Wolno działający internet

PerAspera · 28 Czerwiec 2007 18:50

Problem : od kilku dni internet zaczal dzialac bardzo wolno, zarowno przy sciaganiu danych jak i otwieraniu stron. I nie jest to typowe mulenie tylko “skoki” predkosci. Kozystam z Neostrady, dzwonilem do nich zeby sprawdzic czy to moze cos z laczem ale u nich jest wszystko OK. Niezauwazylem zadnych nowych dzialajacych procesow. Zalaczam logi z wszystkich diagnostykow ktore posiadam i prosze o szybka pomoc.

Logfile of Trend Micro HijackThis v2.0.0 (BETA)

Scan saved at 20:28:21, on 2007-06-28

Platform: Windows XP Dodatek SP. 1 (WinNT 5.01.2600)

Boot mode: Normal


Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\Explorer.EXE

d:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

d:\Program Files\Alwil Software\Avast4\ashServ.exe

C:\WINDOWS\System32\RUNDLL32.EXE

C:\Program Files\Analog Devices\SoundMAX\SMTray.exe

C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe

C:\PROGRA~1\NEOSTR~1\TaskbarIcon.exe

D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe

C:\WINDOWS\System32\ctfmon.exe

D:\Program Files\mozilla.org\SeaMonkey\SeaMonkey.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\System32\nvsvc32.exe

C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe

d:\Program Files\Alwil Software\Avast4\ashWebSv.exe

d:\Program Files\Alwil Software\Avast4\ashMaiSv.exe

C:\PROGRA~1\NEOSTR~1\NeostradaTP.exe

C:\PROGRA~1\NEOSTR~1\ComComp.exe

C:\PROGRA~1\NEOSTR~1\Watch.exe

C:\WINDOWS\System32\WScript.exe

C:\WINDOWS\System32\WScript.exe

C:\Documents and Settings\Admin\Pulpit\HiJackThis\HiJackThis_v2.exe


R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.neostrada.pl

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Neostrada TP

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - d:\Program Files\Spybot - Search & Destroy\SDHelper.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll

O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [Smapp] C:\Program Files\Analog Devices\SoundMAX\SMTray.exe

O4 - HKLM\..\Run: [WooCnxMon] C:\PROGRA~1\NEOSTR~1\CnxMon.exe

O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon

O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\NEOSTR~1\Watch.exe

O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\NEOSTR~1\TaskbarIcon.exe

O4 - HKLM\..\Run: [ashMaiSv] d:\PROGRA~1\ALWILS~1\Avast4\ashmaisv.exe

O4 - HKLM\..\Run: [avast!] d:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe

O4 - HKCU\..\Run: [SeaMonkey Quick Launch] "d:\Program Files\mozilla.org\SeaMonkey\SeaMonkey.exe" -turbo

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'USŁUGA LOKALNA')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'USŁUGA SIECIOWA')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll

O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm

O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm

O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/default/kavwebscan_unicode.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{55D8B9E6-BEF1-4492-8E50-C2ECB62AB1AB}: NameServer = 194.204.159.1 217.98.63.164

O22 - SharedTaskScheduler: Moduł wstępnego ładowania interfejsu Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll

O22 - SharedTaskScheduler: Demon buforu kategorii składników - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - d:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

O23 - Service: avast! Antivirus - ALWIL Software - d:\Program Files\Alwil Software\Avast4\ashServ.exe

O23 - Service: avast! Mail Scanner - ALWIL Software - d:\Program Files\Alwil Software\Avast4\ashMaiSv.exe

O23 - Service: avast! Web Scanner - ALWIL Software - d:\Program Files\Alwil Software\Avast4\ashWebSv.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe

O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe


--

End of file - 5247 bytes

"Silent Runners.vbs", revision R50, http://www.silentrunners.org/

Operating System: Windows XP

Output limited to non-default values, except where indicated by "{++}"



Startup items buried in registry:

---------------------------------


HKCU\Software\Microsoft\Windows\CurrentVersion\Run\ {++}

"CTFMON.EXE" = "C:\WINDOWS\System32\ctfmon.exe" [MS]

"SeaMonkey Quick Launch" = ""d:\Program Files\mozilla.org\SeaMonkey\SeaMonkey.exe" -turbo" ["mozilla.org"]


HKLM\Software\Microsoft\Windows\CurrentVersion\Run\ {++}

"NvCplDaemon" = "RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup" [MS]

"NvMediaCenter" = "RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit" [MS]

"Smapp" = "C:\Program Files\Analog Devices\SoundMAX\SMTray.exe" ["Analog Devices, Inc."]

"WooCnxMon" = "C:\PROGRA~1\NEOSTR~1\CnxMon.exe" [empty string]

"SpeedTouch USB Diagnostics" = ""C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon" ["THOMSON Telecom Belgium"]

"WOOWATCH" = "C:\PROGRA~1\NEOSTR~1\Watch.exe" ["France Télécom R&D"]

"WOOTASKBARICON" = "C:\PROGRA~1\NEOSTR~1\TaskbarIcon.exe" ["France Télécom R&D"]

"ashMaiSv" = "d:\PROGRA~1\ALWILS~1\Avast4\ashmaisv.exe" ["ALWIL Software"]

"avast!" = "d:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" ["ALWIL Software"]

"SunJavaUpdateSched" = ""C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"" ["Sun Microsystems, Inc."]


HKLM\Software\Microsoft\Active Setup\Installed Components\

{306D6C21-C1B6-4629-986C-E59E1875B8AF}\(Default) = (no title provided)

                                       \StubPath = ""C:\WINDOWS\System32\rundll32.exe" "C:\Program Files\Messenger\msgsc.dll",ShowIconsUser" [MS]


HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\

{53707962-6F74-2D53-2644-206D7942484F}\(Default) = (no title provided)

  -> {HKLM...CLSID} = (no title provided)

                   \InProcServer32\(Default) = "d:\Program Files\Spybot - Search & Destroy\SDHelper.dll" ["Safer Networking Limited"]

{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\(Default) = (no title provided)

  -> {HKLM...CLSID} = "SSVHelper Class"

                   \InProcServer32\(Default) = "C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll" ["Sun Microsystems, Inc."]

{AA58ED58-01DD-4d91-8333-CF10577473F7}\(Default) = (no title provided)

  -> {HKLM...CLSID} = "Google Toolbar Helper"

                   \InProcServer32\(Default) = "c:\program files\google\googletoolbar1.dll" ["Google Inc."]


HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\

"{42071714-76d4-11d1-8b24-00a0c9068ff3}" = "Rozszerzenie CPL kadrowania wyświetlania"

  -> {HKLM...CLSID} = "Rozszerzenie CPL kadrowania wyświetlania"

                   \InProcServer32\(Default) = "deskpan.dll" [file not found]

"{88895560-9AA2-1069-930E-00AA0030EBC8}" = "Rozszerzenie ikony HyperTerminalu"

  -> {HKLM...CLSID} = "HyperTerminal Icon Ext"

                   \InProcServer32\(Default) = "C:\WINDOWS\System32\hticons.dll" ["Hilgraeve, Inc."]

"{A70C977A-BF00-412C-90B7-034C51DA2439}" = "NvCpl DesktopContext Class"

  -> {HKLM...CLSID} = "DesktopContext Class"

                   \InProcServer32\(Default) = "C:\WINDOWS\System32\nvcpl.dll" ["NVIDIA Corporation"]

"{FFB699E0-306A-11d3-8BD1-00104B6F7516}" = "Play on my TV helper"

  -> {HKLM...CLSID} = "NVIDIA CPL Extension"

                   \InProcServer32\(Default) = "C:\WINDOWS\System32\nvcpl.dll" ["NVIDIA Corporation"]

"{1CDB2949-8F65-4355-8456-263E7C208A5D}" = "Desktop Explorer"

  -> {HKLM...CLSID} = "Desktop Explorer"

                   \InProcServer32\(Default) = "C:\WINDOWS\System32\nvshell.dll" ["NVIDIA Corporation"]

"{1E9B04FB-F9E5-4718-997B-B8DA88302A47}" = "Desktop Explorer Menu"

  -> {HKLM...CLSID} = (no title provided)

                   \InProcServer32\(Default) = "C:\WINDOWS\System32\nvshell.dll" ["NVIDIA Corporation"]

"{1E9B04FB-F9E5-4718-997B-B8DA88302A48}" = "nView Desktop Context Menu"

  -> {HKLM...CLSID} = "nView Desktop Context Menu"

                   \InProcServer32\(Default) = "C:\WINDOWS\System32\nvshell.dll" ["NVIDIA Corporation"]

"{472083B0-C522-11CF-8763-00608CC02F24}" = "avast"

  -> {HKLM...CLSID} = "avast"

                   \InProcServer32\(Default) = "d:\Program Files\Alwil Software\Avast4\ashShell.dll" ["ALWIL Software"]

"{792F0537-F929-4eb7-AC1D-FB6334C71550}" = "LG Phone"

  -> {HKLM...CLSID} = "LG Phone"

                   \InProcServer32\(Default) = "d:\PROGRA~1\LGPCSU~1\LGPHON~1\Phone.dll" [file not found]

"{B41DB860-8EE4-11D2-9906-E49FADC173CA}" = "WinRAR shell extension"

  -> {HKLM...CLSID} = "WinRAR"

                   \InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" [null data]

"{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}" = "OpenOffice.org Column Handler"

  -> {HKLM...CLSID} = (no title provided)

                   \InProcServer32\(Default) = ""C:\Program Files\OpenOffice.org 2.1\program\shlxthdl.dll"" ["Sun Microsystems, Inc."]

"{087B3AE3-E237-4467-B8DB-5A38AB959AC9}" = "OpenOffice.org Infotip Handler"

  -> {HKLM...CLSID} = (no title provided)

                   \InProcServer32\(Default) = ""C:\Program Files\OpenOffice.org 2.1\program\shlxthdl.dll"" ["Sun Microsystems, Inc."]

"{63542C48-9552-494A-84F7-73AA6A7C99C1}" = "OpenOffice.org Property Sheet Handler"

  -> {HKLM...CLSID} = (no title provided)

                   \InProcServer32\(Default) = ""C:\Program Files\OpenOffice.org 2.1\program\shlxthdl.dll"" ["Sun Microsystems, Inc."]

"{3B092F0C-7696-40E3-A80F-68D74DA84210}" = "OpenOffice.org Thumbnail Viewer"

  -> {HKLM...CLSID} = (no title provided)

                   \InProcServer32\(Default) = ""C:\Program Files\OpenOffice.org 2.1\program\shlxthdl.dll"" ["Sun Microsystems, Inc."]


HKLM\Software\Classes\Folder\shellex\ColumnHandlers\

{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}\(Default) = "OpenOffice.org Column Handler"

  -> {HKLM...CLSID} = (no title provided)

                   \InProcServer32\(Default) = ""C:\Program Files\OpenOffice.org 2.1\program\shlxthdl.dll"" ["Sun Microsystems, Inc."]


HKLM\Software\Classes\*\shellex\ContextMenuHandlers\

avast\(Default) = "{472083B0-C522-11CF-8763-00608CC02F24}"

  -> {HKLM...CLSID} = "avast"

                   \InProcServer32\(Default) = "d:\Program Files\Alwil Software\Avast4\ashShell.dll" ["ALWIL Software"]

WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"

  -> {HKLM...CLSID} = "WinRAR"

                   \InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" [null data]


HKLM\Software\Classes\Directory\shellex\ContextMenuHandlers\

WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"

  -> {HKLM...CLSID} = "WinRAR"

                   \InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" [null data]


HKLM\Software\Classes\Folder\shellex\ContextMenuHandlers\

avast\(Default) = "{472083B0-C522-11CF-8763-00608CC02F24}"

  -> {HKLM...CLSID} = "avast"

                   \InProcServer32\(Default) = "d:\Program Files\Alwil Software\Avast4\ashShell.dll" ["ALWIL Software"]

WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"

  -> {HKLM...CLSID} = "WinRAR"

                   \InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" [null data]



Group Policies {GPedit.msc branch and setting}:

-----------------------------------------------


Note: detected settings may not have any effect.


HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System\


"shutdownwithoutlogon" = (REG_DWORD) hex:0x00000001

{Computer Configuration|Windows Settings|Security Settings|Local Policies|Security Options|

Shutdown: Allow system to be shut down without having to log on}


"undockwithoutlogon" = (REG_DWORD) hex:0x00000001

{Computer Configuration|Windows Settings|Security Settings|Local Policies|Security Options|

Devices: Allow undock without having to log on}



Active Desktop and Wallpaper:

-----------------------------


Active Desktop may be disabled at this entry:

HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellState


Displayed if Active Desktop enabled and wallpaper not set by Group Policy:

HKCU\Software\Microsoft\Internet Explorer\Desktop\General\

"Wallpaper" = "C:\WINDOWS\web\wallpaper\Idylla.bmp"


Displayed if Active Desktop disabled and wallpaper not set by Group Policy:

HKCU\Control Panel\Desktop\

"Wallpaper" = "C:\WINDOWS\web\wallpaper\Idylla.bmp"



Enabled Screen Saver:

---------------------


HKCU\Control Panel\Desktop\

"SCRNSAVE.EXE" = "C:\WINDOWS\System32\logon.scr" [MS]



Winsock2 Service Provider DLLs:

-------------------------------


Namespace Service Providers


HKLM\System\CurrentControlSet\Services\Winsock2\Parameters\NameSpace_Catalog5\Catalog_Entries\ {++}

000000000001\LibraryPath = "%SystemRoot%\System32\mswsock.dll" [MS]

000000000002\LibraryPath = "%SystemRoot%\System32\winrnr.dll" [MS]

000000000003\LibraryPath = "%SystemRoot%\System32\mswsock.dll" [MS]


Transport Service Providers


HKLM\System\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\ {++}

0000000000##\PackedCatalogItem (contains) DLL [Company Name], (at) ## range:

%SystemRoot%\system32\mswsock.dll [MS], 01 - 03, 06 - 15

%SystemRoot%\system32\rsvpsp.dll [MS], 04 - 05



Toolbars, Explorer Bars, Extensions:

------------------------------------


Toolbars


HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\

"{2318C2B1-4965-11D4-9B18-009027A5CD4F}"

  -> {HKLM...CLSID} = "&Google"

                   \InProcServer32\(Default) = "c:\program files\google\googletoolbar1.dll" ["Google Inc."]


HKLM\Software\Microsoft\Internet Explorer\Toolbar\

"{2318C2B1-4965-11D4-9B18-009027A5CD4F}" = (no title provided)

  -> {HKLM...CLSID} = "&Google"

                   \InProcServer32\(Default) = "c:\program files\google\googletoolbar1.dll" ["Google Inc."]


Explorer Bars


HKLM\Software\Microsoft\Internet Explorer\Explorer Bars\


HKLM\Software\Classes\CLSID\{01002DB2-8170-4D9B-A8B1-DDC9DD114E03}\(Default) = "Volet Wanadoo"

Implemented Categories\{00021494-0000-0000-C000-000000000046}\ [horizontal bar]

InProcServer32\(Default) = "C:\PROGRA~1\NEOSTR~1\audience\audience.dll" [empty string]


HKLM\Software\Classes\CLSID\{3BAF4A27-C764-4E1A-A6F4-62F7A7E5E51C}\(Default) = "ToolBand Class"

Implemented Categories\{00021494-0000-0000-C000-000000000046}\ [horizontal bar]

InProcServer32\(Default) = "C:\PROGRA~1\NEOSTR~1\audience\audience.dll" [empty string]


HKLM\Software\Classes\CLSID\{5BF498C0-931E-4A4F-B33F-456D07137EAA}\(Default) = "Volet Wanadoo"

Implemented Categories\{00021494-0000-0000-C000-000000000046}\ [horizontal bar]

InProcServer32\(Default) = "C:\PROGRA~1\NEOSTR~1\audience\audience.dll" [empty string]


Extensions (Tools menu items, main toolbar menu buttons)


HKLM\Software\Microsoft\Internet Explorer\Extensions\

{08B0E5C0-4FCB-11CF-AAA5-00401C608501}\

"MenuText" = "Sun Java Console"

"CLSIDExtension" = "{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBC}"

  -> {HKCU...CLSID} = "Java Plug-in 1.6.0_01"

                   \InProcServer32\(Default) = "C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll" ["Sun Microsystems, Inc."]

  -> {HKLM...CLSID} = "Java Plug-in 1.6.0_01"

                   \InProcServer32\(Default) = "C:\Program Files\Java\jre1.6.0_01\bin\npjpi160_01.dll" ["Sun Microsystems, Inc."]



Running Services (Display Name, Service Name, Path {Service DLL}):

------------------------------------------------------------------


avast! Antivirus, avast! Antivirus, ""d:\Program Files\Alwil Software\Avast4\ashServ.exe"" ["ALWIL Software"]

avast! iAVS4 Control Service, aswUpdSv, ""d:\Program Files\Alwil Software\Avast4\aswUpdSv.exe"" ["ALWIL Software"]

avast! Mail Scanner, avast! Mail Scanner, ""d:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service" ["ALWIL Software"]

avast! Web Scanner, avast! Web Scanner, ""d:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service" ["ALWIL Software"]

NVIDIA Display Driver Service, NVSvc, "C:\WINDOWS\System32\nvsvc32.exe" ["NVIDIA Corporation"]

SoundMAX Agent Service, SoundMAX Agent Service (default), "C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe" ["Analog Devices, Inc."]



----------

+ This report excludes default entries except where indicated.

+ To see *everywhere* the script checks and *everything* it finds,

  launch it from a command prompt or a shortcut with the -all parameter.

+ The search for DESKTOP.INI DLL launch points on all local fixed drives

  took 173 seconds.

---------- (total run time: 1147 seconds)

GMER 1.0.13.12540 - http://www.gmer.net

Rootkit scan 2007-06-28 20:48:42

Windows 5.1.2600 Dodatek Service Pack. 1



---- Kernel code sections - GMER 1.0.13 ----


.text ntoskrnl.exe!KeInitializeInterrupt + B67 804DA23C 1 Byte [06]

? C:\WINDOWS\System32\Drivers\PROCEXP100.SYS Nie można odnaleźć określonego pliku.


---- Devices - GMER 1.0.13 ----


AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_CREATE [B9AD1812] aswMon2.SYS

AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_CREATE_NAMED_PIPE [B9AD1812] aswMon2.SYS

AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_CLOSE [B9AD1812] aswMon2.SYS

AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_READ [B9AD1812] aswMon2.SYS

AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_WRITE [B9AD1812] aswMon2.SYS

AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_INFORMATION [B9AD1812] aswMon2.SYS

AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_SET_INFORMATION [B9AD1812] aswMon2.SYS

AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_EA [B9AD1812] aswMon2.SYS

AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_SET_EA [B9AD1812] aswMon2.SYS

AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_FLUSH_BUFFERS [B9AD1812] aswMon2.SYS

AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_VOLUME_INFORMATION [B9AD1812] aswMon2.SYS

AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_SET_VOLUME_INFORMATION [B9AD1812] aswMon2.SYS

AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_DIRECTORY_CONTROL [B9AD1812] aswMon2.SYS

AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_FILE_SYSTEM_CONTROL [B9AD2F74] aswMon2.SYS

AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_DEVICE_CONTROL [B9AD1812] aswMon2.SYS

AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_INTERNAL_DEVICE_CONTROL [B9AD1812] aswMon2.SYS

AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_SHUTDOWN [B9AD1812] aswMon2.SYS

AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_LOCK_CONTROL [B9AD1812] aswMon2.SYS

AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_CLEANUP [B9AD1812] aswMon2.SYS

AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_CREATE_MAILSLOT [B9AD1812] aswMon2.SYS

AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_SECURITY [B9AD1812] aswMon2.SYS

AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_SET_SECURITY [B9AD1812] aswMon2.SYS

AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_POWER [B9AD1812] aswMon2.SYS

AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_SYSTEM_CONTROL [B9AD1812] aswMon2.SYS

AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_DEVICE_CHANGE [B9AD1812] aswMon2.SYS

AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_QUOTA [B9AD1812] aswMon2.SYS

AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_SET_QUOTA [B9AD1812] aswMon2.SYS

AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_CREATE [B9AD1812] aswMon2.SYS

AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_CREATE_NAMED_PIPE [B9AD1812] aswMon2.SYS

AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_CLOSE [B9AD1812] aswMon2.SYS

AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_READ [B9AD1812] aswMon2.SYS

AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_WRITE [B9AD1812] aswMon2.SYS

AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_INFORMATION [B9AD1812] aswMon2.SYS

AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_SET_INFORMATION [B9AD1812] aswMon2.SYS

AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_EA [B9AD1812] aswMon2.SYS

AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_SET_EA [B9AD1812] aswMon2.SYS

AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_FLUSH_BUFFERS [B9AD1812] aswMon2.SYS

AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_VOLUME_INFORMATION [B9AD1812] aswMon2.SYS

AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_SET_VOLUME_INFORMATION [B9AD1812] aswMon2.SYS

AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_DIRECTORY_CONTROL [B9AD1812] aswMon2.SYS

AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_FILE_SYSTEM_CONTROL [B9AD2F74] aswMon2.SYS

AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_DEVICE_CONTROL [B9AD1812] aswMon2.SYS

AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_INTERNAL_DEVICE_CONTROL [B9AD1812] aswMon2.SYS

AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_SHUTDOWN [B9AD1812] aswMon2.SYS

AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_LOCK_CONTROL [B9AD1812] aswMon2.SYS

AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_CLEANUP [B9AD1812] aswMon2.SYS

AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_CREATE_MAILSLOT [B9AD1812] aswMon2.SYS

AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_SECURITY [B9AD1812] aswMon2.SYS

AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_SET_SECURITY [B9AD1812] aswMon2.SYS

AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_POWER [B9AD1812] aswMon2.SYS

AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_SYSTEM_CONTROL [B9AD1812] aswMon2.SYS

AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_DEVICE_CHANGE [B9AD1812] aswMon2.SYS

AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_QUOTA [B9AD1812] aswMon2.SYS

AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_SET_QUOTA [B9AD1812] aswMon2.SYS

AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_CREATE [F87868E6] aswTdi.SYS

AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_CREATE_NAMED_PIPE [F87868E6] aswTdi.SYS

AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_CLOSE [F87868E6] aswTdi.SYS

AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_READ [F87868E6] aswTdi.SYS

AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_WRITE [F87868E6] aswTdi.SYS

AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_QUERY_INFORMATION [F87868E6] aswTdi.SYS

AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_SET_INFORMATION [F87868E6] aswTdi.SYS

AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_QUERY_EA [F87868E6] aswTdi.SYS

AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_SET_EA [F87868E6] aswTdi.SYS

AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_FLUSH_BUFFERS [F87868E6] aswTdi.SYS

AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_QUERY_VOLUME_INFORMATION [F87868E6] aswTdi.SYS

AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_SET_VOLUME_INFORMATION [F87868E6] aswTdi.SYS

AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_DIRECTORY_CONTROL [F87868E6] aswTdi.SYS

AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_FILE_SYSTEM_CONTROL [F87868E6] aswTdi.SYS

AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_DEVICE_CONTROL [F87868E6] aswTdi.SYS

AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_INTERNAL_DEVICE_CONTROL [F87862C0] aswTdi.SYS

AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_SHUTDOWN [F87868E6] aswTdi.SYS

AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_LOCK_CONTROL [F87868E6] aswTdi.SYS

AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_CLEANUP [F87868E6] aswTdi.SYS

AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_CREATE_MAILSLOT [F87868E6] aswTdi.SYS

AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_QUERY_SECURITY [F87868E6] aswTdi.SYS

AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_SET_SECURITY [F87868E6] aswTdi.SYS

AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_POWER [F87868E6] aswTdi.SYS

AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_SYSTEM_CONTROL [F87868E6] aswTdi.SYS

AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_DEVICE_CHANGE [F87868E6] aswTdi.SYS

AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_QUERY_QUOTA [F87868E6] aswTdi.SYS

AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_SET_QUOTA [F87868E6] aswTdi.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_CREATE [F87868E6] aswTdi.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_CREATE_NAMED_PIPE [F87868E6] aswTdi.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_CLOSE [F87868E6] aswTdi.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_READ [F87868E6] aswTdi.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_WRITE [F87868E6] aswTdi.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_QUERY_INFORMATION [F87868E6] aswTdi.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_SET_INFORMATION [F87868E6] aswTdi.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_QUERY_EA [F87868E6] aswTdi.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_SET_EA [F87868E6] aswTdi.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_FLUSH_BUFFERS [F87868E6] aswTdi.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_QUERY_VOLUME_INFORMATION [F87868E6] aswTdi.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_SET_VOLUME_INFORMATION [F87868E6] aswTdi.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_DIRECTORY_CONTROL [F87868E6] aswTdi.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_FILE_SYSTEM_CONTROL [F87868E6] aswTdi.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_DEVICE_CONTROL [F87868E6] aswTdi.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_INTERNAL_DEVICE_CONTROL [F87862C0] aswTdi.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_SHUTDOWN [F87868E6] aswTdi.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_LOCK_CONTROL [F87868E6] aswTdi.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_CLEANUP [F87868E6] aswTdi.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_CREATE_MAILSLOT [F87868E6] aswTdi.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_QUERY_SECURITY [F87868E6] aswTdi.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_SET_SECURITY [F87868E6] aswTdi.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_POWER [F87868E6] aswTdi.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_SYSTEM_CONTROL [F87868E6] aswTdi.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_DEVICE_CHANGE [F87868E6] aswTdi.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_QUERY_QUOTA [F87868E6] aswTdi.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_SET_QUOTA [F87868E6] aswTdi.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_CREATE [F87868E6] aswTdi.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_CREATE_NAMED_PIPE [F87868E6] aswTdi.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_CLOSE [F87868E6] aswTdi.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_READ [F87868E6] aswTdi.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_WRITE [F87868E6] aswTdi.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_QUERY_INFORMATION [F87868E6] aswTdi.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_SET_INFORMATION [F87868E6] aswTdi.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_QUERY_EA [F87868E6] aswTdi.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_SET_EA [F87868E6] aswTdi.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_FLUSH_BUFFERS [F87868E6] aswTdi.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_QUERY_VOLUME_INFORMATION [F87868E6] aswTdi.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_SET_VOLUME_INFORMATION [F87868E6] aswTdi.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_DIRECTORY_CONTROL [F87868E6] aswTdi.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_FILE_SYSTEM_CONTROL [F87868E6] aswTdi.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_DEVICE_CONTROL [F87868E6] aswTdi.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_INTERNAL_DEVICE_CONTROL [F87862C0] aswTdi.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_SHUTDOWN [F87868E6] aswTdi.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_LOCK_CONTROL [F87868E6] aswTdi.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_CLEANUP [F87868E6] aswTdi.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_CREATE_MAILSLOT [F87868E6] aswTdi.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_QUERY_SECURITY [F87868E6] aswTdi.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_SET_SECURITY [F87868E6] aswTdi.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_POWER [F87868E6] aswTdi.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_SYSTEM_CONTROL [F87868E6] aswTdi.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_DEVICE_CHANGE [F87868E6] aswTdi.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_QUERY_QUOTA [F87868E6] aswTdi.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_SET_QUOTA [F87868E6] aswTdi.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_CREATE [F87868E6] aswTdi.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_CREATE_NAMED_PIPE [F87868E6] aswTdi.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_CLOSE [F87868E6] aswTdi.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_READ [F87868E6] aswTdi.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_WRITE [F87868E6] aswTdi.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_QUERY_INFORMATION [F87868E6] aswTdi.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_SET_INFORMATION [F87868E6] aswTdi.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_QUERY_EA [F87868E6] aswTdi.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_SET_EA [F87868E6] aswTdi.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_FLUSH_BUFFERS [F87868E6] aswTdi.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_QUERY_VOLUME_INFORMATION [F87868E6] aswTdi.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_SET_VOLUME_INFORMATION [F87868E6] aswTdi.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_DIRECTORY_CONTROL [F87868E6] aswTdi.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_FILE_SYSTEM_CONTROL [F87868E6] aswTdi.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_DEVICE_CONTROL [F87868E6] aswTdi.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_INTERNAL_DEVICE_CONTROL [F87862C0] aswTdi.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_SHUTDOWN [F87868E6] aswTdi.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_LOCK_CONTROL [F87868E6] aswTdi.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_CLEANUP [F87868E6] aswTdi.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_CREATE_MAILSLOT [F87868E6] aswTdi.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_QUERY_SECURITY [F87868E6] aswTdi.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_SET_SECURITY [F87868E6] aswTdi.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_POWER [F87868E6] aswTdi.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_SYSTEM_CONTROL [F87868E6] aswTdi.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_DEVICE_CHANGE [F87868E6] aswTdi.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_QUERY_QUOTA [F87868E6] aswTdi.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_SET_QUOTA [F87868E6] aswTdi.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_CREATE [F87868E6] aswTdi.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_CREATE_NAMED_PIPE [F87868E6] aswTdi.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_CLOSE [F87868E6] aswTdi.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_READ [F87868E6] aswTdi.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_WRITE [F87868E6] aswTdi.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_QUERY_INFORMATION [F87868E6] aswTdi.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_SET_INFORMATION [F87868E6] aswTdi.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_QUERY_EA [F87868E6] aswTdi.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_SET_EA [F87868E6] aswTdi.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_FLUSH_BUFFERS [F87868E6] aswTdi.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_QUERY_VOLUME_INFORMATION [F87868E6] aswTdi.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_SET_VOLUME_INFORMATION [F87868E6] aswTdi.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_DIRECTORY_CONTROL [F87868E6] aswTdi.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_FILE_SYSTEM_CONTROL [F87868E6] aswTdi.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_DEVICE_CONTROL [F87868E6] aswTdi.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_INTERNAL_DEVICE_CONTROL [F87862C0] aswTdi.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_SHUTDOWN [F87868E6] aswTdi.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_LOCK_CONTROL [F87868E6] aswTdi.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_CLEANUP [F87868E6] aswTdi.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_CREATE_MAILSLOT [F87868E6] aswTdi.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_QUERY_SECURITY [F87868E6] aswTdi.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_SET_SECURITY [F87868E6] aswTdi.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_POWER [F87868E6] aswTdi.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_SYSTEM_CONTROL [F87868E6] aswTdi.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_DEVICE_CHANGE [F87868E6] aswTdi.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_QUERY_QUOTA [F87868E6] aswTdi.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_SET_QUOTA [F87868E6] aswTdi.SYS

AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_CREATE [B9AD1812] aswMon2.SYS

AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_CREATE_NAMED_PIPE [B9AD1812] aswMon2.SYS

AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_CLOSE [B9AD1812] aswMon2.SYS

AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_READ [B9AD1812] aswMon2.SYS

AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_WRITE [B9AD1812] aswMon2.SYS

AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_QUERY_INFORMATION [B9AD1812] aswMon2.SYS

AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_SET_INFORMATION [B9AD1812] aswMon2.SYS

AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_QUERY_EA [B9AD1812] aswMon2.SYS

AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_SET_EA [B9AD1812] aswMon2.SYS

AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_FLUSH_BUFFERS [B9AD1812] aswMon2.SYS

AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_QUERY_VOLUME_INFORMATION [B9AD1812] aswMon2.SYS

AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_SET_VOLUME_INFORMATION [B9AD1812] aswMon2.SYS

AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_DIRECTORY_CONTROL [B9AD1812] aswMon2.SYS

AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_FILE_SYSTEM_CONTROL [B9AD2F74] aswMon2.SYS

AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_DEVICE_CONTROL [B9AD1812] aswMon2.SYS

AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_INTERNAL_DEVICE_CONTROL [B9AD1812] aswMon2.SYS

AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_SHUTDOWN [B9AD1812] aswMon2.SYS

AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_LOCK_CONTROL [B9AD1812] aswMon2.SYS

AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_CLEANUP [B9AD1812] aswMon2.SYS

AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_CREATE_MAILSLOT [B9AD1812] aswMon2.SYS

AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_QUERY_SECURITY [B9AD1812] aswMon2.SYS

AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_SET_SECURITY [B9AD1812] aswMon2.SYS

AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_POWER [B9AD1812] aswMon2.SYS

AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_SYSTEM_CONTROL [B9AD1812] aswMon2.SYS

AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_DEVICE_CHANGE [B9AD1812] aswMon2.SYS

AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_QUERY_QUOTA [B9AD1812] aswMon2.SYS

AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_SET_QUOTA [B9AD1812] aswMon2.SYS

AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_CREATE [B9AD1812] aswMon2.SYS

AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_CREATE_NAMED_PIPE [B9AD1812] aswMon2.SYS

AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_CLOSE [B9AD1812] aswMon2.SYS

AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_READ [B9AD1812] aswMon2.SYS

AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_WRITE [B9AD1812] aswMon2.SYS

AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_QUERY_INFORMATION [B9AD1812] aswMon2.SYS

AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_SET_INFORMATION [B9AD1812] aswMon2.SYS

AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_QUERY_EA [B9AD1812] aswMon2.SYS

AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_SET_EA [B9AD1812] aswMon2.SYS

AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_FLUSH_BUFFERS [B9AD1812] aswMon2.SYS

AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_QUERY_VOLUME_INFORMATION [B9AD1812] aswMon2.SYS

AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_SET_VOLUME_INFORMATION [B9AD1812] aswMon2.SYS

AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_DIRECTORY_CONTROL [B9AD1812] aswMon2.SYS

AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_FILE_SYSTEM_CONTROL [B9AD2F74] aswMon2.SYS

AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_DEVICE_CONTROL [B9AD1812] aswMon2.SYS

AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_INTERNAL_DEVICE_CONTROL [B9AD1812] aswMon2.SYS

AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_SHUTDOWN [B9AD1812] aswMon2.SYS

AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_LOCK_CONTROL [B9AD1812] aswMon2.SYS

AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_CLEANUP [B9AD1812] aswMon2.SYS

AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_CREATE_MAILSLOT [B9AD1812] aswMon2.SYS

AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_QUERY_SECURITY [B9AD1812] aswMon2.SYS

AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_SET_SECURITY [B9AD1812] aswMon2.SYS

AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_POWER [B9AD1812] aswMon2.SYS

AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_SYSTEM_CONTROL [B9AD1812] aswMon2.SYS

AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_DEVICE_CHANGE [B9AD1812] aswMon2.SYS

AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_QUERY_QUOTA [B9AD1812] aswMon2.SYS

AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_SET_QUOTA [B9AD1812] aswMon2.SYS


---- Files - GMER 1.0.13 ----


ADS C:\Documents and Settings\Admin\Menu Start\Programy\Akcesoria\Kreator zgodno:KAVICHS                     

ADS C:\Documents and Settings\Admin\Menu Start\Programy\Akcesoria\Ksi:KAVICHS                                

ADS C:\Documents and Settings\Admin\Menu Start\Programy\Akcesoria\U:KAVICHS                                  

ADS C:\Documents and Settings\Admin\Menu Start\Programy\Akcesoria\U:KAVICHS                                  

ADS C:\Documents and Settings\Admin\Menu Start\Programy\Akcesoria\U:KAVICHS                                  

ADS C:\Documents and Settings\Admin\Menu Start\Programy\Akcesoria\U:KAVICHS                                  

ADS C:\Documents and Settings\Admin\Ulubione\:KAVICHS                                                        

ADS C:\Documents and Settings\Admin\Ulubione\:KAVICHS                                                        

ADS C:\Documents and Settings\Admin\Ulubione\:KAVICHS                                                        

ADS C:\Documents and Settings\Admin\Ulubione\:KAVICHS                                                        

ADS C:\Documents and Settings\All Users\Menu Start\Okre:KAVICHS                                              

ADS C:\Documents and Settings\All Users\Menu Start\Programy\Akcesoria\Komunikacja\Kreator nowego po:KAVICHS  

ADS C:\Documents and Settings\All Users\Menu Start\Programy\Akcesoria\Komunikacja\Pod:KAVICHS                

ADS C:\Documents and Settings\All Users\Menu Start\Programy\Akcesoria\Komunikacja\Po:KAVICHS                 

ADS C:\Documents and Settings\All Users\Menu Start\Programy\Akcesoria\Narz:KAVICHS                           

ADS C:\Documents and Settings\All Users\Menu Start\Programy\Akcesoria\Narz:KAVICHS                           

ADS C:\Documents and Settings\All Users\Menu Start\Programy\Akcesoria\Narz:KAVICHS                           

ADS C:\Documents and Settings\All Users\Menu Start\Programy\Akcesoria\Narz:KAVICHS                           

ADS C:\Documents and Settings\All Users\Menu Start\Programy\Akcesoria\Narz:KAVICHS                           

ADS C:\Documents and Settings\All Users\Menu Start\Programy\Akcesoria\Narz:KAVICHS                           

ADS C:\Documents and Settings\All Users\Menu Start\Programy\Akcesoria\Narz:KAVICHS                           

ADS C:\Documents and Settings\All Users\Menu Start\Programy\Akcesoria\Narz:KAVICHS                           

ADS C:\Documents and Settings\All Users\Menu Start\Programy\Akcesoria\Rozrywka\Regulacja g:KAVICHS           

ADS C:\Documents and Settings\All Users\Menu Start\Programy\Akcesoria\Rozrywka\Rejestrator d:KAVICHS         

ADS C:\Documents and Settings\All Users\Menu Start\Programy\Akcesoria\U:KAVICHS                              

ADS C:\Documents and Settings\All Users\Menu Start\Programy\Akcesoria\U:KAVICHS                              

ADS C:\Documents and Settings\All Users\Menu Start\Programy\Gry\Pasjans - Paj:KAVICHS                        

ADS C:\Documents and Settings\All Users\Menu Start\Programy\Narz:KAVICHS                                     

ADS C:\Documents and Settings\All Users\Menu Start\Programy\Narz:KAVICHS                                     

ADS C:\WINDOWS\Media\Windows XP - B:KAVICHS                                                                 

ADS C:\WINDOWS\Media\Windows XP - B:KAVICHS                                                                  

ADS C:\WINDOWS\Media\Windows XP - Dodanie sprz:KAVICHS                                                       

ADS C:\WINDOWS\Media\Windows XP - Usuni:KAVICHS                                                              

ADS C:\WINDOWS\Media\Windows XP - Zamkni:KAVICHS                                                             


---- EOF - GMER 1.0.13 ----

PerAspera · 28 Czerwiec 2007 19:22

"Admin" - 2007-06-28 21:19:50 - ComboFix 07-06-27.7 - Dodatek Service Pack. 1 NTFS

qrczak13 · 28 Czerwiec 2007 21:11

Usuń w HJT.

Ściągasz Pocket Killbox,

zaznaczasz Delete on reboot , w polu Full Path of File to Delete wklej ścieżkę:

C:\WINDOWS\system32\msssc.dll

i naciskasz X czerwony. Program poprosi o restart kompa, co robisz.

Nowy log z combofix.

PerAspera · 29 Czerwiec 2007 09:40

"Admin" - 2007-06-29 11:37:15 - ComboFix 07-06-27.7 - Dodatek Service Pack. 1 NTFS

adam9870 · 29 Czerwiec 2007 10:12

Już jest ok.

Drobna kosmetyka:

Panel sterowania => Java Plug-in => Update => odznacz opcję Check for updates automatically.

Jeśli nie korzystasz z zaawansowanych usług tekstowych to je wyłącz: Panel sterowania => Opcje regionalne => Języki => Szczegóły => Zaawansowane => zaznacz wyłącz zaawansowane usługi tekstowe.

Start => uruchom => msconfig => zakładka Uruchamianie => możesz odznaczyć w/w wpis jeśli nie jest Ci potrzebny.

Dodatkowo proponuję usunąć aplikację dostępową neostrady, a połączenie skonfigurować ręcznie: http://forum.dobreprogramy.pl/viewtopic.php?t=91864