MyCity » Ambulanta -> Arhiva Ambulante » Provera Loga

Provera Loga

Napisano na dan: 2.5.2009

Provera Loga

Sledeća strana

Pagination

Odgovori

cvetko_a Poslao: 02 Maj 2009 20:56 Idi na vrh
offline cvetko_a Građanin Pridružio: 20 Feb 2005 Poruke: 297 Gde živiš: Vranje	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Molim Vas dami proverite ovaj log. Problem koji imam je dugo paljenje računara. Logfile of HijackThis v1.99.1 Scan saved at 20:43:23, on 2.5.2009 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.5730.0013) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\AGRSMMSG.exe C:\WINDOWS\RTHDCPL.EXE C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe E:\Sat-budilnik\AtomicAlarmClock\Atomic Alarm Clock\AtomicAlarmClock.exe C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\oodag.exe C:\WINDOWS\system32\PnkBstrA.exe C:\WINDOWS\system32\PnkBstrB.exe D:\Giveawey\RegistryDoctorPro\ARDPro\Advanced Registry Doctor\RegManServ.exe C:\Program Files\CyberLink\Shared Files\RichVideo.exe C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\WINDOWS\system32\svchost.exe E:\Hijack\Promena.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.co.uk/0SEENWW/SAOS01?FORM=TOOLBR R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file) O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - D:\Download\DownloadManager\Orbit\Orbitdownloader\orbitcth.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ievkbd.dll O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll O2 - BHO: Windows Live pomagac za prijavljivanje - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe O4 - HKLM\..\Run: [LtMoh] C:\Program Files\ltmoh\Ltmoh.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe" O4 - HKLM\..\Run: [TrueImageMonitor.exe] C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe O4 - HKLM\..\Run: [AcronisTimounterMonitor] C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe" O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [QuickTime Task] "D:\ObradaFilma\PowerDirector\qttask.exe" -atboottime O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [SkinClock] E:\Sat-budilnik\AtomicAlarmClock\Atomic Alarm Clock\AtomicAlarmClock.exe O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O8 - Extra context menu item: Add to Banner Ad Blocker - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ie_banner_deny.htm O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: Web traffic protection statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\SCIEPlgn.dll O9 - Extra button: Objavi ovo u blogu - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Objavi ovo u blogu u okviru usluge Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\WINDOWS\system32\shdocvw.dll O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\WINDOWS\system32\shdocvw.dll O9 - Extra button: RealGuide - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O10 - Unknown file in Winsock LSP: c:\program files\bonjour\mdnsnsp.dll O11 - Options group: [INTERNATIONAL] International* O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} - file:///C:/Program%20Files/Mystery%20Solitaire/Images/stg_drm.ocx O16 - DPF: {5D69485C-EAB1-42AE-93C1-B5A53F238C5A} (FileInterface Class) - https://rol.raiffeisenbank.rs/RaiffeisenDLL/FSINT.dll O16 - DPF: {5ED7F9D0-90D3-4001-A768-7E95C1768821} (FileInterface Class) - https://rol.raiffeisenbank.rs/RetailDLL/FSINT8.dll O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} - http://ma-config.com/activex/hardwaredetection_3_0_3_1.cab O16 - DPF: {8BA2FE8E-8506-11D4-BFE2-CB5FED326646} (Archive Class) - https://rol.raiffeisenbank.rs/RaiffeisenDLL/SAWZip.dll O16 - DPF: {A42DDE4E-DF36-4592-83B6-CCA28E770ABD} (Ebanking.Utility) - https://rol.raiffeisenbank.rs/RaiffeisenDLL/EbankingWWW.dll O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} (ArmHelper Control) - file:///C:/Program%20Files/Mystery%20Solitaire/Images/armhelper.ocx O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O16 - DPF: {EAC139A9-D22D-4C29-8D1C-252BE63750F9} - http://www.piclens.com/shared/plinstll.cab O16 - DPF: {F6FFAC18-CAD4-4054-9D49-D610286CE323} (SecAPI Class) - https://rol.raiffeisenbank.rs/RaiffeisenDLL/EBCSCC2A.dll O17 - HKLM\System\CCS\Services\Tcpip\..\{A83A36A2-2A64-4EB1-AFE9-C1A2B94E5A28}: NameServer = 213.244.255.2,213.244.255.3 O17 - HKLM\System\CCS\Services\Tcpip\..\{BA42E8A0-DE81-4909-83F2-8C72A285A168}: NameServer = 213.244.255.2,213.244.255.3 O17 - HKLM\System\CCS\Services\Tcpip\..\{CFA5F76F-555B-4FFD-9955-C8FD42DC5452}: NameServer = 213.244.255.2,213.244.255.3 O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WINDOW~3\MESSEN~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WINDOW~3\MESSEN~1\MSGRAP~1.DLL O18 - Protocol: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll O20 - Winlogon Notify: klogon - C:\WINDOWS\system32\klogon.dll O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Kaspersky Internet Security (AVP) - Unknown owner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe" -r (file missing) O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - D:\Magix\Common\Database\bin\fbserver.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe O23 - Service: Registry Management Service (RegManServ) - Unknown owner - D:\Giveawey\RegistryDoctorPro\ARDPro\Advanced Registry Doctor\RegManServ.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe O23 - Service: UPnPService - Magix AG - C:\Program Files\Common Files\MAGIX Shared\UPnPService\UPnPService.exe

Profil

dr_Bora Poslao: 02 Maj 2009 22:27 Idi na vrh
offline dr_Bora Anti Malware Fighter Rank 2 Pridružio: 24 Jul 2007 Poruke: 12280 Gde živiš: Höganäs, SE	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Pozdrav... Log je čist a pomenuti problem verovatno nema veze sa malware-om. No, ako ti sumnjaš da ima, možemo izvršiti dodatnu proveru. Preuzmi program RootRepeal na Desktop. Raspakuj RootRepeal.zip u neki folder. Dvoklikom pokreni RootRepeal.exe. Pređi na Report karticu (klikom na Report taster, dole, desno). Klikni Scan taster. U prozoru koji se otvori (Select Scan), obeleži kućice ispred svih stavki i klikni OK. U narednom prozoru (Select Drives) obeleži kućicu ispred sistemskog diska (obično C:\) i klikni OK. Po završetku procesa, klikni Save Report i sačuvaj izveštaj o skeniranju. Iskopiraj sadržaj tog izveštaja u iduću poruku.

Profil

cvetko_a Poslao: 03 Maj 2009 09:09 Idi na vrh
offline cvetko_a Građanin Pridružio: 20 Feb 2005 Poruke: 297 Gde živiš: Vranje	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! ROOTREPEAL (c) AD, 2007-2008 ================================================== Scan Time: 2009/05/03 08:58 Program Version: Version 1.2.3.0 Windows Version: Windows XP SP2 ================================================== Drivers ------------------- Name: Image Path: Address: 0xF782F000 Size: 98304 File Visible: No Status: - Name: Image Path: Address: 0x00000000 Size: 0 File Visible: No Status: - Name: 00000066 Image Path: \Driver\00000066 Address: 0x00000000 Size: 0 File Visible: No Status: - Name: giveio.sys Image Path: giveio.sys Address: 0xF7A50000 Size: 1664 File Visible: No Status: - Name: rootrepeal.sys Image Path: C:\WINDOWS\system32\drivers\rootrepeal.sys Address: 0xA3EF7000 Size: 45056 File Visible: No Status: - Hidden/Locked Files ------------------- Path: C:\WINDOWS\system32\config\system.LOG Status: Size mismatch (API: 1024, Raw: 20480) Path: C:\Documents and Settings\korisnik\Application Data\SecuROM\UserData\ЃϵϳЅЂϿϽϯІχϯπρϴϱЄϱЃϵϳЅ Status: Locked to the Windows API! Path: C:\Documents and Settings\korisnik\Application Data\SecuROM\UserData\ЃϵϳЅЂϿϽϯІχϯπρЂϻϵЉЃϵϳЅ Status: Locked to the Windows API! Path: C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\av52.tmp Status: Allocation size mismatch (API: 28565504, Raw: 0) Path: C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\av59.tmp Status: Allocation size mismatch (API: 28553216, Raw: 0) Path: C:\Documents and Settings\korisnik\Local Settings\Application Data\Microsoft\Messenger\hranca@hotmail.com\SharingMetadata\dragan.milena@hotmail.de\DFSR\Staging\CS{3E45E3E9-8768-91D2-E5CE-F418464DB002}\01\29-{3E45E3E9-8768-91D2-E5CE-F418464DB002}-v1-{F89BC910-6049-4284-A21A-AE2539CC7237}-v29-Downloaded.frx Status: Locked to the Windows API! Path: C:\Documents and Settings\korisnik\Local Settings\Application Data\Microsoft\Messenger\hranca@hotmail.com\SharingMetadata\dragan.milena@hotmail.de\DFSR\Staging\CS{3E45E3E9-8768-91D2-E5CE-F418464DB002}\12\12-{A9CB0F18-76F4-466A-8DC8-C53BA66C9AB4}-v12-{A9CB0F18-76F4-466A-8DC8-C53BA66C9AB4}-v12-Downloaded.frx Status: Locked to the Windows API! Path: C:\Documents and Settings\korisnik\Local Settings\Application Data\Microsoft\Messenger\hranca@hotmail.com\SharingMetadata\jovan_a96@hotmail.com\DFSR\Staging\CS{BF9452D5-0E5C-D10D-996E-1CD13ACACA41}\01\17-{BF9452D5-0E5C-D10D-996E-1CD13ACACA41}-v1-{F89BC910-6049-4284-A21A-AE2539CC7237}-v17-Downloaded.frx Status: Locked to the Windows API! Path: C:\Documents and Settings\korisnik\Local Settings\Application Data\Microsoft\Messenger\hranca@hotmail.com\SharingMetadata\manicslobodan@hotmail.com\DFSR\Staging\CS{2C421593-CC3E-74CB-9A9B-7C2855936169}\01\10-{2C421593-CC3E-74CB-9A9B-7C2855936169}-v1-{F89BC910-6049-4284-A21A-AE2539CC7237}-v10-Downloaded.frx Status: Locked to the Windows API! Path: C:\Documents and Settings\korisnik\Local Settings\Application Data\Microsoft\Messenger\hranca@hotmail.com\SharingMetadata\manicslobodan@hotmail.com\DFSR\Staging\CS{2C421593-CC3E-74CB-9A9B-7C2855936169}\11\11-{F89BC910-6049-4284-A21A-AE2539CC7237}-v11-{F89BC910-6049-4284-A21A-AE2539CC7237}-v11-Downloaded.frx Status: Locked to the Windows API! Path: C:\Documents and Settings\korisnik\Local Settings\Application Data\Microsoft\Messenger\hranca@hotmail.com\SharingMetadata\manicslobodan@hotmail.com\DFSR\Staging\CS{2C421593-CC3E-74CB-9A9B-7C2855936169}\12\12-{F89BC910-6049-4284-A21A-AE2539CC7237}-v12-{F89BC910-6049-4284-A21A-AE2539CC7237}-v12-Downloaded.frx Status: Locked to the Windows API! Path: C:\Documents and Settings\korisnik\Local Settings\Application Data\Microsoft\Messenger\hranca@hotmail.com\SharingMetadata\manicslobodan@hotmail.com\DFSR\Staging\CS{2C421593-CC3E-74CB-9A9B-7C2855936169}\15\15-{F89BC910-6049-4284-A21A-AE2539CC7237}-v15-{F89BC910-6049-4284-A21A-AE2539CC7237}-v15-Downloaded.frx Status: Locked to the Windows API! Path: C:\Documents and Settings\korisnik\Local Settings\Application Data\Microsoft\Messenger\hranca@hotmail.com\SharingMetadata\slobodan-manic@hotmail.com\DFSR\Staging\CS{25C26106-9A8B-0844-9E79-EA59AAB8C72B}\01\28-{25C26106-9A8B-0844-9E79-EA59AAB8C72B}-v1-{F89BC910-6049-4284-A21A-AE2539CC7237}-v28-Downloaded.frx Status: Locked to the Windows API! Path: C:\Documents and Settings\korisnik\Local Settings\Application Data\Microsoft\Messenger\hranca@hotmail.com\SharingMetadata\slobodan-manic@hotmail.com\DFSR\Staging\CS{25C26106-9A8B-0844-9E79-EA59AAB8C72B}\11\11-{8E5FA966-7F0E-4C65-A444-F9FD480C59EF}-v11-{8E5FA966-7F0E-4C65-A444-F9FD480C59EF}-v11-Downloaded.frx Status: Locked to the Windows API! Path: C:\Documents and Settings\korisnik\Local Settings\Application Data\Microsoft\Messenger\hranca@hotmail.com\SharingMetadata\slobodan-manic@hotmail.com\DFSR\Staging\CS{25C26106-9A8B-0844-9E79-EA59AAB8C72B}\11\11-{95BC613E-38A0-4363-8305-4095B9843B35}-v11-{95BC613E-38A0-4363-8305-4095B9843B35}-v11-Downloaded.frx Status: Locked to the Windows API! Path: C:\Documents and Settings\korisnik\Local Settings\Application Data\Microsoft\Messenger\hranca@hotmail.com\SharingMetadata\slobodan-manic@hotmail.com\DFSR\Staging\CS{25C26106-9A8B-0844-9E79-EA59AAB8C72B}\12\12-{95BC613E-38A0-4363-8305-4095B9843B35}-v12-{95BC613E-38A0-4363-8305-4095B9843B35}-v12-Downloaded.frx Status: Locked to the Windows API! Path: C:\Documents and Settings\korisnik\Local Settings\Application Data\Microsoft\Messenger\hranca@hotmail.com\SharingMetadata\slobodan-manic@hotmail.com\DFSR\Staging\CS{25C26106-9A8B-0844-9E79-EA59AAB8C72B}\13\13-{95BC613E-38A0-4363-8305-4095B9843B35}-v13-{95BC613E-38A0-4363-8305-4095B9843B35}-v13-Downloaded.frx Status: Locked to the Windows API! Path: C:\Documents and Settings\korisnik\Local Settings\Application Data\Microsoft\Messenger\hranca@hotmail.com\SharingMetadata\slobodan-manic@hotmail.com\DFSR\Staging\CS{25C26106-9A8B-0844-9E79-EA59AAB8C72B}\14\14-{95BC613E-38A0-4363-8305-4095B9843B35}-v14-{95BC613E-38A0-4363-8305-4095B9843B35}-v14-Downloaded.frx Status: Locked to the Windows API! Path: C:\Documents and Settings\korisnik\Local Settings\Application Data\Microsoft\Messenger\hranca@hotmail.com\SharingMetadata\slobodan-manic@hotmail.com\DFSR\Staging\CS{25C26106-9A8B-0844-9E79-EA59AAB8C72B}\15\15-{95BC613E-38A0-4363-8305-4095B9843B35}-v15-{95BC613E-38A0-4363-8305-4095B9843B35}-v15-Downloaded.frx Status: Locked to the Windows API! Path: C:\Documents and Settings\korisnik\Local Settings\Application Data\Microsoft\Messenger\hranca@hotmail.com\SharingMetadata\slobodan-manic@hotmail.com\DFSR\Staging\CS{25C26106-9A8B-0844-9E79-EA59AAB8C72B}\16\16-{95BC613E-38A0-4363-8305-4095B9843B35}-v16-{95BC613E-38A0-4363-8305-4095B9843B35}-v16-Downloaded.frx Status: Locked to the Windows API! Path: C:\Documents and Settings\korisnik\Local Settings\Application Data\Microsoft\Messenger\hranca@hotmail.com\SharingMetadata\slobodan-manic@hotmail.com\DFSR\Staging\CS{25C26106-9A8B-0844-9E79-EA59AAB8C72B}\17\17-{95BC613E-38A0-4363-8305-4095B9843B35}-v17-{95BC613E-38A0-4363-8305-4095B9843B35}-v17-Downloaded.frx Status: Locked to the Windows API! Path: C:\Documents and Settings\korisnik\Local Settings\Application Data\Microsoft\Messenger\hranca@hotmail.com\SharingMetadata\slobodan-manic@hotmail.com\DFSR\Staging\CS{25C26106-9A8B-0844-9E79-EA59AAB8C72B}\18\18-{95BC613E-38A0-4363-8305-4095B9843B35}-v18-{95BC613E-38A0-4363-8305-4095B9843B35}-v18-Downloaded.frx Status: Locked to the Windows API! Path: C:\Documents and Settings\korisnik\Local Settings\Application Data\Microsoft\Messenger\hranca@hotmail.com\SharingMetadata\slobodan-manic@hotmail.com\DFSR\Staging\CS{25C26106-9A8B-0844-9E79-EA59AAB8C72B}\19\19-{95BC613E-38A0-4363-8305-4095B9843B35}-v19-{95BC613E-38A0-4363-8305-4095B9843B35}-v19-Downloaded.frx Status: Locked to the Windows API! Path: C:\Documents and Settings\korisnik\Local Settings\Application Data\Microsoft\Messenger\hranca@hotmail.com\SharingMetadata\slobodan-manic@hotmail.com\DFSR\Staging\CS{25C26106-9A8B-0844-9E79-EA59AAB8C72B}\20\20-{95BC613E-38A0-4363-8305-4095B9843B35}-v20-{95BC613E-38A0-4363-8305-4095B9843B35}-v20-Downloaded.frx Status: Locked to the Windows API! Path: C:\Documents and Settings\korisnik\Local Settings\Application Data\Microsoft\Messenger\hranca@hotmail.com\SharingMetadata\slobodan-manic@hotmail.com\DFSR\Staging\CS{25C26106-9A8B-0844-9E79-EA59AAB8C72B}\21\21-{95BC613E-38A0-4363-8305-4095B9843B35}-v21-{95BC613E-38A0-4363-8305-4095B9843B35}-v21-Downloaded.frx Status: Locked to the Windows API! Path: C:\Documents and Settings\korisnik\Local Settings\Application Data\Microsoft\Messenger\hranca@hotmail.com\SharingMetadata\slobodan-manic@hotmail.com\DFSR\Staging\CS{25C26106-9A8B-0844-9E79-EA59AAB8C72B}\23\23-{95BC613E-38A0-4363-8305-4095B9843B35}-v23-{95BC613E-38A0-4363-8305-4095B9843B35}-v23-Downloaded.frx Status: Locked to the Windows API! Path: C:\Documents and Settings\korisnik\Local Settings\Application Data\Microsoft\Messenger\hranca@hotmail.com\SharingMetadata\slobodan-manic@hotmail.com\DFSR\Staging\CS{25C26106-9A8B-0844-9E79-EA59AAB8C72B}\24\24-{95BC613E-38A0-4363-8305-4095B9843B35}-v24-{95BC613E-38A0-4363-8305-4095B9843B35}-v24-Downloaded.frx Status: Locked to the Windows API! Path: C:\Documents and Settings\korisnik\Local Settings\Application Data\Microsoft\Messenger\hranca@hotmail.com\SharingMetadata\slobodan-manic@hotmail.com\DFSR\Staging\CS{25C26106-9A8B-0844-9E79-EA59AAB8C72B}\26\26-{95BC613E-38A0-4363-8305-4095B9843B35}-v26-{95BC613E-38A0-4363-8305-4095B9843B35}-v26-Downloaded.frx Status: Locked to the Windows API! Path: C:\Documents and Settings\korisnik\Local Settings\Application Data\Microsoft\Messenger\hranca@hotmail.com\SharingMetadata\slobodan-manic@hotmail.com\DFSR\Staging\CS{25C26106-9A8B-0844-9E79-EA59AAB8C72B}\27\27-{95BC613E-38A0-4363-8305-4095B9843B35}-v27-{95BC613E-38A0-4363-8305-4095B9843B35}-v27-Downloaded.frx Status: Locked to the Windows API! Path: C:\Documents and Settings\korisnik\Local Settings\Application Data\Microsoft\Messenger\hranca@hotmail.com\SharingMetadata\slobodan-manic@hotmail.com\DFSR\Staging\CS{25C26106-9A8B-0844-9E79-EA59AAB8C72B}\28\28-{8E5FA966-7F0E-4C65-A444-F9FD480C59EF}-v28-{8E5FA966-7F0E-4C65-A444-F9FD480C59EF}-v28-Partial.frx Status: Locked to the Windows API! Path: C:\Documents and Settings\korisnik\Local Settings\Application Data\Microsoft\Messenger\hranca@hotmail.com\SharingMetadata\slobodan-manic@hotmail.com\DFSR\Staging\CS{25C26106-9A8B-0844-9E79-EA59AAB8C72B}\28\28-{95BC613E-38A0-4363-8305-4095B9843B35}-v28-{95BC613E-38A0-4363-8305-4095B9843B35}-v28-Downloaded.frx Status: Locked to the Windows API! Path: C:\Documents and Settings\korisnik\Local Settings\Application Data\Microsoft\Messenger\hranca@hotmail.com\SharingMetadata\slobodan-manic@hotmail.com\DFSR\Staging\CS{25C26106-9A8B-0844-9E79-EA59AAB8C72B}\29\29-{95BC613E-38A0-4363-8305-4095B9843B35}-v29-{95BC613E-38A0-4363-8305-4095B9843B35}-v29-Downloaded.frx Status: Locked to the Windows API! Path: C:\Documents and Settings\korisnik\Local Settings\Application Data\Microsoft\Messenger\hranca@hotmail.com\SharingMetadata\slobodan-manic@hotmail.com\DFSR\Staging\CS{25C26106-9A8B-0844-9E79-EA59AAB8C72B}\30\30-{95BC613E-38A0-4363-8305-4095B9843B35}-v30-{95BC613E-38A0-4363-8305-4095B9843B35}-v30-Downloaded.frx Status: Locked to the Windows API! Path: C:\Documents and Settings\korisnik\Local Settings\Application Data\Microsoft\Messenger\hranca@hotmail.com\SharingMetadata\slobodan-manic@hotmail.com\DFSR\Staging\CS{25C26106-9A8B-0844-9E79-EA59AAB8C72B}\30\30-{F89BC910-6049-4284-A21A-AE2539CC7237}-v30-{F89BC910-6049-4284-A21A-AE2539CC7237}-v30-Downloaded.frx Status: Locked to the Windows API! Path: C:\Documents and Settings\korisnik\Local Settings\Application Data\Microsoft\Messenger\hranca@hotmail.com\SharingMetadata\slobodan-manic@hotmail.com\DFSR\Staging\CS{25C26106-9A8B-0844-9E79-EA59AAB8C72B}\31\31-{95BC613E-38A0-4363-8305-4095B9843B35}-v31-{95BC613E-38A0-4363-8305-4095B9843B35}-v31-Downloaded.frx Status: Locked to the Windows API! Path: C:\Documents and Settings\korisnik\Local Settings\Application Data\Microsoft\Messenger\hranca@hotmail.com\SharingMetadata\slobodan-manic@hotmail.com\DFSR\Staging\CS{25C26106-9A8B-0844-9E79-EA59AAB8C72B}\31\31-{F89BC910-6049-4284-A21A-AE2539CC7237}-v31-{F89BC910-6049-4284-A21A-AE2539CC7237}-v31-Downloaded.frx Status: Locked to the Windows API! Path: C:\Documents and Settings\korisnik\Local Settings\Application Data\Microsoft\Messenger\hranca@hotmail.com\SharingMetadata\slobodan-manic@hotmail.com\DFSR\Staging\CS{25C26106-9A8B-0844-9E79-EA59AAB8C72B}\32\32-{95BC613E-38A0-4363-8305-4095B9843B35}-v32-{95BC613E-38A0-4363-8305-4095B9843B35}-v32-Downloaded.frx Status: Locked to the Windows API! Path: C:\Documents and Settings\korisnik\Local Settings\Application Data\Microsoft\Messenger\hranca@hotmail.com\SharingMetadata\slobodan-manic@hotmail.com\DFSR\Staging\CS{25C26106-9A8B-0844-9E79-EA59AAB8C72B}\34\34-{95BC613E-38A0-4363-8305-4095B9843B35}-v34-{95BC613E-38A0-4363-8305-4095B9843B35}-v34-Downloaded.frx Status: Locked to the Windows API! Path: C:\Documents and Settings\korisnik\Local Settings\Application Data\Microsoft\Messenger\hranca@hotmail.com\SharingMetadata\slobodan-manic@hotmail.com\DFSR\Staging\CS{25C26106-9A8B-0844-9E79-EA59AAB8C72B}\35\35-{95BC613E-38A0-4363-8305-4095B9843B35}-v35-{95BC613E-38A0-4363-8305-4095B9843B35}-v35-Downloaded.frx Status: Locked to the Windows API! Path: C:\Documents and Settings\korisnik\Local Settings\Application Data\Microsoft\Messenger\hranca@hotmail.com\SharingMetadata\slobodan-manic@hotmail.com\DFSR\Staging\CS{25C26106-9A8B-0844-9E79-EA59AAB8C72B}\37\37-{95BC613E-38A0-4363-8305-4095B9843B35}-v37-{95BC613E-38A0-4363-8305-4095B9843B35}-v37-Downloaded.frx Status: Locked to the Windows API! Path: C:\Documents and Settings\korisnik\Local Settings\Application Data\Microsoft\Messenger\hranca@hotmail.com\SharingMetadata\slobodan-manic@hotmail.com\DFSR\Staging\CS{25C26106-9A8B-0844-9E79-EA59AAB8C72B}\38\38-{95BC613E-38A0-4363-8305-4095B9843B35}-v38-{95BC613E-38A0-4363-8305-4095B9843B35}-v38-Downloaded.frx Status: Locked to the Windows API! Path: C:\Documents and Settings\korisnik\Local Settings\Application Data\Microsoft\Messenger\hranca@hotmail.com\SharingMetadata\slobodan-manic@hotmail.com\DFSR\Staging\CS{25C26106-9A8B-0844-9E79-EA59AAB8C72B}\39\39-{95BC613E-38A0-4363-8305-4095B9843B35}-v39-{95BC613E-38A0-4363-8305-4095B9843B35}-v39-Downloaded.frx Status: Locked to the Windows API! Path: C:\Documents and Settings\korisnik\Local Settings\Application Data\Microsoft\Messenger\hranca@hotmail.com\SharingMetadata\slobodan-manic@hotmail.com\DFSR\Staging\CS{25C26106-9A8B-0844-9E79-EA59AAB8C72B}\40\40-{95BC613E-38A0-4363-8305-4095B9843B35}-v40-{95BC613E-38A0-4363-8305-4095B9843B35}-v40-Partial.frx Status: Locked to the Windows API! Path: C:\Documents and Settings\korisnik\Local Settings\Application Data\Microsoft\Messenger\hranca@hotmail.com\SharingMetadata\slobodan-manic@hotmail.com\DFSR\Staging\CS{25C26106-9A8B-0844-9E79-EA59AAB8C72B}\62\62-{F89BC910-6049-4284-A21A-AE2539CC7237}-v62-{F89BC910-6049-4284-A21A-AE2539CC7237}-v62-Downloaded.frx Status: Locked to the Windows API! Path: C:\Documents and Settings\korisnik\Local Settings\Application Data\Microsoft\Messenger\stefansoki@hotmail.com\SharingMetadata\slobodan-manic@hotmail.com\DFSR\Staging\CS{575546BD-D4DE-8B77-0823-1F64DFC06609}\01\10-{575546BD-D4DE-8B77-0823-1F64DFC06609}-v1-{94E22F66-56F5-4DC6-B854-E3CD35B32941}-v10-Downloaded.frx Status: Locked to the Windows API! Path: C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\retranslation\rollback\bases\av\emu\i386\klavemu.kdc:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS Status: Invisible to the Windows API! Path: C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\retranslation\rollback\bases\av\emu\i386\klavemu.kdc:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS Status: Invisible to the Windows API! Path: C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\retranslation\rollback\bases\av\emu\i386\klavemu.kdc:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS Status: Invisible to the Windows API! Path: C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\retranslation\rollback\bases\av\emu\i386\klavemu.kdc:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS Status: Invisible to the Windows API! Path: C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\retranslation\rollback\bases\av\emu\i386\klavemu.kdc:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS Status: Invisible to the Windows API! Path: C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\retranslation\rollback\bases\av\emu\i386\klavemu.kdc:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS Status: Invisible to the Windows API! Path: C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\retranslation\rollback\bases\av\emu\i386\klavemu.kdc:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS Status: Invisible to the Windows API! Path: C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\retranslation\rollback\bases\av\emu\i386\klavemu.kdc:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS Status: Invisible to the Windows API! Path: C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\retranslation\rollback\bases\av\emu\i386\klavemu.kdc:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS Status: Invisible to the Windows API! Path: C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\retranslation\rollback\bases\av\emu\i386\klavemu.kdc:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS Status: Invisible to the Windows API! Path: C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\retranslation\rollback\bases\av\emu\i386\klavemu.kdc:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS Status: Invisible to the Windows API! Path: C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\retranslation\rollback\bases\av\emu\i386\klavemu.kdc:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS Status: Invisible to the Windows API! Path: C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\retranslation\rollback\bases\av\emu\i386\klavemu.kdc:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS Status: Invisible to the Windows API! Path: C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\retranslation\rollback\bases\av\emu\i386\klavemu.kdc:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS Status: Invisible to the Windows API! Path: C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\retranslation\rollback\bases\av\emu\i386\klavemu.kdc:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS Status: Invisible to the Windows API! Path: C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\retranslation\rollback\bases\av\emu\i386\klavemu.kdc:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS Status: Invisible to the Windows API! Path: C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\retranslation\rollback\bases\av\emu\i386\klavemu.kdc:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS Status: Invisible to the Windows API! Path: C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\retranslation\rollback\bases\av\emu\i386\klavemu.kdc:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS Status: Invisible to the Windows API! Path: C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\retranslation\rollback\bases\av\emu\i386\klavemu.kdc:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS Status: Invisible to the Windows API! Path: C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\retranslation\rollback\bases\av\emu\i386\klavemu.kdc:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS Status: Invisible to the Windows API! Path: C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\retranslation\rollback\bases\av\emu\i386\klavemu.kdc:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS Status: Invisible to the Windows API! Path: C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\retranslation\rollback\bases\av\emu\i386\klavemu.kdc:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS Status: Invisible to the Windows API! Path: C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\retranslation\rollback\bases\av\emu\i386\klavemu.kdc:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 Status: Invisible to the Windows API! Path: C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\retranslation\rollback\bases\av\emu\i386\klavemu.kdc:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS Status: Invisible to the Windows API! Path: C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\retranslation\rollback\bases\av\emu\i386\klavemu.kdc:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS Status: Invisible to the Windows API! Path: C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\retranslation\rollback\bases\av\emu\i386\klavemu.kdc:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS Status: Invisible to the Windows API! Path: C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\retranslation\rollback\bases\av\emu\i386\klavemu.kdc:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS Status: Invisible to the Windows API! Path: C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\retranslation\rollback\bases\av\emu\i386\klavemu.kdc:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS Status: Invisible to the Windows API! Path: C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\retranslation\rollback\bases\av\emu\i386\klavemu.kdc:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS Status: Invisible to the Windows API! Path: C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\retranslation\rollback\bases\av\emu\i386\klavemu.kdc:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 Status: Invisible to the Windows API! Path: C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\retranslation\rollback\bases\av\emu\i386\klavemu.kdc:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.2 Status: Invisible to the Windows API! Path: C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\retranslation\rollback\bases\av\emu\i386\klavemu.kdc:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS Status: Invisible to the Windows API! Path: C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\retranslation\rollback\bases\av\emu\i386\klavemu.kdc:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 Status: Invisible to the Windows API! Path: C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\retranslation\rollback\bases\av\emu\i386\klavemu.kdc:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS Status: Invisible to the Windows API! Path: C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\retranslation\rollback\bases\av\emu\i386\klavemu.kdc:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS Status: Invisible to the Windows API! Path: C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\retranslation\rollback\bases\av\emu\i386\klavemu.kdc:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS Status: Invisible to the Windows API! Path: C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\retranslation\rollback\bases\av\emu\i386\klavemu.kdc:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS Status: Invisible to the Windows API! Path: C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\retranslation\rollback\bases\av\emu\i386\klavemu.kdc:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS Status: Invisible to the Windows API! Path: C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\retranslation\rollback\bases\av\emu\i386\klavemu.kdc:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS Status: Invisible to the Windows API! Path: C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\retranslation\rollback\bases\av\emu\i386\klavemu.kdc:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS Status: Invisible to the Windows API! Path: C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\retranslation\rollback\bases\av\emu\i386\klavemu.kdc:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS Status: Invisible to the Windows API! Path: C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\retranslation\rollback\bases\av\emu\i386\klavemu.kdc:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 Status: Invisible to the Windows API! Path: C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\retranslation\rollback\bases\av\emu\i386\klavemu.kdc:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS Status: Invisible to the Windows API! Path: C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\retranslation\rollback\bases\av\emu\i386\klavemu.kdc:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS Status: Invisible to the Windows API! SSDT ------------------- #: 011 Function Name: NtAdjustPrivilegesToken Status: Hooked by "C:\WINDOWS\system32\DRIVERS\klif.sys" at address 0xa660ca72 #: 025 Function Name: NtClose Status: Hooked by "C:\WINDOWS\system32\DRIVERS\klif.sys" at address 0xa660d01e #: 031 Function Name: NtConnectPort Status: Hooked by "C:\WINDOWS\system32\DRIVERS\klif.sys" at address 0xa660ea82 #: 037 Function Name: NtCreateFile Status: Hooked by "C:\WINDOWS\system32\DRIVERS\klif.sys" at address 0xa660e438 #: 041 Function Name: NtCreateKey Status: Hooked by "C:\WINDOWS\system32\DRIVERS\klif.sys" at address 0xa660c1e8 #: 045 Function Name: NtCreatePagingFile Status: Hooked by "d347bus.sys" at address 0xf74c2a20 #: 052 Function Name: NtCreateSymbolicLinkObject Status: Hooked by "C:\WINDOWS\system32\DRIVERS\klif.sys" at address 0xa66103e4 #: 053 Function Name: NtCreateThread Status: Hooked by "C:\WINDOWS\system32\DRIVERS\klif.sys" at address 0xa660ce1a #: 063 Function Name: NtDeleteKey Status: Hooked by "C:\WINDOWS\system32\DRIVERS\klif.sys" at address 0xa660c62a #: 065 Function Name: NtDeleteValueKey Status: Hooked by "C:\WINDOWS\system32\DRIVERS\klif.sys" at address 0xa660c82a #: 066 Function Name: NtDeviceIoControlFile Status: Hooked by "C:\WINDOWS\system32\DRIVERS\klif.sys" at address 0xa660e744 #: 068 Function Name: NtDuplicateObject Status: Hooked by "C:\WINDOWS\system32\DRIVERS\klif.sys" at address 0xa66108f0 #: 071 Function Name: NtEnumerateKey Status: Hooked by "C:\WINDOWS\system32\DRIVERS\klif.sys" at address 0xa660c940 #: 073 Function Name: NtEnumerateValueKey Status: Hooked by "C:\WINDOWS\system32\DRIVERS\klif.sys" at address 0xa660c9a8 #: 084 Function Name: NtFsControlFile Status: Hooked by "C:\WINDOWS\system32\DRIVERS\klif.sys" at address 0xa660e5fa #: 097 Function Name: NtLoadDriver Status: Hooked by "C:\WINDOWS\system32\DRIVERS\klif.sys" at address 0xa660fea8 #: 116 Function Name: NtOpenFile Status: Hooked by "C:\WINDOWS\system32\DRIVERS\klif.sys" at address 0xa660e294 #: 119 Function Name: NtOpenKey Status: Hooked by "C:\WINDOWS\system32\DRIVERS\klif.sys" at address 0xa660c34a #: 122 Function Name: NtOpenProcess Status: Hooked by "C:\WINDOWS\system32\DRIVERS\klif.sys" at address 0xa660cc40 #: 125 Function Name: NtOpenSection Status: Hooked by "C:\WINDOWS\system32\DRIVERS\klif.sys" at address 0xa661040e #: 128 Function Name: NtOpenThread Status: Hooked by "C:\WINDOWS\system32\DRIVERS\klif.sys" at address 0xa660cb96 #: 160 Function Name: NtQueryKey Status: Hooked by "C:\WINDOWS\system32\DRIVERS\klif.sys" at address 0xa660ca10 #: 161 Function Name: NtQueryMultipleValueKey Status: Hooked by "C:\WINDOWS\system32\DRIVERS\klif.sys" at address 0xa660c714 #: 177 Function Name: NtQueryValueKey Status: Hooked by "C:\WINDOWS\system32\DRIVERS\klif.sys" at address 0xa660c4f2 #: 180 Function Name: NtQueueApcThread Status: Hooked by "C:\WINDOWS\system32\DRIVERS\klif.sys" at address 0xa6610110 #: 193 Function Name: NtReplaceKey Status: Hooked by "C:\WINDOWS\system32\DRIVERS\klif.sys" at address 0xa660be6a #: 200 Function Name: NtRequestWaitReplyPort Status: Hooked by "C:\WINDOWS\system32\DRIVERS\klif.sys" at address 0xa660f30c #: 204 Function Name: NtRestoreKey Status: Hooked by "C:\WINDOWS\system32\DRIVERS\klif.sys" at address 0xa660bStealth Objects ------------------- Object: Hidden Code [Driver: Ntfs, IRP_MJ_CREATE] Process: System Address: 0x8af261d8 Size: - Object: Hidden Code [Driver: Ntfs, IRP_MJ_CLOSE] Process: System Address: 0x8af261d8 Size: - Object: Hidden Code [Driver: Ntfs, IRP_MJ_READ] Process: System Address: 0x8ae52bf0 Size: - Object: Hidden Code [Driver: Ntfs, IRP_MJ_WRITE] Process: System Address: 0x8af261d8 Size: - Object: Hidden Code [Driver: Ntfs, IRP_MJ_QUERY_INFORMATION] Process: System Address: 0x8af261d8 Size: - Object: Hidden Code [Driver: Ntfs, IRP_MJ_SET_INFORMATION] Process: System Address: 0x8af261d8 Size: - Object: Hidden Code [Driver: Ntfs, IRP_MJ_QUERY_EA] Process: System Address: 0x8af261d8 Size: - Object: Hidden Code [Driver: Ntfs, IRP_MJ_SET_EA] Process: System Address: 0x8af261d8 Size: - Object: Hidden Code [Driver: Ntfs, IRP_MJ_FLUSH_BUFFERS] Process: System Address: 0x8af261d8 Size: - Object: Hidden Code [Driver: Ntfs, IRP_MJ_QUERY_VOLUME_INFORMATION] Process: System Address: 0x8af261d8 Size: - Object: Hidden Code [Driver: Ntfs, IRP_MJ_SET_VOLUME_INFORMATION] Process: System Address: 0x8af261d8 Size: - Object: Hidden Code [Driver: Ntfs, IRP_MJ_DIRECTORY_CONTROL] Process: System Address: 0x8af261d8 Size: - Object: Hidden Code [Driver: Ntfs, IRP_MJ_FILE_SYSTEM_CONTROL] Process: System Address: 0x8af261d8 Size: - Object: Hidden Code [Driver: Ntfs, IRP_MJ_DEVICE_CONTROL] Process: System Address: 0x8af261d8 Size: - Object: Hidden Code [Driver: Ntfs, IRP_MJ_SHUTDOWN] Process: System Address: 0x8af261d8 Size: - Object: Hidden Code [Driver: Ntfs, IRP_MJ_LOCK_CONTROL] Process: System Address: 0x8af261d8 Size: - Object: Hidden Code [Driver: Ntfs, IRP_MJ_CLEANUP] Process: System Address: 0x8af261d8 Size: - Object: Hidden Code [Driver: Ntfs, IRP_MJ_QUERY_SECURITY] Process: System Address: 0x8af261d8 Size: - Object: Hidden Code [Driver: Ntfs, IRP_MJ_SET_SECURITY] Process: System Address: 0x8af261d8 Size: - Object: Hidden Code [Driver: Ntfs, IRP_MJ_QUERY_QUOTA] Process: System Address: 0x8af261d8 Size: - Object: Hidden Code [Driver: Ntfs, IRP_MJ_SET_QUOTA] Process: System Address: 0x8af261d8 Size: - Object: Hidden Code [Driver: Ntfs, IRP_MJ_PNP] Process: System Address: 0x8af261d8 Size: - Object: Hidden Code [Driver: Fastfat, IRP_MJ_CREATE] Process: System Address: 0x8a46f4f0 Size: - Object: Hidden Code [Driver: Fastfat, IRP_MJ_CLOSE] Process: System Address: 0x8a46f4f0 Size: - Object: Hidden Code [Driver: Fastfat, IRP_MJ_READ] Process: System Address: 0x8a73ec80 Size: - Object: Hidden Code [Driver: Fastfat, IRP_MJ_WRITE] Process: System Address: 0x8a46f4f0 Size: - Object: Hidden Code [Driver: Fastfat, IRP_MJ_QUERY_INFORMATION] Process: System Address: 0x8a46f4f0 Size: - Object: Hidden Code [Driver: Fastfat, IRP_MJ_SET_INFORMATION] Process: System Address: 0x8a46f4f0 Size: - Object: Hidden Code [Driver: Fastfat, IRP_MJ_QUERY_EA] Process: System Address: 0x8a46f4f0 Size: - Object: Hidden Code [Driver: Fastfat, IRP_MJ_SET_EA] Process: System Address: 0x8a46f4f0 Size: - Object: Hidden Code [Driver: Fastfat, IRP_MJ_FLUSH_BUFFERS] Process: System Address: 0x8a46f4f0 Size: - Object: Hidden Code [Driver: Fastfat, IRP_MJ_QUERY_VOLUME_INFORMATION] Process: System Address: 0x8a46f4f0 Size: - Object: Hidden Code [Driver: Fastfat, IRP_MJ_SET_VOLUME_INFORMATION] Process: System Address: 0x8a46f4f0 Size: - Object: Hidden Code [Driver: Fastfat, IRP_MJ_DIRECTORY_CONTROL] Process: System Address: 0x8a46f4f0 Size: - Object: Hidden Code [Driver: Fastfat, IRP_MJ_FILE_SYSTEM_CONTROL] Process: System Address: 0x8a46f4f0 Size: - Object: Hidden Code [Driver: Fastfat, IRP_MJ_DEVICE_CONTROL] Process: System Address: 0x8a46f4f0 Size: - Object: Hidden Code [Driver: Fastfat, IRP_MJ_SHUTDOWN] Process: System Address: 0x8a46f4f0 Size: - Object: Hidden Code [Driver: Fastfat, IRP_MJ_LOCK_CONTROL] Process: System Address: 0x8a46f4f0 Size: - Object: Hidden Code [Driver: Fastfat, IRP_MJ_CLEANUP] Process: System Address: 0x8a46f4f0 Size: - Object: Hidden Code [Driver: Fastfat, IRP_MJ_PNP] Process: System Address: 0x8a46f4f0 Size: - Object: Hidden Code [Driver: iteatapi, IRP_MJ_CREATE] Process: System Address: 0x8aeb31d8 Size: - Object: Hidden Code [Driver: iteatapi, IRP_MJ_CLOSE] Process: System Address: 0x8aeb31d8 Size: - Object: Hidden Code [Driver: iteatapi, IRP_MJ_DEVICE_CONTROL] Process: System Address: 0x8aeb31d8 Size: - Object: Hidden Code [Driver: iteatapi, IRP_MJ_INTERNAL_DEVICE_CONTROL] Process: System Address: 0x8aeb31d8 Size: - Object: Hidden Code [Driver: iteatapi, IRP_MJ_POWER] Process: System Address: 0x8aeb31d8 Size: - Object: Hidden Code [Driver: iteatapi, IRP_MJ_SYSTEM_CONTROL] Process: System Address: 0x8aeb31d8 Size: - Object: Hidden Code [Driver: iteatapi, IRP_MJ_PNP] Process: System Address: 0x8aeb31d8 Size: - Object: Hidden Code [Driver: atapi, IRP_MJ_CREATE] Process: System Address: 0x8a80f008 Size: - Object: Hidden Code [Driver: atapi, IRP_MJ_CREATE_NAMED_PIPE] Process: System Address: 0x8a80f008 Size: - Object: Hidden Code [Driver: atapi, IRP_MJ_CLOSE] Process: System Address: 0x8a80f008 Size: - Object: Hidden Code [Driver: atapi, IRP_MJ_READ] Process: System Address: 0x8a80f008 Size: - Object: Hidden Code [Driver: atapi, IRP_MJ_WRITE] Process: System Address: 0x8a80f008 Size: - Object: Hidden Code [Driver: atapi, IRP_MJ_QUERY_INFORMATION] Process: System Address: 0x8a80f008 Size: - Object: Hidden Code [Driver: atapi, IRP_MJ_SET_INFORMATION] Process: System Address: 0x8a80f008 Size: - Object: Hidden Code [Driver: atapi, IRP_MJ_QUERY_EA] Process: System Address: 0x8a80f008 Size: - Object: Hidden Code [Driver: atapi, IRP_MJ_SET_EA] Process: System Address: 0x8a80f008 Size: - Object: Hidden Code [Driver: atapi, IRP_MJ_FLUSH_BUFFERS] Process: System Address: 0x8a80f008 Size: - Object: Hidden Code [Driver: atapi, IRP_MJ_QUERY_VOLUME_INFORMATION] Process: System Address: 0x8a80f008 Size: - Object: Hidden Code [Driver: atapi, IRP_MJ_SET_VOLUME_INFORMATION] Process: System Address: 0x8a80f008 Size: - Object: Hidden Code [Driver: atapi, IRP_MJ_DIRECTORY_CONTROL] Process: System Address: 0x8a80f008 Size: - Object: Hidden Code [Driver: atapi, IRP_MJ_FILE_SYSTEM_CONTROL] Process: System Address: 0x8a80f008 Size: - Object: Hidden Code [Driver: atapi, IRP_MJ_DEVICE_CONTROL] Process: System Address: 0x8a80f008 Size: - Object: Hidden Code [Driver: atapi, IRP_MJ_INTERNAL_DEVICE_CONTROL] Process: System Address: 0x8a80f008 Size: - Object: Hidden Code [Driver: atapi, IRP_MJ_SHUTDOWN] Process: System Address: 0x8a80f008 Size: - Object: Hidden Code [Driver: atapi, IRP_MJ_LOCK_CONTROL] Process: System Address: 0x8a80f008 Size: - Object: Hidden Code [Driver: atapi, IRP_MJ_CLEANUP] Process: System Address: 0x8a80f008 Size: - Object: Hidden Code [Driver: atapi, IRP_MJ_CREATE_MAILSLOT] Process: System Address: 0x8a80f008 Size: - Object: Hidden Code [Driver: atapi, IRP_MJ_QUERY_SECURITY] Process: System Address: 0x8a80f008 Size: - Object: Hidden Code [Driver: atapi, IRP_MJ_SET_SECURITY] Process: System Address: 0x8a80f008 Size: - Object: Hidden Code [Driver: atapi, IRP_MJ_POWER] Process: System Address: 0x8a80f008 Size: - Object: Hidden Code [Driver: atapi, IRP_MJ_SYSTEM_CONTROL] Process: System Address: 0x8a80f008 Size: - Object: Hidden Code [Driver: atapi, IRP_MJ_DEVICE_CHANGE] Process: System Address: 0x8a80f008 Size: - Object: Hidden Code [Driver: atapi, IRP_MJ_QUERY_QUOTA] Process: System Address: 0x8a80f008 Size: - Object: Hidden Code [Driver: atapi, IRP_MJ_SET_QUOTA] Process: System Address: 0x8a80f008 Size: - Object: Hidden Code [Driver: atapi, IRP_MJ_PNP] Process: System Address: 0x8a80f008 Size: - Object: Hidden Code [Driver: Cdrom, IRP_MJ_CREATE] Process: System Address: 0x8a805008 Size: - Object: Hidden Code [Driver: Cdrom, IRP_MJ_CREATE_NAMED_PIPE] Process: System Address: 0x8a805008 Size: - Object: Hidden Code [Driver: Cdrom, IRP_MJ_CLOSE] Process: System Address: 0x8a805008 Size: - Object: Hidden Code [Driver: Cdrom, IRP_MJ_READ] Process: System Address: 0x8a805008 Size: - Object: Hidden Code [Driver: Cdrom, IRP_MJ_WRITE] Process: System Address: 0x8a805008 Size: - Object: Hidden Code [Driver: Cdrom, IRP_MJ_QUERY_INFORMATION] Process: System Address: 0x8a805008 Size: - Object: Hidden Code [Driver: Cdrom, IRP_MJ_SET_INFORMATION] Process: System Address: 0x8a805008 Size: - Object: Hidden Code [Driver: Cdrom, IRP_MJ_QUERY_EA] Process: System Address: 0x8a805008 Size: - Object: Hidden Code [Driver: Cdrom, IRP_MJ_SET_EA] Process: System Address: 0x8a805008 Size: - Object: Hidden Code [Driver: Cdrom, IRP_MJ_FLUSH_BUFFERS] Process: System Address: 0x8a805008 Size: - Object: Hidden Code [Driver: Cdrom, IRP_MJ_QUERY_VOLUME_INFORMATION] Process: System Address: 0x8a805008 Size: - Object: Hidden Code [Driver: Cdrom, IRP_MJ_SET_VOLUME_INFORMATION] Process: System Address: 0x8a805008 Size: - Object: Hidden Code [Driver: Cdrom, IRP_MJ_DIRECTORY_CONTROL] Process: System Address: 0x8a805008 Size: - Object: Hidden Code [Driver: Cdrom, IRP_MJ_FILE_SYSTEM_CONTROL] Process: System Address: 0x8a805008 Size: - Object: Hidden Code [Driver: Cdrom, IRP_MJ_DEVICE_CONTROL] Process: System Address: 0x8a805008 Size: - Object: Hidden Code [Driver: Cdrom, IRP_MJ_INTERNAL_DEVICE_CONTROL] Process: System Address: 0x8a805008 Size: - Object: Hidden Code [Driver: Cdrom, IRP_MJ_SHUTDOWN] Process: System Address: 0x8a805008 Size: - Object: Hidden Code [Driver: Cdrom, IRP_MJ_LOCK_CONTROL] Process: System Address: 0x8a805008 Size: - Object: Hidden Code [Driver: Cdrom, IRP_MJ_CLEANUP] Process: System Address: 0x8a805008 Size: - Object: Hidden Code [Driver: Cdrom, IRP_MJ_CREATE_MAILSLOT] Process: System Address: 0x8a805008 Size: - Object: Hidden Code [Driver: Cdrom, IRP_MJ_QUERY_SECURITY] Process: System Address: 0x8a805008 Size: - Object: Hidden Code [Driver: Cdrom, IRP_MJ_SET_SECURITY] Process: System Address: 0x8a805008 Size: - Object: Hidden Code [Driver: Cdrom, IRP_MJ_POWER] Process: System Address: 0x8a805008 Size: - Object: Hidden Code [Driver: Cdrom, IRP_MJ_SYSTEM_CONTROL] Process: System Address: 0x8a805008 Size: - Object: Hidden Code [Driver: Cdrom, IRP_MJ_DEVICE_CHANGE] Process: System Address: 0x8a805008 Size: - Object: Hidden Code [Driver: Cdrom, IRP_MJ_QUERY_QUOTA] Process: System Address: 0x8a805008 Size: - Object: Hidden Code [Driver: Cdrom, IRP_MJ_SET_QUOTA] Process: System Address: 0x8a805008 Size: - Object: Hidden Code [Driver: Cdrom, IRP_MJ_PNP] Process: System Address: 0x8a805008 Size: - Object: Hidden Code [Driver: dmio, IRP_MJ_CREATE] Process: System Address: 0x8af291d8 Size: - Object: Hidden Code [Driver: dmio, IRP_MJ_CLOSE] Process: System Address: 0x8af291d8 Size: - Object: Hidden Code [Driver: dmio, IRP_MJ_READ] Process: System Address: 0x8af291d8 Size: - Object: Hidden Code [Driver: dmio, IRP_MJ_WRITE] Process: System Address: 0x8af291d8 Size: - Object: Hidden Code [Driver: dmio, IRP_MJ_FLUSH_BUFFERS] Process: System Address: 0x8af291d8 Size: - Object: Hidden Code [Driver: dmio, IRP_MJ_DEVICE_CONTROL] Process: System Address: 0x8af291d8 Size: - Object: Hidden Code [Driver: dmio, IRP_MJ_INTERNAL_DEVICE_CONTROL] Process: System Address: 0x8af291d8 Size: - Object: Hidden Code [Driver: dmio, IRP_MJ_SHUTDOWN] Process: System Address: 0x8af291d8 Size: - Object: Hidden Code [Driver: dmio, IRP_MJ_POWER] Process: System Address: 0x8af291d8 Size: - Object: Hidden Code [Driver: dmio, IRP_MJ_SYSTEM_CONTROL] Process: System Address: 0x8af291d8 Size: - Object: Hidden Code [Driver: dmio, IRP_MJ_PNP] Process: System Address: 0x8af291d8 Size: - Object: Hidden Code [Driver: usbuhci, IRP_MJ_CREATE] Process: System Address: 0x8aaff4e0 Size: - Object: Hidden Code [Driver: usbuhci, IRP_MJ_CLOSE] Process: System Address: 0x8aaff4e0 Size: - Object: Hidden Code [Driver: usbuhci, IRP_MJ_DEVICE_CONTROL] Process: System Address: 0x8aaff4e0 Size: - Object: Hidden Code [Driver: usbuhci, IRP_MJ_INTERNAL_DEVICE_CONTROL] Process: System Address: 0x8aaff4e0 Size: - Object: Hidden Code [Driver: usbuhci, IRP_MJ_POWER] Process: System Address: 0x8aaff4e0 Size: - Object: Hidden Code [Driver: usbuhci, IRP_MJ_SYSTEM_CONTROL] Process: System Address: 0x8aaff4e0 Size: - Object: Hidden Code [Driver: usbuhci, IRP_MJ_PNP] Process: System Address: 0x8aaff4e0 Size: - Object: Hidden Code [Driver: Ftdisk, IRP_MJ_CREATE] Process: System Address: 0x8aeb51d8 Size: - Object: Hidden Code [Driver: Ftdisk, IRP_MJ_READ] Process: System Address: 0x8aeb51d8 Size: - Object: Hidden Code [Driver: Ftdisk, IRP_MJ_WRITE] Process: System Address: 0x8aeb51d8 Size: - Object: Hidden Code [Driver: Ftdisk, IRP_MJ_FLUSH_BUFFERS] Process: System Address: 0x8aeb51d8 Size: - Object: Hidden Code [Driver: Ftdisk, IRP_MJ_DEVICE_CONTROL] Process: System Address: 0x8aeb51d8 Size: - Object: Hidden Code [Driver: Ftdisk, IRP_MJ_INTERNAL_DEVICE_CONTROL] Process: System Address: 0x8aeb51d8 Size: - Object: Hidden Code [Driver: Ftdisk, IRP_MJ_SHUTDOWN] Process: System Address: 0x8aeb51d8 Size: - Object: Hidden Code [Driver: Ftdisk, IRP_MJ_CLEANUP] Process: System Address: 0x8aeb51d8 Size: - Object: Hidden Code [Driver: Ftdisk, IRP_MJ_POWER] Process: System Address: 0x8aeb51d8 Size: - Object: Hidden Code [Driver: Ftdisk, IRP_MJ_SYSTEM_CONTROL] Process: System Address: 0x8aeb51d8 Size: - Object: Hidden Code [Driver: Ftdisk, IRP_MJ_PNP] Process: System Address: 0x8aeb51d8 Size: - Object: Hidden Code [Driver: d347prt, IRP_MJ_CREATE] Process: System Address: 0x8a377de0 Size: - Object: Hidden Code [Driver: d347prt, IRP_MJ_CREATE_NAMED_PIPE] Process: System Address: 0x8a377de0 Size: - Object: Hidden Code [Driver: d347prt, IRP_MJ_CLOSE] Process: System Address: 0x8a377de0 Size: - Object: Hidden Code [Driver: d347prt, IRP_MJ_READ] Process: System Address: 0x8a377de0 Size: - Object: Hidden Code [Driver: d347prt, IRP_MJ_WRITE] Process: System Address: 0x8a377de0 Size: - Object: Hidden Code [Driver: d347prt, IRP_MJ_QUERY_INFORMATION] Process: System Address: 0x8a377de0 Size: - Object: Hidden Code [Driver: d347prt, IRP_MJ_SET_INFORMATION] Process: System Address: 0x8a377de0 Size: - Object: Hidden Code [Driver: d347prt, IRP_MJ_QUERY_EA] Process: System Address: 0x8a377de0 Size: - Object: Hidden Code [Driver: d347prt, IRP_MJ_SET_EA] Process: System Address: 0x8a377de0 Size: - Object: Hidden Code [Driver: d347prt, IRP_MJ_FLUSH_BUFFERS] Process: System Address: 0x8a377de0 Size: - Object: Hidden Code [Driver: d347prt, IRP_MJ_QUERY_VOLUME_INFORMATION] Process: System Address: 0x8a377de0 Size: - Object: Hidden Code [Driver: d347prt, IRP_MJ_SET_VOLUME_INFORMATION] Process: System Address: 0x8a377de0 Size: - Object: Hidden Code [Driver: d347prt, IRP_MJ_DIRECTORY_CONTROL] Process: System Address: 0x8a377de0 Size: - Object: Hidden Code [Driver: d347prt, IRP_MJ_FILE_SYSTEM_CONTROL] Process: System Address: 0x8a377de0 Size: - Object: Hidden Code [Driver: d347prt, IRP_MJ_DEVICE_CONTROL] Process: System Address: 0x8a377de0 Size: - Object: Hidden Code [Driver: d347prt, IRP_MJ_INTERNAL_DEVICE_CONTROL] Process: System Address: 0x8a377de0 Size: - Object: Hidden Code [Driver: d347prt, IRP_MJ_SHUTDOWN] Process: System Address: 0x8a377de0 Size: - Object: Hidden Code [Driver: d347prt, IRP_MJ_LOCK_CONTROL] Process: System Address: 0x8a377de0 Size: - Object: Hidden Code [Driver: d347prt, IRP_MJ_CLEANUP] Process: System Address: 0x8a377de0 Size: - Object: Hidden Code [Driver: d347prt, IRP_MJ_CREATE_MAILSLOT] Process: System Address: 0x8a377de0 Size: - Object: Hidden Code [Driver: d347prt, IRP_MJ_QUERY_SECURITY] Process: System Address: 0x8a377de0 Size: - Object: Hidden Code [Driver: d347prt, IRP_MJ_SET_SECURITY] Process: System Address: 0x8a377de0 Size: - Object: Hidden Code [Driver: d347prt, IRP_MJ_POWER] Process: System Address: 0x8a377de0 Size: - Object: Hidden Code [Driver: d347prt, IRP_MJ_SYSTEM_CONTROL] Process: System Address: 0x8a377de0 Size: - Object: Hidden Code [Driver: d347prt, IRP_MJ_DEVICE_CHANGE] Process: System Address: 0x8a377de0 Size: - Object: Hidden Code [Driver: d347prt, IRP_MJ_QUERY_QUOTA] Process: System Address: 0x8a377de0 Size: - Object: Hidden Code [Driver: d347prt, IRP_MJ_SET_QUOTA] Process: System Address: 0x8a377de0 Size: - Object: Hidden Code [Driver: d347prt, IRP_MJ_PNP] Process: System Address: 0x8a377de0 Size: - Object: Hidden Code [Driver: Vax347s, IRP_MJ_CREATE] Process: System Address: 0x8a42dc48 Size: - Object: Hidden Code [Driver: Vax347s, IRP_MJ_CREATE_NAMED_PIPE] Process: System Address: 0x8a42dc48 Size: - Object: Hidden Code [Driver: Vax347s, IRP_MJ_CLOSE] Process: System Address: 0x8a42dc48 Size: - Object: Hidden Code [Driver: Vax347s, IRP_MJ_READ] Process: System Address: 0x8a42dc48 Size: - Object: Hidden Code [Driver: Vax347s, IRP_MJ_WRITE] Process: System Address: 0x8a42dc48 Size: - Object: Hidden Code [Driver: Vax347s, IRP_MJ_QUERY_INFORMATION] Process: System Address: 0x8a42dc48 Size: - Object: Hidden Code [Driver: Vax347s, IRP_MJ_SET_INFORMATION] Process: System Address: 0x8a42dc48 Size: - Object: Hidden Code [Driver: Vax347s, IRP_MJ_QUERY_EA] Process: System Address: 0x8a42dc48 Size: - Object: Hidden Code [Driver: Vax347s, IRP_MJ_SET_EA] Process: System Address: 0x8a42dc48 Size: - Object: Hidden Code [Driver: Vax347s, IRP_MJ_FLUSH_BUFFERS] Process: System Address: 0x8a42dc48 Size: - Object: Hidden Code [Driver: Vax347s, IRP_MJ_QUERY_VOLUME_INFORMATION] Process: System Address: 0x8a42dc48 Size: - Object: Hidden Code [Driver: Vax347s, IRP_MJ_SET_VOLUME_INFORMATION] Process: System Address: 0x8a42dc48 Size: - Object: Hidden Code [Driver: Vax347s, IRP_MJ_DIRECTORY_CONTROL] Process: System Address: 0x8a42dc48 Size: - Object: Hidden Code [Driver: Vax347s, IRP_MJ_FILE_SYSTEM_CONTROL] Process: System Address: 0x8a42dc48 Size: - Object: Hidden Code [Driver: Vax347s, IRP_MJ_DEVICE_CONTROL] Process: System Address: 0x8a42dc48 Size: - Object: Hidden Code [Driver: Vax347s, IRP_MJ_INTERNAL_DEVICE_CONTROL] Process: System Address: 0x8a42dc48 Size: - Object: Hidden Code [Driver: Vax347s, IRP_MJ_SHUTDOWN] Process: System Address: 0x8a42dc48 Size: - Object: Hidden Code [Driver: Vax347s, IRP_MJ_LOCK_CONTROL] Process: System Address: 0x8a42dc48 Size: - Object: Hidden Code [Driver: Vax347s, IRP_MJ_CLEANUP] Process: System Address: 0x8a42dc48 Size: - Object: Hidden Code [Driver: Vax347s, IRP_MJ_CREATE_MAILSLOT] Process: System Address: 0x8a42dc48 Size: - Object: Hidden Code [Driver: Vax347s, IRP_MJ_QUERY_SECURITY] Process: System Address: 0x8a42dc48 Size: - Object: Hidden Code [Driver: Vax347s, IRP_MJ_SET_SECURITY] Process: System Address: 0x8a42dc48 Size: - Object: Hidden Code [Driver: Vax347s, IRP_MJ_POWER] Process: System Address: 0x8a42dc48 Size: - Object: Hidden Code [Driver: Vax347s, IRP_MJ_SYSTEM_CONTROL] Process: System Address: 0x8a42dc48 Size: - Object: Hidden Code [Driver: Vax347s, IRP_MJ_DEVICE_CHANGE] Process: System Address: 0x8a42dc48 Size: - Object: Hidden Code [Driver: Vax347s, IRP_MJ_QUERY_QUOTA] Process: System Address: 0x8a42dc48 Size: - Object: Hidden Code [Driver: Vax347s, IRP_MJ_SET_QUOTA] Process: System Address: 0x8a42dc48 Size: - Object: Hidden Code [Driver: Vax347s, IRP_MJ_PNP] Process: System Address: 0x8a42dc48 Size: - Object: Hidden Code [Driver: FVDSCSI, IRP_MJ_CREATE] Process: System Address: 0x8a627b18 Size: - Object: Hidden Code [Driver: FVDSCSI, IRP_MJ_CREATE_NAMED_PIPE] Process: System Address: 0x8a627b18 Size: - Object: Hidden Code [Driver: FVDSCSI, IRP_MJ_CLOSE] Process: System Address: 0x8a627b18 Size: - Object: Hidden Code [Driver: FVDSCSI, IRP_MJ_READ] Process: System Address: 0x8a627b18 Size: - Object: Hidden Code [Driver: FVDSCSI, IRP_MJ_WRITE] Process: System Address: 0x8a627b18 Size: - Object: Hidden Code [Driver: FVDSCSI, IRP_MJ_QUERY_INFORMATION] Process: System Address: 0x8a627b18 Size: - Object: Hidden Code [Driver: FVDSCSI, IRP_MJ_SET_INFORMATION] Process: System Address: 0x8a627b18 Size: - Object: Hidden Code [Driver: FVDSCSI, IRP_MJ_QUERY_EA] Process: System Address: 0x8a627b18 Size: - Object: Hidden Code [Driver: FVDSCSI, IRP_MJ_SET_EA] Process: System Address: 0x8a627b18 Size: - Object: Hidden Code [Driver: FVDSCSI, IRP_MJ_FLUSH_BUFFERS] Process: System Address: 0x8a627b18 Size: - Object: Hidden Code [Driver: FVDSCSI, IRP_MJ_QUERY_VOLUME_INFORMATION] Process: System Address: 0x8a627b18 Size: - Object: Hidden Code [Driver: FVDSCSI, IRP_MJ_SET_VOLUME_INFORMATION] Process: System Address: 0x8a627b18 Size: - Object: Hidden Code [Driver: FVDSCSI, IRP_MJ_DIRECTORY_CONTROL] Process: System Address: 0x8a627b18 Size: - Object: Hidden Code [Driver: FVDSCSI, IRP_MJ_FILE_SYSTEM_CONTROL] Process: System Address: 0x8a627b18 Size: - Object: Hidden Code [Driver: FVDSCSI, IRP_MJ_DEVICE_CONTROL] Process: System Address: 0x8a627b18 Size: - Object: Hidden Code [Driver: FVDSCSI, IRP_MJ_INTERNAL_DEVICE_CONTROL] Process: System Address: 0x8a627b18 Size: - Object: Hidden Code [Driver: FVDSCSI, IRP_MJ_SHUTDOWN] Process: System Address: 0x8a627b18 Size: - Object: Hidden Code [Driver: FVDSCSI, IRP_MJ_LOCK_CONTROL] Process: System Address: 0x8a627b18 Size: - Object: Hidden Code [Driver: FVDSCSI, IRP_MJ_CLEANUP] Process: System Address: 0x8a627b18 Size: - Object: Hidden Code [Driver: FVDSCSI, IRP_MJ_CREATE_MAILSLOT] Process: System Address: 0x8a627b18 Size: - Object: Hidden Code [Driver: FVDSCSI, IRP_MJ_QUERY_SECURITY] Process: System Address: 0x8a627b18 Size: - Object: Hidden Code [Driver: FVDSCSI, IRP_MJ_SET_SECURITY] Process: System Address: 0x8a627b18 Size: - Object: Hidden Code [Driver: FVDSCSI, IRP_MJ_POWER] Process: System Address: 0x8a627b18 Size: - Object: Hidden Code [Driver: FVDSCSI, IRP_MJ_SYSTEM_CONTROL] Process: System Address: 0x8a627b18 Size: - Object: Hidden Code [Driver: FVDSCSI, IRP_MJ_DEVICE_CHANGE] Process: System Address: 0x8a627b18 Size: - Object: Hidden Code [Driver: FVDSCSI, IRP_MJ_QUERY_QUOTA] Process: System Address: 0x8a627b18 Size: - Object: Hidden Code [Driver: FVDSCSI, IRP_MJ_SET_QUOTA] Process: System Address: 0x8a627b18 Size: - Object: Hidden Code [Driver: FVDSCSI, IRP_MJ_PNP] Process: System Address: 0x8a627b18 Size: - Object: Hidden Code [Driver: NetBT, IRP_MJ_CREATE] Process: System Address: 0x8a7df980 Size: - Object: Hidden Code [Driver: NetBT, IRP_MJ_CLOSE] Process: System Address: 0x8a7df980 Size: - Object: Hidden Code [Driver: NetBT, IRP_MJ_DEVICE_CONTROL] Process: System Address: 0x8a7df980 Size: - Object: Hidden Code [Driver: NetBT, IRP_MJ_INTERNAL_DEVICE_CONTROL] Process: System Address: 0x8a7df980 Size: - Object: Hidden Code [Driver: NetBT, IRP_MJ_CLEANUP] Process: System Address: 0x8a7df980 Size: - Object: Hidden Code [Driver: NetBT, IRP_MJ_PNP] Process: System Address: 0x8a7df980 Size: - Object: Hidden Code [Driver: Rdbss, IRP_MJ_READ] Process: System Address: 0x8a766e18 Size: - Object: Hidden Code [Driver: MRxSmb, IRP_MJ_CREATE] Process: System Address: 0x8a7b64a0 Size: - Object: Hidden Code [Driver: MRxSmb, IRP_MJ_CREATE_NAMED_PIPE] Process: System Address: 0x8a7b64a0 Size: - Object: Hidden Code [Driver: MRxSmb, IRP_MJ_CLOSE] Process: System Address: 0x8a7b64a0 Size: - Object: Hidden Code [Driver: MRxSmb, IRP_MJ_READ] Process: System Address: 0x8a7ca6e8 Size: - Object: Hidden Code [Driver: MRxSmb, IRP_MJ_WRITE] Process: System Address: 0x8a7b64a0 Size: - Object: Hidden Code [Driver: MRxSmb, IRP_MJ_QUERY_INFORMATION] Process: System Address: 0x8a7b64a0 Size: - Object: Hidden Code [Driver: MRxSmb, IRP_MJ_SET_INFORMATION] Process: System Address: 0x8a7b64a0 Size: - Object: Hidden Code [Driver: MRxSmb, IRP_MJ_QUERY_EA] Process: System Address: 0x8a7b64a0 Size: - Object: Hidden Code [Driver: MRxSmb, IRP_MJ_SET_EA] Process: System Address: 0x8a7b64a0 Size: - Object: Hidden Code [Driver: MRxSmb, IRP_MJ_FLUSH_BUFFERS] Process: System Address: 0x8a7b64a0 Size: - Object: Hidden Code [Driver: MRxSmb, IRP_MJ_QUERY_VOLUME_INFORMATION] Process: System Address: 0x8a7b64a0 Size: - Object: Hidden Code [Driver: MRxSmb, IRP_MJ_SET_VOLUME_INFORMATION] Process: System Address: 0x8a7b64a0 Size: - Object: Hidden Code [Driver: MRxSmb, IRP_MJ_DIRECTORY_CONTROL] Process: System Address: 0x8a7b64a0 Size: - Object: Hidden Code [Driver: MRxSmb, IRP_MJ_FILE_SYSTEM_CONTROL] Process: System Address: 0x8a7b64a0 Size: - Object: Hidden Code [Driver: MRxSmb, IRP_MJ_DEVICE_CONTROL] Process: System Address: 0x8a7b64a0 Size: - Object: Hidden Code [Driver: MRxSmb, IRP_MJ_INTERNAL_DEVICE_CONTROL] Process: System Address: 0x8a7b64a0 Size: - Object: Hidden Code [Driver: MRxSmb, IRP_MJ_SHUTDOWN] Process: System Address: 0x8a7b64a0 Size: - Object: Hidden Code [Driver: MRxSmb, IRP_MJ_LOCK_CONTROL] Process: System Address: 0x8a7b64a0 Size: - Object: Hidden Code [Driver: MRxSmb, IRP_MJ_CLEANUP] Process: System Address: 0x8a7b64a0 Size: - Object: Hidden Code [Driver: MRxSmb, IRP_MJ_CREATE_MAILSLOT] Process: System Address: 0x8a7b64a0 Size: - Object: Hidden Code [Driver: MRxSmb, IRP_MJ_QUERY_SECURITY] Process: System Address: 0x8a7b64a0 Size: - Object: Hidden Code [Driver: MRxSmb, IRP_MJ_SET_SECURITY] Process: System Address: 0x8a7b64a0 Size: - Object: Hidden Code [Driver: MRxSmb, IRP_MJ_POWER] Process: System Address: 0x8a7b64a0 Size: - Object: Hidden Code [Driver: MRxSmb, IRP_MJ_SYSTEM_CONTROL] Process: System Address: 0x8a7b64a0 Size: - Object: Hidden Code [Driver: MRxSmb, IRP_MJ_DEVICE_CHANGE] Process: System Address: 0x8a7b64a0 Size: - Object: Hidden Code [Driver: MRxSmb, IRP_MJ_QUERY_QUOTA] Process: System Address: 0x8a7b64a0 Size: - Object: Hidden Code [Driver: MRxSmb, IRP_MJ_SET_QUOTA] Process: System Address: 0x8a7b64a0 Size: - Object: Hidden Code [Driver: MRxSmb, IRP_MJ_PNP] Process: System Address: 0x8a7b64a0 Size: - Object: Hidden Code [Driver: Npfs؅灐䕅؁ం扏楄菘逰詛؂ఆ剒敬, IRP_MJ_READ] Process: System Address: 0x8a979290 Size: - Object: Hidden Code [Driver: Msfsࠅఊ䵃慖, IRP_MJ_READ] Process: System Address: 0x8af37298 Size: - Object: Hidden Code [Driver: Fs_Rec, IRP_MJ_READ] Process: System Address: 0x8aafafb0 Size: - Object: Hidden Code [Driver: CdfsЅ䱋湲Ё఍敓Ĩ, IRP_MJ_CREATE] Process: System Address: 0x8a6b24b8 Size: - Object: Hidden Code [Driver: CdfsЅ䱋湲Ё఍敓Ĩ, IRP_MJ_CLOSE] Process: System Address: 0x8a6b24b8 Size: - Object: Hidden Code [Driver: CdfsЅ䱋湲Ё఍敓Ĩ, IRP_MJ_READ] Process: System Address: 0x8a5d7230 Size: - Object: Hidden Code [Driver: CdfsЅ䱋湲Ё఍敓Ĩ, IRP_MJ_QUERY_INFORMATION] Process: System Address: 0x8a6b24b8 Size: - Object: Hidden Code [Driver: CdfsЅ䱋湲Ё఍敓Ĩ, IRP_MJ_SET_INFORMATION] Process: System Address: 0x8a6b24b8 Size: - Object: Hidden Code [Driver: CdfsЅ䱋湲Ё఍敓Ĩ, IRP_MJ_QUERY_VOLUME_INFORMATION] Process: System Address: 0x8a6b24b8 Size: - Object: Hidden Code [Driver: CdfsЅ䱋湲Ё఍敓Ĩ, IRP_MJ_DIRECTORY_CONTROL] Process: System Address: 0x8a6b24b8 Size: - Object: Hidden Code [Driver: CdfsЅ䱋湲Ё఍敓Ĩ, IRP_MJ_FILE_SYSTEM_CONTROL] Process: System Address: 0x8a6b24b8 Size: - Object: Hidden Code [Driver: CdfsЅ䱋湲Ё఍敓Ĩ, IRP_MJ_DEVICE_CONTROL] Process: System Address: 0x8a6b24b8 Size: - Object: Hidden Code [Driver: CdfsЅ䱋湲Ё఍敓Ĩ, IRP_MJ_SHUTDOWN] Process: System Address: 0x8a6b24b8 Size: - Object: Hidden Code [Driver: CdfsЅ䱋湲Ё఍敓Ĩ, IRP_MJ_LOCK_CONTROL] Process: System Address: 0x8a6b24b8 Size: - Object: Hidden Code [Driver: CdfsЅ䱋湲Ё఍敓Ĩ, IRP_MJ_CLEANUP] Process: System Address: 0x8a6b24b8 Size: - Object: Hidden Code [Driver: CdfsЅ䱋湲Ё఍敓Ĩ, IRP_MJ_PNP] Process: System Address: 0x8a6b24b8 Size: -

Profil

dr_Bora Poslao: 03 Maj 2009 10:05 Idi na vrh
offline dr_Bora Anti Malware Fighter Rank 2 Pridružio: 24 Jul 2007 Poruke: 12280 Gde živiš: Höganäs, SE	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Ovo izgleda čisto.

Profil

cvetko_a Poslao: 03 Maj 2009 18:32 Idi na vrh
offline cvetko_a Građanin Pridružio: 20 Feb 2005 Poruke: 297 Gde živiš: Vranje	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Hvala na proveri.

Profil

MyCity » Ambulanta -> Arhiva Ambulante » Provera Loga

Ko je trenutno na forumu

Ukupno su 818 korisnika na forumu :: 33 registrovanih, 3 sakrivenih i 782 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: Areal84, Bobrock1, cifra, cvrle312, DejanSt, Dimitrise93, djboj, Dogma21, Dorcolac, Duh sa sekirom, esx66, HrcAk47, ikan, kolle.the.kid, KUZMAR, ljuba, maCvele, MB120mm, mikrimaus, minmatar34957, Mixelotti, nick79, operniki, Penzula, RJ, rodoljub, shaja1, Srky Boy, Sumadija34, Trpe Grozni, vathra, VP6919, zlaya011

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by