Wirusyna kompie- proszę o sprawdzenie logów

suchy123 · 13 Lipiec 2007 07:56

Przeskanowałem avastem kompa i wykrył ponad 5 koni trojańskich (foldery system32 i System Volume Information) lecz żadnego nie może usunąć więc proszę o sprawdzenie logów:

Logfile of HijackThis v1.99.1 Scan saved at 09:52:20, on 2007-07-13 Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600) MSIE: Unable to get Internet Explorer version! Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Ahead\InCD\InCDsrv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\LEXBCES.EXE C:\WINDOWS\system32\LEXPPS.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\System32\HPZipm12.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\Program Files\Ahead\InCD\InCD.exe C:\Program Files\QuickTime\qttask.exe C:\WINDOWS\RTHDCPL.EXE C:\WINDOWS\system32\RunDLL32.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe E:\Program Files\Gadu-Gadu\gg.exe C:\Program Files\EDGE Dialer\Edge.exe C:\Program Files\Opera\Opera.exe C:\WINDOWS\system32\NOTEPAD.EXE C:\Documents and Settings\p\Pulpit\Programy\inne\hijack\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.my123.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.pl/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: Fav Manager - {CD8BFE70-5809-4C73-9EEE-E5672C2B79D7} - C:\Program Files\Deepdo\DeepdoBar\Favorite\FavBlock.dll (file missing) O4 - HKLM…\Run: [inCD] C:\Program Files\Ahead\InCD\InCD.exe O4 - HKLM…\Run: [QuickTime Task] “C:\Program Files\QuickTime\qttask.exe” -atboottime O4 - HKLM…\Run: [nwiz] nwiz.exe /install O4 - HKLM…\Run: [Detect] E:\Program Files\iNTERNET Turbo\idetect.exe /auto O4 - HKLM…\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM…\Run: [skyTel] SkyTel.EXE O4 - HKLM…\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM…\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit O4 - HKLM…\Run: [amd_dc_opt] C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe O4 - HKLM…\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM…\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM…\RunServices: [Detect] E:\Program Files\iNTERNET Turbo\idetect.exe /auto O4 - HKCU…\Run: [NBJ] “C:\Program Files\Ahead\Nero BackItUp\NBJ.exe” O4 - HKCU…\Run: [win msdt service] mswindtc.exe O4 - HKCU…\Run: [Gadu-Gadu] “E:\Program Files\Gadu-Gadu\gg.exe” /tray O4 - HKCU…\RunServices: [win msdt service] mswindtc.exe O8 - Extra context menu item: &Suchen - res://C:\WINDOWS\System32\Suchspur.dll/Suchspur.HTM O8 - Extra context menu item: YOKËŃË÷ - C:\Program Files\YOK.com\SuperSearch\yoksch.htm O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra ‘Tools’ menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O17 - HKLM\System\CCS\Services\Tcpip…{1011D9F4-FAB1-4B77-AB24-954224C13326}: NameServer = 194.9.223.79 217.17.34.10 O17 - HKLM\System\CS3\Services\Tcpip…{1011D9F4-FAB1-4B77-AB24-954224C13326}: NameServer = 194.9.223.79 217.17.34.10 O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: Diskeeper - Diskeeper Corporation - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe O23 - Service: Prime95 Service - Unknown owner - E:\Program Files\Prime95\prime95.exe (file missing)

Gutek · 13 Lipiec 2007 08:21

Najpierw automat - Daj log z Combofix

suchy123 · 13 Lipiec 2007 08:29

“Wojtek” - 2007-07-13 10:26:49 - ComboFix 07-07-13 - Dodatek Service Pack 2 ((((((((((((((((((((((((( Files Created from 2007-06-13 to 2007-07-13 ))))))))))))))))))))))))))))))) 2007-07-12 23:51 51,200 --a------ C:\WINDOWS\nircmd.exe 2007-07-12 22:44 962,612 --a------ C:\WINDOWS\system32\mfc42d.dll 2007-07-12 22:44 5,685 -ra------ C:\WINDOWS\system32\drivers\AsIO.sys 2007-07-12 22:44 5,120 --a------ C:\WINDOWS\system32\drivers\AsInsHelp64.sys 2007-07-12 22:44 434,252 --a------ C:\WINDOWS\system32\MSVCRTD.DLL 2007-07-12 22:44 3,328 --a------ C:\WINDOWS\system32\drivers\AsInsHelp32.sys 2007-07-12 22:44 24,576 -ra------ C:\WINDOWS\system32\AsIO.dll 2007-07-12 22:44 2007-07-12 20:52 2007-07-12 20:52 2007-07-09 18:07 2007-07-07 20:41 2007-07-07 20:28 2007-07-07 16:35 2007-07-07 12:12 2007-07-07 10:38 2007-07-07 10:22 2007-07-06 23:01 2007-07-06 18:41 2007-07-06 18:39 95,872 --a------ C:\WINDOWS\system32\AVASTSS.scr 2007-07-06 18:39 94,552 --a------ C:\WINDOWS\system32\drivers\aswmon2.sys 2007-07-06 18:39 85,952 --a------ C:\WINDOWS\system32\drivers\aswmon.sys 2007-07-06 18:39 745,600 --a------ C:\WINDOWS\system32\aswBoot.exe 2007-07-06 18:39 43,176 --a------ C:\WINDOWS\system32\drivers\aswTdi.sys 2007-07-06 18:39 26,888 --a------ C:\WINDOWS\system32\drivers\aavmker4.sys 2007-07-06 18:39 23,416 --a------ C:\WINDOWS\system32\drivers\aswRdr.sys 2007-06-21 15:02 9,600 --a------ C:\WINDOWS\system32\drivers\hidusb.sys 2007-06-21 15:02 12,160 --a------ C:\WINDOWS\system32\drivers\mouhid.sys 2007-06-17 00:34 33,280 --a------ C:\WINDOWS\system32\drivers\AmdLLD.sys (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) 2007-07-07 14:49:12 -------- d-----w C:\Program Files\Winamp 2007-07-07 14:49:12 -------- d-----w C:\Program Files\QuickTime 2007-07-07 14:49:12 -------- d-----w C:\Program Files\Movie Maker 2007-07-06 21:27:35 -------- d-----w C:\Program Files\AMD 2007-06-04 22:22:00 67,078 ----a-w C:\WINDOWS\system32\perfc015.dat 2007-06-04 22:22:00 435,978 ----a-w C:\WINDOWS\system32\perfh015.dat 2007-06-04 22:20:31 -------- d-----w C:\Program Files\Realtek 2007-05-09 17:56:42 50 ----a-w C:\AUTOEXEC.BAT 2007-04-30 15:54:44 126,464 ----a-w C:\WINDOWS\system32\upx-adtp.exe 2007-04-30 15:54:43 22,016 ----a-w C:\WINDOWS\system32\hoko.dll 2007-04-30 15:54:42 4,096 ----a-w C:\WINDOWS\system32\hguard.dll 2007-04-19 11:26:00 888,832 ----a-w C:\WINDOWS\system32\nvmobls.dll 2007-04-19 11:26:00 86,016 ----a-w C:\WINDOWS\system32\nvmctray.dll 2007-04-19 11:26:00 81,920 ----a-w C:\WINDOWS\system32\nvwddi.dll 2007-04-19 11:26:00 7,700,480 ----a-w C:\WINDOWS\system32\nvcpl.dll 2007-04-19 11:26:00 581,632 ----a-w C:\WINDOWS\system32\nvhwvid.dll 2007-04-19 11:26:00 5,644,288 ----a-w C:\WINDOWS\system32\nvoglnt.dll 2007-04-19 11:26:00 5,619,712 ----a-w C:\WINDOWS\system32\nvdisps.dll 2007-04-19 11:26:00 5,255,168 ----a-w C:\WINDOWS\system32\nvdispsr.dll 2007-04-19 11:26:00 466,944 ----a-w C:\WINDOWS\system32\nvshell.dll 2007-04-19 11:26:00 458,752 ----a-w C:\WINDOWS\system32\nvmccssr.dll 2007-04-19 11:26:00 45,056 ----a-w C:\WINDOWS\system32\nvmccsrs.dll 2007-04-19 11:26:00 442,368 ----a-w C:\WINDOWS\system32\nvappbar.exe 2007-04-19 11:26:00 425,984 ----a-w C:\WINDOWS\system32\keystone.exe 2007-04-19 11:26:00 4,543,616 ----a-w C:\WINDOWS\system32\nv4_disp.dll 2007-04-19 11:26:00 335,872 ----a-w C:\WINDOWS\system32\nvwrses.dll 2007-04-19 11:26:00 335,872 ----a-w C:\WINDOWS\system32\nvwrsel.dll 2007-04-19 11:26:00 327,680 ----a-w C:\WINDOWS\system32\nvwrsfr.dll 2007-04-19 11:26:00 327,680 ----a-w C:\WINDOWS\system32\nvwrsesm.dll 2007-04-19 11:26:00 323,584 ----a-w C:\WINDOWS\system32\nvwrspt.dll 2007-04-19 11:26:00 323,584 ----a-w C:\WINDOWS\system32\nvwrsit.dll 2007-04-19 11:26:00 323,584 ----a-w C:\WINDOWS\system32\nvrshe.dll 2007-04-19 11:26:00 323,584 ----a-w C:\WINDOWS\system32\nvrsar.dll 2007-04-19 11:26:00 319,488 ----a-w C:\WINDOWS\system32\nvwrsptb.dll 2007-04-19 11:26:00 319,488 ----a-w C:\WINDOWS\system32\nvwrsnl.dll 2007-04-19 11:26:00 315,392 ----a-w C:\WINDOWS\system32\nvwrsru.dll 2007-04-19 11:26:00 315,392 ----a-w C:\WINDOWS\system32\nvwrshu.dll 2007-04-19 11:26:00 311,296 ----a-w C:\WINDOWS\system32\nvwrsde.dll 2007-04-19 11:26:00 303,104 ----a-w C:\WINDOWS\system32\nvwrstr.dll 2007-04-19 11:26:00 303,104 ----a-w C:\WINDOWS\system32\nvwrssl.dll 2007-04-19 11:26:00 303,104 ----a-w C:\WINDOWS\system32\nvwrsfi.dll 2007-04-19 11:26:00 3,203,072 ----a-w C:\WINDOWS\system32\nvgamesr.dll 2007-04-19 11:26:00 3,035,136 ----a-w C:\WINDOWS\system32\nvgames.dll 2007-04-19 11:26:00 299,008 ----a-w C:\WINDOWS\system32\nvwrssk.dll 2007-04-19 11:26:00 299,008 ----a-w C:\WINDOWS\system32\nvwrsno.dll 2007-04-19 11:26:00 294,912 ----a-w C:\WINDOWS\system32\nvwrssv.dll 2007-04-19 11:26:00 294,912 ----a-w C:\WINDOWS\system32\nvwrspl.dll 2007-04-19 11:26:00 294,912 ----a-w C:\WINDOWS\system32\nvwrsda.dll 2007-04-19 11:26:00 286,720 ----a-w C:\WINDOWS\system32\nvwrseng.dll 2007-04-19 11:26:00 286,720 ----a-w C:\WINDOWS\system32\nvwrscs.dll 2007-04-19 11:26:00 286,720 ----a-w C:\WINDOWS\system32\nvnt4cpl.dll 2007-04-19 11:26:00 282,624 ----a-w C:\WINDOWS\system32\nvwrsar.dll 2007-04-19 11:26:00 278,528 ----a-w C:\WINDOWS\system32\nvwrshe.dll 2007-04-19 11:26:00 278,528 ----a-w C:\WINDOWS\system32\nvrsfr.dll 2007-04-19 11:26:00 274,432 ----a-w C:\WINDOWS\system32\nvrsit.dll 2007-04-19 11:26:00 274,432 ----a-w C:\WINDOWS\system32\nvrses.dll 2007-04-19 11:26:00 274,432 ----a-w C:\WINDOWS\system32\nvrsel.dll 2007-04-19 11:26:00 270,336 ----a-w C:\WINDOWS\system32\nvrsde.dll 2007-04-19 11:26:00 266,240 ----a-w C:\WINDOWS\system32\nvrspt.dll 2007-04-19 11:26:00 266,240 ----a-w C:\WINDOWS\system32\nvrsnl.dll 2007-04-19 11:26:00 266,240 ----a-w C:\WINDOWS\system32\nvrsesm.dll 2007-04-19 11:26:00 262,144 ----a-w C:\WINDOWS\system32\nvrsru.dll 2007-04-19 11:26:00 262,144 ----a-w C:\WINDOWS\system32\nvrsptb.dll 2007-04-19 11:26:00 262,144 ----a-w C:\WINDOWS\system32\nvrsja.dll 2007-04-19 11:26:00 258,048 ----a-w C:\WINDOWS\system32\nvrsko.dll 2007-04-19 11:26:00 253,952 ----a-w C:\WINDOWS\system32\nvrshu.dll 2007-04-19 11:26:00 249,856 ----a-w C:\WINDOWS\system32\nvrstr.dll 2007-04-19 11:26:00 249,856 ----a-w C:\WINDOWS\system32\nvrssl.dll 2007-04-19 11:26:00 249,856 ----a-w C:\WINDOWS\system32\nvrssk.dll 2007-04-19 11:26:00 249,856 ----a-w C:\WINDOWS\system32\nvrspl.dll 2007-04-19 11:26:00 249,856 ----a-w C:\WINDOWS\system32\nvrsno.dll 2007-04-19 11:26:00 245,760 ----a-w C:\WINDOWS\system32\nvrssv.dll 2007-04-19 11:26:00 245,760 ----a-w C:\WINDOWS\system32\nvrsda.dll 2007-04-19 11:26:00 241,664 ----a-w C:\WINDOWS\system32\nvrsfi.dll 2007-04-19 11:26:00 241,664 ----a-w C:\WINDOWS\system32\nvrseng.dll 2007-04-19 11:26:00 241,664 ----a-w C:\WINDOWS\system32\nvrscs.dll 2007-04-19 11:26:00 229,376 ----a-w C:\WINDOWS\system32\nvmccs.dll 2007-04-19 11:26:00 221,184 ----a-w C:\WINDOWS\system32\nvrszhc.dll 2007-04-19 11:26:00 212,992 ----a-w C:\WINDOWS\system32\nvwrsja.dll 2007-04-19 11:26:00 212,992 ----a-w C:\WINDOWS\system32\nvapi.dll 2007-04-19 11:26:00 2,973,696 ----a-w C:\WINDOWS\system32\nvvitvsr.dll 2007-04-19 11:26:00 2,924,544 ----a-w C:\WINDOWS\system32\nvvitvs.dll 2007-04-19 11:26:00 2,859,008 ----a-w C:\WINDOWS\system32\nvmoblsr.dll 2007-04-19 11:26:00 196,608 ----a-w C:\WINDOWS\system32\nvwrsko.dll 2007-04-19 11:26:00 188,416 ----a-w C:\WINDOWS\system32\nvmccss.dll 2007-04-19 11:26:00 167,936 ----a-w C:\WINDOWS\system32\nvwrszht.dll 2007-04-19 11:26:00 163,840 ----a-w C:\WINDOWS\system32\nvwrszhc.dll 2007-04-19 11:26:00 159,810 ----a-w C:\WINDOWS\system32\nvsvc32.exe 2007-04-19 11:26:00 147,456 ----a-w C:\WINDOWS\system32\nvcolor.exe 2007-04-19 11:26:00 118,784 ----a-w C:\WINDOWS\system32\nvrszht.dll 2007-04-19 11:26:00 1,732,608 ----a-w C:\WINDOWS\system32\nvwssr.dll 2007-04-19 11:26:00 1,703,936 ----a-w C:\WINDOWS\system32\nvwdmcpl.dll 2007-04-19 11:26:00 1,626,112 ----a-w C:\WINDOWS\system32\nwiz.exe 2007-04-19 11:26:00 1,474,560 ----a-w C:\WINDOWS\system32\nview.dll 2007-04-19 11:26:00 1,339,392 ----a-w C:\WINDOWS\system32\nvdspsch.exe 2007-04-19 11:26:00 1,236,992 ----a-w C:\WINDOWS\system32\nvwss.dll 2007-04-19 11:26:00 1,019,904 ----a-w C:\WINDOWS\system32\nvwimg.dll 2007-02-07 09:30:06 97 ----a-w C:\Program Files\Common Files\7.ini ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) *Note* empty entries & legit default entries are not shown [HKEY_LOCAL_MACHINE~\Browser Helper Objects{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}] 2004-12-14 12:56 63136 -ra------ C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [HKEY_LOCAL_MACHINE~\Browser Helper Objects{CD8BFE70-5809-4C73-9EEE-E5672C2B79D7}] C:\Program Files\Deepdo\DeepdoBar\Favorite\FavBlock.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] “InCD”=“C:\Program Files\Ahead\InCD\InCD.exe” [2005-07-08 16:25] “QuickTime Task”=“C:\Program Files\QuickTime\qttask.exe” [2005-03-13 17:30] “nwiz”=“nwiz.exe” [2007-04-19 13:26 C:\WINDOWS\system32\nwiz.exe] “Detect”=“E:\Program Files\iNTERNET Turbo\idetect.exe” [] “RTHDCPL”=“RTHDCPL.EXE” [2006-08-23 14:08 C:\WINDOWS\RTHDCPL.exe] “SkyTel”=“SkyTel.EXE” [2006-05-16 12:04 C:\WINDOWS\SkyTel.exe] “Alcmtr”=“ALCMTR.EXE” [2005-05-03 12:43 C:\WINDOWS\Alcmtr.exe] “NvMediaCenter”=“NvMCTray.dll” [2007-04-19 13:26 C:\WINDOWS\system32\nvmctray.dll] “amd_dc_opt”=“C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe” [2006-11-17 16:49] “avast!”=“C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe” [2007-04-30 17:42] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] “NBJ”=“C:\Program Files\Ahead\Nero BackItUp\NBJ.exe” [2005-06-02 17:03] “PowerBar”="" [] “win msdt service”=“mswindtc.exe” [] “Gadu-Gadu”=“E:\Program Files\Gadu-Gadu\gg.exe” [2007-01-30 16:58] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\runservices] “win msdt service”=mswindtc.exe [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runservices] “Detect”=E:\Program Files\iNTERNET Turbo\idetect.exe /auto [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] “appinit_dlls”=NVDESK32.DLL [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^Adobe Reader Speed Launch.lnk] path=C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Adobe Reader Speed Launch.lnk backup=C:\WINDOWS\pss\Adobe Reader Speed Launch.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^HP Digital Imaging Monitor.lnk] path=C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\HP Digital Imaging Monitor.lnk backup=C:\WINDOWS\pss\HP Digital Imaging Monitor.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^HP Image Zone - szybkie uruchamianie.lnk] path=C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\HP Image Zone - szybkie uruchamianie.lnk backup=C:\WINDOWS\pss\HP Image Zone - szybkie uruchamianie.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Anti-Dialer Toolkit Pro] E:\Program Files\Anti-Dialer Toolkit Pro\ADTP.EXE /t [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Free Download Manager] E:\Program Files\Free Download Manager\fdm.exe -autorun [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Gadu-Gadu] “E:\Program Files\Gadu-Gadu\gg.exe” /tray [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update] “C:\Program Files\HP\HP Software Update\HPWuSchd2.exe” [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LGODDFU] “E:\Program Files\lg_fwupdate\fwupdate.exe” [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl] “C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe” [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UnlockerAssistant] “C:\Program Files\Unlocker\UnlockerAssistant.exe” [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WheelMouse] E:\PROGRA~1\A4Tech\Mouse\Amoumain.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent] E:\Program Files\Winamp\winampa.exe HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Svchost - netsvcs Gentad Navoct jkuowmr gkazgj Contents of the ‘Scheduled Tasks’ folder 2007-07-12 10:26:00 C:\WINDOWS\tasks{79D88C1F-5E7F-4E28-A107-0230893F762C}_A-BB9DW74DAQYY7_p.job ************************************************************************** catchme 0.3.915 W2K/XP/Vista - rootkit detector by Gmer, http://www.gmer.net Rootkit scan 2007-07-13 10:27:33 Windows 5.1.2600 Dodatek Service Pack 2 NTFS scanning hidden processes … scanning hidden autostart entries … HKCU\Software\Microsoft\Windows\CurrentVersion\Run PowerBar = ?:?w???s???D???sd???D???d???g;?w0???K;?wt?@?l?@? ?y?.??w???wpO?w???K;?w?=?w???s???>?w???l?@???e?w???t?@?x?v???l?@?l?@???C?w???t?@???l?@?8?@?l?@???s??? scanning hidden files … scan completed successfully hidden files: 0 ************************************************************************** Completion time: 2007-07-13 10:28:12 C:\ComboFix-quarantined-files.txt … 2007-07-13 10:27 — E O F —

Gutek · 13 Lipiec 2007 22:01

Otwórz Notatnik i wklej w nim to:

Plik >>> Zapisz jako >>> Zmień rozszerzenie z TXT na Wszystkie pliki >>> Zapisz pod nazwą FIX.REG >>> kliknij dwa razy na utworzony plik FIX.REG i potwierdź dodanie do rejestru >>> restart.

Skan AVG Anti-Spyware 7.5 po update

suchy123 · 13 Lipiec 2007 22:28

Nic z tego. Po wpisaiu do rejestru restart i wszystko o.k lecz gdy znowu jeszcze raz włączam kompa to na 0,5 sekundy wyskakyje kilka stron napisów i reestart potem pyta jak chce kompa uruchomić wybieram normalnie i to samo. Musiałem w trybie awaryjnym przywracać system.

Gutek · 13 Lipiec 2007 22:29

Daj log z Combo jeszcze raz + Pobierz program SDFix

suchy123 · 13 Lipiec 2007 22:54

“Wojtek” - 2007-07-14 0:48:57 - ComboFix 07-07-13.8 - Dodatek Service Pack 2 NTFS ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) C:\DOCUME~1\p\USTAWI~1\Temp.\AdsNT.exe C:\WINDOWS\adsnt.exe C:\WINDOWS\system32.exe C:\WINDOWS\system32\aozuqs76.dll C:\WINDOWS\system32\bhtqtvxh.dll C:\WINDOWS\system32\buyunion.dll C:\WINDOWS\system32\drivers\usrinit.dll C:\WINDOWS\system32\noyqtb67.dll C:\WINDOWS\system32\usrinit.exe C:\WINDOWS\system32\usrinit.ini ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) -------\LEGACY_ALBUS -------\LEGACY_AOZUQS76 -------\LEGACY_COM+_MESSAGES -------\LEGACY_NOYQTB67 -------\aozuqs76 -------\noyqtb67 ((((((((((((((((((((((((( Files Created from 2007-06-13 to 2007-07-13 ))))))))))))))))))))))))))))))) 2007-07-14 00:48 51,200 --a------ C:\WINDOWS\nircmd.exe 2007-07-14 00:16 2007-07-14 00:14 524,288 --ah----- C:\DOCUME~1\ADMINI~1\NTUSER.DAT 2007-07-14 00:14 2007-07-14 00:14 2007-07-14 00:14 2007-07-14 00:14 2007-07-13 21:02 2007-07-13 20:46 2007-07-12 22:44 2007-07-12 20:52 2007-07-12 20:52 2007-07-11 10:52 4,702,208 --a------ C:\DOCUME~1\p\ntuser.dat 2007-07-09 18:07 2007-07-07 20:41 2007-07-07 20:28 2007-07-07 16:35 2007-07-07 12:12 2007-07-07 10:38 2007-07-07 10:22 2007-07-06 23:01 2007-07-06 18:41 2007-07-06 18:39 95,872 --a------ C:\WINDOWS\system32\AVASTSS.scr 2007-07-06 18:39 94,552 --a------ C:\WINDOWS\system32\drivers\aswmon2.sys 2007-07-06 18:39 85,952 --a------ C:\WINDOWS\system32\drivers\aswmon.sys 2007-07-06 18:39 745,600 --a------ C:\WINDOWS\system32\aswBoot.exe 2007-07-06 18:39 43,176 --a------ C:\WINDOWS\system32\drivers\aswTdi.sys 2007-07-06 18:39 26,888 --a------ C:\WINDOWS\system32\drivers\aavmker4.sys 2007-07-06 18:39 23,416 --a------ C:\WINDOWS\system32\drivers\aswRdr.sys 2007-06-21 15:02 9,600 --a------ C:\WINDOWS\system32\drivers\hidusb.sys 2007-06-21 15:02 12,160 --a------ C:\WINDOWS\system32\drivers\mouhid.sys 2007-06-17 00:34 33,280 --a------ C:\WINDOWS\system32\drivers\AmdLLD.sys (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) 2007-07-07 14:49:12 -------- d-----w C:\Program Files\Winamp 2007-07-07 14:49:12 -------- d-----w C:\Program Files\QuickTime 2007-07-07 14:49:12 -------- d-----w C:\Program Files\Movie Maker 2007-07-06 21:27:35 -------- d-----w C:\Program Files\AMD 2007-06-04 22:22:00 67,078 ----a-w C:\WINDOWS\system32\perfc015.dat 2007-06-04 22:22:00 435,978 ----a-w C:\WINDOWS\system32\perfh015.dat 2007-06-04 22:20:31 -------- d-----w C:\Program Files\Realtek 2007-05-09 17:56:42 50 ----a-w C:\AUTOEXEC.BAT 2007-04-30 15:54:44 126,464 ----a-w C:\WINDOWS\system32\upx-adtp.exe 2007-04-30 15:54:43 22,016 ----a-w C:\WINDOWS\system32\hoko.dll 2007-04-30 15:54:42 4,096 ----a-w C:\WINDOWS\system32\hguard.dll 2007-04-19 11:26:00 888,832 ----a-w C:\WINDOWS\system32\nvmobls.dll 2007-04-19 11:26:00 86,016 ----a-w C:\WINDOWS\system32\nvmctray.dll 2007-04-19 11:26:00 81,920 ----a-w C:\WINDOWS\system32\nvwddi.dll 2007-04-19 11:26:00 7,700,480 ----a-w C:\WINDOWS\system32\nvcpl.dll 2007-04-19 11:26:00 581,632 ----a-w C:\WINDOWS\system32\nvhwvid.dll 2007-04-19 11:26:00 5,644,288 ----a-w C:\WINDOWS\system32\nvoglnt.dll 2007-04-19 11:26:00 5,619,712 ----a-w C:\WINDOWS\system32\nvdisps.dll 2007-04-19 11:26:00 5,255,168 ----a-w C:\WINDOWS\system32\nvdispsr.dll 2007-04-19 11:26:00 466,944 ----a-w C:\WINDOWS\system32\nvshell.dll 2007-04-19 11:26:00 458,752 ----a-w C:\WINDOWS\system32\nvmccssr.dll 2007-04-19 11:26:00 45,056 ----a-w C:\WINDOWS\system32\nvmccsrs.dll 2007-04-19 11:26:00 442,368 ----a-w C:\WINDOWS\system32\nvappbar.exe 2007-04-19 11:26:00 425,984 ----a-w C:\WINDOWS\system32\keystone.exe 2007-04-19 11:26:00 4,543,616 ----a-w C:\WINDOWS\system32\nv4_disp.dll 2007-04-19 11:26:00 335,872 ----a-w C:\WINDOWS\system32\nvwrses.dll 2007-04-19 11:26:00 335,872 ----a-w C:\WINDOWS\system32\nvwrsel.dll 2007-04-19 11:26:00 327,680 ----a-w C:\WINDOWS\system32\nvwrsfr.dll 2007-04-19 11:26:00 327,680 ----a-w C:\WINDOWS\system32\nvwrsesm.dll 2007-04-19 11:26:00 323,584 ----a-w C:\WINDOWS\system32\nvwrspt.dll 2007-04-19 11:26:00 323,584 ----a-w C:\WINDOWS\system32\nvwrsit.dll 2007-04-19 11:26:00 323,584 ----a-w C:\WINDOWS\system32\nvrshe.dll 2007-04-19 11:26:00 323,584 ----a-w C:\WINDOWS\system32\nvrsar.dll 2007-04-19 11:26:00 319,488 ----a-w C:\WINDOWS\system32\nvwrsptb.dll 2007-04-19 11:26:00 319,488 ----a-w C:\WINDOWS\system32\nvwrsnl.dll 2007-04-19 11:26:00 315,392 ----a-w C:\WINDOWS\system32\nvwrsru.dll 2007-04-19 11:26:00 315,392 ----a-w C:\WINDOWS\system32\nvwrshu.dll 2007-04-19 11:26:00 311,296 ----a-w C:\WINDOWS\system32\nvwrsde.dll 2007-04-19 11:26:00 303,104 ----a-w C:\WINDOWS\system32\nvwrstr.dll 2007-04-19 11:26:00 303,104 ----a-w C:\WINDOWS\system32\nvwrssl.dll 2007-04-19 11:26:00 303,104 ----a-w C:\WINDOWS\system32\nvwrsfi.dll 2007-04-19 11:26:00 3,203,072 ----a-w C:\WINDOWS\system32\nvgamesr.dll 2007-04-19 11:26:00 3,035,136 ----a-w C:\WINDOWS\system32\nvgames.dll 2007-04-19 11:26:00 299,008 ----a-w C:\WINDOWS\system32\nvwrssk.dll 2007-04-19 11:26:00 299,008 ----a-w C:\WINDOWS\system32\nvwrsno.dll 2007-04-19 11:26:00 294,912 ----a-w C:\WINDOWS\system32\nvwrssv.dll 2007-04-19 11:26:00 294,912 ----a-w C:\WINDOWS\system32\nvwrspl.dll 2007-04-19 11:26:00 294,912 ----a-w C:\WINDOWS\system32\nvwrsda.dll 2007-04-19 11:26:00 286,720 ----a-w C:\WINDOWS\system32\nvwrseng.dll 2007-04-19 11:26:00 286,720 ----a-w C:\WINDOWS\system32\nvwrscs.dll 2007-04-19 11:26:00 286,720 ----a-w C:\WINDOWS\system32\nvnt4cpl.dll 2007-04-19 11:26:00 282,624 ----a-w C:\WINDOWS\system32\nvwrsar.dll 2007-04-19 11:26:00 278,528 ----a-w C:\WINDOWS\system32\nvwrshe.dll 2007-04-19 11:26:00 278,528 ----a-w C:\WINDOWS\system32\nvrsfr.dll 2007-04-19 11:26:00 274,432 ----a-w C:\WINDOWS\system32\nvrsit.dll 2007-04-19 11:26:00 274,432 ----a-w C:\WINDOWS\system32\nvrses.dll 2007-04-19 11:26:00 274,432 ----a-w C:\WINDOWS\system32\nvrsel.dll 2007-04-19 11:26:00 270,336 ----a-w C:\WINDOWS\system32\nvrsde.dll 2007-04-19 11:26:00 266,240 ----a-w C:\WINDOWS\system32\nvrspt.dll 2007-04-19 11:26:00 266,240 ----a-w C:\WINDOWS\system32\nvrsnl.dll 2007-04-19 11:26:00 266,240 ----a-w C:\WINDOWS\system32\nvrsesm.dll 2007-04-19 11:26:00 262,144 ----a-w C:\WINDOWS\system32\nvrsru.dll 2007-04-19 11:26:00 262,144 ----a-w C:\WINDOWS\system32\nvrsptb.dll 2007-04-19 11:26:00 262,144 ----a-w C:\WINDOWS\system32\nvrsja.dll 2007-04-19 11:26:00 258,048 ----a-w C:\WINDOWS\system32\nvrsko.dll 2007-04-19 11:26:00 253,952 ----a-w C:\WINDOWS\system32\nvrshu.dll 2007-04-19 11:26:00 249,856 ----a-w C:\WINDOWS\system32\nvrstr.dll 2007-04-19 11:26:00 249,856 ----a-w C:\WINDOWS\system32\nvrssl.dll 2007-04-19 11:26:00 249,856 ----a-w C:\WINDOWS\system32\nvrssk.dll 2007-04-19 11:26:00 249,856 ----a-w C:\WINDOWS\system32\nvrspl.dll 2007-04-19 11:26:00 249,856 ----a-w C:\WINDOWS\system32\nvrsno.dll 2007-04-19 11:26:00 245,760 ----a-w C:\WINDOWS\system32\nvrssv.dll 2007-04-19 11:26:00 245,760 ----a-w C:\WINDOWS\system32\nvrsda.dll 2007-04-19 11:26:00 241,664 ----a-w C:\WINDOWS\system32\nvrsfi.dll 2007-04-19 11:26:00 241,664 ----a-w C:\WINDOWS\system32\nvrseng.dll 2007-04-19 11:26:00 241,664 ----a-w C:\WINDOWS\system32\nvrscs.dll 2007-04-19 11:26:00 229,376 ----a-w C:\WINDOWS\system32\nvmccs.dll 2007-04-19 11:26:00 221,184 ----a-w C:\WINDOWS\system32\nvrszhc.dll 2007-04-19 11:26:00 212,992 ----a-w C:\WINDOWS\system32\nvwrsja.dll 2007-04-19 11:26:00 212,992 ----a-w C:\WINDOWS\system32\nvapi.dll 2007-04-19 11:26:00 2,973,696 ----a-w C:\WINDOWS\system32\nvvitvsr.dll 2007-04-19 11:26:00 2,924,544 ----a-w C:\WINDOWS\system32\nvvitvs.dll 2007-04-19 11:26:00 2,859,008 ----a-w C:\WINDOWS\system32\nvmoblsr.dll 2007-04-19 11:26:00 196,608 ----a-w C:\WINDOWS\system32\nvwrsko.dll 2007-04-19 11:26:00 188,416 ----a-w C:\WINDOWS\system32\nvmccss.dll 2007-04-19 11:26:00 167,936 ----a-w C:\WINDOWS\system32\nvwrszht.dll 2007-04-19 11:26:00 163,840 ----a-w C:\WINDOWS\system32\nvwrszhc.dll 2007-04-19 11:26:00 159,810 ----a-w C:\WINDOWS\system32\nvsvc32.exe 2007-04-19 11:26:00 147,456 ----a-w C:\WINDOWS\system32\nvcolor.exe 2007-04-19 11:26:00 118,784 ----a-w C:\WINDOWS\system32\nvrszht.dll 2007-04-19 11:26:00 1,732,608 ----a-w C:\WINDOWS\system32\nvwssr.dll 2007-04-19 11:26:00 1,703,936 ----a-w C:\WINDOWS\system32\nvwdmcpl.dll 2007-04-19 11:26:00 1,626,112 ----a-w C:\WINDOWS\system32\nwiz.exe 2007-04-19 11:26:00 1,474,560 ----a-w C:\WINDOWS\system32\nview.dll 2007-04-19 11:26:00 1,339,392 ----a-w C:\WINDOWS\system32\nvdspsch.exe 2007-04-19 11:26:00 1,236,992 ----a-w C:\WINDOWS\system32\nvwss.dll 2007-04-19 11:26:00 1,019,904 ----a-w C:\WINDOWS\system32\nvwimg.dll 2007-02-07 09:30:06 97 ----a-w C:\Program Files\Common Files\7.ini ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) *Note* empty entries & legit default entries are not shown [HKEY_LOCAL_MACHINE~\Browser Helper Objects{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}] 2004-12-14 12:56 63136 -ra------ C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [HKEY_LOCAL_MACHINE~\Browser Helper Objects{CD8BFE70-5809-4C73-9EEE-E5672C2B79D7}] C:\Program Files\Deepdo\DeepdoBar\Favorite\FavBlock.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] “InCD”=“C:\Program Files\Ahead\InCD\InCD.exe” [2005-07-08 16:25] “QuickTime Task”=“C:\Program Files\QuickTime\qttask.exe” [2005-03-13 17:30] “nwiz”=“nwiz.exe” [2007-04-19 13:26 C:\WINDOWS\system32\nwiz.exe] “Detect”=“E:\Program Files\iNTERNET Turbo\idetect.exe” [] “RTHDCPL”=“RTHDCPL.EXE” [2006-08-23 14:08 C:\WINDOWS\RTHDCPL.exe] “SkyTel”=“SkyTel.EXE” [2006-05-16 12:04 C:\WINDOWS\SkyTel.exe] “Alcmtr”=“ALCMTR.EXE” [2005-05-03 12:43 C:\WINDOWS\Alcmtr.exe] “NvMediaCenter”=“NvMCTray.dll” [2007-04-19 13:26 C:\WINDOWS\system32\nvmctray.dll] “amd_dc_opt”=“C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe” [2006-11-17 16:49] “avast!”=“C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe” [2007-04-30 17:42] “UnlockerAssistant”=“C:\Program Files\Unlocker\UnlockerAssistant.exe” [2006-09-07 19:19] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] “NBJ”=“C:\Program Files\Ahead\Nero BackItUp\NBJ.exe” [2005-06-02 17:03] “PowerBar”="" [] “win msdt service”=“mswindtc.exe” [] “Free Download Manager”=“E:\Program Files\Free Download Manager\fdm.exe” [] “Gadu-Gadu”=“E:\Program Files\Gadu-Gadu\gg.exe” [2007-01-30 16:58] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\runservices] “win msdt service”=mswindtc.exe [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runservices] “Detect”=E:\Program Files\iNTERNET Turbo\idetect.exe /auto [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] “appinit_dlls”=NVDESK32.DLL [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^Adobe Reader Speed Launch.lnk] path=C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Adobe Reader Speed Launch.lnk backup=C:\WINDOWS\pss\Adobe Reader Speed Launch.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^HP Digital Imaging Monitor.lnk] path=C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\HP Digital Imaging Monitor.lnk backup=C:\WINDOWS\pss\HP Digital Imaging Monitor.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^HP Image Zone - szybkie uruchamianie.lnk] path=C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\HP Image Zone - szybkie uruchamianie.lnk backup=C:\WINDOWS\pss\HP Image Zone - szybkie uruchamianie.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Anti-Dialer Toolkit Pro] E:\Program Files\Anti-Dialer Toolkit Pro\ADTP.EXE /t [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Gadu-Gadu] “E:\Program Files\Gadu-Gadu\gg.exe” /tray [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update] “C:\Program Files\HP\HP Software Update\HPWuSchd2.exe” [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LGODDFU] “E:\Program Files\lg_fwupdate\fwupdate.exe” [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl] “C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe” [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WheelMouse] E:\PROGRA~1\A4Tech\Mouse\Amoumain.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent] E:\Program Files\Winamp\winampa.exe HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Svchost - netsvcs Gentad Navoct jkuowmr gkazgj Contents of the ‘Scheduled Tasks’ folder 2007-07-12 10:26:00 C:\WINDOWS\tasks{79D88C1F-5E7F-4E28-A107-0230893F762C}_A-BB9DW74DAQYY7_p.job ************************************************************************** catchme 0.3.915 W2K/XP/Vista - rootkit detector by Gmer, http://www.gmer.net Rootkit scan 2007-07-14 00:51:38 Windows 5.1.2600 Dodatek Service Pack 2 NTFS scanning hidden processes … scanning hidden autostart entries … HKCU\Software\Microsoft\Windows\CurrentVersion\Run PowerBar = ?:?w???s???D???sd???D???d???g;?w0???K;?wt?@?l?@? ?y?.??w???wpO?w???K;?w?=?w???s???>?w???l?@???e?w???t?@?x?v???l?@?l?@???C?w???t?@???l?@?8?@?l?@???s??? scanning hidden files … scan completed successfully hidden files: 0 ************************************************************************** Completion time: 2007-07-14 0:52:42 - machine was rebooted C:\ComboFix-quarantined-files.txt … 2007-07-14 00:52 C:\ComboFix2.txt … 2007-07-13 20:09 — E O F —

Gutek · 14 Lipiec 2007 06:27

Pobierz Gmer

Rootkit=>szukaj=>bez zaznaczania pokaż wszystko=> Ctrl + V do posta wklej
Rootkit => zaznaczone tylko Pokazuj wszystko + Usługi => Szukaj => Kopiuj => Ctrl + V do posta wklej

suchy123 · 14 Lipiec 2007 09:05

Rootkit=>szukaj=>bez zaznaczania pokaż wszystko:

1. Rootkit=>szukaj=>bez zaznaczania pokaż wszystkoGMER 1.0.13.12551 - http://www.gmer.net Rootkit scan 2007-07-14 11:03:30 Windows 5.1.2600 Dodatek Service Pack 2 ---- System - GMER 1.0.13 ---- SSDT sptd.sys ZwCreateKey SSDT sptd.sys ZwEnumerateKey SSDT sptd.sys ZwEnumerateValueKey SSDT sptd.sys ZwOpenKey SSDT sptd.sys ZwQueryKey SSDT sptd.sys ZwQueryValueKey SSDT sptd.sys ZwSetValueKey ---- Kernel code sections - GMER 1.0.13 ---- ? C:\WINDOWS\system32\drivers\sptd.sys Proces nie może uzyskać dostępu do pliku, ponieważ jest on używany przez inny proces. .text USBPORT.SYS!DllUnload F6DD662C 5 Bytes JMP 86D8D4A8 ---- User code sections - GMER 1.0.13 ---- .text C:\WINDOWS\Explorer.EXE[1236] SHELL32.dll!SHFileOperationW 7CA6D1B9 5 Bytes JMP 10001102 C:\Program Files\Unlocker\UnlockerHook.dll ---- Kernel IAT/EAT - GMER 1.0.13 ---- IAT atapi.sys[HAL.dll!READ_PORT_UCHAR] [F7445ABA] sptd.sys IAT atapi.sys[HAL.dll!READ_PORT_BUFFER_USHORT] [F7445C00] sptd.sys IAT atapi.sys[HAL.dll!READ_PORT_USHORT] [F7445B82] sptd.sys IAT atapi.sys[HAL.dll!WRITE_PORT_BUFFER_USHORT] [F744672E] sptd.sys IAT atapi.sys[HAL.dll!WRITE_PORT_UCHAR] [F7446604] sptd.sys IAT \SystemRoot\System32\DRIVERS\i8042prt.sys[HAL.dll!READ_PORT_UCHAR] [F7458B9A] sptd.sys ---- Devices - GMER 1.0.13 ---- Device \FileSystem\Ntfs \Ntfs IRP_MJ_CREATE 86F631D8 Device \FileSystem\Ntfs \Ntfs IRP_MJ_CLOSE 86F631D8 Device \FileSystem\Ntfs \Ntfs IRP_MJ_READ 86F631D8 Device \FileSystem\Ntfs \Ntfs IRP_MJ_WRITE 86F631D8 Device \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_INFORMATION 86F631D8 Device \FileSystem\Ntfs \Ntfs IRP_MJ_SET_INFORMATION 86F631D8 Device \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_EA 86F631D8 Device \FileSystem\Ntfs \Ntfs IRP_MJ_SET_EA 86F631D8 Device \FileSystem\Ntfs \Ntfs IRP_MJ_FLUSH_BUFFERS 86F631D8 Device \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_VOLUME_INFORMATION 86F631D8 Device \FileSystem\Ntfs \Ntfs IRP_MJ_SET_VOLUME_INFORMATION 86F631D8 Device \FileSystem\Ntfs \Ntfs IRP_MJ_DIRECTORY_CONTROL 86F631D8 Device \FileSystem\Ntfs \Ntfs IRP_MJ_FILE_SYSTEM_CONTROL 86F631D8 Device \FileSystem\Ntfs \Ntfs IRP_MJ_DEVICE_CONTROL 86F631D8 Device \FileSystem\Ntfs \Ntfs IRP_MJ_SHUTDOWN 86F631D8 Device \FileSystem\Ntfs \Ntfs IRP_MJ_LOCK_CONTROL 86F631D8 Device \FileSystem\Ntfs \Ntfs IRP_MJ_CLEANUP 86F631D8 Device \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_SECURITY 86F631D8 Device \FileSystem\Ntfs \Ntfs IRP_MJ_SET_SECURITY 86F631D8 Device \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_QUOTA 86F631D8 Device \FileSystem\Ntfs \Ntfs IRP_MJ_SET_QUOTA 86F631D8 Device \FileSystem\Ntfs \Ntfs IRP_MJ_PNP 86F631D8 AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_CREATE [bA2A2812] aswMon2.SYS AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_CREATE_NAMED_PIPE [bA2A2812] aswMon2.SYS AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_CLOSE [bA2A2812] aswMon2.SYS AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_READ [bA2A2812] aswMon2.SYS AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_WRITE [bA2A2812] aswMon2.SYS AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_INFORMATION [bA2A2812] aswMon2.SYS AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_SET_INFORMATION [bA2A2812] aswMon2.SYS AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_EA [bA2A2812] aswMon2.SYS AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_SET_EA [bA2A2812] aswMon2.SYS AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_FLUSH_BUFFERS [bA2A2812] aswMon2.SYS AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_VOLUME_INFORMATION [bA2A2812] aswMon2.SYS AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_SET_VOLUME_INFORMATION [bA2A2812] aswMon2.SYS AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_DIRECTORY_CONTROL [bA2A2812] aswMon2.SYS AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_FILE_SYSTEM_CONTROL [bA2A3F74] aswMon2.SYS AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_DEVICE_CONTROL [bA2A2812] aswMon2.SYS AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_INTERNAL_DEVICE_CONTROL [bA2A2812] aswMon2.SYS AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_SHUTDOWN [bA2A2812] aswMon2.SYS AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_LOCK_CONTROL [bA2A2812] aswMon2.SYS AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_CLEANUP [bA2A2812] aswMon2.SYS AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_CREATE_MAILSLOT [bA2A2812] aswMon2.SYS AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_SECURITY [bA2A2812] aswMon2.SYS AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_SET_SECURITY [bA2A2812] aswMon2.SYS AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_POWER [bA2A2812] aswMon2.SYS AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_SYSTEM_CONTROL [bA2A2812] aswMon2.SYS AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_DEVICE_CHANGE [bA2A2812] aswMon2.SYS AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_QUOTA [bA2A2812] aswMon2.SYS AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_SET_QUOTA [bA2A2812] aswMon2.SYS AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_CREATE [F771C8E6] aswTdi.SYS AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_CREATE_NAMED_PIPE [F771C8E6] aswTdi.SYS AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_CLOSE [F771C8E6] aswTdi.SYS AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_READ [F771C8E6] aswTdi.SYS AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_WRITE [F771C8E6] aswTdi.SYS AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_QUERY_INFORMATION [F771C8E6] aswTdi.SYS AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_SET_INFORMATION [F771C8E6] aswTdi.SYS AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_QUERY_EA [F771C8E6] aswTdi.SYS AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_SET_EA [F771C8E6] aswTdi.SYS AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_FLUSH_BUFFERS [F771C8E6] aswTdi.SYS AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_QUERY_VOLUME_INFORMATION [F771C8E6] aswTdi.SYS AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_SET_VOLUME_INFORMATION [F771C8E6] aswTdi.SYS AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_DIRECTORY_CONTROL [F771C8E6] aswTdi.SYS AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_FILE_SYSTEM_CONTROL [F771C8E6] aswTdi.SYS AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_DEVICE_CONTROL [F771C8E6] aswTdi.SYS AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_INTERNAL_DEVICE_CONTROL [F771C2C0] aswTdi.SYS AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_SHUTDOWN [F771C8E6] aswTdi.SYS AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_LOCK_CONTROL [F771C8E6] aswTdi.SYS AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_CLEANUP [F771C8E6] aswTdi.SYS AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_CREATE_MAILSLOT [F771C8E6] aswTdi.SYS AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_QUERY_SECURITY [F771C8E6] aswTdi.SYS AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_SET_SECURITY [F771C8E6] aswTdi.SYS AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_POWER [F771C8E6] aswTdi.SYS AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_SYSTEM_CONTROL [F771C8E6] aswTdi.SYS AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_DEVICE_CHANGE [F771C8E6] aswTdi.SYS AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_QUERY_QUOTA [F771C8E6] aswTdi.SYS AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_SET_QUOTA [F771C8E6] aswTdi.SYS Device \Driver\usbuhci \Device\USBPDO-0 IRP_MJ_CREATE 86D841D8 Device \Driver\usbuhci \Device\USBPDO-0 IRP_MJ_CLOSE 86D841D8 Device \Driver\usbuhci \Device\USBPDO-0 IRP_MJ_DEVICE_CONTROL 86D841D8 Device \Driver\usbuhci \Device\USBPDO-0 IRP_MJ_INTERNAL_DEVICE_CONTROL 86D841D8 Device \Driver\usbuhci \Device\USBPDO-0 IRP_MJ_POWER 86D841D8 Device \Driver\usbuhci \Device\USBPDO-0 IRP_MJ_SYSTEM_CONTROL 86D841D8 Device \Driver\usbuhci \Device\USBPDO-0 IRP_MJ_PNP 86D841D8 Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_CREATE 86F651D8 Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_CLOSE 86F651D8 Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_READ 86F651D8 Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_WRITE 86F651D8 Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_FLUSH_BUFFERS 86F651D8 Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_DEVICE_CONTROL 86F651D8 Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_INTERNAL_DEVICE_CONTROL 86F651D8 Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_SHUTDOWN 86F651D8 Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_POWER 86F651D8 Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_SYSTEM_CONTROL 86F651D8 Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_PNP 86F651D8 Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_CREATE 86F651D8 Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_CLOSE 86F651D8 Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_READ 86F651D8 Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_WRITE 86F651D8 Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_FLUSH_BUFFERS 86F651D8 Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_DEVICE_CONTROL 86F651D8 Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_INTERNAL_DEVICE_CONTROL 86F651D8 Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_SHUTDOWN 86F651D8 Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_POWER 86F651D8 Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_SYSTEM_CONTROL 86F651D8 Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_PNP 86F651D8 Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_CREATE 86F651D8 Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_CLOSE 86F651D8 Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_READ 86F651D8 Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_WRITE 86F651D8 Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_FLUSH_BUFFERS 86F651D8 Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_DEVICE_CONTROL 86F651D8 Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_INTERNAL_DEVICE_CONTROL 86F651D8 Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_SHUTDOWN 86F651D8 Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_POWER 86F651D8 Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_SYSTEM_CONTROL 86F651D8 Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_PNP 86F651D8 Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_CREATE 86F651D8 Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_CLOSE 86F651D8 Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_READ 86F651D8 Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_WRITE 86F651D8 Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_FLUSH_BUFFERS 86F651D8 Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_DEVICE_CONTROL 86F651D8 Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_INTERNAL_DEVICE_CONTROL 86F651D8 Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_SHUTDOWN 86F651D8 Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_POWER 86F651D8 Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_SYSTEM_CONTROL 86F651D8 Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_PNP 86F651D8 Device \Driver\usbuhci \Device\USBPDO-1 IRP_MJ_CREATE 86D841D8 Device \Driver\usbuhci \Device\USBPDO-1 IRP_MJ_CLOSE 86D841D8 Device \Driver\usbuhci \Device\USBPDO-1 IRP_MJ_DEVICE_CONTROL 86D841D8 Device \Driver\usbuhci \Device\USBPDO-1 IRP_MJ_INTERNAL_DEVICE_CONTROL 86D841D8 Device \Driver\usbuhci \Device\USBPDO-1 IRP_MJ_POWER 86D841D8 Device \Driver\usbuhci \Device\USBPDO-1 IRP_MJ_SYSTEM_CONTROL 86D841D8 Device \Driver\usbuhci \Device\USBPDO-1 IRP_MJ_PNP 86D841D8 Device \Driver\usbuhci \Device\USBPDO-2 IRP_MJ_CREATE 86D841D8 Device \Driver\usbuhci \Device\USBPDO-2 IRP_MJ_CLOSE 86D841D8 Device \Driver\usbuhci \Device\USBPDO-2 IRP_MJ_DEVICE_CONTROL 86D841D8 Device \Driver\usbuhci \Device\USBPDO-2 IRP_MJ_INTERNAL_DEVICE_CONTROL 86D841D8 Device \Driver\usbuhci \Device\USBPDO-2 IRP_MJ_POWER 86D841D8 Device \Driver\usbuhci \Device\USBPDO-2 IRP_MJ_SYSTEM_CONTROL 86D841D8 Device \Driver\usbuhci \Device\USBPDO-2 IRP_MJ_PNP 86D841D8 Device \Driver\usbuhci \Device\USBPDO-3 IRP_MJ_CREATE 86D841D8 Device \Driver\usbuhci \Device\USBPDO-3 IRP_MJ_CLOSE 86D841D8 Device \Driver\usbuhci \Device\USBPDO-3 IRP_MJ_DEVICE_CONTROL 86D841D8 Device \Driver\usbuhci \Device\USBPDO-3 IRP_MJ_INTERNAL_DEVICE_CONTROL 86D841D8 Device \Driver\usbuhci \Device\USBPDO-3 IRP_MJ_POWER 86D841D8 Device \Driver\usbuhci \Device\USBPDO-3 IRP_MJ_SYSTEM_CONTROL 86D841D8 Device \Driver\usbuhci \Device\USBPDO-3 IRP_MJ_PNP 86D841D8 Device \Driver\usbehci \Device\USBPDO-4 IRP_MJ_CREATE 86D571D8 Device \Driver\usbehci \Device\USBPDO-4 IRP_MJ_CLOSE 86D571D8 Device \Driver\usbehci \Device\USBPDO-4 IRP_MJ_DEVICE_CONTROL 86D571D8 Device \Driver\usbehci \Device\USBPDO-4 IRP_MJ_INTERNAL_DEVICE_CONTROL 86D571D8 Device \Driver\usbehci \Device\USBPDO-4 IRP_MJ_POWER 86D571D8 Device \Driver\usbehci \Device\USBPDO-4 IRP_MJ_SYSTEM_CONTROL 86D571D8 Device \Driver\usbehci \Device\USBPDO-4 IRP_MJ_PNP 86D571D8 AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_CREATE [F771C8E6] aswTdi.SYS AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_CREATE_NAMED_PIPE [F771C8E6] aswTdi.SYS AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_CLOSE [F771C8E6] aswTdi.SYS AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_READ [F771C8E6] aswTdi.SYS AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_WRITE [F771C8E6] aswTdi.SYS AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_QUERY_INFORMATION [F771C8E6] aswTdi.SYS AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_SET_INFORMATION [F771C8E6] aswTdi.SYS AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_QUERY_EA [F771C8E6] aswTdi.SYS AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_SET_EA [F771C8E6] aswTdi.SYS AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_FLUSH_BUFFERS [F771C8E6] aswTdi.SYS AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_QUERY_VOLUME_INFORMATION [F771C8E6] aswTdi.SYS AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_SET_VOLUME_INFORMATION [F771C8E6] aswTdi.SYS AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_DIRECTORY_CONTROL [F771C8E6] aswTdi.SYS AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_FILE_SYSTEM_CONTROL [F771C8E6] aswTdi.SYS AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_DEVICE_CONTROL [F771C8E6] aswTdi.SYS AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_INTERNAL_DEVICE_CONTROL [F771C2C0] aswTdi.SYS AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_SHUTDOWN [F771C8E6] aswTdi.SYS AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_LOCK_CONTROL [F771C8E6] aswTdi.SYS AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_CLEANUP [F771C8E6] aswTdi.SYS AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_CREATE_MAILSLOT [F771C8E6] aswTdi.SYS AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_QUERY_SECURITY [F771C8E6] aswTdi.SYS AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_SET_SECURITY [F771C8E6] aswTdi.SYS AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_POWER [F771C8E6] aswTdi.SYS AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_SYSTEM_CONTROL [F771C8E6] aswTdi.SYS AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_DEVICE_CHANGE [F771C8E6] aswTdi.SYS AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_QUERY_QUOTA [F771C8E6] aswTdi.SYS AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_SET_QUOTA [F771C8E6] aswTdi.SYS Device \Driver\prodrv06 \Device\ProDrv06 IRP_MJ_CREATE E1CE1C30 Device \Driver\prodrv06 \Device\ProDrv06 IRP_MJ_CLOSE E1CE1C30 Device \Driver\prodrv06 \Device\ProDrv06 IRP_MJ_DEVICE_CONTROL E1CE1C30 Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_CREATE 86FD31D8 Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_READ 86FD31D8 Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_WRITE 86FD31D8 Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_FLUSH_BUFFERS 86FD31D8 Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_DEVICE_CONTROL 86FD31D8 Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_INTERNAL_DEVICE_CONTROL 86FD31D8 Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_SHUTDOWN 86FD31D8 Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_CLEANUP 86FD31D8 Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_POWER 86FD31D8 Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_SYSTEM_CONTROL 86FD31D8 Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_PNP 86FD31D8 Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_CREATE 86FD31D8 Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_READ 86FD31D8 Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_WRITE 86FD31D8 Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_FLUSH_BUFFERS 86FD31D8 Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_DEVICE_CONTROL 86FD31D8 Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_INTERNAL_DEVICE_CONTROL 86FD31D8 Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_SHUTDOWN 86FD31D8 Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_CLEANUP 86FD31D8 Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_POWER 86FD31D8 Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_SYSTEM_CONTROL 86FD31D8 Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_PNP 86FD31D8 Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_CREATE 86D90600 Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_CLOSE 86D90600 Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_READ 86D90600 Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_WRITE 86D90600 Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_FLUSH_BUFFERS 86D90600 Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_DEVICE_CONTROL 86D90600 Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_INTERNAL_DEVICE_CONTROL 86D90600 Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_SHUTDOWN 86D90600 Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_POWER 86D90600 Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_SYSTEM_CONTROL 86D90600 Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_PNP 86D90600 Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_CREATE 86FD21D8 Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_CLOSE 86FD21D8 Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_DEVICE_CONTROL 86FD21D8 Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_INTERNAL_DEVICE_CONTROL 86FD21D8 Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_POWER 86FD21D8 Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_SYSTEM_CONTROL 86FD21D8 Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_PNP 86FD21D8 Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_CREATE 86FD21D8 Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_CLOSE 86FD21D8 Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_DEVICE_CONTROL 86FD21D8 Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_INTERNAL_DEVICE_CONTROL 86FD21D8 Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_POWER 86FD21D8 Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_SYSTEM_CONTROL 86FD21D8 Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_PNP 86FD21D8 Device \Driver\atapi \Device\Ide\IdePort2 IRP_MJ_CREATE 86FD21D8 Device \Driver\atapi \Device\Ide\IdePort2 IRP_MJ_CLOSE 86FD21D8 Device \Driver\atapi \Device\Ide\IdePort2 IRP_MJ_DEVICE_CONTROL 86FD21D8 Device \Driver\atapi \Device\Ide\IdePort2 IRP_MJ_INTERNAL_DEVICE_CONTROL 86FD21D8 Device \Driver\atapi \Device\Ide\IdePort2 IRP_MJ_POWER 86FD21D8 Device \Driver\atapi \Device\Ide\IdePort2 IRP_MJ_SYSTEM_CONTROL 86FD21D8 Device \Driver\atapi \Device\Ide\IdePort2 IRP_MJ_PNP 86FD21D8 Device \Driver\atapi \Device\Ide\IdePort3 IRP_MJ_CREATE 86FD21D8 Device \Driver\atapi \Device\Ide\IdePort3 IRP_MJ_CLOSE 86FD21D8 Device \Driver\atapi \Device\Ide\IdePort3 IRP_MJ_DEVICE_CONTROL 86FD21D8 Device \Driver\atapi \Device\Ide\IdePort3 IRP_MJ_INTERNAL_DEVICE_CONTROL 86FD21D8 Device \Driver\atapi \Device\Ide\IdePort3 IRP_MJ_POWER 86FD21D8 Device \Driver\atapi \Device\Ide\IdePort3 IRP_MJ_SYSTEM_CONTROL 86FD21D8 Device \Driver\atapi \Device\Ide\IdePort3 IRP_MJ_PNP 86FD21D8 Device \Driver\atapi \Device\Ide\IdeDeviceP2T0L0-12 IRP_MJ_CREATE 86FD21D8 Device \Driver\atapi \Device\Ide\IdeDeviceP2T0L0-12 IRP_MJ_CLOSE 86FD21D8 Device \Driver\atapi \Device\Ide\IdeDeviceP2T0L0-12 IRP_MJ_DEVICE_CONTROL 86FD21D8 Device \Driver\atapi \Device\Ide\IdeDeviceP2T0L0-12 IRP_MJ_INTERNAL_DEVICE_CONTROL 86FD21D8 Device \Driver\atapi \Device\Ide\IdeDeviceP2T0L0-12 IRP_MJ_POWER 86FD21D8 Device \Driver\atapi \Device\Ide\IdeDeviceP2T0L0-12 IRP_MJ_SYSTEM_CONTROL 86FD21D8 Device \Driver\atapi \Device\Ide\IdeDeviceP2T0L0-12 IRP_MJ_PNP 86FD21D8 Device \Driver\atapi \Device\Ide\IdeDeviceP3T0L0-7 IRP_MJ_CREATE 86FD21D8 Device \Driver\atapi \Device\Ide\IdeDeviceP3T0L0-7 IRP_MJ_CLOSE 86FD21D8 Device \Driver\atapi \Device\Ide\IdeDeviceP3T0L0-7 IRP_MJ_DEVICE_CONTROL 86FD21D8 Device \Driver\atapi \Device\Ide\IdeDeviceP3T0L0-7 IRP_MJ_INTERNAL_DEVICE_CONTROL 86FD21D8 Device \Driver\atapi \Device\Ide\IdeDeviceP3T0L0-7 IRP_MJ_POWER 86FD21D8 Device \Driver\atapi \Device\Ide\IdeDeviceP3T0L0-7 IRP_MJ_SYSTEM_CONTROL 86FD21D8 Device \Driver\atapi \Device\Ide\IdeDeviceP3T0L0-7 IRP_MJ_PNP 86FD21D8 Device \Driver\prohlp02 \Device\ProHlp02 IRP_MJ_CREATE E17E6C38 Device \Driver\prohlp02 \Device\ProHlp02 IRP_MJ_CLOSE E17E6C38 Device \Driver\prohlp02 \Device\ProHlp02 IRP_MJ_DEVICE_CONTROL E17E6C38 Device \Driver\NetBT \Device\NetBt_Wins_Export IRP_MJ_CREATE 8689F1D8 Device \Driver\NetBT \Device\NetBt_Wins_Export IRP_MJ_CLOSE 8689F1D8 Device \Driver\NetBT \Device\NetBt_Wins_Export IRP_MJ_DEVICE_CONTROL 8689F1D8 Device \Driver\NetBT \Device\NetBt_Wins_Export IRP_MJ_INTERNAL_DEVICE_CONTROL 8689F1D8 Device \Driver\NetBT \Device\NetBt_Wins_Export IRP_MJ_CLEANUP 8689F1D8 Device \Driver\NetBT \Device\NetBt_Wins_Export IRP_MJ_PNP 8689F1D8 Device \Driver\NetBT \Device\NetbiosSmb IRP_MJ_CREATE 8689F1D8 Device \Driver\NetBT \Device\NetbiosSmb IRP_MJ_CLOSE 8689F1D8 Device \Driver\NetBT \Device\NetbiosSmb IRP_MJ_DEVICE_CONTROL 8689F1D8 Device \Driver\NetBT \Device\NetbiosSmb IRP_MJ_INTERNAL_DEVICE_CONTROL 8689F1D8 Device \Driver\NetBT \Device\NetbiosSmb IRP_MJ_CLEANUP 8689F1D8 Device \Driver\NetBT \Device\NetbiosSmb IRP_MJ_PNP 8689F1D8 AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_CREATE [F771C8E6] aswTdi.SYS AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_CREATE_NAMED_PIPE [F771C8E6] aswTdi.SYS AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_CLOSE [F771C8E6] aswTdi.SYS AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_READ [F771C8E6] aswTdi.SYS AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_WRITE [F771C8E6] aswTdi.SYS AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_QUERY_INFORMATION [F771C8E6] aswTdi.SYS AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_SET_INFORMATION [F771C8E6] aswTdi.SYS AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_QUERY_EA [F771C8E6] aswTdi.SYS AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_SET_EA [F771C8E6] aswTdi.SYS AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_FLUSH_BUFFERS [F771C8E6] aswTdi.SYS AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_QUERY_VOLUME_INFORMATION [F771C8E6] aswTdi.SYS AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_SET_VOLUME_INFORMATION [F771C8E6] aswTdi.SYS AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_DIRECTORY_CONTROL [F771C8E6] aswTdi.SYS AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_FILE_SYSTEM_CONTROL [F771C8E6] aswTdi.SYS AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_DEVICE_CONTROL [F771C8E6] aswTdi.SYS AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_INTERNAL_DEVICE_CONTROL [F771C2C0] aswTdi.SYS AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_SHUTDOWN [F771C8E6] aswTdi.SYS AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_LOCK_CONTROL [F771C8E6] aswTdi.SYS AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_CLEANUP [F771C8E6] aswTdi.SYS AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_CREATE_MAILSLOT [F771C8E6] aswTdi.SYS AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_QUERY_SECURITY [F771C8E6] aswTdi.SYS AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_SET_SECURITY [F771C8E6] aswTdi.SYS AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_POWER [F771C8E6] aswTdi.SYS AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_SYSTEM_CONTROL [F771C8E6] aswTdi.SYS AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_DEVICE_CHANGE [F771C8E6] aswTdi.SYS AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_QUERY_QUOTA [F771C8E6] aswTdi.SYS AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_SET_QUOTA [F771C8E6] aswTdi.SYS AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_CREATE [F771C8E6] aswTdi.SYS AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_CREATE_NAMED_PIPE [F771C8E6] aswTdi.SYS AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_CLOSE [F771C8E6] aswTdi.SYS AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_READ [F771C8E6] aswTdi.SYS AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_WRITE [F771C8E6] aswTdi.SYS AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_QUERY_INFORMATION [F771C8E6] aswTdi.SYS AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_SET_INFORMATION [F771C8E6] aswTdi.SYS AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_QUERY_EA [F771C8E6] aswTdi.SYS AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_SET_EA [F771C8E6] aswTdi.SYS AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_FLUSH_BUFFERS [F771C8E6] aswTdi.SYS AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_QUERY_VOLUME_INFORMATION [F771C8E6] aswTdi.SYS AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_SET_VOLUME_INFORMATION [F771C8E6] aswTdi.SYS AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_DIRECTORY_CONTROL [F771C8E6] aswTdi.SYS AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_FILE_SYSTEM_CONTROL [F771C8E6] aswTdi.SYS AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_DEVICE_CONTROL [F771C8E6] aswTdi.SYS AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_INTERNAL_DEVICE_CONTROL [F771C2C0] aswTdi.SYS AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_SHUTDOWN [F771C8E6] aswTdi.SYS AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_LOCK_CONTROL [F771C8E6] aswTdi.SYS AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_CLEANUP [F771C8E6] aswTdi.SYS AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_CREATE_MAILSLOT [F771C8E6] aswTdi.SYS AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_QUERY_SECURITY [F771C8E6] aswTdi.SYS AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_SET_SECURITY [F771C8E6] aswTdi.SYS AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_POWER [F771C8E6] aswTdi.SYS AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_SYSTEM_CONTROL [F771C8E6] aswTdi.SYS AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_DEVICE_CHANGE [F771C8E6] aswTdi.SYS AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_QUERY_QUOTA [F771C8E6] aswTdi.SYS AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_SET_QUOTA [F771C8E6] aswTdi.SYS Device \Driver\NetBT \Device\NetBT_Tcpip_{1011D9F4-FAB1-4B77-AB24-954224C13326} IRP_MJ_CREATE 8689F1D8 Device \Driver\NetBT \Device\NetBT_Tcpip_{1011D9F4-FAB1-4B77-AB24-954224C13326} IRP_MJ_CLOSE 8689F1D8 Device \Driver\NetBT \Device\NetBT_Tcpip_{1011D9F4-FAB1-4B77-AB24-954224C13326} IRP_MJ_DEVICE_CONTROL 8689F1D8 Device \Driver\NetBT \Device\NetBT_Tcpip_{1011D9F4-FAB1-4B77-AB24-954224C13326} IRP_MJ_INTERNAL_DEVICE_CONTROL 8689F1D8 Device \Driver\NetBT \Device\NetBT_Tcpip_{1011D9F4-FAB1-4B77-AB24-954224C13326} IRP_MJ_CLEANUP 8689F1D8 Device \Driver\NetBT \Device\NetBT_Tcpip_{1011D9F4-FAB1-4B77-AB24-954224C13326} IRP_MJ_PNP 8689F1D8 Device \Driver\usbuhci \Device\USBFDO-0 IRP_MJ_CREATE 86D841D8 Device \Driver\usbuhci \Device\USBFDO-0 IRP_MJ_CLOSE 86D841D8 Device \Driver\usbuhci \Device\USBFDO-0 IRP_MJ_DEVICE_CONTROL 86D841D8 Device \Driver\usbuhci \Device\USBFDO-0 IRP_MJ_INTERNAL_DEVICE_CONTROL 86D841D8 Device \Driver\usbuhci \Device\USBFDO-0 IRP_MJ_POWER 86D841D8 Device \Driver\usbuhci \Device\USBFDO-0 IRP_MJ_SYSTEM_CONTROL 86D841D8 Device \Driver\usbuhci \Device\USBFDO-0 IRP_MJ_PNP 86D841D8 Device \Driver\usbuhci \Device\USBFDO-1 IRP_MJ_CREATE 86D841D8 Device \Driver\usbuhci \Device\USBFDO-1 IRP_MJ_CLOSE 86D841D8 Device \Driver\usbuhci \Device\USBFDO-1 IRP_MJ_DEVICE_CONTROL 86D841D8 Device \Driver\usbuhci \Device\USBFDO-1 IRP_MJ_INTERNAL_DEVICE_CONTROL 86D841D8 Device \Driver\usbuhci \Device\USBFDO-1 IRP_MJ_POWER 86D841D8 Device \Driver\usbuhci \Device\USBFDO-1 IRP_MJ_SYSTEM_CONTROL 86D841D8 Device \Driver\usbuhci \Device\USBFDO-1 IRP_MJ_PNP 86D841D8 Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_CREATE 8684C1D8 Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_CREATE_NAMED_PIPE 8684C1D8 Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_CLOSE 8684C1D8 Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_READ 8684C1D8 Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_WRITE 8684C1D8 Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_QUERY_INFORMATION 8684C1D8 Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_SET_INFORMATION 8684C1D8 Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_QUERY_EA 8684C1D8 Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_SET_EA 8684C1D8 Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_FLUSH_BUFFERS 8684C1D8 Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_QUERY_VOLUME_INFORMATION 8684C1D8 Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_SET_VOLUME_INFORMATION 8684C1D8 Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_DIRECTORY_CONTROL 8684C1D8 Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_FILE_SYSTEM_CONTROL 8684C1D8 Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_DEVICE_CONTROL 8684C1D8 Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_INTERNAL_DEVICE_CONTROL 8684C1D8 Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_SHUTDOWN 8684C1D8 Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_LOCK_CONTROL 8684C1D8 Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_CLEANUP 8684C1D8 Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_CREATE_MAILSLOT 8684C1D8 Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_QUERY_SECURITY 8684C1D8 Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_SET_SECURITY 8684C1D8 Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_POWER 8684C1D8 Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_SYSTEM_CONTROL 8684C1D8 Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_DEVICE_CHANGE 8684C1D8 Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_QUERY_QUOTA 8684C1D8 Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_SET_QUOTA 8684C1D8 Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_PNP 8684C1D8 Device \Driver\usbuhci \Device\USBFDO-2 IRP_MJ_CREATE 86D841D8 Device \Driver\usbuhci \Device\USBFDO-2 IRP_MJ_CLOSE 86D841D8 Device \Driver\usbuhci \Device\USBFDO-2 IRP_MJ_DEVICE_CONTROL 86D841D8 Device \Driver\usbuhci \Device\USBFDO-2 IRP_MJ_INTERNAL_DEVICE_CONTROL 86D841D8 Device \Driver\usbuhci \Device\USBFDO-2 IRP_MJ_POWER 86D841D8 Device \Driver\usbuhci \Device\USBFDO-2 IRP_MJ_SYSTEM_CONTROL 86D841D8 Device \Driver\usbuhci \Device\USBFDO-2 IRP_MJ_PNP 86D841D8 Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_CREATE 8684C1D8 Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_CREATE_NAMED_PIPE 8684C1D8 Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_CLOSE 8684C1D8 Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_READ 8684C1D8 Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_WRITE 8684C1D8 Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_QUERY_INFORMATION 8684C1D8 Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_SET_INFORMATION 8684C1D8 Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_QUERY_EA 8684C1D8 Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_SET_EA 8684C1D8 Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_FLUSH_BUFFERS 8684C1D8 Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_QUERY_VOLUME_INFORMATION 8684C1D8 Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_SET_VOLUME_INFORMATION 8684C1D8 Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_DIRECTORY_CONTROL 8684C1D8 Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_FILE_SYSTEM_CONTROL 8684C1D8 Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_DEVICE_CONTROL 8684C1D8 Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_INTERNAL_DEVICE_CONTROL 8684C1D8 Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_SHUTDOWN 8684C1D8 Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_LOCK_CONTROL 8684C1D8 Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_CLEANUP 8684C1D8 Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_CREATE_MAILSLOT 8684C1D8 Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_QUERY_SECURITY 8684C1D8 Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_SET_SECURITY 8684C1D8 Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_POWER 8684C1D8 Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_SYSTEM_CONTROL 8684C1D8 Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_DEVICE_CHANGE 8684C1D8 Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_QUERY_QUOTA 8684C1D8 Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_SET_QUOTA 8684C1D8 Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_PNP 8684C1D8 Device \Driver\usbuhci \Device\USBFDO-3 IRP_MJ_CREATE 86D841D8 Device \Driver\usbuhci \Device\USBFDO-3 IRP_MJ_CLOSE 86D841D8 Device \Driver\usbuhci \Device\USBFDO-3 IRP_MJ_DEVICE_CONTROL 86D841D8 Device \Driver\usbuhci \Device\USBFDO-3 IRP_MJ_INTERNAL_DEVICE_CONTROL 86D841D8 Device \Driver\usbuhci \Device\USBFDO-3 IRP_MJ_POWER 86D841D8 Device \Driver\usbuhci \Device\USBFDO-3 IRP_MJ_SYSTEM_CONTROL 86D841D8 Device \Driver\usbuhci \Device\USBFDO-3 IRP_MJ_PNP 86D841D8 Device \Driver\usbehci \Device\USBFDO-4 IRP_MJ_CREATE 86D571D8 Device \Driver\usbehci \Device\USBFDO-4 IRP_MJ_CLOSE 86D571D8 Device \Driver\usbehci \Device\USBFDO-4 IRP_MJ_DEVICE_CONTROL 86D571D8 Device \Driver\usbehci \Device\USBFDO-4 IRP_MJ_INTERNAL_DEVICE_CONTROL 86D571D8 Device \Driver\usbehci \Device\USBFDO-4 IRP_MJ_POWER 86D571D8 Device \Driver\usbehci \Device\USBFDO-4 IRP_MJ_SYSTEM_CONTROL 86D571D8 Device \Driver\usbehci \Device\USBFDO-4 IRP_MJ_PNP 86D571D8 Device \Driver\Ftdisk \Device\FtControl IRP_MJ_CREATE 86FD31D8 Device \Driver\Ftdisk \Device\FtControl IRP_MJ_READ 86FD31D8 Device \Driver\Ftdisk \Device\FtControl IRP_MJ_WRITE 86FD31D8 Device \Driver\Ftdisk \Device\FtControl IRP_MJ_FLUSH_BUFFERS 86FD31D8 Device \Driver\Ftdisk \Device\FtControl IRP_MJ_DEVICE_CONTROL 86FD31D8 Device \Driver\Ftdisk \Device\FtControl IRP_MJ_INTERNAL_DEVICE_CONTROL 86FD31D8 Device \Driver\Ftdisk \Device\FtControl IRP_MJ_SHUTDOWN 86FD31D8 Device \Driver\Ftdisk \Device\FtControl IRP_MJ_CLEANUP 86FD31D8 Device \Driver\Ftdisk \Device\FtControl IRP_MJ_POWER 86FD31D8 Device \Driver\Ftdisk \Device\FtControl IRP_MJ_SYSTEM_CONTROL 86FD31D8 Device \Driver\Ftdisk \Device\FtControl IRP_MJ_PNP 86FD31D8 Device \Driver\mv614x \Device\Scsi\mv614x1 IRP_MJ_CREATE 86F641D8 Device \Driver\mv614x \Device\Scsi\mv614x1 IRP_MJ_CLOSE 86F641D8 Device \Driver\mv614x \Device\Scsi\mv614x1 IRP_MJ_DEVICE_CONTROL 86F641D8 Device \Driver\mv614x \Device\Scsi\mv614x1 IRP_MJ_INTERNAL_DEVICE_CONTROL 86F641D8 Device \Driver\mv614x \Device\Scsi\mv614x1 IRP_MJ_POWER 86F641D8 Device \Driver\mv614x \Device\Scsi\mv614x1 IRP_MJ_SYSTEM_CONTROL 86F641D8 Device \Driver\mv614x \Device\Scsi\mv614x1 IRP_MJ_PNP 86F641D8 Device \FileSystem\Cdfs \Cdfs IRP_MJ_CREATE 86D1F1D8 Device \FileSystem\Cdfs \Cdfs IRP_MJ_CLOSE 86D1F1D8 Device \FileSystem\Cdfs \Cdfs IRP_MJ_READ 86D1F1D8 Device \FileSystem\Cdfs \Cdfs IRP_MJ_QUERY_INFORMATION 86D1F1D8 Device \FileSystem\Cdfs \Cdfs IRP_MJ_SET_INFORMATION 86D1F1D8 Device \FileSystem\Cdfs \Cdfs IRP_MJ_QUERY_VOLUME_INFORMATION 86D1F1D8 Device \FileSystem\Cdfs \Cdfs IRP_MJ_DIRECTORY_CONTROL 86D1F1D8 Device \FileSystem\Cdfs \Cdfs IRP_MJ_FILE_SYSTEM_CONTROL 86D1F1D8 Device \FileSystem\Cdfs \Cdfs IRP_MJ_DEVICE_CONTROL 86D1F1D8 Device \FileSystem\Cdfs \Cdfs IRP_MJ_SHUTDOWN 86D1F1D8 Device \FileSystem\Cdfs \Cdfs IRP_MJ_LOCK_CONTROL 86D1F1D8 Device \FileSystem\Cdfs \Cdfs IRP_MJ_CLEANUP 86D1F1D8 Device \FileSystem\Cdfs \Cdfs IRP_MJ_PNP 86D1F1D8 ---- EOF - GMER 1.0.13 ----

Drugiego narazie nie wyśle bo wiadomosć jest za długa.

Joan · 14 Lipiec 2007 12:23

tu ok, wklejaj drugiego

suchy123 · 14 Lipiec 2007 15:12

GMER 1.0.13.12551 - http://www.gmer.net Rootkit scan 2007-07-14 17:11:21 Windows 5.1.2600 Dodatek Service Pack 2 ---- Services - GMER 1.0.13 ---- Service .NET CLR Data Service .NET CLR Networking Service .NETFramework Service [sYSTEM] Aavmker4 Service [DISABLED] Abiosdsk Service [DISABLED] abp480n5 Service C:\WINDOWS\System32\DRIVERS\ACPI.sys [bOOT] ACPI Service [DISABLED] ACPIEC Service [DISABLED] adpu160m Service C:\WINDOWS\system32\drivers\aec.sys [MANUAL] aec Service C:\WINDOWS\System32\drivers\afd.sys [sYSTEM] AFD Service [DISABLED] Aha154x Service [DISABLED] aic78u2 Service [DISABLED] aic78xx Service C:\WINDOWS\System32\svchost.exe [DISABLED] Alerter Service C:\WINDOWS\System32\alg.exe [MANUAL] ALG Service [DISABLED] AliIde Service C:\WINDOWS\System32\DRIVERS\amdk7.sys [sYSTEM] AmdK7 Service C:\WINDOWS\system32\DRIVERS\AmdLLD.sys [MANUAL] AmdLLD Service system32\DRIVERS\AmdTools.sys [MANUAL] AmdTools Service C:\WINDOWS\system32\DRIVERS\Amfilter.sys [sYSTEM] Amfilter Service [DISABLED] amsint Service C:\WINDOWS\system32\DRIVERS\Amusbprt.sys [MANUAL] Amusbprt Service C:\WINDOWS\system32\svchost.exe [MANUAL] AppMgmt Service C:\Program Files\Ares\chatServer.exe [MANUAL] AresChatServer Service [DISABLED] asc Service [DISABLED] asc3350p Service [DISABLED] asc3550 Service C:\WINDOWS\system32\drivers\AsIO.sys [sYSTEM] AsIO Service ASP.NET Service ASP.NET_1.1.4322 Service C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe [MANUAL] aspnet_state Service [AUTO] aswMon2 Service [MANUAL] aswRdr Service [sYSTEM] aswTdi Service C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [AUTO] aswUpdSv Service C:\WINDOWS\System32\DRIVERS\asyncmac.sys [MANUAL] AsyncMac Service C:\WINDOWS\System32\DRIVERS\atapi.sys [bOOT] atapi Service [DISABLED] Atdisk Service C:\WINDOWS\System32\DRIVERS\atmarpc.sys [MANUAL] Atmarpc Service C:\WINDOWS\System32\svchost.exe [AUTO] AudioSrv Service C:\WINDOWS\System32\DRIVERS\audstub.sys [MANUAL] audstub Service C:\Program Files\Alwil Software\Avast4\ashServ.exe [AUTO] avast! Antivirus Service C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [MANUAL] avast! Mail Scanner Service C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [MANUAL] avast! Web Scanner Service BattC Service [sYSTEM] Beep Service C:\WINDOWS\System32\svchost.exe [AUTO] BITS Service C:\WINDOWS\System32\svchost.exe [AUTO] Browser Service C:\DOCUME~1\p\USTAWI~1\Temp\catchme.sys [MANUAL] catchme Service [DISABLED] cbidf2k Service [DISABLED] cd20xrnt Service [sYSTEM] Cdaudio Service [DISABLED] Cdfs Service C:\WINDOWS\System32\DRIVERS\cdrom.sys [sYSTEM] Cdrom Service [sYSTEM] Changer Service C:\WINDOWS\system32\cisvc.exe [MANUAL] CiSvc Service C:\WINDOWS\system32\clipsrv.exe [DISABLED] ClipSrv Service [DISABLED] CmdIde Service C:\WINDOWS\System32\dllhost.exe [MANUAL] COMSysApp Service ContentFilter Service ContentIndex Service [DISABLED] Cpqarray Service C:\WINDOWS\system32\svchost.exe [AUTO] CryptSvc Service [DISABLED] dac2w2k Service [DISABLED] dac960nt Service C:\WINDOWS\system32\svchost.exe [AUTO] DcomLaunch Service C:\WINDOWS\System32\svchost.exe [AUTO] Dhcp Service C:\WINDOWS\System32\DRIVERS\disk.sys [bOOT] Disk Service C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe [AUTO] Diskeeper Service C:\WINDOWS\System32\dmadmin.exe [MANUAL] dmadmin Service C:\WINDOWS\System32\drivers\dmboot.sys [DISABLED] dmboot Service C:\WINDOWS\System32\drivers\dmio.sys [bOOT] dmio Service C:\WINDOWS\System32\drivers\dmload.sys [bOOT] dmload Service C:\WINDOWS\System32\svchost.exe [AUTO] dmserver Service C:\WINDOWS\system32\drivers\DMusic.sys [MANUAL] DMusic Service C:\WINDOWS\System32\svchost.exe [AUTO] Dnscache Service [DISABLED] dpti2o Service C:\WINDOWS\system32\drivers\drmkaud.sys [MANUAL] drmkaud Service System32\Drivers\dtscsi.sys [MANUAL] dtscsi Service C:\WINDOWS\System32\svchost.exe [AUTO] ERSvc Service C:\WINDOWS\system32\services.exe [AUTO] Eventlog Service C:\WINDOWS\System32\svchost.exe [MANUAL] EventSystem Service [DISABLED] Fastfat Service C:\WINDOWS\System32\svchost.exe [MANUAL] FastUserSwitchingCompatibility Service C:\WINDOWS\System32\DRIVERS\fdc.sys [MANUAL] Fdc Service [sYSTEM] Fips Service C:\WINDOWS\System32\DRIVERS\flpydisk.sys [MANUAL] Flpydisk Service C:\WINDOWS\system32\drivers\fltmgr.sys [bOOT] FltMgr Service [sYSTEM] Fs_Rec Service C:\WINDOWS\system32\drivers\ftdibus.sys [MANUAL] FTDIBUS Service C:\WINDOWS\System32\DRIVERS\ftdisk.sys [bOOT] Ftdisk Service C:\WINDOWS\system32\drivers\ftser2k.sys [MANUAL] FTSER2K Service C:\WINDOWS\System32\DRIVERS\gameenum.sys [MANUAL] gameenum Service C:\WINDOWS\system32\giveio.sys [bOOT] giveio Service C:\WINDOWS\System32\DRIVERS\gmer.sys [MANUAL] gmer Service C:\WINDOWS\System32\DRIVERS\msgpc.sys [MANUAL] Gpc Service C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [MANUAL] HDAudBus Service C:\WINDOWS\System32\svchost.exe [AUTO] helpsvc Service C:\WINDOWS\System32\DRIVERS\hidgame.sys [MANUAL] hidgame Service C:\WINDOWS\System32\svchost.exe [DISABLED] HidServ Service C:\WINDOWS\system32\DRIVERS\hidusb.sys [MANUAL] HidUsb Service [sYSTEM] Hmnt Service [DISABLED] hpn Service C:\WINDOWS\System32\DRIVERS\HPZid412.sys [MANUAL] HPZid412 Service C:\WINDOWS\System32\DRIVERS\HPZipr12.sys [MANUAL] HPZipr12 Service C:\WINDOWS\System32\DRIVERS\HPZius12.sys [MANUAL] HPZius12 Service C:\WINDOWS\System32\Drivers\HTTP.sys [MANUAL] HTTP Service C:\WINDOWS\System32\svchost.exe [MANUAL] HTTPFilter Service [sYSTEM] i2omgmt Service [DISABLED] i2omp Service C:\WINDOWS\System32\DRIVERS\i8042prt.sys [sYSTEM] i8042prt Service C:\WINDOWS\System32\DRIVERS\imapi.sys [sYSTEM] Imapi Service C:\WINDOWS\System32\imapi.exe [MANUAL] ImapiService Service [DISABLED] InCDfs Service C:\WINDOWS\System32\DRIVERS\InCDPass.sys [sYSTEM] InCDPass Service [sYSTEM] InCDrec Service [sYSTEM] incdrm Service C:\Program Files\Ahead\InCD\InCDsrv.exe [AUTO] InCDsrv Service inetaccs Service [DISABLED] ini910u Service Inport Service C:\WINDOWS\system32\drivers\RtkHDAud.sys [MANUAL] IntcAzAudAddService Service [DISABLED] IntelIde Service C:\WINDOWS\system32\drivers\ip6fw.sys [MANUAL] ip6fw Service C:\WINDOWS\System32\DRIVERS\ipfltdrv.sys [MANUAL] IpFilterDriver Service C:\WINDOWS\System32\DRIVERS\ipinip.sys [MANUAL] IpInIp Service C:\WINDOWS\System32\DRIVERS\ipnat.sys [MANUAL] IpNat Service C:\WINDOWS\System32\DRIVERS\ipsec.sys [sYSTEM] IPSec Service C:\WINDOWS\System32\DRIVERS\irenum.sys [MANUAL] IRENUM Service ISAPISearch Service C:\WINDOWS\System32\DRIVERS\isapnp.sys [bOOT] isapnp Service C:\WINDOWS\System32\DRIVERS\kbdclass.sys [sYSTEM] Kbdclass Service C:\WINDOWS\system32\drivers\kmixer.sys [MANUAL] kmixer Service [bOOT] KSecDD Service C:\WINDOWS\System32\svchost.exe [AUTO] lanmanserver Service C:\WINDOWS\System32\svchost.exe [AUTO] lanmanworkstation Service [sYSTEM] lbrtfdc Service ldap Service C:\WINDOWS\system32\LEXBCES.EXE [AUTO] LexBceS Service LicenseService Service C:\WINDOWS\System32\svchost.exe [AUTO] LmHosts Service C:\WINDOWS\System32\svchost.exe [DISABLED] Messenger Service [sYSTEM] mnmdd Service C:\WINDOWS\System32\mnmsrvc.exe [MANUAL] mnmsrvc Service [MANUAL] Modem Service C:\WINDOWS\System32\DRIVERS\mouclass.sys [sYSTEM] Mouclass Service C:\WINDOWS\System32\DRIVERS\mouhid.sys [MANUAL] mouhid Service [bOOT] MountMgr Service [DISABLED] mraid35x Service C:\WINDOWS\System32\DRIVERS\mrxdav.sys [MANUAL] MRxDAV Service C:\WINDOWS\System32\DRIVERS\mrxsmb.sys [sYSTEM] MRxSmb Service C:\WINDOWS\System32\msdtc.exe [MANUAL] MSDTC Service [sYSTEM] Msfs Service C:\WINDOWS\System32\msiexec.exe [MANUAL] MSIServer Service C:\WINDOWS\system32\drivers\MSKSSRV.sys [MANUAL] MSKSSRV Service C:\WINDOWS\system32\drivers\MSPCLOCK.sys [MANUAL] MSPCLOCK Service C:\WINDOWS\system32\drivers\MSPQM.sys [MANUAL] MSPQM Service C:\WINDOWS\System32\DRIVERS\mssmbios.sys [MANUAL] mssmbios Service C:\WINDOWS\system32\DRIVERS\ASACPI.sys [MANUAL] MTsensor Service [bOOT] Mup Service C:\WINDOWS\system32\DRIVERS\mv614x.sys [bOOT] mv614x Service [bOOT] NDIS Service C:\WINDOWS\System32\DRIVERS\ndistapi.sys [MANUAL] NdisTapi Service C:\WINDOWS\System32\DRIVERS\ndisuio.sys [MANUAL] Ndisuio Service C:\WINDOWS\System32\DRIVERS\ndiswan.sys [MANUAL] NdisWan Service [MANUAL] NDProxy Service C:\WINDOWS\System32\DRIVERS\netbios.sys [sYSTEM] NetBIOS Service C:\WINDOWS\System32\DRIVERS\netbt.sys [sYSTEM] NetBT Service C:\WINDOWS\system32\netdde.exe [DISABLED] NetDDE Service C:\WINDOWS\system32\netdde.exe [DISABLED] NetDDEdsdm Service C:\WINDOWS\System32\lsass.exe [MANUAL] Netlogon Service C:\WINDOWS\System32\svchost.exe [MANUAL] Netman Service C:\WINDOWS\System32\svchost.exe [MANUAL] Nla Service [sYSTEM] Npfs Service [DISABLED] Ntfs Service C:\WINDOWS\System32\lsass.exe [MANUAL] NtLmSsp Service C:\WINDOWS\system32\svchost.exe [MANUAL] NtmsSvc Service [sYSTEM] Null Service C:\WINDOWS\System32\DRIVERS\nv4_mini.sys [MANUAL] nv Service C:\WINDOWS\system32\nvsvc32.exe [AUTO] NVSvc Service C:\WINDOWS\System32\DRIVERS\nwlnkflt.sys [MANUAL] NwlnkFlt Service C:\WINDOWS\System32\DRIVERS\nwlnkfwd.sys [MANUAL] NwlnkFwd Service C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [MANUAL] ose Service C:\WINDOWS\System32\DRIVERS\parport.sys [MANUAL] Parport Service [bOOT] PartMgr Service [AUTO] ParVdm Service C:\WINDOWS\System32\DRIVERS\pci.sys [bOOT] PCI Service [sYSTEM] PCIDump Service C:\WINDOWS\system32\DRIVERS\pciide.sys [bOOT] PCIIde Service [DISABLED] Pcmcia Service [MANUAL] PDCOMP Service [MANUAL] PDFRAME Service [MANUAL] PDRELI Service [MANUAL] PDRFRAME Service [DISABLED] perc2 Service [DISABLED] perc2hib Service PerfDisk Service PerfNet Service PerfOS Service PerfProc Service C:\WINDOWS\system32\drivers\pfc.sys [MANUAL] pfc Service C:\WINDOWS\system32\services.exe [AUTO] PlugPlay Service C:\WINDOWS\System32\HPZipm12.exe [AUTO] Pml Driver HPZ12 Service C:\WINDOWS\System32\lsass.exe [AUTO] PolicyAgent Service C:\WINDOWS\System32\DRIVERS\raspptp.sys [MANUAL] PptpMiniport Service E:\Program [DISABLED] Prime95 Service Service C:\WINDOWS\System32\DRIVERS\processr.sys [sYSTEM] Processor Service C:\WINDOWS\System32\drivers\prodrv06.sys [sYSTEM] prodrv06 Service C:\WINDOWS\System32\drivers\prohlp02.sys [bOOT] prohlp02 Service C:\WINDOWS\system32\lsass.exe [AUTO] ProtectedStorage Service C:\WINDOWS\System32\DRIVERS\psched.sys [MANUAL] PSched Service C:\WINDOWS\System32\DRIVERS\ptilink.sys [MANUAL] Ptilink Service C:\WINDOWS\System32\Drivers\PxHelp20.sys [bOOT] PxHelp20 Service [DISABLED] ql1080 Service [DISABLED] Ql10wnt Service [DISABLED] ql12160 Service [DISABLED] ql1240 Service [DISABLED] ql1280 Service C:\WINDOWS\System32\DRIVERS\rasacd.sys [sYSTEM] RasAcd Service C:\WINDOWS\System32\svchost.exe [MANUAL] RasAuto Service C:\WINDOWS\System32\DRIVERS\rasl2tp.sys [MANUAL] Rasl2tp Service C:\WINDOWS\System32\svchost.exe [MANUAL] RasMan Service C:\WINDOWS\System32\DRIVERS\raspppoe.sys [MANUAL] RasPppoe Service C:\WINDOWS\System32\DRIVERS\raspti.sys [MANUAL] Raspti Service C:\WINDOWS\System32\DRIVERS\rdbss.sys [sYSTEM] Rdbss Service C:\WINDOWS\System32\DRIVERS\RDPCDD.sys [sYSTEM] RDPCDD Service RDPDD Service C:\WINDOWS\System32\DRIVERS\rdpdr.sys [MANUAL] rdpdr Service RDPNP Service [MANUAL] RDPWD Service C:\WINDOWS\system32\sessmgr.exe [MANUAL] RDSessMgr Service C:\WINDOWS\System32\DRIVERS\redbook.sys [sYSTEM] redbook Service C:\WINDOWS\System32\svchost.exe [DISABLED] RemoteAccess Service C:\WINDOWS\system32\svchost.exe [AUTO] RemoteRegistry Service C:\WINDOWS\System32\locator.exe [MANUAL] RpcLocator Service C:\WINDOWS\system32\svchost.exe [AUTO] RpcSs Service C:\WINDOWS\System32\rsvp.exe [MANUAL] RSVP Service C:\Documents and Settings\p\Pulpit\Programy\inne\cpu\RTCore.sys [MANUAL] RTCore Service C:\WINDOWS\system32\lsass.exe [AUTO] SamSs Service E:\Program Files\SiSoftware\SiSoftware Sandra Lite 2007\Sandra.sys [MANUAL] SANDRA Service C:\WINDOWS\System32\SCardSvr.exe [MANUAL] SCardSvr Service C:\WINDOWS\System32\svchost.exe [AUTO] Schedule Service ScsiPort Service C:\WINDOWS\System32\DRIVERS\secdrv.sys [AUTO] Secdrv Service C:\WINDOWS\System32\svchost.exe [AUTO] seclogon Service C:\WINDOWS\system32\svchost.exe [AUTO] SENS Service C:\WINDOWS\System32\DRIVERS\serenum.sys [MANUAL] serenum Service C:\WINDOWS\System32\DRIVERS\serial.sys [sYSTEM] Serial Service C:\WINDOWS\System32\DRIVERS\sermouse.sys [MANUAL] sermouse Service C:\WINDOWS\System32\drivers\sfhlp01.sys [bOOT] sfhlp01 Service [sYSTEM] Sfloppy Service C:\WINDOWS\System32\svchost.exe [AUTO] SharedAccess Service C:\WINDOWS\System32\svchost.exe [AUTO] ShellHWDetection Service [DISABLED] Simbad Service [DISABLED] Sparrow Service C:\WINDOWS\system32\speedfan.sys [bOOT] speedfan Service C:\WINDOWS\system32\drivers\splitter.sys [MANUAL] splitter Service C:\WINDOWS\system32\spoolsv.exe [AUTO] Spooler Service C:\WINDOWS\System32\Drivers\sptd.sys [bOOT] sptd Service C:\WINDOWS\System32\DRIVERS\sr.sys [bOOT] sr Service C:\WINDOWS\System32\svchost.exe [AUTO] srservice Service C:\WINDOWS\System32\DRIVERS\srv.sys [MANUAL] Srv Service C:\WINDOWS\System32\svchost.exe [MANUAL] SSDPSRV Service C:\WINDOWS\System32\DRIVERS\serscan.sys [MANUAL] StillCam Service C:\WINDOWS\System32\svchost.exe [AUTO] stisvc Service C:\WINDOWS\System32\DRIVERS\swenum.sys [MANUAL] swenum Service C:\WINDOWS\system32\drivers\swmidi.sys [MANUAL] swmidi Service C:\WINDOWS\System32\dllhost.exe [MANUAL] SwPrv Service swwd Service [DISABLED] symc810 Service [DISABLED] symc8xx Service [DISABLED] sym_hi Service [DISABLED] sym_u3 Service C:\WINDOWS\system32\drivers\sysaudio.sys [MANUAL] sysaudio Service C:\WINDOWS\system32\smlogsvc.exe [MANUAL] SysmonLog Service C:\WINDOWS\System32\svchost.exe [MANUAL] TapiSrv Service [AUTO] TBPanel Service C:\WINDOWS\System32\DRIVERS\tcpip.sys [sYSTEM] Tcpip Service [MANUAL] TDPIPE Service [MANUAL] TDTCP Service C:\WINDOWS\System32\DRIVERS\termdd.sys [sYSTEM] TermDD Service C:\WINDOWS\System32\svchost.exe [MANUAL] TermService Service C:\WINDOWS\System32\svchost.exe [AUTO] Themes Service C:\WINDOWS\System32\tlntsvr.exe [DISABLED] TlntSvr Service [DISABLED] TosIde Service C:\WINDOWS\system32\svchost.exe [AUTO] TrkWks Service TSDDD Service [DISABLED] Udfs Service [DISABLED] ultra Service C:\WINDOWS\system32\wdfmgr.exe [AUTO] UMWdf Service UnlockerDriver5 Service C:\WINDOWS\System32\DRIVERS\update.sys [MANUAL] Update Service C:\WINDOWS\System32\svchost.exe [MANUAL] upnphost Service C:\WINDOWS\System32\ups.exe [MANUAL] UPS Service C:\WINDOWS\System32\DRIVERS\usbccgp.sys [MANUAL] usbccgp Service C:\WINDOWS\system32\DRIVERS\usbehci.sys [MANUAL] usbehci Service C:\WINDOWS\System32\DRIVERS\usbhub.sys [MANUAL] usbhub Service C:\WINDOWS\System32\DRIVERS\usbprint.sys [MANUAL] usbprint Service C:\WINDOWS\System32\DRIVERS\usbscan.sys [MANUAL] usbscan Service C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [MANUAL] USBSTOR Service C:\WINDOWS\System32\DRIVERS\usbuhci.sys [MANUAL] usbuhci Service C:\WINDOWS\System32\DRIVERS\vcdvnic.sys [MANUAL] vcddev Service C:\WINDOWS\System32\drivers\vga.sys [sYSTEM] VgaSave Service C:\WINDOWS\System32\DRIVERS\viaagp.sys [bOOT] viaagp Service C:\WINDOWS\System32\DRIVERS\viaide.sys [bOOT] ViaIde Service C:\WINDOWS\System32\Drivers\VIAPFD.SYS [sYSTEM] VIAPFD Service C:\WINDOWS\system32\drivers\ac97via.sys [MANUAL] VIAudio Service [bOOT] VolSnap Service C:\WINDOWS\System32\vssvc.exe [MANUAL] VSS Service VxD Service C:\WINDOWS\System32\svchost.exe [AUTO] W32Time Service W3SVC Service C:\WINDOWS\System32\DRIVERS\wanarp.sys [MANUAL] Wanarp Service [MANUAL] WDICA Service C:\WINDOWS\system32\drivers\wdmaud.sys [MANUAL] wdmaud Service C:\WINDOWS\System32\svchost.exe [AUTO] WebClient Service C:\WINDOWS\system32\svchost.exe [AUTO] winmgmt Service [MANUAL] Winsock Service WinSock2 Service WinTrust Service C:\WINDOWS\System32\svchost.exe [MANUAL] WmdmPmSN Service C:\WINDOWS\System32\svchost.exe [MANUAL] Wmi Service WmiApRpl Service C:\WINDOWS\System32\wbem\wmiapsrv.exe [MANUAL] WmiApSrv Service C:\WINDOWS\System32\svchost.exe [AUTO] wscsvc Service C:\WINDOWS\system32\svchost.exe [AUTO] wuauserv Service C:\WINDOWS\System32\svchost.exe [AUTO] WZCSVC Service C:\WINDOWS\System32\svchost.exe [MANUAL] xmlprov ---- EOF - GMER 1.0.13 ----