Rootkit, pozostałości po wirusach? Jak to usunąć?

abt1 · 9 Grudzień 2007 18:29

Witam!

Zaczęło się od tego, że ktoś posłużył się moją karta kredytową – dużo nerwów i telefonów żeby nie płacić za operacje. Jakieś dziadostwo było i usunąłem to co znalazłem. Jeszcze jedna rzecz nie daje mi spokoju. RegRun Reanimator z pakietu UnhackMe znajduje podczas startu uruchomienie pliku z

Program opisuje to jako Kernel Auto Boot typ Drivers autor Unknown

O dziwo ten plik .exe (bez nazwy pliku) nie istnieje na partycji – bynajmniej ja nie widzę (pliki systemowe i ukryte widoczne).

Program gmer w opcji moduły widzi to albo jeszcze coś innego jako:

A program RkUnhooker jako driver:

Nie ma nazwy więc nie wiem czego szukać.

Poniżej linki do logów z różnych programów

ComboFix http://wklej.org/txt/1281902aaa

HijackThis http://wklej.org/txt/0539cf9ef2

GMER http://wklej.org/txt/13f147b359

Silent Runners http://wklej.org/txt/97ad442553

Rootkit Unhooker http://wklej.org/txt/e2d38552a3

Czy ktoś ma pojęcie z czym mam doczynienia oraz jak się tego pozbyć bo juz tydzień się z tym morduje. Jakby kogoś interesowało mogę podesłać na e-maila dumpa tego modułu.

Gutek · 10 Grudzień 2007 00:04

Pobierz program SDFix

abt1 · 13 Grudzień 2007 20:06

Niestety w trybie awaryjnym nie mogłem uruchomić sdfix, pewnie za dużo plików usunąłem Na szczęście system chodzi i do tej pory wszystkie programy chodzą, więc jeszcze wytrzymam od formatowania. Nawet w dzienniku zdarzeń zero errorów i bardzo mało ostrzeżeń - trochę dziwne, że się nie uruchamia w awaryjnym. Nie wiem który plik usunąłem (bo było ich trochę), ale już to dziadostwo nie jest widoczne

Wielkie dzięki Gutek2222 za chęci pomocy. Pozdrawiam.

Gutek · 13 Grudzień 2007 22:16

Daj logi do sprawdzenia

abt1 · 14 Grudzień 2007 11:47

ComboFix

ComboFix 07-12-09.3 - Administrator 2007-12-14 11:57:26.5 - NTFSx86

Microsoft(R) Windows(R) Server 2003, Enterprise Edition 5.2.3790.1.1250.1.1033.18.471 [GMT 1:00]

Running from: C:\Documents and Settings\Administrator\Desktop\rootkity\ComboFix.exe

.


((((((((((((((((((((((((( Files Created from 2007-11-14 to 2007-12-14 )))))))))))))))))))))))))))))))

.


2007-12-13 20:20 . 2007-12-13 20:33	


Gmer

[code]GMER 1.0.13.12551 - http://www.gmer.net Rootkit scan 2007-12-14 12:39:28 Windows 5.2.3790 Service Pack 1 ---- Devices - GMER 1.0.13 ---- Device \FileSystem\Ntfs \Ntfs IRP_MJ_CREATE 833441E8 Device \FileSystem\Ntfs \Ntfs IRP_MJ_CLOSE 833441E8 Device \FileSystem\Ntfs \Ntfs IRP_MJ_READ 833441E8 Device \FileSystem\Ntfs \Ntfs IRP_MJ_WRITE 833441E8 Device \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_INFORMATION 833441E8 Device \FileSystem\Ntfs \Ntfs IRP_MJ_SET_INFORMATION 833441E8 Device \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_EA 833441E8 Device \FileSystem\Ntfs \Ntfs IRP_MJ_SET_EA 833441E8 Device \FileSystem\Ntfs \Ntfs IRP_MJ_FLUSH_BUFFERS 833441E8 Device \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_VOLUME_INFORMATION 833441E8 Device \FileSystem\Ntfs \Ntfs IRP_MJ_SET_VOLUME_INFORMATION 833441E8 Device \FileSystem\Ntfs \Ntfs IRP_MJ_DIRECTORY_CONTROL 833441E8 Device \FileSystem\Ntfs \Ntfs IRP_MJ_FILE_SYSTEM_CONTROL 833441E8 Device \FileSystem\Ntfs \Ntfs IRP_MJ_DEVICE_CONTROL 833441E8 Device \FileSystem\Ntfs \Ntfs IRP_MJ_SHUTDOWN 833441E8 Device \FileSystem\Ntfs \Ntfs IRP_MJ_LOCK_CONTROL 833441E8 Device \FileSystem\Ntfs \Ntfs IRP_MJ_CLEANUP 833441E8 Device \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_SECURITY 833441E8 Device \FileSystem\Ntfs \Ntfs IRP_MJ_SET_SECURITY 833441E8 Device \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_QUOTA 833441E8 Device \FileSystem\Ntfs \Ntfs IRP_MJ_SET_QUOTA 833441E8 Device \FileSystem\Ntfs \Ntfs IRP_MJ_PNP 833441E8 AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_CREATE [F7287374] fltMgr.sys AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_CREATE_NAMED_PIPE [F7287374] fltMgr.sys AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_CLOSE [F7279BE4] fltMgr.sys AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_READ [F7279BE4] fltMgr.sys AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_WRITE [F7279BE4] fltMgr.sys AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_INFORMATION [F7279BE4] fltMgr.sys AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_SET_INFORMATION [F7279BE4] fltMgr.sys AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_EA [F7279BE4] fltMgr.sys AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_SET_EA [F7279BE4] fltMgr.sys AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_FLUSH_BUFFERS [F7279BE4] fltMgr.sys AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_VOLUME_INFORMATION [F7279BE4] fltMgr.sys AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_SET_VOLUME_INFORMATION [F7279BE4] fltMgr.sys AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_DIRECTORY_CONTROL [F7279BE4] fltMgr.sys AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_FILE_SYSTEM_CONTROL [F72875BC] fltMgr.sys AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_DEVICE_CONTROL [F7279BE4] fltMgr.sys AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_INTERNAL_DEVICE_CONTROL [F7279BE4] fltMgr.sys AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_SHUTDOWN [F7279BE4] fltMgr.sys AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_LOCK_CONTROL [F7279BE4] fltMgr.sys AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_CLEANUP [F7279BE4] fltMgr.sys AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_CREATE_MAILSLOT [F7287374] fltMgr.sys AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_SECURITY [F7279BE4] fltMgr.sys AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_SET_SECURITY [F7279BE4] fltMgr.sys AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_POWER [F7279BE4] fltMgr.sys AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_SYSTEM_CONTROL [F7279BE4] fltMgr.sys AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_DEVICE_CHANGE [F7279BE4] fltMgr.sys AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_QUOTA [F7279BE4] fltMgr.sys AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_SET_QUOTA [F7279BE4] fltMgr.sys AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_CREATE [EE14FFE2] amon.sys AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_CREATE_NAMED_PIPE [EE15067A] amon.sys AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_CLOSE [EE15067A] amon.sys AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_READ [EE15067A] amon.sys AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_WRITE [EE15067A] amon.sys AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_INFORMATION [EE15067A] amon.sys AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_SET_INFORMATION [EE15067A] amon.sys AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_EA [EE15067A] amon.sys AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_SET_EA [EE15067A] amon.sys AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_FLUSH_BUFFERS [EE15067A] amon.sys AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_VOLUME_INFORMATION [EE15067A] amon.sys AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_SET_VOLUME_INFORMATION [EE15067A] amon.sys AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_DIRECTORY_CONTROL [EE15067A] amon.sys AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_FILE_SYSTEM_CONTROL [EE14FBEC] amon.sys AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_DEVICE_CONTROL [EE15067A] amon.sys AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_INTERNAL_DEVICE_CONTROL [EE15067A] amon.sys AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_SHUTDOWN [EE15067A] amon.sys AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_LOCK_CONTROL [EE15067A] amon.sys AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_CLEANUP [EE1503D4] amon.sys AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_CREATE_MAILSLOT [EE15067A] amon.sys AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_SECURITY [EE15067A] amon.sys AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_SET_SECURITY [EE15067A] amon.sys AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_POWER [EE15067A] amon.sys AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_SYSTEM_CONTROL [EE15067A] amon.sys AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_DEVICE_CHANGE [EE15067A] amon.sys AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_QUOTA [EE15067A] amon.sys AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_SET_QUOTA [EE15067A] amon.sys Device \FileSystem\Fastfat \Fat IRP_MJ_CREATE 8303E1E8 Device \FileSystem\Fastfat \Fat IRP_MJ_CLOSE 8303E1E8 Device \FileSystem\Fastfat \Fat IRP_MJ_READ 8303E1E8 Device \FileSystem\Fastfat \Fat IRP_MJ_WRITE 8303E1E8 Device \FileSystem\Fastfat \Fat IRP_MJ_QUERY_INFORMATION 8303E1E8 Device \FileSystem\Fastfat \Fat IRP_MJ_SET_INFORMATION 8303E1E8 Device \FileSystem\Fastfat \Fat IRP_MJ_QUERY_EA 8303E1E8 Device \FileSystem\Fastfat \Fat IRP_MJ_SET_EA 8303E1E8 Device \FileSystem\Fastfat \Fat IRP_MJ_FLUSH_BUFFERS 8303E1E8 Device \FileSystem\Fastfat \Fat IRP_MJ_QUERY_VOLUME_INFORMATION 8303E1E8 Device \FileSystem\Fastfat \Fat IRP_MJ_SET_VOLUME_INFORMATION 8303E1E8 Device \FileSystem\Fastfat \Fat IRP_MJ_DIRECTORY_CONTROL 8303E1E8 Device \FileSystem\Fastfat \Fat IRP_MJ_FILE_SYSTEM_CONTROL 8303E1E8 Device \FileSystem\Fastfat \Fat IRP_MJ_DEVICE_CONTROL 8303E1E8 Device \FileSystem\Fastfat \Fat IRP_MJ_SHUTDOWN 8303E1E8 Device \FileSystem\Fastfat \Fat IRP_MJ_LOCK_CONTROL 8303E1E8 Device \FileSystem\Fastfat \Fat IRP_MJ_CLEANUP 8303E1E8 Device \FileSystem\Fastfat \Fat IRP_MJ_PNP 8303E1E8 AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_CREATE [F7287374] fltMgr.sys AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_CREATE_NAMED_PIPE [F7287374] fltMgr.sys AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_CLOSE [F7279BE4] fltMgr.sys AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_READ [F7279BE4] fltMgr.sys AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_WRITE [F7279BE4] fltMgr.sys AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_QUERY_INFORMATION [F7279BE4] fltMgr.sys AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_SET_INFORMATION [F7279BE4] fltMgr.sys AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_QUERY_EA [F7279BE4] fltMgr.sys AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_SET_EA [F7279BE4] fltMgr.sys AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_FLUSH_BUFFERS [F7279BE4] fltMgr.sys AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_QUERY_VOLUME_INFORMATION [F7279BE4] fltMgr.sys AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_SET_VOLUME_INFORMATION [F7279BE4] fltMgr.sys AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_DIRECTORY_CONTROL [F7279BE4] fltMgr.sys AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_FILE_SYSTEM_CONTROL [F72875BC] fltMgr.sys AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_DEVICE_CONTROL [F7279BE4] fltMgr.sys AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_INTERNAL_DEVICE_CONTROL [F7279BE4] fltMgr.sys AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_SHUTDOWN [F7279BE4] fltMgr.sys AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_LOCK_CONTROL [F7279BE4] fltMgr.sys AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_CLEANUP [F7279BE4] fltMgr.sys AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_CREATE_MAILSLOT [F7287374] fltMgr.sys AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_QUERY_SECURITY [F7279BE4] fltMgr.sys AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_SET_SECURITY [F7279BE4] fltMgr.sys AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_POWER [F7279BE4] fltMgr.sys AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_SYSTEM_CONTROL [F7279BE4] fltMgr.sys AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_DEVICE_CHANGE [F7279BE4] fltMgr.sys AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_QUERY_QUOTA [F7279BE4] fltMgr.sys AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_SET_QUOTA [F7279BE4] fltMgr.sys AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_CREATE [EE14FFE2] amon.sys AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_CREATE_NAMED_PIPE [EE15067A] amon.sys AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_CLOSE [EE15067A] amon.sys AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_READ [EE15067A] amon.sys AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_WRITE [EE15067A] amon.sys AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_QUERY_INFORMATION [EE15067A] amon.sys AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_SET_INFORMATION [EE15067A] amon.sys AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_QUERY_EA [EE15067A] amon.sys AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_SET_EA [EE15067A] amon.sys AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_FLUSH_BUFFERS [EE15067A] amon.sys AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_QUERY_VOLUME_INFORMATION [EE15067A] amon.sys AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_SET_VOLUME_INFORMATION [EE15067A] amon.sys AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_DIRECTORY_CONTROL [EE15067A] amon.sys AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_FILE_SYSTEM_CONTROL [EE14FBEC] amon.sys AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_DEVICE_CONTROL [EE15067A] amon.sys AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_INTERNAL_DEVICE_CONTROL [EE15067A] amon.sys AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_SHUTDOWN [EE15067A] amon.sys AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_LOCK_CONTROL [EE15067A] amon.sys AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_CLEANUP [EE1503D4] amon.sys AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_CREATE_MAILSLOT [EE15067A] amon.sys AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_QUERY_SECURITY [EE15067A] amon.sys AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_SET_SECURITY [EE15067A] amon.sys AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_POWER [EE15067A] amon.sys AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_SYSTEM_CONTROL [EE15067A] amon.sys AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_DEVICE_CHANGE [EE15067A] amon.sys AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_QUERY_QUOTA [EE15067A] amon.sys AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_SET_QUOTA [EE15067A] amon.sys AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_CREATE [EE85D5C6] lnsfw1.SYS AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_CREATE_NAMED_PIPE [EE85D5C6] lnsfw1.SYS AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_CLOSE [EE85D5C6] lnsfw1.SYS AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_READ [EE85D5C6] lnsfw1.SYS AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_WRITE [EE85D5C6] lnsfw1.SYS AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_QUERY_INFORMATION [EE85D5C6] lnsfw1.SYS AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_SET_INFORMATION [EE85D5C6] lnsfw1.SYS AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_QUERY_EA [EE85D5C6] lnsfw1.SYS AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_SET_EA [EE85D5C6] lnsfw1.SYS AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_FLUSH_BUFFERS [EE85D5C6] lnsfw1.SYS AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_QUERY_VOLUME_INFORMATION [EE85D5C6] lnsfw1.SYS AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_SET_VOLUME_INFORMATION [EE85D5C6] lnsfw1.SYS AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_DIRECTORY_CONTROL [EE85D5C6] lnsfw1.SYS AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_FILE_SYSTEM_CONTROL [EE85D5C6] lnsfw1.SYS AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_DEVICE_CONTROL [EE85D5C6] lnsfw1.SYS AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_INTERNAL_DEVICE_CONTROL [EE85C5D8] lnsfw1.SYS AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_SHUTDOWN [EE85D5C6] lnsfw1.SYS AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_LOCK_CONTROL [EE85D5C6] lnsfw1.SYS AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_CLEANUP [EE85D5C6] lnsfw1.SYS AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_CREATE_MAILSLOT [EE85D5C6] lnsfw1.SYS AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_QUERY_SECURITY [EE85D5C6] lnsfw1.SYS AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_SET_SECURITY [EE85D5C6] lnsfw1.SYS AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_POWER [EE85D5C6] lnsfw1.SYS AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_SYSTEM_CONTROL [EE85D5C6] lnsfw1.SYS AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_DEVICE_CHANGE [EE85D5C6] lnsfw1.SYS AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_QUERY_QUOTA [EE85D5C6] lnsfw1.SYS AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_SET_QUOTA [EE85D5C6] lnsfw1.SYS AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_CREATE [EE85D5C6] lnsfw1.SYS AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_CREATE_NAMED_PIPE [EE85D5C6] lnsfw1.SYS AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_CLOSE [EE85D5C6] lnsfw1.SYS AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_READ [EE85D5C6] lnsfw1.SYS AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_WRITE [EE85D5C6] lnsfw1.SYS AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_QUERY_INFORMATION [EE85D5C6] lnsfw1.SYS AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_SET_INFORMATION [EE85D5C6] lnsfw1.SYS AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_QUERY_EA [EE85D5C6] lnsfw1.SYS AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_SET_EA [EE85D5C6] lnsfw1.SYS AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_FLUSH_BUFFERS [EE85D5C6] lnsfw1.SYS AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_QUERY_VOLUME_INFORMATION [EE85D5C6] lnsfw1.SYS AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_SET_VOLUME_INFORMATION [EE85D5C6] lnsfw1.SYS AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_DIRECTORY_CONTROL [EE85D5C6] lnsfw1.SYS AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_FILE_SYSTEM_CONTROL [EE85D5C6] lnsfw1.SYS AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_DEVICE_CONTROL [EE85D5C6] lnsfw1.SYS AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_INTERNAL_DEVICE_CONTROL [EE85C5D8] lnsfw1.SYS AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_SHUTDOWN [EE85D5C6] lnsfw1.SYS AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_LOCK_CONTROL [EE85D5C6] lnsfw1.SYS AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_CLEANUP [EE85D5C6] lnsfw1.SYS AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_CREATE_MAILSLOT [EE85D5C6] lnsfw1.SYS AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_QUERY_SECURITY [EE85D5C6] lnsfw1.SYS AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_SET_SECURITY [EE85D5C6] lnsfw1.SYS AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_POWER [EE85D5C6] lnsfw1.SYS AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_SYSTEM_CONTROL [EE85D5C6] lnsfw1.SYS AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_DEVICE_CHANGE [EE85D5C6] lnsfw1.SYS AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_QUERY_QUOTA [EE85D5C6] lnsfw1.SYS AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_SET_QUOTA [EE85D5C6] lnsfw1.SYS AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_CREATE [EE85D5C6] lnsfw1.SYS AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_CREATE_NAMED_PIPE [EE85D5C6] lnsfw1.SYS AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_CLOSE [EE85D5C6] lnsfw1.SYS AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_READ [EE85D5C6] lnsfw1.SYS AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_WRITE [EE85D5C6] lnsfw1.SYS AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_QUERY_INFORMATION [EE85D5C6] lnsfw1.SYS AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_SET_INFORMATION [EE85D5C6] lnsfw1.SYS AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_QUERY_EA [EE85D5C6] lnsfw1.SYS AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_SET_EA [EE85D5C6] lnsfw1.SYS AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_FLUSH_BUFFERS [EE85D5C6] lnsfw1.SYS AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_QUERY_VOLUME_INFORMATION [EE85D5C6] lnsfw1.SYS AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_SET_VOLUME_INFORMATION [EE85D5C6] lnsfw1.SYS AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_DIRECTORY_CONTROL [EE85D5C6] lnsfw1.SYS AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_FILE_SYSTEM_CONTROL [EE85D5C6] lnsfw1.SYS AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_DEVICE_CONTROL [EE85D5C6] lnsfw1.SYS AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_INTERNAL_DEVICE_CONTROL [EE85C5D8] lnsfw1.SYS AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_SHUTDOWN [EE85D5C6] lnsfw1.SYS AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_LOCK_CONTROL [EE85D5C6] lnsfw1.SYS AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_CLEANUP [EE85D5C6] lnsfw1.SYS AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_CREATE_MAILSLOT [EE85D5C6] lnsfw1.SYS AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_QUERY_SECURITY [EE85D5C6] lnsfw1.SYS AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_SET_SECURITY [EE85D5C6] lnsfw1.SYS AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_POWER [EE85D5C6] lnsfw1.SYS AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_SYSTEM_CONTROL [EE85D5C6] lnsfw1.SYS AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_DEVICE_CHANGE [EE85D5C6] lnsfw1.SYS AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_QUERY_QUOTA [EE85D5C6] lnsfw1.SYS AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_SET_QUOTA [EE85D5C6] lnsfw1.SYS AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_CREATE [EE85D5C6] lnsfw1.SYS AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_CREATE_NAMED_PIPE [EE85D5C6] lnsfw1.SYS AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_CLOSE [EE85D5C6] lnsfw1.SYS AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_READ [EE85D5C6] lnsfw1.SYS AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_WRITE [EE85D5C6] lnsfw1.SYS AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_QUERY_INFORMATION [EE85D5C6] lnsfw1.SYS AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_SET_INFORMATION [EE85D5C6] lnsfw1.SYS AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_QUERY_EA [EE85D5C6] lnsfw1.SYS AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_SET_EA [EE85D5C6] lnsfw1.SYS AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_FLUSH_BUFFERS [EE85D5C6] lnsfw1.SYS AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_QUERY_VOLUME_INFORMATION [EE85D5C6] lnsfw1.SYS AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_SET_VOLUME_INFORMATION [EE85D5C6] lnsfw1.SYS AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_DIRECTORY_CONTROL [EE85D5C6] lnsfw1.SYS AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_FILE_SYSTEM_CONTROL [EE85D5C6] lnsfw1.SYS AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_DEVICE_CONTROL [EE85D5C6] lnsfw1.SYS AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_INTERNAL_DEVICE_CONTROL [EE85C5D8] lnsfw1.SYS AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_SHUTDOWN [EE85D5C6] lnsfw1.SYS AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_LOCK_CONTROL [EE85D5C6] lnsfw1.SYS AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_CLEANUP [EE85D5C6] lnsfw1.SYS AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_CREATE_MAILSLOT [EE85D5C6] lnsfw1.SYS AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_QUERY_SECURITY [EE85D5C6] lnsfw1.SYS AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_SET_SECURITY [EE85D5C6] lnsfw1.SYS AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_POWER [EE85D5C6] lnsfw1.SYS AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_SYSTEM_CONTROL [EE85D5C6] lnsfw1.SYS AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_DEVICE_CHANGE [EE85D5C6] lnsfw1.SYS AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_QUERY_QUOTA [EE85D5C6] lnsfw1.SYS AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_SET_QUOTA [EE85D5C6] lnsfw1.SYS ---- EOF - GMER 1.0.13 ----

Gutek · 14 Grudzień 2007 22:59

Nic nie widzę

abt1 · 15 Grudzień 2007 14:18

To dobrze. Znaczy się że dziadostwo usunąłem Pozdrawiam