Zwolnienie przy starcie + wyskakujace okienko Symantec

Mam problem z uruchamianiem systemu, nagle nardzo zwolnil.

druga sprawa to: kiedy klikam prawym klawiszem myszy na jakiakolwiek

ikonke wyskakuje mi okienko:

symantec sntivirus, a w nim-

wait Windows configures Symantec Antivirus

potem kolejne okienko-

the feature you tryig to use is on a network resource that is unavailable.

potem musze kazdorazowo klikac cancel, po czym wyskakuje error 1706 ,

windows installer nie moze byc kontynuowany.

klikam OK

i dopiero teraz pojawia sie opcja ktora chcialem uzyc na samym poczatku.

skad mi sie to wzielo???

mozecie cos zaradzic?

Proszę zastosować się do zaleceń zawartych w TYM temacie. W przeciwnym wypadku temat zostanie usunięty.

usuń wpisy HJT

Daj log z ComboFix

jakby to powiedziec … nie moge znalezc wpisow HJT

albo moze dosc niekumaty jestem

Zaznaczyć wskazane wpisy w Hijacku i kliknąć Fix checked. Wpisy zostaną usunięte.

rozumiem ze mam usunac wszystkie wpisy ktore zawarles w cytacie?

Złączono Posta : 25.11.2007 (Nie) 17:42

Złączono Posta : 25.11.2007 (Nie) 18:14

teraz net odpala mi sie w iscie zolwim tempie…

co dalej?

Złączono Posta : 25.11.2007 (Nie) 18:18

prosze pomozcie mi jakos…

Najpierw automat:

Pobierz program SDFix

zastosowalem porady i nic, wciaz to samo…

odpalanie wolne

net koszmarnie

i po prawokliku zawsze wyskakuje okienko Symanteka…

trzeba do naprawy pojsc,

ale dzieki za chec pomocy i porady! !!

Gdzie log z SDFix

Pobierz Gmer

  1. Rootkit=>szukaj=>bez zaznaczania pokaż wszystko=> Ctrl + V do posta wklej

  2. Rootkit => zaznaczone tylko Pokazuj wszystko + Usługi => Szukaj => Kopiuj => Ctrl + V do posta wklej

Ponieważ był, jest:

GMER 1.0.13.12551 - http://www.gmer.net

Rootkit scan 2007-11-26 19:35:32

Windows 5.1.2600 Service Pack 2

---- System - GMER 1.0.13 ----

SSDT ??\C:\WINDOWS\system32\drivers\srosa.sys ZwEnumerateKey

SSDT ??\C:\WINDOWS\system32\drivers\srosa.sys ZwEnumerateValueKey

SSDT ??\C:\WINDOWS\system32\drivers\srosa.sys ZwQueryDirectoryFile

SSDT ??\C:\WINDOWS\system32\drivers\srosa.sys ZwQuerySystemInformation

---- Devices - GMER 1.0.13 ----

Device \FileSystem\Ntfs \Ntfs IRP_MJ_CREATE 86FD11E8

Device \FileSystem\Ntfs \Ntfs IRP_MJ_CLOSE 86FD11E8

Device \FileSystem\Ntfs \Ntfs IRP_MJ_READ 86FD11E8

Device \FileSystem\Ntfs \Ntfs IRP_MJ_WRITE 86FD11E8

Device \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_INFORMATION 86FD11E8

Device \FileSystem\Ntfs \Ntfs IRP_MJ_SET_INFORMATION 86FD11E8

Device \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_EA 86FD11E8

Device \FileSystem\Ntfs \Ntfs IRP_MJ_SET_EA 86FD11E8

Device \FileSystem\Ntfs \Ntfs IRP_MJ_FLUSH_BUFFERS 86FD11E8

Device \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_VOLUME_INFORMATION 86FD11E8

Device \FileSystem\Ntfs \Ntfs IRP_MJ_SET_VOLUME_INFORMATION 86FD11E8

Device \FileSystem\Ntfs \Ntfs IRP_MJ_DIRECTORY_CONTROL 86FD11E8

Device \FileSystem\Ntfs \Ntfs IRP_MJ_FILE_SYSTEM_CONTROL 86FD11E8

Device \FileSystem\Ntfs \Ntfs IRP_MJ_DEVICE_CONTROL 86FD11E8

Device \FileSystem\Ntfs \Ntfs IRP_MJ_SHUTDOWN 86FD11E8

Device \FileSystem\Ntfs \Ntfs IRP_MJ_LOCK_CONTROL 86FD11E8

Device \FileSystem\Ntfs \Ntfs IRP_MJ_CLEANUP 86FD11E8

Device \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_SECURITY 86FD11E8

Device \FileSystem\Ntfs \Ntfs IRP_MJ_SET_SECURITY 86FD11E8

Device \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_QUOTA 86FD11E8

Device \FileSystem\Ntfs \Ntfs IRP_MJ_SET_QUOTA 86FD11E8

Device \FileSystem\Ntfs \Ntfs IRP_MJ_PNP 86FD11E8

AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_CREATE [AAF3E190] SYMEVENT.SYS

AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_CREATE_NAMED_PIPE [AAF3E190] SYMEVENT.SYS

AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_CLOSE [AAF3E190] SYMEVENT.SYS

AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_READ [AAF3DF20] SYMEVENT.SYS

AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_WRITE [AAF3E230] SYMEVENT.SYS

AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_INFORMATION [AAF3E190] SYMEVENT.SYS

AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_SET_INFORMATION [AAF3E190] SYMEVENT.SYS

AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_EA [AAF3E190] SYMEVENT.SYS

AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_SET_EA [AAF3E190] SYMEVENT.SYS

AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_FLUSH_BUFFERS [AAF3E190] SYMEVENT.SYS

AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_VOLUME_INFORMATION [AAF3E190] SYMEVENT.SYS

AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_SET_VOLUME_INFORMATION [AAF3E190] SYMEVENT.SYS

AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_DIRECTORY_CONTROL [AAF3E190] SYMEVENT.SYS

AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_FILE_SYSTEM_CONTROL [AAF3E190] SYMEVENT.SYS

AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_DEVICE_CONTROL [AAF3E190] SYMEVENT.SYS

AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_INTERNAL_DEVICE_CONTROL [AAF3E190] SYMEVENT.SYS

AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_SHUTDOWN [AAF3E190] SYMEVENT.SYS

AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_LOCK_CONTROL [AAF3E190] SYMEVENT.SYS

AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_CLEANUP [AAF3E190] SYMEVENT.SYS

AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_CREATE_MAILSLOT [AAF3E190] SYMEVENT.SYS

AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_SECURITY [AAF3E190] SYMEVENT.SYS

AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_SET_SECURITY [AAF3E190] SYMEVENT.SYS

AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_POWER [AAF3E190] SYMEVENT.SYS

AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_SYSTEM_CONTROL [AAF3E190] SYMEVENT.SYS

AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_DEVICE_CHANGE [AAF3E190] SYMEVENT.SYS

AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_QUOTA [AAF3E190] SYMEVENT.SYS

AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_SET_QUOTA [AAF3E190] SYMEVENT.SYS

AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_CREATE [AADAF7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_CREATE_NAMED_PIPE [AADAF7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_CLOSE [AADAF7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_READ [AADAF7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_WRITE [AADAF7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_QUERY_INFORMATION [AADAF7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_SET_INFORMATION [AADAF7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_QUERY_EA [AADAF7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_SET_EA [AADAF7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_FLUSH_BUFFERS [AADAF7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_QUERY_VOLUME_INFORMATION [AADAF7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_SET_VOLUME_INFORMATION [AADAF7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_DIRECTORY_CONTROL [AADAF7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_FILE_SYSTEM_CONTROL [AADAF7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_DEVICE_CONTROL [AADAF7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_INTERNAL_DEVICE_CONTROL [AADAF7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_SHUTDOWN [AADAF7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_LOCK_CONTROL [AADAF7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_CLEANUP [AADAF7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_CREATE_MAILSLOT [AADAF7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_QUERY_SECURITY [AADAF7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_SET_SECURITY [AADAF7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_POWER [AADAF7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_SYSTEM_CONTROL [AADAF7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_DEVICE_CHANGE [AADAF7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_QUERY_QUOTA [AADAF7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_SET_QUOTA [AADAF7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_CREATE [AADAF7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_CREATE_NAMED_PIPE [AADAF7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_CLOSE [AADAF7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_READ [AADAF7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_WRITE [AADAF7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_QUERY_INFORMATION [AADAF7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_SET_INFORMATION [AADAF7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_QUERY_EA [AADAF7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_SET_EA [AADAF7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_FLUSH_BUFFERS [AADAF7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_QUERY_VOLUME_INFORMATION [AADAF7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_SET_VOLUME_INFORMATION [AADAF7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_DIRECTORY_CONTROL [AADAF7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_FILE_SYSTEM_CONTROL [AADAF7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_DEVICE_CONTROL [AADAF7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_INTERNAL_DEVICE_CONTROL [AADAF7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_SHUTDOWN [AADAF7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_LOCK_CONTROL [AADAF7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_CLEANUP [AADAF7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_CREATE_MAILSLOT [AADAF7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_QUERY_SECURITY [AADAF7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_SET_SECURITY [AADAF7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_POWER [AADAF7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_SYSTEM_CONTROL [AADAF7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_DEVICE_CHANGE [AADAF7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_QUERY_QUOTA [AADAF7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_SET_QUOTA [AADAF7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_CREATE [AADAF7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_CREATE_NAMED_PIPE [AADAF7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_CLOSE [AADAF7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_READ [AADAF7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_WRITE [AADAF7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_QUERY_INFORMATION [AADAF7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_SET_INFORMATION [AADAF7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_QUERY_EA [AADAF7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_SET_EA [AADAF7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_FLUSH_BUFFERS [AADAF7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_QUERY_VOLUME_INFORMATION [AADAF7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_SET_VOLUME_INFORMATION [AADAF7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_DIRECTORY_CONTROL [AADAF7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_FILE_SYSTEM_CONTROL [AADAF7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_DEVICE_CONTROL [AADAF7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_INTERNAL_DEVICE_CONTROL [AADAF7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_SHUTDOWN [AADAF7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_LOCK_CONTROL [AADAF7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_CLEANUP [AADAF7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_CREATE_MAILSLOT [AADAF7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_QUERY_SECURITY [AADAF7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_SET_SECURITY [AADAF7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_POWER [AADAF7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_SYSTEM_CONTROL [AADAF7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_DEVICE_CHANGE [AADAF7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_QUERY_QUOTA [AADAF7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_SET_QUOTA [AADAF7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_CREATE [AADAF7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_CREATE_NAMED_PIPE [AADAF7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_CLOSE [AADAF7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_READ [AADAF7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_WRITE [AADAF7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_QUERY_INFORMATION [AADAF7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_SET_INFORMATION [AADAF7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_QUERY_EA [AADAF7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_SET_EA [AADAF7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_FLUSH_BUFFERS [AADAF7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_QUERY_VOLUME_INFORMATION [AADAF7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_SET_VOLUME_INFORMATION [AADAF7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_DIRECTORY_CONTROL [AADAF7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_FILE_SYSTEM_CONTROL [AADAF7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_DEVICE_CONTROL [AADAF7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_INTERNAL_DEVICE_CONTROL [AADAF7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_SHUTDOWN [AADAF7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_LOCK_CONTROL [AADAF7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_CLEANUP [AADAF7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_CREATE_MAILSLOT [AADAF7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_QUERY_SECURITY [AADAF7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_SET_SECURITY [AADAF7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_POWER [AADAF7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_SYSTEM_CONTROL [AADAF7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_DEVICE_CHANGE [AADAF7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_QUERY_QUOTA [AADAF7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_SET_QUOTA [AADAF7CF] SYMTDI.SYS

---- Processes - GMER 1.0.13 ----

Process C:\WINDOWS\system32\drivers\hidr.exe (*** hidden *** ) 1476

---- EOF - GMER 1.0.13 ----

Złączono Posta : 26.11.2007 (Pon) 19:39

nie wiem czy tak mialem wpisac???

Otwierasz Gmera >>> przechodzisz do nowej zakładki o nazwie CMD i tutaj w oknie CMD wklej ten zestaw komend:

Przejść do Procesów i opcja Zabij Wszystko. Powrócić do okna CMD i wcisnąć Uruchom

po tym :

  1. Rootkit=>szukaj=>bez zaznaczania pokaż wszystko=> Ctrl + V do posta wklej

  2. Rootkit => zaznaczone tylko Pokazuj wszystko + Usługi => Szukaj => Kopiuj => Ctrl + V do posta wklej

GMER 1.0.13.12551 - http://www.gmer.net

Rootkit scan 2007-11-26 20:28:18

Windows 5.1.2600 Service Pack 2

---- System - GMER 1.0.13 ----

SSDT ??\C:\WINDOWS\system32\drivers\srosa.sys ZwEnumerateKey

SSDT ??\C:\WINDOWS\system32\drivers\srosa.sys ZwEnumerateValueKey

SSDT ??\C:\WINDOWS\system32\drivers\srosa.sys ZwQueryDirectoryFile

SSDT ??\C:\WINDOWS\system32\drivers\srosa.sys ZwQuerySystemInformation

Device \FileSystem\Ntfs \Ntfs IRP_MJ_CREATE 86FD11E8

Device \FileSystem\Ntfs \Ntfs IRP_MJ_CLOSE 86FD11E8

Device \FileSystem\Ntfs \Ntfs IRP_MJ_READ 86FD11E8

Device \FileSystem\Ntfs \Ntfs IRP_MJ_WRITE 86FD11E8

Device \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_INFORMATION 86FD11E8

Device \FileSystem\Ntfs \Ntfs IRP_MJ_SET_INFORMATION 86FD11E8

Device \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_EA 86FD11E8

Device \FileSystem\Ntfs \Ntfs IRP_MJ_SET_EA 86FD11E8

Device \FileSystem\Ntfs \Ntfs IRP_MJ_FLUSH_BUFFERS 86FD11E8

Device \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_VOLUME_INFORMATION 86FD11E8

Device \FileSystem\Ntfs \Ntfs IRP_MJ_SET_VOLUME_INFORMATION 86FD11E8

Device \FileSystem\Ntfs \Ntfs IRP_MJ_DIRECTORY_CONTROL 86FD11E8

Device \FileSystem\Ntfs \Ntfs IRP_MJ_FILE_SYSTEM_CONTROL 86FD11E8

Device \FileSystem\Ntfs \Ntfs IRP_MJ_DEVICE_CONTROL 86FD11E8

Device \FileSystem\Ntfs \Ntfs IRP_MJ_SHUTDOWN 86FD11E8

Device \FileSystem\Ntfs \Ntfs IRP_MJ_LOCK_CONTROL 86FD11E8

Device \FileSystem\Ntfs \Ntfs IRP_MJ_CLEANUP 86FD11E8

Device \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_SECURITY 86FD11E8

Device \FileSystem\Ntfs \Ntfs IRP_MJ_SET_SECURITY 86FD11E8

Device \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_QUOTA 86FD11E8

Device \FileSystem\Ntfs \Ntfs IRP_MJ_SET_QUOTA 86FD11E8

Device \FileSystem\Ntfs \Ntfs IRP_MJ_PNP 86FD11E8

AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_CREATE [AAF3E190] SYMEVENT.SYS

AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_CREATE_NAMED_PIPE [AAF3E190] SYMEVENT.SYS

AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_CLOSE [AAF3E190] SYMEVENT.SYS

AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_READ [AAF3DF20] SYMEVENT.SYS

AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_WRITE [AAF3E230] SYMEVENT.SYS

AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_INFORMATION [AAF3E190] SYMEVENT.SYS

AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_SET_INFORMATION [AAF3E190] SYMEVENT.SYS

AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_EA [AAF3E190] SYMEVENT.SYS

AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_SET_EA [AAF3E190] SYMEVENT.SYS

AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_FLUSH_BUFFERS [AAF3E190] SYMEVENT.SYS

AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_VOLUME_INFORMATION [AAF3E190] SYMEVENT.SYS

AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_SET_VOLUME_INFORMATION [AAF3E190] SYMEVENT.SYS

AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_DIRECTORY_CONTROL [AAF3E190] SYMEVENT.SYS

AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_FILE_SYSTEM_CONTROL [AAF3E190] SYMEVENT.SYS

AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_DEVICE_CONTROL [AAF3E190] SYMEVENT.SYS

AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_INTERNAL_DEVICE_CONTROL [AAF3E190] SYMEVENT.SYS

AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_SHUTDOWN [AAF3E190] SYMEVENT.SYS

AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_LOCK_CONTROL [AAF3E190] SYMEVENT.SYS

AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_CLEANUP [AAF3E190] SYMEVENT.SYS

AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_CREATE_MAILSLOT [AAF3E190] SYMEVENT.SYS

AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_SECURITY [AAF3E190] SYMEVENT.SYS

AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_SET_SECURITY [AAF3E190] SYMEVENT.SYS

AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_POWER [AAF3E190] SYMEVENT.SYS

AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_SYSTEM_CONTROL [AAF3E190] SYMEVENT.SYS

AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_DEVICE_CHANGE [AAF3E190] SYMEVENT.SYS

AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_QUOTA [AAF3E190] SYMEVENT.SYS

AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_SET_QUOTA [AAF3E190] SYMEVENT.SYS

AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_CREATE [AAD977CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_CREATE_NAMED_PIPE [AAD977CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_CLOSE [AAD977CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_READ [AAD977CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_WRITE [AAD977CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_QUERY_INFORMATION [AAD977CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_SET_INFORMATION [AAD977CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_QUERY_EA [AAD977CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_SET_EA [AAD977CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_FLUSH_BUFFERS [AAD977CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_QUERY_VOLUME_INFORMATION [AAD977CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_SET_VOLUME_INFORMATION [AAD977CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_DIRECTORY_CONTROL [AAD977CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_FILE_SYSTEM_CONTROL [AAD977CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_DEVICE_CONTROL [AAD977CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_INTERNAL_DEVICE_CONTROL [AAD977CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_SHUTDOWN [AAD977CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_LOCK_CONTROL [AAD977CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_CLEANUP [AAD977CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_CREATE_MAILSLOT [AAD977CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_QUERY_SECURITY [AAD977CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_SET_SECURITY [AAD977CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_POWER [AAD977CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_SYSTEM_CONTROL [AAD977CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_DEVICE_CHANGE [AAD977CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_QUERY_QUOTA [AAD977CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_SET_QUOTA [AAD977CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_CREATE [AAD977CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_CREATE_NAMED_PIPE [AAD977CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_CLOSE [AAD977CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_READ [AAD977CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_WRITE [AAD977CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_QUERY_INFORMATION [AAD977CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_SET_INFORMATION [AAD977CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_QUERY_EA [AAD977CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_SET_EA [AAD977CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_FLUSH_BUFFERS [AAD977CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_QUERY_VOLUME_INFORMATION [AAD977CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_SET_VOLUME_INFORMATION [AAD977CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_DIRECTORY_CONTROL [AAD977CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_FILE_SYSTEM_CONTROL [AAD977CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_DEVICE_CONTROL [AAD977CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_INTERNAL_DEVICE_CONTROL [AAD977CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_SHUTDOWN [AAD977CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_LOCK_CONTROL [AAD977CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_CLEANUP [AAD977CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_CREATE_MAILSLOT [AAD977CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_QUERY_SECURITY [AAD977CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_SET_SECURITY [AAD977CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_POWER [AAD977CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_SYSTEM_CONTROL [AAD977CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_DEVICE_CHANGE [AAD977CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_QUERY_QUOTA [AAD977CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_SET_QUOTA [AAD977CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_CREATE [AAD977CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_CREATE_NAMED_PIPE [AAD977CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_CLOSE [AAD977CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_READ [AAD977CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_WRITE [AAD977CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_QUERY_INFORMATION [AAD977CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_SET_INFORMATION [AAD977CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_QUERY_EA [AAD977CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_SET_EA [AAD977CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_FLUSH_BUFFERS [AAD977CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_QUERY_VOLUME_INFORMATION [AAD977CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_SET_VOLUME_INFORMATION [AAD977CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_DIRECTORY_CONTROL [AAD977CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_FILE_SYSTEM_CONTROL [AAD977CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_DEVICE_CONTROL [AAD977CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_INTERNAL_DEVICE_CONTROL [AAD977CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_SHUTDOWN [AAD977CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_LOCK_CONTROL [AAD977CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_CLEANUP [AAD977CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_CREATE_MAILSLOT [AAD977CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_QUERY_SECURITY [AAD977CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_SET_SECURITY [AAD977CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_POWER [AAD977CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_SYSTEM_CONTROL [AAD977CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_DEVICE_CHANGE [AAD977CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_QUERY_QUOTA [AAD977CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_SET_QUOTA [AAD977CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_CREATE [AAD977CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_CREATE_NAMED_PIPE [AAD977CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_CLOSE [AAD977CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_READ [AAD977CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_WRITE [AAD977CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_QUERY_INFORMATION [AAD977CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_SET_INFORMATION [AAD977CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_QUERY_EA [AAD977CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_SET_EA [AAD977CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_FLUSH_BUFFERS [AAD977CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_QUERY_VOLUME_INFORMATION [AAD977CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_SET_VOLUME_INFORMATION [AAD977CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_DIRECTORY_CONTROL [AAD977CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_FILE_SYSTEM_CONTROL [AAD977CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_DEVICE_CONTROL [AAD977CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_INTERNAL_DEVICE_CONTROL [AAD977CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_SHUTDOWN [AAD977CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_LOCK_CONTROL [AAD977CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_CLEANUP [AAD977CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_CREATE_MAILSLOT [AAD977CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_QUERY_SECURITY [AAD977CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_SET_SECURITY [AAD977CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_POWER [AAD977CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_SYSTEM_CONTROL [AAD977CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_DEVICE_CHANGE [AAD977CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_QUERY_QUOTA [AAD977CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_SET_QUOTA [AAD977CF] SYMTDI.SYS

---- Processes - GMER 1.0.13 ----

Process C:\WINDOWS\system32\drivers\hidr.exe (*** hidden *** ) 1096

---- EOF - GMER 1.0.13 ----

Złączono Posta : 26.11.2007 (Pon) 20:30

zdaje sie ze cos nie wyszlo?

Złączono Posta : 26.11.2007 (Pon) 22:51

chyba nic sie nie dzieje…

nie mam szczesliwej reki do reperacji…

jesli jakis nowy pomysl wam wpadnie to bede wdzieczny…

poki co dzieki!

Otwierasz Gmera >>> przechodzisz do nowej zakładki o nazwie CMD i tutaj w oknie CMD wklej ten zestaw komend:

Przejść do Procesów i opcja Zabij Wszystko. Powrócić do okna CMD i wcisnąć Uruchom

Zrób to dokładnie

zrobilem dokladnie jak kazesz

zabijajac wszystko stopuje wszystkie procesy i zostaje tylko tapeta na monitorze…

nic wiecej sie nie dzieje.

wiec zrestartowalem…

co dalej???

Nowy log z gmera

zanim zamiieszcze loga to jeszcze chcialbym zapytac o neta…

czy problem ktory mam powoduje zacinanie sie ,

tzn. kiedy juz uruchomi sie net jest ok ale np. kiedy klikam na jakis odsylacz to znowu szuka tej strony pare minut…

wpisujac adres w pasek nie mam problemu, ale wlasnie kazdy dodatkowy plik do otwarcia z danej strony czy odsylacz na inna str. powoduje zamulenie…

Złączono Posta : 27.11.2007 (Wto) 0:45

Złączono Posta : 27.11.2007 (Wto) 15:21

czy mam sie juz poddac???

dwa dni walcze i bez efektu…

Złączono Posta : 27.11.2007 (Wto) 15:27

moze chocia uda mi sie przyspieszyc system…

czytalem wczesniej cos o zmianie pamieci wirtualnej chyba??? na 0.

czy taka zmiana moze mi dac troche kopa?

czy jakies minusy wynikaja z tej zmiany???

Złączono Posta : 27.11.2007 (Wto) 17:28

co moge zrobic z wyskakujacym okienkiem symanteka???

kazdy prawoklik wywoluje okienko z tekstem:

“Please wait while windows configures Symantek Antivirus”

potem nastepne :

"the featue you are trying to use is on a network resource that is unavailable.

Clik Ok to trying again , or enter an alternate path to a folder containing the installation package “Symantec Antivirus.msi” in the box below.

Use source:

nie odnajduje na dysku tego pliku z msi.

klikajac OK historia sie powtarza oczywiscie, wiec klikam Cancel.

Kolejne okienko :

Error 1706

nie mozna odnalezc danego produktu…

klikam OK

i dopiero teraz wyskakuje mi opcja prawokliku

(choc czasami zaczyna sie od nowa, nawet dwa trzy razy ta sama historia od pierwszego okienka instalaci Symanteka)

jak sie tego pozbyc???

  1. Rootkit => zaznaczone tylko Pokazuj wszystko + Usługi => Szukaj => Kopiuj => Ctrl + V do posta wklej

Zobacz na instrukcję usuwania: - http://www.megalab.it/articoli.php?id=948&pagina=3

Daj nowy log z Combo

GMER 1.0.13.12551 - http://www.gmer.net

Rootkit scan 2007-11-28 00:44:56

Windows 5.1.2600 Service Pack 2

---- System - GMER 1.0.13 ----

SSDT ??\C:\WINDOWS\system32\drivers\srosa.sys ZwEnumerateKey

SSDT ??\C:\WINDOWS\system32\drivers\srosa.sys ZwEnumerateValueKey

SSDT ??\C:\WINDOWS\system32\drivers\srosa.sys ZwQueryDirectoryFile

SSDT ??\C:\WINDOWS\system32\drivers\srosa.sys ZwQuerySystemInformation

---- Devices - GMER 1.0.13 ----

Device \FileSystem\Ntfs \Ntfs IRP_MJ_CREATE 86FD11E8

Device \FileSystem\Ntfs \Ntfs IRP_MJ_CLOSE 86FD11E8

Device \FileSystem\Ntfs \Ntfs IRP_MJ_READ 86FD11E8

Device \FileSystem\Ntfs \Ntfs IRP_MJ_WRITE 86FD11E8

Device \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_INFORMATION 86FD11E8

Device \FileSystem\Ntfs \Ntfs IRP_MJ_SET_INFORMATION 86FD11E8

Device \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_EA 86FD11E8

Device \FileSystem\Ntfs \Ntfs IRP_MJ_SET_EA 86FD11E8

Device \FileSystem\Ntfs \Ntfs IRP_MJ_FLUSH_BUFFERS 86FD11E8

Device \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_VOLUME_INFORMATION 86FD11E8

Device \FileSystem\Ntfs \Ntfs IRP_MJ_SET_VOLUME_INFORMATION 86FD11E8

Device \FileSystem\Ntfs \Ntfs IRP_MJ_DIRECTORY_CONTROL 86FD11E8

Device \FileSystem\Ntfs \Ntfs IRP_MJ_FILE_SYSTEM_CONTROL 86FD11E8

Device \FileSystem\Ntfs \Ntfs IRP_MJ_DEVICE_CONTROL 86FD11E8

Device \FileSystem\Ntfs \Ntfs IRP_MJ_SHUTDOWN 86FD11E8

Device \FileSystem\Ntfs \Ntfs IRP_MJ_LOCK_CONTROL 86FD11E8

Device \FileSystem\Ntfs \Ntfs IRP_MJ_CLEANUP 86FD11E8

Device \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_SECURITY 86FD11E8

Device \FileSystem\Ntfs \Ntfs IRP_MJ_SET_SECURITY 86FD11E8

Device \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_QUOTA 86FD11E8

Device \FileSystem\Ntfs \Ntfs IRP_MJ_SET_QUOTA 86FD11E8

Device \FileSystem\Ntfs \Ntfs IRP_MJ_PNP 86FD11E8

AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_CREATE [AAF3E190] SYMEVENT.SYS

AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_CREATE_NAMED_PIPE [AAF3E190] SYMEVENT.SYS

AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_CLOSE [AAF3E190] SYMEVENT.SYS

AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_READ [AAF3DF20] SYMEVENT.SYS

AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_WRITE [AAF3E230] SYMEVENT.SYS

AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_INFORMATION [AAF3E190] SYMEVENT.SYS

AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_SET_INFORMATION [AAF3E190] SYMEVENT.SYS

AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_EA [AAF3E190] SYMEVENT.SYS

AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_SET_EA [AAF3E190] SYMEVENT.SYS

AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_FLUSH_BUFFERS [AAF3E190] SYMEVENT.SYS

AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_VOLUME_INFORMATION [AAF3E190] SYMEVENT.SYS

AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_SET_VOLUME_INFORMATION [AAF3E190] SYMEVENT.SYS

AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_DIRECTORY_CONTROL [AAF3E190] SYMEVENT.SYS

AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_FILE_SYSTEM_CONTROL [AAF3E190] SYMEVENT.SYS

AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_DEVICE_CONTROL [AAF3E190] SYMEVENT.SYS

AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_INTERNAL_DEVICE_CONTROL [AAF3E190] SYMEVENT.SYS

AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_SHUTDOWN [AAF3E190] SYMEVENT.SYS

AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_LOCK_CONTROL [AAF3E190] SYMEVENT.SYS

AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_CLEANUP [AAF3E190] SYMEVENT.SYS

AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_CREATE_MAILSLOT [AAF3E190] SYMEVENT.SYS

AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_SECURITY [AAF3E190] SYMEVENT.SYS

AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_SET_SECURITY [AAF3E190] SYMEVENT.SYS

AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_POWER [AAF3E190] SYMEVENT.SYS

AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_SYSTEM_CONTROL [AAF3E190] SYMEVENT.SYS

AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_DEVICE_CHANGE [AAF3E190] SYMEVENT.SYS

AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_QUOTA [AAF3E190] SYMEVENT.SYS

AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_SET_QUOTA [AAF3E190] SYMEVENT.SYS

AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_CREATE [AAD1F7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_CREATE_NAMED_PIPE [AAD1F7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_CLOSE [AAD1F7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_READ [AAD1F7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_WRITE [AAD1F7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_QUERY_INFORMATION [AAD1F7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_SET_INFORMATION [AAD1F7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_QUERY_EA [AAD1F7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_SET_EA [AAD1F7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_FLUSH_BUFFERS [AAD1F7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_QUERY_VOLUME_INFORMATION [AAD1F7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_SET_VOLUME_INFORMATION [AAD1F7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_DIRECTORY_CONTROL [AAD1F7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_FILE_SYSTEM_CONTROL [AAD1F7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_DEVICE_CONTROL [AAD1F7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_INTERNAL_DEVICE_CONTROL [AAD1F7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_SHUTDOWN [AAD1F7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_LOCK_CONTROL [AAD1F7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_CLEANUP [AAD1F7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_CREATE_MAILSLOT [AAD1F7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_QUERY_SECURITY [AAD1F7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_SET_SECURITY [AAD1F7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_POWER [AAD1F7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_SYSTEM_CONTROL [AAD1F7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_DEVICE_CHANGE [AAD1F7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_QUERY_QUOTA [AAD1F7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_SET_QUOTA [AAD1F7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_CREATE [AAD1F7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_CREATE_NAMED_PIPE [AAD1F7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_CLOSE [AAD1F7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_READ [AAD1F7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_WRITE [AAD1F7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_QUERY_INFORMATION [AAD1F7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_SET_INFORMATION [AAD1F7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_QUERY_EA [AAD1F7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_SET_EA [AAD1F7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_FLUSH_BUFFERS [AAD1F7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_QUERY_VOLUME_INFORMATION [AAD1F7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_SET_VOLUME_INFORMATION [AAD1F7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_DIRECTORY_CONTROL [AAD1F7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_FILE_SYSTEM_CONTROL [AAD1F7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_DEVICE_CONTROL [AAD1F7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_INTERNAL_DEVICE_CONTROL [AAD1F7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_SHUTDOWN [AAD1F7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_LOCK_CONTROL [AAD1F7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_CLEANUP [AAD1F7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_CREATE_MAILSLOT [AAD1F7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_QUERY_SECURITY [AAD1F7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_SET_SECURITY [AAD1F7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_POWER [AAD1F7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_SYSTEM_CONTROL [AAD1F7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_DEVICE_CHANGE [AAD1F7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_QUERY_QUOTA [AAD1F7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_SET_QUOTA [AAD1F7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_CREATE [AAD1F7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_CREATE_NAMED_PIPE [AAD1F7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_CLOSE [AAD1F7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_READ [AAD1F7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_WRITE [AAD1F7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_QUERY_INFORMATION [AAD1F7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_SET_INFORMATION [AAD1F7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_QUERY_EA [AAD1F7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_SET_EA [AAD1F7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_FLUSH_BUFFERS [AAD1F7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_QUERY_VOLUME_INFORMATION [AAD1F7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_SET_VOLUME_INFORMATION [AAD1F7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_DIRECTORY_CONTROL [AAD1F7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_FILE_SYSTEM_CONTROL [AAD1F7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_DEVICE_CONTROL [AAD1F7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_INTERNAL_DEVICE_CONTROL [AAD1F7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_SHUTDOWN [AAD1F7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_LOCK_CONTROL [AAD1F7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_CLEANUP [AAD1F7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_CREATE_MAILSLOT [AAD1F7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_QUERY_SECURITY [AAD1F7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_SET_SECURITY [AAD1F7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_POWER [AAD1F7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_SYSTEM_CONTROL [AAD1F7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_DEVICE_CHANGE [AAD1F7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_QUERY_QUOTA [AAD1F7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_SET_QUOTA [AAD1F7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_CREATE [AAD1F7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_CREATE_NAMED_PIPE [AAD1F7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_CLOSE [AAD1F7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_READ [AAD1F7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_WRITE [AAD1F7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_QUERY_INFORMATION [AAD1F7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_SET_INFORMATION [AAD1F7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_QUERY_EA [AAD1F7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_SET_EA [AAD1F7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_FLUSH_BUFFERS [AAD1F7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_QUERY_VOLUME_INFORMATION [AAD1F7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_SET_VOLUME_INFORMATION [AAD1F7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_DIRECTORY_CONTROL [AAD1F7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_FILE_SYSTEM_CONTROL [AAD1F7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_DEVICE_CONTROL [AAD1F7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_INTERNAL_DEVICE_CONTROL [AAD1F7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_SHUTDOWN [AAD1F7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_LOCK_CONTROL [AAD1F7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_CLEANUP [AAD1F7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_CREATE_MAILSLOT [AAD1F7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_QUERY_SECURITY [AAD1F7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_SET_SECURITY [AAD1F7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_POWER [AAD1F7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_SYSTEM_CONTROL [AAD1F7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_DEVICE_CHANGE [AAD1F7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_QUERY_QUOTA [AAD1F7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_SET_QUOTA [AAD1F7CF] SYMTDI.SYS

---- Processes - GMER 1.0.13 ----

Process C:\WINDOWS\system32\drivers\hidr.exe (*** hidden *** ) 932

---- EOF - GMER 1.0.13 ----

GMER 1.0.13.12551 - http://www.gmer.net

Rootkit scan 2007-11-28 00:44:56

Windows 5.1.2600 Service Pack 2

---- System - GMER 1.0.13 ----

SSDT ??\C:\WINDOWS\system32\drivers\srosa.sys ZwEnumerateKey

SSDT ??\C:\WINDOWS\system32\drivers\srosa.sys ZwEnumerateValueKey

SSDT ??\C:\WINDOWS\system32\drivers\srosa.sys ZwQueryDirectoryFile

SSDT ??\C:\WINDOWS\system32\drivers\srosa.sys ZwQuerySystemInformation

---- Devices - GMER 1.0.13 ----

Device \FileSystem\Ntfs \Ntfs IRP_MJ_CREATE 86FD11E8

Device \FileSystem\Ntfs \Ntfs IRP_MJ_CLOSE 86FD11E8

Device \FileSystem\Ntfs \Ntfs IRP_MJ_READ 86FD11E8

Device \FileSystem\Ntfs \Ntfs IRP_MJ_WRITE 86FD11E8

Device \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_INFORMATION 86FD11E8

Device \FileSystem\Ntfs \Ntfs IRP_MJ_SET_INFORMATION 86FD11E8

Device \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_EA 86FD11E8

Device \FileSystem\Ntfs \Ntfs IRP_MJ_SET_EA 86FD11E8

Device \FileSystem\Ntfs \Ntfs IRP_MJ_FLUSH_BUFFERS 86FD11E8

Device \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_VOLUME_INFORMATION 86FD11E8

Device \FileSystem\Ntfs \Ntfs IRP_MJ_SET_VOLUME_INFORMATION 86FD11E8

Device \FileSystem\Ntfs \Ntfs IRP_MJ_DIRECTORY_CONTROL 86FD11E8

Device \FileSystem\Ntfs \Ntfs IRP_MJ_FILE_SYSTEM_CONTROL 86FD11E8

Device \FileSystem\Ntfs \Ntfs IRP_MJ_DEVICE_CONTROL 86FD11E8

Device \FileSystem\Ntfs \Ntfs IRP_MJ_SHUTDOWN 86FD11E8

Device \FileSystem\Ntfs \Ntfs IRP_MJ_LOCK_CONTROL 86FD11E8

Device \FileSystem\Ntfs \Ntfs IRP_MJ_CLEANUP 86FD11E8

Device \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_SECURITY 86FD11E8

Device \FileSystem\Ntfs \Ntfs IRP_MJ_SET_SECURITY 86FD11E8

Device \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_QUOTA 86FD11E8

Device \FileSystem\Ntfs \Ntfs IRP_MJ_SET_QUOTA 86FD11E8

Device \FileSystem\Ntfs \Ntfs IRP_MJ_PNP 86FD11E8

AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_CREATE [AAF3E190] SYMEVENT.SYS

AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_CREATE_NAMED_PIPE [AAF3E190] SYMEVENT.SYS

AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_CLOSE [AAF3E190] SYMEVENT.SYS

AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_READ [AAF3DF20] SYMEVENT.SYS

AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_WRITE [AAF3E230] SYMEVENT.SYS

AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_INFORMATION [AAF3E190] SYMEVENT.SYS

AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_SET_INFORMATION [AAF3E190] SYMEVENT.SYS

AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_EA [AAF3E190] SYMEVENT.SYS

AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_SET_EA [AAF3E190] SYMEVENT.SYS

AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_FLUSH_BUFFERS [AAF3E190] SYMEVENT.SYS

AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_VOLUME_INFORMATION [AAF3E190] SYMEVENT.SYS

AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_SET_VOLUME_INFORMATION [AAF3E190] SYMEVENT.SYS

AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_DIRECTORY_CONTROL [AAF3E190] SYMEVENT.SYS

AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_FILE_SYSTEM_CONTROL [AAF3E190] SYMEVENT.SYS

AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_DEVICE_CONTROL [AAF3E190] SYMEVENT.SYS

AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_INTERNAL_DEVICE_CONTROL [AAF3E190] SYMEVENT.SYS

AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_SHUTDOWN [AAF3E190] SYMEVENT.SYS

AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_LOCK_CONTROL [AAF3E190] SYMEVENT.SYS

AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_CLEANUP [AAF3E190] SYMEVENT.SYS

AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_CREATE_MAILSLOT [AAF3E190] SYMEVENT.SYS

AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_SECURITY [AAF3E190] SYMEVENT.SYS

AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_SET_SECURITY [AAF3E190] SYMEVENT.SYS

AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_POWER [AAF3E190] SYMEVENT.SYS

AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_SYSTEM_CONTROL [AAF3E190] SYMEVENT.SYS

AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_DEVICE_CHANGE [AAF3E190] SYMEVENT.SYS

AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_QUOTA [AAF3E190] SYMEVENT.SYS

AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_SET_QUOTA [AAF3E190] SYMEVENT.SYS

AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_CREATE [AAD1F7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_CREATE_NAMED_PIPE [AAD1F7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_CLOSE [AAD1F7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_READ [AAD1F7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_WRITE [AAD1F7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_QUERY_INFORMATION [AAD1F7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_SET_INFORMATION [AAD1F7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_QUERY_EA [AAD1F7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_SET_EA [AAD1F7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_FLUSH_BUFFERS [AAD1F7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_QUERY_VOLUME_INFORMATION [AAD1F7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_SET_VOLUME_INFORMATION [AAD1F7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_DIRECTORY_CONTROL [AAD1F7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_FILE_SYSTEM_CONTROL [AAD1F7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_DEVICE_CONTROL [AAD1F7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_INTERNAL_DEVICE_CONTROL [AAD1F7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_SHUTDOWN [AAD1F7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_LOCK_CONTROL [AAD1F7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_CLEANUP [AAD1F7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_CREATE_MAILSLOT [AAD1F7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_QUERY_SECURITY [AAD1F7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_SET_SECURITY [AAD1F7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_POWER [AAD1F7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_SYSTEM_CONTROL [AAD1F7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_DEVICE_CHANGE [AAD1F7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_QUERY_QUOTA [AAD1F7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_SET_QUOTA [AAD1F7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_CREATE [AAD1F7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_CREATE_NAMED_PIPE [AAD1F7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_CLOSE [AAD1F7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_READ [AAD1F7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_WRITE [AAD1F7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_QUERY_INFORMATION [AAD1F7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_SET_INFORMATION [AAD1F7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_QUERY_EA [AAD1F7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_SET_EA [AAD1F7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_FLUSH_BUFFERS [AAD1F7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_QUERY_VOLUME_INFORMATION [AAD1F7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_SET_VOLUME_INFORMATION [AAD1F7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_DIRECTORY_CONTROL [AAD1F7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_FILE_SYSTEM_CONTROL [AAD1F7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_DEVICE_CONTROL [AAD1F7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_INTERNAL_DEVICE_CONTROL [AAD1F7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_SHUTDOWN [AAD1F7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_LOCK_CONTROL [AAD1F7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_CLEANUP [AAD1F7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_CREATE_MAILSLOT [AAD1F7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_QUERY_SECURITY [AAD1F7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_SET_SECURITY [AAD1F7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_POWER [AAD1F7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_SYSTEM_CONTROL [AAD1F7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_DEVICE_CHANGE [AAD1F7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_QUERY_QUOTA [AAD1F7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_SET_QUOTA [AAD1F7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_CREATE [AAD1F7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_CREATE_NAMED_PIPE [AAD1F7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_CLOSE [AAD1F7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_READ [AAD1F7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_WRITE [AAD1F7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_QUERY_INFORMATION [AAD1F7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_SET_INFORMATION [AAD1F7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_QUERY_EA [AAD1F7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_SET_EA [AAD1F7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_FLUSH_BUFFERS [AAD1F7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_QUERY_VOLUME_INFORMATION [AAD1F7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_SET_VOLUME_INFORMATION [AAD1F7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_DIRECTORY_CONTROL [AAD1F7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_FILE_SYSTEM_CONTROL [AAD1F7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_DEVICE_CONTROL [AAD1F7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_INTERNAL_DEVICE_CONTROL [AAD1F7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_SHUTDOWN [AAD1F7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_LOCK_CONTROL [AAD1F7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_CLEANUP [AAD1F7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_CREATE_MAILSLOT [AAD1F7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_QUERY_SECURITY [AAD1F7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_SET_SECURITY [AAD1F7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_POWER [AAD1F7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_SYSTEM_CONTROL [AAD1F7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_DEVICE_CHANGE [AAD1F7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_QUERY_QUOTA [AAD1F7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_SET_QUOTA [AAD1F7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_CREATE [AAD1F7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_CREATE_NAMED_PIPE [AAD1F7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_CLOSE [AAD1F7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_READ [AAD1F7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_WRITE [AAD1F7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_QUERY_INFORMATION [AAD1F7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_SET_INFORMATION [AAD1F7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_QUERY_EA [AAD1F7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_SET_EA [AAD1F7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_FLUSH_BUFFERS [AAD1F7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_QUERY_VOLUME_INFORMATION [AAD1F7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_SET_VOLUME_INFORMATION [AAD1F7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_DIRECTORY_CONTROL [AAD1F7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_FILE_SYSTEM_CONTROL [AAD1F7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_DEVICE_CONTROL [AAD1F7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_INTERNAL_DEVICE_CONTROL [AAD1F7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_SHUTDOWN [AAD1F7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_LOCK_CONTROL [AAD1F7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_CLEANUP [AAD1F7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_CREATE_MAILSLOT [AAD1F7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_QUERY_SECURITY [AAD1F7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_SET_SECURITY [AAD1F7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_POWER [AAD1F7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_SYSTEM_CONTROL [AAD1F7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_DEVICE_CHANGE [AAD1F7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_QUERY_QUOTA [AAD1F7CF] SYMTDI.SYS

AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_SET_QUOTA [AAD1F7CF] SYMTDI.SYS

---- Processes - GMER 1.0.13 ----

Process C:\WINDOWS\system32\drivers\hidr.exe (*** hidden *** ) 932

---- EOF - GMER 1.0.13 ----

Pobierz The Avenger. Wypakuj => uruchom => zaznacz opcję Input script manually => kliknij w taką lupkę => w okienku, które się otworzy wklej:

kliknij klawisz Done => teraz kliknij na zielone światełko => powinna pojawić się pewna informacja i kliknij OK (teraz restart).

Daj log z ComboFix

Logfile of The Avenger version 1, by Swandog46

Running from registry key:

\Registry\Machine\System\CurrentControlSet\Services\ujdofdup

*******************

Script file located at: ??\C:\WINDOWS\system32\ogwehwnh.txt

Script file opened successfully.

Script file read successfully

Backups directory opened successfully at C:\Avenger

*******************

Beginning to process script file:

File C:\WINDOWS\system32\drivers\hidr.exe deleted successfully.

File C:\WINDOWS\system32\drivers\srosa.sys deleted successfully.

File C:\WINDOWS\system32\hldrrr.exe not found!

Deletion of file C:\WINDOWS\system32\hldrrr.exe failed!

Could not process line:

C:\WINDOWS\system32\hldrrr.exe

Status: 0xc0000034

File C:\WINDOWS\system32\trusted.exe not found!

Deletion of file C:\WINDOWS\system32\trusted.exe failed!

Could not process line:

C:\WINDOWS\system32\trusted.exe

Status: 0xc0000034

Folder C:\WINDOWS\exefnd not found!

Deletion of folder C:\WINDOWS\exefnd failed!

Could not process line:

C:\WINDOWS\exefnd

Status: 0xc0000034

Folder C:\WINDOWS\exefld deleted successfully.

Registry key HKLM\SYSTEM\CurrentControlSet\Services\srosa not found!

Deletion of registry key HKLM\SYSTEM\CurrentControlSet\Services\srosa failed!

Could not process line:

HKLM\SYSTEM\CurrentControlSet\Services\srosa

Status: 0xc0000034

Registry key HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SROSA deleted successfully.

Completed script processing.

*******************

Finished! Terminate.