MyCity » Ambulanta -> Arhiva Ambulante » SmitFraud problem...

SmitFraud problem...

Napisano na dan: 9.10.2007

Strana:
1
2
3

SmitFraud problem...

Sledeća strana

Pagination

Odgovori

Strana:
1
2
3

ukidzoni Poslao: 09 Okt 2007 17:44 Idi na vrh
offline ukidzoni Novi MyCity građanin Pridružio: 09 Okt 2007 Poruke: 11	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! imam problem,control panel je nestao kada pokusan na desktop-u da udjem u properties pise da je zabranjeno i da se javim system administratoru usput mi se pojavljuje stalno kako mi je racunar zarazen i da treba da skinem neki anti-virus program Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 17:34:10, on 09-Oct-07 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe C:\WINDOWS\vVX3000.exe C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\Program Files\Common Files\Teleca Shared\CapabilityManager.exe c:\Program Files\Microsoft LifeCam\MSCamS32.exe C:\Program Files\Spyware Terminator\sp_rsser.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\WINDOWS\system32\wscntfy.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Common Files\Teleca Shared\Generic.exe C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe C:\Program Files\Alwil Software\Avast4\setup\avast.setup C:\Program Files\Spyware Terminator\SpywareTerminator.exe R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = g.msn.co.uk/0SEENWW/SAOS01?FORM=TOOLBR R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\WINDOWS\system32\dllwrap.exe, O2 - BHO: (no name) - {C994CEE8-89E5-435B-ABF0-97019376D679} - C:\WINDOWS\system32\crypt3.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll (file missing) O3 - Toolbar: &Crawler Toolbar - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [SpywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe" O4 - HKLM\..\Run: [LifeCam] "c:\Program Files\Microsoft LifeCam\LifeExp.exe" O4 - HKLM\..\Run: [VX3000] C:\WINDOWS\vVX3000.exe O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [WinAVX] C:\WINDOWS\system32\WinAvXX.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\RunOnce: [RunNarrator] Narrator.exe (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - HKUS\.DEFAULT\..\RunOnce: [RunNarrator] Narrator.exe (User 'Default user') O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1 O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm O8 - Extra context menu item: Add to Windows &Live Favorites - favorites.live.com/quickadd.aspx O8 - Extra context menu item: Crawler Search - tbr:iemenu O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Open in new background tab - res://C:\Program Files\Windows Live Toolbar\Components\en-ww\msntabres.dll.mui/229?7dabcde81c6d47298968ecae347cd175 O8 - Extra context menu item: Open in new foreground tab - res://C:\Program Files\Windows Live Toolbar\Components\en-ww\msntabres.dll.mui/230?7dabcde81c6d47298968ecae347cd175 O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: Spyware Terminator Clam Service (sp_clamsrv) - Crawler.com - C:\Program Files\WinClamAVShield\sp_clamsrv.exe O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe -- End of file - 7448 bytes

Profil

dr_Bora Poslao: 09 Okt 2007 18:17 Idi na vrh
offline dr_Bora Anti Malware Fighter Rank 2 Pridružio: 24 Jul 2007 Poruke: 12280 Gde živiš: Höganäs, SE	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Pozdrav... Pronađi sledeće fileove i upakuj ih u jedan zip: C:\WINDOWS\system32\dllwrap.exe C:\WINDOWS\system32\crypt3.dll i uploaduj ih preko sledeće forme: http://www.mycity.rs/ambulanta-upload.php ------------------------------------------------------------------------------------- 1) Preuzmi program SmitfraudFix sa ovog linka. 2.) Extract-uj program na desktop. (Takodje na ovaj način pripremi i program Hijack This koje će se kasnije koristiti) 3.) Restartuj računar i podigni sistem u Safe Mode-u. [ Safe Mode info link 4.) Pronadji na desktop-u folder gde si raspakovao SmitfraudFix program i dvoklikom pokreni fajl SmitfraudFix.cmd. Kada se alat za uklanjanje prvi put startuje pokazaće ti se ekran za odobrenje. Jednostavno pretisni bilo koje dugme na tastaturi da bi prešao na sledeći nivo. 5.) 6.) Program će početi sa čišćenjem kompjutera. Posle završenog čišćenja SmitfraudFix-om pokrenuće ti se Windows-ov program Disk Cleanup. Nakon sto SmitFraudFix zavrsi svoj posao, postavi nam ovde log koji se nalazi na C:\rapport.txt i svez HJT log. Napomena: novi HT log treba da napraviš korišćenjem verzije programa sa sledećeg linka: http://216.180.233.162/~merijn/files/HijackThis.exe Takođe, treba da promeniš naziv file-a ''HijackThis.exe'' u ''tr3.exe''.

Profil

ukidzoni Poslao: 09 Okt 2007 19:06 Idi na vrh
offline ukidzoni Novi MyCity građanin Pridružio: 09 Okt 2007 Poruke: 11	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! upload-ovao sam sam crypt3.dll ovog drugog fajla nema na racunaru SmitFraudFix v2.239 Scan done at 18:50:30.49, 09-Oct-07 Run from C:\Documents and Settings\PC\Desktop\SmitfraudFix OS: Microsoft Windows XP [Version 5.1.2600] - Windows_NT The filesystem type is FAT32 Fix run in safe mode »»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Before SmitFraudFix !!!Attention, following keys are not inevitably infected!!! SrchSTS.exe by S!Ri Search SharedTaskScheduler's .dll »»»»»»»»»»»»»»»»»»»»»»»» Killing process »»»»»»»»»»»»»»»»»»»»»»»» hosts 192.168.200.3 ad.doubleclick.net 192.168.200.3 ad.fastclick.net 192.168.200.3 ads.fastclick.net 192.168.200.3 atdmt.com 192.168.200.3 awaps.net 192.168.200.3 banner.fastclick.net 192.168.200.3 banners.fastclick.net 192.168.200.3 click.atdmt.com 192.168.200.3 clicks.atdmt.com 192.168.200.3 engine.awaps.net 192.168.200.3 fastclick.net 192.168.200.3 ftp.avp.ch 192.168.200.3 ftp.kasperskylab.ru 192.168.200.3 updates5.kaspersky-labs.com 192.168.200.3 www.awaps.net 192.168.200.3 www.viruslist.ru »»»»»»»»»»»»»»»»»»»»»»»» Winsock2 Fix S!Ri's WS2Fix: LSP not Found. »»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix GenericRenosFix by S!Ri »»»»»»»»»»»»»»»»»»»»»»»» Deleting infected files »»»»»»»»»»»»»»»»»»»»»»»» DNS HKLM\SYSTEM\CCS\Services\Tcpip\..\{A399416E-C79E-4B51-84F2-D55ADF3107A1}: DhcpNameServer=82.117.194.2 82.117.194.3 HKLM\SYSTEM\CS1\Services\Tcpip\..\{A399416E-C79E-4B51-84F2-D55ADF3107A1}: DhcpNameServer=82.117.194.2 82.117.194.3 HKLM\SYSTEM\CS2\Services\Tcpip\..\{A399416E-C79E-4B51-84F2-D55ADF3107A1}: DhcpNameServer=82.117.194.2 82.117.194.3 HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=82.117.194.2 82.117.194.3 HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=82.117.194.2 82.117.194.3 HKLM\SYSTEM\CS2\Services\Tcpip\Parameters: DhcpNameServer=82.117.194.2 82.117.194.3 »»»»»»»»»»»»»»»»»»»»»»»» Deleting Temp Files »»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System !!!Attention, following keys are not inevitably infected!!! [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] "System"="" »»»»»»»»»»»»»»»»»»»»»»»» Registry Cleaning Registry Cleaning done. »»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler After SmitFraudFix !!!Attention, following keys are not inevitably infected!!! SrchSTS.exe by S!Ri Search SharedTaskScheduler's .dll »»»»»»»»»»»»»»»»»»»»»»»» End Logfile of HijackThis v1.99.1 Scan saved at 18:59:23, on 09-Oct-07 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe C:\WINDOWS\vVX3000.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Common Files\Teleca Shared\CapabilityManager.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe c:\Program Files\Microsoft LifeCam\MSCamS32.exe C:\Program Files\Spyware Terminator\sp_rsser.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Common Files\Teleca Shared\Generic.exe C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe C:\Program Files\Outlook Express\msimn.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Documents and Settings\PC\Local Settings\Temporary Internet Files\Content.IE5\QDM5MZW9\HijackThis[1].exe R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\WINDOWS\system32\dllwrap.exe, O2 - BHO: (no name) - {C994CEE8-89E5-435B-ABF0-97019376D679} - C:\WINDOWS\system32\crypt3.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll (file missing) O3 - Toolbar: &Crawler Toolbar - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [SpywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe" O4 - HKLM\..\Run: [LifeCam] "c:\Program Files\Microsoft LifeCam\LifeExp.exe" O4 - HKLM\..\Run: [VX3000] C:\WINDOWS\vVX3000.exe O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1 O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm O8 - Extra context menu item: Add to Windows &Live Favorites - favorites.live.com/quickadd.aspx O8 - Extra context menu item: Crawler Search - tbr:iemenu O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Open in new background tab - res://C:\Program Files\Windows Live Toolbar\Components\en-ww\msntabres.dll.mui/229?7dabcde81c6d47298968ecae347cd175 O8 - Extra context menu item: Open in new foreground tab - res://C:\Program Files\Windows Live Toolbar\Components\en-ww\msntabres.dll.mui/230?7dabcde81c6d47298968ecae347cd175 O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: Spyware Terminator Clam Service (sp_clamsrv) - Crawler.com - C:\Program Files\WinClamAVShield\sp_clamsrv.exe O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe evo i ovo sam uradio

Profil

dr_Bora Poslao: 09 Okt 2007 19:28 Idi na vrh
offline dr_Bora Anti Malware Fighter Rank 2 Pridružio: 24 Jul 2007 Poruke: 12280 Gde živiš: Höganäs, SE	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Zamolio bih te da HT sa onog linka sačuvaš na disku i da mu promeniš naziv (tj. ime file-a) pre dalje upotrebe. Pokreni HijackThis, skeniraj i štikliraj sledeće linije: F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\WINDOWS\system32\dllwrap.exe, O3 - Toolbar: &Crawler Toolbar - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1 O8 - Extra context menu item: Crawler Search - tbr:iemenu O18 - Protocol: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll zatvori sve prozore Internet Explorer-a a zatim klikni na Fix Checked. ------------------------------------------------------------------------------------- Obriši folder: C:\PROGRAM FILES\Crawler\Toolbar\ ------------------------------------------------------------------------------------- Sačuvaj na disk VundoFix: http://www.atribune.org/ccount/click.php?id=4 * Dvoklikom se startuje fajl VundoFix.exe. * Izabere opcija Scan for Vundo. * Posle završenog skeniranja i pojave poruke Done Searching for files klikne se na OK. * Sada, kada je skeniranje obavljeno potrebno je kliknuti na opciju Remove Vundo. * Po pojavljivanju upita o uklanjaju Vundo fajlova klikne se na Yes. * Pokretanje ove opcije učiniće Desktop privremeno praznim u cilju pripreme sistema za uklanjanje Vundo-a. * Po završetku, pojaviće se obaveštenje o gašnjenju računara, klikne se OK. * Uključi se računar i podigne sistem iznova. * Iskopira se sadržaj loga sa putanje C:\vundofix.txt i novi HiJackThis log u poruku na forumu. Ukoliko VundoFix ništa ne detektuje, uradi sledeće. Isprati proceduru za VundoFix opisanu gore. Razlika ce samo biti u sledecem: Kada pokrenes VundoFix, u (belom) prozoru programa napravi desni klik misem i izaberi opciju "Add more files?". Kada ti se otvori sledeci prozor copy/paste sledecu putanju file-a: C:\WINDOWS\system32\crypt3.dll Stisni "Remove Vundo". Ovo ti je ostatak gornjeg uputstva koje ce da te saceka posle ove procedure sa dodavanjem fajlova. Citat:* Pokretanje ove opcije učiniće Desktop privremeno praznim u cilju pripreme sistema za uklanjanje Vundo-a. * Po završetku, pojaviće se obaveštenje o gašnjenju računara, klikne se OK. * Uključi se računar i podigne sistem iznova. Kad sve zavrsis postavi novi HJT log i VundoFix log.

Profil

ukidzoni Poslao: 09 Okt 2007 20:10 Idi na vrh
offline ukidzoni Novi MyCity građanin Pridružio: 09 Okt 2007 Poruke: 11	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! VundoFix V6.5.9 Checking Java version... Java version is 1.5.0.3 Old versions of java are exploitable and should be removed. Java version is 1.5.0.11 Scan started at 16:59:17 09-Oct-07 Listing files found while scanning.... No infected files were found. Beginning removal... VundoFix V6.5.9 Checking Java version... Java version is 1.5.0.3 Old versions of java are exploitable and should be removed. Java version is 1.5.0.11 Scan started at 19:34:01 09-Oct-07 Listing files found while scanning.... No infected files were found. Beginning removal... Attempting to delete C:\WINDOWS\system32\crypt3.dll C:\WINDOWS\system32\crypt3.dll Could not be deleted. Attempting to delete C:\WINDOWS\system32\crypt3.dll C:\WINDOWS\system32\crypt3.dll Could not be deleted. Attempting to delete C:\WINDOWS\system32\crypt3.dll C:\WINDOWS\system32\crypt3.dll Could not be deleted. Attempting to delete C:\WINDOWS\system32\crypt3.dll C:\WINDOWS\system32\crypt3.dll Could not be deleted. Attempting to delete C:\WINDOWS\system32\crypt3.dll C:\WIND Beginning removal... Attempting to delete C:\WINDOWS\system32\crypt3.dll C:\WINDOWS\system32\crypt3.dll Could not be deleted. Attempting to delete C:\WINDOWS\system32\crypt3.dll C:\WINDOWS\system32\crypt3.dll Could not be deleted. Attempting to delete C:\WINDOWS\system32\crypt3.dll C:\WINDOWS\system32\crypt3.dll Could not be deleted. Attempting to delete C:\WINDOWS\system32\crypt3.dll C:\WINDOWS\system32\crypt3.dll Could not be deleted. Attempting to delete C:\WINDOWS\system32\crypt3.dll C:\WIND Beginning removal... Attempting to delete c:\windows\system32\crypt3.dll c:\windows\system32\crypt3.dll Could not be deleted. Performing Repairs to the registry. Done! Beginning removal... Attempting to delete c:\windows\system32\crypt3.dll c:\windows\system32\crypt3.dll Could not be deleted. Performing Repairs to the registry. Done! Logfile of HijackThis v1.99.1 Scan saved at 20:09:21, on 09-Oct-07 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe c:\Program Files\Microsoft LifeCam\MSCamS32.exe C:\Program Files\Spyware Terminator\sp_rsser.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\system32\wscntfy.exe C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe C:\WINDOWS\vVX3000.exe C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe C:\Program Files\Common Files\Teleca Shared\CapabilityManager.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\MSN Messenger\MsnMsgr.Exe C:\Program Files\Outlook Express\msimn.exe C:\Program Files\Common Files\Teleca Shared\Generic.exe C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Documents and Settings\PC\Desktop\tr3.exe R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: (no name) - {C994CEE8-89E5-435B-ABF0-97019376D679} - C:\WINDOWS\system32\crypt3.dll O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll (file missing) O3 - Toolbar: &Crawler Toolbar - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll (file missing) O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [SpywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe" O4 - HKLM\..\Run: [LifeCam] "c:\Program Files\Microsoft LifeCam\LifeExp.exe" O4 - HKLM\..\Run: [VX3000] C:\WINDOWS\vVX3000.exe O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm O8 - Extra context menu item: Add to Windows &Live Favorites - favorites.live.com/quickadd.aspx O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Open in new background tab - res://C:\Program Files\Windows Live Toolbar\Components\en-ww\msntabres.dll.mui/229?7dabcde81c6d47298968ecae347cd175 O8 - Extra context menu item: Open in new foreground tab - res://C:\Program Files\Windows Live Toolbar\Components\en-ww\msntabres.dll.mui/230?7dabcde81c6d47298968ecae347cd175 O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: Spyware Terminator Clam Service (sp_clamsrv) - Crawler.com - C:\Program Files\WinClamAVShield\sp_clamsrv.exe O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe

Profil

dr_Bora Poslao: 09 Okt 2007 20:21 Idi na vrh
offline dr_Bora Anti Malware Fighter Rank 2 Pridružio: 24 Jul 2007 Poruke: 12280 Gde živiš: Höganäs, SE	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Pokreni HT, skeniraj i čekiraj sledeću liniju: O3 - Toolbar: &Crawler Toolbar - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll (file missing) a zatim klikni na Fix Checked. ------------------------------------------------------------------------------------- Skini program Avenger sa sledeceg linka: http://swandog46.geekstogo.com/avenger.zip Na prvom ekranu selektuj Input script manually pa klikni na ikonicu lupe. U prozoru koji ce se pojaviti unesi sledeci tekst: `Files to delete: C:\WINDOWS\system32\crypt3.dll` Klikni na dugme Done. Vratice te na prvi ekran gde je sada potrebno kliknuti na ikonicu semafora. Ukoliko ti program sam ne zatrazi restart, onda ti sam restartuj racunar. Nakon restartovanja bi file trebao da bude obrisan, i backup napravljen u folderu c:\avenger. Postavi ovde sadržaj file-a C:\avenger.txt i novi HT log.

Profil

ukidzoni Poslao: 09 Okt 2007 20:32 Idi na vrh
offline ukidzoni Novi MyCity građanin Pridružio: 09 Okt 2007 Poruke: 11	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Logfile of The Avenger version 1, by Swandog46 Running from registry key: \Registry\Machine\System\CurrentControlSet\Services\kpybvqci ***************** Script file located at: \??\C:\Documents and Settings\iowogfyh.txt Script file opened successfully. Script file read successfully Backups directory opened successfully at C:\Avenger *************** Beginning to process script file: Could not open file C:\WINDOWS\system32\crypt3.dll for deletion Deletion of file C:\WINDOWS\system32\crypt3.dll failed! Could not process line: C:\WINDOWS\system32\crypt3.dll Status: 0xc0000022 Completed script processing. ***************** Finished! Terminate. Logfile of HijackThis v1.99.1 Scan saved at 20:30:58, on 09-Oct-07 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\Explorer.EXE C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe C:\WINDOWS\vVX3000.exe C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe C:\Program Files\MSN Messenger\MsnMsgr.Exe C:\Program Files\Common Files\Teleca Shared\CapabilityManager.exe C:\WINDOWS\system32\notepad.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe c:\Program Files\Microsoft LifeCam\MSCamS32.exe C:\Program Files\Spyware Terminator\sp_rsser.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\WINDOWS\system32\wscntfy.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Common Files\Teleca Shared\Generic.exe C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe C:\Program Files\Outlook Express\msimn.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Documents and Settings\PC\Desktop\tr3.exe R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: (no name) - {C994CEE8-89E5-435B-ABF0-97019376D679} - C:\WINDOWS\system32\crypt3.dll O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll (file missing) O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [SpywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe" O4 - HKLM\..\Run: [LifeCam] "c:\Program Files\Microsoft LifeCam\LifeExp.exe" O4 - HKLM\..\Run: [VX3000] C:\WINDOWS\vVX3000.exe O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm O8 - Extra context menu item: Add to Windows &Live Favorites - favorites.live.com/quickadd.aspx O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Open in new background tab - res://C:\Program Files\Windows Live Toolbar\Components\en-ww\msntabres.dll.mui/229?7dabcde81c6d47298968ecae347cd175 O8 - Extra context menu item: Open in new foreground tab - res://C:\Program Files\Windows Live Toolbar\Components\en-ww\msntabres.dll.mui/230?7dabcde81c6d47298968ecae347cd175 O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: Spyware Terminator Clam Service (sp_clamsrv) - Crawler.com - C:\Program Files\WinClamAVShield\sp_clamsrv.exe O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe

Profil

dr_Bora Poslao: 09 Okt 2007 20:45 Idi na vrh
offline dr_Bora Anti Malware Fighter Rank 2 Pridružio: 24 Jul 2007 Poruke: 12280 Gde živiš: Höganäs, SE	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Skeniraj komp sa GMER-om i postavi log da proverimo da nema nekih rootkitova... Uradi sledeće: Preuzmi fajl gmer.zip sa ovog linka i sačuvaj na Desktop-u. Raspakuj ga u neki folder. Dupli klik na gmer.exe za početak: Izaberi Rootkit Tab na vrhu. Klikni na Scan. Kada je skeniranje završeno, klik na Copy dugme ispod - ovo će sačuvati to u Clipboard. Iskoristi opciju Paste u Notepad-u da bi to prebacio u tekst. Snimi taj tekst iz Notepada kao file1.txt. Ponovi ovo isto sa Autostart Tab-om. Snimi taj tekst iz Notepada kao file2.txt. Iskopiraj nam ovde sadrzaj ta dva fajla koja smo malopre snimili. Napomena: ukoliko je file1.txt veći od pedesetak KB, nemoj ga kopirati u poruku već ga priloži (koristi opciju Prikači Fajl). Dopuna: 09 Okt 2007 20:45 Takođe, uradi sledeće: skini ComboFix sa jedne od sledecih adresa: http://www.techsupportforum.com/sectools/sUBs/ComboFix.exe http://download.bleepingcomputer.com/sUBs/ComboFix.exe Startuj ga i ne diraj prozor programa dok skenira. Sledi uputstva na ekranu. Kada zavrsi pojavice se log koji ces nam ovde iskopirati.

Profil

ukidzoni Poslao: 09 Okt 2007 21:13 Idi na vrh
offline ukidzoni Novi MyCity građanin Pridružio: 09 Okt 2007 Poruke: 11	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! GMER 1.0.13.12551 - gmer.net Rootkit scan 2007-10-09 21:08:03 Windows 5.1.2600 Service Pack 2 ---- System - GMER 1.0.13 ---- SSDT \??\C:\WINDOWS\system32\drivers\sp_rsdrv2.sys ZwClose SSDT \??\C:\WINDOWS\system32\drivers\sp_rsdrv2.sys ZwCreateFile SSDT \??\C:\WINDOWS\system32\drivers\sp_rsdrv2.sys ZwCreateKey SSDT \??\C:\WINDOWS\system32\drivers\sp_rsdrv2.sys ZwCreateSection SSDT \??\C:\WINDOWS\system32\drivers\sp_rsdrv2.sys ZwDeleteKey SSDT \??\C:\WINDOWS\system32\drivers\sp_rsdrv2.sys ZwDeleteValueKey SSDT \??\C:\WINDOWS\system32\drivers\sp_rsdrv2.sys ZwLoadDriver SSDT \??\C:\WINDOWS\system32\drivers\sp_rsdrv2.sys ZwOpenFile SSDT \??\C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.sys ZwOpenProcess SSDT \??\C:\WINDOWS\system32\drivers\sp_rsdrv2.sys ZwSetValueKey SSDT \??\C:\WINDOWS\system32\drivers\sp_rsdrv2.sys ZwTerminateProcess SSDT \??\C:\WINDOWS\system32\drivers\sp_rsdrv2.sys ZwWriteFile ---- Kernel code sections - GMER 1.0.13 ---- PAGE ntoskrnl.exe!RtlCopySid + 38 80567B83 7 Bytes JMP F87B5F46 mjuamewv.dat ? mjuamewv.dat The system cannot find the file specified. ? kuscvkmt.sys The system cannot find the file specified. ---- User code sections - GMER 1.0.13 ---- .text C:\Program Files\MSN Messenger\MsnMsgr.Exe[204] kernel32.dll!SetUnhandledExceptionFilter 7C810386 5 Bytes JMP 004DE392 C:\Program Files\MSN Messenger\MsnMsgr.Exe ---- User IAT/EAT - GMER 1.0.13 ---- IAT C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe[128] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [63602B3E] C:\Program Files\Yahoo!\Shared\YbSkin2.dll IAT C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe[128] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [63602A5B] C:\Program Files\Yahoo!\Shared\YbSkin2.dll IAT C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe[128] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [63602441] C:\Program Files\Yahoo!\Shared\YbSkin2.dll IAT C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe[128] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [63602AA2] C:\Program Files\Yahoo!\Shared\YbSkin2.dll IAT C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe[128] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [63602B3E] C:\Program Files\Yahoo!\Shared\YbSkin2.dll IAT C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe[128] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [63602A5B] C:\Program Files\Yahoo!\Shared\YbSkin2.dll IAT C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe[128] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [63602441] C:\Program Files\Yahoo!\Shared\YbSkin2.dll IAT C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe[128] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [63602AA2] C:\Program Files\Yahoo!\Shared\YbSkin2.dll IAT C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe[128] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [63602AE9] C:\Program Files\Yahoo!\Shared\YbSkin2.dll IAT C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe[128] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [63602B3E] C:\Program Files\Yahoo!\Shared\YbSkin2.dll IAT C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe[128] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [63602AA2] C:\Program Files\Yahoo!\Shared\YbSkin2.dll IAT C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe[128] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [63602A5B] C:\Program Files\Yahoo!\Shared\YbSkin2.dll IAT C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe[128] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [63602441] C:\Program Files\Yahoo!\Shared\YbSkin2.dll IAT C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe[128] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!DefWindowProcA] [6360208F] C:\Program Files\Yahoo!\Shared\YbSkin2.dll IAT C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe[128] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!DefWindowProcW] [63602065] C:\Program Files\Yahoo!\Shared\YbSkin2.dll IAT C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe[128] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!GetSysColor] [63601FC4] C:\Program Files\Yahoo!\Shared\YbSkin2.dll IAT C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe[128] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!TrackPopupMenu] [636015C8] C:\Program Files\Yahoo!\Shared\YbSkin2.dll IAT C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe[128] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!TrackPopupMenuEx] [636015EF] C:\Program Files\Yahoo!\Shared\YbSkin2.dll IAT C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe[128] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!AnimateWindow] [63601740] C:\Program Files\Yahoo!\Shared\YbSkin2.dll IAT C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe[128] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!TrackPopupMenuEx] [636015EF] C:\Program Files\Yahoo!\Shared\YbSkin2.dll IAT C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe[128] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!DefWindowProcA] [6360208F] C:\Program Files\Yahoo!\Shared\YbSkin2.dll IAT C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe[128] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!GetSysColor] [63601FC4] C:\Program Files\Yahoo!\Shared\YbSkin2.dll IAT C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe[128] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!DefWindowProcW] [63602065] C:\Program Files\Yahoo!\Shared\YbSkin2.dll IAT C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe[128] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!TrackPopupMenu] [636015C8] C:\Program Files\Yahoo!\Shared\YbSkin2.dll IAT C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe[128] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [63602A5B] C:\Program Files\Yahoo!\Shared\YbSkin2.dll IAT C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe[128] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [63602AA2] C:\Program Files\Yahoo!\Shared\YbSkin2.dll IAT C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe[128] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] [63602441] C:\Program Files\Yahoo!\Shared\YbSkin2.dll IAT C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe[128] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] [63602B3E] C:\Program Files\Yahoo!\Shared\YbSkin2.dll IAT C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe[128] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] [63602AE9] C:\Program Files\Yahoo!\Shared\YbSkin2.dll ---- Devices - GMER 1.0.13 ---- AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_CREATE [F87058E6] aswTdi.SYS AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_CREATE_NAMED_PIPE [F87058E6] aswTdi.SYS AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_CLOSE [F87058E6] aswTdi.SYS AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_READ [F87058E6] aswTdi.SYS AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_WRITE [F87058E6] aswTdi.SYS AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_QUERY_INFORMATION [F87058E6] aswTdi.SYS AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_SET_INFORMATION [F87058E6] aswTdi.SYS AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_QUERY_EA [F87058E6] aswTdi.SYS AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_SET_EA [F87058E6] aswTdi.SYS AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_FLUSH_BUFFERS [F87058E6] aswTdi.SYS AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_QUERY_VOLUME_INFORMATION [F87058E6] aswTdi.SYS AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_SET_VOLUME_INFORMATION [F87058E6] aswTdi.SYS AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_DIRECTORY_CONTROL [F87058E6] aswTdi.SYS AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_FILE_SYSTEM_CONTROL [F87058E6] aswTdi.SYS AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_DEVICE_CONTROL [F87058E6] aswTdi.SYS AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_INTERNAL_DEVICE_CONTROL [F87052C0] aswTdi.SYS AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_SHUTDOWN [F87058E6] aswTdi.SYS AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_LOCK_CONTROL [F87058E6] aswTdi.SYS AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_CLEANUP [F87058E6] aswTdi.SYS AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_CREATE_MAILSLOT [F87058E6] aswTdi.SYS AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_QUERY_SECURITY [F87058E6] aswTdi.SYS AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_SET_SECURITY [F87058E6] aswTdi.SYS AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_POWER [F87058E6] aswTdi.SYS AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_SYSTEM_CONTROL [F87058E6] aswTdi.SYS AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_DEVICE_CHANGE [F87058E6] aswTdi.SYS AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_QUERY_QUOTA [F87058E6] aswTdi.SYS AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_SET_QUOTA [F87058E6] aswTdi.SYS AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_CREATE [F87058E6] aswTdi.SYS AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_CREATE_NAMED_PIPE [F87058E6] aswTdi.SYS AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_CLOSE [F87058E6] aswTdi.SYS AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_READ [F87058E6] aswTdi.SYS AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_WRITE [F87058E6] aswTdi.SYS AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_QUERY_INFORMATION [F87058E6] aswTdi.SYS AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_SET_INFORMATION [F87058E6] aswTdi.SYS AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_QUERY_EA [F87058E6] aswTdi.SYS AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_SET_EA [F87058E6] aswTdi.SYS AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_FLUSH_BUFFERS [F87058E6] aswTdi.SYS AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_QUERY_VOLUME_INFORMATION [F87058E6] aswTdi.SYS AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_SET_VOLUME_INFORMATION [F87058E6] aswTdi.SYS AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_DIRECTORY_CONTROL [F87058E6] aswTdi.SYS AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_FILE_SYSTEM_CONTROL [F87058E6] aswTdi.SYS AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_DEVICE_CONTROL [F87058E6] aswTdi.SYS AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_INTERNAL_DEVICE_CONTROL [F87052C0] aswTdi.SYS AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_SHUTDOWN [F87058E6] aswTdi.SYS AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_LOCK_CONTROL [F87058E6] aswTdi.SYS AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_CLEANUP [F87058E6] aswTdi.SYS AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_CREATE_MAILSLOT [F87058E6] aswTdi.SYS AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_QUERY_SECURITY [F87058E6] aswTdi.SYS AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_SET_SECURITY [F87058E6] aswTdi.SYS AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_POWER [F87058E6] aswTdi.SYS AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_SYSTEM_CONTROL [F87058E6] aswTdi.SYS AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_DEVICE_CHANGE [F87058E6] aswTdi.SYS AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_QUERY_QUOTA [F87058E6] aswTdi.SYS AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_SET_QUOTA [F87058E6] aswTdi.SYS AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_CREATE [F87058E6] aswTdi.SYS AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_CREATE_NAMED_PIPE [F87058E6] aswTdi.SYS AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_CLOSE [F87058E6] aswTdi.SYS AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_READ [F87058E6] aswTdi.SYS AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_WRITE [F87058E6] aswTdi.SYS AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_QUERY_INFORMATION [F87058E6] aswTdi.SYS AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_SET_INFORMATION [F87058E6] aswTdi.SYS AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_QUERY_EA [F87058E6] aswTdi.SYS AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_SET_EA [F87058E6] aswTdi.SYS AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_FLUSH_BUFFERS [F87058E6] aswTdi.SYS AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_QUERY_VOLUME_INFORMATION [F87058E6] aswTdi.SYS AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_SET_VOLUME_INFORMATION [F87058E6] aswTdi.SYS AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_DIRECTORY_CONTROL [F87058E6] aswTdi.SYS AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_FILE_SYSTEM_CONTROL [F87058E6] aswTdi.SYS AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_DEVICE_CONTROL [F87058E6] aswTdi.SYS AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_INTERNAL_DEVICE_CONTROL [F87052C0] aswTdi.SYS AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_SHUTDOWN [F87058E6] aswTdi.SYS AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_LOCK_CONTROL [F87058E6] aswTdi.SYS AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_CLEANUP [F87058E6] aswTdi.SYS AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_CREATE_MAILSLOT [F87058E6] aswTdi.SYS AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_QUERY_SECURITY [F87058E6] aswTdi.SYS AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_SET_SECURITY [F87058E6] aswTdi.SYS AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_POWER [F87058E6] aswTdi.SYS AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_SYSTEM_CONTROL [F87058E6] aswTdi.SYS AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_DEVICE_CHANGE [F87058E6] aswTdi.SYS AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_QUERY_QUOTA [F87058E6] aswTdi.SYS AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_SET_QUOTA [F87058E6] aswTdi.SYS AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_CREATE [F87058E6] aswTdi.SYS AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_CREATE_NAMED_PIPE [F87058E6] aswTdi.SYS AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_CLOSE [F87058E6] aswTdi.SYS AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_READ [F87058E6] aswTdi.SYS AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_WRITE [F87058E6] aswTdi.SYS AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_QUERY_INFORMATION [F87058E6] aswTdi.SYS AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_SET_INFORMATION [F87058E6] aswTdi.SYS AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_QUERY_EA [F87058E6] aswTdi.SYS AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_SET_EA [F87058E6] aswTdi.SYS AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_FLUSH_BUFFERS [F87058E6] aswTdi.SYS AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_QUERY_VOLUME_INFORMATION [F87058E6] aswTdi.SYS AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_SET_VOLUME_INFORMATION [F87058E6] aswTdi.SYS AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_DIRECTORY_CONTROL [F87058E6] aswTdi.SYS AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_FILE_SYSTEM_CONTROL [F87058E6] aswTdi.SYS AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_DEVICE_CONTROL [F87058E6] aswTdi.SYS AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_INTERNAL_DEVICE_CONTROL [F87052C0] aswTdi.SYS AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_SHUTDOWN [F87058E6] aswTdi.SYS AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_LOCK_CONTROL [F87058E6] aswTdi.SYS AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_CLEANUP [F87058E6] aswTdi.SYS AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_CREATE_MAILSLOT [F87058E6] aswTdi.SYS AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_QUERY_SECURITY [F87058E6] aswTdi.SYS AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_SET_SECURITY [F87058E6] aswTdi.SYS AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_POWER [F87058E6] aswTdi.SYS AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_SYSTEM_CONTROL [F87058E6] aswTdi.SYS AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_DEVICE_CHANGE [F87058E6] aswTdi.SYS AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_QUERY_QUOTA [F87058E6] aswTdi.SYS AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_SET_QUOTA [F87058E6] aswTdi.SYS AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_CREATE [A8809812] aswMon2.SYS AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_CREATE_NAMED_PIPE [A8809812] aswMon2.SYS AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_CLOSE [A8809812] aswMon2.SYS AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_READ [A8809812] aswMon2.SYS AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_WRITE [A8809812] aswMon2.SYS AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_QUERY_INFORMATION [A8809812] aswMon2.SYS AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_SET_INFORMATION [A8809812] aswMon2.SYS AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_QUERY_EA [A8809812] aswMon2.SYS AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_SET_EA [A8809812] aswMon2.SYS AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_FLUSH_BUFFERS [A8809812] aswMon2.SYS AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_QUERY_VOLUME_INFORMATION [A8809812] aswMon2.SYS AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_SET_VOLUME_INFORMATION [A8809812] aswMon2.SYS AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_DIRECTORY_CONTROL [A8809812] aswMon2.SYS AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_FILE_SYSTEM_CONTROL [A880AF76] aswMon2.SYS AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_DEVICE_CONTROL [A8809812] aswMon2.SYS AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_INTERNAL_DEVICE_CONTROL [A8809812] aswMon2.SYS AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_SHUTDOWN [A8809812] aswMon2.SYS AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_LOCK_CONTROL [A8809812] aswMon2.SYS AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_CLEANUP [A8809812] aswMon2.SYS AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_CREATE_MAILSLOT [A8809812] aswMon2.SYS AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_QUERY_SECURITY [A8809812] aswMon2.SYS AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_SET_SECURITY [A8809812] aswMon2.SYS AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_POWER [A8809812] aswMon2.SYS AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_SYSTEM_CONTROL [A8809812] aswMon2.SYS AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_DEVICE_CHANGE [A8809812] aswMon2.SYS AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_QUERY_QUOTA [A8809812] aswMon2.SYS AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_SET_QUOTA [A8809812] aswMon2.SYS ---- EOF - GMER 1.0.13 ---- GMER 1.0.13.12551 - gmer.net Autostart scan 2007-10-09 21:09:46 Windows 5.1.2600 Service Pack 2 HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems@Windows = %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,3072,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16 HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon@Userinit = C:\WINDOWS\SYSTEM32\Userinit.exe, HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent@DLLName = Ati2evxx.dll HKLM\SYSTEM\CurrentControlSet\Services\ >>> aswUpdSv /avast! iAVS4 Control Service/@ = "C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe" avast! Antivirus /avast! Antivirus/@ = "C:\Program Files\Alwil Software\Avast4\ashServ.exe" AVG Anti-Spyware Guard /AVG Anti-Spyware Guard/@ = C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe MSCamSvc /MSCamSvc/@ = "c:\Program Files\Microsoft LifeCam\MSCamS32.exe" Spooler /Print Spooler/@ = %SystemRoot%\system32\spoolsv.exe sp_rssrv /Spyware Terminator Realtime Shield Service/@ = "C:\Program Files\Spyware Terminator\sp_rsser.exe" HKLM\Software\Microsoft\Windows\CurrentVersion\Run >>> @ATIPTA"C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" = "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" @RemoteControl"C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" = "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" @avast!C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe = C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe @SpywareTerminator"C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe" = "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe" @LifeCam"c:\Program Files\Microsoft LifeCam\LifeExp.exe" = "c:\Program Files\Microsoft LifeCam\LifeExp.exe" @VX3000C:\WINDOWS\vVX3000.exe = C:\WINDOWS\vVX3000.exe @ /file not found/ = /file not found/ @Sony Ericsson PC Suite"C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions = "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions @!AVG Anti-Spyware"C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized = "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized HKCU\Software\Microsoft\Windows\CurrentVersion\Run >>> @CTFMON.EXEC:\WINDOWS\system32\ctfmon.exe = C:\WINDOWS\system32\ctfmon.exe @Yahoo! Pager"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet = "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet @MsnMsgr"C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background = "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background HKLM\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad@WPDShServiceObj = C:\WINDOWS\system32\WPDShServiceObj.dll HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks@{57B86673-276A-48B2-BAE7-C6DBB3020EB8} = C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\shellexecutehook.dll HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved >>> @{42071714-76d4-11d1-8b24-00a0c9068ff3} /Display Panning CPL Extension/deskpan.dll /file not found/ = deskpan.dll /file not found/ @{596AB062-B4D2-4215-9F74-E9109B0A8153} /Previous Versions Property Page/%SystemRoot%\system32\twext.dll = %SystemRoot%\system32\twext.dll @{9DB7A13C-F208-4981-8353-73CC61AE2783} /Previous Versions/%SystemRoot%\system32\twext.dll = %SystemRoot%\system32\twext.dll @{00E7B358-F65B-4dcf-83DF-CD026B94BFD4} /Autoplay for SlideShow/(null) = @{692F0339-CBAA-47e6-B5B5-3B84DB604E87} /Extensions Manager Folder/%SystemRoot%\system32\extmgr.dll = %SystemRoot%\system32\extmgr.dll @{E0D79304-84BE-11CE-9641-444553540000} /WinZip/C:\PROGRA~1\WINZIP\WZSHLSTB.DLL = C:\PROGRA~1\WINZIP\WZSHLSTB.DLL @{E0D79305-84BE-11CE-9641-444553540000} /WinZip/C:\PROGRA~1\WINZIP\WZSHLSTB.DLL = C:\PROGRA~1\WINZIP\WZSHLSTB.DLL @{E0D79306-84BE-11CE-9641-444553540000} /WinZip/C:\PROGRA~1\WINZIP\WZSHLSTB.DLL = C:\PROGRA~1\WINZIP\WZSHLSTB.DLL @{E0D79307-84BE-11CE-9641-444553540000} /WinZip/C:\PROGRA~1\WINZIP\WZSHLSTB.DLL = C:\PROGRA~1\WINZIP\WZSHLSTB.DLL @{BDEADF00-C265-11D0-BCED-00A0C90AB50F} /Web Folders/C:\PROGRA~1\COMMON~1\MICROS~1\WEBFOL~1\MSONSEXT.DLL = C:\PROGRA~1\COMMON~1\MICROS~1\WEBFOL~1\MSONSEXT.DLL @{00020D75-0000-0000-C000-000000000046} /Microsoft Office Outlook Desktop Icon Handler/C:\PROGRA~1\MICROS~2\OFFICE11\MLSHEXT.DLL = C:\PROGRA~1\MICROS~2\OFFICE11\MLSHEXT.DLL @{0006F045-0000-0000-C000-000000000046} /Microsoft Office Outlook Custom Icon Handler/C:\PROGRA~1\MICROS~2\OFFICE11\OLKFSTUB.DLL = C:\PROGRA~1\MICROS~2\OFFICE11\OLKFSTUB.DLL @{42042206-2D85-11D3-8CFF-005004838597} /Microsoft Office HTML Icon Handler/C:\Program Files\Microsoft Office\OFFICE11\msohev.dll = C:\Program Files\Microsoft Office\OFFICE11\msohev.dll @{472083B0-C522-11CF-8763-00608CC02F24} /avast/C:\Program Files\Alwil Software\Avast4\ashShell.dll = C:\Program Files\Alwil Software\Avast4\ashShell.dll @{5464D816-CF16-4784-B9F3-75C0DB52B499} /Yahoo! Mail/C:\PROGRA~1\YAHOO!\COMMON\ymmapi.dll = C:\PROGRA~1\YAHOO!\COMMON\ymmapi.dll @{D9872D13-7651-4471-9EEE-F0A00218BEBB} /Multiscan/(null) = @{BD88A479-9623-4897-8546-BC62B9628F44} /SPTHandler/C:\Program Files\Spyware Terminator\sptcontmenu.dll = C:\Program Files\Spyware Terminator\sptcontmenu.dll @{B41DB860-8EE4-11D2-9906-E49FADC173CA} /WinRAR shell extension/C:\Program Files\WinRAR\rarext.dll = C:\Program Files\WinRAR\rarext.dll @{35786D3C-B075-49b9-88DD-029876E11C01} /Portable Devices/%SystemRoot%\system32\wpdshext.dll = %SystemRoot%\system32\wpdshext.dll @{D6791A63-E7E2-4fee-BF52-5DED8E86E9B8} /Portable Devices Menu/%SystemRoot%\system32\wpdshext.dll = %SystemRoot%\system32\wpdshext.dll @{A5110426-177D-4e08-AB3F-785F10B4439C} /Sony Ericsson File Manager/C:\Program Files\Sony Ericsson\Mobile2\File Manager\fmgrgui.dll = C:\Program Files\Sony Ericsson\Mobile2\File Manager\fmgrgui.dll @{32020A01-506E-484D-A2A8-BE3CF17601C3} /AlcoholShellEx/(null) = @{FC9FB64A-1EB2-4CCF-AF5E-1A497A9B5C2D} /Messenger Sharing Folders/C:\Program Files\MSN Messenger\fsshext.8.1.0178.00.dll = C:\Program Files\MSN Messenger\fsshext.8.1.0178.00.dll HKLM\Software\Classes\*\shellex\ContextMenuHandlers\ >>> avast@{472083B0-C522-11CF-8763-00608CC02F24} = C:\Program Files\Alwil Software\Avast4\ashShell.dll AVG Anti-Spyware@{8934FCEF-F5B8-468f-951F-78A921CD3920} = C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\context.dll SPTContMenu@{BD88A479-9623-4897-8546-BC62B9628F44} = C:\Program Files\Spyware Terminator\sptcontmenu.dll WinRAR@{B41DB860-8EE4-11D2-9906-E49FADC173CA} = C:\Program Files\WinRAR\rarext.dll WinZip@{E0D79304-84BE-11CE-9641-444553540000} = C:\PROGRA~1\WINZIP\WZSHLSTB.DLL Yahoo! Mail@{5464D816-CF16-4784-B9F3-75C0DB52B499} = C:\PROGRA~1\YAHOO!\COMMON\ymmapi.dll HKLM\Software\Classes\Directory\shellex\ContextMenuHandlers\ >>> AVG Anti-Spyware@{8934FCEF-F5B8-468f-951F-78A921CD3920} = C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\context.dll WinRAR@{B41DB860-8EE4-11D2-9906-E49FADC173CA} = C:\Program Files\WinRAR\rarext.dll WinZip@{E0D79304-84BE-11CE-9641-444553540000} = C:\PROGRA~1\WINZIP\WZSHLSTB.DLL HKLM\Software\Classes\Folder\shellex\ContextMenuHandlers\ >>> avast@{472083B0-C522-11CF-8763-00608CC02F24} = C:\Program Files\Alwil Software\Avast4\ashShell.dll SPTContMenu@{BD88A479-9623-4897-8546-BC62B9628F44} = C:\Program Files\Spyware Terminator\sptcontmenu.dll WinRAR@{B41DB860-8EE4-11D2-9906-E49FADC173CA} = C:\Program Files\WinRAR\rarext.dll WinZip@{E0D79304-84BE-11CE-9641-444553540000} = C:\PROGRA~1\WINZIP\WZSHLSTB.DLL HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects@{C994CEE8-89E5-435B-ABF0-97019376D679} = C:\WINDOWS\system32\crypt3.dll HKCU\Control Panel\Desktop@SCRNSAVE.EXE = C:\WINDOWS\system32\logon.scr HKLM\Software\Microsoft\Internet Explorer\Main >>> @Default_Page_URLhttp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome = microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome @Start Pagehttp://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home = microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home @Local PageC:\windows\system32\blank.htm = C:\windows\system32\blank.htm HKCU\Software\Microsoft\Internet Explorer\Main >>> @Start Pagehttp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome = microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome @Local PageC:\windows\system32\blank.htm = C:\windows\system32\blank.htm HKLM\Software\Classes\PROTOCOLS\Filter\text/xml@CLSID = C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL HKLM\Software\Classes\PROTOCOLS\Handler\ >>> dvd@CLSID = C:\WINDOWS\system32\msvidctl.dll its@CLSID = C:\WINDOWS\system32\itss.dll livecall@CLSID = C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL mhtml@CLSID = %SystemRoot%\system32\inetcomm.dll ms-its@CLSID = C:\WINDOWS\system32\itss.dll msnim@CLSID = C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL mso-offdap@CLSID = C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\10\OWC10.DLL mso-offdap11@CLSID = C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL skype4com@CLSID = C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL tv@CLSID = C:\WINDOWS\system32\msvidctl.dll HKLM\Software\Classes\PROTOCOLS\Handler\wia@CLSID = C:\WINDOWS\system32\wiascr.dll ---- EOF - GMER 1.0.13 ----

Profil

dr_Bora Poslao: 09 Okt 2007 21:27 Idi na vrh
offline dr_Bora Anti Malware Fighter Rank 2 Pridružio: 24 Jul 2007 Poruke: 12280 Gde živiš: Höganäs, SE	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! ComboFix log?

Profil

MyCity » Ambulanta -> Arhiva Ambulante » SmitFraud problem...

Ko je trenutno na forumu

Ukupno su 773 korisnika na forumu :: 23 registrovanih, 4 sakrivenih i 746 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: A.R.Chafee.Jr., antonije64, cuculo, draganca, jackreacher011011, janbo, krkalon, LUDI, mercedesamg, MiroslavD, Mlav, naki011, nikoladim, panzerwaffe, Pohovani_00, rodoljub, Romibrat, sasa87, Srle993, stegonosa, Tvrtko I, vathra, vladetije

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by