Torna indietro   Hardware Upgrade Forum > Networking e sicurezza > Antivirus e Sicurezza > Aiuto sono infetto! Cosa faccio?
Ricarica la Pagina Bagle

Polestar 3 Performance, test drive: comodità e potenza possono convivere
Polestar 3 Performance, test drive: comodità e potenza possono convivere
Abbiamo passato diversi giorni alla guida di Polestar 3, usata in tutti i contesti. Come auto di tutti i giorni è comodissima, ma se si libera tutta la potenza è stupefacente
Qualcomm Snapdragon X2 Elite: l'architettura del SoC per i notebook del 2026
Qualcomm Snapdragon X2 Elite: l'architettura del SoC per i notebook del 2026
In occasione del proprio Architecture Deep Dive 2025 Qualcomm ha mostrato in dettaglio l'architettura della propria prossima generazione di SoC destinati ai notebook Windows for ARM di prossima generazione. Snapdragon X2 Elite si candida, con sistemi in commercio nella prima metà del 2026, a portare nuove soluzioni nel mondo dei notebook sottili con grande autonomia
Recensione DJI Mini 5 Pro: il drone C0 ultra-leggero con sensore da 1 pollice
Recensione DJI Mini 5 Pro: il drone C0 ultra-leggero con sensore da 1 pollice
DJI Mini 5 Pro porta nella serie Mini il primo sensore CMOS da 1 pollice, unendo qualità d'immagine professionale alla portabilità estrema tipica di tutti i prodotti della famiglia. È un drone C0, quindi in un peso estremamente contenuto e che non richiede patentino, propone un gimbal rotabile a 225 gradi, rilevamento ostacoli anche notturno e autonomia fino a 36 minuti. Caratteristiche che rendono il nuovo drone un riferimento per creator e appassionati
ESA: rilevati 40 mila asteroidi vicino alla Terra, si studia come proteggersi dai possibili impatti
La batteria salva fabbriche di EQORE ottiene finanziamenti importanti, ma come funziona?
SpaceX Starship: iniziati i test della terza generazione, Super Heavy Booster 18 ha avuto un problema
Datacenter IA nello spazio entro 5 anni, la sparata di Musk che non convince il CEO di NVIDIA
Telescopio spaziale James Webb: rilevato buco nero 570 milioni di anni dopo il Big Bang
Ericsson Mobility Report: nel 2025 il 5G Stand Alone ha finalmente iniziato a prendere piede
PLAI DEMO DAY: si chiude il secondo ciclo di accelerazione del programma startup di Gruppo Mondadori
Google rilascia Nano Banana Pro: il nuovo modello IA per la generazione di immagini
ChatGPT si rinnova ancora: disponibile la nuova versione per i docenti
Ring lancia super sconti di Black Friday: videocamere, campanelli smart e accessori ai prezzi più bassi dell’anno
Black Friday 2025: 450 euro di sconto su Narwal Flow, anche con base super compatta
Tutti gli articoli Tutte le news

Vai al Forum
Rispondi
 
Strumenti
Old 27-08-2007, 22:37   #1
Charlie795
Member
 
L'Avatar di Charlie795
 
Iscritto dal: Nov 2002
Città: Migazzone (TN)
Messaggi: 119
Bagle
Ciao a tutti sono uno dei tanti che si è preso il virus bagle che non ti permette di installare più antivirus, non ti permette di entrare in modalità provvisoria non ti permette di fare il ripristino del sistema. Premetto che non sono molto esperto in materia quindi vorrei capire se c'è un modo semplice per rimuovere questo virus o se ci metto di meno a formattare il tutto. Ho già letto sul forum discussioni riguardanti il mio problema ma non ne ho capito molto. Aiutatemi grazie mille
__________________
La pazzia da felicità alla propria vita!!!
Charlie795 è offline   Rispondi citando il messaggio o parte di esso
Old 27-08-2007, 22:55   #2
demi@n
Senior Member
 
Iscritto dal: Apr 2007
Messaggi: 895
Senti, non disperarti, ho visto che altri hanno risolto il problema.
Sicuramente qualcuno più esperto di me ti risponderà al più presto.
Intanto dì un paio di cose:
1) come l'hai individuato Bagle?
2) ce l'hai Gmer?
demi@n è offline   Rispondi citando il messaggio o parte di esso
Old 27-08-2007, 23:01   #3
Charlie795
Member
 
L'Avatar di Charlie795
 
Iscritto dal: Nov 2002
Città: Migazzone (TN)
Messaggi: 119
L'ho individuato perchè avevo un programmino spybot mi sembra lo lanciavo ogni tanto per rimuovere file obsoleti arrivati dal web però il file .exe era magicamente sparito poi mi sono accorto che anche i file eseguibili dell'antivirus sono spariti. Quel programmino non l'ho mai sentito e non lo so usare grazie
__________________
La pazzia da felicità alla propria vita!!!
Charlie795 è offline   Rispondi citando il messaggio o parte di esso
Old 27-08-2007, 23:04   #4
Charlie795
Member
 
L'Avatar di Charlie795
 
Iscritto dal: Nov 2002
Città: Migazzone (TN)
Messaggi: 119
SCusa gmer l'ho scaricato e lanciato ma queste righe evidenziate di rosso a me non escono che abbia sbagliato programma?
__________________
La pazzia da felicità alla propria vita!!!
Charlie795 è offline   Rispondi citando il messaggio o parte di esso
Old 27-08-2007, 23:11   #5
Bugs Bunny
Senior Member
 
L'Avatar di Bugs Bunny
 
Iscritto dal: Aug 2005
Città: Genova
Messaggi: 3397
gmer puoi scaricarlo da qui.

http://www.ilsoftware.it/querydl.asp?ID=967

posta un suo log e anche un log di hijackthis

http://www.trendsecure.com/portal/en...?page=download


Oppure puoi anche scaricare avenger dal link che segue>aprirlo>selezionare input script manually>cliccare sulla lente di ingrandimento>copiare ed incollare questo:

Quote:
Files to delete:
C:\WINDOWS\system32\drivers\hidr.exe
C:\WINDOWS\system32\drivers\srosa.sys
C:\WINDOWS\system32\wintems.exe
C:\WINDOWS\system32\hldrrr.exe
C:\WINDOWS\system32\trusted.exe
C:\WINDOWS\system32\drivers\pci32.sys

folders to delete:
C:\WINDOWS\exefnd
C:\WINDOWS\exefld

registry keys to delete:
HKLM\SYSTEM\CurrentControlSet\Services\srosa
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SROSA
HKLM\SYSTEM\CurrentControlSet\Services\pci32
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_PCI32
>cliccare su done>cliccare sul semaforo>accettare 2 volte. Il computer ti si riavvierà,e al riavvio cancellerà i files che generalmente vengono creati da questo malware. posta il log così vediamo se è tutto a posto.

Download avenger: http://swandog46.geekstogo.com/avenger.zip
Ultima modifica di Bugs Bunny : 27-08-2007 alle 23:19.
Bugs Bunny è offline   Rispondi citando il messaggio o parte di esso
Old 27-08-2007, 23:12   #6
demi@n
Senior Member
 
Iscritto dal: Apr 2007
Messaggi: 895
Apri Task Manager (Ctrl + Alt + Canc) e dimmi se vedi questo tra i Processi attivi: hldrrr.exe


[edit]: hops, ha fatto prima Bugs Bunny (meno male!!), dai retta a lui, è moooooolto più esperto di me!
demi@n è offline   Rispondi citando il messaggio o parte di esso
Old 27-08-2007, 23:49   #7
Charlie795
Member
 
L'Avatar di Charlie795
 
Iscritto dal: Nov 2002
Città: Migazzone (TN)
Messaggi: 119
Del file in tsk neanche l'ombra

GMER 1.0.13.12551 - http://www.gmer.net
Rootkit scan 2007-08-27 23:47:15
Windows 5.1.2600 Service Pack 2


---- System - GMER 1.0.13 ----

SSDT 829F297E SSDT[37]
SSDT 829F2CC2 SSDT[71]
SSDT 829F2A0E SSDT[73]
SSDT 829F2F62 SSDT[145]
SSDT 829F3330 SSDT[160]
SSDT 829F3108 SSDT[173]
SSDT \WINDOWS\system32\ntoskrnl.exe [80586691] PUSH 0000009C; RET SSDT[0]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[1]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[2]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[3]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[4]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[5]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[6]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[7]
SSDT \WINDOWS\system32\ntoskrnl.exe [8057641C] PUSH 000000B4; RET SSDT[8]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[9]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[10]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[11]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[12]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[13]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[14]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[15]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[16]
SSDT \WINDOWS\system32\ntoskrnl.exe [80568777] PUSH 00000104; RET SSDT[17]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[18]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[19]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[20]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[21]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[22]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[23]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[24]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[25]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[26]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[27]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[28]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[29]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[30]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[31]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[32]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[33]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[34]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[35]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[36]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[38]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[39]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[40]
SSDT \WINDOWS\system32\ntoskrnl.exe [8056F063] PUSH 000000C4; RET SSDT[41]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[42]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[43]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[44]
SSDT \WINDOWS\system32\ntoskrnl.exe [805BD9D8] PUSH 000000DC; RET SSDT[45]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[46]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[47]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[48]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[49]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[50]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[51]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[52]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[53]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[54]
SSDT \WINDOWS\system32\ntoskrnl.exe [805AAD09] PUSH 000000BC; RET SSDT[55]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[56]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[57]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[58]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[59]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[60]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[62]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[63]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[64]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[65]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[66]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[67]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[68]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[69]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[72]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[74]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[75]
SSDT \WINDOWS\system32\ntoskrnl.exe [80598095] PUSH 000000B0; RET SSDT[76]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[77]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[78]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[79]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[80]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[81]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[82]
SSDT \WINDOWS\system32\ntoskrnl.exe [80568FC4] PUSH 00000080; RET SSDT[83]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[84]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[85]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[86]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[87]
SSDT \WINDOWS\system32\ntoskrnl.exe [8053B0EF] PUSH 0000046C; RET SSDT[88]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[89]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[90]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[91]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[92]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[93]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[94]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[95]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[96]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[97]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[98]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[99]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[100]
SSDT \WINDOWS\system32\ntoskrnl.exe [805B2EFD] PUSH 000008B4; RET SSDT[101]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[102]
SSDT \WINDOWS\system32\ntoskrnl.exe [805B236A] PUSH 00000080; RET SSDT[103]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[104]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[105]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[106]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[107]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[108]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[110]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[111]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[112]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[113]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[114]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[115]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[116]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[117]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[118]
SSDT \WINDOWS\system32\ntoskrnl.exe [805684D5] PUSH 00000094; RET SSDT[119]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[120]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[121]
SSDT \WINDOWS\system32\ntoskrnl.exe [8057459E] PUSH 000000C4; RET SSDT[122]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[123]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[124]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[125]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[126]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[127]
SSDT \WINDOWS\system32\ntoskrnl.exe [80597C0A] PUSH 000000C0; RET SSDT[128]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[129]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[130]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[131]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[132]
SSDT \WINDOWS\system32\ntoskrnl.exe [8059E8D7] PUSH 00000340; RET SSDT[133]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[134]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[135]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[136]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[137]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[138]
SSDT \WINDOWS\system32\ntoskrnl.exe [80571ECB] PUSH 00000144; RET SSDT[139]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[142]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[143]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[144]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[146]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[147]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[148]
SSDT \WINDOWS\system32\ntoskrnl.exe [8057B349] PUSH 00000148; RET SSDT[149]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[150]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[151]
SSDT \WINDOWS\system32\ntoskrnl.exe [805896BC] PUSH 00000160; RET SSDT[152]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[153]
SSDT \WINDOWS\system32\ntoskrnl.exe [8056C537] PUSH 000001E0; RET SSDT[154]
SSDT \WINDOWS\system32\ntoskrnl.exe [80566D06] PUSH 00000090; RET SSDT[155]
SSDT \WINDOWS\system32\ntoskrnl.exe [8056DEAB] PUSH 00000100; RET SSDT[156]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[157]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[158]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[159]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[161]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[162]
SSDT \WINDOWS\system32\ntoskrnl.exe [80587E10] PUSH 000000BC; RET SSDT[163]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[164]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[165]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[166]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[167]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[168]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[169]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[170]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[171]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[172]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[174]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[175]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[176]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[177]
SSDT \WINDOWS\system32\ntoskrnl.exe [8056CBF3] PUSH 00000084; RET SSDT[178]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[179]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[180]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[181]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[182]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[183]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[184]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[185]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[186]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[187]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[188]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[189]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[190]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[191]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[192]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[193]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[194]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[195]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[196]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[197]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[198]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[199]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[200]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[201]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[202]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[203]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[204]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[205]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[206]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[207]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[208]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[209]
SSDT \WINDOWS\system32\ntoskrnl.exe [80585D7D] PUSH 00000084; RET SSDT[210]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[213]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[214]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[215]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[216]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[217]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[218]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[219]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[220]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[221]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[222]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[223]
SSDT \WINDOWS\system32\ntoskrnl.exe [80579E7E] PUSH 00000088; RET SSDT[224]
SSDT \WINDOWS\system32\ntoskrnl.exe [805AD4EE] PUSH 0000028C; RET SSDT[225]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[226]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[227]
SSDT \WINDOWS\system32\ntoskrnl.exe [8056C608] PUSH 0000011C; RET SSDT[228]
SSDT \WINDOWS\system32\ntoskrnl.exe [80576E5D] PUSH 000000EC; RET SSDT[229]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[230]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[231]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[232]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[233]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[234]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[235]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[236]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[237]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[238]
SSDT \WINDOWS\system32\ntoskrnl.exe [805A5110] PUSH 00000174; RET SSDT[240]
SSDT \WINDOWS\system32\ntoskrnl.exe [8066608F] PUSH 000000AC; RET SSDT[241]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[242]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[243]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[244]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[245]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[246]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[247]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[248]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[249]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[250]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[251]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[252]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[253]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[254]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[255]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[256]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[257]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[258]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[259]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[260]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[261]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[262]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[263]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[264]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[265]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[266]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[267]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[268]
SSDT \WINDOWS\system32\ntoskrnl.exe [80658DD0] PUSH 000000A0; RET SSDT[269]
SSDT \WINDOWS\system32\ntoskrnl.exe [805662B1] PUSH 0000034C; RET SSDT[270]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[271]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[272]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[273]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[274]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[275]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[276]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[277]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[278]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[279]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[280]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[281]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[282]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[283]

---- Kernel code sections - GMER 1.0.13 ----

? C:\WINDOWS\system32\ntoskrnl.exe Impossibile trovare il file specificato.
? System32\Drivers\hiber_WMILIB.SYS Impossibile trovare il file specificato.

---- User code sections - GMER 1.0.13 ----

.text C:\Programmi\MSN Messenger\msnmsgr.exe[1768] kernel32.dll!LoadResource 7C809FB5 7 Bytes JMP 28001B60 C:\Programmi\Messenger Plus! Live\MsgPlusLive1.dll
.text C:\Programmi\MSN Messenger\msnmsgr.exe[1768] kernel32.dll!FindResourceExW 7C80AC88 7 Bytes JMP 28001AD0 C:\Programmi\Messenger Plus! Live\MsgPlusLive1.dll
.text C:\Programmi\MSN Messenger\msnmsgr.exe[1768] kernel32.dll!FindResourceW 7C80BBCE 7 Bytes JMP 28001A50 C:\Programmi\Messenger Plus! Live\MsgPlusLive1.dll
.text C:\Programmi\MSN Messenger\msnmsgr.exe[1768] kernel32.dll!SizeofResource 7C80BC69 7 Bytes JMP 28001C10 C:\Programmi\Messenger Plus! Live\MsgPlusLive1.dll
.text C:\Programmi\MSN Messenger\msnmsgr.exe[1768] kernel32.dll!LockResource 7C80CC97 5 Bytes JMP 28001CC0 C:\Programmi\Messenger Plus! Live\MsgPlusLive1.dll
.text C:\Programmi\MSN Messenger\msnmsgr.exe[1768] kernel32.dll!CreateEventA 7C8308AD 5 Bytes JMP 28001830 C:\Programmi\Messenger Plus! Live\MsgPlusLive1.dll
.text C:\Programmi\MSN Messenger\msnmsgr.exe[1768] kernel32.dll!SetUnhandledExceptionFilter 7C84467D 5 Bytes JMP 004DE392 C:\Programmi\MSN Messenger\msnmsgr.exe
.text C:\Programmi\MSN Messenger\msnmsgr.exe[1768] ADVAPI32.dll!CryptDeriveKey 77F5A685 7 Bytes JMP 28001000 C:\Programmi\Messenger Plus! Live\MsgPlusLive1.dll
.text C:\Programmi\MSN Messenger\msnmsgr.exe[1768] ADVAPI32.dll!CryptDecrypt 77F5A7B1 2 Bytes JMP 28001050 C:\Programmi\Messenger Plus! Live\MsgPlusLive1.dll
.text C:\Programmi\MSN Messenger\msnmsgr.exe[1768] ADVAPI32.dll!CryptDecrypt + 3 77F5A7B4 4 Bytes [ 0A, B0, CC, CC ]
.text C:\Programmi\MSN Messenger\msnmsgr.exe[1768] USER32.dll!PeekMessageW 7E39929B 5 Bytes JMP 28003A60 C:\Programmi\Messenger Plus! Live\MsgPlusLive1.dll
.text C:\Programmi\MSN Messenger\msnmsgr.exe[1768] USER32.dll!CreateWindowExW 7E39FC25 5 Bytes JMP 28003370 C:\Programmi\Messenger Plus! Live\MsgPlusLive1.dll
.text C:\Programmi\MSN Messenger\msnmsgr.exe[1768] USER32.dll!SetWindowRgn 7E39FFB2 7 Bytes JMP 28004DB0 C:\Programmi\Messenger Plus! Live\MsgPlusLive1.dll
.text C:\Programmi\MSN Messenger\msnmsgr.exe[1768] USER32.dll!CreateDialogParamW 7E3A7D4F 5 Bytes JMP 28004E50 C:\Programmi\Messenger Plus! Live\MsgPlusLive1.dll
.text C:\Programmi\MSN Messenger\msnmsgr.exe[1768] USER32.dll!SetWindowPlacement 7E3AD84C 5 Bytes JMP 28004CD0 C:\Programmi\Messenger Plus! Live\MsgPlusLive1.dll
.text C:\Programmi\MSN Messenger\msnmsgr.exe[1768] USER32.dll!MessageBoxIndirectW 7E3E62AB 5 Bytes JMP 28004FB0 C:\Programmi\Messenger Plus! Live\MsgPlusLive1.dll
.text C:\Programmi\MSN Messenger\msnmsgr.exe[1768] USER32.dll!TrackPopupMenuEx 7E3ECD28 5 Bytes JMP 28004230 C:\Programmi\Messenger Plus! Live\MsgPlusLive1.dll
.text C:\Programmi\MSN Messenger\msnmsgr.exe[1768] WS2_32.dll!send 71A3428A 5 Bytes JMP 28009120 C:\Programmi\Messenger Plus! Live\MsgPlusLive1.dll
.text C:\Programmi\MSN Messenger\msnmsgr.exe[1768] WS2_32.dll!WSARecv 71A34318 5 Bytes JMP 28008F10 C:\Programmi\Messenger Plus! Live\MsgPlusLive1.dll
.text C:\Programmi\MSN Messenger\msnmsgr.exe[1768] WS2_32.dll!recv 71A3615A 5 Bytes JMP 28008D80 C:\Programmi\Messenger Plus! Live\MsgPlusLive1.dll
.text C:\Programmi\MSN Messenger\msnmsgr.exe[1768] WS2_32.dll!WSASend 71A36233 5 Bytes JMP 280092A0 C:\Programmi\Messenger Plus! Live\MsgPlusLive1.dll
.text C:\Programmi\MSN Messenger\msnmsgr.exe[1768] WS2_32.dll!closesocket 71A39639 5 Bytes JMP 280094B0 C:\Programmi\Messenger Plus! Live\MsgPlusLive1.dll
.text C:\Programmi\MSN Messenger\msnmsgr.exe[1768] SHELL32.dll!Shell_NotifyIconW 7CA31B6A 5 Bytes JMP 28002B50 C:\Programmi\Messenger Plus! Live\MsgPlusLive1.dll
.text C:\Programmi\MSN Messenger\msnmsgr.exe[1768] ole32.dll!CoInitializeEx 774CEF6B 5 Bytes JMP 28001D20 C:\Programmi\Messenger Plus! Live\MsgPlusLive1.dll
.text C:\Programmi\MSN Messenger\msnmsgr.exe[1768] ole32.dll!CoRegisterClassObject 774E8720 5 Bytes JMP 28001E20 C:\Programmi\Messenger Plus! Live\MsgPlusLive1.dll
.text C:\Programmi\MSN Messenger\msnmsgr.exe[1768] WININET.dll!InternetCloseHandle 4330DA89 5 Bytes JMP 28007FF0 C:\Programmi\Messenger Plus! Live\MsgPlusLive1.dll
.text C:\Programmi\MSN Messenger\msnmsgr.exe[1768] WININET.dll!HttpOpenRequestA 43314331 5 Bytes JMP 28007D10 C:\Programmi\Messenger Plus! Live\MsgPlusLive1.dll
.text C:\Programmi\MSN Messenger\msnmsgr.exe[1768] WININET.dll!InternetReadFile 4331ABBC 5 Bytes JMP 28007E70 C:\Programmi\Messenger Plus! Live\MsgPlusLive1.dll
.text C:\Programmi\MSN Messenger\msnmsgr.exe[1768] WININET.dll!HttpSendRequestA 4331CD48 5 Bytes JMP 28007F40 C:\Programmi\Messenger Plus! Live\MsgPlusLive1.dll
.text C:\Programmi\Internet Explorer\IEXPLORE.EXE[3692] USER32.dll!DialogBoxParamW 7E3A555F 5 Bytes JMP 435FF2A1 C:\WINDOWS\system32\IEFRAME.dll
.text C:\Programmi\Internet Explorer\IEXPLORE.EXE[3692] USER32.dll!DialogBoxIndirectParamW 7E3B2032 5 Bytes JMP 43790297 C:\WINDOWS\system32\IEFRAME.dll
.text C:\Programmi\Internet Explorer\IEXPLORE.EXE[3692] USER32.dll!MessageBoxIndirectA 7E3BA04A 5 Bytes JMP 43790218 C:\WINDOWS\system32\IEFRAME.dll
.text C:\Programmi\Internet Explorer\IEXPLORE.EXE[3692] USER32.dll!DialogBoxParamA 7E3BB10C 5 Bytes JMP 4379025C C:\WINDOWS\system32\IEFRAME.dll
.text C:\Programmi\Internet Explorer\IEXPLORE.EXE[3692] USER32.dll!MessageBoxExW 7E3D05D8 5 Bytes JMP 437901A4 C:\WINDOWS\system32\IEFRAME.dll
.text C:\Programmi\Internet Explorer\IEXPLORE.EXE[3692] USER32.dll!MessageBoxExA 7E3D05FC 5 Bytes JMP 437901DE C:\WINDOWS\system32\IEFRAME.dll
.text C:\Programmi\Internet Explorer\IEXPLORE.EXE[3692] USER32.dll!DialogBoxIndirectParamA 7E3D6B50 5 Bytes JMP 437902D2 C:\WINDOWS\system32\IEFRAME.dll
.text C:\Programmi\Internet Explorer\IEXPLORE.EXE[3692] USER32.dll!MessageBoxIndirectW 7E3E62AB 5 Bytes JMP 4362164E C:\WINDOWS\system32\IEFRAME.dll

AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_CREATE [F283F78C] aswMon2.SYS
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_CREATE_NAMED_PIPE [F283F78C] aswMon2.SYS
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_CLOSE [F283F78C] aswMon2.SYS
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_READ [F283F78C] aswMon2.SYS
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_WRITE [F283F78C] aswMon2.SYS
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_INFORMATION [F283F78C] aswMon2.SYS
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_SET_INFORMATION [F283F78C] aswMon2.SYS
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_EA [F283F78C] aswMon2.SYS
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_SET_EA [F283F78C] aswMon2.SYS
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_FLUSH_BUFFERS [F283F78C] aswMon2.SYS
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_VOLUME_INFORMATION [F283F78C] aswMon2.SYS
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_SET_VOLUME_INFORMATION [F283F78C] aswMon2.SYS
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_DIRECTORY_CONTROL [F283F78C] aswMon2.SYS
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_FILE_SYSTEM_CONTROL [F2840B66] aswMon2.SYS
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_DEVICE_CONTROL [F283F78C] aswMon2.SYS
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_INTERNAL_DEVICE_CONTROL [F283F78C] aswMon2.SYS
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_SHUTDOWN [F283F78C] aswMon2.SYS
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_LOCK_CONTROL [F283F78C] aswMon2.SYS
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_CLEANUP [F283F78C] aswMon2.SYS
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_CREATE_MAILSLOT [F283F78C] aswMon2.SYS
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_SECURITY [F283F78C] aswMon2.SYS
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_SET_SECURITY [F283F78C] aswMon2.SYS
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_POWER [F283F78C] aswMon2.SYS
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_SYSTEM_CONTROL [F283F78C] aswMon2.SYS
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_DEVICE_CHANGE [F283F78C] aswMon2.SYS
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_QUOTA [F283F78C] aswMon2.SYS
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_SET_QUOTA [F283F78C] aswMon2.SYS
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_CREATE [F3545CCC] SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_CREATE_NAMED_PIPE [F3545CCC] SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_CLOSE [F3545CCC] SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_READ [F3545CCC] SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_WRITE [F3545CCC] SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_QUERY_INFORMATION [F3545CCC] SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_SET_INFORMATION [F3545CCC] SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_QUERY_EA [F3545CCC] SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_SET_EA [F3545CCC] SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_FLUSH_BUFFERS [F3545CCC] SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_QUERY_VOLUME_INFORMATION [F3545CCC] SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_SET_VOLUME_INFORMATION [F3545CCC] SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_DIRECTORY_CONTROL [F3545CCC] SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_FILE_SYSTEM_CONTROL [F3545CCC] SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_DEVICE_CONTROL [F3545CCC] SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_INTERNAL_DEVICE_CONTROL [F3545CCC] SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_SHUTDOWN [F3545CCC] SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_LOCK_CONTROL [F3545CCC] SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_CLEANUP [F3545CCC] SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_CREATE_MAILSLOT [F3545CCC] SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_QUERY_SECURITY [F3545CCC] SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_SET_SECURITY [F3545CCC] SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_POWER [F3545CCC] SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_SYSTEM_CONTROL [F3545CCC] SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_DEVICE_CHANGE [F3545CCC] SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_QUERY_QUOTA [F3545CCC] SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_SET_QUOTA [F3545CCC] SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_CREATE [F8AA5970] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_CREATE_NAMED_PIPE [F8AA5970] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_CLOSE [F8AA5970] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_READ [F8AA5970] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_WRITE [F8AA5970] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_QUERY_INFORMATION [F8AA5970] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_SET_INFORMATION [F8AA5970] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_QUERY_EA [F8AA5970] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_SET_EA [F8AA5970] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_FLUSH_BUFFERS [F8AA5970] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_QUERY_VOLUME_INFORMATION [F8AA5970] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_SET_VOLUME_INFORMATION [F8AA5970] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_DIRECTORY_CONTROL [F8AA5970] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_FILE_SYSTEM_CONTROL [F8AA5970] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_DEVICE_CONTROL [F8AA5970] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_INTERNAL_DEVICE_CONTROL [F8AA533C] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_SHUTDOWN [F8AA5970] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_LOCK_CONTROL [F8AA5970] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_CLEANUP [F8AA5970] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_CREATE_MAILSLOT [F8AA5970] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_QUERY_SECURITY [F8AA5970] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_SET_SECURITY [F8AA5970] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_POWER [F8AA5970] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_SYSTEM_CONTROL [F8AA5970] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_DEVICE_CHANGE [F8AA5970] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_QUERY_QUOTA [F8AA5970] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_SET_QUOTA [F8AA5970] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_CREATE [F8AA5970] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_CREATE_NAMED_PIPE [F8AA5970] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_CLOSE [F8AA5970] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_READ [F8AA5970] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_WRITE [F8AA5970] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_QUERY_INFORMATION [F8AA5970] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_SET_INFORMATION [F8AA5970] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_QUERY_EA [F8AA5970] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_SET_EA [F8AA5970] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_FLUSH_BUFFERS [F8AA5970] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_QUERY_VOLUME_INFORMATION [F8AA5970] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_SET_VOLUME_INFORMATION [F8AA5970] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_DIRECTORY_CONTROL [F8AA5970] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_FILE_SYSTEM_CONTROL [F8AA5970] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_DEVICE_CONTROL [F8AA5970] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_INTERNAL_DEVICE_CONTROL [F8AA533C] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_SHUTDOWN [F8AA5970] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_LOCK_CONTROL [F8AA5970] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_CLEANUP [F8AA5970] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_CREATE_MAILSLOT [F8AA5970] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_QUERY_SECURITY [F8AA5970] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_SET_SECURITY [F8AA5970] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_POWER [F8AA5970] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_SYSTEM_CONTROL [F8AA5970] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_DEVICE_CHANGE [F8AA5970] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_QUERY_QUOTA [F8AA5970] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_SET_QUOTA [F8AA5970] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_CREATE [F3545CCC] SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_CREATE_NAMED_PIPE [F3545CCC] SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_CLOSE [F3545CCC] SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_READ [F3545CCC] SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_WRITE [F3545CCC] SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_QUERY_INFORMATION [F3545CCC] SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_SET_INFORMATION [F3545CCC] SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_QUERY_EA [F3545CCC] SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_SET_EA [F3545CCC] SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_FLUSH_BUFFERS [F3545CCC] SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_QUERY_VOLUME_INFORMATION [F3545CCC] SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_SET_VOLUME_INFORMATION [F3545CCC] SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_DIRECTORY_CONTROL [F3545CCC] SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_FILE_SYSTEM_CONTROL [F3545CCC] SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_DEVICE_CONTROL [F3545CCC] SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_INTERNAL_DEVICE_CONTROL [F3545CCC] SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_SHUTDOWN [F3545CCC] SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_LOCK_CONTROL [F3545CCC] SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_CLEANUP [F3545CCC] SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_CREATE_MAILSLOT [F3545CCC] SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_QUERY_SECURITY [F3545CCC] SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_SET_SECURITY [F3545CCC] SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_POWER [F3545CCC] SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_SYSTEM_CONTROL [F3545CCC] SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_DEVICE_CHANGE [F3545CCC] SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_QUERY_QUOTA [F3545CCC] SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_SET_QUOTA [F3545CCC] SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_CREATE [F8AA5970] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_CREATE_NAMED_PIPE [F8AA5970] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_CLOSE [F8AA5970] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_READ [F8AA5970] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_WRITE [F8AA5970] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_QUERY_INFORMATION [F8AA5970] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_SET_INFORMATION [F8AA5970] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_QUERY_EA [F8AA5970] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_SET_EA [F8AA5970] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_FLUSH_BUFFERS [F8AA5970] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_QUERY_VOLUME_INFORMATION [F8AA5970] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_SET_VOLUME_INFORMATION [F8AA5970] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_DIRECTORY_CONTROL [F8AA5970] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_FILE_SYSTEM_CONTROL [F8AA5970] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_DEVICE_CONTROL [F8AA5970] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_INTERNAL_DEVICE_CONTROL [F8AA533C] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_SHUTDOWN [F8AA5970] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_LOCK_CONTROL [F8AA5970] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_CLEANUP [F8AA5970] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_CREATE_MAILSLOT [F8AA5970] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_QUERY_SECURITY [F8AA5970] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_SET_SECURITY [F8AA5970] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_POWER [F8AA5970] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_SYSTEM_CONTROL [F8AA5970] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_DEVICE_CHANGE [F8AA5970] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_QUERY_QUOTA [F8AA5970] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_SET_QUOTA [F8AA5970] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_CREATE [F3545CCC] SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_CREATE_NAMED_PIPE [F3545CCC] SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_CLOSE [F3545CCC] SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_READ [F3545CCC] SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_WRITE [F3545CCC] SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_QUERY_INFORMATION [F3545CCC] SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_SET_INFORMATION [F3545CCC] SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_QUERY_EA [F3545CCC] SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_SET_EA [F3545CCC] SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_FLUSH_BUFFERS [F3545CCC] SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_QUERY_VOLUME_INFORMATION [F3545CCC] SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_SET_VOLUME_INFORMATION [F3545CCC] SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_DIRECTORY_CONTROL [F3545CCC] SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_FILE_SYSTEM_CONTROL [F3545CCC] SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_DEVICE_CONTROL [F3545CCC] SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_INTERNAL_DEVICE_CONTROL [F3545CCC] SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_SHUTDOWN [F3545CCC] SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_LOCK_CONTROL [F3545CCC] SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_CLEANUP [F3545CCC] SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_CREATE_MAILSLOT [F3545CCC] SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_QUERY_SECURITY [F3545CCC] SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_SET_SECURITY [F3545CCC] SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_POWER [F3545CCC] SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_SYSTEM_CONTROL [F3545CCC] SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_DEVICE_CHANGE [F3545CCC] SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_QUERY_QUOTA [F3545CCC] SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_SET_QUOTA [F3545CCC] SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_CREATE [F8AA5970] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_CREATE_NAMED_PIPE [F8AA5970] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_CLOSE [F8AA5970] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_READ [F8AA5970] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_WRITE [F8AA5970] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_QUERY_INFORMATION [F8AA5970] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_SET_INFORMATION [F8AA5970] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_QUERY_EA [F8AA5970] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_SET_EA [F8AA5970] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_FLUSH_BUFFERS [F8AA5970] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_QUERY_VOLUME_INFORMATION [F8AA5970] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_SET_VOLUME_INFORMATION [F8AA5970] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_DIRECTORY_CONTROL [F8AA5970] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_FILE_SYSTEM_CONTROL [F8AA5970] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_DEVICE_CONTROL [F8AA5970] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_INTERNAL_DEVICE_CONTROL [F8AA533C] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_SHUTDOWN [F8AA5970] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_LOCK_CONTROL [F8AA5970] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_CLEANUP [F8AA5970] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_CREATE_MAILSLOT [F8AA5970] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_QUERY_SECURITY [F8AA5970] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_SET_SECURITY [F8AA5970] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_POWER [F8AA5970] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_SYSTEM_CONTROL [F8AA5970] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_DEVICE_CHANGE [F8AA5970] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_QUERY_QUOTA [F8AA5970] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_SET_QUOTA [F8AA5970] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_CREATE [F3545CCC] SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_CREATE_NAMED_PIPE [F3545CCC] SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_CLOSE [F3545CCC] SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_READ [F3545CCC] SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_WRITE [F3545CCC] SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_QUERY_INFORMATION [F3545CCC] SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_SET_INFORMATION [F3545CCC] SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_QUERY_EA [F3545CCC] SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_SET_EA [F3545CCC] SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_FLUSH_BUFFERS [F3545CCC] SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_QUERY_VOLUME_INFORMATION [F3545CCC] SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_SET_VOLUME_INFORMATION [F3545CCC] SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_DIRECTORY_CONTROL [F3545CCC] SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_FILE_SYSTEM_CONTROL [F3545CCC] SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_DEVICE_CONTROL [F3545CCC] SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_INTERNAL_DEVICE_CONTROL [F3545CCC] SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_SHUTDOWN [F3545CCC] SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_LOCK_CONTROL [F3545CCC] SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_CLEANUP [F3545CCC] SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_CREATE_MAILSLOT [F3545CCC] SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_QUERY_SECURITY [F3545CCC] SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_SET_SECURITY [F3545CCC] SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_POWER [F3545CCC] SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_SYSTEM_CONTROL [F3545CCC] SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_DEVICE_CHANGE [F3545CCC] SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_QUERY_QUOTA [F3545CCC] SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_SET_QUOTA [F3545CCC] SYMTDI.SYS

Device \Device\0000006c IRP_MJ_CREATE [F868CCB8] ACPI.sys
Device \Device\0000006c IRP_MJ_CREATE_NAMED_PIPE [F868CCB8] ACPI.sys
Device \Device\0000006c IRP_MJ_CLOSE [F868CCB8] ACPI.sys
Device \Device\0000006c IRP_MJ_READ [F868CCB8] ACPI.sys
Device \Device\0000006c IRP_MJ_WRITE [F868CCB8] ACPI.sys
Device \Device\0000006c IRP_MJ_QUERY_INFORMATION [F868CCB8] ACPI.sys
Device \Device\0000006c IRP_MJ_SET_INFORMATION [F868CCB8] ACPI.sys
Device \Device\0000006c IRP_MJ_QUERY_EA [F868CCB8] ACPI.sys
Device \Device\0000006c IRP_MJ_SET_EA [F868CCB8] ACPI.sys
Device \Device\0000006c IRP_MJ_FLUSH_BUFFERS [F868CCB8] ACPI.sys
Device \Device\0000006c IRP_MJ_QUERY_VOLUME_INFORMATION [F868CCB8] ACPI.sys
Device \Device\0000006c IRP_MJ_SET_VOLUME_INFORMATION [F868CCB8] ACPI.sys
Device \Device\0000006c IRP_MJ_DIRECTORY_CONTROL [F868CCB8] ACPI.sys
Device \Device\0000006c IRP_MJ_FILE_SYSTEM_CONTROL [F868CCB8] ACPI.sys
Device \Device\0000006c IRP_MJ_DEVICE_CONTROL [F868CCB8] ACPI.sys
Device \Device\0000006c IRP_MJ_INTERNAL_DEVICE_CONTROL [F868CCB8] ACPI.sys
Device \Device\0000006c IRP_MJ_SHUTDOWN [F868CCB8] ACPI.sys
Device \Device\0000006c IRP_MJ_LOCK_CONTROL [F868CCB8] ACPI.sys
Device \Device\0000006c IRP_MJ_CLEANUP [F868CCB8] ACPI.sys
Device \Device\0000006c IRP_MJ_CREATE_MAILSLOT [F868CCB8] ACPI.sys
Device \Device\0000006c IRP_MJ_QUERY_SECURITY [F868CCB8] ACPI.sys
Device \Device\0000006c IRP_MJ_SET_SECURITY [F868CCB8] ACPI.sys
Device \Device\0000006c IRP_MJ_POWER [F868CCB8] ACPI.sys
Device \Device\0000006c IRP_MJ_SYSTEM_CONTROL [F868CCB8] ACPI.sys
Device \Device\0000006c IRP_MJ_DEVICE_CHANGE [F868CCB8] ACPI.sys
Device \Device\0000006c IRP_MJ_QUERY_QUOTA [F868CCB8] ACPI.sys
Device \Device\0000006c IRP_MJ_SET_QUOTA [F868CCB8] ACPI.sys
Device \Device\0000006c IRP_MJ_PNP [F868CCB8] ACPI.sys
Device \Device\0000006c FastIoDetachDevice [F868D0D4] ACPI.sys
Device \Driver\srosa \Device\srosa IRP_MJ_CREATE 82A003E2
Device \Driver\srosa \Device\srosa IRP_MJ_CREATE_NAMED_PIPE 82A003E2
Device \Driver\srosa \Device\srosa IRP_MJ_CLOSE 82A003E2
Device \Driver\srosa \Device\srosa IRP_MJ_READ 82A003E2
Device \Driver\srosa \Device\srosa IRP_MJ_WRITE 82A003E2
Device \Driver\srosa \Device\srosa IRP_MJ_QUERY_INFORMATION 82A003E2
Device \Driver\srosa \Device\srosa IRP_MJ_SET_INFORMATION 82A003E2
Device \Driver\srosa \Device\srosa IRP_MJ_QUERY_EA 82A003E2
Device \Driver\srosa \Device\srosa IRP_MJ_SET_EA 82A003E2
Device \Driver\srosa \Device\srosa IRP_MJ_FLUSH_BUFFERS 82A003E2
Device \Driver\srosa \Device\srosa IRP_MJ_QUERY_VOLUME_INFORMATION 82A003E2
Device \Driver\srosa \Device\srosa IRP_MJ_SET_VOLUME_INFORMATION 82A003E2
Device \Driver\srosa \Device\srosa IRP_MJ_DIRECTORY_CONTROL 82A003E2
Device \Driver\srosa \Device\srosa IRP_MJ_FILE_SYSTEM_CONTROL 82A003E2
Device \Driver\srosa \Device\srosa IRP_MJ_DEVICE_CONTROL 82A003E2
Device \Driver\srosa \Device\srosa IRP_MJ_INTERNAL_DEVICE_CONTROL 82A003E2
Device \Driver\srosa \Device\srosa IRP_MJ_SHUTDOWN 82A003E2
Device \Driver\srosa \Device\srosa IRP_MJ_LOCK_CONTROL 82A003E2
Device \Driver\srosa \Device\srosa IRP_MJ_CLEANUP 82A003E2
Device \Driver\srosa \Device\srosa IRP_MJ_CREATE_MAILSLOT 82A003E2
Device \Driver\srosa \Device\srosa IRP_MJ_QUERY_SECURITY 82A003E2
Device \Driver\srosa \Device\srosa IRP_MJ_SET_SECURITY 82A003E2
Device \Driver\srosa \Device\srosa IRP_MJ_POWER 82A003E2
Device \Driver\srosa \Device\srosa IRP_MJ_SYSTEM_CONTROL 82A003E2
Device \Driver\srosa \Device\srosa IRP_MJ_DEVICE_CHANGE 82A003E2
Device \Driver\srosa \Device\srosa IRP_MJ_QUERY_QUOTA 82A003E2
Device \Driver\srosa \Device\srosa IRP_MJ_SET_QUOTA 82A003E2
Device \Driver\srosa \Device\srosa IRP_MJ_PNP 82A003E2
Device \Device\0000006d IRP_MJ_CREATE [F868CCB8] ACPI.sys
Device \Device\0000006d IRP_MJ_CREATE_NAMED_PIPE [F868CCB8] ACPI.sys
Device \Device\0000006d IRP_MJ_CLOSE [F868CCB8] ACPI.sys
Device \Device\0000006d IRP_MJ_READ [F868CCB8] ACPI.sys
Device \Device\0000006d IRP_MJ_WRITE [F868CCB8] ACPI.sys
Device \Device\0000006d IRP_MJ_QUERY_INFORMATION [F868CCB8] ACPI.sys
Device \Device\0000006d IRP_MJ_SET_INFORMATION [F868CCB8] ACPI.sys
Device \Device\0000006d IRP_MJ_QUERY_EA [F868CCB8] ACPI.sys
Device \Device\0000006d IRP_MJ_SET_EA [F868CCB8] ACPI.sys
Device \Device\0000006d IRP_MJ_FLUSH_BUFFERS [F868CCB8] ACPI.sys
Device \Device\0000006d IRP_MJ_QUERY_VOLUME_INFORMATION [F868CCB8] ACPI.sys
Device \Device\0000006d IRP_MJ_SET_VOLUME_INFORMATION [F868CCB8] ACPI.sys
Device \Device\0000006d IRP_MJ_DIRECTORY_CONTROL [F868CCB8] ACPI.sys
Device \Device\0000006d IRP_MJ_FILE_SYSTEM_CONTROL [F868CCB8] ACPI.sys
Device \Device\0000006d IRP_MJ_DEVICE_CONTROL [F868CCB8] ACPI.sys
Device \Device\0000006d IRP_MJ_INTERNAL_DEVICE_CONTROL [F868CCB8] ACPI.sys
Device \Device\0000006d IRP_MJ_SHUTDOWN [F868CCB8] ACPI.sys
Device \Device\0000006d IRP_MJ_LOCK_CONTROL [F868CCB8] ACPI.sys
Device \Device\0000006d IRP_MJ_CLEANUP [F868CCB8] ACPI.sys
Device \Device\0000006d IRP_MJ_CREATE_MAILSLOT [F868CCB8] ACPI.sys
Device \Device\0000006d IRP_MJ_QUERY_SECURITY [F868CCB8] ACPI.sys
Device \Device\0000006d IRP_MJ_SET_SECURITY [F868CCB8] ACPI.sys
Device \Device\0000006d IRP_MJ_POWER [F868CCB8] ACPI.sys
Device \Device\0000006d IRP_MJ_SYSTEM_CONTROL [F868CCB8] ACPI.sys
Device \Device\0000006d IRP_MJ_DEVICE_CHANGE [F868CCB8] ACPI.sys
Device \Device\0000006d IRP_MJ_QUERY_QUOTA [F868CCB8] ACPI.sys
Device \Device\0000006d IRP_MJ_SET_QUOTA [F868CCB8] ACPI.sys
Device \Device\0000006d IRP_MJ_PNP [F868CCB8] ACPI.sys
Device \Device\0000006d FastIoDetachDevice [F868D0D4] ACPI.sys
Device \Driver\Gpc \Device\Gpc IRP_MJ_CREATE [F7998886] msgpc.sys
Device \Driver\Gpc \Device\Gpc IRP_MJ_CREATE_NAMED_PIPE [F7998886] msgpc.sys
Device \Driver\Gpc \Device\Gpc IRP_MJ_CLOSE [F7998886] msgpc.sys
Device \Driver\Gpc \Device\Gpc IRP_MJ_READ [F7998886] msgpc.sys
Device \Driver\Gpc \Device\Gpc IRP_MJ_WRITE [F7998886] msgpc.sys
Device \Driver\Gpc \Device\Gpc IRP_MJ_QUERY_INFORMATION [F7998886] msgpc.sys
Device \Driver\Gpc \Device\Gpc IRP_MJ_SET_INFORMATION [F7998886] msgpc.sys
Device \Driver\Gpc \Device\Gpc IRP_MJ_QUERY_EA [F7998886] msgpc.sys
Device \Driver\Gpc \Device\Gpc IRP_MJ_SET_EA [F7998886] msgpc.sys
Device \Driver\Gpc \Device\Gpc IRP_MJ_FLUSH_BUFFERS [F7998886] msgpc.sys
Device \Driver\Gpc \Device\Gpc IRP_MJ_QUERY_VOLUME_INFORMATION [F7998886] msgpc.sys
Device \Driver\Gpc \Device\Gpc IRP_MJ_SET_VOLUME_INFORMATION [F7998886] msgpc.sys
Device \Driver\Gpc \Device\Gpc IRP_MJ_DIRECTORY_CONTROL [F7998886] msgpc.sys
Device \Driver\Gpc \Device\Gpc IRP_MJ_FILE_SYSTEM_CONTROL [F7998886] msgpc.sys
Device \Driver\Gpc \Device\Gpc IRP_MJ_DEVICE_CONTROL [F7998886] msgpc.sys
Device \Driver\Gpc \Device\Gpc IRP_MJ_INTERNAL_DEVICE_CONTROL [F7998886] msgpc.sys
Device \Driver\Gpc \Device\Gpc IRP_MJ_SHUTDOWN [F7998886] msgpc.sys
Device \Driver\Gpc \Device\Gpc IRP_MJ_LOCK_CONTROL [F7998886] msgpc.sys
Device \Driver\Gpc \Device\Gpc IRP_MJ_CLEANUP [F7998886] msgpc.sys
Device \Driver\Gpc \Device\Gpc IRP_MJ_CREATE_MAILSLOT [F7998886] msgpc.sys
Device \Driver\Gpc \Device\Gpc IRP_MJ_QUERY_SECURITY [F7998886] msgpc.sys
Device \Driver\Gpc \Device\Gpc IRP_MJ_SET_SECURITY [F7998886] msgpc.sys
Device \Driver\Gpc \Device\Gpc IRP_MJ_POWER [F7998886] msgpc.sys
Device \Driver\Gpc \Device\Gpc IRP_MJ_SYSTEM_CONTROL [F7998886] msgpc.sys
Device \Driver\Gpc \Device\Gpc IRP_MJ_DEVICE_CHANGE [F7998886] msgpc.sys
Device \Driver\Gpc \Device\Gpc IRP_MJ_QUERY_QUOTA [F7998886] msgpc.sys
Device \Driver\Gpc \Device\Gpc IRP_MJ_SET_QUOTA [F7998886] msgpc.sys
Device \Driver\Gpc \Device\Gpc IRP_MJ_PNP [F7998886] msgpc.sys

---- Files - GMER 1.0.13 ----

File C:\Documents and Settings\Riccardo\Dati applicazioni\Symantec\Shared
File C:\Documents and Settings\Riccardo\Dati applicazioni\Symantec\Shared\MyProfile.UserProfile
File C:\Documents and Settings\Riccardo\Dati applicazioni\Symantec\Shared\Sessions
File C:\Documents and Settings\Riccardo\Dati applicazioni\Symantec\Shared\Sessions\20060501094334246.liveReg
File C:\Programmi\Movie Maker\Shared
File C:\Programmi\Movie Maker\Shared\Empty.txt
File C:\Programmi\Movie Maker\Shared\Filters.xml
File C:\Programmi\Movie Maker\Shared\news.png
File C:\Programmi\Movie Maker\Shared\paint.png
File C:\Programmi\Movie Maker\Shared\Profiles
File C:\Programmi\Movie Maker\Shared\Profiles\Blank.txt
File C:\Programmi\Movie Maker\Shared\Sample1.jpg
File C:\Programmi\Movie Maker\Shared\Sample2.jpg
File C:\Programmi\Skype\Toolbars\Shared
File C:\Programmi\Skype\Toolbars\Shared\SPhoneParser.dll
File C:\WINDOWS\ime\shared
File C:\WINDOWS\ime\shared\res
File C:\WINDOWS\system32\drivers\hidr.exe
File C:\WINDOWS\system32\drivers\srosa.sys

---- EOF - GMER 1.0.13 ----

--------------------------------------------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:20:55, on 27/08/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\Programmi\Java\jre1.6.0_02\bin\jusched.exe
C:\Programmi\ScanSoft\OmniPageSE2.0\OpwareSE2.exe
C:\WINDOWS\vsnpstd3.exe
C:\Programmi\iTunes\iTunesHelper.exe
C:\Programmi\MSN Messenger\msnmsgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmi\Skype\Phone\Skype.exe
C:\Programmi\eMule\emule.exe
C:\Programmi\File comuni\Microsoft Shared\VS7DEBUG\mdm.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmi\iPod\bin\iPodService.exe
C:\Programmi\Skype\Plugin Manager\skypePM.exe
C:\Programmi\MSN Messenger\usnsvc.exe
C:\Programmi\JackSMS\JackSMS.exe
C:\Programmi\Outlook Express\msimn.exe
C:\Programmi\Internet Explorer\IEXPLORE.EXE
C:\Programmi\MSN Messenger\livecall.exe
C:\WINDOWS\Explorer.EXE
C:\Programmi\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Documents and Settings\Riccardo\Desktop\AntiRootkit\PAVARK.exe
C:\Documents and Settings\Riccardo\Desktop\gmer\gmer.exe
C:\Documents and Settings\Riccardo\Desktop\HiJackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: Supporto di collegamento per Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Programmi\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O3 - Toolbar: LEC - {1DBAB667-A486-421e-AFE4-CF07DD0088E5} - C:\Programmi\Power Translator 10\Applications\LEC IE Translation Extension.dll
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [pdfFactory Pro Dispatcher v2] "C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\fppdis2a.exe" /runonce
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programmi\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [OpwareSE2] "C:\Programmi\ScanSoft\OmniPageSE2.0\OpwareSE2.exe"
O4 - HKLM\..\Run: [snpstd3] C:\WINDOWS\vsnpstd3.exe
O4 - HKLM\..\Run: [.nvsvc] C:\WINDOWS\system\smss.exe /w
O4 - HKLM\..\Run: [FASTTRACKPassepartout] C:\WINDOWS\Passepartout.exe -A *fnV3Fw0aY4aWyOX4fTZtDIpbEzfWwMHFMDRjjMyLUzZWzMSZLXByTwjZItZWzfWULC5tm10YV8ZW4LX5ZXN0XwpaxtbXQfWZYDkpXJgcN8YnzMWVZXwzXwgLBtcWhf25cCVvn1jcR8b3vL2BdX5hXwkbRtbS8fy1MHBkjFwbV1Z38aXdaWIuH5gbRkdG0aW9cW4hDNgZopdCvIG5LGVu3VtZB1cXhcGRcm8838gUNgY3lc2xcG9GGVtfFycEyIG5dHx8GVlT9ucn1I3wdHNtCRpf5ldE0bm5cX88mBgLFvZXmIGwZGktmNgflvbCjb31YXR8WB0LRsbX2ZywYXB0WNtM5zaXjaWwZX5xSZ1L5vdDuIGEZGlsXR8MRpLS8IXwMHxxTNoLAldDyaHJNSR8TBwLNtOX8aiwMW8tj5vfN1ZC8dn1MGJ8nkldwgZXtYSBfW14C5kL1jZm8aWVLGZ4XUhZwgdXtbWxfmxTD90fguLD5IXMOGV4TNwNAvZjybGFNnF8DN0TElZnyYSwN31i
O4 - HKLM\..\Run: [iTunesHelper] "C:\Programmi\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Synchronization Manager] %SystemRoot%\system32\mobsync.exe /logon
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Programmi\File comuni\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmi\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [FASTTRACKPassepartout] C:\WINDOWS\Passepartout.exe -A *fnV3Fw0aY4aWyOX4fTZtDIpbEzfWwMHFMDRjjMyLUzZWzMSZLXByTwjZItZWzfWULC5tm10YV8ZW4LX5ZXN0XwpaxtbXQfWZYDkpXJgcN8YnzMWVZXwzXwgLBtcWhf25cCVvn1jcR8b3vL2BdX5hXwkbRtbS8fy1MHBkjFwbV1Z38aXdaWIuH5gbRkdG0aW9cW4hDNgZopdCvIG5LGVu3VtZB1cXhcGRcm8838gUNgY3lc2xcG9GGVtfFycEyIG5dHx8GVlT9ucn1I3wdHNtCRpf5ldE0bm5cX88mBgLFvZXmIGwZGktmNgflvbCjb31YXR8WB0LRsbX2ZywYXB0WNtM5zaXjaWwZX5xSZ1L5vdDuIGEZGlsXR8MRpLS8IXwMHxxTNoLAldDyaHJNSR8TBwLNtOX8aiwMW8tj5vfN1ZC8dn1MGJ8nkldwgZXtYSBfW14C5kL1jZm8aWVLGZ4XUhZwgdXtbWxfmxTD90fguLD5IXMOGV4TNwNAvZjybGFNnF8DN0TElZnyYSwN31i
O4 - HKCU\..\Run: [msnmsgr] "C:\Programmi\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Skype] "C:\Programmi\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [eMuleAutoStart] C:\Programmi\eMule\emule.exe -AutoStart
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Programmi\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - Startup: Adobe Gamma.lnk = C:\Programmi\File comuni\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: Adobe Reader Synchronizer.lnk = C:\Programmi\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O4 - Startup: Avvio veloce di Adobe Reader.lnk = C:\Programmi\Adobe\Reader 8.0\Reader\reader_sl.exe
O4 - Global Startup: Adobe Gamma.lnk = C:\Programmi\File comuni\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Programmi\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O4 - Global Startup: Avvio veloce di Adobe Reader.lnk = C:\Programmi\Adobe\Reader 8.0\Reader\reader_sl.exe
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O16 - DPF: {39D420B3-E0EB-424C-89AA-C24F8DE7EF79} (KooPlayer Control) - http://www.coolstreaming.us/webtv/tvkoo/KooPlayer.ocx
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/ge...sh/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{90FBF2B7-80AB-48E0-8E9F-48F8D8057869}: NameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{CCC330E8-5902-4728-859D-D66F78CA6F12}: NameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{DE89383E-EA08-43B3-8E5E-7C54DC0883D3}: NameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{FA345D17-1D10-4503-BC07-F7671BCD9363}: NameServer = 192.168.0.1
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FILECO~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Programmi\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Programmi\File comuni\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Unknown owner - C:\Programmi\AntiVir PersonalEdition Classic\sched.exe (file missing)
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Unknown owner - C:\Programmi\AntiVir PersonalEdition Classic\avguard.exe (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Programmi\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programmi\File comuni\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Programmi\iPod\bin\iPodService.exe
O23 - Service: LEC TranslateDotNet Server - Language Engineering Corporation, LLC - C:\Programmi\Power Translator 10\LogoMedia TranslateDotNet Server.exe
O23 - Service: NBService - Nero AG - C:\Programmi\Nero\Nero 7\Nero BackItUp\NBService.exe

--
End of file - 7985 bytes
__________________
La pazzia da felicità alla propria vita!!!
Charlie795 è offline   Rispondi citando il messaggio o parte di esso
Old 27-08-2007, 23:50   #8
Charlie795
Member
 
L'Avatar di Charlie795
 
Iscritto dal: Nov 2002
Città: Migazzone (TN)
Messaggi: 119
Del file in tsk neanche l'ombra

GMER 1.0.13.12551 - http://www.gmer.net
Rootkit scan 2007-08-27 23:47:15
Windows 5.1.2600 Service Pack 2


---- System - GMER 1.0.13 ----

SSDT 829F297E SSDT[37]
SSDT 829F2CC2 SSDT[71]
SSDT 829F2A0E SSDT[73]
SSDT 829F2F62 SSDT[145]
SSDT 829F3330 SSDT[160]
SSDT 829F3108 SSDT[173]
SSDT \WINDOWS\system32\ntoskrnl.exe [80586691] PUSH 0000009C; RET SSDT[0]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[1]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[2]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[3]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[4]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[5]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[6]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[7]
SSDT \WINDOWS\system32\ntoskrnl.exe [8057641C] PUSH 000000B4; RET SSDT[8]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[9]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[10]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[11]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[12]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[13]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[14]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[15]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[16]
SSDT \WINDOWS\system32\ntoskrnl.exe [80568777] PUSH 00000104; RET SSDT[17]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[18]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[19]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[20]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[21]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[22]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[23]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[24]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[25]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[26]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[27]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[28]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[29]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[30]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[31]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[32]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[33]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[34]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[35]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[36]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[38]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[39]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[40]
SSDT \WINDOWS\system32\ntoskrnl.exe [8056F063] PUSH 000000C4; RET SSDT[41]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[42]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[43]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[44]
SSDT \WINDOWS\system32\ntoskrnl.exe [805BD9D8] PUSH 000000DC; RET SSDT[45]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[46]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[47]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[48]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[49]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[50]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[51]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[52]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[53]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[54]
SSDT \WINDOWS\system32\ntoskrnl.exe [805AAD09] PUSH 000000BC; RET SSDT[55]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[56]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[57]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[58]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[59]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[60]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[62]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[63]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[64]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[65]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[66]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[67]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[68]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[69]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[72]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[74]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[75]
SSDT \WINDOWS\system32\ntoskrnl.exe [80598095] PUSH 000000B0; RET SSDT[76]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[77]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[78]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[79]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[80]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[81]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[82]
SSDT \WINDOWS\system32\ntoskrnl.exe [80568FC4] PUSH 00000080; RET SSDT[83]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[84]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[85]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[86]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[87]
SSDT \WINDOWS\system32\ntoskrnl.exe [8053B0EF] PUSH 0000046C; RET SSDT[88]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[89]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[90]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[91]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[92]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[93]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[94]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[95]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[96]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[97]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[98]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[99]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[100]
SSDT \WINDOWS\system32\ntoskrnl.exe [805B2EFD] PUSH 000008B4; RET SSDT[101]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[102]
SSDT \WINDOWS\system32\ntoskrnl.exe [805B236A] PUSH 00000080; RET SSDT[103]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[104]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[105]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[106]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[107]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[108]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[110]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[111]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[112]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[113]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[114]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[115]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[116]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[117]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[118]
SSDT \WINDOWS\system32\ntoskrnl.exe [805684D5] PUSH 00000094; RET SSDT[119]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[120]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[121]
SSDT \WINDOWS\system32\ntoskrnl.exe [8057459E] PUSH 000000C4; RET SSDT[122]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[123]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[124]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[125]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[126]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[127]
SSDT \WINDOWS\system32\ntoskrnl.exe [80597C0A] PUSH 000000C0; RET SSDT[128]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[129]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[130]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[131]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[132]
SSDT \WINDOWS\system32\ntoskrnl.exe [8059E8D7] PUSH 00000340; RET SSDT[133]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[134]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[135]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[136]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[137]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[138]
SSDT \WINDOWS\system32\ntoskrnl.exe [80571ECB] PUSH 00000144; RET SSDT[139]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[142]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[143]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[144]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[146]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[147]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[148]
SSDT \WINDOWS\system32\ntoskrnl.exe [8057B349] PUSH 00000148; RET SSDT[149]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[150]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[151]
SSDT \WINDOWS\system32\ntoskrnl.exe [805896BC] PUSH 00000160; RET SSDT[152]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[153]
SSDT \WINDOWS\system32\ntoskrnl.exe [8056C537] PUSH 000001E0; RET SSDT[154]
SSDT \WINDOWS\system32\ntoskrnl.exe [80566D06] PUSH 00000090; RET SSDT[155]
SSDT \WINDOWS\system32\ntoskrnl.exe [8056DEAB] PUSH 00000100; RET SSDT[156]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[157]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[158]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[159]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[161]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[162]
SSDT \WINDOWS\system32\ntoskrnl.exe [80587E10] PUSH 000000BC; RET SSDT[163]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[164]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[165]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[166]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[167]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[168]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[169]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[170]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[171]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[172]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[174]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[175]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[176]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[177]
SSDT \WINDOWS\system32\ntoskrnl.exe [8056CBF3] PUSH 00000084; RET SSDT[178]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[179]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[180]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[181]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[182]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[183]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[184]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[185]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[186]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[187]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[188]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[189]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[190]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[191]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[192]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[193]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[194]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[195]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[196]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[197]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[198]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[199]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[200]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[201]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[202]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[203]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[204]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[205]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[206]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[207]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[208]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[209]
SSDT \WINDOWS\system32\ntoskrnl.exe [80585D7D] PUSH 00000084; RET SSDT[210]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[213]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[214]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[215]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[216]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[217]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[218]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[219]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[220]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[221]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[222]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[223]
SSDT \WINDOWS\system32\ntoskrnl.exe [80579E7E] PUSH 00000088; RET SSDT[224]
SSDT \WINDOWS\system32\ntoskrnl.exe [805AD4EE] PUSH 0000028C; RET SSDT[225]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[226]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[227]
SSDT \WINDOWS\system32\ntoskrnl.exe [8056C608] PUSH 0000011C; RET SSDT[228]
SSDT \WINDOWS\system32\ntoskrnl.exe [80576E5D] PUSH 000000EC; RET SSDT[229]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[230]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[231]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[232]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[233]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[234]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[235]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[236]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[237]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[238]
SSDT \WINDOWS\system32\ntoskrnl.exe [805A5110] PUSH 00000174; RET SSDT[240]
SSDT \WINDOWS\system32\ntoskrnl.exe [8066608F] PUSH 000000AC; RET SSDT[241]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[242]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[243]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[244]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[245]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[246]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[247]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[248]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[249]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[250]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[251]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[252]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[253]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[254]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[255]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[256]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[257]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[258]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[259]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[260]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[261]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[262]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[263]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[264]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[265]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[266]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[267]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[268]
SSDT \WINDOWS\system32\ntoskrnl.exe [80658DD0] PUSH 000000A0; RET SSDT[269]
SSDT \WINDOWS\system32\ntoskrnl.exe [805662B1] PUSH 0000034C; RET SSDT[270]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[271]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[272]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[273]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[274]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[275]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[276]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[277]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[278]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[279]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[280]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[281]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[282]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[283]

---- Kernel code sections - GMER 1.0.13 ----

? C:\WINDOWS\system32\ntoskrnl.exe Impossibile trovare il file specificato.
? System32\Drivers\hiber_WMILIB.SYS Impossibile trovare il file specificato.

---- User code sections - GMER 1.0.13 ----

.text C:\Programmi\MSN Messenger\msnmsgr.exe[1768] kernel32.dll!LoadResource 7C809FB5 7 Bytes JMP 28001B60 C:\Programmi\Messenger Plus! Live\MsgPlusLive1.dll
.text C:\Programmi\MSN Messenger\msnmsgr.exe[1768] kernel32.dll!FindResourceExW 7C80AC88 7 Bytes JMP 28001AD0 C:\Programmi\Messenger Plus! Live\MsgPlusLive1.dll
.text C:\Programmi\MSN Messenger\msnmsgr.exe[1768] kernel32.dll!FindResourceW 7C80BBCE 7 Bytes JMP 28001A50 C:\Programmi\Messenger Plus! Live\MsgPlusLive1.dll
.text C:\Programmi\MSN Messenger\msnmsgr.exe[1768] kernel32.dll!SizeofResource 7C80BC69 7 Bytes JMP 28001C10 C:\Programmi\Messenger Plus! Live\MsgPlusLive1.dll
.text C:\Programmi\MSN Messenger\msnmsgr.exe[1768] kernel32.dll!LockResource 7C80CC97 5 Bytes JMP 28001CC0 C:\Programmi\Messenger Plus! Live\MsgPlusLive1.dll
.text C:\Programmi\MSN Messenger\msnmsgr.exe[1768] kernel32.dll!CreateEventA 7C8308AD 5 Bytes JMP 28001830 C:\Programmi\Messenger Plus! Live\MsgPlusLive1.dll
.text C:\Programmi\MSN Messenger\msnmsgr.exe[1768] kernel32.dll!SetUnhandledExceptionFilter 7C84467D 5 Bytes JMP 004DE392 C:\Programmi\MSN Messenger\msnmsgr.exe
.text C:\Programmi\MSN Messenger\msnmsgr.exe[1768] ADVAPI32.dll!CryptDeriveKey 77F5A685 7 Bytes JMP 28001000 C:\Programmi\Messenger Plus! Live\MsgPlusLive1.dll
.text C:\Programmi\MSN Messenger\msnmsgr.exe[1768] ADVAPI32.dll!CryptDecrypt 77F5A7B1 2 Bytes JMP 28001050 C:\Programmi\Messenger Plus! Live\MsgPlusLive1.dll
.text C:\Programmi\MSN Messenger\msnmsgr.exe[1768] ADVAPI32.dll!CryptDecrypt + 3 77F5A7B4 4 Bytes [ 0A, B0, CC, CC ]
.text C:\Programmi\MSN Messenger\msnmsgr.exe[1768] USER32.dll!PeekMessageW 7E39929B 5 Bytes JMP 28003A60 C:\Programmi\Messenger Plus! Live\MsgPlusLive1.dll
.text C:\Programmi\MSN Messenger\msnmsgr.exe[1768] USER32.dll!CreateWindowExW 7E39FC25 5 Bytes JMP 28003370 C:\Programmi\Messenger Plus! Live\MsgPlusLive1.dll
.text C:\Programmi\MSN Messenger\msnmsgr.exe[1768] USER32.dll!SetWindowRgn 7E39FFB2 7 Bytes JMP 28004DB0 C:\Programmi\Messenger Plus! Live\MsgPlusLive1.dll
.text C:\Programmi\MSN Messenger\msnmsgr.exe[1768] USER32.dll!CreateDialogParamW 7E3A7D4F 5 Bytes JMP 28004E50 C:\Programmi\Messenger Plus! Live\MsgPlusLive1.dll
.text C:\Programmi\MSN Messenger\msnmsgr.exe[1768] USER32.dll!SetWindowPlacement 7E3AD84C 5 Bytes JMP 28004CD0 C:\Programmi\Messenger Plus! Live\MsgPlusLive1.dll
.text C:\Programmi\MSN Messenger\msnmsgr.exe[1768] USER32.dll!MessageBoxIndirectW 7E3E62AB 5 Bytes JMP 28004FB0 C:\Programmi\Messenger Plus! Live\MsgPlusLive1.dll
.text C:\Programmi\MSN Messenger\msnmsgr.exe[1768] USER32.dll!TrackPopupMenuEx 7E3ECD28 5 Bytes JMP 28004230 C:\Programmi\Messenger Plus! Live\MsgPlusLive1.dll
.text C:\Programmi\MSN Messenger\msnmsgr.exe[1768] WS2_32.dll!send 71A3428A 5 Bytes JMP 28009120 C:\Programmi\Messenger Plus! Live\MsgPlusLive1.dll
.text C:\Programmi\MSN Messenger\msnmsgr.exe[1768] WS2_32.dll!WSARecv 71A34318 5 Bytes JMP 28008F10 C:\Programmi\Messenger Plus! Live\MsgPlusLive1.dll
.text C:\Programmi\MSN Messenger\msnmsgr.exe[1768] WS2_32.dll!recv 71A3615A 5 Bytes JMP 28008D80 C:\Programmi\Messenger Plus! Live\MsgPlusLive1.dll
.text C:\Programmi\MSN Messenger\msnmsgr.exe[1768] WS2_32.dll!WSASend 71A36233 5 Bytes JMP 280092A0 C:\Programmi\Messenger Plus! Live\MsgPlusLive1.dll
.text C:\Programmi\MSN Messenger\msnmsgr.exe[1768] WS2_32.dll!closesocket 71A39639 5 Bytes JMP 280094B0 C:\Programmi\Messenger Plus! Live\MsgPlusLive1.dll
.text C:\Programmi\MSN Messenger\msnmsgr.exe[1768] SHELL32.dll!Shell_NotifyIconW 7CA31B6A 5 Bytes JMP 28002B50 C:\Programmi\Messenger Plus! Live\MsgPlusLive1.dll
.text C:\Programmi\MSN Messenger\msnmsgr.exe[1768] ole32.dll!CoInitializeEx 774CEF6B 5 Bytes JMP 28001D20 C:\Programmi\Messenger Plus! Live\MsgPlusLive1.dll
.text C:\Programmi\MSN Messenger\msnmsgr.exe[1768] ole32.dll!CoRegisterClassObject 774E8720 5 Bytes JMP 28001E20 C:\Programmi\Messenger Plus! Live\MsgPlusLive1.dll
.text C:\Programmi\MSN Messenger\msnmsgr.exe[1768] WININET.dll!InternetCloseHandle 4330DA89 5 Bytes JMP 28007FF0 C:\Programmi\Messenger Plus! Live\MsgPlusLive1.dll
.text C:\Programmi\MSN Messenger\msnmsgr.exe[1768] WININET.dll!HttpOpenRequestA 43314331 5 Bytes JMP 28007D10 C:\Programmi\Messenger Plus! Live\MsgPlusLive1.dll
.text C:\Programmi\MSN Messenger\msnmsgr.exe[1768] WININET.dll!InternetReadFile 4331ABBC 5 Bytes JMP 28007E70 C:\Programmi\Messenger Plus! Live\MsgPlusLive1.dll
.text C:\Programmi\MSN Messenger\msnmsgr.exe[1768] WININET.dll!HttpSendRequestA 4331CD48 5 Bytes JMP 28007F40 C:\Programmi\Messenger Plus! Live\MsgPlusLive1.dll
.text C:\Programmi\Internet Explorer\IEXPLORE.EXE[3692] USER32.dll!DialogBoxParamW 7E3A555F 5 Bytes JMP 435FF2A1 C:\WINDOWS\system32\IEFRAME.dll
.text C:\Programmi\Internet Explorer\IEXPLORE.EXE[3692] USER32.dll!DialogBoxIndirectParamW 7E3B2032 5 Bytes JMP 43790297 C:\WINDOWS\system32\IEFRAME.dll
.text C:\Programmi\Internet Explorer\IEXPLORE.EXE[3692] USER32.dll!MessageBoxIndirectA 7E3BA04A 5 Bytes JMP 43790218 C:\WINDOWS\system32\IEFRAME.dll
.text C:\Programmi\Internet Explorer\IEXPLORE.EXE[3692] USER32.dll!DialogBoxParamA 7E3BB10C 5 Bytes JMP 4379025C C:\WINDOWS\system32\IEFRAME.dll
.text C:\Programmi\Internet Explorer\IEXPLORE.EXE[3692] USER32.dll!MessageBoxExW 7E3D05D8 5 Bytes JMP 437901A4 C:\WINDOWS\system32\IEFRAME.dll
.text C:\Programmi\Internet Explorer\IEXPLORE.EXE[3692] USER32.dll!MessageBoxExA 7E3D05FC 5 Bytes JMP 437901DE C:\WINDOWS\system32\IEFRAME.dll
.text C:\Programmi\Internet Explorer\IEXPLORE.EXE[3692] USER32.dll!DialogBoxIndirectParamA 7E3D6B50 5 Bytes JMP 437902D2 C:\WINDOWS\system32\IEFRAME.dll
.text C:\Programmi\Internet Explorer\IEXPLORE.EXE[3692] USER32.dll!MessageBoxIndirectW 7E3E62AB 5 Bytes JMP 4362164E C:\WINDOWS\system32\IEFRAME.dll

AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_CREATE [F283F78C] aswMon2.SYS
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_CREATE_NAMED_PIPE [F283F78C] aswMon2.SYS
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_CLOSE [F283F78C] aswMon2.SYS
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_READ [F283F78C] aswMon2.SYS
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_WRITE [F283F78C] aswMon2.SYS
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_INFORMATION [F283F78C] aswMon2.SYS
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_SET_INFORMATION [F283F78C] aswMon2.SYS
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_EA [F283F78C] aswMon2.SYS
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_SET_EA [F283F78C] aswMon2.SYS
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_FLUSH_BUFFERS [F283F78C] aswMon2.SYS
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_VOLUME_INFORMATION [F283F78C] aswMon2.SYS
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_SET_VOLUME_INFORMATION [F283F78C] aswMon2.SYS
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_DIRECTORY_CONTROL [F283F78C] aswMon2.SYS
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_FILE_SYSTEM_CONTROL [F2840B66] aswMon2.SYS
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_DEVICE_CONTROL [F283F78C] aswMon2.SYS
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_INTERNAL_DEVICE_CONTROL [F283F78C] aswMon2.SYS
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_SHUTDOWN [F283F78C] aswMon2.SYS
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_LOCK_CONTROL [F283F78C] aswMon2.SYS
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_CLEANUP [F283F78C] aswMon2.SYS
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_CREATE_MAILSLOT [F283F78C] aswMon2.SYS
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_SECURITY [F283F78C] aswMon2.SYS
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_SET_SECURITY [F283F78C] aswMon2.SYS
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_POWER [F283F78C] aswMon2.SYS
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_SYSTEM_CONTROL [F283F78C] aswMon2.SYS
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_DEVICE_CHANGE [F283F78C] aswMon2.SYS
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_QUOTA [F283F78C] aswMon2.SYS
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_SET_QUOTA [F283F78C] aswMon2.SYS
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_CREATE [F3545CCC] SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_CREATE_NAMED_PIPE [F3545CCC] SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_CLOSE [F3545CCC] SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_READ [F3545CCC] SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_WRITE [F3545CCC] SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_QUERY_INFORMATION [F3545CCC] SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_SET_INFORMATION [F3545CCC] SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_QUERY_EA [F3545CCC] SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_SET_EA [F3545CCC] SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_FLUSH_BUFFERS [F3545CCC] SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_QUERY_VOLUME_INFORMATION [F3545CCC] SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_SET_VOLUME_INFORMATION [F3545CCC] SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_DIRECTORY_CONTROL [F3545CCC] SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_FILE_SYSTEM_CONTROL [F3545CCC] SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_DEVICE_CONTROL [F3545CCC] SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_INTERNAL_DEVICE_CONTROL [F3545CCC] SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_SHUTDOWN [F3545CCC] SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_LOCK_CONTROL [F3545CCC] SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_CLEANUP [F3545CCC] SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_CREATE_MAILSLOT [F3545CCC] SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_QUERY_SECURITY [F3545CCC] SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_SET_SECURITY [F3545CCC] SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_POWER [F3545CCC] SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_SYSTEM_CONTROL [F3545CCC] SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_DEVICE_CHANGE [F3545CCC] SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_QUERY_QUOTA [F3545CCC] SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_SET_QUOTA [F3545CCC] SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_CREATE [F8AA5970] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_CREATE_NAMED_PIPE [F8AA5970] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_CLOSE [F8AA5970] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_READ [F8AA5970] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_WRITE [F8AA5970] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_QUERY_INFORMATION [F8AA5970] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_SET_INFORMATION [F8AA5970] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_QUERY_EA [F8AA5970] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_SET_EA [F8AA5970] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_FLUSH_BUFFERS [F8AA5970] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_QUERY_VOLUME_INFORMATION [F8AA5970] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_SET_VOLUME_INFORMATION [F8AA5970] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_DIRECTORY_CONTROL [F8AA5970] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_FILE_SYSTEM_CONTROL [F8AA5970] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_DEVICE_CONTROL [F8AA5970] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_INTERNAL_DEVICE_CONTROL [F8AA533C] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_SHUTDOWN [F8AA5970] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_LOCK_CONTROL [F8AA5970] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_CLEANUP [F8AA5970] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_CREATE_MAILSLOT [F8AA5970] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_QUERY_SECURITY [F8AA5970] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_SET_SECURITY [F8AA5970] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_POWER [F8AA5970] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_SYSTEM_CONTROL [F8AA5970] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_DEVICE_CHANGE [F8AA5970] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_QUERY_QUOTA [F8AA5970] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_SET_QUOTA [F8AA5970] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_CREATE [F8AA5970] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_CREATE_NAMED_PIPE [F8AA5970] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_CLOSE [F8AA5970] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_READ [F8AA5970] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_WRITE [F8AA5970] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_QUERY_INFORMATION [F8AA5970] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_SET_INFORMATION [F8AA5970] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_QUERY_EA [F8AA5970] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_SET_EA [F8AA5970] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_FLUSH_BUFFERS [F8AA5970] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_QUERY_VOLUME_INFORMATION [F8AA5970] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_SET_VOLUME_INFORMATION [F8AA5970] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_DIRECTORY_CONTROL [F8AA5970] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_FILE_SYSTEM_CONTROL [F8AA5970] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_DEVICE_CONTROL [F8AA5970] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_INTERNAL_DEVICE_CONTROL [F8AA533C] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_SHUTDOWN [F8AA5970] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_LOCK_CONTROL [F8AA5970] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_CLEANUP [F8AA5970] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_CREATE_MAILSLOT [F8AA5970] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_QUERY_SECURITY [F8AA5970] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_SET_SECURITY [F8AA5970] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_POWER [F8AA5970] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_SYSTEM_CONTROL [F8AA5970] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_DEVICE_CHANGE [F8AA5970] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_QUERY_QUOTA [F8AA5970] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_SET_QUOTA [F8AA5970] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_CREATE [F3545CCC] SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_CREATE_NAMED_PIPE [F3545CCC] SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_CLOSE [F3545CCC] SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_READ [F3545CCC] SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_WRITE [F3545CCC] SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_QUERY_INFORMATION [F3545CCC] SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_SET_INFORMATION [F3545CCC] SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_QUERY_EA [F3545CCC] SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_SET_EA [F3545CCC] SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_FLUSH_BUFFERS [F3545CCC] SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_QUERY_VOLUME_INFORMATION [F3545CCC] SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_SET_VOLUME_INFORMATION [F3545CCC] SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_DIRECTORY_CONTROL [F3545CCC] SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_FILE_SYSTEM_CONTROL [F3545CCC] SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_DEVICE_CONTROL [F3545CCC] SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_INTERNAL_DEVICE_CONTROL [F3545CCC] SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_SHUTDOWN [F3545CCC] SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_LOCK_CONTROL [F3545CCC] SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_CLEANUP [F3545CCC] SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_CREATE_MAILSLOT [F3545CCC] SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_QUERY_SECURITY [F3545CCC] SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_SET_SECURITY [F3545CCC] SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_POWER [F3545CCC] SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_SYSTEM_CONTROL [F3545CCC] SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_DEVICE_CHANGE [F3545CCC] SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_QUERY_QUOTA [F3545CCC] SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_SET_QUOTA [F3545CCC] SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_CREATE [F8AA5970] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_CREATE_NAMED_PIPE [F8AA5970] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_CLOSE [F8AA5970] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_READ [F8AA5970] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_WRITE [F8AA5970] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_QUERY_INFORMATION [F8AA5970] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_SET_INFORMATION [F8AA5970] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_QUERY_EA [F8AA5970] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_SET_EA [F8AA5970] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_FLUSH_BUFFERS [F8AA5970] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_QUERY_VOLUME_INFORMATION [F8AA5970] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_SET_VOLUME_INFORMATION [F8AA5970] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_DIRECTORY_CONTROL [F8AA5970] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_FILE_SYSTEM_CONTROL [F8AA5970] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_DEVICE_CONTROL [F8AA5970] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_INTERNAL_DEVICE_CONTROL [F8AA533C] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_SHUTDOWN [F8AA5970] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_LOCK_CONTROL [F8AA5970] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_CLEANUP [F8AA5970] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_CREATE_MAILSLOT [F8AA5970] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_QUERY_SECURITY [F8AA5970] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_SET_SECURITY [F8AA5970] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_POWER [F8AA5970] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_SYSTEM_CONTROL [F8AA5970] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_DEVICE_CHANGE [F8AA5970] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_QUERY_QUOTA [F8AA5970] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_SET_QUOTA [F8AA5970] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_CREATE [F3545CCC] SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_CREATE_NAMED_PIPE [F3545CCC] SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_CLOSE [F3545CCC] SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_READ [F3545CCC] SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_WRITE [F3545CCC] SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_QUERY_INFORMATION [F3545CCC] SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_SET_INFORMATION [F3545CCC] SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_QUERY_EA [F3545CCC] SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_SET_EA [F3545CCC] SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_FLUSH_BUFFERS [F3545CCC] SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_QUERY_VOLUME_INFORMATION [F3545CCC] SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_SET_VOLUME_INFORMATION [F3545CCC] SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_DIRECTORY_CONTROL [F3545CCC] SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_FILE_SYSTEM_CONTROL [F3545CCC] SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_DEVICE_CONTROL [F3545CCC] SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_INTERNAL_DEVICE_CONTROL [F3545CCC] SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_SHUTDOWN [F3545CCC] SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_LOCK_CONTROL [F3545CCC] SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_CLEANUP [F3545CCC] SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_CREATE_MAILSLOT [F3545CCC] SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_QUERY_SECURITY [F3545CCC] SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_SET_SECURITY [F3545CCC] SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_POWER [F3545CCC] SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_SYSTEM_CONTROL [F3545CCC] SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_DEVICE_CHANGE [F3545CCC] SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_QUERY_QUOTA [F3545CCC] SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_SET_QUOTA [F3545CCC] SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_CREATE [F8AA5970] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_CREATE_NAMED_PIPE [F8AA5970] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_CLOSE [F8AA5970] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_READ [F8AA5970] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_WRITE [F8AA5970] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_QUERY_INFORMATION [F8AA5970] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_SET_INFORMATION [F8AA5970] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_QUERY_EA [F8AA5970] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_SET_EA [F8AA5970] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_FLUSH_BUFFERS [F8AA5970] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_QUERY_VOLUME_INFORMATION [F8AA5970] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_SET_VOLUME_INFORMATION [F8AA5970] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_DIRECTORY_CONTROL [F8AA5970] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_FILE_SYSTEM_CONTROL [F8AA5970] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_DEVICE_CONTROL [F8AA5970] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_INTERNAL_DEVICE_CONTROL [F8AA533C] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_SHUTDOWN [F8AA5970] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_LOCK_CONTROL [F8AA5970] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_CLEANUP [F8AA5970] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_CREATE_MAILSLOT [F8AA5970] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_QUERY_SECURITY [F8AA5970] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_SET_SECURITY [F8AA5970] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_POWER [F8AA5970] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_SYSTEM_CONTROL [F8AA5970] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_DEVICE_CHANGE [F8AA5970] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_QUERY_QUOTA [F8AA5970] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_SET_QUOTA [F8AA5970] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_CREATE [F3545CCC] SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_CREATE_NAMED_PIPE [F3545CCC] SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_CLOSE [F3545CCC] SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_READ [F3545CCC] SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_WRITE [F3545CCC] SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_QUERY_INFORMATION [F3545CCC] SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_SET_INFORMATION [F3545CCC] SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_QUERY_EA [F3545CCC] SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_SET_EA [F3545CCC] SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_FLUSH_BUFFERS [F3545CCC] SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_QUERY_VOLUME_INFORMATION [F3545CCC] SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_SET_VOLUME_INFORMATION [F3545CCC] SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_DIRECTORY_CONTROL [F3545CCC] SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_FILE_SYSTEM_CONTROL [F3545CCC] SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_DEVICE_CONTROL [F3545CCC] SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_INTERNAL_DEVICE_CONTROL [F3545CCC] SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_SHUTDOWN [F3545CCC] SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_LOCK_CONTROL [F3545CCC] SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_CLEANUP [F3545CCC] SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_CREATE_MAILSLOT [F3545CCC] SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_QUERY_SECURITY [F3545CCC] SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_SET_SECURITY [F3545CCC] SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_POWER [F3545CCC] SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_SYSTEM_CONTROL [F3545CCC] SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_DEVICE_CHANGE [F3545CCC] SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_QUERY_QUOTA [F3545CCC] SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_SET_QUOTA [F3545CCC] SYMTDI.SYS

Device \Device\0000006c IRP_MJ_CREATE [F868CCB8] ACPI.sys
Device \Device\0000006c IRP_MJ_CREATE_NAMED_PIPE [F868CCB8] ACPI.sys
Device \Device\0000006c IRP_MJ_CLOSE [F868CCB8] ACPI.sys
Device \Device\0000006c IRP_MJ_READ [F868CCB8] ACPI.sys
Device \Device\0000006c IRP_MJ_WRITE [F868CCB8] ACPI.sys
Device \Device\0000006c IRP_MJ_QUERY_INFORMATION [F868CCB8] ACPI.sys
Device \Device\0000006c IRP_MJ_SET_INFORMATION [F868CCB8] ACPI.sys
Device \Device\0000006c IRP_MJ_QUERY_EA [F868CCB8] ACPI.sys
Device \Device\0000006c IRP_MJ_SET_EA [F868CCB8] ACPI.sys
Device \Device\0000006c IRP_MJ_FLUSH_BUFFERS [F868CCB8] ACPI.sys
Device \Device\0000006c IRP_MJ_QUERY_VOLUME_INFORMATION [F868CCB8] ACPI.sys
Device \Device\0000006c IRP_MJ_SET_VOLUME_INFORMATION [F868CCB8] ACPI.sys
Device \Device\0000006c IRP_MJ_DIRECTORY_CONTROL [F868CCB8] ACPI.sys
Device \Device\0000006c IRP_MJ_FILE_SYSTEM_CONTROL [F868CCB8] ACPI.sys
Device \Device\0000006c IRP_MJ_DEVICE_CONTROL [F868CCB8] ACPI.sys
Device \Device\0000006c IRP_MJ_INTERNAL_DEVICE_CONTROL [F868CCB8] ACPI.sys
Device \Device\0000006c IRP_MJ_SHUTDOWN [F868CCB8] ACPI.sys
Device \Device\0000006c IRP_MJ_LOCK_CONTROL [F868CCB8] ACPI.sys
Device \Device\0000006c IRP_MJ_CLEANUP [F868CCB8] ACPI.sys
Device \Device\0000006c IRP_MJ_CREATE_MAILSLOT [F868CCB8] ACPI.sys
Device \Device\0000006c IRP_MJ_QUERY_SECURITY [F868CCB8] ACPI.sys
Device \Device\0000006c IRP_MJ_SET_SECURITY [F868CCB8] ACPI.sys
Device \Device\0000006c IRP_MJ_POWER [F868CCB8] ACPI.sys
Device \Device\0000006c IRP_MJ_SYSTEM_CONTROL [F868CCB8] ACPI.sys
Device \Device\0000006c IRP_MJ_DEVICE_CHANGE [F868CCB8] ACPI.sys
Device \Device\0000006c IRP_MJ_QUERY_QUOTA [F868CCB8] ACPI.sys
Device \Device\0000006c IRP_MJ_SET_QUOTA [F868CCB8] ACPI.sys
Device \Device\0000006c IRP_MJ_PNP [F868CCB8] ACPI.sys
Device \Device\0000006c FastIoDetachDevice [F868D0D4] ACPI.sys
Device \Driver\srosa \Device\srosa IRP_MJ_CREATE 82A003E2
Device \Driver\srosa \Device\srosa IRP_MJ_CREATE_NAMED_PIPE 82A003E2
Device \Driver\srosa \Device\srosa IRP_MJ_CLOSE 82A003E2
Device \Driver\srosa \Device\srosa IRP_MJ_READ 82A003E2
Device \Driver\srosa \Device\srosa IRP_MJ_WRITE 82A003E2
Device \Driver\srosa \Device\srosa IRP_MJ_QUERY_INFORMATION 82A003E2
Device \Driver\srosa \Device\srosa IRP_MJ_SET_INFORMATION 82A003E2
Device \Driver\srosa \Device\srosa IRP_MJ_QUERY_EA 82A003E2
Device \Driver\srosa \Device\srosa IRP_MJ_SET_EA 82A003E2
Device \Driver\srosa \Device\srosa IRP_MJ_FLUSH_BUFFERS 82A003E2
Device \Driver\srosa \Device\srosa IRP_MJ_QUERY_VOLUME_INFORMATION 82A003E2
Device \Driver\srosa \Device\srosa IRP_MJ_SET_VOLUME_INFORMATION 82A003E2
Device \Driver\srosa \Device\srosa IRP_MJ_DIRECTORY_CONTROL 82A003E2
Device \Driver\srosa \Device\srosa IRP_MJ_FILE_SYSTEM_CONTROL 82A003E2
Device \Driver\srosa \Device\srosa IRP_MJ_DEVICE_CONTROL 82A003E2
Device \Driver\srosa \Device\srosa IRP_MJ_INTERNAL_DEVICE_CONTROL 82A003E2
Device \Driver\srosa \Device\srosa IRP_MJ_SHUTDOWN 82A003E2
Device \Driver\srosa \Device\srosa IRP_MJ_LOCK_CONTROL 82A003E2
Device \Driver\srosa \Device\srosa IRP_MJ_CLEANUP 82A003E2
Device \Driver\srosa \Device\srosa IRP_MJ_CREATE_MAILSLOT 82A003E2
Device \Driver\srosa \Device\srosa IRP_MJ_QUERY_SECURITY 82A003E2
Device \Driver\srosa \Device\srosa IRP_MJ_SET_SECURITY 82A003E2
Device \Driver\srosa \Device\srosa IRP_MJ_POWER 82A003E2
Device \Driver\srosa \Device\srosa IRP_MJ_SYSTEM_CONTROL 82A003E2
Device \Driver\srosa \Device\srosa IRP_MJ_DEVICE_CHANGE 82A003E2
Device \Driver\srosa \Device\srosa IRP_MJ_QUERY_QUOTA 82A003E2
Device \Driver\srosa \Device\srosa IRP_MJ_SET_QUOTA 82A003E2
Device \Driver\srosa \Device\srosa IRP_MJ_PNP 82A003E2
Device \Device\0000006d IRP_MJ_CREATE [F868CCB8] ACPI.sys
Device \Device\0000006d IRP_MJ_CREATE_NAMED_PIPE [F868CCB8] ACPI.sys
Device \Device\0000006d IRP_MJ_CLOSE [F868CCB8] ACPI.sys
Device \Device\0000006d IRP_MJ_READ [F868CCB8] ACPI.sys
Device \Device\0000006d IRP_MJ_WRITE [F868CCB8] ACPI.sys
Device \Device\0000006d IRP_MJ_QUERY_INFORMATION [F868CCB8] ACPI.sys
Device \Device\0000006d IRP_MJ_SET_INFORMATION [F868CCB8] ACPI.sys
Device \Device\0000006d IRP_MJ_QUERY_EA [F868CCB8] ACPI.sys
Device \Device\0000006d IRP_MJ_SET_EA [F868CCB8] ACPI.sys
Device \Device\0000006d IRP_MJ_FLUSH_BUFFERS [F868CCB8] ACPI.sys
Device \Device\0000006d IRP_MJ_QUERY_VOLUME_INFORMATION [F868CCB8] ACPI.sys
Device \Device\0000006d IRP_MJ_SET_VOLUME_INFORMATION [F868CCB8] ACPI.sys
Device \Device\0000006d IRP_MJ_DIRECTORY_CONTROL [F868CCB8] ACPI.sys
Device \Device\0000006d IRP_MJ_FILE_SYSTEM_CONTROL [F868CCB8] ACPI.sys
Device \Device\0000006d IRP_MJ_DEVICE_CONTROL [F868CCB8] ACPI.sys
Device \Device\0000006d IRP_MJ_INTERNAL_DEVICE_CONTROL [F868CCB8] ACPI.sys
Device \Device\0000006d IRP_MJ_SHUTDOWN [F868CCB8] ACPI.sys
Device \Device\0000006d IRP_MJ_LOCK_CONTROL [F868CCB8] ACPI.sys
Device \Device\0000006d IRP_MJ_CLEANUP [F868CCB8] ACPI.sys
Device \Device\0000006d IRP_MJ_CREATE_MAILSLOT [F868CCB8] ACPI.sys
Device \Device\0000006d IRP_MJ_QUERY_SECURITY [F868CCB8] ACPI.sys
Device \Device\0000006d IRP_MJ_SET_SECURITY [F868CCB8] ACPI.sys
Device \Device\0000006d IRP_MJ_POWER [F868CCB8] ACPI.sys
Device \Device\0000006d IRP_MJ_SYSTEM_CONTROL [F868CCB8] ACPI.sys
Device \Device\0000006d IRP_MJ_DEVICE_CHANGE [F868CCB8] ACPI.sys
Device \Device\0000006d IRP_MJ_QUERY_QUOTA [F868CCB8] ACPI.sys
Device \Device\0000006d IRP_MJ_SET_QUOTA [F868CCB8] ACPI.sys
Device \Device\0000006d IRP_MJ_PNP [F868CCB8] ACPI.sys
Device \Device\0000006d FastIoDetachDevice [F868D0D4] ACPI.sys
Device \Driver\Gpc \Device\Gpc IRP_MJ_CREATE [F7998886] msgpc.sys
Device \Driver\Gpc \Device\Gpc IRP_MJ_CREATE_NAMED_PIPE [F7998886] msgpc.sys
Device \Driver\Gpc \Device\Gpc IRP_MJ_CLOSE [F7998886] msgpc.sys
Device \Driver\Gpc \Device\Gpc IRP_MJ_READ [F7998886] msgpc.sys
Device \Driver\Gpc \Device\Gpc IRP_MJ_WRITE [F7998886] msgpc.sys
Device \Driver\Gpc \Device\Gpc IRP_MJ_QUERY_INFORMATION [F7998886] msgpc.sys
Device \Driver\Gpc \Device\Gpc IRP_MJ_SET_INFORMATION [F7998886] msgpc.sys
Device \Driver\Gpc \Device\Gpc IRP_MJ_QUERY_EA [F7998886] msgpc.sys
Device \Driver\Gpc \Device\Gpc IRP_MJ_SET_EA [F7998886] msgpc.sys
Device \Driver\Gpc \Device\Gpc IRP_MJ_FLUSH_BUFFERS [F7998886] msgpc.sys
Device \Driver\Gpc \Device\Gpc IRP_MJ_QUERY_VOLUME_INFORMATION [F7998886] msgpc.sys
Device \Driver\Gpc \Device\Gpc IRP_MJ_SET_VOLUME_INFORMATION [F7998886] msgpc.sys
Device \Driver\Gpc \Device\Gpc IRP_MJ_DIRECTORY_CONTROL [F7998886] msgpc.sys
Device \Driver\Gpc \Device\Gpc IRP_MJ_FILE_SYSTEM_CONTROL [F7998886] msgpc.sys
Device \Driver\Gpc \Device\Gpc IRP_MJ_DEVICE_CONTROL [F7998886] msgpc.sys
Device \Driver\Gpc \Device\Gpc IRP_MJ_INTERNAL_DEVICE_CONTROL [F7998886] msgpc.sys
Device \Driver\Gpc \Device\Gpc IRP_MJ_SHUTDOWN [F7998886] msgpc.sys
Device \Driver\Gpc \Device\Gpc IRP_MJ_LOCK_CONTROL [F7998886] msgpc.sys
Device \Driver\Gpc \Device\Gpc IRP_MJ_CLEANUP [F7998886] msgpc.sys
Device \Driver\Gpc \Device\Gpc IRP_MJ_CREATE_MAILSLOT [F7998886] msgpc.sys
Device \Driver\Gpc \Device\Gpc IRP_MJ_QUERY_SECURITY [F7998886] msgpc.sys
Device \Driver\Gpc \Device\Gpc IRP_MJ_SET_SECURITY [F7998886] msgpc.sys
Device \Driver\Gpc \Device\Gpc IRP_MJ_POWER [F7998886] msgpc.sys
Device \Driver\Gpc \Device\Gpc IRP_MJ_SYSTEM_CONTROL [F7998886] msgpc.sys
Device \Driver\Gpc \Device\Gpc IRP_MJ_DEVICE_CHANGE [F7998886] msgpc.sys
Device \Driver\Gpc \Device\Gpc IRP_MJ_QUERY_QUOTA [F7998886] msgpc.sys
Device \Driver\Gpc \Device\Gpc IRP_MJ_SET_QUOTA [F7998886] msgpc.sys
Device \Driver\Gpc \Device\Gpc IRP_MJ_PNP [F7998886] msgpc.sys

---- Files - GMER 1.0.13 ----

File C:\Documents and Settings\Riccardo\Dati applicazioni\Symantec\Shared
File C:\Documents and Settings\Riccardo\Dati applicazioni\Symantec\Shared\MyProfile.UserProfile
File C:\Documents and Settings\Riccardo\Dati applicazioni\Symantec\Shared\Sessions
File C:\Documents and Settings\Riccardo\Dati applicazioni\Symantec\Shared\Sessions\20060501094334246.liveReg
File C:\Programmi\Movie Maker\Shared
File C:\Programmi\Movie Maker\Shared\Empty.txt
File C:\Programmi\Movie Maker\Shared\Filters.xml
File C:\Programmi\Movie Maker\Shared\news.png
File C:\Programmi\Movie Maker\Shared\paint.png
File C:\Programmi\Movie Maker\Shared\Profiles
File C:\Programmi\Movie Maker\Shared\Profiles\Blank.txt
File C:\Programmi\Movie Maker\Shared\Sample1.jpg
File C:\Programmi\Movie Maker\Shared\Sample2.jpg
File C:\Programmi\Skype\Toolbars\Shared
File C:\Programmi\Skype\Toolbars\Shared\SPhoneParser.dll
File C:\WINDOWS\ime\shared
File C:\WINDOWS\ime\shared\res
File C:\WINDOWS\system32\drivers\hidr.exe
File C:\WINDOWS\system32\drivers\srosa.sys

---- EOF - GMER 1.0.13 ----

--------------------------------------------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:20:55, on 27/08/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\Programmi\Java\jre1.6.0_02\bin\jusched.exe
C:\Programmi\ScanSoft\OmniPageSE2.0\OpwareSE2.exe
C:\WINDOWS\vsnpstd3.exe
C:\Programmi\iTunes\iTunesHelper.exe
C:\Programmi\MSN Messenger\msnmsgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmi\Skype\Phone\Skype.exe
C:\Programmi\eMule\emule.exe
C:\Programmi\File comuni\Microsoft Shared\VS7DEBUG\mdm.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmi\iPod\bin\iPodService.exe
C:\Programmi\Skype\Plugin Manager\skypePM.exe
C:\Programmi\MSN Messenger\usnsvc.exe
C:\Programmi\JackSMS\JackSMS.exe
C:\Programmi\Outlook Express\msimn.exe
C:\Programmi\Internet Explorer\IEXPLORE.EXE
C:\Programmi\MSN Messenger\livecall.exe
C:\WINDOWS\Explorer.EXE
C:\Programmi\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Documents and Settings\Riccardo\Desktop\AntiRootkit\PAVARK.exe
C:\Documents and Settings\Riccardo\Desktop\gmer\gmer.exe
C:\Documents and Settings\Riccardo\Desktop\HiJackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: Supporto di collegamento per Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Programmi\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O3 - Toolbar: LEC - {1DBAB667-A486-421e-AFE4-CF07DD0088E5} - C:\Programmi\Power Translator 10\Applications\LEC IE Translation Extension.dll
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [pdfFactory Pro Dispatcher v2] "C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\fppdis2a.exe" /runonce
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programmi\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [OpwareSE2] "C:\Programmi\ScanSoft\OmniPageSE2.0\OpwareSE2.exe"
O4 - HKLM\..\Run: [snpstd3] C:\WINDOWS\vsnpstd3.exe
O4 - HKLM\..\Run: [.nvsvc] C:\WINDOWS\system\smss.exe /w
O4 - HKLM\..\Run: [FASTTRACKPassepartout] C:\WINDOWS\Passepartout.exe -A *fnV3Fw0aY4aWyOX4fTZtDIpbEzfWwMHFMDRjjMyLUzZWzMSZLXByTwjZItZWzfWULC5tm10YV8ZW4LX5ZXN0XwpaxtbXQfWZYDkpXJgcN8YnzMWVZXwzXwgLBtcWhf25cCVvn1jcR8b3vL2BdX5hXwkbRtbS8fy1MHBkjFwbV1Z38aXdaWIuH5gbRkdG0aW9cW4hDNgZopdCvIG5LGVu3VtZB1cXhcGRcm8838gUNgY3lc2xcG9GGVtfFycEyIG5dHx8GVlT9ucn1I3wdHNtCRpf5ldE0bm5cX88mBgLFvZXmIGwZGktmNgflvbCjb31YXR8WB0LRsbX2ZywYXB0WNtM5zaXjaWwZX5xSZ1L5vdDuIGEZGlsXR8MRpLS8IXwMHxxTNoLAldDyaHJNSR8TBwLNtOX8aiwMW8tj5vfN1ZC8dn1MGJ8nkldwgZXtYSBfW14C5kL1jZm8aWVLGZ4XUhZwgdXtbWxfmxTD90fguLD5IXMOGV4TNwNAvZjybGFNnF8DN0TElZnyYSwN31i
O4 - HKLM\..\Run: [iTunesHelper] "C:\Programmi\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Synchronization Manager] %SystemRoot%\system32\mobsync.exe /logon
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Programmi\File comuni\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmi\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [FASTTRACKPassepartout] C:\WINDOWS\Passepartout.exe -A *fnV3Fw0aY4aWyOX4fTZtDIpbEzfWwMHFMDRjjMyLUzZWzMSZLXByTwjZItZWzfWULC5tm10YV8ZW4LX5ZXN0XwpaxtbXQfWZYDkpXJgcN8YnzMWVZXwzXwgLBtcWhf25cCVvn1jcR8b3vL2BdX5hXwkbRtbS8fy1MHBkjFwbV1Z38aXdaWIuH5gbRkdG0aW9cW4hDNgZopdCvIG5LGVu3VtZB1cXhcGRcm8838gUNgY3lc2xcG9GGVtfFycEyIG5dHx8GVlT9ucn1I3wdHNtCRpf5ldE0bm5cX88mBgLFvZXmIGwZGktmNgflvbCjb31YXR8WB0LRsbX2ZywYXB0WNtM5zaXjaWwZX5xSZ1L5vdDuIGEZGlsXR8MRpLS8IXwMHxxTNoLAldDyaHJNSR8TBwLNtOX8aiwMW8tj5vfN1ZC8dn1MGJ8nkldwgZXtYSBfW14C5kL1jZm8aWVLGZ4XUhZwgdXtbWxfmxTD90fguLD5IXMOGV4TNwNAvZjybGFNnF8DN0TElZnyYSwN31i
O4 - HKCU\..\Run: [msnmsgr] "C:\Programmi\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Skype] "C:\Programmi\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [eMuleAutoStart] C:\Programmi\eMule\emule.exe -AutoStart
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Programmi\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - Startup: Adobe Gamma.lnk = C:\Programmi\File comuni\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: Adobe Reader Synchronizer.lnk = C:\Programmi\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O4 - Startup: Avvio veloce di Adobe Reader.lnk = C:\Programmi\Adobe\Reader 8.0\Reader\reader_sl.exe
O4 - Global Startup: Adobe Gamma.lnk = C:\Programmi\File comuni\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Programmi\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O4 - Global Startup: Avvio veloce di Adobe Reader.lnk = C:\Programmi\Adobe\Reader 8.0\Reader\reader_sl.exe
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O16 - DPF: {39D420B3-E0EB-424C-89AA-C24F8DE7EF79} (KooPlayer Control) - http://www.coolstreaming.us/webtv/tvkoo/KooPlayer.ocx
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/ge...sh/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{90FBF2B7-80AB-48E0-8E9F-48F8D8057869}: NameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{CCC330E8-5902-4728-859D-D66F78CA6F12}: NameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{DE89383E-EA08-43B3-8E5E-7C54DC0883D3}: NameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{FA345D17-1D10-4503-BC07-F7671BCD9363}: NameServer = 192.168.0.1
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FILECO~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Programmi\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Programmi\File comuni\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Unknown owner - C:\Programmi\AntiVir PersonalEdition Classic\sched.exe (file missing)
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Unknown owner - C:\Programmi\AntiVir PersonalEdition Classic\avguard.exe (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Programmi\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programmi\File comuni\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Programmi\iPod\bin\iPodService.exe
O23 - Service: LEC TranslateDotNet Server - Language Engineering Corporation, LLC - C:\Programmi\Power Translator 10\LogoMedia TranslateDotNet Server.exe
O23 - Service: NBService - Nero AG - C:\Programmi\Nero\Nero 7\Nero BackItUp\NBService.exe

--
End of file - 7985 bytes
__________________
La pazzia da felicità alla propria vita!!!
Charlie795 è offline   Rispondi citando il messaggio o parte di esso
Old 28-08-2007, 00:41   #9
yanoama
Member
 
L'Avatar di yanoama
 
Iscritto dal: Aug 2007
Messaggi: 39
Prima di addentrarci nell'analisi dei log, io proverei a fare un tentativo con Panda Antirootkit, lo trovi qui
http://research.pandasoftware.com/bl...-Released.aspx
dai una lettura anche a questo topic sul forum di megalab
http://www.megalab.it/forum/viewtopic.php?t=34010

Bye
__________________
SALVIAMO L'AMAZZONIA
yanoama è offline   Rispondi citando il messaggio o parte di esso
Old 28-08-2007, 09:35   #10
demi@n
Senior Member
 
Iscritto dal: Apr 2007
Messaggi: 895
Quote:
SCusa gmer l'ho scaricato e lanciato ma queste righe evidenziate di rosso a me non escono che abbia sbagliato programma?
Quote:
Del file in tsk neanche l'ombra
Non so analizzare il papier di gmer, ma da quello che dice charlie, non mi sembra che abbia bagle.
demi@n è offline   Rispondi citando il messaggio o parte di esso
Old 28-08-2007, 09:37   #11
Chill-Out
Moderatore
 
L'Avatar di Chill-Out
 
Iscritto dal: Jun 2007
Città: 127.0.0.1
Messaggi: 25885
Questi sono da fixare:
O4 - HKLM\..\Run: [FASTTRACKPassepartout] C:\WINDOWS\Passepartout.exe -A *fnV3Fw0aY4aWyOX4fTZtDIpbEzfWwMHFMDRjjMyLUzZWzMSZLXByTwjZItZWzfWULC5tm10YV8ZW4LX 5ZXN0XwpaxtbXQfWZYDkpXJgcN8YnzMWVZXwzXwgLBtcWhf25cCVvn1jcR8b3vL2BdX5hXwkbRtbS8fy 1MHBkjFwbV1Z38aXdaWIuH5gbRkdG0aW9cW4hDNgZopdCvIG5LGVu3VtZB1cXhcGRcm8838gUNgY3lc2 xcG9GGVtfFycEyIG5dHx8GVlT9ucn1I3wdHNtCRpf5ldE0bm5cX88mBgLFvZXmIGwZGktmNgflvbCjb3 1YXR8WB0LRsbX2ZywYXB0WNtM5zaXjaWwZX5xSZ1L5vdDuIGEZGlsXR8MRpLS8IXwMHxxTNoLAldDyaH JNSR8TBwLNtOX8aiwMW8tj5vfN1ZC8dn1MGJ8nkldwgZXtYSBfW14C5kL1jZm8aWVLGZ4XUhZwgdXtbW xfmxTD90fguLD5IXMOGV4TNwNAvZjybGFNnF8DN0TElZnyYSwN31i

O4 - HKLM\..\Run: [.nvsvc] C:\WINDOWS\system\smss.exe /w

O4 - HKCU\..\Run: [FASTTRACKPassepartout] C:\WINDOWS\Passepartout.exe -A *fnV3Fw0aY4aWyOX4fTZtDIpbEzfWwMHFMDRjjMyLUzZWzMSZLXByTwjZItZWzfWULC5tm10YV8ZW4LX 5ZXN0XwpaxtbXQfWZYDkpXJgcN8YnzMWVZXwzXwgLBtcWhf25cCVvn1jcR8b3vL2BdX5hXwkbRtbS8fy 1MHBkjFwbV1Z38aXdaWIuH5gbRkdG0aW9cW4hDNgZopdCvIG5LGVu3VtZB1cXhcGRcm8838gUNgY3lc2 xcG9GGVtfFycEyIG5dHx8GVlT9ucn1I3wdHNtCRpf5ldE0bm5cX88mBgLFvZXmIGwZGktmNgflvbCjb3 1YXR8WB0LRsbX2ZywYXB0WNtM5zaXjaWwZX5xSZ1L5vdDuIGEZGlsXR8MRpLS8IXwMHxxTNoLAldDyaH JNSR8TBwLNtOX8aiwMW8tj5vfN1ZC8dn1MGJ8nkldwgZXtYSBfW14C5kL1jZm8aWVLGZ4XUhZwgdXtbW xfmxTD90fguLD5IXMOGV4TNwNAvZjybGFNnF8DN0TElZnyYSwN31i

devi mettere il segno di spunta nella casellina bianca di fianco alle voci suddette, poi clicca su Fix checked.
__________________
Try again and you will be luckier.
Chill-Out è offline   Rispondi citando il messaggio o parte di esso
 Rispondi

« Discussione precedente | Discussione successiva »

Polestar 3 Performance, test drive: comodità e potenza possono convivere Polestar 3 Performance, test drive: comodit&agra...
Qualcomm Snapdragon X2 Elite: l'architettura del SoC per i notebook del 2026 Qualcomm Snapdragon X2 Elite: l'architettura del...
Recensione DJI Mini 5 Pro: il drone C0 ultra-leggero con sensore da 1 pollice Recensione DJI Mini 5 Pro: il drone C0 ultra-leg...
ASUS Expertbook PM3: il notebook robusto per le aziende ASUS Expertbook PM3: il notebook robusto per le ...
Test ride con Gowow Ori: elettrico e off-road vanno incredibilmente d'accordo Test ride con Gowow Ori: elettrico e off-road va...
ESA: rilevati 40 mila asteroidi vicino a...
La batteria salva fabbriche di EQORE ott...
SpaceX Starship: iniziati i test della t...
Datacenter IA nello spazio entro 5 anni,...
Telescopio spaziale James Webb: rilevato...
Ericsson Mobility Report: nel 2025 il 5G...
PLAI DEMO DAY: si chiude il secondo cicl...
Google rilascia Nano Banana Pro: il nuov...
ChatGPT si rinnova ancora: disponibile l...
Ring lancia super sconti di Black Friday...
Black Friday 2025: 450 euro di sconto su...
Tutte le offerte Blink in un unico posto...
OpenAI e Foxconn uniscono le forze per r...
Ricarica delle auto elettriche in 3 minu...
Lucid presenta Gravity Touring, il SUV e...
Chromium
GPU-Z
OCCT
LibreOffice Portable
Opera One Portable
Opera One 106
CCleaner Portable
CCleaner Standard
Cpu-Z
Driver NVIDIA GeForce 546.65 WHQL
SmartFTP
Trillian
Google Chrome Portable
Google Chrome 120
VirtualBox
Tutti gli articoli Tutte le news Tutti i download

Strumenti

Regole
Non Puoi aprire nuove discussioni
Non Puoi rispondere ai messaggi
Non Puoi allegare file
Non Puoi modificare i tuoi messaggi
Il codice vB è On
Le Faccine sono On
Il codice [IMG] è On
Il codice HTML è Off
Vai al Forum


Tutti gli orari sono GMT +1. Ora sono le: 04:06.

Contattaci - Hardware Upgrade - Archivio - Note sulla Privacy - Su

Powered by vBulletin® Version 3.6.4
Copyright ©2000 - 2025, Jelsoft Enterprises Ltd.
Served by www3v