Torna indietro   Hardware Upgrade Forum > Networking e sicurezza > Antivirus e Sicurezza > AV e sicurezza in generale
Ricarica la Pagina Problema di download...HELP

Recensione vivo X300 Pro: è ancora lui il re della fotografia mobile, peccato per la batteria
Recensione vivo X300 Pro: è ancora lui il re della fotografia mobile, peccato per la batteria
vivo X300 Pro rappresenta un'evoluzione misurata della serie fotografica del produttore cinese, con un sistema di fotocamere migliorato, chipset Dimensity 9500 di ultima generazione e l'arrivo dell'interfaccia OriginOS 6 anche sui modelli internazionali. La scelta di limitare la batteria a 5.440mAh nel mercato europeo, rispetto ai 6.510mAh disponibili altrove, fa storcere un po' il naso
Lenovo Legion Go 2: Ryzen Z2 Extreme e OLED 8,8'' per spingere gli handheld gaming PC al massimo
Lenovo Legion Go 2: Ryzen Z2 Extreme e OLED 8,8'' per spingere gli handheld gaming PC al massimo
Lenovo Legion Go 2 è la nuova handheld PC gaming con processore AMD Ryzen Z2 Extreme (8 core Zen 5/5c, GPU RDNA 3.5 16 CU) e schermo OLED 8,8" 1920x1200 144Hz. È dotata anche di controller rimovibili TrueStrike con joystick Hall effect e una batteria da 74Wh. Rispetto al dispositivo che l'ha preceduta, migliora ergonomia e prestazioni a basse risoluzioni, ma pesa 920g e costa 1.299€ nella configurazione con 32GB RAM/1TB SSD e Z2 Extreme
AWS re:Invent 2025: inizia l'era dell'AI-as-a-Service con al centro gli agenti
AWS re:Invent 2025: inizia l'era dell'AI-as-a-Service con al centro gli agenti
A re:Invent 2025, AWS mostra un’evoluzione profonda della propria strategia: l’IA diventa una piattaforma di servizi sempre più pronta all’uso, con agenti e modelli preconfigurati che accelerano lo sviluppo, mentre il cloud resta la base imprescindibile per governare dati, complessità e lock-in in uno scenario sempre più orientato all’hybrid cloud
Factorial, azienda di batterie allo stato solido, entra in borsa tramite fusione SPAC
Le specifiche fuori di testa della Yangwang U7: batteria enorme e più di 1.000 CV
I numeri incredibili di Xiaomi: nel 2025 ha consegnato 400.000 auto elettriche
In Cina è pronto il parco fotovoltaico offshore da 1 GW, è il primo al mondo
Neuralink accelera: produzione di massa degli impianti cerebrali prevista per il 2026
Starlink abbassa l'orbita di migliaia di satelliti per aumentare la sicurezza spaziale
Dal MIT una nuova batteria per auto elettriche economica e con 1.600 km di autonomia
Adam Mosseri parla di IA su Instagram: l'autenticità dei contenuti umani è a rischio?
Suonerie personalizzate e Tone Store: il nuovo concept che modifica le notifiche su WhatsApp
LG UltraGear evo: svelati i monitor gaming AI di nuova generazione e le loro specifiche tecniche
Nelle offerte Amazon del nuovo anno ci sono diverse sorprese: 34 articoli super scontati, alcuni a tempo
Tutti gli articoli Tutte le news

Vai al Forum
Rispondi
 
Strumenti
Old 25-08-2007, 22:12   #1
seven75
Member
 
Iscritto dal: Aug 2006
Messaggi: 34
Problema di download...HELP
Ciao ragazzi, mi avete sempre aiutato, spero possiate farlo anche ora.

Da circa un paio di giorni non riesco più a scaricare niente dal browse
Con Mozilla Firefox, IE 7 mi da questo errore: This object has been blocked.
Ripeto che fino a 2 giorni fa tutto filava bene

Uso ZoneAlarm Security Suite 7.0.337.000 che fin'ora non mi ha mai dato problemi (anzi lo consiglio a molti), sono pulito da virus, worm, spy ecc... (ho fatto scansioni con decine di software free e non) e, importante, non uso proxy, visto che sono errori relativi a questi.

Vorrei evitare la formattazione perchè ho circa 60/70Gb di programmi da reinstallare. Qualcuno di voi riesce a svelare l'arcano????
Ciao e Grazie per l'ennesima volta.
seven75 è offline   Rispondi citando il messaggio o parte di esso
Old 25-08-2007, 22:41   #2
Mafio
Bannato
 
Iscritto dal: Apr 2007
Città: Montecarlo
Messaggi: 12723
non riesci a scaricare ma riesci a navigare???
non ti va un solo download oppure qualsiasi download non va???

1)non usare l'antivirus e l'antispyware della suite di zone alarm
2)prova a disattivare il firewall e vedi se il download parte, se parte vuol dire che c'è qualche opzione sbagliate nel firewall.

rispondi alle mie 2 domande che vediamo di risolvere. ciao
Mafio è offline   Rispondi citando il messaggio o parte di esso
Old 25-08-2007, 22:44   #3
lancetta
Senior Member
 
L'Avatar di lancetta
 
Iscritto dal: Feb 2007
Città: Salerno......
Messaggi: 3259
Quote:
Originariamente inviato da Mafio Guarda i messaggi
non riesci a scaricare ma riesci a navigare???
non ti va un solo download oppure qualsiasi download non va???

1)non usare l'antivirus e l'antispyware della suite di zone alarm
2)prova a disattivare il firewall e vedi se il download parte, se parte vuol dire che c'è qualche opzione sbagliate nel firewall.

rispondi alle mie 2 domande che vediamo di risolvere. ciao
Quoto...c'è qualcosa che impedisce i download......
__________________
Opera disabilitazione script ed iframe Recuperare le proprie password on line. Messenger: massima attenzione ai SITI TRUFFA | GUIDA:ShutdownTimer (Spegnimento auto pc) | Quando il centro sicurezza non riconosce i soft. Guida a Malwarebytes' Anti-Malware = tiemp bell e na volta...
lancetta è offline   Rispondi citando il messaggio o parte di esso
Old 25-08-2007, 22:54   #4
seven75
Member
 
Iscritto dal: Aug 2006
Messaggi: 34
Subito e grazie:

1 - riesco a navigare perfettamente su ogni sito.
2- non va nessun download (ps: sono tutti download normalissimi di
freeware,shareware,demo)

Ho provato anche a chiudere lo zonealarm compresi i suoi processi nel taskmanager ma niente da fare.

Addirittura negli ultimi 30 secondi appare continuamente la finestra di ZoneAlarm con scritto:

PROTEZIONE DI MAILSAFE IN USCITA
Generic host processor ha violato le regole di posta elettronica in uscita. Consentire l'invio del messaggio?
Applicazione svchost.exe
piu di 10 messaggi in 3 secondi (seguono indirizzi email mai avuti)

Ho rifatto scansioni con: ZA, Kasperskay, Noadware, ad aware, panda e tutto quello che si puo avere ma al massimo mi trovano qualche cookie innucuo (tipo ebay ecc...).

Che cavolo sara???
seven75 è offline   Rispondi citando il messaggio o parte di esso
Old 25-08-2007, 23:04   #5
seven75
Member
 
Iscritto dal: Aug 2006
Messaggi: 34
AGGIORNAMENTO:

LA SOLITA FINESTRA DI ZA MI CHIEDE SE CONSENTIRE O NEGARE EMAIL IN USCITA(DAL MIO INDIRIZZO) A SITI GOVERNATIVI (.GOV)
seven75 è offline   Rispondi citando il messaggio o parte di esso
Old 25-08-2007, 23:20   #6
Mafio
Bannato
 
Iscritto dal: Apr 2007
Città: Montecarlo
Messaggi: 12723
io controllerei, svhost.exe è spesso rimpiazzato da virus...installa antivir, aggiornalo, fai la scansione e scrivi nella sezione antivirus-->sono infetto

mi sa che il tuo problema è un virus e non zone alarm
Mafio è offline   Rispondi citando il messaggio o parte di esso
Old 26-08-2007, 11:24   #7
juninho85
Bannato
 
L'Avatar di juninho85
 
Iscritto dal: Mar 2004
Città: Galapagos Attenzione:utente flautolente,tienilo a mente
Messaggi: 28998
posta qui con log di gmer e HJT
juninho85 è offline   Rispondi citando il messaggio o parte di esso
Old 26-08-2007, 17:17   #8
seven75
Member
 
Iscritto dal: Aug 2006
Messaggi: 34
Eccomi, ci ho messo tanto perche da http non riesco a scaricare e allora ho usato il mulo.

HJT post (spero sia giusto perche è la prima volta che lo uso)

Logfile of HijackThis v1.99.1
Scan saved at 17.15.43, on 26/08/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16512)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmi\File comuni\Symantec Shared\ccSetMgr.exe
C:\Programmi\File comuni\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmi\Skype\Phone\Skype.exe
C:\Programmi\RSSoft\RedSwoosh.exe
C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Programmi\LG PC Suite\LG PC Sync\LGSyncManager.exe
C:\WINDOWS\system32\crypserv.exe
C:\Programmi\File comuni\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Programmi\Eset\nod32krn.exe
C:\Programmi\File comuni\Ulead Systems\DVD\ULCDRSvr.exe
C:\Programmi\File comuni\VMware\VMware Virtual Image Editing\vmount2.exe
C:\WINDOWS\system32\vmnat.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\explorer.exe
C:\Programmi\Zone Labs\ZoneAlarm\zlclient.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\ZoneLabs\avsys\ScanningProcess.exe
C:\WINDOWS\system32\ZoneLabs\avsys\ScanningProcess.exe
C:\PROGRA~1\ZONELA~1\ZONEAL~1\MAILFR~1\mantispm.exe
C:\Programmi\eMule\emule.exe
C:\PROGRA~1\INCRED~1\bin\IMApp.exe
C:\Programmi\LG PC Suite\LG Phone Manager\LGPhoneManager.exe
C:\Programmi\Mozilla Firefox\firefox.exe
C:\DOCUME~1\rec\IMPOST~1\Temp\Rar$EX00.883\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://safesearch.cyberdefender.com/smallsearch.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = ˜2{t:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = \blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = :
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
R3 - URLSearchHook: Coolstreaming_Tool-Bar_v1.0 toolbar - {bd0e4d83-654e-4213-965b-fcbe887061f4} - C:\Programmi\Coolstreaming_Tool-Bar_v1.0\tbCoo1.dll
R3 - URLSearchHook: Yahoo! Toolbar con blocco Pop-Up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programmi\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Programmi\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Supporto di collegamento per Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programmi\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programmi\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: Coolstreaming_Tool-Bar_v1.0 toolbar - {bd0e4d83-654e-4213-965b-fcbe887061f4} - C:\Programmi\Coolstreaming_Tool-Bar_v1.0\tbCoo1.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programmi\google\googletoolbar1.dll
O3 - Toolbar: Yahoo! Toolbar con blocco Pop-Up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programmi\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Coolstreaming_Tool-Bar_v1.0 toolbar - {bd0e4d83-654e-4213-965b-fcbe887061f4} - C:\Programmi\Coolstreaming_Tool-Bar_v1.0\tbCoo1.dll
O3 - Toolbar: Steganos Internet Anonym - {00000000-5736-4205-0008-f7ed0776fb27} - c:\programmi\steganos internet anonym 2006\sia2006iep.dll
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Programmi\D-Tools\daemon.exe" -lang 1033 -lock
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Programmi\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Skype] "C:\Programmi\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [CyberDefender Early Detection Center] "C:\Programmi\CyberDefender\AntiSpyware\cdas11a.exe" /minimize
O4 - HKCU\..\Run: [Red Swoosh] C:\Programmi\RSSoft\RedSwoosh.exe /S
O4 - HKCU\..\Run: [swg] C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - Global Startup: LG SyncManager.lnk = C:\Programmi\LG PC Suite\LG PC Sync\LGSyncManager.exe
O8 - Extra context menu item: &eBay Search - res://C:\Programmi\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html
O8 - Extra context menu item: Converti destinazione link in file PDF esistente - res://C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Converti i link selezionati in Adobe PDF - res://C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Converti i link selezionati in file PDF esistente - res://C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Converti nel file PDF esistente - res://C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Converti selezione in file PDF esistente - res://C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Save with Download Manager... - C:\Programmi\J River\Media Jukebox\DMDownload.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Ricerche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Magic Nettrace - {92848C13-5482-49CB-B31C-CA8D74EFF508} - C:\Programmi\Magic NetTrace\MTIE.exe
O9 - Extra 'Tools' menuitem: &Magic Nettrace - {92848C13-5482-49CB-B31C-CA8D74EFF508} - C:\Programmi\Magic NetTrace\MTIE.exe
O9 - Extra button: Locate - {B6F776D7-C231-11D4-8158-005004ADEFCA} - C:\Programmi\Software River Solutions\Visual WhoIs 2004\srstools.dll
O9 - Extra 'Tools' menuitem: Locate Using Visual WhoIs 2004 - {B6F776D7-C231-11D4-8158-005004ADEFCA} - C:\Programmi\Software River Solutions\Visual WhoIs 2004\srstools.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra button: SmartWhois - {FD9DE2B4-C926-4460-81C4-FC58C6F1062E} - C:\Programmi\SmartWhois\swmsie.exe
O9 - Extra button: (no name) - {FF983118-58C7-4AD4-B5A7-691C39CB7B42} - C:\Programmi\SmartWhois\swmsie.exe
O9 - Extra 'Tools' menuitem: SmartWhois - {FF983118-58C7-4AD4-B5A7-691C39CB7B42} - C:\Programmi\SmartWhois\swmsie.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Programmi\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/ge...sh/swflash.cab
O16 - DPF: {D8089245-3211-40F6-819B-9E5E92CD61A2} (FlashXControl Object) - https://crazyvegas.microgaming.com/generic/FlashAX.cab
O16 - DPF: {F7EDBBEA-1AD2-4EBF-AA07-D453CC29EE65} (Flash Casino Helper Object) - https://casinoclassic.microgaming.co...c/FlashAX2.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{9C6F5184-070E-4B93-A94D-7B4A6A66B6F4}: NameServer = 85.37.17.41 85.38.28.83
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FILECO~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Programmi\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: Antiwpa - C:\WINDOWS\SYSTEM32\antiwpa.dll
O20 - Winlogon Notify: avgwlntf - C:\WINDOWS\SYSTEM32\avgwlntf.dll
O20 - Winlogon Notify: jupiw32 - C:\WINDOWS\SYSTEM32\jupiw32.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Programmi\File comuni\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\ccSetMgr.exe
O23 - Service: Crypkey License - Kenonic Controls Ltd. - C:\WINDOWS\SYSTEM32\crypserv.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Programmi\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programmi\File comuni\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Programmi\iPod\bin\iPodService.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Programmi\File comuni\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: SNMP Trap Service (SNMPTRAP) - Unknown owner - C:\WINDOWS\system32\snmptrap.exe (file missing)
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Programmi\File comuni\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - C:\Programmi\VMware\VMware Workstation\vmware-authd.exe
O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - C:\WINDOWS\system32\vmnetdhcp.exe
O23 - Service: VMware Virtual Mount Manager Extended (vmount2) - VMware, Inc. - C:\Programmi\File comuni\VMware\VMware Virtual Image Editing\vmount2.exe
O23 - Service: VMware NAT Service - VMware, Inc. - C:\WINDOWS\system32\vmnat.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
seven75 è offline   Rispondi citando il messaggio o parte di esso
Old 26-08-2007, 18:10   #9
seven75
Member
 
Iscritto dal: Aug 2006
Messaggi: 34
Ecco Gmer

GMER 1.0.12.12011 - http://www.gmer.net
Rootkit scan 2007-08-26 18:09:12
Windows 5.1.2600 Service Pack 2


---- System - GMER 1.0.12 ----

Code 860D6D34 ZwOpenKey
Code 86D72074 ZwCreateKey
Code 86DE0C93 MmMapViewOfSection

SSDT \??\C:\WINDOWS\system32\ZoneLabs\avsys\KLIF.SYS ZwClose
SSDT \??\C:\WINDOWS\system32\ZoneLabs\avsys\KLIF.SYS ZwCreateProcess
SSDT \??\C:\WINDOWS\system32\ZoneLabs\avsys\KLIF.SYS ZwCreateProcessEx
SSDT \??\C:\WINDOWS\system32\ZoneLabs\avsys\KLIF.SYS ZwCreateSection
SSDT \??\C:\WINDOWS\system32\ZoneLabs\avsys\KLIF.SYS ZwCreateSymbolicLinkObject
SSDT \??\C:\WINDOWS\system32\ZoneLabs\avsys\KLIF.SYS ZwCreateThread
SSDT \??\C:\WINDOWS\system32\ZoneLabs\avsys\KLIF.SYS ZwDuplicateObject
SSDT \??\C:\WINDOWS\system32\ZoneLabs\avsys\KLIF.SYS ZwOpenProcess
SSDT \??\C:\WINDOWS\system32\ZoneLabs\avsys\KLIF.SYS ZwOpenSection
SSDT \??\C:\WINDOWS\system32\ZoneLabs\avsys\KLIF.SYS ZwQuerySystemInformation
SSDT \??\C:\WINDOWS\system32\ZoneLabs\avsys\KLIF.SYS ZwResumeThread
SSDT \??\C:\WINDOWS\system32\ZoneLabs\avsys\KLIF.SYS ZwSetContextThread
SSDT \??\C:\WINDOWS\system32\ZoneLabs\avsys\KLIF.SYS ZwSetInformationFile
SSDT \??\C:\WINDOWS\system32\ZoneLabs\avsys\KLIF.SYS ZwSetInformationProcess
SSDT \??\C:\WINDOWS\system32\ZoneLabs\avsys\KLIF.SYS ZwSetSecurityObject
SSDT \??\C:\WINDOWS\system32\ZoneLabs\avsys\KLIF.SYS ZwSuspendThread
SSDT \??\C:\WINDOWS\system32\ZoneLabs\avsys\KLIF.SYS ZwTerminateProcess
SSDT \??\C:\WINDOWS\system32\ZoneLabs\avsys\KLIF.SYS ZwWriteVirtualMemory
SSDT \??\C:\WINDOWS\system32\ZoneLabs\avsys\KLIF.SYS SSDT[284]
SSDT \??\C:\WINDOWS\system32\ZoneLabs\avsys\KLIF.SYS SSDT[285]
SSDT \??\C:\WINDOWS\system32\ZoneLabs\avsys\KLIF.SYS SSDT[286]
SSDT \??\C:\WINDOWS\system32\ZoneLabs\avsys\KLIF.SYS SSDT[287]
SSDT \??\C:\WINDOWS\system32\ZoneLabs\avsys\KLIF.SYS SSDT[288]
SSDT \??\C:\WINDOWS\system32\ZoneLabs\avsys\KLIF.SYS SSDT[289]
SSDT \??\C:\WINDOWS\system32\ZoneLabs\avsys\KLIF.SYS SSDT[290]
SSDT \??\C:\WINDOWS\system32\ZoneLabs\avsys\KLIF.SYS SSDT[291]
SSDT \??\C:\WINDOWS\system32\ZoneLabs\avsys\KLIF.SYS SSDT[292]
SSDT \??\C:\WINDOWS\system32\ZoneLabs\avsys\KLIF.SYS SSDT[293]
SSDT \??\C:\WINDOWS\system32\ZoneLabs\avsys\KLIF.SYS SSDT[294]
SSDT \??\C:\WINDOWS\system32\ZoneLabs\avsys\KLIF.SYS SSDT[295]
SSDT \??\C:\WINDOWS\system32\ZoneLabs\avsys\KLIF.SYS SSDT[296]

Code \??\C:\WINDOWS\system32\ZoneLabs\avsys\KLIF.SYS FsRtlCheckLockForReadAccess
Code \??\C:\WINDOWS\system32\ZoneLabs\avsys\KLIF.SYS IoIsOperationSynchronous

---- Devices - GMER 1.0.12 ----

Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 IRP_MJ_CLEANUP 86D94008
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 IRP_MJ_CLOSE 86D94008
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 IRP_MJ_CREATE 86D94008
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 IRP_MJ_CREATE_MAILSLOT 86D94008
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 IRP_MJ_CREATE_NAMED_PIPE 86D94008
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 IRP_MJ_DEVICE_CHANGE 86D94008
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 IRP_MJ_DEVICE_CONTROL 86D94008
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 IRP_MJ_DIRECTORY_CONTROL 86D94008
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 IRP_MJ_FILE_SYSTEM_CONTROL 86D94008
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 IRP_MJ_FLUSH_BUFFERS 86D94008
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 IRP_MJ_INTERNAL_DEVICE_CONTROL 86BDD150
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 IRP_MJ_LOCK_CONTROL 86D94008
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 IRP_MJ_PNP 86D94008
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 IRP_MJ_POWER 86D94008
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 IRP_MJ_QUERY_EA 86D94008
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 IRP_MJ_QUERY_INFORMATION 86D94008
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 IRP_MJ_QUERY_QUOTA 86D94008
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 IRP_MJ_QUERY_SECURITY 86D94008
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 IRP_MJ_QUERY_VOLUME_INFORMATION 86D94008
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 IRP_MJ_READ 86D94008
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 IRP_MJ_SET_EA 86D94008
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 IRP_MJ_SET_INFORMATION 86D94008
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 IRP_MJ_SET_QUOTA 86D94008
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 IRP_MJ_SET_SECURITY 86D94008
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 IRP_MJ_SET_VOLUME_INFORMATION 86D94008
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 IRP_MJ_SHUTDOWN 86D94008
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 IRP_MJ_SYSTEM_CONTROL 86D94008
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 IRP_MJ_WRITE 86D94008
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-e IRP_MJ_CLEANUP 86D94008
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-e IRP_MJ_CLOSE 86D94008
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-e IRP_MJ_CREATE 86D94008
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-e IRP_MJ_CREATE_MAILSLOT 86D94008
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-e IRP_MJ_CREATE_NAMED_PIPE 86D94008
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-e IRP_MJ_DEVICE_CHANGE 86D94008
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-e IRP_MJ_DEVICE_CONTROL 86D94008
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-e IRP_MJ_DIRECTORY_CONTROL 86D94008
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-e IRP_MJ_FILE_SYSTEM_CONTROL 86D94008
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-e IRP_MJ_FLUSH_BUFFERS 86D94008
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-e IRP_MJ_INTERNAL_DEVICE_CONTROL 86BDD150
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-e IRP_MJ_LOCK_CONTROL 86D94008
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-e IRP_MJ_PNP 86D94008
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-e IRP_MJ_POWER 86D94008
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-e IRP_MJ_QUERY_EA 86D94008
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-e IRP_MJ_QUERY_INFORMATION 86D94008
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-e IRP_MJ_QUERY_QUOTA 86D94008
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-e IRP_MJ_QUERY_SECURITY 86D94008
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-e IRP_MJ_QUERY_VOLUME_INFORMATION 86D94008
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-e IRP_MJ_READ 86D94008
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-e IRP_MJ_SET_EA 86D94008
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-e IRP_MJ_SET_INFORMATION 86D94008
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-e IRP_MJ_SET_QUOTA 86D94008
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-e IRP_MJ_SET_SECURITY 86D94008
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-e IRP_MJ_SET_VOLUME_INFORMATION 86D94008
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-e IRP_MJ_SHUTDOWN 86D94008
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-e IRP_MJ_SYSTEM_CONTROL 86D94008
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-e IRP_MJ_WRITE 86D94008
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_CLEANUP 86D94008
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_CLOSE 86D94008
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_CREATE 86D94008
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_CREATE_MAILSLOT 86D94008
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_CREATE_NAMED_PIPE 86D94008
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_DEVICE_CHANGE 86D94008
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_DEVICE_CONTROL 86D94008
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_DIRECTORY_CONTROL 86D94008
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_FILE_SYSTEM_CONTROL 86D94008
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_FLUSH_BUFFERS 86D94008
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_INTERNAL_DEVICE_CONTROL 86BDD150
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_LOCK_CONTROL 86D94008
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_PNP 86D94008
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_POWER 86D94008
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_QUERY_EA 86D94008
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_QUERY_INFORMATION 86D94008
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_QUERY_QUOTA 86D94008
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_QUERY_SECURITY 86D94008
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_QUERY_VOLUME_INFORMATION 86D94008
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_READ 86D94008
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_SET_EA 86D94008
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_SET_INFORMATION 86D94008
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_SET_QUOTA 86D94008
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_SET_SECURITY 86D94008
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_SET_VOLUME_INFORMATION 86D94008
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_SHUTDOWN 86D94008
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_SYSTEM_CONTROL 86D94008
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_WRITE 86D94008
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_CLEANUP 86D94008
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_CLOSE 86D94008
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_CREATE 86D94008
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_CREATE_MAILSLOT 86D94008
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_CREATE_NAMED_PIPE 86D94008
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_DEVICE_CHANGE 86D94008
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_DEVICE_CONTROL 86D94008
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_DIRECTORY_CONTROL 86D94008
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_FILE_SYSTEM_CONTROL 86D94008
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_FLUSH_BUFFERS 86D94008
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_INTERNAL_DEVICE_CONTROL 86BDD150
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_LOCK_CONTROL 86D94008
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_PNP 86D94008
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_POWER 86D94008
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_QUERY_EA 86D94008
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_QUERY_INFORMATION 86D94008
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_QUERY_QUOTA 86D94008
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_QUERY_SECURITY 86D94008
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_QUERY_VOLUME_INFORMATION 86D94008
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_READ 86D94008
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_SET_EA 86D94008
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_SET_INFORMATION 86D94008
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_SET_QUOTA 86D94008
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_SET_SECURITY 86D94008
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_SET_VOLUME_INFORMATION 86D94008
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_SHUTDOWN 86D94008
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_SYSTEM_CONTROL 86D94008
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_WRITE 86D94008
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_CLEANUP 86CA0408
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_CLOSE 86CA0408
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_CREATE 86CA0408
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_CREATE_MAILSLOT 86CA0408
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_CREATE_NAMED_PIPE 86CA0408
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_DEVICE_CHANGE 86CA0408
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_DEVICE_CONTROL 86BCC150
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_DIRECTORY_CONTROL 86CA0408
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_FILE_SYSTEM_CONTROL 86CA0408
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_FLUSH_BUFFERS 86CA0408
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_INTERNAL_DEVICE_CONTROL 86CA0408
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_LOCK_CONTROL 86CA0408
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_PNP 86CA0408
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_POWER 86CA0408
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_QUERY_EA 86CA0408
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_QUERY_INFORMATION 86CA0408
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_QUERY_QUOTA 86CA0408
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_QUERY_SECURITY 86CA0408
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_QUERY_VOLUME_INFORMATION 86CA0408
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_READ 86C42628
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_SET_EA 86CA0408
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_SET_INFORMATION 86CA0408
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_SET_QUOTA 86CA0408
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_SET_SECURITY 86CA0408
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_SET_VOLUME_INFORMATION 86CA0408
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_SHUTDOWN 86CA0408
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_SYSTEM_CONTROL 86CA0408
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_WRITE 86CA0408
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_CLEANUP 86CA0408
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_CLOSE 86CA0408
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_CREATE 86CA0408
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_CREATE_MAILSLOT 86CA0408
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_CREATE_NAMED_PIPE 86CA0408
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_DEVICE_CHANGE 86CA0408
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_DEVICE_CONTROL 86BCC150
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_DIRECTORY_CONTROL 86CA0408
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_FILE_SYSTEM_CONTROL 86CA0408
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_FLUSH_BUFFERS 86CA0408
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_INTERNAL_DEVICE_CONTROL 86CA0408
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_LOCK_CONTROL 86CA0408
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_PNP 86CA0408
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_POWER 86CA0408
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_QUERY_EA 86CA0408
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_QUERY_INFORMATION 86CA0408
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_QUERY_QUOTA 86CA0408
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_QUERY_SECURITY 86CA0408
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_QUERY_VOLUME_INFORMATION 86CA0408
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_READ 86C42628
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_SET_EA 86CA0408
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_SET_INFORMATION 86CA0408
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_SET_QUOTA 86CA0408
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_SET_SECURITY 86CA0408
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_SET_VOLUME_INFORMATION 86CA0408
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_SHUTDOWN 86CA0408
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_SYSTEM_CONTROL 86CA0408
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_WRITE 86CA0408
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_CLEANUP 86CA0408
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_CLOSE 86CA0408
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_CREATE 86CA0408
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_CREATE_MAILSLOT 86CA0408
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_CREATE_NAMED_PIPE 86CA0408
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_DEVICE_CHANGE 86CA0408
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_DEVICE_CONTROL 86BCC150
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_DIRECTORY_CONTROL 86CA0408
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_FILE_SYSTEM_CONTROL 86CA0408
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_FLUSH_BUFFERS 86CA0408
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_INTERNAL_DEVICE_CONTROL 86CA0408
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_LOCK_CONTROL 86CA0408
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_PNP 86CA0408
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_POWER 86CA0408
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_QUERY_EA 86CA0408
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_QUERY_INFORMATION 86CA0408
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_QUERY_QUOTA 86CA0408
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_QUERY_SECURITY 86CA0408
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_QUERY_VOLUME_INFORMATION 86CA0408
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_READ 86C42628
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_SET_EA 86CA0408
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_SET_INFORMATION 86CA0408
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_SET_QUOTA 86CA0408
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_SET_SECURITY 86CA0408
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_SET_VOLUME_INFORMATION 86CA0408
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_SHUTDOWN 86CA0408
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_SYSTEM_CONTROL 86CA0408
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_WRITE 86CA0408
Device \Driver\Cdrom \Device\CdRom3 IRP_MJ_CLEANUP 86CA0408
Device \Driver\Cdrom \Device\CdRom3 IRP_MJ_CLOSE 86CA0408
Device \Driver\Cdrom \Device\CdRom3 IRP_MJ_CREATE 86CA0408
Device \Driver\Cdrom \Device\CdRom3 IRP_MJ_CREATE_MAILSLOT 86CA0408
Device \Driver\Cdrom \Device\CdRom3 IRP_MJ_CREATE_NAMED_PIPE 86CA0408
Device \Driver\Cdrom \Device\CdRom3 IRP_MJ_DEVICE_CHANGE 86CA0408
Device \Driver\Cdrom \Device\CdRom3 IRP_MJ_DEVICE_CONTROL 86BCC150
Device \Driver\Cdrom \Device\CdRom3 IRP_MJ_DIRECTORY_CONTROL 86CA0408
Device \Driver\Cdrom \Device\CdRom3 IRP_MJ_FILE_SYSTEM_CONTROL 86CA0408
Device \Driver\Cdrom \Device\CdRom3 IRP_MJ_FLUSH_BUFFERS 86CA0408
Device \Driver\Cdrom \Device\CdRom3 IRP_MJ_INTERNAL_DEVICE_CONTROL 86CA0408
Device \Driver\Cdrom \Device\CdRom3 IRP_MJ_LOCK_CONTROL 86CA0408
Device \Driver\Cdrom \Device\CdRom3 IRP_MJ_PNP 86CA0408
Device \Driver\Cdrom \Device\CdRom3 IRP_MJ_POWER 86CA0408
Device \Driver\Cdrom \Device\CdRom3 IRP_MJ_QUERY_EA 86CA0408
Device \Driver\Cdrom \Device\CdRom3 IRP_MJ_QUERY_INFORMATION 86CA0408
Device \Driver\Cdrom \Device\CdRom3 IRP_MJ_QUERY_QUOTA 86CA0408
Device \Driver\Cdrom \Device\CdRom3 IRP_MJ_QUERY_SECURITY 86CA0408
Device \Driver\Cdrom \Device\CdRom3 IRP_MJ_QUERY_VOLUME_INFORMATION 86CA0408
Device \Driver\Cdrom \Device\CdRom3 IRP_MJ_READ 86C42628
Device \Driver\Cdrom \Device\CdRom3 IRP_MJ_SET_EA 86CA0408
Device \Driver\Cdrom \Device\CdRom3 IRP_MJ_SET_INFORMATION 86CA0408
Device \Driver\Cdrom \Device\CdRom3 IRP_MJ_SET_QUOTA 86CA0408
Device \Driver\Cdrom \Device\CdRom3 IRP_MJ_SET_SECURITY 86CA0408
Device \Driver\Cdrom \Device\CdRom3 IRP_MJ_SET_VOLUME_INFORMATION 86CA0408
Device \Driver\Cdrom \Device\CdRom3 IRP_MJ_SHUTDOWN 86CA0408
Device \Driver\Cdrom \Device\CdRom3 IRP_MJ_SYSTEM_CONTROL 86CA0408
Device \Driver\Cdrom \Device\CdRom3 IRP_MJ_WRITE 86CA0408
Device \Driver\d347prt \Device\Scsi\d347prt1 IRP_MJ_CLEANUP 86AC2C90
Device \Driver\d347prt \Device\Scsi\d347prt1 IRP_MJ_CLOSE 86AC2C90
Device \Driver\d347prt \Device\Scsi\d347prt1 IRP_MJ_CREATE 86AC2C90
Device \Driver\d347prt \Device\Scsi\d347prt1 IRP_MJ_CREATE_MAILSLOT 86AC2C90
Device \Driver\d347prt \Device\Scsi\d347prt1 IRP_MJ_CREATE_NAMED_PIPE 86AC2C90
Device \Driver\d347prt \Device\Scsi\d347prt1 IRP_MJ_DEVICE_CHANGE 86AC2C90
Device \Driver\d347prt \Device\Scsi\d347prt1 IRP_MJ_DEVICE_CONTROL 86AC2C90
Device \Driver\d347prt \Device\Scsi\d347prt1 IRP_MJ_DIRECTORY_CONTROL 86AC2C90
Device \Driver\d347prt \Device\Scsi\d347prt1 IRP_MJ_FILE_SYSTEM_CONTROL 86AC2C90
Device \Driver\d347prt \Device\Scsi\d347prt1 IRP_MJ_FLUSH_BUFFERS 86AC2C90
Device \Driver\d347prt \Device\Scsi\d347prt1 IRP_MJ_INTERNAL_DEVICE_CONTROL 86F55158
Device \Driver\d347prt \Device\Scsi\d347prt1 IRP_MJ_LOCK_CONTROL 86AC2C90
Device \Driver\d347prt \Device\Scsi\d347prt1 IRP_MJ_PNP 86AC2C90
Device \Driver\d347prt \Device\Scsi\d347prt1 IRP_MJ_POWER 86AC2C90
Device \Driver\d347prt \Device\Scsi\d347prt1 IRP_MJ_QUERY_EA 86AC2C90
Device \Driver\d347prt \Device\Scsi\d347prt1 IRP_MJ_QUERY_INFORMATION 86AC2C90
Device \Driver\d347prt \Device\Scsi\d347prt1 IRP_MJ_QUERY_QUOTA 86AC2C90
Device \Driver\d347prt \Device\Scsi\d347prt1 IRP_MJ_QUERY_SECURITY 86AC2C90
Device \Driver\d347prt \Device\Scsi\d347prt1 IRP_MJ_QUERY_VOLUME_INFORMATION 86AC2C90
Device \Driver\d347prt \Device\Scsi\d347prt1 IRP_MJ_READ 86AC2C90
Device \Driver\d347prt \Device\Scsi\d347prt1 IRP_MJ_SET_EA 86AC2C90
Device \Driver\d347prt \Device\Scsi\d347prt1 IRP_MJ_SET_INFORMATION 86AC2C90
Device \Driver\d347prt \Device\Scsi\d347prt1 IRP_MJ_SET_QUOTA 86AC2C90
Device \Driver\d347prt \Device\Scsi\d347prt1 IRP_MJ_SET_SECURITY 86AC2C90
Device \Driver\d347prt \Device\Scsi\d347prt1 IRP_MJ_SET_VOLUME_INFORMATION 86AC2C90
Device \Driver\d347prt \Device\Scsi\d347prt1 IRP_MJ_SHUTDOWN 86AC2C90
Device \Driver\d347prt \Device\Scsi\d347prt1 IRP_MJ_SYSTEM_CONTROL 86AC2C90
Device \Driver\d347prt \Device\Scsi\d347prt1 IRP_MJ_WRITE 86AC2C90
Device \Driver\d347prt \Device\Scsi\d347prt1Port2Path0Target0Lun0 IRP_MJ_CLEANUP 86AC2C90
Device \Driver\d347prt \Device\Scsi\d347prt1Port2Path0Target0Lun0 IRP_MJ_CLOSE 86AC2C90
Device \Driver\d347prt \Device\Scsi\d347prt1Port2Path0Target0Lun0 IRP_MJ_CREATE 86AC2C90
Device \Driver\d347prt \Device\Scsi\d347prt1Port2Path0Target0Lun0 IRP_MJ_CREATE_MAILSLOT 86AC2C90
Device \Driver\d347prt \Device\Scsi\d347prt1Port2Path0Target0Lun0 IRP_MJ_CREATE_NAMED_PIPE 86AC2C90
Device \Driver\d347prt \Device\Scsi\d347prt1Port2Path0Target0Lun0 IRP_MJ_DEVICE_CHANGE 86AC2C90
Device \Driver\d347prt \Device\Scsi\d347prt1Port2Path0Target0Lun0 IRP_MJ_DEVICE_CONTROL 86AC2C90
Device \Driver\d347prt \Device\Scsi\d347prt1Port2Path0Target0Lun0 IRP_MJ_DIRECTORY_CONTROL 86AC2C90
Device \Driver\d347prt \Device\Scsi\d347prt1Port2Path0Target0Lun0 IRP_MJ_FILE_SYSTEM_CONTROL 86AC2C90
Device \Driver\d347prt \Device\Scsi\d347prt1Port2Path0Target0Lun0 IRP_MJ_FLUSH_BUFFERS 86AC2C90
Device \Driver\d347prt \Device\Scsi\d347prt1Port2Path0Target0Lun0 IRP_MJ_INTERNAL_DEVICE_CONTROL 86F55158
Device \Driver\d347prt \Device\Scsi\d347prt1Port2Path0Target0Lun0 IRP_MJ_LOCK_CONTROL 86AC2C90
Device \Driver\d347prt \Device\Scsi\d347prt1Port2Path0Target0Lun0 IRP_MJ_PNP 86AC2C90
Device \Driver\d347prt \Device\Scsi\d347prt1Port2Path0Target0Lun0 IRP_MJ_POWER 86AC2C90
Device \Driver\d347prt \Device\Scsi\d347prt1Port2Path0Target0Lun0 IRP_MJ_QUERY_EA 86AC2C90
Device \Driver\d347prt \Device\Scsi\d347prt1Port2Path0Target0Lun0 IRP_MJ_QUERY_INFORMATION 86AC2C90
Device \Driver\d347prt \Device\Scsi\d347prt1Port2Path0Target0Lun0 IRP_MJ_QUERY_QUOTA 86AC2C90
Device \Driver\d347prt \Device\Scsi\d347prt1Port2Path0Target0Lun0 IRP_MJ_QUERY_SECURITY 86AC2C90
Device \Driver\d347prt \Device\Scsi\d347prt1Port2Path0Target0Lun0 IRP_MJ_QUERY_VOLUME_INFORMATION 86AC2C90
Device \Driver\d347prt \Device\Scsi\d347prt1Port2Path0Target0Lun0 IRP_MJ_READ 86AC2C90
Device \Driver\d347prt \Device\Scsi\d347prt1Port2Path0Target0Lun0 IRP_MJ_SET_EA 86AC2C90
Device \Driver\d347prt \Device\Scsi\d347prt1Port2Path0Target0Lun0 IRP_MJ_SET_INFORMATION 86AC2C90
Device \Driver\d347prt \Device\Scsi\d347prt1Port2Path0Target0Lun0 IRP_MJ_SET_QUOTA 86AC2C90
Device \Driver\d347prt \Device\Scsi\d347prt1Port2Path0Target0Lun0 IRP_MJ_SET_SECURITY 86AC2C90
Device \Driver\d347prt \Device\Scsi\d347prt1Port2Path0Target0Lun0 IRP_MJ_SET_VOLUME_INFORMATION 86AC2C90
Device \Driver\d347prt \Device\Scsi\d347prt1Port2Path0Target0Lun0 IRP_MJ_SHUTDOWN 86AC2C90
Device \Driver\d347prt \Device\Scsi\d347prt1Port2Path0Target0Lun0 IRP_MJ_SYSTEM_CONTROL 86AC2C90
Device \Driver\d347prt \Device\Scsi\d347prt1Port2Path0Target0Lun0 IRP_MJ_WRITE 86AC2C90
Device \Driver\st3wolf \Device\Scsi\st3wolf1 IRP_MJ_CLEANUP 86DD5F00
Device \Driver\st3wolf \Device\Scsi\st3wolf1 IRP_MJ_CLOSE 86DD5F00
Device \Driver\st3wolf \Device\Scsi\st3wolf1 IRP_MJ_CREATE 86DD5F00
Device \Driver\st3wolf \Device\Scsi\st3wolf1 IRP_MJ_CREATE_MAILSLOT 86DD5F00
Device \Driver\st3wolf \Device\Scsi\st3wolf1 IRP_MJ_CREATE_NAMED_PIPE 86DD5F00
Device \Driver\st3wolf \Device\Scsi\st3wolf1 IRP_MJ_DEVICE_CHANGE 86DD5F00
Device \Driver\st3wolf \Device\Scsi\st3wolf1 IRP_MJ_DEVICE_CONTROL 86DD5F00
Device \Driver\st3wolf \Device\Scsi\st3wolf1 IRP_MJ_DIRECTORY_CONTROL 86DD5F00
Device \Driver\st3wolf \Device\Scsi\st3wolf1 IRP_MJ_FILE_SYSTEM_CONTROL 86DD5F00
Device \Driver\st3wolf \Device\Scsi\st3wolf1 IRP_MJ_FLUSH_BUFFERS 86DD5F00
Device \Driver\st3wolf \Device\Scsi\st3wolf1 IRP_MJ_INTERNAL_DEVICE_CONTROL 86C42158
Device \Driver\st3wolf \Device\Scsi\st3wolf1 IRP_MJ_LOCK_CONTROL 86DD5F00
Device \Driver\st3wolf \Device\Scsi\st3wolf1 IRP_MJ_PNP 86DD5F00
Device \Driver\st3wolf \Device\Scsi\st3wolf1 IRP_MJ_POWER 86DD5F00
Device \Driver\st3wolf \Device\Scsi\st3wolf1 IRP_MJ_QUERY_EA 86DD5F00
Device \Driver\st3wolf \Device\Scsi\st3wolf1 IRP_MJ_QUERY_INFORMATION 86DD5F00
Device \Driver\st3wolf \Device\Scsi\st3wolf1 IRP_MJ_QUERY_QUOTA 86DD5F00
Device \Driver\st3wolf \Device\Scsi\st3wolf1 IRP_MJ_QUERY_SECURITY 86DD5F00
Device \Driver\st3wolf \Device\Scsi\st3wolf1 IRP_MJ_QUERY_VOLUME_INFORMATION 86DD5F00
Device \Driver\st3wolf \Device\Scsi\st3wolf1 IRP_MJ_READ 86DD5F00
Device \Driver\st3wolf \Device\Scsi\st3wolf1 IRP_MJ_SET_EA 86DD5F00
Device \Driver\st3wolf \Device\Scsi\st3wolf1 IRP_MJ_SET_INFORMATION 86DD5F00
Device \Driver\st3wolf \Device\Scsi\st3wolf1 IRP_MJ_SET_QUOTA 86DD5F00
Device \Driver\st3wolf \Device\Scsi\st3wolf1 IRP_MJ_SET_SECURITY 86DD5F00
Device \Driver\st3wolf \Device\Scsi\st3wolf1 IRP_MJ_SET_VOLUME_INFORMATION 86DD5F00
Device \Driver\st3wolf \Device\Scsi\st3wolf1 IRP_MJ_SHUTDOWN 86DD5F00
Device \Driver\st3wolf \Device\Scsi\st3wolf1 IRP_MJ_SYSTEM_CONTROL 86DD5F00
Device \Driver\st3wolf \Device\Scsi\st3wolf1 IRP_MJ_WRITE 86DD5F00
Device \Driver\st3wolf \Device\Scsi\st3wolf1Port4Path0Target0Lun0 IRP_MJ_CLEANUP 86DD5F00
Device \Driver\st3wolf \Device\Scsi\st3wolf1Port4Path0Target0Lun0 IRP_MJ_CLOSE 86DD5F00
Device \Driver\st3wolf \Device\Scsi\st3wolf1Port4Path0Target0Lun0 IRP_MJ_CREATE 86DD5F00
Device \Driver\st3wolf \Device\Scsi\st3wolf1Port4Path0Target0Lun0 IRP_MJ_CREATE_MAILSLOT 86DD5F00
Device \Driver\st3wolf \Device\Scsi\st3wolf1Port4Path0Target0Lun0 IRP_MJ_CREATE_NAMED_PIPE 86DD5F00
Device \Driver\st3wolf \Device\Scsi\st3wolf1Port4Path0Target0Lun0 IRP_MJ_DEVICE_CHANGE 86DD5F00
Device \Driver\st3wolf \Device\Scsi\st3wolf1Port4Path0Target0Lun0 IRP_MJ_DEVICE_CONTROL 86DD5F00
Device \Driver\st3wolf \Device\Scsi\st3wolf1Port4Path0Target0Lun0 IRP_MJ_DIRECTORY_CONTROL 86DD5F00
Device \Driver\st3wolf \Device\Scsi\st3wolf1Port4Path0Target0Lun0 IRP_MJ_FILE_SYSTEM_CONTROL 86DD5F00
Device \Driver\st3wolf \Device\Scsi\st3wolf1Port4Path0Target0Lun0 IRP_MJ_FLUSH_BUFFERS 86DD5F00
Device \Driver\st3wolf \Device\Scsi\st3wolf1Port4Path0Target0Lun0 IRP_MJ_INTERNAL_DEVICE_CONTROL 86C42158
Device \Driver\st3wolf \Device\Scsi\st3wolf1Port4Path0Target0Lun0 IRP_MJ_LOCK_CONTROL 86DD5F00
Device \Driver\st3wolf \Device\Scsi\st3wolf1Port4Path0Target0Lun0 IRP_MJ_PNP 86DD5F00
Device \Driver\st3wolf \Device\Scsi\st3wolf1Port4Path0Target0Lun0 IRP_MJ_POWER 86DD5F00
Device \Driver\st3wolf \Device\Scsi\st3wolf1Port4Path0Target0Lun0 IRP_MJ_QUERY_EA 86DD5F00
Device \Driver\st3wolf \Device\Scsi\st3wolf1Port4Path0Target0Lun0 IRP_MJ_QUERY_INFORMATION 86DD5F00
Device \Driver\st3wolf \Device\Scsi\st3wolf1Port4Path0Target0Lun0 IRP_MJ_QUERY_QUOTA 86DD5F00
Device \Driver\st3wolf \Device\Scsi\st3wolf1Port4Path0Target0Lun0 IRP_MJ_QUERY_SECURITY 86DD5F00
Device \Driver\st3wolf \Device\Scsi\st3wolf1Port4Path0Target0Lun0 IRP_MJ_QUERY_VOLUME_INFORMATION 86DD5F00
Device \Driver\st3wolf \Device\Scsi\st3wolf1Port4Path0Target0Lun0 IRP_MJ_READ 86DD5F00
Device \Driver\st3wolf \Device\Scsi\st3wolf1Port4Path0Target0Lun0 IRP_MJ_SET_EA 86DD5F00
Device \Driver\st3wolf \Device\Scsi\st3wolf1Port4Path0Target0Lun0 IRP_MJ_SET_INFORMATION 86DD5F00
Device \Driver\st3wolf \Device\Scsi\st3wolf1Port4Path0Target0Lun0 IRP_MJ_SET_QUOTA 86DD5F00
Device \Driver\st3wolf \Device\Scsi\st3wolf1Port4Path0Target0Lun0 IRP_MJ_SET_SECURITY 86DD5F00
Device \Driver\st3wolf \Device\Scsi\st3wolf1Port4Path0Target0Lun0 IRP_MJ_SET_VOLUME_INFORMATION 86DD5F00
Device \Driver\st3wolf \Device\Scsi\st3wolf1Port4Path0Target0Lun0 IRP_MJ_SHUTDOWN 86DD5F00
Device \Driver\st3wolf \Device\Scsi\st3wolf1Port4Path0Target0Lun0 IRP_MJ_SYSTEM_CONTROL 86DD5F00
Device \Driver\st3wolf \Device\Scsi\st3wolf1Port4Path0Target0Lun0 IRP_MJ_WRITE 86DD5F00
Device \Driver\Tcpip \Device\Ip IRP_MJ_CLEANUP [BAF128A0] vsdatant.sys
Device \Driver\Tcpip \Device\Ip IRP_MJ_CLOSE [BAF128A0] vsdatant.sys
Device \Driver\Tcpip \Device\Ip IRP_MJ_CREATE [BAF128A0] vsdatant.sys
Device \Driver\Tcpip \Device\Ip IRP_MJ_DEVICE_CONTROL [BAF128A0] vsdatant.sys
Device \Driver\Tcpip \Device\Ip IRP_MJ_INTERNAL_DEVICE_CONTROL [BAF128A0] vsdatant.sys
Device \Driver\Tcpip \Device\IPMULTICAST IRP_MJ_CLEANUP [BAF128A0] vsdatant.sys
Device \Driver\Tcpip \Device\IPMULTICAST IRP_MJ_CLOSE [BAF128A0] vsdatant.sys
Device \Driver\Tcpip \Device\IPMULTICAST IRP_MJ_CREATE [BAF128A0] vsdatant.sys
Device \Driver\Tcpip \Device\IPMULTICAST IRP_MJ_DEVICE_CONTROL [BAF128A0] vsdatant.sys
Device \Driver\Tcpip \Device\IPMULTICAST IRP_MJ_INTERNAL_DEVICE_CONTROL [BAF128A0] vsdatant.sys
Device \Driver\Tcpip \Device\RawIp IRP_MJ_CLEANUP [BAF128A0] vsdatant.sys
Device \Driver\Tcpip \Device\RawIp IRP_MJ_CLOSE [BAF128A0] vsdatant.sys
Device \Driver\Tcpip \Device\RawIp IRP_MJ_CREATE [BAF128A0] vsdatant.sys
Device \Driver\Tcpip \Device\RawIp IRP_MJ_DEVICE_CONTROL [BAF128A0] vsdatant.sys
Device \Driver\Tcpip \Device\RawIp IRP_MJ_INTERNAL_DEVICE_CONTROL [BAF128A0] vsdatant.sys
Device \Driver\Tcpip \Device\Tcp IRP_MJ_CLEANUP [BAF128A0] vsdatant.sys
Device \Driver\Tcpip \Device\Tcp IRP_MJ_CLOSE [BAF128A0] vsdatant.sys
Device \Driver\Tcpip \Device\Tcp IRP_MJ_CREATE [BAF128A0] vsdatant.sys
Device \Driver\Tcpip \Device\Tcp IRP_MJ_DEVICE_CONTROL [BAF128A0] vsdatant.sys
Device \Driver\Tcpip \Device\Tcp IRP_MJ_INTERNAL_DEVICE_CONTROL [BAF128A0] vsdatant.sys
Device \Driver\Tcpip \Device\Udp IRP_MJ_CLEANUP [BAF128A0] vsdatant.sys
Device \Driver\Tcpip \Device\Udp IRP_MJ_CLOSE [BAF128A0] vsdatant.sys
Device \Driver\Tcpip \Device\Udp IRP_MJ_CREATE [BAF128A0] vsdatant.sys
Device \Driver\Tcpip \Device\Udp IRP_MJ_DEVICE_CONTROL [BAF128A0] vsdatant.sys
Device \Driver\Tcpip \Device\Udp IRP_MJ_INTERNAL_DEVICE_CONTROL [BAF128A0] vsdatant.sys
Device \Driver\TermDD \Device\RDP_CONSOLE0 IRP_MJ_CLEANUP [BAE8B3CC] scrambler.sys
Device \Driver\TermDD \Device\RDP_CONSOLE0 IRP_MJ_CLOSE [BAE8B3CC] scrambler.sys
Device \Driver\TermDD \Device\RDP_CONSOLE0 IRP_MJ_CREATE [BAE8B3CC] scrambler.sys
Device \Driver\TermDD \Device\RDP_CONSOLE0 IRP_MJ_CREATE_MAILSLOT [BAE8B3CC] scrambler.sys
Device \Driver\TermDD \Device\RDP_CONSOLE0 IRP_MJ_CREATE_NAMED_PIPE [BAE8B3CC] scrambler.sys
Device \Driver\TermDD \Device\RDP_CONSOLE0 IRP_MJ_DEVICE_CHANGE [BAE8B3CC] scrambler.sys
Device \Driver\TermDD \Device\RDP_CONSOLE0 IRP_MJ_DEVICE_CONTROL [BAE8B3CC] scrambler.sys
Device \Driver\TermDD \Device\RDP_CONSOLE0 IRP_MJ_DIRECTORY_CONTROL [BAE8B3CC] scrambler.sys
Device \Driver\TermDD \Device\RDP_CONSOLE0 IRP_MJ_FILE_SYSTEM_CONTROL [BAE8B3CC] scrambler.sys
Device \Driver\TermDD \Device\RDP_CONSOLE0 IRP_MJ_FLUSH_BUFFERS [BAE8B3CC] scrambler.sys
Device \Driver\TermDD \Device\RDP_CONSOLE0 IRP_MJ_INTERNAL_DEVICE_CONTROL [BAE8B3CC] scrambler.sys
Device \Driver\TermDD \Device\RDP_CONSOLE0 IRP_MJ_LOCK_CONTROL [BAE8B3CC] scrambler.sys
Device \Driver\TermDD \Device\RDP_CONSOLE0 IRP_MJ_POWER [BAE8B3CC] scrambler.sys
Device \Driver\TermDD \Device\RDP_CONSOLE0 IRP_MJ_QUERY_EA [BAE8B3CC] scrambler.sys
Device \Driver\TermDD \Device\RDP_CONSOLE0 IRP_MJ_QUERY_INFORMATION [BAE8B3CC] scrambler.sys
Device \Driver\TermDD \Device\RDP_CONSOLE0 IRP_MJ_QUERY_QUOTA [BAE8B3CC] scrambler.sys
Device \Driver\TermDD \Device\RDP_CONSOLE0 IRP_MJ_QUERY_SECURITY [BAE8B3CC] scrambler.sys
Device \Driver\TermDD \Device\RDP_CONSOLE0 IRP_MJ_QUERY_VOLUME_INFORMATION [BAE8B3CC] scrambler.sys
Device \Driver\TermDD \Device\RDP_CONSOLE0 IRP_MJ_READ [BAE8B3CC] scrambler.sys
Device \Driver\TermDD \Device\RDP_CONSOLE0 IRP_MJ_SET_EA [BAE8B3CC] scrambler.sys
Device \Driver\TermDD \Device\RDP_CONSOLE0 IRP_MJ_SET_INFORMATION [BAE8B3CC] scrambler.sys
Device \Driver\TermDD \Device\RDP_CONSOLE0 IRP_MJ_SET_QUOTA [BAE8B3CC] scrambler.sys
Device \Driver\TermDD \Device\RDP_CONSOLE0 IRP_MJ_SET_SECURITY [BAE8B3CC] scrambler.sys
Device \Driver\TermDD \Device\RDP_CONSOLE0 IRP_MJ_SET_VOLUME_INFORMATION [BAE8B3CC] scrambler.sys
Device \Driver\TermDD \Device\RDP_CONSOLE0 IRP_MJ_SHUTDOWN [BAE8B3CC] scrambler.sys
Device \Driver\TermDD \Device\RDP_CONSOLE0 IRP_MJ_SYSTEM_CONTROL [BAE8B3CC] scrambler.sys
Device \Driver\TermDD \Device\RDP_CONSOLE0 IRP_MJ_WRITE [BAE8B3CC] scrambler.sys
Device \Driver\TermDD \Device\RDP_CONSOLE1 IRP_MJ_CLEANUP [BAE8B3CC] scrambler.sys
Device \Driver\TermDD \Device\RDP_CONSOLE1 IRP_MJ_CLOSE [BAE8B3CC] scrambler.sys
Device \Driver\TermDD \Device\RDP_CONSOLE1 IRP_MJ_CREATE [BAE8B3CC] scrambler.sys
Device \Driver\TermDD \Device\RDP_CONSOLE1 IRP_MJ_CREATE_MAILSLOT [BAE8B3CC] scrambler.sys
Device \Driver\TermDD \Device\RDP_CONSOLE1 IRP_MJ_CREATE_NAMED_PIPE [BAE8B3CC] scrambler.sys
Device \Driver\TermDD \Device\RDP_CONSOLE1 IRP_MJ_DEVICE_CHANGE [BAE8B3CC] scrambler.sys
Device \Driver\TermDD \Device\RDP_CONSOLE1 IRP_MJ_DEVICE_CONTROL [BAE8B3CC] scrambler.sys
Device \Driver\TermDD \Device\RDP_CONSOLE1 IRP_MJ_DIRECTORY_CONTROL [BAE8B3CC] scrambler.sys
Device \Driver\TermDD \Device\RDP_CONSOLE1 IRP_MJ_FILE_SYSTEM_CONTROL [BAE8B3CC] scrambler.sys
Device \Driver\TermDD \Device\RDP_CONSOLE1 IRP_MJ_FLUSH_BUFFERS [BAE8B3CC] scrambler.sys
Device \Driver\TermDD \Device\RDP_CONSOLE1 IRP_MJ_INTERNAL_DEVICE_CONTROL [BAE8B3CC] scrambler.sys
Device \Driver\TermDD \Device\RDP_CONSOLE1 IRP_MJ_LOCK_CONTROL [BAE8B3CC] scrambler.sys
Device \Driver\TermDD \Device\RDP_CONSOLE1 IRP_MJ_POWER [BAE8B3CC] scrambler.sys
Device \Driver\TermDD \Device\RDP_CONSOLE1 IRP_MJ_QUERY_EA [BAE8B3CC] scrambler.sys
Device \Driver\TermDD \Device\RDP_CONSOLE1 IRP_MJ_QUERY_INFORMATION [BAE8B3CC] scrambler.sys
Device \Driver\TermDD \Device\RDP_CONSOLE1 IRP_MJ_QUERY_QUOTA [BAE8B3CC] scrambler.sys
Device \Driver\TermDD \Device\RDP_CONSOLE1 IRP_MJ_QUERY_SECURITY [BAE8B3CC] scrambler.sys
Device \Driver\TermDD \Device\RDP_CONSOLE1 IRP_MJ_QUERY_VOLUME_INFORMATION [BAE8B3CC] scrambler.sys
Device \Driver\TermDD \Device\RDP_CONSOLE1 IRP_MJ_READ [BAE8B3CC] scrambler.sys
Device \Driver\TermDD \Device\RDP_CONSOLE1 IRP_MJ_SET_EA [BAE8B3CC] scrambler.sys
Device \Driver\TermDD \Device\RDP_CONSOLE1 IRP_MJ_SET_INFORMATION [BAE8B3CC] scrambler.sys
Device \Driver\TermDD \Device\RDP_CONSOLE1 IRP_MJ_SET_QUOTA [BAE8B3CC] scrambler.sys
Device \Driver\TermDD \Device\RDP_CONSOLE1 IRP_MJ_SET_SECURITY [BAE8B3CC] scrambler.sys
Device \Driver\TermDD \Device\RDP_CONSOLE1 IRP_MJ_SET_VOLUME_INFORMATION [BAE8B3CC] scrambler.sys
Device \Driver\TermDD \Device\RDP_CONSOLE1 IRP_MJ_SHUTDOWN [BAE8B3CC] scrambler.sys
Device \Driver\TermDD \Device\RDP_CONSOLE1 IRP_MJ_SYSTEM_CONTROL [BAE8B3CC] scrambler.sys
Device \Driver\TermDD \Device\RDP_CONSOLE1 IRP_MJ_WRITE [BAE8B3CC] scrambler.sys
Device \Driver\TermDD \Device\Termdd IRP_MJ_CLEANUP [BAE8B3CC] scrambler.sys
Device \Driver\TermDD \Device\Termdd IRP_MJ_CLOSE [BAE8B3CC] scrambler.sys
Device \Driver\TermDD \Device\Termdd IRP_MJ_CREATE [BAE8B3CC] scrambler.sys
Device \Driver\TermDD \Device\Termdd IRP_MJ_CREATE_MAILSLOT [BAE8B3CC] scrambler.sys
Device \Driver\TermDD \Device\Termdd IRP_MJ_CREATE_NAMED_PIPE [BAE8B3CC] scrambler.sys
Device \Driver\TermDD \Device\Termdd IRP_MJ_DEVICE_CHANGE [BAE8B3CC] scrambler.sys
Device \Driver\TermDD \Device\Termdd IRP_MJ_DEVICE_CONTROL [BAE8B3CC] scrambler.sys
Device \Driver\TermDD \Device\Termdd IRP_MJ_DIRECTORY_CONTROL [BAE8B3CC] scrambler.sys
Device \Driver\TermDD \Device\Termdd IRP_MJ_FILE_SYSTEM_CONTROL [BAE8B3CC] scrambler.sys
Device \Driver\TermDD \Device\Termdd IRP_MJ_FLUSH_BUFFERS [BAE8B3CC] scrambler.sys
Device \Driver\TermDD \Device\Termdd IRP_MJ_INTERNAL_DEVICE_CONTROL [BAE8B3CC] scrambler.sys
Device \Driver\TermDD \Device\Termdd IRP_MJ_LOCK_CONTROL [BAE8B3CC] scrambler.sys
Device \Driver\TermDD \Device\Termdd IRP_MJ_POWER [BAE8B3CC] scrambler.sys
Device \Driver\TermDD \Device\Termdd IRP_MJ_QUERY_EA [BAE8B3CC] scrambler.sys
Device \Driver\TermDD \Device\Termdd IRP_MJ_QUERY_INFORMATION [BAE8B3CC] scrambler.sys
Device \Driver\TermDD \Device\Termdd IRP_MJ_QUERY_QUOTA [BAE8B3CC] scrambler.sys
Device \Driver\TermDD \Device\Termdd IRP_MJ_QUERY_SECURITY [BAE8B3CC] scrambler.sys
Device \Driver\TermDD \Device\Termdd IRP_MJ_QUERY_VOLUME_INFORMATION [BAE8B3CC] scrambler.sys
Device \Driver\TermDD \Device\Termdd IRP_MJ_READ [BAE8B3CC] scrambler.sys
Device \Driver\TermDD \Device\Termdd IRP_MJ_SET_EA [BAE8B3CC] scrambler.sys
Device \Driver\TermDD \Device\Termdd IRP_MJ_SET_INFORMATION [BAE8B3CC] scrambler.sys
Device \Driver\TermDD \Device\Termdd IRP_MJ_SET_QUOTA [BAE8B3CC] scrambler.sys
Device \Driver\TermDD \Device\Termdd IRP_MJ_SET_SECURITY [BAE8B3CC] scrambler.sys
Device \Driver\TermDD \Device\Termdd IRP_MJ_SET_VOLUME_INFORMATION [BAE8B3CC] scrambler.sys
Device \Driver\TermDD \Device\Termdd IRP_MJ_SHUTDOWN [BAE8B3CC] scrambler.sys
Device \Driver\TermDD \Device\Termdd IRP_MJ_SYSTEM_CONTROL [BAE8B3CC] scrambler.sys
Device \Driver\TermDD \Device\Termdd IRP_MJ_WRITE [BAE8B3CC] scrambler.sys
Device \Driver\usbehci \Device\USBFDO-2 IRP_MJ_INTERNAL_DEVICE_CONTROL [B88FE3F0] hcmon.sys
Device \Driver\usbehci \Device\USBFDO-5 IRP_MJ_INTERNAL_DEVICE_CONTROL [B88FE3F0] hcmon.sys
Device \Driver\usbhub \Device\00000083 IRP_MJ_PNP [B88FD600] hcmon.sys
Device \Driver\usbhub \Device\00000084 IRP_MJ_PNP [B88FD600] hcmon.sys
Device \Driver\usbhub \Device\00000085 IRP_MJ_PNP [B88FD600] hcmon.sys
Device \Driver\usbhub \Device\00000086 IRP_MJ_PNP [B88FD600] hcmon.sys
Device \Driver\usbhub \Device\00000087 IRP_MJ_PNP [B88FD600] hcmon.sys
Device \Driver\usbuhci \Device\USBFDO-0 IRP_MJ_INTERNAL_DEVICE_CONTROL [B88FE010] hcmon.sys
Device \Driver\usbuhci \Device\USBFDO-1 IRP_MJ_INTERNAL_DEVICE_CONTROL [B88FE010] hcmon.sys
Device \Driver\usbuhci \Device\USBFDO-3 IRP_MJ_INTERNAL_DEVICE_CONTROL [B88FE010] hcmon.sys
Device \Driver\usbuhci \Device\USBFDO-4 IRP_MJ_INTERNAL_DEVICE_CONTROL [B88FE010] hcmon.sys
Device \Driver\usbuhci \Device\USBFDO-6 IRP_MJ_INTERNAL_DEVICE_CONTROL [B88FE010] hcmon.sys
Device \Driver\usbuhci \Device\USBFDO-7 IRP_MJ_INTERNAL_DEVICE_CONTROL [B88FE010] hcmon.sys
Device \Driver\xmasscsi \Device\Scsi\xmasscsi1 IRP_MJ_CLEANUP 86A0A950
Device \Driver\xmasscsi \Device\Scsi\xmasscsi1 IRP_MJ_CLOSE 86A0A950
Device \Driver\xmasscsi \Device\Scsi\xmasscsi1 IRP_MJ_CREATE 86A0A950
Device \Driver\xmasscsi \Device\Scsi\xmasscsi1 IRP_MJ_CREATE_MAILSLOT 86A0A950
Device \Driver\xmasscsi \Device\Scsi\xmasscsi1 IRP_MJ_CREATE_NAMED_PIPE 86A0A950
Device \Driver\xmasscsi \Device\Scsi\xmasscsi1 IRP_MJ_DEVICE_CHANGE 86A0A950
Device \Driver\xmasscsi \Device\Scsi\xmasscsi1 IRP_MJ_DEVICE_CONTROL 86A0A950
Device \Driver\xmasscsi \Device\Scsi\xmasscsi1 IRP_MJ_DIRECTORY_CONTROL 86A0A950
Device \Driver\xmasscsi \Device\Scsi\xmasscsi1 IRP_MJ_FILE_SYSTEM_CONTROL 86A0A950
Device \Driver\xmasscsi \Device\Scsi\xmasscsi1 IRP_MJ_FLUSH_BUFFERS 86A0A950
Device \Driver\xmasscsi \Device\Scsi\xmasscsi1 IRP_MJ_INTERNAL_DEVICE_CONTROL 86BDC158
Device \Driver\xmasscsi \Device\Scsi\xmasscsi1 IRP_MJ_LOCK_CONTROL 86A0A950
Device \Driver\xmasscsi \Device\Scsi\xmasscsi1 IRP_MJ_PNP 86A0A950
Device \Driver\xmasscsi \Device\Scsi\xmasscsi1 IRP_MJ_POWER 86A0A950
Device \Driver\xmasscsi \Device\Scsi\xmasscsi1 IRP_MJ_QUERY_EA 86A0A950
Device \Driver\xmasscsi \Device\Scsi\xmasscsi1 IRP_MJ_QUERY_INFORMATION 86A0A950
Device \Driver\xmasscsi \Device\Scsi\xmasscsi1 IRP_MJ_QUERY_QUOTA 86A0A950
Device \Driver\xmasscsi \Device\Scsi\xmasscsi1 IRP_MJ_QUERY_SECURITY 86A0A950
Device \Driver\xmasscsi \Device\Scsi\xmasscsi1 IRP_MJ_QUERY_VOLUME_INFORMATION 86A0A950
Device \Driver\xmasscsi \Device\Scsi\xmasscsi1 IRP_MJ_READ 86A0A950
Device \Driver\xmasscsi \Device\Scsi\xmasscsi1 IRP_MJ_SET_EA 86A0A950
Device \Driver\xmasscsi \Device\Scsi\xmasscsi1 IRP_MJ_SET_INFORMATION 86A0A950
Device \Driver\xmasscsi \Device\Scsi\xmasscsi1 IRP_MJ_SET_QUOTA 86A0A950
Device \Driver\xmasscsi \Device\Scsi\xmasscsi1 IRP_MJ_SET_SECURITY 86A0A950
Device \Driver\xmasscsi \Device\Scsi\xmasscsi1 IRP_MJ_SET_VOLUME_INFORMATION 86A0A950
Device \Driver\xmasscsi \Device\Scsi\xmasscsi1 IRP_MJ_SHUTDOWN 86A0A950
Device \Driver\xmasscsi \Device\Scsi\xmasscsi1 IRP_MJ_SYSTEM_CONTROL 86A0A950
Device \Driver\xmasscsi \Device\Scsi\xmasscsi1 IRP_MJ_WRITE 86A0A950
Device \Driver\xmasscsi \Device\Scsi\xmasscsi1Port3Path0Target0Lun0 IRP_MJ_CLEANUP 86A0A950
Device \Driver\xmasscsi \Device\Scsi\xmasscsi1Port3Path0Target0Lun0 IRP_MJ_CLOSE 86A0A950
Device \Driver\xmasscsi \Device\Scsi\xmasscsi1Port3Path0Target0Lun0 IRP_MJ_CREATE 86A0A950
Device \Driver\xmasscsi \Device\Scsi\xmasscsi1Port3Path0Target0Lun0 IRP_MJ_CREATE_MAILSLOT 86A0A950
Device \Driver\xmasscsi \Device\Scsi\xmasscsi1Port3Path0Target0Lun0 IRP_MJ_CREATE_NAMED_PIPE 86A0A950
Device \Driver\xmasscsi \Device\Scsi\xmasscsi1Port3Path0Target0Lun0 IRP_MJ_DEVICE_CHANGE 86A0A950
Device \Driver\xmasscsi \Device\Scsi\xmasscsi1Port3Path0Target0Lun0 IRP_MJ_DEVICE_CONTROL 86A0A950
Device \Driver\xmasscsi \Device\Scsi\xmasscsi1Port3Path0Target0Lun0 IRP_MJ_DIRECTORY_CONTROL 86A0A950
Device \Driver\xmasscsi \Device\Scsi\xmasscsi1Port3Path0Target0Lun0 IRP_MJ_FILE_SYSTEM_CONTROL 86A0A950
Device \Driver\xmasscsi \Device\Scsi\xmasscsi1Port3Path0Target0Lun0 IRP_MJ_FLUSH_BUFFERS 86A0A950
Device \Driver\xmasscsi \Device\Scsi\xmasscsi1Port3Path0Target0Lun0 IRP_MJ_INTERNAL_DEVICE_CONTROL 86BDC158
Device \Driver\xmasscsi \Device\Scsi\xmasscsi1Port3Path0Target0Lun0 IRP_MJ_LOCK_CONTROL 86A0A950
Device \Driver\xmasscsi \Device\Scsi\xmasscsi1Port3Path0Target0Lun0 IRP_MJ_PNP 86A0A950
Device \Driver\xmasscsi \Device\Scsi\xmasscsi1Port3Path0Target0Lun0 IRP_MJ_POWER 86A0A950
Device \Driver\xmasscsi \Device\Scsi\xmasscsi1Port3Path0Target0Lun0 IRP_MJ_QUERY_EA 86A0A950
Device \Driver\xmasscsi \Device\Scsi\xmasscsi1Port3Path0Target0Lun0 IRP_MJ_QUERY_INFORMATION 86A0A950
Device \Driver\xmasscsi \Device\Scsi\xmasscsi1Port3Path0Target0Lun0 IRP_MJ_QUERY_QUOTA 86A0A950
Device \Driver\xmasscsi \Device\Scsi\xmasscsi1Port3Path0Target0Lun0 IRP_MJ_QUERY_SECURITY 86A0A950
Device \Driver\xmasscsi \Device\Scsi\xmasscsi1Port3Path0Target0Lun0 IRP_MJ_QUERY_VOLUME_INFORMATION 86A0A950
Device \Driver\xmasscsi \Device\Scsi\xmasscsi1Port3Path0Target0Lun0 IRP_MJ_READ 86A0A950
Device \Driver\xmasscsi \Device\Scsi\xmasscsi1Port3Path0Target0Lun0 IRP_MJ_SET_EA 86A0A950
Device \Driver\xmasscsi \Device\Scsi\xmasscsi1Port3Path0Target0Lun0 IRP_MJ_SET_INFORMATION 86A0A950
Device \Driver\xmasscsi \Device\Scsi\xmasscsi1Port3Path0Target0Lun0 IRP_MJ_SET_QUOTA 86A0A950
Device \Driver\xmasscsi \Device\Scsi\xmasscsi1Port3Path0Target0Lun0 IRP_MJ_SET_SECURITY 86A0A950
Device \Driver\xmasscsi \Device\Scsi\xmasscsi1Port3Path0Target0Lun0 IRP_MJ_SET_VOLUME_INFORMATION 86A0A950
Device \Driver\xmasscsi \Device\Scsi\xmasscsi1Port3Path0Target0Lun0 IRP_MJ_SHUTDOWN 86A0A950
Device \Driver\xmasscsi \Device\Scsi\xmasscsi1Port3Path0Target0Lun0 IRP_MJ_SYSTEM_CONTROL 86A0A950
Device \Driver\xmasscsi \Device\Scsi\xmasscsi1Port3Path0Target0Lun0 IRP_MJ_WRITE 86A0A950
Device \FileSystem\Cdfs \Cdfs IRP_MJ_READ 86C29BF0
Device \FileSystem\Fastfat \Fat IRP_MJ_READ 860722E8
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_READ 860722E8
Device \FileSystem\Fs_Rec \FileSystem\CdfsRecognizer IRP_MJ_READ 86DD3958
Device \FileSystem\Fs_Rec \FileSystem\FatCdRomRecognizer IRP_MJ_READ 86DD3958
Device \FileSystem\Fs_Rec \FileSystem\FatDiskRecognizer IRP_MJ_READ 86DD3958
Device \FileSystem\Fs_Rec \FileSystem\UdfsCdRomRecognizer IRP_MJ_READ 86DD3958
Device \FileSystem\Fs_Rec \FileSystem\UdfsDiskRecognizer IRP_MJ_READ 86DD3958
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_READ 86BC08E0
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_READ 86BC08E0
Device \FileSystem\Msfs \Device\Mailslot IRP_MJ_READ 86DD3E08
Device \FileSystem\Npfs \Device\NamedPipe IRP_MJ_READ 86DD2A48
Device \FileSystem\Ntfs \Ntfs IRP_MJ_READ 86F76290
Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_READ 86CE3A88
Device \FileSystem\Srv \Device\LanmanServer IRP_MJ_READ 86071D88

SSDT \SystemRoot\System32\vsdatant.sys ZwConnectPort
SSDT \SystemRoot\System32\vsdatant.sys ZwCreateFile
SSDT \SystemRoot\System32\vsdatant.sys ZwCreateKey
SSDT \SystemRoot\System32\vsdatant.sys ZwCreatePort
SSDT \SystemRoot\System32\vsdatant.sys ZwCreateWaitablePort
SSDT \SystemRoot\System32\vsdatant.sys ZwDeleteFile
SSDT \SystemRoot\System32\vsdatant.sys ZwDeleteKey
SSDT \SystemRoot\System32\vsdatant.sys ZwDeleteValueKey
SSDT \SystemRoot\System32\vsdatant.sys ZwLoadDriver
SSDT \SystemRoot\System32\vsdatant.sys ZwLoadKey
SSDT \SystemRoot\System32\vsdatant.sys ZwMapViewOfSection
SSDT \SystemRoot\System32\vsdatant.sys ZwOpenFile
SSDT \SystemRoot\System32\vsdatant.sys ZwOpenThread
SSDT \SystemRoot\System32\vsdatant.sys ZwReplaceKey
SSDT \SystemRoot\System32\vsdatant.sys ZwRequestWaitReplyPort
SSDT \SystemRoot\System32\vsdatant.sys ZwRestoreKey
SSDT \SystemRoot\System32\vsdatant.sys ZwSecureConnectPort
SSDT \SystemRoot\System32\vsdatant.sys ZwSetSystemInformation
SSDT \SystemRoot\System32\vsdatant.sys ZwSetValueKey
SSDT \SystemRoot\System32\vsdatant.sys ZwUnloadDriver

---- Modules - GMER 1.0.12 ----

Module _________ F7769000

---- User code sections - GMER 1.0.12 ----

.text C:\DOCUME~1\rec\IMPOST~1\Temp\Rar$EX00.053\gmer.exe[3908] USER32.dll!CallWindowProcA 7E39F642 5 Bytes JMP 00351FF0
.text C:\DOCUME~1\rec\IMPOST~1\Temp\Rar$EX00.053\gmer.exe[3908] USER32.dll!CallWindowProcW 7E39C64A 5 Bytes JMP 00352048
.text C:\DOCUME~1\rec\IMPOST~1\Temp\Rar$EX00.053\gmer.exe[3908] USER32.dll!GetKeyboardState 7E39EF29 5 Bytes JMP 00352200
.text C:\DOCUME~1\rec\IMPOST~1\Temp\Rar$EX00.053\gmer.exe[3908] USER32.dll!GetWindowTextA 7E3B212B 5 Bytes JMP 00351E90
.text C:\DOCUME~1\rec\IMPOST~1\Temp\Rar$EX00.053\gmer.exe[3908] USER32.dll!GetWindowTextW 7E39CDB6 5 Bytes JMP 00351EE8
.text C:\DOCUME~1\rec\IMPOST~1\Temp\Rar$EX00.053\gmer.exe[3908] USER32.dll!SendMessageA 7E3AF383 5 Bytes JMP 00351F40
.text C:\DOCUME~1\rec\IMPOST~1\Temp\Rar$EX00.053\gmer.exe[3908] USER32.dll!SendMessageCallbackA 7E3EAF01 5 Bytes JMP 00352150
.text C:\DOCUME~1\rec\IMPOST~1\Temp\Rar$EX00.053\gmer.exe[3908] USER32.dll!SendMessageCallbackW 7E39F306 5 Bytes JMP 003521A8
.text C:\DOCUME~1\rec\IMPOST~1\Temp\Rar$EX00.053\gmer.exe[3908] USER32.dll!SendMessageTimeoutA 7E3AFB2B 5 Bytes JMP 003520A0
.text C:\DOCUME~1\rec\IMPOST~1\Temp\Rar$EX00.053\gmer.exe[3908] USER32.dll!SendMessageTimeoutW 7E39ED72 5 Bytes JMP 003520F8
.text C:\DOCUME~1\rec\IMPOST~1\Temp\Rar$EX00.053\gmer.exe[3908] USER32.dll!SendMessageW 7E39B8BA 5 Bytes JMP 00351F98
.text C:\Programmi\eMule\emule.exe[2292] USER32.dll!CallWindowProcA 7E39F642 5 Bytes JMP 00361FF0
.text C:\Programmi\eMule\emule.exe[2292] USER32.dll!CallWindowProcW 7E39C64A 5 Bytes JMP 00362048
.text C:\Programmi\eMule\emule.exe[2292] USER32.dll!GetKeyboardState 7E39EF29 5 Bytes JMP 00362200
.text C:\Programmi\eMule\emule.exe[2292] USER32.dll!GetWindowTextA 7E3B212B 5 Bytes JMP 00361E90
.text C:\Programmi\eMule\emule.exe[2292] USER32.dll!GetWindowTextW 7E39CDB6 5 Bytes JMP 00361EE8
.text C:\Programmi\eMule\emule.exe[2292] USER32.dll!SendMessageA 7E3AF383 5 Bytes JMP 00361F40
.text C:\Programmi\eMule\emule.exe[2292] USER32.dll!SendMessageCallbackA 7E3EAF01 5 Bytes JMP 00362150
.text C:\Programmi\eMule\emule.exe[2292] USER32.dll!SendMessageCallbackW 7E39F306 5 Bytes JMP 003621A8
.text C:\Programmi\eMule\emule.exe[2292] USER32.dll!SendMessageTimeoutA 7E3AFB2B 5 Bytes JMP 003620A0
.text C:\Programmi\eMule\emule.exe[2292] USER32.dll!SendMessageTimeoutW 7E39ED72 5 Bytes JMP 003620F8
.text C:\Programmi\eMule\emule.exe[2292] USER32.dll!SendMessageW 7E39B8BA 5 Bytes JMP 00361F98
.text C:\Programmi\ESET\nod32krn.exe[1372] USER32.dll!CallWindowProcA 7E39F642 5 Bytes JMP 00341FF0
.text C:\Programmi\ESET\nod32krn.exe[1372] USER32.dll!CallWindowProcW 7E39C64A 5 Bytes JMP 00342048
.text C:\Programmi\ESET\nod32krn.exe[1372] USER32.dll!GetKeyboardState 7E39EF29 5 Bytes JMP 00342200
.text C:\Programmi\ESET\nod32krn.exe[1372] USER32.dll!GetWindowTextA 7E3B212B 5 Bytes JMP 00341E90
.text C:\Programmi\ESET\nod32krn.exe[1372] USER32.dll!GetWindowTextW 7E39CDB6 5 Bytes JMP 00341EE8
.text C:\Programmi\ESET\nod32krn.exe[1372] USER32.dll!SendMessageA 7E3AF383 5 Bytes JMP 00341F40
.text C:\Programmi\ESET\nod32krn.exe[1372] USER32.dll!SendMessageCallbackA 7E3EAF01 5 Bytes JMP 00342150
.text C:\Programmi\ESET\nod32krn.exe[1372] USER32.dll!SendMessageCallbackW 7E39F306 5 Bytes JMP 003421A8
.text C:\Programmi\ESET\nod32krn.exe[1372] USER32.dll!SendMessageTimeoutA 7E3AFB2B 5 Bytes JMP 003420A0
.text C:\Programmi\ESET\nod32krn.exe[1372] USER32.dll!SendMessageTimeoutW 7E39ED72 5 Bytes JMP 003420F8
.text C:\Programmi\ESET\nod32krn.exe[1372] USER32.dll!SendMessageW 7E39B8BA 5 Bytes JMP 00341F98
.text C:\Programmi\File comuni\Microsoft Shared\VS7DEBUG\MDM.EXE[1340] USER32.dll!CallWindowProcA 7E39F642 5 Bytes JMP 00341FF0
.text C:\Programmi\File comuni\Microsoft Shared\VS7DEBUG\MDM.EXE[1340] USER32.dll!CallWindowProcW 7E39C64A 5 Bytes JMP 00342048
.text C:\Programmi\File comuni\Microsoft Shared\VS7DEBUG\MDM.EXE[1340] USER32.dll!GetKeyboardState 7E39EF29 5 Bytes JMP 00342200
.text C:\Programmi\File comuni\Microsoft Shared\VS7DEBUG\MDM.EXE[1340] USER32.dll!GetWindowTextA 7E3B212B 5 Bytes JMP 00341E90
.text C:\Programmi\File comuni\Microsoft Shared\VS7DEBUG\MDM.EXE[1340] USER32.dll!GetWindowTextW 7E39CDB6 5 Bytes JMP 00341EE8
.text C:\Programmi\File comuni\Microsoft Shared\VS7DEBUG\MDM.EXE[1340] USER32.dll!SendMessageA 7E3AF383 5 Bytes JMP 00341F40
.text C:\Programmi\File comuni\Microsoft Shared\VS7DEBUG\MDM.EXE[1340] USER32.dll!SendMessageCallbackA 7E3EAF01 5 Bytes JMP 00342150
.text C:\Programmi\File comuni\Microsoft Shared\VS7DEBUG\MDM.EXE[1340] USER32.dll!SendMessageCallbackW 7E39F306 5 Bytes JMP 003421A8
.text C:\Programmi\File comuni\Microsoft Shared\VS7DEBUG\MDM.EXE[1340] USER32.dll!SendMessageTimeoutA 7E3AFB2B 5 Bytes JMP 003420A0
.text C:\Programmi\File comuni\Microsoft Shared\VS7DEBUG\MDM.EXE[1340] USER32.dll!SendMessageTimeoutW 7E39ED72 5 Bytes JMP 003420F8
.text C:\Programmi\File comuni\Microsoft Shared\VS7DEBUG\MDM.EXE[1340] USER32.dll!SendMessageW 7E39B8BA 5 Bytes JMP 00341F98
.text C:\Programmi\File comuni\Symantec Shared\CCEVTMGR.EXE[600] USER32.dll!CallWindowProcA 7E39F642 5 Bytes JMP 00341FF0
.text C:\Programmi\File comuni\Symantec Shared\CCEVTMGR.EXE[600] USER32.dll!CallWindowProcW 7E39C64A 5 Bytes JMP 00342048
.text C:\Programmi\File comuni\Symantec Shared\CCEVTMGR.EXE[600] USER32.dll!GetKeyboardState 7E39EF29 5 Bytes JMP 00342200
.text C:\Programmi\File comuni\Symantec Shared\CCEVTMGR.EXE[600] USER32.dll!GetWindowTextA 7E3B212B 5 Bytes JMP 00341E90
.text C:\Programmi\File comuni\Symantec Shared\CCEVTMGR.EXE[600] USER32.dll!GetWindowTextW 7E39CDB6 5 Bytes JMP 00341EE8
.text C:\Programmi\File comuni\Symantec Shared\CCEVTMGR.EXE[600] USER32.dll!SendMessageA 7E3AF383 5 Bytes JMP 00341F40
.text C:\Programmi\File comuni\Symantec Shared\CCEVTMGR.EXE[600] USER32.dll!SendMessageCallbackA 7E3EAF01 5 Bytes JMP 00342150
.text C:\Programmi\File comuni\Symantec Shared\CCEVTMGR.EXE[600] USER32.dll!SendMessageCallbackW 7E39F306 5 Bytes JMP 003421A8
.text C:\Programmi\File comuni\Symantec Shared\CCEVTMGR.EXE[600] USER32.dll!SendMessageTimeoutA 7E3AFB2B 5 Bytes JMP 003420A0
.text C:\Programmi\File comuni\Symantec Shared\CCEVTMGR.EXE[600] USER32.dll!SendMessageTimeoutW 7E39ED72 5 Bytes JMP 003420F8
.text C:\Programmi\File comuni\Symantec Shared\CCEVTMGR.EXE[600] USER32.dll!SendMessageW 7E39B8BA 5 Bytes JMP 00341F98
.text C:\Programmi\File comuni\Symantec Shared\CCSETMGR.EXE[548] USER32.dll!CallWindowProcA 7E39F642 5 Bytes JMP 00341FF0
.text C:\Programmi\File comuni\Symantec Shared\CCSETMGR.EXE[548] USER32.dll!CallWindowProcW 7E39C64A 5 Bytes JMP 00342048
.text C:\Programmi\File comuni\Symantec Shared\CCSETMGR.EXE[548] USER32.dll!GetKeyboardState 7E39EF29 5 Bytes JMP 00342200
.text C:\Programmi\File comuni\Symantec Shared\CCSETMGR.EXE[548] USER32.dll!GetWindowTextA 7E3B212B 5 Bytes JMP 00341E90
.text C:\Programmi\File comuni\Symantec Shared\CCSETMGR.EXE[548] USER32.dll!GetWindowTextW 7E39CDB6 5 Bytes JMP 00341EE8
.text C:\Programmi\File comuni\Symantec Shared\CCSETMGR.EXE[548] USER32.dll!SendMessageA 7E3AF383 5 Bytes JMP 00341F40
.text C:\Programmi\File comuni\Symantec Shared\CCSETMGR.EXE[548] USER32.dll!SendMessageCallbackA 7E3EAF01 5 Bytes JMP 00342150
.text C:\Programmi\File comuni\Symantec Shared\CCSETMGR.EXE[548] USER32.dll!SendMessageCallbackW 7E39F306 5 Bytes JMP 003421A8
.text C:\Programmi\File comuni\Symantec Shared\CCSETMGR.EXE[548] USER32.dll!SendMessageTimeoutA 7E3AFB2B 5 Bytes JMP 003420A0
.text C:\Programmi\File comuni\Symantec Shared\CCSETMGR.EXE[548] USER32.dll!SendMessageTimeoutW 7E39ED72 5 Bytes JMP 003420F8
.text C:\Programmi\File comuni\Symantec Shared\CCSETMGR.EXE[548] USER32.dll!SendMessageW 7E39B8BA 5 Bytes JMP 00341F98
.text C:\Programmi\File comuni\VMware\VMware Virtual Image Editing\vmount2.exe[1292] USER32.dll!CallWindowProcA 7E39F642 5 Bytes JMP 00341FF0
.text C:\Programmi\File comuni\VMware\VMware Virtual Image Editing\vmount2.exe[1292] USER32.dll!CallWindowProcW 7E39C64A 5 Bytes JMP 00342048
.text C:\Programmi\File comuni\VMware\VMware Virtual Image Editing\vmount2.exe[1292] USER32.dll!GetKeyboardState 7E39EF29 5 Bytes JMP 00342200
.text C:\Programmi\File comuni\VMware\VMware Virtual Image Editing\vmount2.exe[1292] USER32.dll!GetWindowTextA 7E3B212B 5 Bytes JMP 00341E90
.text C:\Programmi\File comuni\VMware\VMware Virtual Image Editing\vmount2.exe[1292] USER32.dll!GetWindowTextW 7E39CDB6 5 Bytes JMP 00341EE8
.text C:\Programmi\File comuni\VMware\VMware Virtual Image Editing\vmount2.exe[1292] USER32.dll!SendMessageA 7E3AF383 5 Bytes JMP 00341F40
.text C:\Programmi\File comuni\VMware\VMware Virtual Image Editing\vmount2.exe[1292] USER32.dll!SendMessageCallbackA 7E3EAF01 5 Bytes JMP 00342150
.text C:\Programmi\File comuni\VMware\VMware Virtual Image Editing\vmount2.exe[1292] USER32.dll!SendMessageCallbackW 7E39F306 5 Bytes JMP 003421A8
.text C:\Programmi\File comuni\VMware\VMware Virtual Image Editing\vmount2.exe[1292] USER32.dll!SendMessageTimeoutA 7E3AFB2B 5 Bytes JMP 003420A0
.text C:\Programmi\File comuni\VMware\VMware Virtual Image Editing\vmount2.exe[1292] USER32.dll!SendMessageTimeoutW 7E39ED72 5 Bytes JMP 003420F8
.text C:\Programmi\File comuni\VMware\VMware Virtual Image Editing\vmount2.exe[1292] USER32.dll!SendMessageW 7E39B8BA 5 Bytes JMP 00341F98
.text C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[1972] USER32.dll!CallWindowProcA 7E39F642 5 Bytes JMP 00371FF0
.text C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[1972] USER32.dll!CallWindowProcW 7E39C64A 5 Bytes JMP 00372048
.text C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[1972] USER32.dll!GetKeyboardState 7E39EF29 5 Bytes JMP 00372200
.text C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[1972] USER32.dll!GetWindowTextA 7E3B212B 5 Bytes JMP 00371E90
.text C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[1972] USER32.dll!GetWindowTextW 7E39CDB6 5 Bytes JMP 00371EE8
.text C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[1972] USER32.dll!SendMessageA 7E3AF383 5 Bytes JMP 00371F40
.text C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[1972] USER32.dll!SendMessageCallbackA 7E3EAF01 5 Bytes JMP 00372150
.text C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[1972] USER32.dll!SendMessageCallbackW 7E39F306 5 Bytes JMP 003721A8
.text C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[1972] USER32.dll!SendMessageTimeoutA 7E3AFB2B 5 Bytes JMP 003720A0
.text C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[1972] USER32.dll!SendMessageTimeoutW 7E39ED72 5 Bytes JMP 003720F8
.text C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[1972] USER32.dll!SendMessageW 7E39B8BA 5 Bytes JMP 00371F98
.text C:\Programmi\LG PC Suite\LG PC Sync\LGSyncManager.exe[2012] USER32.dll!CallWindowProcA 7E39F642 5 Bytes JMP 00351FF0
.text C:\Programmi\LG PC Suite\LG PC Sync\LGSyncManager.exe[2012] USER32.dll!CallWindowProcW 7E39C64A 5 Bytes JMP 00352048
.text C:\Programmi\LG PC Suite\LG PC Sync\LGSyncManager.exe[2012] USER32.dll!GetKeyboardState 7E39EF29 5 Bytes JMP 00352200
.text C:\Programmi\LG PC Suite\LG PC Sync\LGSyncManager.exe[2012] USER32.dll!GetWindowTextA 7E3B212B 5 Bytes JMP 00351E90
.text C:\Programmi\LG PC Suite\LG PC Sync\LGSyncManager.exe[2012] USER32.dll!GetWindowTextW 7E39CDB6 5 Bytes JMP 00351EE8
.text C:\Programmi\LG PC Suite\LG PC Sync\LGSyncManager.exe[2012] USER32.dll!SendMessageA 7E3AF383 5 Bytes JMP 00351F40
.text C:\Programmi\LG PC Suite\LG PC Sync\LGSyncManager.exe[2012] USER32.dll!SendMessageCallbackA 7E3EAF01 5 Bytes JMP 00352150
.text C:\Programmi\LG PC Suite\LG PC Sync\LGSyncManager.exe[2012] USER32.dll!SendMessageCallbackW 7E39F306 5 Bytes JMP 003521A8
.text C:\Programmi\LG PC Suite\LG PC Sync\LGSyncManager.exe[2012] USER32.dll!SendMessageTimeoutA 7E3AFB2B 5 Bytes JMP 003520A0
.text C:\Programmi\LG PC Suite\LG PC Sync\LGSyncManager.exe[2012] USER32.dll!SendMessageTimeoutW 7E39ED72 5 Bytes JMP 003520F8
.text C:\Programmi\LG PC Suite\LG PC Sync\LGSyncManager.exe[2012] USER32.dll!SendMessageW 7E39B8BA 5 Bytes JMP 00351F98
.text C:\Programmi\LG PC Suite\LG Phone Manager\LGPhoneManager.exe[2096] USER32.dll!CallWindowProcA 7E39F642 5 Bytes JMP 00351FF0
.text C:\Programmi\LG PC Suite\LG Phone Manager\LGPhoneManager.exe[2096] USER32.dll!CallWindowProcW 7E39C64A 5 Bytes JMP 00352048
.text C:\Programmi\LG PC Suite\LG Phone Manager\LGPhoneManager.exe[2096] USER32.dll!GetKeyboardState 7E39EF29 5 Bytes JMP 00352200
.text C:\Programmi\LG PC Suite\LG Phone Manager\LGPhoneManager.exe[2096] USER32.dll!GetWindowTextA 7E3B212B 5 Bytes JMP 00351E90
.text C:\Programmi\LG PC Suite\LG Phone Manager\LGPhoneManager.exe[2096] USER32.dll!GetWindowTextW 7E39CDB6 5 Bytes JMP 00351EE8
.text C:\Programmi\LG PC Suite\LG Phone Manager\LGPhoneManager.exe[2096] USER32.dll!SendMessageA 7E3AF383 5 Bytes JMP 00351F40
.text C:\Programmi\LG PC Suite\LG Phone Manager\LGPhoneManager.exe[2096] USER32.dll!SendMessageCallbackA 7E3EAF01 5 Bytes JMP 00352150
.text C:\Programmi\LG PC Suite\LG Phone Manager\LGPhoneManager.exe[2096] USER32.dll!SendMessageCallbackW 7E39F306 5 Bytes JMP 003521A8
.text C:\Programmi\LG PC Suite\LG Phone Manager\LGPhoneManager.exe[2096] USER32.dll!SendMessageTimeoutA 7E3AFB2B 5 Bytes JMP 003520A0
.text C:\Programmi\LG PC Suite\LG Phone Manager\LGPhoneManager.exe[2096] USER32.dll!SendMessageTimeoutW 7E39ED72 5 Bytes JMP 003520F8
.text C:\Programmi\LG PC Suite\LG Phone Manager\LGPhoneManager.exe[2096] USER32.dll!SendMessageW 7E39B8BA 5 Bytes JMP 00351F98
.text C:\Programmi\RSSoft\RedSwoosh.exe[1964] USER32.dll!CallWindowProcA 7E39F642 5 Bytes JMP 00361FF0
.text C:\Programmi\RSSoft\RedSwoosh.exe[1964] USER32.dll!CallWindowProcW 7E39C64A 5 Bytes JMP 00362048
.text C:\Programmi\RSSoft\RedSwoosh.exe[1964] USER32.dll!GetKeyboardState 7E39EF29 5 Bytes JMP 00362200
.text C:\Programmi\RSSoft\RedSwoosh.exe[1964] USER32.dll!GetWindowTextA 7E3B212B 5 Bytes JMP 00361E90
.text C:\Programmi\RSSoft\RedSwoosh.exe[1964] USER32.dll!GetWindowTextW 7E39CDB6 5 Bytes JMP 00361EE8
.text C:\Programmi\RSSoft\RedSwoosh.exe[1964] USER32.dll!SendMessageA 7E3AF383 5 Bytes JMP 00361F40
.text C:\Programmi\RSSoft\RedSwoosh.exe[1964] USER32.dll!SendMessageCallbackA 7E3EAF01 5 Bytes JMP 00362150
.text C:\Programmi\RSSoft\RedSwoosh.exe[1964] USER32.dll!SendMessageCallbackW 7E39F306 5 Bytes JMP 003621A8
.text C:\Programmi\RSSoft\RedSwoosh.exe[1964] USER32.dll!SendMessageTimeoutA 7E3AFB2B 5 Bytes JMP 003620A0
.text C:\Programmi\RSSoft\RedSwoosh.exe[1964] USER32.dll!SendMessageTimeoutW 7E39ED72 5 Bytes JMP 003620F8
.text C:\Programmi\RSSoft\RedSwoosh.exe[1964] USER32.dll!SendMessageW 7E39B8BA 5 Bytes JMP 00361F98
.text C:\Programmi\Skype\Phone\Skype.exe[1740] user32.dll!CallWindowProcA 7E39F642 5 Bytes JMP 00361FF0
.text C:\Programmi\Skype\Phone\Skype.exe[1740] user32.dll!CallWindowProcW 7E39C64A 5 Bytes JMP 00362048
.text C:\Programmi\Skype\Phone\Skype.exe[1740] user32.dll!GetKeyboardState 7E39EF29 5 Bytes JMP 00362200
.text C:\Programmi\Skype\Phone\Skype.exe[1740] user32.dll!GetWindowTextA 7E3B212B 5 Bytes JMP 00361E90
.text C:\Programmi\Skype\Phone\Skype.exe[1740] user32.dll!GetWindowTextW 7E39CDB6 5 Bytes JMP 00361EE8
.text C:\Programmi\Skype\Phone\Skype.exe[1740] user32.dll!SendMessageA 7E3AF383 5 Bytes JMP 00361F40
.text C:\Programmi\Skype\Phone\Skype.exe[1740] user32.dll!SendMessageCallbackA 7E3EAF01 5 Bytes JMP 00362150
.text C:\Programmi\Skype\Phone\Skype.exe[1740] user32.dll!SendMessageCallbackW 7E39F306 5 Bytes JMP 003621A8
.text C:\Programmi\Skype\Phone\Skype.exe[1740] user32.dll!SendMessageTimeoutA 7E3AFB2B 5 Bytes JMP 003620A0
.text C:\Programmi\Skype\Phone\Skype.exe[1740] user32.dll!SendMessageTimeoutW 7E39ED72 5 Bytes JMP 003620F8
.text C:\Programmi\Skype\Phone\Skype.exe[1740] user32.dll!SendMessageW 7E39B8BA 5 Bytes JMP 00361F98
.text C:\Programmi\Zone Labs\ZoneAlarm\zlclient.exe[4040] USER32.dll!CallWindowProcA 7E39F642 5 Bytes JMP 00361FF0
.text C:\Programmi\Zone Labs\ZoneAlarm\zlclient.exe[4040] USER32.dll!CallWindowProcW 7E39C64A 5 Bytes JMP 00362048
.text C:\Programmi\Zone Labs\ZoneAlarm\zlclient.exe[4040] USER32.dll!GetKeyboardState 7E39EF29 5 Bytes JMP 00362200
.text C:\Programmi\Zone Labs\ZoneAlarm\zlclient.exe[4040] USER32.dll!GetWindowTextA 7E3B212B 5 Bytes JMP 00361E90
.text C:\Programmi\Zone Labs\ZoneAlarm\zlclient.exe[4040] USER32.dll!GetWindowTextW 7E39CDB6 5 Bytes JMP 00361EE8
.text C:\Programmi\Zone Labs\ZoneAlarm\zlclient.exe[4040] USER32.dll!SendMessageA 7E3AF383 5 Bytes JMP 00361F40
.text C:\Programmi\Zone Labs\ZoneAlarm\zlclient.exe[4040] USER32.dll!SendMessageCallbackA 7E3EAF01 5 Bytes JMP 00362150
.text C:\Programmi\Zone Labs\ZoneAlarm\zlclient.exe[4040] USER32.dll!SendMessageCallbackW 7E39F306 5 Bytes JMP 003621A8
.text C:\Programmi\Zone Labs\ZoneAlarm\zlclient.exe[4040] USER32.dll!SendMessageTimeoutA 7E3AFB2B 5 Bytes JMP 003620A0
.text C:\Programmi\Zone Labs\ZoneAlarm\zlclient.exe[4040] USER32.dll!SendMessageTimeoutW 7E39ED72 5 Bytes JMP 003620F8
.text C:\Programmi\Zone Labs\ZoneAlarm\zlclient.exe[4040] USER32.dll!SendMessageW 7E39B8BA 5 Bytes JMP 00361F98
.text C:\PROGRA~1\INCRED~1\bin\IMApp.exe[1800] USER32.dll!CallWindowProcA 7E39F642 5 Bytes JMP 00351FF0
.text C:\PROGRA~1\INCRED~1\bin\IMApp.exe[1800] USER32.dll!CallWindowProcW 7E39C64A 5 Bytes JMP 00352048
.text C:\PROGRA~1\INCRED~1\bin\IMApp.exe[1800] USER32.dll!GetKeyboardState 7E39EF29 5 Bytes JMP 00352200
.text C:\PROGRA~1\INCRED~1\bin\IMApp.exe[1800] USER32.dll!GetWindowTextA 7E3B212B 5 Bytes JMP 00351E90
.text C:\PROGRA~1\INCRED~1\bin\IMApp.exe[1800] USER32.dll!GetWindowTextW 7E39CDB6 5 Bytes JMP 00351EE8
.text C:\PROGRA~1\INCRED~1\bin\IMApp.exe[1800] USER32.dll!SendMessageA 7E3AF383 5 Bytes JMP 00351F40
.text C:\PROGRA~1\INCRED~1\bin\IMApp.exe[1800] USER32.dll!SendMessageCallbackA 7E3EAF01 5 Bytes JMP 00352150
.text C:\PROGRA~1\INCRED~1\bin\IMApp.exe[1800] USER32.dll!SendMessageCallbackW 7E39F306 5 Bytes JMP 003521A8
.text C:\PROGRA~1\INCRED~1\bin\IMApp.exe[1800] USER32.dll!SendMessageTimeoutA 7E3AFB2B 5 Bytes JMP 003520A0
.text C:\PROGRA~1\INCRED~1\bin\IMApp.exe[1800] USER32.dll!SendMessageTimeoutW 7E39ED72 5 Bytes JMP 003520F8
.text C:\PROGRA~1\INCRED~1\bin\IMApp.exe[1800] USER32.dll!SendMessageW 7E39B8BA 5 Bytes JMP 00351F98
.text C:\PROGRA~1\MOZILL~1\firefox.exe[3460] USER32.dll!CallWindowProcA 7E39F642 5 Bytes JMP 002A1FF0
.text C:\PROGRA~1\MOZILL~1\firefox.exe[3460] USER32.dll!CallWindowProcW 7E39C64A 5 Bytes JMP 002A2048
.text C:\PROGRA~1\MOZILL~1\firefox.exe[3460] USER32.dll!GetKeyboardState 7E39EF29 5 Bytes JMP 002A2200
.text C:\PROGRA~1\MOZILL~1\firefox.exe[3460] USER32.dll!GetWindowTextA 7E3B212B 5 Bytes JMP 002A1E90
.text C:\PROGRA~1\MOZILL~1\firefox.exe[3460] USER32.dll!GetWindowTextW 7E39CDB6 5 Bytes JMP 002A1EE8
.text C:\PROGRA~1\MOZILL~1\firefox.exe[3460] USER32.dll!SendMessageA 7E3AF383 5 Bytes JMP 002A1F40
.text C:\PROGRA~1\MOZILL~1\firefox.exe[3460] USER32.dll!SendMessageCallbackA 7E3EAF01 5 Bytes JMP 002A2150
.text C:\PROGRA~1\MOZILL~1\firefox.exe[3460] USER32.dll!SendMessageCallbackW 7E39F306 5 Bytes JMP 002A21A8
.text C:\PROGRA~1\MOZILL~1\firefox.exe[3460] USER32.dll!SendMessageTimeoutA 7E3AFB2B 5 Bytes JMP 002A20A0
.text C:\PROGRA~1\MOZILL~1\firefox.exe[3460] USER32.dll!SendMessageTimeoutW 7E39ED72 5 Bytes JMP 002A20F8
.text C:\PROGRA~1\MOZILL~1\firefox.exe[3460] USER32.dll!SendMessageW 7E39B8BA 5 Bytes JMP 002A1F98
.text C:\PROGRA~1\ZONELA~1\ZONEAL~1\MAILFR~1\mantispm.exe[1032] USER32.dll!CallWindowProcA 7E39F642 5 Bytes JMP 00351FF0
.text C:\PROGRA~1\ZONELA~1\ZONEAL~1\MAILFR~1\mantispm.exe[1032] USER32.dll!CallWindowProcW 7E39C64A 5 Bytes JMP 00352048
.text C:\PROGRA~1\ZONELA~1\ZONEAL~1\MAILFR~1\mantispm.exe[1032] USER32.dll!GetKeyboardState 7E39EF29 5 Bytes JMP 00352200
.text C:\PROGRA~1\ZONELA~1\ZONEAL~1\MAILFR~1\mantispm.exe[1032] USER32.dll!GetWindowTextA 7E3B212B 5 Bytes JMP 00351E90
.text C:\PROGRA~1\ZONELA~1\ZONEAL~1\MAILFR~1\mantispm.exe[1032] USER32.dll!GetWindowTextW 7E39CDB6 5 Bytes JMP 00351EE8
.text C:\PROGRA~1\ZONELA~1\ZONEAL~1\MAILFR~1\mantispm.exe[1032] USER32.dll!SendMessageA 7E3AF383 5 Bytes JMP 00351F40
.text C:\PROGRA~1\ZONELA~1\ZONEAL~1\MAILFR~1\mantispm.exe[1032] USER32.dll!SendMessageCallbackA 7E3EAF01 5 Bytes JMP 00352150
.text C:\PROGRA~1\ZONELA~1\ZONEAL~1\MAILFR~1\mantispm.exe[1032] USER32.dll!SendMessageCallbackW 7E39F306 5 Bytes JMP 003521A8
.text C:\PROGRA~1\ZONELA~1\ZONEAL~1\MAILFR~1\mantispm.exe[1032] USER32.dll!SendMessageTimeoutA 7E3AFB2B 5 Bytes JMP 003520A0
.text C:\PROGRA~1\ZONELA~1\ZONEAL~1\MAILFR~1\mantispm.exe[1032] USER32.dll!SendMessageTimeoutW 7E39ED72 5 Bytes JMP 003520F8
.text C:\PROGRA~1\ZONELA~1\ZONEAL~1\MAILFR~1\mantispm.exe[1032] USER32.dll!SendMessageW 7E39B8BA 5 Bytes JMP 00351F98
.text C:\WINDOWS\explorer.exe[3904] USER32.dll!CallWindowProcA 7E39F642 5 Bytes JMP 00291FF0
.text C:\WINDOWS\explorer.exe[3904] USER32.dll!CallWindowProcW 7E39C64A 5 Bytes JMP 00292048
.text C:\WINDOWS\explorer.exe[3904] USER32.dll!GetKeyboardState 7E39EF29 5 Bytes JMP 00292200
.text C:\WINDOWS\explorer.exe[3904] USER32.dll!GetWindowTextA 7E3B212B 5 Bytes JMP 00291E90
.text C:\WINDOWS\explorer.exe[3904] USER32.dll!GetWindowTextW 7E39CDB6 5 Bytes JMP 00291EE8
.text C:\WINDOWS\explorer.exe[3904] USER32.dll!SendMessageA 7E3AF383 5 Bytes JMP 00291F40
.text C:\WINDOWS\explorer.exe[3904] USER32.dll!SendMessageCallbackA 7E3EAF01 5 Bytes JMP 00292150
.text C:\WINDOWS\explorer.exe[3904] USER32.dll!SendMessageCallbackW 7E39F306 5 Bytes JMP 002921A8
.text C:\WINDOWS\explorer.exe[3904] USER32.dll!SendMessageTimeoutA 7E3AFB2B 5 Bytes JMP 002920A0
.text C:\WINDOWS\explorer.exe[3904] USER32.dll!SendMessageTimeoutW 7E39ED72 5 Bytes JMP 002920F8
.text C:\WINDOWS\explorer.exe[3904] USER32.dll!SendMessageW 7E39B8BA 5 Bytes JMP 00291F98
.text C:\WINDOWS\system32\alg.exe[3604] USER32.dll!CallWindowProcA 7E39F642 5 Bytes JMP 00291FF0
.text C:\WINDOWS\system32\alg.exe[3604] USER32.dll!CallWindowProcW 7E39C64A 5 Bytes JMP 00292048
.text C:\WINDOWS\system32\alg.exe[3604] USER32.dll!GetKeyboardState 7E39EF29 5 Bytes JMP 00292200
.text C:\WINDOWS\system32\alg.exe[3604] USER32.dll!GetWindowTextA 7E3B212B 5 Bytes JMP 00291E90
.text C:\WINDOWS\system32\alg.exe[3604] USER32.dll!GetWindowTextW 7E39CDB6 5 Bytes JMP 00291EE8
.text C:\WINDOWS\system32\alg.exe[3604] USER32.dll!SendMessageA 7E3AF383 5 Bytes JMP 00291F40
.text C:\WINDOWS\system32\alg.exe[3604] USER32.dll!SendMessageCallbackA 7E3EAF01 5 Bytes JMP 00292150
.text C:\WINDOWS\system32\alg.exe[3604] USER32.dll!SendMessageCallbackW 7E39F306 5 Bytes JMP 002921A8
.text C:\WINDOWS\system32\alg.exe[3604] USER32.dll!SendMessageTimeoutA 7E3AFB2B 5 Bytes JMP 002920A0
.text C:\WINDOWS\system32\alg.exe[3604] USER32.dll!SendMessageTimeoutW 7E39ED72 5 Bytes JMP 002920F8
.text C:\WINDOWS\system32\alg.exe[3604] USER32.dll!SendMessageW 7E39B8BA 5 Bytes JMP 00291F98
.text C:\WINDOWS\system32\ati2evxx.exe[1564] USER32.dll!CallWindowProcA 7E39F642 5 Bytes JMP 00341FF0
.text C:\WINDOWS\system32\ati2evxx.exe[1564] USER32.dll!CallWindowProcW 7E39C64A 5 Bytes JMP 00342048
.text C:\WINDOWS\system32\ati2evxx.exe[1564] USER32.dll!GetKeyboardState 7E39EF29 5 Bytes JMP 00342200
.text C:\WINDOWS\system32\ati2evxx.exe[1564] USER32.dll!GetWindowTextA 7E3B212B 5 Bytes JMP 00341E90
.text C:\WINDOWS\system32\ati2evxx.exe[1564] USER32.dll!GetWindowTextW 7E39CDB6 5 Bytes JMP 00341EE8
.text C:\WINDOWS\system32\ati2evxx.exe[1564] USER32.dll!SendMessageA 7E3AF383 5 Bytes JMP 00341F40
.text C:\WINDOWS\system32\ati2evxx.exe[1564] USER32.dll!SendMessageCallbackA 7E3EAF01 5 Bytes JMP 00342150
.text C:\WINDOWS\system32\ati2evxx.exe[1564] USER32.dll!SendMessageCallbackW 7E39F306 5 Bytes JMP 003421A8
.text C:\WINDOWS\system32\ati2evxx.exe[1564] USER32.dll!SendMessageTimeoutA 7E3AFB2B 5 Bytes JMP 003420A0
.text C:\WINDOWS\system32\ati2evxx.exe[1564] USER32.dll!SendMessageTimeoutW 7E39ED72 5 Bytes JMP 003420F8
.text C:\WINDOWS\system32\ati2evxx.exe[1564] USER32.dll!SendMessageW 7E39B8BA 5 Bytes JMP 00341F98
.text C:\WINDOWS\system32\Crypserv.exe[248] USER32.dll!CallWindowProcA 7E39F642 5 Bytes JMP 00341FF0
.text C:\WINDOWS\system32\Crypserv.exe[248] USER32.dll!CallWindowProcW 7E39C64A 5 Bytes JMP 00342048
.text C:\WINDOWS\system32\Crypserv.exe[248] USER32.dll!GetKeyboardState 7E39EF29 5 Bytes JMP 00342200
.text C:\WINDOWS\system32\Crypserv.exe[248] USER32.dll!GetWindowTextA 7E3B212B 5 Bytes JMP 00341E90
.text C:\WINDOWS\system32\Crypserv.exe[248] USER32.dll!GetWindowTextW 7E39CDB6 5 Bytes JMP 00341EE8
.text C:\WINDOWS\system32\Crypserv.exe[248] USER32.dll!SendMessageA 7E3AF383 5 Bytes JMP 00341F40
.text C:\WINDOWS\system32\Crypserv.exe[248] USER32.dll!SendMessageCallbackA 7E3EAF01 5 Bytes JMP 00342150
.text C:\WINDOWS\system32\Crypserv.exe[248] USER32.dll!SendMessageCallbackW 7E39F306 5 Bytes JMP 003421A8
.text C:\WINDOWS\system32\Crypserv.exe[248] USER32.dll!SendMessageTimeoutA 7E3AFB2B 5 Bytes JMP 003420A0
.text C:\WINDOWS\system32\Crypserv.exe[248] USER32.dll!SendMessageTimeoutW 7E39ED72 5 Bytes JMP 003420F8
.text C:\WINDOWS\system32\Crypserv.exe[248] USER32.dll!SendMessageW 7E39B8BA 5 Bytes JMP 00341F98
.text C:\WINDOWS\system32\ctfmon.exe[1904] USER32.dll!CallWindowProcA 7E39F642 5 Bytes JMP 002A1FF0
.text C:\WINDOWS\system32\ctfmon.exe[1904] USER32.dll!CallWindowProcW 7E39C64A 5 Bytes JMP 002A2048
.text C:\WINDOWS\system32\ctfmon.exe[1904] USER32.dll!GetKeyboardState 7E39EF29 5 Bytes JMP 002A2200
.text C:\WINDOWS\system32\ctfmon.exe[1904] USER32.dll!GetWindowTextA 7E3B212B 5 Bytes JMP 002A1E90
.text C:\WINDOWS\system32\ctfmon.exe[1904] USER32.dll!GetWindowTextW 7E39CDB6 5 Bytes JMP 002A1EE8
.text C:\WINDOWS\system32\ctfmon.exe[1904] USER32.dll!SendMessageA 7E3AF383 5 Bytes JMP 002A1F40
.text C:\WINDOWS\system32\ctfmon.exe[1904] USER32.dll!SendMessageCallbackA 7E3EAF01 5 Bytes JMP 002A2150
.text C:\WINDOWS\system32\ctfmon.exe[1904] USER32.dll!SendMessageCallbackW 7E39F306 5 Bytes JMP 002A21A8
.text C:\WINDOWS\system32\ctfmon.exe[1904] USER32.dll!SendMessageTimeoutA 7E3AFB2B 5 Bytes JMP 002A20A0
.text C:\WINDOWS\system32\ctfmon.exe[1904] USER32.dll!SendMessageTimeoutW 7E39ED72 5 Bytes JMP 002A20F8
.text C:\WINDOWS\system32\ctfmon.exe[1904] USER32.dll!SendMessageW 7E39B8BA 5 Bytes JMP 002A1F98
.text C:\WINDOWS\system32\spoolsv.exe[772] USER32.dll!CallWindowProcA 7E39F642 5 Bytes JMP 00291FF0
.text C:\WINDOWS\system32\spoolsv.exe[772] USER32.dll!CallWindowProcW 7E39C64A 5 Bytes JMP 00292048
.text C:\WINDOWS\system32\spoolsv.exe[772] USER32.dll!GetKeyboardState 7E39EF29 5 Bytes JMP 00292200
.text C:\WINDOWS\system32\spoolsv.exe[772] USER32.dll!GetWindowTextA 7E3B212B 5 Bytes JMP 00291E90
.text C:\WINDOWS\system32\spoolsv.exe[772] USER32.dll!GetWindowTextW 7E39CDB6 5 Bytes JMP 00291EE8
.text C:\WINDOWS\system32\spoolsv.exe[772] USER32.dll!SendMessageA 7E3AF383 5 Bytes JMP 00291F40
.text C:\WINDOWS\system32\spoolsv.exe[772] USER32.dll!SendMessageCallbackA 7E3EAF01 5 Bytes JMP 00292150
.text C:\WINDOWS\system32\spoolsv.exe[772] USER32.dll!SendMessageCallbackW 7E39F306 5 Bytes JMP 002921A8
.text C:\WINDOWS\system32\spoolsv.exe[772] USER32.dll!SendMessageTimeoutA 7E3AFB2B 5 Bytes JMP 002920A0
.text C:\WINDOWS\system32\spoolsv.exe[772] USER32.dll!SendMessageTimeoutW 7E39ED72 5 Bytes JMP 002920F8
.text C:\WINDOWS\system32\spoolsv.exe[772] USER32.dll!SendMessageW 7E39B8BA 5 Bytes JMP 00291F98
.text C:\WINDOWS\system32\svchost.exe[2852] USER32.dll!CallWindowProcA 7E39F642 5 Bytes JMP 003D1FF0
.text C:\WINDOWS\system32\svchost.exe[2852] USER32.dll!CallWindowProcW 7E39C64A 5 Bytes JMP 003D2048
.text C:\WINDOWS\system32\svchost.exe[2852] USER32.dll!GetKeyboardState 7E39EF29 5 Bytes JMP 003D2200
.text C:\WINDOWS\system32\svchost.exe[2852] USER32.dll!GetWindowTextA 7E3B212B 5 Bytes JMP 003D1E90
.text C:\WINDOWS\system32\svchost.exe[2852] USER32.dll!GetWindowTextW 7E39CDB6 5 Bytes JMP 003D1EE8
.text C:\WINDOWS\system32\svchost.exe[2852] USER32.dll!SendMessageA 7E3AF383 5 Bytes JMP 003D1F40
.text C:\WINDOWS\system32\svchost.exe[2852] USER32.dll!SendMessageCallbackA 7E3EAF01 5 Bytes JMP 003D2150
.text C:\WINDOWS\system32\svchost.exe[2852] USER32.dll!SendMessageCallbackW 7E39F306 5 Bytes JMP 003D21A8
.text C:\WINDOWS\system32\svchost.exe[2852] USER32.dll!SendMessageTimeoutA 7E3AFB2B 5 Bytes JMP 003D20A0
.text C:\WINDOWS\system32\svchost.exe[2852] USER32.dll!SendMessageTimeoutW 7E39ED72 5 Bytes JMP 003D20F8
.text C:\WINDOWS\system32\svchost.exe[2852] USER32.dll!SendMessageW 7E39B8BA 5 Bytes JMP 003D1F98
.text C:\WINDOWS\system32\vmnat.exe[1608] USER32.dll!CallWindowProcA 7E39F642 5 Bytes JMP 00341FF0
.text C:\WINDOWS\system32\vmnat.exe[1608] USER32.dll!CallWindowProcW 7E39C64A 5 Bytes JMP 00342048
.text C:\WINDOWS\system32\vmnat.exe[1608] USER32.dll!GetKeyboardState 7E39EF29 5 Bytes JMP 00342200
.text C:\WINDOWS\system32\vmnat.exe[1608] USER32.dll!GetWindowTextA 7E3B212B 5 Bytes JMP 00341E90
.text C:\WINDOWS\system32\vmnat.exe[1608] USER32.dll!GetWindowTextW 7E39CDB6 5 Bytes JMP 00341EE8
.text C:\WINDOWS\system32\vmnat.exe[1608] USER32.dll!SendMessageA 7E3AF383 5 Bytes JMP 00341F40
.text C:\WINDOWS\system32\vmnat.exe[1608] USER32.dll!SendMessageCallbackA 7E3EAF01 5 Bytes JMP 00342150
.text C:\WINDOWS\system32\vmnat.exe[1608] USER32.dll!SendMessageCallbackW 7E39F306 5 Bytes JMP 003421A8
.text C:\WINDOWS\system32\vmnat.exe[1608] USER32.dll!SendMessageTimeoutA 7E3AFB2B 5 Bytes JMP 003420A0
.text C:\WINDOWS\system32\vmnat.exe[1608] USER32.dll!SendMessageTimeoutW 7E39ED72 5 Bytes JMP 003420F8
.text C:\WINDOWS\system32\vmnat.exe[1608] USER32.dll!SendMessageW 7E39B8BA 5 Bytes JMP 00341F98
.text C:\WINDOWS\system32\ZoneLabs\avsys\Monitor.exe[3412] USER32.dll!CallWindowProcA 7E39F642 5 Bytes JMP 00341FF0
.text C:\WINDOWS\system32\ZoneLabs\avsys\Monitor.exe[3412] USER32.dll!CallWindowProcW 7E39C64A 5 Bytes JMP 00342048
.text C:\WINDOWS\system32\ZoneLabs\avsys\Monitor.exe[3412] USER32.dll!GetKeyboardState 7E39EF29 5 Bytes JMP 00342200
.text C:\WINDOWS\system32\ZoneLabs\avsys\Monitor.exe[3412] USER32.dll!GetWindowTextA 7E3B212B 5 Bytes JMP 00341E90
.text C:\WINDOWS\system32\ZoneLabs\avsys\Monitor.exe[3412] USER32.dll!GetWindowTextW 7E39CDB6 5 Bytes JMP 00341EE8
.text C:\WINDOWS\system32\ZoneLabs\avsys\Monitor.exe[3412] USER32.dll!SendMessageA 7E3AF383 5 Bytes JMP 00341F40
.text C:\WINDOWS\system32\ZoneLabs\avsys\Monitor.exe[3412] USER32.dll!SendMessageCallbackA 7E3EAF01 5 Bytes JMP 00342150
.text C:\WINDOWS\system32\ZoneLabs\avsys\Monitor.exe[3412] USER32.dll!SendMessageCallbackW 7E39F306 5 Bytes JMP 003421A8
.text C:\WINDOWS\system32\ZoneLabs\avsys\Monitor.exe[3412] USER32.dll!SendMessageTimeoutA 7E3AFB2B 5 Bytes JMP 003420A0
.text C:\WINDOWS\system32\ZoneLabs\avsys\Monitor.exe[3412] USER32.dll!SendMessageTimeoutW 7E39ED72 5 Bytes JMP 003420F8
.text C:\WINDOWS\system32\ZoneLabs\avsys\Monitor.exe[3412] USER32.dll!SendMessageW 7E39B8BA 5 Bytes JMP 00341F98
.text C:\WINDOWS\system32\ZoneLabs\avsys\ScanningProcess.exe[1900] USER32.dll!CallWindowProcA 7E39F642 5 Bytes JMP 00341FF0
.text C:\WINDOWS\system32\ZoneLabs\avsys\ScanningProcess.exe[1900] USER32.dll!CallWindowProcW 7E39C64A 5 Bytes JMP 00342048
.text C:\WINDOWS\system32\ZoneLabs\avsys\ScanningProcess.exe[1900] USER32.dll!GetKeyboardState 7E39EF29 5 Bytes JMP 00342200
.text C:\WINDOWS\system32\ZoneLabs\avsys\ScanningProcess.exe[1900] USER32.dll!GetWindowTextA 7E3B212B 5 Bytes JMP 00341E90
.text C:\WINDOWS\system32\ZoneLabs\avsys\ScanningProcess.exe[1900] USER32.dll!GetWindowTextW 7E39CDB6 5 Bytes JMP 00341EE8
.text C:\WINDOWS\system32\ZoneLabs\avsys\ScanningProcess.exe[1900] USER32.dll!SendMessageA 7E3AF383 5 Bytes JMP 00341F40
.text C:\WINDOWS\system32\ZoneLabs\avsys\ScanningProcess.exe[1900] USER32.dll!SendMessageCallbackA 7E3EAF01 5 Bytes JMP 00342150
.text C:\WINDOWS\system32\ZoneLabs\avsys\ScanningProcess.exe[1900] USER32.dll!SendMessageCallbackW 7E39F306 5 Bytes JMP 003421A8
.text C:\WINDOWS\system32\ZoneLabs\avsys\ScanningProcess.exe[1900] USER32.dll!SendMessageTimeoutA 7E3AFB2B 5 Bytes JMP 003420A0
.text C:\WINDOWS\system32\ZoneLabs\avsys\ScanningProcess.exe[1900] USER32.dll!SendMessageTimeoutW 7E39ED72 5 Bytes JMP 003420F8
.text C:\WINDOWS\system32\ZoneLabs\avsys\ScanningProcess.exe[1900] USER32.dll!SendMessageW 7E39B8BA 5 Bytes JMP 00341F98
.text C:\WINDOWS\system32\ZoneLabs\avsys\ScanningProcess.exe[296] USER32.dll!CallWindowProcA 7E39F642 5 Bytes JMP 00341FF0
.text C:\WINDOWS\system32\ZoneLabs\avsys\ScanningProcess.exe[296] USER32.dll!CallWindowProcW 7E39C64A 5 Bytes JMP 00342048
.text C:\WINDOWS\system32\ZoneLabs\avsys\ScanningProcess.exe[296] USER32.dll!GetKeyboardState 7E39EF29 5 Bytes JMP 00342200
.text C:\WINDOWS\system32\ZoneLabs\avsys\ScanningProcess.exe[296] USER32.dll!GetWindowTextA 7E3B212B 5 Bytes JMP 00341E90
.text C:\WINDOWS\system32\ZoneLabs\avsys\ScanningProcess.exe[296] USER32.dll!GetWindowTextW 7E39CDB6 5 Bytes JMP 00341EE8
.text C:\WINDOWS\system32\ZoneLabs\avsys\ScanningProcess.exe[296] USER32.dll!SendMessageA 7E3AF383 5 Bytes JMP 00341F40
.text C:\WINDOWS\system32\ZoneLabs\avsys\ScanningProcess.exe[296] USER32.dll!SendMessageCallbackA 7E3EAF01 5 Bytes JMP 00342150
.text C:\WINDOWS\system32\ZoneLabs\avsys\ScanningProcess.exe[296] USER32.dll!SendMessageCallbackW 7E39F306 5 Bytes JMP 003421A8
.text C:\WINDOWS\system32\ZoneLabs\avsys\ScanningProcess.exe[296] USER32.dll!SendMessageTimeoutA 7E3AFB2B 5 Bytes JMP 003420A0
.text C:\WINDOWS\system32\ZoneLabs\avsys\ScanningProcess.exe[296] USER32.dll!SendMessageTimeoutW 7E39ED72 5 Bytes JMP 003420F8
.text C:\WINDOWS\system32\ZoneLabs\avsys\ScanningProcess.exe[296] USER32.dll!SendMessageW 7E39B8BA 5 Bytes JMP 00341F98
.text C:\WINDOWS\system32\ZoneLabs\vsmon.exe[2632] ntdll.dll!KiFastSystemCall + 2 7C91EB8D 2 Bytes [ CD, 20 ]
.text C:\WINDOWS\system32\ZoneLabs\vsmon.exe[2632] USER32.dll!CallWindowProcA 7E39F642 5 Bytes JMP 00341FF0
.text C:\WINDOWS\system32\ZoneLabs\vsmon.exe[2632] USER32.dll!CallWindowProcW 7E39C64A 5 Bytes JMP 00342048
.text C:\WINDOWS\system32\ZoneLabs\vsmon.exe[2632] USER32.dll!GetKeyboardState 7E39EF29 5 Bytes JMP 00342200
.text C:\WINDOWS\system32\ZoneLabs\vsmon.exe[2632] USER32.dll!GetWindowTextA 7E3B212B 5 Bytes JMP 00341E90
.text C:\WINDOWS\system32\ZoneLabs\vsmon.exe[2632] USER32.dll!GetWindowTextW 7E39CDB6 5 Bytes JMP 00341EE8
.text C:\WINDOWS\system32\ZoneLabs\vsmon.exe[2632] USER32.dll!SendMessageA 7E3AF383 5 Bytes JMP 00341F40
.text C:\WINDOWS\system32\ZoneLabs\vsmon.exe[2632] USER32.dll!SendMessageCallbackA 7E3EAF01 5 Bytes JMP 00342150
.text C:\WINDOWS\system32\ZoneLabs\vsmon.exe[2632] USER32.dll!SendMessageCallbackW 7E39F306 5 Bytes JMP 003421A8
.text C:\WINDOWS\system32\ZoneLabs\vsmon.exe[2632] USER32.dll!SendMessageTimeoutA 7E3AFB2B 5 Bytes JMP 003420A0
.text C:\WINDOWS\system32\ZoneLabs\vsmon.exe[2632] USER32.dll!SendMessageTimeoutW 7E39ED72 5 Bytes JMP 003420F8
.text C:\WINDOWS\system32\ZoneLabs\vsmon.exe[2632] USER32.dll!SendMessageW 7E39B8BA 5 Bytes JMP 00341F98

SSDT d347bus.sys ZwCreatePagingFile
SSDT d347bus.sys ZwEnumerateKey
SSDT d347bus.sys ZwEnumerateValueKey
SSDT d347bus.sys ZwOpenKey
SSDT d347bus.sys ZwQueryKey
SSDT d347bus.sys ZwQueryValueKey
SSDT d347bus.sys ZwSetSystemPowerState

---- Kernel code sections - GMER 1.0.12 ----

.text ntoskrnl.exe!FsRtlCheckLockForReadAccess 80503C29 5 Bytes JMP B7D65760 \??\C:\WINDOWS\system32\ZoneLabs\avsys\KLIF.SYS
.text ntoskrnl.exe!IoIsOperationSynchronous 804E8752 5 Bytes JMP B7D65C50 \??\C:\WINDOWS\system32\ZoneLabs\avsys\KLIF.SYS
.text ntoskrnl.exe!KiDispatchInterrupt + BA 804DB92E 7 Bytes JMP B7D68CD0 \??\C:\WINDOWS\system32\ZoneLabs\avsys\KLIF.SYS
PAGE ntoskrnl.exe!MmMapViewOfSection 80572269 5 Bytes JMP 86DE0C98
PAGE ntoskrnl.exe!ZwCreateKey 8056E7A9 5 Bytes JMP 86D72078
PAGE ntoskrnl.exe!ZwOpenKey 80567CFB 5 Bytes JMP 860D6D38

INT 0x20 srescan.sys F76419E0

---- Kernel code sections - GMER 1.0.12 ----

.text win32k.sys!FONTOBJ_pxoGetXform + C295 BF8BD3F5 5 Bytes JMP 860D6CE0

---- Files - GMER 1.0.12 ----

ADS C:\Documents and Settings\All Users\Dati applicazioni\TEMP:4B7BEAFF
ADS C:\Documents and Settings\rec\Documenti:{726B6F7C-E889-4EFE-8CA3-AEF4943DBD38}
ADS C:\Documents and Settings\rec\Preferiti\Jeux gratuits Toilokdo - cadeaux sans tirages au sort.url:favicon
ADS C:\WINDOWS\system32:{726B6F7C-E889-4EFE-8CA3-AEF4943DBD38}

---- EOF - GMER 1.0.12 ----
seven75 è offline   Rispondi citando il messaggio o parte di esso
Old 26-08-2007, 18:17   #10
juninho85
Bannato
 
L'Avatar di juninho85
 
Iscritto dal: Mar 2004
Città: Galapagos Attenzione:utente flautolente,tienilo a mente
Messaggi: 28998
Quote:
Originariamente inviato da seven75 Guarda i messaggi
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://safesearch.cyberdefender.com/smallsearch.html
O4 - HKCU\..\Run: [CyberDefender Early Detection Center] "C:\Programmi\CyberDefender\AntiSpyware\cdas11a.exe" /minimize
O16 - DPF: {D8089245-3211-40F6-819B-9E5E92CD61A2} (FlashXControl Object) - https://crazyvegas.microgaming.com/generic/FlashAX.cab
O16 - DPF: {F7EDBBEA-1AD2-4EBF-AA07-D453CC29EE65} (Flash Casino Helper Object) - https://casinoclassic.microgaming.co...c/FlashAX2.cab
O20 - Winlogon Notify: Antiwpa - C:\WINDOWS\SYSTEM32\antiwpa.dll
O20 - Winlogon Notify: avgwlntf - C:\WINDOWS\SYSTEM32\avgwlntf.dll
O20 - Winlogon Notify: jupiw32 - C:\WINDOWS\SYSTEM32\jupiw32.dll
elimina
juninho85 è offline   Rispondi citando il messaggio o parte di esso
Old 26-08-2007, 18:26   #11
seven75
Member
 
Iscritto dal: Aug 2006
Messaggi: 34
Eliminati, ma i download non partono, sempre il solito "this object has been blocked"
seven75 è offline   Rispondi citando il messaggio o parte di esso
Old 26-08-2007, 18:59   #12
juninho85
Bannato
 
L'Avatar di juninho85
 
Iscritto dal: Mar 2004
Città: Galapagos Attenzione:utente flautolente,tienilo a mente
Messaggi: 28998
Quote:
Originariamente inviato da seven75 Guarda i messaggi
Eliminati, ma i download non partono, sempre il solito "this object has been blocked"
non è che si tratti del blocco opzionale di internet explorer?
fai uno stamp della schermata
juninho85 è offline   Rispondi citando il messaggio o parte di esso
 Rispondi

« Discussione precedente | Discussione successiva »

Recensione vivo X300 Pro: è ancora lui il re della fotografia mobile, peccato per la batteria Recensione vivo X300 Pro: è ancora lui il...
Lenovo Legion Go 2: Ryzen Z2 Extreme e OLED 8,8'' per spingere gli handheld gaming PC al massimo Lenovo Legion Go 2: Ryzen Z2 Extreme e OLED 8,8'...
AWS re:Invent 2025: inizia l'era dell'AI-as-a-Service con al centro gli agenti AWS re:Invent 2025: inizia l'era dell'AI-as-a-Se...
Cos'è la bolla dell'IA e perché se ne parla Cos'è la bolla dell'IA e perché se...
BOOX Palma 2 Pro in prova: l'e-reader diventa a colori, e davvero tascabile BOOX Palma 2 Pro in prova: l'e-reader diventa a ...
Factorial, azienda di batterie allo stat...
Le specifiche fuori di testa della Yangw...
I numeri incredibili di Xiaomi: nel 2025...
In Cina è pronto il parco fotovol...
Neuralink accelera: produzione di massa ...
Starlink abbassa l'orbita di migliaia di...
Dal MIT una nuova batteria per auto elet...
Adam Mosseri parla di IA su Instagram: l...
Suonerie personalizzate e Tone Store: il...
LG UltraGear evo: svelati i monitor gami...
Nelle offerte Amazon del nuovo anno ci s...
Meta Quest 3 da 512 GB torna a 469€ con ...
Steam a inizio 2026: i giochi più vendut...
Auto sempre al top: compressore Xiaomi, ...
In Francia si ragiona sul ban dei social...
Chromium
GPU-Z
OCCT
LibreOffice Portable
Opera One Portable
Opera One 106
CCleaner Portable
CCleaner Standard
Cpu-Z
Driver NVIDIA GeForce 546.65 WHQL
SmartFTP
Trillian
Google Chrome Portable
Google Chrome 120
VirtualBox
Tutti gli articoli Tutte le news Tutti i download

Strumenti

Regole
Non Puoi aprire nuove discussioni
Non Puoi rispondere ai messaggi
Non Puoi allegare file
Non Puoi modificare i tuoi messaggi
Il codice vB è On
Le Faccine sono On
Il codice [IMG] è On
Il codice HTML è Off
Vai al Forum


Tutti gli orari sono GMT +1. Ora sono le: 15:48.

Contattaci - Hardware Upgrade - Archivio - Note sulla Privacy - Su

Powered by vBulletin® Version 3.6.4
Copyright ©2000 - 2026, Jelsoft Enterprises Ltd.
Served by www3v