MyCity » Ambulanta -> Arhiva Ambulante » New folder?

New folder?

Napisano na dan: 17.8.2008

New folder?
Sledeća strana Pagination

Idi na vrh

Poslao: 17 Avg 2008 01:14
Idi na vrh
offline
  • Pridružio: 04 Nov 2007
  • Poruke: 8
  • Gde živiš: Beograd,Srbija

Kada ukljucujem racunar uvek mi se formira novi folder na ekranu. Obrisem ga ali se on posle izvesnog vremena opet pojavi.

Jel' neko imao slican problem?



Poslao: 17 Avg 2008 08:35
Idi na vrh
offline
  • Pridružio: 04 Sep 2003
  • Poruke: 24135
  • Gde živiš: Wien

Nije Smile

Ambulanta je forum za resavanje problema sa malwareom (narodski receno - virusima).
Nama je ovde potrebno nesto logova, da bi smo imali od cega da pocnemo da radimo analizu, a sve to ti lepo pise ovde:
[Link mogu videti samo ulogovani korisnici]



Poslao: 17 Avg 2008 10:34
Idi na vrh
offline
  • Pridružio: 04 Nov 2007
  • Poruke: 8
  • Gde živiš: Beograd,Srbija

bobby ::Nije Smile

Ambulanta je forum za resavanje problema sa malwareom (narodski receno - virusima).
Nama je ovde potrebno nesto logova, da bi smo imali od cega da pocnemo da radimo analizu, a sve to ti lepo pise ovde:
[Link mogu videti samo ulogovani korisnici]

Pa jel' hocete da uraddim ovo sa hijackthis-om ili se vi ne bavite sa ovim problemima?

Hvala

Poslao: 17 Avg 2008 10:37
Idi na vrh
offline
  • Pridružio: 04 Sep 2003
  • Poruke: 24135
  • Gde živiš: Wien

Pa jel hoces da vidimo da li to neki virus radi? Smile

Hajde postavi HijackThis log.
Onaj moj komentar gore se odnosio na to da nisi lepo otvorio temu, i ako u Ambulanti imas te teme izdvojene sa Vazno, i jos obelezene crvenim slovima.
Mi bez te procedure ne mozemo da ti pomognemo.

Poslao: 17 Avg 2008 10:42
Idi na vrh
offline
  • Pridružio: 04 Nov 2007
  • Poruke: 8
  • Gde živiš: Beograd,Srbija

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:28:39 AM, on 17-Aug-08
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16711)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Apoint\Apoint.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\Sony\VAIO Camera Utility\VCUServe.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosAVRC.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe
C:\Program Files\Apoint\Apntex.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtProc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Users\Vukasin\Desktop\New Folder\TR3.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = [Link mogu videti samo ulogovani korisnici]
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [Link mogu videti samo ulogovani korisnici]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [Link mogu videti samo ulogovani korisnici]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [Link mogu videti samo ulogovani korisnici]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [Link mogu videti samo ulogovani korisnici]
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [Link mogu videti samo ulogovani korisnici]
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: QUICKfind BHO Object - {C08DF07A-3E49-4E25-9AB0-D3882835F153} - C:\PROGRA~1\TEXTware\QUICKF~1\PlugIns\IEHelp.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [VAIOCameraUtility] "C:\Program Files\Sony\VAIO Camera Utility\VCUServe.exe"
O4 - HKLM\..\Run: [MSConfig] "C:\Windows\system32\msconfig.exe" /auto
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - Global Startup: Bluetooth Manager.lnk = ?
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {02CF1781-EA91-4FA5-A200-646E8241987C} (VaioInfo.CMClass) - [Link mogu videti samo ulogovani korisnici]
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - [Link mogu videti samo ulogovani korisnici]
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O20 - AppInit_DLLs: c:\progra~1\bandoo\bndhook.dll c:\progra~1\bandoo\bndhook.dll
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: Bandoo Coordinator - Discordia Limited - C:\PROGRA~1\Bandoo\Bandoo.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Image Converter SCSI Service (ICScsiSV) - Sony Corporation - C:\Program Files\Sony\Image Converter 3\ICScsiSV.exe
O23 - Service: IcVzMonLauncher - Sony Corporation - C:\Program Files\Sony\Image Converter 3\IcVzMonLauncher.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: SonicStage Back-End Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SsBeSvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\Windows\system32\stacsv.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe
O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe
O23 - Service: VAIO Media Content Collection (VAIOMediaPlatform-UCLS-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\UCLS.exe
O23 - Service: VAIO Media Content Collection (HTTP) (VAIOMediaPlatform-UCLS-HTTP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Content Collection (UPnP) (VAIOMediaPlatform-UCLS-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 9509 bytes



Izvinjavam se citacu sledeci put obavezno.

Poslao: 17 Avg 2008 12:11
Idi na vrh
offline
  • Pridružio: 04 Sep 2003
  • Poruke: 24135
  • Gde živiš: Wien

Ne nalazim nista maliciozno u ovom logu.

Mozes li dati malo vise informacija o tom folderu koji ti se pojavljuje? Recimo ime foldera, sta ima u njemu (spisak fajlova) itd.

Napravices mi jos jedan log:

Skini ComboFix sa jedne od sledecih adresa na Desktop:
[Link mogu videti samo ulogovani korisnici]
[Link mogu videti samo ulogovani korisnici]
[Link mogu videti samo ulogovani korisnici]

Startuj ga i ne diraj prozor programa dok skenira.
Sledi uputstva na ekranu. Kada zavrsi pojavice se log (C:\ComboFix.txt) koji ces nam ovde iskopirati.

Poslao: 17 Avg 2008 13:49
Idi na vrh
offline
  • Pridružio: 04 Nov 2007
  • Poruke: 8
  • Gde živiš: Beograd,Srbija

ComboFix 08-08-16.01 - Vukasin 2008-08-17 13:13:32.1 - NTFSx86
Microsoft® Windows Vista™ Home Premium 6.0.6000.0.1252.1.1033.18.1106 [GMT 2:00]
Running from: C:\Users\Vukasin\Desktop\ComboFix.exe
* Created a new restore point
* Resident AV is active

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Users\Vukasin\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\841626BE25BD54BE6738D6A26E9F1660E871333E
C:\Users\Vukasin\AppData\Roaming\Microsoft\SystemCertificates\My\Keys\DA495A80E3A8B1EE8B108877E5072CDC1ADD95E7
C:\Windows\system32\x64

.
((((((((((((((((((((((((( Files Created from 2008-07-17 to 2008-08-17 )))))))))))))))))))))))))))))))
.

2008-08-16 21:12 . 2008-08-16 21:12 <DIR> d-------- C:\Windows\SQL9_KB948109_ENU
2008-08-15 22:24 . 2008-08-15 22:24 512,096 --a------ C:\Windows\System32\drivers\amon.sys
2008-08-15 22:24 . 2008-08-15 22:24 298,104 --a------ C:\Windows\System32\imon.dll
2008-08-15 22:24 . 2008-08-15 22:24 15,424 --a------ C:\Windows\System32\drivers\nod32drv.sys
2008-08-15 22:02 . 2008-07-16 01:48 2,048 --a------ C:\Windows\System32\tzres.dll
2008-08-15 21:46 . 2008-06-26 02:33 12,240,896 --a------ C:\Windows\System32\NlsLexicons0007.dll
2008-08-15 21:46 . 2008-06-26 05:22 4,874,240 --a------ C:\Windows\System32\NlsData0009.dll
2008-08-15 21:46 . 2008-06-26 02:33 2,644,480 --a------ C:\Windows\System32\NlsLexicons0009.dll
2008-08-15 21:32 . 2008-04-10 07:01 737,792 --a------ C:\Windows\System32\inetcomm.dll
2008-08-15 21:32 . 2008-06-19 05:25 361,984 --a------ C:\Windows\System32\IPSECSVC.DLL
2008-08-15 21:32 . 2008-06-19 05:25 272,896 --a------ C:\Windows\System32\polstore.dll
2008-08-15 21:32 . 2008-04-10 04:43 84,480 --a------ C:\Windows\System32\INETRES.dll
2008-08-15 21:32 . 2008-06-19 05:25 61,440 --a------ C:\Windows\System32\winipsec.dll
2008-08-15 21:32 . 2008-06-19 05:25 28,672 --a------ C:\Windows\System32\FwRemoteSvr.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-08-17 11:13 --------- d-----w C:\Program Files\ESET
2008-08-17 01:45 --------- d-----w C:\Users\Vukasin\AppData\Roaming\BSplayer
2008-08-16 19:13 --------- d-----w C:\Program Files\Microsoft SQL Server
2008-08-15 20:28 100,821 ----a-w C:\Users\Vukasin\AppData\Roaming\nvModes.dat
2008-08-15 20:08 174 --sha-w C:\Program Files\desktop.ini
2008-08-15 20:05 --------- d-----w C:\Program Files\Windows Mail
2008-08-15 20:03 --------- d-----w C:\ProgramData\Microsoft Help
2008-07-05 17:32 --------- d-----w C:\Program Files\aSkola
2008-07-01 09:32 --------- d-----w C:\ProgramData\Kaspersky Lab
2008-06-29 14:58 --------- d--h--r C:\Users\Vukasin\AppData\Roaming\SecuROM
2008-06-29 14:21 --------- d-----w C:\Program Files\GameSpy
2008-06-29 14:17 669,184 ----a-w C:\Windows\System32\pbsvc.exe
2008-06-29 14:17 66,872 ----a-w C:\Windows\System32\PnkBstrA.exe
2008-06-29 14:17 22,328 ----a-w C:\Windows\system32\drivers\PnkBstrK.sys
2008-06-29 14:17 22,328 ----a-w C:\Users\Vukasin\AppData\Roaming\PnkBstrK.sys
2008-06-29 14:17 103,736 ----a-w C:\Windows\System32\PnkBstrB.exe
2008-06-29 14:15 --------- d-----w C:\ProgramData\Media Center Programs
2008-06-29 13:43 --------- d-----w C:\Program Files\Electronic Arts
2008-06-29 13:17 --------- d-----w C:\Program Files\Common Files\Adobe
2008-06-27 03:54 826,368 ----a-w C:\Windows\System32\wininet.dll
2008-06-27 03:54 56,320 ----a-w C:\Windows\System32\iesetup.dll
2008-06-27 03:54 52,736 ----a-w C:\Windows\AppPatch\iebrshim.dll
2008-06-27 03:54 26,624 ----a-w C:\Windows\System32\ieUnatt.exe
2008-06-26 00:34 7,964,672 ----a-w C:\Windows\System32\NlsLexicons0024.dll
2008-06-26 00:33 9,892,864 ----a-w C:\Windows\System32\NlsLexicons000a.dll
2008-06-12 06:54 537,600 ----a-w C:\Windows\AppPatch\AcLayers.dll
2008-06-12 06:54 173,056 ----a-w C:\Windows\AppPatch\AcXtrnal.dll
2008-06-12 01:21 2,560 ----a-w C:\Windows\AppPatch\AcRes.dll
2007-11-25 00:38 1,132,112 ----a-w C:\Users\All Users\pswi_preloaded.exe
2007-11-25 00:38 1,132,112 ----a-w C:\ProgramData\pswi_preloaded.exe
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools"="C:\Program Files\DAEMON Tools\daemon.exe" [2007-11-17 13:53 171464]
"ehTray.exe"="C:\Windows\ehome\ehTray.exe" [2006-11-02 14:35 125440]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe" [2008-03-09 02:05 171448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Apoint"="C:\Program Files\Apoint\Apoint.exe" [2006-11-13 14:32 118784]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 05:25 144784]
"VAIOCameraUtility"="C:\Program Files\Sony\VAIO Camera Utility\VCUServe.exe" [2007-02-08 04:43 411768]
"MSConfig"="C:\Windows\system32\msconfig.exe" [2006-11-02 11:45 222208]
"IntelliPoint"="C:\Program Files\Microsoft IntelliPoint\ipoint.exe" [2007-02-06 01:52 849280]
"NvSvc"="C:\Windows\system32\nvsvc.dll" [2007-11-07 03:35 86016]
"NvCplDaemon"="C:\Windows\system32\NvCpl.dll" [2007-11-07 03:35 8534560]
"NvMediaCenter"="C:\Windows\system32\NvMcTray.dll" [2007-11-07 03:35 81920]
"nod32kui"="C:\Program Files\Eset\nod32kui.exe" [2008-08-15 22:24 949376]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth Manager.lnk - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe [2007-02-03 07:38:14 2756608]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon]
2007-02-14 00:19 98304 C:\Windows\System32\VESWinlogon.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\bandoo\bndhook.dll c:\progra~1\bandoo\bndhook.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"vidc.i420"= i263_32.drv
"VIDC.dvsd"= C:\Program Files\Common Files\Sony Shared\VideoLib\sonydv.dll
"vidc.3ivx"= 3ivxVfWCodec.dll
"vidc.3iv2"= 3ivxVfWCodec.dll
"msacm.divxa32"= divxa32.acm
"VIDC.HFYU"= huffyuv.dll
"VIDC.i263"= i263_32.drv
"msacm.imc"= imc32.acm
"VIDC.VP31"= vp31vfw.dll

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
path=C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk
backup=C:\Windows\pss\Adobe Reader Speed Launch.lnk.CommonStartup
backupExtension=.CommonStartup

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^QuickBooks Update Agent.lnk]
path=C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\QuickBooks Update Agent.lnk
backup=C:\Windows\pss\QuickBooks Update Agent.lnk.CommonStartup
backupExtension=.CommonStartup

[HKLM\~\startupfolder\C:^Users^Vukasin^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^BORGChat.lnk]
path=C:\Users\Vukasin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\BORGChat.lnk
backup=C:\Windows\pss\BORGChat.lnk.Startup
backupExtension=.Startup

[HKLM\~\startupfolder\C:^Users^Vukasin^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 Screen Clipper and Launcher.lnk]
path=C:\Users\Vukasin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk
backup=C:\Windows\pss\OneNote 2007 Screen Clipper and Launcher.lnk.Startup
backupExtension=.Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 8.0]
--a------ 2007-05-10 23:46 624248 C:\Program Files\Adobe\Acrobat 8.0\Acrobat\acrotray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
--a------ 2007-08-03 13:51 202024 C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Comrade.exe]
--a------ 2007-06-29 15:03 36864 C:\Program Files\GameSpy\Comrade\Comrade.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
--a------ 2007-08-24 08:00 33648 C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISBMgr.exe]
--a------ 2007-04-17 04:06 321656 C:\Program Files\Sony\ISB Utility\ISBMgr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
--a------ 2007-03-01 16:57 153136 C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickBooks Simple Start]
--a------ 2007-01-31 07:59 371712 C:\Program Files\Intuit\SimpleStartEntice\entice.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
--a------ 2007-11-15 00:43 286720 C:\Program Files\QuickTime\QTTask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VAIO Center Access Bar]
--a------ 2007-03-07 00:22 36864 c:\Program Files\Sony\VAIO Center Access Bar\VCAB.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VAIOSecurity]
--a------ 2007-03-14 02:13 2322432 C:\Program Files\Sony\VAIO Security Center\VSC.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VAIOSurvey]
--a------ 2006-12-07 03:08 577536 C:\Program Files\Sony\VAIO Survey\Vista VAIO Survey.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
--a------ 2007-05-02 00:40 1006264 C:\Program Files\Windows Defender\MSASCui.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"UacDisableNotify"=dword:00000001
"InternetSettingsDisableNotify"=dword:00000001
"AutoUpdateDisableNotify"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{6605867D-2BE3-4E10-B248-DCECF4D91BE5}"= UDP:C:\Program Files\Sony\LocationFreePlayer\LFPC3\LFPC3.exe:LocationFree Player
"{F8E3CC7C-E358-46A2-A6B3-B240AED20441}"= TCP:C:\Program Files\Sony\LocationFreePlayer\LFPC3\LFPC3.exe:LocationFree Player
"{6AB08AF8-341D-4423-A421-5150896C0AEA}"= Disabled:UDP:C:\Program Files\Sony\VAIO Media 6.0\Vc.exe:[VAIO Media] VAIO Media
"{2E759B47-D06A-4361-ACBB-50BBD8AA692C}"= Disabled:TCP:C:\Program Files\Sony\VAIO Media 6.0\Vc.exe:[VAIO Media] VAIO Media
"{FDB707F0-1D6F-4E51-B387-0C2DFD12F309}"= UDP:C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{608B0DA3-50A0-4D86-8521-98F9126B3774}"= TCP:C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{538BB262-ECCB-49EC-B11F-AD02CC7A7006}"= TCP:6004|C:\Program Files\Microsoft Office\Office12\outlook.exe:Microsoft Office Outlook
"{263B62F4-783B-4712-980D-A66E44F0DFCF}"= UDP:C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:Microsoft Office Groove
"{AC1A23B6-7835-4A03-BE37-5343AEBD1E7D}"= TCP:C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:Microsoft Office Groove
"{A252C589-600E-49AD-A2A1-CF1504F81AF6}"= UDP:C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{6A183924-CC74-4047-A88F-6074FE174F2F}"= TCP:C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{2BB29684-E528-4CB1-9D13-432E966BAEEB}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{8EA41B70-F58B-4DBE-9D89-765524E74AAE}"= UDP:3703:Adobe Version Cue CS3 Server
"{CD7EC3C9-F2FA-4DAF-8C55-342498333013}"= UDP:3704:Adobe Version Cue CS3 Server
"{5E3DA12D-21DB-4317-B5C4-C8080071630A}"= UDP:50900:Adobe Version Cue CS3 Server
"{2B03C52E-6D49-4B9A-B23C-69B0AD46563A}"= UDP:50901:Adobe Version Cue CS3 Server
"{D179298B-0CE3-4BFD-9A53-E43BD7DC1DEE}"= UDP:C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe:Adobe Version Cue CS3 Server
"{82D9A969-DCE6-43EB-8DD9-EB0AE01E5364}"= TCP:C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe:Adobe Version Cue CS3 Server
"{CA161F92-A51F-4F4E-A4B3-4B808FDBDF22}"= UDP:C:\Program Files\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\XR_3DA.exe:S.T.A.L.K.E.R. - Shadow of Chernobyl (CLI)
"{03988B9A-084E-4B2A-B81E-51DAC4C10501}"= TCP:C:\Program Files\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\XR_3DA.exe:S.T.A.L.K.E.R. - Shadow of Chernobyl (CLI)
"{94CCE6D6-7646-4E9B-8FB4-8F8B85A30E3F}"= UDP:C:\Program Files\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\dedicated\XR_3DA.exe:S.T.A.L.K.E.R. - Shadow of Chernobyl (SRV)
"{EC01F9C8-31FF-442E-9329-6BB2E755AF2B}"= TCP:C:\Program Files\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\dedicated\XR_3DA.exe:S.T.A.L.K.E.R. - Shadow of Chernobyl (SRV)
"{097C47F7-3256-43CF-BC35-A8A1BA2D4674}"= Disabled:UDP:C:\Program Files\Sony\VAIO Media 6.0\Vc.exe:[VAIO Media] VAIO Media
"{08F6408B-E03C-40D6-B4CE-612F9DA68069}"= Disabled:TCP:C:\Program Files\Sony\VAIO Media 6.0\Vc.exe:[VAIO Media] VAIO Media
"TCP Query User{50D25EE7-06DB-4C2C-AF14-83D59BB93AE8}C:\\program files\\borgchat\\borgchat.exe"= UDP:C:\program files\borgchat\borgchat.exe:BORGChat
"UDP Query User{8AD0713E-EE70-434C-B564-9BCA3DEC08B6}C:\\program files\\borgchat\\borgchat.exe"= TCP:C:\program files\borgchat\borgchat.exe:BORGChat
"TCP Query User{5D195D22-254C-4EF4-9E61-B834996B4D85}C:\\program files\\skype\\phone\\skype.exe"= UDP:C:\program files\skype\phone\skype.exe:Skype. Take a deep breath
"UDP Query User{CC563C12-0DDB-414A-9294-9EF17C4E99F3}C:\\program files\\skype\\phone\\skype.exe"= TCP:C:\program files\skype\phone\skype.exe:Skype. Take a deep breath
"{5E57A26A-9E98-4806-9541-634E1992ADB6}"= UDP:C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:Microsoft Office Groove
"{9F2E2353-CFE0-4208-940E-1BD1570E1297}"= TCP:C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:Microsoft Office Groove
"{27E9B702-D354-4CEB-AA16-0013F8A41A0A}"= UDP:C:\Program Files\Electronic Arts\Crytek\Crysis\Bin32\Crysis.exe:Crysis_32
"{4704539B-22CF-4911-B513-1582B17AD6B6}"= TCP:C:\Program Files\Electronic Arts\Crytek\Crysis\Bin32\Crysis.exe:Crysis_32
"{D331DB45-0CB3-432B-B06D-1B293BCC6B2C}"= UDP:C:\Program Files\Electronic Arts\Crytek\Crysis\Bin32\CrysisDedicatedServer.exe:CrysisDedicatedServer_32
"{65AEAACC-4C98-405E-85A5-1CC9FC92E57F}"= TCP:C:\Program Files\Electronic Arts\Crytek\Crysis\Bin32\CrysisDedicatedServer.exe:CrysisDedicatedServer_32
"{342E14A6-8CE6-4ADA-ACCF-ADFB44E87345}"= UDP:C:\Windows\System32\PnkBstrA.exe:PnkBstrA
"{2EEAB6BE-EBBA-4DD6-8AAA-F3A1F3110B07}"= TCP:C:\Windows\System32\PnkBstrA.exe:PnkBstrA
"{02DB173F-61F8-446A-91F2-1AFA3D4E9901}"= UDP:C:\Windows\System32\PnkBstrB.exe:PnkBstrB
"{0BD912AD-34CB-47A2-AA0A-24D0A1B27F51}"= TCP:C:\Windows\System32\PnkBstrB.exe:PnkBstrB

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\RestrictedServices\Static\System]
"DFSR-1"= RPort=5722|UDP:%SystemRoot%\system32\svchost.exe|Svc=DFSR:Allow inbound TCP traffic|

R0 hotcore3;hotcore3;C:\Windows\system32\drivers\hotcore3.sys [2007-09-20 16:18]
R2 Bandoo Coordinator;Bandoo Coordinator;C:\PROGRA~1\Bandoo\Bandoo.exe [2008-05-06 12:39]
R2 hl_mull;hl_mull;C:\Windows\system32\drivers\hl_mull.SYS [2008-05-21 16:40]
R2 MSSQL$VAIO_VEDB;SQL Server (VAIO_VEDB);C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2008-02-26 22:08]
R2 regi;regi;C:\Windows\system32\drivers\regi.sys [2007-04-18 06:09]
R3 R5U870FLx86;R5U870 UVC Lower Filter ;C:\Windows\system32\Drivers\R5U870FLx86.sys [2007-03-15 21:17]
R3 R5U870FUx86;R5U870 UVC Upper Filter ;C:\Windows\system32\Drivers\R5U870FUx86.sys [2007-03-15 21:17]
R3 SonyImgF;Sony Image Conversion Filter Driver;C:\Windows\system32\DRIVERS\SonyImgF.sys [2007-04-05 15:06]
R3 ti21sony;ti21sony;C:\Windows\system32\drivers\ti21sony.sys [2007-02-08 14:27]
R3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\system32\DRIVERS\yk60x86.sys [2007-02-08 14:26]
S3 ICScsiSV;Image Converter SCSI Service;C:\Program Files\Sony\Image Converter 3\ICScsiSV.exe [2007-01-26 21:41]
S3 IcVzMonLauncher;IcVzMonLauncher;C:\Program Files\Sony\Image Converter 3\IcVzMonLauncher.exe [2007-01-26 21:41]
S3 s125bus;Sony Ericsson Device 125 driver (WDM);C:\Windows\system32\DRIVERS\s125bus.sys [2007-04-24 10:33]
S3 s125mdfl;Sony Ericsson Device 125 USB WMC Modem Filter;C:\Windows\system32\DRIVERS\s125mdfl.sys [2007-04-24 10:33]
S3 s125mdm;Sony Ericsson Device 125 USB WMC Modem Driver;C:\Windows\system32\DRIVERS\s125mdm.sys [2007-04-24 10:33]
S3 s125mgmt;Sony Ericsson Device 125 USB WMC Device Management Drivers (WDM);C:\Windows\system32\DRIVERS\s125mgmt.sys [2007-04-24 10:33]
S3 s125obex;Sony Ericsson Device 125 USB WMC OBEX Interface;C:\Windows\system32\DRIVERS\s125obex.sys [2007-04-24 10:33]
S3 VAIOMediaPlatform-UCLS-AppServer;VAIO Media Content Collection;C:\Program Files\Sony\VAIO Media Integrated Server\UCLS.exe [2007-01-11 02:51]
S3 VAIOMediaPlatform-UCLS-HTTP;VAIO Media Content Collection (HTTP);C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe [2007-01-09 03:06]
S3 VAIOMediaPlatform-UCLS-UPnP;VAIO Media Content Collection (UPnP);C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe [2007-01-17 00:05]
S4 Image Converter video recording monitor for VAIO Entertainment;Image Converter video recording monitor for VAIO Entertainment;C:\Program Files\Sony\Image Converter 3\IcVzMon.exe [2007-01-26 21:41]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1217b850-1773-11dd-ac6a-001bfb19d7ca}]
\shell\AutoOpen\command - I:\.\MSOCache\90000804-6000-11D3-8CFE-0150048383C9\KB915865.exe
\shell\AutoRun\command - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL I:\.\MSOCache\90000804-6000-11D3-8CFE-0150048383C9\KB915865.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{2b0d40a1-4837-11dd-9b6c-0013a9c40f5f}]
\shell\AutoRun\command - J:\LaunchU3.exe -a

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{efbf24c0-39eb-11dd-9fff-0013a9c40f5f}]
\shell\AutoRun\command - Netlog.exe
.
- - - - ORPHANS REMOVED - - - -

MSConfigStartUp-Adobe_ID0EYTHM - C:\PROGRA~1\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE
MSConfigStartUp-AdVantage - C:\Program Files\AdVantage\AdVantage.exe
MSConfigStartUp-Corel Photo Downloader - C:\Program Files\Corel\Corel Snapfire\Corel PhotoDownloader.exe
MSConfigStartUp-googletalk - C:\Users\Vukasin\AppData\Roaming\Google\Google Talk\googletalk.exe
MSConfigStartUp-iTunesHelper - C:\Program Files\iTunes\iTunesHelper.exe
MSConfigStartUp-NapsterShell - C:\Program Files\Napster\napster.exe
MSConfigStartUp-WinampAgent - C:\Program Files\Winamp\winampa.exe


.
------- Supplementary Scan -------
.
FireFox -: Profile - C:\Users\Vukasin\AppData\Roaming\Mozilla\Firefox\Profiles\egkqkvdb.default\
FireFox -: prefs.js - STARTUP.HOMEPAGE - [Link mogu videti samo ulogovani korisnici]
FF -: plugin - C:\Users\Vukasin\AppData\Roaming\Mozilla\Firefox\Profiles\egkqkvdb.default\extensions\moveplayer@movenetworks.com\platform\WINNT_x86-msvc\plugins\npmnqmp07076007.dll


**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, [Link mogu videti samo ulogovani korisnici]
Rootkit scan 2008-08-17 13:22:29
Windows 6.0.6000 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\Windows\System32\audiodg.exe
C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
C:\Program Files\ESET\nod32krn.exe
C:\Windows\System32\PnkBstrA.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Windows\System32\stacsv.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
C:\Windows\System32\drivers\XAudio.exe
C:\Windows\System32\WUDFHost.exe
C:\Program Files\Sony\VAIO Event Service\VESMgrSub.exe
C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe
C:\Windows\System32\conime.exe
C:\Program Files\Apoint\ApMsgFwd.exe
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Apoint\ApntEx.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHSP.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosAVRC.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosOBEX.exe
.
**************************************************************************
.
Completion time: 2008-08-17 13:31:10 - machine was rebooted
ComboFix-quarantined-files.txt 2008-08-17 11:31:02

Pre-Run: 11,051,122,688 bytes free
Post-Run: 11,064,090,624 bytes free

276 --- E O F --- 2008-08-16 19:38:35



Uvek kada se startuje racunar formira se na desktop-u novi folder sa imenom New Folder koji je prazan.
Sada sam primetio i to da kada ga izbrisem i onda isklucim dugme za wireless pa ga opet ukljucim on se opet formira.

Poslao: 17 Avg 2008 14:17
Idi na vrh
offline
  • Pridružio: 04 Sep 2003
  • Poruke: 24135
  • Gde živiš: Wien

Nista, logovi su cisti (ukoliko ne racunamo da si par puta ubadao u komp inficirane USB stickove, ali izgleda da su te infekcije ociscene od strane tvog anti-virusa).

Poslao: 17 Avg 2008 15:03
Idi na vrh
offline
  • Pridružio: 04 Nov 2007
  • Poruke: 8
  • Gde živiš: Beograd,Srbija

OK.

Hvala u svakom slucaju.

MyCity » Ambulanta -> Arhiva Ambulante » New folder?

Ko je trenutno na forumu
 

Ukupno su 1490 korisnika na forumu :: 76 registrovanih, 10 sakrivenih i 1404 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 15694 - dana 01 Feb 2026 12:23

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: 33 bren, airliners, babaroga, Baždaranac, Ben Roj, Betta, blatruc82, bounty hunters, CCCP, Cirkon, darkojovxp, djboj, doom83, DrNeoCortex, dukajov, Dzoni2412, Dzuki, gale48, Georgius, grunff2, ILGromovnik, K-1A, Kajzer Soze, kontrasvijeta, kori, kreker, Kubovac, Leonov, Lieutenant, lima, ljubsz, loon123, Lucije Kvint, marera, MarkoW, marsi, mat, Medojed, mercedesamg, MIKI63, milenko crazy north, Milos ZA, milutin134, mm1811, MountAndBlade, mrvica78, neko iz mase, Nemanja.M, Niki2024, nikolapetkovic, operniki, paja69, Panter, pein, Povratak1912, raso76, samocitam, sasa87, sasovsky, Semprini, skok, Sone1983, Steeeefan, The Boss, Tvrtko I, Vanderx, VBoss, virked, vlado_pg, VX1, Walkers, Zec, zemljanin, Zoran1959, zzapNDjuric99, 79693