Možda tražite i:
I-Worm/Stration
Uleteo AdWare pored Kasperskog i MCShield-a
Win32/Adware.ADON
autoit.fl worm problem

MyCity » Ambulanta -> Arhiva Ambulante » zabranjenoov / Stration worm + Adware.roogoo

zabranjenoov / Stration worm + Adware.roogoo

Napisano na dan: 20.6.2007

zabranjenoov / Stration worm + Adware.roogoo

Sledeća strana

Pagination

Odgovori

Dzona Poslao: 20 Jun 2007 00:22 Idi na vrh
offline Dzona Novi MyCity građanin Pridružio: 20 Jun 2007 Poruke: 6	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Logfile of HijackThis v1.99.1 Scan saved at 00:17:18, on 20/06/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\System32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\spoolsv.exe C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe C:\PROGRA~1\Grisoft\AVG7\avgemc.exe C:\Program Files\Common Files\Stardock\SDMCP.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\WgaTray.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\SOUNDMAN.EXE C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe C:\Program Files\Anti-Blaxx\Anti-Blaxx.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\Macrogaming\SweetIM\SweetIM.exe C:\Program Files\Google\Gmail Notifier\G001-1.0.25.0\gnotify.exe C:\Program Files\Conexant\AccessRunner ADSL\CnxDslTb.exe C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe C:\Program Files\PlayTV DVR\Remote\PVRemote.exe C:\Program Files\PlayTV DVR\Monitor.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\Program Files\Free Download Manager\fdm.exe C:\Program Files\Messenger\msmsgs.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Skype\Phone\Skype.exe C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe C:\WINDOWS\BricoPacks\Vista Inspirat\ObjectDock\ObjectDock.exe C:\WINDOWS\BricoPacks\Vista Inspirat\YzShadow\YzShadow.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Skype\Plugin Manager\SkypePM.exe C:\Program Files\Grisoft\AVG7\avgwb.dat C:\PROGRA~1\MOZILL~1\FIREFOX.EXE C:\Documents and Settings\Jovana_2\Desktop\proba\TR3.exe.exe R3 - URLSearchHook: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - (no file) O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: SWEETIE Class - {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} - (no file) O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O3 - Toolbar: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - (no file) O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [LXCFCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCFtime.dll,_RunDLLEntry@16 O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe" O4 - HKLM\..\Run: [Anti-Blaxx Manager] C:\Program Files\Anti-Blaxx\Anti-Blaxx.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [SweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program Files\Google\Gmail Notifier\G001-1.0.25.0\gnotify.exe O4 - HKLM\..\Run: [CnxDslTaskBar] "C:\Program Files\Conexant\AccessRunner ADSL\CnxDslTb.exe" O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s O4 - HKLM\..\Run: [ChangeFilterMerit] C:\Program Files\PlayTV DVR\ChangeFilterMerit.exe O4 - HKLM\..\Run: [PVRemote] C:\Program Files\PlayTV DVR\Remote\PVRemote.exe O4 - HKLM\..\Run: [PlayTV DVR Monitor] C:\Program Files\PlayTV DVR\Monitor.exe O4 - HKLM\..\Run: [TalkAndWrite] C:\Documents and Settings\All Users\Application Data\Skype\Plugins\Plugins\1163D2B46CC742E5A3CC9E4157887751\TalkAndWrite.exe /run O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP O4 - HKCU\..\Run: [msnmsgr] ~"C:\Program Files\MSN Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [BitTorrent] "C:\Program Files\BitTorrent\bittorrent.exe" --force_start_minimized O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [Free Download Manager] C:\Program Files\Free Download Manager\fdm.exe -autorun O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - Startup: Stardock ObjectDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat\ObjectDock\ObjectDock.exe O4 - Startup: Y'z Shadow.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat\YzShadow\YzShadow.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O4 - Global Startup: Service Manager.lnk = C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe O8 - Extra context menu item: Download all with Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm O8 - Extra context menu item: Download selected with Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm O8 - Extra context menu item: Download with Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra button: YU-MP3.COM Account Login - {ECC5777A-6E88-BFCE-13CE-81F134789E7B} - C:\Program Files\Funnsystems YuMp3Com-User-Authorization\YuMp3ComLogin.exe (file missing) O9 - Extra 'Tools' menuitem: &YU-MP3.COM User Login - {ECC5777A-6E88-BFCE-13CE-81F134789E7B} - C:\Program Files\Funnsystems YuMp3Com-User-Authorization\YuMp3ComLogin.exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - messenger.msn.com/download/MsnMessengerSetupDownloader.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{28C5ACEE-82BD-41C4-BDAF-1DBB0707C8E5}: NameServer = 77.105.0.19 77.105.0.18 O17 - HKLM\System\CS1\Services\Tcpip\..\{28C5ACEE-82BD-41C4-BDAF-1DBB0707C8E5}: NameServer = 77.105.0.19 77.105.0.18 O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O20 - AppInit_DLLs: O20 - Winlogon Notify: decstat - cfgd3d.dll (file missing) O20 - Winlogon Notify: dtcclzex - C:\WINDOWS\ O20 - Winlogon Notify: MCPClient - C:\Program Files\Common Files\Stardock\mcpstub.dll O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe O23 - Service: lxcf_device - Unknown owner - C:\WINDOWS\system32\lxcfcoms.exe Pri pokretanju nekih programa i instalacija javlja mi se sledece : " The system DLL user32.dll was relocated in memory. The application will not run properly. The relocation occurred because the DLL C:\WINDOWS\system32\SHELL32.dll occupied an address range reserved for Windows system DLLs. The vendor supplying the DLL should be contacted for a new DLL. Hvala unapred

Profil

DEMIAN Poslao: 20 Jun 2007 04:46 Idi na vrh
offline DEMIAN Legendarni građanin IT Manager Pridružio: 25 Mar 2005 Poruke: 3706 Gde živiš: The darkest place on earth..	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Pozdrav Dzona, Za sam pocetak ces se odluciti koji Anti Virus ces zadrzati na kompu jer ta 2 koje sada imas mogu samo da ti naprave konflikt medjusobno. Jedan od njih obavezno deinstaliraj. Sledece sto ces da uradis je da nam preko ove forme > Upload za Ambulantu! posaljes navedeni fajl na analizu: `C:\WINDOWS\system32\SHELL32.dll` Usput ces proveriti da li na racunaru imas kreiran ovaj folder: `C:\WINDOWS\system32\BAK` O tome ces me izvestiti u sledecemo postu. Nista ne brisi na svoju ruku sve dok ti ja ne budem napisao da to uradis. U slucaju da nesto od ovoga nije vidljivo preko Windows Explorer-a uradices sledece pa zatim potraziti ponovo: My Computer > izabere se Tools menu i klik na Folder Options. Izabere se View tab. Nadje se Hidden files and folders označi opcija Show hidden files and folders. Deštiklira opcija Hide file extensions for known types. Destiklira opcija Hide protected operating system files ---------------- Zatim skeniraj komp sa GMER-om i postavi log da proverimo da nema nekih rootkitova... Uradi sledeće: Preuzmi fajl gmer.zip sa ovog linka i sačuvaj na Desktop-u. Raspakuj ga u neki folder. Dupli klik na gmer.exe za početak: Izaberi Rootkit Tab na vrhu. Klikni na Scan. Kada je skeniranje završeno, klik na Copy dugme ispod - ovo će sačuvati to u Clipboard. Iskoristi opciju Paste u Notepad-u da bi to prebacio u tekst. Snimi taj tekst iz Notepada kao file1.txt. Ponovi ovo isto sa Autostart Tab-om. Snimi taj tekst iz Notepada kao file2.txt. Iskopiraj nam ovde sadrzaj ta dva fajla koja smo malopre snimili.

Profil

Dzona Poslao: 20 Jun 2007 11:27 Idi na vrh
offline Dzona Novi MyCity građanin Pridružio: 20 Jun 2007 Poruke: 6	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! E ovako, Ostavila sam AVAST Anti Virus, pokusala sam da uploadujem ovaj file sto si mi rekao ali on ima 29,7 Mb pa i posle sat i 15 minuta nije ga uploadovao. Nemam kreiran C:\WINDOWS\system32\BAK folder na racunaru. GMER 1.0.12.12244 - gmer.net Rootkit scan 2007-06-20 11:23:43 Windows 5.1.2600 Service Pack 2 ---- System - GMER 1.0.12 ---- SSDT d347bus.sys ZwClose SSDT d347bus.sys ZwCreateKey SSDT d347bus.sys ZwCreatePagingFile SSDT d347bus.sys ZwEnumerateKey SSDT d347bus.sys ZwEnumerateValueKey SSDT d347bus.sys ZwOpenKey SSDT d347bus.sys ZwQueryKey SSDT d347bus.sys ZwQueryValueKey SSDT d347bus.sys ZwSetSystemPowerState ---- Kernel code sections - GMER 1.0.12 ---- ? C:\WINDOWS\System32\DRIVERS\update.sys ---- User code sections - GMER 1.0.12 ---- .text C:\Program Files\MSN Messenger\msnmsgr.exe[2424] kernel32.dll!LoadLibraryExW 7C801AF1 6 Bytes JMP 5F070F5A .text C:\Program Files\MSN Messenger\msnmsgr.exe[2424] kernel32.dll!LoadLibraryA 7C801D77 6 Bytes JMP 5F280F5A .text C:\Program Files\MSN Messenger\msnmsgr.exe[2424] kernel32.dll!LoadResource 7C809FB5 6 Bytes JMP 5F1F0F5A .text C:\Program Files\MSN Messenger\msnmsgr.exe[2424] kernel32.dll!GetProcAddress 7C80ADA0 6 Bytes JMP 5F220F5A .text C:\Program Files\MSN Messenger\msnmsgr.exe[2424] kernel32.dll!LoadLibraryW 7C80AE4B 6 Bytes JMP 5F250F5A .text C:\Program Files\MSN Messenger\msnmsgr.exe[2424] kernel32.dll!FindResourceW 7C80BBCE 6 Bytes JMP 5F160F5A .text C:\Program Files\MSN Messenger\msnmsgr.exe[2424] kernel32.dll!SizeofResource 7C80BC69 6 Bytes JMP 5F1C0F5A .text C:\Program Files\MSN Messenger\msnmsgr.exe[2424] kernel32.dll!FindResourceA 7C80BE89 6 Bytes JMP 5F190F5A .text C:\Program Files\MSN Messenger\msnmsgr.exe[2424] kernel32.dll!SetUnhandledExceptionFilter 7C84467D 5 Bytes JMP 004DE392 C:\Program Files\MSN Messenger\msnmsgr.exe .text C:\Program Files\MSN Messenger\msnmsgr.exe[2424] ADVAPI32.dll!RegQueryValueExA 77DD7883 6 Bytes JMP 5F040F5A .text C:\Program Files\MSN Messenger\msnmsgr.exe[2424] USER32.dll!DispatchMessageW 7E418A01 6 Bytes JMP 5F130F5A .text C:\Program Files\MSN Messenger\msnmsgr.exe[2424] USER32.dll!SetWindowLongW 7E41D62B 6 Bytes JMP 5F0D0F5A .text C:\Program Files\MSN Messenger\msnmsgr.exe[2424] USER32.dll!DestroyWindow 7E41DAEA 3 Bytes [ FF, 25, 1E ] .text C:\Program Files\MSN Messenger\msnmsgr.exe[2424] USER32.dll!DestroyWindow + 4 7E41DAEE 2 Bytes [ 11, 5F ] .text C:\Program Files\MSN Messenger\msnmsgr.exe[2424] USER32.dll!CreateWindowExW 7E41FC25 6 Bytes JMP 5F0A0F5A .text C:\Program Files\MSN Messenger\msnmsgr.exe[2424] WININET.dll!HttpOpenRequestA 771C36AD 6 Bytes JMP 5F2B0F5A .text C:\Program Files\MSN Messenger\msnmsgr.exe[2424] WININET.dll!InternetCloseHandle 771C4D6C 6 Bytes JMP 5F340F5A .text C:\Program Files\MSN Messenger\msnmsgr.exe[2424] WININET.dll!HttpQueryInfoA 771C780A 6 Bytes JMP 5F2E0F5A .text C:\Program Files\MSN Messenger\msnmsgr.exe[2424] WININET.dll!InternetReadFile 771C80F4 6 Bytes JMP 5F310F5A .text C:\Program Files\MSN Messenger\msnmsgr.exe[2424] WININET.dll!GetUrlCacheEntryInfoExW 771D688D 6 Bytes JMP 5F370F5A ---- Devices - GMER 1.0.12 ---- Device \FileSystem\Ntfs \Ntfs IRP_MJ_READ 8255D550 Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_CREATE 822EED08 Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_CREATE_NAMED_PIPE 822EED08 Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_CLOSE 822EED08 Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_READ 822EED08 Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_WRITE 822EED08 Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_QUERY_INFORMATION 822EED08 Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_SET_INFORMATION 822EED08 Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_QUERY_EA 822EED08 Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_SET_EA 822EED08 Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_FLUSH_BUFFERS 822EED08 Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_QUERY_VOLUME_INFORMATION 822EED08 Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_SET_VOLUME_INFORMATION 822EED08 Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_DIRECTORY_CONTROL 822EED08 Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_FILE_SYSTEM_CONTROL 822EED08 Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_DEVICE_CONTROL 822EED08 Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_INTERNAL_DEVICE_CONTROL 822EED08 Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_SHUTDOWN 822EED08 Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_LOCK_CONTROL 822EED08 Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_CLEANUP 822EED08 Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_CREATE_MAILSLOT 822EED08 Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_QUERY_SECURITY 822EED08 Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_SET_SECURITY 822EED08 Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_POWER 822EED08 Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_SYSTEM_CONTROL 822EED08 Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_DEVICE_CHANGE 822EED08 Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_QUERY_QUOTA 822EED08 Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_SET_QUOTA 822EED08 Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_PNP 822EED08 Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_READ 81D6E6F0 Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_CREATE 822EED08 Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_CREATE_NAMED_PIPE 822EED08 Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_CLOSE 822EED08 Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_READ 822EED08 Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_WRITE 822EED08 Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_QUERY_INFORMATION 822EED08 Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_SET_INFORMATION 822EED08 Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_QUERY_EA 822EED08 Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_SET_EA 822EED08 Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_FLUSH_BUFFERS 822EED08 Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_QUERY_VOLUME_INFORMATION 822EED08 Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_SET_VOLUME_INFORMATION 822EED08 Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_DIRECTORY_CONTROL 822EED08 Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_FILE_SYSTEM_CONTROL 822EED08 Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_DEVICE_CONTROL 822EED08 Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_INTERNAL_DEVICE_CONTROL 822EED08 Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_SHUTDOWN 822EED08 Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_LOCK_CONTROL 822EED08 Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_CLEANUP 822EED08 Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_CREATE_MAILSLOT 822EED08 Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_QUERY_SECURITY 822EED08 Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_SET_SECURITY 822EED08 Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_POWER 822EED08 Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_SYSTEM_CONTROL 822EED08 Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_DEVICE_CHANGE 822EED08 Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_QUERY_QUOTA 822EED08 Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_SET_QUOTA 822EED08 Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_PNP 822EED08 Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_CREATE 822F03A8 Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_CREATE_NAMED_PIPE 822F03A8 Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_CLOSE 822F03A8 Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_READ 822F03A8 Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_WRITE 822F03A8 Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_QUERY_INFORMATION 822F03A8 Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_SET_INFORMATION 822F03A8 Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_QUERY_EA 822F03A8 Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_SET_EA 822F03A8 Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_FLUSH_BUFFERS 822F03A8 Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_QUERY_VOLUME_INFORMATION 822F03A8 Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_SET_VOLUME_INFORMATION 822F03A8 Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_DIRECTORY_CONTROL 822F03A8 Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_FILE_SYSTEM_CONTROL 822F03A8 Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_DEVICE_CONTROL 822F03A8 Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_INTERNAL_DEVICE_CONTROL 822F03A8 Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_SHUTDOWN 822F03A8 Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_LOCK_CONTROL 822F03A8 Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_CLEANUP 822F03A8 Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_CREATE_MAILSLOT 822F03A8 Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_QUERY_SECURITY 822F03A8 Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_SET_SECURITY 822F03A8 Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_POWER 822F03A8 Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_SYSTEM_CONTROL 822F03A8 Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_DEVICE_CHANGE 822F03A8 Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_QUERY_QUOTA 822F03A8 Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_SET_QUOTA 822F03A8 Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_PNP 822F03A8 Device \Driver\atapi \Device\Ide\IdeDeviceP2T0L0-5 IRP_MJ_CREATE 822F03A8 Device \Driver\atapi \Device\Ide\IdeDeviceP2T0L0-5 IRP_MJ_CREATE_NAMED_PIPE 822F03A8 Device \Driver\atapi \Device\Ide\IdeDeviceP2T0L0-5 IRP_MJ_CLOSE 822F03A8 Device \Driver\atapi \Device\Ide\IdeDeviceP2T0L0-5 IRP_MJ_READ 822F03A8 Device \Driver\atapi \Device\Ide\IdeDeviceP2T0L0-5 IRP_MJ_WRITE 822F03A8 Device \Driver\atapi \Device\Ide\IdeDeviceP2T0L0-5 IRP_MJ_QUERY_INFORMATION 822F03A8 Device \Driver\atapi \Device\Ide\IdeDeviceP2T0L0-5 IRP_MJ_SET_INFORMATION 822F03A8 Device \Driver\atapi \Device\Ide\IdeDeviceP2T0L0-5 IRP_MJ_QUERY_EA 822F03A8 Device \Driver\atapi \Device\Ide\IdeDeviceP2T0L0-5 IRP_MJ_SET_EA 822F03A8 Device \Driver\atapi \Device\Ide\IdeDeviceP2T0L0-5 IRP_MJ_FLUSH_BUFFERS 822F03A8 Device \Driver\atapi \Device\Ide\IdeDeviceP2T0L0-5 IRP_MJ_QUERY_VOLUME_INFORMATION 822F03A8 Device \Driver\atapi \Device\Ide\IdeDeviceP2T0L0-5 IRP_MJ_SET_VOLUME_INFORMATION 822F03A8 Device \Driver\atapi \Device\Ide\IdeDeviceP2T0L0-5 IRP_MJ_DIRECTORY_CONTROL 822F03A8 Device \Driver\atapi \Device\Ide\IdeDeviceP2T0L0-5 IRP_MJ_FILE_SYSTEM_CONTROL 822F03A8 Device \Driver\atapi \Device\Ide\IdeDeviceP2T0L0-5 IRP_MJ_DEVICE_CONTROL 822F03A8 Device \Driver\atapi \Device\Ide\IdeDeviceP2T0L0-5 IRP_MJ_INTERNAL_DEVICE_CONTROL 822F03A8 Device \Driver\atapi \Device\Ide\IdeDeviceP2T0L0-5 IRP_MJ_SHUTDOWN 822F03A8 Device \Driver\atapi \Device\Ide\IdeDeviceP2T0L0-5 IRP_MJ_LOCK_CONTROL 822F03A8 Device \Driver\atapi \Device\Ide\IdeDeviceP2T0L0-5 IRP_MJ_CLEANUP 822F03A8 Device \Driver\atapi \Device\Ide\IdeDeviceP2T0L0-5 IRP_MJ_CREATE_MAILSLOT 822F03A8 Device \Driver\atapi \Device\Ide\IdeDeviceP2T0L0-5 IRP_MJ_QUERY_SECURITY 822F03A8 Device \Driver\atapi \Device\Ide\IdeDeviceP2T0L0-5 IRP_MJ_SET_SECURITY 822F03A8 Device \Driver\atapi \Device\Ide\IdeDeviceP2T0L0-5 IRP_MJ_POWER 822F03A8 Device \Driver\atapi \Device\Ide\IdeDeviceP2T0L0-5 IRP_MJ_SYSTEM_CONTROL 822F03A8 Device \Driver\atapi \Device\Ide\IdeDeviceP2T0L0-5 IRP_MJ_DEVICE_CHANGE 822F03A8 Device \Driver\atapi \Device\Ide\IdeDeviceP2T0L0-5 IRP_MJ_QUERY_QUOTA 822F03A8 Device \Driver\atapi \Device\Ide\IdeDeviceP2T0L0-5 IRP_MJ_SET_QUOTA 822F03A8 Device \Driver\atapi \Device\Ide\IdeDeviceP2T0L0-5 IRP_MJ_PNP 822F03A8 Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_CREATE 822F03A8 Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_CREATE_NAMED_PIPE 822F03A8 Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_CLOSE 822F03A8 Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_READ 822F03A8 Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_WRITE 822F03A8 Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_QUERY_INFORMATION 822F03A8 Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_SET_INFORMATION 822F03A8 Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_QUERY_EA 822F03A8 Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_SET_EA 822F03A8 Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_FLUSH_BUFFERS 822F03A8 Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_QUERY_VOLUME_INFORMATION 822F03A8 Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_SET_VOLUME_INFORMATION 822F03A8 Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_DIRECTORY_CONTROL 822F03A8 Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_FILE_SYSTEM_CONTROL 822F03A8 Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_DEVICE_CONTROL 822F03A8 Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_INTERNAL_DEVICE_CONTROL 822F03A8 Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_SHUTDOWN 822F03A8 Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_LOCK_CONTROL 822F03A8 Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_CLEANUP 822F03A8 Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_CREATE_MAILSLOT 822F03A8 Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_QUERY_SECURITY 822F03A8 Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_SET_SECURITY 822F03A8 Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_POWER 822F03A8 Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_SYSTEM_CONTROL 822F03A8 Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_DEVICE_CHANGE 822F03A8 Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_QUERY_QUOTA 822F03A8 Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_SET_QUOTA 822F03A8 Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_PNP 822F03A8 Device \Driver\atapi \Device\Ide\IdePort2 IRP_MJ_CREATE 822F03A8 Device \Driver\atapi \Device\Ide\IdePort2 IRP_MJ_CREATE_NAMED_PIPE 822F03A8 Device \Driver\atapi \Device\Ide\IdePort2 IRP_MJ_CLOSE 822F03A8 Device \Driver\atapi \Device\Ide\IdePort2 IRP_MJ_READ 822F03A8 Device \Driver\atapi \Device\Ide\IdePort2 IRP_MJ_WRITE 822F03A8 Device \Driver\atapi \Device\Ide\IdePort2 IRP_MJ_QUERY_INFORMATION 822F03A8 Device \Driver\atapi \Device\Ide\IdePort2 IRP_MJ_SET_INFORMATION 822F03A8 Device \Driver\atapi \Device\Ide\IdePort2 IRP_MJ_QUERY_EA 822F03A8 Device \Driver\atapi \Device\Ide\IdePort2 IRP_MJ_SET_EA 822F03A8 Device \Driver\atapi \Device\Ide\IdePort2 IRP_MJ_FLUSH_BUFFERS 822F03A8 Device \Driver\atapi \Device\Ide\IdePort2 IRP_MJ_QUERY_VOLUME_INFORMATION 822F03A8 Device \Driver\atapi \Device\Ide\IdePort2 IRP_MJ_SET_VOLUME_INFORMATION 822F03A8 Device \Driver\atapi \Device\Ide\IdePort2 IRP_MJ_DIRECTORY_CONTROL 822F03A8 Device \Driver\atapi \Device\Ide\IdePort2 IRP_MJ_FILE_SYSTEM_CONTROL 822F03A8 Device \Driver\atapi \Device\Ide\IdePort2 IRP_MJ_DEVICE_CONTROL 822F03A8 Device \Driver\atapi \Device\Ide\IdePort2 IRP_MJ_INTERNAL_DEVICE_CONTROL 822F03A8 Device \Driver\atapi \Device\Ide\IdePort2 IRP_MJ_SHUTDOWN 822F03A8 Device \Driver\atapi \Device\Ide\IdePort2 IRP_MJ_LOCK_CONTROL 822F03A8 Device \Driver\atapi \Device\Ide\IdePort2 IRP_MJ_CLEANUP 822F03A8 Device \Driver\atapi \Device\Ide\IdePort2 IRP_MJ_CREATE_MAILSLOT 822F03A8 Device \Driver\atapi \Device\Ide\IdePort2 IRP_MJ_QUERY_SECURITY 822F03A8 Device \Driver\atapi \Device\Ide\IdePort2 IRP_MJ_SET_SECURITY 822F03A8 Device \Driver\atapi \Device\Ide\IdePort2 IRP_MJ_POWER 822F03A8 Device \Driver\atapi \Device\Ide\IdePort2 IRP_MJ_SYSTEM_CONTROL 822F03A8 Device \Driver\atapi \Device\Ide\IdePort2 IRP_MJ_DEVICE_CHANGE 822F03A8 Device \Driver\atapi \Device\Ide\IdePort2 IRP_MJ_QUERY_QUOTA 822F03A8 Device \Driver\atapi \Device\Ide\IdePort2 IRP_MJ_SET_QUOTA 822F03A8 Device \Driver\atapi \Device\Ide\IdePort2 IRP_MJ_PNP 822F03A8 Device \Driver\atapi \Device\Ide\IdePort3 IRP_MJ_CREATE 822F03A8 Device \Driver\atapi \Device\Ide\IdePort3 IRP_MJ_CREATE_NAMED_PIPE 822F03A8 Device \Driver\atapi \Device\Ide\IdePort3 IRP_MJ_CLOSE 822F03A8 Device \Driver\atapi \Device\Ide\IdePort3 IRP_MJ_READ 822F03A8 Device \Driver\atapi \Device\Ide\IdePort3 IRP_MJ_WRITE 822F03A8 Device \Driver\atapi \Device\Ide\IdePort3 IRP_MJ_QUERY_INFORMATION 822F03A8 Device \Driver\atapi \Device\Ide\IdePort3 IRP_MJ_SET_INFORMATION 822F03A8 Device \Driver\atapi \Device\Ide\IdePort3 IRP_MJ_QUERY_EA 822F03A8 Device \Driver\atapi \Device\Ide\IdePort3 IRP_MJ_SET_EA 822F03A8 Device \Driver\atapi \Device\Ide\IdePort3 IRP_MJ_FLUSH_BUFFERS 822F03A8 Device \Driver\atapi \Device\Ide\IdePort3 IRP_MJ_QUERY_VOLUME_INFORMATION 822F03A8 Device \Driver\atapi \Device\Ide\IdePort3 IRP_MJ_SET_VOLUME_INFORMATION 822F03A8 Device \Driver\atapi \Device\Ide\IdePort3 IRP_MJ_DIRECTORY_CONTROL 822F03A8 Device \Driver\atapi \Device\Ide\IdePort3 IRP_MJ_FILE_SYSTEM_CONTROL 822F03A8 Device \Driver\atapi \Device\Ide\IdePort3 IRP_MJ_DEVICE_CONTROL 822F03A8 Device \Driver\atapi \Device\Ide\IdePort3 IRP_MJ_INTERNAL_DEVICE_CONTROL 822F03A8 Device \Driver\atapi \Device\Ide\IdePort3 IRP_MJ_SHUTDOWN 822F03A8 Device \Driver\atapi \Device\Ide\IdePort3 IRP_MJ_LOCK_CONTROL 822F03A8 Device \Driver\atapi \Device\Ide\IdePort3 IRP_MJ_CLEANUP 822F03A8 Device \Driver\atapi \Device\Ide\IdePort3 IRP_MJ_CREATE_MAILSLOT 822F03A8 Device \Driver\atapi \Device\Ide\IdePort3 IRP_MJ_QUERY_SECURITY 822F03A8 Device \Driver\atapi \Device\Ide\IdePort3 IRP_MJ_SET_SECURITY 822F03A8 Device \Driver\atapi \Device\Ide\IdePort3 IRP_MJ_POWER 822F03A8 Device \Driver\atapi \Device\Ide\IdePort3 IRP_MJ_SYSTEM_CONTROL 822F03A8 Device \Driver\atapi \Device\Ide\IdePort3 IRP_MJ_DEVICE_CHANGE 822F03A8 Device \Driver\atapi \Device\Ide\IdePort3 IRP_MJ_QUERY_QUOTA 822F03A8 Device \Driver\atapi \Device\Ide\IdePort3 IRP_MJ_SET_QUOTA 822F03A8 Device \Driver\atapi \Device\Ide\IdePort3 IRP_MJ_PNP 822F03A8 Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-12 IRP_MJ_CREATE 822F03A8 Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-12 IRP_MJ_CREATE_NAMED_PIPE 822F03A8 Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-12 IRP_MJ_CLOSE 822F03A8 Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-12 IRP_MJ_READ 822F03A8 Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-12 IRP_MJ_WRITE 822F03A8 Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-12 IRP_MJ_QUERY_INFORMATION 822F03A8 Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-12 IRP_MJ_SET_INFORMATION 822F03A8 Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-12 IRP_MJ_QUERY_EA 822F03A8 Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-12 IRP_MJ_SET_EA 822F03A8 Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-12 IRP_MJ_FLUSH_BUFFERS 822F03A8 Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-12 IRP_MJ_QUERY_VOLUME_INFORMATION 822F03A8 Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-12 IRP_MJ_SET_VOLUME_INFORMATION 822F03A8 Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-12 IRP_MJ_DIRECTORY_CONTROL 822F03A8 Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-12 IRP_MJ_FILE_SYSTEM_CONTROL 822F03A8 Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-12 IRP_MJ_DEVICE_CONTROL 822F03A8 Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-12 IRP_MJ_INTERNAL_DEVICE_CONTROL 822F03A8 Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-12 IRP_MJ_SHUTDOWN 822F03A8 Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-12 IRP_MJ_LOCK_CONTROL 822F03A8 Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-12 IRP_MJ_CLEANUP 822F03A8 Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-12 IRP_MJ_CREATE_MAILSLOT 822F03A8 Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-12 IRP_MJ_QUERY_SECURITY 822F03A8 Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-12 IRP_MJ_SET_SECURITY 822F03A8 Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-12 IRP_MJ_POWER 822F03A8 Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-12 IRP_MJ_SYSTEM_CONTROL 822F03A8 Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-12 IRP_MJ_DEVICE_CHANGE 822F03A8 Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-12 IRP_MJ_QUERY_QUOTA 822F03A8 Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-12 IRP_MJ_SET_QUOTA 822F03A8 Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-12 IRP_MJ_PNP 822F03A8 Device \FileSystem\Srv \Device\LanmanServer IRP_MJ_READ 822C7E78 Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_READ 82286D80 Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_READ 82286D80 Device \FileSystem\Npfs \Device\NamedPipe IRP_MJ_READ 81D726F8 Device \FileSystem\Msfs \Device\Mailslot IRP_MJ_READ 81D776F0 Device \Driver\d347prt \Device\Scsi\d347prt1Port4Path0Target0Lun0 IRP_MJ_CREATE 82413008 Device \Driver\d347prt \Device\Scsi\d347prt1Port4Path0Target0Lun0 IRP_MJ_CREATE_NAMED_PIPE 82413008 Device \Driver\d347prt \Device\Scsi\d347prt1Port4Path0Target0Lun0 IRP_MJ_CLOSE 82413008 Device \Driver\d347prt \Device\Scsi\d347prt1Port4Path0Target0Lun0 IRP_MJ_READ 82413008 Device \Driver\d347prt \Device\Scsi\d347prt1Port4Path0Target0Lun0 IRP_MJ_WRITE 82413008 Device \Driver\d347prt \Device\Scsi\d347prt1Port4Path0Target0Lun0 IRP_MJ_QUERY_INFORMATION 82413008 Device \Driver\d347prt \Device\Scsi\d347prt1Port4Path0Target0Lun0 IRP_MJ_SET_INFORMATION 82413008 Device \Driver\d347prt \Device\Scsi\d347prt1Port4Path0Target0Lun0 IRP_MJ_QUERY_EA 82413008 Device \Driver\d347prt \Device\Scsi\d347prt1Port4Path0Target0Lun0 IRP_MJ_SET_EA 82413008 Device \Driver\d347prt \Device\Scsi\d347prt1Port4Path0Target0Lun0 IRP_MJ_FLUSH_BUFFERS 82413008 Device \Driver\d347prt \Device\Scsi\d347prt1Port4Path0Target0Lun0 IRP_MJ_QUERY_VOLUME_INFORMATION 82413008 Device \Driver\d347prt \Device\Scsi\d347prt1Port4Path0Target0Lun0 IRP_MJ_SET_VOLUME_INFORMATION 82413008 Device \Driver\d347prt \Device\Scsi\d347prt1Port4Path0Target0Lun0 IRP_MJ_DIRECTORY_CONTROL 82413008 Device \Driver\d347prt \Device\Scsi\d347prt1Port4Path0Target0Lun0 IRP_MJ_FILE_SYSTEM_CONTROL 82413008 Device \Driver\d347prt \Device\Scsi\d347prt1Port4Path0Target0Lun0 IRP_MJ_DEVICE_CONTROL 82413008 Device \Driver\d347prt \Device\Scsi\d347prt1Port4Path0Target0Lun0 IRP_MJ_INTERNAL_DEVICE_CONTROL 82413008 Device \Driver\d347prt \Device\Scsi\d347prt1Port4Path0Target0Lun0 IRP_MJ_SHUTDOWN 82413008 Device \Driver\d347prt \Device\Scsi\d347prt1Port4Path0Target0Lun0 IRP_MJ_LOCK_CONTROL 82413008 Device \Driver\d347prt \Device\Scsi\d347prt1Port4Path0Target0Lun0 IRP_MJ_CLEANUP 82413008 Device \Driver\d347prt \Device\Scsi\d347prt1Port4Path0Target0Lun0 IRP_MJ_CREATE_MAILSLOT 82413008 Device \Driver\d347prt \Device\Scsi\d347prt1Port4Path0Target0Lun0 IRP_MJ_QUERY_SECURITY 82413008 Device \Driver\d347prt \Device\Scsi\d347prt1Port4Path0Target0Lun0 IRP_MJ_SET_SECURITY 82413008 Device \Driver\d347prt \Device\Scsi\d347prt1Port4Path0Target0Lun0 IRP_MJ_POWER 82413008 Device \Driver\d347prt \Device\Scsi\d347prt1Port4Path0Target0Lun0 IRP_MJ_SYSTEM_CONTROL 82413008 Device \Driver\d347prt \Device\Scsi\d347prt1Port4Path0Target0Lun0 IRP_MJ_DEVICE_CHANGE 82413008 Device \Driver\d347prt \Device\Scsi\d347prt1Port4Path0Target0Lun0 IRP_MJ_QUERY_QUOTA 82413008 Device \Driver\d347prt \Device\Scsi\d347prt1Port4Path0Target0Lun0 IRP_MJ_SET_QUOTA 82413008 Device \Driver\d347prt \Device\Scsi\d347prt1Port4Path0Target0Lun0 IRP_MJ_PNP 82413008 Device \Driver\d347prt \Device\Scsi\d347prt1 IRP_MJ_CREATE 82413008 Device \Driver\d347prt \Device\Scsi\d347prt1 IRP_MJ_CREATE_NAMED_PIPE 82413008 Device \Driver\d347prt \Device\Scsi\d347prt1 IRP_MJ_CLOSE 82413008 Device \Driver\d347prt \Device\Scsi\d347prt1 IRP_MJ_READ 82413008 Device \Driver\d347prt \Device\Scsi\d347prt1 IRP_MJ_WRITE 82413008 Device \Driver\d347prt \Device\Scsi\d347prt1 IRP_MJ_QUERY_INFORMATION 82413008 Device \Driver\d347prt \Device\Scsi\d347prt1 IRP_MJ_SET_INFORMATION 82413008 Device \Driver\d347prt \Device\Scsi\d347prt1 IRP_MJ_QUERY_EA 82413008 Device \Driver\d347prt \Device\Scsi\d347prt1 IRP_MJ_SET_EA 82413008 Device \Driver\d347prt \Device\Scsi\d347prt1 IRP_MJ_FLUSH_BUFFERS 82413008 Device \Driver\d347prt \Device\Scsi\d347prt1 IRP_MJ_QUERY_VOLUME_INFORMATION 82413008 Device \Driver\d347prt \Device\Scsi\d347prt1 IRP_MJ_SET_VOLUME_INFORMATION 82413008 Device \Driver\d347prt \Device\Scsi\d347prt1 IRP_MJ_DIRECTORY_CONTROL 82413008 Device \Driver\d347prt \Device\Scsi\d347prt1 IRP_MJ_FILE_SYSTEM_CONTROL 82413008 Device \Driver\d347prt \Device\Scsi\d347prt1 IRP_MJ_DEVICE_CONTROL 82413008 Device \Driver\d347prt \Device\Scsi\d347prt1 IRP_MJ_INTERNAL_DEVICE_CONTROL 82413008 Device \Driver\d347prt \Device\Scsi\d347prt1 IRP_MJ_SHUTDOWN 82413008 Device \Driver\d347prt \Device\Scsi\d347prt1 IRP_MJ_LOCK_CONTROL 82413008 Device \Driver\d347prt \Device\Scsi\d347prt1 IRP_MJ_CLEANUP 82413008 Device \Driver\d347prt \Device\Scsi\d347prt1 IRP_MJ_CREATE_MAILSLOT 82413008 Device \Driver\d347prt \Device\Scsi\d347prt1 IRP_MJ_QUERY_SECURITY 82413008 Device \Driver\d347prt \Device\Scsi\d347prt1 IRP_MJ_SET_SECURITY 82413008 Device \Driver\d347prt \Device\Scsi\d347prt1 IRP_MJ_POWER 82413008 Device \Driver\d347prt \Device\Scsi\d347prt1 IRP_MJ_SYSTEM_CONTROL 82413008 Device \Driver\d347prt \Device\Scsi\d347prt1 IRP_MJ_DEVICE_CHANGE 82413008 Device \Driver\d347prt \Device\Scsi\d347prt1 IRP_MJ_QUERY_QUOTA 82413008 Device \Driver\d347prt \Device\Scsi\d347prt1 IRP_MJ_SET_QUOTA 82413008 Device \Driver\d347prt \Device\Scsi\d347prt1 IRP_MJ_PNP 82413008 Device \FileSystem\Fs_Rec \FileSystem\UdfsCdRomRecognizer IRP_MJ_READ 82264500 Device \FileSystem\Fs_Rec \FileSystem\FatCdRomRecognizer IRP_MJ_READ 82264500 Device \FileSystem\Fs_Rec \FileSystem\CdfsRecognizer IRP_MJ_READ 82264500 Device \FileSystem\Fs_Rec \FileSystem\FatDiskRecognizer IRP_MJ_READ 82264500 Device \FileSystem\Fs_Rec \FileSystem\UdfsDiskRecognizer IRP_MJ_READ 82264500 Device \FileSystem\Cdfs \Cdfs IRP_MJ_READ 822CF998 ---- Modules - GMER 1.0.12 ---- Module _________ F84A2000-F84BA000 (98304 bytes) ---- EOF - GMER 1.0.12 ---- GMER 1.0.12.12244 - gmer.net Autostart scan 2007-06-20 11:25:55 Windows 5.1.2600 Service Pack 2 HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems@Windows = %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,3072,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16 HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon@Userinit = C:\WINDOWS\system32\userinit.exe, HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ >>> AtiExtEvent@DLLName = Ati2evxx.dll decstat@DLLName = cfgd3d.dll /file not found/ MCPClient@DLLName = C:\Program Files\Common Files\Stardock\mcpstub.dll WgaLogon@DLLName = WgaLogon.dll HKLM\Software\Microsoft\Windows NT\CurrentVersion\Windows@AppInit_DLLs = HKLM\SYSTEM\CurrentControlSet\Services\ >>> aswUpdSv /avast! iAVS4 Control Service/@ = "C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe" Ati HotKey Poller@ = %SystemRoot%\System32\Ati2evxx.exe avast! Antivirus /avast! Antivirus/@ = "C:\Program Files\Alwil Software\Avast4\ashServ.exe" ScsiPort@ = %SystemRoot%\system32\drivers\scsiport.sys Spooler /Print Spooler/@ = %SystemRoot%\system32\spoolsv.exe UMWdf /Windows User Mode Driver Framework/@ = C:\WINDOWS\system32\wdfmgr.exe HKLM\Software\Microsoft\Windows\CurrentVersion\Run >>> @SoundManSOUNDMAN.EXE = SOUNDMAN.EXE @LXCFCATSrundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCFtime.dll,_RunDLLEntry@16 = rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCFtime.dll,_RunDLLEntry@16 @avast!C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe = C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe @SunJavaUpdateSched"C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe" = "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe" @Anti-Blaxx ManagerC:\Program Files\Anti-Blaxx\Anti-Blaxx.exe = C:\Program Files\Anti-Blaxx\Anti-Blaxx.exe @QuickTime Task"C:\Program Files\QuickTime\qttask.exe" -atboottime = "C:\Program Files\QuickTime\qttask.exe" -atboottime @SweetIMC:\Program Files\Macrogaming\SweetIM\SweetIM.exe = C:\Program Files\Macrogaming\SweetIM\SweetIM.exe @{0228e555-4f9c-4e35-a3ec-b109a192b4c2}C:\Program Files\Google\Gmail Notifier\G001-1.0.25.0\gnotify.exe = C:\Program Files\Google\Gmail Notifier\G001-1.0.25.0\gnotify.exe @CnxDslTaskBar"C:\Program Files\Conexant\AccessRunner ADSL\CnxDslTb.exe" = "C:\Program Files\Conexant\AccessRunner ADSL\CnxDslTb.exe" @Adobe Photo Downloader"C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" = "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" @CloneCDTray"C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s = "C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s @ChangeFilterMeritC:\Program Files\PlayTV DVR\ChangeFilterMerit.exe = C:\Program Files\PlayTV DVR\ChangeFilterMerit.exe @PVRemoteC:\Program Files\PlayTV DVR\Remote\PVRemote.exe = C:\Program Files\PlayTV DVR\Remote\PVRemote.exe @PlayTV DVR MonitorC:\Program Files\PlayTV DVR\Monitor.exe = C:\Program Files\PlayTV DVR\Monitor.exe @TalkAndWriteC:\Documents and Settings\All Users\Application Data\Skype\Plugins\Plugins\1163D2B46CC742E5A3CC9E4157887751\TalkAndWrite.exe /run /file not found/ = C:\Documents and Settings\All Users\Application Data\Skype\Plugins\Plugins\1163D2B46CC742E5A3CC9E4157887751\TalkAndWrite.exe /run /file not found/ @NeroFilterCheckC:\WINDOWS\system32\NeroCheck.exe = C:\WINDOWS\system32\NeroCheck.exe HKCU\Software\Microsoft\Windows\CurrentVersion\Run >>> @msnmsgr~"C:\Program Files\MSN Messenger\msnmsgr.exe" /background /file not found/ = ~"C:\Program Files\MSN Messenger\msnmsgr.exe" /background /file not found/ @BitTorrent"C:\Program Files\BitTorrent\bittorrent.exe" --force_start_minimized /file not found/ = "C:\Program Files\BitTorrent\bittorrent.exe" --force_start_minimized /file not found/ @swgC:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe /file not found/ = C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe /file not found/ @Free Download ManagerC:\Program Files\Free Download Manager\fdm.exe -autorun /file not found/ = C:\Program Files\Free Download Manager\fdm.exe -autorun /file not found/ @MSMSGS"C:\Program Files\Messenger\msmsgs.exe" /background = "C:\Program Files\Messenger\msmsgs.exe" /background @ctfmon.exeC:\WINDOWS\system32\ctfmon.exe = C:\WINDOWS\system32\ctfmon.exe @Skype"C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized = "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved >>> @{42071714-76d4-11d1-8b24-00a0c9068ff3} /Display Panning CPL Extension/deskpan.dll /file not found/ = deskpan.dll /file not found/ @{32683183-48a0-441b-a342-7c2a440a9478} /Media Band/(null) = @{596AB062-B4D2-4215-9F74-E9109B0A8153} /Previous Versions Property Page/C:\WINDOWS\System32\twext.dll = C:\WINDOWS\System32\twext.dll @{9DB7A13C-F208-4981-8353-73CC61AE2783} /Previous Versions/C:\WINDOWS\System32\twext.dll = C:\WINDOWS\System32\twext.dll @{692F0339-CBAA-47e6-B5B5-3B84DB604E87} /Extensions Manager Folder/C:\WINDOWS\System32\extmgr.dll = C:\WINDOWS\System32\extmgr.dll @{472083B0-C522-11CF-8763-00608CC02F24} /avast/C:\Program Files\Alwil Software\Avast4\ashShell.dll = C:\Program Files\Alwil Software\Avast4\ashShell.dll @{B41DB860-8EE4-11D2-9906-E49FADC173CA} /WinRAR shell extension/C:\Program Files\WinRAR\rarext.dll = C:\Program Files\WinRAR\rarext.dll @{42042206-2D85-11D3-8CFF-005004838597} /Microsoft Office HTML Icon Handler/C:\Program Files\Microsoft Office\Office10\msohev.dll = C:\Program Files\Microsoft Office\Office10\msohev.dll @{32020A01-506E-484D-A2A8-BE3CF17601C3} /AlcoholShellEx/(null) = @{9E1ABA02-381E-45CE-A68B-531EF70B2665} /FlashPlayerPlusShellExt/C:\PROGRA~1\FLASHP~1\FPPCM.dll = C:\PROGRA~1\FLASHP~1\FPPCM.dll @{FC9FB64A-1EB2-4CCF-AF5E-1A497A9B5C2D} /Messenger Sharing Folders/C:\Program Files\MSN Messenger\fsshext.8.1.0178.00.dll = C:\Program Files\MSN Messenger\fsshext.8.1.0178.00.dll @{5464D816-CF16-4784-B9F3-75C0DB52B499} /Yahoo! Mail/C:\PROGRA~1\Yahoo!\Common\ymmapi.dll = C:\PROGRA~1\Yahoo!\Common\ymmapi.dll @{BDEADF00-C265-11D0-BCED-00A0C90AB50F} /Web Folders/C:\PROGRA~1\COMMON~1\MICROS~1\WEBFOL~1\MSONSEXT.DLL = C:\PROGRA~1\COMMON~1\MICROS~1\WEBFOL~1\MSONSEXT.DLL @{0006F045-0000-0000-C000-000000000046} /Microsoft Outlook Custom Icon Handler/C:\Program Files\Microsoft Office\Office10\OLKFSTUB.DLL = C:\Program Files\Microsoft Office\Office10\OLKFSTUB.DLL @{4CCEFB41-18FA-11D3-9EF3-00A0C9E897FD} /CorelDRAW Shell Extension Component/C:\Program Files\Corel\Graphics10\Draw\CdrViewer\CrlShell100.dll = C:\Program Files\Corel\Graphics10\Draw\CdrViewer\CrlShell100.dll @{73B24247-042E-4EF5-ADC2-42F62E6FD654} /ICQ Lite Shell Extension/(null) = @{e82a2d71-5b2f-43a0-97b8-81be15854de8} /ShellLink for Application References/C:\WINDOWS\system32\dfshim.dll = C:\WINDOWS\system32\dfshim.dll @{E37E2028-CE1A-4f42-AF05-6CEABC4E5D75} /Shell Icon Handler for Application References/C:\WINDOWS\system32\dfshim.dll = C:\WINDOWS\system32\dfshim.dll @{ABC70703-32AF-11d4-90C4-D483A70F4825} /CMenuExtender/C:\WINDOWS\BricoPacks\Vista Inspirat\iColorFolder\CMExt.dll = C:\WINDOWS\BricoPacks\Vista Inspirat\iColorFolder\CMExt.dll @{00E7B358-F65B-4dcf-83DF-CD026B94BFD4} /Autoplay for SlideShow/(null) = HKLM\Software\Classes\*\shellex\ContextMenuHandlers\ >>> avast@{472083B0-C522-11CF-8763-00608CC02F24} = C:\Program Files\Alwil Software\Avast4\ashShell.dll FlashPlayerPlusShellExt@{9E1ABA02-381E-45CE-A68B-531EF70B2665} = C:\PROGRA~1\FLASHP~1\FPPCM.dll WinRAR@{B41DB860-8EE4-11D2-9906-E49FADC173CA} = C:\Program Files\WinRAR\rarext.dll Yahoo! Mail@{5464D816-CF16-4784-B9F3-75C0DB52B499} = C:\PROGRA~1\Yahoo!\Common\ymmapi.dll HKLM\Software\Classes\Directory\shellex\ContextMenuHandlers\ >>> CMenuExtender@{ABC70703-32AF-11d4-90C4-D483A70F4825} = C:\WINDOWS\BricoPacks\Vista Inspirat\iColorFolder\CMExt.dll ICQLiteMenu@{73B24247-042E-4EF5-ADC2-42F62E6FD654} = WinRAR@{B41DB860-8EE4-11D2-9906-E49FADC173CA} = C:\Program Files\WinRAR\rarext.dll HKLM\Software\Classes\Folder\shellex\ContextMenuHandlers\ >>> avast@{472083B0-C522-11CF-8763-00608CC02F24} = C:\Program Files\Alwil Software\Avast4\ashShell.dll WinRAR@{B41DB860-8EE4-11D2-9906-E49FADC173CA} = C:\Program Files\WinRAR\rarext.dll HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects >>> @{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll = C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll @{53707962-6F74-2D53-2644-206D7942484F}C:\PROGRA~1\SPYBOT~1\SDHelper.dll = C:\PROGRA~1\SPYBOT~1\SDHelper.dll @{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll = C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll @{9030D464-4C02-4ABF-8ECC-5164760863C6}C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll = C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll HKCU\Control Panel\Desktop@SCRNSAVE.EXE = C:\WINDOWS\System32\LAGOON~1.SCR HKLM\Software\Microsoft\Internet Explorer\Main >>> @Default_Page_URLhttp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome = microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome @Start Pagehttp://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home = microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home @Local PageC:\windows\system32\blank.htm = C:\windows\system32\blank.htm HKCU\Software\Microsoft\Internet Explorer\Main >>> @Start Pagehttp://www.google.com/ = google.com/ @Local PageC:\WINDOWS\system32\blank.htm = C:\WINDOWS\system32\blank.htm HKLM\Software\Classes\PROTOCOLS\Handler\ >>> cdo@CLSID = C:\Program Files\Common Files\Microsoft Shared\Web Folders\PKMCDO.DLL dvd@CLSID = C:\WINDOWS\system32\msvidctl.dll ic32pp@CLSID = C:\WINDOWS\wc98pp.dll its@CLSID = C:\WINDOWS\System32\itss.dll livecall@CLSID = C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL mhtml@CLSID = %SystemRoot%\System32\inetcomm.dll ms-its@CLSID = C:\WINDOWS\System32\itss.dll ms-itss@CLSID = C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL msnim@CLSID = C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL mso-offdap@CLSID = C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\10\OWC10.DLL skype4com@CLSID = C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL tv@CLSID = C:\WINDOWS\system32\msvidctl.dll HKLM\Software\Classes\PROTOCOLS\Handler\wia@CLSID = C:\WINDOWS\System32\wiascr.dll C:\Documents and Settings\Jovana_2\Start Menu\Programs\Startup >>> Stardock ObjectDock.lnk = Stardock ObjectDock.lnk Y'z Shadow.lnk = Y'z Shadow.lnk C:\Documents and Settings\All Users\Start Menu\Programs\Startup >>> Microsoft Office.lnk = Microsoft Office.lnk Service Manager.lnk = Service Manager.lnk ---- EOF - GMER 1.0.12 ----

Profil

DEMIAN Poslao: 20 Jun 2007 14:50 Idi na vrh
offline DEMIAN Legendarni građanin IT Manager Pridružio: 25 Mar 2005 Poruke: 3706 Gde živiš: The darkest place on earth..	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Zao mi je sto si se cimala oko upload-a tolikog fajla (upload je ogranicen na max 10mb) prevideo sam da je izmenjen Vista temom koju si instalirala. Pretpostavio sam da je lakse da ga uploadujes kod nas na proveru (normalno je velicine 1-2 mb) nego sama da pogledas ko je "potpisao" fajl. U svakom slucaju nije maliciozan. Problem sa porukom koju dobijas prilikom instalacije i pokretanja pojednih programa je do neceg drugog. Vraticemo se na to kasnije. Pregledao sam ovo sto si postavila i moram da te zamolim za jos jednu proveru pre nego ti napisem metod za uklanjanje ovoga sto vec primecujem na tvom kompu a zasigurno je maliciozno. Fajl je na putanji: `C:\WINDOWS\wc98pp.dll` (trebao bi titi oko 50.5 KB) Ako je fajl opet extremno veliki ili imas drugi neki problema sa upload-om napisi o cemu se radi. Nemoj da se mucis kao prosli put.

Profil

Dzona Poslao: 20 Jun 2007 21:37 Idi na vrh
offline Dzona Novi MyCity građanin Pridružio: 20 Jun 2007 Poruke: 6	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Upload-ovala sam file

Profil

DEMIAN Poslao: 21 Jun 2007 02:53 Idi na vrh
offline DEMIAN Legendarni građanin IT Manager Pridružio: 25 Mar 2005 Poruke: 3706 Gde živiš: The darkest place on earth..	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Ok. Da krenemo onda u otklanjanje ove silne gamadi koju si napatila.. ----------- Prvo: Pkreni program HijackThis, izaberi opciju "Do a System scan only", pronadji sledeće linije i štikliraj ih u onim kvadraticim pored njih. O20 - Winlogon Notify: decstat - cfgd3d.dll (file missing) O20 - Winlogon Notify: dtcclzex - C:\WINDOWS\ Sada klikni na "Fix Checked". Zatvori program. --------------------------- Drugo: Isključi svu Antivirus i Antispyware zaštitu na računaru. Preuzmi i pokreni Stration remover aplikaciju. Na prvom prozoru i popup poruci (tekst je ne Češkom) , izabere se Yes. U sledećem (u kome pita za restart) takodje se izbere Yes. Kada se posle restrarta podige sistem, pojaviće se crni command window na desktopu. Potrebno je sacekati da se operacije koje su u toku zavrse i pojavi tekstualni dokument sa rezultatima ciscenja. Uključi zastitu koju koristiš. ----------------------------- Treće: Preuzeceš programe LSPFix i Winsock XP Fix. Restartuj računar u Safe mode. Safe mode (info link) Pokreni LSPFix.exe, označi opciju “I know what I'm doing.. , klikni na fajl quartz32.dll pa na dugme “>>” i zatim na Finish. Pronađi sledeće fajlove: C:\Windows\wc98pp.dll C:\Windows\system32\quartz32.dll C:\Windows\wmpcd32.dll Zadnja dva spakuj u jedan zip/rar da bi nam ih poslala kasnije na upload. Sada ova tri fajla obriši sa tvog racunara. Restartuj računar u normalan mod. Pokreni WinsockXPFix.exe, pritisni Fix, sačekaj poruku “Repair Completed - Please Reboot”. --------------------------------------------- Napravi novi HijackThis log i postuj ga na forum.

Profil

Dzona Poslao: 22 Jun 2007 11:15 Idi na vrh
offline Dzona Novi MyCity građanin Pridružio: 20 Jun 2007 Poruke: 6	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uradila sam prva dva, ali kada hocu da restartujem racunar u safe modu izadje mi plavi ekran na kome pise " Please select boot device" i ponudjene tri opcije :/

Profil

DEMIAN Poslao: 22 Jun 2007 16:55 Idi na vrh
offline DEMIAN Legendarni građanin IT Manager Pridružio: 25 Mar 2005 Poruke: 3706 Gde živiš: The darkest place on earth..	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Kapiram problem.. Probaćeš onda ovako: http://www.mycity.rs/Uputstva-sa-ex-SuperSajta/Ula.....ws-XP.html Čitaj pažljivo taj link, posebno obrati pažnju na deo koji govori o vraćanju windowsa u normalan mod. Kada odradiš korak 3 koji ti je preostao i podigneš sistem normalno resićes usput i problem sa onom porukom na početku ove teme. MS o problemu kaze sledece: Citat:Similar problems and solutions You may receive a similar error message that references Shell32.dll when you run AVG Anti-Virus Control Center from Grisoft, Inc. This problem occurs if you are also running BricoPack Vista Inspirat from CrystalXP. To resolve this problem, uninstall BricoPack Vista Inspirat. http://support.microsoft.com/?kbid=935448 ------------------- Napiši da li je deinstalacija te Vista teme rešila problem, postavi logove za HJT i gmer i nemoj da zaboraviš da ako je to izvodljivo odradiš upload onih fajlova koje sam ti gore pomenuo. Bitno nam je.

Profil

MyCity » Ambulanta -> Arhiva Ambulante » zabranjenoov / Stration worm + Adware.roogoo

Ko je trenutno na forumu

Ukupno su 862 korisnika na forumu :: 47 registrovanih, 7 sakrivenih i 808 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: ajo baba, babaroga, bato, Battlehammer, Bobrock1, Bojan5150, brundo65, dankisha, darkojbn, doktor123, doktor1964, DonRumataEstorski, GORDI, Istman, ivicasimo, Joja, kikisp, Kriglord, kybonacci, Lazarus, mačković, mgolub, Mi lao shu, mile23, milenko crazy north, milos.cbr, MiroslavD, nextyamb, NoOneEver Dreams, opt1, pacika, Panter, panzerwaffe, saputnik plavetnila, Sićko, Srle993, theNedjeljko, Tvrtko I, vaso1, vlad4, Vlada1389, vobo, Wrangler, xaver, zlaya011, Žrnov, šumar bk2

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by