MyCity » Ambulanta -> Arhiva Ambulante » Ljudi pomagajte

Ljudi pomagajte

Napisano na dan: 23.10.2007

Strana:
1
2

Ljudi pomagajte

Sledeća strana

Pagination

Odgovori

Strana:
1
2

lavander Poslao: 23 Okt 2007 13:04 Idi na vrh
offline lavander Građanin Pridružio: 23 Okt 2007 Poruke: 49	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Iako nisam pocetnik u koriscenju kompjutera ipak sam pocetnik u ovakvoj komunikaciji pa mi nemojte zameriti. Kompjuter mi je bio napadnut pretpostavljam s nekim spyware-om i kako pratim IT tehnologiju pretpostavljao sam da cu sve lako resiti s antispyware i antivirusnim programima. Nazalost nije islo pa sam probao i sam nesto ceprkati uz pomoc HijackThis 2.0 ali opet nista. Na kraju sam potrazio pomoc putem interneta i evo me kod Vas dobri ljudi pa Vas molim da mi pomognete. Kratak opis problema: Najpre se pojavljuje balon iz systemskog traja da kompjuter nije zasticen i da se odma treba skinuti antivirusni program a zatim me povezuje preko IE na datu adresu. Ova adresa se upisuje kao home adresa u IE i posle brisanja se opet pojavljuje. Iako sam obrisao instalirani program PCSecureSystem on me sada povezuje nadrugu adresu. Svremenom se toliko djubreta napunilo da se rad kompjutera strasno usporio. Posle instaliranja zastitnih programa koji su nasli i ocistili DeepDive, Smitfraud-C, Smitfraud-C.MSVPS i Zlob stanje se poboljsalo ali onaj program skojim su i poceli problemi se nije obrisao i sa ponovnim uklucenjem na internet problemi su se povecavali. Vidite sto mozete da uradite to je logfile Logfile of HijackThis v1.99.1 Scan saved at 11:43:31 AM, on 10/23/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\ZoneLabs\vsmon.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\SiteAdvisor\6021\SAService.exe C:\Program Files\Winamp\winampa.exe C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe C:\Program Files\SiteAdvisor\6021\SiteAdv.exe C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe C:\Program Files\MSN Messenger\MsnMsgr.Exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Pomoc\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: (no name) - - (no file) O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files\SiteAdvisor\6021\SiteAdv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O2 - BHO: MSVPS System - {C4F4DBBD-4A4C-4B40-97DA-2FE06DBB2901} - C:\WINDOWS\bndsrsqo.dll O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\6021\SiteAdv.dll O3 - Toolbar: The netadv - {F17B1418-2C0C-4295-BD55-BCDD3C730FBE} - C:\WINDOWS\netadv.dll (file missing) O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKLM\..\Run: [SiteAdvisor] C:\Program Files\SiteAdvisor\6021\SiteAdv.exe O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe" O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - Startup: IMVU.lnk = C:\Program Files\IMVU\IMVUClient.exe O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm O8 - Extra context menu item: Add to Windows &Live Favorites - favorites.live.com/quickadd.aspx O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Open in new background tab - res://C:\Program Files\Windows Live Toolbar\Components\en-us\msntabres.dll.mui/229?17c93aeaf84f4cd6a6b68620105fce17 O8 - Extra context menu item: Open in new foreground tab - res://C:\Program Files\Windows Live Toolbar\Components\en-us\msntabres.dll.mui/230?17c93aeaf84f4cd6a6b68620105fce17 O9 - Extra button: Web Anti-Virus - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\scieplugin.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Administrator\Start Menu\Programs\IMVU\Run IMVU.lnk O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O17 - HKLM\System\CCS\Services\Tcpip\..\{7E246EEC-305A-4E4C-8595-9CEBE713D155}: NameServer = 217.16.68.140,217.16.69.3 O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: siteadvisor - {3A5DC592-7723-4EAA-9EE6-AF4222BCF879} - C:\Program Files\SiteAdvisor\6021\SiteAdv.dll O20 - Winlogon Notify: klogon - C:\WINDOWS\system32\klogon.dll O21 - SSODL: msvb - {6E2D67F3-9215-45DD-85FA-3E5B26C5B867} - C:\WINDOWS\msvb.dll O21 - SSODL: sysdx - {50F2585A-7303-4F60-99CB-9CA2881F1432} - C:\WINDOWS\sysdx.dll O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe O23 - Service: Kaspersky Anti-Virus 6.0 (AVP) - Unknown owner - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe" -r (file missing) O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: SiteAdvisor Service - McAfee, Inc. - C:\Program Files\SiteAdvisor\6021\SAService.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe Na kraju jedna napomena, kompjuter je ociscen od virusa i spyware pa je zatim napravljen logfile. Sada s Vama komuniciram preko drugog kompjutera kako mi se opet nebi zakacili virusi. Zato ce mi za intervenciju i odgovor trebati malo vise vremena. Sto se tice konekcije imam brzi ADSL internet i nema problema oko skidanja programa. Unapred hvala PS Saljem Vam i screen print poruka koje mi se pojavljuju. mycity.rs/must-login.png

Profil

milan27 Poslao: 23 Okt 2007 13:35 Idi na vrh
offline milan27 Super građanin Pridružio: 07 Avg 2006 Poruke: 1182 Gde živiš: Fili Davydkovo, Moscow, Russia	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! pogledam i javljam... Dopuna: 23 Okt 2007 13:35 1) Preuzmi program SmitfraudFix sa ovog linka. 2.) Extract-uj program na desktop. (Takodje na ovaj način pripremi i program Hijack This koje će se kasnije koristiti) 3.) Restartuj računar i podigni sistem u Safe Mode-u. [ Safe Mode info link 4.) Pronadji na desktop-u folder gde si raspakovao SmitfraudFix program i dvoklikom pokreni fajl SmitfraudFix.cmd. Kada se alat za uklanjanje prvi put startuje pokazaće ti se ekran za odobrenje. Jednostavno pretisni bilo koje dugme na tastaturi da bi prešao na sledeći nivo. 5.) 6.) Program će početi sa čišćenjem kompjutera. Posle završenog čišćenja SmitfraudFix-om pokrenuće ti se Windows-ov program Disk Cleanup. Nakon sto SmitFraudFix zavrsi svoj posao, postavi nam ovde log koji se nalazi na C:\rapport.txt i svez HJT log.

Profil

lavander Poslao: 23 Okt 2007 14:56 Idi na vrh
offline lavander Građanin Pridružio: 23 Okt 2007 Poruke: 49	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Evo dolazi rapport i svezi HJT log SmitFraudFix v2.240 Scan done at 14:39:32.48, Tue 10/23/2007 Run from C:\Documents and Settings\Administrator\Desktop\SmitfraudFix OS: Microsoft Windows XP [Version 5.1.2600] - Windows_NT The filesystem type is NTFS Fix run in safe mode »»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Before SmitFraudFix !!!Attention, following keys are not inevitably infected!!! SrchSTS.exe by S!Ri Search SharedTaskScheduler's .dll »»»»»»»»»»»»»»»»»»»»»»»» Killing process »»»»»»»»»»»»»»»»»»»»»»»» hosts 127.0.0.1 localhost »»»»»»»»»»»»»»»»»»»»»»»» Winsock2 Fix S!Ri's WS2Fix: LSP not Found. »»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix GenericRenosFix by S!Ri »»»»»»»»»»»»»»»»»»»»»»»» Deleting infected files C:\WINDOWS\msvb.dll Deleted Deleting [HKEY_CLASSES_ROOT\CLSID\{6E2D67F3-9215-45DD-85FA-3E5B26C5B867}] C:\WINDOWS\sysdx.dll Deleted Deleting [HKEY_CLASSES_ROOT\CLSID\{50F2585A-7303-4F60-99CB-9CA2881F1432}] C:\DOCUME~1\ALLUSE~1\STARTM~1\Online Security Guide.url Deleted C:\DOCUME~1\ALLUSE~1\STARTM~1\Security Troubleshooting.url Deleted C:\DOCUME~1\ADMINI~1\Desktop\Error Cleaner.url Deleted C:\DOCUME~1\ADMINI~1\Desktop\Privacy Protector.url Deleted C:\DOCUME~1\ADMINI~1\Desktop\Spyware?Malware Protection.url Deleted C:\DOCUME~1\ADMINI~1\FAVORI~1\Online Security Test.url Deleted C:\DOCUME~1\ADMINI~1\FAVORI~1\Error Cleaner.url Deleted C:\DOCUME~1\ADMINI~1\FAVORI~1\Privacy Protector.url Deleted »»»»»»»»»»»»»»»»»»»»»»»» DNS HKLM\SYSTEM\CCS\Services\Tcpip\..\{7E246EEC-305A-4E4C-8595-9CEBE713D155}: NameServer=217.16.68.140,217.16.69.3 HKLM\SYSTEM\CS1\Services\Tcpip\..\{7E246EEC-305A-4E4C-8595-9CEBE713D155}: NameServer=217.16.68.140,217.16.69.3 HKLM\SYSTEM\CS2\Services\Tcpip\..\{7E246EEC-305A-4E4C-8595-9CEBE713D155}: NameServer=217.16.68.140,217.16.69.3 »»»»»»»»»»»»»»»»»»»»»»»» Deleting Temp Files »»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System !!!Attention, following keys are not inevitably infected!!! [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] "System"="" »»»»»»»»»»»»»»»»»»»»»»»» Registry Cleaning Registry Cleaning done. »»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler After SmitFraudFix !!!Attention, following keys are not inevitably infected!!! SrchSTS.exe by S!Ri Search SharedTaskScheduler's .dll »»»»»»»»»»»»»»»»»»»»»»»» End Logfile of HijackThis v1.99.1 Scan saved at 2:45:51 PM, on 10/23/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\ZoneLabs\vsmon.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\SiteAdvisor\6021\SAService.exe C:\Program Files\Winamp\winampa.exe C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe C:\Program Files\SiteAdvisor\6021\SiteAdv.exe C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe C:\Program Files\MSN Messenger\MsnMsgr.Exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Pomoc\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: (no name) - - (no file) O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files\SiteAdvisor\6021\SiteAdv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O2 - BHO: MSVPS System - {C4F4DBBD-4A4C-4B40-97DA-2FE06DBB2901} - C:\WINDOWS\bndsrsqo.dll O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\6021\SiteAdv.dll O3 - Toolbar: The netadv - {F17B1418-2C0C-4295-BD55-BCDD3C730FBE} - C:\WINDOWS\netadv.dll (file missing) O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKLM\..\Run: [SiteAdvisor] C:\Program Files\SiteAdvisor\6021\SiteAdv.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe" O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - Startup: IMVU.lnk = C:\Program Files\IMVU\IMVUClient.exe O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm O8 - Extra context menu item: Add to Windows &Live Favorites - favorites.live.com/quickadd.aspx O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Open in new background tab - res://C:\Program Files\Windows Live Toolbar\Components\en-us\msntabres.dll.mui/229?17c93aeaf84f4cd6a6b68620105fce17 O8 - Extra context menu item: Open in new foreground tab - res://C:\Program Files\Windows Live Toolbar\Components\en-us\msntabres.dll.mui/230?17c93aeaf84f4cd6a6b68620105fce17 O9 - Extra button: Web Anti-Virus - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\scieplugin.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Administrator\Start Menu\Programs\IMVU\Run IMVU.lnk O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O17 - HKLM\System\CCS\Services\Tcpip\..\{7E246EEC-305A-4E4C-8595-9CEBE713D155}: NameServer = 217.16.68.140,217.16.69.3 O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: siteadvisor - {3A5DC592-7723-4EAA-9EE6-AF4222BCF879} - C:\Program Files\SiteAdvisor\6021\SiteAdv.dll O20 - Winlogon Notify: klogon - C:\WINDOWS\system32\klogon.dll O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe O23 - Service: Kaspersky Anti-Virus 6.0 (AVP) - Unknown owner - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe" -r (file missing) O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: SiteAdvisor Service - McAfee, Inc. - C:\Program Files\SiteAdvisor\6021\SAService.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe Koliko sam mogao primetiti nema vise onih bezveznih upozorenja i sumnjivih ikona na desktopu. Dali ovo znaci da je sada sve u redu?

Profil

milan27 Poslao: 23 Okt 2007 17:13 Idi na vrh
offline milan27 Super građanin Pridružio: 07 Avg 2006 Poruke: 1182 Gde živiš: Fili Davydkovo, Moscow, Russia	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! to sto ti je iskakalo ti je posledica zlob-a, nije jos gotovo, javljam se uskoro... Dopuna: 23 Okt 2007 17:13 klikni na dygme Scan u HijackThis-u, obelezi polja ispred sledecih linija: O2 - BHO: MSVPS System - {C4F4DBBD-4A4C-4B40-97DA-2FE06DBB2901} - C:\WINDOWS\bndsrsqo.dll O3 - Toolbar: The netadv - {F17B1418-2C0C-4295-BD55-BCDD3C730FBE} - C:\WINDOWS\netadv.dll (file missing), klikni na Fix checked. Restartuj racunar. To bi trebalo da je to. Postavi svez log.

Profil

lavander Poslao: 23 Okt 2007 22:47 Idi na vrh
offline lavander Građanin Pridružio: 23 Okt 2007 Poruke: 49	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Malo sam se zadrzo jer dok sam pravio Scan pojavio se prozor od antivirusnog programa koji me obavestio da je pronasao fajl sa FraudTool.win32.BestSeller.a kojeg je obrisao. Zatim sam opet napravio jednu proveru virusa i spyware u save modu. Pritom mi je Ad-Aware otkrio adware u registry koji sam isto obrisao. Nadam se da su ovo ostaci malicioznih programa i da se vise nece pojavljivati. Evo ovo je svezi log Logfile of HijackThis v1.99.1 Scan saved at 6:51:07 PM, on 10/23/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\ZoneLabs\vsmon.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\SiteAdvisor\6021\SAService.exe C:\Program Files\Winamp\winampa.exe C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe C:\Program Files\SiteAdvisor\6021\SiteAdv.exe C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe C:\Program Files\MSN Messenger\MsnMsgr.Exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Pomoc\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: (no name) - - (no file) O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files\SiteAdvisor\6021\SiteAdv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\6021\SiteAdv.dll O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKLM\..\Run: [SiteAdvisor] C:\Program Files\SiteAdvisor\6021\SiteAdv.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe" O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - Startup: IMVU.lnk = C:\Program Files\IMVU\IMVUClient.exe O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm O8 - Extra context menu item: Add to Windows &Live Favorites - favorites.live.com/quickadd.aspx O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Open in new background tab - res://C:\Program Files\Windows Live Toolbar\Components\en-us\msntabres.dll.mui/229?17c93aeaf84f4cd6a6b68620105fce17 O8 - Extra context menu item: Open in new foreground tab - res://C:\Program Files\Windows Live Toolbar\Components\en-us\msntabres.dll.mui/230?17c93aeaf84f4cd6a6b68620105fce17 O9 - Extra button: Web Anti-Virus - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\scieplugin.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Administrator\Start Menu\Programs\IMVU\Run IMVU.lnk O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O17 - HKLM\System\CCS\Services\Tcpip\..\{7E246EEC-305A-4E4C-8595-9CEBE713D155}: NameServer = 217.16.68.140,217.16.69.3 O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: siteadvisor - {3A5DC592-7723-4EAA-9EE6-AF4222BCF879} - C:\Program Files\SiteAdvisor\6021\SiteAdv.dll O20 - Winlogon Notify: klogon - C:\WINDOWS\system32\klogon.dll O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe O23 - Service: Kaspersky Anti-Virus 6.0 (AVP) - Unknown owner - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe" -r (file missing) O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: SiteAdvisor Service - McAfee, Inc. - C:\Program Files\SiteAdvisor\6021\SAService.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe Ako je ovo sve, najlepse hvala na brzim odgovorima

Profil

milan27 Poslao: 23 Okt 2007 23:54 Idi na vrh
offline milan27 Super građanin Pridružio: 07 Avg 2006 Poruke: 1182 Gde živiš: Fili Davydkovo, Moscow, Russia	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! klikni na dugme Scan u HijackThis-u, obelezi polja ispred sledece linije: R3 - URLSearchHook: (no name) - - (no file) klikni na Fix Checked. E, to je to

Profil

lavander Poslao: 24 Okt 2007 10:24 Idi na vrh
offline lavander Građanin Pridružio: 23 Okt 2007 Poruke: 49	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Dobar dan Opet ja, popravio sam liniju R3 ali opet neki mali problemi. Prvo, antivirusni programi mi daje poruku da je nasao maliciozni program RiskTiool.Win32.Hide Windows u C:\System Volume Information\_restore{AED814F3-D5BD-4DAF-877A-DE610A7A698B}\RP86\A0033482.EXE ali da ga nemoze obrisati a nesto kasnije da je otkrio Trojan-Downloader.win32.Zlob.dmx u C:\System Volume Information\_restore{AED814F3-D5BD-4DAF-877A-DE610A7A698B}\RP86\A0033553.exe koji je obrisao Drugo, firewall ZoneAlarm mi nije dozvoljavao pristup na internet pa sam ga iskljucio konektirao se i ponovo ukljucio Dok mi je bio ukljucen primetio sam dosta blokiranih napada koje neznam dali su rezultat jos uvek nekih malicioznih programa na mom kompjuteru ili je to normalno. Kako nisam mogao resiti problem sa firewall-ovim blokiranjem interneta iskljucio sam ga ali surfanje internetom sada ide dosta sporo a neke se stranice ne otvaraju ili se otvaraju nekompletne. Kakva je dijagnoza?

Profil

milan27 Poslao: 24 Okt 2007 13:33 Idi na vrh
offline milan27 Super građanin Pridružio: 07 Avg 2006 Poruke: 1182 Gde živiš: Fili Davydkovo, Moscow, Russia	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! to sto se tice zone alarma, je najverovatnije do podesavanja, i ovako napamet stvarno ne bih mogao da ti kazem tacno sta i gde, procackaj malo, ako zapne ponovo slobodno pitaj... za ovo drugo, oko system restore-a... Iskljucivanje System Restore-a Na Desktopu, desni klik na My Computer. Odaberite Properties. Odaberite System Restore tab. Stiklirajte Turn off System Restore. Kliknite na dugme Apply. Kliknite na dugme OK. restartuj racunar, i ponovi postupak, samo sto ces ovaj put ukljuciti... za svaki slucaj uradi i sledeće: Preuzmi fajl gmer.zip sa ovog linka i sačuvaj na Desktop-u. Raspakuj ga u neki folder. Dupli klik na gmer.exe za početak: Izaberi Rootkit Tab na vrhu. Klikni na Scan. Kada je skeniranje završeno, klik na Copy dugme ispod - ovo će sačuvati to u Clipboard. U polju za pisanje poruke na forumu klikni desno dugme misa i odaberi opciju Paste.

Profil

lavander Poslao: 24 Okt 2007 21:11 Idi na vrh
offline lavander Građanin Pridružio: 23 Okt 2007 Poruke: 49	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uradio sam sve kako ste rekli, medjutim pristup internetu je i dalje los normalno bez Zone Alarm-a. Evo ovde je scan pa vidite sto moze da se uradi GMER 1.0.13.12551 - gmer.net Rootkit scan 2007-10-24 21:04:56 Windows 5.1.2600 Service Pack 2 ---- System - GMER 1.0.13 ---- SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwClose SSDT \SystemRoot\System32\vsdatant.sys ZwConnectPort SSDT \SystemRoot\System32\vsdatant.sys ZwCreateFile SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwCreateKey SSDT \SystemRoot\System32\vsdatant.sys ZwCreatePort SSDT \SystemRoot\System32\vsdatant.sys ZwCreateProcess SSDT \SystemRoot\System32\vsdatant.sys ZwCreateProcessEx SSDT \SystemRoot\System32\vsdatant.sys ZwCreateSection SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwCreateSymbolicLinkObject SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwCreateThread SSDT \SystemRoot\System32\vsdatant.sys ZwCreateWaitablePort SSDT \SystemRoot\System32\vsdatant.sys ZwDeleteFile SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwDeleteKey SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwDeleteValueKey SSDT \SystemRoot\System32\vsdatant.sys ZwDuplicateObject SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwEnumerateKey SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwEnumerateValueKey SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwFlushKey SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwInitializeRegistry SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwLoadKey SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwLoadKey2 SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwNotifyChangeKey SSDT \SystemRoot\System32\vsdatant.sys ZwOpenFile SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwOpenKey SSDT \SystemRoot\System32\vsdatant.sys ZwOpenProcess SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwOpenSection SSDT \SystemRoot\System32\vsdatant.sys ZwOpenThread SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwQueryKey SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwQueryMultipleValueKey SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwQuerySystemInformation SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwQueryValueKey SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwReplaceKey SSDT \SystemRoot\System32\vsdatant.sys ZwRequestWaitReplyPort SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwRestoreKey SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwResumeThread SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwSaveKey SSDT \SystemRoot\System32\vsdatant.sys ZwSecureConnectPort SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwSetContextThread SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwSetInformationFile SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwSetInformationKey SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwSetInformationProcess SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwSetSecurityObject SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwSetValueKey SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwSuspendThread SSDT \SystemRoot\System32\vsdatant.sys ZwTerminateProcess SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwUnloadKey SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwWriteVirtualMemory SSDT \??\C:\WINDOWS\system32\drivers\klif.sys SSDT[284] SSDT \??\C:\WINDOWS\system32\drivers\klif.sys SSDT[285] SSDT \??\C:\WINDOWS\system32\drivers\klif.sys SSDT[286] SSDT \??\C:\WINDOWS\system32\drivers\klif.sys SSDT[287] SSDT \??\C:\WINDOWS\system32\drivers\klif.sys SSDT[288] SSDT \??\C:\WINDOWS\system32\drivers\klif.sys SSDT[289] SSDT \??\C:\WINDOWS\system32\drivers\klif.sys SSDT[290] SSDT \??\C:\WINDOWS\system32\drivers\klif.sys SSDT[291] SSDT \??\C:\WINDOWS\system32\drivers\klif.sys SSDT[292] SSDT \??\C:\WINDOWS\system32\drivers\klif.sys SSDT[293] SSDT \??\C:\WINDOWS\system32\drivers\klif.sys SSDT[294] SSDT \??\C:\WINDOWS\system32\drivers\klif.sys SSDT[295] SSDT \??\C:\WINDOWS\system32\drivers\klif.sys SSDT[296] Code \??\C:\WINDOWS\system32\drivers\klif.sys FsRtlCheckLockForReadAccess Code \??\C:\WINDOWS\system32\drivers\klif.sys IoIsOperationSynchronous ---- Kernel code sections - GMER 1.0.13 ---- .text ntoskrnl.exe!KiDispatchInterrupt + BA 804DB92E 7 Bytes JMP F59B7CD0 \??\C:\WINDOWS\system32\drivers\klif.sys .text ntoskrnl.exe!IoIsOperationSynchronous 804E8752 5 Bytes JMP F59B4C50 \??\C:\WINDOWS\system32\drivers\klif.sys .text ntoskrnl.exe!FsRtlCheckLockForReadAccess 804FC0F1 5 Bytes JMP F59B4760 \??\C:\WINDOWS\system32\drivers\klif.sys ? srescan.sys The system cannot find the file specified. ---- User code sections - GMER 1.0.13 ---- .text C:\Program Files\MSN Messenger\MsnMsgr.Exe[1020] kernel32.dll!SetUnhandledExceptionFilter 7C8447B5 5 Bytes JMP 004DE392 C:\Program Files\MSN Messenger\MsnMsgr.Exe .text C:\WINDOWS\Explorer.EXE[1548] SHELL32.dll!StrStrW + FFE32DC7 7C9CEB28 4 Bytes [ 04, 03, 71, 01 ] .text C:\WINDOWS\Explorer.EXE[1548] SHELL32.dll!StrStrW + FFE32DD7 7C9CEB38 4 Bytes [ 00, 04, 71, 01 ] .text C:\WINDOWS\Explorer.EXE[1548] SHELL32.dll!StrStrW + FFE33D17 7C9CFA78 4 Bytes [ 54, 04, 71, 01 ] .text C:\WINDOWS\Explorer.EXE[1548] SHELL32.dll!StrStrW + FFE33D33 7C9CFA94 4 Bytes [ 82, 03, 71, 01 ] .text C:\WINDOWS\Explorer.EXE[1548] SHELL32.dll!StrStrW + FFE33D47 7C9CFAA8 4 Bytes [ 58, 03, 71, 01 ] ---- Kernel IAT/EAT - GMER 1.0.13 ---- IAT \SystemRoot\system32\DRIVERS\amdk7.sys[ntoskrnl.exe!IoCreateDevice] 862B07F0 IAT \SystemRoot\system32\DRIVERS\VIDEOPRT.SYS[ntoskrnl.exe!IoCreateDevice] 862B07F0 IAT \SystemRoot\system32\DRIVERS\ks.sys[ntoskrnl.exe!IoCreateDevice] 862B07F0 IAT \SystemRoot\System32\Drivers\Modem.SYS[ntoskrnl.exe!IoCreateDevice] 862B07F0 IAT \SystemRoot\system32\DRIVERS\imapi.sys[ntoskrnl.exe!IoCreateDevice] 862B07F0 IAT \SystemRoot\system32\DRIVERS\redbook.sys[ntoskrnl.exe!IoCreateDevice] 862B07F0 IAT \SystemRoot\system32\DRIVERS\USBPORT.SYS[ntoskrnl.exe!IoCreateDevice] 862B07F0 IAT \SystemRoot\system32\DRIVERS\i8042prt.sys[ntoskrnl.exe!IoCreateDevice] 862B07F0 IAT \SystemRoot\system32\DRIVERS\mouclass.sys[ntoskrnl.exe!IoCreateDevice] 862B07F0 IAT \SystemRoot\system32\DRIVERS\kbdclass.sys[ntoskrnl.exe!IoCreateDevice] 862B07F0 IAT \SystemRoot\system32\drivers\portcls.sys[ntoskrnl.exe!IoCreateDevice] 862B07F0 IAT \SystemRoot\system32\DRIVERS\fdc.sys[ntoskrnl.exe!IoCreateDevice] 862B07F0 IAT \SystemRoot\system32\DRIVERS\serial.sys[ntoskrnl.exe!IoCreateDevice] 862B07F0 IAT \SystemRoot\system32\DRIVERS\serenum.sys[ntoskrnl.exe!IoCreateDevice] 862B07F0 IAT \SystemRoot\system32\DRIVERS\parport.sys[ntoskrnl.exe!IoCreateDevice] 862B07F0 IAT \SystemRoot\system32\DRIVERS\gameenum.sys[NTOSKRNL.EXE!IoCreateDevice] 862B07F0 IAT \SystemRoot\system32\DRIVERS\audstub.sys[ntoskrnl.exe!IoCreateDevice] 862B07F0 IAT \SystemRoot\system32\DRIVERS\ndistapi.sys[ntoskrnl.exe!IoCreateDevice] 862B07F0 IAT \SystemRoot\system32\DRIVERS\ndiswan.sys[NDIS.SYS!NdisCloseAdapter] 862DDE80 IAT \SystemRoot\system32\DRIVERS\ndiswan.sys[NDIS.SYS!NdisOpenAdapter] 862DDA70 IAT \SystemRoot\system32\DRIVERS\ndiswan.sys[NDIS.SYS!NdisDeregisterProtocol] 862DE050 IAT \SystemRoot\system32\DRIVERS\ndiswan.sys[NDIS.SYS!NdisRegisterProtocol] 862DD8F0 IAT \SystemRoot\system32\DRIVERS\raspppoe.sys[NDIS.SYS!NdisRegisterProtocol] [F5AED940] \SystemRoot\System32\vsdatant.sys IAT \SystemRoot\system32\DRIVERS\raspppoe.sys[NDIS.SYS!NdisOpenAdapter] [F5AEDE60] \SystemRoot\System32\vsdatant.sys IAT \SystemRoot\system32\DRIVERS\raspppoe.sys[NDIS.SYS!NdisCloseAdapter] [F5AEDFC0] \SystemRoot\System32\vsdatant.sys IAT \SystemRoot\system32\DRIVERS\raspppoe.sys[NDIS.SYS!NdisDeregisterProtocol] [F5AEDAB0] \SystemRoot\System32\vsdatant.sys IAT \SystemRoot\system32\DRIVERS\psched.sys[NDIS.SYS!NdisDeregisterProtocol] [F5AEDAB0] \SystemRoot\System32\vsdatant.sys IAT \SystemRoot\system32\DRIVERS\psched.sys[NDIS.SYS!NdisRegisterProtocol] [F5AED940] \SystemRoot\System32\vsdatant.sys IAT \SystemRoot\system32\DRIVERS\psched.sys[NDIS.SYS!NdisOpenAdapter] [F5AEDE60] \SystemRoot\System32\vsdatant.sys IAT \SystemRoot\system32\DRIVERS\psched.sys[NDIS.SYS!NdisCloseAdapter] [F5AEDFC0] \SystemRoot\System32\vsdatant.sys IAT \SystemRoot\system32\DRIVERS\msgpc.sys[ntoskrnl.exe!IoCreateDevice] 862B07F0 IAT \SystemRoot\system32\DRIVERS\rdpdr.sys[ntoskrnl.exe!IoCreateDevice] 862B07F0 IAT \SystemRoot\system32\DRIVERS\termdd.sys[ntoskrnl.exe!IoCreateDevice] 862B07F0 IAT \SystemRoot\system32\DRIVERS\swenum.sys[NTOSKRNL.EXE!IoCreateDevice] 862B07F0 IAT \SystemRoot\system32\DRIVERS\mssmbios.sys[ntoskrnl.exe!IoCreateDevice] 862B07F0 IAT \SystemRoot\System32\Drivers\NDProxy.SYS[ntoskrnl.exe!IoCreateDevice] 862B07F0 IAT \SystemRoot\System32\Drivers\NDProxy.SYS[NDIS.SYS!NdisRegisterProtocol] [F5AED940] \SystemRoot\System32\vsdatant.sys IAT \SystemRoot\System32\Drivers\NDProxy.SYS[NDIS.SYS!NdisCloseAdapter] [F5AEDFC0] \SystemRoot\System32\vsdatant.sys IAT \SystemRoot\System32\Drivers\NDProxy.SYS[NDIS.SYS!NdisOpenAdapter] [F5AEDE60] \SystemRoot\System32\vsdatant.sys IAT \SystemRoot\System32\Drivers\NDProxy.SYS[NDIS.SYS!NdisDeregisterProtocol] [F5AEDAB0] \SystemRoot\System32\vsdatant.sys IAT \SystemRoot\system32\drivers\MODEMCSA.sys[ntoskrnl.exe!IoCreateDevice] 862B07F0 IAT \SystemRoot\system32\DRIVERS\usbhub.sys[ntoskrnl.exe!IoCreateDevice] 862B07F0 IAT \SystemRoot\system32\DRIVERS\flpydisk.sys[ntoskrnl.exe!IoCreateDevice] 862B07F0 IAT \SystemRoot\System32\Drivers\Fs_Rec.SYS[ntoskrnl.exe!IoCreateDevice] 862B07F0 IAT \SystemRoot\System32\Drivers\Null.SYS[ntoskrnl.exe!IoCreateDevice] 862B07F0 IAT \SystemRoot\System32\Drivers\Beep.SYS[ntoskrnl.exe!IoCreateDevice] 862B07F0 IAT \SystemRoot\System32\Drivers\Msfs.SYS[ntoskrnl.exe!IoCreateDevice] 862B07F0 IAT \SystemRoot\System32\Drivers\Npfs.SYS[ntoskrnl.exe!IoCreateDevice] 862B07F0 IAT \SystemRoot\system32\DRIVERS\rasacd.sys[ntoskrnl.exe!IoCreateDevice] 862B07F0 IAT \SystemRoot\system32\DRIVERS\ipsec.sys[ntoskrnl.exe!IoCreateDevice] 862B07F0 IAT \SystemRoot\system32\DRIVERS\tcpip.sys[NDIS.SYS!NdisCloseAdapter] [F5AEDFC0] \SystemRoot\System32\vsdatant.sys IAT \SystemRoot\system32\DRIVERS\tcpip.sys[NDIS.SYS!NdisOpenAdapter] [F5AEDE60] \SystemRoot\System32\vsdatant.sys IAT \SystemRoot\system32\DRIVERS\tcpip.sys[NDIS.SYS!NdisRegisterProtocol] [F5AED940] \SystemRoot\System32\vsdatant.sys IAT \SystemRoot\system32\DRIVERS\tcpip.sys[ntoskrnl.exe!IoCreateDevice] 862B07F0 IAT \SystemRoot\system32\DRIVERS\tcpip.sys[TDI.SYS!TdiRegisterDeviceObject] 862B0870 IAT \SystemRoot\system32\DRIVERS\netbt.sys[ntoskrnl.exe!IoCreateDevice] 862B07F0 IAT \SystemRoot\system32\DRIVERS\netbt.sys[TDI.SYS!TdiRegisterDeviceObject] 862B0870 IAT \SystemRoot\System32\drivers\afd.sys[ntoskrnl.exe!IoCreateFile] [F5AFAF90] \SystemRoot\System32\vsdatant.sys IAT \SystemRoot\System32\drivers\afd.sys[ntoskrnl.exe!IoCreateDevice] 862B07F0 IAT \SystemRoot\system32\DRIVERS\netbios.sys[ntoskrnl.exe!IoCreateDevice] 862B07F0 IAT \SystemRoot\system32\DRIVERS\rdbss.sys[ntoskrnl.exe!IoCreateDevice] 862B07F0 IAT \SystemRoot\system32\DRIVERS\mrxsmb.sys[ntoskrnl.exe!IoCreateDevice] 862B07F0 IAT \SystemRoot\System32\Drivers\Fips.SYS[ntoskrnl.exe!IoCreateDevice] 862B07F0 IAT \SystemRoot\system32\DRIVERS\ipnat.sys[ntoskrnl.exe!IoCreateDevice] 862B07F0 IAT \SystemRoot\system32\DRIVERS\wanarp.sys[ntoskrnl.exe!IoCreateDevice] 862B07F0 IAT \SystemRoot\system32\DRIVERS\wanarp.sys[NDIS.SYS!NdisDeregisterProtocol] [F5AEDAB0] \SystemRoot\System32\vsdatant.sys IAT \SystemRoot\system32\DRIVERS\wanarp.sys[NDIS.SYS!NdisRegisterProtocol] [F5AED940] \SystemRoot\System32\vsdatant.sys IAT \SystemRoot\system32\DRIVERS\wanarp.sys[NDIS.SYS!NdisOpenAdapter] [F5AEDE60] \SystemRoot\System32\vsdatant.sys IAT \SystemRoot\system32\DRIVERS\wanarp.sys[NDIS.SYS!NdisCloseAdapter] [F5AEDFC0] \SystemRoot\System32\vsdatant.sys IAT \SystemRoot\System32\Drivers\Fastfat.SYS[ntoskrnl.exe!IoCreateDevice] 862B07F0 IAT \SystemRoot\system32\DRIVERS\USBSTOR.SYS[ntoskrnl.exe!IoCreateDevice] 862B07F0 IAT \SystemRoot\system32\DRIVERS\ndisuio.sys[ntoskrnl.exe!IoCreateDevice] 862B07F0 IAT \SystemRoot\system32\DRIVERS\ndisuio.sys[NDIS.SYS!NdisRegisterProtocol] [F5AED940] \SystemRoot\System32\vsdatant.sys IAT \SystemRoot\system32\DRIVERS\ndisuio.sys[NDIS.SYS!NdisDeregisterProtocol] [F5AEDAB0] \SystemRoot\System32\vsdatant.sys IAT \SystemRoot\system32\DRIVERS\ndisuio.sys[NDIS.SYS!NdisCloseAdapter] [F5AEDFC0] \SystemRoot\System32\vsdatant.sys IAT \SystemRoot\system32\DRIVERS\ndisuio.sys[NDIS.SYS!NdisOpenAdapter] [F5AEDE60] \SystemRoot\System32\vsdatant.sys IAT \SystemRoot\system32\drivers\wdmaud.sys[ntoskrnl.exe!IoCreateDevice] 862B07F0 IAT \SystemRoot\system32\drivers\sysaudio.sys[ntoskrnl.exe!IoCreateDevice] 862B07F0 IAT \SystemRoot\system32\DRIVERS\mrxdav.sys[ntoskrnl.exe!IoCreateDevice] 862B07F0 IAT \SystemRoot\System32\Drivers\ParVdm.SYS[ntoskrnl.exe!IoCreateDevice] 862B07F0 IAT \SystemRoot\system32\DRIVERS\srv.sys[ntoskrnl.exe!NtOpenFile] [F5AE6560] \SystemRoot\System32\vsdatant.sys IAT \SystemRoot\system32\DRIVERS\srv.sys[ntoskrnl.exe!NtSetInformationFile] [F5AE64B0] \SystemRoot\System32\vsdatant.sys IAT \SystemRoot\system32\DRIVERS\srv.sys[ntoskrnl.exe!IoCreateFile] [F5AE6660] \SystemRoot\System32\vsdatant.sys IAT \SystemRoot\system32\DRIVERS\srv.sys[ntoskrnl.exe!IoCreateDevice] 862B07F0 IAT \SystemRoot\system32\DRIVERS\srv.sys[ntoskrnl.exe!NtCreateFile] [F5AE61C0] \SystemRoot\System32\vsdatant.sys IAT \SystemRoot\System32\Drivers\HTTP.sys[ntoskrnl.exe!IoCreateDevice] 862B07F0 IAT \SystemRoot\system32\drivers\kmixer.sys[ntoskrnl.exe!IoCreateDevice] 862B07F0 ---- User IAT/EAT - GMER 1.0.13 ---- IAT C:\Program Files\Winamp\winampa.exe[604] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll IAT C:\Program Files\Winamp\winampa.exe[604] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll IAT C:\Program Files\Winamp\winampa.exe[604] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll IAT C:\Program Files\Winamp\winampa.exe[604] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll IAT C:\Program Files\Winamp\winampa.exe[604] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll IAT C:\Program Files\Winamp\winampa.exe[604] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll IAT C:\Program Files\Winamp\winampa.exe[604] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll IAT C:\Program Files\Winamp\winampa.exe[604] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll IAT C:\Program Files\Winamp\winampa.exe[604] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll IAT C:\Program Files\Winamp\winampa.exe[604] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll IAT C:\Program Files\Winamp\winampa.exe[604] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll IAT C:\Program Files\Winamp\winampa.exe[604] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll IAT C:\Program Files\Winamp\winampa.exe[604] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll IAT C:\Program Files\Winamp\winampa.exe[604] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll IAT C:\Program Files\Winamp\winampa.exe[604] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll IAT C:\Program Files\Winamp\winampa.exe[604] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll IAT C:\Program Files\Winamp\winampa.exe[604] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll IAT C:\Program Files\Winamp\winampa.exe[604] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll IAT C:\Program Files\Winamp\winampa.exe[604] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll IAT C:\Program Files\Winamp\winampa.exe[604] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] [7C883FB0] C:\WINDOWS\system32\kernel32.dll IAT C:\Program Files\Winamp\winampa.exe[604] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [7C883FB0] C:\WINDOWS\system32\kernel32.dll IAT C:\Program Files\Winamp\winampa.exe[604] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll IAT C:\Program Files\Winamp\winampa.exe[604] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll IAT C:\Program Files\Winamp\winampa.exe[604] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll IAT C:\Program Files\Winamp\winampa.exe[604] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll IAT C:\Program Files\SiteAdvisor\6021\SiteAdv.exe[732] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll IAT C:\Program Files\SiteAdvisor\6021\SiteAdv.exe[732] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll IAT C:\Program Files\SiteAdvisor\6021\SiteAdv.exe[732] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll IAT C:\Program Files\SiteAdvisor\6021\SiteAdv.exe[732] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll IAT C:\Program Files\SiteAdvisor\6021\SiteAdv.exe[732] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll IAT C:\Program Files\SiteAdvisor\6021\SiteAdv.exe[732] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll IAT C:\Program Files\SiteAdvisor\6021\SiteAdv.exe[732] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll IAT C:\Program Files\SiteAdvisor\6021\SiteAdv.exe[732] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll IAT C:\Program Files\SiteAdvisor\6021\SiteAdv.exe[732] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll IAT C:\Program Files\SiteAdvisor\6021\SiteAdv.exe[732] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll IAT C:\Program Files\SiteAdvisor\6021\SiteAdv.exe[732] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll IAT C:\Program Files\SiteAdvisor\6021\SiteAdv.exe[732] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll IAT C:\Program Files\SiteAdvisor\6021\SiteAdv.exe[732] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll IAT C:\Program Files\SiteAdvisor\6021\SiteAdv.exe[732] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll IAT C:\Program Files\SiteAdvisor\6021\SiteAdv.exe[732] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll IAT C:\Program Files\SiteAdvisor\6021\SiteAdv.exe[732] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll IAT C:\Program Files\SiteAdvisor\6021\SiteAdv.exe[732] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll IAT C:\Program Files\SiteAdvisor\6021\SiteAdv.exe[732] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll IAT C:\Program Files\SiteAdvisor\6021\SiteAdv.exe[732] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll IAT C:\Program Files\SiteAdvisor\6021\SiteAdv.exe[732] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll IAT C:\Program Files\SiteAdvisor\6021\SiteAdv.exe[732] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll IAT C:\Program Files\SiteAdvisor\6021\SiteAdv.exe[732] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll IAT C:\Program Files\SiteAdvisor\6021\SiteAdv.exe[732] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll IAT C:\Program Files\SiteAdvisor\6021\SiteAdv.exe[732] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [7C883FB0] C:\WINDOWS\system32\kernel32.dll IAT C:\Program Files\SiteAdvisor\6021\SiteAdv.exe[732] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [7C883FB0] C:\WINDOWS\system32\kernel32.dll IAT C:\Program Files\SiteAdvisor\6021\SiteAdv.exe[732] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll IAT C:\Program Files\SiteAdvisor\6021\SiteAdv.exe[732] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll IAT C:\Program Files\SiteAdvisor\6021\SiteAdv.exe[732] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll IAT C:\Program Files\SiteAdvisor\6021\SiteAdv.exe[732] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll IAT C:\Program Files\SiteAdvisor\6021\SiteAdv.exe[732] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll IAT C:\Program Files\SiteAdvisor\6021\SiteAdv.exe[732] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll IAT C:\Program Files\SiteAdvisor\6021\SiteAdv.exe[732] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExA] [7C883FB0] C:\WINDOWS\system32\kernel32.dll IAT C:\Program Files\SiteAdvisor\6021\SiteAdv.exe[732] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll IAT C:\Program Files\SiteAdvisor\6021\SiteAdv.exe[732] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll IAT C:\Program Files\SiteAdvisor\6021\SiteAdv.exe[732] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll IAT C:\Program Files\SiteAdvisor\6021\SiteAdv.exe[732] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll IAT C:\Program Files\SiteAdvisor\6021\SiteAdv.exe[732] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll IAT C:\Program Files\SiteAdvisor\6021\SiteAdv.exe[732] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] [7C883FB0] C:\WINDOWS\system32\kernel32.dll IAT C:\Program Files\SiteAdvisor\6021\SiteAdv.exe[732] @ C:\WINDOWS\system32\psapi.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll IAT C:\Program Files\SiteAdvisor\6021\SiteAdv.exe[732] @ C:\WINDOWS\system32\psapi.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll IAT C:\Program Files\SiteAdvisor\6021\SiteAdv.exe[732] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll IAT C:\Program Files\SiteAdvisor\6021\SiteAdv.exe[732] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!LoadLibraryExA] [7C883FB0] C:\WINDOWS\system32\kernel32.dll IAT C:\Program Files\SiteAdvisor\6021\SiteAdv.exe[732] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll IAT C:\Program Files\SiteAdvisor\6021\SiteAdv.exe[732] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll IAT C:\Program Files\SiteAdvisor\6021\SiteAdv.exe[732] @ C:\WINDOWS\system32\secur32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll IAT C:\Program Files\SiteAdvisor\6021\SiteAdv.exe[732] @ C:\WINDOWS\system32\secur32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll IAT C:\Program Files\SiteAdvisor\6021\SiteAdv.exe[732] @ C:\WINDOWS\system32\secur32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll IAT C:\Program Files\SiteAdvisor\6021\SiteAdv.exe[732] @ C:\WINDOWS\system32\netapi32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll IAT C:\Program Files\SiteAdvisor\6021\SiteAdv.exe[732] @ C:\WINDOWS\system32\netapi32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll IAT C:\Program Files\SiteAdvisor\6021\SiteAdv.exe[732] @ C:\WINDOWS\system32\netapi32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll IAT C:\WINDOWS\system32\csrss.exe[756] @ C:\WINDOWS\system32\winsrv.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\KERNEL32.dll IAT C:\WINDOWS\system32\csrss.exe[756] @ C:\WINDOWS\system32\winsrv.dll [KERNEL32.dll!LoadLibraryExA] [7C883FB0] C:\WINDOWS\system32\KERNEL32.dll IAT C:\WINDOWS\system32\csrss.exe[756] @ C:\WINDOWS\system32\winsrv.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\KERNEL32.dll IAT C:\WINDOWS\system32\csrss.exe[756] @ C:\WINDOWS\system32\winsrv.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\KERNEL32.dll IAT C:\WINDOWS\system32\csrss.exe[756] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\KERNEL32.dll IAT C:\WINDOWS\system32\csrss.exe[756] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\KERNEL32.dll IAT C:\WINDOWS\system32\csrss.exe[756] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\KERNEL32.dll IAT C:\WINDOWS\system32\csrss.exe[756] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\KERNEL32.dll IAT C:\WINDOWS\system32\csrss.exe[756] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\KERNEL32.dll IAT C:\WINDOWS\system32\csrss.exe[756] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\KERNEL32.dll IAT C:\WINDOWS\system32\csrss.exe[756] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\KERNEL32.dll IAT C:\WINDOWS\system32\csrss.exe[756] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\KERNEL32.dll IAT C:\WINDOWS\system32\csrss.exe[756] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\KERNEL32.dll IAT C:\WINDOWS\system32\csrss.exe[756] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\KERNEL32.dll IAT C:\WINDOWS\system32\csrss.exe[756] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\KERNEL32.dll IAT C:\WINDOWS\system32\csrss.exe[756] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\KERNEL32.dll IAT C:\WINDOWS\system32\csrss.exe[756] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\KERNEL32.dll IAT C:\WINDOWS\system32\csrss.exe[756] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\KERNEL32.dll IAT C:\WINDOWS\system32\csrss.exe[756] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\KERNEL32.dll IAT C:\WINDOWS\system32\winlogon.exe[780] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll IAT C:\WINDOWS\system32\winlogon.exe[780] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll IAT C:\WINDOWS\system32\winlogon.exe[780] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll IAT C:\WINDOWS\system32\winlogon.exe[780] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll IAT C:\WINDOWS\system32\winlogon.exe[780] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll IAT C:\WINDOWS\system32\winlogon.exe[780] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll IAT C:\WINDOWS\system32\winlogon.exe[780] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll IAT C:\WINDOWS\system32\winlogon.exe[780] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll IAT C:\WINDOWS\system32\winlogon.exe[780] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll IAT C:\WINDOWS\system32\winlogon.exe[780] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExA] [7C883FB0] C:\WINDOWS\system32\kernel32.dll IAT C:\WINDOWS\system32\winlogon.exe[780] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll IAT C:\WINDOWS\system32\winlogon.exe[780] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll IAT C:\WINDOWS\system32\winlogon.exe[780] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll IAT C:\WINDOWS\system32\winlogon.exe[780] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll IAT C:\WINDOWS\system32\winlogon.exe[780] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll IAT C:\WINDOWS\system32\winlogon.exe[780] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll IAT C:\WINDOWS\system32\winlogon.exe[780] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll IAT C:\WINDOWS\system32\winlogon.exe[780] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll IAT C:\WINDOWS\system32\winlogon.exe[780] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll IAT C:\WINDOWS\system32\winlogon.exe[780] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll IAT C:\WINDOWS\system32\winlogon.exe[780] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll IAT C:\WINDOWS\system32\winlogon.exe[780] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll IAT C:\WINDOWS\system32\winlogon.exe[780] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll IAT C:\WINDOWS\system32\winlogon.exe[780] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryExA] [7C883FB0] C:\WINDOWS\system32\kernel32.dll IAT C:\WINDOWS\system32\winlogon.exe[780] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll IAT C:\WINDOWS\system32\winlogon.exe[780] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll IAT C:\WINDOWS\system32\winlogon.exe[780] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll IAT C:\WINDOWS\system32\winlogon.exe[780] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll IAT C:\WINDOWS\system32\winlogon.exe[780] @ C:\WINDOWS\system32\REGAPI.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll IAT C:\WINDOWS\system32\winlogon.exe[780] @ C:\WINDOWS\system32\REGAPI.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll IAT C:\WINDOWS\system32\winlogon.exe[780] @ C:\WINDOWS\system32\REGAPI.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll IAT C:\WINDOWS\system32\winlogon.exe[780] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll IAT C:\WINDOWS\system32\winlogon.exe[780] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll IAT C:\WINDOWS\system32\winlogon.exe[780] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll IAT C:\WINDOWS\system32\winlogon.exe[780] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll IAT C:\WINDOWS\system32\winlogon.exe[780] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll IAT C:\WINDOWS\system32\winlogon.exe[780] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll IAT C:\WINDOWS\system32\winlogon.exe[780] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll IAT C:\WINDOWS\system32\winlogon.exe[780] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll IAT C:\WINDOWS\system32\winlogon.exe[780] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll IAT C:\WINDOWS\system32\winlogon.exe[780] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll IAT C:\WINDOWS\system32\winlogon.exe[780] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll IAT C:\WINDOWS\system32\winlogon.exe[780] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] [7C883FB0] C:\WINDOWS\system32\kernel32.dll IAT C:\WINDOWS\system32\winlogon.exe[780] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [7C883FB0] C:\WINDOWS\system32\kernel32.dll IAT C:\WINDOWS\system32\winlogon.exe[780] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll IAT C:\WINDOWS\system32\winlogon.exe[780] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll IAT C:\WINDOWS\system32\winlogon.exe[780] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll IAT C:\WINDOWS\system32\winlogon.exe[780] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll IAT C:\WINDOWS\system32\winlogon.exe[780] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll IAT C:\WINDOWS\system32\winlogon.exe[780] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll IAT C:\WINDOWS\system32\winlogon.exe[780] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll IAT C:\WINDOWS\system32\winlogon.exe[780] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll IAT C:\WINDOWS\system32\winlogon.exe[780] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [7C883FB0] C:\WINDOWS\system32\kernel32.dll IAT C:\WINDOWS\system32\winlogon.exe[780] @ C:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll IAT C:\WINDOWS\system32\winlogon.exe[780] @ C:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll IAT C:\WINDOWS\system32\services.exe[824] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll IAT C:\WINDOWS\system32\services.exe[824] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll IAT C:\WINDOWS\system32\services.exe[824] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll IAT C:\WINDOWS\system32\services.exe[824] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll IAT C:\WINDOWS\system32\services.exe[824] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll IAT C:\WINDOWS\system32\services.exe[824] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll IAT C:\WINDOWS\system32\services.exe[824] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll IAT C:\WINDOWS\system32\services.exe[824] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll IAT C:\WINDOWS\system32\services.exe[824] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll IAT C:\WINDOWS\system32\services.exe[824] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll IAT C:\WINDOWS\system32\services.exe[824] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll IAT C:\WINDOWS\system32\services.exe[824] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll IAT C:\WINDOWS\system32\services.exe[824] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll IAT C:\WINDOWS\system32\services.exe[824] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll IAT C:\WINDOWS\system32\services.exe[824] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll IAT C:\WINDOWS\system32\services.exe[824] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll IAT C:\WINDOWS\system32\services.exe[824] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryExA] [7C883FB0] C:\WINDOWS\system32\kernel32.dll IAT C:\WINDOWS\system32\services.exe[824] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll IAT C:\WINDOWS\system32\services.exe[824] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll IAT C:\WINDOWS\system32\services.exe[824] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll IAT C:\WINDOWS\system32\services.exe[824] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll IAT C:\WINDOWS\system32\services.exe[824] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll IAT C:\WINDOWS\system32\services.exe[824] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll IAT C:\WINDOWS\system32\services.exe[824] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll IAT C:\WINDOWS\system32\services.exe[824] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll IAT C:\WINDOWS\system32\services.exe[824] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll IAT C:\WINDOWS\system32\services.exe[824] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [7C883FB0] C:\WINDOWS\system32\kernel32.dll IAT C:\WINDOWS\system32\services.exe[824] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll IAT C:\WINDOWS\system32\services.exe[824] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll IAT C:\WINDOWS\system32\services.exe[824] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll IAT C:\WINDOWS\system32\services.exe[824] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll IAT C:\WINDOWS\system32\services.exe[824] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] [7C883FB0] C:\WINDOWS\system32\kernel32.dll IAT C:\WINDOWS\system32\services.exe[824] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [7C883FB0] C:\WINDOWS\system32\kernel32.dll IAT C:\WINDOWS\system32\services.exe[824] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll IAT C:\WINDOWS\system32\services.exe[824] @ C:

Profil

lavander Poslao: 24 Okt 2007 21:31 Idi na vrh
offline lavander Građanin Pridružio: 23 Okt 2007 Poruke: 49	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Mislim da skan nije kompletan pa saljem fajl u Notepad-u mycity.rs/must-login.png

Profil

MyCity » Ambulanta -> Arhiva Ambulante » Ljudi pomagajte

Ko je trenutno na forumu

Ukupno su 751 korisnika na forumu :: 4 registrovanih, 1 sakriven i 746 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: MilosKop, nenad81, Skywhaler, Živković

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by