Mozilla Firefox...Hitan Problem...

Mozilla Firefox...Hitan Problem...

offline
  • Pridružio: 12 Avg 2008
  • Poruke: 708
  • Gde živiš: Bogu iza tregera!

Ovako...Prvo malo da opisem problem...
Problem br. 1 u vezi Mozille Firefox

Prije 2 dana mi se Mozilla odjednom pocela zatvarati...
Npr...
Kucam ovaj text, i evo sad se zatvori mozilla...niti je izbacilo error niti je izbacilo onaj prozorcic Send Eror Report ili tako nesto...
Zatvori se tako brzo...niti nesto zastopa, pa da "padne" proces ili tako nesto...Jednostavno..."nestane" s ekrana...

Problem Br.2 u vezi Mozille Firefox
Takodje prije 2 dana mi se poceo desavati sledeci problem...
Otvorim mozilu, i za pocetnu stranicu mi stavi http://www.googlebreak.com/?CID=3&PID=STV
Ja fino vratim na www.google.com, i nesto cackam...i opet vrati(nakon nekog vremena)home page da bude http://www.googlebreak.com/?CID=3&PID=STV...
Sto se tice oba problema...ja bih lako mogao reinstalisati mozilu...ali bookmarkse mi mrsko snimati, pa kasnije opet preslagivati...a i svejedno hocu da vidim u cemu je problem...da se nebi opet ponovilo...


Podaci

Osnovni Podaci
Windows XP sp2, 32 bit-ni, 1.5 gb rama, procesor 3 GHz, sve radi savrseno, osim ovih problema...

Log File
DDS (Ver_09-12-01.01) - NTFSx86
Run by x-Death-x at 19:05:02,15 on cet 11.02.2010
Internet Explorer: 6.0.2900.2180 BrowserJavaVersion: 1.6.0_17
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.1470.806 [GMT 1:00]

AV: avast! Antivirus *On-access scanning enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}

============== Running Processes ===============

C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\CyberLink\Shared files\RichVideo.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\PowerDVD\PDVDServ.exe
C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe
C:\Program Files\Stardock\ObjectDock\ObjectDock.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\YouTubeMP3Downloader\YouTubeMP3.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\x-Death-x\Desktop\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.googlebreak.com/?CID=3&PID=STV
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: ShowBarObjMp3 Class: {cf59ae24-5796-44fc-9575-8d4f383c65f8} - c:\program files\youtubemp3downloader\MinBHOMp3.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: YouTube MP3 Downloader: {f27a9a1d-6f23-442d-88c0-5dc40fd13dcd} - c:\program files\youtubemp3downloader\YouTubeMP3.dll
uRun: [MsnMsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background
mRun: [RTHDCPL] RTHDCPL.EXE
mRun: [CorelDRAW Graphics Suite 11b] c:\program files\corel\corel graphics 12\languages\en\programs\Registration.exe /title="CorelDRAW Graphics Suite 12" /date=021410 serial=xxx lang=EN
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
mRun: [RemoteControl] "c:\program files\powerdvd\PDVDServ.exe"
mRun: [LanguageShortcut] "c:\program files\powerdvd\language\Language.exe"
mRun: [avast5] c:\progra~1\alwils~1\avast5\avastUI.exe /nogui
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [eurobattlegui] "c:\program files\warcraft iii\eb.exe"
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
mExplorerRun: [ukl] c:\documents and settings\all users\application data\uklpr\wmpusrvc.exe
StartupFolder: c:\docume~1\x-deat~1\startm~1\programs\startup\stardo~1.lnk - c:\program files\stardock\objectdock\ObjectDock.exe
StartupFolder: c:\docume~1\x-deat~1\startm~1\programs\startup\warcra~1.lnk - c:\program files\warcraft iii\support\config.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\d-link~1.lnk - c:\program files\d-link airplus\AirPlus.exe
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
IE: {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - c:\program files\common files\sourcetec\swf catcher\InternetExplorer.htm
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Notify: AtiExtEvent - Ati2evxx.dll

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\x-deat~1\applic~1\mozilla\firefox\profiles\vk1wbsjs.default\
FF - prefs.js: browser.search.selectedEngine - www.googlebreak.com
FF - prefs.js: browser.startup.homepage - hxxp://www.googlebreak.com/?CID=3&PID=STV
FF - plugin: c:\documents and settings\x-death-x\application data\mozilla\firefox\profiles\vk1wbsjs.default\extensions\{e2883e8f-472f-4fb0-9522-ac9bf37916a7}\plugins\np_gp.dll
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}

---- FIREFOX POLICIES ----
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);

============= SERVICES / DRIVERS ===============

R0 d347bus;d347bus;c:\windows\system32\drivers\d347bus.sys [2010-1-2 155136]
R0 d347prt;d347prt;c:\windows\system32\drivers\d347prt.sys [2010-1-2 5248]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2009-12-31 162640]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2009-12-31 19024]
R2 avast! Antivirus;avast! Antivirus;c:\program files\alwil software\avast5\AvastSvc.exe [2010-1-24 40384]
R2 KLPP2Drv;KLPP2Drv;c:\documents and settings\all users\application data\uklpr\klpp2drv.sys []
R3 avast! Mail Scanner;avast! Mail Scanner;c:\program files\alwil software\avast5\AvastSvc.exe [2010-1-24 40384]
R3 avast! Web Scanner;avast! Web Scanner;c:\program files\alwil software\avast5\AvastSvc.exe [2010-1-24 40384]
R3 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2007-11-6 34064]
S3 GarenaPEngine;GarenaPEngine;c:\docume~1\x-deat~1\locals~1\temp\DIV62.tmp [2010-2-10 25616]

=============== Created Last 30 ================

2010-02-10 22:06:50 0 d-----w- c:\program files\Garena
2010-02-10 14:27:33 0 d-----w- c:\docume~1\alluse~1\applic~1\ukl
2010-02-10 14:27:29 0 d-----w- c:\docume~1\alluse~1\applic~1\uklpr
2010-02-09 17:33:06 0 d-----w- C:\Dota
2010-02-09 15:50:48 98671 ----a-w- c:\windows\War3Unin.dat
2010-02-09 15:50:48 2829 ----a-w- c:\windows\War3Unin.pif
2010-02-09 15:50:47 139264 ----a-w- c:\windows\War3Unin.exe
2010-02-08 19:40:13 0 d-----w- c:\windows\Eurobattle.net
2010-02-06 18:44:27 0 d-sha-r- C:\cmdcons
2010-02-06 14:11:52 691696 ----a-w- c:\windows\system32\drivers\sptd.sys
2010-02-06 10:51:01 2560 ----a-w- c:\windows\_MSRSTRT.EXE
2010-02-05 23:41:34 0 d-----w- c:\program files\JDownloader
2010-02-04 21:50:33 31616 -c--a-w- c:\windows\system32\dllcache\usbccgp.sys
2010-02-04 21:50:33 31616 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2010-02-02 19:50:35 0 d-----w- c:\program files\WinPcap
2010-02-02 19:50:25 0 d-----w- c:\program files\YouTubeMP3Downloader
2010-02-02 14:38:36 0 d-----w- c:\program files\Unlocker
2010-02-02 14:15:03 69 ----a-w- c:\windows\NeroDigital.ini
2010-02-02 04:35:49 4767 ----a-w- c:\windows\Irremote.ini
2010-02-02 04:20:03 0 d-----w- c:\docume~1\alluse~1\applic~1\Nero
2010-02-01 19:17:57 0 d-----w- c:\program files\VLC
2010-02-01 15:40:44 0 d-----w- c:\windows\system32\XPSViewer
2010-02-01 15:39:49 89088 -c----w- c:\windows\system32\dllcache\filterpipelineprintproc.dll
2010-02-01 15:39:49 597504 -c----w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2010-02-01 15:39:49 575488 -c----w- c:\windows\system32\dllcache\xpsshhdr.dll
2010-02-01 15:39:49 575488 ------w- c:\windows\system32\xpsshhdr.dll
2010-02-01 15:39:49 1676288 -c----w- c:\windows\system32\dllcache\xpssvcs.dll
2010-02-01 15:39:49 1676288 ------w- c:\windows\system32\xpssvcs.dll
2010-02-01 15:39:49 117760 ------w- c:\windows\system32\prntvpt.dll
2010-02-01 15:39:49 0 d-----w- C:\9d6e42c39e220bdf0352dc5ebce6
2010-02-01 15:36:40 0 d-----w- c:\program files\MSXML 6.0
2010-01-31 20:05:29 0 d-----w- c:\docume~1\x-deat~1\applic~1\TeamViewer
2010-01-31 20:04:50 0 d-----w- c:\program files\TeamViewer
2010-01-25 19:05:00 25600 -c--a-w- c:\windows\system32\dllcache\usbser.sys
2010-01-25 19:05:00 25600 ----a-w- c:\windows\system32\drivers\usbser.sys
2010-01-25 19:01:37 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_ccdcmb_01005.Wdf
2010-01-25 19:01:34 0 ---ha-w- c:\windows\system32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf
2010-01-24 20:44:18 0 d-----w- c:\program files\Stardock
2010-01-24 20:35:25 5760054 ----a-w- c:\windows\AW_1600x1200.bmp
2010-01-24 20:33:20 3932214 ----a-w- c:\windows\InvaderDark1280.bmp
2010-01-24 20:23:14 3932214 ----a-w- c:\windows\AW_XenoMorph1280.bmp
2010-01-24 20:21:14 36864 ----a-w- c:\windows\system32\wbsys.dll
2010-01-24 20:21:14 0 d-----w- c:\program files\common files\Stardock
2010-01-24 20:21:14 0 d-----w- c:\program files\AlienWare
2010-01-24 18:42:58 0 d-----w- c:\docume~1\alluse~1\applic~1\Alwil Software
2010-01-23 21:53:13 0 d-----r- C:\AHCache
2010-01-22 07:56:20 0 d-----w- c:\windows\system32\SoftwareDistribution
2010-01-20 19:27:54 8608 ----a-w- c:\windows\system32\mpeg4ax.cat
2010-01-20 19:27:54 8587 ----a-w- c:\windows\system32\msaudio.cat
2010-01-20 19:27:54 73728 ----a-w- c:\windows\system32\TOverlay.ax
2010-01-20 19:27:54 700416 ----a-w- c:\windows\system32\AxisToolBar.ocx
2010-01-20 19:27:54 53248 ----a-w- c:\windows\system32\DSTimeStamp.ax
2010-01-20 19:27:54 438976 ----a-w- c:\windows\system32\MSHFLXGD.OCX
2010-01-20 19:27:54 40960 ----a-w- c:\windows\system32\wavdest.ax
2010-01-20 19:27:54 36864 ----a-w- c:\windows\system32\Sof2FFTPrj.ocx
2010-01-20 19:27:54 28672 ----a-w- c:\windows\system32\SpecBarPrj.ocx
2010-01-20 19:27:54 28672 ----a-w- c:\windows\system32\PCWinSoftPBar.ocx
2010-01-20 19:27:54 188416 ----a-w- c:\windows\system32\UScreenCapture.ax
2010-01-20 19:27:53 126976 ----a-w- c:\windows\system32\ArielColorCtrl.ocx
2010-01-20 19:26:56 0 d-----w- c:\program files\ScreenCapture

==================== Find3M ====================

2010-01-02 20:38:59 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-12-31 11:12:48 21640 ----a-w- c:\windows\system32\emptyregdb.dat
2009-12-29 21:29:58 258352 ----a-w- c:\windows\system32\unicows.dll

============= FINISH: 19:06:45,31 ===============


Attach.txt File
https://www.mycity.rs/must-login.png

RootRepeal Scan Report

ROOTREPEAL (c) AD, 2007-2009
==================================================
Scan Start Time: 2010/02/11 19:13
Program Version: Version 1.3.5.0
Windows Version: Windows XP SP2
==================================================

Drivers
-------------------
Name:
Image Path:
Address: 0xBA5DA000 Size: 98304 File Visible: No Signed: -
Status: -

Name:
Image Path:
Address: 0x00000000 Size: 0 File Visible: No Signed: -
Status: -

Name: dump_atapi.sys
Image Path: C:\WINDOWS\System32\Drivers\dump_atapi.sys
Address: 0xB4C2C000 Size: 98304 File Visible: No Signed: -
Status: -

Name: dump_WMILIB.SYS
Image Path: C:\WINDOWS\System32\Drivers\dump_WMILIB.SYS
Address: 0xBADE0000 Size: 8192 File Visible: No Signed: -
Status: -

Name: PCI_PNP5186
Image Path: \Driver\PCI_PNP5186
Address: 0x00000000 Size: 0 File Visible: No Signed: -
Status: -

Name: rootrepeal.sys
Image Path: C:\WINDOWS\system32\drivers\rootrepeal.sys
Address: 0xB1D3B000 Size: 49152 File Visible: No Signed: -
Status: -

Name: sphq.sys
Image Path: sphq.sys
Address: 0xBA6B4000 Size: 995328 File Visible: No Signed: -
Status: -

Name: sptd
Image Path: \Driver\sptd
Address: 0x00000000 Size: 0 File Visible: No Signed: -
Status: -

Hidden/Locked Files
-------------------
Path: C:\System Volume Information\_restore{3A6AB0F6-9E39-4F85-A3AC-EFAB58657B3F}\RP112\A0022150.LNK
Status: Visible to the Windows API, but not on disk.

Path: C:\System Volume Information\_restore{3A6AB0F6-9E39-4F85-A3AC-EFAB58657B3F}\RP112\A0022151.LNK
Status: Visible to the Windows API, but not on disk.

Path: C:\Documents and Settings\All Users\Application Data\uklpr\appface.dll
Status: Invisible to the Windows API!

Path: C:\Documents and Settings\All Users\Application Data\uklpr\KLKlMon.dll
Status: Invisible to the Windows API!

Path: C:\Documents and Settings\All Users\Application Data\uklpr\klpp2drv.sys
Status: Invisible to the Windows API!

Path: C:\Documents and Settings\All Users\Application Data\uklpr\klpp2man.exe
Status: Invisible to the Windows API!

Path: C:\Documents and Settings\All Users\Application Data\uklpr\ui.urf
Status: Invisible to the Windows API!

Path: C:\Documents and Settings\All Users\Application Data\uklpr\unukl.exe
Status: Invisible to the Windows API!

Path: C:\Documents and Settings\All Users\Application Data\uklpr\wmpusrvc.exe
Status: Invisible to the Windows API!

SSDT
-------------------
#: 025 Function Name: NtClose
Status: Hooked by "C:\WINDOWS\System32\Drivers\aswSP.SYS" at address 0xb5999bbc

#: 041 Function Name: NtCreateKey
Status: Hooked by "C:\WINDOWS\System32\Drivers\aswSP.SYS" at address 0xb5999a78

#: 045 Function Name: NtCreatePagingFile
Status: Hooked by "d347bus.sys" at address 0xba677a20

#: 063 Function Name: NtDeleteKey
Status: Hooked by "C:\WINDOWS\System32\Drivers\aswSP.SYS" at address 0xb599a02c

#: 065 Function Name: NtDeleteValueKey
Status: Hooked by "C:\WINDOWS\System32\Drivers\aswSP.SYS" at address 0xb5999f56

#: 068 Function Name: NtDuplicateObject
Status: Hooked by "C:\WINDOWS\System32\Drivers\aswSP.SYS" at address 0xb599964e

#: 071 Function Name: NtEnumerateKey
Status: Hooked by "d347bus.sys" at address 0xba6782a8

#: 073 Function Name: NtEnumerateValueKey
Status: Hooked by "d347bus.sys" at address 0xba683910

#: 119 Function Name: NtOpenKey
Status: Hooked by "C:\WINDOWS\System32\Drivers\aswSP.SYS" at address 0xb5999b52

#: 122 Function Name: NtOpenProcess
Status: Hooked by "C:\WINDOWS\System32\Drivers\aswSP.SYS" at address 0xb599958e

#: 128 Function Name: NtOpenThread
Status: Hooked by "C:\WINDOWS\System32\Drivers\aswSP.SYS" at address 0xb59995f2

#: 145 Function Name: NtQueryDirectoryFile
Status: Hooked by "C:\Documents and Settings\All Users\Application Data\uklpr\klpp2drv.sys" at address 0xb2677990

#: 160 Function Name: NtQueryKey
Status: Hooked by "d347bus.sys" at address 0xba6782c8

#: 173 Function Name: NtQuerySystemInformation
Status: Hooked by "C:\Documents and Settings\All Users\Application Data\uklpr\klpp2drv.sys" at address 0xb267a9e0

#: 177 Function Name: NtQueryValueKey
Status: Hooked by "C:\WINDOWS\System32\Drivers\aswSP.SYS" at address 0xb5999c72

#: 192 Function Name: NtRenameKey
Status: Hooked by "C:\WINDOWS\System32\Drivers\aswSP.SYS" at address 0xb599a0fa

#: 204 Function Name: NtRestoreKey
Status: Hooked by "C:\WINDOWS\System32\Drivers\aswSP.SYS" at address 0xb5999c32

#: 241 Function Name: NtSetSystemPowerState
Status: Hooked by "d347bus.sys" at address 0xba6830b0

#: 247 Function Name: NtSetValueKey
Status: Hooked by "C:\WINDOWS\System32\Drivers\aswSP.SYS" at address 0xb5999db2

Stealth Objects
-------------------
Object: Hidden Code [Driver: Ntfs, IRP_MJ_READ]
Process: System Address: 0x89a6f0d8 Size: 11

Object: Hidden Code [Driver: Ntfs, IRP_MJ_QUERY_INFORMATION]
Process: System Address: 0x899f51f8 Size: 121

Object: Hidden Code [Driver: Ntfs, IRP_MJ_QUERY_EA]
Process: System Address: 0x899f51f8 Size: 121

Object: Hidden Code [Driver: Ntfs, IRP_MJ_SET_EA]
Process: System Address: 0x899f51f8 Size: 121

Object: Hidden Code [Driver: Ntfs, IRP_MJ_FLUSH_BUFFERS]
Process: System Address: 0x899f51f8 Size: 121

Object: Hidden Code [Driver: Ntfs, IRP_MJ_QUERY_VOLUME_INFORMATION]
Process: System Address: 0x899f51f8 Size: 121

Object: Hidden Code [Driver: Ntfs, IRP_MJ_SET_VOLUME_INFORMATION]
Process: System Address: 0x899f51f8 Size: 121

Object: Hidden Code [Driver: Ntfs, IRP_MJ_DIRECTORY_CONTROL]
Process: System Address: 0x899f51f8 Size: 121

Object: Hidden Code [Driver: Ntfs, IRP_MJ_FILE_SYSTEM_CONTROL]
Process: System Address: 0x899f51f8 Size: 121

Object: Hidden Code [Driver: Ntfs, IRP_MJ_DEVICE_CONTROL]
Process: System Address: 0x899f51f8 Size: 121

Object: Hidden Code [Driver: Ntfs, IRP_MJ_SHUTDOWN]
Process: System Address: 0x899f51f8 Size: 121

Object: Hidden Code [Driver: Ntfs, IRP_MJ_LOCK_CONTROL]
Process: System Address: 0x899f51f8 Size: 121

Object: Hidden Code [Driver: Ntfs, IRP_MJ_QUERY_SECURITY]
Process: System Address: 0x899f51f8 Size: 121

Object: Hidden Code [Driver: Ntfs, IRP_MJ_SET_SECURITY]
Process: System Address: 0x899f51f8 Size: 121

Object: Hidden Code [Driver: Ntfs, IRP_MJ_QUERY_QUOTA]
Process: System Address: 0x899f51f8 Size: 121

Object: Hidden Code [Driver: Ntfs, IRP_MJ_SET_QUOTA]
Process: System Address: 0x899f51f8 Size: 121

Object: Hidden Code [Driver: Ntfs, IRP_MJ_PNP]
Process: System Address: 0x899f51f8 Size: 121

Object: Hidden Code [Driver: atapi, IRP_MJ_CREATE]
Process: System Address: 0x89625d40 Size: 99

Object: Hidden Code [Driver: atapi, IRP_MJ_CREATE_NAMED_PIPE]
Process: System Address: 0x89625d40 Size: 99

Object: Hidden Code [Driver: atapi, IRP_MJ_CLOSE]
Process: System Address: 0x89625d40 Size: 99

Object: Hidden Code [Driver: atapi, IRP_MJ_READ]
Process: System Address: 0x89625d40 Size: 99

Object: Hidden Code [Driver: atapi, IRP_MJ_WRITE]
Process: System Address: 0x89625d40 Size: 99

Object: Hidden Code [Driver: atapi, IRP_MJ_QUERY_INFORMATION]
Process: System Address: 0x89625d40 Size: 99

Object: Hidden Code [Driver: atapi, IRP_MJ_SET_INFORMATION]
Process: System Address: 0x89625d40 Size: 99

Object: Hidden Code [Driver: atapi, IRP_MJ_QUERY_EA]
Process: System Address: 0x89625d40 Size: 99

Object: Hidden Code [Driver: atapi, IRP_MJ_SET_EA]
Process: System Address: 0x89625d40 Size: 99

Object: Hidden Code [Driver: atapi, IRP_MJ_FLUSH_BUFFERS]
Process: System Address: 0x89625d40 Size: 99

Object: Hidden Code [Driver: atapi, IRP_MJ_QUERY_VOLUME_INFORMATION]
Process: System Address: 0x89625d40 Size: 99

Object: Hidden Code [Driver: atapi, IRP_MJ_SET_VOLUME_INFORMATION]
Process: System Address: 0x89625d40 Size: 99

Object: Hidden Code [Driver: atapi, IRP_MJ_DIRECTORY_CONTROL]
Process: System Address: 0x89625d40 Size: 99

Object: Hidden Code [Driver: atapi, IRP_MJ_FILE_SYSTEM_CONTROL]
Process: System Address: 0x89625d40 Size: 99

Object: Hidden Code [Driver: atapi, IRP_MJ_DEVICE_CONTROL]
Process: System Address: 0x89625d40 Size: 99

Object: Hidden Code [Driver: atapi, IRP_MJ_INTERNAL_DEVICE_CONTROL]
Process: System Address: 0x89625d40 Size: 99

Object: Hidden Code [Driver: atapi, IRP_MJ_SHUTDOWN]
Process: System Address: 0x89625d40 Size: 99

Object: Hidden Code [Driver: atapi, IRP_MJ_LOCK_CONTROL]
Process: System Address: 0x89625d40 Size: 99

Object: Hidden Code [Driver: atapi, IRP_MJ_CLEANUP]
Process: System Address: 0x89625d40 Size: 99

Object: Hidden Code [Driver: atapi, IRP_MJ_CREATE_MAILSLOT]
Process: System Address: 0x89625d40 Size: 99

Object: Hidden Code [Driver: atapi, IRP_MJ_QUERY_SECURITY]
Process: System Address: 0x89625d40 Size: 99

Object: Hidden Code [Driver: atapi, IRP_MJ_SET_SECURITY]
Process: System Address: 0x89625d40 Size: 99

Object: Hidden Code [Driver: atapi, IRP_MJ_POWER]
Process: System Address: 0x89625d40 Size: 99

Object: Hidden Code [Driver: atapi, IRP_MJ_SYSTEM_CONTROL]
Process: System Address: 0x89625d40 Size: 99

Object: Hidden Code [Driver: atapi, IRP_MJ_DEVICE_CHANGE]
Process: System Address: 0x89625d40 Size: 99

Object: Hidden Code [Driver: atapi, IRP_MJ_QUERY_QUOTA]
Process: System Address: 0x89625d40 Size: 99

Object: Hidden Code [Driver: atapi, IRP_MJ_SET_QUOTA]
Process: System Address: 0x89625d40 Size: 99

Object: Hidden Code [Driver: atapi, IRP_MJ_PNP]
Process: System Address: 0x89625d40 Size: 99

Object: Hidden Code [Driver: Cdrom, IRP_MJ_CREATE]
Process: System Address: 0x89625c38 Size: 99

Object: Hidden Code [Driver: Cdrom, IRP_MJ_CREATE_NAMED_PIPE]
Process: System Address: 0x89625c38 Size: 99

Object: Hidden Code [Driver: Cdrom, IRP_MJ_CLOSE]
Process: System Address: 0x89625c38 Size: 99

Object: Hidden Code [Driver: Cdrom, IRP_MJ_READ]
Process: System Address: 0x89625c38 Size: 99

Object: Hidden Code [Driver: Cdrom, IRP_MJ_WRITE]
Process: System Address: 0x89625c38 Size: 99

Object: Hidden Code [Driver: Cdrom, IRP_MJ_QUERY_INFORMATION]
Process: System Address: 0x89625c38 Size: 99

Object: Hidden Code [Driver: Cdrom, IRP_MJ_SET_INFORMATION]
Process: System Address: 0x89625c38 Size: 99

Object: Hidden Code [Driver: Cdrom, IRP_MJ_QUERY_EA]
Process: System Address: 0x89625c38 Size: 99

Object: Hidden Code [Driver: Cdrom, IRP_MJ_SET_EA]
Process: System Address: 0x89625c38 Size: 99

Object: Hidden Code [Driver: Cdrom, IRP_MJ_FLUSH_BUFFERS]
Process: System Address: 0x89625c38 Size: 99

Object: Hidden Code [Driver: Cdrom, IRP_MJ_QUERY_VOLUME_INFORMATION]
Process: System Address: 0x89625c38 Size: 99

Object: Hidden Code [Driver: Cdrom, IRP_MJ_SET_VOLUME_INFORMATION]
Process: System Address: 0x89625c38 Size: 99

Object: Hidden Code [Driver: Cdrom, IRP_MJ_DIRECTORY_CONTROL]
Process: System Address: 0x89625c38 Size: 99

Object: Hidden Code [Driver: Cdrom, IRP_MJ_FILE_SYSTEM_CONTROL]
Process: System Address: 0x89625c38 Size: 99

Object: Hidden Code [Driver: Cdrom, IRP_MJ_DEVICE_CONTROL]
Process: System Address: 0x89625c38 Size: 99

Object: Hidden Code [Driver: Cdrom, IRP_MJ_INTERNAL_DEVICE_CONTROL]
Process: System Address: 0x89625c38 Size: 99

Object: Hidden Code [Driver: Cdrom, IRP_MJ_SHUTDOWN]
Process: System Address: 0x89625c38 Size: 99

Object: Hidden Code [Driver: Cdrom, IRP_MJ_LOCK_CONTROL]
Process: System Address: 0x89625c38 Size: 99

Object: Hidden Code [Driver: Cdrom, IRP_MJ_CLEANUP]
Process: System Address: 0x89625c38 Size: 99

Object: Hidden Code [Driver: Cdrom, IRP_MJ_CREATE_MAILSLOT]
Process: System Address: 0x89625c38 Size: 99

Object: Hidden Code [Driver: Cdrom, IRP_MJ_QUERY_SECURITY]
Process: System Address: 0x89625c38 Size: 99

Object: Hidden Code [Driver: Cdrom, IRP_MJ_SET_SECURITY]
Process: System Address: 0x89625c38 Size: 99

Object: Hidden Code [Driver: Cdrom, IRP_MJ_POWER]
Process: System Address: 0x89625c38 Size: 99

Object: Hidden Code [Driver: Cdrom, IRP_MJ_SYSTEM_CONTROL]
Process: System Address: 0x89625c38 Size: 99

Object: Hidden Code [Driver: Cdrom, IRP_MJ_DEVICE_CHANGE]
Process: System Address: 0x89625c38 Size: 99

Object: Hidden Code [Driver: Cdrom, IRP_MJ_QUERY_QUOTA]
Process: System Address: 0x89625c38 Size: 99

Object: Hidden Code [Driver: Cdrom, IRP_MJ_SET_QUOTA]
Process: System Address: 0x89625c38 Size: 99

Object: Hidden Code [Driver: Cdrom, IRP_MJ_PNP]
Process: System Address: 0x89625c38 Size: 99

Object: Hidden Code [Driver: dmio, IRP_MJ_CREATE]
Process: System Address: 0x899f71f8 Size: 121

Object: Hidden Code [Driver: dmio, IRP_MJ_CLOSE]
Process: System Address: 0x899f71f8 Size: 121

Object: Hidden Code [Driver: dmio, IRP_MJ_READ]
Process: System Address: 0x899f71f8 Size: 121

Object: Hidden Code [Driver: dmio, IRP_MJ_WRITE]
Process: System Address: 0x899f71f8 Size: 121

Object: Hidden Code [Driver: dmio, IRP_MJ_FLUSH_BUFFERS]
Process: System Address: 0x899f71f8 Size: 121

Object: Hidden Code [Driver: dmio, IRP_MJ_DEVICE_CONTROL]
Process: System Address: 0x899f71f8 Size: 121

Object: Hidden Code [Driver: dmio, IRP_MJ_INTERNAL_DEVICE_CONTROL]
Process: System Address: 0x899f71f8 Size: 121

Object: Hidden Code [Driver: dmio, IRP_MJ_SHUTDOWN]
Process: System Address: 0x899f71f8 Size: 121

Object: Hidden Code [Driver: dmio, IRP_MJ_POWER]
Process: System Address: 0x899f71f8 Size: 121

Object: Hidden Code [Driver: dmio, IRP_MJ_SYSTEM_CONTROL]
Process: System Address: 0x899f71f8 Size: 121

Object: Hidden Code [Driver: dmio, IRP_MJ_PNP]
Process: System Address: 0x899f71f8 Size: 121

Object: Hidden Code [Driver: usbohci, IRP_MJ_CREATE]
Process: System Address: 0x897301f8 Size: 121

Object: Hidden Code [Driver: usbohci, IRP_MJ_CLOSE]
Process: System Address: 0x897301f8 Size: 121

Object: Hidden Code [Driver: usbohci, IRP_MJ_DEVICE_CONTROL]
Process: System Address: 0x897301f8 Size: 121

Object: Hidden Code [Driver: usbohci, IRP_MJ_INTERNAL_DEVICE_CONTROL]
Process: System Address: 0x897301f8 Size: 121

Object: Hidden Code [Driver: usbohci, IRP_MJ_POWER]
Process: System Address: 0x897301f8 Size: 121

Object: Hidden Code [Driver: usbohci, IRP_MJ_SYSTEM_CONTROL]
Process: System Address: 0x897301f8 Size: 121

Object: Hidden Code [Driver: usbohci, IRP_MJ_PNP]
Process: System Address: 0x897301f8 Size: 121

Object: Hidden Code [Driver: Ftdisk, IRP_MJ_CREATE]
Process: System Address: 0x89a691f8 Size: 121

Object: Hidden Code [Driver: Ftdisk, IRP_MJ_READ]
Process: System Address: 0x89a691f8 Size: 121

Object: Hidden Code [Driver: Ftdisk, IRP_MJ_WRITE]
Process: System Address: 0x89a691f8 Size: 121

Object: Hidden Code [Driver: Ftdisk, IRP_MJ_FLUSH_BUFFERS]
Process: System Address: 0x89a691f8 Size: 121

Object: Hidden Code [Driver: Ftdisk, IRP_MJ_DEVICE_CONTROL]
Process: System Address: 0x89a691f8 Size: 121

Object: Hidden Code [Driver: Ftdisk, IRP_MJ_INTERNAL_DEVICE_CONTROL]
Process: System Address: 0x89a691f8 Size: 121

Object: Hidden Code [Driver: Ftdisk, IRP_MJ_SHUTDOWN]
Process: System Address: 0x89a691f8 Size: 121

Object: Hidden Code [Driver: Ftdisk, IRP_MJ_CLEANUP]
Process: System Address: 0x89a691f8 Size: 121

Object: Hidden Code [Driver: Ftdisk, IRP_MJ_POWER]
Process: System Address: 0x89a691f8 Size: 121

Object: Hidden Code [Driver: Ftdisk, IRP_MJ_SYSTEM_CONTROL]
Process: System Address: 0x89a691f8 Size: 121

Object: Hidden Code [Driver: Ftdisk, IRP_MJ_PNP]
Process: System Address: 0x89a691f8 Size: 121

Object: Hidden Code [Driver: d347prt, IRP_MJ_CREATE]
Process: System Address: 0x89589f00 Size: 99

Object: Hidden Code [Driver: d347prt, IRP_MJ_CREATE_NAMED_PIPE]
Process: System Address: 0x89589f00 Size: 99

Object: Hidden Code [Driver: d347prt, IRP_MJ_CLOSE]
Process: System Address: 0x89589f00 Size: 99

Object: Hidden Code [Driver: d347prt, IRP_MJ_READ]
Process: System Address: 0x89589f00 Size: 99

Object: Hidden Code [Driver: d347prt, IRP_MJ_WRITE]
Process: System Address: 0x89589f00 Size: 99

Object: Hidden Code [Driver: d347prt, IRP_MJ_QUERY_INFORMATION]
Process: System Address: 0x89589f00 Size: 99

Object: Hidden Code [Driver: d347prt, IRP_MJ_SET_INFORMATION]
Process: System Address: 0x89589f00 Size: 99

Object: Hidden Code [Driver: d347prt, IRP_MJ_QUERY_EA]
Process: System Address: 0x89589f00 Size: 99

Object: Hidden Code [Driver: d347prt, IRP_MJ_SET_EA]
Process: System Address: 0x89589f00 Size: 99

Object: Hidden Code [Driver: d347prt, IRP_MJ_FLUSH_BUFFERS]
Process: System Address: 0x89589f00 Size: 99

Object: Hidden Code [Driver: d347prt, IRP_MJ_QUERY_VOLUME_INFORMATION]
Process: System Address: 0x89589f00 Size: 99

Object: Hidden Code [Driver: d347prt, IRP_MJ_SET_VOLUME_INFORMATION]
Process: System Address: 0x89589f00 Size: 99

Object: Hidden Code [Driver: d347prt, IRP_MJ_DIRECTORY_CONTROL]
Process: System Address: 0x89589f00 Size: 99

Object: Hidden Code [Driver: d347prt, IRP_MJ_FILE_SYSTEM_CONTROL]
Process: System Address: 0x89589f00 Size: 99

Object: Hidden Code [Driver: d347prt, IRP_MJ_DEVICE_CONTROL]
Process: System Address: 0x89589f00 Size: 99

Object: Hidden Code [Driver: d347prt, IRP_MJ_INTERNAL_DEVICE_CONTROL]
Process: System Address: 0x89589f00 Size: 99

Object: Hidden Code [Driver: d347prt, IRP_MJ_SHUTDOWN]
Process: System Address: 0x89589f00 Size: 99

Object: Hidden Code [Driver: d347prt, IRP_MJ_LOCK_CONTROL]
Process: System Address: 0x89589f00 Size: 99

Object: Hidden Code [Driver: d347prt, IRP_MJ_CLEANUP]
Process: System Address: 0x89589f00 Size: 99

Object: Hidden Code [Driver: d347prt, IRP_MJ_CREATE_MAILSLOT]
Process: System Address: 0x89589f00 Size: 99

Object: Hidden Code [Driver: d347prt, IRP_MJ_QUERY_SECURITY]
Process: System Address: 0x89589f00 Size: 99

Object: Hidden Code [Driver: d347prt, IRP_MJ_SET_SECURITY]
Process: System Address: 0x89589f00 Size: 99

Object: Hidden Code [Driver: d347prt, IRP_MJ_POWER]
Process: System Address: 0x89589f00 Size: 99

Object: Hidden Code [Driver: d347prt, IRP_MJ_SYSTEM_CONTROL]
Process: System Address: 0x89589f00 Size: 99

Object: Hidden Code [Driver: d347prt, IRP_MJ_DEVICE_CHANGE]
Process: System Address: 0x89589f00 Size: 99

Object: Hidden Code [Driver: d347prt, IRP_MJ_QUERY_QUOTA]
Process: System Address: 0x89589f00 Size: 99

Object: Hidden Code [Driver: d347prt, IRP_MJ_SET_QUOTA]
Process: System Address: 0x89589f00 Size: 99

Object: Hidden Code [Driver: d347prt, IRP_MJ_PNP]
Process: System Address: 0x89589f00 Size: 99

Object: Hidden Code [Driver: NetBT, IRP_MJ_CREATE]
Process: System Address: 0x8924e1f8 Size: 121

Object: Hidden Code [Driver: NetBT, IRP_MJ_CLOSE]
Process: System Address: 0x8924e1f8 Size: 121

Object: Hidden Code [Driver: NetBT, IRP_MJ_DEVICE_CONTROL]
Process: System Address: 0x8924e1f8 Size: 121

Object: Hidden Code [Driver: NetBT, IRP_MJ_INTERNAL_DEVICE_CONTROL]
Process: System Address: 0x8924e1f8 Size: 121

Object: Hidden Code [Driver: NetBT, IRP_MJ_CLEANUP]
Process: System Address: 0x8924e1f8 Size: 121

Object: Hidden Code [Driver: NetBT, IRP_MJ_PNP]
Process: System Address: 0x8924e1f8 Size: 121

Object: Hidden Code [Driver: usbehci, IRP_MJ_CREATE]
Process: System Address: 0x897111f8 Size: 121

Object: Hidden Code [Driver: usbehci, IRP_MJ_CLOSE]
Process: System Address: 0x897111f8 Size: 121

Object: Hidden Code [Driver: usbehci, IRP_MJ_DEVICE_CONTROL]
Process: System Address: 0x897111f8 Size: 121

Object: Hidden Code [Driver: usbehci, IRP_MJ_INTERNAL_DEVICE_CONTROL]
Process: System Address: 0x897111f8 Size: 121

Object: Hidden Code [Driver: usbehci, IRP_MJ_POWER]
Process: System Address: 0x897111f8 Size: 121

Object: Hidden Code [Driver: usbehci, IRP_MJ_SYSTEM_CONTROL]
Process: System Address: 0x897111f8 Size: 121

Object: Hidden Code [Driver: usbehci, IRP_MJ_PNP]
Process: System Address: 0x897111f8 Size: 121

Object: Hidden Code [Driver: Rdbss, IRP_MJ_READ]
Process: System Address: 0x8960b230 Size: 11

Object: Hidden Code [Driver: Srv, IRP_MJ_READ]
Process: System Address: 0x88f56b20 Size: 11

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_CREATE]
Process: System Address: 0x891ef1f8 Size: 121

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_CREATE_NAMED_PIPE]
Process: System Address: 0x891ef1f8 Size: 121

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_CLOSE]
Process: System Address: 0x891ef1f8 Size: 121

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_READ]
Process: System Address: 0x892ab720 Size: 11

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_WRITE]
Process: System Address: 0x891ef1f8 Size: 121

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_QUERY_INFORMATION]
Process: System Address: 0x891ef1f8 Size: 121

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_SET_INFORMATION]
Process: System Address: 0x891ef1f8 Size: 121

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_QUERY_EA]
Process: System Address: 0x891ef1f8 Size: 121

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_SET_EA]
Process: System Address: 0x891ef1f8 Size: 121

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_FLUSH_BUFFERS]
Process: System Address: 0x891ef1f8 Size: 121

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_QUERY_VOLUME_INFORMATION]
Process: System Address: 0x891ef1f8 Size: 121

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_SET_VOLUME_INFORMATION]
Process: System Address: 0x891ef1f8 Size: 121

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_DIRECTORY_CONTROL]
Process: System Address: 0x891ef1f8 Size: 121

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_FILE_SYSTEM_CONTROL]
Process: System Address: 0x891ef1f8 Size: 121

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_DEVICE_CONTROL]
Process: System Address: 0x891ef1f8 Size: 121

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_INTERNAL_DEVICE_CONTROL]
Process: System Address: 0x891ef1f8 Size: 121

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_SHUTDOWN]
Process: System Address: 0x891ef1f8 Size: 121

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_LOCK_CONTROL]
Process: System Address: 0x891ef1f8 Size: 121

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_CLEANUP]
Process: System Address: 0x891ef1f8 Size: 121

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_CREATE_MAILSLOT]
Process: System Address: 0x891ef1f8 Size: 121

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_QUERY_SECURITY]
Process: System Address: 0x891ef1f8 Size: 121

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_SET_SECURITY]
Process: System Address: 0x891ef1f8 Size: 121

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_POWER]
Process: System Address: 0x891ef1f8 Size: 121

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_SYSTEM_CONTROL]
Process: System Address: 0x891ef1f8 Size: 121

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_DEVICE_CHANGE]
Process: System Address: 0x891ef1f8 Size: 121

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_QUERY_QUOTA]
Process: System Address: 0x891ef1f8 Size: 121

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_SET_QUOTA]
Process: System Address: 0x891ef1f8 Size: 121

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_PNP]
Process: System Address: 0x891ef1f8 Size: 121

Object: Hidden Code [Driver: Npfsȅఌ捁印, IRP_MJ_READ]
Process: System Address: 0x89851f18 Size: 11

Object: Hidden Code [Driver: Msfsࠅఆ剒敬掰, IRP_MJ_READ]
Process: System Address: 0x89844a00 Size: 11

Object: Hidden Code [Driver: Fs_Rec, IRP_MJ_READ]
Process: System Address: 0x8957e480 Size: 11

Object: Hidden Code [Driver: sys, IRP_MJ_CREATE]
Process: System Address: 0x896ca1f8 Size: 121

Object: Hidden Code [Driver: sys, IRP_MJ_CLOSE]
Process: System Address: 0x896ca1f8 Size: 121

Object: Hidden Code [Driver: sys, IRP_MJ_READ]
Process: System Address: 0x88f84280 Size: 11

Object: Hidden Code [Driver: sys, IRP_MJ_QUERY_INFORMATION]
Process: System Address: 0x896ca1f8 Size: 121

Object: Hidden Code [Driver: sys, IRP_MJ_SET_INFORMATION]
Process: System Address: 0x896ca1f8 Size: 121

Object: Hidden Code [Driver: sys, IRP_MJ_QUERY_VOLUME_INFORMATION]
Process: System Address: 0x896ca1f8 Size: 121

Object: Hidden Code [Driver: sys, IRP_MJ_DIRECTORY_CONTROL]
Process: System Address: 0x896ca1f8 Size: 121

Object: Hidden Code [Driver: sys, IRP_MJ_FILE_SYSTEM_CONTROL]
Process: System Address: 0x896ca1f8 Size: 121

Object: Hidden Code [Driver: sys, IRP_MJ_DEVICE_CONTROL]
Process: System Address: 0x896ca1f8 Size: 121

Object: Hidden Code [Driver: sys, IRP_MJ_SHUTDOWN]
Process: System Address: 0x896ca1f8 Size: 121

Object: Hidden Code [Driver: sys, IRP_MJ_LOCK_CONTROL]
Process: System Address: 0x896ca1f8 Size: 121

Object: Hidden Code [Driver: sys, IRP_MJ_CLEANUP]
Process: System Address: 0x896ca1f8 Size: 121

Object: Hidden Code [Driver: sys, IRP_MJ_PNP]
Process: System Address: 0x896ca1f8 Size: 121

==EOF==

Uz duzno postovanje prema AMF Timu,
x-Death-x
P.S Nakon sto sam napisao ovo x-Death-x(na kraju) pritisnuo sam dugme Pregled poruke i desio se gore navedeni Problem Br.1 u vezi Mozille Firefox

offline
  • magna86  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 21 Jun 2008
  • Poruke: 6103

Pozdrav.


Da li si ti instalirao Ultimate Keylogger ?

offline
  • Pridružio: 12 Avg 2008
  • Poruke: 708
  • Gde živiš: Bogu iza tregera!

Napisano: 12 Feb 2010 18:57

Da...sa Giveaway of the day...samo sam probavao kakav je...neznam da li je to uzrok problema??ako jeste...odmah ce da bude skinut...

I jos nesto..da li si ti mjenjao moj post...posto vidim nema code...jeli se to nesmije...ili je do mene nesto...?

Dopuna: 12 Feb 2010 18:58

p.s. to sam instalirao radi oca...voli da mi cacka po kompu...pa da znam sta je radio...on je opsjednut programima...a ja koristim samo one osnovne(PS,AI,DW...i jos neke)

offline
  • magna86  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 21 Jun 2008
  • Poruke: 6103

U redu je,samo mi je bilo bitno da li si ti instalirao taj program ili ne.

Sto se tice logova,cisti su. Nema tragova malware-a.

Sto se tice homepage-a: ( www.googlebreak.com )
C:\Program Files\ YouTubeMP3Downloader <--- ovo ti je podesilo taj home page.

Ovde smo zavrsili. Wink

offline
  • Pridružio: 12 Avg 2008
  • Poruke: 708
  • Gde živiš: Bogu iza tregera!

Napisano: 12 Feb 2010 19:37

Hvala mnogo!
Sada ce YTmp3DW da bude malo..."obradjen!"
Usput...
Mali off..
Dodao sam te na msn...hacker.de...da znas da nije neki...deseti...

Dopuna: 12 Feb 2010 19:39

A sta cu sa problemom 1...kome i gdje da se obratim za pomoc??
Mozes li mi navesti par stvari koje bi mogle biti uzrok tome??
Ili cu morati da reinstaliram MF...Ovo je prvi put da mi se desi u mojih...8 godina koriscenja MF-a

offline
  • magna86  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 21 Jun 2008
  • Poruke: 6103

Otvori novu temu u Windows forumu i obrati im se za pomoc.
Ovde nije mesto za takvu diskusiju. Wink

offline
  • Pridružio: 12 Avg 2008
  • Poruke: 708
  • Gde živiš: Bogu iza tregera!

Hvala na svemu...
I neka moderator(ili ako ti mozes) stavi katancic na ovu temu...posto smo zavrsili sa ovime...

Ko je trenutno na forumu
 

Ukupno su 826 korisnika na forumu :: 28 registrovanih, 7 sakrivenih i 791 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: A.R.Chafee.Jr., babaroga, Bane san, Battlehammer, ccoogg123, debeli, esx66, FileFinder, GandorCC, ivan1973, kovinacc, Kriglord, krkalon, kunktator, Leonov, Lieutenant, Marko Marković, Metanoja, Mi lao shu, milenko crazy north, Milometer, Milos ZA, mocnijogurt, Nemanja.M, raketaš, sasa87, Sirius, stegonosa