Witam,
korzystam z programu Avast Home Edition.
Od kilku dni, zaraz po włączeniu kompa, zaraz po tym jak avast automatycznie się włancza - wyskakuje ostrzeżenie że znaleziono robaka.
Jest on w C:\WINDOWS\services.dll i nazywa się
Win32:Trojan-gen.{other}
Jedyna dostępna opcja to kwarantanna, bo usuń i wylecz nie działa - wyskakuja jakieś błędy.
Pomóżcie! 
Proszę zmienić temat postu na konkretny.JNJN
1.Startujesz do trybu awaryjnego
2.Wyłanczasz przywracanie systemu (tylko Me/Xp)
3.Kasujesz wpisy w HijackThis
4.Kasujesz pogrubione pliki/foldery
5.Dajesz nowy log z hjt + log z Silent Runners
Ale jak mam skasować plik services.exe jak jego nie mam …
jeśli nie ma to przechodzisz do następnego punktu
Złączono Posta : 29.07.2006 (Sob) 11:49
Już widze, że nic nie zrobiłeś
Plik ,C:\WINDOWS\SERVICES.EXE , jest i może być ukryty(opcje folderów>>>widok>>pokaż ukryte pliki/folder),musisz go skasować(możesz użyć do tego nrzędzia Pocket Killbox ) jak i wpisy. które wymieniłem.
Późmiej otwórz notatnik i wklej:
Plik>>>zapisz jako>>zmień rozszerzenie z .txt na wszystkie pliki>>>zapisz pod nazwą FIX.REG i uruchom , wklej nowe logi.
Ten plik services.exe nie istnieje…
Mam włączony widok ukrytych plików i go nie ma…
co ci wykrył avast ?
Ściągnij Pocket Killbox>>>uruchom>>>zaznacz opcje “Delete on Reboot”>>>w polu “Full path of file” wklej ścieżke:
klikasz x i zgadzasz się na restart kompa
Później zrób to co napisałem w poprzednich postach…
Zrobiłem tak:
-za pomocą killbox usunąłem ten plik,
-wyłączyłem przywracanie systemu,
-włączyłem kompa w trybie awaryjnym,
-za pomoca hjt usunąłem tego loga wskazanego przez Ciebie,
-po restarcie kompa nadal to jest
:?
Użyj programu Killbox
–> Uruchamiasz zaznaczasz Delete on reboot, w polu full path of file wklej ścieżkę :
C:\WINDOWS\SERVICES.EXE
Klikasz X i reset kompa.
Wpisy skasuj Hijackiem.
Jeszcze raz pisze że tak właśnie robiłem
Ale po usunięciu wpisu poprzez HJT ten wpis nadal jest po ponownym przeskanowaniu za pomoca HJT
razem z innymi ?
Wklej tu nowe logi.
Logfile of HijackThis v1.99.1
Scan saved at 09:11:29, on 2006-07-30
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\drivers\KodakCCS.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\ScsiAccess.EXE
C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\WinRAR\WinRAR.exe
C:\Program Files\Webroot\Spy Sweeper\SSU.EXE
C:\DOCUME~1\Monia\USTAWI~1\Temp\Rar$EX00.688\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://69.31.46.144/feeds/search.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://69.31.46.144/feeds/search.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.wp.pl/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://69.31.46.144/feeds/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://69.31.46.144/feeds/search.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = search-info.info
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://69.31.46.144/feeds/search.html
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
F2 - REG:system.ini: UserInit=C:\WINDOWS\SYSTEM32\Userinit.exe,,C:\WINDOWS\SERVICES.EXE
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O4 - HKLM\..\Run: [NvCplDaemon] "RUNDLL32.EXE" C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe" /startintray
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll
O9 - Extra button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {012F24D4-35B0-11D0-BF2D-0000E8D0D146} (AtlCam Class) - http://kameraded.hopto.org/sns100.ocx
O16 - DPF: {0F9B4CA4-A30F-480A-841D-69B45C50A8F8} - http://secure2.comned.com/signuptemplates/AktiveSekurity.cab
O16 - DPF: {1A781DED-C22D-4153-3213-A3211E29DF13} (GameDesire Card Games) - http://67.15.101.3/g_bin/pl/cards_2_0_0_67.cab
O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} (Cult3D ActiveX Player) - http://www.cult3d.com/download/cult.cab
O16 - DPF: {41ACD49D-1974-791A-0981-AA9872721044} (GINBOARDS Class) - http://67.15.101.3/g_bin/pl/boards_2_0_0_16.cab
O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - http://tools.ebayimg.com/eps/activex/EPUWALControl_v1-0-3-18.cab
O16 - DPF: {70BA88C8-DAE8-4CE9-92BB-979C4A75F53B} - http://launch.gamespyarcade.com/software/launch/alaunch.cab
O16 - DPF: {78AF2F24-A9C3-11D3-BF8C-0060B0FCC122} (AcDcToday Control) - file://C:\Program Files\AutoCAD 2002\AcDcToday.ocx
O16 - DPF: {83AFB5CA-ED35-11D4-A452-0080C8D85045} (GameDesire Poker Games) - http://67.15.101.3/g_bin/pl/poker_2_0_0_39.cab
O16 - DPF: {92ECE6FA-AC2E-4042-BFAE-0C8608E52A43} (SignActivX Control) - https://www.bph.pl/pi/components/SignActivX.cab
O16 - DPF: {AC120B1D-9411-4111-AF52-118052D85D45} (GameDesire Darts Games) - http://67.15.101.3/g_bin/pl/darts_2_0_0_28.cab
O16 - DPF: {AE563720-B4F5-11D4-A415-00108302FDFD} (NOXLATE-BANR) - file://C:\Program Files\AutoCAD 2002\InstBanr.ocx
O16 - DPF: {C6637286-300D-11D4-AE0A-0010830243BD} (InstaFred) - file://C:\Program Files\AutoCAD 2002\InstFred.ocx
O16 - DPF: {DEB21AD3-FDA4-42F6-B57D-EE696A675EE8} (IPSUploader Control) - http://asp03.photoprintit.de/microsite/1661/defaults/activex/IPSUploader.cab
O16 - DPF: {E23FABEE-12E3-33DA-DA12-195DAC123984} (GameDesire Mahjong) - http://67.15.101.3/g_bin/pl/mahjong_2_0_0_18.cab
O16 - DPF: {F281A59C-7B65-11D3-8617-0010830243BD} (AcPreview Control) - file://C:\Program Files\AutoCAD 2002\AcPreview.ocx
O16 - DPF: {FDDBE2B8-6602-4AD8-946D-94C5A32FA6C1} (GameDesire Pool 8) - http://67.15.101.3/g_bin/pl/billard8_2_0_0_21.cab
O16 - DPF: {FDDBE2B8-6602-4AD8-946D-94C5A32FA6C5} (GameDesire Snooker) - http://67.15.101.3/g_bin/pl/snooker_2_0_0_21.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{EFA5B28A-26C1-42E4-A9BA-15CE710D7173}: NameServer = 163.192.111.1
O20 - Winlogon Notify: WRNotifier - C:\WINDOWS\SYSTEM32\WRLogonNTF.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVP Control Centre Service (AVPCC) - Unknown owner - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus\avpcc.exe" /Service (file missing)
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: ScsiAccess - Unknown owner - C:\WINDOWS\System32\ScsiAccess.EXE
O23 - Service: Sentinel Protection Server (SentinelProtectionServer) - SafeNet, Inc - C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe (file missing)
O23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
Złączono Posta : 30.07.2006 (Nie) 9:14
Ja np. włączam HJT - skanuję, kasuję ten wpis z tym service.exe i potem wyłączam HJT, właczam ponownie, skanuję a ten wpis nadal jest
Daj log z Gmer’a, ściągnij>>>uruchom>>>przejdź do zakładki “rootkit”>>>wybierz “szukaj”>>>czekaż cierpliwie aż program zakończy prace>>>klikasz “kopiuj”>>>ctrl + v i wklej do posta.
I wklej loga z silent runners.
GMER 1.0.10.10122 - http://www.gmer.net
Rootkit 2006-07-30 18:48:51
Windows 5.1.2600 Dodatek Service Pack 2
---- System - GMER 1.0.10 ----
SSDT 823D19B8 ZwAllocateVirtualMemory
SSDT d347bus.sys ZwClose
SSDT 823AC1E8 ZwCreateKey
SSDT d347bus.sys ZwCreatePagingFile
SSDT 8237DE18 ZwCreateProcess
SSDT 823AD438 ZwCreateProcessEx
SSDT 823D5020 ZwCreateThread
SSDT 8231CAE8 ZwDeleteKey
SSDT 823D1758 ZwDeleteValueKey
SSDT d347bus.sys ZwEnumerateKey
SSDT d347bus.sys ZwEnumerateValueKey
SSDT d347bus.sys ZwOpenKey
SSDT d347bus.sys ZwQueryKey
SSDT d347bus.sys ZwQueryValueKey
SSDT 82351C70 ZwQueueApcThread
SSDT 823D4238 ZwReadVirtualMemory
SSDT 823515E0 ZwRenameKey
SSDT 823E6688 ZwSetContextThread
SSDT 823AC620 ZwSetInformationKey
SSDT 823DAD90 ZwSetInformationProcess
SSDT 822F7ED8 ZwSetInformationThread
SSDT d347bus.sys ZwSetSystemPowerState
SSDT 822F73A0 ZwSetValueKey
SSDT 822F7C18 ZwSuspendProcess
SSDT 82351F30 ZwSuspendThread
SSDT 822F7D08 ZwTerminateProcess
SSDT 8231C198 ZwTerminateThread
SSDT 823D2948 ZwWriteVirtualMemory
---- Devices - GMER 1.0.10 ----
Device \Driver\Tcpip \Device\Ip IRP_MJ_CREATE 81F04E90
Device \Driver\Tcpip \Device\Ip IRP_MJ_CREATE_NAMED_PIPE 81E1D140
Device \Driver\Tcpip \Device\Ip IRP_MJ_CLOSEIRP_MJ_READ 81E1C140
Device \Driver\Tcpip \Device\Ip IRP_MJ_WRITE 81E1B140
Device \Driver\Tcpip \Device\Ip IRP_MJ_QUERY_INFORMATION 81E1A140
Device \Driver\Tcpip \Device\Ip IRP_MJ_SET_INFORMATION 81E19140
Device \Driver\Tcpip \Device\Ip IRP_MJ_QUERY_EA 81E18140
Device \Driver\Tcpip \Device\Ip IRP_MJ_SET_EA 81E17140
Device \Driver\Tcpip \Device\Ip IRP_MJ_FLUSH_BUFFERS 81F04FA8
Device \Driver\Tcpip \Device\Ip IRP_MJ_QUERY_VOLUME_INFORMATION 81F067E0
Device \Driver\Tcpip \Device\Ip IRP_MJ_SET_VOLUME_INFORMATION 81F06680
Device \Driver\Tcpip \Device\Ip IRP_MJ_DIRECTORY_CONTROL 81F061A0
Device \Driver\Tcpip \Device\Ip IRP_MJ_FILE_SYSTEM_CONTROL 81F05690
Device \Driver\Tcpip \Device\Ip IRP_MJ_DEVICE_CONTROL 81F06FA8
Device \Driver\Tcpip \Device\Ip IRP_MJ_INTERNAL_DEVICE_CONTROL 81F06E98
Device \Driver\Tcpip \Device\Ip IRP_MJ_SHUTDOWN 81F0BFA8
Device \Driver\Tcpip \Device\Ip IRP_MJ_LOCK_CONTROL 81F0BEE0
Device \Driver\Tcpip \Device\Ip IRP_MJ_CLEANUP 81F0BE18
Device \Driver\Tcpip \Device\Ip IRP_MJ_CREATE_MAILSLOT 81F0BD00
Device \Driver\Tcpip \Device\Ip IRP_MJ_QUERY_SECURITY 81F0BB68
Device \Driver\Tcpip \Device\Ip IRP_MJ_SET_SECURITY 81F0B9E8
Device \Driver\Tcpip \Device\Ip IRP_MJ_POWER 81F0E460
Device \Driver\Tcpip \Device\Ip IRP_MJ_SYSTEM_CONTROL 81F0E350
Device \Driver\Tcpip \Device\Ip IRP_MJ_DEVICE_CHANGE 81F0E280
Device \Driver\Tcpip \Device\Ip IRP_MJ_QUERY_QUOTA 81F0E130
Device \Driver\Tcpip \Device\Ip IRP_MJ_SET_QUOTA 81F0DFA8
Device \Driver\Tcpip \Device\Ip IRP_MJ_PNP 81F0EEE0
Device \Driver\Tcpip \Device\Ip IRP_MJ_PNP_POWER 81F0EC00
Device \Driver\Tcpip \Device\Tcp IRP_MJ_CREATE 81F04E90
Device \Driver\Tcpip \Device\Tcp IRP_MJ_CREATE_NAMED_PIPE 81E1D140
Device \Driver\Tcpip \Device\Tcp IRP_MJ_CLOSEIRP_MJ_READ 81E1C140
Device \Driver\Tcpip \Device\Tcp IRP_MJ_WRITE 81E1B140
Device \Driver\Tcpip \Device\Tcp IRP_MJ_QUERY_INFORMATION 81E1A140
Device \Driver\Tcpip \Device\Tcp IRP_MJ_SET_INFORMATION 81E19140
Device \Driver\Tcpip \Device\Tcp IRP_MJ_QUERY_EA 81E18140
Device \Driver\Tcpip \Device\Tcp IRP_MJ_SET_EA 81E17140
Device \Driver\Tcpip \Device\Tcp IRP_MJ_FLUSH_BUFFERS 81F04FA8
Device \Driver\Tcpip \Device\Tcp IRP_MJ_QUERY_VOLUME_INFORMATION 81F067E0
Device \Driver\Tcpip \Device\Tcp IRP_MJ_SET_VOLUME_INFORMATION 81F06680
Device \Driver\Tcpip \Device\Tcp IRP_MJ_DIRECTORY_CONTROL 81F061A0
Device \Driver\Tcpip \Device\Tcp IRP_MJ_FILE_SYSTEM_CONTROL 81F05690
Device \Driver\Tcpip \Device\Tcp IRP_MJ_DEVICE_CONTROL 81F06FA8
Device \Driver\Tcpip \Device\Tcp IRP_MJ_INTERNAL_DEVICE_CONTROL 81F06E98
Device \Driver\Tcpip \Device\Tcp IRP_MJ_SHUTDOWN 81F0BFA8
Device \Driver\Tcpip \Device\Tcp IRP_MJ_LOCK_CONTROL 81F0BEE0
Device \Driver\Tcpip \Device\Tcp IRP_MJ_CLEANUP 81F0BE18
Device \Driver\Tcpip \Device\Tcp IRP_MJ_CREATE_MAILSLOT 81F0BD00
Device \Driver\Tcpip \Device\Tcp IRP_MJ_QUERY_SECURITY 81F0BB68
Device \Driver\Tcpip \Device\Tcp IRP_MJ_SET_SECURITY 81F0B9E8
Device \Driver\Tcpip \Device\Tcp IRP_MJ_POWER 81F0E460
Device \Driver\Tcpip \Device\Tcp IRP_MJ_SYSTEM_CONTROL 81F0E350
Device \Driver\Tcpip \Device\Tcp IRP_MJ_DEVICE_CHANGE 81F0E280
Device \Driver\Tcpip \Device\Tcp IRP_MJ_QUERY_QUOTA 81F0E130
Device \Driver\Tcpip \Device\Tcp IRP_MJ_SET_QUOTA 81F0DFA8
Device \Driver\Tcpip \Device\Tcp IRP_MJ_PNP 81F0EEE0
Device \Driver\Tcpip \Device\Tcp IRP_MJ_PNP_POWER 81F0EC00
Device \Driver\prodrv06 \Device\ProDrv06 IRP_MJ_CREATE E1A03C30
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_CREATE 81F1A810
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_CREATE_NAMED_PIPE 81F1A810
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_CLOSEIRP_MJ_READ 81F1A810
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_WRITE 81F1A810
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_QUERY_INFORMATION 81F1A810
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_SET_INFORMATION 81F1A810
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_QUERY_EA 81F1A810
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_SET_EA 81F1A810
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_FLUSH_BUFFERS 81F1A810
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_QUERY_VOLUME_INFORMATION 81F1A810
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_SET_VOLUME_INFORMATION 81F1A810
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_DIRECTORY_CONTROL 81F1A810
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_FILE_SYSTEM_CONTROL 81F1A810
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_DEVICE_CONTROL 81F1A810
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_INTERNAL_DEVICE_CONTROL 81F1A810
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_SHUTDOWN 81F1A810
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_LOCK_CONTROL 81F1A810
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_CLEANUP 81F1A810
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_CREATE_MAILSLOT 81F1A810
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_QUERY_SECURITY 81F1A810
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_SET_SECURITY 81F1A810
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_POWER 81F1A810
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_SYSTEM_CONTROL 81F1A810
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_DEVICE_CHANGE 81F1A810
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_QUERY_QUOTA 81F1A810
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_SET_QUOTA 81F1A810
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_PNP 81F1A810
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_PNP_POWER 81F1A810
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_CREATE 81F1A810
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_CREATE_NAMED_PIPE 81F1A810
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_CLOSEIRP_MJ_READ 81F1A810
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_WRITE 81F1A810
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_QUERY_INFORMATION 81F1A810
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_SET_INFORMATION 81F1A810
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_QUERY_EA 81F1A810
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_SET_EA 81F1A810
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_FLUSH_BUFFERS 81F1A810
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_QUERY_VOLUME_INFORMATION 81F1A810
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_SET_VOLUME_INFORMATION 81F1A810
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_DIRECTORY_CONTROL 81F1A810
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_FILE_SYSTEM_CONTROL 81F1A810
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_DEVICE_CONTROL 81F1A810
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_INTERNAL_DEVICE_CONTROL 81F1A810
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_SHUTDOWN 81F1A810
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_LOCK_CONTROL 81F1A810
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_CLEANUP 81F1A810
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_CREATE_MAILSLOT 81F1A810
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_QUERY_SECURITY 81F1A810
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_SET_SECURITY 81F1A810
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_POWER 81F1A810
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_SYSTEM_CONTROL 81F1A810
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_DEVICE_CHANGE 81F1A810
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_QUERY_QUOTA 81F1A810
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_SET_QUOTA 81F1A810
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_PNP 81F1A810
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_PNP_POWER 81F1A810
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_CREATE 81F1A810
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_CREATE_NAMED_PIPE 81F1A810
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_CLOSEIRP_MJ_READ 81F1A810
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_WRITE 81F1A810
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_QUERY_INFORMATION 81F1A810
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_SET_INFORMATION 81F1A810
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_QUERY_EA 81F1A810
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_SET_EA 81F1A810
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_FLUSH_BUFFERS 81F1A810
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_QUERY_VOLUME_INFORMATION 81F1A810
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_SET_VOLUME_INFORMATION 81F1A810
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_DIRECTORY_CONTROL 81F1A810
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_FILE_SYSTEM_CONTROL 81F1A810
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_DEVICE_CONTROL 81F1A810
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_INTERNAL_DEVICE_CONTROL 81F1A810
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_SHUTDOWN 81F1A810
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_LOCK_CONTROL 81F1A810
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_CLEANUP 81F1A810
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_CREATE_MAILSLOT 81F1A810
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_QUERY_SECURITY 81F1A810
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_SET_SECURITY 81F1A810
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_POWER 81F1A810
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_SYSTEM_CONTROL 81F1A810
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_DEVICE_CHANGE 81F1A810
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_QUERY_QUOTA 81F1A810
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_SET_QUOTA 81F1A810
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_PNP 81F1A810
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_PNP_POWER 81F1A810
Device \Driver\prohlp02 \Device\ProHlp02 IRP_MJ_CREATE E150C210
Device \Driver\nvatabus \Device\00000078 IRP_MJ_CREATE 81F1B440
Device \Driver\nvatabus \Device\00000078 IRP_MJ_CREATE_NAMED_PIPE 81F1B440
Device \Driver\nvatabus \Device\00000078 IRP_MJ_CLOSEIRP_MJ_READ 81F1B440
Device \Driver\nvatabus \Device\00000078 IRP_MJ_WRITE 81F1B440
Device \Driver\nvatabus \Device\00000078 IRP_MJ_QUERY_INFORMATION 81F1B440
Device \Driver\nvatabus \Device\00000078 IRP_MJ_SET_INFORMATION 81F1B440
Device \Driver\nvatabus \Device\00000078 IRP_MJ_QUERY_EA 81F1B440
Device \Driver\nvatabus \Device\00000078 IRP_MJ_SET_EA 81F1B440
Device \Driver\nvatabus \Device\00000078 IRP_MJ_FLUSH_BUFFERS 81F1B440
Device \Driver\nvatabus \Device\00000078 IRP_MJ_QUERY_VOLUME_INFORMATION 81F1B440
Device \Driver\nvatabus \Device\00000078 IRP_MJ_SET_VOLUME_INFORMATION 81F1B440
Device \Driver\nvatabus \Device\00000078 IRP_MJ_DIRECTORY_CONTROL 81F1B440
Device \Driver\nvatabus \Device\00000078 IRP_MJ_FILE_SYSTEM_CONTROL 81F1B440
Device \Driver\nvatabus \Device\00000078 IRP_MJ_DEVICE_CONTROL 81F1B440
Device \Driver\nvatabus \Device\00000078 IRP_MJ_INTERNAL_DEVICE_CONTROL 81F1B440
Device \Driver\nvatabus \Device\00000078 IRP_MJ_SHUTDOWN 81F1B440
Device \Driver\nvatabus \Device\00000078 IRP_MJ_LOCK_CONTROL 81F1B440
Device \Driver\nvatabus \Device\00000078 IRP_MJ_CLEANUP 81F1B440
Device \Driver\nvatabus \Device\00000078 IRP_MJ_CREATE_MAILSLOT 81F1B440
Device \Driver\nvatabus \Device\00000078 IRP_MJ_QUERY_SECURITY 81F1B440
Device \Driver\nvatabus \Device\00000078 IRP_MJ_SET_SECURITY 81F1B440
Device \Driver\nvatabus \Device\00000078 IRP_MJ_POWER 81F1B440
Device \Driver\nvatabus \Device\00000078 IRP_MJ_SYSTEM_CONTROL 81F1B440
Device \Driver\nvatabus \Device\00000078 IRP_MJ_DEVICE_CHANGE 81F1B440
Device \Driver\nvatabus \Device\00000078 IRP_MJ_QUERY_QUOTA 81F1B440
Device \Driver\nvatabus \Device\00000078 IRP_MJ_SET_QUOTA 81F1B440
Device \Driver\nvatabus \Device\00000078 IRP_MJ_PNP 81F1B440
Device \Driver\nvatabus \Device\00000078 IRP_MJ_PNP_POWER 81F1B440
Device \Driver\nvatabus \Device\00000079 IRP_MJ_CREATE 81F1B440
Device \Driver\nvatabus \Device\00000079 IRP_MJ_CREATE_NAMED_PIPE 81F1B440
Device \Driver\nvatabus \Device\00000079 IRP_MJ_CLOSEIRP_MJ_READ 81F1B440
Device \Driver\nvatabus \Device\00000079 IRP_MJ_WRITE 81F1B440
Device \Driver\nvatabus \Device\00000079 IRP_MJ_QUERY_INFORMATION 81F1B440
Device \Driver\nvatabus \Device\00000079 IRP_MJ_SET_INFORMATION 81F1B440
Device \Driver\nvatabus \Device\00000079 IRP_MJ_QUERY_EA 81F1B440
Device \Driver\nvatabus \Device\00000079 IRP_MJ_SET_EA 81F1B440
Device \Driver\nvatabus \Device\00000079 IRP_MJ_FLUSH_BUFFERS 81F1B440
Device \Driver\nvatabus \Device\00000079 IRP_MJ_QUERY_VOLUME_INFORMATION 81F1B440
Device \Driver\nvatabus \Device\00000079 IRP_MJ_SET_VOLUME_INFORMATION 81F1B440
Device \Driver\nvatabus \Device\00000079 IRP_MJ_DIRECTORY_CONTROL 81F1B440
Device \Driver\nvatabus \Device\00000079 IRP_MJ_FILE_SYSTEM_CONTROL 81F1B440
Device \Driver\nvatabus \Device\00000079 IRP_MJ_DEVICE_CONTROL 81F1B440
Device \Driver\nvatabus \Device\00000079 IRP_MJ_INTERNAL_DEVICE_CONTROL 81F1B440
Device \Driver\nvatabus \Device\00000079 IRP_MJ_SHUTDOWN 81F1B440
Device \Driver\nvatabus \Device\00000079 IRP_MJ_LOCK_CONTROL 81F1B440
Device \Driver\nvatabus \Device\00000079 IRP_MJ_CLEANUP 81F1B440
Device \Driver\nvatabus \Device\00000079 IRP_MJ_CREATE_MAILSLOT 81F1B440
Device \Driver\nvatabus \Device\00000079 IRP_MJ_QUERY_SECURITY 81F1B440
Device \Driver\nvatabus \Device\00000079 IRP_MJ_SET_SECURITY 81F1B440
Device \Driver\nvatabus \Device\00000079 IRP_MJ_POWER 81F1B440
Device \Driver\nvatabus \Device\00000079 IRP_MJ_SYSTEM_CONTROL 81F1B440
Device \Driver\nvatabus \Device\00000079 IRP_MJ_DEVICE_CHANGE 81F1B440
Device \Driver\nvatabus \Device\00000079 IRP_MJ_QUERY_QUOTA 81F1B440
Device \Driver\nvatabus \Device\00000079 IRP_MJ_SET_QUOTA 81F1B440
Device \Driver\nvatabus \Device\00000079 IRP_MJ_PNP 81F1B440
Device \Driver\nvatabus \Device\00000079 IRP_MJ_PNP_POWER 81F1B440
Device \Driver\Tcpip \Device\Udp IRP_MJ_CREATE 81F04E90
Device \Driver\Tcpip \Device\Udp IRP_MJ_CREATE_NAMED_PIPE 81E1D140
Device \Driver\Tcpip \Device\Udp IRP_MJ_CLOSEIRP_MJ_READ 81E1C140
Device \Driver\Tcpip \Device\Udp IRP_MJ_WRITE 81E1B140
Device \Driver\Tcpip \Device\Udp IRP_MJ_QUERY_INFORMATION 81E1A140
Device \Driver\Tcpip \Device\Udp IRP_MJ_SET_INFORMATION 81E19140
Device \Driver\Tcpip \Device\Udp IRP_MJ_QUERY_EA 81E18140
Device \Driver\Tcpip \Device\Udp IRP_MJ_SET_EA 81E17140
Device \Driver\Tcpip \Device\Udp IRP_MJ_FLUSH_BUFFERS 81F04FA8
Device \Driver\Tcpip \Device\Udp IRP_MJ_QUERY_VOLUME_INFORMATION 81F067E0
Device \Driver\Tcpip \Device\Udp IRP_MJ_SET_VOLUME_INFORMATION 81F06680
Device \Driver\Tcpip \Device\Udp IRP_MJ_DIRECTORY_CONTROL 81F061A0
Device \Driver\Tcpip \Device\Udp IRP_MJ_FILE_SYSTEM_CONTROL 81F05690
Device \Driver\Tcpip \Device\Udp IRP_MJ_DEVICE_CONTROL 81F06FA8
Device \Driver\Tcpip \Device\Udp IRP_MJ_INTERNAL_DEVICE_CONTROL 81F06E98
Device \Driver\Tcpip \Device\Udp IRP_MJ_SHUTDOWN 81F0BFA8
Device \Driver\Tcpip \Device\Udp IRP_MJ_LOCK_CONTROL 81F0BEE0
Device \Driver\Tcpip \Device\Udp IRP_MJ_CLEANUP 81F0BE18
Device \Driver\Tcpip \Device\Udp IRP_MJ_CREATE_MAILSLOT 81F0BD00
Device \Driver\Tcpip \Device\Udp IRP_MJ_QUERY_SECURITY 81F0BB68
Device \Driver\Tcpip \Device\Udp IRP_MJ_SET_SECURITY 81F0B9E8
Device \Driver\Tcpip \Device\Udp IRP_MJ_POWER 81F0E460
Device \Driver\Tcpip \Device\Udp IRP_MJ_SYSTEM_CONTROL 81F0E350
Device \Driver\Tcpip \Device\Udp IRP_MJ_DEVICE_CHANGE 81F0E280
Device \Driver\Tcpip \Device\Udp IRP_MJ_QUERY_QUOTA 81F0E130
Device \Driver\Tcpip \Device\Udp IRP_MJ_SET_QUOTA 81F0DFA8
Device \Driver\Tcpip \Device\Udp IRP_MJ_PNP 81F0EEE0
Device \Driver\Tcpip \Device\Udp IRP_MJ_PNP_POWER 81F0EC00
Device \Driver\Tcpip \Device\RawIp IRP_MJ_CREATE 81F04E90
Device \Driver\Tcpip \Device\RawIp IRP_MJ_CREATE_NAMED_PIPE 81E1D140
Device \Driver\Tcpip \Device\RawIp IRP_MJ_CLOSEIRP_MJ_READ 81E1C140
Device \Driver\Tcpip \Device\RawIp IRP_MJ_WRITE 81E1B140
Device \Driver\Tcpip \Device\RawIp IRP_MJ_QUERY_INFORMATION 81E1A140
Device \Driver\Tcpip \Device\RawIp IRP_MJ_SET_INFORMATION 81E19140
Device \Driver\Tcpip \Device\RawIp IRP_MJ_QUERY_EA 81E18140
Device \Driver\Tcpip \Device\RawIp IRP_MJ_SET_EA 81E17140
Device \Driver\Tcpip \Device\RawIp IRP_MJ_FLUSH_BUFFERS 81F04FA8
Device \Driver\Tcpip \Device\RawIp IRP_MJ_QUERY_VOLUME_INFORMATION 81F067E0
Device \Driver\Tcpip \Device\RawIp IRP_MJ_SET_VOLUME_INFORMATION 81F06680
Device \Driver\Tcpip \Device\RawIp IRP_MJ_DIRECTORY_CONTROL 81F061A0
Device \Driver\Tcpip \Device\RawIp IRP_MJ_FILE_SYSTEM_CONTROL 81F05690
Device \Driver\Tcpip \Device\RawIp IRP_MJ_DEVICE_CONTROL 81F06FA8
Device \Driver\Tcpip \Device\RawIp IRP_MJ_INTERNAL_DEVICE_CONTROL 81F06E98
Device \Driver\Tcpip \Device\RawIp IRP_MJ_SHUTDOWN 81F0BFA8
Device \Driver\Tcpip \Device\RawIp IRP_MJ_LOCK_CONTROL 81F0BEE0
Device \Driver\Tcpip \Device\RawIp IRP_MJ_CLEANUP 81F0BE18
Device \Driver\Tcpip \Device\RawIp IRP_MJ_CREATE_MAILSLOT 81F0BD00
Device \Driver\Tcpip \Device\RawIp IRP_MJ_QUERY_SECURITY 81F0BB68
Device \Driver\Tcpip \Device\RawIp IRP_MJ_SET_SECURITY 81F0B9E8
Device \Driver\Tcpip \Device\RawIp IRP_MJ_POWER 81F0E460
Device \Driver\Tcpip \Device\RawIp IRP_MJ_SYSTEM_CONTROL 81F0E350
Device \Driver\Tcpip \Device\RawIp IRP_MJ_DEVICE_CHANGE 81F0E280
Device \Driver\Tcpip \Device\RawIp IRP_MJ_QUERY_QUOTA 81F0E130
Device \Driver\Tcpip \Device\RawIp IRP_MJ_SET_QUOTA 81F0DFA8
Device \Driver\Tcpip \Device\RawIp IRP_MJ_PNP 81F0EEE0
Device \Driver\Tcpip \Device\RawIp IRP_MJ_PNP_POWER 81F0EC00
Device \Driver\nvatabus \Device\NvAta0 IRP_MJ_CREATE 81F1B440
Device \Driver\nvatabus \Device\NvAta0 IRP_MJ_CREATE_NAMED_PIPE 81F1B440
Device \Driver\nvatabus \Device\NvAta0 IRP_MJ_CLOSEIRP_MJ_READ 81F1B440
Device \Driver\nvatabus \Device\NvAta0 IRP_MJ_WRITE 81F1B440
Device \Driver\nvatabus \Device\NvAta0 IRP_MJ_QUERY_INFORMATION 81F1B440
Device \Driver\nvatabus \Device\NvAta0 IRP_MJ_SET_INFORMATION 81F1B440
Device \Driver\nvatabus \Device\NvAta0 IRP_MJ_QUERY_EA 81F1B440
Device \Driver\nvatabus \Device\NvAta0 IRP_MJ_SET_EA 81F1B440
Device \Driver\nvatabus \Device\NvAta0 IRP_MJ_FLUSH_BUFFERS 81F1B440
Device \Driver\nvatabus \Device\NvAta0 IRP_MJ_QUERY_VOLUME_INFORMATION 81F1B440
Device \Driver\nvatabus \Device\NvAta0 IRP_MJ_SET_VOLUME_INFORMATION 81F1B440
Device \Driver\nvatabus \Device\NvAta0 IRP_MJ_DIRECTORY_CONTROL 81F1B440
Device \Driver\nvatabus \Device\NvAta0 IRP_MJ_FILE_SYSTEM_CONTROL 81F1B440
Device \Driver\nvatabus \Device\NvAta0 IRP_MJ_DEVICE_CONTROL 81F1B440
Device \Driver\nvatabus \Device\NvAta0 IRP_MJ_INTERNAL_DEVICE_CONTROL 81F1B440
Device \Driver\nvatabus \Device\NvAta0 IRP_MJ_SHUTDOWN 81F1B440
Device \Driver\nvatabus \Device\NvAta0 IRP_MJ_LOCK_CONTROL 81F1B440
Device \Driver\nvatabus \Device\NvAta0 IRP_MJ_CLEANUP 81F1B440
Device \Driver\nvatabus \Device\NvAta0 IRP_MJ_CREATE_MAILSLOT 81F1B440
Device \Driver\nvatabus \Device\NvAta0 IRP_MJ_QUERY_SECURITY 81F1B440
Device \Driver\nvatabus \Device\NvAta0 IRP_MJ_SET_SECURITY 81F1B440
Device \Driver\nvatabus \Device\NvAta0 IRP_MJ_POWER 81F1B440
Device \Driver\nvatabus \Device\NvAta0 IRP_MJ_SYSTEM_CONTROL 81F1B440
Device \Driver\nvatabus \Device\NvAta0 IRP_MJ_DEVICE_CHANGE 81F1B440
Device \Driver\nvatabus \Device\NvAta0 IRP_MJ_QUERY_QUOTA 81F1B440
Device \Driver\nvatabus \Device\NvAta0 IRP_MJ_SET_QUOTA 81F1B440
Device \Driver\nvatabus \Device\NvAta0 IRP_MJ_PNP 81F1B440
Device \Driver\nvatabus \Device\NvAta0 IRP_MJ_PNP_POWER 81F1B440
Device \Driver\Tcpip \Device\IPMULTICAST IRP_MJ_CREATE 81F04E90
Device \Driver\Tcpip \Device\IPMULTICAST IRP_MJ_CREATE_NAMED_PIPE 81E1D140
Device \Driver\Tcpip \Device\IPMULTICAST IRP_MJ_CLOSEIRP_MJ_READ 81E1C140
Device \Driver\Tcpip \Device\IPMULTICAST IRP_MJ_WRITE 81E1B140
Device \Driver\Tcpip \Device\IPMULTICAST IRP_MJ_QUERY_INFORMATION 81E1A140
Device \Driver\Tcpip \Device\IPMULTICAST IRP_MJ_SET_INFORMATION 81E19140
Device \Driver\Tcpip \Device\IPMULTICAST IRP_MJ_QUERY_EA 81E18140
Device \Driver\Tcpip \Device\IPMULTICAST IRP_MJ_SET_EA 81E17140
Device \Driver\Tcpip \Device\IPMULTICAST IRP_MJ_FLUSH_BUFFERS 81F04FA8
Device \Driver\Tcpip \Device\IPMULTICAST IRP_MJ_QUERY_VOLUME_INFORMATION 81F067E0
Device \Driver\Tcpip \Device\IPMULTICAST IRP_MJ_SET_VOLUME_INFORMATION 81F06680
Device \Driver\Tcpip \Device\IPMULTICAST IRP_MJ_DIRECTORY_CONTROL 81F061A0
Device \Driver\Tcpip \Device\IPMULTICAST IRP_MJ_FILE_SYSTEM_CONTROL 81F05690
Device \Driver\Tcpip \Device\IPMULTICAST IRP_MJ_DEVICE_CONTROL 81F06FA8
Device \Driver\Tcpip \Device\IPMULTICAST IRP_MJ_INTERNAL_DEVICE_CONTROL 81F06E98
Device \Driver\Tcpip \Device\IPMULTICAST IRP_MJ_SHUTDOWN 81F0BFA8
Device \Driver\Tcpip \Device\IPMULTICAST IRP_MJ_LOCK_CONTROL 81F0BEE0
Device \Driver\Tcpip \Device\IPMULTICAST IRP_MJ_CLEANUP 81F0BE18
Device \Driver\Tcpip \Device\IPMULTICAST IRP_MJ_CREATE_MAILSLOT 81F0BD00
Device \Driver\Tcpip \Device\IPMULTICAST IRP_MJ_QUERY_SECURITY 81F0BB68
Device \Driver\Tcpip \Device\IPMULTICAST IRP_MJ_SET_SECURITY 81F0B9E8
Device \Driver\Tcpip \Device\IPMULTICAST IRP_MJ_POWER 81F0E460
Device \Driver\Tcpip \Device\IPMULTICAST IRP_MJ_SYSTEM_CONTROL 81F0E350
Device \Driver\Tcpip \Device\IPMULTICAST IRP_MJ_DEVICE_CHANGE 81F0E280
Device \Driver\Tcpip \Device\IPMULTICAST IRP_MJ_QUERY_QUOTA 81F0E130
Device \Driver\Tcpip \Device\IPMULTICAST IRP_MJ_SET_QUOTA 81F0DFA8
Device \Driver\Tcpip \Device\IPMULTICAST IRP_MJ_PNP 81F0EEE0
Device \Driver\Tcpip \Device\IPMULTICAST IRP_MJ_PNP_POWER 81F0EC00
Device \Driver\xmasscsi \Device\Scsi\xmasscsi1 IRP_MJ_CREATE 81DD5318
Device \Driver\xmasscsi \Device\Scsi\xmasscsi1 IRP_MJ_CREATE_NAMED_PIPE 81DD5318
Device \Driver\xmasscsi \Device\Scsi\xmasscsi1 IRP_MJ_CLOSEIRP_MJ_READ 81DD5318
Device \Driver\xmasscsi \Device\Scsi\xmasscsi1 IRP_MJ_WRITE 81DD5318
Device \Driver\xmasscsi \Device\Scsi\xmasscsi1 IRP_MJ_QUERY_INFORMATION 81DD5318
Device \Driver\xmasscsi \Device\Scsi\xmasscsi1 IRP_MJ_SET_INFORMATION 81DD5318
Device \Driver\xmasscsi \Device\Scsi\xmasscsi1 IRP_MJ_QUERY_EA 81DD5318
Device \Driver\xmasscsi \Device\Scsi\xmasscsi1 IRP_MJ_SET_EA 81DD5318
Device \Driver\xmasscsi \Device\Scsi\xmasscsi1 IRP_MJ_FLUSH_BUFFERS 81DD5318
Device \Driver\xmasscsi \Device\Scsi\xmasscsi1 IRP_MJ_QUERY_VOLUME_INFORMATION 81DD5318
Device \Driver\xmasscsi \Device\Scsi\xmasscsi1 IRP_MJ_SET_VOLUME_INFORMATION 81DD5318
Device \Driver\xmasscsi \Device\Scsi\xmasscsi1 IRP_MJ_DIRECTORY_CONTROL 81DD5318
Device \Driver\xmasscsi \Device\Scsi\xmasscsi1 IRP_MJ_FILE_SYSTEM_CONTROL 81DD5318
Device \Driver\xmasscsi \Device\Scsi\xmasscsi1 IRP_MJ_DEVICE_CONTROL 81DD5318
Device \Driver\xmasscsi \Device\Scsi\xmasscsi1 IRP_MJ_INTERNAL_DEVICE_CONTROL 81DD5318
Device \Driver\xmasscsi \Device\Scsi\xmasscsi1 IRP_MJ_SHUTDOWN 81DD5318
Device \Driver\xmasscsi \Device\Scsi\xmasscsi1 IRP_MJ_LOCK_CONTROL 81DD5318
Device \Driver\xmasscsi \Device\Scsi\xmasscsi1 IRP_MJ_CLEANUP 81DD5318
Device \Driver\xmasscsi \Device\Scsi\xmasscsi1 IRP_MJ_CREATE_MAILSLOT 81DD5318
Device \Driver\xmasscsi \Device\Scsi\xmasscsi1 IRP_MJ_QUERY_SECURITY 81DD5318
Device \Driver\xmasscsi \Device\Scsi\xmasscsi1 IRP_MJ_SET_SECURITY 81DD5318
Device \Driver\xmasscsi \Device\Scsi\xmasscsi1 IRP_MJ_POWER 81DD5318
Device \Driver\xmasscsi \Device\Scsi\xmasscsi1 IRP_MJ_SYSTEM_CONTROL 81DD5318
Device \Driver\xmasscsi \Device\Scsi\xmasscsi1 IRP_MJ_DEVICE_CHANGE 81DD5318
Device \Driver\xmasscsi \Device\Scsi\xmasscsi1 IRP_MJ_QUERY_QUOTA 81DD5318
Device \Driver\xmasscsi \Device\Scsi\xmasscsi1 IRP_MJ_SET_QUOTA 81DD5318
Device \Driver\xmasscsi \Device\Scsi\xmasscsi1 IRP_MJ_PNP 81DD5318
Device \Driver\xmasscsi \Device\Scsi\xmasscsi1 IRP_MJ_PNP_POWER 81DD5318
Device \Driver\xmasscsi \Device\Scsi\xmasscsi1Port2Path0Target0Lun0 IRP_MJ_CREATE 81DD5318
Device \Driver\xmasscsi \Device\Scsi\xmasscsi1Port2Path0Target0Lun0 IRP_MJ_CREATE_NAMED_PIPE 81DD5318
Device \Driver\xmasscsi \Device\Scsi\xmasscsi1Port2Path0Target0Lun0 IRP_MJ_CLOSEIRP_MJ_READ 81DD5318
Device \Driver\xmasscsi \Device\Scsi\xmasscsi1Port2Path0Target0Lun0 IRP_MJ_WRITE 81DD5318
Device \Driver\xmasscsi \Device\Scsi\xmasscsi1Port2Path0Target0Lun0 IRP_MJ_QUERY_INFORMATION 81DD5318
Device \Driver\xmasscsi \Device\Scsi\xmasscsi1Port2Path0Target0Lun0 IRP_MJ_SET_INFORMATION 81DD5318
Device \Driver\xmasscsi \Device\Scsi\xmasscsi1Port2Path0Target0Lun0 IRP_MJ_QUERY_EA 81DD5318
Device \Driver\xmasscsi \Device\Scsi\xmasscsi1Port2Path0Target0Lun0 IRP_MJ_SET_EA 81DD5318
Device \Driver\xmasscsi \Device\Scsi\xmasscsi1Port2Path0Target0Lun0 IRP_MJ_FLUSH_BUFFERS 81DD5318
Device \Driver\xmasscsi \Device\Scsi\xmasscsi1Port2Path0Target0Lun0 IRP_MJ_QUERY_VOLUME_INFORMATION 81DD5318
Device \Driver\xmasscsi \Device\Scsi\xmasscsi1Port2Path0Target0Lun0 IRP_MJ_SET_VOLUME_INFORMATION 81DD5318
Device \Driver\xmasscsi \Device\Scsi\xmasscsi1Port2Path0Target0Lun0 IRP_MJ_DIRECTORY_CONTROL 81DD5318
Device \Driver\xmasscsi \Device\Scsi\xmasscsi1Port2Path0Target0Lun0 IRP_MJ_FILE_SYSTEM_CONTROL 81DD5318
Device \Driver\xmasscsi \Device\Scsi\xmasscsi1Port2Path0Target0Lun0 IRP_MJ_DEVICE_CONTROL 81DD5318
Device \Driver\xmasscsi \Device\Scsi\xmasscsi1Port2Path0Target0Lun0 IRP_MJ_INTERNAL_DEVICE_CONTROL 81DD5318
Device \Driver\xmasscsi \Device\Scsi\xmasscsi1Port2Path0Target0Lun0 IRP_MJ_SHUTDOWN 81DD5318
Device \Driver\xmasscsi \Device\Scsi\xmasscsi1Port2Path0Target0Lun0 IRP_MJ_LOCK_CONTROL 81DD5318
Device \Driver\xmasscsi \Device\Scsi\xmasscsi1Port2Path0Target0Lun0 IRP_MJ_CLEANUP 81DD5318
Device \Driver\xmasscsi \Device\Scsi\xmasscsi1Port2Path0Target0Lun0 IRP_MJ_CREATE_MAILSLOT 81DD5318
Device \Driver\xmasscsi \Device\Scsi\xmasscsi1Port2Path0Target0Lun0 IRP_MJ_QUERY_SECURITY 81DD5318
Device \Driver\xmasscsi \Device\Scsi\xmasscsi1Port2Path0Target0Lun0 IRP_MJ_SET_SECURITY 81DD5318
Device \Driver\xmasscsi \Device\Scsi\xmasscsi1Port2Path0Target0Lun0 IRP_MJ_POWER 81DD5318
Device \Driver\xmasscsi \Device\Scsi\xmasscsi1Port2Path0Target0Lun0 IRP_MJ_SYSTEM_CONTROL 81DD5318
Device \Driver\xmasscsi \Device\Scsi\xmasscsi1Port2Path0Target0Lun0 IRP_MJ_DEVICE_CHANGE 81DD5318
Device \Driver\xmasscsi \Device\Scsi\xmasscsi1Port2Path0Target0Lun0 IRP_MJ_QUERY_QUOTA 81DD5318
Device \Driver\xmasscsi \Device\Scsi\xmasscsi1Port2Path0Target0Lun0 IRP_MJ_SET_QUOTA 81DD5318
Device \Driver\xmasscsi \Device\Scsi\xmasscsi1Port2Path0Target0Lun0 IRP_MJ_PNP 81DD5318
Device \Driver\xmasscsi \Device\Scsi\xmasscsi1Port2Path0Target0Lun0 IRP_MJ_PNP_POWER 81DD5318
Device \Driver\d347prt \Device\Scsi\d347prt1Port1Path0Target0Lun0 IRP_MJ_CREATE 81EA24A8
Device \Driver\d347prt \Device\Scsi\d347prt1Port1Path0Target0Lun0 IRP_MJ_CREATE_NAMED_PIPE 81EA24A8
Device \Driver\d347prt \Device\Scsi\d347prt1Port1Path0Target0Lun0 IRP_MJ_CLOSEIRP_MJ_READ 81EA24A8
Device \Driver\d347prt \Device\Scsi\d347prt1Port1Path0Target0Lun0 IRP_MJ_WRITE 81EA24A8
Device \Driver\d347prt \Device\Scsi\d347prt1Port1Path0Target0Lun0 IRP_MJ_QUERY_INFORMATION 81EA24A8
Device \Driver\d347prt \Device\Scsi\d347prt1Port1Path0Target0Lun0 IRP_MJ_SET_INFORMATION 81EA24A8
Device \Driver\d347prt \Device\Scsi\d347prt1Port1Path0Target0Lun0 IRP_MJ_QUERY_EA 81EA24A8
Device \Driver\d347prt \Device\Scsi\d347prt1Port1Path0Target0Lun0 IRP_MJ_SET_EA 81EA24A8
Device \Driver\d347prt \Device\Scsi\d347prt1Port1Path0Target0Lun0 IRP_MJ_FLUSH_BUFFERS 81EA24A8
Device \Driver\d347prt \Device\Scsi\d347prt1Port1Path0Target0Lun0 IRP_MJ_QUERY_VOLUME_INFORMATION 81EA24A8
Device \Driver\d347prt \Device\Scsi\d347prt1Port1Path0Target0Lun0 IRP_MJ_SET_VOLUME_INFORMATION 81EA24A8
Device \Driver\d347prt \Device\Scsi\d347prt1Port1Path0Target0Lun0 IRP_MJ_DIRECTORY_CONTROL 81EA24A8
Device \Driver\d347prt \Device\Scsi\d347prt1Port1Path0Target0Lun0 IRP_MJ_FILE_SYSTEM_CONTROL 81EA24A8
Device \Driver\d347prt \Device\Scsi\d347prt1Port1Path0Target0Lun0 IRP_MJ_DEVICE_CONTROL 81EA24A8
Device \Driver\d347prt \Device\Scsi\d347prt1Port1Path0Target0Lun0 IRP_MJ_INTERNAL_DEVICE_CONTROL 81EA24A8
Device \Driver\d347prt \Device\Scsi\d347prt1Port1Path0Target0Lun0 IRP_MJ_SHUTDOWN 81EA24A8
Device \Driver\d347prt \Device\Scsi\d347prt1Port1Path0Target0Lun0 IRP_MJ_LOCK_CONTROL 81EA24A8
Device \Driver\d347prt \Device\Scsi\d347prt1Port1Path0Target0Lun0 IRP_MJ_CLEANUP 81EA24A8
Device \Driver\d347prt \Device\Scsi\d347prt1Port1Path0Target0Lun0 IRP_MJ_CREATE_MAILSLOT 81EA24A8
Device \Driver\d347prt \Device\Scsi\d347prt1Port1Path0Target0Lun0 IRP_MJ_QUERY_SECURITY 81EA24A8
Device \Driver\d347prt \Device\Scsi\d347prt1Port1Path0Target0Lun0 IRP_MJ_SET_SECURITY 81EA24A8
Device \Driver\d347prt \Device\Scsi\d347prt1Port1Path0Target0Lun0 IRP_MJ_POWER 81EA24A8
Device \Driver\d347prt \Device\Scsi\d347prt1Port1Path0Target0Lun0 IRP_MJ_SYSTEM_CONTROL 81EA24A8
Device \Driver\d347prt \Device\Scsi\d347prt1Port1Path0Target0Lun0 IRP_MJ_DEVICE_CHANGE 81EA24A8
Device \Driver\d347prt \Device\Scsi\d347prt1Port1Path0Target0Lun0 IRP_MJ_QUERY_QUOTA 81EA24A8
Device \Driver\d347prt \Device\Scsi\d347prt1Port1Path0Target0Lun0 IRP_MJ_SET_QUOTA 81EA24A8
Device \Driver\d347prt \Device\Scsi\d347prt1Port1Path0Target0Lun0 IRP_MJ_PNP 81EA24A8
Device \Driver\d347prt \Device\Scsi\d347prt1Port1Path0Target0Lun0 IRP_MJ_PNP_POWER 81EA24A8
Device \Driver\d347prt \Device\Scsi\d347prt1 IRP_MJ_CREATE 81EA24A8
Device \Driver\d347prt \Device\Scsi\d347prt1 IRP_MJ_CREATE_NAMED_PIPE 81EA24A8
Device \Driver\d347prt \Device\Scsi\d347prt1 IRP_MJ_CLOSEIRP_MJ_READ 81EA24A8
Device \Driver\d347prt \Device\Scsi\d347prt1 IRP_MJ_WRITE 81EA24A8
Device \Driver\d347prt \Device\Scsi\d347prt1 IRP_MJ_QUERY_INFORMATION 81EA24A8
Device \Driver\d347prt \Device\Scsi\d347prt1 IRP_MJ_SET_INFORMATION 81EA24A8
Device \Driver\d347prt \Device\Scsi\d347prt1 IRP_MJ_QUERY_EA 81EA24A8
Device \Driver\d347prt \Device\Scsi\d347prt1 IRP_MJ_SET_EA 81EA24A8
Device \Driver\d347prt \Device\Scsi\d347prt1 IRP_MJ_FLUSH_BUFFERS 81EA24A8
Device \Driver\d347prt \Device\Scsi\d347prt1 IRP_MJ_QUERY_VOLUME_INFORMATION 81EA24A8
Device \Driver\d347prt \Device\Scsi\d347prt1 IRP_MJ_SET_VOLUME_INFORMATION 81EA24A8
Device \Driver\d347prt \Device\Scsi\d347prt1 IRP_MJ_DIRECTORY_CONTROL 81EA24A8
Device \Driver\d347prt \Device\Scsi\d347prt1 IRP_MJ_FILE_SYSTEM_CONTROL 81EA24A8
Device \Driver\d347prt \Device\Scsi\d347prt1 IRP_MJ_DEVICE_CONTROL 81EA24A8
Device \Driver\d347prt \Device\Scsi\d347prt1 IRP_MJ_INTERNAL_DEVICE_CONTROL 81EA24A8
Device \Driver\d347prt \Device\Scsi\d347prt1 IRP_MJ_SHUTDOWN 81EA24A8
Device \Driver\d347prt \Device\Scsi\d347prt1 IRP_MJ_LOCK_CONTROL 81EA24A8
Device \Driver\d347prt \Device\Scsi\d347prt1 IRP_MJ_CLEANUP 81EA24A8
Device \Driver\d347prt \Device\Scsi\d347prt1 IRP_MJ_CREATE_MAILSLOT 81EA24A8
Device \Driver\d347prt \Device\Scsi\d347prt1 IRP_MJ_QUERY_SECURITY 81EA24A8
Device \Driver\d347prt \Device\Scsi\d347prt1 IRP_MJ_SET_SECURITY [/code:1:c560ea
log czysty, chociaż ucięty i nie jest to wszystko o co prosiłem.
Nie wiem co ty wyprawiasz na tym kompie, ten pliczek powinien bez problemu puścić nawet w trybie normalnym. Wklej loga z silent runners.
"Silent Runners.vbs", revision 46, http://www.silentrunners.org/
Operating System: Windows XP SP2
Output limited to non-default values, except where indicated by "{++}"
Startup items buried in registry:
---------------------------------
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ {++}
"NvCplDaemon" = ""RUNDLL32.EXE" C:\WINDOWS\system32\NvCpl.dll,NvStartup" [MS]
"SpySweeper" = ""C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe" /startintray" ["Webroot Software, Inc."]
"avast!" = "C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [null data]
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}\(Default) = (no title provided)
-> {HKLM...CLSID} = "AcroIEHlprObj Class"
\InProcServer32\(Default) = "C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll" ["Adobe Systems Incorporated"]
HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\
"{88895560-9AA2-1069-930E-00AA0030EBC8}" = "Rozszerzenie ikony HyperTerminalu"
-> {HKLM...CLSID} = "HyperTerminal Icon Ext"
\InProcServer32\(Default) = "C:\WINDOWS\System32\hticons.dll" ["Hilgraeve, Inc."]
"{acb4a560-3606-11d3-aef4-00104bd0f92d}" = "KodakShellExtension"
-> {HKLM...CLSID} = "KodakShellExtension"
\InProcServer32\(Default) = "C:\Program Files\Common Files\KODAK\IFSCore\kodakshx.dll" ["Eastman Kodak Company"]
"{32020A01-506E-484D-A2A8-BE3CF17601C3}" = "AlcoholShellEx"
-> {HKLM...CLSID} = "AlcoholShellEx"
\InProcServer32\(Default) = "C:\PROGRA~1\ALCOHO~1\ALCOHO~1\AXShlEx.dll" ["Alcohol Soft Development Team"]
"{B41DB860-8EE4-11D2-9906-E49FADC173CA}" = "WinRAR shell extension"
-> {HKLM...CLSID} = "WinRAR"
\InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" [null data]
"{F0CB00CD-5A07-4D91-97F5-A8C92CDA93E4}" = "Shell Extensions for RealOne Player"
-> {HKLM...CLSID} = "RealOne Player Context Menu Class"
\InProcServer32\(Default) = "C:\Program Files\Real\RealPlayer\rpshell.dll" ["RealNetworks, Inc."]
"{640167b4-59b0-47a6-b335-a6b3c0695aea}" = "Portable Media Devices"
-> {HKLM...CLSID} = "Portable Media Devices"
\InProcServer32\(Default) = "C:\WINDOWS\system32\Audiodev.dll" [MS]
"{cc86590a-b60a-48e6-996b-41d25ed39a1e}" = "Portable Media Devices Menu"
-> {HKLM...CLSID} = "Portable Media Devices Menu"
\InProcServer32\(Default) = "C:\WINDOWS\system32\Audiodev.dll" [MS]
"{4CCEFB41-18FA-11D3-9EF3-00A0C9E897FD}" = "Skladnik rozszerzenia powloki CorelDRAW"
-> {HKLM...CLSID} = "CorelDRAW Shell Extension Component"
\InProcServer32\(Default) = "C:\Program Files\Corel\Corel Graphics 11\DRAW\CDRVIEWER\CrlShell110.dll" [null data]
"{21569614-B795-46b1-85F4-E737A8DC09AD}" = "Shell Search Band"
-> {HKLM...CLSID} = "Shell Search Band"
\InProcServer32\(Default) = "C:\WINDOWS\system32\browseui.dll" [MS]
"{416651E4-9C3C-11D9-8BDE-F66BAD1E3F3A}" = "PhoneBrowser"
-> {HKLM...CLSID} = "Nokia Phone Browser"
\InProcServer32\(Default) = "C:\Program Files\Nokia\Nokia PC Suite 6\PhoneBrowser.dll" ["Nokia"]
"{C0C4375A-5B72-4efe-929D-3B848C3A1E91}" = "Message View"
-> {HKLM...CLSID} = "Message View"
\InProcServer32\(Default) = "C:\Program Files\Nokia\Nokia PC Suite 6\MessageView.dll" ["Nokia"]
"{36A21736-36C2-4C11-8ACB-D4136F2B57BD}" = "Uchwyt nakładania ikony podpisu cyfrowego"
-> {HKLM...CLSID} = "AcSignIcon"
\InProcServer32\(Default) = "C:\WINDOWS\system32\AcSignIcon.dll" ["Autodesk"]
"{AC1DB655-4F9A-4c39-8AD2-A65324A4C446}" = "Autodesk Drawing Preview"
-> {HKLM...CLSID} = "ACTHUMBNAIL"
\InProcServer32\(Default) = "C:\Program Files\Common Files\Autodesk Shared\Thumbnail\AcThumbnail16.dll" ["Autodesk"]
"{6DEA92E9-8682-4b6a-97DE-354772FE5727}" = "Autodesk DWF Preview"
-> {HKLM...CLSID} = "ACDWFTHMBPRXY"
\InProcServer32\(Default) = "C:\Program Files\Common Files\Autodesk Shared\Thumbnail\AcDwfThmbPrxy16.dll" ["Autodesk"]
"{00020D75-0000-0000-C000-000000000046}" = "Microsoft Office Outlook Desktop Icon Handler"
-> {HKLM...CLSID} = "Microsoft Office Outlook"
\InProcServer32\(Default) = "C:\PROGRA~1\MICROS~2\OFFICE11\MLSHEXT.DLL" [MS]
"{0006F045-0000-0000-C000-000000000046}" = "Microsoft Office Outlook Custom Icon Handler"
-> {HKLM...CLSID} = "Rozszerzenie ikon plików programu Outlook"
\InProcServer32\(Default) = "C:\PROGRA~1\MICROS~2\OFFICE11\OLKFSTUB.DLL" [MS]
"{42042206-2D85-11D3-8CFF-005004838597}" = "Microsoft Office HTML Icon Handler"
-> {HKLM...CLSID} = (no title provided)
\InProcServer32\(Default) = "C:\Program Files\Microsoft Office\OFFICE11\msohev.dll" [MS]
"{D3796116-94D3-4009-96D7-51578411CC7D}" = "Outpost Shell Extension"
-> {HKLM...CLSID} = "oshdlr.ShellHandler"
\InProcServer32\(Default) = "C:\PROGRA~1\Agnitum\OUTPOS~1.0\oshdlr.dll" [file not found]
"{A70C977A-BF00-412C-90B7-034C51DA2439}" = "NvCpl DesktopContext Class"
-> {HKLM...CLSID} = "DesktopContext Class"
\InProcServer32\(Default) = "C:\WINDOWS\system32\nvcpl.dll" ["NVIDIA Corporation"]
"{FFB699E0-306A-11d3-8BD1-00104B6F7516}" = "Play on my TV helper"
-> {HKLM...CLSID} = "NVIDIA CPL Extension"
\InProcServer32\(Default) = "C:\WINDOWS\system32\nvcpl.dll" ["NVIDIA Corporation"]
"{1CDB2949-8F65-4355-8456-263E7C208A5D}" = "Desktop Explorer"
-> {HKLM...CLSID} = "Desktop Explorer"
\InProcServer32\(Default) = "C:\WINDOWS\system32\nvshell.dll" ["NVIDIA Corporation"]
"{1E9B04FB-F9E5-4718-997B-B8DA88302A47}" = "Desktop Explorer Menu"
-> {HKLM...CLSID} = (no title provided)
\InProcServer32\(Default) = "C:\WINDOWS\system32\nvshell.dll" ["NVIDIA Corporation"]
"{1E9B04FB-F9E5-4718-997B-B8DA88302A48}" = "nView Desktop Context Menu"
-> {HKLM...CLSID} = "nView Desktop Context Menu"
\InProcServer32\(Default) = "C:\WINDOWS\system32\nvshell.dll" ["NVIDIA Corporation"]
"{AC0B5D2E-B691-4E12-A4F9-CA88492579A2}" = "Zinio Shell Extension"
-> {HKLM...CLSID} = "Zinio Magazine"
\InProcServer32\(Default) = "C:\Program Files\Common Files\Zinio\ZShext.dll" ["Zinio Systems, Inc."]
"{A9AACA72-1C51-4F84-804D-90EDBA0D58F4}" = "Zinio Magazine Column Provider"
-> {HKLM...CLSID} = "MyMagazinesColumn Class"
\InProcServer32\(Default) = "C:\Program Files\Common Files\Zinio\ZShext.dll" ["Zinio Systems, Inc."]
"{7C9D5882-CB4A-4090-96C8-430BFE8B795B}" = "Webroot Spy Sweeper Context Menu Integration"
-> {HKLM...CLSID} = "Webroot Spy Sweeper Context Menu Integration"
\InProcServer32\(Default) = "C:\PROGRA~1\Webroot\SPYSWE~1\SSCtxMnu.dll" ["Webroot Software, Inc."]
"{472083B0-C522-11CF-8763-00608CC02F24}" = "avast"
-> {HKLM...CLSID} = "avast"
\InProcServer32\(Default) = "C:\Program Files\Alwil Software\Avast4\ashShell.dll" ["ALWIL Software"]
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\
INFECTION WARNING! "Userinit" = "C:\WINDOWS\SYSTEM32\Userinit.exe,,C:\WINDOWS\SERVICES.EXE" [MS], [null data]
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\
INFECTION WARNING! WRNotifier\DLLName = "WRLogonNTF.dll" ["Webroot Software, Inc."]
HKLM\Software\Classes\PROTOCOLS\Filter\
INFECTION WARNING! text/xml\CLSID = "{807553E5-5146-11D5-A672-00B0D022E945}"
-> {HKLM...CLSID} = (no title provided)
\InProcServer32\(Default) = "C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL" [MS]
HKLM\Software\Classes\Folder\shellex\ColumnHandlers\
{A9AACA72-1C51-4F84-804D-90EDBA0D58F4}\(Default) = "Zinio Magazine Column Provider"
-> {HKLM...CLSID} = "MyMagazinesColumn Class"
\InProcServer32\(Default) = "C:\Program Files\Common Files\Zinio\ZShext.dll" ["Zinio Systems, Inc."]
HKLM\Software\Classes\*\shellex\ContextMenuHandlers\
avast\(Default) = "{472083B0-C522-11CF-8763-00608CC02F24}"
-> {HKLM...CLSID} = "avast"
\InProcServer32\(Default) = "C:\Program Files\Alwil Software\Avast4\ashShell.dll" ["ALWIL Software"]
WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"
-> {HKLM...CLSID} = "WinRAR"
\InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" [null data]
HKLM\Software\Classes\Directory\shellex\ContextMenuHandlers\
WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"
-> {HKLM...CLSID} = "WinRAR"
\InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" [null data]
HKLM\Software\Classes\Folder\shellex\ContextMenuHandlers\
avast\(Default) = "{472083B0-C522-11CF-8763-00608CC02F24}"
-> {HKLM...CLSID} = "avast"
\InProcServer32\(Default) = "C:\Program Files\Alwil Software\Avast4\ashShell.dll" ["ALWIL Software"]
SpySweeper\(Default) = "{7C9D5882-CB4A-4090-96C8-430BFE8B795B}"
-> {HKLM...CLSID} = "Webroot Spy Sweeper Context Menu Integration"
\InProcServer32\(Default) = "C:\PROGRA~1\Webroot\SPYSWE~1\SSCtxMnu.dll" ["Webroot Software, Inc."]
WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"
-> {HKLM...CLSID} = "WinRAR"
\InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" [null data]
Default executables:
--------------------
HKCU\Software\Classes\.scr\(Default) = "AutoCADScriptFile"
INFECTION WARNING! HKCU\Software\Classes\AutoCADScriptFile\shell\open\command\(Default) = ""C:\WINDOWS\system32\notepad.exe" "%1"" [MS]
HKLM\Software\Classes\.scr\ = (key not found)
Active Desktop and Wallpaper:
-----------------------------
Active Desktop is disabled at this entry:
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellState
HKCU\Control Panel\Desktop\
"Wallpaper" = "C:\WINDOWS\ACD Wallpaper.bmp"
Enabled Screen Saver:
---------------------
HKCU\Control Panel\Desktop\
"SCRNSAVE.EXE" = "C:\WINDOWS\Carls.scr" [null data]
Enabled Scheduled Tasks:
------------------------
"hej" -> launches: "C:\Program Files\Alarm\Alarm.exe hej" [file not found]
Winsock2 Service Provider DLLs:
-------------------------------
Namespace Service Providers
HKLM\System\CurrentControlSet\Services\Winsock2\Parameters\NameSpace_Catalog5\Catalog_Entries\ {++}
000000000001\LibraryPath = "%SystemRoot%\System32\nwprovau.dll" [MS]
000000000002\LibraryPath = "%SystemRoot%\System32\mswsock.dll" [MS]
000000000003\LibraryPath = "%SystemRoot%\System32\winrnr.dll" [MS]
000000000004\LibraryPath = "%SystemRoot%\System32\mswsock.dll" [MS]
Transport Service Providers
HKLM\System\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\ {++}
0000000000##\PackedCatalogItem (contains) DLL [Company Name], (at) ## range:
%SystemRoot%\system32\mswsock.dll [MS], 01 - 03, 06 - 19
%SystemRoot%\system32\rsvpsp.dll [MS], 04 - 05
Toolbars, Explorer Bars, Extensions:
------------------------------------
Explorer Bars
HKCU\Software\Microsoft\Internet Explorer\Explorer Bars\
{21569614-B795-46B1-85F4-E737A8DC09AD}\(Default) = (no title provided)
-> {HKLM...CLSID} = "Shell Search Band"
\InProcServer32\(Default) = "C:\WINDOWS\system32\browseui.dll" [MS]
Dormant Explorer Bars in "View, Explorer Bar" menu
HKLM\Software\Classes\CLSID\{FF059E31-CC5A-4E2E-BF3B-96E929D65503}\(Default) = "&Badanie"
Implemented Categories\{00021493-0000-0000-C000-000000000046}\ [vertical bar]
InProcServer32\(Default) = "C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL" [MS]
Extensions (Tools menu items, main toolbar menu buttons)
HKLM\Software\Microsoft\Internet Explorer\Extensions\
{08B0E5C0-4FCB-11CF-AAA5-00401C608501}\
"MenuText" = "Sun Java Console"
"CLSIDExtension" = "{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBC}"
-> {HKLM...CLSID} = "Java Plug-in 1.5.0"
\InProcServer32\(Default) = "C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll" ["Sun Microsystems, Inc."]
{92780B25-18CC-41C8-B9BE-3C9C571A8263}\
"ButtonText" = "Badanie"
{FB5F1910-F110-11D2-BB9E-00C04F795683}\
"ButtonText" = "Messenger"
"MenuText" = "Windows Messenger"
"Exec" = "C:\Program Files\Messenger\msmsgs.exe" [MS]
Running Services (Display Name, Service Name, Path {Service DLL}):
------------------------------------------------------------------
avast! Antivirus, avast! Antivirus, ""C:\Program Files\Alwil Software\Avast4\ashServ.exe"" [null data]
avast! iAVS4 Control Service, aswUpdSv, ""C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe"" [null data]
avast! Mail Scanner, avast! Mail Scanner, ""C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service" ["ALWIL Software"]
avast! Web Scanner, avast! Web Scanner, ""C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service" ["ALWIL Software"]
Kodak Camera Connection Software, KodakCCS, "C:\WINDOWS\system32\drivers\KodakCCS.exe" ["Eastman Kodak Company"]
NVIDIA Display Driver Service, NVSvc, "C:\WINDOWS\system32\nvsvc32.exe" ["NVIDIA Corporation"]
ScsiAccess, ScsiAccess, "C:\WINDOWS\System32\ScsiAccess.EXE" [null data]
Sentinel Protection Server, SentinelProtectionServer, ""C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe"" ["SafeNet, Inc"]
Webroot Spy Sweeper Engine, WebrootSpySweeperService, ""C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe"" ["Webroot Software, Inc."]
Windows User Mode Driver Framework, UMWdf, "C:\WINDOWS\system32\wdfmgr.exe" [MS]
Print Monitors:
---------------
HKLM\System\CurrentControlSet\Control\Print\Monitors\
Microsoft Document Imaging Writer Monitor\Driver = "mdimon.dll" [MS]
----------
+ This report excludes default entries except where indicated.
+ To see *everywhere* the script checks and *everything* it finds,
launch it from a command prompt or a shortcut with the -all parameter.
+ The search for DESKTOP.INI DLL launch points on all local fixed drives
took 105 seconds.
+ The search for all Registry CLSIDs containing dormant Explorer Bars
took 35 seconds.
---------- (total run time: 180 seconds)
[/quote]
[color=darkblue][size=9][i][b]Złączono Posta[/b]: 31.07.2006 (Pon) 17:57[/i][/size][/color]
Przedtem ucięło, a teraz jak próbuję to za długi jest więc go rozbije na 2.
Oto I część:
[quote]GMER 1.0.10.10122 - http://www.gmer.net
Rootkit 2006-07-31 17:53:26
Windows 5.1.2600 Dodatek Service Pack 2
---- System - GMER 1.0.10 ----
SSDT 823E5438 ZwAllocateVirtualMemory
SSDT d347bus.sys ZwClose
SSDT 823E3C60 ZwCreateKey
SSDT d347bus.sys ZwCreatePagingFile
SSDT 823CB6D0 ZwCreateProcess
SSDT 82320150 ZwCreateProcessEx
SSDT 823E3590 ZwCreateThread
SSDT 823208C0 ZwDeleteKey
SSDT 823AE420 ZwDeleteValueKey
SSDT d347bus.sys ZwEnumerateKey
SSDT d347bus.sys ZwEnumerateValueKey
SSDT d347bus.sys ZwOpenKey
SSDT d347bus.sys ZwQueryKey
SSDT d347bus.sys ZwQueryValueKey
SSDT 823CBA48 ZwQueueApcThread
SSDT 823AD0E0 ZwReadVirtualMemory
SSDT 823CB3B8 ZwRenameKey
SSDT 823A8D70 ZwSetContextThread
SSDT 823EE020 ZwSetInformationKey
SSDT 822FDC68 ZwSetInformationProcess
SSDT 822FDD60 ZwSetInformationThread
SSDT d347bus.sys ZwSetSystemPowerState
SSDT 823CB628 ZwSetValueKey
SSDT 823A2B98 ZwSuspendProcess
SSDT 822FDB90 ZwSuspendThread
SSDT 822FDF20 ZwTerminateProcess
SSDT 822FD9B8 ZwTerminateThread
SSDT 823E4240 ZwWriteVirtualMemory
---- Devices - GMER 1.0.10 ----
Device \Driver\Tcpip \Device\Ip IRP_MJ_CREATE 81E50138
Device \Driver\Tcpip \Device\Ip IRP_MJ_CREATE_NAMED_PIPE 81E5E230
Device \Driver\Tcpip \Device\Ip IRP_MJ_CLOSEIRP_MJ_READ 81F08110
Device \Driver\Tcpip \Device\Ip IRP_MJ_WRITE 81E0D1E0
Device \Driver\Tcpip \Device\Ip IRP_MJ_QUERY_INFORMATION 81E0C1E0
Device \Driver\Tcpip \Device\Ip IRP_MJ_SET_INFORMATION 81F02158
Device \Driver\Tcpip \Device\Ip IRP_MJ_QUERY_EA 81E161E0
Device \Driver\Tcpip \Device\Ip IRP_MJ_SET_EA 81E151E0
Device \Driver\Tcpip \Device\Ip IRP_MJ_FLUSH_BUFFERS 81E141E0
Device \Driver\Tcpip \Device\Ip IRP_MJ_QUERY_VOLUME_INFORMATION 81E131E0
Device \Driver\Tcpip \Device\Ip IRP_MJ_SET_VOLUME_INFORMATION 81E121E0
Device \Driver\Tcpip \Device\Ip IRP_MJ_DIRECTORY_CONTROL 81F02450
Device \Driver\Tcpip \Device\Ip IRP_MJ_FILE_SYSTEM_CONTROL 81E1D1E0
Device \Driver\Tcpip \Device\Ip IRP_MJ_DEVICE_CONTROL 81E1C1E0
Device \Driver\Tcpip \Device\Ip IRP_MJ_INTERNAL_DEVICE_CONTROL 81E1B1E0
Device \Driver\Tcpip \Device\Ip IRP_MJ_SHUTDOWN 81E1A1E0
Device \Driver\Tcpip \Device\Ip IRP_MJ_LOCK_CONTROL 81E191E0
Device \Driver\Tcpip \Device\Ip IRP_MJ_CLEANUP 81F071F0
Device \Driver\Tcpip \Device\Ip IRP_MJ_CREATE_MAILSLOT 81F07120
Device \Driver\Tcpip \Device\Ip IRP_MJ_QUERY_SECURITY 81F02FA8
Device \Driver\Tcpip \Device\Ip IRP_MJ_SET_SECURITY 81F02ED0
Device \Driver\Tcpip \Device\Ip IRP_MJ_POWER 81F07AA8
Device \Driver\Tcpip \Device\Ip IRP_MJ_SYSTEM_CONTROL 81F077E0
Device \Driver\Tcpip \Device\Ip IRP_MJ_DEVICE_CHANGE 81F08858
Device \Driver\Tcpip \Device\Ip IRP_MJ_QUERY_QUOTA 81F086C0
Device \Driver\Tcpip \Device\Ip IRP_MJ_SET_QUOTA 81F08540
Device \Driver\Tcpip \Device\Ip IRP_MJ_PNP 81F0AFA8
Device \Driver\Tcpip \Device\Ip IRP_MJ_PNP_POWER 81F0AE98
Device \Driver\Tcpip \Device\Tcp IRP_MJ_CREATE 81E50138
Device \Driver\Tcpip \Device\Tcp IRP_MJ_CREATE_NAMED_PIPE 81E5E230
Device \Driver\Tcpip \Device\Tcp IRP_MJ_CLOSEIRP_MJ_READ 81F08110
Device \Driver\Tcpip \Device\Tcp IRP_MJ_WRITE 81E0D1E0
Device \Driver\Tcpip \Device\Tcp IRP_MJ_QUERY_INFORMATION 81E0C1E0
Device \Driver\Tcpip \Device\Tcp IRP_MJ_SET_INFORMATION 81F02158
Device \Driver\Tcpip \Device\Tcp IRP_MJ_QUERY_EA 81E161E0
Device \Driver\Tcpip \Device\Tcp IRP_MJ_SET_EA 81E151E0
Device \Driver\Tcpip \Device\Tcp IRP_MJ_FLUSH_BUFFERS 81E141E0
Device \Driver\Tcpip \Device\Tcp IRP_MJ_QUERY_VOLUME_INFORMATION 81E131E0
Device \Driver\Tcpip \Device\Tcp IRP_MJ_SET_VOLUME_INFORMATION 81E121E0
Device \Driver\Tcpip \Device\Tcp IRP_MJ_DIRECTORY_CONTROL 81F02450
Device \Driver\Tcpip \Device\Tcp IRP_MJ_FILE_SYSTEM_CONTROL 81E1D1E0
Device \Driver\Tcpip \Device\Tcp IRP_MJ_DEVICE_CONTROL 81E1C1E0
Device \Driver\Tcpip \Device\Tcp IRP_MJ_INTERNAL_DEVICE_CONTROL 81E1B1E0
Device \Driver\Tcpip \Device\Tcp IRP_MJ_SHUTDOWN 81E1A1E0
Device \Driver\Tcpip \Device\Tcp IRP_MJ_LOCK_CONTROL 81E191E0
Device \Driver\Tcpip \Device\Tcp IRP_MJ_CLEANUP 81F071F0
Device \Driver\Tcpip \Device\Tcp IRP_MJ_CREATE_MAILSLOT 81F07120
Device \Driver\Tcpip \Device\Tcp IRP_MJ_QUERY_SECURITY 81F02FA8
Device \Driver\Tcpip \Device\Tcp IRP_MJ_SET_SECURITY 81F02ED0
Device \Driver\Tcpip \Device\Tcp IRP_MJ_POWER 81F07AA8
Device \Driver\Tcpip \Device\Tcp IRP_MJ_SYSTEM_CONTROL 81F077E0
Device \Driver\Tcpip \Device\Tcp IRP_MJ_DEVICE_CHANGE 81F08858
Device \Driver\Tcpip \Device\Tcp IRP_MJ_QUERY_QUOTA 81F086C0
Device \Driver\Tcpip \Device\Tcp IRP_MJ_SET_QUOTA 81F08540
Device \Driver\Tcpip \Device\Tcp IRP_MJ_PNP 81F0AFA8
Device \Driver\Tcpip \Device\Tcp IRP_MJ_PNP_POWER 81F0AE98
Device \Driver\prodrv06 \Device\ProDrv06 IRP_MJ_CREATE E19E2448
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_CREATE 8217C008
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_CREATE_NAMED_PIPE 8217C008
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_CLOSEIRP_MJ_READ 8217C008
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_WRITE 8217C008
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_QUERY_INFORMATION 8217C008
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_SET_INFORMATION 8217C008
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_QUERY_EA 8217C008
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_SET_EA 8217C008
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_FLUSH_BUFFERS 8217C008
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_QUERY_VOLUME_INFORMATION 8217C008
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_SET_VOLUME_INFORMATION 8217C008
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_DIRECTORY_CONTROL 8217C008
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_FILE_SYSTEM_CONTROL 8217C008
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_DEVICE_CONTROL 8217C008
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_INTERNAL_DEVICE_CONTROL 8217C008
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_SHUTDOWN 8217C008
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_LOCK_CONTROL 8217C008
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_CLEANUP 8217C008
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_CREATE_MAILSLOT 8217C008
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_QUERY_SECURITY 8217C008
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_SET_SECURITY 8217C008
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_POWER 8217C008
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_SYSTEM_CONTROL 8217C008
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_DEVICE_CHANGE 8217C008
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_QUERY_QUOTA 8217C008
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_SET_QUOTA 8217C008
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_PNP 8217C008
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_PNP_POWER 8217C008
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_CREATE 8217C008
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_CREATE_NAMED_PIPE 8217C008
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_CLOSEIRP_MJ_READ 8217C008
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_WRITE 8217C008
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_QUERY_INFORMATION 8217C008
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_SET_INFORMATION 8217C008
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_QUERY_EA 8217C008
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_SET_EA 8217C008
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_FLUSH_BUFFERS 8217C008
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_QUERY_VOLUME_INFORMATION 8217C008
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_SET_VOLUME_INFORMATION 8217C008
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_DIRECTORY_CONTROL 8217C008
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_FILE_SYSTEM_CONTROL 8217C008
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_DEVICE_CONTROL 8217C008
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_INTERNAL_DEVICE_CONTROL 8217C008
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_SHUTDOWN 8217C008
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_LOCK_CONTROL 8217C008
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_CLEANUP 8217C008
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_CREATE_MAILSLOT 8217C008
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_QUERY_SECURITY 8217C008
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_SET_SECURITY 8217C008
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_POWER 8217C008
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_SYSTEM_CONTROL 8217C008
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_DEVICE_CHANGE 8217C008
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_QUERY_QUOTA 8217C008
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_SET_QUOTA 8217C008
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_PNP 8217C008
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_PNP_POWER 8217C008
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_CREATE 8217C008
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_CREATE_NAMED_PIPE 8217C008
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_CLOSEIRP_MJ_READ 8217C008
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_WRITE 8217C008
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_QUERY_INFORMATION 8217C008
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_SET_INFORMATION 8217C008
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_QUERY_EA 8217C008
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_SET_EA 8217C008
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_FLUSH_BUFFERS 8217C008
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_QUERY_VOLUME_INFORMATION 8217C008
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_SET_VOLUME_INFORMATION 8217C008
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_DIRECTORY_CONTROL 8217C008
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_FILE_SYSTEM_CONTROL 8217C008
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_DEVICE_CONTROL 8217C008
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_INTERNAL_DEVICE_CONTROL 8217C008
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_SHUTDOWN 8217C008
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_LOCK_CONTROL 8217C008
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_CLEANUP 8217C008
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_CREATE_MAILSLOT 8217C008
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_QUERY_SECURITY 8217C008
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_SET_SECURITY 8217C008
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_POWER 8217C008
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_SYSTEM_CONTROL 8217C008
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_DEVICE_CHANGE 8217C008
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_QUERY_QUOTA 8217C008
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_SET_QUOTA 8217C008
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_PNP 8217C008
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_PNP_POWER 8217C008
Device \Driver\prohlp02 \Device\ProHlp02 IRP_MJ_CREATE E100EA90
Device \Driver\nvatabus \Device\00000079 IRP_MJ_CREATE 81EA1218
Device \Driver\nvatabus \Device\00000079 IRP_MJ_CREATE_NAMED_PIPE 81EA1218
Device \Driver\nvatabus \Device\00000079 IRP_MJ_CLOSEIRP_MJ_READ 81EA1218
Device \Driver\nvatabus \Device\00000079 IRP_MJ_WRITE 81EA1218
Device \Driver\nvatabus \Device\00000079 IRP_MJ_QUERY_INFORMATION 81EA1218
Device \Driver\nvatabus \Device\00000079 IRP_MJ_SET_INFORMATION 81EA1218
Device \Driver\nvatabus \Device\00000079 IRP_MJ_QUERY_EA 81EA1218
Device \Driver\nvatabus \Device\00000079 IRP_MJ_SET_EA 81EA1218
Device \Driver\nvatabus \Device\00000079 IRP_MJ_FLUSH_BUFFERS 81EA1218
Device \Driver\nvatabus \Device\00000079 IRP_MJ_QUERY_VOLUME_INFORMATION 81EA1218
Device \Driver\nvatabus \Device\00000079 IRP_MJ_SET_VOLUME_INFORMATION 81EA1218
Device \Driver\nvatabus \Device\00000079 IRP_MJ_DIRECTORY_CONTROL 81EA1218
Device \Driver\nvatabus \Device\00000079 IRP_MJ_FILE_SYSTEM_CONTROL 81EA1218
Device \Driver\nvatabus \Device\00000079 IRP_MJ_DEVICE_CONTROL 81EA1218
Device \Driver\nvatabus \Device\00000079 IRP_MJ_INTERNAL_DEVICE_CONTROL 81EA1218
Device \Driver\nvatabus \Device\00000079 IRP_MJ_SHUTDOWN 81EA1218
Device \Driver\nvatabus \Device\00000079 IRP_MJ_LOCK_CONTROL 81EA1218
Device \Driver\nvatabus \Device\00000079 IRP_MJ_CLEANUP 81EA1218
Device \Driver\nvatabus \Device\00000079 IRP_MJ_CREATE_MAILSLOT 81EA1218
Device \Driver\nvatabus \Device\00000079 IRP_MJ_QUERY_SECURITY 81EA1218
Device \Driver\nvatabus \Device\00000079 IRP_MJ_SET_SECURITY 81EA1218
Device \Driver\nvatabus \Device\00000079 IRP_MJ_POWER 81EA1218
Device \Driver\nvatabus \Device\00000079 IRP_MJ_SYSTEM_CONTROL 81EA1218
Device \Driver\nvatabus \Device\00000079 IRP_MJ_DEVICE_CHANGE 81EA1218
Device \Driver\nvatabus \Device\00000079 IRP_MJ_QUERY_QUOTA 81EA1218
Device \Driver\nvatabus \Device\00000079 IRP_MJ_SET_QUOTA 81EA1218
Device \Driver\nvatabus \Device\00000079 IRP_MJ_PNP 81EA1218
Device \Driver\nvatabus \Device\00000079 IRP_MJ_PNP_POWER 81EA1218
Device \Driver\Tcpip \Device\Udp IRP_MJ_CREATE 81E50138
Device \Driver\Tcpip \Device\Udp IRP_MJ_CREATE_NAMED_PIPE 81E5E230
Device \Driver\Tcpip \Device\Udp IRP_MJ_CLOSEIRP_MJ_READ 81F08110
Device \Driver\Tcpip \Device\Udp IRP_MJ_WRITE 81E0D1E0
Device \Driver\Tcpip \Device\Udp IRP_MJ_QUERY_INFORMATION 81E0C1E0
Device \Driver\Tcpip \Device\Udp IRP_MJ_SET_INFORMATION 81F02158
Device \Driver\Tcpip \Device\Udp IRP_MJ_QUERY_EA 81E161E0
Device \Driver\Tcpip \Device\Udp IRP_MJ_SET_EA 81E151E0
Device \Driver\Tcpip \Device\Udp IRP_MJ_FLUSH_BUFFERS 81E141E0
Device \Driver\Tcpip \Device\Udp IRP_MJ_QUERY_VOLUME_INFORMATION 81E131E0
Device \Driver\Tcpip \Device\Udp IRP_MJ_SET_VOLUME_INFORMATION 81E121E0
Device \Driver\Tcpip \Device\Udp IRP_MJ_DIRECTORY_CONTROL 81F02450
Device \Driver\Tcpip \Device\Udp IRP_MJ_FILE_SYSTEM_CONTROL 81E1D1E0
Device \Driver\Tcpip \Device\Udp IRP_MJ_DEVICE_CONTROL 81E1C1E0
Device \Driver\Tcpip \Device\Udp IRP_MJ_INTERNAL_DEVICE_CONTROL 81E1B1E0
Device \Driver\Tcpip \Device\Udp IRP_MJ_SHUTDOWN 81E1A1E0
Device \Driver\Tcpip \Device\Udp IRP_MJ_LOCK_CONTROL 81E191E0
Device \Driver\Tcpip \Device\Udp IRP_MJ_CLEANUP 81F071F0
Device \Driver\Tcpip \Device\Udp IRP_MJ_CREATE_MAILSLOT 81F07120
Device \Driver\Tcpip \Device\Udp IRP_MJ_QUERY_SECURITY 81F02FA8
Device \Driver\Tcpip \Device\Udp IRP_MJ_SET_SECURITY 81F02ED0
Device \Driver\Tcpip \Device\Udp IRP_MJ_POWER 81F07AA8
Device \Driver\Tcpip \Device\Udp IRP_MJ_SYSTEM_CONTROL 81F077E0
Device \Driver\Tcpip \Device\Udp IRP_MJ_DEVICE_CHANGE 81F08858
Device \Driver\Tcpip \Device\Udp IRP_MJ_QUERY_QUOTA 81F086C0
Device \Driver\Tcpip \Device\Udp IRP_MJ_SET_QUOTA 81F08540
Device \Driver\Tcpip \Device\Udp IRP_MJ_PNP 81F0AFA8
Device \Driver\Tcpip \Device\Udp IRP_MJ_PNP_POWER 81F0AE98
Device \Driver\Tcpip \Device\RawIp IRP_MJ_CREATE 81E50138
Device \Driver\Tcpip \Device\RawIp IRP_MJ_CREATE_NAMED_PIPE 81E5E230
Device \Driver\Tcpip \Device\RawIp IRP_MJ_CLOSEIRP_MJ_READ 81F08110
Device \Driver\Tcpip \Device\RawIp IRP_MJ_WRITE 81E0D1E0
Device \Driver\Tcpip \Device\RawIp IRP_MJ_QUERY_INFORMATION 81E0C1E0
Device \Driver\Tcpip \Device\RawIp IRP_MJ_SET_INFORMATION 81F02158
Device \Driver\Tcpip \Device\RawIp IRP_MJ_QUERY_EA 81E161E0
Device \Driver\Tcpip \Device\RawIp IRP_MJ_SET_EA 81E151E0
Device \Driver\Tcpip \Device\RawIp IRP_MJ_FLUSH_BUFFERS 81E141E0
Device \Driver\Tcpip \Device\RawIp IRP_MJ_QUERY_VOLUME_INFORMATION 81E131E0
Device \Driver\Tcpip \Device\RawIp IRP_MJ_SET_VOLUME_INFORMATION 81E121E0
Device \Driver\Tcpip \Device\RawIp IRP_MJ_DIRECTORY_CONTROL 81F02450
Device \Driver\Tcpip \Device\RawIp IRP_MJ_FILE_SYSTEM_CONTROL 81E1D1E0
Device \Driver\Tcpip \Device\RawIp IRP_MJ_DEVICE_CONTROL 81E1C1E0
Device \Driver\Tcpip \Device\RawIp IRP_MJ_INTERNAL_DEVICE_CONTROL 81E1B1E0
Device \Driver\Tcpip \Device\RawIp IRP_MJ_SHUTDOWN 81E1A1E0
Device \Driver\Tcpip \Device\RawIp IRP_MJ_LOCK_CONTROL 81E191E0
Device \Driver\Tcpip \Device\RawIp IRP_MJ_CLEANUP 81F071F0
Device \Driver\Tcpip \Device\RawIp IRP_MJ_CREATE_MAILSLOT 81F07120
Device \Driver\Tcpip \Device\RawIp IRP_MJ_QUERY_SECURITY 81F02FA8
Device \Driver\Tcpip \Device\RawIp IRP_MJ_SET_SECURITY 81F02ED0
Device \Driver\Tcpip \Device\RawIp IRP_MJ_POWER 81F07AA8
Device \Driver\Tcpip \Device\RawIp IRP_MJ_SYSTEM_CONTROL 81F077E0
Device \Driver\Tcpip \Device\RawIp IRP_MJ_DEVICE_CHANGE 81F08858
Device \Driver\Tcpip \Device\RawIp IRP_MJ_QUERY_QUOTA 81F086C0
Device \Driver\Tcpip \Device\RawIp IRP_MJ_SET_QUOTA 81F08540
Device \Driver\Tcpip \Device\RawIp IRP_MJ_PNP 81F0AFA8
Device \Driver\Tcpip \Device\RawIp IRP_MJ_PNP_POWER 81F0AE98
Device \Driver\nvatabus \Device\NvAta0 IRP_MJ_CREATE 81EA1218
Device \Driver\nvatabus \Device\NvAta0 IRP_MJ_CREATE_NAMED_PIPE 81EA1218
Device \Driver\nvatabus \Device\NvAta0 IRP_MJ_CLOSEIRP_MJ_READ 81EA1218
Device \Driver\nvatabus \Device\NvAta0 IRP_MJ_WRITE 81EA1218
Device \Driver\nvatabus \Device\NvAta0 IRP_MJ_QUERY_INFORMATION 81EA1218
Device \Driver\nvatabus \Device\NvAta0 IRP_MJ_SET_INFORMATION 81EA1218
Device \Driver\nvatabus \Device\NvAta0 IRP_MJ_QUERY_EA 81EA1218
Device \Driver\nvatabus \Device\NvAta0 IRP_MJ_SET_EA 81EA1218
Device \Driver\nvatabus \Device\NvAta0 IRP_MJ_FLUSH_BUFFERS 81EA1218
Device \Driver\nvatabus \Device\NvAta0 IRP_MJ_QUERY_VOLUME_INFORMATION 81EA1218
Device \Driver\nvatabus \Device\NvAta0 IRP_MJ_SET_VOLUME_INFORMATION 81EA1218
Device \Driver\nvatabus \Device\NvAta0 IRP_MJ_DIRECTORY_CONTROL 81EA1218
Device \Driver\nvatabus \Device\NvAta0 IRP_MJ_FILE_SYSTEM_CONTROL 81EA1218
Device \Driver\nvatabus \Device\NvAta0 IRP_MJ_DEVICE_CONTROL 81EA1218
Device \Driver\nvatabus \Device\NvAta0 IRP_MJ_INTERNAL_DEVICE_CONTROL 81EA1218
Device \Driver\nvatabus \Device\NvAta0 IRP_MJ_SHUTDOWN 81EA1218
Device \Driver\nvatabus \Device\NvAta0 IRP_MJ_LOCK_CONTROL 81EA1218
Device \Driver\nvatabus \Device\NvAta0 IRP_MJ_CLEANUP 81EA1218
Device \Driver\nvatabus \Device\NvAta0 IRP_MJ_CREATE_MAILSLOT 81EA1218
Device \Driver\nvatabus \Device\NvAta0 IRP_MJ_QUERY_SECURITY 81EA1218
Device \Driver\nvatabus \Device\NvAta0 IRP_MJ_SET_SECURITY 81EA1218
Device \Driver\nvatabus \Device\NvAta0 IRP_MJ_POWER 81EA1218
Device \Driver\nvatabus \Device\NvAta0 IRP_MJ_SYSTEM_CONTROL 81EA1218
Device \Driver\nvatabus \Device\NvAta0 IRP_MJ_DEVICE_CHANGE 81EA1218
Device \Driver\nvatabus \Device\NvAta0 IRP_MJ_QUERY_QUOTA 81EA1218
Device \Driver\nvatabus \Device\NvAta0 IRP_MJ_SET_QUOTA 81EA1218
Device \Driver\nvatabus \Device\NvAta0 IRP_MJ_PNP 81EA1218
Device \Driver\nvatabus \Device\NvAta0 IRP_MJ_PNP_POWER 81EA1218
Device \Driver\nvatabus \Device\0000007a IRP_MJ_CREATE 81EA1218
Device \Driver\nvatabus \Device\0000007a IRP_MJ_CREATE_NAMED_PIPE 81EA1218
Device \Driver\nvatabus \Device\0000007a IRP_MJ_CLOSEIRP_MJ_READ 81EA1218
Device \Driver\nvatabus \Device\0000007a IRP_MJ_WRITE 81EA1218
Device \Driver\nvatabus \Device\0000007a IRP_MJ_QUERY_INFORMATION 81EA1218
Device \Driver\nvatabus \Device\0000007a IRP_MJ_SET_INFORMATION 81EA1218
Device \Driver\nvatabus \Device\0000007a IRP_MJ_QUERY_EA 81EA1218
Device \Driver\nvatabus \Device\0000007a IRP_MJ_SET_EA 81EA1218
Device \Driver\nvatabus \Device\0000007a IRP_MJ_FLUSH_BUFFERS 81EA1218
Device \Driver\nvatabus \Device\0000007a IRP_MJ_QUERY_VOLUME_INFORMATION 81EA1218
Device \Driver\nvatabus \Device\0000007a IRP_MJ_SET_VOLUME_INFORMATION 81EA1218
Device \Driver\nvatabus \Device\0000007a IRP_MJ_DIRECTORY_CONTROL 81EA1218