|
|||||||
|
|
|
 |
|
|
Strumenti |
22-10-2007, 19:28
|
#1 |
|
Member
Iscritto dal: Sep 2007
Messaggi: 40
|
dialer local internet
raga spero di risolvere perche mi stacca in continuamente la connessione ecco il log
Codice:
Logfile of HijackThis v1.99.1 Scan saved at 20.25.53, on 22/10/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\System32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Programmi\File comuni\Symantec Shared\ccSetMgr.exe C:\WINDOWS\system32\Ati2evxx.exe C:\Programmi\File comuni\Symantec Shared\SNDSrvc.exe C:\Programmi\File comuni\Symantec Shared\SPBBC\SPBBCSvc.exe C:\WINDOWS\Explorer.EXE C:\Programmi\File comuni\Symantec Shared\ccEvtMgr.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\System32\acs.exe C:\Acer\eManager\anbmServ.exe C:\Programmi\Google\Common\Google Updater\GoogleUpdaterService.exe C:\Programmi\File comuni\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Programmi\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe C:\Programmi\Norton AntiVirus\navapsvc.exe C:\Programmi\Norton AntiVirus\IWP\NPFMntor.exe C:\Programmi\Symantec\LiveUpdate\ALUSchedulerSvc.exe C:\WINDOWS\System32\wltrysvc.exe C:\WINDOWS\System32\bcmwltry.exe c:\programmi\pinnacle\shared files\programs\mediaserver\pmshost.exe C:\Programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\WINDOWS\SOUNDMAN.EXE C:\Programmi\Synaptics\SynTP\SynTPLpr.exe C:\Programmi\Synaptics\SynTP\SynTPEnh.exe C:\WINDOWS\System32\WLTRAY.exe C:\Programmi\Atheros\ACU.exe C:\Programmi\Launch Manager\LaunchAp.exe C:\Programmi\Launch Manager\PowerKey.exe C:\Programmi\Launch Manager\HotkeyApp.exe C:\Programmi\Launch Manager\OSDCtrl.exe C:\Programmi\Launch Manager\Wbutton.exe C:\Programmi\File comuni\Symantec Shared\ccApp.exe C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\ctfmon.exe C:\Programmi\File comuni\Ahead\lib\NMBgMonitor.exe C:\Programmi\Ray Adams\ATI Tray Tools\atitray.exe C:\Programmi\MSN Messenger\MsnMsgr.Exe C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Programmi\Internet Explorer\iexplore.exe C:\Programmi\MSN Messenger\usnsvc.exe C:\Programmi\Adobe\Acrobat 7.0\Reader\AcroRd32.exe C:\Programmi\Internet Explorer\iexplore.exe C:\Programmi\Messenger\msmsgs.exe C:\Documents and Settings\Francesco\Desktop\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4D91-8333-CF10577473F7} - C:\Documents and Settings\Francesco\Google\googletoolbar1.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programmi\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Programmi\Norton AntiVirus\NavShExt.dll O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Programmi\Norton AntiVirus\NavShExt.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programmi\google\googletoolbar1.dll O4 - HKLM\..\Run: [ATIPTA] C:\Programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [SynTPLpr] C:\Programmi\Synaptics\SynTP\SynTPLpr.exe O4 - HKLM\..\Run: [SynTPEnh] C:\Programmi\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\WINDOWS\System32\WLTRAY O4 - HKLM\..\Run: [ACU] C:\Programmi\Atheros\ACU.exe -nogui O4 - HKLM\..\Run: [LaunchAp] "C:\Programmi\Launch Manager\LaunchAp.exe" O4 - HKLM\..\Run: [PowerKey] "C:\Programmi\Launch Manager\PowerKey.exe" O4 - HKLM\..\Run: [LManager] "C:\Programmi\Launch Manager\HotkeyApp.exe" O4 - HKLM\..\Run: [CtrlVol] "C:\Programmi\Launch Manager\CtrlVol.exe" O4 - HKLM\..\Run: [LMgrOSD] "C:\Programmi\Launch Manager\OSDCtrl.exe" O4 - HKLM\..\Run: [Wbutton] "C:\Programmi\Launch Manager\Wbutton.exe" O4 - HKLM\..\Run: [ccApp] "C:\Programmi\File comuni\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Programmi\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Programmi\File comuni\Ahead\lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [AtiTrayTools] "C:\Programmi\Ray Adams\ATI Tray Tools\atitray.exe" O4 - HKCU\..\Run: [MsnMsgr] "C:\Programmi\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [swg] C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - Global Startup: Avvio veloce di Adobe Reader.lnk = C:\Programmi\Adobe\Acrobat 7.0\Reader\reader_sl.exe O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: Ricerche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe O17 - HKLM\System\CCS\Services\Tcpip\..\{EA62974E-CF86-443B-A6F4-1A15BDF80CD4}: NameServer = 213.230.128.222 213.230.129.94 O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: Servizio di configurazione Atheros (ACS) - Unknown owner - C:\WINDOWS\System32\acs.exe O23 - Service: Notebook Manager Service (anbmService) - OSA Technologies Inc. - C:\Acer\eManager\anbmServ.exe O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Programmi\Ares\chatServer.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\ccPwdSvc.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\ccSetMgr.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Programmi\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE O23 - Service: MSSQL$PINNACLESYS - Unknown owner - C:\Programmi\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe" -sPINNACLESYS (file missing) O23 - Service: Servizio Auto-Protect di Norton AntiVirus (navapsvc) - Symantec Corporation - C:\Programmi\Norton AntiVirus\navapsvc.exe O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Programmi\Norton AntiVirus\IWP\NPFMntor.exe O23 - Service: Pinnacle Systems Media Service (PinnacleSys.MediaServer) - Pinnacle Systems - c:\programmi\pinnacle\shared files\programs\mediaserver\pmshost.exe O23 - Service: SAVScan - Symantec Corporation - C:\Programmi\Norton AntiVirus\SAVScan.exe O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FILECO~1\SYMANT~1\SCRIPT~1\SBServ.exe O23 - Service: ServiceLayer - Nokia. - C:\Programmi\PC Connectivity Solution\ServiceLayer.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\SNDSrvc.exe O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\SPBBC\SPBBCSvc.exe O23 - Service: SQLAgent$PINNACLESYS - Unknown owner - C:\Programmi\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlagent.EXE" -i PINNACLESYS (file missing) O23 - Service: Utilità di pianificazione di LiveUpdate automatico - Symantec Corporation - C:\Programmi\Symantec\LiveUpdate\ALUSchedulerSvc.exe O23 - Service: Broadcom Wireless LAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\wltrysvc.exe Ultima modifica di xcdegasp : 11-11-2007 alle 17:21. |
|
|
|
22-10-2007, 19:35
|
#2 |
|
Senior Member
Iscritto dal: Aug 2007
Città: Lucca Sesso: FEMMINA
Messaggi: 2495
|
Se lo hai attivo, disabilita il ripristino di configurazione di sistema (start –
programmi – accessori – utilità di sistema – ripristino di configurazione di sistema). Esegui questi tool: CCLEANER: clicca qui per il download una volta installato, lancia il programma, nel menu di sinistra portati alla voce Opzioni e nella finestra successiva clicca su: ● Impostazioni, e spunta la voce Cancellazione sicura (lenta) poi su: ● Avanzate, togli la spunta alla voce Cancella solo file più vecchi di 48 ore ● alla voce Pulizia, spunta tutte le quelle comprese nella sezione Avanzate ● nel menu a sinistra, clicca sulla voce Pulizia, clicca su tasto Avvia Pulizia per eseguire la scansione ● sempre nel menu a sinistra, clicca sulla voce Problemi, clicca sul tasto Trova problemi ed avvia una scansione; al termine della scansione clicca sulla voce Ripara selezionati e prosegui PANDA ANTIROOTKIT: clicca qui per il download Non è necessaria l'installazione (è un tool stand-alone); una volta lanciato, si aggiorna in automatico ed esegue la scansione (ovviamente rimuove tutti gli eventuali rootkit che rileva) ASQUARED ANTIDIALER FREE: clicca qui per il download una volta installato, scarica gli aggiornamenti e poi, esegui una scansione del sistema. ESET AGVPFIX: clicca qui per il download Non è necessaria l'installazione (è un tool stand-alone); una volta lanciato, individua, rimuove e eventuali Win32/Agent.VP trojan alla fine facci sapere se sussiste ancora il problema! |
|
|
|
|
22-10-2007, 19:36
|
#3 |
|
Junior Member
Iscritto dal: Oct 2007
Messaggi: 13
|
Gurda io i log nn li so leggere, ti posso dire che anche il dialer che ho io crea una connessione local internet, quindi magari tanto x farti un'idea guarda quello che hanno risposto a me, il mio post è quello di titolo: dialer.
Ciao e in bocca al lupo. |
|
|
|
|
22-10-2007, 21:58
|
#4 |
|
Bannato
Iscritto dal: Mar 2004
Città: Galapagos Attenzione:utente flautolente,tienilo a mente
Messaggi: 29028
|
da hijackthis non si vede nulla.
posta i log di gmer e findawf |
|
|
|
|
23-10-2007, 18:29
|
#5 |
|
Member
Iscritto dal: Sep 2007
Messaggi: 40
|
ok speriamo bene... questo e il log di gmr
Codice:
GMER 1.0.13.12551 - http://www.gmer.net Rootkit scan 2007-10-23 19:26:42 Windows 5.1.2600 Service Pack 2 ---- System - GMER 1.0.13 ---- SSDT 823ECFC0 ZwConnectPort SSDT 8249D898 ZwOpenProcess SSDT 825735F0 ZwOpenThread ---- User code sections - GMER 1.0.13 ---- .text C:\Programmi\MSN Messenger\MsnMsgr.Exe[184] kernel32.dll!LoadLibraryA 7C801D77 5 Bytes JMP 10005AF0 C:\Programmi\Ray Adams\ATI Tray Tools\raphook.dll .text C:\Programmi\MSN Messenger\MsnMsgr.Exe[184] kernel32.dll!SetUnhandledExceptionFilter 7C810386 5 Bytes JMP 004DE392 C:\Programmi\MSN Messenger\MsnMsgr.Exe .text C:\Programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe[2460] kernel32.dll!LoadLibraryA 7C801D77 5 Bytes JMP 00EB5AF0 C:\Programmi\Ray Adams\ATI Tray Tools\raphook.dll .text C:\Programmi\Synaptics\SynTP\SynTPLpr.exe[2652] kernel32.dll!LoadLibraryA 7C801D77 5 Bytes JMP 00E75AF0 C:\Programmi\Ray Adams\ATI Tray Tools\raphook.dll .text C:\Programmi\Synaptics\SynTP\SynTPEnh.exe[3124] kernel32.dll!LoadLibraryA 7C801D77 5 Bytes JMP 01135AF0 C:\Programmi\Ray Adams\ATI Tray Tools\raphook.dll .text C:\Documents and Settings\Francesco\Desktop\gmer.exe[3304] kernel32.dll!LoadLibraryA 7C801D77 5 Bytes JMP 10005AF0 C:\Programmi\Ray Adams\ATI Tray Tools\raphook.dll .text C:\Programmi\Atheros\ACU.exe[3392] kernel32.dll!LoadLibraryA 7C801D77 5 Bytes JMP 00DD5AF0 C:\Programmi\Ray Adams\ATI Tray Tools\raphook.dll .text ... ---- Devices - GMER 1.0.13 ---- AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_CREATE [EF918290] SYMEVENT.SYS AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_CREATE_NAMED_PIPE [EF918290] SYMEVENT.SYS AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_CLOSE [EF918290] SYMEVENT.SYS AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_READ [EF918330] SYMEVENT.SYS AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_WRITE [EF9183A0] SYMEVENT.SYS AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_INFORMATION [EF918290] SYMEVENT.SYS AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_SET_INFORMATION [EF918290] SYMEVENT.SYS AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_EA [EF918290] SYMEVENT.SYS AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_SET_EA [EF918290] SYMEVENT.SYS AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_FLUSH_BUFFERS [EF918290] SYMEVENT.SYS AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_VOLUME_INFORMATION [EF918290] SYMEVENT.SYS AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_SET_VOLUME_INFORMATION [EF918290] SYMEVENT.SYS AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_DIRECTORY_CONTROL [EF918290] SYMEVENT.SYS AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_FILE_SYSTEM_CONTROL [EF918290] SYMEVENT.SYS AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_DEVICE_CONTROL [EF918290] SYMEVENT.SYS AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_INTERNAL_DEVICE_CONTROL [EF918290] SYMEVENT.SYS AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_SHUTDOWN [EF918290] SYMEVENT.SYS AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_LOCK_CONTROL [EF918290] SYMEVENT.SYS AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_CLEANUP [EF918290] SYMEVENT.SYS AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_CREATE_MAILSLOT [EF918290] SYMEVENT.SYS AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_SECURITY [EF918290] SYMEVENT.SYS AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_SET_SECURITY [EF918290] SYMEVENT.SYS AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_POWER [EF918290] SYMEVENT.SYS AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_SYSTEM_CONTROL [EF918290] SYMEVENT.SYS AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_DEVICE_CHANGE [EF918290] SYMEVENT.SYS AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_QUOTA [EF918290] SYMEVENT.SYS AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_SET_QUOTA [EF918290] SYMEVENT.SYS AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_CREATE [EF953919] SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_CREATE_NAMED_PIPE [EF953919] SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_CLOSE [EF953919] SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_READ [EF953919] SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_WRITE [EF953919] SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_QUERY_INFORMATION [EF953919] SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_SET_INFORMATION [EF953919] SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_QUERY_EA [EF953919] SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_SET_EA [EF953919] SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_FLUSH_BUFFERS [EF953919] SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_QUERY_VOLUME_INFORMATION [EF953919] SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_SET_VOLUME_INFORMATION [EF953919] SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_DIRECTORY_CONTROL [EF953919] SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_FILE_SYSTEM_CONTROL [EF953919] SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_DEVICE_CONTROL [EF953919] SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_INTERNAL_DEVICE_CONTROL [EF953919] SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_SHUTDOWN [EF953919] SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_LOCK_CONTROL [EF953919] SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_CLEANUP [EF953919] SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_CREATE_MAILSLOT [EF953919] SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_QUERY_SECURITY [EF953919] SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_SET_SECURITY [EF953919] SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_POWER [EF953919] SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_SYSTEM_CONTROL [EF953919] SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_DEVICE_CHANGE [EF953919] SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_QUERY_QUOTA [EF953919] SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_SET_QUOTA [EF953919] SYMTDI.SYS AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 IRP_MJ_CREATE [F81B1E00] SynTP.sys AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 IRP_MJ_CREATE_NAMED_PIPE [F81B1E00] SynTP.sys AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 IRP_MJ_CLOSE [F81B1E00] SynTP.sys AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 IRP_MJ_READ [F81B1E00] SynTP.sys AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 IRP_MJ_WRITE [F81B1E00] SynTP.sys AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 IRP_MJ_QUERY_INFORMATION [F81B1E00] SynTP.sys AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 IRP_MJ_SET_INFORMATION [F81B1E00] SynTP.sys AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 IRP_MJ_QUERY_EA [F81B1E00] SynTP.sys AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 IRP_MJ_SET_EA [F81B1E00] SynTP.sys AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 IRP_MJ_FLUSH_BUFFERS [F81B1E00] SynTP.sys AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 IRP_MJ_QUERY_VOLUME_INFORMATION [F81B1E00] SynTP.sys AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 IRP_MJ_SET_VOLUME_INFORMATION [F81B1E00] SynTP.sys AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 IRP_MJ_DIRECTORY_CONTROL [F81B1E00] SynTP.sys AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 IRP_MJ_FILE_SYSTEM_CONTROL [F81B1E00] SynTP.sys AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 IRP_MJ_DEVICE_CONTROL [F81B1E00] SynTP.sys AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 IRP_MJ_INTERNAL_DEVICE_CONTROL [F81B1E00] SynTP.sys AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 IRP_MJ_SHUTDOWN [F81B1E00] SynTP.sys AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 IRP_MJ_LOCK_CONTROL [F81B1E00] SynTP.sys AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 IRP_MJ_CLEANUP [F81B1E00] SynTP.sys AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 IRP_MJ_CREATE_MAILSLOT [F81B1E00] SynTP.sys AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 IRP_MJ_QUERY_SECURITY [F81B1E00] SynTP.sys AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 IRP_MJ_SET_SECURITY [F81B1E00] SynTP.sys AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 IRP_MJ_POWER [F81B1E00] SynTP.sys AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 IRP_MJ_SYSTEM_CONTROL [F81B1E00] SynTP.sys AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 IRP_MJ_DEVICE_CHANGE [F81B1E00] SynTP.sys AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 IRP_MJ_QUERY_QUOTA [F81B1E00] SynTP.sys AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 IRP_MJ_SET_QUOTA [F81B1E00] SynTP.sys AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 IRP_MJ_CREATE [F81B1E00] SynTP.sys AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 IRP_MJ_CREATE_NAMED_PIPE [F81B1E00] SynTP.sys AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 IRP_MJ_CLOSE [F81B1E00] SynTP.sys AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 IRP_MJ_READ [F81B1E00] SynTP.sys AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 IRP_MJ_WRITE [F81B1E00] SynTP.sys AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 IRP_MJ_QUERY_INFORMATION [F81B1E00] SynTP.sys AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 IRP_MJ_SET_INFORMATION [F81B1E00] SynTP.sys AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 IRP_MJ_QUERY_EA [F81B1E00] SynTP.sys AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 IRP_MJ_SET_EA [F81B1E00] SynTP.sys AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 IRP_MJ_FLUSH_BUFFERS [F81B1E00] SynTP.sys AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 IRP_MJ_QUERY_VOLUME_INFORMATION [F81B1E00] SynTP.sys AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 IRP_MJ_SET_VOLUME_INFORMATION [F81B1E00] SynTP.sys AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 IRP_MJ_DIRECTORY_CONTROL [F81B1E00] SynTP.sys AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 IRP_MJ_FILE_SYSTEM_CONTROL [F81B1E00] SynTP.sys AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 IRP_MJ_DEVICE_CONTROL [F81B1E00] SynTP.sys AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 IRP_MJ_INTERNAL_DEVICE_CONTROL [F81B1E00] SynTP.sys AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 IRP_MJ_SHUTDOWN [F81B1E00] SynTP.sys AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 IRP_MJ_LOCK_CONTROL [F81B1E00] SynTP.sys AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 IRP_MJ_CLEANUP [F81B1E00] SynTP.sys AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 IRP_MJ_CREATE_MAILSLOT [F81B1E00] SynTP.sys AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 IRP_MJ_QUERY_SECURITY [F81B1E00] SynTP.sys AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 IRP_MJ_SET_SECURITY [F81B1E00] SynTP.sys AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 IRP_MJ_POWER [F81B1E00] SynTP.sys AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 IRP_MJ_SYSTEM_CONTROL [F81B1E00] SynTP.sys AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 IRP_MJ_DEVICE_CHANGE [F81B1E00] SynTP.sys AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 IRP_MJ_QUERY_QUOTA [F81B1E00] SynTP.sys AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 IRP_MJ_SET_QUOTA [F81B1E00] SynTP.sys AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_CREATE [EF953919] SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_CREATE_NAMED_PIPE [EF953919] SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_CLOSE [EF953919] SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_READ [EF953919] SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_WRITE [EF953919] SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_QUERY_INFORMATION [EF953919] SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_SET_INFORMATION [EF953919] SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_QUERY_EA [EF953919] SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_SET_EA [EF953919] SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_FLUSH_BUFFERS [EF953919] SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_QUERY_VOLUME_INFORMATION [EF953919] SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_SET_VOLUME_INFORMATION [EF953919] SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_DIRECTORY_CONTROL [EF953919] SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_FILE_SYSTEM_CONTROL [EF953919] SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_DEVICE_CONTROL [EF953919] SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_INTERNAL_DEVICE_CONTROL [EF953919] SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_SHUTDOWN [EF953919] SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_LOCK_CONTROL [EF953919] SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_CLEANUP [EF953919] SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_CREATE_MAILSLOT [EF953919] SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_QUERY_SECURITY [EF953919] SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_SET_SECURITY [EF953919] SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_POWER [EF953919] SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_SYSTEM_CONTROL [EF953919] SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_DEVICE_CHANGE [EF953919] SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_QUERY_QUOTA [EF953919] SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_SET_QUOTA [EF953919] SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_CREATE [EF953919] SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_CREATE_NAMED_PIPE [EF953919] SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_CLOSE [EF953919] SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_READ [EF953919] SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_WRITE [EF953919] SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_QUERY_INFORMATION [EF953919] SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_SET_INFORMATION [EF953919] SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_QUERY_EA [EF953919] SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_SET_EA [EF953919] SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_FLUSH_BUFFERS [EF953919] SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_QUERY_VOLUME_INFORMATION [EF953919] SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_SET_VOLUME_INFORMATION [EF953919] SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_DIRECTORY_CONTROL [EF953919] SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_FILE_SYSTEM_CONTROL [EF953919] SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_DEVICE_CONTROL [EF953919] SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_INTERNAL_DEVICE_CONTROL [EF953919] SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_SHUTDOWN [EF953919] SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_LOCK_CONTROL [EF953919] SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_CLEANUP [EF953919] SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_CREATE_MAILSLOT [EF953919] SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_QUERY_SECURITY [EF953919] SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_SET_SECURITY [EF953919] SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_POWER [EF953919] SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_SYSTEM_CONTROL [EF953919] SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_DEVICE_CHANGE [EF953919] SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_QUERY_QUOTA [EF953919] SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_SET_QUOTA [EF953919] SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_CREATE [EF953919] SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_CREATE_NAMED_PIPE [EF953919] SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_CLOSE [EF953919] SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_READ [EF953919] SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_WRITE [EF953919] SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_QUERY_INFORMATION [EF953919] SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_SET_INFORMATION [EF953919] SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_QUERY_EA [EF953919] SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_SET_EA [EF953919] SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_FLUSH_BUFFERS [EF953919] SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_QUERY_VOLUME_INFORMATION [EF953919] SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_SET_VOLUME_INFORMATION [EF953919] SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_DIRECTORY_CONTROL [EF953919] SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_FILE_SYSTEM_CONTROL [EF953919] SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_DEVICE_CONTROL [EF953919] SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_INTERNAL_DEVICE_CONTROL [EF953919] SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_SHUTDOWN [EF953919] SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_LOCK_CONTROL [EF953919] SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_CLEANUP [EF953919] SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_CREATE_MAILSLOT [EF953919] SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_QUERY_SECURITY [EF953919] SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_SET_SECURITY [EF953919] SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_POWER [EF953919] SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_SYSTEM_CONTROL [EF953919] SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_DEVICE_CHANGE [EF953919] SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_QUERY_QUOTA [EF953919] SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_SET_QUOTA [EF953919] SYMTDI.SYS AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_CREATE [EF918290] SYMEVENT.SYS AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_CREATE_NAMED_PIPE [EF918290] SYMEVENT.SYS AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_CLOSE [EF918290] SYMEVENT.SYS AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_READ [EF918330] SYMEVENT.SYS AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_WRITE [EF9183A0] SYMEVENT.SYS AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_QUERY_INFORMATION [EF918290] SYMEVENT.SYS AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_SET_INFORMATION [EF918290] SYMEVENT.SYS AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_QUERY_EA [EF918290] SYMEVENT.SYS AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_SET_EA [EF918290] SYMEVENT.SYS AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_FLUSH_BUFFERS [EF918290] SYMEVENT.SYS AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_QUERY_VOLUME_INFORMATION [EF918290] SYMEVENT.SYS AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_SET_VOLUME_INFORMATION [EF918290] SYMEVENT.SYS AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_DIRECTORY_CONTROL [EF918290] SYMEVENT.SYS AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_FILE_SYSTEM_CONTROL [EF918290] SYMEVENT.SYS AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_DEVICE_CONTROL [EF918290] SYMEVENT.SYS AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_INTERNAL_DEVICE_CONTROL [EF918290] SYMEVENT.SYS AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_SHUTDOWN [EF918290] SYMEVENT.SYS AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_LOCK_CONTROL [EF918290] SYMEVENT.SYS AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_CLEANUP [EF918290] SYMEVENT.SYS AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_CREATE_MAILSLOT [EF918290] SYMEVENT.SYS AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_QUERY_SECURITY [EF918290] SYMEVENT.SYS AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_SET_SECURITY [EF918290] SYMEVENT.SYS AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_POWER [EF918290] SYMEVENT.SYS AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_SYSTEM_CONTROL [EF918290] SYMEVENT.SYS AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_DEVICE_CHANGE [EF918290] SYMEVENT.SYS AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_QUERY_QUOTA [EF918290] SYMEVENT.SYS AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_SET_QUOTA [EF918290] SYMEVENT.SYS ---- Registry - GMER 1.0.13 ---- Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{47629D4B-2AD3-4e50-B716-A66C15C63153}\InprocServer32@ThreadingModel Apartment Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{47629D4B-2AD3-4e50-B716-A66C15C63153}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{47629D4B-2AD3-4e50-B716-A66C15C63153}\InprocServer32@cd042efbbd7f7af1647644e76e06692b 0xC8 0x28 0x51 0xAF ... Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{604BB98A-A94F-4a5c-A67C-D8D3582C741C}\InprocServer32@ThreadingModel Apartment Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{604BB98A-A94F-4a5c-A67C-D8D3582C741C}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{604BB98A-A94F-4a5c-A67C-D8D3582C741C}\InprocServer32@bca643cdc5c2726b20d2ecedcc62c59b 0x71 0x3B 0x04 0x66 ... Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{684373FB-9CD8-4e47-B990-5A4466C16034}\InprocServer32@ThreadingModel Apartment Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{684373FB-9CD8-4e47-B990-5A4466C16034}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{684373FB-9CD8-4e47-B990-5A4466C16034}\InprocServer32@2c81e34222e8052573023a60d06dd016 0xFF 0x7C 0x85 0xE0 ... Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{74554CCD-F60F-4708-AD98-D0152D08C8B9}\InprocServer32@ThreadingModel Apartment Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{74554CCD-F60F-4708-AD98-D0152D08C8B9}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{74554CCD-F60F-4708-AD98-D0152D08C8B9}\InprocServer32@2582ae41fb52324423be06337561aa48 0x3E 0x1E 0x9E 0xE0 ... Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{7EB537F9-A916-4339-B91B-DED8E83632C0}\InprocServer32@ThreadingModel Apartment Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{7EB537F9-A916-4339-B91B-DED8E83632C0}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{7EB537F9-A916-4339-B91B-DED8E83632C0}\InprocServer32@caaeda5fd7a9ed7697d9686d4b818472 0xCD 0x44 0xCD 0xB9 ... Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{948395E8-7A56-4fb1-843B-3E52D94DB145}\InprocServer32@ThreadingModel Apartment Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{948395E8-7A56-4fb1-843B-3E52D94DB145}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{948395E8-7A56-4fb1-843B-3E52D94DB145}\InprocServer32@a4a1bcf2cc2b8bc3716b74b2b4522f5d 0xDF 0x20 0x58 0x62 ... Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{AC3ED30B-6F1A-4bfc-A4F6-2EBDCCD34C19}\InprocServer32@ThreadingModel Apartment Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{AC3ED30B-6F1A-4bfc-A4F6-2EBDCCD34C19}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{AC3ED30B-6F1A-4bfc-A4F6-2EBDCCD34C19}\InprocServer32@4d370831d2c43cd13623e232fed27b7b 0xFB 0xA7 0x78 0xE6 ... Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{DE5654CA-EB84-4df9-915B-37E957082D6D}\InprocServer32@ThreadingModel Apartment Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{DE5654CA-EB84-4df9-915B-37E957082D6D}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{DE5654CA-EB84-4df9-915B-37E957082D6D}\InprocServer32@1d68fe701cdea33e477eb204b76f993d 0x01 0x3A 0x48 0xFC ... Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{E39C35E8-7488-4926-92B2-2F94619AC1A5}\InprocServer32@ThreadingModel Apartment Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{E39C35E8-7488-4926-92B2-2F94619AC1A5}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{E39C35E8-7488-4926-92B2-2F94619AC1A5}\InprocServer32@1fac81b91d8e3c5aa4b0a51804d844a3 0x51 0xFA 0x6E 0x91 ... Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{EACAFCE5-B0E2-4288-8073-C02FF9619B6F}\InprocServer32@ThreadingModel Apartment Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{EACAFCE5-B0E2-4288-8073-C02FF9619B6F}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{EACAFCE5-B0E2-4288-8073-C02FF9619B6F}\InprocServer32@f5f62a6129303efb32fbe080bb27835b 0xB1 0xCD 0x45 0x5A ... Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{F8F02ADD-7366-4186-9488-C21CB8B3DCEC}\InprocServer32@ThreadingModel Apartment Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{F8F02ADD-7366-4186-9488-C21CB8B3DCEC}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{F8F02ADD-7366-4186-9488-C21CB8B3DCEC}\InprocServer32@fd4e2e1a3940b94dceb5a6a021f2e3c6 0x2A 0xB7 0xCC 0xB5 ... Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{FEE45DE2-A467-4bf9-BF2D-1411304BCD84}\InprocServer32@ThreadingModel Apartment Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{FEE45DE2-A467-4bf9-BF2D-1411304BCD84}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{FEE45DE2-A467-4bf9-BF2D-1411304BCD84}\InprocServer32@8a8aec57dd6508a385616fbc86791ec2 0xFA 0xEA 0x66 0x7F ... ---- EOF - GMER 1.0.13 ---- e questo e di findawf Find AWF report by noahdfear ©2006 Version 1.40 bak folders found ~~~~~~~~~~~ Duplicate files of bak directory contents ~~~~~~~~~~~~~~~~~~~~~~~ end of report Ultima modifica di xcdegasp : 11-11-2007 alle 17:19. |
|
|
|
|
23-10-2007, 19:45
|
#6 |
|
Bannato
Iscritto dal: Mar 2004
Città: Galapagos Attenzione:utente flautolente,tienilo a mente
Messaggi: 29028
|
hai già provato come ti ha segnalato gle?
|
|
|
|
|
25-10-2007, 19:35
|
#7 |
|
Member
Iscritto dal: Sep 2007
Messaggi: 40
|
si certo ma con esito negativo.....
|
|
|
|
|
25-10-2007, 19:37
|
#8 |
|
Senior Member
Iscritto dal: Aug 2007
Città: Lucca Sesso: FEMMINA
Messaggi: 2495
|
Prova anche questi due:
ASQUARED FREE: clicca qui per il download una volta installato, scarica gli aggiornamenti e poi, esegui una scansione del sistema in modalità Deep Scan e rimuovi tutto ciò che viene rilevato con esclusione dei riferimenti a Software, MIrc, fotocamere digitali e/o scanner eventualmente installati. ASQUARED ANTIDIALER FREE: clicca qui per il download una volta installato, scarica gli aggiornamenti e poi, esegui una scansione del sistema. Ciao e facci sapere 
|
|
|
|
|
25-10-2007, 19:40
|
#9 |
|
Bannato
Iscritto dal: Mar 2004
Città: Galapagos Attenzione:utente flautolente,tienilo a mente
Messaggi: 29028
|
prova con gmer a scansionare ads e files,poi postane l'esito
|
|
|
|
|
25-10-2007, 20:55
|
#10 |
|
Member
Iscritto dal: Sep 2007
Messaggi: 40
|
questo e lesito di gmer dopo faccio come mi a detto gle89
Codice:
GMER 1.0.13.12551 - http://www.gmer.net Rootkit scan 2007-10-23 19:26:42 Windows 5.1.2600 Service Pack 2 ---- System - GMER 1.0.13 ---- SSDT 823ECFC0 ZwConnectPort SSDT 8249D898 ZwOpenProcess SSDT 825735F0 ZwOpenThread ---- User code sections - GMER 1.0.13 ---- .text C:\Programmi\MSN Messenger\MsnMsgr.Exe[184] kernel32.dll!LoadLibraryA 7C801D77 5 Bytes JMP 10005AF0 C:\Programmi\Ray Adams\ATI Tray Tools\raphook.dll .text C:\Programmi\MSN Messenger\MsnMsgr.Exe[184] kernel32.dll!SetUnhandledExceptionFilter 7C810386 5 Bytes JMP 004DE392 C:\Programmi\MSN Messenger\MsnMsgr.Exe .text C:\Programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe[2460] kernel32.dll!LoadLibraryA 7C801D77 5 Bytes JMP 00EB5AF0 C:\Programmi\Ray Adams\ATI Tray Tools\raphook.dll .text C:\Programmi\Synaptics\SynTP\SynTPLpr.exe[2652] kernel32.dll!LoadLibraryA 7C801D77 5 Bytes JMP 00E75AF0 C:\Programmi\Ray Adams\ATI Tray Tools\raphook.dll .text C:\Programmi\Synaptics\SynTP\SynTPEnh.exe[3124] kernel32.dll!LoadLibraryA 7C801D77 5 Bytes JMP 01135AF0 C:\Programmi\Ray Adams\ATI Tray Tools\raphook.dll .text C:\Documents and Settings\Francesco\Desktop\gmer.exe[3304] kernel32.dll!LoadLibraryA 7C801D77 5 Bytes JMP 10005AF0 C:\Programmi\Ray Adams\ATI Tray Tools\raphook.dll .text C:\Programmi\Atheros\ACU.exe[3392] kernel32.dll!LoadLibraryA 7C801D77 5 Bytes JMP 00DD5AF0 C:\Programmi\Ray Adams\ATI Tray Tools\raphook.dll .text ... ---- Devices - GMER 1.0.13 ---- AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_CREATE [EF918290] SYMEVENT.SYS AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_CREATE_NAMED_PIPE [EF918290] SYMEVENT.SYS AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_CLOSE [EF918290] SYMEVENT.SYS AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_READ [EF918330] SYMEVENT.SYS AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_WRITE [EF9183A0] SYMEVENT.SYS AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_INFORMATION [EF918290] SYMEVENT.SYS AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_SET_INFORMATION [EF918290] SYMEVENT.SYS AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_EA [EF918290] SYMEVENT.SYS AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_SET_EA [EF918290] SYMEVENT.SYS AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_FLUSH_BUFFERS [EF918290] SYMEVENT.SYS AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_VOLUME_INFORMATION [EF918290] SYMEVENT.SYS AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_SET_VOLUME_INFORMATION [EF918290] SYMEVENT.SYS AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_DIRECTORY_CONTROL [EF918290] SYMEVENT.SYS AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_FILE_SYSTEM_CONTROL [EF918290] SYMEVENT.SYS AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_DEVICE_CONTROL [EF918290] SYMEVENT.SYS AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_INTERNAL_DEVICE_CONTROL [EF918290] SYMEVENT.SYS AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_SHUTDOWN [EF918290] SYMEVENT.SYS AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_LOCK_CONTROL [EF918290] SYMEVENT.SYS AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_CLEANUP [EF918290] SYMEVENT.SYS AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_CREATE_MAILSLOT [EF918290] SYMEVENT.SYS AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_SECURITY [EF918290] SYMEVENT.SYS AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_SET_SECURITY [EF918290] SYMEVENT.SYS AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_POWER [EF918290] SYMEVENT.SYS AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_SYSTEM_CONTROL [EF918290] SYMEVENT.SYS AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_DEVICE_CHANGE [EF918290] SYMEVENT.SYS AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_QUOTA [EF918290] SYMEVENT.SYS AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_SET_QUOTA [EF918290] SYMEVENT.SYS AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_CREATE [EF953919] SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_CREATE_NAMED_PIPE [EF953919] SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_CLOSE [EF953919] SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_READ [EF953919] SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_WRITE [EF953919] SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_QUERY_INFORMATION [EF953919] SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_SET_INFORMATION [EF953919] SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_QUERY_EA [EF953919] SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_SET_EA [EF953919] SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_FLUSH_BUFFERS [EF953919] SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_QUERY_VOLUME_INFORMATION [EF953919] SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_SET_VOLUME_INFORMATION [EF953919] SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_DIRECTORY_CONTROL [EF953919] SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_FILE_SYSTEM_CONTROL [EF953919] SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_DEVICE_CONTROL [EF953919] SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_INTERNAL_DEVICE_CONTROL [EF953919] SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_SHUTDOWN [EF953919] SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_LOCK_CONTROL [EF953919] SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_CLEANUP [EF953919] SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_CREATE_MAILSLOT [EF953919] SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_QUERY_SECURITY [EF953919] SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_SET_SECURITY [EF953919] SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_POWER [EF953919] SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_SYSTEM_CONTROL [EF953919] SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_DEVICE_CHANGE [EF953919] SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_QUERY_QUOTA [EF953919] SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_SET_QUOTA [EF953919] SYMTDI.SYS AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 IRP_MJ_CREATE [F81B1E00] SynTP.sys AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 IRP_MJ_CREATE_NAMED_PIPE [F81B1E00] SynTP.sys AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 IRP_MJ_CLOSE [F81B1E00] SynTP.sys AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 IRP_MJ_READ [F81B1E00] SynTP.sys AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 IRP_MJ_WRITE [F81B1E00] SynTP.sys AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 IRP_MJ_QUERY_INFORMATION [F81B1E00] SynTP.sys AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 IRP_MJ_SET_INFORMATION [F81B1E00] SynTP.sys AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 IRP_MJ_QUERY_EA [F81B1E00] SynTP.sys AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 IRP_MJ_SET_EA [F81B1E00] SynTP.sys AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 IRP_MJ_FLUSH_BUFFERS [F81B1E00] SynTP.sys AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 IRP_MJ_QUERY_VOLUME_INFORMATION [F81B1E00] SynTP.sys AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 IRP_MJ_SET_VOLUME_INFORMATION [F81B1E00] SynTP.sys AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 IRP_MJ_DIRECTORY_CONTROL [F81B1E00] SynTP.sys AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 IRP_MJ_FILE_SYSTEM_CONTROL [F81B1E00] SynTP.sys AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 IRP_MJ_DEVICE_CONTROL [F81B1E00] SynTP.sys AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 IRP_MJ_INTERNAL_DEVICE_CONTROL [F81B1E00] SynTP.sys AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 IRP_MJ_SHUTDOWN [F81B1E00] SynTP.sys AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 IRP_MJ_LOCK_CONTROL [F81B1E00] SynTP.sys AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 IRP_MJ_CLEANUP [F81B1E00] SynTP.sys AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 IRP_MJ_CREATE_MAILSLOT [F81B1E00] SynTP.sys AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 IRP_MJ_QUERY_SECURITY [F81B1E00] SynTP.sys AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 IRP_MJ_SET_SECURITY [F81B1E00] SynTP.sys AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 IRP_MJ_POWER [F81B1E00] SynTP.sys AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 IRP_MJ_SYSTEM_CONTROL [F81B1E00] SynTP.sys AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 IRP_MJ_DEVICE_CHANGE [F81B1E00] SynTP.sys AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 IRP_MJ_QUERY_QUOTA [F81B1E00] SynTP.sys AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 IRP_MJ_SET_QUOTA [F81B1E00] SynTP.sys AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 IRP_MJ_CREATE [F81B1E00] SynTP.sys AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 IRP_MJ_CREATE_NAMED_PIPE [F81B1E00] SynTP.sys AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 IRP_MJ_CLOSE [F81B1E00] SynTP.sys AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 IRP_MJ_READ [F81B1E00] SynTP.sys AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 IRP_MJ_WRITE [F81B1E00] SynTP.sys AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 IRP_MJ_QUERY_INFORMATION [F81B1E00] SynTP.sys AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 IRP_MJ_SET_INFORMATION [F81B1E00] SynTP.sys AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 IRP_MJ_QUERY_EA [F81B1E00] SynTP.sys AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 IRP_MJ_SET_EA [F81B1E00] SynTP.sys AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 IRP_MJ_FLUSH_BUFFERS [F81B1E00] SynTP.sys AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 IRP_MJ_QUERY_VOLUME_INFORMATION [F81B1E00] SynTP.sys AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 IRP_MJ_SET_VOLUME_INFORMATION [F81B1E00] SynTP.sys AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 IRP_MJ_DIRECTORY_CONTROL [F81B1E00] SynTP.sys AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 IRP_MJ_FILE_SYSTEM_CONTROL [F81B1E00] SynTP.sys AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 IRP_MJ_DEVICE_CONTROL [F81B1E00] SynTP.sys AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 IRP_MJ_INTERNAL_DEVICE_CONTROL [F81B1E00] SynTP.sys AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 IRP_MJ_SHUTDOWN [F81B1E00] SynTP.sys AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 IRP_MJ_LOCK_CONTROL [F81B1E00] SynTP.sys AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 IRP_MJ_CLEANUP [F81B1E00] SynTP.sys AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 IRP_MJ_CREATE_MAILSLOT [F81B1E00] SynTP.sys AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 IRP_MJ_QUERY_SECURITY [F81B1E00] SynTP.sys AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 IRP_MJ_SET_SECURITY [F81B1E00] SynTP.sys AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 IRP_MJ_POWER [F81B1E00] SynTP.sys AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 IRP_MJ_SYSTEM_CONTROL [F81B1E00] SynTP.sys AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 IRP_MJ_DEVICE_CHANGE [F81B1E00] SynTP.sys AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 IRP_MJ_QUERY_QUOTA [F81B1E00] SynTP.sys AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 IRP_MJ_SET_QUOTA [F81B1E00] SynTP.sys AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_CREATE [EF953919] SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_CREATE_NAMED_PIPE [EF953919] SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_CLOSE [EF953919] SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_READ [EF953919] SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_WRITE [EF953919] SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_QUERY_INFORMATION [EF953919] SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_SET_INFORMATION [EF953919] SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_QUERY_EA [EF953919] SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_SET_EA [EF953919] SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_FLUSH_BUFFERS [EF953919] SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_QUERY_VOLUME_INFORMATION [EF953919] SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_SET_VOLUME_INFORMATION [EF953919] SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_DIRECTORY_CONTROL [EF953919] SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_FILE_SYSTEM_CONTROL [EF953919] SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_DEVICE_CONTROL [EF953919] SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_INTERNAL_DEVICE_CONTROL [EF953919] SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_SHUTDOWN [EF953919] SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_LOCK_CONTROL [EF953919] SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_CLEANUP [EF953919] SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_CREATE_MAILSLOT [EF953919] SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_QUERY_SECURITY [EF953919] SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_SET_SECURITY [EF953919] SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_POWER [EF953919] SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_SYSTEM_CONTROL [EF953919] SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_DEVICE_CHANGE [EF953919] SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_QUERY_QUOTA [EF953919] SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_SET_QUOTA [EF953919] SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_CREATE [EF953919] SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_CREATE_NAMED_PIPE [EF953919] SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_CLOSE [EF953919] SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_READ [EF953919] SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_WRITE [EF953919] SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_QUERY_INFORMATION [EF953919] SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_SET_INFORMATION [EF953919] SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_QUERY_EA [EF953919] SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_SET_EA [EF953919] SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_FLUSH_BUFFERS [EF953919] SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_QUERY_VOLUME_INFORMATION [EF953919] SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_SET_VOLUME_INFORMATION [EF953919] SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_DIRECTORY_CONTROL [EF953919] SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_FILE_SYSTEM_CONTROL [EF953919] SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_DEVICE_CONTROL [EF953919] SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_INTERNAL_DEVICE_CONTROL [EF953919] SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_SHUTDOWN [EF953919] SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_LOCK_CONTROL [EF953919] SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_CLEANUP [EF953919] SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_CREATE_MAILSLOT [EF953919] SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_QUERY_SECURITY [EF953919] SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_SET_SECURITY [EF953919] SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_POWER [EF953919] SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_SYSTEM_CONTROL [EF953919] SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_DEVICE_CHANGE [EF953919] SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_QUERY_QUOTA [EF953919] SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_SET_QUOTA [EF953919] SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_CREATE [EF953919] SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_CREATE_NAMED_PIPE [EF953919] SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_CLOSE [EF953919] SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_READ [EF953919] SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_WRITE [EF953919] SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_QUERY_INFORMATION [EF953919] SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_SET_INFORMATION [EF953919] SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_QUERY_EA [EF953919] SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_SET_EA [EF953919] SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_FLUSH_BUFFERS [EF953919] SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_QUERY_VOLUME_INFORMATION [EF953919] SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_SET_VOLUME_INFORMATION [EF953919] SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_DIRECTORY_CONTROL [EF953919] SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_FILE_SYSTEM_CONTROL [EF953919] SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_DEVICE_CONTROL [EF953919] SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_INTERNAL_DEVICE_CONTROL [EF953919] SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_SHUTDOWN [EF953919] SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_LOCK_CONTROL [EF953919] SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_CLEANUP [EF953919] SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_CREATE_MAILSLOT [EF953919] SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_QUERY_SECURITY [EF953919] SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_SET_SECURITY [EF953919] SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_POWER [EF953919] SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_SYSTEM_CONTROL [EF953919] SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_DEVICE_CHANGE [EF953919] SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_QUERY_QUOTA [EF953919] SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_SET_QUOTA [EF953919] SYMTDI.SYS AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_CREATE [EF918290] SYMEVENT.SYS AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_CREATE_NAMED_PIPE [EF918290] SYMEVENT.SYS AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_CLOSE [EF918290] SYMEVENT.SYS AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_READ [EF918330] SYMEVENT.SYS AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_WRITE [EF9183A0] SYMEVENT.SYS AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_QUERY_INFORMATION [EF918290] SYMEVENT.SYS AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_SET_INFORMATION [EF918290] SYMEVENT.SYS AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_QUERY_EA [EF918290] SYMEVENT.SYS AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_SET_EA [EF918290] SYMEVENT.SYS AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_FLUSH_BUFFERS [EF918290] SYMEVENT.SYS AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_QUERY_VOLUME_INFORMATION [EF918290] SYMEVENT.SYS AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_SET_VOLUME_INFORMATION [EF918290] SYMEVENT.SYS AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_DIRECTORY_CONTROL [EF918290] SYMEVENT.SYS AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_FILE_SYSTEM_CONTROL [EF918290] SYMEVENT.SYS AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_DEVICE_CONTROL [EF918290] SYMEVENT.SYS AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_INTERNAL_DEVICE_CONTROL [EF918290] SYMEVENT.SYS AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_SHUTDOWN [EF918290] SYMEVENT.SYS AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_LOCK_CONTROL [EF918290] SYMEVENT.SYS AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_CLEANUP [EF918290] SYMEVENT.SYS AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_CREATE_MAILSLOT [EF918290] SYMEVENT.SYS AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_QUERY_SECURITY [EF918290] SYMEVENT.SYS AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_SET_SECURITY [EF918290] SYMEVENT.SYS AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_POWER [EF918290] SYMEVENT.SYS AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_SYSTEM_CONTROL [EF918290] SYMEVENT.SYS AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_DEVICE_CHANGE [EF918290] SYMEVENT.SYS AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_QUERY_QUOTA [EF918290] SYMEVENT.SYS AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_SET_QUOTA [EF918290] SYMEVENT.SYS ---- Registry - GMER 1.0.13 ---- Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{47629D4B-2AD3-4e50-B716-A66C15C63153}\InprocServer32@ThreadingModel Apartment Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{47629D4B-2AD3-4e50-B716-A66C15C63153}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{47629D4B-2AD3-4e50-B716-A66C15C63153}\InprocServer32@cd042efbbd7f7af1647644e76e06692b 0xC8 0x28 0x51 0xAF ... Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{604BB98A-A94F-4a5c-A67C-D8D3582C741C}\InprocServer32@ThreadingModel Apartment Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{604BB98A-A94F-4a5c-A67C-D8D3582C741C}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{604BB98A-A94F-4a5c-A67C-D8D3582C741C}\InprocServer32@bca643cdc5c2726b20d2ecedcc62c59b 0x71 0x3B 0x04 0x66 ... Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{684373FB-9CD8-4e47-B990-5A4466C16034}\InprocServer32@ThreadingModel Apartment Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{684373FB-9CD8-4e47-B990-5A4466C16034}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{684373FB-9CD8-4e47-B990-5A4466C16034}\InprocServer32@2c81e34222e8052573023a60d06dd016 0xFF 0x7C 0x85 0xE0 ... Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{74554CCD-F60F-4708-AD98-D0152D08C8B9}\InprocServer32@ThreadingModel Apartment Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{74554CCD-F60F-4708-AD98-D0152D08C8B9}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{74554CCD-F60F-4708-AD98-D0152D08C8B9}\InprocServer32@2582ae41fb52324423be06337561aa48 0x3E 0x1E 0x9E 0xE0 ... Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{7EB537F9-A916-4339-B91B-DED8E83632C0}\InprocServer32@ThreadingModel Apartment Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{7EB537F9-A916-4339-B91B-DED8E83632C0}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{7EB537F9-A916-4339-B91B-DED8E83632C0}\InprocServer32@caaeda5fd7a9ed7697d9686d4b818472 0xCD 0x44 0xCD 0xB9 ... Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{948395E8-7A56-4fb1-843B-3E52D94DB145}\InprocServer32@ThreadingModel Apartment Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{948395E8-7A56-4fb1-843B-3E52D94DB145}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{948395E8-7A56-4fb1-843B-3E52D94DB145}\InprocServer32@a4a1bcf2cc2b8bc3716b74b2b4522f5d 0xDF 0x20 0x58 0x62 ... Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{AC3ED30B-6F1A-4bfc-A4F6-2EBDCCD34C19}\InprocServer32@ThreadingModel Apartment Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{AC3ED30B-6F1A-4bfc-A4F6-2EBDCCD34C19}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{AC3ED30B-6F1A-4bfc-A4F6-2EBDCCD34C19}\InprocServer32@4d370831d2c43cd13623e232fed27b7b 0xFB 0xA7 0x78 0xE6 ... Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{DE5654CA-EB84-4df9-915B-37E957082D6D}\InprocServer32@ThreadingModel Apartment Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{DE5654CA-EB84-4df9-915B-37E957082D6D}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{DE5654CA-EB84-4df9-915B-37E957082D6D}\InprocServer32@1d68fe701cdea33e477eb204b76f993d 0x01 0x3A 0x48 0xFC ... Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{E39C35E8-7488-4926-92B2-2F94619AC1A5}\InprocServer32@ThreadingModel Apartment Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{E39C35E8-7488-4926-92B2-2F94619AC1A5}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{E39C35E8-7488-4926-92B2-2F94619AC1A5}\InprocServer32@1fac81b91d8e3c5aa4b0a51804d844a3 0x51 0xFA 0x6E 0x91 ... Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{EACAFCE5-B0E2-4288-8073-C02FF9619B6F}\InprocServer32@ThreadingModel Apartment Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{EACAFCE5-B0E2-4288-8073-C02FF9619B6F}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{EACAFCE5-B0E2-4288-8073-C02FF9619B6F}\InprocServer32@f5f62a6129303efb32fbe080bb27835b 0xB1 0xCD 0x45 0x5A ... Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{F8F02ADD-7366-4186-9488-C21CB8B3DCEC}\InprocServer32@ThreadingModel Apartment Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{F8F02ADD-7366-4186-9488-C21CB8B3DCEC}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{F8F02ADD-7366-4186-9488-C21CB8B3DCEC}\InprocServer32@fd4e2e1a3940b94dceb5a6a021f2e3c6 0x2A 0xB7 0xCC 0xB5 ... Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{FEE45DE2-A467-4bf9-BF2D-1411304BCD84}\InprocServer32@ThreadingModel Apartment Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{FEE45DE2-A467-4bf9-BF2D-1411304BCD84}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{FEE45DE2-A467-4bf9-BF2D-1411304BCD84}\InprocServer32@8a8aec57dd6508a385616fbc86791ec2 0xFA 0xEA 0x66 0x7F ... ---- EOF - GMER 1.0.13 ---- Ultima modifica di xcdegasp : 08-11-2007 alle 17:21. |
|
|
|
|
28-10-2007, 00:05
|
#11 |
|
Member
Iscritto dal: Sep 2007
Messaggi: 40
|
raga nienre quindi dicono che il mio caso e un po difficile e un virus nuovo
|
|
|
|
|
28-10-2007, 00:07
|
#12 | |
|
Bannato
Iscritto dal: Mar 2004
Città: Galapagos Attenzione:utente flautolente,tienilo a mente
Messaggi: 29028
|
Quote:
|
|
|
|
|
|
28-10-2007, 00:50
|
#13 | |
|
Bannato
Iscritto dal: Jul 2007
Città: Riverside House
Messaggi: 3333
|
Quote:
 .... anzi .... direi .... al gelato .... 
|
|
|
|
|
|
08-11-2007, 16:57
|
#14 |
|
Member
Iscritto dal: Sep 2007
Messaggi: 40
|
raga allora e possibile che non si puo risolvere e talmente tosto sto dialer....
|
|
|
|
|
08-11-2007, 17:05
|
#15 |
|
Senior Member
Iscritto dal: Aug 2007
Città: Lucca Sesso: FEMMINA
Messaggi: 2495
|
Ripartiamo da capo con calma e pazienza:
1)qual'è il problema? quali sono i sintomi 2)posta un nuovo log di hjt, allegandolo con la funzione "gestisci allegati" oppure mettendolo fra i tag (code).....(/code) sostituendo le parentesi tonde con quelle quadrate |
|
|
|
|
08-11-2007, 17:38
|
#16 | |
|
Bannato
Iscritto dal: Jul 2007
Città: Riverside House
Messaggi: 3333
|
Quote:
FINDAWF: clicca qui per il download ● una volta scaricato, avvialo ● si aprirà un finestra in stile dos: clicca su un tasto qualunque ● al termine della scansione verrà proposto un Report: lo alleghi alla discussione. Per quanto riguarda la pubblicazione dei log e/o report che ti verrano richiesti: ● se il relativo txt generato è al max 20 kb, deve essere allegato alla discussione, utilizzando l'apposita funzione Gestisci Allegati; ● se superiore a 20 kb, deve essere allegato utlizzando il tag code dall'editor del messaggio; ● in alternativa sempre se superiore a 20 kb, hostato su Zshare clicca qui per raggiungere ZShare, pubblicando, nella discussione, il link che verrà rilasciato per il download |
|
|
|
|
|
08-11-2007, 17:46
|
#17 | |
|
Bannato
Iscritto dal: Mar 2004
Città: Galapagos Attenzione:utente flautolente,tienilo a mente
Messaggi: 29028
|
Quote:
|
|
|
|
|
|
08-11-2007, 18:33
|
#18 |
|
Member
Iscritto dal: Sep 2007
Messaggi: 40
|
ok allora con findawf mi da questo risultato
Find AWF report by noahdfear ©2006 bak folders found ~~~~~~~~~~~ Duplicate files of bak directory contents ~~~~~~~~~~~~~~~~~~~~~~~ end of report adesso posto il log di HijackThis i sintomi sono i soliti continua a staccare la connessione il dialer e local internet. vi allego anche il log gmer speriamo bene....... |
|
|
|
|
08-11-2007, 18:47
|
#19 | |
|
Bannato
Iscritto dal: Jul 2007
Città: Riverside House
Messaggi: 3333
|
Quote:
ASQUARED ANTIDIALER FREE: clicca qui per il download una volta installato, scarica gli aggiornamenti e poi, esegui una scansione del sistema. La prossima volta, anche se fosse composto solo da 4 righe, allega i log, usando la funzione Gestisci Allegati come previsto dal Regolamento di Sezione. Ultima modifica di Riverside : 08-11-2007 alle 18:49. |
|
|
|
|
|
08-11-2007, 18:50
|
#20 |
|
Bannato
Iscritto dal: Jul 2007
Città: Riverside House
Messaggi: 3333
|
Il log di HThis è pulito, dovresti però:
aggiornare INTERNET EXPLORER: clicca qui per il download installare JAVASUN: clicca qui per il download |
|
|
|
|
|
| Strumenti | |
|
|
Tutti gli orari sono GMT +1. Ora sono le: 00:26.
