Hijackthis - zamula komputer/internet

abdull1 · 29 Styczeń 2007 16:17

W pierwszym logu wszytko było zaznaczone , oprócz pokazuj wszytko .

A w drugim usługi i pokazuj wszytko, zgodnie ze wsazówkami.

Zaraz biorę się zarobotę , jak skończe to zedytuje post.

EDIT: Jest chyba mały problem.

Zrobiłem wszytko jak pisałeś , ale po daniu uruchom , wyskoczyły komunikaty.

Pierwsze 3 że wystapił problem z kasowniem pliku , a pozniej jeszce jakieś 3 .

Narazie pisze z drugiego kompa, bo tamtem znowu sie restaruje i nie da sie go włączyć więc nie mam jak zrobic logów.

adam9870 · 29 Styczeń 2007 16:21

Czy w trybie awaryjnym również się restartuje?

Spróbuj wykonać chociaż szybki log przy ustawieniu usługi + pokazuj wszystko, ponieważ tworzenie jego zajmuje bardzo mało.

abdull1 · 29 Styczeń 2007 19:22

Nie. Ale byłem tam krótko, więc nie wiem co będzie jak posiedzę dłużej.

Bo tak jak pisałem , raz na jakiś czas to sie dzieje , tak jak teraz i nie dam rady zrobić tego loga. Jak sie włączy , to nie zdążę nawet wejść urochomić gmer’a i juz się wyłącza. Bedę próbował , od razu jak mu “przejdzie” na chwile to wrzucę te logi.

PS: A ten program do czego służy -->

http://dobreprogramy.pl/index.php?dz=2&id=1781&t=55

Usuwa te rokity czy tylko znajduje?

EDIT:

GMER 1.0.12.12011 - http://www.gmer.net Rootkit scan 2007-01-29 20:05:58 Windows 5.1.2600 Dodatek Service Pack 2 ---- Services - GMER 1.0.12 ---- Service [DISABLED] Abiosdsk Service [DISABLED] abp480n5 Service C:\WINDOWS\System32\DRIVERS\ACPI.sys [bOOT] ACPI Service [DISABLED] ACPIEC Service C:\WINDOWS\System32\Drivers\adildr.sys [AUTO] ADILOADER Service C:\WINDOWS\System32\DRIVERS\adiusbaw.sys [MANUAL] adiusbaw Service [DISABLED] adpu160m Service C:\WINDOWS\system32\drivers\aec.sys [MANUAL] aec Service C:\WINDOWS\System32\drivers\afd.sys [sYSTEM] AFD Service [DISABLED] Aha154x Service [DISABLED] aic78u2 Service [DISABLED] aic78xx Service C:\WINDOWS\System32\svchost.exe [AUTO] Alerter Service C:\WINDOWS\System32\alg.exe [MANUAL] ALG Service [DISABLED] AliIde Service C:\WINDOWS\System32\DRIVERS\amdk7.sys [sYSTEM] AmdK7 Service [DISABLED] amsint Service C:\Program Files\AntiVir PersonalEdition Classic\sched.exe [AUTO] AntiVirScheduler Service C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe [AUTO] AntiVirService Service C:\WINDOWS\system32\svchost.exe [MANUAL] AppMgmt Service [DISABLED] asc Service [DISABLED] asc3350p Service [DISABLED] asc3550 Service aswTdi Service C:\WINDOWS\System32\DRIVERS\asyncmac.sys [MANUAL] AsyncMac Service C:\WINDOWS\System32\DRIVERS\atapi.sys [bOOT] atapi Service [DISABLED] Atdisk Service C:\WINDOWS\system32\Ati2evxx.exe [AUTO] Ati HotKey Poller Service C:\WINDOWS\system32\ati2sgag.exe [AUTO] ATI Smart Service C:\WINDOWS\System32\DRIVERS\ati2mtag.sys [MANUAL] ati2mtag Service C:\WINDOWS\System32\DRIVERS\atmarpc.sys [MANUAL] Atmarpc Service C:\WINDOWS\System32\svchost.exe [AUTO] AudioSrv Service C:\WINDOWS\System32\DRIVERS\audstub.sys [MANUAL] audstub Service C:\WINDOWS\SYSTEM32\DRIVERS\avgntdd.sys [sYSTEM] avgntdd Service C:\WINDOWS\SYSTEM32\drivers\avgntmgr.sys [bOOT] avgntmgr Service BattC Service [sYSTEM] Beep Service C:\WINDOWS\System32\svchost.exe [MANUAL] BITS Service C:\WINDOWS\System32\svchost.exe [AUTO] Browser Service [DISABLED] cbidf2k Service [DISABLED] cd20xrnt Service [sYSTEM] Cdaudio Service [DISABLED] Cdfs Service C:\WINDOWS\System32\DRIVERS\cdrom.sys [sYSTEM] Cdrom Service [sYSTEM] Changer Service C:\WINDOWS\system32\cisvc.exe [AUTO] CiSvc Service C:\WINDOWS\system32\clipsrv.exe [DISABLED] ClipSrv Service [DISABLED] CmdIde Service C:\WINDOWS\system32\drivers\cmuda.sys [MANUAL] cmuda Service C:\WINDOWS\System32\dllhost.exe [MANUAL] COMSysApp Service ContentFilter Service ContentIndex Service [DISABLED] Cpqarray Service C:\WINDOWS\system32\svchost.exe [AUTO] CryptSvc Service [DISABLED] dac2w2k Service [DISABLED] dac960nt Service C:\WINDOWS\system32\svchost.exe [AUTO] DcomLaunch Service C:\WINDOWS\System32\svchost.exe [AUTO] Dhcp Service C:\WINDOWS\System32\DRIVERS\disk.sys [bOOT] Disk Service C:\WINDOWS\System32\dmadmin.exe [MANUAL] dmadmin Service C:\WINDOWS\System32\drivers\dmboot.sys [DISABLED] dmboot Service C:\WINDOWS\System32\drivers\dmio.sys [bOOT] dmio Service C:\WINDOWS\System32\drivers\dmload.sys [bOOT] dmload Service C:\WINDOWS\System32\svchost.exe [AUTO] dmserver Service C:\WINDOWS\system32\drivers\DMusic.sys [MANUAL] DMusic Service C:\WINDOWS\System32\svchost.exe [AUTO] Dnscache Service [DISABLED] dpti2o Service C:\WINDOWS\system32\drivers\drmkaud.sys [MANUAL] drmkaud Service C:\WINDOWS\system32\DRIVERS\el90xnd5.sys [MANUAL] EL90X Service C:\WINDOWS\System32\svchost.exe [AUTO] ERSvc Service C:\WINDOWS\system32\services.exe [AUTO] Eventlog Service C:\WINDOWS\System32\svchost.exe [MANUAL] EventSystem Service [DISABLED] Fastfat Service C:\WINDOWS\System32\svchost.exe [MANUAL] FastUserSwitchingCompatibility Service C:\WINDOWS\System32\DRIVERS\fdc.sys [MANUAL] Fdc Service [sYSTEM] Fips Service C:\WINDOWS\System32\DRIVERS\flpydisk.sys [MANUAL] Flpydisk Service C:\WINDOWS\system32\drivers\fltmgr.sys [bOOT] FltMgr Service [sYSTEM] Fs_Rec Service C:\WINDOWS\System32\DRIVERS\ftdisk.sys [bOOT] Ftdisk Service C:\WINDOWS\System32\DRIVERS\gameenum.sys [MANUAL] gameenum Service C:\WINDOWS\System32\DRIVERS\gmer.sys [MANUAL] gmer Service C:\WINDOWS\System32\DRIVERS\msgpc.sys [MANUAL] Gpc Service C:\WINDOWS\system32\drivers\hardlock.sys [AUTO] Hardlock Service C:\WINDOWS\system32\drivers\Haspnt.sys [AUTO] Haspnt Service C:\WINDOWS\system32\HASPSrv.exe [AUTO] HASPSrv Service C:\WINDOWS\System32\svchost.exe [AUTO] helpsvc Service C:\WINDOWS\System32\svchost.exe [DISABLED] HidServ Service [DISABLED] hpn Service C:\WINDOWS\System32\Drivers\HTTP.sys [MANUAL] HTTP Service C:\WINDOWS\System32\svchost.exe [MANUAL] HTTPFilter Service [sYSTEM] i2omgmt Service [DISABLED] i2omp Service C:\WINDOWS\System32\DRIVERS\i8042prt.sys [sYSTEM] i8042prt Service C:\WINDOWS\System32\DRIVERS\imapi.sys [sYSTEM] Imapi Service C:\WINDOWS\System32\imapi.exe [MANUAL] ImapiService Service inetaccs Service [DISABLED] ini910u Service Inport Service [DISABLED] IntelIde Service C:\WINDOWS\system32\drivers\ip6fw.sys [MANUAL] ip6fw Service C:\WINDOWS\System32\DRIVERS\ipfltdrv.sys [MANUAL] IpFilterDriver Service C:\WINDOWS\System32\DRIVERS\ipinip.sys [MANUAL] IpInIp Service C:\WINDOWS\System32\DRIVERS\ipnat.sys [MANUAL] IpNat Service C:\WINDOWS\System32\DRIVERS\ipsec.sys [sYSTEM] IPSec Service C:\WINDOWS\System32\DRIVERS\irenum.sys [MANUAL] IRENUM Service ISAPISearch Service C:\WINDOWS\System32\DRIVERS\isapnp.sys [bOOT] isapnp Service C:\WINDOWS\System32\DRIVERS\kbdclass.sys [sYSTEM] Kbdclass Service C:\WINDOWS\system32\drivers\kmixer.sys [MANUAL] kmixer Service [bOOT] KSecDD Service C:\WINDOWS\System32\svchost.exe [AUTO] lanmanserver Service C:\WINDOWS\System32\svchost.exe [AUTO] lanmanworkstation Service [sYSTEM] lbrtfdc Service ldap Service C:\WINDOWS\runservice.exe [AUTO] LicCtrlService Service LicenseService Service C:\WINDOWS\System32\svchost.exe [AUTO] LmHosts Service C:\WINDOWS\System32\svchost.exe [DISABLED] Messenger Service [sYSTEM] mnmdd Service C:\WINDOWS\System32\mnmsrvc.exe [MANUAL] mnmsrvc Service [MANUAL] Modem Service C:\WINDOWS\System32\DRIVERS\mouclass.sys [sYSTEM] Mouclass Service [bOOT] MountMgr Service [DISABLED] mraid35x Service C:\WINDOWS\System32\DRIVERS\mrxdav.sys [MANUAL] MRxDAV Service C:\WINDOWS\System32\DRIVERS\mrxsmb.sys [sYSTEM] MRxSmb Service C:\WINDOWS\System32\msdtc.exe [MANUAL] MSDTC Service [sYSTEM] Msfs Service C:\WINDOWS\System32\msiexec.exe [MANUAL] MSIServer Service C:\WINDOWS\system32\drivers\MSKSSRV.sys [MANUAL] MSKSSRV Service C:\WINDOWS\system32\drivers\MSPCLOCK.sys [MANUAL] MSPCLOCK Service C:\WINDOWS\system32\drivers\MSPQM.sys [MANUAL] MSPQM Service C:\WINDOWS\System32\DRIVERS\mssmbios.sys [MANUAL] mssmbios Service C:\Program [AUTO] MSSQL$CDN_OPTIMA Service C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe [MANUAL] MSSQLServerADHelper Service C:\WINDOWS\system32\drivers\msmpu401.sys [MANUAL] ms_mpu401 Service [bOOT] Mup Service [bOOT] NDIS Service C:\WINDOWS\System32\DRIVERS\ndistapi.sys [MANUAL] NdisTapi Service C:\WINDOWS\System32\DRIVERS\ndisuio.sys [MANUAL] Ndisuio Service C:\WINDOWS\System32\DRIVERS\ndiswan.sys [MANUAL] NdisWan Service [MANUAL] NDProxy Service C:\WINDOWS\System32\DRIVERS\netbios.sys [sYSTEM] NetBIOS Service C:\WINDOWS\System32\DRIVERS\netbt.sys [MANUAL] NetBT Service C:\WINDOWS\system32\netdde.exe [DISABLED] NetDDE Service C:\WINDOWS\system32\netdde.exe [DISABLED] NetDDEdsdm Service C:\WINDOWS\System32\lsass.exe [MANUAL] Netlogon Service C:\WINDOWS\System32\svchost.exe [MANUAL] Netman Service C:\WINDOWS\System32\svchost.exe [MANUAL] Nla Service [sYSTEM] Npfs Service [DISABLED] Ntfs Service C:\WINDOWS\System32\lsass.exe [MANUAL] NtLmSsp Service C:\WINDOWS\system32\svchost.exe [MANUAL] NtmsSvc Service [sYSTEM] Null Service C:\WINDOWS\system32\DRIVERS\nv_agp.sys [bOOT] nv_agp Service C:\WINDOWS\System32\DRIVERS\nwlnkflt.sys [MANUAL] NwlnkFlt Service C:\WINDOWS\System32\DRIVERS\nwlnkfwd.sys [MANUAL] NwlnkFwd Service C:\WINDOWS\System32\DRIVERS\parport.sys [MANUAL] Parport Service [bOOT] PartMgr Service [AUTO] ParVdm Service C:\WINDOWS\System32\DRIVERS\pci.sys [bOOT] PCI Service [sYSTEM] PCIDump Service C:\WINDOWS\System32\DRIVERS\pciide.sys [bOOT] PCIIde Service [DISABLED] Pcmcia Service [MANUAL] PDCOMP Service [MANUAL] PDFRAME Service [MANUAL] PDRELI Service [MANUAL] PDRFRAME Service [DISABLED] perc2 Service [DISABLED] perc2hib Service PerfDisk Service PerfNet Service PerfOS Service PerfProc Service C:\WINDOWS\system32\services.exe [AUTO] PlugPlay Service C:\WINDOWS\System32\lsass.exe [AUTO] PolicyAgent Service C:\WINDOWS\System32\DRIVERS\raspptp.sys [MANUAL] PptpMiniport Service [sYSTEM] PQNTDrv Service C:\WINDOWS\System32\DRIVERS\processr.sys [sYSTEM] Processor Service C:\WINDOWS\system32\lsass.exe [AUTO] ProtectedStorage Service C:\WINDOWS\System32\DRIVERS\psched.sys [MANUAL] PSched Service C:\WINDOWS\System32\DRIVERS\ptilink.sys [MANUAL] Ptilink Service [DISABLED] ql1080 Service [DISABLED] Ql10wnt Service [DISABLED] ql12160 Service [DISABLED] ql1240 Service [DISABLED] ql1280 Service C:\WINDOWS\System32\DRIVERS\rasacd.sys [sYSTEM] RasAcd Service C:\WINDOWS\System32\svchost.exe [MANUAL] RasAuto Service C:\WINDOWS\System32\DRIVERS\rasl2tp.sys [MANUAL] Rasl2tp Service C:\WINDOWS\System32\svchost.exe [MANUAL] RasMan Service C:\WINDOWS\System32\DRIVERS\raspppoe.sys [MANUAL] RasPppoe Service C:\WINDOWS\System32\DRIVERS\raspti.sys [MANUAL] Raspti Service C:\WINDOWS\System32\DRIVERS\rdbss.sys [sYSTEM] Rdbss Service C:\WINDOWS\System32\DRIVERS\RDPCDD.sys [sYSTEM] RDPCDD Service RDPDD Service C:\WINDOWS\System32\DRIVERS\rdpdr.sys [MANUAL] rdpdr Service RDPNP Service [MANUAL] RDPWD Service C:\WINDOWS\system32\sessmgr.exe [MANUAL] RDSessMgr Service C:\WINDOWS\System32\DRIVERS\redbook.sys [sYSTEM] redbook Service C:\WINDOWS\System32\svchost.exe [DISABLED] RemoteAccess Service C:\WINDOWS\system32\svchost.exe [AUTO] RemoteRegistry Service C:\WINDOWS\System32\locator.exe [MANUAL] RpcLocator Service C:\WINDOWS\system32\svchost.exe [AUTO] RpcSs Service C:\WINDOWS\System32\rsvp.exe [MANUAL] RSVP Service C:\WINDOWS\system32\lsass.exe [AUTO] SamSs Service C:\WINDOWS\System32\SCardSvr.exe [MANUAL] SCardSvr Service C:\WINDOWS\System32\svchost.exe [AUTO] Schedule Service ScsiPort Service C:\WINDOWS\System32\DRIVERS\secdrv.sys [AUTO] Secdrv Service C:\WINDOWS\System32\svchost.exe [AUTO] seclogon Service C:\WINDOWS\system32\svchost.exe [AUTO] SENS Service C:\WINDOWS\System32\DRIVERS\serenum.sys [MANUAL] serenum Service C:\WINDOWS\System32\DRIVERS\serial.sys [sYSTEM] Serial Service C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe [MANUAL] ServiceLayer Service [sYSTEM] Sfloppy Service C:\WINDOWS\System32\svchost.exe [DISABLED] SharedAccess Service C:\WINDOWS\System32\svchost.exe [AUTO] ShellHWDetection Service [DISABLED] Simbad Service C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS [MANUAL] SONYPVU1 Service [DISABLED] Sparrow Service C:\WINDOWS\system32\drivers\splitter.sys [MANUAL] splitter Service C:\WINDOWS\system32\spoolsv.exe [AUTO] Spooler Service C:\WINDOWS\System32\Drivers\sptd.sys [bOOT] sptd Service C:\Program [MANUAL] SQLAgent$CDN_OPTIMA Service C:\WINDOWS\System32\DRIVERS\sr.sys [bOOT] sr Service C:\WINDOWS\System32\svchost.exe [AUTO] srservice Service C:\WINDOWS\System32\DRIVERS\srv.sys [MANUAL] Srv Service C:\WINDOWS\System32\svchost.exe [MANUAL] SSDPSRV Service C:\WINDOWS\System32\svchost.exe [MANUAL] stisvc Service C:\WINDOWS\System32\DRIVERS\swenum.sys [MANUAL] swenum Service C:\WINDOWS\system32\drivers\swmidi.sys [MANUAL] swmidi Service C:\WINDOWS\System32\dllhost.exe [MANUAL] SwPrv Service swwd Service [DISABLED] symc810 Service [DISABLED] symc8xx Service [DISABLED] sym_hi Service [DISABLED] sym_u3 Service C:\WINDOWS\system32\drivers\sysaudio.sys [MANUAL] sysaudio Service C:\WINDOWS\system32\smlogsvc.exe [MANUAL] SysmonLog Service C:\WINDOWS\System32\svchost.exe [MANUAL] TapiSrv Service C:\WINDOWS\System32\DRIVERS\tcpip.sys [sYSTEM] Tcpip Service [MANUAL] TDPIPE Service [MANUAL] TDTCP Service C:\WINDOWS\System32\DRIVERS\termdd.sys [sYSTEM] TermDD Service C:\WINDOWS\System32\svchost.exe [MANUAL] TermService Service C:\WINDOWS\System32\svchost.exe [AUTO] Themes Service C:\WINDOWS\System32\tlntsvr.exe [DISABLED] TlntSvr Service [DISABLED] TosIde Service C:\WINDOWS\system32\svchost.exe [AUTO] TrkWks Service TSDDD Service [DISABLED] Udfs Service [DISABLED] ultra Service C:\WINDOWS\system32\wdfmgr.exe [AUTO] UMWdf Service C:\WINDOWS\System32\DRIVERS\update.sys [MANUAL] Update Service C:\WINDOWS\System32\svchost.exe [MANUAL] upnphost Service C:\WINDOWS\System32\ups.exe [MANUAL] UPS Service C:\WINDOWS\System32\DRIVERS\usbehci.sys [MANUAL] usbehci Service C:\WINDOWS\System32\DRIVERS\usbhub.sys [MANUAL] usbhub Service C:\WINDOWS\System32\DRIVERS\usbohci.sys [MANUAL] usbohci Service C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [MANUAL] USBSTOR Service C:\WINDOWS\system32\Drivers\UserPort.sys [sYSTEM] UserPort Service C:\WINDOWS\System32\drivers\vga.sys [sYSTEM] VgaSave Service [DISABLED] ViaIde Service [bOOT] VolSnap Service C:\WINDOWS\System32\vsdatant.sys [sYSTEM] vsdatant Service C:\WINDOWS\system32\ZoneLabs\vsmon.exe [AUTO] vsmon Service C:\WINDOWS\System32\vssvc.exe [MANUAL] VSS Service VXD Service C:\WINDOWS\System32\svchost.exe [AUTO] W32Time Service W3SVC Service C:\WINDOWS\System32\DRIVERS\wanarp.sys [MANUAL] Wanarp Service [MANUAL] WDICA Service C:\WINDOWS\system32\drivers\wdmaud.sys [MANUAL] wdmaud Service C:\WINDOWS\System32\svchost.exe [AUTO] WebClient Service C:\WINDOWS\system32\wincom32.sys (*** hidden *** ) [AUTO] wincom32 <-- ROOTKIT ! Service C:\WINDOWS\system32\svchost.exe [AUTO] winmgmt Service [MANUAL] Winsock Service WinSock2 Service WinTrust Service C:\WINDOWS\System32\svchost.exe [MANUAL] WmdmPmSN Service C:\WINDOWS\System32\svchost.exe [MANUAL] Wmi Service WmiApRpl Service C:\WINDOWS\System32\wbem\wmiapsrv.exe [MANUAL] WmiApSrv Service C:\WINDOWS\System32\svchost.exe [AUTO] wscsvc Service C:\WINDOWS\system32\svchost.exe [AUTO] wuauserv Service C:\WINDOWS\System32\svchost.exe [AUTO] WZCSVC Service C:\WINDOWS\System32\svchost.exe [MANUAL] xmlprov Service {E3AE98AE-D995-428D-8A42-28122ECD3629} Service [MANUAL] aqy0688r ---- EOF - GMER 1.0.12 ---- PS: Ten log został zrobiony z zaznaczona opcja Usługi i pokazuj wszystko, tego drugiego ze wszytkim nie dam rady . Tego ledwo co zdążyłem zrobić .

adam9870 · 29 Styczeń 2007 19:29

Moim zdaniem (i pewnie nie tylko) najlepszym programem do wykrywania i usuwania rootkitów jest Gmer.

Uruchom system w trybie awaryjnym tak jak poprzednio i w Gmerze:

W zakładce Usługi skasuj z prawokliku usługę wincom32
W zakładce CMD z zaznaczoną opcją CMD.EXE wklej:

W zakładce CMD z zaznaczoną opcją REGEDIT.EXE wklej:

W zakładce Procesy wybierz Zabij wszystko. Teraz poczekaj cierpliwie aż zniknie pulpit etc.
Przejdź do zakładki CMD i kliknij Uruchom dla opcji CMD.EXE i REGEDIT.EXE

Potem reset i nowe logi, o które prosiłem.

abdull1 · 29 Styczeń 2007 21:02

LOG1

GMER 1.0.12.12011 - http://www.gmer.net Rootkit scan 2007-01-29 21:58:34 Windows 5.1.2600 Dodatek Service Pack 2 ---- System - GMER 1.0.12 ---- SSDT sptd.sys ZwCreateKey SSDT sptd.sys ZwEnumerateKey SSDT sptd.sys ZwEnumerateValueKey SSDT sptd.sys ZwOpenKey SSDT sptd.sys ZwQueryKey SSDT sptd.sys ZwQueryValueKey SSDT sptd.sys ZwSetValueKey ---- Kernel code sections - GMER 1.0.12 ---- .text USBPORT.SYS!DllUnload F951A62C 5 Bytes JMP 822BD1B8 ---- Devices - GMER 1.0.12 ---- Device \FileSystem\Ntfs \Ntfs IRP_MJ_CREATE 823851D8 Device \FileSystem\Ntfs \Ntfs IRP_MJ_CLOSE 823851D8 Device \FileSystem\Ntfs \Ntfs IRP_MJ_READ 823851D8 Device \FileSystem\Ntfs \Ntfs IRP_MJ_WRITE 823851D8 Device \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_INFORMATION 823851D8 Device \FileSystem\Ntfs \Ntfs IRP_MJ_SET_INFORMATION 823851D8 Device \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_EA 823851D8 Device \FileSystem\Ntfs \Ntfs IRP_MJ_SET_EA 823851D8 Device \FileSystem\Ntfs \Ntfs IRP_MJ_FLUSH_BUFFERS 823851D8 Device \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_VOLUME_INFORMATION 823851D8 Device \FileSystem\Ntfs \Ntfs IRP_MJ_SET_VOLUME_INFORMATION 823851D8 Device \FileSystem\Ntfs \Ntfs IRP_MJ_DIRECTORY_CONTROL 823851D8 Device \FileSystem\Ntfs \Ntfs IRP_MJ_FILE_SYSTEM_CONTROL 823851D8 Device \FileSystem\Ntfs \Ntfs IRP_MJ_DEVICE_CONTROL 823851D8 Device \FileSystem\Ntfs \Ntfs IRP_MJ_SHUTDOWN 823851D8 Device \FileSystem\Ntfs \Ntfs IRP_MJ_LOCK_CONTROL 823851D8 Device \FileSystem\Ntfs \Ntfs IRP_MJ_CLEANUP 823851D8 Device \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_SECURITY 823851D8 Device \FileSystem\Ntfs \Ntfs IRP_MJ_SET_SECURITY 823851D8 Device \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_QUOTA 823851D8 Device \FileSystem\Ntfs \Ntfs IRP_MJ_SET_QUOTA 823851D8 Device \FileSystem\Ntfs \Ntfs IRP_MJ_PNP 823851D8 Device \FileSystem\Fastfat \FatCdrom IRP_MJ_CREATE 8217D1D8 Device \FileSystem\Fastfat \FatCdrom IRP_MJ_CLOSE 8217D1D8 Device \FileSystem\Fastfat \FatCdrom IRP_MJ_READ 8217D1D8 Device \FileSystem\Fastfat \FatCdrom IRP_MJ_WRITE 8217D1D8 Device \FileSystem\Fastfat \FatCdrom IRP_MJ_QUERY_INFORMATION 8217D1D8 Device \FileSystem\Fastfat \FatCdrom IRP_MJ_SET_INFORMATION 8217D1D8 Device \FileSystem\Fastfat \FatCdrom IRP_MJ_QUERY_EA 8217D1D8 Device \FileSystem\Fastfat \FatCdrom IRP_MJ_SET_EA 8217D1D8 Device \FileSystem\Fastfat \FatCdrom IRP_MJ_FLUSH_BUFFERS 8217D1D8 Device \FileSystem\Fastfat \FatCdrom IRP_MJ_QUERY_VOLUME_INFORMATION 8217D1D8 Device \FileSystem\Fastfat \FatCdrom IRP_MJ_SET_VOLUME_INFORMATION 8217D1D8 Device \FileSystem\Fastfat \FatCdrom IRP_MJ_DIRECTORY_CONTROL 8217D1D8 Device \FileSystem\Fastfat \FatCdrom IRP_MJ_FILE_SYSTEM_CONTROL 8217D1D8 Device \FileSystem\Fastfat \FatCdrom IRP_MJ_DEVICE_CONTROL 8217D1D8 Device \FileSystem\Fastfat \FatCdrom IRP_MJ_SHUTDOWN 8217D1D8 Device \FileSystem\Fastfat \FatCdrom IRP_MJ_LOCK_CONTROL 8217D1D8 Device \FileSystem\Fastfat \FatCdrom IRP_MJ_CLEANUP 8217D1D8 Device \FileSystem\Fastfat \FatCdrom IRP_MJ_PNP 8217D1D8 Device \Driver\usbohci \Device\USBPDO-0 IRP_MJ_CREATE 822BC1D8 Device \Driver\usbohci \Device\USBPDO-0 IRP_MJ_CLOSE 822BC1D8 Device \Driver\usbohci \Device\USBPDO-0 IRP_MJ_DEVICE_CONTROL 822BC1D8 Device \Driver\usbohci \Device\USBPDO-0 IRP_MJ_INTERNAL_DEVICE_CONTROL 822BC1D8 Device \Driver\usbohci \Device\USBPDO-0 IRP_MJ_POWER 822BC1D8 Device \Driver\usbohci \Device\USBPDO-0 IRP_MJ_SYSTEM_CONTROL 822BC1D8 Device \Driver\usbohci \Device\USBPDO-0 IRP_MJ_PNP 822BC1D8 Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_CREATE 823881D8 Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_CLOSE 823881D8 Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_READ 823881D8 Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_WRITE 823881D8 Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_FLUSH_BUFFERS 823881D8 Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_DEVICE_CONTROL 823881D8 Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_INTERNAL_DEVICE_CONTROL 823881D8 Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_SHUTDOWN 823881D8 Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_POWER 823881D8 Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_SYSTEM_CONTROL 823881D8 Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_PNP 823881D8 Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_CREATE 823881D8 Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_CLOSE 823881D8 Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_READ 823881D8 Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_WRITE 823881D8 Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_FLUSH_BUFFERS 823881D8 Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_DEVICE_CONTROL 823881D8 Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_INTERNAL_DEVICE_CONTROL 823881D8 Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_SHUTDOWN 823881D8 Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_POWER 823881D8 Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_SYSTEM_CONTROL 823881D8 Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_PNP 823881D8 Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_CREATE 823881D8 Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_CLOSE 823881D8 Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_READ 823881D8 Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_WRITE 823881D8 Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_FLUSH_BUFFERS 823881D8 Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_DEVICE_CONTROL 823881D8 Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_INTERNAL_DEVICE_CONTROL 823881D8 Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_SHUTDOWN 823881D8 Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_POWER 823881D8 Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_SYSTEM_CONTROL 823881D8 Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_PNP 823881D8 Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_CREATE 823881D8 Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_CLOSE 823881D8 Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_READ 823881D8 Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_WRITE 823881D8 Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_FLUSH_BUFFERS 823881D8 Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_DEVICE_CONTROL 823881D8 Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_INTERNAL_DEVICE_CONTROL 823881D8 Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_SHUTDOWN 823881D8 Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_POWER 823881D8 Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_SYSTEM_CONTROL 823881D8 Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_PNP 823881D8 Device \Driver\usbohci \Device\USBPDO-1 IRP_MJ_CREATE 822BC1D8 Device \Driver\usbohci \Device\USBPDO-1 IRP_MJ_CLOSE 822BC1D8 Device \Driver\usbohci \Device\USBPDO-1 IRP_MJ_DEVICE_CONTROL 822BC1D8 Device \Driver\usbohci \Device\USBPDO-1 IRP_MJ_INTERNAL_DEVICE_CONTROL 822BC1D8 Device \Driver\usbohci \Device\USBPDO-1 IRP_MJ_POWER 822BC1D8 Device \Driver\usbohci \Device\USBPDO-1 IRP_MJ_SYSTEM_CONTROL 822BC1D8 Device \Driver\usbohci \Device\USBPDO-1 IRP_MJ_PNP 822BC1D8 Device \Driver\00000461 \Device\00000046 IRP_MJ_POWER [F9796DB6] sptd.sys Device \Driver\00000461 \Device\00000046 IRP_MJ_SYSTEM_CONTROL [F97AC73C] sptd.sys Device \Driver\00000461 \Device\00000046 IRP_MJ_PNP [F97A577E] sptd.sys Device \Driver\usbehci \Device\USBPDO-2 IRP_MJ_CREATE 822FC1D8 Device \Driver\usbehci \Device\USBPDO-2 IRP_MJ_CLOSE 822FC1D8 Device \Driver\usbehci \Device\USBPDO-2 IRP_MJ_DEVICE_CONTROL 822FC1D8 Device \Driver\usbehci \Device\USBPDO-2 IRP_MJ_INTERNAL_DEVICE_CONTROL 822FC1D8 Device \Driver\usbehci \Device\USBPDO-2 IRP_MJ_POWER 822FC1D8 Device \Driver\usbehci \Device\USBPDO-2 IRP_MJ_SYSTEM_CONTROL 822FC1D8 Device \Driver\usbehci \Device\USBPDO-2 IRP_MJ_PNP 822FC1D8 Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_CREATE 823891D8 Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_READ 823891D8 Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_WRITE 823891D8 Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_FLUSH_BUFFERS 823891D8 Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_DEVICE_CONTROL 823891D8 Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_INTERNAL_DEVICE_CONTROL 823891D8 Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_SHUTDOWN 823891D8 Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_CLEANUP 823891D8 Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_POWER 823891D8 Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_SYSTEM_CONTROL 823891D8 Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_PNP 823891D8 Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_CREATE 823891D8 Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_READ 823891D8 Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_WRITE 823891D8 Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_FLUSH_BUFFERS 823891D8 Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_DEVICE_CONTROL 823891D8 Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_INTERNAL_DEVICE_CONTROL 823891D8 Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_SHUTDOWN 823891D8 Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_CLEANUP 823891D8 Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_POWER 823891D8 Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_SYSTEM_CONTROL 823891D8 Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_PNP 823891D8 Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_CREATE 8224D1D8 Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_CLOSE 8224D1D8 Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_READ 8224D1D8 Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_WRITE 8224D1D8 Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_FLUSH_BUFFERS 8224D1D8 Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_DEVICE_CONTROL 8224D1D8 Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_INTERNAL_DEVICE_CONTROL 8224D1D8 Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_SHUTDOWN 8224D1D8 Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_POWER 8224D1D8 Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_SYSTEM_CONTROL 8224D1D8 Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_PNP 8224D1D8 Device \Driver\Ftdisk \Device\HarddiskVolume3 IRP_MJ_CREATE 823891D8 Device \Driver\Ftdisk \Device\HarddiskVolume3 IRP_MJ_READ 823891D8 Device \Driver\Ftdisk \Device\HarddiskVolume3 IRP_MJ_WRITE 823891D8 Device \Driver\Ftdisk \Device\HarddiskVolume3 IRP_MJ_FLUSH_BUFFERS 823891D8 Device \Driver\Ftdisk \Device\HarddiskVolume3 IRP_MJ_DEVICE_CONTROL 823891D8 Device \Driver\Ftdisk \Device\HarddiskVolume3 IRP_MJ_INTERNAL_DEVICE_CONTROL 823891D8 Device \Driver\Ftdisk \Device\HarddiskVolume3 IRP_MJ_SHUTDOWN 823891D8 Device \Driver\Ftdisk \Device\HarddiskVolume3 IRP_MJ_CLEANUP 823891D8 Device \Driver\Ftdisk \Device\HarddiskVolume3 IRP_MJ_POWER 823891D8 Device \Driver\Ftdisk \Device\HarddiskVolume3 IRP_MJ_SYSTEM_CONTROL 823891D8 Device \Driver\Ftdisk \Device\HarddiskVolume3 IRP_MJ_PNP 823891D8 Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_CREATE 8224D1D8 Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_CLOSE 8224D1D8 Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_READ 8224D1D8 Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_WRITE 8224D1D8 Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_FLUSH_BUFFERS 8224D1D8 Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_DEVICE_CONTROL 8224D1D8 Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_INTERNAL_DEVICE_CONTROL 8224D1D8 Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_SHUTDOWN 8224D1D8 Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_POWER 8224D1D8 Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_SYSTEM_CONTROL 8224D1D8 Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_PNP 8224D1D8 Device \Driver\atapi \Device\Ide\IdeDeviceP1T1L0-17 IRP_MJ_CREATE 823871D8 Device \Driver\atapi \Device\Ide\IdeDeviceP1T1L0-17 IRP_MJ_CLOSE 823871D8 Device \Driver\atapi \Device\Ide\IdeDeviceP1T1L0-17 IRP_MJ_DEVICE_CONTROL 823871D8 Device \Driver\atapi \Device\Ide\IdeDeviceP1T1L0-17 IRP_MJ_INTERNAL_DEVICE_CONTROL 823871D8 Device \Driver\atapi \Device\Ide\IdeDeviceP1T1L0-17 IRP_MJ_POWER 823871D8 Device \Driver\atapi \Device\Ide\IdeDeviceP1T1L0-17 IRP_MJ_SYSTEM_CONTROL 823871D8 Device \Driver\atapi \Device\Ide\IdeDeviceP1T1L0-17 IRP_MJ_PNP 823871D8 Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 IRP_MJ_CREATE 823871D8 Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 IRP_MJ_CLOSE 823871D8 Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 IRP_MJ_DEVICE_CONTROL 823871D8 Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 IRP_MJ_INTERNAL_DEVICE_CONTROL 823871D8 Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 IRP_MJ_POWER 823871D8 Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 IRP_MJ_SYSTEM_CONTROL 823871D8 Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 IRP_MJ_PNP 823871D8 Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_CREATE 823871D8 Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_CLOSE 823871D8 Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_DEVICE_CONTROL 823871D8 Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_INTERNAL_DEVICE_CONTROL 823871D8 Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_POWER 823871D8 Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_SYSTEM_CONTROL 823871D8 Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_PNP 823871D8 Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_CREATE 823871D8 Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_CLOSE 823871D8 Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_DEVICE_CONTROL 823871D8 Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_INTERNAL_DEVICE_CONTROL 823871D8 Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_POWER 823871D8 Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_SYSTEM_CONTROL 823871D8 Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_PNP 823871D8 Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-f IRP_MJ_CREATE 823871D8 Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-f IRP_MJ_CLOSE 823871D8 Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-f IRP_MJ_DEVICE_CONTROL 823871D8 Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-f IRP_MJ_INTERNAL_DEVICE_CONTROL 823871D8 Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-f IRP_MJ_POWER 823871D8 Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-f IRP_MJ_SYSTEM_CONTROL 823871D8 Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-f IRP_MJ_PNP 823871D8 Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_CREATE 8224D1D8 Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_CLOSE 8224D1D8 Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_READ 8224D1D8 Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_WRITE 8224D1D8 Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_FLUSH_BUFFERS 8224D1D8 Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_DEVICE_CONTROL 8224D1D8 Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_INTERNAL_DEVICE_CONTROL 8224D1D8 Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_SHUTDOWN 8224D1D8 Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_POWER 8224D1D8 Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_SYSTEM_CONTROL 8224D1D8 Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_PNP 8224D1D8 Device \Driver\usbohci \Device\USBFDO-0 IRP_MJ_CREATE 822BC1D8 Device \Driver\usbohci \Device\USBFDO-0 IRP_MJ_CLOSE 822BC1D8 Device \Driver\usbohci \Device\USBFDO-0 IRP_MJ_DEVICE_CONTROL 822BC1D8 Device \Driver\usbohci \Device\USBFDO-0 IRP_MJ_INTERNAL_DEVICE_CONTROL 822BC1D8 Device \Driver\usbohci \Device\USBFDO-0 IRP_MJ_POWER 822BC1D8 Device \Driver\usbohci \Device\USBFDO-0 IRP_MJ_SYSTEM_CONTROL 822BC1D8 Device \Driver\usbohci \Device\USBFDO-0 IRP_MJ_PNP 822BC1D8 Device \Driver\usbohci \Device\USBFDO-1 IRP_MJ_CREATE 822BC1D8 Device \Driver\usbohci \Device\USBFDO-1 IRP_MJ_CLOSE 822BC1D8 Device \Driver\usbohci \Device\USBFDO-1 IRP_MJ_DEVICE_CONTROL 822BC1D8 Device \Driver\usbohci \Device\USBFDO-1 IRP_MJ_INTERNAL_DEVICE_CONTROL 822BC1D8 Device \Driver\usbohci \Device\USBFDO-1 IRP_MJ_POWER 822BC1D8 Device \Driver\usbohci \Device\USBFDO-1 IRP_MJ_SYSTEM_CONTROL 822BC1D8 Device \Driver\usbohci \Device\USBFDO-1 IRP_MJ_PNP 822BC1D8 Device \Driver\usbehci \Device\USBFDO-2 IRP_MJ_CREATE 822FC1D8 Device \Driver\usbehci \Device\USBFDO-2 IRP_MJ_CLOSE 822FC1D8 Device \Driver\usbehci \Device\USBFDO-2 IRP_MJ_DEVICE_CONTROL 822FC1D8 Device \Driver\usbehci \Device\USBFDO-2 IRP_MJ_INTERNAL_DEVICE_CONTROL 822FC1D8 Device \Driver\usbehci \Device\USBFDO-2 IRP_MJ_POWER 822FC1D8 Device \Driver\usbehci \Device\USBFDO-2 IRP_MJ_SYSTEM_CONTROL 822FC1D8 Device \Driver\usbehci \Device\USBFDO-2 IRP_MJ_PNP 822FC1D8 Device \Driver\Ftdisk \Device\FtControl IRP_MJ_CREATE 823891D8 Device \Driver\Ftdisk \Device\FtControl IRP_MJ_READ 823891D8 Device \Driver\Ftdisk \Device\FtControl IRP_MJ_WRITE 823891D8 Device \Driver\Ftdisk \Device\FtControl IRP_MJ_FLUSH_BUFFERS 823891D8 Device \Driver\Ftdisk \Device\FtControl IRP_MJ_DEVICE_CONTROL 823891D8 Device \Driver\Ftdisk \Device\FtControl IRP_MJ_INTERNAL_DEVICE_CONTROL 823891D8 Device \Driver\Ftdisk \Device\FtControl IRP_MJ_SHUTDOWN 823891D8 Device \Driver\Ftdisk \Device\FtControl IRP_MJ_CLEANUP 823891D8 Device \Driver\Ftdisk \Device\FtControl IRP_MJ_POWER 823891D8 Device \Driver\Ftdisk \Device\FtControl IRP_MJ_SYSTEM_CONTROL 823891D8 Device \Driver\Ftdisk \Device\FtControl IRP_MJ_PNP 823891D8 Device \Driver\amzvka0v \Device\Scsi\amzvka0v1Port2Path0Target0Lun0 IRP_MJ_CREATE 82225990 Device \Driver\amzvka0v \Device\Scsi\amzvka0v1Port2Path0Target0Lun0 IRP_MJ_CLOSE 82225990 Device \Driver\amzvka0v \Device\Scsi\amzvka0v1Port2Path0Target0Lun0 IRP_MJ_DEVICE_CONTROL 82225990 Device \Driver\amzvka0v \Device\Scsi\amzvka0v1Port2Path0Target0Lun0 IRP_MJ_INTERNAL_DEVICE_CONTROL 82225990 Device \Driver\amzvka0v \Device\Scsi\amzvka0v1Port2Path0Target0Lun0 IRP_MJ_POWER 82225990 Device \Driver\amzvka0v \Device\Scsi\amzvka0v1Port2Path0Target0Lun0 IRP_MJ_SYSTEM_CONTROL 82225990 Device \Driver\amzvka0v \Device\Scsi\amzvka0v1Port2Path0Target0Lun0 IRP_MJ_PNP 82225990 Device \Driver\amzvka0v \Device\Scsi\amzvka0v1 IRP_MJ_CREATE 82225990 Device \Driver\amzvka0v \Device\Scsi\amzvka0v1 IRP_MJ_CLOSE 82225990 Device \Driver\amzvka0v \Device\Scsi\amzvka0v1 IRP_MJ_DEVICE_CONTROL 82225990 Device \Driver\amzvka0v \Device\Scsi\amzvka0v1 IRP_MJ_INTERNAL_DEVICE_CONTROL 82225990 Device \Driver\amzvka0v \Device\Scsi\amzvka0v1 IRP_MJ_POWER 82225990 Device \Driver\amzvka0v \Device\Scsi\amzvka0v1 IRP_MJ_SYSTEM_CONTROL 82225990 Device \Driver\amzvka0v \Device\Scsi\amzvka0v1 IRP_MJ_PNP 82225990 Device \FileSystem\Fastfat \Fat IRP_MJ_CREATE 8217D1D8 Device \FileSystem\Fastfat \Fat IRP_MJ_CLOSE 8217D1D8 Device \FileSystem\Fastfat \Fat IRP_MJ_READ 8217D1D8 Device \FileSystem\Fastfat \Fat IRP_MJ_WRITE 8217D1D8 Device \FileSystem\Fastfat \Fat IRP_MJ_QUERY_INFORMATION 8217D1D8 Device \FileSystem\Fastfat \Fat IRP_MJ_SET_INFORMATION 8217D1D8 Device \FileSystem\Fastfat \Fat IRP_MJ_QUERY_EA 8217D1D8 Device \FileSystem\Fastfat \Fat IRP_MJ_SET_EA 8217D1D8 Device \FileSystem\Fastfat \Fat IRP_MJ_FLUSH_BUFFERS 8217D1D8 Device \FileSystem\Fastfat \Fat IRP_MJ_QUERY_VOLUME_INFORMATION 8217D1D8 Device \FileSystem\Fastfat \Fat IRP_MJ_SET_VOLUME_INFORMATION 8217D1D8 Device \FileSystem\Fastfat \Fat IRP_MJ_DIRECTORY_CONTROL 8217D1D8 Device \FileSystem\Fastfat \Fat IRP_MJ_FILE_SYSTEM_CONTROL 8217D1D8 Device \FileSystem\Fastfat \Fat IRP_MJ_DEVICE_CONTROL 8217D1D8 Device \FileSystem\Fastfat \Fat IRP_MJ_SHUTDOWN 8217D1D8 Device \FileSystem\Fastfat \Fat IRP_MJ_LOCK_CONTROL 8217D1D8 Device \FileSystem\Fastfat \Fat IRP_MJ_CLEANUP 8217D1D8 Device \FileSystem\Fastfat \Fat IRP_MJ_PNP 8217D1D8 Device \FileSystem\Cdfs \Cdfs IRP_MJ_CREATE 821811D8 Device \FileSystem\Cdfs \Cdfs IRP_MJ_CLOSE 821811D8 Device \FileSystem\Cdfs \Cdfs IRP_MJ_READ 821811D8 Device \FileSystem\Cdfs \Cdfs IRP_MJ_QUERY_INFORMATION 821811D8 Device \FileSystem\Cdfs \Cdfs IRP_MJ_SET_INFORMATION 821811D8 Device \FileSystem\Cdfs \Cdfs IRP_MJ_QUERY_VOLUME_INFORMATION 821811D8 Device \FileSystem\Cdfs \Cdfs IRP_MJ_DIRECTORY_CONTROL 821811D8 Device \FileSystem\Cdfs \Cdfs IRP_MJ_FILE_SYSTEM_CONTROL 821811D8 Device \FileSystem\Cdfs \Cdfs IRP_MJ_DEVICE_CONTROL 821811D8 Device \FileSystem\Cdfs \Cdfs IRP_MJ_SHUTDOWN 821811D8 Device \FileSystem\Cdfs \Cdfs IRP_MJ_LOCK_CONTROL 821811D8 Device \FileSystem\Cdfs \Cdfs IRP_MJ_CLEANUP 821811D8 Device \FileSystem\Cdfs \Cdfs IRP_MJ_PNP 821811D8 ---- Registry - GMER 1.0.12 ---- Reg \Registry\MACHINE\SOFTWARE\LicCtrl\LicCtrl\LicCtrl\LicCtrl ---- EOF - GMER 1.0.12 ----

LOG 2

GMER 1.0.12.12011 - http://www.gmer.net Rootkit scan 2007-01-29 21:44:48 Windows 5.1.2600 Dodatek Service Pack 2 ---- Services - GMER 1.0.12 ---- Service [DISABLED] Abiosdsk Service [DISABLED] abp480n5 Service C:\WINDOWS\System32\DRIVERS\ACPI.sys [bOOT] ACPI Service [DISABLED] ACPIEC Service C:\WINDOWS\System32\Drivers\adildr.sys [AUTO] ADILOADER Service C:\WINDOWS\System32\DRIVERS\adiusbaw.sys [MANUAL] adiusbaw Service [DISABLED] adpu160m Service C:\WINDOWS\system32\drivers\aec.sys [MANUAL] aec Service C:\WINDOWS\System32\drivers\afd.sys [sYSTEM] AFD Service [DISABLED] Aha154x Service [DISABLED] aic78u2 Service [DISABLED] aic78xx Service C:\WINDOWS\System32\svchost.exe [AUTO] Alerter Service C:\WINDOWS\System32\alg.exe [MANUAL] ALG Service [DISABLED] AliIde Service C:\WINDOWS\System32\DRIVERS\amdk7.sys [sYSTEM] AmdK7 Service [DISABLED] amsint Service C:\Program Files\AntiVir PersonalEdition Classic\sched.exe [AUTO] AntiVirScheduler Service C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe [AUTO] AntiVirService Service C:\WINDOWS\system32\svchost.exe [MANUAL] AppMgmt Service [DISABLED] asc Service [DISABLED] asc3350p Service [DISABLED] asc3550 Service aswTdi Service C:\WINDOWS\System32\DRIVERS\asyncmac.sys [MANUAL] AsyncMac Service C:\WINDOWS\System32\DRIVERS\atapi.sys [bOOT] atapi Service [DISABLED] Atdisk Service C:\WINDOWS\system32\Ati2evxx.exe [AUTO] Ati HotKey Poller Service C:\WINDOWS\system32\ati2sgag.exe [AUTO] ATI Smart Service C:\WINDOWS\System32\DRIVERS\ati2mtag.sys [MANUAL] ati2mtag Service C:\WINDOWS\System32\DRIVERS\atmarpc.sys [MANUAL] Atmarpc Service C:\WINDOWS\System32\svchost.exe [AUTO] AudioSrv Service C:\WINDOWS\System32\DRIVERS\audstub.sys [MANUAL] audstub Service C:\WINDOWS\SYSTEM32\DRIVERS\avgntdd.sys [sYSTEM] avgntdd Service C:\WINDOWS\SYSTEM32\drivers\avgntmgr.sys [bOOT] avgntmgr Service BattC Service [sYSTEM] Beep Service C:\WINDOWS\System32\svchost.exe [MANUAL] BITS Service C:\WINDOWS\System32\svchost.exe [AUTO] Browser Service [DISABLED] cbidf2k Service [DISABLED] cd20xrnt Service [sYSTEM] Cdaudio Service [DISABLED] Cdfs Service C:\WINDOWS\System32\DRIVERS\cdrom.sys [sYSTEM] Cdrom Service [sYSTEM] Changer Service C:\WINDOWS\system32\cisvc.exe [AUTO] CiSvc Service C:\WINDOWS\system32\clipsrv.exe [DISABLED] ClipSrv Service [DISABLED] CmdIde Service C:\WINDOWS\system32\drivers\cmuda.sys [MANUAL] cmuda Service C:\WINDOWS\System32\dllhost.exe [MANUAL] COMSysApp Service ContentFilter Service ContentIndex Service [DISABLED] Cpqarray Service C:\WINDOWS\system32\svchost.exe [AUTO] CryptSvc Service [DISABLED] dac2w2k Service [DISABLED] dac960nt Service C:\WINDOWS\system32\svchost.exe [AUTO] DcomLaunch Service C:\WINDOWS\System32\svchost.exe [AUTO] Dhcp Service C:\WINDOWS\System32\DRIVERS\disk.sys [bOOT] Disk Service C:\WINDOWS\System32\dmadmin.exe [MANUAL] dmadmin Service C:\WINDOWS\System32\drivers\dmboot.sys [DISABLED] dmboot Service C:\WINDOWS\System32\drivers\dmio.sys [bOOT] dmio Service C:\WINDOWS\System32\drivers\dmload.sys [bOOT] dmload Service C:\WINDOWS\System32\svchost.exe [AUTO] dmserver Service C:\WINDOWS\system32\drivers\DMusic.sys [MANUAL] DMusic Service C:\WINDOWS\System32\svchost.exe [AUTO] Dnscache Service [DISABLED] dpti2o Service C:\WINDOWS\system32\drivers\drmkaud.sys [MANUAL] drmkaud Service C:\WINDOWS\system32\DRIVERS\el90xnd5.sys [MANUAL] EL90X Service C:\WINDOWS\System32\svchost.exe [AUTO] ERSvc Service C:\WINDOWS\system32\services.exe [AUTO] Eventlog Service C:\WINDOWS\System32\svchost.exe [MANUAL] EventSystem Service [DISABLED] Fastfat Service C:\WINDOWS\System32\svchost.exe [MANUAL] FastUserSwitchingCompatibility Service C:\WINDOWS\System32\DRIVERS\fdc.sys [MANUAL] Fdc Service [sYSTEM] Fips Service C:\WINDOWS\System32\DRIVERS\flpydisk.sys [MANUAL] Flpydisk Service C:\WINDOWS\system32\drivers\fltmgr.sys [bOOT] FltMgr Service [sYSTEM] Fs_Rec Service C:\WINDOWS\System32\DRIVERS\ftdisk.sys [bOOT] Ftdisk Service C:\WINDOWS\System32\DRIVERS\gameenum.sys [MANUAL] gameenum Service C:\WINDOWS\System32\DRIVERS\gmer.sys [MANUAL] gmer Service C:\WINDOWS\System32\DRIVERS\msgpc.sys [MANUAL] Gpc Service C:\WINDOWS\system32\drivers\hardlock.sys [AUTO] Hardlock Service C:\WINDOWS\system32\drivers\Haspnt.sys [AUTO] Haspnt Service C:\WINDOWS\system32\HASPSrv.exe [AUTO] HASPSrv Service C:\WINDOWS\System32\svchost.exe [AUTO] helpsvc Service C:\WINDOWS\System32\svchost.exe [DISABLED] HidServ Service [DISABLED] hpn Service C:\WINDOWS\System32\Drivers\HTTP.sys [MANUAL] HTTP Service C:\WINDOWS\System32\svchost.exe [MANUAL] HTTPFilter Service [sYSTEM] i2omgmt Service [DISABLED] i2omp Service C:\WINDOWS\System32\DRIVERS\i8042prt.sys [sYSTEM] i8042prt Service C:\WINDOWS\System32\DRIVERS\imapi.sys [sYSTEM] Imapi Service C:\WINDOWS\System32\imapi.exe [MANUAL] ImapiService Service inetaccs Service [DISABLED] ini910u Service Inport Service [DISABLED] IntelIde Service C:\WINDOWS\system32\drivers\ip6fw.sys [MANUAL] ip6fw Service C:\WINDOWS\System32\DRIVERS\ipfltdrv.sys [MANUAL] IpFilterDriver Service C:\WINDOWS\System32\DRIVERS\ipinip.sys [MANUAL] IpInIp Service C:\WINDOWS\System32\DRIVERS\ipnat.sys [MANUAL] IpNat Service C:\WINDOWS\System32\DRIVERS\ipsec.sys [sYSTEM] IPSec Service C:\WINDOWS\System32\DRIVERS\irenum.sys [MANUAL] IRENUM Service ISAPISearch Service C:\WINDOWS\System32\DRIVERS\isapnp.sys [bOOT] isapnp Service C:\WINDOWS\System32\DRIVERS\kbdclass.sys [sYSTEM] Kbdclass Service C:\WINDOWS\system32\drivers\kmixer.sys [MANUAL] kmixer Service [bOOT] KSecDD Service C:\WINDOWS\System32\svchost.exe [AUTO] lanmanserver Service C:\WINDOWS\System32\svchost.exe [AUTO] lanmanworkstation Service [sYSTEM] lbrtfdc Service ldap Service C:\WINDOWS\runservice.exe [AUTO] LicCtrlService Service LicenseService Service C:\WINDOWS\System32\svchost.exe [AUTO] LmHosts Service C:\WINDOWS\System32\svchost.exe [DISABLED] Messenger Service [sYSTEM] mnmdd Service C:\WINDOWS\System32\mnmsrvc.exe [MANUAL] mnmsrvc Service [MANUAL] Modem Service C:\WINDOWS\System32\DRIVERS\mouclass.sys [sYSTEM] Mouclass Service [bOOT] MountMgr Service [DISABLED] mraid35x Service C:\WINDOWS\System32\DRIVERS\mrxdav.sys [MANUAL] MRxDAV Service C:\WINDOWS\System32\DRIVERS\mrxsmb.sys [sYSTEM] MRxSmb Service C:\WINDOWS\System32\msdtc.exe [MANUAL] MSDTC Service [sYSTEM] Msfs Service C:\WINDOWS\System32\msiexec.exe [MANUAL] MSIServer Service C:\WINDOWS\system32\drivers\MSKSSRV.sys [MANUAL] MSKSSRV Service C:\WINDOWS\system32\drivers\MSPCLOCK.sys [MANUAL] MSPCLOCK Service C:\WINDOWS\system32\drivers\MSPQM.sys [MANUAL] MSPQM Service C:\WINDOWS\System32\DRIVERS\mssmbios.sys [MANUAL] mssmbios Service C:\Program [AUTO] MSSQL$CDN_OPTIMA Service C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe [MANUAL] MSSQLServerADHelper Service C:\WINDOWS\system32\drivers\msmpu401.sys [MANUAL] ms_mpu401 Service [bOOT] Mup Service [bOOT] NDIS Service C:\WINDOWS\System32\DRIVERS\ndistapi.sys [MANUAL] NdisTapi Service C:\WINDOWS\System32\DRIVERS\ndisuio.sys [MANUAL] Ndisuio Service C:\WINDOWS\System32\DRIVERS\ndiswan.sys [MANUAL] NdisWan Service [MANUAL] NDProxy Service C:\WINDOWS\System32\DRIVERS\netbios.sys [sYSTEM] NetBIOS Service C:\WINDOWS\System32\DRIVERS\netbt.sys [MANUAL] NetBT Service C:\WINDOWS\system32\netdde.exe [DISABLED] NetDDE Service C:\WINDOWS\system32\netdde.exe [DISABLED] NetDDEdsdm Service C:\WINDOWS\System32\lsass.exe [MANUAL] Netlogon Service C:\WINDOWS\System32\svchost.exe [MANUAL] Netman Service C:\WINDOWS\System32\svchost.exe [MANUAL] Nla Service [sYSTEM] Npfs Service [DISABLED] Ntfs Service C:\WINDOWS\System32\lsass.exe [MANUAL] NtLmSsp Service C:\WINDOWS\system32\svchost.exe [MANUAL] NtmsSvc Service [sYSTEM] Null Service C:\WINDOWS\system32\DRIVERS\nv_agp.sys [bOOT] nv_agp Service C:\WINDOWS\System32\DRIVERS\nwlnkflt.sys [MANUAL] NwlnkFlt Service C:\WINDOWS\System32\DRIVERS\nwlnkfwd.sys [MANUAL] NwlnkFwd Service C:\WINDOWS\System32\DRIVERS\parport.sys [MANUAL] Parport Service [bOOT] PartMgr Service [AUTO] ParVdm Service C:\WINDOWS\System32\DRIVERS\pci.sys [bOOT] PCI Service [sYSTEM] PCIDump Service C:\WINDOWS\System32\DRIVERS\pciide.sys [bOOT] PCIIde Service [DISABLED] Pcmcia Service [MANUAL] PDCOMP Service [MANUAL] PDFRAME Service [MANUAL] PDRELI Service [MANUAL] PDRFRAME Service [DISABLED] perc2 Service [DISABLED] perc2hib Service PerfDisk Service PerfNet Service PerfOS Service PerfProc Service C:\WINDOWS\system32\services.exe [AUTO] PlugPlay Service C:\WINDOWS\System32\lsass.exe [AUTO] PolicyAgent Service C:\WINDOWS\System32\DRIVERS\raspptp.sys [MANUAL] PptpMiniport Service [sYSTEM] PQNTDrv Service C:\WINDOWS\System32\DRIVERS\processr.sys [sYSTEM] Processor Service C:\WINDOWS\system32\lsass.exe [AUTO] ProtectedStorage Service C:\WINDOWS\System32\DRIVERS\psched.sys [MANUAL] PSched Service C:\WINDOWS\System32\DRIVERS\ptilink.sys [MANUAL] Ptilink Service [DISABLED] ql1080 Service [DISABLED] Ql10wnt Service [DISABLED] ql12160 Service [DISABLED] ql1240 Service [DISABLED] ql1280 Service C:\WINDOWS\System32\DRIVERS\rasacd.sys [sYSTEM] RasAcd Service C:\WINDOWS\System32\svchost.exe [MANUAL] RasAuto Service C:\WINDOWS\System32\DRIVERS\rasl2tp.sys [MANUAL] Rasl2tp Service C:\WINDOWS\System32\svchost.exe [MANUAL] RasMan Service C:\WINDOWS\System32\DRIVERS\raspppoe.sys [MANUAL] RasPppoe Service C:\WINDOWS\System32\DRIVERS\raspti.sys [MANUAL] Raspti Service C:\WINDOWS\System32\DRIVERS\rdbss.sys [sYSTEM] Rdbss Service C:\WINDOWS\System32\DRIVERS\RDPCDD.sys [sYSTEM] RDPCDD Service RDPDD Service C:\WINDOWS\System32\DRIVERS\rdpdr.sys [MANUAL] rdpdr Service RDPNP Service [MANUAL] RDPWD Service C:\WINDOWS\system32\sessmgr.exe [MANUAL] RDSessMgr Service C:\WINDOWS\System32\DRIVERS\redbook.sys [sYSTEM] redbook Service C:\WINDOWS\System32\svchost.exe [DISABLED] RemoteAccess Service C:\WINDOWS\system32\svchost.exe [AUTO] RemoteRegistry Service C:\WINDOWS\System32\locator.exe [MANUAL] RpcLocator Service C:\WINDOWS\system32\svchost.exe [AUTO] RpcSs Service C:\WINDOWS\System32\rsvp.exe [MANUAL] RSVP Service C:\WINDOWS\system32\lsass.exe [AUTO] SamSs Service C:\WINDOWS\System32\SCardSvr.exe [MANUAL] SCardSvr Service C:\WINDOWS\System32\svchost.exe [AUTO] Schedule Service ScsiPort Service C:\WINDOWS\System32\DRIVERS\secdrv.sys [AUTO] Secdrv Service C:\WINDOWS\System32\svchost.exe [AUTO] seclogon Service C:\WINDOWS\system32\svchost.exe [AUTO] SENS Service C:\WINDOWS\System32\DRIVERS\serenum.sys [MANUAL] serenum Service C:\WINDOWS\System32\DRIVERS\serial.sys [sYSTEM] Serial Service C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe [MANUAL] ServiceLayer Service [sYSTEM] Sfloppy Service C:\WINDOWS\System32\svchost.exe [DISABLED] SharedAccess Service C:\WINDOWS\System32\svchost.exe [AUTO] ShellHWDetection Service [DISABLED] Simbad Service C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS [MANUAL] SONYPVU1 Service [DISABLED] Sparrow Service C:\WINDOWS\system32\drivers\splitter.sys [MANUAL] splitter Service C:\WINDOWS\system32\spoolsv.exe [AUTO] Spooler Service C:\WINDOWS\System32\Drivers\sptd.sys [bOOT] sptd Service C:\Program [MANUAL] SQLAgent$CDN_OPTIMA Service C:\WINDOWS\System32\DRIVERS\sr.sys [bOOT] sr Service C:\WINDOWS\System32\svchost.exe [AUTO] srservice Service C:\WINDOWS\System32\DRIVERS\srv.sys [MANUAL] Srv Service C:\WINDOWS\System32\svchost.exe [MANUAL] SSDPSRV Service C:\WINDOWS\System32\svchost.exe [MANUAL] stisvc Service C:\WINDOWS\System32\DRIVERS\swenum.sys [MANUAL] swenum Service C:\WINDOWS\system32\drivers\swmidi.sys [MANUAL] swmidi Service C:\WINDOWS\System32\dllhost.exe [MANUAL] SwPrv Service swwd Service [DISABLED] symc810 Service [DISABLED] symc8xx Service [DISABLED] sym_hi Service [DISABLED] sym_u3 Service C:\WINDOWS\system32\drivers\sysaudio.sys [MANUAL] sysaudio Service C:\WINDOWS\system32\smlogsvc.exe [MANUAL] SysmonLog Service C:\WINDOWS\System32\svchost.exe [MANUAL] TapiSrv Service C:\WINDOWS\System32\DRIVERS\tcpip.sys [sYSTEM] Tcpip Service [MANUAL] TDPIPE Service [MANUAL] TDTCP Service C:\WINDOWS\System32\DRIVERS\termdd.sys [sYSTEM] TermDD Service C:\WINDOWS\System32\svchost.exe [MANUAL] TermService Service C:\WINDOWS\System32\svchost.exe [AUTO] Themes Service C:\WINDOWS\System32\tlntsvr.exe [DISABLED] TlntSvr Service [DISABLED] TosIde Service C:\WINDOWS\system32\svchost.exe [AUTO] TrkWks Service TSDDD Service [DISABLED] Udfs Service [DISABLED] ultra Service C:\WINDOWS\system32\wdfmgr.exe [AUTO] UMWdf Service C:\WINDOWS\System32\DRIVERS\update.sys [MANUAL] Update Service C:\WINDOWS\System32\svchost.exe [MANUAL] upnphost Service C:\WINDOWS\System32\ups.exe [MANUAL] UPS Service C:\WINDOWS\System32\DRIVERS\usbehci.sys [MANUAL] usbehci Service C:\WINDOWS\System32\DRIVERS\usbhub.sys [MANUAL] usbhub Service C:\WINDOWS\System32\DRIVERS\usbohci.sys [MANUAL] usbohci Service C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [MANUAL] USBSTOR Service C:\WINDOWS\system32\Drivers\UserPort.sys [sYSTEM] UserPort Service C:\WINDOWS\System32\drivers\vga.sys [sYSTEM] VgaSave Service [DISABLED] ViaIde Service [bOOT] VolSnap Service C:\WINDOWS\System32\vsdatant.sys [sYSTEM] vsdatant Service C:\WINDOWS\system32\ZoneLabs\vsmon.exe [AUTO] vsmon Service C:\WINDOWS\System32\vssvc.exe [MANUAL] VSS Service VXD Service C:\WINDOWS\System32\svchost.exe [AUTO] W32Time Service W3SVC Service C:\WINDOWS\System32\DRIVERS\wanarp.sys [MANUAL] Wanarp Service [MANUAL] WDICA Service C:\WINDOWS\system32\drivers\wdmaud.sys [MANUAL] wdmaud Service C:\WINDOWS\System32\svchost.exe [AUTO] WebClient Service C:\WINDOWS\system32\wincom32.sys [AUTO] wincom32 Service C:\WINDOWS\system32\svchost.exe [AUTO] winmgmt Service [MANUAL] Winsock Service WinSock2 Service WinTrust Service C:\WINDOWS\System32\svchost.exe [MANUAL] WmdmPmSN Service C:\WINDOWS\System32\svchost.exe [MANUAL] Wmi Service WmiApRpl Service C:\WINDOWS\System32\wbem\wmiapsrv.exe [MANUAL] WmiApSrv Service C:\WINDOWS\System32\svchost.exe [AUTO] wscsvc Service C:\WINDOWS\system32\svchost.exe [AUTO] wuauserv Service C:\WINDOWS\System32\svchost.exe [AUTO] WZCSVC Service C:\WINDOWS\System32\svchost.exe [MANUAL] xmlprov Service {E3AE98AE-D995-428D-8A42-28122ECD3629} Service [MANUAL] amzvka0v ---- EOF - GMER 1.0.12 ----

PS: W trybie awaryjnym się nie restartuje. sSiedziałem z 15 minut i ani razu. A w normlanym od 3 gozdzin nie mogłem chwili posiedzieć.