|
|||||||
|
|
|
 |
|
|
Strumenti |
03-03-2007, 14:44
|
#1 |
|
Senior Member
Iscritto dal: Dec 2001
Messaggi: 2514
|
Taskmanager: colonna utente vuota
ho notato un notevole rallentamento nell'apertura del taskmanager, ed in particolare il rallentamento è visibile nella realizzazione dei grafici e sottofinestre del taskmanager, inoltre nella finestra che mostra la lista dei processi per ogni processo il campo utente è vuoto, oppure (utilizzando un altro utente) è composto da quadrati. non so a cosa sia imputabile, ma penso che possa essere causato dall'installazione dell'ultima versione del kis poichè prima non avevo notato nulla del genere. nel kis avevo attivato "abilita controllo integrità applicazione" e quindi riscontrando questo prob ho inserito il taskmanager come applicazione sicura, ma per ora nn è cambiato nulla. ho effettuato una scansione con spyboot e non mi ha rilevato nulla, il kis non mi rileva nulla, ho trovato solo un virus associato al file dlhost.dll che ho eliminato attraverso l'apposito tool di rimozione, ma ora nn cambia nulla. nella lista processi vi sono tutti processi conosciuti e nessuno sospetto.qualcuno ha riscontrato qualche prob simile?
intanto vi riporto il log di hj (mentre facevo la scansione online tramite trend micro) Codice:
Logfile of HijackThis v1.99.1 Scan saved at 9.42.24, on 03/03/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16414) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Programmi\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe C:\Programmi\File comuni\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Programmi\Raxco\PerfectDisk\PDAgent.exe C:\WINDOWS\Explorer.EXE C:\Programmi\NVIDIA Corporation\NvMixer\NVMixerTray.exe C:\Programmi\Microsoft IntelliPoint\point32.exe C:\WINDOWS\system32\GSICON.EXE C:\WINDOWS\system32\dslagent.exe C:\Programmi\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe C:\WINDOWS\system32\ctfmon.exe C:\PROGRA~1\MOZILL~1\FIREFOX.EXE C:\Programmi\emule\eMule.exe C:\hijackthis\HijackThis.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre1.5.0_11\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll O4 - HKLM\..\Run: [NVMixerTray] "C:\Programmi\NVIDIA Corporation\NvMixer\NVMixerTray.exe" O4 - HKLM\..\Run: [AtiPTA] atiptaxx.exe O4 - HKLM\..\Run: [IntelliPoint] "C:\Programmi\Microsoft IntelliPoint\point32.exe" O4 - HKLM\..\Run: [GSICONEXE] GSICON.EXE O4 - HKLM\..\Run: [DSLAGENTEXE] dslagent.exe USB O4 - HKLM\..\Run: [AVP] "C:\Programmi\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe" O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - Global Startup: No-IP DUC.lnk = C:\Programmi\No-IP\DUC20.exe O8 - Extra context menu item: Aggiungi ad Anti-Banner - C:\Programmi\Kaspersky Lab\Kaspersky Internet Security 6.0\ie_banner_deny.htm O8 - Extra context menu item: Converti destinazione link in Adobe PDF - res://C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Converti destinazione link in file PDF esistente - res://C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Converti i link selezionati in Adobe PDF - res://C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html O8 - Extra context menu item: Converti i link selezionati in file PDF esistente - res://C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html O8 - Extra context menu item: Converti in Adobe PDF - res://C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Converti nel file PDF esistente - res://C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Converti selezione in Adobe PDF - res://C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Converti selezione in file PDF esistente - res://C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.5.0_11\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.5.0_11\bin\ssv.dll O9 - Extra button: Anti-virus web - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Programmi\Kaspersky Lab\Kaspersky Internet Security 6.0\scieplugin.dll O9 - Extra button: Ricerche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\MSMSGS.EXE (file missing) O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\MSMSGS.EXE (file missing) O11 - Options group: [INTERNATIONAL] International* O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsu...?1170451385916 O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsof...?1170462222921 O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/ge...sh/swflash.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{9C36AB3B-2CDC-45A0-9E43-FA33A0AF3E4F}: NameServer = 85.37.17.12 85.38.28.63 O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FILECO~1\Skype\SKYPE4~1.DLL O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1.0\adialhk.dll O20 - Winlogon Notify: klogon - C:\WINDOWS\system32\klogon.dll O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: Adobe LM Service - Adobe Systems - C:\Programmi\File comuni\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: Kaspersky Internet Security 6.0 (AVP) - Unknown owner - C:\Programmi\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe" -r (file missing) O23 - Service: Applicazione di sistema COM+ (COMSysApp) - Unknown owner - C:\WINDOWS\system32\dllhost.exe (file missing) O23 - Service: Google Updater Service (gusvc) - Google - C:\Programmi\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: PDAgent - Raxco Software, Inc. - C:\Programmi\Raxco\PerfectDisk\PDAgent.exe O23 - Service: PDEngine - Raxco Software, Inc. - C:\Programmi\Raxco\PerfectDisk\PDEngine.exe O23 - Service: MS Software Shadow Copy Provider (SwPrv) - Unknown owner - C:\WINDOWS\system32\dllhost.exe (file missing) Ultima modifica di foxmolder5 : 03-03-2007 alle 15:19. |
|
|
|
03-03-2007, 14:47
|
#2 |
|
Senior Member
Iscritto dal: Dec 2001
Messaggi: 2514
|
scan di autostart con gmer:
Codice:
GMER 1.0.12.12027 - http://www.gmer.net Autostart scan 2007-03-03 14:46:41 Windows 5.1.2600 Service Pack 2 HKLM\SYSTEM\CurrentControlSet\Control\Session Manager@BootExecute = PDBoot.exe autocheck autochk * HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems@Windows = %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,3072,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16 HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon@Userinit = C:\WINDOWS\system32\userinit.exe, HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ >>> AtiExtEvent@DLLName = Ati2evxx.dll klogon@DLLName = C:\WINDOWS\system32\klogon.dll WgaLogon@DLLName = WgaLogon.dll HKLM\Software\Microsoft\Windows NT\CurrentVersion\Windows@AppInit_DLLs = C:\PROGRA~1\KASPER~1\KASPER~1.0\adialhk.dll HKLM\SYSTEM\CurrentControlSet\Services\ >>> ATI Smart /*ATI Smart*/@ = C:\WINDOWS\system32\ati2sgag.exe AVP /*Kaspersky Internet Security 6.0*/@ = "C:\Programmi\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe" -r MDM /*Machine Debug Manager*/@ = "C:\Programmi\File comuni\Microsoft Shared\VS7DEBUG\MDM.EXE" PDAgent /*PDAgent*/@ = C:\Programmi\Raxco\PerfectDisk\PDAgent.exe Spooler /*Spooler di stampa*/@ = %SystemRoot%\system32\spoolsv.exe HKLM\Software\Microsoft\Windows\CurrentVersion\Run >>> @NVMixerTray"C:\Programmi\NVIDIA Corporation\NvMixer\NVMixerTray.exe" = "C:\Programmi\NVIDIA Corporation\NvMixer\NVMixerTray.exe" @AtiPTAatiptaxx.exe = atiptaxx.exe @IntelliPoint"C:\Programmi\Microsoft IntelliPoint\point32.exe" = "C:\Programmi\Microsoft IntelliPoint\point32.exe" @GSICONEXEGSICON.EXE = GSICON.EXE @DSLAGENTEXEdslagent.exe USB = dslagent.exe USB @AVP"C:\Programmi\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe" = "C:\Programmi\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe" HKCU\Software\Microsoft\Windows\CurrentVersion\[email protected] = C:\WINDOWS\system32\ctfmon.exe HKLM\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad@WPDShServiceObj = C:\WINDOWS\system32\WPDShServiceObj.dll HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved >>> @{42071714-76d4-11d1-8b24-00a0c9068ff3} /*Estensione panoramica video del Pannello di controllo*/deskpan.dll /*file not found*/ = deskpan.dll /*file not found*/ @{596AB062-B4D2-4215-9F74-E9109B0A8153} /*Pagina proprietà versioni precedenti*/%SystemRoot%\system32\twext.dll = %SystemRoot%\system32\twext.dll @{9DB7A13C-F208-4981-8353-73CC61AE2783} /*Versioni precedenti*/%SystemRoot%\system32\twext.dll = %SystemRoot%\system32\twext.dll @{30D02401-6A81-11d0-8274-00C04FD5AE38} /*IE Search Band*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll @{3028902F-6374-48b2-8DC6-9725E775B926} /*IE AutoComplete*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll @{E7E4BC40-E76A-11CE-A9BB-00AA004AE837} /*Shell DocObject Viewer*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll @{FBF23B40-E3F0-101B-8488-00AA003E56F8} /*InternetShortcut*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll @{3C374A40-BAE4-11CF-BF7D-00AA006946EE} /*Microsoft Url History Service*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll @{FF393560-C2A7-11CF-BFF4-444553540000} /*History*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll @{7BD29E00-76C1-11CF-9DD0-00A0C9034933} /*Temporary Internet Files*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll @{7BD29E01-76C1-11CF-9DD0-00A0C9034933} /*Temporary Internet Files*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll @{CFBFAE00-17A6-11D0-99CB-00C04FD64497} /*Microsoft Url Search Hook*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll @{3DC7A020-0ACD-11CF-A9BB-00AA004AE837} /*The Internet*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll @{871C5380-42A0-1069-A2EA-08002B30309D} /*Internet Name Space*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll @{00E7B358-F65B-4dcf-83DF-CD026B94BFD4} /*Autoplay for SlideShow*/(null) = @{692F0339-CBAA-47e6-B5B5-3B84DB604E87} /*Extensions Manager Folder*/C:\WINDOWS\system32\extmgr.dll = C:\WINDOWS\system32\extmgr.dll @{20082881-FC36-4E47-9A7A-644C95FF749F} /*IntelliPoint Wireless Control Panel Property Page*/"C:\Programmi\Microsoft IntelliPoint\ipcplwir.dll" = "C:\Programmi\Microsoft IntelliPoint\ipcplwir.dll" @{AF90F543-6A3A-4C1B-8B16-ECEC073E69BE} /*IntelliPoint Wheel Control Panel Property Page*/"C:\Programmi\Microsoft IntelliPoint\ipcplwhl.dll" = "C:\Programmi\Microsoft IntelliPoint\ipcplwhl.dll" @{653DCCC2-13DB-45B2-A389-427885776CFE} /*IntelliPoint Activities Control Panel Property Page*/"C:\Programmi\Microsoft IntelliPoint\ipcplact.dll" = "C:\Programmi\Microsoft IntelliPoint\ipcplact.dll" @{124597D8-850A-41AE-849C-017A4FA99CA2} /*IntelliPoint Buttons Control Panel Property Page*/"C:\Programmi\Microsoft IntelliPoint\ipcplbtn.dll" = "C:\Programmi\Microsoft IntelliPoint\ipcplbtn.dll" @{BDEADF00-C265-11D0-BCED-00A0C90AB50F} /*Cartelle Web*/C:\PROGRA~1\FILECO~1\MICROS~1\WEBFOL~1\MSONSEXT.DLL = C:\PROGRA~1\FILECO~1\MICROS~1\WEBFOL~1\MSONSEXT.DLL @{42042206-2D85-11D3-8CFF-005004838597} /*Microsoft Office HTML Icon Handler*/C:\Programmi\Microsoft Office\OFFICE11\msohev.dll = C:\Programmi\Microsoft Office\OFFICE11\msohev.dll @{e82a2d71-5b2f-43a0-97b8-81be15854de8} /*ShellLink for Application References*/C:\WINDOWS\system32\dfshim.dll = C:\WINDOWS\system32\dfshim.dll @{E37E2028-CE1A-4f42-AF05-6CEABC4E5D75} /*Shell Icon Handler for Application References*/C:\WINDOWS\system32\dfshim.dll = C:\WINDOWS\system32\dfshim.dll @{45670FA8-ED97-4F44-BC93-305082590BFB} /*Microsoft.XPS.Shell.Metadata.1*/%SystemRoot%\System32\XPSSHHDR.DLL = %SystemRoot%\System32\XPSSHHDR.DLL @{44121072-A222-48f2-A58A-6D9AD51EBBE9} /*Microsoft.XPS.Shell.Thumbnail.1*/%SystemRoot%\System32\XPSSHHDR.DLL = %SystemRoot%\System32\XPSSHHDR.DLL @{FC9FB64A-1EB2-4CCF-AF5E-1A497A9B5C2D} /*Messenger Sharing Folders*/C:\Programmi\MSN Messenger\fsshext.8.1.0178.00.dll = C:\Programmi\MSN Messenger\fsshext.8.1.0178.00.dll @{07C45BB1-4A8C-4642-A1F5-237E7215FF66} /*IE Microsoft BrowserBand*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll @{1C1EDB47-CE22-4bbb-B608-77B48F83C823} /*IE Fade Task*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll @{205D7A97-F16D-4691-86EF-F3075DCCA57D} /*IE Menu Desk Bar*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll @{43886CD5-6529-41c4-A707-7B3C92C05E68} /*IE Navigation Bar*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll @{44C76ECD-F7FA-411c-9929-1B77BA77F524} /*IE Menu Site*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll @{4B78D326-D922-44f9-AF2A-07805C2A3560} /*IE Menu Band*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll @{6038EF75-ABFC-4e59-AB6F-12D397F6568D} /*IE Microsoft History AutoComplete List*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll @{6B4ECC4F-16D1-4474-94AB-5A763F2A54AE} /*IE Tracking Shell Menu*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll @{6CF48EF8-44CD-45d2-8832-A16EA016311B} /*IE IShellFolderBand*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll @{73CFD649-CD48-4fd8-A272-2070EA56526B} /*IE BandProxy*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll @{98FF6D4B-6387-4b0a-8FBD-C5C4BB17B4F8} /*IE MRU AutoComplete List*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll @{9A096BB5-9DC3-4D1C-8526-C3CBF991EA4E} /*IE RSS Feeder Folder*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll @{9D958C62-3954-4b44-8FAB-C4670C1DB4C2} /*IE Microsoft Shell Folder AutoComplete List*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll @{B31C5FAE-961F-415b-BAF0-E697A5178B94} /*IE Microsoft Multiple AutoComplete List Container*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll @{BC476F4C-D9D7-4100-8D4E-E043F6DEC409} /*Microsoft Browser Architecture*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll @{BFAD62EE-9D54-4b2a-BF3B-76F90697BD2A} /*IE Shell Rebar BandSite*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll @{E6EE9AAC-F76B-4947-8260-A9F136138E11} /*IE Shell Band Site Menu*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll @{F2CF5485-4E02-4f68-819C-B92DE9277049} /*&Links*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll @{F83DAC1C-9BB9-4f2b-B619-09819DA81B0E} /*IE Registry Tree Options Utility*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll @{FAC3CBF6-8697-43d0-BAB9-DCD1FCE19D75} /*IE User Assist*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll @{FDE7673D-2E19-4145-8376-BBD58C4BC7BA} /*IE Custom MRU AutoCompleted List*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll @{35786D3C-B075-49b9-88DD-029876E11C01} /*Portable Devices*/%SystemRoot%\system32\wpdshext.dll = %SystemRoot%\system32\wpdshext.dll @{D6791A63-E7E2-4fee-BF52-5DED8E86E9B8} /*Portable Devices Menu*/%SystemRoot%\system32\wpdshext.dll = %SystemRoot%\system32\wpdshext.dll @{D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802} /*Adobe.Acrobat.ContextMenu*/C:\Programmi\Adobe\Acrobat 7.0\Acrobat Elements\ContextMenu.dll = C:\Programmi\Adobe\Acrobat 7.0\Acrobat Elements\ContextMenu.dll @{85E0B171-04FA-11D1-B7DA-00A0C90348D6} /*Anti-virus web*/C:\Programmi\Kaspersky Lab\Kaspersky Internet Security 6.0\scieplugin.dll = C:\Programmi\Kaspersky Lab\Kaspersky Internet Security 6.0\scieplugin.dll HKLM\Software\Classes\*\shellex\ContextMenuHandlers\ >>> Adobe.Acrobat.ContextMenu@{D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802} = C:\Programmi\Adobe\Acrobat 7.0\Acrobat Elements\ContextMenu.dll Kaspersky Anti-Virus@{dd230880-495a-11d1-b064-008048ec2fc5} = C:\Programmi\Kaspersky Lab\Kaspersky Internet Security 6.0\ShellEx.dll HKLM\Software\Classes\Folder\shellex\ContextMenuHandlers\Kaspersky Anti-Virus@{dd230880-495a-11d1-b064-008048ec2fc5} = C:\Programmi\Kaspersky Lab\Kaspersky Internet Security 6.0\ShellEx.dll HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects >>> @{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}C:\Programmi\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll = C:\Programmi\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll @{53707962-6F74-2D53-2644-206D7942484F}C:\PROGRA~1\SPYBOT~1\SDHelper.dll = C:\PROGRA~1\SPYBOT~1\SDHelper.dll @{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}C:\Programmi\Java\jre1.5.0_11\bin\ssv.dll = C:\Programmi\Java\jre1.5.0_11\bin\ssv.dll @{AE7CD045-E861-484f-8273-0445EE161910}C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll = C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll HKLM\Software\Microsoft\Internet Explorer\Main >>> @Default_Page_URLhttp://go.microsoft.com/fwlink/?LinkId=69157 = http://go.microsoft.com/fwlink/?LinkId=69157 @Start Pagehttp://go.microsoft.com/fwlink/?LinkId=69157 = http://go.microsoft.com/fwlink/?LinkId=69157 @Local Page%SystemRoot%\system32\blank.htm = %SystemRoot%\system32\blank.htm HKCU\Software\Microsoft\Internet Explorer\Main >>> @Start Pagehttp://www.google.com/ = http://www.google.com/ @Local PageC:\WINDOWS\system32\blank.htm = C:\WINDOWS\system32\blank.htm HKLM\Software\Classes\PROTOCOLS\Filter\text/xml@CLSID = C:\Programmi\File comuni\Microsoft Shared\OFFICE11\MSOXMLMF.DLL HKLM\Software\Classes\PROTOCOLS\Handler\ >>> dvd@CLSID = C:\WINDOWS\system32\msvidctl.dll its@CLSID = C:\WINDOWS\system32\itss.dll livecall@CLSID = C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL mhtml@CLSID = %SystemRoot%\system32\inetcomm.dll ms-its@CLSID = C:\WINDOWS\system32\itss.dll ms-itss@CLSID = C:\Programmi\File comuni\Microsoft Shared\Information Retrieval\MSITSS.DLL msnim@CLSID = C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL mso-offdap@CLSID = C:\PROGRA~1\FILECO~1\MICROS~1\WEBCOM~1\10\OWC10.DLL mso-offdap11@CLSID = C:\PROGRA~1\FILECO~1\MICROS~1\WEBCOM~1\11\OWC11.DLL skype4com@CLSID = C:\PROGRA~1\FILECO~1\Skype\SKYPE4~1.DLL tv@CLSID = C:\WINDOWS\system32\msvidctl.dll HKLM\Software\Classes\PROTOCOLS\Handler\wia@CLSID = C:\WINDOWS\system32\wiascr.dll C:\Documents and Settings\All Users\Menu Avvio\Programmi\Esecuzione automatica = No-IP DUC.lnk ---- EOF - GMER 1.0.12 ---- Ultima modifica di foxmolder5 : 03-03-2007 alle 15:19. |
|
|
|
|
03-03-2007, 15:01
|
#3 |
|
Senior Member
Iscritto dal: Dec 2001
Messaggi: 2514
|
e questo è il log rootkit di gmer:
Codice:
GMER 1.0.12.12027 - http://www.gmer.net Rootkit scan 2007-03-03 15:01:05 Windows 5.1.2600 Service Pack 2 ---- System - GMER 1.0.12 ---- SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwClose SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwCreateKey SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwCreateProcess SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwCreateProcessEx SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwCreateSection SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwCreateSymbolicLinkObject SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwCreateThread SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwDeleteKey SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwDeleteValueKey SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwDuplicateObject SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwEnumerateKey SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwEnumerateValueKey SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwFlushKey SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwInitializeRegistry SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwLoadKey SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwLoadKey2 SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwNotifyChangeKey SSDT kl1.sys ZwOpenFile SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwOpenKey SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwOpenProcess SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwOpenSection SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwQueryKey SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwQueryMultipleValueKey SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwQuerySystemInformation SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwQueryValueKey SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwReplaceKey SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwRestoreKey SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwResumeThread SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwSaveKey SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwSetContextThread SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwSetInformationFile SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwSetInformationKey SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwSetInformationProcess SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwSetSecurityObject SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwSetValueKey SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwSuspendThread SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwTerminateProcess SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwUnloadKey SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwWriteVirtualMemory SSDT \??\C:\WINDOWS\system32\drivers\klif.sys SSDT[284] SSDT \??\C:\WINDOWS\system32\drivers\klif.sys SSDT[285] SSDT \??\C:\WINDOWS\system32\drivers\klif.sys SSDT[286] SSDT \??\C:\WINDOWS\system32\drivers\klif.sys SSDT[287] SSDT \??\C:\WINDOWS\system32\drivers\klif.sys SSDT[288] SSDT \??\C:\WINDOWS\system32\drivers\klif.sys SSDT[289] SSDT \??\C:\WINDOWS\system32\drivers\klif.sys SSDT[290] SSDT \??\C:\WINDOWS\system32\drivers\klif.sys SSDT[291] SSDT \??\C:\WINDOWS\system32\drivers\klif.sys SSDT[292] SSDT \??\C:\WINDOWS\system32\drivers\klif.sys SSDT[293] SSDT \??\C:\WINDOWS\system32\drivers\klif.sys SSDT[294] SSDT \??\C:\WINDOWS\system32\drivers\klif.sys SSDT[295] SSDT \??\C:\WINDOWS\system32\drivers\klif.sys SSDT[296] Code \??\C:\WINDOWS\system32\drivers\klif.sys FsRtlCheckLockForReadAccess Code \??\C:\WINDOWS\system32\drivers\klif.sys IoIsOperationSynchronous ---- Kernel code sections - GMER 1.0.12 ---- .text ntoskrnl.exe!KiDispatchInterrupt + BA 804DB92E 7 Bytes JMP B2E773C0 \??\C:\WINDOWS\system32\drivers\klif.sys .text ntoskrnl.exe!IoIsOperationSynchronous 804E8752 5 Bytes JMP B2E74400 \??\C:\WINDOWS\system32\drivers\klif.sys .text ntoskrnl.exe!FsRtlCheckLockForReadAccess 804FBE09 5 Bytes JMP B2E73F00 \??\C:\WINDOWS\system32\drivers\klif.sys .text USBPORT.SYS!DllUnload F6DA162C 5 Bytes JMP 862C53C0 .text ntdll.dll!NtClose 7C91D586 5 Bytes JMP 7203407A .text ntdll.dll!NtCreateProcess 7C91D754 5 Bytes JMP 72034205 .text ntdll.dll!NtCreateProcessEx 7C91D769 5 Bytes JMP 720340E9 .text ntdll.dll!NtCreateSection 7C91D793 5 Bytes JMP 72034098 ---- Devices - GMER 1.0.12 ---- Device \FileSystem\Ntfs \Ntfs IRP_MJ_CREATE 867631D8 Device \FileSystem\Ntfs \Ntfs IRP_MJ_CLOSE 867631D8 Device \FileSystem\Ntfs \Ntfs IRP_MJ_READ 867631D8 Device \FileSystem\Ntfs \Ntfs IRP_MJ_WRITE 867631D8 Device \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_INFORMATION 867631D8 Device \FileSystem\Ntfs \Ntfs IRP_MJ_SET_INFORMATION 867631D8 Device \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_EA 867631D8 Device \FileSystem\Ntfs \Ntfs IRP_MJ_SET_EA 867631D8 Device \FileSystem\Ntfs \Ntfs IRP_MJ_FLUSH_BUFFERS 867631D8 Device \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_VOLUME_INFORMATION 867631D8 Device \FileSystem\Ntfs \Ntfs IRP_MJ_SET_VOLUME_INFORMATION 867631D8 Device \FileSystem\Ntfs \Ntfs IRP_MJ_DIRECTORY_CONTROL 867631D8 Device \FileSystem\Ntfs \Ntfs IRP_MJ_FILE_SYSTEM_CONTROL 867631D8 Device \FileSystem\Ntfs \Ntfs IRP_MJ_DEVICE_CONTROL 867631D8 Device \FileSystem\Ntfs \Ntfs IRP_MJ_SHUTDOWN 867631D8 Device \FileSystem\Ntfs \Ntfs IRP_MJ_LOCK_CONTROL 867631D8 Device \FileSystem\Ntfs \Ntfs IRP_MJ_CLEANUP 867631D8 Device \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_SECURITY 867631D8 Device \FileSystem\Ntfs \Ntfs IRP_MJ_SET_SECURITY 867631D8 Device \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_QUOTA 867631D8 Device \FileSystem\Ntfs \Ntfs IRP_MJ_SET_QUOTA 867631D8 Device \FileSystem\Ntfs \Ntfs IRP_MJ_PNP 867631D8 Device \FileSystem\Fastfat \FatCdrom IRP_MJ_CREATE 84AD4980 Device \FileSystem\Fastfat \FatCdrom IRP_MJ_CLOSE 84AD4980 Device \FileSystem\Fastfat \FatCdrom IRP_MJ_READ 84AD4980 Device \FileSystem\Fastfat \FatCdrom IRP_MJ_WRITE 84AD4980 Device \FileSystem\Fastfat \FatCdrom IRP_MJ_QUERY_INFORMATION 84AD4980 Device \FileSystem\Fastfat \FatCdrom IRP_MJ_SET_INFORMATION 84AD4980 Device \FileSystem\Fastfat \FatCdrom IRP_MJ_QUERY_EA 84AD4980 Device \FileSystem\Fastfat \FatCdrom IRP_MJ_SET_EA 84AD4980 Device \FileSystem\Fastfat \FatCdrom IRP_MJ_FLUSH_BUFFERS 84AD4980 Device \FileSystem\Fastfat \FatCdrom IRP_MJ_QUERY_VOLUME_INFORMATION 84AD4980 Device \FileSystem\Fastfat \FatCdrom IRP_MJ_SET_VOLUME_INFORMATION 84AD4980 Device \FileSystem\Fastfat \FatCdrom IRP_MJ_DIRECTORY_CONTROL 84AD4980 Device \FileSystem\Fastfat \FatCdrom IRP_MJ_FILE_SYSTEM_CONTROL 84AD4980 Device \FileSystem\Fastfat \FatCdrom IRP_MJ_DEVICE_CONTROL 84AD4980 Device \FileSystem\Fastfat \FatCdrom IRP_MJ_SHUTDOWN 84AD4980 Device \FileSystem\Fastfat \FatCdrom IRP_MJ_LOCK_CONTROL 84AD4980 Device \FileSystem\Fastfat \FatCdrom IRP_MJ_CLEANUP 84AD4980 Device \FileSystem\Fastfat \FatCdrom IRP_MJ_PNP 84AD4980 Device \Driver\NetBT \Device\NetBT_Tcpip_{2381ADC1-495F-47A8-9EA7-C6BD368F6633} IRP_MJ_CREATE 862D81D8 Device \Driver\NetBT \Device\NetBT_Tcpip_{2381ADC1-495F-47A8-9EA7-C6BD368F6633} IRP_MJ_CLOSE 862D81D8 Device \Driver\NetBT \Device\NetBT_Tcpip_{2381ADC1-495F-47A8-9EA7-C6BD368F6633} IRP_MJ_DEVICE_CONTROL 862D81D8 Device \Driver\NetBT \Device\NetBT_Tcpip_{2381ADC1-495F-47A8-9EA7-C6BD368F6633} IRP_MJ_INTERNAL_DEVICE_CONTROL 862D81D8 Device \Driver\NetBT \Device\NetBT_Tcpip_{2381ADC1-495F-47A8-9EA7-C6BD368F6633} IRP_MJ_CLEANUP 862D81D8 Device \Driver\NetBT \Device\NetBT_Tcpip_{2381ADC1-495F-47A8-9EA7-C6BD368F6633} IRP_MJ_PNP 862D81D8 Device \Driver\usbohci \Device\USBPDO-0 IRP_MJ_CREATE 862A9980 Device \Driver\usbohci \Device\USBPDO-0 IRP_MJ_CLOSE 862A9980 Device \Driver\usbohci \Device\USBPDO-0 IRP_MJ_DEVICE_CONTROL 862A9980 Device \Driver\usbohci \Device\USBPDO-0 IRP_MJ_INTERNAL_DEVICE_CONTROL 862A9980 Device \Driver\usbohci \Device\USBPDO-0 IRP_MJ_POWER 862A9980 Device \Driver\usbohci \Device\USBPDO-0 IRP_MJ_SYSTEM_CONTROL 862A9980 Device \Driver\usbohci \Device\USBPDO-0 IRP_MJ_PNP 862A9980 Device \Driver\usbohci \Device\USBPDO-1 IRP_MJ_CREATE 862A9980 Device \Driver\usbohci \Device\USBPDO-1 IRP_MJ_CLOSE 862A9980 Device \Driver\usbohci \Device\USBPDO-1 IRP_MJ_DEVICE_CONTROL 862A9980 Device \Driver\usbohci \Device\USBPDO-1 IRP_MJ_INTERNAL_DEVICE_CONTROL 862A9980 Device \Driver\usbohci \Device\USBPDO-1 IRP_MJ_POWER 862A9980 Device \Driver\usbohci \Device\USBPDO-1 IRP_MJ_SYSTEM_CONTROL 862A9980 Device \Driver\usbohci \Device\USBPDO-1 IRP_MJ_PNP 862A9980 Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_CREATE 867D31D8 Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_CLOSE 867D31D8 Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_READ 867D31D8 Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_WRITE 867D31D8 Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_FLUSH_BUFFERS 867D31D8 Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_DEVICE_CONTROL 867D31D8 Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_INTERNAL_DEVICE_CONTROL 867D31D8 Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_SHUTDOWN 867D31D8 Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_POWER 867D31D8 Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_SYSTEM_CONTROL 867D31D8 Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_PNP 867D31D8 Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_CREATE 867D31D8 Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_CLOSE 867D31D8 Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_READ 867D31D8 Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_WRITE 867D31D8 Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_FLUSH_BUFFERS 867D31D8 Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_DEVICE_CONTROL 867D31D8 Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_INTERNAL_DEVICE_CONTROL 867D31D8 Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_SHUTDOWN 867D31D8 Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_POWER 867D31D8 Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_SYSTEM_CONTROL 867D31D8 Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_PNP 867D31D8 Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_CREATE 867D31D8 Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_CLOSE 867D31D8 Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_READ 867D31D8 Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_WRITE 867D31D8 Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_FLUSH_BUFFERS 867D31D8 Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_DEVICE_CONTROL 867D31D8 Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_INTERNAL_DEVICE_CONTROL 867D31D8 Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_SHUTDOWN 867D31D8 Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_POWER 867D31D8 Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_SYSTEM_CONTROL 867D31D8 Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_PNP 867D31D8 Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_CREATE 867D31D8 Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_CLOSE 867D31D8 Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_READ 867D31D8 Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_WRITE 867D31D8 Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_FLUSH_BUFFERS 867D31D8 Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_DEVICE_CONTROL 867D31D8 Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_INTERNAL_DEVICE_CONTROL 867D31D8 Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_SHUTDOWN 867D31D8 Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_POWER 867D31D8 Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_SYSTEM_CONTROL 867D31D8 Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_PNP 867D31D8 Device \Driver\usbehci \Device\USBPDO-2 IRP_MJ_CREATE 862C41D8 Device \Driver\usbehci \Device\USBPDO-2 IRP_MJ_CLOSE 862C41D8 Device \Driver\usbehci \Device\USBPDO-2 IRP_MJ_DEVICE_CONTROL 862C41D8 Device \Driver\usbehci \Device\USBPDO-2 IRP_MJ_INTERNAL_DEVICE_CONTROL 862C41D8 Device \Driver\usbehci \Device\USBPDO-2 IRP_MJ_POWER 862C41D8 Device \Driver\usbehci \Device\USBPDO-2 IRP_MJ_SYSTEM_CONTROL 862C41D8 Device \Driver\usbehci \Device\USBPDO-2 IRP_MJ_PNP 862C41D8 Device \Driver\00000036 \Device\00000047 IRP_MJ_POWER [F7746D74] sptd.sys Device \Driver\00000036 \Device\00000047 IRP_MJ_SYSTEM_CONTROL [F77602A2] sptd.sys Device \Driver\00000036 \Device\00000047 IRP_MJ_PNP [F7761228] sptd.sys Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_CREATE 867661D8 Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_READ 867661D8 Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_WRITE 867661D8 Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_FLUSH_BUFFERS 867661D8 Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_DEVICE_CONTROL 867661D8 Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_INTERNAL_DEVICE_CONTROL 867661D8 Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_SHUTDOWN 867661D8 Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_CLEANUP 867661D8 Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_POWER 867661D8 Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_SYSTEM_CONTROL 867661D8 Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_PNP 867661D8 Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_CREATE 862251D8 Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_CLOSE 862251D8 Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_READ 862251D8 Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_WRITE 862251D8 Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_FLUSH_BUFFERS 862251D8 Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_DEVICE_CONTROL 862251D8 Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_INTERNAL_DEVICE_CONTROL 862251D8 Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_SHUTDOWN 862251D8 Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_POWER 862251D8 Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_SYSTEM_CONTROL 862251D8 Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_PNP 862251D8 Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_CREATE 867661D8 Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_READ 867661D8 Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_WRITE 867661D8 Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_FLUSH_BUFFERS 867661D8 Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_DEVICE_CONTROL 867661D8 Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_INTERNAL_DEVICE_CONTROL 867661D8 Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_SHUTDOWN 867661D8 Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_CLEANUP 867661D8 Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_POWER 867661D8 Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_SYSTEM_CONTROL 867661D8 Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_PNP 867661D8 Device \Driver\Ftdisk \Device\HarddiskVolume3 IRP_MJ_CREATE 867661D8 Device \Driver\Ftdisk \Device\HarddiskVolume3 IRP_MJ_READ 867661D8 Device \Driver\Ftdisk \Device\HarddiskVolume3 IRP_MJ_WRITE 867661D8 Device \Driver\Ftdisk \Device\HarddiskVolume3 IRP_MJ_FLUSH_BUFFERS 867661D8 Device \Driver\Ftdisk \Device\HarddiskVolume3 IRP_MJ_DEVICE_CONTROL 867661D8 Device \Driver\Ftdisk \Device\HarddiskVolume3 IRP_MJ_INTERNAL_DEVICE_CONTROL 867661D8 Device \Driver\Ftdisk \Device\HarddiskVolume3 IRP_MJ_SHUTDOWN 867661D8 Device \Driver\Ftdisk \Device\HarddiskVolume3 IRP_MJ_CLEANUP 867661D8 Device \Driver\Ftdisk \Device\HarddiskVolume3 IRP_MJ_POWER 867661D8 Device \Driver\Ftdisk \Device\HarddiskVolume3 IRP_MJ_SYSTEM_CONTROL 867661D8 Device \Driver\Ftdisk \Device\HarddiskVolume3 IRP_MJ_PNP 867661D8 Device \Driver\Ftdisk \Device\HarddiskVolume4 IRP_MJ_CREATE 867661D8 Device \Driver\Ftdisk \Device\HarddiskVolume4 IRP_MJ_READ 867661D8 Device \Driver\Ftdisk \Device\HarddiskVolume4 IRP_MJ_WRITE 867661D8 Device \Driver\Ftdisk \Device\HarddiskVolume4 IRP_MJ_FLUSH_BUFFERS 867661D8 Device \Driver\Ftdisk \Device\HarddiskVolume4 IRP_MJ_DEVICE_CONTROL 867661D8 Device \Driver\Ftdisk \Device\HarddiskVolume4 IRP_MJ_INTERNAL_DEVICE_CONTROL 867661D8 Device \Driver\Ftdisk \Device\HarddiskVolume4 IRP_MJ_SHUTDOWN 867661D8 Device \Driver\Ftdisk \Device\HarddiskVolume4 IRP_MJ_CLEANUP 867661D8 Device \Driver\Ftdisk \Device\HarddiskVolume4 IRP_MJ_POWER 867661D8 Device \Driver\Ftdisk \Device\HarddiskVolume4 IRP_MJ_SYSTEM_CONTROL 867661D8 Device \Driver\Ftdisk \Device\HarddiskVolume4 IRP_MJ_PNP 867661D8 Device \Driver\nvatabus \Device\00000067 IRP_MJ_CREATE 867641D8 Device \Driver\nvatabus \Device\00000067 IRP_MJ_CREATE_NAMED_PIPE 867641D8 Device \Driver\nvatabus \Device\00000067 IRP_MJ_CLOSE 867641D8 Device \Driver\nvatabus \Device\00000067 IRP_MJ_READ 867641D8 Device \Driver\nvatabus \Device\00000067 IRP_MJ_WRITE 867641D8 Device \Driver\nvatabus \Device\00000067 IRP_MJ_QUERY_INFORMATION 867641D8 Device \Driver\nvatabus \Device\00000067 IRP_MJ_SET_INFORMATION 867641D8 Device \Driver\nvatabus \Device\00000067 IRP_MJ_QUERY_EA 867641D8 Device \Driver\nvatabus \Device\00000067 IRP_MJ_SET_EA 867641D8 Device \Driver\nvatabus \Device\00000067 IRP_MJ_FLUSH_BUFFERS 867641D8 Device \Driver\nvatabus \Device\00000067 IRP_MJ_QUERY_VOLUME_INFORMATION 867641D8 Device \Driver\nvatabus \Device\00000067 IRP_MJ_SET_VOLUME_INFORMATION 867641D8 Device \Driver\nvatabus \Device\00000067 IRP_MJ_DIRECTORY_CONTROL 867641D8 Device \Driver\nvatabus \Device\00000067 IRP_MJ_FILE_SYSTEM_CONTROL 867641D8 Device \Driver\nvatabus \Device\00000067 IRP_MJ_DEVICE_CONTROL 867641D8 Device \Driver\nvatabus \Device\00000067 IRP_MJ_INTERNAL_DEVICE_CONTROL 867641D8 Device \Driver\nvatabus \Device\00000067 IRP_MJ_SHUTDOWN 867641D8 Device \Driver\nvatabus \Device\00000067 IRP_MJ_LOCK_CONTROL 867641D8 Device \Driver\nvatabus \Device\00000067 IRP_MJ_CLEANUP 867641D8 Device \Driver\nvatabus \Device\00000067 IRP_MJ_CREATE_MAILSLOT 867641D8 Device \Driver\nvatabus \Device\00000067 IRP_MJ_QUERY_SECURITY 867641D8 Device \Driver\nvatabus \Device\00000067 IRP_MJ_SET_SECURITY 867641D8 Device \Driver\nvatabus \Device\00000067 IRP_MJ_POWER 867641D8 Device \Driver\nvatabus \Device\00000067 IRP_MJ_SYSTEM_CONTROL 867641D8 Device \Driver\nvatabus \Device\00000067 IRP_MJ_DEVICE_CHANGE 867641D8 Device \Driver\nvatabus \Device\00000067 IRP_MJ_QUERY_QUOTA 867641D8 Device \Driver\nvatabus \Device\00000067 IRP_MJ_SET_QUOTA 867641D8 Device \Driver\nvatabus \Device\00000067 IRP_MJ_PNP 867641D8 Device \Driver\NetBT \Device\NetBt_Wins_Export IRP_MJ_CREATE 862D81D8 Device \Driver\NetBT \Device\NetBt_Wins_Export IRP_MJ_CLOSE 862D81D8 Device \Driver\NetBT \Device\NetBt_Wins_Export IRP_MJ_DEVICE_CONTROL 862D81D8 Device \Driver\NetBT \Device\NetBt_Wins_Export IRP_MJ_INTERNAL_DEVICE_CONTROL 862D81D8 Device \Driver\NetBT \Device\NetBt_Wins_Export IRP_MJ_CLEANUP 862D81D8 Device \Driver\NetBT \Device\NetBt_Wins_Export IRP_MJ_PNP 862D81D8 Device \Driver\NetBT \Device\NetbiosSmb IRP_MJ_CREATE 862D81D8 Device \Driver\NetBT \Device\NetbiosSmb IRP_MJ_CLOSE 862D81D8 Device \Driver\NetBT \Device\NetbiosSmb IRP_MJ_DEVICE_CONTROL 862D81D8 Device \Driver\NetBT \Device\NetbiosSmb IRP_MJ_INTERNAL_DEVICE_CONTROL 862D81D8 Device \Driver\NetBT \Device\NetbiosSmb IRP_MJ_CLEANUP 862D81D8 Device \Driver\NetBT \Device\NetbiosSmb IRP_MJ_PNP 862D81D8 Device \Driver\NetBT \Device\NetBT_Tcpip_{9C36AB3B-2CDC-45A0-9E43-FA33A0AF3E4F} IRP_MJ_CREATE 862D81D8 Device \Driver\NetBT \Device\NetBT_Tcpip_{9C36AB3B-2CDC-45A0-9E43-FA33A0AF3E4F} IRP_MJ_CLOSE 862D81D8 Device \Driver\NetBT \Device\NetBT_Tcpip_{9C36AB3B-2CDC-45A0-9E43-FA33A0AF3E4F} IRP_MJ_DEVICE_CONTROL 862D81D8 Device \Driver\NetBT \Device\NetBT_Tcpip_{9C36AB3B-2CDC-45A0-9E43-FA33A0AF3E4F} IRP_MJ_INTERNAL_DEVICE_CONTROL 862D81D8 Device \Driver\NetBT \Device\NetBT_Tcpip_{9C36AB3B-2CDC-45A0-9E43-FA33A0AF3E4F} IRP_MJ_CLEANUP 862D81D8 Device \Driver\NetBT \Device\NetBT_Tcpip_{9C36AB3B-2CDC-45A0-9E43-FA33A0AF3E4F} IRP_MJ_PNP 862D81D8 Device \Driver\usbohci \Device\USBFDO-0 IRP_MJ_CREATE 862A9980 Device \Driver\usbohci \Device\USBFDO-0 IRP_MJ_CLOSE 862A9980 Device \Driver\usbohci \Device\USBFDO-0 IRP_MJ_DEVICE_CONTROL 862A9980 Device \Driver\usbohci \Device\USBFDO-0 IRP_MJ_INTERNAL_DEVICE_CONTROL 862A9980 Device \Driver\usbohci \Device\USBFDO-0 IRP_MJ_POWER 862A9980 Device \Driver\usbohci \Device\USBFDO-0 IRP_MJ_SYSTEM_CONTROL 862A9980 Device \Driver\usbohci \Device\USBFDO-0 IRP_MJ_PNP 862A9980 Device \Driver\usbohci \Device\USBFDO-1 IRP_MJ_CREATE 862A9980 Device \Driver\usbohci \Device\USBFDO-1 IRP_MJ_CLOSE 862A9980 Device \Driver\usbohci \Device\USBFDO-1 IRP_MJ_DEVICE_CONTROL 862A9980 Device \Driver\usbohci \Device\USBFDO-1 IRP_MJ_INTERNAL_DEVICE_CONTROL 862A9980 Device \Driver\usbohci \Device\USBFDO-1 IRP_MJ_POWER 862A9980 Device \Driver\usbohci \Device\USBFDO-1 IRP_MJ_SYSTEM_CONTROL 862A9980 Device \Driver\usbohci \Device\USBFDO-1 IRP_MJ_PNP 862A9980 Device \Driver\nvatabus \Device\NvAta0 IRP_MJ_CREATE 867641D8 Device \Driver\nvatabus \Device\NvAta0 IRP_MJ_CREATE_NAMED_PIPE 867641D8 Device \Driver\nvatabus \Device\NvAta0 IRP_MJ_CLOSE 867641D8 Device \Driver\nvatabus \Device\NvAta0 IRP_MJ_READ 867641D8 Device \Driver\nvatabus \Device\NvAta0 IRP_MJ_WRITE 867641D8 Device \Driver\nvatabus \Device\NvAta0 IRP_MJ_QUERY_INFORMATION 867641D8 Device \Driver\nvatabus \Device\NvAta0 IRP_MJ_SET_INFORMATION 867641D8 Device \Driver\nvatabus \Device\NvAta0 IRP_MJ_QUERY_EA 867641D8 Device \Driver\nvatabus \Device\NvAta0 IRP_MJ_SET_EA 867641D8 Device \Driver\nvatabus \Device\NvAta0 IRP_MJ_FLUSH_BUFFERS 867641D8 Device \Driver\nvatabus \Device\NvAta0 IRP_MJ_QUERY_VOLUME_INFORMATION 867641D8 Device \Driver\nvatabus \Device\NvAta0 IRP_MJ_SET_VOLUME_INFORMATION 867641D8 Device \Driver\nvatabus \Device\NvAta0 IRP_MJ_DIRECTORY_CONTROL 867641D8 Device \Driver\nvatabus \Device\NvAta0 IRP_MJ_FILE_SYSTEM_CONTROL 867641D8 Device \Driver\nvatabus \Device\NvAta0 IRP_MJ_DEVICE_CONTROL 867641D8 Device \Driver\nvatabus \Device\NvAta0 IRP_MJ_INTERNAL_DEVICE_CONTROL 867641D8 Device \Driver\nvatabus \Device\NvAta0 IRP_MJ_SHUTDOWN 867641D8 Device \Driver\nvatabus \Device\NvAta0 IRP_MJ_LOCK_CONTROL 867641D8 Device \Driver\nvatabus \Device\NvAta0 IRP_MJ_CLEANUP 867641D8 Device \Driver\nvatabus \Device\NvAta0 IRP_MJ_CREATE_MAILSLOT 867641D8 Device \Driver\nvatabus \Device\NvAta0 IRP_MJ_QUERY_SECURITY 867641D8 Device \Driver\nvatabus \Device\NvAta0 IRP_MJ_SET_SECURITY 867641D8 Device \Driver\nvatabus \Device\NvAta0 IRP_MJ_POWER 867641D8 Device \Driver\nvatabus \Device\NvAta0 IRP_MJ_SYSTEM_CONTROL 867641D8 Device \Driver\nvatabus \Device\NvAta0 IRP_MJ_DEVICE_CHANGE 867641D8 Device \Driver\nvatabus \Device\NvAta0 IRP_MJ_QUERY_QUOTA 867641D8 Device \Driver\nvatabus \Device\NvAta0 IRP_MJ_SET_QUOTA 867641D8 Device \Driver\nvatabus \Device\NvAta0 IRP_MJ_PNP 867641D8 Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_CREATE 8617A1D8 Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_CREATE_NAMED_PIPE 8617A1D8 Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_CLOSE 8617A1D8 Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_READ 8617A1D8 Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_WRITE 8617A1D8 Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_QUERY_INFORMATION 8617A1D8 Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_SET_INFORMATION 8617A1D8 Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_QUERY_EA 8617A1D8 Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_SET_EA 8617A1D8 Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_FLUSH_BUFFERS 8617A1D8 Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_QUERY_VOLUME_INFORMATION 8617A1D8 Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_SET_VOLUME_INFORMATION 8617A1D8 Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_DIRECTORY_CONTROL 8617A1D8 Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_FILE_SYSTEM_CONTROL 8617A1D8 Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_DEVICE_CONTROL 8617A1D8 Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_INTERNAL_DEVICE_CONTROL 8617A1D8 Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_SHUTDOWN 8617A1D8 Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_LOCK_CONTROL 8617A1D8 Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_CLEANUP 8617A1D8 Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_CREATE_MAILSLOT 8617A1D8 Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_QUERY_SECURITY 8617A1D8 Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_SET_SECURITY 8617A1D8 Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_POWER 8617A1D8 Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_SYSTEM_CONTROL 8617A1D8 Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_DEVICE_CHANGE 8617A1D8 Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_QUERY_QUOTA 8617A1D8 Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_SET_QUOTA 8617A1D8 Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_PNP 8617A1D8 Device \Driver\usbehci \Device\USBFDO-2 IRP_MJ_CREATE 862C41D8 Device \Driver\usbehci \Device\USBFDO-2 IRP_MJ_CLOSE 862C41D8 Device \Driver\usbehci \Device\USBFDO-2 IRP_MJ_DEVICE_CONTROL 862C41D8 Device \Driver\usbehci \Device\USBFDO-2 IRP_MJ_INTERNAL_DEVICE_CONTROL 862C41D8 Device \Driver\usbehci \Device\USBFDO-2 IRP_MJ_POWER 862C41D8 Device \Driver\usbehci \Device\USBFDO-2 IRP_MJ_SYSTEM_CONTROL 862C41D8 Device \Driver\usbehci \Device\USBFDO-2 IRP_MJ_PNP 862C41D8 Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_CREATE 8617A1D8 Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_CREATE_NAMED_PIPE 8617A1D8 Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_CLOSE 8617A1D8 Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_READ 8617A1D8 Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_WRITE 8617A1D8 Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_QUERY_INFORMATION 8617A1D8 Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_SET_INFORMATION 8617A1D8 Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_QUERY_EA 8617A1D8 Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_SET_EA 8617A1D8 Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_FLUSH_BUFFERS 8617A1D8 Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_QUERY_VOLUME_INFORMATION 8617A1D8 Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_SET_VOLUME_INFORMATION 8617A1D8 Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_DIRECTORY_CONTROL 8617A1D8 Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_FILE_SYSTEM_CONTROL 8617A1D8 Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_DEVICE_CONTROL 8617A1D8 Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_INTERNAL_DEVICE_CONTROL 8617A1D8 Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_SHUTDOWN 8617A1D8 Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_LOCK_CONTROL 8617A1D8 Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_CLEANUP 8617A1D8 Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_CREATE_MAILSLOT 8617A1D8 Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_QUERY_SECURITY 8617A1D8 Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_SET_SECURITY 8617A1D8 Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_POWER 8617A1D8 Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_SYSTEM_CONTROL 8617A1D8 Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_DEVICE_CHANGE 8617A1D8 Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_QUERY_QUOTA 8617A1D8 Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_SET_QUOTA 8617A1D8 Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_PNP 8617A1D8 Device \Driver\Ftdisk \Device\FtControl IRP_MJ_CREATE 867661D8 Device \Driver\Ftdisk \Device\FtControl IRP_MJ_READ 867661D8 Device \Driver\Ftdisk \Device\FtControl IRP_MJ_WRITE 867661D8 Device \Driver\Ftdisk \Device\FtControl IRP_MJ_FLUSH_BUFFERS 867661D8 Device \Driver\Ftdisk \Device\FtControl IRP_MJ_DEVICE_CONTROL 867661D8 Device \Driver\Ftdisk \Device\FtControl IRP_MJ_INTERNAL_DEVICE_CONTROL 867661D8 Device \Driver\Ftdisk \Device\FtControl IRP_MJ_SHUTDOWN 867661D8 Device \Driver\Ftdisk \Device\FtControl IRP_MJ_CLEANUP 867661D8 Device \Driver\Ftdisk \Device\FtControl IRP_MJ_POWER 867661D8 Device \Driver\Ftdisk \Device\FtControl IRP_MJ_SYSTEM_CONTROL 867661D8 Device \Driver\Ftdisk \Device\FtControl IRP_MJ_PNP 867661D8 Device \Driver\NetBT \Device\NetBT_Tcpip_{1690A413-D267-4F79-BD29-95F4B29D9031} IRP_MJ_CREATE 862D81D8 Device \Driver\NetBT \Device\NetBT_Tcpip_{1690A413-D267-4F79-BD29-95F4B29D9031} IRP_MJ_CLOSE 862D81D8 Device \Driver\NetBT \Device\NetBT_Tcpip_{1690A413-D267-4F79-BD29-95F4B29D9031} IRP_MJ_DEVICE_CONTROL 862D81D8 Device \Driver\NetBT \Device\NetBT_Tcpip_{1690A413-D267-4F79-BD29-95F4B29D9031} IRP_MJ_INTERNAL_DEVICE_CONTROL 862D81D8 Device \Driver\NetBT \Device\NetBT_Tcpip_{1690A413-D267-4F79-BD29-95F4B29D9031} IRP_MJ_CLEANUP 862D81D8 Device \Driver\NetBT \Device\NetBT_Tcpip_{1690A413-D267-4F79-BD29-95F4B29D9031} IRP_MJ_PNP 862D81D8 Device \Driver\Si3112r \Device\Scsi\Si3112r1Port0Path1Target0Lun0 IRP_MJ_CREATE 867D21D8 Device \Driver\Si3112r \Device\Scsi\Si3112r1Port0Path1Target0Lun0 IRP_MJ_CLOSE 867D21D8 Device \Driver\Si3112r \Device\Scsi\Si3112r1Port0Path1Target0Lun0 IRP_MJ_DEVICE_CONTROL 867D21D8 Device \Driver\Si3112r \Device\Scsi\Si3112r1Port0Path1Target0Lun0 IRP_MJ_INTERNAL_DEVICE_CONTROL 867D21D8 Device \Driver\Si3112r \Device\Scsi\Si3112r1Port0Path1Target0Lun0 IRP_MJ_POWER 867D21D8 Device \Driver\Si3112r \Device\Scsi\Si3112r1Port0Path1Target0Lun0 IRP_MJ_SYSTEM_CONTROL 867D21D8 Device \Driver\Si3112r \Device\Scsi\Si3112r1Port0Path1Target0Lun0 IRP_MJ_PNP 867D21D8 Device \Driver\Si3112r \Device\Scsi\Si3112r1Port0Path0Target0Lun0 IRP_MJ_CREATE 867D21D8 Device \Driver\Si3112r \Device\Scsi\Si3112r1Port0Path0Target0Lun0 IRP_MJ_CLOSE 867D21D8 Device \Driver\Si3112r \Device\Scsi\Si3112r1Port0Path0Target0Lun0 IRP_MJ_DEVICE_CONTROL 867D21D8 Device \Driver\Si3112r \Device\Scsi\Si3112r1Port0Path0Target0Lun0 IRP_MJ_INTERNAL_DEVICE_CONTROL 867D21D8 Device \Driver\Si3112r \Device\Scsi\Si3112r1Port0Path0Target0Lun0 IRP_MJ_POWER 867D21D8 Device \Driver\Si3112r \Device\Scsi\Si3112r1Port0Path0Target0Lun0 IRP_MJ_SYSTEM_CONTROL 867D21D8 Device \Driver\Si3112r \Device\Scsi\Si3112r1Port0Path0Target0Lun0 IRP_MJ_PNP 867D21D8 Device \Driver\a5sr54ko \Device\Scsi\a5sr54ko1 IRP_MJ_CREATE 8616C2D8 Device \Driver\a5sr54ko \Device\Scsi\a5sr54ko1 IRP_MJ_CLOSE 8616C2D8 Device \Driver\a5sr54ko \Device\Scsi\a5sr54ko1 IRP_MJ_DEVICE_CONTROL 8616C2D8 Device \Driver\a5sr54ko \Device\Scsi\a5sr54ko1 IRP_MJ_INTERNAL_DEVICE_CONTROL 8616C2D8 Device \Driver\a5sr54ko \Device\Scsi\a5sr54ko1 IRP_MJ_POWER 8616C2D8 Device \Driver\a5sr54ko \Device\Scsi\a5sr54ko1 IRP_MJ_SYSTEM_CONTROL 8616C2D8 Device \Driver\a5sr54ko \Device\Scsi\a5sr54ko1 IRP_MJ_PNP 8616C2D8 Device \Driver\Si3112r \Device\Scsi\Si3112r1 IRP_MJ_CREATE 867D21D8 Device \Driver\Si3112r \Device\Scsi\Si3112r1 IRP_MJ_CLOSE 867D21D8 Device \Driver\Si3112r \Device\Scsi\Si3112r1 IRP_MJ_DEVICE_CONTROL 867D21D8 Device \Driver\Si3112r \Device\Scsi\Si3112r1 IRP_MJ_INTERNAL_DEVICE_CONTROL 867D21D8 Device \Driver\Si3112r \Device\Scsi\Si3112r1 IRP_MJ_POWER 867D21D8 Device \Driver\Si3112r \Device\Scsi\Si3112r1 IRP_MJ_SYSTEM_CONTROL 867D21D8 Device \Driver\Si3112r \Device\Scsi\Si3112r1 IRP_MJ_PNP 867D21D8 Device \FileSystem\Fastfat \Fat IRP_MJ_CREATE 84AD4980 Device \FileSystem\Fastfat \Fat IRP_MJ_CLOSE 84AD4980 Device \FileSystem\Fastfat \Fat IRP_MJ_READ 84AD4980 Device \FileSystem\Fastfat \Fat IRP_MJ_WRITE 84AD4980 Device \FileSystem\Fastfat \Fat IRP_MJ_QUERY_INFORMATION 84AD4980 Device \FileSystem\Fastfat \Fat IRP_MJ_SET_INFORMATION 84AD4980 Device \FileSystem\Fastfat \Fat IRP_MJ_QUERY_EA 84AD4980 Device \FileSystem\Fastfat \Fat IRP_MJ_SET_EA 84AD4980 Device \FileSystem\Fastfat \Fat IRP_MJ_FLUSH_BUFFERS 84AD4980 Device \FileSystem\Fastfat \Fat IRP_MJ_QUERY_VOLUME_INFORMATION 84AD4980 Device \FileSystem\Fastfat \Fat IRP_MJ_SET_VOLUME_INFORMATION 84AD4980 Device \FileSystem\Fastfat \Fat IRP_MJ_DIRECTORY_CONTROL 84AD4980 Device \FileSystem\Fastfat \Fat IRP_MJ_FILE_SYSTEM_CONTROL 84AD4980 Device \FileSystem\Fastfat \Fat IRP_MJ_DEVICE_CONTROL 84AD4980 Device \FileSystem\Fastfat \Fat IRP_MJ_SHUTDOWN 84AD4980 Device \FileSystem\Fastfat \Fat IRP_MJ_LOCK_CONTROL 84AD4980 Device \FileSystem\Fastfat \Fat IRP_MJ_CLEANUP 84AD4980 Device \FileSystem\Fastfat \Fat IRP_MJ_PNP 84AD4980 Device \FileSystem\Cdfs \Cdfs IRP_MJ_CREATE 84C411D8 Device \FileSystem\Cdfs \Cdfs IRP_MJ_CLOSE 84C411D8 Device \FileSystem\Cdfs \Cdfs IRP_MJ_READ 84C411D8 Device \FileSystem\Cdfs \Cdfs IRP_MJ_QUERY_INFORMATION 84C411D8 Device \FileSystem\Cdfs \Cdfs IRP_MJ_SET_INFORMATION 84C411D8 Device \FileSystem\Cdfs \Cdfs IRP_MJ_QUERY_VOLUME_INFORMATION 84C411D8 Device \FileSystem\Cdfs \Cdfs IRP_MJ_DIRECTORY_CONTROL 84C411D8 Device \FileSystem\Cdfs \Cdfs IRP_MJ_FILE_SYSTEM_CONTROL 84C411D8 Device \FileSystem\Cdfs \Cdfs IRP_MJ_DEVICE_CONTROL 84C411D8 Device \FileSystem\Cdfs \Cdfs IRP_MJ_SHUTDOWN 84C411D8 Device \FileSystem\Cdfs \Cdfs IRP_MJ_LOCK_CONTROL 84C411D8 Device \FileSystem\Cdfs \Cdfs IRP_MJ_CLEANUP 84C411D8 Device \FileSystem\Cdfs \Cdfs IRP_MJ_PNP 84C411D8 ---- Threads - GMER 1.0.12 ---- Thread 4:168 863248E0 Thread 4:172 863248E0 Thread 4:176 862FD8D0 Thread 4:180 862FD8D0 Thread 4:184 862FD8D0 Thread 4:456 863248E0 Thread 4:820 863248E0 Thread 4:972 863248E0 Thread 4:708 8506F4A0 ---- EOF - GMER 1.0.12 ---- Ultima modifica di foxmolder5 : 03-03-2007 alle 15:18. |
|
|
|
|
03-03-2007, 15:16
|
#4 |
|
Senior Member
Iscritto dal: Dec 2001
Messaggi: 2514
|
nei due log di gmer non appaiono voci in rosso.
|
|
|
|
|
03-03-2007, 16:02
|
#5 | |
|
Senior Member
Iscritto dal: Apr 2006
Messaggi: 22462
|
Quote:
__________________
amd a64x2 4400+ sk939;asus a8n-sli; 2x1gb ddr400; x850 crossfire; 2 x western digital abys 320gb|| asus g1
Se striscia fulmina, se svolazza l'ammazza |
|
|
|
|
|
03-03-2007, 20:15
|
#6 | |
|
Senior Member
Iscritto dal: Dec 2001
Messaggi: 2514
|
Quote:
|
|
|
|
|
|
04-03-2007, 16:39
|
#7 | |
|
Senior Member
Iscritto dal: Apr 2006
Messaggi: 22462
|
Quote:
__________________
amd a64x2 4400+ sk939;asus a8n-sli; 2x1gb ddr400; x850 crossfire; 2 x western digital abys 320gb|| asus g1
Se striscia fulmina, se svolazza l'ammazza |
|
|
|
|
|
|
| Strumenti | |
|
|
Tutti gli orari sono GMT +1. Ora sono le: 03:15.
