MyCity » Ambulanta -> Arhiva Ambulante » flesh problem

flesh problem

Napisano na dan: 27.12.2009
1

flesh problem
Sledeća strana Pagination

Idi na vrh

Poslao: 27 Dec 2009 22:25
Idi na vrh
offline
  • Pridružio: 26 Dec 2007
  • Poruke: 97

imam problem sa fleshom(pozajmio od drugara:(...) na njemu ima samo autorun koji ne mogu da izbrisem i pokazuje da ima 1.4g a fles je inace od 4g nasao je avast neke viruse: autorun.inf,curice.exe,klizavi.exe,recycler.exe,sta god sam imao na fleshu on je ubacio viruse (na drugom kompu sam to pokupio)!
ne mogu da snimam na flesh,ne mogu da ga formatiram sta da radim?


pentium 4 cpu3.ooghz
1.5g ram
windows xp professional ver.2002 service pack 3
dial ap

DDS (Ver_09-12-01.01) - NTFSx86
Run by dragan at 22:01:52.62 on Sun 12/27/2009
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_10
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1527.677 [GMT 1:00]

AV: avast! antivirus 4.8.1368 [VPS 091227-1] *On-access scanning enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}

============== Running Processes ===============

C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Advanced System Optimizer 3\ASO3DefragSrv.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
C:\Program Files\NetLimiter 2 Monitor\nlsvc.exe
C:\Program Files\CDBurnerXP\NMSAccessU.exe
C:\WINDOWS\system32\PnkBstrA.exe
c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\NetLimiter 2 Monitor\NLClient.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\DAP\DAP.EXE
C:\Documents and Settings\dragan\Desktop\dds.scr

============== Pseudo HJT Report ===============

uURLSearchHooks: DefaultSearchHook Class: {c94e154b-1459-4a47-966b-4b843befc7db} - c:\program files\asksearch\bin\DefaultSearch.dll
mWinlogon: SfcDisable=-99 (0xffffff9d)
mWinlogon: Taskman=c:\recycler\s-1-5-21-1021014418-0590927759-270325044-3174\nissan.exe
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot - search & destroy\SDHelper.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files\microsoft\search enhancement pack\search helper\SearchHelper.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\progra~1\micros~2\office12\GRA8E1~1.DLL
BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: Windows Live Toolbar Helper: {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - c:\program files\windows live\toolbar\wltcore.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: DAEMON Tools Toolbar: {32099aac-c132-4136-9e9a-4e364a424e17} - c:\program files\daemon tools toolbar\DTToolbar.dll
TB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - c:\program files\windows live\toolbar\wltcore.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [SpybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe
mRun: [igfxtray] c:\windows\system32\igfxtray.exe
mRun: [igfxhkcmd] c:\windows\system32\hkcmd.exe
mRun: [igfxpers] c:\windows\system32\igfxpers.exe
mRun: [ATIPTA] "c:\program files\ati technologies\ati control panel\atiptaxx.exe"
mRun: [avast!] c:\progra~1\alwils~1\avast4\ashDisp.exe
mRun: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
mRun: [StartCCC] "c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe" MSRun
mRun: [RTHDCPL] RTHDCPL.EXE
dRun: [msnsc] c:\windows\system32\msnsc.exe
dRunOnce: [nlsf] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll"
dRunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe
StartupFolder: c:\docume~1\dragan\startm~1\programs\startup\pravoslavac 2009.lnk - c:\program files\pravoslavac\Pravoslavac.exe
IE: &Clean Traces - c:\program files\dap\privacy package\dapcleanerie.htm
IE: &Download with &DAP - c:\program files\dap\dapextie.htm
IE: Download &all with DAP - c:\program files\dap\dapextie2.htm
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot - search & destroy\SDHelper.dll
TCP: {DD6AF472-B2B5-4706-9561-CB42AE877254} = 87.250.33.21 87.250.33.22
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\progra~1\micros~2\office12\GR99D3~1.DLL
Name-Space Handler: ftp\ZDA - {5BFA1DAF-5EDC-11D2-959E-00C00C02DA5E} - c:\progra~1\dap\dapie.dll
Name-Space Handler: http\ZDA - {5BFA1DAF-5EDC-11D2-959E-00C00C02DA5E} - c:\progra~1\dap\dapie.dll
Notify: AtiExtEvent - Ati2evxx.dll
Notify: igfxcui - igfxdev.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\progra~1\micros~2\office12\GRA8E1~1.DLL
Hosts: 127.0.0.1 www.spywareinfo.com

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\dragan\applic~1\mozilla\firefox\profiles\ba8vjz76.default\
FF - prefs.js: browser.search.defaulturl - [Link mogu videti samo ulogovani korisnici]
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - [Link mogu videti samo ulogovani korisnici]
FF - prefs.js: keyword.URL - [Link mogu videti samo ulogovani korisnici]
FF - component: c:\program files\dap\dapfirefox\components\DAPFireFox.dll
FF - plugin: c:\program files\google\update\1.2.183.13\npGoogleOneClick8.dll
FF - plugin: c:\program files\microsoft\office live\npOLW.dll
FF - plugin: c:\program files\opera 10 beta\program\plugins\npdsplay.dll
FF - plugin: c:\program files\opera 10 beta\program\plugins\npqtplugin.dll
FF - plugin: c:\program files\opera 10 beta\program\plugins\npqtplugin2.dll
FF - plugin: c:\program files\opera 10 beta\program\plugins\npqtplugin3.dll
FF - plugin: c:\program files\opera 10 beta\program\plugins\npqtplugin4.dll
FF - plugin: c:\program files\opera 10 beta\program\plugins\npqtplugin5.dll
FF - plugin: c:\program files\opera 10 beta\program\plugins\npqtplugin6.dll
FF - plugin: c:\program files\opera 10 beta\program\plugins\npwmsdrm.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA}

============= SERVICES / DRIVERS ===============

R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2009-5-4 114768]
R1 nltdi;nltdi;c:\windows\system32\drivers\nltdi.sys [2007-4-23 81688]
R2 ASO3DiskOptimizer;ASO3DiskOptimizer;c:\program files\advanced system optimizer 3\ASO3DefragSrv.exe [2009-12-6 201960]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2009-5-4 20560]
R2 avast! Antivirus;avast! Antivirus;c:\program files\alwil software\avast4\ashServ.exe [2009-5-4 138680]
R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [2009-10-9 54752]
R3 avast! Mail Scanner;avast! Mail Scanner;c:\program files\alwil software\avast4\ashMaiSv.exe [2009-5-4 254040]
R3 avast! Web Scanner;avast! Web Scanner;c:\program files\alwil software\avast4\ashWebSv.exe [2009-5-4 352920]
S0 Lbd;Lbd;c:\windows\system32\drivers\lbd.sys --> c:\windows\system32\drivers\Lbd.sys [?]
S2 gupdate1ca6a72d33c7090;Google Update Service (gupdate1ca6a72d33c7090);c:\program files\google\update\GoogleUpdate.exe [2009-11-21 133104]
S2 ioloFileInfoList;iolo FileInfoList Service;c:\program files\iolo\common\lib\ioloservicemanager.exe --> c:\program files\iolo\common\lib\ioloServiceManager.exe [?]
S2 ioloSystemService;iolo System Service;c:\program files\iolo\common\lib\ioloservicemanager.exe --> c:\program files\iolo\common\lib\ioloServiceManager.exe [?]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [2009-12-6 1684736]
S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2009-8-5 704864]

=============== Created Last 30 ================

2009-12-25 15:35:34 2974810112 ----a-w- C:\fifa.iso
2009-12-23 13:55:00 0 d-sh--w- c:\documents and settings\dragan\IECompatCache
2009-12-20 14:09:07 0 d-----w- c:\program files\EA SPORTS
2009-12-15 14:08:07 0 d-----w- c:\program files\Pocket Tanks Deluxe
2009-12-12 22:16:04 0 d--h--r- C:\AHCache
2009-12-08 15:34:02 0 d-----w- c:\docume~1\dragan\applic~1\Real Desktop
2009-12-08 15:33:57 0 d-----w- c:\program files\Real Desktop
2009-12-08 15:29:14 0 d-----w- c:\docume~1\dragan\applic~1\Locktime
2009-12-08 15:06:47 0 d-----w- c:\docume~1\alluse~1\applic~1\Locktime
2009-12-08 15:06:45 0 d-----w- c:\program files\NetLimiter 2 Monitor
2009-12-06 09:58:40 38 ----a-w- c:\windows\system32\defragboot.ini
2009-12-06 09:58:31 0 d-----w- c:\docume~1\alluse~1\applic~1\Systweak
2009-12-06 09:57:10 0 d-----w- c:\docume~1\dragan\applic~1\Systweak
2009-12-06 09:56:33 17136 ----a-w- c:\windows\system32\sasnative32.exe
2009-12-06 09:56:33 0 d-----w- c:\docume~1\alluse~1\applic~1\MyDefrag
2009-12-06 09:56:22 0 d-----w- c:\program files\Advanced System Optimizer 3
2009-12-06 09:41:25 0 d-----w- c:\program files\NCH Software
2009-12-06 01:12:37 352256 ----a-w- c:\windows\vncutil.exe
2009-12-06 01:12:36 41984 ----a-w- c:\windows\system32\RtkCoInstXP.dll
2009-12-06 01:12:36 122880 ----a-w- c:\windows\RtkAudioService.exe
2009-12-06 01:12:35 1389056 ----a-w- c:\windows\system32\drivers\Monfilt.sys
2009-12-06 01:12:33 1684736 ----a-w- c:\windows\system32\drivers\Ambfilt.sys
2009-12-06 01:12:32 0 d-----w- c:\program files\Realtek
2009-12-06 01:12:16 831488 ----a-w- c:\windows\RtlExUpd.dll
2009-12-04 21:36:14 0 ----a-w- c:\windows\ativpsrm.bin
2009-12-04 21:31:54 0 d-----w- C:\ATI
2009-12-01 20:32:00 0 d-----w- c:\program files\Activision
2009-11-28 22:45:01 0 d-----w- c:\program files\THQ
2009-11-28 21:07:10 0 ----a-w- C:\1909
2009-11-28 19:10:41 515416 ----a-w- c:\windows\system32\XAudio2_5.dll
2009-11-28 19:10:40 238936 ----a-w- c:\windows\system32\xactengine3_5.dll
2009-11-28 19:10:38 5501792 ----a-w- c:\windows\system32\d3dcsx_42.dll
2009-11-28 19:10:38 1974616 ----a-w- c:\windows\system32\D3DCompiler_42.dll
2009-11-28 19:10:36 453456 ----a-w- c:\windows\system32\d3dx10_42.dll
2009-11-28 19:10:36 235344 ----a-w- c:\windows\system32\d3dx11_42.dll
2009-11-28 19:10:34 1892184 ----a-w- c:\windows\system32\D3DX9_42.dll

==================== Find3M ====================

2009-12-15 15:21:03 691696 ----a-w- c:\windows\system32\drivers\sptd.sys
2009-11-26 23:29:00 50688 ----a-w- c:\windows\system32\wbhelp2.dll
2009-11-03 11:39:04 5940736 ----a-w- c:\windows\system32\drivers\RtkHDAud.sys
2009-11-02 10:53:30 18782720 ----a-w- c:\windows\RTHDCPL.EXE
2009-10-24 12:56:31 418480 -c--a-w- c:\windows\system32\wrap_oal.dll
2009-10-24 12:56:31 115432 -c--a-w- c:\windows\system32\OpenAL32.dll
2009-10-06 17:40:01 139152 -c--a-w- c:\docume~1\dragan\applic~1\PnkBstrK.sys
2009-10-06 17:39:54 111928 -c--a-w- c:\windows\system32\PnkBstrB.exe
2009-10-06 17:39:46 794408 -c--a-w- c:\windows\system32\pbsvc.exe
2009-10-06 17:39:46 75064 ----a-w- c:\windows\system32\PnkBstrA.exe
2009-09-30 04:18:22 3565056 ----a-w- c:\windows\system32\dllcache\ati2mtag.sys
2009-09-30 02:20:58 442368 ----a-w- c:\windows\system32\ATIDEMGX.dll
2009-09-30 02:19:56 325120 ----a-w- c:\windows\system32\ati2dvag.dll
2009-09-30 02:10:52 204800 ----a-w- c:\windows\system32\atipdlxx.dll
2009-09-30 02:10:36 155648 ----a-w- c:\windows\system32\Oemdspif.dll
2009-09-30 02:10:24 26112 ----a-w- c:\windows\system32\Ati2mdxx.exe
2009-09-30 02:10:16 43520 ----a-w- c:\windows\system32\ati2edxx.dll
2009-09-30 02:10:02 155648 ----a-w- c:\windows\system32\ati2evxx.dll
2009-09-30 02:08:50 602112 ----a-w- c:\windows\system32\ati2evxx.exe
2009-09-30 02:08:48 307200 ----a-w- c:\windows\system32\atiiiexx.dll
2009-09-30 02:07:30 53248 ----a-w- c:\windows\system32\ATIDDC.DLL
2009-09-30 02:07:08 11845632 ----a-w- c:\windows\system32\atioglxx.dll
2009-09-30 02:00:06 3818272 ----a-w- c:\windows\system32\ati3duag.dll
2009-09-30 01:47:22 2670592 ----a-w- c:\windows\system32\ativvaxx.dll
2009-09-30 01:46:56 887724 ----a-w- c:\windows\system32\ativva6x.dat
2009-09-30 01:34:06 49664 ----a-w- c:\windows\system32\amdpcom32.dll
2009-09-30 01:30:32 475136 ----a-w- c:\windows\system32\atikvmag.dll
2009-09-30 01:28:54 126976 ----a-w- c:\windows\system32\atiadlxx.dll
2009-09-30 01:28:36 17408 ----a-w- c:\windows\system32\atitvo32.dll
2009-09-30 01:27:54 45056 ----a-w- c:\windows\system32\aticalrt.dll
2009-09-30 01:27:42 45056 ----a-w- c:\windows\system32\aticalcl.dll
2009-09-30 01:26:52 290816 ----a-w- c:\windows\system32\atiok3x2.dll
2009-09-30 01:26:04 3227648 ----a-w- c:\windows\system32\aticaldd.dll
2009-09-30 01:22:42 626688 ----a-w- c:\windows\system32\ati2cqag.dll
2009-09-29 20:15:00 593920 ------w- c:\windows\system32\ati2sgag.exe

============= FINISH: 22:02:32.45 ===============

[Link mogu videti samo ulogovani korisnici]

[Link mogu videti samo ulogovani korisnici]

[Link mogu videti samo ulogovani korisnici]

[Link mogu videti samo ulogovani korisnici]



Poslao: 27 Dec 2009 22:59
Idi na vrh
offline
  • Pridružio: 04 Jan 2009
  • Poruke: 2168

Pozdrav...

Napomena: Nemoj priključivati usb memorijske uređaje dok god ti ne budem rekao da ih priključiš.


Isprati sledeće uputstvo...


Preuzmi sUBs-ov ComboFix sa sledeće adrese na Desktop:


Bleeping Computer
Klikni desnim tasterom na link i odaberi opciju Save Target As... (Save Link As..., Save Linked Content As... ili sličnu);
Kada se otvori dijalog za izbor lokacije na kojoj treba sačuvati file, odaberi Desktop i klikni Save.



Kada preuzimanje programa bude završeno:
deaktiviraj zaštitni softver (uputstvo);
zatvori pokrenute programe;
dvoklikom pokreni program ComboFix.
U toku rada, ComboFix će:proveriti postoji li novija verzija programa:
klikni Yes ako bude ponuđeno preuzimanje iste. prikazati DISCLAIMER OF WARRANTY ON SOFTWARE:
klikni Yes kako bi proces bio nastavljen.ako Recovery Console nije instalirana, ponuditi instalaciju:
obavezno prihvati klikom na Yes i isprati postupak.postaviti/dati određeni broj upita/obaveštenja:
prihvati klikom na Yes ili OK.po potrebi, restartovati Windows (više puta);
na kraju rada, otvoriti Notepad sa izveštajem o skeniranju.

Iskopiraj izveštaj koji je ComboFix napravio u temu na forumu:
klikni desnim tasterom miša u prozor Notepad-a i izaberi Select All;
klikni desnim tasterom miša na obeleženi tekst i izaberi Copy;
klikni desnim tasterom miša u polje za pisanje poruke i izaberi Paste.

Napomena:Izveštaj će biti sačuvan pod nazivom ComboFix.txt na sistemskoj particiji (tipična lokacija: C:\ComboFix.txt);
Ukoliko nakon slanja poruke primetiš da izveštaj nije kompletan, iskoristi opciju Prikači fajl za prilaganje file-a C:\ComboFix.txt uz poruku.



Poslao: 28 Dec 2009 16:09
Idi na vrh
offline
  • Pridružio: 26 Dec 2007
  • Poruke: 97

Napisano: 28 Dec 2009 2:18

ComboFix 09-12-26.05 - dragan 12/28/2009 1:49.1.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1527.911 [GMT 1:00]
Running from: c:\documents and settings\dragan\Desktop\ComboFix.exe
AV: avast! antivirus 4.8.1368 [VPS 091227-1] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\desktop.ini
c:\program files\AskSearch\bin\DefaultSearch.dll
c:\recycler\S-1-5-21-1021014418-0590927759-270325044-3174
c:\recycler\S-1-5-21-3404941617-8258411286-255512666-4089
c:\recycler\S-1-5-21-4608540425-3293630619-475748746-9565
c:\recycler\S-1-5-21-6880283687-1465265892-459987151-5026
c:\recycler\S-1-5-21-7849976882-6472749022-611194407-1219
c:\recycler\S-1-5-21-8365874735-6851995393-907373698-2981

.
((((((((((((((((((((((((( Files Created from 2009-11-28 to 2009-12-28 )))))))))))))))))))))))))))))))
.

2009-12-23 13:55 . 2009-12-23 13:55 -------- d-sh--w- c:\documents and settings\dragan\IECompatCache
2009-12-20 14:09 . 2009-12-20 14:09 -------- d-----w- c:\program files\EA SPORTS
2009-12-15 14:08 . 2009-12-15 14:08 -------- d-----w- c:\program files\Pocket Tanks Deluxe
2009-12-12 22:16 . 2009-12-12 22:16 -------- d-----r- C:\AHCache
2009-12-10 23:01 . 2009-12-10 23:01 -------- d-sh--w- c:\documents and settings\NetworkService\IETldCache
2009-12-08 15:34 . 2009-12-08 15:34 -------- d-----w- c:\documents and settings\dragan\Application Data\Real Desktop
2009-12-08 15:33 . 2009-12-08 15:33 -------- d-----w- c:\program files\Real Desktop
2009-12-08 15:29 . 2009-12-08 15:29 -------- d-----w- c:\documents and settings\dragan\Application Data\Locktime
2009-12-08 15:10 . 2009-12-08 15:10 -------- d-----w- c:\program files\Opera
2009-12-08 15:06 . 2009-12-08 15:06 -------- d-----w- c:\documents and settings\All Users\Application Data\Locktime
2009-12-08 15:06 . 2009-12-08 15:06 -------- d-----w- c:\program files\NetLimiter 2 Monitor
2009-12-06 09:58 . 2009-12-06 09:58 -------- d-----w- c:\documents and settings\All Users\Application Data\Systweak
2009-12-06 09:57 . 2009-12-06 09:57 -------- d-----w- c:\documents and settings\dragan\Application Data\Systweak
2009-12-06 09:56 . 2009-12-06 09:56 -------- d-----w- c:\documents and settings\All Users\Application Data\MyDefrag
2009-12-06 09:56 . 2009-08-19 15:49 17136 ----a-w- c:\windows\system32\sasnative32.exe
2009-12-06 09:56 . 2009-12-06 09:58 -------- d-----w- c:\program files\Advanced System Optimizer 3
2009-12-06 09:41 . 2009-12-06 09:41 -------- d-----w- c:\documents and settings\All Users\Application Data\NCH Software
2009-12-06 09:41 . 2009-12-06 09:41 -------- d-----w- c:\program files\NCH Software
2009-12-06 01:12 . 2009-10-08 06:24 352256 ----a-w- c:\windows\vncutil.exe
2009-12-06 01:12 . 2009-10-23 10:53 41984 ----a-w- c:\windows\system32\RtkCoInstXP.dll
2009-12-06 01:12 . 2009-03-17 06:07 122880 ----a-w- c:\windows\RtkAudioService.exe
2009-12-06 01:12 . 2006-01-04 07:41 1389056 ----a-w- c:\windows\system32\drivers\Monfilt.sys
2009-12-06 01:12 . 2008-08-05 12:10 1684736 ----a-w- c:\windows\system32\drivers\Ambfilt.sys
2009-12-06 01:12 . 2009-12-06 01:12 -------- d-----w- c:\program files\Realtek
2009-12-06 01:12 . 2009-11-02 05:48 831488 ----a-w- c:\windows\RtlExUpd.dll
2009-12-04 21:37 . 2009-12-04 21:37 -------- d-----w- c:\documents and settings\dragan\Local Settings\Application Data\ATI
2009-12-04 21:37 . 2009-12-04 21:37 -------- d-----w- c:\documents and settings\dragan\Application Data\ATI
2009-12-04 21:37 . 2009-12-04 21:37 -------- d-----w- c:\documents and settings\All Users\Application Data\ATI
2009-12-04 21:36 . 2009-12-04 21:36 0 ----a-w- c:\windows\ativpsrm.bin
2009-12-04 21:31 . 2009-12-04 21:31 -------- d-----w- C:\ATI
2009-12-01 20:32 . 2009-12-01 20:32 -------- d-----w- c:\program files\Activision
2009-11-28 22:45 . 2009-12-04 21:27 -------- d-----w- c:\program files\THQ
2009-11-28 19:10 . 2009-09-04 16:44 515416 ----a-w- c:\windows\system32\XAudio2_5.dll
2009-11-28 19:10 . 2009-09-04 16:44 238936 ----a-w- c:\windows\system32\xactengine3_5.dll
2009-11-28 19:10 . 2009-09-04 16:29 5501792 ----a-w- c:\windows\system32\d3dcsx_42.dll
2009-11-28 19:10 . 2009-09-04 16:29 1974616 ----a-w- c:\windows\system32\D3DCompiler_42.dll
2009-11-28 19:10 . 2009-09-04 16:29 453456 ----a-w- c:\windows\system32\d3dx10_42.dll
2009-11-28 19:10 . 2009-09-04 16:29 235344 ----a-w- c:\windows\system32\d3dx11_42.dll
2009-11-28 19:10 . 2009-09-04 16:29 1892184 ----a-w- c:\windows\system32\D3DX9_42.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-12-28 00:45 . 2009-11-26 23:29 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2009-12-25 18:22 . 2009-06-03 22:06 -------- d-----w- c:\documents and settings\All Users\Application Data\Lavasoft
2009-12-25 16:28 . 2009-08-30 22:12 -------- d-----w- c:\documents and settings\dragan\Application Data\AIMP
2009-12-25 16:24 . 2009-08-31 10:03 -------- d-----w- c:\program files\Opera 10 Beta
2009-12-15 16:44 . 2009-06-18 14:47 -------- d-----w- c:\documents and settings\dragan\Application Data\DAEMON Tools Lite
2009-12-15 16:42 . 2009-06-18 14:47 -------- d-----w- c:\program files\DAEMON Tools Lite
2009-12-15 15:21 . 2009-06-18 14:47 -------- d-----w- c:\program files\DAEMON Tools Toolbar
2009-12-15 15:21 . 2009-05-04 10:08 691696 ----a-w- c:\windows\system32\drivers\sptd.sys
2009-12-15 15:20 . 2009-06-18 14:47 -------- d-----w- c:\documents and settings\All Users\Application Data\DAEMON Tools Lite
2009-12-08 15:14 . 2009-07-25 13:39 -------- d-----w- c:\documents and settings\dragan\Application Data\Winamp
2009-12-08 15:12 . 2009-07-25 13:39 -------- d-----w- c:\program files\Winamp
2009-12-06 16:58 . 2009-05-04 10:06 -------- d-----w- c:\program files\AIMP2
2009-12-06 10:00 . 2009-08-31 09:36 -------- d-----w- c:\documents and settings\dragan\Application Data\FreshDiagnose
2009-12-06 01:12 . 2009-05-04 01:18 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-12-04 21:35 . 2009-05-04 01:18 -------- d-----w- c:\program files\ATI Technologies
2009-12-02 22:26 . 2009-11-22 22:42 -------- d-----w- c:\program files\Common Files\Adobe
2009-12-02 16:24 . 2009-05-09 15:27 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2009-11-28 19:58 . 2009-06-05 15:33 -------- d-----w- c:\program files\Common Files\DVDVideoSoft
2009-11-26 23:47 . 2009-05-04 01:14 -------- d-----w- c:\program files\QuickTime Alternative
2009-11-26 23:47 . 2009-11-26 23:47 -------- d-----w- c:\program files\Common Files\Apple
2009-11-26 23:47 . 2009-11-26 23:47 -------- d-----w- c:\program files\Apple Software Update
2009-11-26 23:47 . 2009-11-26 23:47 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple
2009-11-26 23:30 . 2009-11-26 23:28 -------- d-----w- c:\program files\DAP
2009-11-26 23:29 . 2009-11-26 23:29 -------- d-----w- c:\documents and settings\All Users\Application Data\SpeedBit
2009-11-26 23:29 . 2009-11-26 23:29 50688 ----a-w- c:\windows\system32\wbhelp2.dll
2009-11-24 23:54 . 2009-05-04 09:39 1280480 ----a-w- c:\windows\system32\aswBoot.exe
2009-11-24 23:51 . 2009-05-04 09:40 93424 ----a-w- c:\windows\system32\drivers\aswmon.sys
2009-11-24 23:50 . 2009-05-04 09:40 94160 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2009-11-24 23:50 . 2009-05-04 09:40 114768 ----a-w- c:\windows\system32\drivers\aswSP.sys
2009-11-24 23:50 . 2009-05-04 09:40 20560 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2009-11-24 23:49 . 2009-05-04 09:40 48560 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2009-11-24 23:48 . 2009-05-04 09:40 23120 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2009-11-24 23:47 . 2009-05-04 09:40 27408 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2009-11-24 23:47 . 2009-05-04 09:40 97480 ----a-w- c:\windows\system32\AvastSS.scr
2009-11-22 22:43 . 2009-11-22 22:43 -------- d-----w- c:\program files\Common Files\Adobe AIR
2009-11-22 16:53 . 2009-10-10 11:33 -------- d-----w- c:\documents and settings\dragan\Application Data\IObit
2009-11-21 09:22 . 2009-09-29 14:35 -------- d-----w- c:\program files\Google
2009-11-21 06:41 . 2009-11-21 06:41 -------- d-----w- c:\program files\Lavalys
2009-11-21 06:03 . 2009-11-21 06:01 -------- d-----w- c:\documents and settings\dragan\Application Data\WeatherPulse
2009-11-14 08:15 . 2009-08-30 22:23 -------- d-----w- c:\program files\Codebox
2009-11-14 07:22 . 2009-05-21 19:03 -------- d-----w- c:\program files\Ubisoft
2009-11-08 16:30 . 2009-05-09 15:27 -------- d-----w- c:\documents and settings\dragan\Application Data\InstallShield
2009-11-03 11:39 . 2009-05-04 01:23 5940736 ----a-w- c:\windows\system32\drivers\RtkHDAud.sys
2009-11-02 10:53 . 2009-05-04 01:23 18782720 ----a-w- c:\windows\RTHDCPL.EXE
2009-10-30 11:10 . 2009-10-30 11:10 1183176 ----a-w- c:\documents and settings\dragan\Application Data\Mozilla\Firefox\Profiles\ba8vjz76.default\extensions\DTToolbar@toolbarnet.com\components\DTToolbarFF.dll
2009-10-24 12:56 . 2009-09-06 19:09 418480 -c--a-w- c:\windows\system32\wrap_oal.dll
2009-10-24 12:56 . 2009-09-06 19:09 115432 -c--a-w- c:\windows\system32\OpenAL32.dll
2009-10-06 17:40 . 2009-10-06 17:40 139152 -c--a-w- c:\windows\system32\drivers\PnkBstrK.sys
2009-10-06 17:40 . 2009-10-06 17:40 139152 -c--a-w- c:\documents and settings\dragan\Application Data\PnkBstrK.sys
2009-10-06 17:40 . 2009-10-06 17:40 139152 -c--a-w- c:\documents and settings\dragan\Application Data\PnkBstrK.sys
2009-10-06 17:39 . 2009-10-06 17:39 111928 -c--a-w- c:\windows\system32\PnkBstrB.exe
2009-10-06 17:39 . 2009-10-06 17:39 794408 -c--a-w- c:\windows\system32\pbsvc.exe
2009-10-06 17:39 . 2009-10-06 17:39 75064 ----a-w- c:\windows\system32\PnkBstrA.exe
2009-09-30 04:18 . 2009-05-04 01:57 3565056 ----a-w- c:\windows\system32\drivers\ati2mtag.sys
2009-09-30 02:20 . 2007-08-22 02:09 442368 ----a-w- c:\windows\system32\ATIDEMGX.dll
2009-09-30 02:19 . 2009-05-04 01:56 325120 ----a-w- c:\windows\system32\ati2dvag.dll
2009-09-30 02:10 . 2009-05-04 01:57 204800 ----a-w- c:\windows\system32\atipdlxx.dll
2009-09-30 02:10 . 2009-05-04 01:57 155648 ----a-w- c:\windows\system32\Oemdspif.dll
2009-09-30 02:10 . 2009-05-04 01:57 26112 ----a-w- c:\windows\system32\Ati2mdxx.exe
2009-09-30 02:10 . 2009-05-04 01:56 43520 ----a-w- c:\windows\system32\ati2edxx.dll
2009-09-30 02:10 . 2009-05-04 01:56 155648 ----a-w- c:\windows\system32\ati2evxx.dll
2009-09-30 02:08 . 2009-05-04 01:57 602112 ----a-w- c:\windows\system32\ati2evxx.exe
2009-09-30 02:08 . 2009-05-04 01:56 307200 ----a-w- c:\windows\system32\atiiiexx.dll
2009-09-30 02:07 . 2009-05-04 01:56 53248 ----a-w- c:\windows\system32\ATIDDC.DLL
2009-09-30 02:07 . 2009-05-04 01:56 11845632 ----a-w- c:\windows\system32\atioglxx.dll
2009-09-30 02:00 . 2009-05-04 01:56 3818272 ----a-w- c:\windows\system32\ati3duag.dll
2009-09-30 01:47 . 2009-05-04 01:57 2670592 ----a-w- c:\windows\system32\ativvaxx.dll
2009-09-30 01:46 . 2007-08-22 01:35 887724 ----a-w- c:\windows\system32\ativva6x.dat
2009-09-30 01:34 . 2009-09-30 01:34 49664 ----a-w- c:\windows\system32\amdpcom32.dll
2009-09-30 01:30 . 2009-05-04 01:56 475136 ----a-w- c:\windows\system32\atikvmag.dll
2009-09-30 01:28 . 2009-09-30 01:28 126976 ----a-w- c:\windows\system32\atiadlxx.dll
2009-09-30 01:28 . 2009-05-04 01:57 17408 ----a-w- c:\windows\system32\atitvo32.dll
2009-09-30 01:27 . 2009-05-04 01:56 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2009-09-30 01:27 . 2009-09-30 01:27 45056 ----a-w- c:\windows\system32\aticalrt.dll
2009-09-30 01:27 . 2009-09-30 01:27 45056 ----a-w- c:\windows\system32\aticalcl.dll
2009-09-30 01:26 . 2007-08-22 01:15 290816 ----a-w- c:\windows\system32\atiok3x2.dll
2009-09-30 01:26 . 2009-09-30 01:26 3227648 ----a-w- c:\windows\system32\aticaldd.dll
2009-09-30 01:22 . 2009-05-04 01:56 626688 ----a-w- c:\windows\system32\ati2cqag.dll
2009-09-29 20:15 . 2009-05-11 11:01 593920 ------w- c:\windows\system32\ati2sgag.exe
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"igfxtray"="c:\windows\system32\igfxtray.exe" [2005-08-24 94208]
"igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2005-08-24 77824]
"igfxpers"="c:\windows\system32\igfxpers.exe" [2005-08-24 114688]
"ATIPTA"="c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2005-10-28 344064]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-11-24 81000]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-09-29 61440]
"RTHDCPL"="RTHDCPL.EXE" [2009-11-02 18782720]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"nlsf"="move" [X]
"tscuninstall"="c:\windows\system32\tscupgrd.exe" [2006-01-13 44544]

c:\documents and settings\dragan\Start Menu\Programs\Startup\
Pravoslavac 2009.lnk - c:\program files\Pravoslavac\Pravoslavac.exe [2009-5-4 1547746]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0sasnative32

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@=""

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Ubisoft\\Tom Clancy's Splinter Cell Double Agent\\SCDA-Offline\\System\\SplinterCell4.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\java.exe"=
"c:\\Program Files\\Activision\\Modern Warfare 2\\iw4mp.exe"=
"c:\\Program Files\\Opera\\opera.exe"=

R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [5/4/2009 10:40 AM 114768]
R1 nltdi;nltdi;c:\windows\system32\drivers\nltdi.sys [4/23/2007 5:08 PM 81688]
R2 ASO3DiskOptimizer;ASO3DiskOptimizer;c:\program files\Advanced System Optimizer 3\ASO3DefragSrv.exe [12/6/2009 10:56 AM 201960]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [5/4/2009 10:40 AM 20560]
R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [10/9/2009 11:07 PM 54752]
S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys --> c:\windows\system32\DRIVERS\Lbd.sys [?]
S0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [5/4/2009 11:08 AM 691696]
S2 gupdate1ca6a72d33c7090;Google Update Service (gupdate1ca6a72d33c7090);c:\program files\Google\Update\GoogleUpdate.exe [11/21/2009 7:21 AM 133104]
S2 ioloFileInfoList;iolo FileInfoList Service;c:\program files\iolo\common\lib\ioloServiceManager.exe --> c:\program files\iolo\common\lib\ioloServiceManager.exe [?]
S2 ioloSystemService;iolo System Service;c:\program files\iolo\common\lib\ioloServiceManager.exe --> c:\program files\iolo\common\lib\ioloServiceManager.exe [?]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [12/6/2009 2:12 AM 1684736]
S3 fsssvc;Windows Live Family Safety Service;c:\program files\Windows Live\Family Safety\fsssvc.exe [8/5/2009 9:48 PM 704864]
.
------- Supplementary Scan -------
.
IE: &Clean Traces - c:\program files\DAP\Privacy Package\dapcleanerie.htm
IE: &Download with &DAP - c:\program files\DAP\dapextie.htm
IE: Download &all with DAP - c:\program files\DAP\dapextie2.htm
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
Name-Space Handler: ftp\ZDA - {5BFA1DAF-5EDC-11D2-959E-00C00C02DA5E} - c:\progra~1\DAP\dapie.dll
Name-Space Handler: http\ZDA - {5BFA1DAF-5EDC-11D2-959E-00C00C02DA5E} - c:\progra~1\DAP\dapie.dll
FF - ProfilePath - c:\documents and settings\dragan\Application Data\Mozilla\Firefox\Profiles\ba8vjz76.default\
FF - prefs.js: browser.search.defaulturl - [Link mogu videti samo ulogovani korisnici]
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - [Link mogu videti samo ulogovani korisnici]
FF - prefs.js: keyword.URL - [Link mogu videti samo ulogovani korisnici]
FF - component: c:\program files\DAP\DAPFireFox\components\DAPFireFox.dll
FF - plugin: c:\program files\Google\Update\1.2.183.13\npGoogleOneClick8.dll
FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll
FF - plugin: c:\program files\Opera 10 Beta\program\plugins\npqtplugin.dll
FF - plugin: c:\program files\Opera 10 Beta\program\plugins\npqtplugin2.dll
FF - plugin: c:\program files\Opera 10 Beta\program\plugins\npqtplugin3.dll
FF - plugin: c:\program files\Opera 10 Beta\program\plugins\npqtplugin4.dll
FF - plugin: c:\program files\Opera 10 Beta\program\plugins\npqtplugin5.dll
FF - plugin: c:\program files\Opera 10 Beta\program\plugins\npqtplugin6.dll
FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll
.
- - - - ORPHANS REMOVED - - - -

HKU-Default-Run-msnsc - c:\windows\system32\msnsc.exe
AddRemove-LifeGlobe Sharks, Terrors of the Deep_is1 - c:\program files\Prolific Publishing



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, [Link mogu videti samo ulogovani korisnici]
Rootkit scan 2009-12-28 01:53
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_USERS\S-1-5-21-448539723-796845957-725345543-1003\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:7e,d4,ce,4a,0b,01,a2,46,ee,69,8d,96,34,0b,65,6d,fb,29,52,36,f9,83,47,
4e,8a,74,01,68,02,d9,c8,77,32,f4,a7,bd,da,36,bf,02,ca,31,e0,45,ec,c1,39,97,\
"??"=hex:8a,e2,b0,b3,90,b9,b2,59,df,4c,b4,5f,ea,17,d5,b7

[HKEY_USERS\S-1-5-21-448539723-796845957-725345543-1003\Software\SecuROM\License information*]
"datasecu"=hex:81,4a,29,81,cf,e5,aa,e0,14,9b,4b,1f,ff,9d,d7,37,4e,e6,15,40,5b,
55,13,57,28,82,68,c5,81,77,9e,f3,67,60,62,e7,cd,97,39,1d,5a,3c,89,ae,ef,e8,\
"rkeysecu"=hex:fb,05,da,b0,a2,1d,a6,52,e3,1e,94,ec,2a,54,19,2f
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(768-)
c:\windows\system32\Ati2evxx.dll
.
Completion time: 2009-12-28 01:54:57
ComboFix-quarantined-files.txt 2009-12-28 00:54

Pre-Run: 38,906,216,448 bytes free
Post-Run: 38,869,495,808 bytes free

- - End Of File - - 38CD313E5DEF98CDA13B5CC8D942251D

Dopuna: 28 Dec 2009 16:09

pozz
sta dalje?

Poslao: 28 Dec 2009 20:26
Idi na vrh
offline
  • Pridružio: 04 Jan 2009
  • Poruke: 2168

Korak 1.


Preuzmi reg file na Desktop sa dole navedenog linka i pokreni ga dvoklikom na ikonicu.

Kada se pojavi MsgBox klikni na Yes pa na drugom MsgBox_u koji se pojavi klikni na Ok.

Arrow [Link mogu videti samo ulogovani korisnici]



Korak 2.


- Preuzmi USBNoRisk na Desktop i pokreni ga duplim klikom na ikonicu programa.
- Sacekaj koji sekund dok program izvrsi inicijalno skeniranje.
- Ubacuj sve USB memorijske uredjaje redom u USB slot i svaki zadrzi u slotu po 10 sekundi.
- Ukoliko imas vise uredjaja za proveru, onda na parcetu papira zapisi kojim redom su ubacivani jer ce nam kasnije trebati taj podatak
- Kada zavrsis sa svim uredjajima, klikni desno dugme misa na sred prozora programa i odaberi opciju Save log. To ce automatski otvoriti log u Notepadu. Iskopiraj nam taj log iz Notepada na forum.

Objasnjenje: U USB memorijske uredjaje spadaju svi oni uredjaji koji po prikljucivanju na kompjuter dobijaju svoju oznaku particije. Tu spadaju USB flash drajvovi, eksterni hard-diskovi, memorijske kartice, MP3 i MP4 plejeri, neki mobilni telefoni, neki GPS (navigacioni) uredjaji itd.

Poslao: 28 Dec 2009 21:50
Idi na vrh
offline
  • Pridružio: 26 Dec 2007
  • Poruke: 97

pa imam dva flsha,jedan koji je zarezen i drugi(koje do sada nisam ubacivao)
telefon sa usb kablom koji nisam koristio skoro,i demon tools virtuelni drajv--ako i to spada u to.
ili samo ovaj zarazeni?
e sad,znaci svaki od ovih uredjaja u svaki usb ulaz(slot) ili je ne bitno?
pozz

Poslao: 28 Dec 2009 22:23
Idi na vrh
offline
  • Pridružio: 04 Jan 2009
  • Poruke: 2168

Ubaci samo onaj zaraženi ukoliko nećeš da proveriš i ostale da li su zaraženi.

Da pojasnim uputstvo.

Pokreneš USBNoRisk i sačekaš desetak sekundi, zatim priključiš usb uređaj i opet sačekaš deset sekundi.

Izvadiš taj usb uređaj, priključiš drugi i opet sačekaš deset sekundi...pa treći....itd.

Ukoliko ćeš proveravati više uređaja zapamti/zapiši redosled po kom si ih priključivao da bih ja mogao da ti dam dalja uputstva.

Kada odradiš ovaj deo posla, desni klik mišem u beli okvir prozora i odaberi opciju Save log.

Otvoriće ti se Notepad i taj tekst koji bude u njemu iskopiraj ovde u poruci.

Poslao: 29 Dec 2009 00:54
Idi na vrh
offline
  • Pridružio: 26 Dec 2007
  • Poruke: 97

USBNoRisk 2.5 (26 July 2009) by bobby

Started at 12/29/2009 12:42:21 AM

Searching for connected USB Mass storage...
----------------------------------------
========================================

Searching for other storage...
----------------------------------------
C: {ae9a5e84-384a-11de-bd56-806d6172696f}
D: {ae9a5e85-384a-11de-bd56-806d6172696f}
E: {ae9a5e86-384a-11de-bd56-806d6172696f}
========================================


Scanning fixed storage...
----------------------------------------

No blocked files found on C:
No Autorun.inf files found on C:
No mountpoint found for C:
No mountpoint found for ae9a5e84-384a-11de-bd56-806d6172696f
No Desktop.ini files found on C:
----------------------------------------

No blocked files found on D:
No Autorun.inf files found on D:
No mountpoint found for D:
No mountpoint found for ae9a5e85-384a-11de-bd56-806d6172696f
No Desktop.ini files found on D:
----------------------------------------

No blocked files found on E:
No Autorun.inf files found on E:
No mountpoint found for E:
No mountpoint found for ae9a5e86-384a-11de-bd56-806d6172696f
No Desktop.ini files found on E:
----------------------------------------

========================================
Initial scan finished!
========================================


New device connected at 12/29/2009 12:42:43 AM

Scanning for connected USB mass storage...
----------------------------------------
H: {d6d2c7ce-384d-11de-a624-0016e66f64ac}
Added H:
========================================

Scanning USB mass storage for files...
----------------------------------------
No blocked files found on H:
----------------------------------------
No Autorun.inf files found on H:
No mountpoint found for d6d2c7ce-384d-11de-a624-0016e66f64ac
----------------------------------------

No Desktop.ini files found on H:
----------------------------------------

No mimics found on drive H:
========================================

========================================
Removed H:
========================================


New device connected at 12/29/2009 12:43:16 AM

Scanning for connected USB mass storage...
----------------------------------------
H: {bb2a70ca-d04c-11de-a772-0016e66f64ac}
Added H:
========================================

Scanning USB mass storage for files...
----------------------------------------
No blocked files found on H:
----------------------------------------
autorun.inf found on H:
----------------------------------------
File H:\autorun.inf renamed successfully

Content of H:\autorun.inf.blocked
----------------------------------------
;aØ??ëÁ?á???[t??f??ÁVMm???à?_????Úü?ðèòÈúI?J?x?
[autorun
;sà?sg?Â_??gìxâþÍ??
open=KLIZAVI/sapun.exe
;b??è?s??g????:ý?)vÌ?x?m?X?E?O?üe,~?bFmw??é?O?W?Y??xo??ç???tä)&??`J??bNy?ÁwEd??À#}?ÓIOr?ñ??ìéÌ???OÖBwe??À???È??Ã]?àð&?üë?ÜÝ^Ý<?
icon=%SystemRoot%\system32\SHELL32.dll,4
;??tëCé?ùààtykY?Ãò??ÿIvÍCIò-L?m??ë???#?íD?Ý?ð??Eù?dm?@?FôkmÁ[M
shell\\open\\command=KLIZAVI/sapun.exe
;ré?d??fÏùùIC???CÁ??wâÓt?Ô?sðW?ÔwbfæeY???í?????Ãè?d?Æ????Êç?Áç+?t?[a?Ã?
shell\\explore\\command=KLIZAVI/sapun.exe
;????ò?ÖmíFÒ???Ã?r?à?fsWÌNE?????????a??ùs?LmaìÃk%:üZ??òÂ?Nä?A?ØCv??éí??f?åÁäs?èY?è???AjA
useautoplay=1
;Òeú?màò???*???%sFRCèY
----------------------------------------

Files referenced from H:\autorun.inf.blocked
----------------------------------------
None
----------------------------------------

No mountpoint found for bb2a70ca-d04c-11de-a772-0016e66f64ac
----------------------------------------

----------------------------------------
Desktop.ini found at H:\curice\ contains interesting CLSID string
----------------------------------------
[.ShellClassInfo]
CLSID={645FF040-5081-101B-9F08-00AA002F954E}
----------------------------------------
HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},InfoTip = @%SystemRoot%\system32\SHELL32.dll,-22915
HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},IntroText = @%SystemRoot%\system32\SHELL32.dll,-31748
HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},LocalizedString = @%SystemRoot%\system32\SHELL32.dll,-8964
HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,@ = %SystemRoot%\System32\shell32.dll,31
HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,Empty = %SystemRoot%\System32\shell32.dll,31
HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,Full = %SystemRoot%\System32\shell32.dll,32
HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\InProcServer32,@ = shell32.dll
HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},InfoTip = @%SystemRoot%\system32\SHELL32.dll,-22915
HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},IntroText = @%SystemRoot%\system32\SHELL32.dll,-31748
HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},LocalizedString = @%SystemRoot%\system32\SHELL32.dll,-8964
HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,@ = %SystemRoot%\System32\shell32.dll,31
HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,Empty = %SystemRoot%\System32\shell32.dll,31
HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,Full = %SystemRoot%\System32\shell32.dll,32
HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\InProcServer32,@ = shell32.dll
----------------------------------------
Desktop.ini found at H:\KLIZAVI\ contains interesting CLSID string
----------------------------------------
[.ShellClassInfo]
CLSID={645FF040-5081-101B-9F08-00AA002F954E}
----------------------------------------
HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},InfoTip = @%SystemRoot%\system32\SHELL32.dll,-22915
HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},IntroText = @%SystemRoot%\system32\SHELL32.dll,-31748
HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},LocalizedString = @%SystemRoot%\system32\SHELL32.dll,-8964
HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,@ = %SystemRoot%\System32\shell32.dll,31
HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,Empty = %SystemRoot%\System32\shell32.dll,31
HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,Full = %SystemRoot%\System32\shell32.dll,32
HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\InProcServer32,@ = shell32.dll
HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},InfoTip = @%SystemRoot%\system32\SHELL32.dll,-22915
HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},IntroText = @%SystemRoot%\system32\SHELL32.dll,-31748
HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},LocalizedString = @%SystemRoot%\system32\SHELL32.dll,-8964
HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,@ = %SystemRoot%\System32\shell32.dll,31
HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,Empty = %SystemRoot%\System32\shell32.dll,31
HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,Full = %SystemRoot%\System32\shell32.dll,32
HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\InProcServer32,@ = shell32.dll
----------------------------------------

No mimics found on drive H:
========================================

========================================
Removed H:
========================================


New device connected at 12/29/2009 12:44:33 AM

Scanning for connected USB mass storage...
----------------------------------------

========================================
New drive connected, but USBNoRisk can't find it
========================================



New device connected at 12/29/2009 12:44:33 AM

Scanning for connected removable storage...
----------------------------------------

========================================
New drive connected, but USBNoRisk can't find it
========================================

========================================

========================================
========================================

========================================
========================================

========================================

Poslao: 29 Dec 2009 15:34
Idi na vrh
offline
  • Pridružio: 04 Jan 2009
  • Poruke: 2168

- Pokrenuti USBNoRisk i sačekati da izvrši inicijalno skeniranje.

- Po završetku inicijalnog skeniranja priključiti USB memorijski uređaj.
(drugi po redosledu po kom si ih priključivao).

- Kliknuti na karticu Script;

U beli okvir prozora iskopirati sledeći tekst:

{bb2a70ca-d04c-11de-a772-0016e66f64ac}
folder_list:H:\curice\
folder_list:H:\KLIZAVI\
folder_list:%DRIVE%

- Izvršiti komandu klikom na taster Run Script;



Po izvršenju komande USBNoRisk će se automatski vratiti na karticu Monitor;

- Uraditi desni klik unutar belog okvira prozora i odabrati opciju Save Log;

Otvoriće se prozor Notepad_a sa tekstom koji je potrebno iskopirati ovde u poruci.

Poslao: 30 Dec 2009 00:19
Idi na vrh
offline
  • Pridružio: 26 Dec 2007
  • Poruke: 97

USBNoRisk 2.5 (26 July 2009) by bobby

Started at 12/30/2009 12:09:38 AM

Searching for connected USB Mass storage...
----------------------------------------
========================================

Searching for other storage...
----------------------------------------
C: {ae9a5e84-384a-11de-bd56-806d6172696f}
D: {ae9a5e85-384a-11de-bd56-806d6172696f}
E: {ae9a5e86-384a-11de-bd56-806d6172696f}
========================================


Scanning fixed storage...
----------------------------------------

No blocked files found on C:
No Autorun.inf files found on C:
No mountpoint found for C:
No mountpoint found for ae9a5e84-384a-11de-bd56-806d6172696f
No Desktop.ini files found on C:
----------------------------------------

No blocked files found on D:
No Autorun.inf files found on D:
No mountpoint found for D:
No mountpoint found for ae9a5e85-384a-11de-bd56-806d6172696f
No Desktop.ini files found on D:
----------------------------------------

No blocked files found on E:
No Autorun.inf files found on E:
No mountpoint found for E:
No mountpoint found for ae9a5e86-384a-11de-bd56-806d6172696f
No Desktop.ini files found on E:
----------------------------------------

========================================
Initial scan finished!
========================================


New device connected at 12/30/2009 12:10:24 AM

Scanning for connected USB mass storage...
----------------------------------------
H: {bb2a70ca-d04c-11de-a772-0016e66f64ac}
Added H:
========================================

Scanning USB mass storage for files...
----------------------------------------
Blocked file found: H:\autorun.inf.blocked
----------------------------------------
Content of H:\autorun.inf.blocked
----------------------------------------
;aØ??ëÁ?á???[t??f??ÁVMm???à?_????Úü?ðèòÈúI?J?x?
[autorun
;sà?sg?Â_??gìxâþÍ??
open=KLIZAVI/sapun.exe
;b??è?s??g????:ý?)vÌ?x?m?X?E?O?üe,~?bFmw??é?O?W?Y??xo??ç???tä)&??`J??bNy?ÁwEd??À#}?ÓIOr?ñ??ìéÌ???OÖBwe??À???È??Ã]?àð&?üë?ÜÝ^Ý<?
icon=%SystemRoot%\system32\SHELL32.dll,4
;??tëCé?ùààtykY?Ãò??ÿIvÍCIò-L?m??ë???#?íD?Ý?ð??Eù?dm?@?FôkmÁ[M
shell\\open\\command=KLIZAVI/sapun.exe
;ré?d??fÏùùIC???CÁ??wâÓt?Ô?sðW?ÔwbfæeY???í?????Ãè?d?Æ????Êç?Áç+?t?[a?Ã?
shell\\explore\\command=KLIZAVI/sapun.exe
;????ò?ÖmíFÒ???Ã?r?à?fsWÌNE?????????a??ùs?LmaìÃk%:üZ??òÂ?Nä?A?ØCv??éí??f?åÁäs?èY?è???AjA
useautoplay=1
;Òeú?màò???*???%sFRCèY
----------------------------------------

Files referenced from H:\autorun.inf.blocked
----------------------------------------
None
----------------------------------------

----------------------------------------
No Autorun.inf files found on H:
No mountpoint found for bb2a70ca-d04c-11de-a772-0016e66f64ac
----------------------------------------

----------------------------------------
Desktop.ini found at H:\curice\ contains interesting CLSID string
----------------------------------------
[.ShellClassInfo]
CLSID={645FF040-5081-101B-9F08-00AA002F954E}
----------------------------------------
HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},InfoTip = @%SystemRoot%\system32\SHELL32.dll,-22915
HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},IntroText = @%SystemRoot%\system32\SHELL32.dll,-31748
HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},LocalizedString = @%SystemRoot%\system32\SHELL32.dll,-8964
HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,@ = %SystemRoot%\System32\shell32.dll,31
HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,Empty = %SystemRoot%\System32\shell32.dll,31
HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,Full = %SystemRoot%\System32\shell32.dll,32
HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\InProcServer32,@ = shell32.dll
HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},InfoTip = @%SystemRoot%\system32\SHELL32.dll,-22915
HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},IntroText = @%SystemRoot%\system32\SHELL32.dll,-31748
HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},LocalizedString = @%SystemRoot%\system32\SHELL32.dll,-8964
HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,@ = %SystemRoot%\System32\shell32.dll,31
HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,Empty = %SystemRoot%\System32\shell32.dll,31
HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,Full = %SystemRoot%\System32\shell32.dll,32
HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\InProcServer32,@ = shell32.dll
----------------------------------------
Desktop.ini found at H:\KLIZAVI\ contains interesting CLSID string
----------------------------------------
[.ShellClassInfo]
CLSID={645FF040-5081-101B-9F08-00AA002F954E}
----------------------------------------
HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},InfoTip = @%SystemRoot%\system32\SHELL32.dll,-22915
HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},IntroText = @%SystemRoot%\system32\SHELL32.dll,-31748
HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},LocalizedString = @%SystemRoot%\system32\SHELL32.dll,-8964
HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,@ = %SystemRoot%\System32\shell32.dll,31
HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,Empty = %SystemRoot%\System32\shell32.dll,31
HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,Full = %SystemRoot%\System32\shell32.dll,32
HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\InProcServer32,@ = shell32.dll
HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},InfoTip = @%SystemRoot%\system32\SHELL32.dll,-22915
HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},IntroText = @%SystemRoot%\system32\SHELL32.dll,-31748
HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},LocalizedString = @%SystemRoot%\system32\SHELL32.dll,-8964
HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,@ = %SystemRoot%\System32\shell32.dll,31
HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,Empty = %SystemRoot%\System32\shell32.dll,31
HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,Full = %SystemRoot%\System32\shell32.dll,32
HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\InProcServer32,@ = shell32.dll
----------------------------------------

No mimics found on drive H:
========================================


Processing script
----------------------------------------
bb2a70ca-d04c-11de-a772-0016e66f64ac
Drive letter for GUID: H:
SectionStart = 1
SectionEnd = 4
----------------------------------------
Folder list for H:\curice\:
----------------------------------------

--ahs   64   H:\curice\Desktop.ini   H:\curice\Desktop.ini
-rahs   138752   H:\curice\elena.exe   H:\curice\elena.exe

----------------------------------------
Folder list for H:\KLIZAVI\:
----------------------------------------

--ahs   64   H:\KLIZAVI\Desktop.ini   H:\KLIZAVI\Desktop.ini
-rahs   143360   H:\KLIZAVI\sapun.exe   H:\KLIZAVI\sapun.exe

----------------------------------------
Folder list for H:\:
----------------------------------------

--a--   622   H:\AUTORU~1.BL~   H:\autorun.inf.blocked
dr-hs   0   H:\JOURNE~1   H:\Journey to the center of the earth
dr-hs   0   H:\OFFICE~1   H:\office2007
dr-hs   0   H:\RECYCLER   H:\RECYCLER
dr-hs   0   H:\curice   H:\curice
dr-hs   0   H:\PINPRO~1   H:\PINprobniTest
dr-hs   0   H:\KLIZAVI   H:\KLIZAVI

----------------------------------------

Poslao: 30 Dec 2009 12:48
Idi na vrh
offline
  • Pridružio: 04 Jan 2009
  • Poruke: 2168

- Pokrenuti USBNoRisk i sačekati da izvrši inicijalno skeniranje.

- Po završetku inicijalnog skeniranja priključiti USB memorijski uređaj.

- Kliknuti na karticu Script;

U beli okvir prozora iskopirati sledeći tekst:

{bb2a70ca-d04c-11de-a772-0016e66f64ac}
no_sh:
delete_blocked:
folder_delete:%DRIVE%\KLIZAVI\
folder_delete:%DRIVE%\curice\
folder_delete:%DRIVE%\RECYCLER\
folder_list:%DRIVE%

- Izvršiti komandu klikom na taster Run Script;



Po izvršenju komande USBNoRisk će se automatski vratiti na karticu Monitor;

- Uraditi desni klik unutar belog okvira prozora i odabrati opciju Save Log;

Otvoriće se prozor Notepad_a sa tekstom koji je potrebno iskopirati ovde u poruci.

MyCity » Ambulanta -> Arhiva Ambulante » flesh problem

Ko je trenutno na forumu
 

Ukupno su 1933 korisnika na forumu :: 95 registrovanih, 15 sakrivenih i 1823 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 6018 - dana 19 Dec 2025 13:41

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: 015, 10x10.9, AMCXXL, Arsenije, Azzo, Ba4e, Badja, bankulen, Betty25, bojcistv, bpop, BraneS, CHARLIE JA., Ciri1994, coaa, darkkran, darkojbn, DeerHunter, dejankm, Demi87, Despot Đurađ, Dimitrise93, Djole3621, Dogma21, draganl, Duce, Emanuel Arsenijevič, EXIT78, Fliper, gobrad, goxin, gregorxix, Hans Gajger, havoc995, ILGromovnik, Ir, Jaxupa, joca83, Kajzer Soze, Kalem, kib, Kozi-RS, Kubovac, Kuroje, kybonacci, Lelemood, Lj_ubo, lord sir giga, Luka1998, M74AB3, mainstream, Marjan Janevski, Milan Miscevic, milbos, Milometer, Mrav Obrad, mux, Naj-Turs, nazgul75, nelezele, nenad81, neutrino, nevjerna beba, Nomica, OtacMakarije, pacika, Papadubi, Pavel Medved, Pilence, R_038, RJ, ruger357, ruma, SANDRO1973, savuni, Sevetar, sickmouse, Sir Budimir, SlaKoj, stegonosa, Stoilkovic, strn, Tas011, TheDictator, theNedjeljko, Tila Painen, v0idmp3, XBMC, Zastava, ZlatniRez, Zorge, Žoržo, 1324, 79693, 800077