|
|
|
|
Strumenti |
09-11-2007, 18:08 | #101 |
Moderatore
Iscritto dal: Jun 2007
Città: 127.0.0.1
Messaggi: 25885
|
*post doppio
__________________
Try again and you will be luckier.
Ultima modifica di Chill-Out : 09-11-2007 alle 20:50. |
09-11-2007, 20:50 | #102 |
Moderatore
Iscritto dal: Jun 2007
Città: 127.0.0.1
Messaggi: 25885
|
* post triplo connessione del cavolo, sorry.
__________________
Try again and you will be luckier.
|
11-11-2007, 18:40 | #103 |
Junior Member
Iscritto dal: Oct 2007
Messaggi: 2
|
Ciao Chill-Out e grazie, per il consiglio.
Mi sono sentito risolleevato nel sentire che non è grave. Scusami anche per il ritardo, ma siccome ancora non riesco ad entrare nel Pc, non sono riuscito a risponderti prima. Infatti come dicevo, nel riavvio il PC si bloccava appena appariva la schermata con 2 strisce blu in alto ed in basso, con l'unica possibilità del riavvio all'infinito. siccome ho solo un Hard Disk, e quindi nessuna possibilità di poterlo usare, come posso riuscire a correggere questo errore da me? Ciao |
11-11-2007, 20:18 | #104 | |
Moderatore
Iscritto dal: Jun 2007
Città: 127.0.0.1
Messaggi: 25885
|
Quote:
__________________
Try again and you will be luckier.
|
|
12-11-2007, 20:10 | #105 |
Senior Member
Iscritto dal: Aug 2006
Città: AS-ROMA
Messaggi: 976
|
Chill-Out, io provo ad allegare un mio log di GMER sperando me lo prenda, sto facendo ora la scansione, ma di tutti i vari programmi antivirus e sicurezza è l'unico che conosco poco; me lo ha consigliato xcdegasp (Daniele) in persona, quindi mi fido.
Ecco il log:http://www.zshare.net/info.html?4861...61c9eb0c6d74bf |
12-11-2007, 20:38 | #106 |
Senior Member
Iscritto dal: Aug 2005
Città: Genova
Messaggi: 3391
|
pulito
|
12-11-2007, 21:02 | #107 |
Senior Member
Iscritto dal: Aug 2006
Città: AS-ROMA
Messaggi: 976
|
Grazie Bugs
|
17-12-2007, 18:10 | #108 |
Senior Member
Iscritto dal: Aug 2006
Città: AS-ROMA
Messaggi: 976
|
mi trova 3 voci non in rosso ma che dicono msg strani, qlcuno mi può dare 1 controllatina, grazie.
http://www.zshare.net/info.html?5699...a64715b7acc886 |
17-12-2007, 18:16 | #109 | |
Bannato
Iscritto dal: Oct 2007
Città: Palermo
Messaggi: 4623
|
sono questi i mess strani?
Quote:
|
|
17-12-2007, 18:49 | #110 |
Senior Member
Iscritto dal: Aug 2006
Città: AS-ROMA
Messaggi: 976
|
esatto Murack, forse mi erano già comparsi ma non ci avevo mai fatto caso, io sapevo che se gmer trova righe rosse sono cavoli amari, quelle righe sono nere però danno msg per me strani, parlo da inesperto ovviamente....
|
17-12-2007, 19:13 | #111 |
Bannato
Iscritto dal: Oct 2007
Città: Palermo
Messaggi: 4623
|
hai per caso installato programmi tipo daemon tools?
programmi che creano finte unità dvd/cd x conservere nel pc setup di programmi come office,nero,ecc? a me quel file (sptd.sys) mi è comparso quando ho installato daemon tools e quando l'ho rimosso ho dovuto rimuovere manualmente quel file e altri casini che nn ricordo...forse è per questo che ti da quei problemi.....ma nn ne sono sicuro |
17-12-2007, 22:15 | #112 | |
Senior Member
Iscritto dal: Aug 2006
Città: AS-ROMA
Messaggi: 976
|
Quote:
dici che avere installato DT può creare problemi? ciao |
|
17-12-2007, 22:16 | #113 | |
Senior Member
Iscritto dal: Aug 2006
Città: AS-ROMA
Messaggi: 976
|
Quote:
dici che avere installato DT può creare problemi operativi? ciao scusate il post doppio, questo è quello buono. |
|
17-12-2007, 22:19 | #114 |
Bannato
Iscritto dal: Oct 2007
Città: Palermo
Messaggi: 4623
|
i miei problemi sono sorti quando ho disinstallato daemons tool, nn so xò a cosa sia dovuto il tuo specifico problema
vediamo cosa dicono gli altri |
05-01-2008, 22:39 | #115 |
Senior Member
Iscritto dal: May 2001
Messaggi: 300
|
Per quanto riguarda Daemon tools leggete qui:
http://www.hwupgrade.it/forum/showthread.php?t=1271381
__________________
Keep The Metal Faith Alive - Chuck Schuldiner Against all gods,Against all religions Do you believe in forever? I don't even believe in tomorrow… |
25-01-2008, 11:35 | #116 |
Moderatore
Iscritto dal: Jun 2007
Città: 127.0.0.1
Messaggi: 25885
|
Version 1.0.14.14116 del 2008.01.18
Segnalo l'uscita della nuova versione Version 1.0.14.14116 del 2008.01.18
Scaricabile al seguente indirizzo: http://www.gmer.net/files.php
__________________
Try again and you will be luckier.
|
07-02-2008, 15:55 | #117 |
Member
Iscritto dal: Sep 2007
Messaggi: 228
|
potete controllarmi questo log di gmer?ecco il link:
http://www.fileup.itadib.com/downloa...RVKK8mwEjGEqlM niente voci in rosso cmq... |
08-03-2008, 11:31 | #118 |
Junior Member
Iscritto dal: Mar 2007
Messaggi: 11
|
Non ci capisco più niente...sto usando gmer per analizzare il mio portatile su cui gira windows vista preinstallato da più di un anno (che dovrebbe essere compatibile da come ho letto sul sito di gmer) e certe volte mi trova degli "hidden process" e certe volte non trova nulla...ho riinstallato vista (utilizzando il famigerato dvd di ripristino fornitomi con il portatile) e pochi altri programmi (non daemon tools o simili) e ancora la stessa storia...certe volte ci sono degli "hidden process" e certe volte no...allego l'ultimo log di gmer sperando che possiate aiutarmi a capire. Ah, per la cronaca ho provato anche a utilizzare "avg antirootkit free" per analizzare il sistema, ma lui non trova mai nessun rootkit.
Codice:
GMER 1.0.14.14116 - http://www.gmer.net Rootkit scan 2008-03-08 12:18:35 Windows 6.0.6000 ---- Devices - GMER 1.0.14 ---- AttachedDevice \Driver\kbdclass \Device\KeyboardClass0 Wdf01000.sys (WDF dinamico/Microsoft Corporation) AttachedDevice \Driver\kbdclass \Device\KeyboardClass1 Wdf01000.sys (WDF dinamico/Microsoft Corporation) AttachedDevice \Driver\tdx \Device\Tcp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software) AttachedDevice \Driver\tdx \Device\Udp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software) AttachedDevice \FileSystem\fastfat \Fat fltmgr.sys (Gestione filtri file system Microsoft/Microsoft Corporation) ---- Processes - GMER 1.0.14 ---- Process hidden process (*** hidden *** ) 724 Process hidden process (*** hidden *** ) 1752 Process hidden process (*** hidden *** ) 1784 Process hidden process (*** hidden *** ) 1816 Process hidden process (*** hidden *** ) 2008 Process hidden process (*** hidden *** ) 16188 ---- Registry - GMER 1.0.14 ---- Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\00173104e249 Reg HKLM\SYSTEM\ControlSet003\Services\BTHPORT\Parameters\Keys\00173104e249 Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\EMDMgmt\òoÅÃ Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\EMDMgmt\òoÅÃ@CacheSizeInMB 0 Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\EMDMgmt\òoÅÃ@CacheStatus 2 Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\EMDMgmt\òoÅÃ@USBVersion 131072 Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\EMDMgmt\òoÅÃ@ReadSpeedKBs 0 Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\EMDMgmt\òoÅÃ@WriteSpeedKBs 0 Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\EMDMgmt\òoÅÃ@PhysicalDeviceSizeMB 476937 Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\EMDMgmt\òoÅÃ@RecommendedCacheSizeMB 0 Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\EMDMgmt\òoÅÃ@HasSlowRegions 0 Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\EMDMgmt\òoÅÃ@DoRetestDevice 0 Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\EMDMgmt\òoÅÃ@DeviceStatus 1 Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\EMDMgmt\òoÅÃ@LastTestedTime 0x00 0x00 0x00 0x00 ... ---- EOF - GMER 1.0.14 ---- |
09-03-2008, 15:01 | #119 |
Member
Iscritto dal: Jan 2008
Messaggi: 46
|
salve a tutti.
Ieri ho provato gmer sul mio notebook (con Xp). Ho avviato l'eseguibile e, dopo una serie di log (di colore nero, quelli che escono all'inizio), ho avviato la scansione tramite il tasto Scan (ovviamente ho lasciato flaggate le voci sulla destra come di default). Per due volte, dopo una decina di secondi, il programma si è autoterminato chiedendomi se inviare a wndws il messaggio di errore. La terza volta è riuscito a terminare la scansione producendo log di colore nero. Ho dunque alcune domande: 1) ho letto in qualche post che gmer lavora a basso livello, dunque può provocare problemi di crash. A me ha dato, come ho già detto, un errore tale da terminarlo automaticamente. è possibile che si verifichino danni seri al so, o ai dati sull'hd? 2) la scansione portata a termine è durata circa 30min. Ciò è dovuto al disordine infernale e al numero spropositato di cartelle e dati presenti sul io pc o è una cosa anormale? 3) il fatto di avere dei log di colore nero garantisce che non sono presenti rootkit? 4) quale altro antirootkit mi consigliate da usare insieme a gmer? (ho visto che i + scrupolosi arrivano ad usare 3 antirootkit diversi) grazie |
11-03-2008, 14:30 | #120 |
Bannato
Iscritto dal: Jul 2005
Messaggi: 261
|
Ciao ragazzi... ecco il mio log, mi devo preoccupare?
Codice:
GMER 1.0.14.14116 - http://www.gmer.net Rootkit scan 2008-03-08 13:51:36 Windows 5.1.2600 Service Pack 2 ---- System - GMER 1.0.14 ---- SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) ZwConnectPort [0xAE250040] SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) ZwCreateFile [0xAE24C930] SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) ZwCreateKey [0xAE257A80] SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) ZwCreatePort [0xAE250510] SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) ZwCreateProcess [0xAE256870] SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) ZwCreateProcessEx [0xAE256AA0] SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) ZwCreateSection [0xAE259FD0] SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) ZwCreateWaitablePort [0xAE250600] SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) ZwDeleteFile [0xAE24CF20] SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) ZwDeleteKey [0xAE2586E0] SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) ZwDeleteValueKey [0xAE258440] SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) ZwDuplicateObject [0xAE256580] SSDT sptd.sys ZwEnumerateKey [0xF772CE2C] SSDT sptd.sys ZwEnumerateValueKey [0xF772D1BA] SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) ZwLoadKey [0xAE2588B0] SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) ZwOpenFile [0xAE24CD70] SSDT sptd.sys ZwOpenKey [0xF77270B0] SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) ZwOpenProcess [0xAE256350] SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) ZwOpenThread [0xAE256150] SSDT sptd.sys ZwQueryKey [0xF772D292] SSDT sptd.sys ZwQueryValueKey [0xF772D112] SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) ZwRenameKey [0xAE259250] SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) ZwReplaceKey [0xAE258CB0] SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) ZwRequestWaitReplyPort [0xAE24FC00] SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) ZwRestoreKey [0xAE259080] SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) ZwSecureConnectPort [0xAE250220] SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) ZwSetInformationFile [0xAE24D120] SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) ZwSetValueKey [0xAE258140] SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) ZwTerminateProcess [0xAE256CD0] INT 0x01 \SystemRoot\system32\DRIVERS\ati2mtag.sys F6B6F4F6 INT 0x03 \SystemRoot\system32\DRIVERS\ati2mtag.sys F6B6F59C Code AA561E2C IoWriteOperationCount ---- Kernel code sections - GMER 1.0.14 ---- .text ntoskrnl.exe!ZwYieldExecution + 137 804E4FF8 12 Bytes [ 10, 05, 25, AE, 70, 68, 25, ... ] ? C:\WINDOWS\system32\drivers\sptd.sys Impossibile accedere al file. Il file è utilizzato da un altro processo. ? srescan.sys Impossibile trovare il file specificato. ! .text USBPORT.SYS!DllUnload F69B462C 5 Bytes JMP 85A40358 ? System32\Drivers\ayxfi2ma.SYS Impossibile trovare il file specificato. ! ---- User code sections - GMER 1.0.14 ---- .text C:\Documents and Settings\Livios\Desktop\Log ed utility\gmer\gmer.exe[2436] kernel32.dll!LoadLibraryA 7C801D77 5 Bytes JMP 10005BB0 C:\Programmi\ATI Tray Tools\raphook.dll .text C:\Programmi\Zone Labs\ZoneAlarm\zlclient.exe[2560] kernel32.dll!LoadLibraryA 7C801D77 5 Bytes JMP 01CB5BB0 C:\Programmi\ATI Tray Tools\raphook.dll ---- Kernel IAT/EAT - GMER 1.0.14 ---- IAT \WINDOWS\System32\Drivers\SCSIPORT.SYS[ntoskrnl.exe!IoConnectInterrupt] [F773D886] sptd.sys IAT pci.sys[ntoskrnl.exe!IoDetachDevice] [F773D832] sptd.sys IAT pci.sys[ntoskrnl.exe!IoAttachDeviceToDeviceStack] [F775F892] sptd.sys IAT atapi.sys[ntoskrnl.exe!IoConnectInterrupt] [F773D886] sptd.sys IAT atapi.sys[HAL.dll!READ_PORT_UCHAR] [F7727AD4] sptd.sys IAT atapi.sys[HAL.dll!READ_PORT_BUFFER_USHORT] [F7727C1A] sptd.sys IAT atapi.sys[HAL.dll!READ_PORT_USHORT] [F7727B9C] sptd.sys IAT atapi.sys[HAL.dll!WRITE_PORT_BUFFER_USHORT] [F7728748] sptd.sys IAT atapi.sys[HAL.dll!WRITE_PORT_UCHAR] [F772861E] sptd.sys IAT \SystemRoot\System32\DRIVERS\i8042prt.sys[HAL.dll!READ_PORT_UCHAR] [F773CACA] sptd.sys IAT \SystemRoot\System32\DRIVERS\raspppoe.sys[NDIS.SYS!NdisRegisterProtocol] [AE254CA0] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) IAT \SystemRoot\System32\DRIVERS\raspppoe.sys[NDIS.SYS!NdisOpenAdapter] [AE2551C0] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) IAT \SystemRoot\System32\DRIVERS\raspppoe.sys[NDIS.SYS!NdisCloseAdapter] [AE255320] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) IAT \SystemRoot\System32\DRIVERS\raspppoe.sys[NDIS.SYS!NdisDeregisterProtocol] [AE254E10] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) IAT \SystemRoot\System32\DRIVERS\psched.sys[NDIS.SYS!NdisDeregisterProtocol] [AE254E10] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) IAT \SystemRoot\System32\DRIVERS\psched.sys[NDIS.SYS!NdisRegisterProtocol] [AE254CA0] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) IAT \SystemRoot\System32\DRIVERS\psched.sys[NDIS.SYS!NdisOpenAdapter] [AE2551C0] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) IAT \SystemRoot\System32\DRIVERS\psched.sys[NDIS.SYS!NdisCloseAdapter] [AE255320] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) IAT \SystemRoot\System32\Drivers\NDProxy.SYS[NDIS.SYS!NdisRegisterProtocol] [AE254CA0] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) IAT \SystemRoot\System32\Drivers\NDProxy.SYS[NDIS.SYS!NdisCloseAdapter] [AE255320] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) IAT \SystemRoot\System32\Drivers\NDProxy.SYS[NDIS.SYS!NdisOpenAdapter] [AE2551C0] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) IAT \SystemRoot\System32\Drivers\NDProxy.SYS[NDIS.SYS!NdisDeregisterProtocol] [AE254E10] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) IAT \SystemRoot\System32\DRIVERS\tcpip.sys[NDIS.SYS!NdisCloseAdapter] [AE255320] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) IAT \SystemRoot\System32\DRIVERS\tcpip.sys[NDIS.SYS!NdisRegisterProtocol] [AE254CA0] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) IAT \SystemRoot\System32\DRIVERS\tcpip.sys[NDIS.SYS!NdisOpenAdapter] [AE2551C0] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) IAT \SystemRoot\System32\DRIVERS\wanarp.sys[NDIS.SYS!NdisDeregisterProtocol] [AE254E10] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) IAT \SystemRoot\System32\DRIVERS\wanarp.sys[NDIS.SYS!NdisRegisterProtocol] [AE254CA0] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) IAT \SystemRoot\System32\DRIVERS\wanarp.sys[NDIS.SYS!NdisOpenAdapter] [AE2551C0] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) IAT \SystemRoot\System32\DRIVERS\wanarp.sys[NDIS.SYS!NdisCloseAdapter] [AE255320] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) IAT \SystemRoot\System32\drivers\afd.sys[ntoskrnl.exe!IoCreateFile] [AE262330] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) IAT \SystemRoot\System32\DRIVERS\ndisuio.sys[NDIS.SYS!NdisRegisterProtocol] [AE254CA0] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) IAT \SystemRoot\System32\DRIVERS\ndisuio.sys[NDIS.SYS!NdisDeregisterProtocol] [AE254E10] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) IAT \SystemRoot\System32\DRIVERS\ndisuio.sys[NDIS.SYS!NdisCloseAdapter] [AE255320] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) IAT \SystemRoot\System32\DRIVERS\ndisuio.sys[NDIS.SYS!NdisOpenAdapter] [AE2551C0] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) IAT \SystemRoot\System32\DRIVERS\srv.sys[ntoskrnl.exe!NtOpenFile] [AE24D670] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) IAT \SystemRoot\System32\DRIVERS\srv.sys[ntoskrnl.exe!NtSetInformationFile] [AE24D5C0] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) IAT \SystemRoot\System32\DRIVERS\srv.sys[ntoskrnl.exe!IoCreateFile] [AE24D770] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) IAT \SystemRoot\System32\DRIVERS\srv.sys[ntoskrnl.exe!NtCreateFile] [AE24D2D0] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) ---- User IAT/EAT - GMER 1.0.14 ---- IAT C:\WINDOWS\Explorer.EXE[1536] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [01E72E70] C:\Programmi\File comuni\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\WINDOWS\Explorer.EXE[1536] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [01E72C30] C:\Programmi\File comuni\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\WINDOWS\Explorer.EXE[1536] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [01E72C50] C:\Programmi\File comuni\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\WINDOWS\Explorer.EXE[1536] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [01E72C40] C:\Programmi\File comuni\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\WINDOWS\system32\wscntfy.exe[2264] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [00802E70] C:\Programmi\File comuni\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\WINDOWS\system32\wscntfy.exe[2264] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [00802C30] C:\Programmi\File comuni\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\WINDOWS\system32\wscntfy.exe[2264] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [00802C50] C:\Programmi\File comuni\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\WINDOWS\system32\wscntfy.exe[2264] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [00802C40] C:\Programmi\File comuni\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\Programmi\Mozilla Firefox\firefox.exe[2296] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [010F2E70] C:\Programmi\File comuni\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\Programmi\Mozilla Firefox\firefox.exe[2296] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [010F2C30] C:\Programmi\File comuni\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\Programmi\Mozilla Firefox\firefox.exe[2296] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [010F2C50] C:\Programmi\File comuni\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\Programmi\Mozilla Firefox\firefox.exe[2296] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [010F2C40] C:\Programmi\File comuni\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\Programmi\Mozilla Firefox\firefox.exe[2296] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [018973CC] C:\Programmi\Mozilla Firefox\extensions\talkback@mozilla.org\components\FULLSOFT.DLL (Talkback Library/Full Circle Software, Inc.) IAT C:\Programmi\Mozilla Firefox\firefox.exe[2296] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [01897376] C:\Programmi\Mozilla Firefox\extensions\talkback@mozilla.org\components\FULLSOFT.DLL (Talkback Library/Full Circle Software, Inc.) IAT C:\Programmi\Mozilla Firefox\firefox.exe[2296] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [01897376] C:\Programmi\Mozilla Firefox\extensions\talkback@mozilla.org\components\FULLSOFT.DLL (Talkback Library/Full Circle Software, Inc.) IAT C:\Programmi\Mozilla Firefox\firefox.exe[2296] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [018973CC] C:\Programmi\Mozilla Firefox\extensions\talkback@mozilla.org\components\FULLSOFT.DLL (Talkback Library/Full Circle Software, Inc.) IAT C:\Programmi\Mozilla Firefox\firefox.exe[2296] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryA] [01897376] C:\Programmi\Mozilla Firefox\extensions\talkback@mozilla.org\components\FULLSOFT.DLL (Talkback Library/Full Circle Software, Inc.) IAT C:\Programmi\Mozilla Firefox\firefox.exe[2296] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [018973CC] C:\Programmi\Mozilla Firefox\extensions\talkback@mozilla.org\components\FULLSOFT.DLL (Talkback Library/Full Circle Software, Inc.) IAT C:\Programmi\Mozilla Firefox\firefox.exe[2296] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [018973CC] C:\Programmi\Mozilla Firefox\extensions\talkback@mozilla.org\components\FULLSOFT.DLL (Talkback Library/Full Circle Software, Inc.) IAT C:\Programmi\Mozilla Firefox\firefox.exe[2296] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!LoadLibraryA] [01897376] C:\Programmi\Mozilla Firefox\extensions\talkback@mozilla.org\components\FULLSOFT.DLL (Talkback Library/Full Circle Software, Inc.) IAT C:\Programmi\Mozilla Firefox\firefox.exe[2296] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [01897376] C:\Programmi\Mozilla Firefox\extensions\talkback@mozilla.org\components\FULLSOFT.DLL (Talkback Library/Full Circle Software, Inc.) IAT C:\Programmi\Mozilla Firefox\firefox.exe[2296] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [018973CC] C:\Programmi\Mozilla Firefox\extensions\talkback@mozilla.org\components\FULLSOFT.DLL (Talkback Library/Full Circle Software, Inc.) IAT C:\Programmi\Mozilla Firefox\firefox.exe[2296] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [018973CC] C:\Programmi\Mozilla Firefox\extensions\talkback@mozilla.org\components\FULLSOFT.DLL (Talkback Library/Full Circle Software, Inc.) IAT C:\Programmi\Mozilla Firefox\firefox.exe[2296] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [01897376] C:\Programmi\Mozilla Firefox\extensions\talkback@mozilla.org\components\FULLSOFT.DLL (Talkback Library/Full Circle Software, Inc.) IAT C:\Programmi\Mozilla Firefox\firefox.exe[2296] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [018973CC] C:\Programmi\Mozilla Firefox\extensions\talkback@mozilla.org\components\FULLSOFT.DLL (Talkback Library/Full Circle Software, Inc.) IAT C:\Programmi\Mozilla Firefox\firefox.exe[2296] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [01897376] C:\Programmi\Mozilla Firefox\extensions\talkback@mozilla.org\components\FULLSOFT.DLL (Talkback Library/Full Circle Software, Inc.) IAT C:\Programmi\Mozilla Firefox\firefox.exe[2296] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [018973CC] C:\Programmi\Mozilla Firefox\extensions\talkback@mozilla.org\components\FULLSOFT.DLL (Talkback Library/Full Circle Software, Inc.) IAT C:\Programmi\Mozilla Firefox\firefox.exe[2296] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [01897376] C:\Programmi\Mozilla Firefox\extensions\talkback@mozilla.org\components\FULLSOFT.DLL (Talkback Library/Full Circle Software, Inc.) IAT C:\Programmi\Mozilla Firefox\firefox.exe[2296] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [01897376] C:\Programmi\Mozilla Firefox\extensions\talkback@mozilla.org\components\FULLSOFT.DLL (Talkback Library/Full Circle Software, Inc.) IAT C:\Programmi\Mozilla Firefox\firefox.exe[2296] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [018973CC] C:\Programmi\Mozilla Firefox\extensions\talkback@mozilla.org\components\FULLSOFT.DLL (Talkback Library/Full Circle Software, Inc.) IAT C:\Programmi\Mozilla Firefox\firefox.exe[2296] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!LoadLibraryA] [01897376] C:\Programmi\Mozilla Firefox\extensions\talkback@mozilla.org\components\FULLSOFT.DLL (Talkback Library/Full Circle Software, Inc.) IAT C:\Programmi\Mozilla Firefox\firefox.exe[2296] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!SetUnhandledExceptionFilter] [018973CC] C:\Programmi\Mozilla Firefox\extensions\talkback@mozilla.org\components\FULLSOFT.DLL (Talkback Library/Full Circle Software, Inc.) IAT C:\Programmi\Mozilla Firefox\firefox.exe[2296] @ C:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [018973CC] C:\Programmi\Mozilla Firefox\extensions\talkback@mozilla.org\components\FULLSOFT.DLL (Talkback Library/Full Circle Software, Inc.) IAT C:\Programmi\Mozilla Firefox\firefox.exe[2296] @ C:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!LoadLibraryA] [01897376] C:\Programmi\Mozilla Firefox\extensions\talkback@mozilla.org\components\FULLSOFT.DLL (Talkback Library/Full Circle Software, Inc.) IAT C:\Programmi\Mozilla Firefox\firefox.exe[2296] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryA] [01897376] C:\Programmi\Mozilla Firefox\extensions\talkback@mozilla.org\components\FULLSOFT.DLL (Talkback Library/Full Circle Software, Inc.) IAT C:\Programmi\Mozilla Firefox\firefox.exe[2296] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [018973CC] C:\Programmi\Mozilla Firefox\extensions\talkback@mozilla.org\components\FULLSOFT.DLL (Talkback Library/Full Circle Software, Inc.) IAT C:\Programmi\Mozilla Firefox\firefox.exe[2296] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [018973CC] C:\Programmi\Mozilla Firefox\extensions\talkback@mozilla.org\components\FULLSOFT.DLL (Talkback Library/Full Circle Software, Inc.) IAT C:\Programmi\Mozilla Firefox\firefox.exe[2296] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [01897376] C:\Programmi\Mozilla Firefox\extensions\talkback@mozilla.org\components\FULLSOFT.DLL (Talkback Library/Full Circle Software, Inc.) IAT C:\Programmi\Mozilla Firefox\firefox.exe[2296] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [018973CC] C:\Programmi\Mozilla Firefox\extensions\talkback@mozilla.org\components\FULLSOFT.DLL (Talkback Library/Full Circle Software, Inc.) IAT C:\Programmi\Mozilla Firefox\firefox.exe[2296] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryA] [01897376] C:\Programmi\Mozilla Firefox\extensions\talkback@mozilla.org\components\FULLSOFT.DLL (Talkback Library/Full Circle Software, Inc.) IAT C:\Programmi\Mozilla Firefox\firefox.exe[2296] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryA] [01897376] C:\Programmi\Mozilla Firefox\extensions\talkback@mozilla.org\components\FULLSOFT.DLL (Talkback Library/Full Circle Software, Inc.) IAT C:\Programmi\Mozilla Firefox\firefox.exe[2296] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [018973CC] C:\Programmi\Mozilla Firefox\extensions\talkback@mozilla.org\components\FULLSOFT.DLL (Talkback Library/Full Circle Software, Inc.) IAT C:\Documents and Settings\Livios\Desktop\Log ed utility\gmer\gmer.exe[2436] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [00A12E70] C:\Programmi\File comuni\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\Documents and Settings\Livios\Desktop\Log ed utility\gmer\gmer.exe[2436] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [00A12C30] C:\Programmi\File comuni\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\Documents and Settings\Livios\Desktop\Log ed utility\gmer\gmer.exe[2436] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [00A12C50] C:\Programmi\File comuni\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\Documents and Settings\Livios\Desktop\Log ed utility\gmer\gmer.exe[2436] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [00A12C40] C:\Programmi\File comuni\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\WINDOWS\RTHDCPL.EXE[2516] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [01A72E70] C:\Programmi\File comuni\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\WINDOWS\RTHDCPL.EXE[2516] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [01A72C30] C:\Programmi\File comuni\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\WINDOWS\RTHDCPL.EXE[2516] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [01A72C50] C:\Programmi\File comuni\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\WINDOWS\RTHDCPL.EXE[2516] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [01A72C40] C:\Programmi\File comuni\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\WINDOWS\system32\ctfmon.exe[2576] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [009C2E70] C:\Programmi\File comuni\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\WINDOWS\system32\ctfmon.exe[2576] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [009C2C30] C:\Programmi\File comuni\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\WINDOWS\system32\ctfmon.exe[2576] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [009C2C50] C:\Programmi\File comuni\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\WINDOWS\system32\ctfmon.exe[2576] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [009C2C40] C:\Programmi\File comuni\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\Programmi\ATI Tray Tools\atitray.exe[2588] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [01642E70] C:\Programmi\File comuni\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\Programmi\ATI Tray Tools\atitray.exe[2588] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [01642C30] C:\Programmi\File comuni\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\Programmi\ATI Tray Tools\atitray.exe[2588] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [01642C50] C:\Programmi\File comuni\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\Programmi\ATI Tray Tools\atitray.exe[2588] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [01642C40] C:\Programmi\File comuni\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\Programmi\PrevxCSI\prevxcsi.exe[2724] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [00D62E70] C:\Programmi\File comuni\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\Programmi\PrevxCSI\prevxcsi.exe[2724] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [00D62C30] C:\Programmi\File comuni\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\Programmi\PrevxCSI\prevxcsi.exe[2724] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [00D62C50] C:\Programmi\File comuni\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\Programmi\PrevxCSI\prevxcsi.exe[2724] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [00D62C40] C:\Programmi\File comuni\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) ---- Devices - GMER 1.0.14 ---- Device \FileSystem\Ntfs \Ntfs 867CF1E8 AttachedDevice \FileSystem\Ntfs \Ntfs avg7rsw.sys (AVG Resident Shield Unload Helper/GRISOFT, s.r.o.) Device \FileSystem\Fastfat \FatCdrom 85B427A0 Device \Driver\Tcpip \Device\Ip vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) Device \Driver\Tcpip \Device\Ip avgtdi.sys (AVG Network connection watcher/GRISOFT, s.r.o.) Device \Driver\usbuhci \Device\USBPDO-0 85AEC1E8 Device \Driver\usbuhci \Device\USBPDO-1 85AEC1E8 Device \Driver\dmio \Device\DmControl\DmIoDaemon 867D11E8 Device \Driver\dmio \Device\DmControl\DmConfig 867D11E8 Device \Driver\dmio \Device\DmControl\DmPnP 867D11E8 Device \Driver\dmio \Device\DmControl\DmInfo 867D11E8 Device \Driver\usbuhci \Device\USBPDO-2 85AEC1E8 Device \Driver\usbuhci \Device\USBPDO-3 85AEC1E8 Device \Driver\usbehci \Device\USBPDO-4 85BC37A0 Device \Driver\Tcpip \Device\Tcp vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) Device \Driver\Tcpip \Device\Tcp avgtdi.sys (AVG Network connection watcher/GRISOFT, s.r.o.) Device \Driver\NetBT \Device\NetBT_Tcpip_{8CACF010-4D0E-421E-A3B6-1D31828E5E40} 85A897A0 Device \Driver\Ftdisk \Device\HarddiskVolume1 867601E8 Device \Driver\Ftdisk \Device\HarddiskVolume2 867601E8 Device \Driver\iaStor \Device\Ide\iaStor0 867D01E8 Device \Driver\atapi \Device\Ide\IdePort0 8675F1E8 Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-4 8675F1E8 Device \Driver\atapi \Device\Ide\IdeDeviceP0T1L0-c 8675F1E8 Device \Driver\NetBT \Device\NetBt_Wins_Export 85A897A0 Device \Driver\PCI_NTPNP0872 \Device\0000004b sptd.sys Device \Driver\NetBT \Device\NetbiosSmb 85A897A0 Device \Driver\Tcpip \Device\Udp vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) Device \Driver\Tcpip \Device\Udp avgtdi.sys (AVG Network connection watcher/GRISOFT, s.r.o.) Device \Driver\Tcpip \Device\RawIp vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) Device \Driver\Tcpip \Device\RawIp avgtdi.sys (AVG Network connection watcher/GRISOFT, s.r.o.) Device \Driver\usbuhci \Device\USBFDO-0 85AEC1E8 Device \Driver\usbuhci \Device\USBFDO-1 85AEC1E8 Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver 85A1C498 Device \Driver\Tcpip \Device\IPMULTICAST vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) Device \Driver\Tcpip \Device\IPMULTICAST avgtdi.sys (AVG Network connection watcher/GRISOFT, s.r.o.) Device \Driver\usbuhci \Device\USBFDO-2 85AEC1E8 Device \FileSystem\MRxSmb \Device\LanmanRedirector 85A1C498 Device \Driver\USBSTOR \Device\0000007c 85BD0418 Device \Driver\usbuhci \Device\USBFDO-3 85AEC1E8 Device \Driver\USBSTOR \Device\0000007d 85BD0418 Device \Driver\usbehci \Device\USBFDO-4 85BC37A0 Device \Driver\Ftdisk \Device\FtControl 867601E8 Device \Driver\ayxfi2ma \Device\Scsi\ayxfi2ma1Port2Path0Target0Lun0 85C221E8 Device \Driver\ayxfi2ma \Device\Scsi\ayxfi2ma1 85C221E8 Device \FileSystem\Fastfat \Fat 85B427A0 AttachedDevice \FileSystem\Fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation) AttachedDevice \FileSystem\Fastfat \Fat avg7rsw.sys (AVG Resident Shield Unload Helper/GRISOFT, s.r.o.) Device \FileSystem\Cdfs \Cdfs 85A1F7A0 ---- Registry - GMER 1.0.14 ---- Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s1 771343423 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s2 285507792 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@h0 1 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 C:\Programmi\DAEMON Tools\ Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0x59 0x0D 0x80 0x4C ... Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0x35 0xBA 0x4B 0x78 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0x6A 0x0E 0xC2 0xB0 ... Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 C:\Programmi\DAEMON Tools\ Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0 Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0x59 0x0D 0x80 0x4C ... Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001 Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ... Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0x35 0xBA 0x4B 0x78 ... Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40 Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0x6A 0x0E 0xC2 0xB0 ... Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{11F0EB7A-4A78-E940-8179-B054CC1B286F} Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{11F0EB7A-4A78-E940-8179-B054CC1B286F}@jamppjighggpmepbidhp 0x6B 0x61 0x69 0x67 ... Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{11F0EB7A-4A78-E940-8179-B054CC1B286F}@iagpfifklaiiapmhok 0x6B 0x61 0x69 0x67 ... ---- EOF - GMER 1.0.14 ---- |
Strumenti | |
|
|
Tutti gli orari sono GMT +1. Ora sono le: 13:50.