Tstatura problem mijesa slova

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Uloguj se preko Facebooka da bi skinuo fajl:

Imam problem sa tastaturom , mijesa mi redosled slova koja ukucam sa tastature, npr. ukucam "kompjuter" a ona izbaci "uterkompj", ukucam "tastatura" on izbaci "turatasta". Taj problem pravi samo na mom racunaru, probao sam je na drugim racunarima super radi.

Evo DDS fajla:


DDS (Ver_10-03-17.01) - NTFSx86
Run by Amra at 21:20:00,48 on sub 26.06.2010
Internet Explorer: 6.0.2900.5512
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.511.137 [GMT 2:00]

AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}

============== Running Processes ===============

C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
C:\Program Files\AVG\AVG9\avgchsvx.exe
C:\Program Files\AVG\AVG9\avgrsx.exe
svchost.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\Program Files\AVG\AVG9\avgwdsvc.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\PROGRA~1\AVG\AVG9\avgtray.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\AVG\AVG9\avgemc.exe
C:\WINDOWS\PixArt\PAC207\Monitor.exe
C:\Program Files\Hewlett-Packard\OrderReminder\OrderReminder.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\AVG\AVG9\avgnsx.exe
C:\Program Files\RocketDock\RocketDock.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\Program Files\T-Mobile\web'n'walk Manager\web'n'walk Manager.exe
C:\Program Files\Opera\opera.exe
C:\Documents and Settings\Amra\Desktop\tastatura problem\dds.scr

============== Pseudo HJT Report ===============

BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg9\avgssie.dll
BHO: Skype add-on for Internet Explorer: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: PDFCreator Toolbar Helper: {c451c08a-ec37-45df-aaad-18b51ab5e837} - c:\program files\pdfcreator toolbar\v3.3.0.1\PDFCreator_Toolbar.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: PDFCreator Toolbar: {31cf9ebe-5755-4a1d-ac25-2834d952d9b4} - c:\program files\pdfcreator toolbar\v3.3.0.1\PDFCreator_Toolbar.dll
uRun: [RocketDock] "c:\program files\rocketdock\RocketDock.exe"
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [AVG9_TRAY] c:\progra~1\avg\avg9\avgtray.exe
mRun: [ATIModeChange] Ati2mdxx.exe
mRun: [NeroFilterCheck] c:\windows\system32\NeroCheck.exe
mRun: [WinampAgent] "c:\program files\winamp\winampa.exe"
mRun: [RemoteControl] "c:\program files\cyberlink\powerdvd\PDVDServ.exe"
mRun: [BMISR] c:\program files\kye\webmate\BM.exe
mRun: [PAC207_Monitor] c:\windows\pixart\pac207\Monitor.exe
mRun: [Monitor] c:\windows\pixart\pac207\Monitor.exe
mRun: [OrderReminder] c:\program files\hewlett-packard\orderreminder\OrderReminder.exe
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [run32] c:\win\lsass.exe
StartupFolder: c:\docume~1\amra\startm~1\programs\startup\limewi~1.lnk - c:\program files\limewire\LimeWire.exe
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1270057453602
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab
TCP: {D3810126-D97F-4D0E-8386-03AD9B76E265} = 195.66.189.137 195.66.189.138
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg9\avgpp.dll
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Notify: avgrsstarter - avgrsstx.dll

============= SERVICES / DRIVERS ===============

R0 a347bus;a347bus;c:\windows\system32\drivers\a347bus.sys [2010-4-1 160640]
R0 a347scsi;a347scsi;c:\windows\system32\drivers\a347scsi.sys [2010-4-1 5248]
R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2010-3-31 216200]
R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86;c:\windows\system32\drivers\avgmfx86.sys [2010-3-31 29584]
R1 AvgTdiX;AVG Free Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2010-3-31 242896]
R2 avg9emc;AVG Free E-mail Scanner;c:\program files\avg\avg9\avgemc.exe [2010-3-31 916760]
R2 avg9wd;AVG Free WatchDog;c:\program files\avg\avg9\avgwdsvc.exe [2010-3-31 308064]
S3 PAC207;Eye 110;c:\windows\system32\drivers\PFC027.SYS [2010-4-1 616064]

=============== Created Last 30 ================

2010-06-23 20:00:47 0 d-sh--r- C:\Win
2010-06-13 20:32:31 21504 -c--a-w- c:\windows\system32\dllcache\hidserv.dll
2010-06-13 20:32:31 21504 ----a-w- c:\windows\system32\hidserv.dll
2010-06-13 20:32:15 14592 -c--a-w- c:\windows\system32\dllcache\kbdhid.sys
2010-06-13 20:32:15 14592 ----a-w- c:\windows\system32\drivers\kbdhid.sys
2010-05-31 19:39:39 0 d-----w- c:\docume~1\amra\applic~1\OpenOffice.org
2010-05-31 19:36:11 0 d-----w- c:\program files\JRE
2010-05-31 19:35:46 0 d-----w- c:\program files\OpenOffice.org 3
2010-05-31 19:35:12 411368 ----a-w- c:\windows\system32\deploytk.dll
2010-05-30 17:36:25 1626 ----a-w- C:\ssid2key.py

==================== Find3M ====================

2010-06-06 11:38:32 242896 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2010-03-31 23:09:25 253139 ----a-w- c:\windows\PDFCreator_Toolbar_Uninstaller_7785.exe
2010-03-31 17:33:28 12464 ----a-w- c:\windows\system32\avgrsstx.dll
2010-03-31 17:09:05 21640 ----a-w- c:\windows\system32\emptyregdb.dat
2009-03-03 23:52:58 1626 ----a-w- c:\program files\ssid2key.py

============= FINISH: 21:20:27,27 ===============


Evo Attach fajla:


UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_10-03-17.01)

Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 31.3.2010 19:16:37
System Uptime: 26.6.2010 20:35:43 (1 hours ago)

Motherboard: Dell Computer Corporation | | 04P240
Processor: Mobile Intel(R) Pentium(R) 4 - M CPU 2.00GHz | Microprocessor | 1994/133mhz

==== Disk Partitions =========================

C: is FIXED (NTFS) - 20 GiB total, 11,596 GiB free.
D: is FIXED (NTFS) - 18 GiB total, 7,91 GiB free.
E: is CDROM ()
F: is CDROM (CDFS)
G: is CDROM (CDFS)

==== Disabled Device Manager Items =============

Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: Dell TrueMobile 1150 Series Wireless LAN Mini PCI Card
Device ID: PCMCIA\DELL-TRUEMOBILE_1150_SERIES_PC_CARD-C043\1
Manufacturer: Dell Corporation
Name: Dell TrueMobile 1150 Series Wireless LAN Mini PCI Card
PNP Device ID: PCMCIA\DELL-TRUEMOBILE_1150_SERIES_PC_CARD-C043\1
Service: wlluc48

Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Description: PCI Modem
Device ID: PCI\VEN_8086&DEV_2486&SUBSYS_4C21134D&REV_02\3&61AAA01&0&FE
Manufacturer:
Name: PCI Modem
PNP Device ID: PCI\VEN_8086&DEV_2486&SUBSYS_4C21134D&REV_02\3&61AAA01&0&FE
Service:

==== System Restore Points ===================

RP9: 31.3.2010 23:46:21 - Printer Driver CutePDF Writer Installed
RP10: 31.3.2010 23:47:22 - Printer Driver CutePDF Writer Installed
RP11: 1.4.2010 0:06:10 - Installed Adobe Reader 8
RP12: 1.4.2010 0:15:28 - Installed Java(TM) 6 Update 3
RP13: 1.4.2010 0:18:36 - Installed Alcohol 120%
RP14: 1.4.2010 0:24:59 - Installed Opera 10.10.
RP15: 1.4.2010 0:37:51 - Installed Windows Media Format 9 Series Runtime Setup
RP16: 1.4.2010 1:08:13 - Installed Windows Media Format Runtime
RP17: 1.4.2010 1:09:34 - Printer Driver PDFCreator Installed
RP18: 1.4.2010 1:10:36 - Installed DirectX
RP19: 1.4.2010 14:33:25 - Unsigned driver install
RP20: 1.4.2010 14:37:11 - Installed Eye 110
RP21: 1.4.2010 14:43:17 - Installed WebMate
RP22: 1.4.2010 14:46:51 - Removed Eye 110
RP23: 1.4.2010 14:51:05 - Removed WebMate
RP24: 1.4.2010 14:54:03 - Installed Eye 110
RP25: 1.4.2010 14:57:41 - Installed WebMate
RP26: 4.4.2010 14:15:39 - System Checkpoint
RP27: 5.4.2010 21:23:38 - Software Distribution Service 3.0
RP28: 6.4.2010 12:47:38 - Avg Update
RP29: 8.4.2010 11:56:08 - Avg Update
RP30: 20.4.2010 18:07:54 - Avg Update
RP31: 20.4.2010 18:09:20 - Avg Update
RP32: 4.5.2010 15:47:59 - System Checkpoint
RP33: 4.5.2010 22:59:19 - Printer Driver HP LaserJet 1020 Installed
RP34: 4.5.2010 22:59:29 - Printer Driver HP LaserJet 1022 Installed
RP35: 4.5.2010 22:59:34 - Printer Driver HP LaserJet 1022n Installed
RP36: 4.5.2010 22:59:38 - Printer Driver HP LaserJet 1022nw Installed
RP37: 4.5.2010 23:00:49 - Printer Driver HP LaserJet 1020 Installed
RP38: 4.5.2010 23:01:06 - Printer Driver HP LaserJet 1022 Installed
RP39: 4.5.2010 23:01:22 - Printer Driver HP LaserJet 1022n Installed
RP40: 4.5.2010 23:01:48 - Printer Driver HP LaserJet 1022nw Installed
RP41: 6.5.2010 10:31:12 - Avg Update
RP42: 7.5.2010 10:40:31 - System Checkpoint
RP43: 8.5.2010 11:32:04 - System Checkpoint
RP44: 9.5.2010 15:11:49 - System Checkpoint
RP45: 10.5.2010 16:35:27 - System Checkpoint
RP46: 11.5.2010 17:35:32 - System Checkpoint
RP47: 12.5.2010 22:00:53 - System Checkpoint
RP48: 13.5.2010 23:29:19 - System Checkpoint
RP49: 15.5.2010 11:57:11 - System Checkpoint
RP50: 17.5.2010 17:42:23 - System Checkpoint
RP51: 19.5.2010 10:22:02 - System Checkpoint
RP52: 22.5.2010 12:25:02 - System Checkpoint
RP53: 25.5.2010 0:11:03 - Installed Python 2.6.1
RP54: 29.5.2010 10:00:48 - System Checkpoint
RP55: 30.5.2010 17:25:29 - System Checkpoint
RP56: 31.5.2010 21:34:46 - Installed Java(TM) 6 Update 18
RP57: 31.5.2010 21:35:37 - Installed OpenOffice.org 3.2
RP58: 2.6.2010 21:31:39 - System Checkpoint
RP59: 4.6.2010 20:28:42 - System Checkpoint
RP60: 6.6.2010 10:02:11 - System Checkpoint
RP61: 6.6.2010 13:38:39 - Avg Update
RP62: 7.6.2010 18:39:00 - System Checkpoint
RP63: 9.6.2010 20:31:30 - System Checkpoint
RP64: 12.6.2010 11:18:25 - System Checkpoint
RP65: 17.6.2010 21:30:53 - System Checkpoint
RP66: 20.6.2010 21:09:38 - System Checkpoint
RP67: 23.6.2010 20:55:15 - System Checkpoint
RP68: 26.6.2010 15:40:01 - Avg Update

==== Installed Programs ======================


µTorrent
Adobe Flash Player 10 Plugin
Adobe Reader 8
ATI - Software Uninstall Utility
ATI Control Panel
ATI Display Driver
AVG Free 9.0
Borland C++Builder 5
CutePDF Writer 2.8
D-i-v-X AVI Codec Pack Pro 2.4.0
Eye 110
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB979306)
Java Auto Updater
Java(TM) 6 Update 18
Java(TM) 6 Update 3
LaserJet 1020 series
LimeWire 5.5.8
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Software Update for Web Folders (English) 12
Microsoft Visual C++ 2005 Redistributable
Morton Benson English-Serbian Dictionary
Morton Benson SerboCroatian-English Dictionary
Nero Suite
OpenOffice.org 3.2
Opera 10.10
OrderReminder HP LaserJet 1020
PDFCreator
PDFCreator Toolbar
PowerDVD
Python 2.6.1
RocketDock 1.3.1
Security Update for 2007 Microsoft Office System (KB951550)
Security Update for 2007 Microsoft Office System (KB951944)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923789)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648-)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951748-)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238-)
Security Update for Windows XP (KB971468-)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB971961)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318-)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977165-v2)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978251)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978706)
Skype Toolbars
Skype™ 4.2
Update for 2007 Microsoft Office System (KB967642)
Update for Outlook 2007 Junk Email Filter (kb979895)
Update for Windows XP (KB951978-)
Update for Windows XP (KB955759)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
Update for Windows XP (KB980182)
web'n'walk Manager
WebFldrs XP
WebMate
Winamp
Winamp Detector Plug-in
Windows Genuine Advantage Validation Tool (KB892130)
Windows Media Format Runtime
Windows XP Service Pack 3
WinRAR archiver
WinZip

==== Event Viewer Messages From Past Week ========

21.6.2010 20:22:41, error: W32Time [17] - Time Provider NtpClient: An error occurred during DNS lookup of the manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 15 minutes. The error was: A socket operation was attempted to an unreachable host. (0x80072751)

==== End Of File ===========================


Evo ROOTREPEAL fajla :

ROOTREPEAL (c) AD, 2007-2009
==================================================
Scan Start Time: 2010/06/26 21:14
Program Version: Version 1.3.5.0
Windows Version: Windows XP SP3
==================================================

Drivers
-------------------
Name:
Image Path:
Address: 0xF8459000 Size: 98304 File Visible: No Signed: -
Status: -

Name:
Image Path:
Address: 0x00000000 Size: 0 File Visible: No Signed: -
Status: -

Name: dump_atapi.sys
Image Path: C:\WINDOWS\System32\Drivers\dump_atapi.sys
Address: 0xF15F3000 Size: 98304 File Visible: No Signed: -
Status: -

Name: dump_WMILIB.SYS
Image Path: C:\WINDOWS\System32\Drivers\dump_WMILIB.SYS
Address: 0xF8AC4000 Size: 8192 File Visible: No Signed: -
Status: -

Name: rootrepeal.sys
Image Path: C:\WINDOWS\system32\drivers\rootrepeal.sys
Address: 0xF0532000 Size: 49152 File Visible: No Signed: -
Status: -

Hidden/Locked Files
-------------------
Path: c:\windows\modemlog_huawei mobile connect - 3g modem #4.txt
Status: Size mismatch (API: 9444, Raw: 9250)

Path: c:\program files\t-mobile\web'n'walk manager\log\atrecord.txt
Status: Size mismatch (API: 338164, Raw: 336481)

Path: c:\program files\t-mobile\web'n'walk manager\log\callbalk_trace.txt
Status: Size mismatch (API: 175350, Raw: 174293)

Path: c:\program files\t-mobile\web'n'walk manager\log\func_trace.txt
Status: Size mismatch (API: 74378, Raw: 74092)

Path: c:\documents and settings\all users\application data\avg9\temp\e8b72248-d1b7-4034-8c4c-e4003471de1b.tmp
Status: Allocation size mismatch (API: 71847936, Raw: 0)

SSDT
-------------------
#: 025 Function Name: NtClose
Status: Hooked by "a347bus.sys" at address 0xf84fb028

#: 041 Function Name: NtCreateKey
Status: Hooked by "a347bus.sys" at address 0xf84fafe0

#: 045 Function Name: NtCreatePagingFile
Status: Hooked by "a347bus.sys" at address 0xf84eeb00

#: 071 Function Name: NtEnumerateKey
Status: Hooked by "a347bus.sys" at address 0xf84ef5dc

#: 073 Function Name: NtEnumerateValueKey
Status: Hooked by "a347bus.sys" at address 0xf84fb120

#: 116 Function Name: NtOpenFile
Status: Hooked by "a347bus.sys" at address 0xf84eeb40

#: 119 Function Name: NtOpenKey
Status: Hooked by "a347bus.sys" at address 0xf84fafa4

#: 160 Function Name: NtQueryKey
Status: Hooked by "a347bus.sys" at address 0xf84ef5fc

#: 177 Function Name: NtQueryValueKey
Status: Hooked by "a347bus.sys" at address 0xf84fb076

#: 241 Function Name: NtSetSystemPowerState
Status: Hooked by "a347bus.sys" at address 0xf84fa550

Stealth Objects
-------------------
Object: Hidden Code [Driver: Ntfs, IRP_MJ_READ]
Process: System Address: 0x8238e548 Size: 11

Object: Hidden Code [Driver: a347scsi, IRP_MJ_CREATE]
Process: System Address: 0x81fee2b0 Size: 99

Object: Hidden Code [Driver: a347scsi, IRP_MJ_CREATE_NAMED_PIPE]
Process: System Address: 0x81fee2b0 Size: 99

Object: Hidden Code [Driver: a347scsi, IRP_MJ_CLOSE]
Process: System Address: 0x81fee2b0 Size: 99

Object: Hidden Code [Driver: a347scsi, IRP_MJ_READ]
Process: System Address: 0x81fee2b0 Size: 99

Object: Hidden Code [Driver: a347scsi, IRP_MJ_WRITE]
Process: System Address: 0x81fee2b0 Size: 99

Object: Hidden Code [Driver: a347scsi, IRP_MJ_QUERY_INFORMATION]
Process: System Address: 0x81fee2b0 Size: 99

Object: Hidden Code [Driver: a347scsi, IRP_MJ_SET_INFORMATION]
Process: System Address: 0x81fee2b0 Size: 99

Object: Hidden Code [Driver: a347scsi, IRP_MJ_QUERY_EA]
Process: System Address: 0x81fee2b0 Size: 99

Object: Hidden Code [Driver: a347scsi, IRP_MJ_SET_EA]
Process: System Address: 0x81fee2b0 Size: 99

Object: Hidden Code [Driver: a347scsi, IRP_MJ_FLUSH_BUFFERS]
Process: System Address: 0x81fee2b0 Size: 99

Object: Hidden Code [Driver: a347scsi, IRP_MJ_QUERY_VOLUME_INFORMATION]
Process: System Address: 0x81fee2b0 Size: 99

Object: Hidden Code [Driver: a347scsi, IRP_MJ_SET_VOLUME_INFORMATION]
Process: System Address: 0x81fee2b0 Size: 99

Object: Hidden Code [Driver: a347scsi, IRP_MJ_DIRECTORY_CONTROL]
Process: System Address: 0x81fee2b0 Size: 99

Object: Hidden Code [Driver: a347scsi, IRP_MJ_FILE_SYSTEM_CONTROL]
Process: System Address: 0x81fee2b0 Size: 99

Object: Hidden Code [Driver: a347scsi, IRP_MJ_DEVICE_CONTROL]
Process: System Address: 0x81fee2b0 Size: 99

Object: Hidden Code [Driver: a347scsi, IRP_MJ_INTERNAL_DEVICE_CONTROL]
Process: System Address: 0x81fee2b0 Size: 99

Object: Hidden Code [Driver: a347scsi, IRP_MJ_SHUTDOWN]
Process: System Address: 0x81fee2b0 Size: 99

Object: Hidden Code [Driver: a347scsi, IRP_MJ_LOCK_CONTROL]
Process: System Address: 0x81fee2b0 Size: 99

Object: Hidden Code [Driver: a347scsi, IRP_MJ_CLEANUP]
Process: System Address: 0x81fee2b0 Size: 99

Object: Hidden Code [Driver: a347scsi, IRP_MJ_CREATE_MAILSLOT]
Process: System Address: 0x81fee2b0 Size: 99

Object: Hidden Code [Driver: a347scsi, IRP_MJ_QUERY_SECURITY]
Process: System Address: 0x81fee2b0 Size: 99

Object: Hidden Code [Driver: a347scsi, IRP_MJ_SET_SECURITY]
Process: System Address: 0x81fee2b0 Size: 99

Object: Hidden Code [Driver: a347scsi, IRP_MJ_POWER]
Process: System Address: 0x81fee2b0 Size: 99

Object: Hidden Code [Driver: a347scsi, IRP_MJ_SYSTEM_CONTROL]
Process: System Address: 0x81fee2b0 Size: 99

Object: Hidden Code [Driver: a347scsi, IRP_MJ_DEVICE_CHANGE]
Process: System Address: 0x81fee2b0 Size: 99

Object: Hidden Code [Driver: a347scsi, IRP_MJ_QUERY_QUOTA]
Process: System Address: 0x81fee2b0 Size: 99

Object: Hidden Code [Driver: a347scsi, IRP_MJ_SET_QUOTA]
Process: System Address: 0x81fee2b0 Size: 99

Object: Hidden Code [Driver: a347scsi, IRP_MJ_PNP]
Process: System Address: 0x81fee2b0 Size: 99

Object: Hidden Code [Driver: Cdrom, IRP_MJ_CREATE]
Process: System Address: 0x821fd498 Size: 99

Object: Hidden Code [Driver: Cdrom, IRP_MJ_CREATE_NAMED_PIPE]
Process: System Address: 0x821fd498 Size: 99

Object: Hidden Code [Driver: Cdrom, IRP_MJ_CLOSE]
Process: System Address: 0x821fd498 Size: 99

Object: Hidden Code [Driver: Cdrom, IRP_MJ_READ]
Process: System Address: 0x821fd498 Size: 99

Object: Hidden Code [Driver: Cdrom, IRP_MJ_WRITE]
Process: System Address: 0x821fd498 Size: 99

Object: Hidden Code [Driver: Cdrom, IRP_MJ_QUERY_INFORMATION]
Process: System Address: 0x821fd498 Size: 99

Object: Hidden Code [Driver: Cdrom, IRP_MJ_SET_INFORMATION]
Process: System Address: 0x821fd498 Size: 99

Object: Hidden Code [Driver: Cdrom, IRP_MJ_QUERY_EA]
Process: System Address: 0x821fd498 Size: 99

Object: Hidden Code [Driver: Cdrom, IRP_MJ_SET_EA]
Process: System Address: 0x821fd498 Size: 99

Object: Hidden Code [Driver: Cdrom, IRP_MJ_FLUSH_BUFFERS]
Process: System Address: 0x821fd498 Size: 99

Object: Hidden Code [Driver: Cdrom, IRP_MJ_QUERY_VOLUME_INFORMATION]
Process: System Address: 0x821fd498 Size: 99

Object: Hidden Code [Driver: Cdrom, IRP_MJ_SET_VOLUME_INFORMATION]
Process: System Address: 0x821fd498 Size: 99

Object: Hidden Code [Driver: Cdrom, IRP_MJ_DIRECTORY_CONTROL]
Process: System Address: 0x821fd498 Size: 99

Object: Hidden Code [Driver: Cdrom, IRP_MJ_FILE_SYSTEM_CONTROL]
Process: System Address: 0x821fd498 Size: 99

Object: Hidden Code [Driver: Cdrom, IRP_MJ_DEVICE_CONTROL]
Process: System Address: 0x821fd498 Size: 99

Object: Hidden Code [Driver: Cdrom, IRP_MJ_INTERNAL_DEVICE_CONTROL]
Process: System Address: 0x821fd498 Size: 99

Object: Hidden Code [Driver: Cdrom, IRP_MJ_SHUTDOWN]
Process: System Address: 0x821fd498 Size: 99

Object: Hidden Code [Driver: Cdrom, IRP_MJ_LOCK_CONTROL]
Process: System Address: 0x821fd498 Size: 99

Object: Hidden Code [Driver: Cdrom, IRP_MJ_CLEANUP]
Process: System Address: 0x821fd498 Size: 99

Object: Hidden Code [Driver: Cdrom, IRP_MJ_CREATE_MAILSLOT]
Process: System Address: 0x821fd498 Size: 99

Object: Hidden Code [Driver: Cdrom, IRP_MJ_QUERY_SECURITY]
Process: System Address: 0x821fd498 Size: 99

Object: Hidden Code [Driver: Cdrom, IRP_MJ_SET_SECURITY]
Process: System Address: 0x821fd498 Size: 99

Object: Hidden Code [Driver: Cdrom, IRP_MJ_POWER]
Process: System Address: 0x821fd498 Size: 99

Object: Hidden Code [Driver: Cdrom, IRP_MJ_SYSTEM_CONTROL]
Process: System Address: 0x821fd498 Size: 99

Object: Hidden Code [Driver: Cdrom, IRP_MJ_DEVICE_CHANGE]
Process: System Address: 0x821fd498 Size: 99

Object: Hidden Code [Driver: Cdrom, IRP_MJ_QUERY_QUOTA]
Process: System Address: 0x821fd498 Size: 99

Object: Hidden Code [Driver: Cdrom, IRP_MJ_SET_QUOTA]
Process: System Address: 0x821fd498 Size: 99

Object: Hidden Code [Driver: Cdrom, IRP_MJ_PNP]
Process: System Address: 0x821fd498 Size: 99

Object: Hidden Code [Driver: atapi, IRP_MJ_CREATE]
Process: System Address: 0x820c8008 Size: 99

Object: Hidden Code [Driver: atapi, IRP_MJ_CREATE_NAMED_PIPE]
Process: System Address: 0x820c8008 Size: 99

Object: Hidden Code [Driver: atapi, IRP_MJ_CLOSE]
Process: System Address: 0x820c8008 Size: 99

Object: Hidden Code [Driver: atapi, IRP_MJ_READ]
Process: System Address: 0x820c8008 Size: 99

Object: Hidden Code [Driver: atapi, IRP_MJ_WRITE]
Process: System Address: 0x820c8008 Size: 99

Object: Hidden Code [Driver: atapi, IRP_MJ_QUERY_INFORMATION]
Process: System Address: 0x820c8008 Size: 99

Object: Hidden Code [Driver: atapi, IRP_MJ_SET_INFORMATION]
Process: System Address: 0x820c8008 Size: 99

Object: Hidden Code [Driver: atapi, IRP_MJ_QUERY_EA]
Process: System Address: 0x820c8008 Size: 99

Object: Hidden Code [Driver: atapi, IRP_MJ_SET_EA]
Process: System Address: 0x820c8008 Size: 99

Object: Hidden Code [Driver: atapi, IRP_MJ_FLUSH_BUFFERS]
Process: System Address: 0x820c8008 Size: 99

Object: Hidden Code [Driver: atapi, IRP_MJ_QUERY_VOLUME_INFORMATION]
Process: System Address: 0x820c8008 Size: 99

Object: Hidden Code [Driver: atapi, IRP_MJ_SET_VOLUME_INFORMATION]
Process: System Address: 0x820c8008 Size: 99

Object: Hidden Code [Driver: atapi, IRP_MJ_DIRECTORY_CONTROL]
Process: System Address: 0x820c8008 Size: 99

Object: Hidden Code [Driver: atapi, IRP_MJ_FILE_SYSTEM_CONTROL]
Process: System Address: 0x820c8008 Size: 99

Object: Hidden Code [Driver: atapi, IRP_MJ_DEVICE_CONTROL]
Process: System Address: 0x820c8008 Size: 99

Object: Hidden Code [Driver: atapi, IRP_MJ_INTERNAL_DEVICE_CONTROL]
Process: System Address: 0x820c8008 Size: 99

Object: Hidden Code [Driver: atapi, IRP_MJ_SHUTDOWN]
Process: System Address: 0x820c8008 Size: 99

Object: Hidden Code [Driver: atapi, IRP_MJ_LOCK_CONTROL]
Process: System Address: 0x820c8008 Size: 99

Object: Hidden Code [Driver: atapi, IRP_MJ_CLEANUP]
Process: System Address: 0x820c8008 Size: 99

Object: Hidden Code [Driver: atapi, IRP_MJ_CREATE_MAILSLOT]
Process: System Address: 0x820c8008 Size: 99

Object: Hidden Code [Driver: atapi, IRP_MJ_QUERY_SECURITY]
Process: System Address: 0x820c8008 Size: 99

Object: Hidden Code [Driver: atapi, IRP_MJ_SET_SECURITY]
Process: System Address: 0x820c8008 Size: 99

Object: Hidden Code [Driver: atapi, IRP_MJ_POWER]
Process: System Address: 0x820c8008 Size: 99

Object: Hidden Code [Driver: atapi, IRP_MJ_SYSTEM_CONTROL]
Process: System Address: 0x820c8008 Size: 99

Object: Hidden Code [Driver: atapi, IRP_MJ_DEVICE_CHANGE]
Process: System Address: 0x820c8008 Size: 99

Object: Hidden Code [Driver: atapi, IRP_MJ_QUERY_QUOTA]
Process: System Address: 0x820c8008 Size: 99

Object: Hidden Code [Driver: atapi, IRP_MJ_SET_QUOTA]
Process: System Address: 0x820c8008 Size: 99

Object: Hidden Code [Driver: atapi, IRP_MJ_PNP]
Process: System Address: 0x820c8008 Size: 99

Object: Hidden Code [Driver: USBSTOR, IRP_MJ_CREATE]
Process: System Address: 0x821fbe68 Size: 99

Object: Hidden Code [Driver: USBSTOR, IRP_MJ_CREATE_NAMED_PIPE]
Process: System Address: 0x821fbe68 Size: 99

Object: Hidden Code [Driver: USBSTOR, IRP_MJ_CLOSE]
Process: System Address: 0x821fbe68 Size: 99

Object: Hidden Code [Driver: USBSTOR, IRP_MJ_READ]
Process: System Address: 0x821fbe68 Size: 99

Object: Hidden Code [Driver: USBSTOR, IRP_MJ_WRITE]
Process: System Address: 0x821fbe68 Size: 99

Object: Hidden Code [Driver: USBSTOR, IRP_MJ_QUERY_INFORMATION]
Process: System Address: 0x821fbe68 Size: 99

Object: Hidden Code [Driver: USBSTOR, IRP_MJ_SET_INFORMATION]
Process: System Address: 0x821fbe68 Size: 99

Object: Hidden Code [Driver: USBSTOR, IRP_MJ_QUERY_EA]
Process: System Address: 0x821fbe68 Size: 99

Object: Hidden Code [Driver: USBSTOR, IRP_MJ_SET_EA]
Process: System Address: 0x821fbe68 Size: 99

Object: Hidden Code [Driver: USBSTOR, IRP_MJ_FLUSH_BUFFERS]
Process: System Address: 0x821fbe68 Size: 99

Object: Hidden Code [Driver: USBSTOR, IRP_MJ_QUERY_VOLUME_INFORMATION]
Process: System Address: 0x821fbe68 Size: 99

Object: Hidden Code [Driver: USBSTOR, IRP_MJ_SET_VOLUME_INFORMATION]
Process: System Address: 0x821fbe68 Size: 99

Object: Hidden Code [Driver: USBSTOR, IRP_MJ_DIRECTORY_CONTROL]
Process: System Address: 0x821fbe68 Size: 99

Object: Hidden Code [Driver: USBSTOR, IRP_MJ_FILE_SYSTEM_CONTROL]
Process: System Address: 0x821fbe68 Size: 99

Object: Hidden Code [Driver: USBSTOR, IRP_MJ_DEVICE_CONTROL]
Process: System Address: 0x821fbe68 Size: 99

Object: Hidden Code [Driver: USBSTOR, IRP_MJ_INTERNAL_DEVICE_CONTROL]
Process: System Address: 0x821fbe68 Size: 99

Object: Hidden Code [Driver: USBSTOR, IRP_MJ_SHUTDOWN]
Process: System Address: 0x821fbe68 Size: 99

Object: Hidden Code [Driver: USBSTOR, IRP_MJ_LOCK_CONTROL]
Process: System Address: 0x821fbe68 Size: 99

Object: Hidden Code [Driver: USBSTOR, IRP_MJ_CLEANUP]
Process: System Address: 0x821fbe68 Size: 99

Object: Hidden Code [Driver: USBSTOR, IRP_MJ_CREATE_MAILSLOT]
Process: System Address: 0x821fbe68 Size: 99

Object: Hidden Code [Driver: USBSTOR, IRP_MJ_QUERY_SECURITY]
Process: System Address: 0x821fbe68 Size: 99

Object: Hidden Code [Driver: USBSTOR, IRP_MJ_SET_SECURITY]
Process: System Address: 0x821fbe68 Size: 99

Object: Hidden Code [Driver: USBSTOR, IRP_MJ_POWER]
Process: System Address: 0x821fbe68 Size: 99

Object: Hidden Code [Driver: USBSTOR, IRP_MJ_SYSTEM_CONTROL]
Process: System Address: 0x821fbe68 Size: 99

Object: Hidden Code [Driver: USBSTOR, IRP_MJ_DEVICE_CHANGE]
Process: System Address: 0x821fbe68 Size: 99

Object: Hidden Code [Driver: USBSTOR, IRP_MJ_QUERY_QUOTA]
Process: System Address: 0x821fbe68 Size: 99

Object: Hidden Code [Driver: USBSTOR, IRP_MJ_SET_QUOTA]
Process: System Address: 0x821fbe68 Size: 99

Object: Hidden Code [Driver: USBSTOR, IRP_MJ_PNP]
Process: System Address: 0x821fbe68 Size: 99

Object: Hidden Code [Driver: Rdbss, IRP_MJ_READ]
Process: System Address: 0x81f99ea0 Size: 11

Object: Hidden Code [Driver: Srv, IRP_MJ_READ]
Process: System Address: 0x81fd6df0 Size: 11

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_READ]
Process: System Address: 0x81ebaa38 Size: 11

Object: Hidden Code [Driver: Npfsȅ
剒敬ȁం扏楄렠፨舊Ȃఆ祓瑭, IRP_MJ_READ]
Process: System Address: 0x82077ea8 Size: 11

Object: Hidden Code [Driver: MsfsЅఐ卆浩
, IRP_MJ_READ]
Process: System Address: 0x820ca160 Size: 11

Object: Hidden Code [Driver: Fs_Rec, IRP_MJ_READ]
Process: System Address: 0x820a12e8 Size: 11

Object: Hidden Code [Driver: CdfsЅ
瑎晦Ёః瑎て螠⻦ö, IRP_MJ_READ]
Process: System Address: 0x821fadb8 Size: 11

==EOF==
mycity.rs/must-login.png

mycity.rs/must-login.png

mycity.rs/must-login.png

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Pozdrav.

Preuzmi The Avenger na Desktop.
Raspakuj arhivu u neki folder

Dvoklikom pokreni avenger.exe

Iskopiraj tekst koji se nalazi unutar Kod polja u (beli) prozor programa:


Registry values to delete:
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run | run32

Folders to delete:
C:\Win


Klikni Execute, a zatim Yes u sledeća dva prozora koji će se otvoriti

Kompjuter će se restartovati (u određenim slučajevima: dva puta) i započeti će proces čišćenja/skeniranja

Kada proces bude završen, logfile C:\avenger.txt će se otvoriti u Notepad-u
Iskopiraj sadržaj dobijenog loga u temu na forumu.

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Napisano: 26 Jun 2010 22:25

Logfile of The Avenger Version 2.0, (c) by Swandog46
swandog46.geekstogo.com

Platform: Windows XP

*******************

Script file opened successfully.
Script file read successfully.

Backups directory opened successfully at C:\Avenger

*******************

Beginning to process script file:

Rootkit scan active.
No rootkits found!

Folder "C:\Win" deleted successfully.
Registry value "HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run|run32" deleted successfully.

Completed script processing.

*******************

Finished! Terminate.

Dopuna: 26 Jun 2010 22:27

Je sa ovim rijesen problem tastature ?

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

To ja tebe trebam da pitam?

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Riješen problem.
Hvala puno.

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Koristis li USB memorijske uredjaje (usb flesh, externi hdd, mobilni telefon,...) ?