View Full Version : Taskmanager: colonna utente vuota
foxmolder5
03-03-2007, 13:44
ho notato un notevole rallentamento nell'apertura del taskmanager, ed in particolare il rallentamento č visibile nella realizzazione dei grafici e sottofinestre del taskmanager, inoltre nella finestra che mostra la lista dei processi per ogni processo il campo utente č vuoto, oppure (utilizzando un altro utente) č composto da quadrati. non so a cosa sia imputabile, ma penso che possa essere causato dall'installazione dell'ultima versione del kis poichč prima non avevo notato nulla del genere. nel kis avevo attivato "abilita controllo integritą applicazione" e quindi riscontrando questo prob ho inserito il taskmanager come applicazione sicura, ma per ora nn č cambiato nulla. ho effettuato una scansione con spyboot e non mi ha rilevato nulla, il kis non mi rileva nulla, ho trovato solo un virus associato al file dlhost.dll che ho eliminato attraverso l'apposito tool di rimozione, ma ora nn cambia nulla. nella lista processi vi sono tutti processi conosciuti e nessuno sospetto.qualcuno ha riscontrato qualche prob simile?
intanto vi riporto il log di hj (mentre facevo la scansione online tramite trend micro)
Logfile of HijackThis v1.99.1
Scan saved at 9.42.24, on 03/03/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16414)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programmi\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe
C:\Programmi\File comuni\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Programmi\Raxco\PerfectDisk\PDAgent.exe
C:\WINDOWS\Explorer.EXE
C:\Programmi\NVIDIA Corporation\NvMixer\NVMixerTray.exe
C:\Programmi\Microsoft IntelliPoint\point32.exe
C:\WINDOWS\system32\GSICON.EXE
C:\WINDOWS\system32\dslagent.exe
C:\Programmi\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\Programmi\emule\eMule.exe
C:\hijackthis\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre1.5.0_11\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [NVMixerTray] "C:\Programmi\NVIDIA Corporation\NvMixer\NVMixerTray.exe"
O4 - HKLM\..\Run: [AtiPTA] atiptaxx.exe
O4 - HKLM\..\Run: [IntelliPoint] "C:\Programmi\Microsoft IntelliPoint\point32.exe"
O4 - HKLM\..\Run: [GSICONEXE] GSICON.EXE
O4 - HKLM\..\Run: [DSLAGENTEXE] dslagent.exe USB
O4 - HKLM\..\Run: [AVP] "C:\Programmi\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: No-IP DUC.lnk = C:\Programmi\No-IP\DUC20.exe
O8 - Extra context menu item: Aggiungi ad Anti-Banner - C:\Programmi\Kaspersky Lab\Kaspersky Internet Security 6.0\ie_banner_deny.htm
O8 - Extra context menu item: Converti destinazione link in Adobe PDF - res://C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Converti destinazione link in file PDF esistente - res://C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Converti i link selezionati in Adobe PDF - res://C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Converti i link selezionati in file PDF esistente - res://C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Converti in Adobe PDF - res://C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Converti nel file PDF esistente - res://C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Converti selezione in Adobe PDF - res://C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Converti selezione in file PDF esistente - res://C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra button: Anti-virus web - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Programmi\Kaspersky Lab\Kaspersky Internet Security 6.0\scieplugin.dll
O9 - Extra button: Ricerche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\MSMSGS.EXE (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\MSMSGS.EXE (file missing)
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsu...?1170451385916
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsof...?1170462222921
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/ge...sh/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{9C36AB3B-2CDC-45A0-9E43-FA33A0AF3E4F}: NameServer = 85.37.17.12 85.38.28.63
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FILECO~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1.0\adialhk.dll
O20 - Winlogon Notify: klogon - C:\WINDOWS\system32\klogon.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Programmi\File comuni\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Kaspersky Internet Security 6.0 (AVP) - Unknown owner - C:\Programmi\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe" -r (file missing)
O23 - Service: Applicazione di sistema COM+ (COMSysApp) - Unknown owner - C:\WINDOWS\system32\dllhost.exe (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Programmi\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: PDAgent - Raxco Software, Inc. - C:\Programmi\Raxco\PerfectDisk\PDAgent.exe
O23 - Service: PDEngine - Raxco Software, Inc. - C:\Programmi\Raxco\PerfectDisk\PDEngine.exe
O23 - Service: MS Software Shadow Copy Provider (SwPrv) - Unknown owner - C:\WINDOWS\system32\dllhost.exe (file missing)
foxmolder5
03-03-2007, 13:47
scan di autostart con gmer:
GMER 1.0.12.12027 - http://www.gmer.net
Autostart scan 2007-03-03 14:46:41
Windows 5.1.2600 Service Pack 2
HKLM\SYSTEM\CurrentControlSet\Control\Session Manager@BootExecute = PDBoot.exe autocheck autochk *
HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems@Windows = %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,3072,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon@Userinit = C:\WINDOWS\system32\userinit.exe,
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ >>>
AtiExtEvent@DLLName = Ati2evxx.dll
klogon@DLLName = C:\WINDOWS\system32\klogon.dll
WgaLogon@DLLName = WgaLogon.dll
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Windows@AppInit_DLLs = C:\PROGRA~1\KASPER~1\KASPER~1.0\adialhk.dll
HKLM\SYSTEM\CurrentControlSet\Services\ >>>
ATI Smart /*ATI Smart*/@ = C:\WINDOWS\system32\ati2sgag.exe
AVP /*Kaspersky Internet Security 6.0*/@ = "C:\Programmi\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe" -r
MDM /*Machine Debug Manager*/@ = "C:\Programmi\File comuni\Microsoft Shared\VS7DEBUG\MDM.EXE"
PDAgent /*PDAgent*/@ = C:\Programmi\Raxco\PerfectDisk\PDAgent.exe
Spooler /*Spooler di stampa*/@ = %SystemRoot%\system32\spoolsv.exe
HKLM\Software\Microsoft\Windows\CurrentVersion\Run >>>
@NVMixerTray"C:\Programmi\NVIDIA Corporation\NvMixer\NVMixerTray.exe" = "C:\Programmi\NVIDIA Corporation\NvMixer\NVMixerTray.exe"
@AtiPTAatiptaxx.exe = atiptaxx.exe
@IntelliPoint"C:\Programmi\Microsoft IntelliPoint\point32.exe" = "C:\Programmi\Microsoft IntelliPoint\point32.exe"
@GSICONEXEGSICON.EXE = GSICON.EXE
@DSLAGENTEXEdslagent.exe USB = dslagent.exe USB
@AVP"C:\Programmi\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe" = "C:\Programmi\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe"
HKCU\Software\Microsoft\Windows\CurrentVersion\Run@CTFMON.EXE = C:\WINDOWS\system32\ctfmon.exe
HKLM\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad@WPDShServiceObj = C:\WINDOWS\system32\WPDShServiceObj.dll
HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved >>>
@{42071714-76d4-11d1-8b24-00a0c9068ff3} /*Estensione panoramica video del Pannello di controllo*/deskpan.dll /*file not found*/ = deskpan.dll /*file not found*/
@{596AB062-B4D2-4215-9F74-E9109B0A8153} /*Pagina proprietą versioni precedenti*/%SystemRoot%\system32\twext.dll = %SystemRoot%\system32\twext.dll
@{9DB7A13C-F208-4981-8353-73CC61AE2783} /*Versioni precedenti*/%SystemRoot%\system32\twext.dll = %SystemRoot%\system32\twext.dll
@{30D02401-6A81-11d0-8274-00C04FD5AE38} /*IE Search Band*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{3028902F-6374-48b2-8DC6-9725E775B926} /*IE AutoComplete*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{E7E4BC40-E76A-11CE-A9BB-00AA004AE837} /*Shell DocObject Viewer*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{FBF23B40-E3F0-101B-8488-00AA003E56F8} /*InternetShortcut*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{3C374A40-BAE4-11CF-BF7D-00AA006946EE} /*Microsoft Url History Service*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{FF393560-C2A7-11CF-BFF4-444553540000} /*History*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{7BD29E00-76C1-11CF-9DD0-00A0C9034933} /*Temporary Internet Files*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{7BD29E01-76C1-11CF-9DD0-00A0C9034933} /*Temporary Internet Files*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{CFBFAE00-17A6-11D0-99CB-00C04FD64497} /*Microsoft Url Search Hook*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{3DC7A020-0ACD-11CF-A9BB-00AA004AE837} /*The Internet*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{871C5380-42A0-1069-A2EA-08002B30309D} /*Internet Name Space*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{00E7B358-F65B-4dcf-83DF-CD026B94BFD4} /*Autoplay for SlideShow*/(null) =
@{692F0339-CBAA-47e6-B5B5-3B84DB604E87} /*Extensions Manager Folder*/C:\WINDOWS\system32\extmgr.dll = C:\WINDOWS\system32\extmgr.dll
@{20082881-FC36-4E47-9A7A-644C95FF749F} /*IntelliPoint Wireless Control Panel Property Page*/"C:\Programmi\Microsoft IntelliPoint\ipcplwir.dll" = "C:\Programmi\Microsoft IntelliPoint\ipcplwir.dll"
@{AF90F543-6A3A-4C1B-8B16-ECEC073E69BE} /*IntelliPoint Wheel Control Panel Property Page*/"C:\Programmi\Microsoft IntelliPoint\ipcplwhl.dll" = "C:\Programmi\Microsoft IntelliPoint\ipcplwhl.dll"
@{653DCCC2-13DB-45B2-A389-427885776CFE} /*IntelliPoint Activities Control Panel Property Page*/"C:\Programmi\Microsoft IntelliPoint\ipcplact.dll" = "C:\Programmi\Microsoft IntelliPoint\ipcplact.dll"
@{124597D8-850A-41AE-849C-017A4FA99CA2} /*IntelliPoint Buttons Control Panel Property Page*/"C:\Programmi\Microsoft IntelliPoint\ipcplbtn.dll" = "C:\Programmi\Microsoft IntelliPoint\ipcplbtn.dll"
@{BDEADF00-C265-11D0-BCED-00A0C90AB50F} /*Cartelle Web*/C:\PROGRA~1\FILECO~1\MICROS~1\WEBFOL~1\MSONSEXT.DLL = C:\PROGRA~1\FILECO~1\MICROS~1\WEBFOL~1\MSONSEXT.DLL
@{42042206-2D85-11D3-8CFF-005004838597} /*Microsoft Office HTML Icon Handler*/C:\Programmi\Microsoft Office\OFFICE11\msohev.dll = C:\Programmi\Microsoft Office\OFFICE11\msohev.dll
@{e82a2d71-5b2f-43a0-97b8-81be15854de8} /*ShellLink for Application References*/C:\WINDOWS\system32\dfshim.dll = C:\WINDOWS\system32\dfshim.dll
@{E37E2028-CE1A-4f42-AF05-6CEABC4E5D75} /*Shell Icon Handler for Application References*/C:\WINDOWS\system32\dfshim.dll = C:\WINDOWS\system32\dfshim.dll
@{45670FA8-ED97-4F44-BC93-305082590BFB} /*Microsoft.XPS.Shell.Metadata.1*/%SystemRoot%\System32\XPSSHHDR.DLL = %SystemRoot%\System32\XPSSHHDR.DLL
@{44121072-A222-48f2-A58A-6D9AD51EBBE9} /*Microsoft.XPS.Shell.Thumbnail.1*/%SystemRoot%\System32\XPSSHHDR.DLL = %SystemRoot%\System32\XPSSHHDR.DLL
@{FC9FB64A-1EB2-4CCF-AF5E-1A497A9B5C2D} /*Messenger Sharing Folders*/C:\Programmi\MSN Messenger\fsshext.8.1.0178.00.dll = C:\Programmi\MSN Messenger\fsshext.8.1.0178.00.dll
@{07C45BB1-4A8C-4642-A1F5-237E7215FF66} /*IE Microsoft BrowserBand*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{1C1EDB47-CE22-4bbb-B608-77B48F83C823} /*IE Fade Task*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{205D7A97-F16D-4691-86EF-F3075DCCA57D} /*IE Menu Desk Bar*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{43886CD5-6529-41c4-A707-7B3C92C05E68} /*IE Navigation Bar*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{44C76ECD-F7FA-411c-9929-1B77BA77F524} /*IE Menu Site*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{4B78D326-D922-44f9-AF2A-07805C2A3560} /*IE Menu Band*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{6038EF75-ABFC-4e59-AB6F-12D397F6568D} /*IE Microsoft History AutoComplete List*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{6B4ECC4F-16D1-4474-94AB-5A763F2A54AE} /*IE Tracking Shell Menu*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{6CF48EF8-44CD-45d2-8832-A16EA016311B} /*IE IShellFolderBand*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{73CFD649-CD48-4fd8-A272-2070EA56526B} /*IE BandProxy*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{98FF6D4B-6387-4b0a-8FBD-C5C4BB17B4F8} /*IE MRU AutoComplete List*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{9A096BB5-9DC3-4D1C-8526-C3CBF991EA4E} /*IE RSS Feeder Folder*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{9D958C62-3954-4b44-8FAB-C4670C1DB4C2} /*IE Microsoft Shell Folder AutoComplete List*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{B31C5FAE-961F-415b-BAF0-E697A5178B94} /*IE Microsoft Multiple AutoComplete List Container*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{BC476F4C-D9D7-4100-8D4E-E043F6DEC409} /*Microsoft Browser Architecture*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{BFAD62EE-9D54-4b2a-BF3B-76F90697BD2A} /*IE Shell Rebar BandSite*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{E6EE9AAC-F76B-4947-8260-A9F136138E11} /*IE Shell Band Site Menu*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{F2CF5485-4E02-4f68-819C-B92DE9277049} /*&Links*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{F83DAC1C-9BB9-4f2b-B619-09819DA81B0E} /*IE Registry Tree Options Utility*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{FAC3CBF6-8697-43d0-BAB9-DCD1FCE19D75} /*IE User Assist*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{FDE7673D-2E19-4145-8376-BBD58C4BC7BA} /*IE Custom MRU AutoCompleted List*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{35786D3C-B075-49b9-88DD-029876E11C01} /*Portable Devices*/%SystemRoot%\system32\wpdshext.dll = %SystemRoot%\system32\wpdshext.dll
@{D6791A63-E7E2-4fee-BF52-5DED8E86E9B8} /*Portable Devices Menu*/%SystemRoot%\system32\wpdshext.dll = %SystemRoot%\system32\wpdshext.dll
@{D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802} /*Adobe.Acrobat.ContextMenu*/C:\Programmi\Adobe\Acrobat 7.0\Acrobat Elements\ContextMenu.dll = C:\Programmi\Adobe\Acrobat 7.0\Acrobat Elements\ContextMenu.dll
@{85E0B171-04FA-11D1-B7DA-00A0C90348D6} /*Anti-virus web*/C:\Programmi\Kaspersky Lab\Kaspersky Internet Security 6.0\scieplugin.dll = C:\Programmi\Kaspersky Lab\Kaspersky Internet Security 6.0\scieplugin.dll
HKLM\Software\Classes\*\shellex\ContextMenuHandlers\ >>>
Adobe.Acrobat.ContextMenu@{D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802} = C:\Programmi\Adobe\Acrobat 7.0\Acrobat Elements\ContextMenu.dll
Kaspersky Anti-Virus@{dd230880-495a-11d1-b064-008048ec2fc5} = C:\Programmi\Kaspersky Lab\Kaspersky Internet Security 6.0\ShellEx.dll
HKLM\Software\Classes\Folder\shellex\ContextMenuHandlers\Kaspersky Anti-Virus@{dd230880-495a-11d1-b064-008048ec2fc5} = C:\Programmi\Kaspersky Lab\Kaspersky Internet Security 6.0\ShellEx.dll
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects >>>
@{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}C:\Programmi\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll = C:\Programmi\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
@{53707962-6F74-2D53-2644-206D7942484F}C:\PROGRA~1\SPYBOT~1\SDHelper.dll = C:\PROGRA~1\SPYBOT~1\SDHelper.dll
@{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}C:\Programmi\Java\jre1.5.0_11\bin\ssv.dll = C:\Programmi\Java\jre1.5.0_11\bin\ssv.dll
@{AE7CD045-E861-484f-8273-0445EE161910}C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll = C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
HKLM\Software\Microsoft\Internet Explorer\Main >>>
@Default_Page_URLhttp://go.microsoft.com/fwlink/?LinkId=69157 = http://go.microsoft.com/fwlink/?LinkId=69157
@Start Pagehttp://go.microsoft.com/fwlink/?LinkId=69157 = http://go.microsoft.com/fwlink/?LinkId=69157
@Local Page%SystemRoot%\system32\blank.htm = %SystemRoot%\system32\blank.htm
HKCU\Software\Microsoft\Internet Explorer\Main >>>
@Start Pagehttp://www.google.com/ = http://www.google.com/
@Local PageC:\WINDOWS\system32\blank.htm = C:\WINDOWS\system32\blank.htm
HKLM\Software\Classes\PROTOCOLS\Filter\text/xml@CLSID = C:\Programmi\File comuni\Microsoft Shared\OFFICE11\MSOXMLMF.DLL
HKLM\Software\Classes\PROTOCOLS\Handler\ >>>
dvd@CLSID = C:\WINDOWS\system32\msvidctl.dll
its@CLSID = C:\WINDOWS\system32\itss.dll
livecall@CLSID = C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
mhtml@CLSID = %SystemRoot%\system32\inetcomm.dll
ms-its@CLSID = C:\WINDOWS\system32\itss.dll
ms-itss@CLSID = C:\Programmi\File comuni\Microsoft Shared\Information Retrieval\MSITSS.DLL
msnim@CLSID = C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
mso-offdap@CLSID = C:\PROGRA~1\FILECO~1\MICROS~1\WEBCOM~1\10\OWC10.DLL
mso-offdap11@CLSID = C:\PROGRA~1\FILECO~1\MICROS~1\WEBCOM~1\11\OWC11.DLL
skype4com@CLSID = C:\PROGRA~1\FILECO~1\Skype\SKYPE4~1.DLL
tv@CLSID = C:\WINDOWS\system32\msvidctl.dll
HKLM\Software\Classes\PROTOCOLS\Handler\wia@CLSID = C:\WINDOWS\system32\wiascr.dll
C:\Documents and Settings\All Users\Menu Avvio\Programmi\Esecuzione automatica = No-IP DUC.lnk
---- EOF - GMER 1.0.12 ----
foxmolder5
03-03-2007, 14:01
e questo č il log rootkit di gmer:
GMER 1.0.12.12027 - http://www.gmer.net
Rootkit scan 2007-03-03 15:01:05
Windows 5.1.2600 Service Pack 2
---- System - GMER 1.0.12 ----
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwClose
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwCreateKey
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwCreateProcess
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwCreateProcessEx
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwCreateSection
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwCreateSymbolicLinkObject
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwCreateThread
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwDeleteKey
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwDeleteValueKey
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwDuplicateObject
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwEnumerateKey
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwEnumerateValueKey
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwFlushKey
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwInitializeRegistry
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwLoadKey
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwLoadKey2
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwNotifyChangeKey
SSDT kl1.sys ZwOpenFile
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwOpenKey
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwOpenProcess
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwOpenSection
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwQueryKey
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwQueryMultipleValueKey
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwQuerySystemInformation
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwQueryValueKey
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwReplaceKey
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwRestoreKey
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwResumeThread
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwSaveKey
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwSetContextThread
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwSetInformationFile
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwSetInformationKey
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwSetInformationProcess
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwSetSecurityObject
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwSetValueKey
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwSuspendThread
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwTerminateProcess
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwUnloadKey
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwWriteVirtualMemory
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys SSDT[284]
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys SSDT[285]
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys SSDT[286]
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys SSDT[287]
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys SSDT[288]
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys SSDT[289]
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys SSDT[290]
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys SSDT[291]
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys SSDT[292]
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys SSDT[293]
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys SSDT[294]
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys SSDT[295]
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys SSDT[296]
Code \??\C:\WINDOWS\system32\drivers\klif.sys FsRtlCheckLockForReadAccess
Code \??\C:\WINDOWS\system32\drivers\klif.sys IoIsOperationSynchronous
---- Kernel code sections - GMER 1.0.12 ----
.text ntoskrnl.exe!KiDispatchInterrupt + BA 804DB92E 7 Bytes JMP B2E773C0 \??\C:\WINDOWS\system32\drivers\klif.sys
.text ntoskrnl.exe!IoIsOperationSynchronous 804E8752 5 Bytes JMP B2E74400 \??\C:\WINDOWS\system32\drivers\klif.sys
.text ntoskrnl.exe!FsRtlCheckLockForReadAccess 804FBE09 5 Bytes JMP B2E73F00 \??\C:\WINDOWS\system32\drivers\klif.sys
.text USBPORT.SYS!DllUnload F6DA162C 5 Bytes JMP 862C53C0
.text ntdll.dll!NtClose 7C91D586 5 Bytes JMP 7203407A
.text ntdll.dll!NtCreateProcess 7C91D754 5 Bytes JMP 72034205
.text ntdll.dll!NtCreateProcessEx 7C91D769 5 Bytes JMP 720340E9
.text ntdll.dll!NtCreateSection 7C91D793 5 Bytes JMP 72034098
---- Devices - GMER 1.0.12 ----
Device \FileSystem\Ntfs \Ntfs IRP_MJ_CREATE 867631D8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_CLOSE 867631D8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_READ 867631D8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_WRITE 867631D8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_INFORMATION 867631D8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_SET_INFORMATION 867631D8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_EA 867631D8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_SET_EA 867631D8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_FLUSH_BUFFERS 867631D8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_VOLUME_INFORMATION 867631D8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_SET_VOLUME_INFORMATION 867631D8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_DIRECTORY_CONTROL 867631D8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_FILE_SYSTEM_CONTROL 867631D8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_DEVICE_CONTROL 867631D8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_SHUTDOWN 867631D8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_LOCK_CONTROL 867631D8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_CLEANUP 867631D8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_SECURITY 867631D8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_SET_SECURITY 867631D8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_QUOTA 867631D8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_SET_QUOTA 867631D8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_PNP 867631D8
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_CREATE 84AD4980
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_CLOSE 84AD4980
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_READ 84AD4980
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_WRITE 84AD4980
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_QUERY_INFORMATION 84AD4980
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_SET_INFORMATION 84AD4980
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_QUERY_EA 84AD4980
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_SET_EA 84AD4980
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_FLUSH_BUFFERS 84AD4980
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_QUERY_VOLUME_INFORMATION 84AD4980
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_SET_VOLUME_INFORMATION 84AD4980
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_DIRECTORY_CONTROL 84AD4980
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_FILE_SYSTEM_CONTROL 84AD4980
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_DEVICE_CONTROL 84AD4980
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_SHUTDOWN 84AD4980
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_LOCK_CONTROL 84AD4980
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_CLEANUP 84AD4980
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_PNP 84AD4980
Device \Driver\NetBT \Device\NetBT_Tcpip_{2381ADC1-495F-47A8-9EA7-C6BD368F6633} IRP_MJ_CREATE 862D81D8
Device \Driver\NetBT \Device\NetBT_Tcpip_{2381ADC1-495F-47A8-9EA7-C6BD368F6633} IRP_MJ_CLOSE 862D81D8
Device \Driver\NetBT \Device\NetBT_Tcpip_{2381ADC1-495F-47A8-9EA7-C6BD368F6633} IRP_MJ_DEVICE_CONTROL 862D81D8
Device \Driver\NetBT \Device\NetBT_Tcpip_{2381ADC1-495F-47A8-9EA7-C6BD368F6633} IRP_MJ_INTERNAL_DEVICE_CONTROL 862D81D8
Device \Driver\NetBT \Device\NetBT_Tcpip_{2381ADC1-495F-47A8-9EA7-C6BD368F6633} IRP_MJ_CLEANUP 862D81D8
Device \Driver\NetBT \Device\NetBT_Tcpip_{2381ADC1-495F-47A8-9EA7-C6BD368F6633} IRP_MJ_PNP 862D81D8
Device \Driver\usbohci \Device\USBPDO-0 IRP_MJ_CREATE 862A9980
Device \Driver\usbohci \Device\USBPDO-0 IRP_MJ_CLOSE 862A9980
Device \Driver\usbohci \Device\USBPDO-0 IRP_MJ_DEVICE_CONTROL 862A9980
Device \Driver\usbohci \Device\USBPDO-0 IRP_MJ_INTERNAL_DEVICE_CONTROL 862A9980
Device \Driver\usbohci \Device\USBPDO-0 IRP_MJ_POWER 862A9980
Device \Driver\usbohci \Device\USBPDO-0 IRP_MJ_SYSTEM_CONTROL 862A9980
Device \Driver\usbohci \Device\USBPDO-0 IRP_MJ_PNP 862A9980
Device \Driver\usbohci \Device\USBPDO-1 IRP_MJ_CREATE 862A9980
Device \Driver\usbohci \Device\USBPDO-1 IRP_MJ_CLOSE 862A9980
Device \Driver\usbohci \Device\USBPDO-1 IRP_MJ_DEVICE_CONTROL 862A9980
Device \Driver\usbohci \Device\USBPDO-1 IRP_MJ_INTERNAL_DEVICE_CONTROL 862A9980
Device \Driver\usbohci \Device\USBPDO-1 IRP_MJ_POWER 862A9980
Device \Driver\usbohci \Device\USBPDO-1 IRP_MJ_SYSTEM_CONTROL 862A9980
Device \Driver\usbohci \Device\USBPDO-1 IRP_MJ_PNP 862A9980
Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_CREATE 867D31D8
Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_CLOSE 867D31D8
Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_READ 867D31D8
Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_WRITE 867D31D8
Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_FLUSH_BUFFERS 867D31D8
Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_DEVICE_CONTROL 867D31D8
Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_INTERNAL_DEVICE_CONTROL 867D31D8
Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_SHUTDOWN 867D31D8
Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_POWER 867D31D8
Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_SYSTEM_CONTROL 867D31D8
Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_PNP 867D31D8
Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_CREATE 867D31D8
Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_CLOSE 867D31D8
Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_READ 867D31D8
Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_WRITE 867D31D8
Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_FLUSH_BUFFERS 867D31D8
Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_DEVICE_CONTROL 867D31D8
Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_INTERNAL_DEVICE_CONTROL 867D31D8
Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_SHUTDOWN 867D31D8
Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_POWER 867D31D8
Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_SYSTEM_CONTROL 867D31D8
Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_PNP 867D31D8
Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_CREATE 867D31D8
Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_CLOSE 867D31D8
Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_READ 867D31D8
Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_WRITE 867D31D8
Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_FLUSH_BUFFERS 867D31D8
Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_DEVICE_CONTROL 867D31D8
Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_INTERNAL_DEVICE_CONTROL 867D31D8
Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_SHUTDOWN 867D31D8
Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_POWER 867D31D8
Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_SYSTEM_CONTROL 867D31D8
Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_PNP 867D31D8
Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_CREATE 867D31D8
Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_CLOSE 867D31D8
Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_READ 867D31D8
Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_WRITE 867D31D8
Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_FLUSH_BUFFERS 867D31D8
Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_DEVICE_CONTROL 867D31D8
Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_INTERNAL_DEVICE_CONTROL 867D31D8
Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_SHUTDOWN 867D31D8
Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_POWER 867D31D8
Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_SYSTEM_CONTROL 867D31D8
Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_PNP 867D31D8
Device \Driver\usbehci \Device\USBPDO-2 IRP_MJ_CREATE 862C41D8
Device \Driver\usbehci \Device\USBPDO-2 IRP_MJ_CLOSE 862C41D8
Device \Driver\usbehci \Device\USBPDO-2 IRP_MJ_DEVICE_CONTROL 862C41D8
Device \Driver\usbehci \Device\USBPDO-2 IRP_MJ_INTERNAL_DEVICE_CONTROL 862C41D8
Device \Driver\usbehci \Device\USBPDO-2 IRP_MJ_POWER 862C41D8
Device \Driver\usbehci \Device\USBPDO-2 IRP_MJ_SYSTEM_CONTROL 862C41D8
Device \Driver\usbehci \Device\USBPDO-2 IRP_MJ_PNP 862C41D8
Device \Driver\00000036 \Device\00000047 IRP_MJ_POWER [F7746D74] sptd.sys
Device \Driver\00000036 \Device\00000047 IRP_MJ_SYSTEM_CONTROL [F77602A2] sptd.sys
Device \Driver\00000036 \Device\00000047 IRP_MJ_PNP [F7761228] sptd.sys
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_CREATE 867661D8
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_READ 867661D8
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_WRITE 867661D8
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_FLUSH_BUFFERS 867661D8
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_DEVICE_CONTROL 867661D8
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_INTERNAL_DEVICE_CONTROL 867661D8
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_SHUTDOWN 867661D8
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_CLEANUP 867661D8
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_POWER 867661D8
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_SYSTEM_CONTROL 867661D8
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_PNP 867661D8
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_CREATE 862251D8
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_CLOSE 862251D8
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_READ 862251D8
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_WRITE 862251D8
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_FLUSH_BUFFERS 862251D8
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_DEVICE_CONTROL 862251D8
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_INTERNAL_DEVICE_CONTROL 862251D8
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_SHUTDOWN 862251D8
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_POWER 862251D8
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_SYSTEM_CONTROL 862251D8
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_PNP 862251D8
Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_CREATE 867661D8
Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_READ 867661D8
Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_WRITE 867661D8
Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_FLUSH_BUFFERS 867661D8
Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_DEVICE_CONTROL 867661D8
Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_INTERNAL_DEVICE_CONTROL 867661D8
Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_SHUTDOWN 867661D8
Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_CLEANUP 867661D8
Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_POWER 867661D8
Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_SYSTEM_CONTROL 867661D8
Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_PNP 867661D8
Device \Driver\Ftdisk \Device\HarddiskVolume3 IRP_MJ_CREATE 867661D8
Device \Driver\Ftdisk \Device\HarddiskVolume3 IRP_MJ_READ 867661D8
Device \Driver\Ftdisk \Device\HarddiskVolume3 IRP_MJ_WRITE 867661D8
Device \Driver\Ftdisk \Device\HarddiskVolume3 IRP_MJ_FLUSH_BUFFERS 867661D8
Device \Driver\Ftdisk \Device\HarddiskVolume3 IRP_MJ_DEVICE_CONTROL 867661D8
Device \Driver\Ftdisk \Device\HarddiskVolume3 IRP_MJ_INTERNAL_DEVICE_CONTROL 867661D8
Device \Driver\Ftdisk \Device\HarddiskVolume3 IRP_MJ_SHUTDOWN 867661D8
Device \Driver\Ftdisk \Device\HarddiskVolume3 IRP_MJ_CLEANUP 867661D8
Device \Driver\Ftdisk \Device\HarddiskVolume3 IRP_MJ_POWER 867661D8
Device \Driver\Ftdisk \Device\HarddiskVolume3 IRP_MJ_SYSTEM_CONTROL 867661D8
Device \Driver\Ftdisk \Device\HarddiskVolume3 IRP_MJ_PNP 867661D8
Device \Driver\Ftdisk \Device\HarddiskVolume4 IRP_MJ_CREATE 867661D8
Device \Driver\Ftdisk \Device\HarddiskVolume4 IRP_MJ_READ 867661D8
Device \Driver\Ftdisk \Device\HarddiskVolume4 IRP_MJ_WRITE 867661D8
Device \Driver\Ftdisk \Device\HarddiskVolume4 IRP_MJ_FLUSH_BUFFERS 867661D8
Device \Driver\Ftdisk \Device\HarddiskVolume4 IRP_MJ_DEVICE_CONTROL 867661D8
Device \Driver\Ftdisk \Device\HarddiskVolume4 IRP_MJ_INTERNAL_DEVICE_CONTROL 867661D8
Device \Driver\Ftdisk \Device\HarddiskVolume4 IRP_MJ_SHUTDOWN 867661D8
Device \Driver\Ftdisk \Device\HarddiskVolume4 IRP_MJ_CLEANUP 867661D8
Device \Driver\Ftdisk \Device\HarddiskVolume4 IRP_MJ_POWER 867661D8
Device \Driver\Ftdisk \Device\HarddiskVolume4 IRP_MJ_SYSTEM_CONTROL 867661D8
Device \Driver\Ftdisk \Device\HarddiskVolume4 IRP_MJ_PNP 867661D8
Device \Driver\nvatabus \Device\00000067 IRP_MJ_CREATE 867641D8
Device \Driver\nvatabus \Device\00000067 IRP_MJ_CREATE_NAMED_PIPE 867641D8
Device \Driver\nvatabus \Device\00000067 IRP_MJ_CLOSE 867641D8
Device \Driver\nvatabus \Device\00000067 IRP_MJ_READ 867641D8
Device \Driver\nvatabus \Device\00000067 IRP_MJ_WRITE 867641D8
Device \Driver\nvatabus \Device\00000067 IRP_MJ_QUERY_INFORMATION 867641D8
Device \Driver\nvatabus \Device\00000067 IRP_MJ_SET_INFORMATION 867641D8
Device \Driver\nvatabus \Device\00000067 IRP_MJ_QUERY_EA 867641D8
Device \Driver\nvatabus \Device\00000067 IRP_MJ_SET_EA 867641D8
Device \Driver\nvatabus \Device\00000067 IRP_MJ_FLUSH_BUFFERS 867641D8
Device \Driver\nvatabus \Device\00000067 IRP_MJ_QUERY_VOLUME_INFORMATION 867641D8
Device \Driver\nvatabus \Device\00000067 IRP_MJ_SET_VOLUME_INFORMATION 867641D8
Device \Driver\nvatabus \Device\00000067 IRP_MJ_DIRECTORY_CONTROL 867641D8
Device \Driver\nvatabus \Device\00000067 IRP_MJ_FILE_SYSTEM_CONTROL 867641D8
Device \Driver\nvatabus \Device\00000067 IRP_MJ_DEVICE_CONTROL 867641D8
Device \Driver\nvatabus \Device\00000067 IRP_MJ_INTERNAL_DEVICE_CONTROL 867641D8
Device \Driver\nvatabus \Device\00000067 IRP_MJ_SHUTDOWN 867641D8
Device \Driver\nvatabus \Device\00000067 IRP_MJ_LOCK_CONTROL 867641D8
Device \Driver\nvatabus \Device\00000067 IRP_MJ_CLEANUP 867641D8
Device \Driver\nvatabus \Device\00000067 IRP_MJ_CREATE_MAILSLOT 867641D8
Device \Driver\nvatabus \Device\00000067 IRP_MJ_QUERY_SECURITY 867641D8
Device \Driver\nvatabus \Device\00000067 IRP_MJ_SET_SECURITY 867641D8
Device \Driver\nvatabus \Device\00000067 IRP_MJ_POWER 867641D8
Device \Driver\nvatabus \Device\00000067 IRP_MJ_SYSTEM_CONTROL 867641D8
Device \Driver\nvatabus \Device\00000067 IRP_MJ_DEVICE_CHANGE 867641D8
Device \Driver\nvatabus \Device\00000067 IRP_MJ_QUERY_QUOTA 867641D8
Device \Driver\nvatabus \Device\00000067 IRP_MJ_SET_QUOTA 867641D8
Device \Driver\nvatabus \Device\00000067 IRP_MJ_PNP 867641D8
Device \Driver\NetBT \Device\NetBt_Wins_Export IRP_MJ_CREATE 862D81D8
Device \Driver\NetBT \Device\NetBt_Wins_Export IRP_MJ_CLOSE 862D81D8
Device \Driver\NetBT \Device\NetBt_Wins_Export IRP_MJ_DEVICE_CONTROL 862D81D8
Device \Driver\NetBT \Device\NetBt_Wins_Export IRP_MJ_INTERNAL_DEVICE_CONTROL 862D81D8
Device \Driver\NetBT \Device\NetBt_Wins_Export IRP_MJ_CLEANUP 862D81D8
Device \Driver\NetBT \Device\NetBt_Wins_Export IRP_MJ_PNP 862D81D8
Device \Driver\NetBT \Device\NetbiosSmb IRP_MJ_CREATE 862D81D8
Device \Driver\NetBT \Device\NetbiosSmb IRP_MJ_CLOSE 862D81D8
Device \Driver\NetBT \Device\NetbiosSmb IRP_MJ_DEVICE_CONTROL 862D81D8
Device \Driver\NetBT \Device\NetbiosSmb IRP_MJ_INTERNAL_DEVICE_CONTROL 862D81D8
Device \Driver\NetBT \Device\NetbiosSmb IRP_MJ_CLEANUP 862D81D8
Device \Driver\NetBT \Device\NetbiosSmb IRP_MJ_PNP 862D81D8
Device \Driver\NetBT \Device\NetBT_Tcpip_{9C36AB3B-2CDC-45A0-9E43-FA33A0AF3E4F} IRP_MJ_CREATE 862D81D8
Device \Driver\NetBT \Device\NetBT_Tcpip_{9C36AB3B-2CDC-45A0-9E43-FA33A0AF3E4F} IRP_MJ_CLOSE 862D81D8
Device \Driver\NetBT \Device\NetBT_Tcpip_{9C36AB3B-2CDC-45A0-9E43-FA33A0AF3E4F} IRP_MJ_DEVICE_CONTROL 862D81D8
Device \Driver\NetBT \Device\NetBT_Tcpip_{9C36AB3B-2CDC-45A0-9E43-FA33A0AF3E4F} IRP_MJ_INTERNAL_DEVICE_CONTROL 862D81D8
Device \Driver\NetBT \Device\NetBT_Tcpip_{9C36AB3B-2CDC-45A0-9E43-FA33A0AF3E4F} IRP_MJ_CLEANUP 862D81D8
Device \Driver\NetBT \Device\NetBT_Tcpip_{9C36AB3B-2CDC-45A0-9E43-FA33A0AF3E4F} IRP_MJ_PNP 862D81D8
Device \Driver\usbohci \Device\USBFDO-0 IRP_MJ_CREATE 862A9980
Device \Driver\usbohci \Device\USBFDO-0 IRP_MJ_CLOSE 862A9980
Device \Driver\usbohci \Device\USBFDO-0 IRP_MJ_DEVICE_CONTROL 862A9980
Device \Driver\usbohci \Device\USBFDO-0 IRP_MJ_INTERNAL_DEVICE_CONTROL 862A9980
Device \Driver\usbohci \Device\USBFDO-0 IRP_MJ_POWER 862A9980
Device \Driver\usbohci \Device\USBFDO-0 IRP_MJ_SYSTEM_CONTROL 862A9980
Device \Driver\usbohci \Device\USBFDO-0 IRP_MJ_PNP 862A9980
Device \Driver\usbohci \Device\USBFDO-1 IRP_MJ_CREATE 862A9980
Device \Driver\usbohci \Device\USBFDO-1 IRP_MJ_CLOSE 862A9980
Device \Driver\usbohci \Device\USBFDO-1 IRP_MJ_DEVICE_CONTROL 862A9980
Device \Driver\usbohci \Device\USBFDO-1 IRP_MJ_INTERNAL_DEVICE_CONTROL 862A9980
Device \Driver\usbohci \Device\USBFDO-1 IRP_MJ_POWER 862A9980
Device \Driver\usbohci \Device\USBFDO-1 IRP_MJ_SYSTEM_CONTROL 862A9980
Device \Driver\usbohci \Device\USBFDO-1 IRP_MJ_PNP 862A9980
Device \Driver\nvatabus \Device\NvAta0 IRP_MJ_CREATE 867641D8
Device \Driver\nvatabus \Device\NvAta0 IRP_MJ_CREATE_NAMED_PIPE 867641D8
Device \Driver\nvatabus \Device\NvAta0 IRP_MJ_CLOSE 867641D8
Device \Driver\nvatabus \Device\NvAta0 IRP_MJ_READ 867641D8
Device \Driver\nvatabus \Device\NvAta0 IRP_MJ_WRITE 867641D8
Device \Driver\nvatabus \Device\NvAta0 IRP_MJ_QUERY_INFORMATION 867641D8
Device \Driver\nvatabus \Device\NvAta0 IRP_MJ_SET_INFORMATION 867641D8
Device \Driver\nvatabus \Device\NvAta0 IRP_MJ_QUERY_EA 867641D8
Device \Driver\nvatabus \Device\NvAta0 IRP_MJ_SET_EA 867641D8
Device \Driver\nvatabus \Device\NvAta0 IRP_MJ_FLUSH_BUFFERS 867641D8
Device \Driver\nvatabus \Device\NvAta0 IRP_MJ_QUERY_VOLUME_INFORMATION 867641D8
Device \Driver\nvatabus \Device\NvAta0 IRP_MJ_SET_VOLUME_INFORMATION 867641D8
Device \Driver\nvatabus \Device\NvAta0 IRP_MJ_DIRECTORY_CONTROL 867641D8
Device \Driver\nvatabus \Device\NvAta0 IRP_MJ_FILE_SYSTEM_CONTROL 867641D8
Device \Driver\nvatabus \Device\NvAta0 IRP_MJ_DEVICE_CONTROL 867641D8
Device \Driver\nvatabus \Device\NvAta0 IRP_MJ_INTERNAL_DEVICE_CONTROL 867641D8
Device \Driver\nvatabus \Device\NvAta0 IRP_MJ_SHUTDOWN 867641D8
Device \Driver\nvatabus \Device\NvAta0 IRP_MJ_LOCK_CONTROL 867641D8
Device \Driver\nvatabus \Device\NvAta0 IRP_MJ_CLEANUP 867641D8
Device \Driver\nvatabus \Device\NvAta0 IRP_MJ_CREATE_MAILSLOT 867641D8
Device \Driver\nvatabus \Device\NvAta0 IRP_MJ_QUERY_SECURITY 867641D8
Device \Driver\nvatabus \Device\NvAta0 IRP_MJ_SET_SECURITY 867641D8
Device \Driver\nvatabus \Device\NvAta0 IRP_MJ_POWER 867641D8
Device \Driver\nvatabus \Device\NvAta0 IRP_MJ_SYSTEM_CONTROL 867641D8
Device \Driver\nvatabus \Device\NvAta0 IRP_MJ_DEVICE_CHANGE 867641D8
Device \Driver\nvatabus \Device\NvAta0 IRP_MJ_QUERY_QUOTA 867641D8
Device \Driver\nvatabus \Device\NvAta0 IRP_MJ_SET_QUOTA 867641D8
Device \Driver\nvatabus \Device\NvAta0 IRP_MJ_PNP 867641D8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_CREATE 8617A1D8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_CREATE_NAMED_PIPE 8617A1D8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_CLOSE 8617A1D8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_READ 8617A1D8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_WRITE 8617A1D8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_QUERY_INFORMATION 8617A1D8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_SET_INFORMATION 8617A1D8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_QUERY_EA 8617A1D8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_SET_EA 8617A1D8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_FLUSH_BUFFERS 8617A1D8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_QUERY_VOLUME_INFORMATION 8617A1D8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_SET_VOLUME_INFORMATION 8617A1D8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_DIRECTORY_CONTROL 8617A1D8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_FILE_SYSTEM_CONTROL 8617A1D8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_DEVICE_CONTROL 8617A1D8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_INTERNAL_DEVICE_CONTROL 8617A1D8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_SHUTDOWN 8617A1D8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_LOCK_CONTROL 8617A1D8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_CLEANUP 8617A1D8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_CREATE_MAILSLOT 8617A1D8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_QUERY_SECURITY 8617A1D8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_SET_SECURITY 8617A1D8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_POWER 8617A1D8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_SYSTEM_CONTROL 8617A1D8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_DEVICE_CHANGE 8617A1D8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_QUERY_QUOTA 8617A1D8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_SET_QUOTA 8617A1D8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_PNP 8617A1D8
Device \Driver\usbehci \Device\USBFDO-2 IRP_MJ_CREATE 862C41D8
Device \Driver\usbehci \Device\USBFDO-2 IRP_MJ_CLOSE 862C41D8
Device \Driver\usbehci \Device\USBFDO-2 IRP_MJ_DEVICE_CONTROL 862C41D8
Device \Driver\usbehci \Device\USBFDO-2 IRP_MJ_INTERNAL_DEVICE_CONTROL 862C41D8
Device \Driver\usbehci \Device\USBFDO-2 IRP_MJ_POWER 862C41D8
Device \Driver\usbehci \Device\USBFDO-2 IRP_MJ_SYSTEM_CONTROL 862C41D8
Device \Driver\usbehci \Device\USBFDO-2 IRP_MJ_PNP 862C41D8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_CREATE 8617A1D8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_CREATE_NAMED_PIPE 8617A1D8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_CLOSE 8617A1D8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_READ 8617A1D8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_WRITE 8617A1D8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_QUERY_INFORMATION 8617A1D8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_SET_INFORMATION 8617A1D8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_QUERY_EA 8617A1D8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_SET_EA 8617A1D8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_FLUSH_BUFFERS 8617A1D8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_QUERY_VOLUME_INFORMATION 8617A1D8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_SET_VOLUME_INFORMATION 8617A1D8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_DIRECTORY_CONTROL 8617A1D8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_FILE_SYSTEM_CONTROL 8617A1D8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_DEVICE_CONTROL 8617A1D8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_INTERNAL_DEVICE_CONTROL 8617A1D8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_SHUTDOWN 8617A1D8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_LOCK_CONTROL 8617A1D8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_CLEANUP 8617A1D8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_CREATE_MAILSLOT 8617A1D8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_QUERY_SECURITY 8617A1D8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_SET_SECURITY 8617A1D8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_POWER 8617A1D8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_SYSTEM_CONTROL 8617A1D8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_DEVICE_CHANGE 8617A1D8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_QUERY_QUOTA 8617A1D8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_SET_QUOTA 8617A1D8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_PNP 8617A1D8
Device \Driver\Ftdisk \Device\FtControl IRP_MJ_CREATE 867661D8
Device \Driver\Ftdisk \Device\FtControl IRP_MJ_READ 867661D8
Device \Driver\Ftdisk \Device\FtControl IRP_MJ_WRITE 867661D8
Device \Driver\Ftdisk \Device\FtControl IRP_MJ_FLUSH_BUFFERS 867661D8
Device \Driver\Ftdisk \Device\FtControl IRP_MJ_DEVICE_CONTROL 867661D8
Device \Driver\Ftdisk \Device\FtControl IRP_MJ_INTERNAL_DEVICE_CONTROL 867661D8
Device \Driver\Ftdisk \Device\FtControl IRP_MJ_SHUTDOWN 867661D8
Device \Driver\Ftdisk \Device\FtControl IRP_MJ_CLEANUP 867661D8
Device \Driver\Ftdisk \Device\FtControl IRP_MJ_POWER 867661D8
Device \Driver\Ftdisk \Device\FtControl IRP_MJ_SYSTEM_CONTROL 867661D8
Device \Driver\Ftdisk \Device\FtControl IRP_MJ_PNP 867661D8
Device \Driver\NetBT \Device\NetBT_Tcpip_{1690A413-D267-4F79-BD29-95F4B29D9031} IRP_MJ_CREATE 862D81D8
Device \Driver\NetBT \Device\NetBT_Tcpip_{1690A413-D267-4F79-BD29-95F4B29D9031} IRP_MJ_CLOSE 862D81D8
Device \Driver\NetBT \Device\NetBT_Tcpip_{1690A413-D267-4F79-BD29-95F4B29D9031} IRP_MJ_DEVICE_CONTROL 862D81D8
Device \Driver\NetBT \Device\NetBT_Tcpip_{1690A413-D267-4F79-BD29-95F4B29D9031} IRP_MJ_INTERNAL_DEVICE_CONTROL 862D81D8
Device \Driver\NetBT \Device\NetBT_Tcpip_{1690A413-D267-4F79-BD29-95F4B29D9031} IRP_MJ_CLEANUP 862D81D8
Device \Driver\NetBT \Device\NetBT_Tcpip_{1690A413-D267-4F79-BD29-95F4B29D9031} IRP_MJ_PNP 862D81D8
Device \Driver\Si3112r \Device\Scsi\Si3112r1Port0Path1Target0Lun0 IRP_MJ_CREATE 867D21D8
Device \Driver\Si3112r \Device\Scsi\Si3112r1Port0Path1Target0Lun0 IRP_MJ_CLOSE 867D21D8
Device \Driver\Si3112r \Device\Scsi\Si3112r1Port0Path1Target0Lun0 IRP_MJ_DEVICE_CONTROL 867D21D8
Device \Driver\Si3112r \Device\Scsi\Si3112r1Port0Path1Target0Lun0 IRP_MJ_INTERNAL_DEVICE_CONTROL 867D21D8
Device \Driver\Si3112r \Device\Scsi\Si3112r1Port0Path1Target0Lun0 IRP_MJ_POWER 867D21D8
Device \Driver\Si3112r \Device\Scsi\Si3112r1Port0Path1Target0Lun0 IRP_MJ_SYSTEM_CONTROL 867D21D8
Device \Driver\Si3112r \Device\Scsi\Si3112r1Port0Path1Target0Lun0 IRP_MJ_PNP 867D21D8
Device \Driver\Si3112r \Device\Scsi\Si3112r1Port0Path0Target0Lun0 IRP_MJ_CREATE 867D21D8
Device \Driver\Si3112r \Device\Scsi\Si3112r1Port0Path0Target0Lun0 IRP_MJ_CLOSE 867D21D8
Device \Driver\Si3112r \Device\Scsi\Si3112r1Port0Path0Target0Lun0 IRP_MJ_DEVICE_CONTROL 867D21D8
Device \Driver\Si3112r \Device\Scsi\Si3112r1Port0Path0Target0Lun0 IRP_MJ_INTERNAL_DEVICE_CONTROL 867D21D8
Device \Driver\Si3112r \Device\Scsi\Si3112r1Port0Path0Target0Lun0 IRP_MJ_POWER 867D21D8
Device \Driver\Si3112r \Device\Scsi\Si3112r1Port0Path0Target0Lun0 IRP_MJ_SYSTEM_CONTROL 867D21D8
Device \Driver\Si3112r \Device\Scsi\Si3112r1Port0Path0Target0Lun0 IRP_MJ_PNP 867D21D8
Device \Driver\a5sr54ko \Device\Scsi\a5sr54ko1 IRP_MJ_CREATE 8616C2D8
Device \Driver\a5sr54ko \Device\Scsi\a5sr54ko1 IRP_MJ_CLOSE 8616C2D8
Device \Driver\a5sr54ko \Device\Scsi\a5sr54ko1 IRP_MJ_DEVICE_CONTROL 8616C2D8
Device \Driver\a5sr54ko \Device\Scsi\a5sr54ko1 IRP_MJ_INTERNAL_DEVICE_CONTROL 8616C2D8
Device \Driver\a5sr54ko \Device\Scsi\a5sr54ko1 IRP_MJ_POWER 8616C2D8
Device \Driver\a5sr54ko \Device\Scsi\a5sr54ko1 IRP_MJ_SYSTEM_CONTROL 8616C2D8
Device \Driver\a5sr54ko \Device\Scsi\a5sr54ko1 IRP_MJ_PNP 8616C2D8
Device \Driver\Si3112r \Device\Scsi\Si3112r1 IRP_MJ_CREATE 867D21D8
Device \Driver\Si3112r \Device\Scsi\Si3112r1 IRP_MJ_CLOSE 867D21D8
Device \Driver\Si3112r \Device\Scsi\Si3112r1 IRP_MJ_DEVICE_CONTROL 867D21D8
Device \Driver\Si3112r \Device\Scsi\Si3112r1 IRP_MJ_INTERNAL_DEVICE_CONTROL 867D21D8
Device \Driver\Si3112r \Device\Scsi\Si3112r1 IRP_MJ_POWER 867D21D8
Device \Driver\Si3112r \Device\Scsi\Si3112r1 IRP_MJ_SYSTEM_CONTROL 867D21D8
Device \Driver\Si3112r \Device\Scsi\Si3112r1 IRP_MJ_PNP 867D21D8
Device \FileSystem\Fastfat \Fat IRP_MJ_CREATE 84AD4980
Device \FileSystem\Fastfat \Fat IRP_MJ_CLOSE 84AD4980
Device \FileSystem\Fastfat \Fat IRP_MJ_READ 84AD4980
Device \FileSystem\Fastfat \Fat IRP_MJ_WRITE 84AD4980
Device \FileSystem\Fastfat \Fat IRP_MJ_QUERY_INFORMATION 84AD4980
Device \FileSystem\Fastfat \Fat IRP_MJ_SET_INFORMATION 84AD4980
Device \FileSystem\Fastfat \Fat IRP_MJ_QUERY_EA 84AD4980
Device \FileSystem\Fastfat \Fat IRP_MJ_SET_EA 84AD4980
Device \FileSystem\Fastfat \Fat IRP_MJ_FLUSH_BUFFERS 84AD4980
Device \FileSystem\Fastfat \Fat IRP_MJ_QUERY_VOLUME_INFORMATION 84AD4980
Device \FileSystem\Fastfat \Fat IRP_MJ_SET_VOLUME_INFORMATION 84AD4980
Device \FileSystem\Fastfat \Fat IRP_MJ_DIRECTORY_CONTROL 84AD4980
Device \FileSystem\Fastfat \Fat IRP_MJ_FILE_SYSTEM_CONTROL 84AD4980
Device \FileSystem\Fastfat \Fat IRP_MJ_DEVICE_CONTROL 84AD4980
Device \FileSystem\Fastfat \Fat IRP_MJ_SHUTDOWN 84AD4980
Device \FileSystem\Fastfat \Fat IRP_MJ_LOCK_CONTROL 84AD4980
Device \FileSystem\Fastfat \Fat IRP_MJ_CLEANUP 84AD4980
Device \FileSystem\Fastfat \Fat IRP_MJ_PNP 84AD4980
Device \FileSystem\Cdfs \Cdfs IRP_MJ_CREATE 84C411D8
Device \FileSystem\Cdfs \Cdfs IRP_MJ_CLOSE 84C411D8
Device \FileSystem\Cdfs \Cdfs IRP_MJ_READ 84C411D8
Device \FileSystem\Cdfs \Cdfs IRP_MJ_QUERY_INFORMATION 84C411D8
Device \FileSystem\Cdfs \Cdfs IRP_MJ_SET_INFORMATION 84C411D8
Device \FileSystem\Cdfs \Cdfs IRP_MJ_QUERY_VOLUME_INFORMATION 84C411D8
Device \FileSystem\Cdfs \Cdfs IRP_MJ_DIRECTORY_CONTROL 84C411D8
Device \FileSystem\Cdfs \Cdfs IRP_MJ_FILE_SYSTEM_CONTROL 84C411D8
Device \FileSystem\Cdfs \Cdfs IRP_MJ_DEVICE_CONTROL 84C411D8
Device \FileSystem\Cdfs \Cdfs IRP_MJ_SHUTDOWN 84C411D8
Device \FileSystem\Cdfs \Cdfs IRP_MJ_LOCK_CONTROL 84C411D8
Device \FileSystem\Cdfs \Cdfs IRP_MJ_CLEANUP 84C411D8
Device \FileSystem\Cdfs \Cdfs IRP_MJ_PNP 84C411D8
---- Threads - GMER 1.0.12 ----
Thread 4:168 863248E0
Thread 4:172 863248E0
Thread 4:176 862FD8D0
Thread 4:180 862FD8D0
Thread 4:184 862FD8D0
Thread 4:456 863248E0
Thread 4:820 863248E0
Thread 4:972 863248E0
Thread 4:708 8506F4A0
---- EOF - GMER 1.0.12 ----
foxmolder5
03-03-2007, 14:16
nei due log di gmer non appaiono voci in rosso.
wizard1993
03-03-2007, 15:02
nei due log di gmer non appaiono voci in rosso.
che antivirus usi?
foxmolder5
03-03-2007, 19:15
che antivirus usi?
kaspersky. ho il kis in cui č inclusa la protezione antivirus.
wizard1993
04-03-2007, 15:39
kaspersky. ho il kis in cui č inclusa la protezione antivirus.
fai una scansione con f-secure black light
vBulletin® v3.6.4, Copyright ©2000-2025, Jelsoft Enterprises Ltd.