MyCity » Ambulanta -> Arhiva Ambulante » Virusi na Laptopu

Virusi na Laptopu

Napisano na dan: 4.6.2012
1

Virusi na Laptopu
Sledeća strana Pagination

Idi na vrh

Poslao: 04 Jun 2012 22:26
Idi na vrh
offline
  • Anunnaki
  • Pridružio: 20 Apr 2012
  • Poruke: 1645

E ovako vidio sam da mi laptop koci,mislim da sam pokupio viruse sa interneta,imam win 7 32bit,avast 6 mi je antivirus,procito sa sa ovog sajta Arrow http://www.mycity.rs/Ambulanta/Kako-otvoriti-temu-u-Ambulanti.html
i uradio sam sve kako je napisano




.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_31
Run by Luta at 21:57:54 on 2012-06-04
Microsoft Windows 7 Ultimate 6.1.7600.0.1250.381.1033.18.1013.207 [GMT 2:00]
.
AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\hkcmd.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\MCShield\MCShieldRTM.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Users\Luta\AppData\Local\Google\Update\1.3.21.111\GoogleCrashHandler.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Simlock Remote Client\RamDumper.exe
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Windows\system32\igfxsrvc.exe
C:\Windows\system32\WUDFHost.exe
C:\Users\Luta\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Luta\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Luta\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Luta\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Luta\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\rundll32.exe
C:\Users\Luta\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://start.facemoods.com/?a=nikos
mSearchAssistant = hxxp://start.facemoods.com/?a=nikos&s={searchTerms}&f=4
BHO: AC-Pro: {0fb6a909-6086-458f-bd92-1f8ee10042a0} - c:\users\luta\appdata\roaming\complitly\AutocompletePro.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg8\avgssie.dll
BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll
BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\avast software\avast\aswWebRepIE.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\avast software\avast\aswWebRepIE.dll
uRun: [SpeedConnectStartUp]
uRun: [Facebook Update] "c:\users\luta\appdata\local\facebook\update\FacebookUpdate.exe" /c /nocrashserver
uRun: [MCShield Monitor] c:\program files\mcshield\mcshieldrtm.exe
uRun: [Google Update] "c:\users\luta\appdata\local\google\update\GoogleUpdate.exe" /c
mRun: [Driver Genius]
mRun: [avast] "c:\program files\avast software\avast\avastUI.exe" /nogui
mRun: [NSU_agent] "c:\program files\nokia\nokia software updater\nsu3ui_agent.exe"
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [RivaTuner] "c:\program files\rivatuner v2.24 msi master overclocking arena 2009 edition\RivaTunerWrapper.exe" /T
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRunOnce: [WinSat] winsat dwm -xml results.xml
mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: PromptOnSecureDesktop = 0 (0x0)
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
TCP: Interfaces\{6ED8DEA4-D65B-4C66-A4CA-CBA5725E08BF} : NameServer = 212.200.246.8 213.133.3.5
TCP: Interfaces\{F5A3423C-50F7-4A8C-A90B-48CFFE968F53} : DhcpNameServer = 192.168.1.254
Notify: igfxcui - igfxdev.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\luta\appdata\roaming\mozilla\firefox\profiles\iicjnqa0.default\
FF - prefs.js: browser.startup.homepage - www.google.com
FF - prefs.js: network.proxy.type - 0
FF - plugin: c:\program files\google\picasa3\npPicasa3.dll
FF - plugin: c:\program files\java\jre6\bin\plugin2\npdeployJava1.dll
FF - plugin: c:\program files\java\jre6\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\microsoft silverlight\5.1.10411.0\npctrlui.dll
FF - plugin: c:\users\luta\appdata\local\facebook\video\skype\npFacebookVideoCalling.dll
FF - plugin: c:\users\luta\appdata\local\google\update\1.3.21.111\npGoogleUpdate3.dll
.
============= SERVICES / DRIVERS ===============
.
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2012-2-16 435032]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2012-2-16 314456]
R1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\drivers\vwififlt.sys [2009-7-14 48128]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2012-2-16 20568]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-2-16 55128]
R2 avast! Antivirus;avast! Antivirus;c:\program files\avast software\avast\AvastSvc.exe [2012-2-16 44768]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\drivers\L1C62x86.sys [2012-1-8 68208]
R3 NETw5s32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 32 Bit;c:\windows\system32\drivers\NETw5s32.sys [2012-1-8 6766080]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 cpuz135;cpuz135;c:\windows\system32\drivers\cpuz135_x32.sys [2012-5-13 24328]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-14 229888]
S3 EUCR;EUCR;c:\windows\system32\drivers\EUCR6SK.sys [2012-1-8 82768]
S3 massfilter;ZTE Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter.sys [2012-1-8 9216]
S3 Revoflt;Revoflt;c:\windows\system32\drivers\revoflt.sys [2012-2-6 27192]
S4 RelevantKnowledge;RelevantKnowledge;c:\program files\relevantknowledge\rlservice.exe [2012-1-18 111632]
.
=============== Created Last 30 ================
.
2012-06-01 08:19:57 56200 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{22a474c2-5c09-411e-b1ab-8c828e835cda}\offreg.dll
2012-06-01 08:16:45 6737808 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{22a474c2-5c09-411e-b1ab-8c828e835cda}\mpengine.dll
2012-05-31 14:32:36 252952 ----a-w- c:\windows\system32\igfxsrvc.exe
2012-05-31 14:32:36 141848 ----a-w- c:\windows\system32\igfxtray.exe
2012-05-31 14:32:33 173080 ----a-w- c:\windows\system32\igfxext.exe
2012-05-31 14:32:33 150552 ----a-w- c:\windows\system32\igfxpers.exe
2012-05-31 14:32:32 672792 ----a-w- c:\windows\system32\igfxcfg.exe
2012-05-31 14:32:30 173592 ----a-w- c:\windows\system32\SET9595.tmp
2012-05-31 14:32:30 173592 ----a-w- c:\windows\system32\SET6AF0.tmp
2012-05-28 12:43:00 -------- d-----w- c:\program files\WorldUnlock Codes Calculator
2012-05-27 22:38:47 -------- d--h--w- c:\windows\msdownld.tmp
2012-05-27 22:38:45 -------- d-----w- c:\windows\system32\directx
2012-05-27 22:37:40 -------- d-----w- c:\program files\MSI Afterburner
2012-05-26 19:55:02 98560 ----a-w- c:\windows\system32\drivers\ss_bus.sys
2012-05-26 19:55:02 14848 ----a-w- c:\windows\system32\drivers\ss_mdfl.sys
2012-05-26 19:55:02 12416 ----a-w- c:\windows\system32\drivers\ss_cmnt.sys
2012-05-26 19:55:02 12416 ----a-w- c:\windows\system32\drivers\ss_cm.sys
2012-05-26 19:55:02 123776 ----a-w- c:\windows\system32\drivers\ss_mdm.sys
2012-05-26 19:55:02 12288 ----a-w- c:\windows\system32\drivers\ss_whnt.sys
2012-05-26 19:55:02 12288 ----a-w- c:\windows\system32\drivers\ss_wh.sys
2012-05-26 19:55:01 -------- d-----w- c:\program files\SAMSUNG
2012-05-26 19:53:23 -------- d-----w- c:\programdata\Samsung
2012-05-26 19:09:29 729600 ----a-w- c:\windows\isRS-000.tmp
2012-05-26 19:09:21 60928 ----a-w- c:\windows\system32\AdbWinUsbApi.dll
2012-05-26 19:09:20 96256 ----a-w- c:\windows\system32\AdbWinApi.dll
2012-05-26 19:09:20 578611 ----a-w- c:\windows\system32\adb.exe
2012-05-26 19:08:39 -------- d-----w- c:\windows\system32\no
2012-05-26 19:08:38 -------- d-----w- c:\program files\Simlock Remote Client
2012-05-24 18:36:38 -------- d-----w- c:\program files\RMPrepUSB
2012-05-23 20:47:59 592824 ----a-w- c:\program files\mozilla firefox\gkmedias.dll
2012-05-23 20:47:59 44472 ----a-w- c:\program files\mozilla firefox\mozglue.dll
2012-05-22 20:29:47 -------- d-----w- c:\users\luta\appdata\local\Djordje_Zeljic
2012-05-22 20:28:24 -------- d-----w- c:\program files\Subtitle Merger 2.0
2012-05-13 08:29:21 24328 ----a-w- c:\windows\system32\drivers\cpuz135_x32.sys
2012-05-13 08:29:18 -------- d-----w- c:\program files\CPUID
2012-05-09 16:02:48 -------- d-----w- c:\program files\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition
2012-05-09 12:28:47 1287024 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-05-09 12:28:22 936960 ----a-w- c:\program files\common files\microsoft shared\ink\journal.dll
2012-05-09 12:28:17 1221632 ----a-w- c:\program files\windows journal\NBDoc.DLL
2012-05-09 12:28:15 989184 ----a-w- c:\program files\windows journal\JNTFiltr.dll
2012-05-09 12:28:14 969216 ----a-w- c:\program files\windows journal\JNWDRV.dll
2012-05-09 12:22:06 3902320 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-05-09 12:22:01 3958128 ----a-w- c:\windows\system32\ntkrnlpa.exe
2012-05-09 12:21:56 2342400 ----a-w- c:\windows\system32\win32k.sys
2012-05-09 12:15:50 56688 ----a-w- c:\windows\system32\drivers\partmgr.sys
2012-05-09 12:15:43 1074176 ----a-w- c:\windows\system32\DWrite.dll
2012-05-09 12:15:41 218624 ----a-w- c:\windows\system32\d3d10_1core.dll
2012-05-09 12:15:39 1170944 ----a-w- c:\windows\system32\d3d10warp.dll
2012-05-09 12:15:38 739840 ----a-w- c:\windows\system32\d2d1.dll
2012-05-09 12:15:37 161792 ----a-w- c:\windows\system32\d3d10_1.dll
.
==================== Find3M ====================
.
2012-04-29 14:39:36 472808 ----a-w- c:\windows\system32\deployJava1.dll
2012-03-22 19:12:12 4435968 ----a-w- c:\windows\system32\GPhotos.scr
.
============= FINISH: 22:00:23,65 ===============




Arrow https://www.mycity.rs/must-login.png
Arrow https://www.mycity.rs/must-login.png
Arrow https://www.mycity.rs/must-login.png
Arrow https://www.mycity.rs/must-login.png
Arrow https://www.mycity.rs/must-login.png

ako neko zna neka mi pomogne unaprijed hvala Very Happy

Poslao: 05 Jun 2012 00:32
Idi na vrh
offline
  • Més que un club
  • Glavni vokal @ Harpun
  • Pridružio: 27 Feb 2009
  • Poruke: 3898
  • Gde živiš: Novi Sad,Klisa

Pozdrav ,nikola9896


Arrow Preuzmi program OTL sa donjeg linka na Desktop:

OTL download
Klikni na dati link i u prozoru koji se otvori, klikni na dugme Save;
kada se otvori dijalog za izbor lokacije na kojoj treba sačuvati datoteku, odaberi Desktop i klikni na dugme Save.
Dvoklikom pokreni OTL;

klikni na dugme Run Scan;

po završetku skeniranja, izveštaj će se otvoriti u programu Notepad (napomena: izveštaj će automatski biti sačuvan na Desktopu kao OTL.Txt) .

Priloži izveštaj OTL.Txt uz poruku korišćenjem opcije Prikači fajl.

Poslao: 05 Jun 2012 17:38
Idi na vrh
offline
  • Anunnaki
  • Pridružio: 20 Apr 2012
  • Poruke: 1645

Napisano: 05 Jun 2012 14:47

meni nece ovaj program OTL kad sam ga skinuo pojavio mi se avast i ja sam pretisnuo open normal i otvorio mi se program otl i ja sam pretisnuo run scan,i pojavila mi se ova slika sta bi moglo da bude
evo slika



Dopuna: 05 Jun 2012 14:59

pozdrav NIx Car
uradio sam kako ste napisali imo sam probleme sa programom ali sam rijesio
evo fajla


OTL logfile created on: 5.6.2012 14:38:50 - Run 1
OTL by OldTimer - Version 3.2.46.1 Folder = C:\Users\Luta\Downloads
Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 0000241A | Country: Serbia | Language: SRM | Date Format: d.M.yyyy

1013,09 Mb Total Physical Memory | 156,65 Mb Available Physical Memory | 15,46% Memory free
3,43 Gb Paging File | 2,16 Gb Available in Paging File | 63,00% Paging File free
Paging file location(s): [Binary data over 100 bytes]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 232,79 Gb Total Space | 18,78 Gb Free Space | 8,07% Space Free | Partition Type: NTFS

Computer Name: LUTA-PC | User Name: Luta | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012.06.05 14:37:15 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\Luta\Downloads\OTL (1).exe
PRC - [2012.03.22 08:17:13 | 000,180,648 | ---- | M] (Google Inc.) -- C:\Users\Luta\AppData\Local\Google\Update\1.3.21.111\GoogleCrashHandler.exe
PRC - [2012.03.12 22:25:06 | 000,583,680 | ---- | M] (MyCity) -- C:\Program Files\MCShield\MCShieldRTM.exe
PRC - [2011.11.28 20:01:24 | 003,744,552 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2011.11.28 20:01:23 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2011.02.26 07:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010.12.27 22:13:22 | 000,097,792 | ---- | M] (123Unlock.nl) -- C:\Program Files\Simlock Remote Client\RamDumper.exe
PRC - [2009.07.14 03:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe


========== Modules (No Company Name) ==========

MOD - [2012.05.23 03:56:50 | 000,441,880 | ---- | M] () -- C:\Users\Luta\AppData\Local\Google\Chrome\Application\19.0.1084.52\ppgooglenaclpluginchrome.dll
MOD - [2012.05.23 03:56:49 | 003,922,456 | ---- | M] () -- C:\Users\Luta\AppData\Local\Google\Chrome\Application\19.0.1084.52\pdf.dll
MOD - [2012.05.23 03:55:35 | 000,553,496 | ---- | M] () -- C:\Users\Luta\AppData\Local\Google\Chrome\Application\19.0.1084.52\libglesv2.dll
MOD - [2012.05.23 03:55:33 | 000,117,784 | ---- | M] () -- C:\Users\Luta\AppData\Local\Google\Chrome\Application\19.0.1084.52\libegl.dll
MOD - [2012.05.23 03:55:24 | 000,134,696 | ---- | M] () -- C:\Users\Luta\AppData\Local\Google\Chrome\Application\19.0.1084.52\avutil-51.dll
MOD - [2012.05.23 03:55:23 | 000,250,408 | ---- | M] () -- C:\Users\Luta\AppData\Local\Google\Chrome\Application\19.0.1084.52\avformat-54.dll
MOD - [2012.05.23 03:55:21 | 002,375,720 | ---- | M] () -- C:\Users\Luta\AppData\Local\Google\Chrome\Application\19.0.1084.52\avcodec-54.dll
MOD - [2012.05.23 03:06:23 | 008,743,584 | ---- | M] () -- C:\Users\Luta\AppData\Local\Google\Chrome\Application\19.0.1084.52\gcswf32.dll
MOD - [2012.05.10 08:25:21 | 011,490,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\5858678a79aae31262b0214424245d06\mscorlib.ni.dll
MOD - [2011.05.28 23:04:56 | 000,140,288 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll


========== Win32 Services (SafeList) ==========

SRV - [2012.01.04 13:32:36 | 000,718,888 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2011.11.28 20:01:23 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2011.10.12 01:32:52 | 000,111,632 | ---- | M] (TMRG, Inc.) [Disabled | Stopped] -- C:\Program Files\RelevantKnowledge\rlservice.exe -- (RelevantKnowledge)
SRV - [2010.07.14 22:34:14 | 000,252,784 | ---- | M] () [Disabled | Stopped] -- C:\Program Files\Join Air\AssistantServices.exe -- (UI Assistant Service)
SRV - [2010.06.09 18:38:30 | 000,463,912 | R--- | M] (Ericsson AB) [Disabled | Stopped] -- C:\Program Files\Mobile Broadband drivers\WMCore\mini_WMCore.exe -- (WMCoreService)
SRV - [2009.07.14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009.07.14 03:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009.07.14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009.07.14 03:15:41 | 000,075,264 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\System32\mprdim.dll -- (RemoteAccess)
SRV - [2009.07.14 03:15:38 | 000,067,584 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\System32\Mcx2Svc.dll -- (Mcx2Svc)
SRV - [2009.07.14 03:15:33 | 000,300,544 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\System32\ipnathlp.dll -- (SharedAccess)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009.06.10 23:14:05 | 000,128,848 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Unknown] -- C:\Users\Luta\AppData\Local\Temp\mbr.sys -- (mbr)
DRV - File not found [Kernel | On_Demand | Unknown] -- C:\Users\Luta\AppData\Local\Temp\kxldapow.sys -- (kxldapow)
DRV - File not found [Kernel | System | Stopped] -- -- (AntiKill)
DRV - [2012.03.09 10:57:28 | 000,024,328 | ---- | M] (CPUID) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\cpuz135_x32.sys -- (cpuz135)
DRV - [2012.01.09 17:28:20 | 000,023,168 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2012.01.09 17:28:20 | 000,018,176 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2012.01.09 17:28:20 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2012.01.09 17:28:20 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2011.11.28 19:53:53 | 000,435,032 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2011.11.28 19:53:35 | 000,314,456 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2011.11.28 19:52:19 | 000,034,392 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011.11.28 19:52:16 | 000,052,952 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011.11.28 19:52:07 | 000,055,128 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2011.11.28 19:51:50 | 000,020,568 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2011.10.27 03:25:44 | 000,123,776 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_mdm.sys -- (ss_mdm)
DRV - [2011.10.27 03:25:44 | 000,098,560 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bus.sys -- (ss_bus) SAMSUNG Mobile USB Device 1.0 driver (WDM)
DRV - [2011.10.27 03:25:44 | 000,014,848 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_mdfl.sys -- (ss_mdfl)
DRV - [2010.06.17 15:50:38 | 000,082,768 | ---- | M] (ENE Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\EUCR6SK.sys -- (EUCR)
DRV - [2010.05.31 13:04:30 | 006,766,080 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw5s32.sys -- (NETw5s32) Intel(R)
DRV - [2010.05.20 15:10:32 | 000,068,208 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\L1C62x86.sys -- (L1C)
DRV - [2009.12.30 11:21:18 | 000,027,192 | ---- | M] (VS Revo Group) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\revoflt.sys -- (Revoflt)
DRV - [2009.10.29 20:28:24 | 000,105,088 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ZTEusbser6k.sys -- (ZTEusbser6k)
DRV - [2009.10.29 20:28:24 | 000,105,088 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ZTEusbnmea.sys -- (ZTEusbnmea)
DRV - [2009.10.29 20:28:24 | 000,105,088 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ZTEusbmdm6k.sys -- (ZTEusbmdm6k)
DRV - [2009.10.29 20:28:24 | 000,009,216 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\massfilter.sys -- (massfilter)
DRV - [2009.08.22 20:25:00 | 000,009,088 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Program Files\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTuner32.sys -- (RivaTuner32)
DRV - [2009.07.14 03:20:28 | 000,022,096 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\crcdisk.sys -- (crcdisk)
DRV - [2009.07.14 03:19:10 | 000,175,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2009.07.14 03:19:10 | 000,040,896 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2009.07.14 03:19:10 | 000,028,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2009.07.14 01:55:02 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\ws2ifsl.sys -- (ws2ifsl)
DRV - [2009.07.14 01:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2009.07.14 01:28:47 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2009.07.14 01:28:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2009.07.14 01:14:09 | 000,246,784 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\Windows\System32\drivers\udfs.sys -- (udfs)
DRV - [2008.08.26 09:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://start.facemoods.com/?a=nikos&s={searchTerms}&f=4
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-2787396597-1344915912-1888278398-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://start.facemoods.com/?a=nikos
IE - HKU\S-1-5-21-2787396597-1344915912-1888278398-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-2787396597-1344915912-1888278398-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = sr
IE - HKU\S-1-5-21-2787396597-1344915912-1888278398-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = F4 B7 A7 83 3F CE CC 01 [binary data]
IE - HKU\S-1-5-21-2787396597-1344915912-1888278398-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-2787396597-1344915912-1888278398-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-2787396597-1344915912-1888278398-1000\..\SearchScopes\{0D7562AE-8EF6-416d-A838-AB665251703A}: "URL" = http://start.facemoods.com/?a=nikos&s={searchTerms}&f=4
IE - HKU\S-1-5-21-2787396597-1344915912-1888278398-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "www.google.com"
FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Luta\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Luta\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Luta\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012.02.16 00:05:34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.05.23 22:48:00 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins

[2012.01.24 16:06:04 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Luta\AppData\Roaming\Mozilla\Extensions
[2012.05.18 00:31:39 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Luta\AppData\Roaming\Mozilla\Firefox\Profiles\iicjnqa0.default\extensions
[2012.05.23 22:48:08 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012.05.23 22:47:59 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012.02.16 12:42:53 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012.01.12 07:10:04 | 000,002,048 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fcmdSrchnikos.xml
[2012.02.16 12:42:53 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - default_search_provider: facemoods (Enabled)
CHR - default_search_provider: search_url = http://start.facemoods.com/?a=nikos&s={searchTerms}&f=4
CHR - default_search_provider: suggest_url =
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Luta\AppData\Local\Google\Chrome\Application\19.0.1084.52\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Luta\AppData\Local\Google\Chrome\Application\19.0.1084.52\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Luta\AppData\Local\Google\Chrome\Application\19.0.1084.52\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Luta\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: Picasa (Enabled) = C:\Program Files\Google\Picasa3\npPicasa3.dll
CHR - plugin: Java(TM) Platform SE 6 U31 (Enabled) = C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: Facebook Video Calling Plugin (Enabled) = C:\Users\Luta\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Luta\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - Extension: YouTube = C:\Users\Luta\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google Search = C:\Users\Luta\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Complitly plugin for chrome = C:\Users\Luta\AppData\Local\Google\Chrome\User Data\Default\Extensions\defdhglnppeioeflggkmglipcecffkhk\1.1_0\
CHR - Extension: FB Timeline Repair = C:\Users\Luta\AppData\Local\Google\Chrome\User Data\Default\Extensions\figeicjbphcoedkepjffkelnefmmlofc\1.0_0\
CHR - Extension: avast! WebRep = C:\Users\Luta\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\6.0.1374_0\
CHR - Extension: Gmail = C:\Users\Luta\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2009.06.10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (AC-Pro) - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Users\Luta\AppData\Roaming\Complitly\AutocompletePro.dll (SimplyGen)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll File not found
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [Driver Genius] File not found
O4 - HKLM..\Run: [NSU_agent] C:\Program Files\Nokia\Nokia Software Updater\nsu3ui_agent.exe ()
O4 - HKLM..\Run: [RivaTuner] C:\Program Files\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTunerWrapper.exe ()
O4 - HKU\S-1-5-21-2787396597-1344915912-1888278398-1000..\Run: [Facebook Update] C:\Users\Luta\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKU\S-1-5-21-2787396597-1344915912-1888278398-1000..\Run: [MCShield Monitor] C:\Program Files\MCShield\MCShieldRTM.exe (MyCity)
O4 - HKU\S-1-5-21-2787396597-1344915912-1888278398-1000..\Run: [SpeedConnectStartUp] File not found
O4 - HKLM..\RunOnce: [WinSat] winsat dwm -xml results.xml File not found
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 4
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6ED8DEA4-D65B-4C66-A4CA-CBA5725E08BF}: NameServer = 212.200.246.8 213.133.3.5
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F5A3423C-50F7-4A8C-A90B-48CFFE968F53}: DhcpNameServer = 192.168.1.254
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{303b3b9a-39b6-11e1-9d08-cc751056b455}\Shell - "" = AutoRun
O33 - MountPoints2\{303b3b9a-39b6-11e1-9d08-cc751056b455}\Shell\AutoRun\command - "" = D:\Install.exe
O33 - MountPoints2\D\Shell - "" = AutoRun
O33 - MountPoints2\D\Shell\AutoRun\command - "" = D:\Install.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2012.05.31 17:56:24 | 000,000,000 | ---D | C] -- C:\Windows\LastGood
[2012.05.31 16:32:32 | 000,672,792 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxcfg.exe
[2012.05.31 16:32:29 | 000,000,000 | ---D | C] -- C:\Users\Luta\Desktop\VGA_Intel_8.14.10.2117_W7x86_A
[2012.05.28 14:43:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WorldUnlock Calculator
[2012.05.28 14:43:01 | 000,000,000 | ---D | C] -- C:\Users\Luta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WorldUnlock Calculator
[2012.05.28 14:43:00 | 000,000,000 | ---D | C] -- C:\Program Files\WorldUnlock Codes Calculator
[2012.05.28 00:38:45 | 000,000,000 | ---D | C] -- C:\Windows\System32\directx
[2012.05.28 00:38:16 | 000,000,000 | ---D | C] -- C:\Users\Luta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner
[2012.05.28 00:37:40 | 000,000,000 | ---D | C] -- C:\Program Files\MSI Afterburner
[2012.05.28 00:35:58 | 016,785,861 | ---- | C] (MSI Co., LTD ) -- C:\Users\Luta\Desktop\MSI_Kombustor_Setup_2.3.0.exe
[2012.05.26 21:55:02 | 000,123,776 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\ss_mdm.sys
[2012.05.26 21:55:02 | 000,098,560 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\ss_bus.sys
[2012.05.26 21:55:02 | 000,014,848 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\ss_mdfl.sys
[2012.05.26 21:55:02 | 000,012,416 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\ss_cmnt.sys
[2012.05.26 21:55:02 | 000,012,416 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\ss_cm.sys
[2012.05.26 21:55:02 | 000,012,288 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\ss_whnt.sys
[2012.05.26 21:55:02 | 000,012,288 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\ss_wh.sys
[2012.05.26 21:55:01 | 000,000,000 | ---D | C] -- C:\Program Files\SAMSUNG
[2012.05.26 21:53:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Samsung
[2012.05.26 21:09:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Simlock Remote Client
[2012.05.26 21:09:21 | 000,060,928 | ---- | C] (Google, inc) -- C:\Windows\System32\AdbWinUsbApi.dll
[2012.05.26 21:09:20 | 000,096,256 | ---- | C] (Google, inc) -- C:\Windows\System32\AdbWinApi.dll
[2012.05.26 21:08:39 | 000,000,000 | ---D | C] -- C:\Windows\System32\no
[2012.05.26 21:08:38 | 000,000,000 | ---D | C] -- C:\Program Files\Simlock Remote Client
[2012.05.24 23:33:27 | 000,000,000 | ---D | C] -- C:\Users\Luta\Desktop\ROMA PC GAME
[2012.05.24 20:36:45 | 000,000,000 | ---D | C] -- C:\Users\Luta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RMPrepUSB
[2012.05.24 20:36:38 | 000,000,000 | ---D | C] -- C:\Program Files\RMPrepUSB
[2012.05.22 22:29:47 | 000,000,000 | ---D | C] -- C:\Users\Luta\AppData\Local\Djordje_Zeljic
[2012.05.22 22:28:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Subtitle Merger 2.0
[2012.05.22 22:28:24 | 000,000,000 | ---D | C] -- C:\Program Files\Subtitle Merger 2.0
[2012.05.18 19:29:41 | 000,000,000 | ---D | C] -- C:\Users\Luta\Desktop\Documents\ConvertXToDVD
[2012.05.15 21:04:40 | 000,000,000 | ---D | C] -- C:\Users\Luta\Desktop\GOCA MUZIKA
[2012.05.15 18:59:25 | 000,000,000 | ---D | C] -- C:\Users\Luta\Desktop\NIKOLA LAPTOP
[2012.05.14 17:21:44 | 000,000,000 | ---D | C] -- C:\Users\Luta\Desktop\Sherlock Holmes A Game of Shadows (2011) DVDRip XviD-MAXSPEED
[2012.05.14 17:20:29 | 000,000,000 | ---D | C] -- C:\Users\Luta\Desktop\PESEdit.com_2012_Patch_3.3
[2012.05.14 17:19:55 | 000,000,000 | ---D | C] -- C:\Users\Luta\Desktop\Nero 11 Platinum 11.0.11200
[2012.05.13 10:29:21 | 000,024,328 | ---- | C] (CPUID) -- C:\Windows\System32\drivers\cpuz135_x32.sys
[2012.05.13 10:29:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
[2012.05.13 10:29:18 | 000,000,000 | ---D | C] -- C:\Program Files\CPUID
[2012.05.09 18:03:10 | 000,000,000 | ---D | C] -- C:\Users\Luta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition
[2012.05.09 18:02:48 | 000,000,000 | ---D | C] -- C:\Program Files\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition
[2012.05.09 14:22:06 | 003,902,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2012.05.09 14:22:01 | 003,958,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2012.05.09 14:21:56 | 002,342,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2012.05.09 14:15:43 | 001,074,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll
[2012.05.09 14:15:41 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1core.dll
[2012.05.09 14:15:39 | 001,170,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10warp.dll
[2012.05.09 14:15:38 | 000,739,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll
[2012.05.09 14:15:37 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1.dll
[2 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012.06.05 14:47:13 | 000,046,727 | ---- | M] () -- C:\Users\Luta\Desktop\Capture.PNG
[2012.06.05 14:22:01 | 000,000,904 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2787396597-1344915912-1888278398-1000UA.job
[2012.06.05 14:10:47 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.06.05 12:16:17 | 000,000,924 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2787396597-1344915912-1888278398-1000UA.job
[2012.06.05 07:22:01 | 000,000,852 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2787396597-1344915912-1888278398-1000Core.job
[2012.06.04 21:28:03 | 000,616,008 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.06.04 21:28:03 | 000,106,388 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.06.04 21:20:56 | 000,000,902 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2787396597-1344915912-1888278398-1000Core.job
[2012.05.28 12:46:51 | 000,000,649 | ---- | M] () -- C:\Users\Luta\Desktop\ffff.rtf
[2012.05.28 12:02:13 | 000,001,497 | ---- | M] () -- C:\Users\Luta\Desktop\Document.rtf
[2012.05.26 20:05:15 | 000,000,193 | ---- | M] () -- C:\Windows\WORDPAD.INI
[2012.05.24 20:28:15 | 020,739,552 | ---- | M] () -- C:\Users\Luta\Desktop\erererererere.rtf
[2012.05.24 07:33:44 | 000,002,358 | ---- | M] () -- C:\Users\Luta\Desktop\Google Chrome.lnk
[2012.05.22 22:28:26 | 000,001,083 | ---- | M] () -- C:\Users\Public\Desktop\Subtitle Merger.lnk
[2012.05.22 16:00:10 | 000,014,016 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.05.22 16:00:10 | 000,014,016 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.05.21 21:10:14 | 796,725,248 | -HS- | M] () -- C:\hiberfil.sys
[2012.05.19 17:01:51 | 000,058,368 | ---- | M] () -- C:\Users\Luta\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.05.18 21:39:09 | 000,001,189 | ---- | M] () -- C:\Users\Luta\AppData\Roaming\vso_ts_preview.xml
[2012.05.14 16:54:56 | 016,785,861 | ---- | M] (MSI Co., LTD ) -- C:\Users\Luta\Desktop\MSI_Kombustor_Setup_2.3.0.exe
[2012.05.13 10:29:23 | 000,001,026 | ---- | M] () -- C:\Users\Public\Desktop\CPUID CPU-Z.lnk
[2012.05.10 08:23:02 | 000,267,496 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012.06.05 14:47:12 | 000,046,727 | ---- | C] () -- C:\Users\Luta\Desktop\Capture.PNG
[2012.05.26 21:09:20 | 000,578,611 | ---- | C] () -- C:\Windows\System32\adb.exe
[2012.05.26 20:05:15 | 000,000,193 | ---- | C] () -- C:\Windows\WORDPAD.INI
[2012.05.24 20:28:12 | 020,739,552 | ---- | C] () -- C:\Users\Luta\Desktop\erererererere.rtf
[2012.05.22 22:28:26 | 000,001,083 | ---- | C] () -- C:\Users\Public\Desktop\Subtitle Merger.lnk
[2012.05.13 10:29:23 | 000,001,026 | ---- | C] () -- C:\Users\Public\Desktop\CPUID CPU-Z.lnk
[2012.03.24 13:37:59 | 000,001,189 | ---- | C] () -- C:\Users\Luta\AppData\Roaming\vso_ts_preview.xml
[2012.02.12 19:13:18 | 000,010,050 | ---- | C] () -- C:\Users\Luta\AppData\Roaming\PsyhoSOFT
[2012.02.09 01:26:52 | 000,000,160 | ---- | C] () -- C:\Windows\MyDrivers.ini
[2012.01.12 01:38:19 | 000,058,368 | ---- | C] () -- C:\Users\Luta\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.01.08 18:55:35 | 000,361,808 | ---- | C] () -- C:\Windows\EMCRI_E.dll
[2012.01.08 07:55:29 | 000,175,616 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2012.01.08 07:55:28 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini
[2012.01.08 07:55:27 | 000,631,808 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2012.01.08 07:55:27 | 000,243,200 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2012.01.08 07:55:26 | 000,080,896 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2012.01.08 07:31:15 | 000,451,072 | ---- | C] () -- C:\Windows\System32\ISSRemoveSP.exe
[2012.01.08 07:23:54 | 000,006,656 | ---- | C] () -- C:\Windows\System32\bcmwlrc.dll
[2012.01.08 07:02:30 | 000,247,560 | ---- | C] () -- C:\Windows\System32\drivers\RTConvEQ.dat
[2012.01.08 07:02:30 | 000,037,468 | ---- | C] () -- C:\Windows\System32\drivers\RtPCEE3.DAT
[2012.01.08 07:02:30 | 000,001,448 | ---- | C] () -- C:\Windows\System32\drivers\RtHdatEx.dat
[2012.01.08 07:02:30 | 000,000,520 | ---- | C] () -- C:\Windows\System32\drivers\RTEQEX3.dat
[2012.01.08 07:02:30 | 000,000,520 | ---- | C] () -- C:\Windows\System32\drivers\RTEQEX2.dat
[2012.01.08 07:02:30 | 000,000,520 | ---- | C] () -- C:\Windows\System32\drivers\RTEQEX1.dat
[2012.01.08 07:02:30 | 000,000,520 | ---- | C] () -- C:\Windows\System32\drivers\RTEQEX0.dat
[2012.01.08 07:02:30 | 000,000,176 | ---- | C] () -- C:\Windows\System32\drivers\RTHDAEQ1.dat
[2012.01.08 07:02:30 | 000,000,024 | ---- | C] () -- C:\Windows\System32\drivers\rtkhdaud.dat
[2011.09.19 15:03:40 | 000,045,056 | ---- | C] () -- C:\Windows\System32\rtvcvfw32.dll

< End of report >




https://www.mycity.rs/must-login.png

Dopuna: 05 Jun 2012 17:38

treba li jos sta da se uradi

Poslao: 05 Jun 2012 22:09
Idi na vrh
offline
  • magna86  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 21 Jun 2008
  • Poruke: 6104

Pozdrav, izvini sto si danas cekao, bili smo zauzeti.

Arrow Deinstaliraj RelevantKnowledge.
Restartuj kompjuter i potom odradi sledece:


Arrow Ponovo pokreni program OTL dvoklikom na ikonicu;

U beli okvir prozora gde piše Custom Scans/Fixes iskopirati sledeći tekst:

:OTL
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://start.facemoods.com/?a=nikos&s={searchTerms}&f=4
IE - HKU\S-1-5-21-2787396597-1344915912-1888278398-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://start.facemoods.com/?a=nikos
IE - HKU\S-1-5-21-2787396597-1344915912-1888278398-1000\..\SearchScopes\{0D7562AE-8EF6-416d-A838-AB665251703A}: "URL" = http://start.facemoods.com/?a=nikos&s={searchTerms}&f=4
CHR - default_search_provider: search_url = http://start.facemoods.com/?a=nikos&s={searchTerms}&f=4

:services
RelevantKnowledge

:files
C:\Program Files\RelevantKnowledge

:commands
[emptytemp]
[emptyjava]
[reboot]


Klikni taster Run Fix;


Log koji dobiješ iskopiraj ovde u poruci.


Arrow Reci mi kako ti sad radi kompjuter?

Poslao: 06 Jun 2012 20:27
Idi na vrh
offline
  • Anunnaki
  • Pridružio: 20 Apr 2012
  • Poruke: 1645

ja nemam taj program RelevantKnowledge svuda sam trazio po laptopu ali ga nema,sta da radim

Poslao: 06 Jun 2012 20:36
Idi na vrh
offline
  • magna86  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 21 Jun 2008
  • Poruke: 6104

Pritisni kombinaciju Windows dugme + R



Tamo upisi sledece:

appwiz.cpl

Pritisni Enter.
Vidi da li se tamo nalazi RelevantKnowledge program pa klikni na Remove/Uninstall.

Ako ne, predji na OTL script.

Poslao: 06 Jun 2012 21:45
Idi na vrh
offline
  • Anunnaki
  • Pridružio: 20 Apr 2012
  • Poruke: 1645

Napisano: 06 Jun 2012 21:09

unistaliro sam program i uradio sam sve
evo izvjestaj



All processes killed
========== OTL ==========
HKLM\SOFTWARE\Microsoft\Internet Explorer\Search\\SearchAssistant| /E : value set successfully!
HKU\S-1-5-21-2787396597-1344915912-1888278398-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-2787396597-1344915912-1888278398-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0D7562AE-8EF6-416d-A838-AB665251703A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0D7562AE-8EF6-416d-A838-AB665251703A}\ not found.
Unable to fix default_search_provider items.
========== SERVICES/DRIVERS ==========
Error: No service named RelevantKnowledge was found to stop!
Service\Driver key RelevantKnowledge not found.
========== FILES ==========
C:\Program Files\RelevantKnowledge folder moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Luta
->Temp folder emptied: 56569971 bytes
->Temporary Internet Files folder emptied: 318277795 bytes
->Java cache emptied: 46956 bytes
->FireFox cache emptied: 167318374 bytes
->Google Chrome cache emptied: 287520660 bytes
->Flash cache emptied: 2074 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 729600 bytes
%systemroot%\System32 .tmp files removed: 347184 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 49072815 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 839,00 mb


[EMPTYJAVA]

User: All Users

User: Default

User: Default User

User: Luta
->Java cache emptied: 0 bytes

User: Public

Total Java Files Cleaned = 0,00 mb


OTL by OldTimer - Version 3.2.46.1 log created on 06062012_205310

Files\Folders moved on Reboot...
File move failed. C:\Windows\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.

Registry entries deleted on Reboot...




https://www.mycity.rs/must-login.png

Dopuna: 06 Jun 2012 21:45

jos ovo da pitam kad trebam da udjem npr u pes 2012 pojavi mi se avast i zabrani mi da igram,pa moram stalno da deaktiviram avast da bi igro igrice,i jos ovo kad sam ovo uradio sa ovim programom OTL sad mi se hard disk drasticno smanjio imo sam ranije 24GB a sada imam 3,24GB,sta bi moglo biti.ako zna neko u cemu je problem nek mi pomogne...hvala

Poslao: 07 Jun 2012 02:54
Idi na vrh
offline
  • magna86  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 21 Jun 2008
  • Poruke: 6104

Ponovo pokreni program OTL dvoklikom na ikonicu;

U beli okvir prozora gde piše Custom Scans/Fixes iskopirati sledeći tekst:


:processes
killallprocesses

:OTL
O2 - BHO: (AC-Pro) - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Users\Luta\AppData\Roaming\Complitly\AutocompletePro.dll (SimplyGen)

:commands
[reboot]



Klikni taster Run Fix;


Log koji dobiješ iskopiraj ovde u poruci.


Arrow Postavi mi screenshot od toga sto ti avast prijavljuje kada pokrenes igricu.

Poslao: 07 Jun 2012 13:06
Idi na vrh
offline
  • Anunnaki
  • Pridružio: 20 Apr 2012
  • Poruke: 1645

uradio sam evo izvjestaj


========== PROCESSES ==========
All processes killed
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0FB6A909-6086-458F-BD92-1F8EE10042A0}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0FB6A909-6086-458F-BD92-1F8EE10042A0}\ deleted successfully.
C:\Users\Luta\AppData\Roaming\Complitly\AutocompletePro.dll moved successfully.
========== COMMANDS ==========

OTL by OldTimer - Version 3.2.46.1 log created on 06072012_125357

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...


https://www.mycity.rs/must-login.png
a za avast kad ulazim u igricu ide od 1 do 5 sekundi i izadje mi iz igrice,pa moram da ugasim avast,ne mogu nikako da postavim zato sto se puni do 5 sekundi,jedino da snimim,a za hard disk sto mi se odjednum smanjio sa 25GB na 3GB

Poslao: 07 Jun 2012 14:18
Idi na vrh
offline
  • magna86  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 21 Jun 2008
  • Poruke: 6104

Ok, ali hajde odradi jos ovo:

Arrow Dvoklikom pokreni Malwarebytes program kojeg vec imaš instaliranog na sistemu.

Klikni na Update tab a potom Check for Updates.

Nakon završenog ažuriranja pod Scanner tabom izaberi opciju Perform Quick Scan i klikni Scan.

Po završetku procesa klikni OK, Show Results: u listi detektovanog malware-a, obeleži sve stavke i klikni Remove Selected.

> Po završetku procesa, logfile će se otvoriti u Notepad-u; iskopiraj ga u temu na forumu.
Ukoliko program zatraži restart kako bi se završio proces čišćenja, obavezno ga dozvoliti.

Napomena: ako dođe do restarta na kraju procesa čišćenja, logfile će biti dostupan na Logs kartici (obeleži ga i klikni Open).

MyCity » Ambulanta -> Arhiva Ambulante » Virusi na Laptopu

Ko je trenutno na forumu
 

Ukupno su 1140 korisnika na forumu :: 33 registrovanih, 5 sakrivenih i 1102 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: babaroga, Bluper, Bubimir, comi_pfc, DonRumataEstorski, dragoljub11987, drimer, FOX, JimmyNapoli, kalens021, karevski, Karla, Koridor, Marko Marković, mercedesamg, milenko crazy north, Milometer, Nemanja.M, nemkea71, oldtimer, operniki, S-lash, SlaKoj, solic, sovanova95, stegonosa, Toper, Vlada1389, Vlada78, voja64, zbazin, zdrebac, 1107