MyCity » Ambulanta -> Arhiva Ambulante » nesto z*za

nesto z*za

Napisano na dan: 6.7.2009

nesto z*za
Sledeća strana Pagination

Idi na vrh

Poslao: 06 Jul 2009 17:33
Idi na vrh
offline
  • Pridružio: 23 Mar 2006
  • Poruke: 84

Nesto mi se komp neobicno ponasa. Aktivira desni taster misa, nece daljinski od TV kartice. Sumnjam na `nesto`.
Evo log od HJT:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:30:59, on 6.7.2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\sstray.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Common Files\InterVideo\SchSvr\SchSvr.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\cFosSpeed\cFosSpeed.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\OEM\11bg Wireless LAN USB Utility\RtWLan.exe
C:\Program Files\AirLive\Bluetooth Software\BTTray.exe
C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
C:\Program Files\Orbitdownloader\orbitdm.exe
C:\Program Files\Orbitdownloader\orbitnet.exe
C:\WINDOWS\system32\OSK.exe
C:\Program Files\AirLive\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\system32\MSSWCHX.EXE
C:\Program Files\cFosSpeed\spd.exe
C:\WINDOWS\system32\FsUsbExService.Exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclBCBTSrv.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\WINDOWS\system32\taskmgr.exe
E:\DC++\zK\zK++.exe
E:\DC++\Apex\ApexDC.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\uTorrent\uTorrent.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files\Orbitdownloader\orbitcth.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~1\Office12\GRA8E1~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [nForce Tray Options] sstray.exe /r
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [WinDVR SchSvr] "C:\Program Files\Common Files\InterVideo\SchSvr\SchSvr.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [cFosSpeed] C:\Program Files\cFosSpeed\cFosSpeed.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe
O4 - HKLM\..\Run: [XTNDConnect PC - ErPhn2] C:\PROGRA~1\COMMON~1\XCPCSync\TRANSL~1\ErPhn2\ErTray.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - HKCU\..\Run: [AutoStartNPSAgent] C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user')
O4 - .DEFAULT User Startup: Orbit.lnk = C:\Program Files\Orbitdownloader\orbitdm.exe (User 'Default user')
O4 - Global Startup: 11bg Wireless LAN USB Utility.lnk = C:\Program Files\OEM\11bg Wireless LAN USB Utility\RtWLan.exe
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
O4 - Global Startup: Orbit.lnk = C:\Program Files\Orbitdownloader\orbitdm.exe
O4 - Global Startup: Server4PC.lnk = C:\Program Files\TechniSat DVB\bin\Server4PC.exe
O8 - Extra context menu item: &Download by Orbit - [Link mogu videti samo ulogovani korisnici]\Program Files\Orbitdownloader\orbitmxt.dll/201
O8 - Extra context menu item: &Grab video by Orbit - [Link mogu videti samo ulogovani korisnici]\Program Files\Orbitdownloader\orbitmxt.dll/204
O8 - Extra context menu item: Do&wnload selected by Orbit - [Link mogu videti samo ulogovani korisnici]\Program Files\Orbitdownloader\orbitmxt.dll/203
O8 - Extra context menu item: Down&load all by Orbit - [Link mogu videti samo ulogovani korisnici]\Program Files\Orbitdownloader\orbitmxt.dll/202
O8 - Extra context menu item: E&xport to Microsoft Excel - [Link mogu videti samo ulogovani korisnici]\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\AirLive\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\AirLive\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\AirLive\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~1\Office12\GR99D3~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\AirLive\Bluetooth Software\bin\btwdins.exe
O23 - Service: cFosSpeed System Service (cFosSpeedS) - cFos Software GmbH - C:\Program Files\cFosSpeed\spd.exe
O23 - Service: FsUsbExService - Teruten - C:\WINDOWS\system32\FsUsbExService.Exe
O23 - Service: Услуга Google Update (gupdate1c9c674f9919646) (gupdate1c9c674f9919646) - Unknown owner - C:\Program Files\Google\Update\GoogleUpdate.exe (file missing)
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe

--
End of file - 10114 bytes



Poslao: 06 Jul 2009 20:48
Idi na vrh
offline
  • dr_Bora  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 24 Jul 2007
  • Poruke: 12280
  • Gde živiš: Höganäs, SE

Pozdrav...

Ovako... Log je čist, no ako ti smatraš da bi malware mogao biti uzrok toga što ti ne rade daljinski i miš (a verovatnoća za to je... mala), isprati donje uputstvo.



Preuzmi gmer.zip sa ovog linka i sačuvaj na Desktopu.
Raspakuj ga u neki folder.

Dupli klik na gmer.exe za početak: Izaberi Rootkit/Malware Tab na vrhu.
Klikni na Scan.
Kada je skeniranje završeno, klik na Copy dugme ispod - ovo će sačuvati rezultate skeniranja u Clipboard.
Iskoristi opciju Paste u Notepad-u da bi to prebacio u tekst. Snimi taj tekst iz Notepada kao file1.txt.
Ponovi ovo isto sa Autostart Tab-om. Snimi taj tekst iz Notepada kao file2.txt.

Iskoristi opciju Prikači fajl ispod polja za pisanje poruke na forumu, i prikači nam ovde ta dva fajla koja smo malopre snimili.



Poslao: 06 Jul 2009 21:19
Idi na vrh
offline
  • Pridružio: 23 Mar 2006
  • Poruke: 84

Zahvaljujem, ali ne radi.
Cetiri puta sam startovao program, i svaki put mi je restartovao racunar.

Poslao: 06 Jul 2009 21:23
Idi na vrh
offline
  • dr_Bora  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 24 Jul 2007
  • Poruke: 12280
  • Gde živiš: Höganäs, SE

Preuzmi program RootRepeal na Desktop.

Raspakuj RootRepeal.zip u neki folder.
Dvoklikom pokreni RootRepeal.exe.
Pređi na Report karticu (klikom na Report taster, dole, desno).
Klikni Scan taster.
U prozoru koji se otvori (Select Scan), obeleži kućice ispred svih stavki i klikni OK.
U narednom prozoru (Select Drives) obeleži kućicu ispred sistemskog diska (obično C:\) i klikni OK.
Po završetku procesa, klikni Save Report i sačuvaj izveštaj o skeniranju.

Iskopiraj sadržaj tog izveštaja u iduću poruku.

Poslao: 06 Jul 2009 21:47
Idi na vrh
offline
  • Pridružio: 23 Mar 2006
  • Poruke: 84

Napisano: 06 Jul 2009 21:29

Evo reporta:

ROOTREPEAL (c) AD, 2007-2009
==================================================
Scan Time: 2009/07/06 21:29
Program Version: Version 1.3.0.0
Windows Version: Windows XP SP3
==================================================

Drivers
-------------------
Name: 00000044
Image Path: \Driver\00000044
Address: 0x00000000 Size: 0 File Visible: No Signed: -
Status: -

Name: a0a2kb4k.SYS
Image Path: C:\WINDOWS\System32\Drivers\a0a2kb4k.SYS
Address: 0xBA058000 Size: 303104 File Visible: No Signed: -
Status: -

Name: dump_atapi.sys
Image Path: C:\WINDOWS\System32\Drivers\dump_atapi.sys
Address: 0xB62AA000 Size: 98304 File Visible: No Signed: -
Status: -

Name: dump_WMILIB.SYS
Image Path: C:\WINDOWS\System32\Drivers\dump_WMILIB.SYS
Address: 0xF79B3000 Size: 8192 File Visible: No Signed: -
Status: -

Name: rootrepeal.sys
Image Path: C:\WINDOWS\system32\drivers\rootrepeal.sys
Address: 0xB2D94000 Size: 49152 File Visible: No Signed: -
Status: -

Hidden/Locked Files
-------------------
Path: c:\documents and settings\Зоки\local settings\temp\etilqs_fctirste4gbkijof9rgd
Status: Allocation size mismatch (API: 32768, Raw: 0)

Path: c:\documents and settings\Зоки\local settings\temp\etilqs_hxikcsx8pbznbmp7o4zl
Status: Allocation size mismatch (API: 16384, Raw: 0)

Path: c:\documents and settings\Зоки\local settings\temp\etilqs_qfghqgljccb9q1ucvpbj
Status: Allocation size mismatch (API: 32768, Raw: 0)

Path: c:\documents and settings\Зоки\application data\skype\zokcevi\etilqs_urx7btlyhf2populyvnh
Status: Allocation size mismatch (API: 4096, Raw: 0)

Path: c:\documents and settings\Зоки\application data\skype\zokcevi\etilqs_gbumojf6cvmxdnhses9v
Status: Allocation size mismatch (API: 4096, Raw: 0)

Path: c:\documents and settings\Зоки\application data\skype\zokcevi\etilqs_gmcdfjkfp24zhdcec8qa
Status: Allocation size mismatch (API: 16384, Raw: 0)

Path: c:\documents and settings\Зоки\application data\skype\zokcevi\etilqs_god79fexspwc1jd75wvt
Status: Allocation size mismatch (API: 16384, Raw: 0)

Path: c:\documents and settings\Зоки\application data\skype\zokcevi\etilqs_ib9sdazo3qabklm1qqba
Status: Allocation size mismatch (API: 4096, Raw: 0)

Path: c:\documents and settings\Зоки\application data\skype\zokcevi\etilqs_jnxmkpjbonufhhyaphhx
Status: Allocation size mismatch (API: 16384, Raw: 0)

Path: c:\documents and settings\Зоки\application data\skype\zokcevi\etilqs_npeepdvr0dgrjlebzp8i
Status: Allocation size mismatch (API: 4096, Raw: 0)

Path: c:\documents and settings\Зоки\application data\skype\zokcevi\etilqs_plgb9ejsrpkrwiytpm4h
Status: Allocation size mismatch (API: 16384, Raw: 0)

Path: c:\documents and settings\Зоки\application data\skype\zokcevi\etilqs_sflb6ylmeycqtzgh9ax4
Status: Allocation size mismatch (API: 4096, Raw: 0)

Path: c:\documents and settings\Зоки\application data\skype\zokcevi\etilqs_2ffmh1bsnyhs6gdlrzry
Status: Allocation size mismatch (API: 4096, Raw: 0)

Path: c:\documents and settings\Зоки\application data\skype\zokcevi\etilqs_3gtgbiiukykirjoir5ug
Status: Allocation size mismatch (API: 16384, Raw: 0)

Path: c:\documents and settings\Зоки\application data\skype\zokcevi\etilqs_acvxqp9fw6sxt40jr9nd
Status: Allocation size mismatch (API: 4096, Raw: 0)

Path: c:\documents and settings\Зоки\application data\skype\zokcevi\etilqs_cn5j3ldwjadrp0vwlzem
Status: Allocation size mismatch (API: 32768, Raw: 0)

Path: c:\documents and settings\Зоки\application data\skype\zokcevi\etilqs_cshatvfgd1trjgxxujed
Status: Allocation size mismatch (API: 4096, Raw: 0)

Path: c:\documents and settings\Зоки\application data\skype\zokcevi\etilqs_cutvulbrpkxakvdjqt4r
Status: Allocation size mismatch (API: 16384, Raw: 0)

Path: c:\documents and settings\Зоки\application data\skype\zokcevi\etilqs_vd5od4fdsvvmran8atsq
Status: Allocation size mismatch (API: 16384, Raw: 0)

Path: c:\documents and settings\Зоки\application data\skype\zokcevi\etilqs_vnrmpkr8zvvyfm0rbgno
Status: Allocation size mismatch (API: 16384, Raw: 0)

Path: c:\documents and settings\Зоки\application data\skype\zokcevi\etilqs_wuwydggmhmqe49lltoqx
Status: Allocation size mismatch (API: 4096, Raw: 0)

Path: c:\documents and settings\Зоки\application data\skype\zokcevi\etilqs_wwf4gvdrfkflfdmcbtig
Status: Allocation size mismatch (API: 16384, Raw: 0)

Path: c:\documents and settings\Зоки\application data\skype\zokcevi\etilqs_xsj4ikqqgdhg9twewfy5
Status: Allocation size mismatch (API: 16384, Raw: 0)

SSDT
-------------------
#: 025 Function Name: NtClose
Status: Hooked by "C:\WINDOWS\System32\Drivers\aswSP.SYS" at address 0xb62de6b8

#: 041 Function Name: NtCreateKey
Status: Hooked by "C:\WINDOWS\System32\Drivers\aswSP.SYS" at address 0xb62de574

#: 065 Function Name: NtDeleteValueKey
Status: Hooked by "C:\WINDOWS\System32\Drivers\aswSP.SYS" at address 0xb62dea52

#: 068 Function Name: NtDuplicateObject
Status: Hooked by "C:\WINDOWS\System32\Drivers\aswSP.SYS" at address 0xb62de14c

#: 071 Function Name: NtEnumerateKey
Status: Hooked by "sptd.sys" at address 0xf750584c

#: 073 Function Name: NtEnumerateValueKey
Status: Hooked by "sptd.sys" at address 0xf7505bec

#: 119 Function Name: NtOpenKey
Status: Hooked by "C:\WINDOWS\System32\Drivers\aswSP.SYS" at address 0xb62de64e

#: 122 Function Name: NtOpenProcess
Status: Hooked by "C:\WINDOWS\System32\Drivers\aswSP.SYS" at address 0xb62de08c

#: 128 Function Name: NtOpenThread
Status: Hooked by "C:\WINDOWS\System32\Drivers\aswSP.SYS" at address 0xb62de0f0

#: 160 Function Name: NtQueryKey
Status: Hooked by "sptd.sys" at address 0xf7505cc4

#: 177 Function Name: NtQueryValueKey
Status: Hooked by "C:\WINDOWS\System32\Drivers\aswSP.SYS" at address 0xb62de76e

#: 204 Function Name: NtRestoreKey
Status: Hooked by "C:\WINDOWS\System32\Drivers\aswSP.SYS" at address 0xb62de72e

#: 247 Function Name: NtSetValueKey
Status: Hooked by "C:\WINDOWS\System32\Drivers\aswSP.SYS" at address 0xb62de8ae

Stealth Objects
-------------------
Object: Hidden Code [Driver: Ntfs, IRP_MJ_CREATE]
Process: System Address: 0x897901d8 Size: 463

Object: Hidden Code [Driver: Ntfs, IRP_MJ_CLOSE]
Process: System Address: 0x897901d8 Size: 463

Object: Hidden Code [Driver: Ntfs, IRP_MJ_READ]
Process: System Address: 0x897901d8 Size: 463

Object: Hidden Code [Driver: Ntfs, IRP_MJ_WRITE]
Process: System Address: 0x897901d8 Size: 463

Object: Hidden Code [Driver: Ntfs, IRP_MJ_QUERY_INFORMATION]
Process: System Address: 0x897901d8 Size: 463

Object: Hidden Code [Driver: Ntfs, IRP_MJ_SET_INFORMATION]
Process: System Address: 0x897901d8 Size: 463

Object: Hidden Code [Driver: Ntfs, IRP_MJ_QUERY_EA]
Process: System Address: 0x897901d8 Size: 463

Object: Hidden Code [Driver: Ntfs, IRP_MJ_SET_EA]
Process: System Address: 0x897901d8 Size: 463

Object: Hidden Code [Driver: Ntfs, IRP_MJ_FLUSH_BUFFERS]
Process: System Address: 0x897901d8 Size: 463

Object: Hidden Code [Driver: Ntfs, IRP_MJ_QUERY_VOLUME_INFORMATION]
Process: System Address: 0x897901d8 Size: 463

Object: Hidden Code [Driver: Ntfs, IRP_MJ_SET_VOLUME_INFORMATION]
Process: System Address: 0x897901d8 Size: 463

Object: Hidden Code [Driver: Ntfs, IRP_MJ_DIRECTORY_CONTROL]
Process: System Address: 0x897901d8 Size: 463

Object: Hidden Code [Driver: Ntfs, IRP_MJ_FILE_SYSTEM_CONTROL]
Process: System Address: 0x897901d8 Size: 463

Object: Hidden Code [Driver: Ntfs, IRP_MJ_DEVICE_CONTROL]
Process: System Address: 0x897901d8 Size: 463

Object: Hidden Code [Driver: Ntfs, IRP_MJ_SHUTDOWN]
Process: System Address: 0x897901d8 Size: 463

Object: Hidden Code [Driver: Ntfs, IRP_MJ_LOCK_CONTROL]
Process: System Address: 0x897901d8 Size: 463

Object: Hidden Code [Driver: Ntfs, IRP_MJ_CLEANUP]
Process: System Address: 0x897901d8 Size: 463

Object: Hidden Code [Driver: Ntfs, IRP_MJ_QUERY_SECURITY]
Process: System Address: 0x897901d8 Size: 463

Object: Hidden Code [Driver: Ntfs, IRP_MJ_SET_SECURITY]
Process: System Address: 0x897901d8 Size: 463

Object: Hidden Code [Driver: Ntfs, IRP_MJ_QUERY_QUOTA]
Process: System Address: 0x897901d8 Size: 463

Object: Hidden Code [Driver: Ntfs, IRP_MJ_SET_QUOTA]
Process: System Address: 0x897901d8 Size: 463

Object: Hidden Code [Driver: Ntfs, IRP_MJ_PNP]
Process: System Address: 0x897901d8 Size: 463

Object: Hidden Code [Driver: Fastfat, IRP_MJ_CREATE]
Process: System Address: 0x891ae5d8 Size: 463

Object: Hidden Code [Driver: Fastfat, IRP_MJ_CLOSE]
Process: System Address: 0x891ae5d8 Size: 463

Object: Hidden Code [Driver: Fastfat, IRP_MJ_READ]
Process: System Address: 0x891ae5d8 Size: 463

Object: Hidden Code [Driver: Fastfat, IRP_MJ_WRITE]
Process: System Address: 0x891ae5d8 Size: 463

Object: Hidden Code [Driver: Fastfat, IRP_MJ_QUERY_INFORMATION]
Process: System Address: 0x891ae5d8 Size: 463

Object: Hidden Code [Driver: Fastfat, IRP_MJ_SET_INFORMATION]
Process: System Address: 0x891ae5d8 Size: 463

Object: Hidden Code [Driver: Fastfat, IRP_MJ_QUERY_EA]
Process: System Address: 0x891ae5d8 Size: 463

Object: Hidden Code [Driver: Fastfat, IRP_MJ_SET_EA]
Process: System Address: 0x891ae5d8 Size: 463

Object: Hidden Code [Driver: Fastfat, IRP_MJ_FLUSH_BUFFERS]
Process: System Address: 0x891ae5d8 Size: 463

Object: Hidden Code [Driver: Fastfat, IRP_MJ_QUERY_VOLUME_INFORMATION]
Process: System Address: 0x891ae5d8 Size: 463

Object: Hidden Code [Driver: Fastfat, IRP_MJ_SET_VOLUME_INFORMATION]
Process: System Address: 0x891ae5d8 Size: 463

Object: Hidden Code [Driver: Fastfat, IRP_MJ_DIRECTORY_CONTROL]
Process: System Address: 0x891ae5d8 Size: 463

Object: Hidden Code [Driver: Fastfat, IRP_MJ_FILE_SYSTEM_CONTROL]
Process: System Address: 0x891ae5d8 Size: 463

Object: Hidden Code [Driver: Fastfat, IRP_MJ_DEVICE_CONTROL]
Process: System Address: 0x891ae5d8 Size: 463

Object: Hidden Code [Driver: Fastfat, IRP_MJ_SHUTDOWN]
Process: System Address: 0x891ae5d8 Size: 463

Object: Hidden Code [Driver: Fastfat, IRP_MJ_LOCK_CONTROL]
Process: System Address: 0x891ae5d8 Size: 463

Object: Hidden Code [Driver: Fastfat, IRP_MJ_CLEANUP]
Process: System Address: 0x891ae5d8 Size: 463

Object: Hidden Code [Driver: Fastfat, IRP_MJ_PNP]
Process: System Address: 0x891ae5d8 Size: 463

Object: Hidden Code [Driver: a0a2kb4kȅఅ瑁䅭뢠쀅؁Binary, IRP_MJ_CREATE]
Process: System Address: 0x891b1980 Size: 463

Object: Hidden Code [Driver: a0a2kb4kȅఅ瑁䅭뢠쀅؁Binary, IRP_MJ_CLOSE]
Process: System Address: 0x891b1980 Size: 463

Object: Hidden Code [Driver: a0a2kb4kȅఅ瑁䅭뢠쀅؁Binary, IRP_MJ_DEVICE_CONTROL]
Process: System Address: 0x891b1980 Size: 463

Object: Hidden Code [Driver: a0a2kb4kȅఅ瑁䅭뢠쀅؁Binary, IRP_MJ_INTERNAL_DEVICE_CONTROL]
Process: System Address: 0x891b1980 Size: 463

Object: Hidden Code [Driver: a0a2kb4kȅఅ瑁䅭뢠쀅؁Binary, IRP_MJ_POWER]
Process: System Address: 0x891b1980 Size: 463

Object: Hidden Code [Driver: a0a2kb4kȅఅ瑁䅭뢠쀅؁Binary, IRP_MJ_SYSTEM_CONTROL]
Process: System Address: 0x891b1980 Size: 463

Object: Hidden Code [Driver: a0a2kb4kȅఅ瑁䅭뢠쀅؁Binary, IRP_MJ_PNP]
Process: System Address: 0x891b1980 Size: 463

Object: Hidden Code [Driver: Cdrom, IRP_MJ_CREATE]
Process: System Address: 0x8926c980 Size: 463

Object: Hidden Code [Driver: Cdrom, IRP_MJ_CLOSE]
Process: System Address: 0x8926c980 Size: 463

Object: Hidden Code [Driver: Cdrom, IRP_MJ_READ]
Process: System Address: 0x8926c980 Size: 463

Object: Hidden Code [Driver: Cdrom, IRP_MJ_WRITE]
Process: System Address: 0x8926c980 Size: 463

Object: Hidden Code [Driver: Cdrom, IRP_MJ_FLUSH_BUFFERS]
Process: System Address: 0x8926c980 Size: 463

Object: Hidden Code [Driver: Cdrom, IRP_MJ_DEVICE_CONTROL]
Process: System Address: 0x8926c980 Size: 463

Object: Hidden Code [Driver: Cdrom, IRP_MJ_INTERNAL_DEVICE_CONTROL]
Process: System Address: 0x8926c980 Size: 463

Object: Hidden Code [Driver: Cdrom, IRP_MJ_SHUTDOWN]
Process: System Address: 0x8926c980 Size: 463

Object: Hidden Code [Driver: Cdrom, IRP_MJ_POWER]
Process: System Address: 0x8926c980 Size: 463

Object: Hidden Code [Driver: Cdrom, IRP_MJ_SYSTEM_CONTROL]
Process: System Address: 0x8926c980 Size: 463

Object: Hidden Code [Driver: Cdrom, IRP_MJ_PNP]
Process: System Address: 0x8926c980 Size: 463

Object: Hidden Code [Driver: dmio, IRP_MJ_CREATE]
Process: System Address: 0x897921d8 Size: 463

Object: Hidden Code [Driver: dmio, IRP_MJ_CLOSE]
Process: System Address: 0x897921d8 Size: 463

Object: Hidden Code [Driver: dmio, IRP_MJ_READ]
Process: System Address: 0x897921d8 Size: 463

Object: Hidden Code [Driver: dmio, IRP_MJ_WRITE]
Process: System Address: 0x897921d8 Size: 463

Object: Hidden Code [Driver: dmio, IRP_MJ_FLUSH_BUFFERS]
Process: System Address: 0x897921d8 Size: 463

Object: Hidden Code [Driver: dmio, IRP_MJ_DEVICE_CONTROL]
Process: System Address: 0x897921d8 Size: 463

Object: Hidden Code [Driver: dmio, IRP_MJ_INTERNAL_DEVICE_CONTROL]
Process: System Address: 0x897921d8 Size: 463

Object: Hidden Code [Driver: dmio, IRP_MJ_SHUTDOWN]
Process: System Address: 0x897921d8 Size: 463

Object: Hidden Code [Driver: dmio, IRP_MJ_POWER]
Process: System Address: 0x897921d8 Size: 463

Object: Hidden Code [Driver: dmio, IRP_MJ_SYSTEM_CONTROL]
Process: System Address: 0x897921d8 Size: 463

Object: Hidden Code [Driver: dmio, IRP_MJ_PNP]
Process: System Address: 0x897921d8 Size: 463

Object: Hidden Code [Driver: usbohci, IRP_MJ_CREATE]
Process: System Address: 0x892f81d8 Size: 463

Object: Hidden Code [Driver: usbohci, IRP_MJ_CLOSE]
Process: System Address: 0x892f81d8 Size: 463

Object: Hidden Code [Driver: usbohci, IRP_MJ_DEVICE_CONTROL]
Process: System Address: 0x892f81d8 Size: 463

Object: Hidden Code [Driver: usbohci, IRP_MJ_INTERNAL_DEVICE_CONTROL]
Process: System Address: 0x892f81d8 Size: 463

Object: Hidden Code [Driver: usbohci, IRP_MJ_POWER]
Process: System Address: 0x892f81d8 Size: 463

Object: Hidden Code [Driver: usbohci, IRP_MJ_SYSTEM_CONTROL]
Process: System Address: 0x892f81d8 Size: 463

Object: Hidden Code [Driver: usbohci, IRP_MJ_PNP]
Process: System Address: 0x892f81d8 Size: 463

Object: Hidden Code [Driver: Ftdisk, IRP_MJ_CREATE]
Process: System Address: 0x897231d8 Size: 463

Object: Hidden Code [Driver: Ftdisk, IRP_MJ_READ]
Process: System Address: 0x897231d8 Size: 463

Object: Hidden Code [Driver: Ftdisk, IRP_MJ_WRITE]
Process: System Address: 0x897231d8 Size: 463

Object: Hidden Code [Driver: Ftdisk, IRP_MJ_FLUSH_BUFFERS]
Process: System Address: 0x897231d8 Size: 463

Object: Hidden Code [Driver: Ftdisk, IRP_MJ_DEVICE_CONTROL]
Process: System Address: 0x897231d8 Size: 463

Object: Hidden Code [Driver: Ftdisk, IRP_MJ_INTERNAL_DEVICE_CONTROL]
Process: System Address: 0x897231d8 Size: 463

Object: Hidden Code [Driver: Ftdisk, IRP_MJ_SHUTDOWN]
Process: System Address: 0x897231d8 Size: 463

Object: Hidden Code [Driver: Ftdisk, IRP_MJ_CLEANUP]
Process: System Address: 0x897231d8 Size: 463

Object: Hidden Code [Driver: Ftdisk, IRP_MJ_POWER]
Process: System Address: 0x897231d8 Size: 463

Object: Hidden Code [Driver: Ftdisk, IRP_MJ_SYSTEM_CONTROL]
Process: System Address: 0x897231d8 Size: 463

Object: Hidden Code [Driver: Ftdisk, IRP_MJ_PNP]
Process: System Address: 0x897231d8 Size: 463

Object: Hidden Code [Driver: NetBT, IRP_MJ_CREATE]
Process: System Address: 0x889551d8 Size: 463

Object: Hidden Code [Driver: NetBT, IRP_MJ_CLOSE]
Process: System Address: 0x889551d8 Size: 463

Object: Hidden Code [Driver: NetBT, IRP_MJ_DEVICE_CONTROL]
Process: System Address: 0x889551d8 Size: 463

Object: Hidden Code [Driver: NetBT, IRP_MJ_INTERNAL_DEVICE_CONTROL]
Process: System Address: 0x889551d8 Size: 463

Object: Hidden Code [Driver: NetBT, IRP_MJ_CLEANUP]
Process: System Address: 0x889551d8 Size: 463

Object: Hidden Code [Driver: NetBT, IRP_MJ_PNP]
Process: System Address: 0x889551d8 Size: 463

Object: Hidden Code [Driver: usbehci, IRP_MJ_CREATE]
Process: System Address: 0x892e5910 Size: 463

Object: Hidden Code [Driver: usbehci, IRP_MJ_CLOSE]
Process: System Address: 0x892e5910 Size: 463

Object: Hidden Code [Driver: usbehci, IRP_MJ_DEVICE_CONTROL]
Process: System Address: 0x892e5910 Size: 463

Object: Hidden Code [Driver: usbehci, IRP_MJ_INTERNAL_DEVICE_CONTROL]
Process: System Address: 0x892e5910 Size: 463

Object: Hidden Code [Driver: usbehci, IRP_MJ_POWER]
Process: System Address: 0x892e5910 Size: 463

Object: Hidden Code [Driver: usbehci, IRP_MJ_SYSTEM_CONTROL]
Process: System Address: 0x892e5910 Size: 463

Object: Hidden Code [Driver: usbehci, IRP_MJ_PNP]
Process: System Address: 0x892e5910 Size: 463

Object: Hidden Code [Driver: Si3112r, IRP_MJ_CREATE]
Process: System Address: 0x897911d8 Size: 463

Object: Hidden Code [Driver: Si3112r, IRP_MJ_CLOSE]
Process: System Address: 0x897911d8 Size: 463

Object: Hidden Code [Driver: Si3112r, IRP_MJ_DEVICE_CONTROL]
Process: System Address: 0x897911d8 Size: 463

Object: Hidden Code [Driver: Si3112r, IRP_MJ_INTERNAL_DEVICE_CONTROL]
Process: System Address: 0x897911d8 Size: 463

Object: Hidden Code [Driver: Si3112r, IRP_MJ_POWER]
Process: System Address: 0x897911d8 Size: 463

Object: Hidden Code [Driver: Si3112r, IRP_MJ_SYSTEM_CONTROL]
Process: System Address: 0x897911d8 Size: 463

Object: Hidden Code [Driver: Si3112r, IRP_MJ_PNP]
Process: System Address: 0x897911d8 Size: 463

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_CREATE]
Process: System Address: 0x889541d8 Size: 463

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_CREATE_NAMED_PIPE]
Process: System Address: 0x889541d8 Size: 463

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_CLOSE]
Process: System Address: 0x889541d8 Size: 463

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_READ]
Process: System Address: 0x889541d8 Size: 463

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_WRITE]
Process: System Address: 0x889541d8 Size: 463

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_QUERY_INFORMATION]
Process: System Address: 0x889541d8 Size: 463

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_SET_INFORMATION]
Process: System Address: 0x889541d8 Size: 463

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_QUERY_EA]
Process: System Address: 0x889541d8 Size: 463

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_SET_EA]
Process: System Address: 0x889541d8 Size: 463

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_FLUSH_BUFFERS]
Process: System Address: 0x889541d8 Size: 463

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_QUERY_VOLUME_INFORMATION]
Process: System Address: 0x889541d8 Size: 463

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_SET_VOLUME_INFORMATION]
Process: System Address: 0x889541d8 Size: 463

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_DIRECTORY_CONTROL]
Process: System Address: 0x889541d8 Size: 463

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_FILE_SYSTEM_CONTROL]
Process: System Address: 0x889541d8 Size: 463

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_DEVICE_CONTROL]
Process: System Address: 0x889541d8 Size: 463

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_INTERNAL_DEVICE_CONTROL]
Process: System Address: 0x889541d8 Size: 463

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_SHUTDOWN]
Process: System Address: 0x889541d8 Size: 463

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_LOCK_CONTROL]
Process: System Address: 0x889541d8 Size: 463

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_CLEANUP]
Process: System Address: 0x889541d8 Size: 463

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_CREATE_MAILSLOT]
Process: System Address: 0x889541d8 Size: 463

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_QUERY_SECURITY]
Process: System Address: 0x889541d8 Size: 463

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_SET_SECURITY]
Process: System Address: 0x889541d8 Size: 463

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_POWER]
Process: System Address: 0x889541d8 Size: 463

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_SYSTEM_CONTROL]
Process: System Address: 0x889541d8 Size: 463

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_DEVICE_CHANGE]
Process: System Address: 0x889541d8 Size: 463

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_QUERY_QUOTA]
Process: System Address: 0x889541d8 Size: 463

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_SET_QUOTA]
Process: System Address: 0x889541d8 Size: 463

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_PNP]
Process: System Address: 0x889541d8 Size: 463

Object: Hidden Code [Driver: CdfsЅ఩捐楓, IRP_MJ_CREATE]
Process: System Address: 0x891aa980 Size: 463

Object: Hidden Code [Driver: CdfsЅ఩捐楓, IRP_MJ_CLOSE]
Process: System Address: 0x891aa980 Size: 463

Object: Hidden Code [Driver: CdfsЅ఩捐楓, IRP_MJ_READ]
Process: System Address: 0x891aa980 Size: 463

Object: Hidden Code [Driver: CdfsЅ఩捐楓, IRP_MJ_QUERY_INFORMATION]
Process: System Address: 0x891aa980 Size: 463

Object: Hidden Code [Driver: CdfsЅ఩捐楓, IRP_MJ_SET_INFORMATION]
Process: System Address: 0x891aa980 Size: 463

Object: Hidden Code [Driver: CdfsЅ఩捐楓, IRP_MJ_QUERY_VOLUME_INFORMATION]
Process: System Address: 0x891aa980 Size: 463

Object: Hidden Code [Driver: CdfsЅ఩捐楓, IRP_MJ_DIRECTORY_CONTROL]
Process: System Address: 0x891aa980 Size: 463

Object: Hidden Code [Driver: CdfsЅ఩捐楓, IRP_MJ_FILE_SYSTEM_CONTROL]
Process: System Address: 0x891aa980 Size: 463

Object: Hidden Code [Driver: CdfsЅ఩捐楓, IRP_MJ_DEVICE_CONTROL]
Process: System Address: 0x891aa980 Size: 463

Object: Hidden Code [Driver: CdfsЅ఩捐楓, IRP_MJ_SHUTDOWN]
Process: System Address: 0x891aa980 Size: 463

Object: Hidden Code [Driver: CdfsЅ఩捐楓, IRP_MJ_LOCK_CONTROL]
Process: System Address: 0x891aa980 Size: 463

Object: Hidden Code [Driver: CdfsЅ఩捐楓, IRP_MJ_CLEANUP]
Process: System Address: 0x891aa980 Size: 463

Object: Hidden Code [Driver: CdfsЅ఩捐楓, IRP_MJ_PNP]
Process: System Address: 0x891aa980 Size: 463

==EOF==

Dopuna: 06 Jul 2009 21:47

Mora da m nesto.
I disk mi se cesto aktivira.

Poslao: 06 Jul 2009 22:21
Idi na vrh
offline
  • dr_Bora  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 24 Jul 2007
  • Poruke: 12280
  • Gde živiš: Höganäs, SE

Ja smatram da ovde nema malware-a.

Ako želiš još dodatnih provera, možeš odraditi neki online scan (mada mislim da tražiš uzrok problema na pogrešnom mestu - jesi li probao drugi miš? ; jesi li reinstalirao softver za TV karticu? itd.):


[Link mogu videti samo ulogovani korisnici]
[Link mogu videti samo ulogovani korisnici]
[Link mogu videti samo ulogovani korisnici]


poz...

Poslao: 07 Jul 2009 22:13
Idi na vrh
offline
  • Pridružio: 23 Mar 2006
  • Poruke: 84

Napisano: 06 Jul 2009 22:24

Hvala Boro.
Do sada je pomagao instal windowsa.
Hteo sam da to izbegnem.
Pozdrav.

Dopuna: 07 Jul 2009 22:13

Oni linkovi su pomogli.
Nasao sam nekoliko uljeza.
Hvala jos jednom!

MyCity » Ambulanta -> Arhiva Ambulante » nesto z*za

Ko je trenutno na forumu
 

Ukupno su 2394 korisnika na forumu :: 121 registrovanih, 11 sakrivenih i 2262 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 6018 - dana 19 Dec 2025 13:41

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: acacrni, acov34, airsuba, ALFASPORTIVO, Azzo, bankulen, Beardonitch, BOXRR, Branko Matić, brufen, Cirkon, coaa, crazydkure, Darth Malak, Dejan_vw, del boy, Demi87, DENIRO, Despot Đurađ, Dimitrise93, dj.ape, Djokislav, Dogma21, dolinalima, domacinivan, draganl, dule10savic, dulleo, dushan, eulereix, ginjica, Great White, GveX, Hans Gajger, Holy Saber, HrcAk47, iceburn, igorpet, ikan, Insan, istina, Ivan Campo, Jan, Jerry Drake, jnikola23, joca83, K-1A, kaisarevic1, kolle.the.kid, Kubovac, kuntakinte, lacko, lcc, littlebunny, M74AB3, m94j, madza, Manjane, Marko Marković, MaRtInsrbija1993, Matija, mercedesamg, Mercury, Metanoja, mikidragi, milbos, mile.ilic75, milenko crazy north, Miletić Zoran, Milo97, MiloradKomadic, Milos ZA, mir, moldway, Naj-Turs, nebkv, nedjabanderas, Nele79, Nemanja.M, nescom, opt1, orfanel, OtacMakarije, Panter, Patent, pavle_pzs, pein, Pekman, picknick, raster12, RJ, SANDRO1973, ShtagodShtagod, sickmouse, skok, Soncogor, StankoVrankovic, suton, SympathyForTheDevil, tomo2, travisrise, TRAVUNIJA, tubular, Tvrtko I, UAV operator, user26, vaci, vargas, vazduh, vensla, Vica1958, Vlada1389, Vladoj, vojnik švejk, Webb, Yekaterinburg, yrraf, Zastava, zmajbre, Zrcalo, |_MeD_|