06:33 . 2009-03-08 19:07 335240 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2009-07-31 06:33 . 2009-03-08 19:07 27784 ----a-w- c:\windows\system32\drivers\avgmfx86.sys
2009-07-31 04:41 . 2009-07-31 04:41 -------- d-----w- c:\documents and settings\All Users\Application Data\nView_Profiles
2009-07-23 10:32 . 2009-07-23 10:32 -------- d-----w- c:\program files\VideoLAN
2009-07-21 02:39 . 2009-03-07 14:22 1078560 ----a-w- c:\documents and settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
2009-07-19 22:00 . 2009-07-19 22:00 -------- d-----w- c:\program files\TechSmith
2009-07-17 14:33 . 2009-07-17 14:32 -------- d-----w- c:\program files\DVD Decrypter
2009-07-16 21:43 . 2009-03-12 14:42 -------- d-----w- c:\program files\iTunes
2009-07-16 21:43 . 2009-07-16 21:43 -------- d-----w- c:\program files\iPod
2009-07-16 21:42 . 2009-03-12 14:40 -------- d-----w- c:\program files\Common Files\Apple
2009-07-16 21:41 . 2009-03-06 04:31 -------- d-----w- c:\program files\QuickTime Alternative
2009-07-16 21:37 . 2009-07-16 21:37 75040 ----a-w- c:\documents and settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 8.2.1.6\SetupAdmin.exe
2009-07-09 22:19 . 2009-07-09 22:18 -------- d-----w- c:\program files\Common Files\Real
2009-07-09 22:19 . 2009-07-09 22:19 -------- d-----w- c:\program files\Common Files\xing shared
2009-07-09 22:19 . 2009-07-09 22:19 -------- d-----w- c:\program files\Real
2009-07-09 22:19 . 2009-03-06 04:31 348160 ----a-w- c:\windows\system32\msvcr71.dll
2009-07-09 22:19 . 2003-03-19 02:14 499712 ----a-w- c:\windows\system32\msvcp71.dll
2009-07-08 13:11 . 2009-07-08 13:11 -------- d-----w- c:\program files\MP3 Player Utilities 3.75
2009-06-23 23:46 . 2009-06-23 23:46 65074 --sh--r- c:\windows\usbmngr.exe
2009-03-11 19:18 . 2009-03-11 19:18 56 --sh--r- c:\windows\system32\56CD60389B.sys
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A057A204-BACC-4D26-C39E-35F1D2A32EC8}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\lib\NMBgMonitor.exe" [2005-10-28 94208]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-10-07 13574144]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-10-07 86016]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-27 31016]
"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-08-13 2007832]
"AdobeCS4ServiceManager"="c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2009-03-11 611712]
"Adobe Acrobat Speed Launcher"="c:\program files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe" [2009-02-27 38768]
"Acrobat Assistant 8.0"="c:\program files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe" [2009-02-27 640376]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"EVGAPrecision"="c:\program files\EVGA Precision\EVGAPrecision.exe" [2008-12-22 240656]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-07-09 198160]
"QuickTime Task"="c:\program files\QuickTime Alternative\qttask.exe" [2009-05-26 413696]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-07-13 292128]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-08-03 148888]
"RTHDCPL"="RTHDCPL.EXE" - c:\windows\RTHDCPL.EXE [2008-11-17 17676288]
"nwiz"="nwiz.exe" - c:\windows\system32\nwiz.exe [2008-10-07 1630208]
"Windows Data Serivce"="usbmngr.exe" - c:\windows\usbmngr.exe [2009-06-23 65074]
"traymanager"="traymanager.exe" - c:\windows\traymanager.exe [2009-08-26 118829]

c:\documents and settings\Administrator\Start Menu\Programs\Startup\
OneNote 2007 Screen Clipper and Launcher.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2006-10-26 98632]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\MCPClient]
2005-01-31 13:13 49152 ----a-w- c:\progra~1\COMMON~1\Stardock\MCPStub.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\WBSrv]
2009-05-09 11:48 210168 ----a-w- c:\program files\Stardock\Object Desktop\WindowBlinds\WbSrv.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2009-07-31 06:33 11952 ----a-w- c:\windows\system32\avgrsstx.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\system32\wbsys.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0OODBS

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"UpdatesDisableNotify"=dword:00000001
"FirewallOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgupd.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgnsx.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Common Files\\Adobe\\CS4ServiceManager\\CS4ServiceManager.exe"=
"c:\\Program Files\\Common Files\\Adobe\\Adobe Version Cue CS4\\Server\\bin\\VersionCueCS4.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil_.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5353:TCP"= 5353:TCP:Adobe CSI CS4
"3703:TCP"= 3703:TCP:Adobe Version Cue CS4 Server
"3704:TCP"= 3704:TCP:Adobe Version Cue CS4 Server
"51000:TCP"= 51000:TCP:Adobe Version Cue CS4 Server
"51001:TCP"= 51001:TCP:Adobe Version Cue CS4 Server

R0 AvgRkx86;avgrkx86.sys;c:\windows\system32\drivers\avgrkx86.sys [3/8/2009 9:07 PM 12552]
R1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [3/8/2009 9:07 PM 335240]
R1 AvgTdiX;AVG8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [3/8/2009 9:07 PM 108552]
R2 avg8wd;AVG8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [3/10/2009 12:19 AM 297752]
R2 avgfws8;AVG8 Firewall;c:\progra~1\AVG\AVG8\avgfws8.exe [4/30/2009 8:53 AM 1370488]
R3 Avgfwdx;Avgfwdx;c:\windows\system32\drivers\avgfwdx.sys [3/8/2009 9:03 PM 29208]
R3 L1e;Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller;c:\windows\system32\drivers\l1e51x86.sys [3/6/2009 6:54 AM 38400]
R3 RTCore32;RTCore32;c:\program files\EVGA Precision\RTCore32.sys [5/25/2005 9:39 PM 4608]
S3 Adobe Version Cue CS4;Adobe Version Cue CS4;c:\program files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe [8/15/2008 6:46 AM 288112]
S3 ASPI;Advanced SCSI Programming Interface Driver;c:\windows\system32\drivers\ASPI32.SYS [3/17/2009 10:26 PM 16512]
S3 Avgfwfd;AVG network filter service;c:\windows\system32\drivers\avgfwdx.sys [3/8/2009 9:03 PM 29208]

--- Other Services/Drivers In Memory ---

*Deregistered* - aujasnkj

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\system32\rundll32.exe" "c:\windows\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
.
Contents of the 'Scheduled Tasks' folder

2009-08-27 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34]

2009-08-30 c:\windows\Tasks\User_Feed_Synchronization-{6EDAEBEF-8F93-49CE-965C-6D6180D1119F}.job
- c:\windows\system32\msfeedssync.exe [2009-03-08 02:31]
.
- - - - ORPHANS REMOVED - - - -

HKCU-Run-Real Desktop - c:\program files\Real Desktop\Real Desktop.exe
HKCU-Run-Microsoft Drive Guard - c:\documents and settings\Administrator\DrvGuard.exe
HKCU-Run-DLD.EXE - c:\program files\Download Direct\DLD.exe
HKCU-Run-AdobeBridge - (no file)
HKLM-Run-LClock - c:\program files\LClock\LClock.exe
HKLM-Run-Launch LGDCore - c:\program files\Common Files\Logitech\G-series Software\LGDCore.exe
HKLM-Run-Launch LCDMon - c:\program files\Common Files\Logitech\LCD Manager\lcdmon.exe


.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.yahoo.com/
uInternet Settings,ProxyOverride = *.local
IE: &Google Search - c:\program files\Google\GoogleToolbar1.dll/cmsearch.html
IE: &Translate English Word - c:\program files\Google\GoogleToolbar1.dll/cmwordtrans.html
IE: Append Link Target to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Backward Links - c:\program files\Google\GoogleToolbar1.dll/cmbacklinks.html
IE: Cached Snapshot of Page - c:\program files\Google\GoogleToolbar1.dll/cmcache.html
IE: Convert Link Target to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~1\Office12\EXCEL.EXE/3000
IE: Similar Pages - c:\program files\Google\GoogleToolbar1.dll/cmsimilar.html
IE: Translate Page into English - c:\program files\Google\GoogleToolbar1.dll/cmtrans.html
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
FF - ProfilePath - c:\documents and settings\Administrator\Application Data\Mozilla\Firefox\Profiles\pxdgk9ry.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - yahoo.com
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?ei=utf-8&fr=megaup&p=
FF - component: c:\program files\AVG\AVG8\Firefox\components\avgssff.dll
FF - component: c:\program files\Mozilla Firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}\components\NPComponent.dll
FF - component: c:\program files\Real\RealPlayer\browserrecord\firefox\ext\components\nprpffbrowserrecordext.dll
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, gmer.net
Rootkit scan 2009-08-30 16:22
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_USERS\S-1-5-21-606747145-920026266-839522115-500\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (Administrator)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,42,39,ba,6d,0f,43,3d,49,a5,60,a4,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,42,39,ba,6d,0f,43,3d,49,a5,60,a4,\

[HKEY_USERS\S-1-5-21-606747145-920026266-839522115-500\Software\Microsoft\Windows\CurrentVersion\Explorer\CLSID]
@Denied: (Full) (LocalSystem)

[HKEY_USERS\S-1-5-21-606747145-920026266-839522115-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*4]
@Class="Shell"

[HKEY_USERS\S-1-5-21-606747145-920026266-839522115-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*4\OpenWithList]
@Class="Shell"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{BEB3C0C7-B648-4257-96D9-B5D024816E27}\Version*Version]
"Version"=hex:5f,0a,e3,33,96,f2,e4,27,18,a7,5c,3e,0f,e7,47,ac,ec,0b,46,98,74,
7f,5a,ed,eb,98,2d,66,2f,09,c0,16,ce,3e,50,26,eb,79,dc,e8,41,80,ef,c3,94,00,\

[HKEY_LOCAL_MACHINE\software\Minnetonka Audio Software\SurCode Dolby Digital Premiere\Version*Version]
"Version"=hex:5f,0a,e3,33,96,f2,e4,27,18,a7,5c,3e,0f,e7,47,ac,ec,0b,46,98,74,
7f,5a,ed,eb,98,2d,66,2f,09,c0,16,ce,3e,50,26,eb,79,dc,e8,41,80,ef,c3,94,00,\
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(1032)
c:\progra~1\COMMON~1\Stardock\mcpstub.dll
c:\program files\Stardock\Object Desktop\WindowBlinds\wbsrv.dll
.
Completion time: 2009-08-30 16:23
ComboFix-quarantined-files.txt 2009-08-30 14:23
ComboFix2.txt 2009-03-09 22:02

Pre-Run: 70,667,714,560 bytes free
Post-Run: 73,327,968,256 bytes free

248

offline
  • Pridružio: 04 Jan 2009
  • Poruke: 2168

Otvoriti Notepad i iskopirati sledeci tekst:


FileLook::
c:\documents and settings\Administrator\Application Data\Integrator.exe

File::
c:\windows\traymanager.exe
c:\windows\msauo.exe
c:\windows\usbmngr.exe

Registry::
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Data Serivce"=-
"traymanager"=-



Snimiti na Desktop fajl iz Notepada kao "CFScript"




Prevuci snimljeni skript/tekst na ComboFix ikonicu kao na slici.
Postaviti u sledecoj poruci log koji bude bio napravljen na kraju ciscenja/skeniranja.

offline
  • Pridružio: 07 Sep 2008
  • Poruke: 49

Evo ga. Smile

ComboFix 09-08-29.01 - Administrator 08/30/2009 18:22.4.4 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1252.44.1033.18.3327.2484 [GMT 2:00]
Running from: c:\documents and settings\Administrator\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\Administrator\Desktop\CFScript.txt
AV: AVG Anti-Virus *On-access scanning disabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
FW: AVG Firewall *disabled* {8decf618-9569-4340-b34a-d78d28969b66}

FILE ::
"c:\windows\msauo.exe"
"c:\windows\traymanager.exe"
"c:\windows\usbmngr.exe"
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\msauo.exe
c:\windows\traymanager.exe
c:\windows\usbmngr.exe


.
((((((((((((((((((((((((( Files Created from 2009-07-28 to 2009-08-30 )))))))))))))))))))))))))))))))
.

2009-08-25 19:40 . 2009-08-25 19:45 -------- d-----w- c:\program files\CamStudio
2009-08-25 19:34 . 2009-08-25 19:34 -------- d-----w- c:\program files\Kursevi
2009-08-25 19:23 . 2009-08-26 13:20 -------- d-----w- c:\documents and settings\Administrator\Application Data\Any Video Converter
2009-08-25 19:23 . 2009-08-25 19:23 -------- d-----w- c:\program files\Any Video Converter
2009-08-23 00:11 . 2009-08-23 00:11 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Temp
2009-08-19 20:58 . 2009-08-19 21:00 -------- d-----w- c:\documents and settings\Administrator\Application Data\Move Networks
2009-08-19 20:57 . 2009-03-09 09:34 971776 ----a-w- c:\documents and settings\Administrator\Application Data\Mozilla\Firefox\Profiles\pxdgk9ry.default\extensions\moveplayer@movenetworks.com\platform\WINNT_x86-msvc\plugins\npmnqmp071303000006.dll
2009-08-17 16:59 . 2001-08-17 20:36 5632 ----a-w- c:\windows\system32\ptpusb.dll
2009-08-17 16:59 . 2008-04-14 03:42 159232 ----a-w- c:\windows\system32\ptpusd.dll
2009-08-16 22:06 . 2009-08-16 22:06 -------- d-----w- C:\Downloads
2009-08-16 21:32 . 2009-08-16 21:32 -------- d-----w- c:\program files\Xilisoft
2009-08-16 18:21 . 2009-08-16 18:22 -------- d-----w- c:\program files\Plato DVD Ripper Professional
2009-08-16 18:13 . 2009-08-16 18:39 -------- d-----w- C:\platodvdripper
2009-08-12 19:09 . 2009-08-12 20:05 -------- d-----w- c:\program files\NewBlue
2009-08-11 22:19 . 2009-08-11 22:20 -------- d-----w- c:\program files\The KMPlayer
2009-08-11 14:26 . 2009-08-11 14:26 -------- d-----w- c:\documents and settings\Administrator\Application Data\Publish Providers
2009-08-07 22:09 . 2009-08-26 13:21 -------- d-----w- c:\documents and settings\Administrator\Application Data\dvdcss
2009-08-03 18:54 . 2009-08-03 18:54 410984 ----a-w- c:\windows\system32\deploytk.dll
2009-08-03 18:53 . 2009-08-03 18:53 152576 ----a-w- c:\documents and settings\Administrator\Application Data\Sun\Java\jre1.6.0_13\lzma.dll
2009-08-03 18:10 . 2009-08-03 18:10 -------- d-----w- c:\windows\Sun
2009-08-03 13:42 . 2009-08-03 13:42 38208 ----a-w- c:\documents and settings\Default User\Application Data\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
2009-08-03 13:39 . 2009-08-03 13:39 -------- d-----w- c:\program files\Adobe Media Player
2009-08-02 19:52 . 2009-08-02 19:52 -------- d-sh--w- c:\documents and settings\LocalService\IETldCache
2009-08-01 15:59 . 2009-08-01 16:13 1772288 ----a-w- c:\documents and settings\Administrator\Application Data\Integrator.exe
2009-08-01 15:52 . 2009-08-01 15:54 -------- d-----w- c:\program files\Download Direct

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-08-30 12:47 . 2009-03-06 23:53 -------- d-----w- c:\documents and settings\Administrator\Application Data\uTorrent
2009-08-26 13:21 . 2009-07-23 10:35 -------- d-----w- c:\documents and settings\Administrator\Application Data\vlc
2009-08-13 01:31 . 2009-03-17 20:26 45056 ----a-w- c:\windows\system32\WNASPI32.DLL
2009-08-13 01:31 . 2009-03-17 20:26 16512 ----a-w- c:\windows\system32\drivers\ASPI32.SYS
2009-08-12 00:02 . 2009-03-06 21:13 -------- d-----w- c:\program files\Sony
2009-08-11 23:19 . 2009-03-06 21:10 -------- d-----w- c:\program files\Sony Setup
2009-08-11 22:06 . 2009-03-07 14:32 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2009-08-04 14:36 . 2009-03-06 21:08 -------- d-----w- c:\program files\FormatFactory
2009-08-03 18:53 . 2009-03-06 04:30 -------- d-----w- c:\program files\Java
2009-08-03 13:42 . 2009-07-09 02:10 -------- d-----w- c:\program files\Common Files\Adobe AIR
2009-08-03 13:42 . 2009-03-12 23:17 38208 ----a-w- c:\documents and settings\Administrator\Application Data\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
2009-08-03 11:16 . 2009-03-06 20:24 -------- d-----w- c:\program files\Winamp
2009-08-02 20:33 . 2009-03-06 04:48 96584 ----a-w- c:\documents and settings\Administrator\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-08-02 16:41 . 2009-04-01 08:28 -------- d-----w- c:\documents and settings\Administrator\Application Data\gtk-2.0
2009-07-31 06:33 . 2009-03-08 19:07 11952 ----a-w- c:\windows\system32\avgrsstx.dll
2009-07-31 06:33 . 2009-03-08 19:07 335240 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2009-07-31 06:33 . 2009-03-08 19:07 27784 ----a-w- c:\windows\system32\drivers\avgmfx86.sys
2009-07-31 04:41 . 2009-07-31 04:41 -------- d-----w- c:\documents and settings\All Users\Application Data\nView_Profiles
2009-07-23 10:32 . 2009-07-23 10:32 -------- d-----w- c:\program files\VideoLAN
2009-07-21 02:39 . 2009-03-07 14:22 1078560 ----a-w- c:\documents and settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
2009-07-19 22:00 . 2009-07-19 22:00 -------- d-----w- c:\program files\TechSmith
2009-07-17 14:33 . 2009-07-17 14:32 -------- d-----w- c:\program files\DVD Decrypter
2009-07-16 21:43 . 2009-03-12 14:42 -------- d-----w- c:\program files\iTunes
2009-07-16 21:43 . 2009-07-16 21:43 -------- d-----w- c:\program files\iPod
2009-07-16 21:42 . 2009-03-12 14:40 -------- d-----w- c:\program files\Common Files\Apple
2009-07-16 21:41 . 2009-03-06 04:31 -------- d-----w- c:\program files\QuickTime Alternative
2009-07-16 21:37 . 2009-07-16 21:37 75040 ----a-w- c:\documents and settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 8.2.1.6\SetupAdmin.exe
2009-07-09 22:19 . 2009-07-09 22:18 -------- d-----w- c:\program files\Common Files\Real
2009-07-09 22:19 . 2009-07-09 22:19 -------- d-----w- c:\program files\Common Files\xing shared
2009-07-09 22:19 . 2009-07-09 22:19 -------- d-----w- c:\program files\Real
2009-07-09 22:19 . 2009-03-06 04:31 348160 ----a-w- c:\windows\system32\msvcr71.dll
2009-07-09 22:19 . 2003-03-19 02:14 499712 ----a-w- c:\windows\system32\msvcp71.dll
2009-07-08 13:11 . 2009-07-08 13:11 -------- d-----w- c:\program files\MP3 Player Utilities 3.75
2009-03-11 19:18 . 2009-03-11 19:18 56 --sh--r- c:\windows\system32\56CD60389B.sys
.

(((((((((((((((((((((((((((((((((((((((((((( Look )))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.

--- c:\documents and settings\Administrator\Application Data\Integrator.exe ---
Company: TuneUp Software GmbH
File Description: TuneUp Utilities Start Center
File Version: 8.0.2000.35
Product Name: TuneUp Utilities
Copyright: Copyright © 2003-2008 TuneUp Software GmbH
Original Filename:
File size: 1772288
Created time: 2009-08-01 15:59
Modified time: 2009-08-01 16:13
MD5: C39411A181512B3A5900CE6BD975C677
SHA1: 59D928FDBAF7415ACB755C1842B94D6D57F463AD


((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A057A204-BACC-4D26-C39E-35F1D2A32EC8}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\lib\NMBgMonitor.exe" [2005-10-28 94208]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-10-07 13574144]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-10-07 86016]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-27 31016]
"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-08-13 2007832]
"AdobeCS4ServiceManager"="c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2009-03-11 611712]
"Adobe Acrobat Speed Launcher"="c:\program files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe" [2009-02-27 38768]
"Acrobat Assistant 8.0"="c:\program files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe" [2009-02-27 640376]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"EVGAPrecision"="c:\program files\EVGA Precision\EVGAPrecision.exe" [2008-12-22 240656]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-07-09 198160]
"QuickTime Task"="c:\program files\QuickTime Alternative\qttask.exe" [2009-05-26 413696]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-07-13 292128]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-08-03 148888]
"RTHDCPL"="RTHDCPL.EXE" - c:\windows\RTHDCPL.EXE [2008-11-17 17676288]
"nwiz"="nwiz.exe" - c:\windows\system32\nwiz.exe [2008-10-07 1630208]

c:\documents and settings\Administrator\Start Menu\Programs\Startup\
OneNote 2007 Screen Clipper and Launcher.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2006-10-26 98632]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\MCPClient]
2005-01-31 13:13 49152 ----a-w- c:\progra~1\COMMON~1\Stardock\MCPStub.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\WBSrv]
2009-05-09 11:48 210168 ----a-w- c:\program files\Stardock\Object Desktop\WindowBlinds\WbSrv.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2009-07-31 06:33 11952 ----a-w- c:\windows\system32\avgrsstx.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\system32\wbsys.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0OODBS

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"UpdatesDisableNotify"=dword:00000001
"FirewallOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgupd.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgnsx.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Common Files\\Adobe\\CS4ServiceManager\\CS4ServiceManager.exe"=
"c:\\Program Files\\Common Files\\Adobe\\Adobe Version Cue CS4\\Server\\bin\\VersionCueCS4.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil_.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5353:TCP"= 5353:TCP:Adobe CSI CS4
"3703:TCP"= 3703:TCP:Adobe Version Cue CS4 Server
"3704:TCP"= 3704:TCP:Adobe Version Cue CS4 Server
"51000:TCP"= 51000:TCP:Adobe Version Cue CS4 Server
"51001:TCP"= 51001:TCP:Adobe Version Cue CS4 Server

R0 AvgRkx86;avgrkx86.sys;c:\windows\system32\drivers\avgrkx86.sys [3/8/2009 9:07 PM 12552]
R1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [3/8/2009 9:07 PM 335240]
R1 AvgTdiX;AVG8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [3/8/2009 9:07 PM 108552]
R2 avg8wd;AVG8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [3/10/2009 12:19 AM 297752]
R2 avgfws8;AVG8 Firewall;c:\progra~1\AVG\AVG8\avgfws8.exe [4/30/2009 8:53 AM 1370488]
R3 Avgfwdx;Avgfwdx;c:\windows\system32\drivers\avgfwdx.sys [3/8/2009 9:03 PM 29208]
R3 L1e;Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller;c:\windows\system32\drivers\l1e51x86.sys [3/6/2009 6:54 AM 38400]
R3 RTCore32;RTCore32;c:\program files\EVGA Precision\RTCore32.sys [5/25/2005 9:39 PM 4608]
S3 Adobe Version Cue CS4;Adobe Version Cue CS4;c:\program files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe [8/15/2008 6:46 AM 288112]
S3 ASPI;Advanced SCSI Programming Interface Driver;c:\windows\system32\drivers\ASPI32.SYS [3/17/2009 10:26 PM 16512]
S3 Avgfwfd;AVG network filter service;c:\windows\system32\drivers\avgfwdx.sys [3/8/2009 9:03 PM 29208]

--- Other Services/Drivers In Memory ---

*Deregistered* - aujasnkj

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\system32\rundll32.exe" "c:\windows\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
.
Contents of the 'Scheduled Tasks' folder

2009-08-27 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34]

2009-08-30 c:\windows\Tasks\User_Feed_Synchronization-{6EDAEBEF-8F93-49CE-965C-6D6180D1119F}.job
- c:\windows\system32\msfeedssync.exe [2009-03-08 02:31]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.yahoo.com/
uInternet Settings,ProxyOverride = *.local
IE: &Google Search - c:\program files\Google\GoogleToolbar1.dll/cmsearch.html
IE: &Translate English Word - c:\program files\Google\GoogleToolbar1.dll/cmwordtrans.html
IE: Append Link Target to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Backward Links - c:\program files\Google\GoogleToolbar1.dll/cmbacklinks.html
IE: Cached Snapshot of Page - c:\program files\Google\GoogleToolbar1.dll/cmcache.html
IE: Convert Link Target to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~1\Office12\EXCEL.EXE/3000
IE: Similar Pages - c:\program files\Google\GoogleToolbar1.dll/cmsimilar.html
IE: Translate Page into English - c:\program files\Google\GoogleToolbar1.dll/cmtrans.html
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
FF - ProfilePath - c:\documents and settings\Administrator\Application Data\Mozilla\Firefox\Profiles\pxdgk9ry.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - yahoo.com
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?ei=utf-8&fr=megaup&p=
FF - component: c:\program files\AVG\AVG8\Firefox\components\avgssff.dll
FF - component: c:\program files\Mozilla Firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}\components\NPComponent.dll
FF - component: c:\program files\Real\RealPlayer\browserrecord\firefox\ext\components\nprpffbrowserrecordext.dll
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, gmer.net
Rootkit scan 2009-08-30 18:24
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_USERS\S-1-5-21-606747145-920026266-839522115-500\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (Administrator)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,42,39,ba,6d,0f,43,3d,49,a5,60,a4,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,42,39,ba,6d,0f,43,3d,49,a5,60,a4,\

[HKEY_USERS\S-1-5-21-606747145-920026266-839522115-500\Software\Microsoft\Windows\CurrentVersion\Explorer\CLSID]
@Denied: (Full) (LocalSystem)

[HKEY_USERS\S-1-5-21-606747145-920026266-839522115-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*4]
@Class="Shell"

[HKEY_USERS\S-1-5-21-606747145-920026266-839522115-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*4\OpenWithList]
@Class="Shell"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{BEB3C0C7-B648-4257-96D9-B5D024816E27}\Version*Version]
"Version"=hex:5f,0a,e3,33,96,f2,e4,27,18,a7,5c,3e,0f,e7,47,ac,ec,0b,46,98,74,
7f,5a,ed,eb,98,2d,66,2f,09,c0,16,ce,3e,50,26,eb,79,dc,e8,41,80,ef,c3,94,00,\

[HKEY_LOCAL_MACHINE\software\Minnetonka Audio Software\SurCode Dolby Digital Premiere\Version*Version]
"Version"=hex:5f,0a,e3,33,96,f2,e4,27,18,a7,5c,3e,0f,e7,47,ac,ec,0b,46,98,74,
7f,5a,ed,eb,98,2d,66,2f,09,c0,16,ce,3e,50,26,eb,79,dc,e8,41,80,ef,c3,94,00,\
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(1032)
c:\progra~1\COMMON~1\Stardock\mcpstub.dll
c:\program files\Stardock\Object Desktop\WindowBlinds\wbsrv.dll
.
Completion time: 2009-08-30 18:25
ComboFix-quarantined-files.txt 2009-08-30 16:25
ComboFix2.txt 2009-08-30 14:23
ComboFix3.txt 2009-03-09 22:02

Pre-Run: 73,345,568,768 bytes free
Post-Run: 73,329,430,528 bytes free

252

offline
  • Pridružio: 04 Jan 2009
  • Poruke: 2168

Kakvo je sada stanje?

offline
  • Pridružio: 07 Sep 2008
  • Poruke: 49

Odlicno. Smile Prestale su da nestaju ikonice i da se pojavljuju. Very Happy I nije se desilo da se opet restartovao, tako da... trebalo bi da je ok?

Hvala ti punoooo! Smile Smile

offline
  • Pridružio: 04 Jan 2009
  • Poruke: 2168

Još samo isprati sledeće uputstvo...


Potrebno je deinstalirati ComboFix:
klikni start (ili ), a zatim RUN.

Na Visti koristiti Start Search polje ukoliko Run nije dostupan.

U liniju za unos teksta ukucaj (iskopiraj) sledeće:

combofix /u

Primeti da postoji razmak između "ComboFix" i "/u".



a zatim klikni OK (ili pritisni Enter).


Sačekaj da se proces deinstalacije završi.

offline
  • Pridružio: 07 Sep 2008
  • Poruke: 49

Zavrseno!

Hvala jos jednom! Smile

Ko je trenutno na forumu
 

Ukupno su 825 korisnika na forumu :: 46 registrovanih, 9 sakrivenih i 770 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: _Sale, bladesu, Bobrock1, bojank, darionis, ddjxxi, Dejan84, Deneb, DonRumataEstorski, Dorcolac, Ehinacea, Frunze, ikan, IvanKotan, kokan0905, ladro, laurusri, Magistar78, mantrox, mercedesamg, micoboj, milekNS, miodrag, misa2, Miskohd, nenad81, nuki1234, oldtimer, Outis, Panter, pceklic, pericanet, platana, promajauglavi, purke62, Sale.S, Steeeefan, stegonosa, Stoilkovic, Van, vathra, Voja1978, wulfy, x9, zlaya011, zziko