Condividi:        

pc lentissimo-non abbastanza memoria e aumento del paging

Come rimuovere virus e spyware? Le carte di credito sono davvero sicure in rete? È possibile navigare anonimi? Con quali programmi tutelare la propria privacy? Come proteggere i file importanti? Se volete una risposta a queste e altre domande questo è il luogo giusto!

Moderatori: m.paolo, kadosh, Luke57

pc lentissimo-non abbastanza memoria e aumento del paging

Postdi frontrunner » 30/08/06 12:57

salve, mi spiace disturbarvi ma da solo non saprei proprio che fare!
se foste così gentili da dare una occhiata e dirmi se ci sono rimedi ve ne sarei molto grato
THX

Logfile of HijackThis v1.99.1
Scan saved at 22.08.11, on 29/08/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programmi\ewido anti-spyware 4.0\guard.exe
C:\Programmi\File comuni\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Programmi\Eset\nod32krn.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Programmi\Canon\CAL\CALMAIN.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\GSICON.EXE
C:\WINDOWS\system32\dslagent.exe
D:\Programmi\PDVDServ.exe
C:\Programmi\Eset\nod32kui.exe
C:\Programmi\Java\jre1.5.0_07\bin\jusched.exe
C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
C:\PROGRA~1\HELPEX~1\SMARTB~1\MotiveSB.exe
C:\Programmi\HP\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe
C:\Programmi\HELPExpress\bin\mpbtn.exe
C:\Programmi\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Programmi\HP\Digital Imaging\Product Assistant\bin\hprblog.exe
C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
C:\Programmi\Internet Explorer\iexplore.exe
C:\DOCUME~1\utente\IMPOST~1\Temp\Directory temporanea 3 per hijackthis.zip\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
R3 - Default URLSearchHook is missing
O2 - BHO: Class - {81DB85CF-F03B-E94D-69A7-92A8D677A673} - C:\WINDOWS\xcmna1.dll (file missing)
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - (no file)
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [GSICONEXE] GSICON.EXE
O4 - HKLM\..\Run: [DSLAGENTEXE] dslagent.exe USB
O4 - HKLM\..\Run: [RemoteControl] D:\Programmi\PDVDServ.exe
O4 - HKLM\..\Run: [UpdateManager] "C:\Programmi\File comuni\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [nod32kui] "C:\Programmi\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programmi\Java\jre1.5.0_07\bin\jusched.exe
O4 - HKLM\..\Run: [Aticcc] "C:\Programmi\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [CcApp] "C:\Programmi\File comuni\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\HELPEX~1\SMARTB~1\MotiveSB.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Programmi\HP\HP Software Update\HPWuSchd2.exe
O4 - HKCU\..\Run: [Ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: HELPExpress.lnk = C:\Programmi\HELPExpress\bin\matcli.exe
O4 - Global Startup: hp digital imaging monitor.lnk = C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.5.0_07\bin\ssv.dll (file missing)
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.5.0_07\bin\ssv.dll (file missing)
O9 - Extra button: Ricerche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O16 - DPF: {EC52F7A4-27A7-4319-9BA1-E7FE5C90D3AC} - http://td8eau9td.com/13e5950a/50310/1/xp/FreeAccess.ocx
O17 - HKLM\System\CCS\Services\Tcpip\..\{5534FC7B-CF47-41E9-88E9-5931C69F0D5D}: NameServer = 62.211.69.150 212.48.4.15
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Programmi\Canon\CAL\CALMAIN.exe
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Programmi\ewido anti-spyware 4.0\guard.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Programmi\Eset\nod32krn.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
frontrunner
Utente Junior
 
Post: 96
Iscritto il: 26/06/06 17:04

Sponsor
 

Postdi BilloKenobi » 30/08/06 13:29

sei incappato nel LinkOptimizier. fortunatamente una variante non recentissima, e quindi eliminabile senza troppi problemi, ma con un pò di difficoltà

per prima cosa scarica questi quattro programmi

Ccleaner --- http://download.ccleaner.com/ccsetup132.exe
The Avenger --- http://swandog46.geekstogo.com/avenger.zip
Myuninstaller --- http://www.puntocr.it/index/downloads_r ... d/214.html
GMER --- http://www.gmer.net/files.php

poi estrai Gmer, e fai uno scan delle sezioni "rootkit" e " autostart". poi per piacere posti i log di entrambe le sezioni (c'è un pulsante "copia")

dopodichè arriverà il bello :D
Begun the Clone War has

Sì sì, mi hanno fatto redattore --- SuspectFile
BilloKenobi
Utente Senior
 
Post: 348
Iscritto il: 08/07/06 11:05

Postdi frontrunner » 30/08/06 16:55

è una odissea!!!
quando tento d postarlo mi dice error in posting-debug mode
provo a spezzarlo................

alla fine dello scanning con rootkit mi da un messaggio(attenzione modifica di sistema a causa attività rootkit)

c ritento !

GMER 1.0.10.10122 - http://www.gmer.net
Rootkit 2006-08-30 17:36:36
Windows 5.1.2600 Service Pack 2


---- System - GMER 1.0.10 ----

SSDT \??\C:\Programmi\ewido anti-spyware 4.0\guard.sys ZwOpenProcess <-- ROOTKIT !!!
SSDT \??\C:\Programmi\ewido anti-spyware 4.0\guard.sys ZwTerminateProcess <-- ROOTKIT !!!

INT 0x00 \WINDOWS\system32\ntoskrnl.exe 804DF350
INT 0x01 \WINDOWS\system32\ntoskrnl.exe 804DF4CB
INT 0x03 \WINDOWS\system32\ntoskrnl.exe 804DF89D
INT 0x04 \WINDOWS\system32\ntoskrnl.exe 804DFA20
INT 0x05 \WINDOWS\system32\ntoskrnl.exe 804DFB81
INT 0x06 \WINDOWS\system32\ntoskrnl.exe 804DFD02
INT 0x07 \WINDOWS\system32\ntoskrnl.exe 804E036A
INT 0x09 \WINDOWS\system32\ntoskrnl.exe 804E078F
INT 0x0A \WINDOWS\system32\ntoskrnl.exe 804E08AC
INT 0x0B \WINDOWS\system32\ntoskrnl.exe 804E09E9
INT 0x0C \WINDOWS\system32\ntoskrnl.exe 804E0C42
INT 0x0D \WINDOWS\system32\ntoskrnl.exe 804E0F38
INT 0x0E \WINDOWS\system32\ntoskrnl.exe 804E164F
INT 0x0F \WINDOWS\system32\ntoskrnl.exe 804E197C
INT 0x10 \WINDOWS\system32\ntoskrnl.exe 804E1A99
INT 0x11 \WINDOWS\system32\ntoskrnl.exe 804E1BCE
INT 0x12 \WINDOWS\system32\ntoskrnl.exe 804E197C
INT 0x13 \WINDOWS\system32\ntoskrnl.exe 804E1D34
INT 0x14 \WINDOWS\system32\ntoskrnl.exe 804E197C
INT 0x15 \WINDOWS\system32\ntoskrnl.exe 804E197C
INT 0x16 \WINDOWS\system32\ntoskrnl.exe 804E197C
INT 0x17 \WINDOWS\system32\ntoskrnl.exe 804E197C
INT 0x18 \WINDOWS\system32\ntoskrnl.exe 804E197C
INT 0x19 \WINDOWS\system32\ntoskrnl.exe 804E197C
INT 0x1A \WINDOWS\system32\ntoskrnl.exe 804E197C
INT 0x1B \WINDOWS\system32\ntoskrnl.exe 804E197C
INT 0x1C \WINDOWS\system32\ntoskrnl.exe 804E197C
INT 0x1D \WINDOWS\system32\ntoskrnl.exe 804E197C
INT 0x1E \WINDOWS\system32\ntoskrnl.exe 804E197C
INT 0x1F \WINDOWS\system32\hal.dll 806EDFD0
INT 0x2A \WINDOWS\system32\ntoskrnl.exe 804DEB92
INT 0x2B \WINDOWS\system32\ntoskrnl.exe 804DEC95
INT 0x2C \WINDOWS\system32\ntoskrnl.exe 804DEE34
INT 0x2D \WINDOWS\system32\ntoskrnl.exe 804DF77C
INT 0x2E \WINDOWS\system32\ntoskrnl.exe 804DE631
INT 0x2F \WINDOWS\system32\ntoskrnl.exe 804E197C
INT 0x30 \WINDOWS\system32\ntoskrnl.exe 804DDCF0
INT 0x31 \WINDOWS\system32\ntoskrnl.exe 804DDCFA
INT 0x32 \WINDOWS\system32\ntoskrnl.exe 804DDD04
INT 0x33 \WINDOWS\system32\ntoskrnl.exe 804DDD0E
INT 0x34 \WINDOWS\system32\ntoskrnl.exe 804DDD18
INT 0x35 \WINDOWS\system32\ntoskrnl.exe 804DDD22
INT 0x36 \WINDOWS\system32\ntoskrnl.exe 804DDD2C
INT 0x37 \WINDOWS\system32\hal.dll 806ED728
INT 0x38 \WINDOWS\system32\ntoskrnl.exe 804DDD40
INT 0x39 \WINDOWS\system32\ntoskrnl.exe 804DDD4A
INT 0x3A \WINDOWS\system32\ntoskrnl.exe 804DDD54
INT 0x3B \WINDOWS\system32\ntoskrnl.exe 804DDD5E
INT 0x3C \WINDOWS\system32\ntoskrnl.exe 804DDD68
INT 0x3D \WINDOWS\system32\hal.dll 806EEB70
INT 0x3E \WINDOWS\system32\ntoskrnl.exe 804DDD7C
INT 0x3F \WINDOWS\system32\ntoskrnl.exe 804DDD86
INT 0x40 \WINDOWS\system32\ntoskrnl.exe 804DDD90
INT 0x41 \WINDOWS\system32\hal.dll 806EE9CC
INT 0x42 \WINDOWS\system32\ntoskrnl.exe 804DDDA4
INT 0x43 \WINDOWS\system32\ntoskrnl.exe 804DDDAE
INT 0x44 \WINDOWS\system32\ntoskrnl.exe 804DDDB8
INT 0x45 \WINDOWS\system32\ntoskrnl.exe 804DDDC2
INT 0x46 \WINDOWS\system32\ntoskrnl.exe 804DDDCC
INT 0x47 \WINDOWS\system32\ntoskrnl.exe 804DDDD6
INT 0x48 \WINDOWS\system32\ntoskrnl.exe 804DDDE0
INT 0x49 \WINDOWS\system32\ntoskrnl.exe 804DDDEA
INT 0x4A \WINDOWS\system32\ntoskrnl.exe 804DDDF4
INT 0x4B \WINDOWS\system32\ntoskrnl.exe 804DDDFE
INT 0x4C \WINDOWS\system32\ntoskrnl.exe 804DDE08
INT 0x4D \WINDOWS\system32\ntoskrnl.exe 804DDE12
INT 0x4E \WINDOWS\system32\ntoskrnl.exe 804DDE1C
INT 0x4F \WINDOWS\system32\ntoskrnl.exe 804DDE26
INT 0x50 \WINDOWS\system32\hal.dll 806ED800
INT 0x51 \WINDOWS\system32\ntoskrnl.exe 804DDE3A
INT 0x52 \WINDOWS\system32\ntoskrnl.exe 804DDE44
INT 0x53 \WINDOWS\system32\ntoskrnl.exe 804DDE4E
INT 0x54 \WINDOWS\system32\ntoskrnl.exe 804DDE58
INT 0x55 \WINDOWS\system32\ntoskrnl.exe 804DDE62
INT 0x56 \WINDOWS\system32\ntoskrnl.exe 804DDE6C
INT 0x57 \WINDOWS\system32\ntoskrnl.exe 804DDE76
INT 0x58 \WINDOWS\system32\ntoskrnl.exe 804DDE80
INT 0x59 \WINDOWS\system32\ntoskrnl.exe 804DDE8A
INT 0x5A \WINDOWS\system32\ntoskrnl.exe 804DDE94
INT 0x5B \WINDOWS\system32\ntoskrnl.exe 804DDE9E
INT 0x5C \WINDOWS\system32\ntoskrnl.exe 804DDEA8
INT 0x5D \WINDOWS\system32\ntoskrnl.exe 804DDEB2
INT 0x5E \WINDOWS\system32\ntoskrnl.exe 804DDEBC
INT 0x5F \WINDOWS\system32\ntoskrnl.exe 804DDEC6
INT 0x60 \WINDOWS\system32\ntoskrnl.exe 804DDED0
INT 0x61 \WINDOWS\system32\ntoskrnl.exe 804DDEDA
INT 0x64 \WINDOWS\system32\ntoskrnl.exe 804DDEF8
INT 0x65 \WINDOWS\system32\ntoskrnl.exe 804DDF02
INT 0x66 \WINDOWS\system32\ntoskrnl.exe 804DDF0C
INT 0x67 \WINDOWS\system32\ntoskrnl.exe 804DDF16
INT 0x68 \WINDOWS\system32\ntoskrnl.exe 804DDF20
INT 0x69 \WINDOWS\system32\ntoskrnl.exe 804DDF2A
INT 0x6A \WINDOWS\system32\ntoskrnl.exe 804DDF34
INT 0x6B \WINDOWS\system32\ntoskrnl.exe 804DDF3E
INT 0x6C \WINDOWS\system32\ntoskrnl.exe 804DDF48
INT 0x6D \WINDOWS\system32\ntoskrnl.exe 804DDF52
INT 0x6E \WINDOWS\system32\ntoskrnl.exe 804DDF5C
INT 0x6F \WINDOWS\system32\ntoskrnl.exe 804DDF66
INT 0x70 \WINDOWS\system32\ntoskrnl.exe 804DDF70
INT 0x71 \WINDOWS\system32\ntoskrnl.exe 804DDF7A
INT 0x72 \WINDOWS\system32\ntoskrnl.exe 804DDF84
INT 0x74 \WINDOWS\system32\ntoskrnl.exe 804DDF98
INT 0x75 \WINDOWS\system32\ntoskrnl.exe 804DDFA2
INT 0x76 \WINDOWS\system32\ntoskrnl.exe 804DDFAC
INT 0x77 \WINDOWS\system32\ntoskrnl.exe 804DDFB6
INT 0x78 \WINDOWS\system32\ntoskrnl.exe 804DDFC0
INT 0x79 \WINDOWS\system32\ntoskrnl.exe 804DDFCA
INT 0x7A \WINDOWS\system32\ntoskrnl.exe 804DDFD4
INT 0x7B \WINDOWS\system32\ntoskrnl.exe 804DDFDE
INT 0x7C \WINDOWS\system32\ntoskrnl.exe 804DDFE8
INT 0x7D \WINDOWS\system32\ntoskrnl.exe 804DDFF2
INT 0x7E \WINDOWS\system32\ntoskrnl.exe 804DDFFC
INT 0x7F \WINDOWS\system32\ntoskrnl.exe 804DE006
INT 0x80 \WINDOWS\system32\ntoskrnl.exe 804DE010
INT 0x81 \WINDOWS\system32\ntoskrnl.exe 804DE01A
INT 0x85 \WINDOWS\system32\ntoskrnl.exe 804DE042
INT 0x86 \WINDOWS\system32\ntoskrnl.exe 804DE04C
INT 0x87 \WINDOWS\system32\ntoskrnl.exe 804DE056
INT 0x88 \WINDOWS\system32\ntoskrnl.exe 804DE060
INT 0x89 \WINDOWS\system32\ntoskrnl.exe 804DE06A
INT 0x8A \WINDOWS\system32\ntoskrnl.exe 804DE074
INT 0x8B \WINDOWS\system32\ntoskrnl.exe 804DE07E
INT 0x8C \WINDOWS\system32\ntoskrnl.exe 804DE088
INT 0x8D \WINDOWS\system32\ntoskrnl.exe 804DE092
INT 0x8E \WINDOWS\system32\ntoskrnl.exe 804DE09C
INT 0x8F \WINDOWS\system32\ntoskrnl.exe 804DE0A6
INT 0x90 \WINDOWS\system32\ntoskrnl.exe 804DE0B0
INT 0x91 \WINDOWS\system32\ntoskrnl.exe 804DE0BA
INT 0x95 \WINDOWS\system32\ntoskrnl.exe 804DE0E2
INT 0x96 \WINDOWS\system32\ntoskrnl.exe 804DE0EC
INT 0x97 \WINDOWS\system32\ntoskrnl.exe 804DE0F6
INT 0x98 \WINDOWS\system32\ntoskrnl.exe 804DE100
INT 0x99 \WINDOWS\system32\ntoskrnl.exe 804DE10A
INT 0x9A \WINDOWS\system32\ntoskrnl.exe 804DE114
INT 0x9B \WINDOWS\system32\ntoskrnl.exe 804DE11E
INT 0x9C \WINDOWS\system32\ntoskrnl.exe 804DE128
INT 0x9D \WINDOWS\system32\ntoskrnl.exe 804DE132
INT 0x9E \WINDOWS\system32\ntoskrnl.exe 804DE13C
INT 0x9F \WINDOWS\system32\ntoskrnl.exe 804DE146
INT 0xA0 \WINDOWS\system32\ntoskrnl.exe 804DE150
INT 0xA1 \WINDOWS\system32\ntoskrnl.exe 804DE15A
INT 0xA2 \WINDOWS\system32\ntoskrnl.exe 804DE164
INT 0xA5 \WINDOWS\system32\ntoskrnl.exe 804DE182
INT 0xA6 \WINDOWS\system32\ntoskrnl.exe 804DE18C
INT 0xA7 \WINDOWS\system32\ntoskrnl.exe 804DE196
INT 0xA8 \WINDOWS\system32\ntoskrnl.exe 804DE1A0
INT 0xA9 \WINDOWS\system32\ntoskrnl.exe 804DE1AA
INT 0xAA \WINDOWS\system32\ntoskrnl.exe 804DE1B4
INT 0xAB \WINDOWS\system32\ntoskrnl.exe 804DE1BE
INT 0xAC \WINDOWS\system32\ntoskrnl.exe 804DE1C8
INT 0xAD \WINDOWS\system32\ntoskrnl.exe 804DE1D2
INT 0xAE \WINDOWS\system32\ntoskrnl.exe 804DE1DC
INT 0xAF \WINDOWS\system32\ntoskrnl.exe 804DE1E6
INT 0xB0 \WINDOWS\system32\ntoskrnl.exe 804DE1F0
INT 0xB3 \WINDOWS\system32\ntoskrnl.exe 804DE20E
INT 0xB5 \WINDOWS\system32\ntoskrnl.exe 804DE222
INT 0xB6 \WINDOWS\system32\ntoskrnl.exe 804DE22C
INT 0xB7 \WINDOWS\system32\ntoskrnl.exe 804DE236
INT 0xB8 \WINDOWS\system32\ntoskrnl.exe 804DE240
INT 0xB9 \WINDOWS\system32\ntoskrnl.exe 804DE24A
INT 0xBA \WINDOWS\system32\ntoskrnl.exe 804DE254
INT 0xBB \WINDOWS\system32\ntoskrnl.exe 804DE25E
INT 0xBC \WINDOWS\system32\ntoskrnl.exe 804DE268
INT 0xBD \WINDOWS\system32\ntoskrnl.exe 804DE272
INT 0xBE \WINDOWS\system32\ntoskrnl.exe 804DE27C
INT 0xBF \WINDOWS\system32\ntoskrnl.exe 804DE286
INT 0xC0 \WINDOWS\system32\ntoskrnl.exe 804DE290
INT 0xC1 \WINDOWS\system32\hal.dll 806ED984
INT 0xC2 \WINDOWS\system32\ntoskrnl.exe 804DE2A4
INT 0xC3 \WINDOWS\system32\ntoskrnl.exe 804DE2AE
INT 0xC4 \WINDOWS\system32\ntoskrnl.exe 804DE2B8
INT 0xC5 \WINDOWS\system32\ntoskrnl.exe 804DE2C2
INT 0xC6 \WINDOWS\system32\ntoskrnl.exe 804DE2CC
INT 0xC7 \WINDOWS\system32\ntoskrnl.exe 804DE2D6
INT 0xC8 \WINDOWS\system32\ntoskrnl.exe 804DE2E0
INT 0xC9 \WINDOWS\system32\ntoskrnl.exe 804DE2EA
INT 0xCA \WINDOWS\system32\ntoskrnl.exe 804DE2F4
INT 0xCB \WINDOWS\system32\ntoskrnl.exe 804DE2FE
INT 0xCC \WINDOWS\system32\ntoskrnl.exe 804DE308
INT 0xCD \WINDOWS\system32\ntoskrnl.exe 804DE312
INT 0xCE \WINDOWS\system32\ntoskrnl.exe 804DE31C
INT 0xCF \WINDOWS\system32\ntoskrnl.exe 804DE326
INT 0xD0 \WINDOWS\system32\ntoskrnl.exe 804DE330
INT 0xD1 \WINDOWS\system32\hal.dll 806ECD34
INT 0xD2 \WINDOWS\system32\ntoskrnl.exe 804DE344
INT 0xD3 \WINDOWS\system32\ntoskrnl.exe 804DE34E
INT 0xD4 \WINDOWS\system32\ntoskrnl.exe 804DE358
INT 0xD5 \WINDOWS\system32\ntoskrnl.exe 804DE362
INT 0xD6 \WINDOWS\system32\ntoskrnl.exe 804DE36C
INT 0xD7 \WINDOWS\system32\ntoskrnl.exe 804DE376
INT 0xD8 \WINDOWS\system32\ntoskrnl.exe 804DE380
INT 0xD9 \WINDOWS\system32\ntoskrnl.exe 804DE38A
INT 0xDA \WINDOWS\system32\ntoskrnl.exe 804DE394
INT 0xDB \WINDOWS\system32\ntoskrnl.exe 804DE39E
INT 0xDC \WINDOWS\system32\ntoskrnl.exe 804DE3A8
INT 0xDD \WINDOWS\system32\ntoskrnl.exe 804DE3B2
INT 0xDE \WINDOWS\system32\ntoskrnl.exe 804DE3BC
INT 0xDF \WINDOWS\system32\ntoskrnl.exe 804DE3C6
INT 0xE0 \WINDOWS\system32\ntoskrnl.exe 804DE3D0
INT 0xE1 \WINDOWS\system32\hal.dll 806EDF0C
INT 0xE2 \WINDOWS\system32\ntoskrnl.exe 804DE3E4
INT 0xE3 \WINDOWS\system32\hal.dll 806EDC70
INT 0xE4 \WINDOWS\system32\ntoskrnl.exe 804DE3F8
INT 0xE5 \WINDOWS\system32\ntoskrnl.exe 804DE402
INT 0xE6 \WINDOWS\system32\ntoskrnl.exe 804DE40C
INT 0xE7 \WINDOWS\system32\ntoskrnl.exe 804DE416
INT 0xE8 \WINDOWS\system32\ntoskrnl.exe 804DE420
INT 0xE9 \WINDOWS\system32\ntoskrnl.exe 804DE42A
INT 0xEA \WINDOWS\system32\ntoskrnl.exe 804DE434
INT 0xEB \WINDOWS\system32\ntoskrnl.exe 804DE43E
INT 0xEC \WINDOWS\system32\ntoskrnl.exe 804DE448
INT 0xED \WINDOWS\system32\ntoskrnl.exe 804DE452
INT 0xEE \WINDOWS\system32\ntoskrnl.exe 804DE459
INT 0xEF \WINDOWS\system32\ntoskrnl.exe 804DE460
INT 0xF0 \WINDOWS\system32\ntoskrnl.exe 804DE467
INT 0xF1 \WINDOWS\system32\ntoskrnl.exe 804DE46E
INT 0xF2 \WINDOWS\system32\ntoskrnl.exe 804DE475
INT 0xF3 \WINDOWS\system32\ntoskrnl.exe 804DE47C
INT 0xF4 \WINDOWS\system32\ntoskrnl.exe 804DE483
INT 0xF5 \WINDOWS\system32\ntoskrnl.exe 804DE48A
INT 0xF6 \WINDOWS\system32\ntoskrnl.exe 804DE491
INT 0xF7 \WINDOWS\system32\ntoskrnl.exe 804DE498
INT 0xF8 \WINDOWS\system32\ntoskrnl.exe 804DE49F
INT 0xF9 \WINDOWS\system32\ntoskrnl.exe 804DE4A6
INT 0xFA \WINDOWS\system32\ntoskrnl.exe 804DE4AD
INT 0xFB \WINDOWS\system32\ntoskrnl.exe 804DE4B4
INT 0xFC \WINDOWS\system32\ntoskrnl.exe 804DE4BB
INT 0xFD \WINDOWS\system32\hal.dll 806EE464
INT 0xFE \WINDOWS\system32\hal.dll 806EE604
INT 0xFF \WINDOWS\system32\ntoskrnl.exe 804DE4D0

SYSENTER \WINDOWS\system32\ntoskrnl.exe 804DE6F0

---- Devices - GMER 1.0.10 ----

Device \FileSystem\Ntfs \Ntfs IRP_MJ_CREATE [F83DAE37] Ntfs.sys
Device \FileSystem\Ntfs \Ntfs IRP_MJ_CREATE_NAMED_PIPE [805031BE] ntoskrnl.exe
Device \FileSystem\Ntfs \Ntfs IRP_MJ_CLOSEIRP_MJ_READ [F83DA320] Ntfs.sys
Device \FileSystem\Ntfs \Ntfs IRP_MJ_WRITE [F83B7EE4] Ntfs.sys
Device \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_INFORMATION [F83B6BCA] Ntfs.sys
Device \FileSystem\Ntfs \Ntfs IRP_MJ_SET_INFORMATION [F83DB4D1] Ntfs.sys
Device \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_EA [F83B8A58] Ntfs.sys
Device \FileSystem\Ntfs \Ntfs IRP_MJ_SET_EA [F83DB4D1] Ntfs.sys
Device \FileSystem\Ntfs \Ntfs IRP_MJ_FLUSH_BUFFERS [F83DB4D1] Ntfs.sys
Device \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_VOLUME_INFORMATION [F83E0A68] Ntfs.sys
Device \FileSystem\Ntfs \Ntfs IRP_MJ_SET_VOLUME_INFORMATION [F83DB61C] Ntfs.sys
Device \FileSystem\Ntfs \Ntfs IRP_MJ_DIRECTORY_CONTROL [F83DB61C] Ntfs.sys
Device \FileSystem\Ntfs \Ntfs IRP_MJ_FILE_SYSTEM_CONTROL [F83DD2C3] Ntfs.sys
Device \FileSystem\Ntfs \Ntfs IRP_MJ_DEVICE_CONTROL [F83E26D5] Ntfs.sys
Device \FileSystem\Ntfs \Ntfs IRP_MJ_INTERNAL_DEVICE_CONTROL [F83DB61C] Ntfs.sys
Device \FileSystem\Ntfs \Ntfs IRP_MJ_SHUTDOWN [805031BE] ntoskrnl.exe
Device \FileSystem\Ntfs \Ntfs IRP_MJ_LOCK_CONTROL [F83C9621] Ntfs.sys
Device \FileSystem\Ntfs \Ntfs IRP_MJ_CLEANUP [F842EB11] Ntfs.sys
Device \FileSystem\Ntfs \Ntfs IRP_MJ_CREATE_MAILSLOT [F83DACEE] Ntfs.sys
Device \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_SECURITY [805031BE] ntoskrnl.exe
Device \FileSystem\Ntfs \Ntfs IRP_MJ_SET_SECURITY [F83DB61C] Ntfs.sys
Device \FileSystem\Ntfs \Ntfs IRP_MJ_POWER [F83DB61C] Ntfs.sys
Device \FileSystem\Ntfs \Ntfs IRP_MJ_SYSTEM_CONTROL [805031BE] ntoskrnl.exe
Device \FileSystem\Ntfs \Ntfs IRP_MJ_DEVICE_CHANGE [805031BE] ntoskrnl.exe
Device \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_QUOTA [805031BE] ntoskrnl.exe
Device \FileSystem\Ntfs \Ntfs IRP_MJ_SET_QUOTA [F83DB4D1] Ntfs.sys
Device \FileSystem\Ntfs \Ntfs IRP_MJ_PNP [F83DB4D1] Ntfs.sys
Device \FileSystem\Ntfs \Ntfs IRP_MJ_PNP_POWER [F83F9F3F] Ntfs.sys
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_CREATE [EFC4CC8A] Fastfat.SYS
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_CREATE_NAMED_PIPE [805031BE] ntoskrnl.exe
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_CLOSEIRP_MJ_READ [EFC497C8] Fastfat.SYS
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_WRITE [EFC4560A] Fastfat.SYS
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_QUERY_INFORMATION [EFC45AED] Fastfat.SYS
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_SET_INFORMATION [EFC50958] Fastfat.SYS
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_QUERY_EA [EFC53821] Fastfat.SYS
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_SET_EA [EFC5C38A] Fastfat.SYS
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_FLUSH_BUFFERS [EFC5BD49] Fastfat.SYS
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_QUERY_VOLUME_INFORMATION [EFC55BBE] Fastfat.SYS
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_SET_VOLUME_INFORMATION [EFC56331] Fastfat.SYS
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_DIRECTORY_CONTROL [EFC644F4] Fastfat.SYS
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_FILE_SYSTEM_CONTROL [EFC4CB37] Fastfat.SYS
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_DEVICE_CONTROL [EFC48948] Fastfat.SYS
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_INTERNAL_DEVICE_CONTROL [EFC5246B] Fastfat.SYS
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_SHUTDOWN [805031BE] ntoskrnl.exe
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_LOCK_CONTROL [EFC6379D] Fastfat.SYS
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_CLEANUP [EFC62C4A] Fastfat.SYS
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_CREATE_MAILSLOT [EFC492FD] Fastfat.SYS
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_QUERY_SECURITY [805031BE] ntoskrnl.exe
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_SET_SECURITY [805031BE] ntoskrnl.exe
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_POWER [805031BE] ntoskrnl.exe
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_SYSTEM_CONTROL [805031BE] ntoskrnl.exe
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_DEVICE_CHANGE [805031BE] ntoskrnl.exe
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_QUERY_QUOTA [805031BE] ntoskrnl.exe
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_SET_QUOTA [805031BE] ntoskrnl.exe
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_PNP [805031BE] ntoskrnl.exe
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_PNP_POWER [EFC631DB] Fastfat.SYS
Device \FileSystem\Mup \Dfs IRP_MJ_CREATE [F8372A80] Mup.sys
Device \FileSystem\Mup \Dfs IRP_MJ_CREATE_NAMED_PIPE [F8372A80] Mup.sys
Device \FileSystem\Mup \Dfs IRP_MJ_CLOSEIRP_MJ_READ [F8377A76] Mup.sys
Device \FileSystem\Mup \Dfs IRP_MJ_WRITE [F836F52D] Mup.sys
Device \FileSystem\Mup \Dfs IRP_MJ_QUERY_INFORMATION [F8374159] Mup.sys
Device \FileSystem\Mup \Dfs IRP_MJ_SET_INFORMATION [F837FB88] Mup.sys
Device \FileSystem\Mup \Dfs IRP_MJ_QUERY_EA [F837FDF2] Mup.sys
Device \FileSystem\Mup \Dfs IRP_MJ_SET_EA [F836F52D] Mup.sys
Device \FileSystem\Mup \Dfs IRP_MJ_FLUSH_BUFFERS [F836F52D] Mup.sys
Device \FileSystem\Mup \Dfs IRP_MJ_QUERY_VOLUME_INFORMATION [F836F52D] Mup.sys
Device \FileSystem\Mup \Dfs IRP_MJ_SET_VOLUME_INFORMATION [F8384492] Mup.sys
Device \FileSystem\Mup \Dfs IRP_MJ_DIRECTORY_CONTROL [F8384585] Mup.sys
Device \FileSystem\Mup \Dfs IRP_MJ_FILE_SYSTEM_CONTROL [F836F52D] Mup.sys
Device \FileSystem\Mup \Dfs IRP_MJ_DEVICE_CONTROL [F83775D2] Mup.sys
Device \FileSystem\Mup \Dfs IRP_MJ_INTERNAL_DEVICE_CONTROL [F836F52D] Mup.sys
Device \FileSystem\Mup \Dfs IRP_MJ_SHUTDOWN [F836F52D] Mup.sys
Device \FileSystem\Mup \Dfs IRP_MJ_LOCK_CONTROL [F837F33D] Mup.sys
Device \FileSystem\Mup \Dfs IRP_MJ_CLEANUP [F836F52D] Mup.sys
Device \FileSystem\Mup \Dfs IRP_MJ_CREATE_MAILSLOT [F8377AB9] Mup.sys
Device \FileSystem\Mup \Dfs IRP_MJ_QUERY_SECURITY [F8372A80] Mup.sys
Device \FileSystem\Mup \Dfs IRP_MJ_SET_SECURITY [F836F52D] Mup.sys
Device \FileSystem\Mup \Dfs IRP_MJ_POWER [F836F52D] Mup.sys
Device \FileSystem\Mup \Dfs IRP_MJ_SYSTEM_CONTROL [F836F52D] Mup.sys
Device \FileSystem\Mup \Dfs IRP_MJ_DEVICE_CHANGE [F836E35A] Mup.sys
Device \FileSystem\Mup \Dfs IRP_MJ_QUERY_QUOTA [F836F52D] Mup.sys
Device \FileSystem\Mup \Dfs IRP_MJ_SET_QUOTA [F836F52D] Mup.sys
Device \FileSystem\Mup \Dfs IRP_MJ_PNP [F836F52D] Mup.sys
Device \FileSystem\Mup \Dfs IRP_MJ_PNP_POWER [F836F52D] Mup.sys
Device \Driver\NDIS \Device\Ndis IRP_MJ_CREATE [F8390982] NDIS.sys
Device \Driver\NDIS \Device\Ndis IRP_MJ_CREATE_NAMED_PIPE [F8390982] NDIS.sys
Device \Driver\NDIS \Device\Ndis IRP_MJ_CLOSEIRP_MJ_READ [F8390982] NDIS.sys
Device \Driver\NDIS \Device\Ndis IRP_MJ_WRITE [F8390982] NDIS.sys
Device \Driver\NDIS \Device\Ndis IRP_MJ_QUERY_INFORMATION [F8390982] NDIS.sys
Device \Driver\NDIS \Device\Ndis IRP_MJ_SET_INFORMATION [F8390982] NDIS.sys
Device \Driver\NDIS \Device\Ndis IRP_MJ_QUERY_EA [F8390982] NDIS.sys
Device \Driver\NDIS \Device\Ndis IRP_MJ_SET_EA [F8390982] NDIS.sys
Device \Driver\NDIS \Device\Ndis IRP_MJ_FLUSH_BUFFERS [F8390982] NDIS.sys
Device \Driver\NDIS \Device\Ndis IRP_MJ_QUERY_VOLUME_INFORMATION [F8390982] NDIS.sys
Device \Driver\NDIS \Device\Ndis IRP_MJ_SET_VOLUME_INFORMATION [F8390982] NDIS.sys
Device \Driver\NDIS \Device\Ndis IRP_MJ_DIRECTORY_CONTROL [F8390982] NDIS.sys
Device \Driver\NDIS \Device\Ndis IRP_MJ_FILE_SYSTEM_CONTROL [F8390982] NDIS.sys
Device \Driver\NDIS \Device\Ndis IRP_MJ_DEVICE_CONTROL [F8390982] NDIS.sys
Device \Driver\NDIS \Device\Ndis IRP_MJ_INTERNAL_DEVICE_CONTROL [F8390982] NDIS.sys
Device \Driver\NDIS \Device\Ndis IRP_MJ_SHUTDOWN [F8390982] NDIS.sys
Device \Driver\NDIS \Device\Ndis IRP_MJ_LOCK_CONTROL [F8390982] NDIS.sys
Device \Driver\NDIS \Device\Ndis IRP_MJ_CLEANUP [F8390982] NDIS.sys
Device \Driver\NDIS \Device\Ndis IRP_MJ_CREATE_MAILSLOT [F8390982] NDIS.sys
Device \Driver\NDIS \Device\Ndis IRP_MJ_QUERY_SECURITY [F8390982] NDIS.sys
Device \Driver\NDIS \Device\Ndis IRP_MJ_SET_SECURITY [F8390982] NDIS.sys
Device \Driver\NDIS \Device\Ndis IRP_MJ_POWER [F8390982] NDIS.sys
Device \Driver\NDIS \Device\Ndis IRP_MJ_SYSTEM_CONTROL [F8390982] NDIS.sys
Device \Driver\NDIS \Device\Ndis IRP_MJ_DEVICE_CHANGE [F8390982] NDIS.sys
Device \Driver\NDIS \Device\Ndis IRP_MJ_QUERY_QUOTA [F8390982] NDIS.sys
Device \Driver\NDIS \Device\Ndis IRP_MJ_SET_QUOTA [F8390982] NDIS.sys
Device \Driver\NDIS \Device\Ndis IRP_MJ_PNP [F8390982] NDIS.sys
Device \Driver\NDIS \Device\Ndis IRP_MJ_PNP_POWER [F8390982] NDIS.sys
Device \Driver\KSecDD \Device\KsecDD IRP_MJ_CREATE [F8448D62] KSecDD.sys
Device \Driver\KSecDD \Device\KsecDD IRP_MJ_CREATE_NAMED_PIPE [805031BE] ntoskrnl.exe
Device \Driver\KSecDD \Device\KsecDD IRP_MJ_CLOSEIRP_MJ_READ [F8448D62] KSecDD.sys
Device \Driver\KSecDD \Device\KsecDD IRP_MJ_WRITE [F8448D62] KSecDD.sys
Device \Driver\KSecDD \Device\KsecDD IRP_MJ_QUERY_INFORMATION [F8448D62] KSecDD.sys
Device \Driver\KSecDD \Device\KsecDD IRP_MJ_SET_INFORMATION [F8448D62] KSecDD.sys
Device \Driver\KSecDD \Device\KsecDD IRP_MJ_QUERY_EA [805031BE] ntoskrnl.exe
Device \Driver\KSecDD \Device\KsecDD IRP_MJ_SET_EA [805031BE] ntoskrnl.exe
Device \Driver\KSecDD \Device\KsecDD IRP_MJ_FLUSH_BUFFERS [805031BE] ntoskrnl.exe
Device \Driver\KSecDD \Device\KsecDD IRP_MJ_QUERY_VOLUME_INFORMATION [805031BE] ntoskrnl.exe
Device \Driver\KSecDD \Device\KsecDD IRP_MJ_SET_VOLUME_INFORMATION [F8448D62] KSecDD.sys
Device \Driver\KSecDD \Device\KsecDD IRP_MJ_DIRECTORY_CONTROL [805031BE] ntoskrnl.exe
Device \Driver\KSecDD \Device\KsecDD IRP_MJ_FILE_SYSTEM_CONTROL [805031BE] ntoskrnl.exe
Device \Driver\KSecDD \Device\KsecDD IRP_MJ_DEVICE_CONTROL [805031BE] ntoskrnl.exe
Device \Driver\KSecDD \Device\KsecDD IRP_MJ_INTERNAL_DEVICE_CONTROL [F8448D62] KSecDD.sys
Device \Driver\KSecDD \Device\KsecDD IRP_MJ_SHUTDOWN [805031BE] ntoskrnl.exe
Device \Driver\KSecDD \Device\KsecDD IRP_MJ_LOCK_CONTROL [805031BE] ntoskrnl.exe
Device \Driver\KSecDD \Device\KsecDD IRP_MJ_CLEANUP [805031BE] ntoskrnl.exe
Device \Driver\KSecDD \Device\KsecDD IRP_MJ_CREATE_MAILSLOT [805031BE] ntoskrnl.exe
Device \Driver\KSecDD \Device\KsecDD IRP_MJ_QUERY_SECURITY [805031BE] ntoskrnl.exe
Device \Driver\KSecDD \Device\KsecDD IRP_MJ_SET_SECURITY [805031BE] ntoskrnl.exe
Device \Driver\KSecDD \Device\KsecDD IRP_MJ_POWER [805031BE] ntoskrnl.exe
Device \Driver\KSecDD \Device\KsecDD IRP_MJ_SYSTEM_CONTROL [805031BE] ntoskrnl.exe
Device \Driver\KSecDD \Device\KsecDD IRP_MJ_DEVICE_CHANGE [805031BE] ntoskrnl.exe
Device \Driver\KSecDD \Device\KsecDD IRP_MJ_QUERY_QUOTA [805031BE] ntoskrnl.exe
Device \Driver\KSecDD \Device\KsecDD IRP_MJ_SET_QUOTA [805031BE] ntoskrnl.exe
Device \Driver\KSecDD \Device\KsecDD IRP_MJ_PNP [805031BE] ntoskrnl.exe
Device \Driver\KSecDD \Device\KsecDD IRP_MJ_PNP_POWER [805031BE] ntoskrnl.exe
Device \Device\00000019
Device \Device\00000025
Device \Driver\PnpManager \Device\00000032 IRP_MJ_CREATE [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000032 IRP_MJ_CREATE_NAMED_PIPE [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000032 IRP_MJ_CLOSEIRP_MJ_READ [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000032 IRP_MJ_WRITE [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000032 IRP_MJ_QUERY_INFORMATION [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000032 IRP_MJ_SET_INFORMATION [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000032 IRP_MJ_QUERY_EA [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000032 IRP_MJ_SET_EA [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000032 IRP_MJ_FLUSH_BUFFERS [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000032 IRP_MJ_QUERY_VOLUME_INFORMATION [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000032 IRP_MJ_SET_VOLUME_INFORMATION [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000032 IRP_MJ_DIRECTORY_CONTROL [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000032 IRP_MJ_FILE_SYSTEM_CONTROL [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000032 IRP_MJ_DEVICE_CONTROL [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000032 IRP_MJ_INTERNAL_DEVICE_CONTROL [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000032 IRP_MJ_SHUTDOWN [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000032 IRP_MJ_LOCK_CONTROL [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000032 IRP_MJ_CLEANUP [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000032 IRP_MJ_CREATE_MAILSLOT [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000032 IRP_MJ_QUERY_SECURITY [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000032 IRP_MJ_SET_SECURITY [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000032 IRP_MJ_POWER [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000032 IRP_MJ_SYSTEM_CONTROL [80531651] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000032 IRP_MJ_DEVICE_CHANGE [8061DEEF] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000032 IRP_MJ_QUERY_QUOTA [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000032 IRP_MJ_SET_QUOTA [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000032 IRP_MJ_PNP [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000032 IRP_MJ_PNP_POWER [805AD182] ntoskrnl.exe
Device \Driver\Beep \Device\Beep IRP_MJ_CREATE [F8A6746A] Beep.SYS
Device \Driver\Beep \Device\Beep IRP_MJ_CREATE_NAMED_PIPE [805031BE] ntoskrnl.exe
Device \Driver\Beep \Device\Beep IRP_MJ_CLOSEIRP_MJ_READ [F8A674B8] Beep.SYS
Device \Driver\Beep \Device\Beep IRP_MJ_WRITE [805031BE] ntoskrnl.exe
Device \Driver\Beep \Device\Beep IRP_MJ_QUERY_INFORMATION [805031BE] ntoskrnl.exe
Device \Driver\Beep \Device\Beep IRP_MJ_SET_INFORMATION [805031BE] ntoskrnl.exe
Device \Driver\Beep \Device\Beep IRP_MJ_QUERY_EA [805031BE] ntoskrnl.exe
Device \Driver\Beep \Device\Beep IRP_MJ_SET_EA [805031BE] ntoskrnl.exe
Device \Driver\Beep \Device\Beep IRP_MJ_FLUSH_BUFFERS [805031BE] ntoskrnl.exe
Device \Driver\Beep \Device\Beep IRP_MJ_QUERY_VOLUME_INFORMATION [805031BE] ntoskrnl.exe
Device \Driver\Beep \Device\Beep IRP_MJ_SET_VOLUME_INFORMATION [805031BE] ntoskrnl.exe
Device \Driver\Beep \Device\Beep IRP_MJ_DIRECTORY_CONTROL [805031BE] ntoskrnl.exe
Device \Driver\Beep \Device\Beep IRP_MJ_FILE_SYSTEM_CONTROL [805031BE] ntoskrnl.exe
Device \Driver\Beep \Device\Beep IRP_MJ_DEVICE_CONTROL [805031BE] ntoskrnl.exe
Device \Driver\Beep \Device\Beep IRP_MJ_INTERNAL_DEVICE_CONTROL [F8A67400] Beep.SYS
Device \Driver\Beep \Device\Beep IRP_MJ_SHUTDOWN [805031BE] ntoskrnl.exe
Device \Driver\Beep \Device\Beep IRP_MJ_LOCK_CONTROL [805031BE] ntoskrnl.exe
Device \Driver\Beep \Device\Beep IRP_MJ_CLEA
frontrunner
Utente Junior
 
Post: 96
Iscritto il: 26/06/06 17:04

Postdi frontrunner » 30/08/06 16:58

ecco il seguito di rootkit


Device \Driver\ACPI \Device\0000003f IRP_MJ_CREATE_NAMED_PIPE [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\0000003f IRP_MJ_CLOSEIRP_MJ_READ [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\0000003f IRP_MJ_WRITE [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\0000003f IRP_MJ_QUERY_INFORMATION [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\0000003f IRP_MJ_SET_INFORMATION [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\0000003f IRP_MJ_QUERY_EA [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\0000003f IRP_MJ_SET_EA [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\0000003f IRP_MJ_FLUSH_BUFFERS [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\0000003f IRP_MJ_QUERY_VOLUME_INFORMATION [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\0000003f IRP_MJ_SET_VOLUME_INFORMATION [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\0000003f IRP_MJ_DIRECTORY_CONTROL [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\0000003f IRP_MJ_FILE_SYSTEM_CONTROL [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\0000003f IRP_MJ_DEVICE_CONTROL [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\0000003f IRP_MJ_INTERNAL_DEVICE_CONTROL [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\0000003f IRP_MJ_SHUTDOWN [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\0000003f IRP_MJ_LOCK_CONTROL [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\0000003f IRP_MJ_CLEANUP [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\0000003f IRP_MJ_CREATE_MAILSLOT [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\0000003f IRP_MJ_QUERY_SECURITY [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\0000003f IRP_MJ_SET_SECURITY [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\0000003f IRP_MJ_POWER [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\0000003f IRP_MJ_SYSTEM_CONTROL [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\0000003f IRP_MJ_DEVICE_CHANGE [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\0000003f IRP_MJ_QUERY_QUOTA [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\0000003f IRP_MJ_SET_QUOTA [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\0000003f IRP_MJ_PNP [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\0000003f IRP_MJ_PNP_POWER [F84ECCB8] ACPI.sys
Device \Driver\Pcouffin \Device\Patin couffin device0 IRP_MJ_CREATE [F85E55E0] Pcouffin.sys
Device \Driver\Pcouffin \Device\Patin couffin device0 IRP_MJ_CREATE_NAMED_PIPE [805031BE] ntoskrnl.exe
Device \Driver\Pcouffin \Device\Patin couffin device0 IRP_MJ_CLOSEIRP_MJ_READ [F85E55E0] Pcouffin.sys
Device \Driver\Pcouffin \Device\Patin couffin device0 IRP_MJ_WRITE [F85E55E0] Pcouffin.sys
Device \Driver\Pcouffin \Device\Patin couffin device0 IRP_MJ_QUERY_INFORMATION [F85E55E0] Pcouffin.sys
Device \Driver\Pcouffin \Device\Patin couffin device0 IRP_MJ_SET_INFORMATION [805031BE] ntoskrnl.exe
Device \Driver\Pcouffin \Device\Patin couffin device0 IRP_MJ_QUERY_EA [805031BE] ntoskrnl.exe
Device \Driver\Pcouffin \Device\Patin couffin device0 IRP_MJ_SET_EA [805031BE] ntoskrnl.exe
Device \Driver\Pcouffin \Device\Patin couffin device0 IRP_MJ_FLUSH_BUFFERS [805031BE] ntoskrnl.exe
Device \Driver\Pcouffin \Device\Patin couffin device0 IRP_MJ_QUERY_VOLUME_INFORMATION [805031BE] ntoskrnl.exe
Device \Driver\Pcouffin \Device\Patin couffin device0 IRP_MJ_SET_VOLUME_INFORMATION [805031BE] ntoskrnl.exe
Device \Driver\Pcouffin \Device\Patin couffin device0 IRP_MJ_DIRECTORY_CONTROL [805031BE] ntoskrnl.exe
Device \Driver\Pcouffin \Device\Patin couffin device0 IRP_MJ_FILE_SYSTEM_CONTROL [805031BE] ntoskrnl.exe
Device \Driver\Pcouffin \Device\Patin couffin device0 IRP_MJ_DEVICE_CONTROL [805031BE] ntoskrnl.exe
Device \Driver\Pcouffin \Device\Patin couffin device0 IRP_MJ_INTERNAL_DEVICE_CONTROL [F85E55E0] Pcouffin.sys
Device \Driver\Pcouffin \Device\Patin couffin device0 IRP_MJ_SHUTDOWN [F85E55E0] Pcouffin.sys
Device \Driver\Pcouffin \Device\Patin couffin device0 IRP_MJ_LOCK_CONTROL [805031BE] ntoskrnl.exe
Device \Driver\Pcouffin \Device\Patin couffin device0 IRP_MJ_CLEANUP [805031BE] ntoskrnl.exe
Device \Driver\Pcouffin \Device\Patin couffin device0 IRP_MJ_CREATE_MAILSLOT [F85E55E0] Pcouffin.sys
Device \Driver\Pcouffin \Device\Patin couffin device0 IRP_MJ_QUERY_SECURITY [805031BE] ntoskrnl.exe
Device \Driver\Pcouffin \Device\Patin couffin device0 IRP_MJ_SET_SECURITY [805031BE] ntoskrnl.exe
Device \Driver\Pcouffin \Device\Patin couffin device0 IRP_MJ_POWER [805031BE] ntoskrnl.exe
Device \Driver\Pcouffin \Device\Patin couffin device0 IRP_MJ_SYSTEM_CONTROL [F85E55E0] Pcouffin.sys
Device \Driver\Pcouffin \Device\Patin couffin device0 IRP_MJ_DEVICE_CHANGE [F85E55E0] Pcouffin.sys
Device \Driver\Pcouffin \Device\Patin couffin device0 IRP_MJ_QUERY_QUOTA [805031BE] ntoskrnl.exe
Device \Driver\Pcouffin \Device\Patin couffin device0 IRP_MJ_SET_QUOTA [805031BE] ntoskrnl.exe
Device \Driver\Pcouffin \Device\Patin couffin device0 IRP_MJ_PNP [805031BE] ntoskrnl.exe
Device \Driver\Pcouffin \Device\Patin couffin device0 IRP_MJ_PNP_POWER [F85E55E0] Pcouffin.sys
Device \Driver\Arp1394 \Device\ARP1394 IRP_MJ_CREATE [F86960B0] arp1394.sys
Device \Driver\Arp1394 \Device\ARP1394 IRP_MJ_CREATE_NAMED_PIPE [F86960B0] arp1394.sys
Device \Driver\Arp1394 \Device\ARP1394 IRP_MJ_CLOSEIRP_MJ_READ [F86960B0] arp1394.sys
Device \Driver\Arp1394 \Device\ARP1394 IRP_MJ_WRITE [F86960B0] arp1394.sys
Device \Driver\Arp1394 \Device\ARP1394 IRP_MJ_QUERY_INFORMATION [F86960B0] arp1394.sys
Device \Driver\Arp1394 \Device\ARP1394 IRP_MJ_SET_INFORMATION [F86960B0] arp1394.sys
Device \Driver\Arp1394 \Device\ARP1394 IRP_MJ_QUERY_EA [F86960B0] arp1394.sys
Device \Driver\Arp1394 \Device\ARP1394 IRP_MJ_SET_EA [F86960B0] arp1394.sys
Device \Driver\Arp1394 \Device\ARP1394 IRP_MJ_FLUSH_BUFFERS [F86960B0] arp1394.sys
Device \Driver\Arp1394 \Device\ARP1394 IRP_MJ_QUERY_VOLUME_INFORMATION [F86960B0] arp1394.sys
Device \Driver\Arp1394 \Device\ARP1394 IRP_MJ_SET_VOLUME_INFORMATION [F86960B0] arp1394.sys
Device \Driver\Arp1394 \Device\ARP1394 IRP_MJ_DIRECTORY_CONTROL [F86960B0] arp1394.sys
Device \Driver\Arp1394 \Device\ARP1394 IRP_MJ_FILE_SYSTEM_CONTROL [F86960B0] arp1394.sys
Device \Driver\Arp1394 \Device\ARP1394 IRP_MJ_DEVICE_CONTROL [F86960B0] arp1394.sys
Device \Driver\Arp1394 \Device\ARP1394 IRP_MJ_INTERNAL_DEVICE_CONTROL [F86960B0] arp1394.sys
Device \Driver\Arp1394 \Device\ARP1394 IRP_MJ_SHUTDOWN [F86960B0] arp1394.sys
Device \Driver\Arp1394 \Device\ARP1394 IRP_MJ_LOCK_CONTROL [F86960B0] arp1394.sys
Device \Driver\Arp1394 \Device\ARP1394 IRP_MJ_CLEANUP [F86960B0] arp1394.sys
Device \Driver\Arp1394 \Device\ARP1394 IRP_MJ_CREATE_MAILSLOT [F86960B0] arp1394.sys
Device \Driver\Arp1394 \Device\ARP1394 IRP_MJ_QUERY_SECURITY [F86960B0] arp1394.sys
Device \Driver\Arp1394 \Device\ARP1394 IRP_MJ_SET_SECURITY [F86960B0] arp1394.sys
Device \Driver\Arp1394 \Device\ARP1394 IRP_MJ_POWER [F86960B0] arp1394.sys
Device \Driver\Arp1394 \Device\ARP1394 IRP_MJ_SYSTEM_CONTROL [F86960B0] arp1394.sys
Device \Driver\Arp1394 \Device\ARP1394 IRP_MJ_DEVICE_CHANGE [F86A0296] arp1394.sys
Device \Driver\Arp1394 \Device\ARP1394 IRP_MJ_QUERY_QUOTA [F86960B0] arp1394.sys
Device \Driver\Arp1394 \Device\ARP1394 IRP_MJ_SET_QUOTA [F86960B0] arp1394.sys
Device \Driver\Arp1394 \Device\ARP1394 IRP_MJ_PNP [F86960B0] arp1394.sys
Device \Driver\Arp1394 \Device\ARP1394 IRP_MJ_PNP_POWER [805031BE] ntoskrnl.exe
Device \Driver\NetBT \Device\NetbiosSmb IRP_MJ_CREATE [EFE28A85] netbt.sys
Device \Driver\NetBT \Device\NetbiosSmb IRP_MJ_CREATE_NAMED_PIPE [805031BE] ntoskrnl.exe
Device \Driver\NetBT \Device\NetbiosSmb IRP_MJ_CLOSEIRP_MJ_READ [EFE28B32] netbt.sys
Device \Driver\NetBT \Device\NetbiosSmb IRP_MJ_WRITE [805031BE] ntoskrnl.exe
Device \Driver\NetBT \Device\NetbiosSmb IRP_MJ_QUERY_INFORMATION [805031BE] ntoskrnl.exe
Device \Driver\NetBT \Device\NetbiosSmb IRP_MJ_SET_INFORMATION [805031BE] ntoskrnl.exe
Device \Driver\NetBT \Device\NetbiosSmb IRP_MJ_QUERY_EA [805031BE] ntoskrnl.exe
Device \Driver\NetBT \Device\NetbiosSmb IRP_MJ_SET_EA [805031BE] ntoskrnl.exe
Device \Driver\NetBT \Device\NetbiosSmb IRP_MJ_FLUSH_BUFFERS [805031BE] ntoskrnl.exe
Device \Driver\NetBT \Device\NetbiosSmb IRP_MJ_QUERY_VOLUME_INFORMATION [805031BE] ntoskrnl.exe
Device \Driver\NetBT \Device\NetbiosSmb IRP_MJ_SET_VOLUME_INFORMATION [805031BE] ntoskrnl.exe
Device \Driver\NetBT \Device\NetbiosSmb IRP_MJ_DIRECTORY_CONTROL [805031BE] ntoskrnl.exe
Device \Driver\NetBT \Device\NetbiosSmb IRP_MJ_FILE_SYSTEM_CONTROL [805031BE] ntoskrnl.exe
Device \Driver\NetBT \Device\NetbiosSmb IRP_MJ_DEVICE_CONTROL [805031BE] ntoskrnl.exe
Device \Driver\NetBT \Device\NetbiosSmb IRP_MJ_INTERNAL_DEVICE_CONTROL [EFE28D56] netbt.sys
Device \Driver\NetBT \Device\NetbiosSmb IRP_MJ_SHUTDOWN [EFE0D9EF] netbt.sys
Device \Driver\NetBT \Device\NetbiosSmb IRP_MJ_LOCK_CONTROL [805031BE] ntoskrnl.exe
Device \Driver\NetBT \Device\NetbiosSmb IRP_MJ_CLEANUP [805031BE] ntoskrnl.exe
Device \Driver\NetBT \Device\NetbiosSmb IRP_MJ_CREATE_MAILSLOT [EFE28B96] netbt.sys
Device \Driver\NetBT \Device\NetbiosSmb IRP_MJ_QUERY_SECURITY [805031BE] ntoskrnl.exe
Device \Driver\NetBT \Device\NetbiosSmb IRP_MJ_SET_SECURITY [805031BE] ntoskrnl.exe
Device \Driver\NetBT \Device\NetbiosSmb IRP_MJ_POWER [805031BE] ntoskrnl.exe
Device \Driver\NetBT \Device\NetbiosSmb IRP_MJ_SYSTEM_CONTROL [805031BE] ntoskrnl.exe
Device \Driver\NetBT \Device\NetbiosSmb IRP_MJ_DEVICE_CHANGE [805031BE] ntoskrnl.exe
Device \Driver\NetBT \Device\NetbiosSmb IRP_MJ_QUERY_QUOTA [805031BE] ntoskrnl.exe
Device \Driver\NetBT \Device\NetbiosSmb IRP_MJ_SET_QUOTA [805031BE] ntoskrnl.exe
Device \Driver\NetBT \Device\NetbiosSmb IRP_MJ_PNP [805031BE] ntoskrnl.exe
Device \Driver\NetBT \Device\NetbiosSmb IRP_MJ_PNP_POWER [EFE25DD3] netbt.sys
Device \Driver\NetBT \Device\NetBT_Tcpip_{447B0C41-5E4D-4C70-ACCB-9AD0182CB406} IRP_MJ_CREATE [EFE28A85] netbt.sys
Device \Driver\NetBT \Device\NetBT_Tcpip_{447B0C41-5E4D-4C70-ACCB-9AD0182CB406} IRP_MJ_CREATE_NAMED_PIPE [805031BE] ntoskrnl.exe
Device \Driver\NetBT \Device\NetBT_Tcpip_{447B0C41-5E4D-4C70-ACCB-9AD0182CB406} IRP_MJ_CLOSEIRP_MJ_READ [EFE28B32] netbt.sys
Device \Driver\NetBT \Device\NetBT_Tcpip_{447B0C41-5E4D-4C70-ACCB-9AD0182CB406} IRP_MJ_WRITE [805031BE] ntoskrnl.exe
Device \Driver\NetBT \Device\NetBT_Tcpip_{447B0C41-5E4D-4C70-ACCB-9AD0182CB406} IRP_MJ_QUERY_INFORMATION [805031BE] ntoskrnl.exe
Device \Driver\NetBT \Device\NetBT_Tcpip_{447B0C41-5E4D-4C70-ACCB-9AD0182CB406} IRP_MJ_SET_INFORMATION [805031BE] ntoskrnl.exe
Device \Driver\NetBT \Device\NetBT_Tcpip_{447B0C41-5E4D-4C70-ACCB-9AD0182CB406} IRP_MJ_QUERY_EA [805031BE] ntoskrnl.exe
Device \Driver\NetBT \Device\NetBT_Tcpip_{447B0C41-5E4D-4C70-ACCB-9AD0182CB406} IRP_MJ_SET_EA [805031BE] ntoskrnl.exe
Device \Driver\NetBT \Device\NetBT_Tcpip_{447B0C41-5E4D-4C70-ACCB-9AD0182CB406} IRP_MJ_FLUSH_BUFFERS [805031BE] ntoskrnl.exe
Device \Driver\NetBT \Device\NetBT_Tcpip_{447B0C41-5E4D-4C70-ACCB-9AD0182CB406} IRP_MJ_QUERY_VOLUME_INFORMATION [805031BE] ntoskrnl.exe
Device \Driver\NetBT \Device\NetBT_Tcpip_{447B0C41-5E4D-4C70-ACCB-9AD0182CB406} IRP_MJ_SET_VOLUME_INFORMATION [805031BE] ntoskrnl.exe
Device \Driver\NetBT \Device\NetBT_Tcpip_{447B0C41-5E4D-4C70-ACCB-9AD0182CB406} IRP_MJ_DIRECTORY_CONTROL [805031BE] ntoskrnl.exe
Device \Driver\NetBT \Device\NetBT_Tcpip_{447B0C41-5E4D-4C70-ACCB-9AD0182CB406} IRP_MJ_FILE_SYSTEM_CONTROL [805031BE] ntoskrnl.exe
Device \Driver\NetBT \Device\NetBT_Tcpip_{447B0C41-5E4D-4C70-ACCB-9AD0182CB406} IRP_MJ_DEVICE_CONTROL [805031BE] ntoskrnl.exe
Device \Driver\NetBT \Device\NetBT_Tcpip_{447B0C41-5E4D-4C70-ACCB-9AD0182CB406} IRP_MJ_INTERNAL_DEVICE_CONTROL [EFE28D56] netbt.sys
Device \Driver\NetBT \Device\NetBT_Tcpip_{447B0C41-5E4D-4C70-ACCB-9AD0182CB406} IRP_MJ_SHUTDOWN [EFE0D9EF] netbt.sys
Device \Driver\NetBT \Device\NetBT_Tcpip_{447B0C41-5E4D-4C70-ACCB-9AD0182CB406} IRP_MJ_LOCK_CONTROL [805031BE] ntoskrnl.exe
Device \Driver\NetBT \Device\NetBT_Tcpip_{447B0C41-5E4D-4C70-ACCB-9AD0182CB406} IRP_MJ_CLEANUP [805031BE] ntoskrnl.exe
Device \Driver\NetBT \Device\NetBT_Tcpip_{447B0C41-5E4D-4C70-ACCB-9AD0182CB406} IRP_MJ_CREATE_MAILSLOT [EFE28B96] netbt.sys
Device \Driver\NetBT \Device\NetBT_Tcpip_{447B0C41-5E4D-4C70-ACCB-9AD0182CB406} IRP_MJ_QUERY_SECURITY [805031BE] ntoskrnl.exe
Device \Driver\NetBT \Device\NetBT_Tcpip_{447B0C41-5E4D-4C70-ACCB-9AD0182CB406} IRP_MJ_SET_SECURITY [805031BE] ntoskrnl.exe
Device \Driver\NetBT \Device\NetBT_Tcpip_{447B0C41-5E4D-4C70-ACCB-9AD0182CB406} IRP_MJ_POWER [805031BE] ntoskrnl.exe
Device \Driver\NetBT \Device\NetBT_Tcpip_{447B0C41-5E4D-4C70-ACCB-9AD0182CB406} IRP_MJ_SYSTEM_CONTROL [805031BE] ntoskrnl.exe
Device \Driver\NetBT \Device\NetBT_Tcpip_{447B0C41-5E4D-4C70-ACCB-9AD0182CB406} IRP_MJ_DEVICE_CHANGE [805031BE] ntoskrnl.exe
Device \Driver\NetBT \Device\NetBT_Tcpip_{447B0C41-5E4D-4C70-ACCB-9AD0182CB406} IRP_MJ_QUERY_QUOTA [805031BE] ntoskrnl.exe
Device \Driver\NetBT \Device\NetBT_Tcpip_{447B0C41-5E4D-4C70-ACCB-9AD0182CB406} IRP_MJ_SET_QUOTA [805031BE] ntoskrnl.exe
Device \Driver\NetBT \Device\NetBT_Tcpip_{447B0C41-5E4D-4C70-ACCB-9AD0182CB406} IRP_MJ_PNP [805031BE] ntoskrnl.exe
Device \Driver\NetBT \Device\NetBT_Tcpip_{447B0C41-5E4D-4C70-ACCB-9AD0182CB406} IRP_MJ_PNP_POWER [EFE25DD3] netbt.sys
Device \Driver\ACPI \Device\0000004d IRP_MJ_CREATE [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\0000004d IRP_MJ_CREATE_NAMED_PIPE [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\0000004d IRP_MJ_CLOSEIRP_MJ_READ [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\0000004d IRP_MJ_WRITE [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\0000004d IRP_MJ_QUERY_INFORMATION [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\0000004d IRP_MJ_SET_INFORMATION [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\0000004d IRP_MJ_QUERY_EA [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\0000004d IRP_MJ_SET_EA [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\0000004d IRP_MJ_FLUSH_BUFFERS [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\0000004d IRP_MJ_QUERY_VOLUME_INFORMATION [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\0000004d IRP_MJ_SET_VOLUME_INFORMATION [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\0000004d IRP_MJ_DIRECTORY_CONTROL [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\0000004d IRP_MJ_FILE_SYSTEM_CONTROL [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\0000004d IRP_MJ_DEVICE_CONTROL [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\0000004d IRP_MJ_INTERNAL_DEVICE_CONTROL [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\0000004d IRP_MJ_SHUTDOWN [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\0000004d IRP_MJ_LOCK_CONTROL [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\0000004d IRP_MJ_CLEANUP [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\0000004d IRP_MJ_CREATE_MAILSLOT [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\0000004d IRP_MJ_QUERY_SECURITY [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\0000004d IRP_MJ_SET_SECURITY [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\0000004d IRP_MJ_POWER [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\0000004d IRP_MJ_SYSTEM_CONTROL [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\0000004d IRP_MJ_DEVICE_CHANGE [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\0000004d IRP_MJ_QUERY_QUOTA [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\0000004d IRP_MJ_SET_QUOTA [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\0000004d IRP_MJ_PNP [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\0000004d IRP_MJ_PNP_POWER [F84ECCB8] ACPI.sys
Device \Driver\isapnp \Device\0000005a IRP_MJ_CREATE [F8537B90] isapnp.sys
Device \Driver\isapnp \Device\0000005a IRP_MJ_CREATE_NAMED_PIPE [805031BE] ntoskrnl.exe
Device \Driver\isapnp \Device\0000005a IRP_MJ_CLOSEIRP_MJ_READ [F8537B90] isapnp.sys
Device \Driver\isapnp \Device\0000005a IRP_MJ_WRITE [805031BE] ntoskrnl.exe
Device \Driver\isapnp \Device\0000005a IRP_MJ_QUERY_INFORMATION [805031BE] ntoskrnl.exe
Device \Driver\isapnp \Device\0000005a IRP_MJ_SET_INFORMATION [805031BE] ntoskrnl.exe
Device \Driver\isapnp \Device\0000005a IRP_MJ_QUERY_EA [805031BE] ntoskrnl.exe
Device \Driver\isapnp \Device\0000005a IRP_MJ_SET_EA [805031BE] ntoskrnl.exe
Device \Driver\isapnp \Device\0000005a IRP_MJ_FLUSH_BUFFERS [805031BE] ntoskrnl.exe
Device \Driver\isapnp \Device\0000005a IRP_MJ_QUERY_VOLUME_INFORMATION [805031BE] ntoskrnl.exe
Device \Driver\isapnp \Device\0000005a IRP_MJ_SET_VOLUME_INFORMATION [805031BE] ntoskrnl.exe
Device \Driver\isapnp \Device\0000005a IRP_MJ_DIRECTORY_CONTROL [805031BE] ntoskrnl.exe
Device \Driver\isapnp \Device\0000005a IRP_MJ_FILE_SYSTEM_CONTROL [805031BE] ntoskrnl.exe
Device \Driver\isapnp \Device\0000005a IRP_MJ_DEVICE_CONTROL [805031BE] ntoskrnl.exe
Device \Driver\isapnp \Device\0000005a IRP_MJ_INTERNAL_DEVICE_CONTROL [F8537B56] isapnp.sys
Device \Driver\isapnp \Device\0000005a IRP_MJ_SHUTDOWN [805031BE] ntoskrnl.exe
Device \Driver\isapnp \Device\0000005a IRP_MJ_LOCK_CONTROL [805031BE] ntoskrnl.exe
Device \Driver\isapnp \Device\0000005a IRP_MJ_CLEANUP [805031BE] ntoskrnl.exe
Device \Driver\isapnp \Device\0000005a IRP_MJ_CREATE_MAILSLOT [805031BE] ntoskrnl.exe
Device \Driver\isapnp \Device\0000005a IRP_MJ_QUERY_SECURITY [805031BE] ntoskrnl.exe
Device \Driver\isapnp \Device\0000005a IRP_MJ_SET_SECURITY [805031BE] ntoskrnl.exe
Device \Driver\isapnp \Device\0000005a IRP_MJ_POWER [805031BE] ntoskrnl.exe
Device \Driver\isapnp \Device\0000005a IRP_MJ_SYSTEM_CONTROL [F853740E] isapnp.sys
Device \Driver\isapnp \Device\0000005a IRP_MJ_DEVICE_CHANGE [F8537B56] isapnp.sys
Device \Driver\isapnp \Device\0000005a IRP_MJ_QUERY_QUOTA [805031BE] ntoskrnl.exe
Device \Driver\isapnp \Device\0000005a IRP_MJ_SET_QUOTA [805031BE] ntoskrnl.exe
Device \Driver\isapnp \Device\0000005a IRP_MJ_PNP [805031BE] ntoskrnl.exe
Device \Driver\isapnp \Device\0000005a IRP_MJ_PNP_POWER [F8537BA2] isapnp.sys
Device \Driver\ewido anti-spyware 4.0 driver \Device\ewido_guard4 IRP_MJ_CREATE [F8C445D4] guard.sys
Device \Driver\ewido anti-spyware 4.0 driver \Device\ewido_guard4 IRP_MJ_CREATE_NAMED_PIPE [805031BE] ntoskrnl.exe
Device \Driver\ewido anti-spyware 4.0 driver \Device\ewido_guard4 IRP_MJ_CLOSEIRP_MJ_READ [F8C445D4] guard.sys
Device \Driver\ewido anti-spyware 4.0 driver \Device\ewido_guard4 IRP_MJ_WRITE [805031BE] ntoskrnl.exe
Device \Driver\ewido anti-spyware 4.0 driver \Device\ewido_guard4 IRP_MJ_QUERY_INFORMATION [805031BE] ntoskrnl.exe
Device \Driver\ewido anti-spyware 4.0 driver \Device\ewido_guard4 IRP_MJ_SET_INFORMATION [805031BE] ntoskrnl.exe
Device \Driver\ewido anti-spyware 4.0 driver \Device\ewido_guard4 IRP_MJ_QUERY_EA [805031BE] ntoskrnl.exe
Device \Driver\ewido anti-spyware 4.0 driver \Device\ewido_guard4 IRP_MJ_SET_EA [805031BE] ntoskrnl.exe
Device \Driver\ewido anti-spyware 4.0 driver \Device\ewido_guard4 IRP_MJ_FLUSH_BUFFERS [805031BE] ntoskrnl.exe
Device \Driver\ewido anti-spyware 4.0 driver \Device\ewido_guard4 IRP_MJ_QUERY_VOLUME_INFORMATION [805031BE] ntoskrnl.exe
Device \Driver\ewido anti-spyware 4.0 driver \Device\ewido_guard4 IRP_MJ_SET_VOLUME_INFORMATION [805031BE] ntoskrnl.exe
Device \Driver\ewido anti-spyware 4.0 driver \Device\ewido_guard4 IRP_MJ_DIRECTORY_CONTROL [805031BE] ntoskrnl.exe
Device \Driver\ewido anti-spyware 4.0 driver \Device\ewido_guard4 IRP_MJ_FILE_SYSTEM_CONTROL [805031BE] ntoskrnl.exe
Device \Driver\ewido anti-spyware 4.0 driver \Device\ewido_guard4 IRP_MJ_DEVICE_CONTROL [805031BE] ntoskrnl.exe
Device \Driver\ewido anti-spyware 4.0 driver \Device\ewido_guard4 IRP_MJ_INTERNAL_DEVICE_CONTROL [F8C445F8] guard.sys
Device \Driver\ewido anti-spyware 4.0 driver \Device\ewido_guard4 IRP_MJ_SHUTDOWN [805031BE] ntoskrnl.exe
Device \Driver\ewido anti-spyware 4.0 driver \Device\ewido_guard4 IRP_MJ_LOCK_CONTROL [805031BE] ntoskrnl.exe
Device \Driver\ewido anti-spyware 4.0 driver \Device\ewido_guard4 IRP_MJ_CLEANUP [805031BE] ntoskrnl.exe
Device \Driver\ewido anti-spyware 4.0 driver \Device\ewido_guard4 IRP_MJ_CREATE_MAILSLOT [805031BE] ntoskrnl.exe
Device \Driver\ewido anti-spyware 4.0 driver \Device\ewido_guard4 IRP_MJ_QUERY_SECURITY [805031BE] ntoskrnl.exe
Device \Driver\ewido anti-spyware 4.0 driver \Device\ewido_guard4 IRP_MJ_SET_SECURITY [805031BE] ntoskrnl.exe
Device \Driver\ewido anti-spyware 4.0 driver \Device\ewido_guard4 IRP_MJ_POWER [805031BE] ntoskrnl.exe
Device \Driver\ewido anti-spyware 4.0 driver \Device\ewido_guard4 IRP_MJ_SYSTEM_CONTROL [805031BE] ntoskrnl.exe
Device \Driver\ewido anti-spyware 4.0 driver \Device\ewido_guard4 IRP_MJ_DEVICE_CHANGE [805031BE] ntoskrnl.exe
Device \Driver\ewido anti-spyware 4.0 driver \Device\ewido_guard4 IRP_MJ_QUERY_QUOTA [805031BE] ntoskrnl.exe
Device \Driver\ewido anti-spyware 4.0 driver \Device\ewido_guard4 IRP_MJ_SET_QUOTA [805031BE] ntoskrnl.exe
Device \Driver\ewido anti-spyware 4.0 driver \Device\ewido_guard4 IRP_MJ_PNP [805031BE] ntoskrnl.exe
Device \Driver\ewido anti-spyware 4.0 driver \Device\ewido_guard4 IRP_MJ_PNP_POWER [805031BE] ntoskrnl.exe
Device \Driver\MountMgr \Device\MountPointManager IRP_MJ_CREATE [F8568BBC] MountMgr.sys
Device \Driver\MountMgr \Device\MountPointManager IRP_MJ_CREATE_NAMED_PIPE [805031BE] ntoskrnl.exe
Device \Driver\MountMgr \Device\MountPointManager IRP_MJ_CLOSEIRP_MJ_READ [F8568BBC] MountMgr.sys
Device \Driver\MountMgr \Device\MountPointManager IRP_MJ_WRITE [805031BE] ntoskrnl.exe
Device \Driver\MountMgr \Device\MountPointManager IRP_MJ_QUERY_INFORMATION [805031BE] ntoskrnl.exe
Device \Driver\MountMgr \Device\MountPointManager IRP_MJ_SET_INFORMATION [805031BE] ntoskrnl.exe
Device \Driver\MountMgr \Device\MountPointManager IRP_MJ_QUERY_EA [805031BE] ntoskrnl.exe
Device \Driver\MountMgr \Device\MountPointManager IRP_MJ_SET_EA [805031BE] ntoskrnl.exe
Device \Driver\MountMgr \Device\MountPointManager IRP_MJ_FLUSH_BUFFERS [805031BE] ntoskrnl.exe
Device \Driver\MountMgr \Device\MountPointManager IRP_MJ_QUERY_VOLUME_INFORMATION [805031BE] ntoskrnl.exe
Device \Driver\MountMgr \Device\MountPointManager IRP_MJ_SET_VOLUME_INFORMATION [805031BE] ntoskrnl.exe
Device \Driver\MountMgr \Device\MountPointManager IRP_MJ_DIRECTORY_CONTROL [805031BE] ntoskrnl.exe
Device \Driver\MountMgr \Device\MountPointManager IRP_MJ_FILE_SYSTEM_CONTROL [805031BE] ntoskrnl.exe
Device \Driver\MountMgr \Device\MountPointManager IRP_MJ_DEVICE_CONTROL [805031BE] ntoskrnl.exe
Device \Driver\MountMgr \Device\MountPointManager IRP_MJ_INTERNAL_DEVICE_CONTROL [F856DD30] MountMgr.sys
Device \Driver\MountMgr \Device\MountPointManager IRP_MJ_SHUTDOWN [805031BE] ntoskrnl.exe
Device \Driver\MountMgr \Device\MountPointManager IRP_MJ_LOCK_CONTROL [F856573A] MountMgr.sys
Device \Driver\MountMgr \Device\MountPointManager IRP_MJ_CLEANUP [805031BE] ntoskrnl.exe
Device \Driver\MountMgr \Device\MountPointManager IRP_MJ_CREATE_MAILSLOT [F85656A2] MountMgr.sys
Device \Driver\MountMgr \Device\MountPointManager IRP_MJ_QUERY_SECURITY [805031BE] ntoskrnl.exe
Device \Driver\MountMgr \Device\MountPointManager IRP_MJ_SET_SECURITY [805031BE] ntoskrnl.exe
Device \Driver\MountMgr \Device\MountPointManager IRP_MJ_POWER [805031BE] ntoskrnl.exe
Device \Driver\MountMgr \Device\MountPointManager IRP_MJ_SYSTEM_CONTROL [805031BE] ntoskrnl.exe
Device \Driver\MountMgr \Device\MountPointManager IRP_MJ_DEVICE_CHANGE [805031BE] ntoskrnl.exe
Device \Driver\MountMgr \Device\MountPointManager IRP_MJ_QUERY_QUOTA [805031BE] ntoskrnl.exe
Device \Driver\MountMgr \Device\MountPointManager IRP_MJ_SET_QUOTA [805031BE] ntoskrnl.exe
Device \Driver\MountMgr \Device\MountPointManager IRP_MJ_PNP [805031BE] ntoskrnl.exe
Device \Driver\MountMgr \Device\MountPointManager IRP_MJ_PNP_POWER [805031BE] ntoskrnl.exe
Device \Driver\ohci1394 \Device\0000005b IRP_MJ_CREATE [F855595E] 1394BUS.SYS
Device \Driver\ohci1394 \Device\0000005b IRP_MJ_CREATE_NAMED_PIPE [805031BE] ntoskrnl.exe
Device \Driver\ohci1394 \Device\0000005b IRP_MJ_CLOSEIRP_MJ_READ [F855595E] 1394BUS.SYS
Device \Driver\ohci1394 \Device\0000005b IRP_MJ_WRITE [805031BE] ntoskrnl.exe
Device \Driver\ohci1394 \Device\0000005b IRP_MJ_QUERY_INFORMATION [805031BE] ntoskrnl.exe
Device \Driver\ohci1394 \Device\0000005b IRP_MJ_SET_INFORMATION [805031BE] ntoskrnl.exe
Device \Driver\ohci1394 \Device\0000005b IRP_MJ_QUERY_EA [805031BE] ntoskrnl.exe
Device \Driver\ohci1394 \Device\0000005b IRP_MJ_SET_EA [805031BE] ntoskrnl.exe
Device \Driver\ohci1394 \Device\0000005b IRP_MJ_FLUSH_BUFFERS [805031BE] ntoskrnl.exe
Device \Driver\ohci1394 \Device\0000005b IRP_MJ_QUERY_VOLUME_INFORMATION [805031BE] ntoskrnl.exe
Device \Driver\ohci1394 \Device\0000005b IRP_MJ_SET_VOLUME_INFORMATION [805031BE] ntoskrnl.exe
Device \Driver\ohci1394 \Device\0000005b IRP_MJ_DIRECTORY_CONTROL [805031BE] ntoskrnl.exe
Device \Driver\ohci1394 \Device\0000005b IRP_MJ_FILE_SYSTEM_CONTROL [805031BE] ntoskrnl.exe
Device \Driver\ohci1394 \Device\0000005b IRP_MJ_DEVICE_CONTROL [805031BE] ntoskrnl.exe
Device \Driver\ohci1394 \Device\0000005b IRP_MJ_INTERNAL_DEVICE_CONTROL [F8548042] ohci1394.sys
Device \Driver\ohci1394 \Device\0000005b IRP_MJ_SHUTDOWN [F8556DDE] 1394BUS.SYS
Device \Driver\ohci1394 \Device\0000005b IRP_MJ_LOCK_CONTROL [805031BE] ntoskrnl.exe
Device \Driver\ohci1394 \Device\0000005b IRP_MJ_CLEANUP [805031BE] ntoskrnl.exe
Device \Driver\ohci1394 \Device\0000005b IRP_MJ_CREATE_MAILSLOT [805031BE] ntoskrnl.exe
Device \Driver\ohci1394 \Device\0000005b IRP_MJ_QUERY_SECURITY [805031BE] ntoskrnl.exe
Device \Driver\ohci1394 \Device\0000005b IRP_MJ_SET_SECURITY [805031BE] ntoskrnl.exe
Device \Driver\ohci1394 \Device\0000005b IRP_MJ_POWER [805031BE] ntoskrnl.exe
Device \Driver\ohci1394 \Device\0000005b IRP_MJ_SYSTEM_CONTROL [F8559134] 1394BUS.SYS
Device \Driver\ohci1394 \Device\0000005b IRP_MJ_DEVICE_CHANGE [F855D396] 1394BUS.SYS
Device \Driver\ohci1394 \Device\0000005b IRP_MJ_QUERY_QUOTA [805031BE] ntoskrnl.exe
Device \Driver\ohci1394 \Device\0000005b IRP_MJ_SET_QUOTA [805031BE] ntoskrnl.exe
Device \Driver\ohci1394 \Device\0000005b IRP_MJ_PNP [805031BE] ntoskrnl.exe
Device \Driver\ohci1394 \Device\0000005b IRP_MJ_PNP_POWER [F855ED5C] 1394BUS.SYS
Device \Driver\ACPI \Device\0000004e IRP_MJ_CREATE [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\0000004e IRP_MJ_CREATE_NAMED_PIPE [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\0000004e IRP_MJ_CLOSEIRP_MJ_READ [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\0000004e IRP_MJ_WRITE [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\0000004e IRP_MJ_QUERY_INFORMATION [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\0000004e IRP_MJ_SET_INFORMATION [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\0000004e IRP_MJ_QUERY_EA [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\0000004e IRP_MJ_SET_EA [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\0000004e IRP_MJ_FLUSH_BUFFERS [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\0000004e IRP_MJ_QUERY_VOLUME_INFORMATION [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\0000004e IRP_MJ_SET_VOLUME_INFORMATION [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\0000004e IRP_MJ_DIRECTORY_CONTROL [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\0000004e IRP_MJ_FILE_SYSTEM_CONTROL [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\0000004e IRP_MJ_DEVICE_CONTROL [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\0000004e IRP_MJ_INTERNAL_DEVICE_CONTROL [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\0000004e IRP_MJ_SHUTDOWN [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\0000004e IRP_MJ_LOCK_CONTROL [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\0000004e IRP_MJ_CLEANUP [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\0000004e IRP_MJ_CREATE_MAILSLOT [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\0000004e IRP_MJ_QUERY_SECURITY [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\0000004e IRP_MJ_SET_SECURITY [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\0000004e IRP_MJ_POWER [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\0000004e IRP_MJ_SYSTEM_CONTROL [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\0000004e IRP_MJ_DEVICE_CHANGE [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\0000004e IRP_MJ_QUERY_QUOTA [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\0000004e IRP_MJ_SET_QUOTA [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\0000004e IRP_MJ_PNP [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\0000004e IRP_MJ_PNP_POWER [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\0000005c IRP_MJ_CREATE [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\0000005c IRP_MJ_CREATE_NAMED_PIPE [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\0000005c IRP_MJ_CLOSEIRP_MJ_READ [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\0000005c IRP_MJ_WRITE [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\0000005c IRP_MJ_QUERY_INFORMATION [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\0000005c IRP_MJ_SET_INFORMATION [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\0000005c IRP_MJ_QUERY_EA [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\0000005c IRP_MJ_SET_EA [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\0000005c IRP_MJ_FLUSH_BUFFERS [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\0000005c IRP_MJ_QUERY_VOLUME_INFORMATION [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\0000005c IRP_MJ_SET_VOLUME_INFORMATION [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\0000005c IRP_MJ_DIRECTORY_CONTROL [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\0000005c IRP_MJ_FILE_SYSTEM_CONTROL [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\0000005c IRP_MJ_DEVICE_CONTROL [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\0000005c IRP_MJ_INTERNAL_DEVICE_CONTROL [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\0000005c IRP_MJ_SHUTDOWN [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\0000005c IRP_MJ_LOCK_CONTROL [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\0000005c IRP_MJ_CLEANUP [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\0000005c IRP_MJ_CREATE_MAILSLOT [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\0000005c IRP_MJ_QUERY_SECURITY [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\0000005c IRP_MJ_SET_SECURITY [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\0000005c IRP_MJ_POWER [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\0000005c IRP_MJ_SYSTEM_CONTROL [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\0000005c IRP_MJ_DEVICE_CHANGE [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\0000005c IRP_MJ_QUERY_QUOTA [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\0000005c IRP_MJ_SET_QUOTA [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\0000005c IRP_MJ_PNP [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\0000005c IRP_MJ_PNP_POWER [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\0000004f IRP_MJ_CREATE [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\0000004f IRP_MJ_CREATE_NAMED_PIPE [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\0000004f IRP_MJ_CLOSEIRP_MJ_READ [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\0000004f IRP_MJ_WRITE [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\0000004f IRP_MJ_QUERY_INFORMATION [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\0000004f IRP_MJ_SET_INFORMATION [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\0000004f IRP_MJ_QUERY_EA [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\0000004f IRP_MJ_SET_EA [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\0000004f IRP_MJ_FLUSH_BUFFERS [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\0000004f IRP_MJ_QUERY_VOLUME_INFORMATION [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\0000004f IRP_MJ_SET_VOLUME_INFORMATION [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\0000004f IRP_MJ_DIRECTORY_CONTROL [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\0000004f IRP_MJ_FILE_SYSTEM_CONTROL [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\0000004f IRP_MJ_DEVICE_CONTROL [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\0000004f IRP_MJ_INTERNAL_DEVICE_CONTROL [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\0000004f IRP_MJ_SHUTDOWN [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\0000004f IRP_MJ_LOCK_CONTROL [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\0000004f IRP_MJ_CLEANUP [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\0000004f IRP_MJ_CREATE_MAILSLOT [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\0000004f IRP_MJ_QUERY_SECURITY [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\0000004f IRP_MJ_SET_SECURITY [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\0000004f IRP_MJ_POWER [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\0000004f IRP_MJ_SYSTEM_CONTROL [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\0000004f IRP_MJ_DEVICE_CHANGE [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\0000004f IRP_MJ_QUERY_QUOTA [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\0000004f IRP_MJ_SET_QUOTA [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\0000004f IRP_MJ_PNP [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\0000004f IRP_MJ_PNP_POWER [F84ECCB8] ACPI.sys
Device \FileSystem\Mup \Device\Mup IRP_MJ_CREATE [F8372A80] Mup.sys
Device \FileSystem\Mup \Device\Mup IRP_MJ_CREATE_NAMED_PIPE [F8372A80] Mup.sys
Device \FileSystem\Mup \Device\Mup IRP_MJ_CLOSEIRP_MJ_READ [F8377A76] Mup.sys
Device \FileSystem\Mup \Device\Mup IRP_MJ_WRITE [F836F52D] Mup.sys
Device \FileSystem\Mup \Device\Mup IRP_MJ_QUERY_INFORMATION [F8374159] Mup.sys
Device \FileSystem\Mup \Device\Mup IRP_MJ_SET_INFORMATION [F837FB88] Mup.sys
Device \FileSystem\Mup \Device\Mup IRP_MJ_QUERY_EA [F837FDF2] Mup.sys
Device \FileSystem\Mup \Device\Mup IRP_MJ_SET_EA [F836F52D] Mup.sys
Device \FileSystem\Mup \Device\Mup IRP_MJ_FLUSH_BUFFERS [F836F52D] Mup.sys
Device \FileSystem\Mup \Device\Mup IRP_MJ_QUERY_VOLUME_INFORMATION [F836F52D] Mup.sys
Device \FileSystem\Mup \Device\Mup IRP_MJ_SET_VOLUME_INFORMATION [F8384492] Mup.sys
Device \FileSystem\Mup \Device\Mup IRP_MJ_DIRECTORY_CONTROL [F8384585] Mup.sys
Device \FileSystem\Mup \Device\Mup IRP_MJ_FILE_SYSTEM_CONTROL [F836F52D] Mup.sys
Device \FileSystem\Mup \Device\Mup IRP_MJ_DEVICE_CONTROL [F83775D2] Mup.sys
Device \FileSystem\Mup \Device\Mup IRP_MJ_INTERNAL_DEVICE_CONTROL [F836F52D] Mup.sys
Device \FileSystem\Mup \Device\Mup IRP_MJ_SHUTDOWN [F836F52D] Mup.sys
Device \FileSystem\Mup \Device\Mup IRP_MJ_LOCK_CONTROL [F837F33D] Mup.sys
Device \FileSystem\Mup \Device\Mup IRP_MJ_CLEANUP [F836F52D] Mup.sys
Device \FileSystem\Mup \Device\Mup IRP_MJ_CREATE_MAILSLOT [F8377AB9] Mup.sys
Device \FileSystem\Mup \Device\Mup IRP_MJ_QUERY_SECURITY [F8372A80] Mup.sys
Device \FileSystem\Mup \Device\Mup IRP_MJ_SET_SECURITY [F836F52D] Mup.sys
Device \FileSystem\Mup \Device\Mup IRP_MJ_POWER [F836F52D] Mup.sys
Device \FileSystem\Mup \Device\Mup IRP_MJ_SYSTEM_CONTROL [F836F52D] Mup.sys
Device \FileSystem\Mup \Device\Mup IRP_MJ_DEVICE_CHANGE [F836E35A] Mup.sys
Device \FileSystem\Mup \Device\Mup IRP_MJ_QUERY_QUOTA [F836F52D] Mup.sys
Device \FileSystem\Mup \Device\Mup IRP_MJ_SET_QUOTA [F836F52D] Mup.sys
Device \FileSystem\Mup \Device\Mup IRP_MJ_PNP [F836F52D] Mup.sys
Device \FileSystem\Mup \Device\Mup IRP_MJ_PNP_POWER [F836F52D] Mup.sys
Device \Driver\Wanarp \Device\WANARP IRP_MJ_CREATE [F867BB16] wanarp.sys
Device \Driver\Wanarp \Device\WANARP IRP_MJ_CREATE_NAMED_PIPE [F867BB16] wanarp.sys
Device \Driver\Wanarp \Device\WANARP IRP_MJ_CLOSEIRP_MJ_READ [F867BB16] wanarp.sys
Device \Driver\Wanarp \Device\WANARP IRP_MJ_WRITE [F867BB16] wanarp.sys
Device \Driver\Wanarp \Device\WANARP IRP_MJ_QUERY_INFORMATION [F867BB16] wanarp.sys
Device \Driver\Wanarp \Device\WANARP IRP_MJ_SET_INFORMATION [F867BB16] wanarp.sys
Device \Driver\Wanarp \Device\WANARP IRP_MJ_QUERY_EA [F867BB16] wanarp.sys
Device \Driver\Wanarp \Device\WANARP IRP_MJ_SET_EA [F867BB16] wanarp.sys
Device \Driver\Wanarp \Device\WANARP IRP_MJ_FLUSH_BUFFERS [F867BB16] wanarp.sys
Device \Driver\Wanarp \Device\WANARP IRP_MJ_QUERY_VOLUME_INFORMATION [F867BB16] wanarp.sys
Device \Driver\Wanarp \Device\WANARP IRP_MJ_SET_VOLUME_INFORMATION [F867BB16] wanarp.sys
Device \Driver\Wanarp \Device\WANARP IRP_MJ_DIRECTORY_CONTROL [F867BB16] wanarp.sys
Device \Driver\Wanarp \Device\WANARP IRP_MJ_FILE_SYSTEM_CONTROL [F867BB16] wanarp.sys
Device \Driver\Wanarp \Device\WANARP IRP_MJ_DEVICE_CONTR
frontrunner
Utente Junior
 
Post: 96
Iscritto il: 26/06/06 17:04

Postdi frontrunner » 30/08/06 16:59

ora autostart

grazie x la pazienza e x favore dammi indicazioni passo x passo non sono espertissimo

THX ;)

GMER 1.0.10.10122 - http://www.gmer.net
Autostart 2006-08-30 17:38:00
Windows 5.1.2600 Service Pack 2


HKLM\SYSTEM\CurrentControlSet\Control\Session Manager@BootExecute = autocheck autochk * /*file not found*/

HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems@Windows = %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,3072,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16

HKLM\SYSTEM\CurrentControlSet\Control\WOW@cmdline = %SystemRoot%\system32\ntvdm.exe

HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon >>>
@UserinitC:\WINDOWS\system32\userinit.exe, = C:\WINDOWS\system32\userinit.exe,
@ShellExplorer.exe = Explorer.exe
@System =
@UIHostlogonui.exe = logonui.exe

HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ >>>
AtiExtEvent@DLLName = Ati2evxx.dll
crypt32chain@DLLName = crypt32.dll
cryptnet@DLLName = cryptnet.dll
cscdll@DLLName = cscdll.dll
ScCertProp@DLLName = wlnotify.dll
Schedule@DLLName = wlnotify.dll
sclgntfy@DLLName = sclgntfy.dll
SensLogn@DLLName = WlNotify.dll
termsrv@DLLName = wlnotify.dll
WgaLogon@DLLName = WgaLogon.dll
wlballoon@DLLName = wlnotify.dll

HKLM\Software\Microsoft\Windows NT\CurrentVersion\Windows@AppInit_DLLs = C:\:biost.rom

HKLM\SYSTEM\CurrentControlSet\Services\ >>>
Ati HotKey Poller@ = %SystemRoot%\system32\Ati2evxx.exe
ATI Smart /*ATI Smart*/@ = C:\WINDOWS\system32\ati2sgag.exe
AudioSrv /*Audio Windows*/@ = %SystemRoot%\System32\svchost.exe -k netsvcs
BITS /*Servizio trasferimento intelligente in background*/@ = %SystemRoot%\system32\svchost.exe -k netsvcs
Browser /*Browser di computer*/@ = %SystemRoot%\system32\svchost.exe -k netsvcs
CCALib8 /*Canon Camera Access Library 8*/@ = C:\Programmi\Canon\CAL\CALMAIN.exe
CryptSvc /*Servizi di crittografia*/@ = %SystemRoot%\system32\svchost.exe -k netsvcs
DcomLaunch /*Utilità di avvio processo server DCOM*/@ = %SystemRoot%\system32\svchost -k DcomLaunch
Dhcp /*Client DHCP*/@ = %SystemRoot%\system32\svchost.exe -k netsvcs
dmserver /*Gestione dischi logici*/@ = %SystemRoot%\System32\svchost.exe -k netsvcs
Dnscache /*Client DNS*/@ = %SystemRoot%\system32\svchost.exe -k NetworkService
ERSvc /*Servizio di segnalazione errori*/@ = %SystemRoot%\System32\svchost.exe -k netsvcs
Eventlog /*Registro eventi*/@ = %SystemRoot%\system32\services.exe
ewido anti-spyware 4.0 guard /*ewido anti-spyware 4.0 guard*/@ = C:\Programmi\ewido anti-spyware 4.0\guard.exe
helpsvc /*Guida in linea e supporto tecnico*/@ = %SystemRoot%\System32\svchost.exe -k netsvcs
lanmanserver /*Server*/@ = %SystemRoot%\system32\svchost.exe -k netsvcs
lanmanworkstation /*Workstation*/@ = %SystemRoot%\system32\svchost.exe -k netsvcs
LmHosts /*Helper NetBIOS di TCP/IP*/@ = %SystemRoot%\system32\svchost.exe -k LocalService
LogJsi /*LogJsi*/@ = "C:\Programmi\File comuni\System\bKipa.exe"
MDM /*Machine Debug Manager*/@ = "C:\Programmi\File comuni\Microsoft Shared\VS7DEBUG\MDM.EXE"
NOD32krn /*NOD32 Kernel Service*/@ = "C:\Programmi\Eset\nod32krn.exe"
PlugPlay /*Plug and Play*/@ = %SystemRoot%\system32\services.exe
Pml Driver HPZ12 /*Pml Driver HPZ12*/@ = C:\WINDOWS\system32\HPZipm12.exe
PolicyAgent /*Servizi IPSEC*/@ = %SystemRoot%\system32\lsass.exe
ProtectedStorage /*Archiviazione protetta*/@ = %SystemRoot%\system32\lsass.exe
RemoteRegistry /*Registro di sistema remoto*/@ = %SystemRoot%\system32\svchost.exe -k LocalService
RpcSs /*RPC (Remote Procedure Call)*/@ = %SystemRoot%\system32\svchost -k rpcss
SamSs /*Gestione account di protezione (SAM)*/@ = %SystemRoot%\system32\lsass.exe
Schedule /*Utilità di pianificazione*/@ = %SystemRoot%\System32\svchost.exe -k netsvcs
seclogon /*Accesso secondario*/@ = %SystemRoot%\System32\svchost.exe -k netsvcs
SENS /*Notifica eventi di sistema*/@ = %SystemRoot%\system32\svchost.exe -k netsvcs
SharedAccess /*Windows Firewall / Condivisione connessione Internet (ICS)*/@ = %SystemRoot%\system32\svchost.exe -k netsvcs
ShellHWDetection /*Rilevamento hardware shell*/@ = %SystemRoot%\System32\svchost.exe -k netsvcs
Spooler /*Spooler di stampa*/@ = %SystemRoot%\system32\spoolsv.exe
srservice /*Servizio Ripristino configurazione di sistema*/@ = %SystemRoot%\system32\svchost.exe -k netsvcs
stisvc /*Acquisizione di immagini di Windows (WIA)*/@ = %SystemRoot%\system32\svchost.exe -k imgsvc
Themes /*Temi*/@ = %SystemRoot%\System32\svchost.exe -k netsvcs
TrkWks /*Manutenzione collegamenti distribuiti client*/@ = %SystemRoot%\system32\svchost.exe -k netsvcs
UMWdf /*Windows User Mode Driver Framework*/@ = C:\WINDOWS\system32\wdfmgr.exe
W32Time /*Ora di Windows*/@ = %SystemRoot%\System32\svchost.exe -k netsvcs
WebClient /*WebClient*/@ = %SystemRoot%\system32\svchost.exe -k LocalService
winmgmt /*Strumentazione gestione Windows*/@ = %systemroot%\system32\svchost.exe -k netsvcs
wscsvc /*Centro sicurezza PC*/@ = %SystemRoot%\System32\svchost.exe -k netsvcs
wuauserv /*Aggiornamenti automatici*/@ = %systemroot%\system32\svchost.exe -k netsvcs
WZCSVC /*Zero Configuration reti senza fili*/@ = %SystemRoot%\System32\svchost.exe -k netsvcs

HKLM\Software\Microsoft\Windows\CurrentVersion\Run >>>
@SoundManSOUNDMAN.EXE = SOUNDMAN.EXE
@GSICONEXEGSICON.EXE = GSICON.EXE
@DSLAGENTEXEdslagent.exe USB = dslagent.exe USB
@RemoteControlD:\Programmi\PDVDServ.exe = D:\Programmi\PDVDServ.exe
@UpdateManager"C:\Programmi\File comuni\Sonic\Update Manager\sgtray.exe" /r = "C:\Programmi\File comuni\Sonic\Update Manager\sgtray.exe" /r
@nod32kui"C:\Programmi\Eset\nod32kui.exe" /WAITSERVICE = "C:\Programmi\Eset\nod32kui.exe" /WAITSERVICE
@SunJavaUpdateSchedC:\Programmi\Java\jre1.5.0_07\bin\jusched.exe = C:\Programmi\Java\jre1.5.0_07\bin\jusched.exe
@Aticcc"C:\Programmi\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay = "C:\Programmi\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
@CcApp"C:\Programmi\File comuni\Symantec Shared\ccApp.exe" /*file not found*/ = "C:\Programmi\File comuni\Symantec Shared\ccApp.exe" /*file not found*/
@Motive SmartBridgeC:\PROGRA~1\HELPEX~1\SMARTB~1\MotiveSB.exe = C:\PROGRA~1\HELPEX~1\SMARTB~1\MotiveSB.exe
@HP Software UpdateC:\Programmi\HP\HP Software Update\HPWuSchd2.exe = C:\Programmi\HP\HP Software Update\HPWuSchd2.exe

HKCU\Software\Microsoft\Windows\CurrentVersion\Run@Ctfmon.exe = C:\WINDOWS\system32\ctfmon.exe

HKLM\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad >>>
@PostBootReminder%SystemRoot%\system32\SHELL32.dll = %SystemRoot%\system32\SHELL32.dll
@CDBurn%SystemRoot%\system32\SHELL32.dll = %SystemRoot%\system32\SHELL32.dll
@WebCheck%SystemRoot%\system32\webcheck.dll = %SystemRoot%\system32\webcheck.dll
@SysTrayC:\WINDOWS\system32\stobject.dll = C:\WINDOWS\system32\stobject.dll

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler >>>
@{438755C2-A8BA-11D1-B96B-00A0C90312E1}%SystemRoot%\system32\browseui.dll = %SystemRoot%\system32\browseui.dll
@{8C7461EF-2B13-11d2-BE35-3078302C2030}%SystemRoot%\system32\browseui.dll = %SystemRoot%\system32\browseui.dll

HKLM\Software\Classes\Folder\shell\open\command@ = %SystemRoot%\Explorer.exe /idlist,%I,%L

HKLM\Software\Classes\Folder\shell\explore\command@ = %SystemRoot%\Explorer.exe /e,/idlist,%I,%L

HKLM\Software\Classes\ >>>
.exe@ = "%1" %*
.com@ = "%1" %*
.cmd@ = "%1" %*
.bat@ = "%1" %*
.pif@ = "%1" %*
.scr@ = "%1" /S
.hta@ = C:\WINDOWS\system32\mshta.exe "%1" %*

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks >>>
@{AEB6717E-7E19-11d0-97EE-00C04FD91972}shell32.dll = shell32.dll
@{57B86673-276A-48B2-BAE7-C6DBB3020EB8}C:\Programmi\ewido anti-spyware 4.0\shellexecutehook.dll = C:\Programmi\ewido anti-spyware 4.0\shellexecutehook.dll

HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved >>>
@{00022613-0000-0000-C000-000000000046} /*Proprietà dei file Multimedia*/mmsys.cpl = mmsys.cpl
@{176d6597-26d3-11d1-b350-080036a75b03} /*Gestore scanner ICM*/icmui.dll = icmui.dll
@{1F2E5C40-9550-11CE-99D2-00AA006E086C} /*Pagina di protezione NTFS*/rshx32.dll = rshx32.dll
@{3EA48300-8CF6-101B-84FB-666CCB9BCD32} /*Pagina di proprietà di Docfile OLE*/docprop.dll = docprop.dll
@{40dd6e20-7c17-11ce-a804-00aa003ca9f6} /*Estensioni shell per la condivisione*/ntshrui.dll = ntshrui.dll
@{41E300E0-78B6-11ce-849B-444553540000} /*PlusPack CPL Extension*/%SystemRoot%\system32\themeui.dll = %SystemRoot%\system32\themeui.dll
@{42071712-76d4-11d1-8b24-00a0c9068ff3} /*Estensione scheda video del Pannello di controllo*/deskadp.dll = deskadp.dll
@{42071713-76d4-11d1-8b24-00a0c9068ff3} /*Estensione monitor del Pannello di controllo*/deskmon.dll = deskmon.dll
@{42071714-76d4-11d1-8b24-00a0c9068ff3} /*Estensione panoramica video del Pannello di controllo*/deskpan.dll /*file not found*/ = deskpan.dll /*file not found*/
@{4E40F770-369C-11d0-8922-00A024AB2DBB} /*Pagina di protezione DS*/dssec.dll = dssec.dll
@{513D916F-2A8E-4F51-AEAB-0CBC76FB1AF8} /*Pagina compatibilità*/SlayerXP.dll = SlayerXP.dll
@{56117100-C0CD-101B-81E2-00AA004AE837} /*Gestore dati dei ritagli di shell*/shscrap.dll = shscrap.dll
@{59099400-57FF-11CE-BD94-0020AF85B590} /*Estensione copia dischi*/diskcopy.dll = diskcopy.dll
@{59be4990-f85c-11ce-aff7-00aa003ca9f6} /*Estensioni shell per oggetti Rete Microsoft Windows*/ntlanui2.dll = ntlanui2.dll
@{5DB2625A-54DF-11D0-B6C4-0800091AA605} /*Gestore monitor ICM*/%SystemRoot%\System32\icmui.dll = %SystemRoot%\System32\icmui.dll
@{675F097E-4C4D-11D0-B6C1-0800091AA605} /*Gestore stampante ICM*/%SystemRoot%\system32\icmui.dll = %SystemRoot%\system32\icmui.dll
@{764BF0E1-F219-11ce-972D-00AA00A14F56} /*Estensioni shell per la compressione dei file*/(null) =
@{77597368-7b15-11d0-a0c2-080036af3f03} /*Estensione shell per la stampante Web*/printui.dll = printui.dll
@{7988B573-EC89-11cf-9C00-00AA00A14F56} /*Disk Quota UI*/dskquoui.dll = dskquoui.dll
@{853FE2B1-B769-11d0-9C4E-00C04FB6C6FA} /*Menu di scelta rapida di crittografia*/(null) =
@{85BBD920-42A0-1069-A2E4-08002B30309D} /*Sincronia file*/syncui.dll = syncui.dll
@{88895560-9AA2-1069-930E-00AA0030EBC8} /*Estensione di icona di HyperTerminal*/C:\WINDOWS\system32\hticons.dll = C:\WINDOWS\system32\hticons.dll
@{BD84B380-8CA2-1069-AB1D-08000948F534} /*Tipi di carattere*/fontext.dll = fontext.dll
@{DBCE2480-C732-101B-BE72-BA78E9AD5B27} /*Profilo ICC*/%SystemRoot%\system32\icmui.dll = %SystemRoot%\system32\icmui.dll
@{F37C5810-4D3F-11d0-B4BF-00AA00BBB723} /*Pagina di protezione della stampante*/rshx32.dll = rshx32.dll
@{f81e9010-6ea4-11ce-a7ff-00aa003ca9f6} /*Estensioni shell per la condivisione*/ntshrui.dll = ntshrui.dll
@{f92e8c40-3d33-11d2-b1aa-080036a75b03} /*Display TroubleShoot CPL Extension*/deskperf.dll = deskperf.dll
@{7444C717-39BF-11D1-8CD9-00C04FC29D45} /*Estensione Crypto PKO*/C:\WINDOWS\system32\cryptext.dll = C:\WINDOWS\system32\cryptext.dll
@{7444C719-39BF-11D1-8CD9-00C04FC29D45} /*Estensione firma crittografata*/C:\WINDOWS\system32\cryptext.dll = C:\WINDOWS\system32\cryptext.dll
@{7007ACC7-3202-11D1-AAD2-00805FC1270E} /*Connessioni di rete*/C:\WINDOWS\system32\NETSHELL.dll = C:\WINDOWS\system32\NETSHELL.dll
@{992CFFA0-F557-101A-88EC-00DD010CCC48} /*Connessioni di rete*/C:\WINDOWS\system32\NETSHELL.dll = C:\WINDOWS\system32\NETSHELL.dll
@{E211B736-43FD-11D1-9EFB-0000F8757FCD} /*Scanner e fotocamere digitali*/wiashext.dll = wiashext.dll
@{FB0C9C8A-6C50-11D1-9F1D-0000F8757FCD} /*Scanner e fotocamere digitali*/wiashext.dll = wiashext.dll
@{905667aa-acd6-11d2-8080-00805f6596d2} /*Scanner e fotocamere digitali*/wiashext.dll = wiashext.dll
@{3F953603-1008-4f6e-A73A-04AAC7A992F1} /*Scanner e fotocamere digitali*/wiashext.dll = wiashext.dll
@{83bbcbf3-b28a-4919-a5aa-73027445d672} /*Scanner e fotocamere digitali*/wiashext.dll = wiashext.dll
@{F0152790-D56E-4445-850E-4F3117DB740C} /*Remote Sessions CPL Extension*/C:\WINDOWS\system32\remotepg.dll = C:\WINDOWS\system32\remotepg.dll
@{60254CA5-953B-11CF-8C96-00AA00B8708C} /*Estensione shell per Windows Script Host*/C:\WINDOWS\system32\wshext.dll = C:\WINDOWS\system32\wshext.dll
@{2206CDB2-19C1-11D1-89E0-00C04FD7A829} /*Microsoft Data Link*/C:\Programmi\File comuni\System\Ole DB\oledb32.dll = C:\Programmi\File comuni\System\Ole DB\oledb32.dll
@{DD2110F0-9EEF-11cf-8D8E-00AA0060F5BF} /*Tasks Folder Icon Handler*/C:\WINDOWS\system32\mstask.dll = C:\WINDOWS\system32\mstask.dll
@{797F1E90-9EDD-11cf-8D8E-00AA0060F5BF} /*Tasks Folder Shell Extension*/C:\WINDOWS\system32\mstask.dll = C:\WINDOWS\system32\mstask.dll
@{D6277990-4C6A-11CF-8D87-00AA0060F5BF} /*Operazioni pianificate*/C:\WINDOWS\system32\mstask.dll = C:\WINDOWS\system32\mstask.dll
@{2559a1f7-21d7-11d4-bdaf-00c04f60b9f0} /*Set Program Access and Defaults*/%SystemRoot%\system32\shdocvw.dll = %SystemRoot%\system32\shdocvw.dll
@{5F327514-6C5E-4d60-8F16-D07FA08A78ED} /*Auto Update Property Sheet Extension*/C:\WINDOWS\system32\wuaucpl.cpl = C:\WINDOWS\system32\wuaucpl.cpl
@{0DF44EAA-FF21-4412-828E-260A8728E7F1} /*Barra delle applicazioni e menu di avvio*/(null) =
@{2559a1f0-21d7-11d4-bdaf-00c04f60b9f0} /*Cerca*/%SystemRoot%\system32\shdocvw.dll = %SystemRoot%\system32\shdocvw.dll
@{2559a1f1-21d7-11d4-bdaf-00c04f60b9f0} /*Guida in linea e supporto tecnico*/%SystemRoot%\system32\shdocvw.dll = %SystemRoot%\system32\shdocvw.dll
@{2559a1f2-21d7-11d4-bdaf-00c04f60b9f0} /*Guida in linea e supporto tecnico*/%SystemRoot%\system32\shdocvw.dll = %SystemRoot%\system32\shdocvw.dll
@{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0} /*Esegui...*/%SystemRoot%\system32\shdocvw.dll = %SystemRoot%\system32\shdocvw.dll
@{2559a1f4-21d7-11d4-bdaf-00c04f60b9f0} /*Internet*/%SystemRoot%\system32\shdocvw.dll = %SystemRoot%\system32\shdocvw.dll
@{2559a1f5-21d7-11d4-bdaf-00c04f60b9f0} /*Posta elettronica*/%SystemRoot%\system32\shdocvw.dll = %SystemRoot%\system32\shdocvw.dll
@{D20EA4E1-3957-11d2-A40B-0C5020524152} /*Tipi di carattere*/%SystemRoot%\system32\shdocvw.dll = %SystemRoot%\system32\shdocvw.dll
@{D20EA4E1-3957-11d2-A40B-0C5020524153} /*Strumenti di amministrazione*/%SystemRoot%\system32\shdocvw.dll = %SystemRoot%\system32\shdocvw.dll
@{596AB062-B4D2-4215-9F74-E9109B0A8153} /*Pagina proprietà versioni precedenti*/%SystemRoot%\system32\twext.dll = %SystemRoot%\system32\twext.dll
@{9DB7A13C-F208-4981-8353-73CC61AE2783} /*Versioni precedenti*/%SystemRoot%\system32\twext.dll = %SystemRoot%\system32\twext.dll
@{875CB1A1-0F29-45de-A1AE-CFB4950D0B78} /*Audio Media Properties Handler*/%SystemRoot%\system32\shmedia.dll = %SystemRoot%\system32\shmedia.dll
@{40C3D757-D6E4-4b49-BB41-0E5BBEA28817} /*Video Media Properties Handler*/%SystemRoot%\system32\shmedia.dll = %SystemRoot%\system32\shmedia.dll
@{E4B29F9D-D390-480b-92FD-7DDB47101D71} /*Wav Properties Handler*/%SystemRoot%\system32\shmedia.dll = %SystemRoot%\system32\shmedia.dll
@{87D62D94-71B3-4b9a-9489-5FE6850DC73E} /*Avi Properties Handler*/%SystemRoot%\system32\shmedia.dll = %SystemRoot%\system32\shmedia.dll
@{A6FD9E45-6E44-43f9-8644-08598F5A74D9} /*Midi Properties Handler*/%SystemRoot%\system32\shmedia.dll = %SystemRoot%\system32\shmedia.dll
@{c5a40261-cd64-4ccf-84cb-c394da41d590} /*Video Thumbnail Extractor*/%SystemRoot%\system32\shmedia.dll = %SystemRoot%\system32\shmedia.dll
@{5E6AB780-7743-11CF-A12B-00AA004AE837} /*Barra degli strumenti Microsoft Internet*/%SystemRoot%\system32\browseui.dll = %SystemRoot%\system32\browseui.dll
@{22BF0C20-6DA7-11D0-B373-00A0C9034938} /*Stato del download*/%SystemRoot%\system32\browseui.dll = %SystemRoot%\system32\browseui.dll
@{91EA3F8B-C99B-11d0-9815-00C04FD91972} /*Shell Folder accresciuto*/%SystemRoot%\system32\browseui.dll = %SystemRoot%\system32\browseui.dll
@{6413BA2C-B461-11d1-A18A-080036B11A03} /*Shell Folder 2 accresciuto*/%SystemRoot%\system32\browseui.dll = %SystemRoot%\system32\browseui.dll
@{F61FFEC1-754F-11d0-80CA-00AA005B4383} /*BandProxy*/%SystemRoot%\system32\browseui.dll = %SystemRoot%\system32\browseui.dll
@{7BA4C742-9E81-11CF-99D3-00AA004AE837} /*Microsoft BrowserBand*/%SystemRoot%\system32\browseui.dll = %SystemRoot%\system32\browseui.dll
@{30D02401-6A81-11d0-8274-00C04FD5AE38} /*SearchBand*/%SystemRoot%\system32\browseui.dll = %SystemRoot%\system32\browseui.dll
@{169A0691-8DF9-11d1-A1C4-00C04FD75D13} /*Ricerca all'interno*/%SystemRoot%\system32\browseui.dll = %SystemRoot%\system32\browseui.dll
@{07798131-AF23-11d1-9111-00A0C98BA67D} /*Ricerca Web*/%SystemRoot%\system32\browseui.dll = %SystemRoot%\system32\browseui.dll
@{AF4F6510-F982-11d0-8595-00AA004CD6D8} /*Utilità opzioni della struttura del Registro di sistema*/%SystemRoot%\system32\browseui.dll = %SystemRoot%\system32\browseui.dll
@{01E04581-4EEE-11d0-BFE9-00AA005B4383} /*&Indirizzo*/%SystemRoot%\system32\browseui.dll = %SystemRoot%\system32\browseui.dll
@{A08C11D2-A228-11d0-825B-00AA005B4383} /*Address EditBox*/%SystemRoot%\system32\browseui.dll = %SystemRoot%\system32\browseui.dll
@{00BB2763-6A77-11D0-A535-00C04FD7D062} /*Completamento automatico Microsoft*/%SystemRoot%\system32\browseui.dll = %SystemRoot%\system32\browseui.dll
@{7376D660-C583-11d0-A3A5-00C04FD706EC} /*TridentImageExtractor*/%SystemRoot%\system32\browseui.dll = %SystemRoot%\system32\browseui.dll
@{6756A641-DE71-11d0-831B-00AA005B4383} /*Elenco di Completamento automatico MRU*/%SystemRoot%\system32\browseui.dll = %SystemRoot%\system32\browseui.dll
@{6935DB93-21E8-4ccc-BEB9-9FE3C77A297A} /*Elenco di Completamento automatico MRU personalizzato*/%SystemRoot%\system32\browseui.dll = %SystemRoot%\system32\browseui.dll
@{7e653215-fa25-46bd-a339-34a2790f3cb7} /*Accessibile*/%SystemRoot%\system32\browseui.dll = %SystemRoot%\system32\browseui.dll
@{acf35015-526e-4230-9596-becbe19f0ac9} /*Indicatore di avanzamento popup*/%SystemRoot%\system32\browseui.dll = %SystemRoot%\system32\browseui.dll
@{00BB2764-6A77-11D0-A535-00C04FD7D062} /*Elenco di Completamento automatico della Cronologia di Microsoft*/%SystemRoot%\system32\browseui.dll = %SystemRoot%\system32\browseui.dll
@{03C036F1-A186-11D0-824A-00AA005B4383} /*Elenco di Completamento automatico di Shell Folder di Microsoft*/%SystemRoot%\system32\browseui.dll = %SystemRoot%\system32\browseui.dll
@{00BB2765-6A77-11D0-A535-00C04FD7D062} /*Contenitore dell'elenco di Completamento automatico multiplo Microsoft*/%SystemRoot%\system32\browseui.dll = %SystemRoot%\system32\browseui.dll
@{ECD4FC4E-521C-11D0-B792-00A0C90312E1} /*Shell Band Site Menu*/%SystemRoot%\system32\browseui.dll = %SystemRoot%\system32\browseui.dll
@{3CCF8A41-5C85-11d0-9796-00AA00B90ADF} /*Shell DeskBarApp*/%SystemRoot%\system32\browseui.dll = %SystemRoot%\system32\browseui.dll
@{ECD4FC4C-521C-11D0-B792-00A0C90312E1} /*Shell DeskBar*/%SystemRoot%\system32\browseui.dll = %SystemRoot%\system32\browseui.dll
@{ECD4FC4D-521C-11D0-B792-00A0C90312E1} /*Shell Rebar BandSite*/%SystemRoot%\system32\browseui.dll = %SystemRoot%\system32\browseui.dll
@{DD313E04-FEFF-11d1-8ECD-0000F87A470C} /*Assistenza utente*/%SystemRoot%\system32\browseui.dll = %SystemRoot%\system32\browseui.dll
@{EF8AD2D1-AE36-11D1-B2D2-006097DF8C11} /*Impostazioni cartella globale*/%SystemRoot%\system32\browseui.dll = %SystemRoot%\system32\browseui.dll
@{EFA24E61-B078-11d0-89E4-00C04FC9E26E} /*Favorites Band*/%SystemRoot%\system32\shdocvw.dll = %SystemRoot%\system32\shdocvw.dll
@{0A89A860-D7B1-11CE-8350-444553540000} /*Shell Automation Inproc Service*/%SystemRoot%\system32\shdocvw.dll = %SystemRoot%\system32\shdocvw.dll
@{E7E4BC40-E76A-11CE-A9BB-00AA004AE837} /*Shell DocObject Viewer*/%SystemRoot%\system32\shdocvw.dll = %SystemRoot%\system32\shdocvw.dll
@{A5E46E3A-8849-11D1-9D8C-00C04FC99D61} /*Microsoft Browser Architecture*/%SystemRoot%\system32\shdocvw.dll = %SystemRoot%\system32\shdocvw.dll
@{FBF23B40-E3F0-101B-8488-00AA003E56F8} /*InternetShortcut*/shdocvw.dll = shdocvw.dll
@{3C374A40-BAE4-11CF-BF7D-00AA006946EE} /*Servizio Cronologia Url Microsoft*/%SystemRoot%\system32\shdocvw.dll = %SystemRoot%\system32\shdocvw.dll
@{FF393560-C2A7-11CF-BFF4-444553540000} /*Cronologia*/%SystemRoot%\system32\shdocvw.dll = %SystemRoot%\system32\shdocvw.dll
@{7BD29E00-76C1-11CF-9DD0-00A0C9034933} /*File temporanei Internet*/%SystemRoot%\system32\shdocvw.dll = %SystemRoot%\system32\shdocvw.dll
@{7BD29E01-76C1-11CF-9DD0-00A0C9034933} /*File temporanei Internet*/%SystemRoot%\system32\shdocvw.dll = %SystemRoot%\system32\shdocvw.dll
@{CFBFAE00-17A6-11D0-99CB-00C04FD64497} /*Hook per la ricerca di URL Microsoft*/%SystemRoot%\system32\shdocvw.dll = %SystemRoot%\system32\shdocvw.dll
@{A2B0DD40-CC59-11d0-A3A5-00C04FD706EC} /*Schermata iniziale applicazioni Internet Explorer 4*/%SystemRoot%\system32\shdocvw.dll = %SystemRoot%\system32\shdocvw.dll
@{67EA19A0-CCEF-11d0-8024-00C04FD75D13} /*CDF Extension Copy Hook*/%SystemRoot%\system32\shdocvw.dll = %SystemRoot%\system32\shdocvw.dll
@{131A6951-7F78-11D0-A979-00C04FD705A2} /*ISFBand OC*/%SystemRoot%\system32\shdocvw.dll = %SystemRoot%\system32\shdocvw.dll
@{9461b922-3c5a-11d2-bf8b-00c04fb93661} /*Search Assistant OC*/%SystemRoot%\system32\shdocvw.dll = %SystemRoot%\system32\shdocvw.dll
@{3DC7A020-0ACD-11CF-A9BB-00AA004AE837} /*Internet*/%SystemRoot%\system32\shdocvw.dll = %SystemRoot%\system32\shdocvw.dll
@{871C5380-42A0-1069-A2EA-08002B30309D} /*Internet Name Space*/%SystemRoot%\system32\shdocvw.dll = %SystemRoot%\system32\shdocvw.dll
@{EFA24E64-B078-11d0-89E4-00C04FC9E26E} /*Explorer Band*/%SystemRoot%\system32\shdocvw.dll = %SystemRoot%\system32\shdocvw.dll
@{9E56BE60-C50F-11CF-9A2C-00A0C90A90CE} /*Sendmail service*/C:\WINDOWS\system32\sendmail.dll = C:\WINDOWS\system32\sendmail.dll
@{9E56BE61-C50F-11CF-9A2C-00A0C90A90CE} /*Sendmail service*/C:\WINDOWS\system32\sendmail.dll = C:\WINDOWS\system32\sendmail.dll
@{88C6C381-2E85-11D0-94DE-444553540000} /*Cartella cache ActiveX*/%SystemRoot%\system32\occache.dll = %SystemRoot%\system32\occache.dll
@{E6FB5E20-DE35-11CF-9C87-00AA005127ED} /*WebCheck*/%SystemRoot%\system32\webcheck.dll = %SystemRoot%\system32\webcheck.dll
@{ABBE31D0-6DAE-11D0-BECA-00C04FD940BE} /*Subscription Mgr*/%SystemRoot%\system32\webcheck.dll = %SystemRoot%\system32\webcheck.dll
@{F5175861-2688-11d0-9C5E-00AA00A45957} /*Cartella Subscription*/%SystemRoot%\system32\webcheck.dll = %SystemRoot%\system32\webcheck.dll
@{08165EA0-E946-11CF-9C87-00AA005127ED} /*WebCheckWebCrawler*/%SystemRoot%\system32\webcheck.dll = %SystemRoot%\system32\webcheck.dll
@{E3A8BDE6-ABCE-11d0-BC4B-00C04FD929DB} /*WebCheckChannelAgent*/%SystemRoot%\system32\webcheck.dll = %SystemRoot%\system32\webcheck.dll
@{E8BB6DC0-6B4E-11d0-92DB-00A0C90C2BD7} /*TrayAgent*/%SystemRoot%\system32\webcheck.dll = %SystemRoot%\system32\webcheck.dll
@{7D559C10-9FE9-11d0-93F7-00AA0059CE02} /*Code Download Agent*/%SystemRoot%\system32\webcheck.dll = %SystemRoot%\system32\webcheck.dll
@{E6CC6978-6B6E-11D0-BECA-00C04FD940BE} /*ConnectionAgent*/%SystemRoot%\system32\webcheck.dll = %SystemRoot%\system32\webcheck.dll
@{D8BD2030-6FC9-11D0-864F-00AA006809D9} /*PostAgent*/%SystemRoot%\system32\webcheck.dll = %SystemRoot%\system32\webcheck.dll
@{7FC0B86E-5FA7-11d1-BC7C-00C04FD929DB} /*WebCheck SyncMgr Handler*/%SystemRoot%\system32\webcheck.dll = %SystemRoot%\system32\webcheck.dll
@{352EC2B7-8B9A-11D1-B8AE-006008059382} /*Gestione applicazioni shell*/%SystemRoot%\system32\appwiz.cpl = %SystemRoot%\system32\appwiz.cpl
@{0B124F8F-91F0-11D1-B8B5-006008059382} /*Enumeratore applicazioni installate*/%SystemRoot%\system32\appwiz.cpl = %SystemRoot%\system32\appwiz.cpl
@{CFCCC7A0-A282-11D1-9082-006008059382} /*Darwin App Publisher*/%SystemRoot%\system32\appwiz.cpl = %SystemRoot%\system32\appwiz.cpl
@{e84fda7c-1d6a-45f6-b725-cb260c236066} /*Shell Image Verbs*/%SystemRoot%\system32\shimgvw.dll = %SystemRoot%\system32\shimgvw.dll
@{66e4e4fb-f385-4dd0-8d74-a2efd1bc6178} /*Shell Image Data Factory*/%SystemRoot%\system32\shimgvw.dll = %SystemRoot%\system32\shimgvw.dll
@{00E7B358-F65B-4dcf-83DF-CD026B94BFD4} /*Autoplay for SlideShow*/(null) =
@{3F30C968-480A-4C6C-862D-EFC0897BB84B} /*GDI + programma di estrazione file in anteprima*/C:\WINDOWS\system32\shimgvw.dll = C:\WINDOWS\system32\shimgvw.dll
@{9DBD2C50-62AD-11d0-B806-00C04FD706EC} /*Summary Info Thumbnail handler (DOCFILES)*/C:\WINDOWS\system32\shimgvw.dll = C:\WINDOWS\system32\shimgvw.dll
@{EAB841A0-9550-11cf-8C16-00805F1408F3} /*Programma di estrazione pagine HTML in anteprima*/C:\WINDOWS\system32\shimgvw.dll = C:\WINDOWS\system32\shimgvw.dll
@{eb9b1153-3b57-4e68-959a-a3266bc3d7fe} /*Shell Image Property Handler*/%SystemRoot%\system32\shimgvw.dll = %SystemRoot%\system32\shimgvw.dll
@{CC6EEFFB-43F6-46c5-9619-51D571967F7D} /*Pubblicazione guidata sul Web*/%SystemRoot%\system32\netplwiz.dll = %SystemRoot%\system32\netplwiz.dll
@{add36aa8-751a-4579-a266-d66f5202ccbb} /*Ordinazione di stampe tramite Web*/%SystemRoot%\system32\netplwiz.dll = %SystemRoot%\system32\netplwiz.dll
@{6b33163c-76a5-4b6c-bf21-45de9cd503a1} /*Oggetto Pubblicazione guidata sul Web*/%SystemRoot%\system32\netplwiz.dll = %SystemRoot%\system32\netplwiz.dll
@{58f1f272-9240-4f51-b6d4-fd63d1618591} /*Creazione guidata profilo Passport*/%SystemRoot%\system32\netplwiz.dll = %SystemRoot%\system32\netplwiz.dll
@{7A9D77BD-5403-11d2-8785-2E0420524153} /*Account utente*/(null) =
@{E88DCCE0-B7B3-11d1-A9F0-00AA0060FA31} /*Cartella compressa*/%SystemRoot%\system32\zipfldr.dll = %SystemRoot%\system32\zipfldr.dll
@{BD472F60-27FA-11cf-B8B4-444553540000} /*Compressed (zipped) Folder Right Drag Handler*/%SystemRoot%\system32\zipfldr.dll = %SystemRoot%\system32\zipfldr.dll
@{888DCA60-FC0A-11CF-8F0F-00C04FD7D062} /*Compressed (zipped) Folder SendTo Target*/%SystemRoot%\system32\zipfldr.dll = %SystemRoot%\system32\zipfldr.dll
@{f39a0dc0-9cc8-11d0-a599-00c04fd64433} /*File del canale*/%SystemRoot%\system32\cdfview.dll = %SystemRoot%\system32\cdfview.dll
@{f3aa0dc0-9cc8-11d0-a599-00c04fd64434} /*Collegamento al canale*/%SystemRoot%\system32\cdfview.dll = %SystemRoot%\system32\cdfview.dll
@{f3ba0dc0-9cc8-11d0-a599-00c04fd64435} /*Channel Handler Object*/%SystemRoot%\system32\cdfview.dll = %SystemRoot%\system32\cdfview.dll
@{f3da0dc0-9cc8-11d0-a599-00c04fd64437} /*Channel Menu*/%SystemRoot%\system32\cdfview.dll = %SystemRoot%\system32\cdfview.dll
@{f3ea0dc0-9cc8-11d0-a599-00c04fd64438} /*Channel Properties*/%SystemRoot%\system32\cdfview.dll = %SystemRoot%\system32\cdfview.dll
@{692F0339-CBAA-47e6-B5B5-3B84DB604E87} /*Extensions Manager Folder*/%SystemRoot%\system32\extmgr.dll = %SystemRoot%\system32\extmgr.dll
@{63da6ec0-2e98-11cf-8d82-444553540000} /*FTP Folders Webview*/C:\WINDOWS\system32\msieftp.dll = C:\WINDOWS\system32\msieftp.dll
@{883373C3-BF89-11D1-BE35-080036B11A03} /*Microsoft DocProp Shell Ext*/C:\WINDOWS\system32\docprop2.dll = C:\WINDOWS\system32\docprop2.dll
@{A9CF0EAE-901A-4739-A481-E35B73E47F6D} /*Microsoft DocProp Inplace Edit Box Control*/C:\WINDOWS\system32\docprop2.dll = C:\WINDOWS\system32\docprop2.dll
@{8EE97210-FD1F-4B19-91DA-67914005F020} /*Microsoft DocProp Inplace ML Edit Box Control*/C:\WINDOWS\system32\docprop2.dll = C:\WINDOWS\system32\docprop2.dll
@{0EEA25CC-4362-4A12-850B-86EE61B0D3EB} /*Microsoft DocProp Inplace Droplist Combo Control*/C:\WINDOWS\system32\docprop2.dll = C:\WINDOWS\system32\docprop2.dll
@{6A205B57-2567-4A2C-B881-F787FAB579A3} /*Microsoft DocProp Inplace Calendar Control*/C:\WINDOWS\system32\docprop2.dll = C:\WINDOWS\system32\docprop2.dll
@{28F8A4AC-BBB3-4D9B-B177-82BFC914FA33} /*Microsoft DocProp Inplace Time Control*/C:\WINDOWS\system32\docprop2.dll = C:\WINDOWS\system32\docprop2.dll
@{8A23E65E-31C2-11d0-891C-00A024AB2DBB} /*Directory Query UI*/%SystemRoot%\system32\dsquery.dll = %SystemRoot%\system32\dsquery.dll
@{9E51E0D0-6E0F-11d2-9601-00C04FA31A86} /*Shell properties for a DS object*/%SystemRoot%\system32\dsquery.dll = %SystemRoot%\system32\dsquery.dll
@{163FDC20-2ABC-11d0-88F0-00A024AB2DBB} /*Directory Object Find*/%SystemRoot%\system32\dsquery.dll = %SystemRoot%\system32\dsquery.dll
@{F020E586-5264-11d1-A532-0000F8757D7E} /*Directory Start/Search Find*/%SystemRoot%\system32\dsquery.dll = %SystemRoot%\system32\dsquery.dll
@{0D45D530-764B-11d0-A1CA-00AA00C16E65} /*Directory Property UI*/%SystemRoot%\system32\dsuiext.dll = %SystemRoot%\system32\dsuiext.dll
@{62AE1F9A-126A-11D0-A14B-0800361B1103} /*Directory Context Menu Verbs*/%SystemRoot%\system32\dsuiext.dll = %SystemRoot%\system32\dsuiext.dll
@{ECF03A33-103D-11d2-854D-006008059367} /*MyDocs Copy Hook*/%SystemRoot%\system32\mydocs.dll = %SystemRoot%\system32\mydocs.dll
@{ECF03A32-103D-11d2-854D-006008059367} /*MyDocs Drop Target*/%SystemRoot%\system32\mydocs.dll = %SystemRoot%\system32\mydocs.dll
@{4a7ded0a-ad25-11d0-98a8-0800361b1103} /*MyDocs Properties*/%SystemRoot%\system32\mydocs.dll = %SystemRoot%\system32\mydocs.dll
@{750fdf0e-2a26-11d1-a3ea-080036587f03} /*Offline Files Menu*/%SystemRoot%\System32\cscui.dll = %SystemRoot%\System32\cscui.dll
@{10CFC467-4392-11d2-8DB4-00C04FA31A66} /*Offline Files Folder Options*/%SystemRoot%\System32\cscui.dll = %SystemRoot%\System32\cscui.dll
@{AFDB1F70-2A4C-11d2-9039-00C04F8EEB3E} /*Cartella file non in linea*/%SystemRoot%\System32\cscui.dll = %SystemRoot%\System32\cscui.dll
@{143A62C8-C33B-11D1-84FE-00C04FA34A14} /*Microsoft Agent Character Property Sheet Handler*/C:\WINDOWS\msagent\agentpsh.dll = C:\WINDOWS\msagent\agentpsh.dll
@{ECCDF543-45CC-11CE-B9BF-0080C87CDBA6} /*DfsShell*/C:\WINDOWS\system32\dfsshlex.dll = C:\WINDOWS\system32\dfsshlex.dll
@{60fd46de-f830-4894-a628-6fa81bc0190d} /*%DESC_PublishDropTarget%*/%SystemRoot%\system32\photowiz.dll = %SystemRoot%\system32\photowiz.dll
@{7A80E4A8-8005-11D2-BCF8-00C04F72C717} /*MMC Icon Handler*/%SystemRoot%\System32\mmcshext.dll = %SystemRoot%\System32\mmcshext.dll
@{0CD7A5C0-9F37-11CE-AE65-08002B2E1262} /*.CAB file viewer*/cabview.dll = cabview.dll
@{32714800-2E5F-11d0-8B85-00AA0044F941} /*&Contatti...*/C:\Programmi\Outlook Express\wabfind.dll = C:\Programmi\Outlook Express\wabfind.dll
@{8DD448E6-C188-4aed-AF92-44956194EB1F} /*Windows Media Player Play as Playlist Context Menu Handler*/C:\WINDOWS\system32\wmpshell.dll = C:\WINDOWS\system32\wmpshell.dll
@{CE3FB1D1-02AE-4a5f-A6E9-D9F1B4073E6C} /*Windows Media Player Burn Audio CD Context Menu Handler*/C:\WINDOWS\system32\wmpshell.dll = C:\WINDOWS\system32\wmpshell.dll
@{F1B9284F-E9DC-4e68-9D7E-42362A59F0FD} /*Windows Media Player Add to Playlist Context Menu Handler*/C:\WINDOWS\system32\wmpshell.dll = C:\WINDOWS\system32\wmpshell.dll
@{BDEADF00-C265-11D0-BCED-00A0C90AB50F} /*Cartelle Web*/C:\PROGRA~1\FILECO~1\MICROS~1\WEBFOL~1\MSONSEXT.DLL = C:\PROGRA~1\FILECO~1\MICROS~1\WEBFOL~1\MSONSEXT.DLL
@{42042206-2D85-11D3-8CFF-005004838597} /*Microsoft Office HTML Icon Handler*/C:\Programmi\Microsoft Office\OFFICE11\msohev.dll = C:\Programmi\Microsoft Office\OFFICE11\msohev.dll
@{1D2680C9-0E2A-469d-B787-065558BC7D43} /*Fusion Cache*/C:\WINDOWS\system32\mscoree.dll = C:\WINDOWS\system32\mscoree.dll
@{5E2121EE-0300-11D4-8D3B-444553540000} /*Catalyst Context Menu extension*/C:\Programmi\ATI Technologies\ATI.ACE\atiacmxx.dll = C:\Programmi\ATI Technologies\ATI.ACE\atiacmxx.dll
@{21569614-B795-46b1-85F4-E737A8DC09AD} /*Shell Search Band*/%SystemRoot%\system32\browseui.dll = %SystemRoot%\system32\browseui.dll
@{FC9FB64A-1EB2-4CCF-AF5E-1A497A9B5C2D} /*Messenger Sharing Folders*/C:\Programmi\MSN Messenger\fsshext.8.0.0792.00.dll = C:\Programmi\MSN Messenger\fsshext.8.0.0792.00.dll
@{C56C4E21-706D-11d0-AFC5-444553540002} /*My Digital Camera*/C:\Programmi\File comuni\FotoNation\camview.dll = C:\Programmi\File comuni\FotoNation\camview.dll
@{640167b4-59b0-47a6-b335-a6b3c0695aea} /*Portable Media Devices*/%SystemRoot%\system32\Audiodev.dll = %SystemRoot%\system32\Audiodev.dll
@{cc86590a-b60a-48e6-996b-41d25ed39a1e} /*Portable Media Devices Menu*/%SystemRoot%\system32\Audiodev.dll = %SystemRoot%\system32\Audiodev.dll
@{B4B3001E-0F56-4E51-8250-BDE11547EC55} /*Super Ad Blocker Toolbar*/(null) =
@{B089FE88-FB52-11D3-BDF1-0050DA34150D} /*NOD32 Context Menu Shell Extension*/C:\Programmi\Eset\nodshex.dll = C:\Programmi\Eset\nodshex.dll

HKLM\Software\Classes\*\shellex\ContextMenuHandlers\ >>>
ewido anti-spyware@{8934FCEF-F5B8-468f-951F-78A921CD3920} = C:\Programmi\ewido anti-spyware 4.0\context.dll
NOD32 Context Menu Shell Extension@{B089FE88-FB52-11D3-BDF1-0050DA34150D} = C:\Programmi\Eset\nodshex.dll
Offline Files@{750fdf0e-2a26-11d1-a3ea-080036587f03} = %SystemRoot%\System32\cscui.dll
Open With@{09799AFB-AD67-11d1-ABCD-00C04FC30936} = %SystemRoot%\system32\SHELL32.dll
Open With EncryptionMenu@{A470F8CF-A1E8-4f65-8335-227475AA5C46} = %SystemRoot%\system32\SHELL32.dll

HKLM\Software\Classes\*\shellex\ContextMenuHandlers@{a2a9545d-a0c2-42b4-9708-a0b2badd77c8} = %SystemRoot%\system32\SHELL32.dll

HKLM\Software\Classes\Directory\shellex\ContextMenuHandlers\ >>>
EncryptionMenu@{A470F8CF-A1E8-4f65-8335-227475AA5C46} = %SystemRoot%\system32\SHELL32.dll
ewido anti-spyware@{8934FCEF-F5B8-468f-951F-78A921CD3920} = C:\Programmi\ewido anti-spyware 4.0\context.dll
Offline Files@{750fdf0e-2a26-11d1-a3ea-080036587f03} = %SystemRoot%\System32\cscui.dll
Sharing@{f81e9010-6ea4-11ce-a7ff-00aa003ca9f6} = ntshrui.dll

HKLM\Software\Classes\Folder\shellex\ContextMenuHandlers\NOD32 Context Menu Shell Extension@{B089FE88-FB52-11D3-BDF1-0050DA34150D} = C:\Programmi\Eset\nodshex.dll

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects >>>
@{81DB85CF-F03B-E94D-69A7-92A8D677A673}C:\WINDOWS\xcmna1.dll /*file not found*/ = C:\WINDOWS\xcmna1.dll /*file not found*/
@(null) =

HKCU\Control Panel\Desktop@SCRNSAVE.EXE = C:\WINDOWS\System32\logon.scr

HKLM\Software\Microsoft\Internet Explorer\Main >>>
@Default_Page_URLhttp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
@Start Pagehttp://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home = http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
@Local PageC:\windows\system32\blank.htm = C:\windows\system32\blank.htm

HKCU\Software\Microsoft\Internet Explorer\Main >>>
@Start Pagehttp://www.google.it/ = http://www.google.it/
@Local PageC:\windows\system32\blank.htm = C:\windows\system32\blank.htm

HKLM\Software\Classes\PROTOCOLS\Filter\ >>>
application/octet-stream@CLSID = C:\WINDOWS\system32\mscoree.dll
application/x-complus@CLSID = C:\WINDOWS\system32\mscoree.dll
application/x-msdownload@CLSID = C:\WINDOWS\system32\mscoree.dll
Class Install Handler@CLSID = C:\WINDOWS\system32\urlmon.dll
deflate@CLSID = C:\WINDOWS\system32\urlmon.dll
gzip@CLSID = C:\WINDOWS\system32\urlmon.dll
lzdhtml@CLSID = C:\WINDOWS\system32\urlmon.dll
text/webviewhtml@CLSID = %SystemRoot%\system32\SHELL32.dll
text/xml@CLSID = C:\Programmi\File comuni\Microsoft Shared\OFFICE11\MSOXMLMF.DLL

HKLM\Software\Classes\PROTOCOLS\Handler\ >>>
about@CLSID = %SystemRoot%\system32\mshtml.dll
cdl@CLSID = C:\WINDOWS\system32\urlmon.dll
dvd@CLSID = C:\WINDOWS\system32\msvidctl.dll
file@CLSID = C:\WINDOWS\system32\urlmon.dll
ftp@CLSID = C:\WINDOWS\system32\urlmon.dll
gopher@CLSID = C:\WINDOWS\system32\urlmon.dll
http@CLSID = C:\WINDOWS\system32\urlmon.dll
https@CLSID = C:\WINDOWS\system32\urlmon.dll
its@CLSID = C:\WINDOWS\system32\itss.dll
javascript@CLSID = %SystemRoot%\system32\mshtml.dll
livecall@CLSID = C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
local@CLSID = C:\WINDOWS\system32\urlmon.dll
mailto@CLSID = %SystemRoot%\system32\mshtml.dll
mhtml@CLSID = %SystemRoot%\system32\inetcomm.dll
mk@CLSID = C:\WINDOWS\system32\urlmon.dll
ms-its@CLSID = C:\WINDOWS\system32\itss.dll
ms-itss@CLSID = C:\Programmi\File comuni\Microsoft Shared\Information Retrieval\MSITSS.DLL
msnim@CLSID = C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
mso-offdap@CLSID = C:\PROGRA~1\FILECO~1\MICROS~1\WEBCOM~1\10\OWC10.DLL
mso-offdap11@CLSID = C:\PROGRA~1\FILECO~1\MICROS~1\WEBCOM~1\11\OWC11.DLL
res@CLSID = %SystemRoot%\system32\mshtml.dll
sysimage@CLSID = %SystemRoot%\system32\mshtml.dll
tv@CLSID = C:\WINDOWS\system32\msvidctl.dll
vbscript@CLSID = %SystemRoot%\system32\mshtml.dll
wia@CLSID = C:\WINDOWS\system32\wiascr.dll

HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters@Domain =

HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\ >>>
000000000001@LibraryPath = %SystemRoot%\System32\mswsock.dll
000000000002@LibraryPath = %SystemRoot%\System32\winrnr.dll
000000000003@LibraryPath = %SystemRoot%\System32\mswsock.dll

HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\ >>>
000000000001@PackedCatalogItem = C:\WINDOWS\system32\imon.dll
000000000002@PackedCatalogItem = C:\WINDOWS\system32\imon.dll
000000000003@PackedCatalogItem = C:\WINDOWS\system32\imon.dll
000000000004@PackedCatalogItem = C:\WINDOWS\system32\imon.dll
000000000005@PackedCatalogItem = C:\WINDOWS\system32\imon.dll
000000000006@PackedCatalogItem = %SystemRoot%\system32\mswsock.dll
000000000007@PackedCatalogItem = %SystemRoot%\system32\mswsock.dll
000000000008@PackedCatalogItem = %SystemRoot%\system32\mswsock.dll
000000000009@PackedCatalogItem = %SystemRoot%\system32\rsvpsp.dll
000000000010@PackedCatalogItem = %SystemRoot%\system32\rsvpsp.dll
000000000011@PackedCatalogItem = %SystemRoot%\system32\mswsock.dll
000000000012@PackedCatalogItem = %SystemRoot%\system32\mswsock.dll
000000000013@PackedCatalogItem = %SystemRoot%\system32\mswsock.dll
000000000014@PackedCatalogItem = %SystemRoot%\system32\mswsock.dll
000000000015@PackedCatalogItem = %SystemRoot%\system32\mswsock.dll
000000000016@PackedCatalogItem = %SystemRoot%\system32\mswsock.dll
000000000017@PackedCatalogItem = %SystemRoot%\system32\mswsock.dll
000000000018@PackedCatalogItem = %SystemRoot%\system32\mswsock.dll
000000000019@PackedCatalogItem = %SystemRoot%\system32\mswsock.dll
000000000020@PackedCatalogItem = %SystemRoot%\system32\mswsock.dll
000000000021@PackedCatalogItem = %SystemRoot%\system32\mswsock.dll
000000000022@PackedCatalogItem = %SystemRoot%\system32\mswsock.dll
000000000023@PackedCatalogItem = %SystemRoot%\system32\mswsock.dll
000000000024@PackedCatalogItem = %SystemRoot%\system32\mswsock.dll

HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000025@PackedCatalogItem = C:\WINDOWS\system32\imon.dll

C:\Documents and Settings\All Users\Menu Avvio\Programmi\Esecuzione automatica >>>
HELPExpress.lnk = HELPExpress.lnk
hp digital imaging monitor.lnk = hp digital imaging monitor.lnk

---- EOF - GMER 1.0.10 ----
frontrunner
Utente Junior
 
Post: 96
Iscritto il: 26/06/06 17:04

Postdi BilloKenobi » 30/08/06 17:28

ci siamo quasi, ma manca un pezzo (quello finale) del log della sezione rootkit

prova a postarlo di nuovo, altrimenti non potremo eliminare il virus proprio del tutto
Begun the Clone War has

Sì sì, mi hanno fatto redattore --- SuspectFile
BilloKenobi
Utente Senior
 
Post: 348
Iscritto il: 08/07/06 11:05

Postdi frontrunner » 30/08/06 17:42

sono forse salito troppo su.........ma spero troverai il punto di aggancio

grazie ancora

Device \Driver\Wanarp \Device\WANARP IRP_MJ_CREATE [F867BB16] wanarp.sys
Device \Driver\Wanarp \Device\WANARP IRP_MJ_CREATE_NAMED_PIPE [F867BB16] wanarp.sys
Device \Driver\Wanarp \Device\WANARP IRP_MJ_CLOSEIRP_MJ_READ [F867BB16] wanarp.sys
Device \Driver\Wanarp \Device\WANARP IRP_MJ_WRITE [F867BB16] wanarp.sys
Device \Driver\Wanarp \Device\WANARP IRP_MJ_QUERY_INFORMATION [F867BB16] wanarp.sys
Device \Driver\Wanarp \Device\WANARP IRP_MJ_SET_INFORMATION [F867BB16] wanarp.sys
Device \Driver\Wanarp \Device\WANARP IRP_MJ_QUERY_EA [F867BB16] wanarp.sys
Device \Driver\Wanarp \Device\WANARP IRP_MJ_SET_EA [F867BB16] wanarp.sys
Device \Driver\Wanarp \Device\WANARP IRP_MJ_FLUSH_BUFFERS [F867BB16] wanarp.sys
Device \Driver\Wanarp \Device\WANARP IRP_MJ_QUERY_VOLUME_INFORMATION [F867BB16] wanarp.sys
Device \Driver\Wanarp \Device\WANARP IRP_MJ_SET_VOLUME_INFORMATION [F867BB16] wanarp.sys
Device \Driver\Wanarp \Device\WANARP IRP_MJ_DIRECTORY_CONTROL [F867BB16] wanarp.sys
Device \Driver\Wanarp \Device\WANARP IRP_MJ_FILE_SYSTEM_CONTROL [F867BB16] wanarp.sys
Device \Driver\Wanarp \Device\WANARP IRP_MJ_DEVICE_CONTROL [F867BB16] wanarp.sys
Device \Driver\Wanarp \Device\WANARP IRP_MJ_INTERNAL_DEVICE_CONTROL [F867BB16] wanarp.sys
Device \Driver\Wanarp \Device\WANARP IRP_MJ_SHUTDOWN [F867BB16] wanarp.sys
Device \Driver\Wanarp \Device\WANARP IRP_MJ_LOCK_CONTROL [F867BB16] wanarp.sys
Device \Driver\Wanarp \Device\WANARP IRP_MJ_CLEANUP [F867BB16] wanarp.sys
Device \Driver\Wanarp \Device\WANARP IRP_MJ_CREATE_MAILSLOT [F867BB16] wanarp.sys
Device \Driver\Wanarp \Device\WANARP IRP_MJ_QUERY_SECURITY [F867BB16] wanarp.sys
Device \Driver\Wanarp \Device\WANARP IRP_MJ_SET_SECURITY [F867BB16] wanarp.sys
Device \Driver\Wanarp \Device\WANARP IRP_MJ_POWER [F867BB16] wanarp.sys
Device \Driver\Wanarp \Device\WANARP IRP_MJ_SYSTEM_CONTROL [F867BB16] wanarp.sys
Device \Driver\Wanarp \Device\WANARP IRP_MJ_DEVICE_CHANGE [F867BB16] wanarp.sys
Device \Driver\Wanarp \Device\WANARP IRP_MJ_QUERY_QUOTA [F867BB16] wanarp.sys
Device \Driver\Wanarp \Device\WANARP IRP_MJ_SET_QUOTA [F867BB16] wanarp.sys
Device \Driver\Wanarp \Device\WANARP IRP_MJ_PNP [F867BB16] wanarp.sys
Device \Driver\Wanarp \Device\WANARP IRP_MJ_PNP_POWER [F867BB16] wanarp.sys
Device \FileSystem\Srv \Device\LanmanServer IRP_MJ_CREATE [ED71C447] srv.sys
Device \FileSystem\Srv \Device\LanmanServer IRP_MJ_CREATE_NAMED_PIPE [ED71C447] srv.sys
Device \FileSystem\Srv \Device\LanmanServer IRP_MJ_CLOSEIRP_MJ_READ [ED71C447] srv.sys
Device \FileSystem\Srv \Device\LanmanServer IRP_MJ_WRITE [ED71C447] srv.sys
Device \FileSystem\Srv \Device\LanmanServer IRP_MJ_QUERY_INFORMATION [ED71C447] srv.sys
Device \FileSystem\Srv \Device\LanmanServer IRP_MJ_SET_INFORMATION [ED71C447] srv.sys
Device \FileSystem\Srv \Device\LanmanServer IRP_MJ_QUERY_EA [ED71C447] srv.sys
Device \FileSystem\Srv \Device\LanmanServer IRP_MJ_SET_EA [ED71C447] srv.sys
Device \FileSystem\Srv \Device\LanmanServer IRP_MJ_FLUSH_BUFFERS [ED71C447] srv.sys
Device \FileSystem\Srv \Device\LanmanServer IRP_MJ_QUERY_VOLUME_INFORMATION [ED71C447] srv.sys
Device \FileSystem\Srv \Device\LanmanServer IRP_MJ_SET_VOLUME_INFORMATION [ED71C447] srv.sys
Device \FileSystem\Srv \Device\LanmanServer IRP_MJ_DIRECTORY_CONTROL [ED71C447] srv.sys
Device \FileSystem\Srv \Device\LanmanServer IRP_MJ_FILE_SYSTEM_CONTROL [ED71C447] srv.sys
Device \FileSystem\Srv \Device\LanmanServer IRP_MJ_DEVICE_CONTROL [ED71C447] srv.sys
Device \FileSystem\Srv \Device\LanmanServer IRP_MJ_INTERNAL_DEVICE_CONTROL [ED71C447] srv.sys
Device \FileSystem\Srv \Device\LanmanServer IRP_MJ_SHUTDOWN [ED71C447] srv.sys
Device \FileSystem\Srv \Device\LanmanServer IRP_MJ_LOCK_CONTROL [ED71C447] srv.sys
Device \FileSystem\Srv \Device\LanmanServer IRP_MJ_CLEANUP [ED71C447] srv.sys
Device \FileSystem\Srv \Device\LanmanServer IRP_MJ_CREATE_MAILSLOT [ED71C447] srv.sys
Device \FileSystem\Srv \Device\LanmanServer IRP_MJ_QUERY_SECURITY [ED71C447] srv.sys
Device \FileSystem\Srv \Device\LanmanServer IRP_MJ_SET_SECURITY [ED71C447] srv.sys
Device \FileSystem\Srv \Device\LanmanServer IRP_MJ_POWER [ED71C447] srv.sys
Device \FileSystem\Srv \Device\LanmanServer IRP_MJ_SYSTEM_CONTROL [ED71C447] srv.sys
Device \FileSystem\Srv \Device\LanmanServer IRP_MJ_DEVICE_CHANGE [ED71C447] srv.sys
Device \FileSystem\Srv \Device\LanmanServer IRP_MJ_QUERY_QUOTA [ED71C447] srv.sys
Device \FileSystem\Srv \Device\LanmanServer IRP_MJ_SET_QUOTA [ED71C447] srv.sys
Device \FileSystem\Srv \Device\LanmanServer IRP_MJ_PNP [ED71C447] srv.sys
Device \FileSystem\Srv \Device\LanmanServer IRP_MJ_PNP_POWER [ED71C447] srv.sys
Device \Driver\Tcpip \Device\Udp IRP_MJ_CREATE [EFE3AF80] tcpip.sys
Device \Driver\Tcpip \Device\Udp IRP_MJ_CREATE_NAMED_PIPE [EFE3AF80] tcpip.sys
Device \Driver\Tcpip \Device\Udp IRP_MJ_CLOSEIRP_MJ_READ [EFE3AF80] tcpip.sys
Device \Driver\Tcpip \Device\Udp IRP_MJ_WRITE [EFE3AF80] tcpip.sys
Device \Driver\Tcpip \Device\Udp IRP_MJ_QUERY_INFORMATION [EFE3AF80] tcpip.sys
Device \Driver\Tcpip \Device\Udp IRP_MJ_SET_INFORMATION [EFE3AF80] tcpip.sys
Device \Driver\Tcpip \Device\Udp IRP_MJ_QUERY_EA [EFE3AF80] tcpip.sys
Device \Driver\Tcpip \Device\Udp IRP_MJ_SET_EA [EFE3AF80] tcpip.sys
Device \Driver\Tcpip \Device\Udp IRP_MJ_FLUSH_BUFFERS [EFE3AF80] tcpip.sys
Device \Driver\Tcpip \Device\Udp IRP_MJ_QUERY_VOLUME_INFORMATION [EFE3AF80] tcpip.sys
Device \Driver\Tcpip \Device\Udp IRP_MJ_SET_VOLUME_INFORMATION [EFE3AF80] tcpip.sys
Device \Driver\Tcpip \Device\Udp IRP_MJ_DIRECTORY_CONTROL [EFE3AF80] tcpip.sys
Device \Driver\Tcpip \Device\Udp IRP_MJ_FILE_SYSTEM_CONTROL [EFE3AF80] tcpip.sys
Device \Driver\Tcpip \Device\Udp IRP_MJ_DEVICE_CONTROL [EFE3AF80] tcpip.sys
Device \Driver\Tcpip \Device\Udp IRP_MJ_INTERNAL_DEVICE_CONTROL [EFE3AF80] tcpip.sys
Device \Driver\Tcpip \Device\Udp IRP_MJ_SHUTDOWN [EFE3B19F] tcpip.sys
Device \Driver\Tcpip \Device\Udp IRP_MJ_LOCK_CONTROL [EFE3AF80] tcpip.sys
Device \Driver\Tcpip \Device\Udp IRP_MJ_CLEANUP [EFE3AF80] tcpip.sys
Device \Driver\Tcpip \Device\Udp IRP_MJ_CREATE_MAILSLOT [EFE3AF80] tcpip.sys
Device \Driver\Tcpip \Device\Udp IRP_MJ_QUERY_SECURITY [EFE3AF80] tcpip.sys
Device \Driver\Tcpip \Device\Udp IRP_MJ_SET_SECURITY [EFE3AF80] tcpip.sys
Device \Driver\Tcpip \Device\Udp IRP_MJ_POWER [EFE3AF80] tcpip.sys
Device \Driver\Tcpip \Device\Udp IRP_MJ_SYSTEM_CONTROL [EFE3AF80] tcpip.sys
Device \Driver\Tcpip \Device\Udp IRP_MJ_DEVICE_CHANGE [EFE3AF80] tcpip.sys
Device \Driver\Tcpip \Device\Udp IRP_MJ_QUERY_QUOTA [EFE3AF80] tcpip.sys
Device \Driver\Tcpip \Device\Udp IRP_MJ_SET_QUOTA [EFE3AF80] tcpip.sys
Device \Driver\Tcpip \Device\Udp IRP_MJ_PNP [EFE3AF80] tcpip.sys
Device \Driver\Tcpip \Device\Udp IRP_MJ_PNP_POWER [EFE3AF80] tcpip.sys
Device \Driver\ACPI \Device\0000005d IRP_MJ_CREATE [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\0000005d IRP_MJ_CREATE_NAMED_PIPE [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\0000005d IRP_MJ_CLOSEIRP_MJ_READ [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\0000005d IRP_MJ_WRITE [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\0000005d IRP_MJ_QUERY_INFORMATION [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\0000005d IRP_MJ_SET_INFORMATION [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\0000005d IRP_MJ_QUERY_EA [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\0000005d IRP_MJ_SET_EA [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\0000005d IRP_MJ_FLUSH_BUFFERS [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\0000005d IRP_MJ_QUERY_VOLUME_INFORMATION [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\0000005d IRP_MJ_SET_VOLUME_INFORMATION [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\0000005d IRP_MJ_DIRECTORY_CONTROL [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\0000005d IRP_MJ_FILE_SYSTEM_CONTROL [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\0000005d IRP_MJ_DEVICE_CONTROL [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\0000005d IRP_MJ_INTERNAL_DEVICE_CONTROL [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\0000005d IRP_MJ_SHUTDOWN [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\0000005d IRP_MJ_LOCK_CONTROL [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\0000005d IRP_MJ_CLEANUP [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\0000005d IRP_MJ_CREATE_MAILSLOT [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\0000005d IRP_MJ_QUERY_SECURITY [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\0000005d IRP_MJ_SET_SECURITY [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\0000005d IRP_MJ_POWER [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\0000005d IRP_MJ_SYSTEM_CONTROL [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\0000005d IRP_MJ_DEVICE_CHANGE [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\0000005d IRP_MJ_QUERY_QUOTA [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\0000005d IRP_MJ_SET_QUOTA [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\0000005d IRP_MJ_PNP [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\0000005d IRP_MJ_PNP_POWER [F84ECCB8] ACPI.sys
Device \Driver\Tcpip \Device\RawIp IRP_MJ_CREATE [EFE3AF80] tcpip.sys
Device \Driver\Tcpip \Device\RawIp IRP_MJ_CREATE_NAMED_PIPE [EFE3AF80] tcpip.sys
Device \Driver\Tcpip \Device\RawIp IRP_MJ_CLOSEIRP_MJ_READ [EFE3AF80] tcpip.sys
Device \Driver\Tcpip \Device\RawIp IRP_MJ_WRITE [EFE3AF80] tcpip.sys
Device \Driver\Tcpip \Device\RawIp IRP_MJ_QUERY_INFORMATION [EFE3AF80] tcpip.sys
Device \Driver\Tcpip \Device\RawIp IRP_MJ_SET_INFORMATION [EFE3AF80] tcpip.sys
Device \Driver\Tcpip \Device\RawIp IRP_MJ_QUERY_EA [EFE3AF80] tcpip.sys
Device \Driver\Tcpip \Device\RawIp IRP_MJ_SET_EA [EFE3AF80] tcpip.sys
Device \Driver\Tcpip \Device\RawIp IRP_MJ_FLUSH_BUFFERS [EFE3AF80] tcpip.sys
Device \Driver\Tcpip \Device\RawIp IRP_MJ_QUERY_VOLUME_INFORMATION [EFE3AF80] tcpip.sys
Device \Driver\Tcpip \Device\RawIp IRP_MJ_SET_VOLUME_INFORMATION [EFE3AF80] tcpip.sys
Device \Driver\Tcpip \Device\RawIp IRP_MJ_DIRECTORY_CONTROL [EFE3AF80] tcpip.sys
Device \Driver\Tcpip \Device\RawIp IRP_MJ_FILE_SYSTEM_CONTROL [EFE3AF80] tcpip.sys
Device \Driver\Tcpip \Device\RawIp IRP_MJ_DEVICE_CONTROL [EFE3AF80] tcpip.sys
Device \Driver\Tcpip \Device\RawIp IRP_MJ_INTERNAL_DEVICE_CONTROL [EFE3AF80] tcpip.sys
Device \Driver\Tcpip \Device\RawIp IRP_MJ_SHUTDOWN [EFE3B19F] tcpip.sys
Device \Driver\Tcpip \Device\RawIp IRP_MJ_LOCK_CONTROL [EFE3AF80] tcpip.sys
Device \Driver\Tcpip \Device\RawIp IRP_MJ_CLEANUP [EFE3AF80] tcpip.sys
Device \Driver\Tcpip \Device\RawIp IRP_MJ_CREATE_MAILSLOT [EFE3AF80] tcpip.sys
Device \Driver\Tcpip \Device\RawIp IRP_MJ_QUERY_SECURITY [EFE3AF80] tcpip.sys
Device \Driver\Tcpip \Device\RawIp IRP_MJ_SET_SECURITY [EFE3AF80] tcpip.sys
Device \Driver\Tcpip \Device\RawIp IRP_MJ_POWER [EFE3AF80] tcpip.sys
Device \Driver\Tcpip \Device\RawIp IRP_MJ_SYSTEM_CONTROL [EFE3AF80] tcpip.sys
Device \Driver\Tcpip \Device\RawIp IRP_MJ_DEVICE_CHANGE [EFE3AF80] tcpip.sys
Device \Driver\Tcpip \Device\RawIp IRP_MJ_QUERY_QUOTA [EFE3AF80] tcpip.sys
Device \Driver\Tcpip \Device\RawIp IRP_MJ_SET_QUOTA [EFE3AF80] tcpip.sys
Device \Driver\Tcpip \Device\RawIp IRP_MJ_PNP [EFE3AF80] tcpip.sys
Device \Driver\Tcpip \Device\RawIp IRP_MJ_PNP_POWER [EFE3AF80] tcpip.sys
Device \Device\Harddisk0\DP(2)0x9f1750e00-0x9238aca00+2
Device \Device\Harddisk0\DP(1)0x7e00-0x9f1741200+1
Device \Driver\Disk \Device\Harddisk0\DR0 IRP_MJ_CREATE [F859BC30] CLASSPNP.SYS
Device \Driver\Disk \Device\Harddisk0\DR0 IRP_MJ_CREATE_NAMED_PIPE [805031BE] ntoskrnl.exe
Device \Driver\Disk \Device\Harddisk0\DR0 IRP_MJ_CLOSEIRP_MJ_READ [F859BC30] CLASSPNP.SYS
Device \Driver\Disk \Device\Harddisk0\DR0 IRP_MJ_WRITE [F8595D9B] CLASSPNP.SYS
Device \Driver\Disk \Device\Harddisk0\DR0 IRP_MJ_QUERY_INFORMATION [F8595D9B] CLASSPNP.SYS
Device \Driver\Disk \Device\Harddisk0\DR0 IRP_MJ_SET_INFORMATION [805031BE] ntoskrnl.exe
Device \Driver\Disk \Device\Harddisk0\DR0 IRP_MJ_QUERY_EA [805031BE] ntoskrnl.exe
Device \Driver\Disk \Device\Harddisk0\DR0 IRP_MJ_SET_EA [805031BE] ntoskrnl.exe
Device \Driver\Disk \Device\Harddisk0\DR0 IRP_MJ_FLUSH_BUFFERS [805031BE] ntoskrnl.exe
Device \Driver\Disk \Device\Harddisk0\DR0 IRP_MJ_QUERY_VOLUME_INFORMATION [F8596366] CLASSPNP.SYS
Device \Driver\Disk \Device\Harddisk0\DR0 IRP_MJ_SET_VOLUME_INFORMATION [805031BE] ntoskrnl.exe
Device \Driver\Disk \Device\Harddisk0\DR0 IRP_MJ_DIRECTORY_CONTROL [805031BE] ntoskrnl.exe
Device \Driver\Disk \Device\Harddisk0\DR0 IRP_MJ_FILE_SYSTEM_CONTROL [805031BE] ntoskrnl.exe
Device \Driver\Disk \Device\Harddisk0\DR0 IRP_MJ_DEVICE_CONTROL [805031BE] ntoskrnl.exe
Device \Driver\Disk \Device\Harddisk0\DR0 IRP_MJ_INTERNAL_DEVICE_CONTROL [F859644D] CLASSPNP.SYS
Device \Driver\Disk \Device\Harddisk0\DR0 IRP_MJ_SHUTDOWN [F8599FC3] CLASSPNP.SYS
Device \Driver\Disk \Device\Harddisk0\DR0 IRP_MJ_LOCK_CONTROL [F8596366] CLASSPNP.SYS
Device \Driver\Disk \Device\Harddisk0\DR0 IRP_MJ_CLEANUP [805031BE] ntoskrnl.exe
Device \Driver\Disk \Device\Harddisk0\DR0 IRP_MJ_CREATE_MAILSLOT [805031BE] ntoskrnl.exe
Device \Driver\Disk \Device\Harddisk0\DR0 IRP_MJ_QUERY_SECURITY [805031BE] ntoskrnl.exe
Device \Driver\Disk \Device\Harddisk0\DR0 IRP_MJ_SET_SECURITY [805031BE] ntoskrnl.exe
Device \Driver\Disk \Device\Harddisk0\DR0 IRP_MJ_POWER [805031BE] ntoskrnl.exe
Device \Driver\Disk \Device\Harddisk0\DR0 IRP_MJ_SYSTEM_CONTROL [F8597EF3] CLASSPNP.SYS
Device \Driver\Disk \Device\Harddisk0\DR0 IRP_MJ_DEVICE_CHANGE [F859CA24] CLASSPNP.SYS
Device \Driver\Disk \Device\Harddisk0\DR0 IRP_MJ_QUERY_QUOTA [805031BE] ntoskrnl.exe
Device \Driver\Disk \Device\Harddisk0\DR0 IRP_MJ_SET_QUOTA [805031BE] ntoskrnl.exe
Device \Driver\Disk \Device\Harddisk0\DR0 IRP_MJ_PNP [805031BE] ntoskrnl.exe
Device \Driver\Disk \Device\Harddisk0\DR0 IRP_MJ_PNP_POWER [F859BD15] CLASSPNP.SYS
Device \Driver\NdisWan \Device\NdisWanIp IRP_MJ_CREATE [F8388E6B] NDIS.sys
Device \Driver\NdisWan \Device\NdisWanIp IRP_MJ_CREATE_NAMED_PIPE [F838F1F4] NDIS.sys
Device \Driver\NdisWan \Device\NdisWanIp IRP_MJ_CLOSEIRP_MJ_READ [F8388D9C] NDIS.sys
Device \Driver\NdisWan \Device\NdisWanIp IRP_MJ_WRITE [F838F1F4] NDIS.sys
Device \Driver\NdisWan \Device\NdisWanIp IRP_MJ_QUERY_INFORMATION [F838F1F4] NDIS.sys
Device \Driver\NdisWan \Device\NdisWanIp IRP_MJ_SET_INFORMATION [F838F1F4] NDIS.sys
Device \Driver\NdisWan \Device\NdisWanIp IRP_MJ_QUERY_EA [F838F1F4] NDIS.sys
Device \Driver\NdisWan \Device\NdisWanIp IRP_MJ_SET_EA [F838F1F4] NDIS.sys
Device \Driver\NdisWan \Device\NdisWanIp IRP_MJ_FLUSH_BUFFERS [F838F1F4] NDIS.sys
Device \Driver\NdisWan \Device\NdisWanIp IRP_MJ_QUERY_VOLUME_INFORMATION [F838F1F4] NDIS.sys
Device \Driver\NdisWan \Device\NdisWanIp IRP_MJ_SET_VOLUME_INFORMATION [F838F1F4] NDIS.sys
Device \Driver\NdisWan \Device\NdisWanIp IRP_MJ_DIRECTORY_CONTROL [F838F1F4] NDIS.sys
Device \Driver\NdisWan \Device\NdisWanIp IRP_MJ_FILE_SYSTEM_CONTROL [F838F1F4] NDIS.sys
Device \Driver\NdisWan \Device\NdisWanIp IRP_MJ_DEVICE_CONTROL [F838F1F4] NDIS.sys
Device \Driver\NdisWan \Device\NdisWanIp IRP_MJ_INTERNAL_DEVICE_CONTROL [F838F010] NDIS.sys
Device \Driver\NdisWan \Device\NdisWanIp IRP_MJ_SHUTDOWN [F838F1F4] NDIS.sys
Device \Driver\NdisWan \Device\NdisWanIp IRP_MJ_LOCK_CONTROL [F838F1F4] NDIS.sys
Device \Driver\NdisWan \Device\NdisWanIp IRP_MJ_CLEANUP [F838F1F4] NDIS.sys
Device \Driver\NdisWan \Device\NdisWanIp IRP_MJ_CREATE_MAILSLOT [F838F1F4] NDIS.sys
Device \Driver\NdisWan \Device\NdisWanIp IRP_MJ_QUERY_SECURITY [F838F1F4] NDIS.sys
Device \Driver\NdisWan \Device\NdisWanIp IRP_MJ_SET_SECURITY [F838F1F4] NDIS.sys
Device \Driver\NdisWan \Device\NdisWanIp IRP_MJ_POWER [F838F1F4] NDIS.sys
Device \Driver\NdisWan \Device\NdisWanIp IRP_MJ_SYSTEM_CONTROL [F839C877] NDIS.sys
Device \Driver\NdisWan \Device\NdisWanIp IRP_MJ_DEVICE_CHANGE [F838F415] NDIS.sys
Device \Driver\NdisWan \Device\NdisWanIp IRP_MJ_QUERY_QUOTA [F838F1F4] NDIS.sys
Device \Driver\NdisWan \Device\NdisWanIp IRP_MJ_SET_QUOTA [F838F1F4] NDIS.sys
Device \Driver\NdisWan \Device\NdisWanIp IRP_MJ_PNP [F838F1F4] NDIS.sys
Device \Driver\NdisWan \Device\NdisWanIp IRP_MJ_PNP_POWER [F8391AB9] NDIS.sys
Device \Driver\Disk \Device\Harddisk1\DR3 IRP_MJ_CREATE [F859BC30] CLASSPNP.SYS
Device \Driver\Disk \Device\Harddisk1\DR3 IRP_MJ_CREATE_NAMED_PIPE [805031BE] ntoskrnl.exe
Device \Driver\Disk \Device\Harddisk1\DR3 IRP_MJ_CLOSEIRP_MJ_READ [F859BC30] CLASSPNP.SYS
Device \Driver\Disk \Device\Harddisk1\DR3 IRP_MJ_WRITE [F8595D9B] CLASSPNP.SYS
Device \Driver\Disk \Device\Harddisk1\DR3 IRP_MJ_QUERY_INFORMATION [F8595D9B] CLASSPNP.SYS
Device \Driver\Disk \Device\Harddisk1\DR3 IRP_MJ_SET_INFORMATION [805031BE] ntoskrnl.exe
Device \Driver\Disk \Device\Harddisk1\DR3 IRP_MJ_QUERY_EA [805031BE] ntoskrnl.exe
Device \Driver\Disk \Device\Harddisk1\DR3 IRP_MJ_SET_EA [805031BE] ntoskrnl.exe
Device \Driver\Disk \Device\Harddisk1\DR3 IRP_MJ_FLUSH_BUFFERS [805031BE] ntoskrnl.exe
Device \Driver\Disk \Device\Harddisk1\DR3 IRP_MJ_QUERY_VOLUME_INFORMATION [F8596366] CLASSPNP.SYS
Device \Driver\Disk \Device\Harddisk1\DR3 IRP_MJ_SET_VOLUME_INFORMATION [805031BE] ntoskrnl.exe
Device \Driver\Disk \Device\Harddisk1\DR3 IRP_MJ_DIRECTORY_CONTROL [805031BE] ntoskrnl.exe
Device \Driver\Disk \Device\Harddisk1\DR3 IRP_MJ_FILE_SYSTEM_CONTROL [805031BE] ntoskrnl.exe
Device \Driver\Disk \Device\Harddisk1\DR3 IRP_MJ_DEVICE_CONTROL [805031BE] ntoskrnl.exe
Device \Driver\Disk \Device\Harddisk1\DR3 IRP_MJ_INTERNAL_DEVICE_CONTROL [F859644D] CLASSPNP.SYS
Device \Driver\Disk \Device\Harddisk1\DR3 IRP_MJ_SHUTDOWN [F8599FC3] CLASSPNP.SYS
Device \Driver\Disk \Device\Harddisk1\DR3 IRP_MJ_LOCK_CONTROL [F8596366] CLASSPNP.SYS
Device \Driver\Disk \Device\Harddisk1\DR3 IRP_MJ_CLEANUP [805031BE] ntoskrnl.exe
Device \Driver\Disk \Device\Harddisk1\DR3 IRP_MJ_CREATE_MAILSLOT [805031BE] ntoskrnl.exe
Device \Driver\Disk \Device\Harddisk1\DR3 IRP_MJ_QUERY_SECURITY [805031BE] ntoskrnl.exe
Device \Driver\Disk \Device\Harddisk1\DR3 IRP_MJ_SET_SECURITY [805031BE] ntoskrnl.exe
Device \Driver\Disk \Device\Harddisk1\DR3 IRP_MJ_POWER [805031BE] ntoskrnl.exe
Device \Driver\Disk \Device\Harddisk1\DR3 IRP_MJ_SYSTEM_CONTROL [F8597EF3] CLASSPNP.SYS
Device \Driver\Disk \Device\Harddisk1\DR3 IRP_MJ_DEVICE_CHANGE [F859CA24] CLASSPNP.SYS
Device \Driver\Disk \Device\Harddisk1\DR3 IRP_MJ_QUERY_QUOTA [805031BE] ntoskrnl.exe
Device \Driver\Disk \Device\Harddisk1\DR3 IRP_MJ_SET_QUOTA [805031BE] ntoskrnl.exe
Device \Driver\Disk \Device\Harddisk1\DR3 IRP_MJ_PNP [805031BE] ntoskrnl.exe
Device \Driver\Disk \Device\Harddisk1\DR3 IRP_MJ_PNP_POWER [F859BD15] CLASSPNP.SYS
Device \Driver\Disk \Device\Harddisk1\DP(1)0-0+4 IRP_MJ_CREATE [F859BC30] CLASSPNP.SYS
Device \Driver\Disk \Device\Harddisk1\DP(1)0-0+4 IRP_MJ_CREATE_NAMED_PIPE [805031BE] ntoskrnl.exe
Device \Driver\Disk \Device\Harddisk1\DP(1)0-0+4 IRP_MJ_CLOSEIRP_MJ_READ [F859BC30] CLASSPNP.SYS
Device \Driver\Disk \Device\Harddisk1\DP(1)0-0+4 IRP_MJ_WRITE [F8595D9B] CLASSPNP.SYS
Device \Driver\Disk \Device\Harddisk1\DP(1)0-0+4 IRP_MJ_QUERY_INFORMATION [F8595D9B] CLASSPNP.SYS
Device \Driver\Disk \Device\Harddisk1\DP(1)0-0+4 IRP_MJ_SET_INFORMATION [805031BE] ntoskrnl.exe
Device \Driver\Disk \Device\Harddisk1\DP(1)0-0+4 IRP_MJ_QUERY_EA [805031BE] ntoskrnl.exe
Device \Driver\Disk \Device\Harddisk1\DP(1)0-0+4 IRP_MJ_SET_EA [805031BE] ntoskrnl.exe
Device \Driver\Disk \Device\Harddisk1\DP(1)0-0+4 IRP_MJ_FLUSH_BUFFERS [805031BE] ntoskrnl.exe
Device \Driver\Disk \Device\Harddisk1\DP(1)0-0+4 IRP_MJ_QUERY_VOLUME_INFORMATION [F8596366] CLASSPNP.SYS
Device \Driver\Disk \Device\Harddisk1\DP(1)0-0+4 IRP_MJ_SET_VOLUME_INFORMATION [805031BE] ntoskrnl.exe
Device \Driver\Disk \Device\Harddisk1\DP(1)0-0+4 IRP_MJ_DIRECTORY_CONTROL [805031BE] ntoskrnl.exe
Device \Driver\Disk \Device\Harddisk1\DP(1)0-0+4 IRP_MJ_FILE_SYSTEM_CONTROL [805031BE] ntoskrnl.exe
Device \Driver\Disk \Device\Harddisk1\DP(1)0-0+4 IRP_MJ_DEVICE_CONTROL [805031BE] ntoskrnl.exe
Device \Driver\Disk \Device\Harddisk1\DP(1)0-0+4 IRP_MJ_INTERNAL_DEVICE_CONTROL [F859644D] CLASSPNP.SYS
Device \Driver\Disk \Device\Harddisk1\DP(1)0-0+4 IRP_MJ_SHUTDOWN [F8599FC3] CLASSPNP.SYS
Device \Driver\Disk \Device\Harddisk1\DP(1)0-0+4 IRP_MJ_LOCK_CONTROL [F8596366] CLASSPNP.SYS
Device \Driver\Disk \Device\Harddisk1\DP(1)0-0+4 IRP_MJ_CLEANUP [805031BE] ntoskrnl.exe
Device \Driver\Disk \Device\Harddisk1\DP(1)0-0+4 IRP_MJ_CREATE_MAILSLOT [805031BE] ntoskrnl.exe
Device \Driver\Disk \Device\Harddisk1\DP(1)0-0+4 IRP_MJ_QUERY_SECURITY [805031BE] ntoskrnl.exe
Device \Driver\Disk \Device\Harddisk1\DP(1)0-0+4 IRP_MJ_SET_SECURITY [805031BE] ntoskrnl.exe
Device \Driver\Disk \Device\Harddisk1\DP(1)0-0+4 IRP_MJ_POWER [805031BE] ntoskrnl.exe
Device \Driver\Disk \Device\Harddisk1\DP(1)0-0+4 IRP_MJ_SYSTEM_CONTROL [F8597EF3] CLASSPNP.SYS
Device \Driver\Disk \Device\Harddisk1\DP(1)0-0+4 IRP_MJ_DEVICE_CHANGE [F859CA24] CLASSPNP.SYS
Device \Driver\Disk \Device\Harddisk1\DP(1)0-0+4 IRP_MJ_QUERY_QUOTA [805031BE] ntoskrnl.exe
Device \Driver\Disk \Device\Harddisk1\DP(1)0-0+4 IRP_MJ_SET_QUOTA [805031BE] ntoskrnl.exe
Device \Driver\Disk \Device\Harddisk1\DP(1)0-0+4 IRP_MJ_PNP [805031BE] ntoskrnl.exe
Device \Driver\Disk \Device\Harddisk1\DP(1)0-0+4 IRP_MJ_PNP_POWER [F859BD15] CLASSPNP.SYS
Device \FileSystem\RAW \Device\RawDisk IRP_MJ_CREATE [8059CCA9] ntoskrnl.exe
Device \FileSystem\RAW \Device\RawDisk IRP_MJ_CREATE_NAMED_PIPE [805031BE] ntoskrnl.exe
Device \FileSystem\RAW \Device\RawDisk IRP_MJ_CLOSEIRP_MJ_READ [8059CCA9] ntoskrnl.exe
Device \FileSystem\RAW \Device\RawDisk IRP_MJ_WRITE [8059CCA9] ntoskrnl.exe
Device \FileSystem\RAW \Device\RawDisk IRP_MJ_QUERY_INFORMATION [8059CCA9] ntoskrnl.exe
Device \FileSystem\RAW \Device\RawDisk IRP_MJ_SET_INFORMATION [8059CCA9] ntoskrnl.exe
Device \FileSystem\RAW \Device\RawDisk IRP_MJ_QUERY_EA [8059CCA9] ntoskrnl.exe
Device \FileSystem\RAW \Device\RawDisk IRP_MJ_SET_EA [805031BE] ntoskrnl.exe
Device \FileSystem\RAW \Device\RawDisk IRP_MJ_FLUSH_BUFFERS [805031BE] ntoskrnl.exe
Device \FileSystem\RAW \Device\RawDisk IRP_MJ_QUERY_VOLUME_INFORMATION [805031BE] ntoskrnl.exe
Device \FileSystem\RAW \Device\RawDisk IRP_MJ_SET_VOLUME_INFORMATION [8059CCA9] ntoskrnl.exe
Device \FileSystem\RAW \Device\RawDisk IRP_MJ_DIRECTORY_CONTROL [805031BE] ntoskrnl.exe
Device \FileSystem\RAW \Device\RawDisk IRP_MJ_FILE_SYSTEM_CONTROL [805031BE] ntoskrnl.exe
Device \FileSystem\RAW \Device\RawDisk IRP_MJ_DEVICE_CONTROL [8059CCA9] ntoskrnl.exe
Device \FileSystem\RAW \Device\RawDisk IRP_MJ_INTERNAL_DEVICE_CONTROL [8059CCA9] ntoskrnl.exe
Device \FileSystem\RAW \Device\RawDisk IRP_MJ_SHUTDOWN [805031BE] ntoskrnl.exe
Device \FileSystem\RAW \Device\RawDisk IRP_MJ_LOCK_CONTROL [8062E82D] ntoskrnl.exe
Device \FileSystem\RAW \Device\RawDisk IRP_MJ_CLEANUP [805031BE] ntoskrnl.exe
Device \FileSystem\RAW \Device\RawDisk IRP_MJ_CREATE_MAILSLOT [8059CCA9] ntoskrnl.exe
Device \FileSystem\RAW \Device\RawDisk IRP_MJ_QUERY_SECURITY [805031BE] ntoskrnl.exe
Device \FileSystem\RAW \Device\RawDisk IRP_MJ_SET_SECURITY [805031BE] ntoskrnl.exe
Device \FileSystem\RAW \Device\RawDisk IRP_MJ_POWER [805031BE] ntoskrnl.exe
Device \FileSystem\RAW \Device\RawDisk IRP_MJ_SYSTEM_CONTROL [805031BE] ntoskrnl.exe
Device \FileSystem\RAW \Device\RawDisk IRP_MJ_DEVICE_CHANGE [805031BE] ntoskrnl.exe
Device \FileSystem\RAW \Device\RawDisk IRP_MJ_QUERY_QUOTA [805031BE] ntoskrnl.exe
Device \FileSystem\RAW \Device\RawDisk IRP_MJ_SET_QUOTA [805031BE] ntoskrnl.exe
Device \FileSystem\RAW \Device\RawDisk IRP_MJ_PNP [805031BE] ntoskrnl.exe
Device \FileSystem\RAW \Device\RawDisk IRP_MJ_PNP_POWER [8059CCA9] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000002 IRP_MJ_CREATE [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000002 IRP_MJ_CREATE_NAMED_PIPE [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000002 IRP_MJ_CLOSEIRP_MJ_READ [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000002 IRP_MJ_WRITE [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000002 IRP_MJ_QUERY_INFORMATION [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000002 IRP_MJ_SET_INFORMATION [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000002 IRP_MJ_QUERY_EA [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000002 IRP_MJ_SET_EA [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000002 IRP_MJ_FLUSH_BUFFERS [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000002 IRP_MJ_QUERY_VOLUME_INFORMATION [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000002 IRP_MJ_SET_VOLUME_INFORMATION [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000002 IRP_MJ_DIRECTORY_CONTROL [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000002 IRP_MJ_FILE_SYSTEM_CONTROL [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000002 IRP_MJ_DEVICE_CONTROL [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000002 IRP_MJ_INTERNAL_DEVICE_CONTROL [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000002 IRP_MJ_SHUTDOWN [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000002 IRP_MJ_LOCK_CONTROL [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000002 IRP_MJ_CLEANUP [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000002 IRP_MJ_CREATE_MAILSLOT [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000002 IRP_MJ_QUERY_SECURITY [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000002 IRP_MJ_SET_SECURITY [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000002 IRP_MJ_POWER [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000002 IRP_MJ_SYSTEM_CONTROL [80531651] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000002 IRP_MJ_DEVICE_CHANGE [8061DEEF] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000002 IRP_MJ_QUERY_QUOTA [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000002 IRP_MJ_SET_QUOTA [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000002 IRP_MJ_PNP [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000002 IRP_MJ_PNP_POWER [805AD182] ntoskrnl.exe
Device \Driver\TDTCP \Device\tdtcp IRP_MJ_CREATE [F888E6EE] TDTCP.SYS
Device \Driver\TDTCP \Device\tdtcp IRP_MJ_CREATE_NAMED_PIPE [F888E6EE] TDTCP.SYS
Device \Driver\TDTCP \Device\tdtcp IRP_MJ_CLOSEIRP_MJ_READ [F888E6EE] TDTCP.SYS
Device \Driver\TDTCP \Device\tdtcp IRP_MJ_WRITE [F888E6EE] TDTCP.SYS
Device \Driver\TDTCP \Device\tdtcp IRP_MJ_QUERY_INFORMATION [F888E6EE] TDTCP.SYS
Device \Driver\TDTCP \Device\tdtcp IRP_MJ_SET_INFORMATION [F888E6EE] TDTCP.SYS
Device \Driver\TDTCP \Device\tdtcp IRP_MJ_QUERY_EA [F888E6EE] TDTCP.SYS
Device \Driver\TDTCP \Device\tdtcp IRP_MJ_SET_EA [F888E6EE] TDTCP.SYS
Device \Driver\TDTCP \Device\tdtcp IRP_MJ_FLUSH_BUFFERS [F888E6EE] TDTCP.SYS
Device \Driver\TDTCP \Device\tdtcp IRP_MJ_QUERY_VOLUME_INFORMATION [F888E6EE] TDTCP.SYS
Device \Driver\TDTCP \Device\tdtcp IRP_MJ_SET_VOLUME_INFORMATION [F888E6EE] TDTCP.SYS
Device \Driver\TDTCP \Device\tdtcp IRP_MJ_DIRECTORY_CONTROL [F888E6EE] TDTCP.SYS
Device \Driver\TDTCP \Device\tdtcp IRP_MJ_FILE_SYSTEM_CONTROL [F888E6EE] TDTCP.SYS
Device \Driver\TDTCP \Device\tdtcp IRP_MJ_DEVICE_CONTROL [F888E6EE] TDTCP.SYS
Device \Driver\TDTCP \Device\tdtcp IRP_MJ_INTERNAL_DEVICE_CONTROL [F888E6EE] TDTCP.SYS
Device \Driver\TDTCP \Device\tdtcp IRP_MJ_SHUTDOWN [F888E6EE] TDTCP.SYS
Device \Driver\TDTCP \Device\tdtcp IRP_MJ_LOCK_CONTROL [F888E6EE] TDTCP.SYS
Device \Driver\TDTCP \Device\tdtcp IRP_MJ_CLEANUP [F888E6EE] TDTCP.SYS
Device \Driver\TDTCP \Device\tdtcp IRP_MJ_CREATE_MAILSLOT [F888E6EE] TDTCP.SYS
Device \Driver\TDTCP \Device\tdtcp IRP_MJ_QUERY_SECURITY [F888E6EE] TDTCP.SYS
Device \Driver\TDTCP \Device\tdtcp IRP_MJ_SET_SECURITY [F888E6EE] TDTCP.SYS
Device \Driver\TDTCP \Device\tdtcp IRP_MJ_POWER [F888E6EE] TDTCP.SYS
Device \Driver\TDTCP \Device\tdtcp IRP_MJ_SYSTEM_CONTROL [F888E6EE] TDTCP.SYS
Device \Driver\TDTCP \Device\tdtcp IRP_MJ_DEVICE_CHANGE [F888E6EE] TDTCP.SYS
Device \Driver\TDTCP \Device\tdtcp IRP_MJ_QUERY_QUOTA [F888E6EE] TDTCP.SYS
Device \Driver\TDTCP \Device\tdtcp IRP_MJ_SET_QUOTA [F888E6EE] TDTCP.SYS
Device \Driver\TDTCP \Device\tdtcp IRP_MJ_PNP [F888E6EE] TDTCP.SYS
Device \Driver\TDTCP \Device\tdtcp IRP_MJ_PNP_POWER [F888E6EE] TDTCP.SYS
Device \Driver\Flpydisk \Device\Floppy0 IRP_MJ_CREATE [F885E39A] flpydisk.sys
Device \Driver\Flpydisk \Device\Floppy0 IRP_MJ_CREATE_NAMED_PIPE [805031BE] ntoskrnl.exe
Device \Driver\Flpydisk \Device\Floppy0 IRP_MJ_CLOSEIRP_MJ_READ [F885E39A] flpydisk.sys
Device \Driver\Flpydisk \Device\Floppy0 IRP_MJ_WRITE [F8860F24] flpydisk.sys
Device \Driver\Flpydisk \Device\Floppy0 IRP_MJ_QUERY_INFORMATION [F8860F24] flpydisk.sys
Device \Driver\Flpydisk \Device\Floppy0 IRP_MJ_SET_INFORMATION [805031BE] ntoskrnl.exe
Device \Driver\Flpydisk \Device\Floppy0 IRP_MJ_QUERY_EA [805031BE] ntoskrnl.exe
Device \Driver\Flpydisk \Device\Floppy0 IRP_MJ_SET_EA [805031BE] ntoskrnl.exe
Device \Driver\Flpydisk \Device\Floppy0 IRP_MJ_FLUSH_BUFFERS [805031BE] ntoskrnl.exe
Device \Driver\Flpydisk \Device\Floppy0 IRP_MJ_QUERY_VOLUME_INFORMATION [805031BE] ntoskrnl.exe
Device \Driver\Flpydisk \Device\Floppy0 IRP_MJ_SET_VOLUME_INFORMATION [805031BE] ntoskrnl.exe
Device \Driver\Flpydisk \Device\Floppy0 IRP_MJ_DIRECTORY_CONTROL [805031BE] ntoskrnl.exe
Device \Driver\Flpydisk \Device\Floppy0 IRP_MJ_FILE_SYSTEM_CONTROL [805031BE] ntoskrnl.exe
Device \Driver\Flpydisk \Device\Floppy0 IRP_MJ_DEVICE_CONTROL [805031BE] ntoskrnl.exe
Device \Driver\Flpydisk \Device\Floppy0 IRP_MJ_INTERNAL_DEVICE_CONTROL [F8860730] flpydisk.sys
Device \Driver\Flpydisk \Device\Floppy0 IRP_MJ_SHUTDOWN [805031BE] ntoskrnl.exe
Device \Driver\Flpydisk \Device\Floppy0 IRP_MJ_LOCK_CONTROL [805031BE] ntoskrnl.exe
Device \Driver\Flpydisk \Device\Floppy0 IRP_MJ_CLEANUP [805031BE] ntoskrnl.exe
Device \Driver\Flpydisk \Device\Floppy0 IRP_MJ_CREATE_MAILSLOT [805031BE] ntoskrnl.exe
Device \Driver\Flpydisk \Device\Floppy0 IRP_MJ_QUERY_SECURITY [805031BE] ntoskrnl.exe
Device \Driver\Flpydisk \Device\Floppy0 IRP_MJ_SET_SECURITY [805031BE] ntoskrnl.exe
Device \Driver\Flpydisk \Device\Floppy0 IRP_MJ_POWER [805031BE] ntoskrnl.exe
Device \Driver\Flpydisk \Device\Floppy0 IRP_MJ_SYSTEM_CONTROL [F885E3C0] flpydisk.sys
Device \Driver\Flpydisk \Device\Floppy0 IRP_MJ_DEVICE_CHANGE [F885E206] flpydisk.sys
Device \Driver\Flpydisk \Device\Floppy0 IRP_MJ_QUERY_QUOTA [805031BE] ntoskrnl.exe
Device \Driver\Flpydisk \Device\Floppy0 IRP_MJ_SET_QUOTA [805031BE] ntoskrnl.exe
Device \Driver\Flpydisk \Device\Floppy0 IRP_MJ_PNP [805031BE] ntoskrnl.exe
Device \Driver\Flpydisk \Device\Floppy0 IRP_MJ_PNP_POWER [F8860C28] flpydisk.sys
Device \Driver\ohci1394 \Device\1394BUS0 IRP_MJ_CREATE [F855595E] 1394BUS.SYS
Device \Driver\ohci1394 \Device\1394BUS0 IRP_MJ_CREATE_NAMED_PIPE [805031BE] ntoskrnl.exe
Device \Driver\ohci1394 \Device\1394BUS0 IRP_MJ_CLOSEIRP_MJ_READ [F855595E] 1394BUS.SYS
Device \Driver\ohci1394 \Device\1394BUS0 IRP_MJ_WRITE [805031BE] ntoskrnl.exe
Device \Driver\ohci1394 \Device\1394BUS0 IRP_MJ_QUERY_INFORMATION [805031BE] ntoskrnl.exe
Device \Driver\ohci1394 \Device\1394BUS0 IRP_MJ_SET_INFORMATION [805031BE] ntoskrnl.exe
Device \Driver\ohci1394 \Device\1394BUS0 IRP_MJ_QUERY_EA [805031BE] ntoskrnl.exe
Device \Driver\ohci1394 \Device\1394BUS0 IRP_MJ_SET_EA [805031BE] ntoskrnl.exe
Device \Driver\ohci1394 \Device\1394BUS0 IRP_MJ_FLUSH_BUFFERS [805031BE] ntoskrnl.exe
Device \Driver\ohci1394 \Device\1394BUS0 IRP_MJ_QUERY_VOLUME_INFORMATION [805031BE] ntoskrnl.exe
Device \Driver\ohci1394 \Device\1394BUS0 IRP_MJ_SET_VOLUME_INFORMATION [805031BE] ntoskrnl.exe
Device \Driver\ohci1394 \Device\1394BUS0 IRP_MJ_DIRECTORY_CONTROL [805031BE] ntoskrnl.exe
Device \Driver\ohci1394 \Device\1394BUS0 IRP_MJ_FILE_SYSTEM_CONTROL [805031BE] ntoskrnl.exe
Device \Driver\ohci1394 \Device\1394BUS0 IRP_MJ_DEVICE_CONTROL [805031BE] ntoskrnl.exe
Device \Driver\ohci1394 \Device\1394BUS0 IRP_MJ_INTERNAL_DEVICE_CONTROL [F8548042] ohci1394.sys
Device \Driver\ohci1394 \Device\1394BUS0 IRP_MJ_SHUTDOWN [F8556DDE] 1394BUS.SYS
Device \Driver\ohci1394 \Device\1394BUS0 IRP_MJ_LOCK_CONTROL [805031BE] ntoskrnl.exe
Device \Driver\ohci1394 \Device\1394BUS0 IRP_MJ_CLEANUP [805031BE] ntoskrnl.exe
Device \Driver\ohci1394 \Device\1394BUS0 IRP_MJ_CREATE_MAILSLOT [805031BE] ntoskrnl.exe
Device \Driver\ohci1394 \Device\1394BUS0 IRP_MJ_QUERY_SECURITY [805031BE] ntoskrnl.exe
Device \Driver\ohci1394 \Device\1394BUS0 IRP_MJ_SET_SECURITY [805031BE] ntoskrnl.exe
Device \Driver\ohci1394 \Device\1394BUS0 IRP_MJ_POWER [805031BE] ntoskrnl.exe
Device \Driver\ohci1394 \Device\1394BUS0 IRP_MJ_SYSTEM_CONTROL [F8559134] 1394BUS.SYS
Device \Driver\ohci1394 \Device\1394BUS0 IRP_MJ_DEVICE_CHANGE [F855D396] 1394BUS.SYS
Device \Driver\ohci1394 \Device\1394BUS0 IRP_MJ_QUERY_QUOTA [805031BE] ntoskrnl.exe
Device \Driver\ohci1394 \Device\1394BUS0 IRP_MJ_SET_QUOTA [805031BE] ntoskrnl.exe
Device \Driver\ohci1394 \Device\1394BUS0 IRP_MJ_PNP [805031BE] ntoskrnl.exe
Device \Driver\ohci1394 \Device\1394BUS0 IRP_MJ_PNP_POWER [F855ED5C] 1394BUS.SYS
Device \Driver\PnpManager \Device\00000003 IRP_MJ_CREATE [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000003 IRP_MJ_CREATE_NAMED_PIPE [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000003 IRP_MJ_CLOSEIRP_MJ_READ [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000003 IRP_MJ_WRITE [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000003 IRP_MJ_QUERY_INFORMATION [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000003 IRP_MJ_SET_INFORMATION [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000003 IRP_MJ_QUERY_EA [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000003 IRP_MJ_SET_EA [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000003 IRP_MJ_FLUSH_BUFFERS [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000003 IRP_MJ_QUERY_VOLUME_INFOR
frontrunner
Utente Junior
 
Post: 96
Iscritto il: 26/06/06 17:04

Postdi frontrunner » 30/08/06 17:46

aspetta
nn chiedermi xkè ma non riesco a mandartelo interamente

facciamo così t rimando il rootkit da principio diviso in 4 parti ok??


forse è troppo lungo e questo è uil motivo

scusa e grazie ancora
ritento in 4 parti!
GMER 1.0.10.10122 - http://www.gmer.net
Rootkit 2006-08-30 17:36:36
Windows 5.1.2600 Service Pack 2


---- System - GMER 1.0.10 ----

SSDT \??\C:\Programmi\ewido anti-spyware 4.0\guard.sys ZwOpenProcess <-- ROOTKIT !!!
SSDT \??\C:\Programmi\ewido anti-spyware 4.0\guard.sys ZwTerminateProcess <-- ROOTKIT !!!

INT 0x00 \WINDOWS\system32\ntoskrnl.exe 804DF350
INT 0x01 \WINDOWS\system32\ntoskrnl.exe 804DF4CB
INT 0x03 \WINDOWS\system32\ntoskrnl.exe 804DF89D
INT 0x04 \WINDOWS\system32\ntoskrnl.exe 804DFA20
INT 0x05 \WINDOWS\system32\ntoskrnl.exe 804DFB81
INT 0x06 \WINDOWS\system32\ntoskrnl.exe 804DFD02
INT 0x07 \WINDOWS\system32\ntoskrnl.exe 804E036A
INT 0x09 \WINDOWS\system32\ntoskrnl.exe 804E078F
INT 0x0A \WINDOWS\system32\ntoskrnl.exe 804E08AC
INT 0x0B \WINDOWS\system32\ntoskrnl.exe 804E09E9
INT 0x0C \WINDOWS\system32\ntoskrnl.exe 804E0C42
INT 0x0D \WINDOWS\system32\ntoskrnl.exe 804E0F38
INT 0x0E \WINDOWS\system32\ntoskrnl.exe 804E164F
INT 0x0F \WINDOWS\system32\ntoskrnl.exe 804E197C
INT 0x10 \WINDOWS\system32\ntoskrnl.exe 804E1A99
INT 0x11 \WINDOWS\system32\ntoskrnl.exe 804E1BCE
INT 0x12 \WINDOWS\system32\ntoskrnl.exe 804E197C
INT 0x13 \WINDOWS\system32\ntoskrnl.exe 804E1D34
INT 0x14 \WINDOWS\system32\ntoskrnl.exe 804E197C
INT 0x15 \WINDOWS\system32\ntoskrnl.exe 804E197C
INT 0x16 \WINDOWS\system32\ntoskrnl.exe 804E197C
INT 0x17 \WINDOWS\system32\ntoskrnl.exe 804E197C
INT 0x18 \WINDOWS\system32\ntoskrnl.exe 804E197C
INT 0x19 \WINDOWS\system32\ntoskrnl.exe 804E197C
INT 0x1A \WINDOWS\system32\ntoskrnl.exe 804E197C
INT 0x1B \WINDOWS\system32\ntoskrnl.exe 804E197C
INT 0x1C \WINDOWS\system32\ntoskrnl.exe 804E197C
INT 0x1D \WINDOWS\system32\ntoskrnl.exe 804E197C
INT 0x1E \WINDOWS\system32\ntoskrnl.exe 804E197C
INT 0x1F \WINDOWS\system32\hal.dll 806EDFD0
INT 0x2A \WINDOWS\system32\ntoskrnl.exe 804DEB92
INT 0x2B \WINDOWS\system32\ntoskrnl.exe 804DEC95
INT 0x2C \WINDOWS\system32\ntoskrnl.exe 804DEE34
INT 0x2D \WINDOWS\system32\ntoskrnl.exe 804DF77C
INT 0x2E \WINDOWS\system32\ntoskrnl.exe 804DE631
INT 0x2F \WINDOWS\system32\ntoskrnl.exe 804E197C
INT 0x30 \WINDOWS\system32\ntoskrnl.exe 804DDCF0
INT 0x31 \WINDOWS\system32\ntoskrnl.exe 804DDCFA
INT 0x32 \WINDOWS\system32\ntoskrnl.exe 804DDD04
INT 0x33 \WINDOWS\system32\ntoskrnl.exe 804DDD0E
INT 0x34 \WINDOWS\system32\ntoskrnl.exe 804DDD18
INT 0x35 \WINDOWS\system32\ntoskrnl.exe 804DDD22
INT 0x36 \WINDOWS\system32\ntoskrnl.exe 804DDD2C
INT 0x37 \WINDOWS\system32\hal.dll 806ED728
INT 0x38 \WINDOWS\system32\ntoskrnl.exe 804DDD40
INT 0x39 \WINDOWS\system32\ntoskrnl.exe 804DDD4A
INT 0x3A \WINDOWS\system32\ntoskrnl.exe 804DDD54
INT 0x3B \WINDOWS\system32\ntoskrnl.exe 804DDD5E
INT 0x3C \WINDOWS\system32\ntoskrnl.exe 804DDD68
INT 0x3D \WINDOWS\system32\hal.dll 806EEB70
INT 0x3E \WINDOWS\system32\ntoskrnl.exe 804DDD7C
INT 0x3F \WINDOWS\system32\ntoskrnl.exe 804DDD86
INT 0x40 \WINDOWS\system32\ntoskrnl.exe 804DDD90
INT 0x41 \WINDOWS\system32\hal.dll 806EE9CC
INT 0x42 \WINDOWS\system32\ntoskrnl.exe 804DDDA4
INT 0x43 \WINDOWS\system32\ntoskrnl.exe 804DDDAE
INT 0x44 \WINDOWS\system32\ntoskrnl.exe 804DDDB8
INT 0x45 \WINDOWS\system32\ntoskrnl.exe 804DDDC2
INT 0x46 \WINDOWS\system32\ntoskrnl.exe 804DDDCC
INT 0x47 \WINDOWS\system32\ntoskrnl.exe 804DDDD6
INT 0x48 \WINDOWS\system32\ntoskrnl.exe 804DDDE0
INT 0x49 \WINDOWS\system32\ntoskrnl.exe 804DDDEA
INT 0x4A \WINDOWS\system32\ntoskrnl.exe 804DDDF4
INT 0x4B \WINDOWS\system32\ntoskrnl.exe 804DDDFE
INT 0x4C \WINDOWS\system32\ntoskrnl.exe 804DDE08
INT 0x4D \WINDOWS\system32\ntoskrnl.exe 804DDE12
INT 0x4E \WINDOWS\system32\ntoskrnl.exe 804DDE1C
INT 0x4F \WINDOWS\system32\ntoskrnl.exe 804DDE26
INT 0x50 \WINDOWS\system32\hal.dll 806ED800
INT 0x51 \WINDOWS\system32\ntoskrnl.exe 804DDE3A
INT 0x52 \WINDOWS\system32\ntoskrnl.exe 804DDE44
INT 0x53 \WINDOWS\system32\ntoskrnl.exe 804DDE4E
INT 0x54 \WINDOWS\system32\ntoskrnl.exe 804DDE58
INT 0x55 \WINDOWS\system32\ntoskrnl.exe 804DDE62
INT 0x56 \WINDOWS\system32\ntoskrnl.exe 804DDE6C
INT 0x57 \WINDOWS\system32\ntoskrnl.exe 804DDE76
INT 0x58 \WINDOWS\system32\ntoskrnl.exe 804DDE80
INT 0x59 \WINDOWS\system32\ntoskrnl.exe 804DDE8A
INT 0x5A \WINDOWS\system32\ntoskrnl.exe 804DDE94
INT 0x5B \WINDOWS\system32\ntoskrnl.exe 804DDE9E
INT 0x5C \WINDOWS\system32\ntoskrnl.exe 804DDEA8
INT 0x5D \WINDOWS\system32\ntoskrnl.exe 804DDEB2
INT 0x5E \WINDOWS\system32\ntoskrnl.exe 804DDEBC
INT 0x5F \WINDOWS\system32\ntoskrnl.exe 804DDEC6
INT 0x60 \WINDOWS\system32\ntoskrnl.exe 804DDED0
INT 0x61 \WINDOWS\system32\ntoskrnl.exe 804DDEDA
INT 0x64 \WINDOWS\system32\ntoskrnl.exe 804DDEF8
INT 0x65 \WINDOWS\system32\ntoskrnl.exe 804DDF02
INT 0x66 \WINDOWS\system32\ntoskrnl.exe 804DDF0C
INT 0x67 \WINDOWS\system32\ntoskrnl.exe 804DDF16
INT 0x68 \WINDOWS\system32\ntoskrnl.exe 804DDF20
INT 0x69 \WINDOWS\system32\ntoskrnl.exe 804DDF2A
INT 0x6A \WINDOWS\system32\ntoskrnl.exe 804DDF34
INT 0x6B \WINDOWS\system32\ntoskrnl.exe 804DDF3E
INT 0x6C \WINDOWS\system32\ntoskrnl.exe 804DDF48
INT 0x6D \WINDOWS\system32\ntoskrnl.exe 804DDF52
INT 0x6E \WINDOWS\system32\ntoskrnl.exe 804DDF5C
INT 0x6F \WINDOWS\system32\ntoskrnl.exe 804DDF66
INT 0x70 \WINDOWS\system32\ntoskrnl.exe 804DDF70
INT 0x71 \WINDOWS\system32\ntoskrnl.exe 804DDF7A
INT 0x72 \WINDOWS\system32\ntoskrnl.exe 804DDF84
INT 0x74 \WINDOWS\system32\ntoskrnl.exe 804DDF98
INT 0x75 \WINDOWS\system32\ntoskrnl.exe 804DDFA2
INT 0x76 \WINDOWS\system32\ntoskrnl.exe 804DDFAC
INT 0x77 \WINDOWS\system32\ntoskrnl.exe 804DDFB6
INT 0x78 \WINDOWS\system32\ntoskrnl.exe 804DDFC0
INT 0x79 \WINDOWS\system32\ntoskrnl.exe 804DDFCA
INT 0x7A \WINDOWS\system32\ntoskrnl.exe 804DDFD4
INT 0x7B \WINDOWS\system32\ntoskrnl.exe 804DDFDE
INT 0x7C \WINDOWS\system32\ntoskrnl.exe 804DDFE8
INT 0x7D \WINDOWS\system32\ntoskrnl.exe 804DDFF2
INT 0x7E \WINDOWS\system32\ntoskrnl.exe 804DDFFC
INT 0x7F \WINDOWS\system32\ntoskrnl.exe 804DE006
INT 0x80 \WINDOWS\system32\ntoskrnl.exe 804DE010
INT 0x81 \WINDOWS\system32\ntoskrnl.exe 804DE01A
INT 0x85 \WINDOWS\system32\ntoskrnl.exe 804DE042
INT 0x86 \WINDOWS\system32\ntoskrnl.exe 804DE04C
INT 0x87 \WINDOWS\system32\ntoskrnl.exe 804DE056
INT 0x88 \WINDOWS\system32\ntoskrnl.exe 804DE060
INT 0x89 \WINDOWS\system32\ntoskrnl.exe 804DE06A
INT 0x8A \WINDOWS\system32\ntoskrnl.exe 804DE074
INT 0x8B \WINDOWS\system32\ntoskrnl.exe 804DE07E
INT 0x8C \WINDOWS\system32\ntoskrnl.exe 804DE088
INT 0x8D \WINDOWS\system32\ntoskrnl.exe 804DE092
INT 0x8E \WINDOWS\system32\ntoskrnl.exe 804DE09C
INT 0x8F \WINDOWS\system32\ntoskrnl.exe 804DE0A6
INT 0x90 \WINDOWS\system32\ntoskrnl.exe 804DE0B0
INT 0x91 \WINDOWS\system32\ntoskrnl.exe 804DE0BA
INT 0x95 \WINDOWS\system32\ntoskrnl.exe 804DE0E2
INT 0x96 \WINDOWS\system32\ntoskrnl.exe 804DE0EC
INT 0x97 \WINDOWS\system32\ntoskrnl.exe 804DE0F6
INT 0x98 \WINDOWS\system32\ntoskrnl.exe 804DE100
INT 0x99 \WINDOWS\system32\ntoskrnl.exe 804DE10A
INT 0x9A \WINDOWS\system32\ntoskrnl.exe 804DE114
INT 0x9B \WINDOWS\system32\ntoskrnl.exe 804DE11E
INT 0x9C \WINDOWS\system32\ntoskrnl.exe 804DE128
INT 0x9D \WINDOWS\system32\ntoskrnl.exe 804DE132
INT 0x9E \WINDOWS\system32\ntoskrnl.exe 804DE13C
INT 0x9F \WINDOWS\system32\ntoskrnl.exe 804DE146
INT 0xA0 \WINDOWS\system32\ntoskrnl.exe 804DE150
INT 0xA1 \WINDOWS\system32\ntoskrnl.exe 804DE15A
INT 0xA2 \WINDOWS\system32\ntoskrnl.exe 804DE164
INT 0xA5 \WINDOWS\system32\ntoskrnl.exe 804DE182
INT 0xA6 \WINDOWS\system32\ntoskrnl.exe 804DE18C
INT 0xA7 \WINDOWS\system32\ntoskrnl.exe 804DE196
INT 0xA8 \WINDOWS\system32\ntoskrnl.exe 804DE1A0
INT 0xA9 \WINDOWS\system32\ntoskrnl.exe 804DE1AA
INT 0xAA \WINDOWS\system32\ntoskrnl.exe 804DE1B4
INT 0xAB \WINDOWS\system32\ntoskrnl.exe 804DE1BE
INT 0xAC \WINDOWS\system32\ntoskrnl.exe 804DE1C8
INT 0xAD \WINDOWS\system32\ntoskrnl.exe 804DE1D2
INT 0xAE \WINDOWS\system32\ntoskrnl.exe 804DE1DC
INT 0xAF \WINDOWS\system32\ntoskrnl.exe 804DE1E6
INT 0xB0 \WINDOWS\system32\ntoskrnl.exe 804DE1F0
INT 0xB3 \WINDOWS\system32\ntoskrnl.exe 804DE20E
INT 0xB5 \WINDOWS\system32\ntoskrnl.exe 804DE222
INT 0xB6 \WINDOWS\system32\ntoskrnl.exe 804DE22C
INT 0xB7 \WINDOWS\system32\ntoskrnl.exe 804DE236
INT 0xB8 \WINDOWS\system32\ntoskrnl.exe 804DE240
INT 0xB9 \WINDOWS\system32\ntoskrnl.exe 804DE24A
INT 0xBA \WINDOWS\system32\ntoskrnl.exe 804DE254
INT 0xBB \WINDOWS\system32\ntoskrnl.exe 804DE25E
INT 0xBC \WINDOWS\system32\ntoskrnl.exe 804DE268
INT 0xBD \WINDOWS\system32\ntoskrnl.exe 804DE272
INT 0xBE \WINDOWS\system32\ntoskrnl.exe 804DE27C
INT 0xBF \WINDOWS\system32\ntoskrnl.exe 804DE286
INT 0xC0 \WINDOWS\system32\ntoskrnl.exe 804DE290
INT 0xC1 \WINDOWS\system32\hal.dll 806ED984
INT 0xC2 \WINDOWS\system32\ntoskrnl.exe 804DE2A4
INT 0xC3 \WINDOWS\system32\ntoskrnl.exe 804DE2AE
INT 0xC4 \WINDOWS\system32\ntoskrnl.exe 804DE2B8
INT 0xC5 \WINDOWS\system32\ntoskrnl.exe 804DE2C2
INT 0xC6 \WINDOWS\system32\ntoskrnl.exe 804DE2CC
INT 0xC7 \WINDOWS\system32\ntoskrnl.exe 804DE2D6
INT 0xC8 \WINDOWS\system32\ntoskrnl.exe 804DE2E0
INT 0xC9 \WINDOWS\system32\ntoskrnl.exe 804DE2EA
INT 0xCA \WINDOWS\system32\ntoskrnl.exe 804DE2F4
INT 0xCB \WINDOWS\system32\ntoskrnl.exe 804DE2FE
INT 0xCC \WINDOWS\system32\ntoskrnl.exe 804DE308
INT 0xCD \WINDOWS\system32\ntoskrnl.exe 804DE312
INT 0xCE \WINDOWS\system32\ntoskrnl.exe 804DE31C
INT 0xCF \WINDOWS\system32\ntoskrnl.exe 804DE326
INT 0xD0 \WINDOWS\system32\ntoskrnl.exe 804DE330
INT 0xD1 \WINDOWS\system32\hal.dll 806ECD34
INT 0xD2 \WINDOWS\system32\ntoskrnl.exe 804DE344
INT 0xD3 \WINDOWS\system32\ntoskrnl.exe 804DE34E
INT 0xD4 \WINDOWS\system32\ntoskrnl.exe 804DE358
INT 0xD5 \WINDOWS\system32\ntoskrnl.exe 804DE362
INT 0xD6 \WINDOWS\system32\ntoskrnl.exe 804DE36C
INT 0xD7 \WINDOWS\system32\ntoskrnl.exe 804DE376
INT 0xD8 \WINDOWS\system32\ntoskrnl.exe 804DE380
INT 0xD9 \WINDOWS\system32\ntoskrnl.exe 804DE38A
INT 0xDA \WINDOWS\system32\ntoskrnl.exe 804DE394
INT 0xDB \WINDOWS\system32\ntoskrnl.exe 804DE39E
INT 0xDC \WINDOWS\system32\ntoskrnl.exe 804DE3A8
INT 0xDD \WINDOWS\system32\ntoskrnl.exe 804DE3B2
INT 0xDE \WINDOWS\system32\ntoskrnl.exe 804DE3BC
INT 0xDF \WINDOWS\system32\ntoskrnl.exe 804DE3C6
INT 0xE0 \WINDOWS\system32\ntoskrnl.exe 804DE3D0
INT 0xE1 \WINDOWS\system32\hal.dll 806EDF0C
INT 0xE2 \WINDOWS\system32\ntoskrnl.exe 804DE3E4
INT 0xE3 \WINDOWS\system32\hal.dll 806EDC70
INT 0xE4 \WINDOWS\system32\ntoskrnl.exe 804DE3F8
INT 0xE5 \WINDOWS\system32\ntoskrnl.exe 804DE402
INT 0xE6 \WINDOWS\system32\ntoskrnl.exe 804DE40C
INT 0xE7 \WINDOWS\system32\ntoskrnl.exe 804DE416
INT 0xE8 \WINDOWS\system32\ntoskrnl.exe 804DE420
INT 0xE9 \WINDOWS\system32\ntoskrnl.exe 804DE42A
INT 0xEA \WINDOWS\system32\ntoskrnl.exe 804DE434
INT 0xEB \WINDOWS\system32\ntoskrnl.exe 804DE43E
INT 0xEC \WINDOWS\system32\ntoskrnl.exe 804DE448
INT 0xED \WINDOWS\system32\ntoskrnl.exe 804DE452
INT 0xEE \WINDOWS\system32\ntoskrnl.exe 804DE459
INT 0xEF \WINDOWS\system32\ntoskrnl.exe 804DE460
INT 0xF0 \WINDOWS\system32\ntoskrnl.exe 804DE467
INT 0xF1 \WINDOWS\system32\ntoskrnl.exe 804DE46E
INT 0xF2 \WINDOWS\system32\ntoskrnl.exe 804DE475
INT 0xF3 \WINDOWS\system32\ntoskrnl.exe 804DE47C
INT 0xF4 \WINDOWS\system32\ntoskrnl.exe 804DE483
INT 0xF5 \WINDOWS\system32\ntoskrnl.exe 804DE48A
INT 0xF6 \WINDOWS\system32\ntoskrnl.exe 804DE491
INT 0xF7 \WINDOWS\system32\ntoskrnl.exe 804DE498
INT 0xF8 \WINDOWS\system32\ntoskrnl.exe 804DE49F
INT 0xF9 \WINDOWS\system32\ntoskrnl.exe 804DE4A6
INT 0xFA \WINDOWS\system32\ntoskrnl.exe 804DE4AD
INT 0xFB \WINDOWS\system32\ntoskrnl.exe 804DE4B4
INT 0xFC \WINDOWS\system32\ntoskrnl.exe 804DE4BB
INT 0xFD \WINDOWS\system32\hal.dll 806EE464
INT 0xFE \WINDOWS\system32\hal.dll 806EE604
INT 0xFF \WINDOWS\system32\ntoskrnl.exe 804DE4D0

SYSENTER \WINDOWS\system32\ntoskrnl.exe 804DE6F0

---- Devices - GMER 1.0.10 ----

Device \FileSystem\Ntfs \Ntfs IRP_MJ_CREATE [F83DAE37] Ntfs.sys
Device \FileSystem\Ntfs \Ntfs IRP_MJ_CREATE_NAMED_PIPE [805031BE] ntoskrnl.exe
Device \FileSystem\Ntfs \Ntfs IRP_MJ_CLOSEIRP_MJ_READ [F83DA320] Ntfs.sys
Device \FileSystem\Ntfs \Ntfs IRP_MJ_WRITE [F83B7EE4] Ntfs.sys
Device \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_INFORMATION [F83B6BCA] Ntfs.sys
Device \FileSystem\Ntfs \Ntfs IRP_MJ_SET_INFORMATION [F83DB4D1] Ntfs.sys
Device \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_EA [F83B8A58] Ntfs.sys
Device \FileSystem\Ntfs \Ntfs IRP_MJ_SET_EA [F83DB4D1] Ntfs.sys
Device \FileSystem\Ntfs \Ntfs IRP_MJ_FLUSH_BUFFERS [F83DB4D1] Ntfs.sys
Device \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_VOLUME_INFORMATION [F83E0A68] Ntfs.sys
Device \FileSystem\Ntfs \Ntfs IRP_MJ_SET_VOLUME_INFORMATION [F83DB61C] Ntfs.sys
Device \FileSystem\Ntfs \Ntfs IRP_MJ_DIRECTORY_CONTROL [F83DB61C] Ntfs.sys
Device \FileSystem\Ntfs \Ntfs IRP_MJ_FILE_SYSTEM_CONTROL [F83DD2C3] Ntfs.sys
Device \FileSystem\Ntfs \Ntfs IRP_MJ_DEVICE_CONTROL [F83E26D5] Ntfs.sys
Device \FileSystem\Ntfs \Ntfs IRP_MJ_INTERNAL_DEVICE_CONTROL [F83DB61C] Ntfs.sys
Device \FileSystem\Ntfs \Ntfs IRP_MJ_SHUTDOWN [805031BE] ntoskrnl.exe
Device \FileSystem\Ntfs \Ntfs IRP_MJ_LOCK_CONTROL [F83C9621] Ntfs.sys
Device \FileSystem\Ntfs \Ntfs IRP_MJ_CLEANUP [F842EB11] Ntfs.sys
Device \FileSystem\Ntfs \Ntfs IRP_MJ_CREATE_MAILSLOT [F83DACEE] Ntfs.sys
Device \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_SECURITY [805031BE] ntoskrnl.exe
Device \FileSystem\Ntfs \Ntfs IRP_MJ_SET_SECURITY [F83DB61C] Ntfs.sys
Device \FileSystem\Ntfs \Ntfs IRP_MJ_POWER [F83DB61C] Ntfs.sys
Device \FileSystem\Ntfs \Ntfs IRP_MJ_SYSTEM_CONTROL [805031BE] ntoskrnl.exe
Device \FileSystem\Ntfs \Ntfs IRP_MJ_DEVICE_CHANGE [805031BE] ntoskrnl.exe
Device \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_QUOTA [805031BE] ntoskrnl.exe
Device \FileSystem\Ntfs \Ntfs IRP_MJ_SET_QUOTA [F83DB4D1] Ntfs.sys
Device \FileSystem\Ntfs \Ntfs IRP_MJ_PNP [F83DB4D1] Ntfs.sys
Device \FileSystem\Ntfs \Ntfs IRP_MJ_PNP_POWER [F83F9F3F] Ntfs.sys
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_CREATE [EFC4CC8A] Fastfat.SYS
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_CREATE_NAMED_PIPE [805031BE] ntoskrnl.exe
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_CLOSEIRP_MJ_READ [EFC497C8] Fastfat.SYS
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_WRITE [EFC4560A] Fastfat.SYS
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_QUERY_INFORMATION [EFC45AED] Fastfat.SYS
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_SET_INFORMATION [EFC50958] Fastfat.SYS
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_QUERY_EA [EFC53821] Fastfat.SYS
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_SET_EA [EFC5C38A] Fastfat.SYS
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_FLUSH_BUFFERS [EFC5BD49] Fastfat.SYS
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_QUERY_VOLUME_INFORMATION [EFC55BBE] Fastfat.SYS
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_SET_VOLUME_INFORMATION [EFC56331] Fastfat.SYS
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_DIRECTORY_CONTROL [EFC644F4] Fastfat.SYS
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_FILE_SYSTEM_CONTROL [EFC4CB37] Fastfat.SYS
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_DEVICE_CONTROL [EFC48948] Fastfat.SYS
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_INTERNAL_DEVICE_CONTROL [EFC5246B] Fastfat.SYS
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_SHUTDOWN [805031BE] ntoskrnl.exe
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_LOCK_CONTROL [EFC6379D] Fastfat.SYS
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_CLEANUP [EFC62C4A] Fastfat.SYS
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_CREATE_MAILSLOT [EFC492FD] Fastfat.SYS
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_QUERY_SECURITY [805031BE] ntoskrnl.exe
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_SET_SECURITY [805031BE] ntoskrnl.exe
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_POWER [805031BE] ntoskrnl.exe
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_SYSTEM_CONTROL [805031BE] ntoskrnl.exe
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_DEVICE_CHANGE [805031BE] ntoskrnl.exe
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_QUERY_QUOTA [805031BE] ntoskrnl.exe
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_SET_QUOTA [805031BE] ntoskrnl.exe
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_PNP [805031BE] ntoskrnl.exe
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_PNP_POWER [EFC631DB] Fastfat.SYS
Device \FileSystem\Mup \Dfs IRP_MJ_CREATE [F8372A80] Mup.sys
Device \FileSystem\Mup \Dfs IRP_MJ_CREATE_NAMED_PIPE [F8372A80] Mup.sys
Device \FileSystem\Mup \Dfs IRP_MJ_CLOSEIRP_MJ_READ [F8377A76] Mup.sys
Device \FileSystem\Mup \Dfs IRP_MJ_WRITE [F836F52D] Mup.sys
Device \FileSystem\Mup \Dfs IRP_MJ_QUERY_INFORMATION [F8374159] Mup.sys
Device \FileSystem\Mup \Dfs IRP_MJ_SET_INFORMATION [F837FB88] Mup.sys
Device \FileSystem\Mup \Dfs IRP_MJ_QUERY_EA [F837FDF2] Mup.sys
Device \FileSystem\Mup \Dfs IRP_MJ_SET_EA [F836F52D] Mup.sys
Device \FileSystem\Mup \Dfs IRP_MJ_FLUSH_BUFFERS [F836F52D] Mup.sys
Device \FileSystem\Mup \Dfs IRP_MJ_QUERY_VOLUME_INFORMATION [F836F52D] Mup.sys
Device \FileSystem\Mup \Dfs IRP_MJ_SET_VOLUME_INFORMATION [F8384492] Mup.sys
Device \FileSystem\Mup \Dfs IRP_MJ_DIRECTORY_CONTROL [F8384585] Mup.sys
Device \FileSystem\Mup \Dfs IRP_MJ_FILE_SYSTEM_CONTROL [F836F52D] Mup.sys
Device \FileSystem\Mup \Dfs IRP_MJ_DEVICE_CONTROL [F83775D2] Mup.sys
Device \FileSystem\Mup \Dfs IRP_MJ_INTERNAL_DEVICE_CONTROL [F836F52D] Mup.sys
Device \FileSystem\Mup \Dfs IRP_MJ_SHUTDOWN [F836F52D] Mup.sys
Device \FileSystem\Mup \Dfs IRP_MJ_LOCK_CONTROL [F837F33D] Mup.sys
Device \FileSystem\Mup \Dfs IRP_MJ_CLEANUP [F836F52D] Mup.sys
Device \FileSystem\Mup \Dfs IRP_MJ_CREATE_MAILSLOT [F8377AB9] Mup.sys
Device \FileSystem\Mup \Dfs IRP_MJ_QUERY_SECURITY [F8372A80] Mup.sys
Device \FileSystem\Mup \Dfs IRP_MJ_SET_SECURITY [F836F52D] Mup.sys
Device \FileSystem\Mup \Dfs IRP_MJ_POWER [F836F52D] Mup.sys
Device \FileSystem\Mup \Dfs IRP_MJ_SYSTEM_CONTROL [F836F52D] Mup.sys
Device \FileSystem\Mup \Dfs IRP_MJ_DEVICE_CHANGE [F836E35A] Mup.sys
Device \FileSystem\Mup \Dfs IRP_MJ_QUERY_QUOTA [F836F52D] Mup.sys
Device \FileSystem\Mup \Dfs IRP_MJ_SET_QUOTA [F836F52D] Mup.sys
Device \FileSystem\Mup \Dfs IRP_MJ_PNP [F836F52D] Mup.sys
Device \FileSystem\Mup \Dfs IRP_MJ_PNP_POWER [F836F52D] Mup.sys
Device \Driver\NDIS \Device\Ndis IRP_MJ_CREATE [F8390982] NDIS.sys
Device \Driver\NDIS \Device\Ndis IRP_MJ_CREATE_NAMED_PIPE [F8390982] NDIS.sys
Device \Driver\NDIS \Device\Ndis IRP_MJ_CLOSEIRP_MJ_READ [F8390982] NDIS.sys
Device \Driver\NDIS \Device\Ndis IRP_MJ_WRITE [F8390982] NDIS.sys
Device \Driver\NDIS \Device\Ndis IRP_MJ_QUERY_INFORMATION [F8390982] NDIS.sys
Device \Driver\NDIS \Device\Ndis IRP_MJ_SET_INFORMATION [F8390982] NDIS.sys
Device \Driver\NDIS \Device\Ndis IRP_MJ_QUERY_EA [F8390982] NDIS.sys
Device \Driver\NDIS \Device\Ndis IRP_MJ_SET_EA [F8390982] NDIS.sys
Device \Driver\NDIS \Device\Ndis IRP_MJ_FLUSH_BUFFERS [F8390982] NDIS.sys
Device \Driver\NDIS \Device\Ndis IRP_MJ_QUERY_VOLUME_INFORMATION [F8390982] NDIS.sys
Device \Driver\NDIS \Device\Ndis IRP_MJ_SET_VOLUME_INFORMATION [F8390982] NDIS.sys
Device \Driver\NDIS \Device\Ndis IRP_MJ_DIRECTORY_CONTROL [F8390982] NDIS.sys
Device \Driver\NDIS \Device\Ndis IRP_MJ_FILE_SYSTEM_CONTROL [F8390982] NDIS.sys
Device \Driver\NDIS \Device\Ndis IRP_MJ_DEVICE_CONTROL [F8390982] NDIS.sys
Device \Driver\NDIS \Device\Ndis IRP_MJ_INTERNAL_DEVICE_CONTROL [F8390982] NDIS.sys
Device \Driver\NDIS \Device\Ndis IRP_MJ_SHUTDOWN [F8390982] NDIS.sys
Device \Driver\NDIS \Device\Ndis IRP_MJ_LOCK_CONTROL [F8390982] NDIS.sys
Device \Driver\NDIS \Device\Ndis IRP_MJ_CLEANUP [F8390982] NDIS.sys
Device \Driver\NDIS \Device\Ndis IRP_MJ_CREATE_MAILSLOT [F8390982] NDIS.sys
Device \Driver\NDIS \Device\Ndis IRP_MJ_QUERY_SECURITY [F8390982] NDIS.sys
Device \Driver\NDIS \Device\Ndis IRP_MJ_SET_SECURITY [F8390982] NDIS.sys
Device \Driver\NDIS \Device\Ndis IRP_MJ_POWER [F8390982] NDIS.sys
Device \Driver\NDIS \Device\Ndis IRP_MJ_SYSTEM_CONTROL [F8390982] NDIS.sys
Device \Driver\NDIS \Device\Ndis IRP_MJ_DEVICE_CHANGE [F8390982] NDIS.sys
Device \Driver\NDIS \Device\Ndis IRP_MJ_QUERY_QUOTA [F8390982] NDIS.sys
Device \Driver\NDIS \Device\Ndis IRP_MJ_SET_QUOTA [F8390982] NDIS.sys
Device \Driver\NDIS \Device\Ndis IRP_MJ_PNP [F8390982] NDIS.sys
Device \Driver\NDIS \Device\Ndis IRP_MJ_PNP_POWER [F8390982] NDIS.sys
Device \Driver\KSecDD \Device\KsecDD IRP_MJ_CREATE [F8448D62] KSecDD.sys
Device \Driver\KSecDD \Device\KsecDD IRP_MJ_CREATE_NAMED_PIPE [805031BE] ntoskrnl.exe
Device \Driver\KSecDD \Device\KsecDD IRP_MJ_CLOSEIRP_MJ_READ [F8448D62] KSecDD.sys
Device \Driver\KSecDD \Device\KsecDD IRP_MJ_WRITE [F8448D62] KSecDD.sys
Device \Driver\KSecDD \Device\KsecDD IRP_MJ_QUERY_INFORMATION [F8448D62] KSecDD.sys
Device \Driver\KSecDD \Device\KsecDD IRP_MJ_SET_INFORMATION [F8448D62] KSecDD.sys
Device \Driver\KSecDD \Device\KsecDD IRP_MJ_QUERY_EA [805031BE] ntoskrnl.exe
Device \Driver\KSecDD \Device\KsecDD IRP_MJ_SET_EA [805031BE] ntoskrnl.exe
Device \Driver\KSecDD \Device\KsecDD IRP_MJ_FLUSH_BUFFERS [805031BE] ntoskrnl.exe
Device \Driver\KSecDD \Device\KsecDD IRP_MJ_QUERY_VOLUME_INFORMATION [805031BE] ntoskrnl.exe
Device \Driver\KSecDD \Device\KsecDD IRP_MJ_SET_VOLUME_INFORMATION [F8448D62] KSecDD.sys
Device \Driver\KSecDD \Device\KsecDD IRP_MJ_DIRECTORY_CONTROL [805031BE] ntoskrnl.exe
Device \Driver\KSecDD \Device\KsecDD IRP_MJ_FILE_SYSTEM_CONTROL [805031BE] ntoskrnl.exe
Device \Driver\KSecDD \Device\KsecDD IRP_MJ_DEVICE_CONTROL [805031BE] ntoskrnl.exe
Device \Driver\KSecDD \Device\KsecDD IRP_MJ_INTERNAL_DEVICE_CONTROL [F8448D62] KSecDD.sys
Device \Driver\KSecDD \Device\KsecDD IRP_MJ_SHUTDOWN [805031BE] ntoskrnl.exe
Device \Driver\KSecDD \Device\KsecDD IRP_MJ_LOCK_CONTROL [805031BE] ntoskrnl.exe
Device \Driver\KSecDD \Device\KsecDD IRP_MJ_CLEANUP [805031BE] ntoskrnl.exe
Device \Driver\KSecDD \Device\KsecDD IRP_MJ_CREATE_MAILSLOT [805031BE] ntoskrnl.exe
Device \Driver\KSecDD \Device\KsecDD IRP_MJ_QUERY_SECURITY [805031BE] ntoskrnl.exe
Device \Driver\KSecDD \Device\KsecDD IRP_MJ_SET_SECURITY [805031BE] ntoskrnl.exe
Device \Driver\KSecDD \Device\KsecDD IRP_MJ_POWER [805031BE] ntoskrnl.exe
Device \Driver\KSecDD \Device\KsecDD IRP_MJ_SYSTEM_CONTROL [805031BE] ntoskrnl.exe
Device \Driver\KSecDD \Device\KsecDD IRP_MJ_DEVICE_CHANGE [805031BE] ntoskrnl.exe
Device \Driver\KSecDD \Device\KsecDD IRP_MJ_QUERY_QUOTA [805031BE] ntoskrnl.exe
Device \Driver\KSecDD \Device\KsecDD IRP_MJ_SET_QUOTA [805031BE] ntoskrnl.exe
Device \Driver\KSecDD \Device\KsecDD IRP_MJ_PNP [805031BE] ntoskrnl.exe
Device \Driver\KSecDD \Device\KsecDD IRP_MJ_PNP_POWER [805031BE] ntoskrnl.exe
Device \Device\00000019
Device \Device\00000025
Device \Driver\PnpManager \Device\00000032 IRP_MJ_CREATE [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000032 IRP_MJ_CREATE_NAMED_PIPE [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000032 IRP_MJ_CLOSEIRP_MJ_READ [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000032 IRP_MJ_WRITE [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000032 IRP_MJ_QUERY_INFORMATION [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000032 IRP_MJ_SET_INFORMATION [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000032 IRP_MJ_QUERY_EA [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000032 IRP_MJ_SET_EA [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000032 IRP_MJ_FLUSH_BUFFERS [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000032 IRP_MJ_QUERY_VOLUME_INFORMATION [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000032 IRP_MJ_SET_VOLUME_INFORMATION [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000032 IRP_MJ_DIRECTORY_CONTROL [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000032 IRP_MJ_FILE_SYSTEM_CONTROL [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000032 IRP_MJ_DEVICE_CONTROL [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000032 IRP_MJ_INTERNAL_DEVICE_CONTROL [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000032 IRP_MJ_SHUTDOWN [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000032 IRP_MJ_LOCK_CONTROL [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000032 IRP_MJ_CLEANUP [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000032 IRP_MJ_CREATE_MAILSLOT [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000032 IRP_MJ_QUERY_SECURITY [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000032 IRP_MJ_SET_SECURITY [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000032 IRP_MJ_POWER [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000032 IRP_MJ_SYSTEM_CONTROL [80531651] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000032 IRP_MJ_DEVICE_CHANGE [8061DEEF] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000032 IRP_MJ_QUERY_QUOTA [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000032 IRP_MJ_SET_QUOTA [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000032 IRP_MJ_PNP [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000032 IRP_MJ_PNP_POWER [805AD182] ntoskrnl.exe
Device \Driver\Beep \Device\Beep IRP_MJ_CREATE [F8A6746A] Beep.SYS
Device \Driver\Beep \Device\Beep IRP_MJ_CREATE_NAMED_PIPE [805031BE] ntoskrnl.exe
Device \Driver\Beep \Device\Beep IRP_MJ_CLOSEIRP_MJ_READ [F8A674B8] Beep.SYS
Device \Driver\Beep \Device\Beep IRP_MJ_WRITE [805031BE] ntoskrnl.exe
Device \Driver\Beep \Device\Beep IRP_MJ_QUERY_INFORMATION [805031BE] ntoskrnl.exe
Device \Driver\Beep \Device\Beep IRP_MJ_SET_INFORMATION [805031BE] ntoskrnl.exe
Device \Driver\Beep \Device\Beep IRP_MJ_QUERY_EA [805031BE] ntoskrnl.exe
Device \Driver\Beep \Device\Beep IRP_MJ_SET_EA [805031BE] ntoskrnl.exe
Device \Driver\Beep \Device\Beep IRP_MJ_FLUSH_BUFFERS [805031BE] ntoskrnl.exe
Device \Driver\Beep \Device\Beep IRP_MJ_QUERY_VOLUME_INFORMATION [805031BE] ntoskrnl.exe
Device \Driver\Beep \Device\Beep IRP_MJ_SET_VOLUME_INFORMATION [805031BE] ntoskrnl.exe
Device \Driver\Beep \Device\Beep IRP_MJ_DIRECTORY_CONTROL [805031BE] ntoskrnl.exe
Device \Driver\Beep \Device\Beep IRP_MJ_FILE_SYSTEM_CONTROL [805031BE] ntoskrnl.exe
Device \Driver\Beep \Device\Beep IRP_MJ_DEVICE_CONTROL [805031BE] ntoskrnl.exe
Device \Driver\Beep \Device\Beep IRP_MJ_INTERNAL_DEVICE_CONTROL [F8A67400] Beep.SYS
Device \Driver\Beep \Device\Beep IRP_MJ_SHUTDOWN [805031BE] ntoskrnl.exe
Device \Driver\Beep \Device\Beep IRP_MJ_LOCK_CONTROL [805031BE] ntoskrnl.exe
Device \Driver\Beep \Device\Beep IRP_MJ_CLEANUP
frontrunner
Utente Junior
 
Post: 96
Iscritto il: 26/06/06 17:04

Postdi BilloKenobi » 30/08/06 17:48

non voglio che tu diventi matto... :D bastano le ultime quindici righe...

la parte che mi interessa è proprio alla fine, il resto è inutile
Begun the Clone War has

Sì sì, mi hanno fatto redattore --- SuspectFile
BilloKenobi
Utente Senior
 
Post: 348
Iscritto il: 08/07/06 11:05

Postdi frontrunner » 30/08/06 17:50

sto cominciando a perdere la pazienza!!!
ma nn esiste un modo x mandartelo intero??

copio e incollo ma la parte incollata nn corrisponde a quella copiata

uffa! :cry:
frontrunner
Utente Junior
 
Post: 96
Iscritto il: 26/06/06 17:04

Postdi frontrunner » 30/08/06 17:53

ritento spezzettandolo ulteriormente

GMER 1.0.10.10122 - http://www.gmer.net
Rootkit 2006-08-30 17:36:36
Windows 5.1.2600 Service Pack 2


---- System - GMER 1.0.10 ----

SSDT \??\C:\Programmi\ewido anti-spyware 4.0\guard.sys ZwOpenProcess <-- ROOTKIT !!!
SSDT \??\C:\Programmi\ewido anti-spyware 4.0\guard.sys ZwTerminateProcess <-- ROOTKIT !!!

INT 0x00 \WINDOWS\system32\ntoskrnl.exe 804DF350
INT 0x01 \WINDOWS\system32\ntoskrnl.exe 804DF4CB
INT 0x03 \WINDOWS\system32\ntoskrnl.exe 804DF89D
INT 0x04 \WINDOWS\system32\ntoskrnl.exe 804DFA20
INT 0x05 \WINDOWS\system32\ntoskrnl.exe 804DFB81
INT 0x06 \WINDOWS\system32\ntoskrnl.exe 804DFD02
INT 0x07 \WINDOWS\system32\ntoskrnl.exe 804E036A
INT 0x09 \WINDOWS\system32\ntoskrnl.exe 804E078F
INT 0x0A \WINDOWS\system32\ntoskrnl.exe 804E08AC
INT 0x0B \WINDOWS\system32\ntoskrnl.exe 804E09E9
INT 0x0C \WINDOWS\system32\ntoskrnl.exe 804E0C42
INT 0x0D \WINDOWS\system32\ntoskrnl.exe 804E0F38
INT 0x0E \WINDOWS\system32\ntoskrnl.exe 804E164F
INT 0x0F \WINDOWS\system32\ntoskrnl.exe 804E197C
INT 0x10 \WINDOWS\system32\ntoskrnl.exe 804E1A99
INT 0x11 \WINDOWS\system32\ntoskrnl.exe 804E1BCE
INT 0x12 \WINDOWS\system32\ntoskrnl.exe 804E197C
INT 0x13 \WINDOWS\system32\ntoskrnl.exe 804E1D34
INT 0x14 \WINDOWS\system32\ntoskrnl.exe 804E197C
INT 0x15 \WINDOWS\system32\ntoskrnl.exe 804E197C
INT 0x16 \WINDOWS\system32\ntoskrnl.exe 804E197C
INT 0x17 \WINDOWS\system32\ntoskrnl.exe 804E197C
INT 0x18 \WINDOWS\system32\ntoskrnl.exe 804E197C
INT 0x19 \WINDOWS\system32\ntoskrnl.exe 804E197C
INT 0x1A \WINDOWS\system32\ntoskrnl.exe 804E197C
INT 0x1B \WINDOWS\system32\ntoskrnl.exe 804E197C
INT 0x1C \WINDOWS\system32\ntoskrnl.exe 804E197C
INT 0x1D \WINDOWS\system32\ntoskrnl.exe 804E197C
INT 0x1E \WINDOWS\system32\ntoskrnl.exe 804E197C
INT 0x1F \WINDOWS\system32\hal.dll 806EDFD0
INT 0x2A \WINDOWS\system32\ntoskrnl.exe 804DEB92
INT 0x2B \WINDOWS\system32\ntoskrnl.exe 804DEC95
INT 0x2C \WINDOWS\system32\ntoskrnl.exe 804DEE34
INT 0x2D \WINDOWS\system32\ntoskrnl.exe 804DF77C
INT 0x2E \WINDOWS\system32\ntoskrnl.exe 804DE631
INT 0x2F \WINDOWS\system32\ntoskrnl.exe 804E197C
INT 0x30 \WINDOWS\system32\ntoskrnl.exe 804DDCF0
INT 0x31 \WINDOWS\system32\ntoskrnl.exe 804DDCFA
INT 0x32 \WINDOWS\system32\ntoskrnl.exe 804DDD04
INT 0x33 \WINDOWS\system32\ntoskrnl.exe 804DDD0E
INT 0x34 \WINDOWS\system32\ntoskrnl.exe 804DDD18
INT 0x35 \WINDOWS\system32\ntoskrnl.exe 804DDD22
INT 0x36 \WINDOWS\system32\ntoskrnl.exe 804DDD2C
INT 0x37 \WINDOWS\system32\hal.dll 806ED728
INT 0x38 \WINDOWS\system32\ntoskrnl.exe 804DDD40
INT 0x39 \WINDOWS\system32\ntoskrnl.exe 804DDD4A
INT 0x3A \WINDOWS\system32\ntoskrnl.exe 804DDD54
INT 0x3B \WINDOWS\system32\ntoskrnl.exe 804DDD5E
INT 0x3C \WINDOWS\system32\ntoskrnl.exe 804DDD68
INT 0x3D \WINDOWS\system32\hal.dll 806EEB70
INT 0x3E \WINDOWS\system32\ntoskrnl.exe 804DDD7C
INT 0x3F \WINDOWS\system32\ntoskrnl.exe 804DDD86
INT 0x40 \WINDOWS\system32\ntoskrnl.exe 804DDD90
INT 0x41 \WINDOWS\system32\hal.dll 806EE9CC
INT 0x42 \WINDOWS\system32\ntoskrnl.exe 804DDDA4
INT 0x43 \WINDOWS\system32\ntoskrnl.exe 804DDDAE
INT 0x44 \WINDOWS\system32\ntoskrnl.exe 804DDDB8
INT 0x45 \WINDOWS\system32\ntoskrnl.exe 804DDDC2
INT 0x46 \WINDOWS\system32\ntoskrnl.exe 804DDDCC
INT 0x47 \WINDOWS\system32\ntoskrnl.exe 804DDDD6
INT 0x48 \WINDOWS\system32\ntoskrnl.exe 804DDDE0
INT 0x49 \WINDOWS\system32\ntoskrnl.exe 804DDDEA
INT 0x4A \WINDOWS\system32\ntoskrnl.exe 804DDDF4
INT 0x4B \WINDOWS\system32\ntoskrnl.exe 804DDDFE
INT 0x4C \WINDOWS\system32\ntoskrnl.exe 804DDE08
INT 0x4D \WINDOWS\system32\ntoskrnl.exe 804DDE12
INT 0x4E \WINDOWS\system32\ntoskrnl.exe 804DDE1C
INT 0x4F \WINDOWS\system32\ntoskrnl.exe 804DDE26
INT 0x50 \WINDOWS\system32\hal.dll 806ED800
INT 0x51 \WINDOWS\system32\ntoskrnl.exe 804DDE3A
INT 0x52 \WINDOWS\system32\ntoskrnl.exe 804DDE44
INT 0x53 \WINDOWS\system32\ntoskrnl.exe 804DDE4E
INT 0x54 \WINDOWS\system32\ntoskrnl.exe 804DDE58
INT 0x55 \WINDOWS\system32\ntoskrnl.exe 804DDE62
INT 0x56 \WINDOWS\system32\ntoskrnl.exe 804DDE6C
INT 0x57 \WINDOWS\system32\ntoskrnl.exe 804DDE76
INT 0x58 \WINDOWS\system32\ntoskrnl.exe 804DDE80
INT 0x59 \WINDOWS\system32\ntoskrnl.exe 804DDE8A
INT 0x5A \WINDOWS\system32\ntoskrnl.exe 804DDE94
INT 0x5B \WINDOWS\system32\ntoskrnl.exe 804DDE9E
INT 0x5C \WINDOWS\system32\ntoskrnl.exe 804DDEA8
INT 0x5D \WINDOWS\system32\ntoskrnl.exe 804DDEB2
INT 0x5E \WINDOWS\system32\ntoskrnl.exe 804DDEBC
INT 0x5F \WINDOWS\system32\ntoskrnl.exe 804DDEC6
INT 0x60 \WINDOWS\system32\ntoskrnl.exe 804DDED0
INT 0x61 \WINDOWS\system32\ntoskrnl.exe 804DDEDA
INT 0x64 \WINDOWS\system32\ntoskrnl.exe 804DDEF8
INT 0x65 \WINDOWS\system32\ntoskrnl.exe 804DDF02
INT 0x66 \WINDOWS\system32\ntoskrnl.exe 804DDF0C
INT 0x67 \WINDOWS\system32\ntoskrnl.exe 804DDF16
INT 0x68 \WINDOWS\system32\ntoskrnl.exe 804DDF20
INT 0x69 \WINDOWS\system32\ntoskrnl.exe 804DDF2A
INT 0x6A \WINDOWS\system32\ntoskrnl.exe 804DDF34
INT 0x6B \WINDOWS\system32\ntoskrnl.exe 804DDF3E
INT 0x6C \WINDOWS\system32\ntoskrnl.exe 804DDF48
INT 0x6D \WINDOWS\system32\ntoskrnl.exe 804DDF52
INT 0x6E \WINDOWS\system32\ntoskrnl.exe 804DDF5C
INT 0x6F \WINDOWS\system32\ntoskrnl.exe 804DDF66
INT 0x70 \WINDOWS\system32\ntoskrnl.exe 804DDF70
INT 0x71 \WINDOWS\system32\ntoskrnl.exe 804DDF7A
INT 0x72 \WINDOWS\system32\ntoskrnl.exe 804DDF84
INT 0x74 \WINDOWS\system32\ntoskrnl.exe 804DDF98
INT 0x75 \WINDOWS\system32\ntoskrnl.exe 804DDFA2
INT 0x76 \WINDOWS\system32\ntoskrnl.exe 804DDFAC
INT 0x77 \WINDOWS\system32\ntoskrnl.exe 804DDFB6
INT 0x78 \WINDOWS\system32\ntoskrnl.exe 804DDFC0
INT 0x79 \WINDOWS\system32\ntoskrnl.exe 804DDFCA
INT 0x7A \WINDOWS\system32\ntoskrnl.exe 804DDFD4
INT 0x7B \WINDOWS\system32\ntoskrnl.exe 804DDFDE
INT 0x7C \WINDOWS\system32\ntoskrnl.exe 804DDFE8
INT 0x7D \WINDOWS\system32\ntoskrnl.exe 804DDFF2
INT 0x7E \WINDOWS\system32\ntoskrnl.exe 804DDFFC
INT 0x7F \WINDOWS\system32\ntoskrnl.exe 804DE006
INT 0x80 \WINDOWS\system32\ntoskrnl.exe 804DE010
INT 0x81 \WINDOWS\system32\ntoskrnl.exe 804DE01A
INT 0x85 \WINDOWS\system32\ntoskrnl.exe 804DE042
INT 0x86 \WINDOWS\system32\ntoskrnl.exe 804DE04C
INT 0x87 \WINDOWS\system32\ntoskrnl.exe 804DE056
INT 0x88 \WINDOWS\system32\ntoskrnl.exe 804DE060
INT 0x89 \WINDOWS\system32\ntoskrnl.exe 804DE06A
INT 0x8A \WINDOWS\system32\ntoskrnl.exe 804DE074
INT 0x8B \WINDOWS\system32\ntoskrnl.exe 804DE07E
INT 0x8C \WINDOWS\system32\ntoskrnl.exe 804DE088
INT 0x8D \WINDOWS\system32\ntoskrnl.exe 804DE092
INT 0x8E \WINDOWS\system32\ntoskrnl.exe 804DE09C
INT 0x8F \WINDOWS\system32\ntoskrnl.exe 804DE0A6
INT 0x90 \WINDOWS\system32\ntoskrnl.exe 804DE0B0
INT 0x91 \WINDOWS\system32\ntoskrnl.exe 804DE0BA
INT 0x95 \WINDOWS\system32\ntoskrnl.exe 804DE0E2
INT 0x96 \WINDOWS\system32\ntoskrnl.exe 804DE0EC
INT 0x97 \WINDOWS\system32\ntoskrnl.exe 804DE0F6
INT 0x98 \WINDOWS\system32\ntoskrnl.exe 804DE100
INT 0x99 \WINDOWS\system32\ntoskrnl.exe 804DE10A
INT 0x9A \WINDOWS\system32\ntoskrnl.exe 804DE114
INT 0x9B \WINDOWS\system32\ntoskrnl.exe 804DE11E
INT 0x9C \WINDOWS\system32\ntoskrnl.exe 804DE128
INT 0x9D \WINDOWS\system32\ntoskrnl.exe 804DE132
INT 0x9E \WINDOWS\system32\ntoskrnl.exe 804DE13C
INT 0x9F \WINDOWS\system32\ntoskrnl.exe 804DE146
INT 0xA0 \WINDOWS\system32\ntoskrnl.exe 804DE150
INT 0xA1 \WINDOWS\system32\ntoskrnl.exe 804DE15A
INT 0xA2 \WINDOWS\system32\ntoskrnl.exe 804DE164
INT 0xA5 \WINDOWS\system32\ntoskrnl.exe 804DE182
INT 0xA6 \WINDOWS\system32\ntoskrnl.exe 804DE18C
INT 0xA7 \WINDOWS\system32\ntoskrnl.exe 804DE196
INT 0xA8 \WINDOWS\system32\ntoskrnl.exe 804DE1A0
INT 0xA9 \WINDOWS\system32\ntoskrnl.exe 804DE1AA
INT 0xAA \WINDOWS\system32\ntoskrnl.exe 804DE1B4
INT 0xAB \WINDOWS\system32\ntoskrnl.exe 804DE1BE
INT 0xAC \WINDOWS\system32\ntoskrnl.exe 804DE1C8
INT 0xAD \WINDOWS\system32\ntoskrnl.exe 804DE1D2
INT 0xAE \WINDOWS\system32\ntoskrnl.exe 804DE1DC
INT 0xAF \WINDOWS\system32\ntoskrnl.exe 804DE1E6
INT 0xB0 \WINDOWS\system32\ntoskrnl.exe 804DE1F0
INT 0xB3 \WINDOWS\system32\ntoskrnl.exe 804DE20E
INT 0xB5 \WINDOWS\system32\ntoskrnl.exe 804DE222
INT 0xB6 \WINDOWS\system32\ntoskrnl.exe 804DE22C
INT 0xB7 \WINDOWS\system32\ntoskrnl.exe 804DE236
INT 0xB8 \WINDOWS\system32\ntoskrnl.exe 804DE240
INT 0xB9 \WINDOWS\system32\ntoskrnl.exe 804DE24A
INT 0xBA \WINDOWS\system32\ntoskrnl.exe 804DE254
INT 0xBB \WINDOWS\system32\ntoskrnl.exe 804DE25E
INT 0xBC \WINDOWS\system32\ntoskrnl.exe 804DE268
INT 0xBD \WINDOWS\system32\ntoskrnl.exe 804DE272
INT 0xBE \WINDOWS\system32\ntoskrnl.exe 804DE27C
INT 0xBF \WINDOWS\system32\ntoskrnl.exe 804DE286
INT 0xC0 \WINDOWS\system32\ntoskrnl.exe 804DE290
INT 0xC1 \WINDOWS\system32\hal.dll 806ED984
INT 0xC2 \WINDOWS\system32\ntoskrnl.exe 804DE2A4
INT 0xC3 \WINDOWS\system32\ntoskrnl.exe 804DE2AE
INT 0xC4 \WINDOWS\system32\ntoskrnl.exe 804DE2B8
INT 0xC5 \WINDOWS\system32\ntoskrnl.exe 804DE2C2
INT 0xC6 \WINDOWS\system32\ntoskrnl.exe 804DE2CC
INT 0xC7 \WINDOWS\system32\ntoskrnl.exe 804DE2D6
INT 0xC8 \WINDOWS\system32\ntoskrnl.exe 804DE2E0
INT 0xC9 \WINDOWS\system32\ntoskrnl.exe 804DE2EA
INT 0xCA \WINDOWS\system32\ntoskrnl.exe 804DE2F4
INT 0xCB \WINDOWS\system32\ntoskrnl.exe 804DE2FE
INT 0xCC \WINDOWS\system32\ntoskrnl.exe 804DE308
INT 0xCD \WINDOWS\system32\ntoskrnl.exe 804DE312
INT 0xCE \WINDOWS\system32\ntoskrnl.exe 804DE31C
INT 0xCF \WINDOWS\system32\ntoskrnl.exe 804DE326
INT 0xD0 \WINDOWS\system32\ntoskrnl.exe 804DE330
INT 0xD1 \WINDOWS\system32\hal.dll 806ECD34
INT 0xD2 \WINDOWS\system32\ntoskrnl.exe 804DE344
INT 0xD3 \WINDOWS\system32\ntoskrnl.exe 804DE34E
INT 0xD4 \WINDOWS\system32\ntoskrnl.exe 804DE358
INT 0xD5 \WINDOWS\system32\ntoskrnl.exe 804DE362
INT 0xD6 \WINDOWS\system32\ntoskrnl.exe 804DE36C
INT 0xD7 \WINDOWS\system32\ntoskrnl.exe 804DE376
INT 0xD8 \WINDOWS\system32\ntoskrnl.exe 804DE380
INT 0xD9 \WINDOWS\system32\ntoskrnl.exe 804DE38A
INT 0xDA \WINDOWS\system32\ntoskrnl.exe 804DE394
INT 0xDB \WINDOWS\system32\ntoskrnl.exe 804DE39E
INT 0xDC \WINDOWS\system32\ntoskrnl.exe 804DE3A8
INT 0xDD \WINDOWS\system32\ntoskrnl.exe 804DE3B2
INT 0xDE \WINDOWS\system32\ntoskrnl.exe 804DE3BC
INT 0xDF \WINDOWS\system32\ntoskrnl.exe 804DE3C6
INT 0xE0 \WINDOWS\system32\ntoskrnl.exe 804DE3D0
INT 0xE1 \WINDOWS\system32\hal.dll 806EDF0C
INT 0xE2 \WINDOWS\system32\ntoskrnl.exe 804DE3E4
INT 0xE3 \WINDOWS\system32\hal.dll 806EDC70
INT 0xE4 \WINDOWS\system32\ntoskrnl.exe 804DE3F8
INT 0xE5 \WINDOWS\system32\ntoskrnl.exe 804DE402
INT 0xE6 \WINDOWS\system32\ntoskrnl.exe 804DE40C
INT 0xE7 \WINDOWS\system32\ntoskrnl.exe 804DE416
INT 0xE8 \WINDOWS\system32\ntoskrnl.exe 804DE420
INT 0xE9 \WINDOWS\system32\ntoskrnl.exe 804DE42A
INT 0xEA \WINDOWS\system32\ntoskrnl.exe 804DE434
INT 0xEB \WINDOWS\system32\ntoskrnl.exe 804DE43E
INT 0xEC \WINDOWS\system32\ntoskrnl.exe 804DE448
INT 0xED \WINDOWS\system32\ntoskrnl.exe 804DE452
INT 0xEE \WINDOWS\system32\ntoskrnl.exe 804DE459
INT 0xEF \WINDOWS\system32\ntoskrnl.exe 804DE460
INT 0xF0 \WINDOWS\system32\ntoskrnl.exe 804DE467
INT 0xF1 \WINDOWS\system32\ntoskrnl.exe 804DE46E
INT 0xF2 \WINDOWS\system32\ntoskrnl.exe 804DE475
INT 0xF3 \WINDOWS\system32\ntoskrnl.exe 804DE47C
INT 0xF4 \WINDOWS\system32\ntoskrnl.exe 804DE483
INT 0xF5 \WINDOWS\system32\ntoskrnl.exe 804DE48A
INT 0xF6 \WINDOWS\system32\ntoskrnl.exe 804DE491
INT 0xF7 \WINDOWS\system32\ntoskrnl.exe 804DE498
INT 0xF8 \WINDOWS\system32\ntoskrnl.exe 804DE49F
INT 0xF9 \WINDOWS\system32\ntoskrnl.exe 804DE4A6
INT 0xFA \WINDOWS\system32\ntoskrnl.exe 804DE4AD
INT 0xFB \WINDOWS\system32\ntoskrnl.exe 804DE4B4
INT 0xFC \WINDOWS\system32\ntoskrnl.exe 804DE4BB
INT 0xFD \WINDOWS\system32\hal.dll 806EE464
INT 0xFE \WINDOWS\system32\hal.dll 806EE604
INT 0xFF \WINDOWS\system32\ntoskrnl.exe 804DE4D0

SYSENTER \WINDOWS\system32\ntoskrnl.exe 804DE6F0
frontrunner
Utente Junior
 
Post: 96
Iscritto il: 26/06/06 17:04

Postdi BilloKenobi » 30/08/06 17:55

non so cosa sia successo, però proviamo così
prova a incollare il log in un blocknotes (.txt) e ad allegare il file stesso. se no, diciamo che potremo togliere l'infezione, ma potrebbero rimanere sul pc alcuni file infetti, sebbene non in funzione
Begun the Clone War has

Sì sì, mi hanno fatto redattore --- SuspectFile
BilloKenobi
Utente Senior
 
Post: 348
Iscritto il: 08/07/06 11:05

Postdi frontrunner » 30/08/06 17:55

---- Devices - GMER 1.0.10 ----

Device \FileSystem\Ntfs \Ntfs IRP_MJ_CREATE [F83DAE37] Ntfs.sys
Device \FileSystem\Ntfs \Ntfs IRP_MJ_CREATE_NAMED_PIPE [805031BE] ntoskrnl.exe
Device \FileSystem\Ntfs \Ntfs IRP_MJ_CLOSEIRP_MJ_READ [F83DA320] Ntfs.sys
Device \FileSystem\Ntfs \Ntfs IRP_MJ_WRITE [F83B7EE4] Ntfs.sys
Device \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_INFORMATION [F83B6BCA] Ntfs.sys
Device \FileSystem\Ntfs \Ntfs IRP_MJ_SET_INFORMATION [F83DB4D1] Ntfs.sys
Device \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_EA [F83B8A58] Ntfs.sys
Device \FileSystem\Ntfs \Ntfs IRP_MJ_SET_EA [F83DB4D1] Ntfs.sys
Device \FileSystem\Ntfs \Ntfs IRP_MJ_FLUSH_BUFFERS [F83DB4D1] Ntfs.sys
Device \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_VOLUME_INFORMATION [F83E0A68] Ntfs.sys
Device \FileSystem\Ntfs \Ntfs IRP_MJ_SET_VOLUME_INFORMATION [F83DB61C] Ntfs.sys
Device \FileSystem\Ntfs \Ntfs IRP_MJ_DIRECTORY_CONTROL [F83DB61C] Ntfs.sys
Device \FileSystem\Ntfs \Ntfs IRP_MJ_FILE_SYSTEM_CONTROL [F83DD2C3] Ntfs.sys
Device \FileSystem\Ntfs \Ntfs IRP_MJ_DEVICE_CONTROL [F83E26D5] Ntfs.sys
Device \FileSystem\Ntfs \Ntfs IRP_MJ_INTERNAL_DEVICE_CONTROL [F83DB61C] Ntfs.sys
Device \FileSystem\Ntfs \Ntfs IRP_MJ_SHUTDOWN [805031BE] ntoskrnl.exe
Device \FileSystem\Ntfs \Ntfs IRP_MJ_LOCK_CONTROL [F83C9621] Ntfs.sys
Device \FileSystem\Ntfs \Ntfs IRP_MJ_CLEANUP [F842EB11] Ntfs.sys
Device \FileSystem\Ntfs \Ntfs IRP_MJ_CREATE_MAILSLOT [F83DACEE] Ntfs.sys
Device \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_SECURITY [805031BE] ntoskrnl.exe
Device \FileSystem\Ntfs \Ntfs IRP_MJ_SET_SECURITY [F83DB61C] Ntfs.sys
Device \FileSystem\Ntfs \Ntfs IRP_MJ_POWER [F83DB61C] Ntfs.sys
Device \FileSystem\Ntfs \Ntfs IRP_MJ_SYSTEM_CONTROL [805031BE] ntoskrnl.exe
Device \FileSystem\Ntfs \Ntfs IRP_MJ_DEVICE_CHANGE [805031BE] ntoskrnl.exe
Device \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_QUOTA [805031BE] ntoskrnl.exe
Device \FileSystem\Ntfs \Ntfs IRP_MJ_SET_QUOTA [F83DB4D1] Ntfs.sys
Device \FileSystem\Ntfs \Ntfs IRP_MJ_PNP [F83DB4D1] Ntfs.sys
Device \FileSystem\Ntfs \Ntfs IRP_MJ_PNP_POWER [F83F9F3F] Ntfs.sys
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_CREATE [EFC4CC8A] Fastfat.SYS
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_CREATE_NAMED_PIPE [805031BE] ntoskrnl.exe
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_CLOSEIRP_MJ_READ [EFC497C8] Fastfat.SYS
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_WRITE [EFC4560A] Fastfat.SYS
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_QUERY_INFORMATION [EFC45AED] Fastfat.SYS
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_SET_INFORMATION [EFC50958] Fastfat.SYS
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_QUERY_EA [EFC53821] Fastfat.SYS
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_SET_EA [EFC5C38A] Fastfat.SYS
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_FLUSH_BUFFERS [EFC5BD49] Fastfat.SYS
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_QUERY_VOLUME_INFORMATION [EFC55BBE] Fastfat.SYS
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_SET_VOLUME_INFORMATION [EFC56331] Fastfat.SYS
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_DIRECTORY_CONTROL [EFC644F4] Fastfat.SYS
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_FILE_SYSTEM_CONTROL [EFC4CB37] Fastfat.SYS
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_DEVICE_CONTROL [EFC48948] Fastfat.SYS
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_INTERNAL_DEVICE_CONTROL [EFC5246B] Fastfat.SYS
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_SHUTDOWN [805031BE] ntoskrnl.exe
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_LOCK_CONTROL [EFC6379D] Fastfat.SYS
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_CLEANUP [EFC62C4A] Fastfat.SYS
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_CREATE_MAILSLOT [EFC492FD] Fastfat.SYS
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_QUERY_SECURITY [805031BE] ntoskrnl.exe
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_SET_SECURITY [805031BE] ntoskrnl.exe
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_POWER [805031BE] ntoskrnl.exe
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_SYSTEM_CONTROL [805031BE] ntoskrnl.exe
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_DEVICE_CHANGE [805031BE] ntoskrnl.exe
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_QUERY_QUOTA [805031BE] ntoskrnl.exe
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_SET_QUOTA [805031BE] ntoskrnl.exe
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_PNP [805031BE] ntoskrnl.exe
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_PNP_POWER [EFC631DB] Fastfat.SYS
Device \FileSystem\Mup \Dfs IRP_MJ_CREATE [F8372A80] Mup.sys
Device \FileSystem\Mup \Dfs IRP_MJ_CREATE_NAMED_PIPE [F8372A80] Mup.sys
Device \FileSystem\Mup \Dfs IRP_MJ_CLOSEIRP_MJ_READ [F8377A76] Mup.sys
Device \FileSystem\Mup \Dfs IRP_MJ_WRITE [F836F52D] Mup.sys
Device \FileSystem\Mup \Dfs IRP_MJ_QUERY_INFORMATION [F8374159] Mup.sys
Device \FileSystem\Mup \Dfs IRP_MJ_SET_INFORMATION [F837FB88] Mup.sys
Device \FileSystem\Mup \Dfs IRP_MJ_QUERY_EA [F837FDF2] Mup.sys
Device \FileSystem\Mup \Dfs IRP_MJ_SET_EA [F836F52D] Mup.sys
Device \FileSystem\Mup \Dfs IRP_MJ_FLUSH_BUFFERS [F836F52D] Mup.sys
Device \FileSystem\Mup \Dfs IRP_MJ_QUERY_VOLUME_INFORMATION [F836F52D] Mup.sys
Device \FileSystem\Mup \Dfs IRP_MJ_SET_VOLUME_INFORMATION [F8384492] Mup.sys
Device \FileSystem\Mup \Dfs IRP_MJ_DIRECTORY_CONTROL [F8384585] Mup.sys
Device \FileSystem\Mup \Dfs IRP_MJ_FILE_SYSTEM_CONTROL [F836F52D] Mup.sys
Device \FileSystem\Mup \Dfs IRP_MJ_DEVICE_CONTROL [F83775D2] Mup.sys
Device \FileSystem\Mup \Dfs IRP_MJ_INTERNAL_DEVICE_CONTROL [F836F52D] Mup.sys
Device \FileSystem\Mup \Dfs IRP_MJ_SHUTDOWN [F836F52D] Mup.sys
Device \FileSystem\Mup \Dfs IRP_MJ_LOCK_CONTROL [F837F33D] Mup.sys
Device \FileSystem\Mup \Dfs IRP_MJ_CLEANUP [F836F52D] Mup.sys
Device \FileSystem\Mup \Dfs IRP_MJ_CREATE_MAILSLOT [F8377AB9] Mup.sys
Device \FileSystem\Mup \Dfs IRP_MJ_QUERY_SECURITY [F8372A80] Mup.sys
Device \FileSystem\Mup \Dfs IRP_MJ_SET_SECURITY [F836F52D] Mup.sys
Device \FileSystem\Mup \Dfs IRP_MJ_POWER [F836F52D] Mup.sys
Device \FileSystem\Mup \Dfs IRP_MJ_SYSTEM_CONTROL [F836F52D] Mup.sys
Device \FileSystem\Mup \Dfs IRP_MJ_DEVICE_CHANGE [F836E35A] Mup.sys
Device \FileSystem\Mup \Dfs IRP_MJ_QUERY_QUOTA [F836F52D] Mup.sys
Device \FileSystem\Mup \Dfs IRP_MJ_SET_QUOTA [F836F52D] Mup.sys
Device \FileSystem\Mup \Dfs IRP_MJ_PNP [F836F52D] Mup.sys
Device \FileSystem\Mup \Dfs IRP_MJ_PNP_POWER [F836F52D] Mup.sys
Device \Driver\NDIS \Device\Ndis IRP_MJ_CREATE [F8390982] NDIS.sys
Device \Driver\NDIS \Device\Ndis IRP_MJ_CREATE_NAMED_PIPE [F8390982] NDIS.sys
Device \Driver\NDIS \Device\Ndis IRP_MJ_CLOSEIRP_MJ_READ [F8390982] NDIS.sys
Device \Driver\NDIS \Device\Ndis IRP_MJ_WRITE [F8390982] NDIS.sys
Device \Driver\NDIS \Device\Ndis IRP_MJ_QUERY_INFORMATION [F8390982] NDIS.sys
Device \Driver\NDIS \Device\Ndis IRP_MJ_SET_INFORMATION [F8390982] NDIS.sys
Device \Driver\NDIS \Device\Ndis IRP_MJ_QUERY_EA [F8390982] NDIS.sys
Device \Driver\NDIS \Device\Ndis IRP_MJ_SET_EA [F8390982] NDIS.sys
Device \Driver\NDIS \Device\Ndis IRP_MJ_FLUSH_BUFFERS [F8390982] NDIS.sys
Device \Driver\NDIS \Device\Ndis IRP_MJ_QUERY_VOLUME_INFORMATION [F8390982] NDIS.sys
Device \Driver\NDIS \Device\Ndis IRP_MJ_SET_VOLUME_INFORMATION [F8390982] NDIS.sys
Device \Driver\NDIS \Device\Ndis IRP_MJ_DIRECTORY_CONTROL [F8390982] NDIS.sys
Device \Driver\NDIS \Device\Ndis IRP_MJ_FILE_SYSTEM_CONTROL [F8390982] NDIS.sys
Device \Driver\NDIS \Device\Ndis IRP_MJ_DEVICE_CONTROL [F8390982] NDIS.sys
Device \Driver\NDIS \Device\Ndis IRP_MJ_INTERNAL_DEVICE_CONTROL [F8390982] NDIS.sys
Device \Driver\NDIS \Device\Ndis IRP_MJ_SHUTDOWN [F8390982] NDIS.sys
Device \Driver\NDIS \Device\Ndis IRP_MJ_LOCK_CONTROL [F8390982] NDIS.sys
Device \Driver\NDIS \Device\Ndis IRP_MJ_CLEANUP [F8390982] NDIS.sys
Device \Driver\NDIS \Device\Ndis IRP_MJ_CREATE_MAILSLOT [F8390982] NDIS.sys
Device \Driver\NDIS \Device\Ndis IRP_MJ_QUERY_SECURITY [F8390982] NDIS.sys
Device \Driver\NDIS \Device\Ndis IRP_MJ_SET_SECURITY [F8390982] NDIS.sys
Device \Driver\NDIS \Device\Ndis IRP_MJ_POWER [F8390982] NDIS.sys
Device \Driver\NDIS \Device\Ndis IRP_MJ_SYSTEM_CONTROL [F8390982] NDIS.sys
Device \Driver\NDIS \Device\Ndis IRP_MJ_DEVICE_CHANGE [F8390982] NDIS.sys
Device \Driver\NDIS \Device\Ndis IRP_MJ_QUERY_QUOTA [F8390982] NDIS.sys
Device \Driver\NDIS \Device\Ndis IRP_MJ_SET_QUOTA [F8390982] NDIS.sys
Device \Driver\NDIS \Device\Ndis IRP_MJ_PNP [F8390982] NDIS.sys
Device \Driver\NDIS \Device\Ndis IRP_MJ_PNP_POWER [F8390982] NDIS.sys
Device \Driver\KSecDD \Device\KsecDD IRP_MJ_CREATE [F8448D62] KSecDD.sys
Device \Driver\KSecDD \Device\KsecDD IRP_MJ_CREATE_NAMED_PIPE [805031BE] ntoskrnl.exe
Device \Driver\KSecDD \Device\KsecDD IRP_MJ_CLOSEIRP_MJ_READ [F8448D62] KSecDD.sys
Device \Driver\KSecDD \Device\KsecDD IRP_MJ_WRITE [F8448D62] KSecDD.sys
Device \Driver\KSecDD \Device\KsecDD IRP_MJ_QUERY_INFORMATION [F8448D62] KSecDD.sys
Device \Driver\KSecDD \Device\KsecDD IRP_MJ_SET_INFORMATION [F8448D62] KSecDD.sys
Device \Driver\KSecDD \Device\KsecDD IRP_MJ_QUERY_EA [805031BE] ntoskrnl.exe
Device \Driver\KSecDD \Device\KsecDD IRP_MJ_SET_EA [805031BE] ntoskrnl.exe
Device \Driver\KSecDD \Device\KsecDD IRP_MJ_FLUSH_BUFFERS [805031BE] ntoskrnl.exe
Device \Driver\KSecDD \Device\KsecDD IRP_MJ_QUERY_VOLUME_INFORMATION [805031BE] ntoskrnl.exe
Device \Driver\KSecDD \Device\KsecDD IRP_MJ_SET_VOLUME_INFORMATION [F8448D62] KSecDD.sys
Device \Driver\KSecDD \Device\KsecDD IRP_MJ_DIRECTORY_CONTROL [805031BE] ntoskrnl.exe
Device \Driver\KSecDD \Device\KsecDD IRP_MJ_FILE_SYSTEM_CONTROL [805031BE] ntoskrnl.exe
Device \Driver\KSecDD \Device\KsecDD IRP_MJ_DEVICE_CONTROL [805031BE] ntoskrnl.exe
Device \Driver\KSecDD \Device\KsecDD IRP_MJ_INTERNAL_DEVICE_CONTROL [F8448D62] KSecDD.sys
Device \Driver\KSecDD \Device\KsecDD IRP_MJ_SHUTDOWN [805031BE] ntoskrnl.exe
Device \Driver\KSecDD \Device\KsecDD IRP_MJ_LOCK_CONTROL [805031BE] ntoskrnl.exe
Device \Driver\KSecDD \Device\KsecDD IRP_MJ_CLEANUP [805031BE] ntoskrnl.exe
Device \Driver\KSecDD \Device\KsecDD IRP_MJ_CREATE_MAILSLOT [805031BE] ntoskrnl.exe
Device \Driver\KSecDD \Device\KsecDD IRP_MJ_QUERY_SECURITY [805031BE] ntoskrnl.exe
Device \Driver\KSecDD \Device\KsecDD IRP_MJ_SET_SECURITY [805031BE] ntoskrnl.exe
Device \Driver\KSecDD \Device\KsecDD IRP_MJ_POWER [805031BE] ntoskrnl.exe
Device \Driver\KSecDD \Device\KsecDD IRP_MJ_SYSTEM_CONTROL [805031BE] ntoskrnl.exe
Device \Driver\KSecDD \Device\KsecDD IRP_MJ_DEVICE_CHANGE [805031BE] ntoskrnl.exe
Device \Driver\KSecDD \Device\KsecDD IRP_MJ_QUERY_QUOTA [805031BE] ntoskrnl.exe
Device \Driver\KSecDD \Device\KsecDD IRP_MJ_SET_QUOTA [805031BE] ntoskrnl.exe
Device \Driver\KSecDD \Device\KsecDD IRP_MJ_PNP [805031BE] ntoskrnl.exe
Device \Driver\KSecDD \Device\KsecDD IRP_MJ_PNP_POWER [805031BE] ntoskrnl.exe
Device \Device\00000019
Device \Device\00000025
Device \Driver\PnpManager \Device\00000032 IRP_MJ_CREATE [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000032 IRP_MJ_CREATE_NAMED_PIPE [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000032 IRP_MJ_CLOSEIRP_MJ_READ [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000032 IRP_MJ_WRITE [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000032 IRP_MJ_QUERY_INFORMATION [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000032 IRP_MJ_SET_INFORMATION [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000032 IRP_MJ_QUERY_EA [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000032 IRP_MJ_SET_EA [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000032 IRP_MJ_FLUSH_BUFFERS [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000032 IRP_MJ_QUERY_VOLUME_INFORMATION [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000032 IRP_MJ_SET_VOLUME_INFORMATION [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000032 IRP_MJ_DIRECTORY_CONTROL [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000032 IRP_MJ_FILE_SYSTEM_CONTROL [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000032 IRP_MJ_DEVICE_CONTROL [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000032 IRP_MJ_INTERNAL_DEVICE_CONTROL [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000032 IRP_MJ_SHUTDOWN [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000032 IRP_MJ_LOCK_CONTROL [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000032 IRP_MJ_CLEANUP [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000032 IRP_MJ_CREATE_MAILSLOT [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000032 IRP_MJ_QUERY_SECURITY [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000032 IRP_MJ_SET_SECURITY [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000032 IRP_MJ_POWER [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000032 IRP_MJ_SYSTEM_CONTROL [80531651] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000032 IRP_MJ_DEVICE_CHANGE [8061DEEF] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000032 IRP_MJ_QUERY_QUOTA [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000032 IRP_MJ_SET_QUOTA [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000032 IRP_MJ_PNP [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000032 IRP_MJ_PNP_POWER [805AD182] ntoskrnl.exe
Device \Driver\Beep \Device\Beep IRP_MJ_CREATE [F8A6746A] Beep.SYS
Device \Driver\Beep \Device\Beep IRP_MJ_CREATE_NAMED_PIPE [805031BE] ntoskrnl.exe
Device \Driver\Beep \Device\Beep IRP_MJ_CLOSEIRP_MJ_READ [F8A674B8] Beep.SYS
Device \Driver\Beep \Device\Beep IRP_MJ_WRITE [805031BE] ntoskrnl.exe
Device \Driver\Beep \Device\Beep IRP_MJ_QUERY_INFORMATION [805031BE] ntoskrnl.exe
Device \Driver\Beep \Device\Beep IRP_MJ_SET_INFORMATION [805031BE] ntoskrnl.exe
Device \Driver\Beep \Device\Beep IRP_MJ_QUERY_EA [805031BE] ntoskrnl.exe
Device \Driver\Beep \Device\Beep IRP_MJ_SET_EA [805031BE] ntoskrnl.exe
Device \Driver\Beep \Device\Beep IRP_MJ_FLUSH_BUFFERS [805031BE] ntoskrnl.exe
Device \Driver\Beep \Device\Beep IRP_MJ_QUERY_VOLUME_INFORMATION [805031BE] ntoskrnl.exe
Device \Driver\Beep \Device\Beep IRP_MJ_SET_VOLUME_INFORMATION [805031BE] ntoskrnl.exe
Device \Driver\Beep \Device\Beep IRP_MJ_DIRECTORY_CONTROL [805031BE] ntoskrnl.exe
Device \Driver\Beep \Device\Beep IRP_MJ_FILE_SYSTEM_CONTROL [805031BE] ntoskrnl.exe
Device \Driver\Beep \Device\Beep IRP_MJ_DEVICE_CONTROL [805031BE] ntoskrnl.exe
Device \Driver\Beep \Device\Beep IRP_MJ_INTERNAL_DEVICE_CONTROL [F8A67400] Beep.SYS
Device \Driver\Beep \Device\Beep IRP_MJ_SHUTDOWN [805031BE] ntoskrnl.exe
Device \Driver\Beep \Device\Beep IRP_MJ_LOCK_CONTROL [805031BE] ntoskrnl.exe
Device \Driver\Beep \Device\Beep IRP_MJ_CLEANUP [805031BE] ntoskrnl.exe
Device \Driver\Beep \Device\Beep IRP_MJ_CREATE_MAILSLOT [F8A67354] Beep.SYS
Device \Driver\Beep \Device\Beep IRP_MJ_QUERY_SECURITY [805031BE] ntoskrnl.exe
Device \Driver\Beep \Device\Beep IRP_MJ_SET_SECURITY [805031BE] ntoskrnl.exe
Device \Driver\Beep \Device\Beep IRP_MJ_POWER [805031BE] ntoskrnl.exe
Device \Driver\Beep \Device\Beep IRP_MJ_SYSTEM_CONTROL [805031BE] ntoskrnl.exe
Device \Driver\Beep \Device\Beep IRP_MJ_DEVICE_CHANGE [805031BE] ntoskrnl.exe
Device \Driver\Beep \Device\Beep IRP_MJ_QUERY_QUOTA [805031BE] ntoskrnl.exe
Device \Driver\Beep \Device\Beep IRP_MJ_SET_QUOTA [805031BE] ntoskrnl.exe
Device \Driver\Beep \Device\Beep IRP_MJ_PNP [805031BE] ntoskrnl.exe
Device \Driver\Beep \Device\Beep IRP_MJ_PNP_POWER [805031BE] ntoskrnl.exe
Device \Device\00000026
Device \Driver\PnpManager \Device\00000033 IRP_MJ_CREATE [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000033 IRP_MJ_CREATE_NAMED_PIPE [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000033 IRP_MJ_CLOSEIRP_MJ_READ [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000033 IRP_MJ_WRITE [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000033 IRP_MJ_QUERY_INFORMATION [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000033 IRP_MJ_SET_INFORMATION [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000033 IRP_MJ_QUERY_EA [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000033 IRP_MJ_SET_EA [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000033 IRP_MJ_FLUSH_BUFFERS [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000033 IRP_MJ_QUERY_VOLUME_INFORMATION [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000033 IRP_MJ_SET_VOLUME_INFORMATION [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000033 IRP_MJ_DIRECTORY_CONTROL [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000033 IRP_MJ_FILE_SYSTEM_CONTROL [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000033 IRP_MJ_DEVICE_CONTROL [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000033 IRP_MJ_INTERNAL_DEVICE_CONTROL [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000033 IRP_MJ_SHUTDOWN [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000033 IRP_MJ_LOCK_CONTROL [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000033 IRP_MJ_CLEANUP [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000033 IRP_MJ_CREATE_MAILSLOT [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000033 IRP_MJ_QUERY_SECURITY [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000033 IRP_MJ_SET_SECURITY [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000033 IRP_MJ_POWER [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000033 IRP_MJ_SYSTEM_CONTROL [80531651] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000033 IRP_MJ_DEVICE_CHANGE [8061DEEF] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000033 IRP_MJ_QUERY_QUOTA [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000033 IRP_MJ_SET_QUOTA [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000033 IRP_MJ_PNP [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000033 IRP_MJ_PNP_POWER [805AD182] ntoskrnl.exe
Device \FileSystem\NetBIOS \Device\Netbios IRP_MJ_CREATE [F866BCCE] netbios.sys
Device \FileSystem\NetBIOS \Device\Netbios IRP_MJ_CREATE_NAMED_PIPE [805031BE] ntoskrnl.exe
Device \FileSystem\NetBIOS \Device\Netbios IRP_MJ_CLOSEIRP_MJ_READ [F866BCCE] netbios.sys
Device \FileSystem\NetBIOS \Device\Netbios IRP_MJ_WRITE [805031BE] ntoskrnl.exe
Device \FileSystem\NetBIOS \Device\Netbios IRP_MJ_QUERY_INFORMATION [805031BE] ntoskrnl.exe
Device \FileSystem\NetBIOS \Device\Netbios IRP_MJ_SET_INFORMATION [805031BE] ntoskrnl.exe
Device \FileSystem\NetBIOS \Device\Netbios IRP_MJ_QUERY_EA [805031BE] ntoskrnl.exe
Device \FileSystem\NetBIOS \Device\Netbios IRP_MJ_SET_EA [805031BE] ntoskrnl.exe
Device \FileSystem\NetBIOS \Device\Netbios IRP_MJ_FLUSH_BUFFERS [805031BE] ntoskrnl.exe
Device \FileSystem\NetBIOS \Device\Netbios IRP_MJ_QUERY_VOLUME_INFORMATION [805031BE] ntoskrnl.exe
Device \FileSystem\NetBIOS \Device\Netbios IRP_MJ_SET_VOLUME_INFORMATION [805031BE] ntoskrnl.exe
Device \FileSystem\NetBIOS \Device\Netbios IRP_MJ_DIRECTORY_CONTROL [805031BE] ntoskrnl.exe
Device \FileSystem\NetBIOS \Device\Netbios IRP_MJ_FILE_SYSTEM_CONTROL [805031BE] ntoskrnl.exe
Device \FileSystem\NetBIOS \Device\Netbios IRP_MJ_DEVICE_CONTROL [805031BE] ntoskrnl.exe
Device \FileSystem\NetBIOS \Device\Netbios IRP_MJ_INTERNAL_DEVICE_CONTROL [F866BCCE] netbios.sys
Device \FileSystem\NetBIOS \Device\Netbios IRP_MJ_SHUTDOWN [805031BE] ntoskrnl.exe
Device \FileSystem\NetBIOS \Device\Netbios IRP_MJ_LOCK_CONTROL [805031BE] ntoskrnl.exe
Device \FileSystem\NetBIOS \Device\Netbios IRP_MJ_CLEANUP [805031BE] ntoskrnl.exe
Device \FileSystem\NetBIOS \Device\Netbios IRP_MJ_CREATE_MAILSLOT [F866BCCE] netbios.sys
Device \FileSystem\NetBIOS \Device\Netbios IRP_MJ_QUERY_SECURITY [805031BE] ntoskrnl.exe
Device \FileSystem\NetBIOS \Device\Netbios IRP_MJ_SET_SECURITY [805031BE] ntoskrnl.exe
Device \FileSystem\NetBIOS \Device\Netbios IRP_MJ_POWER [805031BE] ntoskrnl.exe
Device \FileSystem\NetBIOS \Device\Netbios IRP_MJ_SYSTEM_CONTROL [805031BE] ntoskrnl.exe
Device \FileSystem\NetBIOS \Device\Netbios IRP_MJ_DEVICE_CHANGE [805031BE] ntoskrnl.exe
Device \FileSystem\NetBIOS \Device\Netbios IRP_MJ_QUERY_QUOTA [805031BE] ntoskrnl.exe
Device \FileSystem\NetBIOS \Device\Netbios IRP_MJ_SET_QUOTA [805031BE] ntoskrnl.exe
Device \FileSystem\NetBIOS \Device\Netbios IRP_MJ_PNP [805031BE] ntoskrnl.exe
Device \FileSystem\NetBIOS \Device\Netbios IRP_MJ_PNP_POWER [805031BE] ntoskrnl.exe
Device \Driver\Tcpip \Device\Ip IRP_MJ_CREATE [EFE3AF80] tcpip.sys
Device \Driver\Tcpip \Device\Ip IRP_MJ_CREATE_NAMED_PIPE [EFE3AF80] tcpip.sys
Device \Driver\Tcpip \Device\Ip IRP_MJ_CLOSEIRP_MJ_READ [EFE3AF80] tcpip.sys
Device \Driver\Tcpip \Device\Ip IRP_MJ_WRITE [EFE3AF80] tcpip.sys
Device \Driver\Tcpip \Device\Ip IRP_MJ_QUERY_INFORMATION [EFE3AF80] tcpip.sys
Device \Driver\Tcpip \Device\Ip IRP_MJ_SET_INFORMATION [EFE3AF80] tcpip.sys
Device \Driver\Tcpip \Device\Ip IRP_MJ_QUERY_EA [EFE3AF80] tcpip.sys
Device \Driver\Tcpip \Device\Ip IRP_MJ_SET_EA [EFE3AF80] tcpip.sys
Device \Driver\Tcpip \Device\Ip IRP_MJ_FLUSH_BUFFERS [EFE3AF80] tcpip.sys
Device \Driver\Tcpip \Device\Ip IRP_MJ_QUERY_VOLUME_INFORMATION [EFE3AF80] tcpip.sys
Device \Driver\Tcpip \Device\Ip IRP_MJ_SET_VOLUME_INFORMATION [EFE3AF80] tcpip.sys
Device \Driver\Tcpip \Device\Ip IRP_MJ_DIRECTORY_CONTROL [EFE3AF80] tcpip.sys
Device \Driver\Tcpip \Device\Ip IRP_MJ_FILE_SYSTEM_CONTROL [EFE3AF80] tcpip.sys
Device \Driver\Tcpip \Device\Ip IRP_MJ_DEVICE_CONTROL [EFE3AF80] tcpip.sys
Device \Driver\Tcpip \Device\Ip IRP_MJ_INTERNAL_DEVICE_CONTROL [EFE3AF80] tcpip.sys
Device \Driver\Tcpip \Device\Ip IRP_MJ_SHUTDOWN [EFE3B19F] tcpip.sys
Device \Driver\Tcpip \Device\Ip IRP_MJ_LOCK_CONTROL [EFE3AF80] tcpip.sys
Device \Driver\Tcpip \Device\Ip IRP_MJ_CLEANUP [EFE3AF80] tcpip.sys
Device \Driver\Tcpip \Device\Ip IRP_MJ_CREATE_MAILSLOT [EFE3AF80] tcpip.sys
Device \Driver\Tcpip \Device\Ip IRP_MJ_QUERY_SECURITY [EFE3AF80] tcpip.sys
Device \Driver\Tcpip \Device\Ip IRP_MJ_SET_SECURITY [EFE3AF80] tcpip.sys
Device \Driver\Tcpip \Device\Ip IRP_MJ_POWER [EFE3AF80] tcpip.sys
Device \Driver\Tcpip \Device\Ip IRP_MJ_SYSTEM_CONTROL [EFE3AF80] tcpip.sys
Device \Driver\Tcpip \Device\Ip IRP_MJ_DEVICE_CHANGE [EFE3AF80] tcpip.sys
Device \Driver\Tcpip \Device\Ip IRP_MJ_QUERY_QUOTA [EFE3AF80] tcpip.sys
Device \Driver\Tcpip \Device\Ip IRP_MJ_SET_QUOTA [EFE3AF80] tcpip.sys
Device \Driver\Tcpip \Device\Ip IRP_MJ_PNP [EFE3AF80] tcpip.sys
Device \Driver\Tcpip \Device\Ip IRP_MJ_PNP_POWER [EFE3AF80] tcpip.sys
Device \Device\00000027
Device \Driver\ACPI \Device\00000040 IRP_MJ_CREATE [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\00000040 IRP_MJ_CREATE_NAMED_PIPE [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\00000040 IRP_MJ_CLOSEIRP_MJ_READ [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\00000040 IRP_MJ_WRITE [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\00000040 IRP_MJ_QUERY_INFORMATION [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\00000040 IRP_MJ_SET_INFORMATION [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\00000040 IRP_MJ_QUERY_EA [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\00000040 IRP_MJ_SET_EA [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\00000040 IRP_MJ_FLUSH_BUFFERS [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\00000040 IRP_MJ_QUERY_VOLUME_INFORMATION [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\00000040 IRP_MJ_SET_VOLUME_INFORMATION [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\00000040 IRP_MJ_DIRECTORY_CONTROL [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\00000040 IRP_MJ_FILE_SYSTEM_CONTROL [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\00000040 IRP_MJ_DEVICE_CONTROL [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\00000040 IRP_MJ_INTERNAL_DEVICE_CONTROL [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\00000040 IRP_MJ_SHUTDOWN [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\00000040 IRP_MJ_LOCK_CONTROL [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\00000040 IRP_MJ_CLEANUP [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\00000040 IRP_MJ_CREATE_MAILSLOT [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\00000040 IRP_MJ_QUERY_SECURITY [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\00000040 IRP_MJ_SET_SECURITY [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\00000040 IRP_MJ_POWER [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\00000040 IRP_MJ_SYSTEM_CONTROL [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\00000040 IRP_MJ_DEVICE_CHANGE [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\00000040 IRP_MJ_QUERY_QUOTA [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\00000040 IRP_MJ_SET_QUOTA [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\00000040 IRP_MJ_PNP [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\00000040 IRP_MJ_PNP_POWER [F84ECCB8] ACPI.sys
Device \Driver\TermDD \Device\RDP_CONSOLE0 IRP_MJ_CREATE [F85F7E58] termdd.sys
Device \Driver\TermDD \Device\RDP_CONSOLE0 IRP_MJ_CREATE_NAMED_PIPE [F85F7E58] termdd.sys
Device \Driver\TermDD \Device\RDP_CONSOLE0 IRP_MJ_CLOSEIRP_MJ_READ [F85F7E58] termdd.sys
Device \Driver\TermDD \Device\RDP_CONSOLE0 IRP_MJ_WRITE [F85F7E58] termdd.sys
Device \Driver\TermDD \Device\RDP_CONSOLE0 IRP_MJ_QUERY_INFORMATION [F85F7E58] termdd.sys
Device \Driver\TermDD \Device\RDP_CONSOLE0 IRP_MJ_SET_INFORMATION [F85F7E58] termdd.sys
Device \Driver\TermDD \Device\RDP_CONSOLE0 IRP_MJ_QUERY_EA [F85F7E58] termdd.sys
Device \Driver\TermDD \Device\RDP_CONSOLE0 IRP_MJ_SET_EA [F85F7E58] termdd.sys
Device \Driver\TermDD \Device\RDP_CONSOLE0 IRP_MJ_FLUSH_BUFFERS [F85F7E58] termdd.sys
Device \Driver\TermDD \Device\RDP_CONSOLE0 IRP_MJ_QUERY_VOLUME_INFORMATION [F85F7E58] termdd.sys
Device \Driver\TermDD \Device\RDP_CONSOLE0 IRP_MJ_SET_VOLUME_INFORMATION [F85F7E58] termdd.sys
Device \Driver\TermDD \Device\RDP_CONSOLE0 IRP_MJ_DIRECTORY_CONTROL [F85F7E58] termdd.sys
Device \Driver\TermDD \Device\RDP_CONSOLE0 IRP_MJ_FILE_SYSTEM_CONTROL [F85F7E58] termdd.sys
Device \Driver\TermDD \Device\RDP_CONSOLE0 IRP_MJ_DEVICE_CONTROL [F85F7E58] termdd.sys
Device \Driver\TermDD \Device\RDP_CONSOLE0 IRP_MJ_INTERNAL_DEVICE_CONTROL [F85F7E58] termdd.sys
Device \Driver\TermDD \Device\RDP_CONSOLE0 IRP_MJ_SHUTDOWN [F85F7E58] termdd.sys
Device \Driver\TermDD \Device\RDP_CONSOLE0 IRP_MJ_LOCK_CONTROL [F85F7E58] termdd.sys
Device \Driver\TermDD \Device\RDP_CONSOLE0 IRP_MJ_CLEANUP [F85F7E58] termdd.sys
Device \Driver\TermDD \Device\RDP_CONSOLE0 IRP_MJ_CREATE_MAILSLOT [F85F7E58] termdd.sys
Device \Driver\TermDD \Device\RDP_CONSOLE0 IRP_MJ_QUERY_SECURITY [F85F7E58] termdd.sys
Device \Driver\TermDD \Device\RDP_CONSOLE0 IRP_MJ_SET_SECURITY [F85F7E58] termdd.sys
Device \Driver\TermDD \Device\RDP_CONSOLE0 IRP_MJ_POWER [F85F7E58] termdd.sys
Device \Driver\TermDD \Device\RDP_CONSOLE0 IRP_MJ_SYSTEM_CONTROL [F85F7E58] termdd.sys
Device \Driver\TermDD \Device\RDP_CONSOLE0 IRP_MJ_DEVICE_CHANGE [F85F7E58] termdd.sys
Device \Driver\TermDD \Device\RDP_CONSOLE0 IRP_MJ_QUERY_QUOTA [F85F7E58] termdd.sys
Device \Driver\TermDD \Device\RDP_CONSOLE0 IRP_MJ_SET_QUOTA [F85F7E58] termdd.sys
Device \Driver\TermDD \Device\RDP_CONSOLE0 IRP_MJ_PNP [F85F7E58] termdd.sys
Device \Driver\TermDD \Device\RDP_CONSOLE0 IRP_MJ_PNP_POWER [F85F7E58] termdd.sys
Device \Device\00000034
Device \Driver\swenum \Device\KSENUM#00000001 IRP_MJ_CREATE [F8A57768] swenum.sys
Device \Driver\swenum \Device\KSENUM#00000001 IRP_MJ_CREATE_NAMED_PIPE [805031BE] ntoskrnl.exe
Device \Driver\swenum \Device\KSENUM#00000001 IRP_MJ_CLOSEIRP_MJ_READ [F8A57828] swenum.sys
Device \Driver\swenum \Device\KSENUM#00000001 IRP_MJ_WRITE [805031BE] ntoskrnl.exe
Device \Driver\swenum \Device\KSENUM#00000001 IRP_MJ_QUERY_INFORMATION [805031BE] ntoskrnl.exe
Device \Driver\swenum \Device\KSENUM#00000001 IRP_MJ_SET_INFORMATION [805031BE] ntoskrnl.exe
Device \Driver\swenum \Device\KSENUM#00000001 IRP_MJ_QUERY_EA [805031BE] ntoskrnl.exe
Device \Driver\swenum \Device\KSENUM#00000001 IRP_MJ_SET_EA [805031BE] ntoskrnl.exe
Device \Driver\swenum \Device\KSENUM#00000001 IRP_MJ_FLUSH_BUFFERS [805031BE] ntoskrnl.exe
Device \Driver\swenum \Device\KSENUM#00000001 IRP_MJ_QUERY_VOLUME_INFORMATION [805031BE] ntoskrnl.exe
Device \Driver\swenum \Device\KSENUM#00000001 IRP_MJ_SET_VOLUME_INFORMATION [805031BE] ntoskrnl.exe
Device \Driver\swenum \Device\KSENUM#00000001 IRP_MJ_DIRECTORY_CONTROL [805031BE] ntoskrnl.exe
Device \Driver\swenum \Device\KSENUM#00000001 IRP_MJ_FILE_SYSTEM_CONTROL [805031BE] ntoskrnl.exe
Device \Driver\swenum \Device\KSENUM#00000001 IRP_MJ_DEVICE_CONTROL [805031BE] ntoskrnl.exe
Device \Driver\swenum \Device\KSENUM#00000001 IRP_MJ_INTERNAL_DEVICE_CONTROL [F8A577D2] swenum.sys
Device \Driver\swenum \Device\KSENUM#00000001 IRP_MJ_SHUTDOWN [805031BE] ntoskrnl.exe
Device \Driver\swenum \Device\KSENUM#00000001 IRP_MJ_LOCK_CONTROL [805031BE] ntoskrnl.exe
Device \Driver\swenum \Device\KSENUM#00000001 IRP_MJ_CLEANUP [805031BE] ntoskrnl.exe
Device \Driver\swenum \Device\KSENUM#00000001 IRP_MJ_CREATE_MAILSLOT [805031BE] ntoskrnl.exe
Device \Driver\swenum \Device\KSENUM#00000001 IRP_MJ_QUERY_SECURITY [805031BE] ntoskrnl.exe
Device \Driver\swenum \Device\KSENUM#00000001 IRP_MJ_SET_SECURITY [805031BE] ntoskrnl.exe
Device \Driver\swenum \Device\KSENUM#00000001 IRP_MJ_POWER [805031BE] ntoskrnl.exe
Device \Driver\swenum \Device\KSENUM#00000001 IRP_MJ_SYSTEM_CONTROL [F8A57396] swenum.sys
Device \Driver\swenum \Device\KSENUM#00000001 IRP_MJ_DEVICE_CHANGE [F8A57332] swenum.sys
Device \Driver\swenum \Device\KSENUM#00000001 IRP_MJ_QUERY_QUOTA [805031BE] ntoskrnl.exe
Device \Driver\swenum \Device\KSENUM#00000001 IRP_MJ_SET_QUOTA [805031BE] ntoskrnl.exe
Device \Driver\swenum \Device\KSENUM#00000001 IRP_MJ_PNP [805031BE] ntoskrnl.exe
Device \Driver\swenum \Device\KSENUM#00000001 IRP_MJ_PNP_POWER [F8A57690] swenum.sys
Device \Driver\swenum \Device\KSENUM#00000002 IRP_MJ_CREATE [F8A57768] swenum.sys
Device \Driver\swenum \Device\KSENUM#00000002 IRP_MJ_CREATE_NAMED_PIPE [805031BE] ntoskrnl.exe
Device \Driver\swenum \Device\KSENUM#00000002 IRP_MJ_CLOSEIRP_MJ_READ [F8A57828] swenum.sys
Device \Driver\swenum \Device\KSENUM#00000002 IRP_MJ_WRITE [805031BE] ntoskrnl.exe
Device \Driver\swenum \Device\KSENUM#00000002 IRP_MJ_QUERY_INFORMATION [805031BE] ntoskrnl.exe
Device \Driver\swenum \Device\KSENUM#00000002 IRP_MJ_SET_INFORMATION [805031BE] ntoskrnl.exe
Device \Driver\swenum \Device\KSENUM#00000002 IRP_MJ_QUERY_EA [805031BE] ntoskrnl.exe
Device \Driver\swenum \Device\KSENUM#00000002 IRP_MJ_SET_EA [805031BE] ntoskrnl.exe
Device \Driver\swenum \Device\KSENUM#00000002 IRP_MJ_FLUSH_BUFFERS [805031BE] ntoskrnl.exe
Device \Driver\swenum \Device\KSENUM#00000002 IRP_MJ_QUERY_VOLUME_INFORMATION [805031BE] ntoskrnl.exe
Device \Driver\swenum \Device\KSENUM#00000002 IRP_MJ_SET_VOLUME_INFORMATION [805031BE] ntoskrnl.exe
Device \Driver\swenum \Device\KSENUM#00000002 IRP_MJ_DIRECTORY_CONTROL [805031BE] ntoskrnl.exe
Device \Driver\swenum \Device\KSENUM#00000002 IRP_MJ_FILE_SYSTEM_CONTROL [805031BE] ntoskrnl.exe
Device \Driver\swenum \Device\KSENUM#00000002 IRP_MJ_DEVICE_CONTROL [805031BE] ntoskrnl.exe
Device \Driver\swenum \Device\KSENUM#00000002 IRP_MJ_INTERNAL_DEVICE_CONTROL [F8A577D2] swenum.sys
Device \Driver\swenum \Device\KSENUM#00000002 IRP_MJ_SHUTDOWN [805031BE] ntoskrnl.exe
Device \Driver\swenum \Device\KSENUM#00000002 IRP_MJ_LOCK_CONTROL [805031BE] ntoskrnl.exe
Device \Driver\swenum \Device\KSENUM#00000002 IRP_MJ_CLEANUP [805031BE] ntoskrnl.exe
Device \Driver\swenum \Device\KSENUM#00000002 IRP_MJ_CREATE_MAILSLOT [805031BE] ntoskrnl.exe
Device \Driver\swenum \Device\KSENUM#00000002 IRP_MJ_QUERY_SECURITY [805031BE] ntoskrnl.exe
Device \Driver\swenum \Device\KSENUM#00000002 IRP_MJ_SET_SECURITY [805031BE] ntoskrnl.exe
Device \Driver\swenum \Device\KSENUM#00000002 IRP_MJ_POWER [805031BE] ntoskrnl.exe
Device \Driver\swenum \Device\KSENUM#00000002 IRP_MJ_SYSTEM_CONTROL [F8A57396] swenum.sys
Device \Driver\swenum \Device\KSENUM#00000002 IRP_MJ_DEVICE_CHANGE [F8A57332] swenum.sys
Device \Driver\swenum \Device\KSENUM#00000002 IRP_MJ_QUERY_QUOTA [805031BE] ntoskrnl.exe
Device \Driver\swenum \Device\KSENUM#00000002 IRP_MJ_SET_QUOTA [805031BE] ntoskrnl.exe
Device \Driver\swenum \Device\KSENUM#00000002 IRP_MJ_PNP [805031BE] ntoskrnl.exe
Device \Driver\swenum \Device\KSENUM#00000002 IRP_MJ_PNP_POWER [F8A57690] swenum.sys
Device \Device\00000028
Device \Driver\PnpManager \Device\00000035 IRP_MJ_CREATE [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000035 IRP_MJ_CREATE_NAMED_PIPE [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000035 IRP_MJ_CLOSEIRP_MJ_READ [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000035 IRP_MJ_WRITE [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000035 IRP_MJ_QUERY_INFORMATION [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000035 IRP_MJ_SET_INFORMATION [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000035 IRP_
frontrunner
Utente Junior
 
Post: 96
Iscritto il: 26/06/06 17:04

Postdi frontrunner » 30/08/06 17:58

nn ce la faccio più
fammi sapere maniera alternativa
grazie tante!!
frontrunner
Utente Junior
 
Post: 96
Iscritto il: 26/06/06 17:04

Postdi BilloKenobi » 30/08/06 18:03

BilloKenobi ha scritto:non so cosa sia successo, però proviamo così
prova a incollare il log in un blocknotes (.txt) e ad allegare il file stesso. se no, diciamo che potremo togliere l'infezione, ma potrebbero rimanere sul pc alcuni file infetti, sebbene non in funzione


oppure prova a far scorrere il log (sul programma) fino alla fine e catturare l'immagine (tasto Stamp R Sist, in alto a destra sulla testiera, aprire paint, incollare, salvare come jpeg e postare l'immagine)
Begun the Clone War has

Sì sì, mi hanno fatto redattore --- SuspectFile
BilloKenobi
Utente Senior
 
Post: 348
Iscritto il: 08/07/06 11:05

Postdi frontrunner » 30/08/06 18:16

nn c riesco!!

riprovo con metodo classico

GMER 1.0.10.10122 - http://www.gmer.net
Rootkit 2006-08-30 17:36:36
Windows 5.1.2600 Service Pack 2


---- System - GMER 1.0.10 ----

SSDT \??\C:\Programmi\ewido anti-spyware 4.0\guard.sys ZwOpenProcess <-- ROOTKIT !!!
SSDT \??\C:\Programmi\ewido anti-spyware 4.0\guard.sys ZwTerminateProcess <-- ROOTKIT !!!

INT 0x00 \WINDOWS\system32\ntoskrnl.exe 804DF350
INT 0x01 \WINDOWS\system32\ntoskrnl.exe 804DF4CB
INT 0x03 \WINDOWS\system32\ntoskrnl.exe 804DF89D
INT 0x04 \WINDOWS\system32\ntoskrnl.exe 804DFA20
INT 0x05 \WINDOWS\system32\ntoskrnl.exe 804DFB81
INT 0x06 \WINDOWS\system32\ntoskrnl.exe 804DFD02
INT 0x07 \WINDOWS\system32\ntoskrnl.exe 804E036A
INT 0x09 \WINDOWS\system32\ntoskrnl.exe 804E078F
INT 0x0A \WINDOWS\system32\ntoskrnl.exe 804E08AC
INT 0x0B \WINDOWS\system32\ntoskrnl.exe 804E09E9
INT 0x0C \WINDOWS\system32\ntoskrnl.exe 804E0C42
INT 0x0D \WINDOWS\system32\ntoskrnl.exe 804E0F38
INT 0x0E \WINDOWS\system32\ntoskrnl.exe 804E164F
INT 0x0F \WINDOWS\system32\ntoskrnl.exe 804E197C
INT 0x10 \WINDOWS\system32\ntoskrnl.exe 804E1A99
INT 0x11 \WINDOWS\system32\ntoskrnl.exe 804E1BCE
INT 0x12 \WINDOWS\system32\ntoskrnl.exe 804E197C
INT 0x13 \WINDOWS\system32\ntoskrnl.exe 804E1D34
INT 0x14 \WINDOWS\system32\ntoskrnl.exe 804E197C
INT 0x15 \WINDOWS\system32\ntoskrnl.exe 804E197C
INT 0x16 \WINDOWS\system32\ntoskrnl.exe 804E197C
INT 0x17 \WINDOWS\system32\ntoskrnl.exe 804E197C
INT 0x18 \WINDOWS\system32\ntoskrnl.exe 804E197C
INT 0x19 \WINDOWS\system32\ntoskrnl.exe 804E197C
INT 0x1A \WINDOWS\system32\ntoskrnl.exe 804E197C
INT 0x1B \WINDOWS\system32\ntoskrnl.exe 804E197C
INT 0x1C \WINDOWS\system32\ntoskrnl.exe 804E197C
INT 0x1D \WINDOWS\system32\ntoskrnl.exe 804E197C
INT 0x1E \WINDOWS\system32\ntoskrnl.exe 804E197C
INT 0x1F \WINDOWS\system32\hal.dll 806EDFD0
INT 0x2A \WINDOWS\system32\ntoskrnl.exe 804DEB92
INT 0x2B \WINDOWS\system32\ntoskrnl.exe 804DEC95
INT 0x2C \WINDOWS\system32\ntoskrnl.exe 804DEE34
INT 0x2D \WINDOWS\system32\ntoskrnl.exe 804DF77C
INT 0x2E \WINDOWS\system32\ntoskrnl.exe 804DE631
INT 0x2F \WINDOWS\system32\ntoskrnl.exe 804E197C
INT 0x30 \WINDOWS\system32\ntoskrnl.exe 804DDCF0
INT 0x31 \WINDOWS\system32\ntoskrnl.exe 804DDCFA
INT 0x32 \WINDOWS\system32\ntoskrnl.exe 804DDD04
INT 0x33 \WINDOWS\system32\ntoskrnl.exe 804DDD0E
INT 0x34 \WINDOWS\system32\ntoskrnl.exe 804DDD18
INT 0x35 \WINDOWS\system32\ntoskrnl.exe 804DDD22
INT 0x36 \WINDOWS\system32\ntoskrnl.exe 804DDD2C
INT 0x37 \WINDOWS\system32\hal.dll 806ED728
INT 0x38 \WINDOWS\system32\ntoskrnl.exe 804DDD40
INT 0x39 \WINDOWS\system32\ntoskrnl.exe 804DDD4A
INT 0x3A \WINDOWS\system32\ntoskrnl.exe 804DDD54
INT 0x3B \WINDOWS\system32\ntoskrnl.exe 804DDD5E
INT 0x3C \WINDOWS\system32\ntoskrnl.exe 804DDD68
INT 0x3D \WINDOWS\system32\hal.dll 806EEB70
INT 0x3E \WINDOWS\system32\ntoskrnl.exe 804DDD7C
INT 0x3F \WINDOWS\system32\ntoskrnl.exe 804DDD86
INT 0x40 \WINDOWS\system32\ntoskrnl.exe 804DDD90
INT 0x41 \WINDOWS\system32\hal.dll 806EE9CC
INT 0x42 \WINDOWS\system32\ntoskrnl.exe 804DDDA4
INT 0x43 \WINDOWS\system32\ntoskrnl.exe 804DDDAE
INT 0x44 \WINDOWS\system32\ntoskrnl.exe 804DDDB8
INT 0x45 \WINDOWS\system32\ntoskrnl.exe 804DDDC2
INT 0x46 \WINDOWS\system32\ntoskrnl.exe 804DDDCC
INT 0x47 \WINDOWS\system32\ntoskrnl.exe 804DDDD6
INT 0x48 \WINDOWS\system32\ntoskrnl.exe 804DDDE0
INT 0x49 \WINDOWS\system32\ntoskrnl.exe 804DDDEA
INT 0x4A \WINDOWS\system32\ntoskrnl.exe 804DDDF4
INT 0x4B \WINDOWS\system32\ntoskrnl.exe 804DDDFE
INT 0x4C \WINDOWS\system32\ntoskrnl.exe 804DDE08
INT 0x4D \WINDOWS\system32\ntoskrnl.exe 804DDE12
INT 0x4E \WINDOWS\system32\ntoskrnl.exe 804DDE1C
INT 0x4F \WINDOWS\system32\ntoskrnl.exe 804DDE26
INT 0x50 \WINDOWS\system32\hal.dll 806ED800
INT 0x51 \WINDOWS\system32\ntoskrnl.exe 804DDE3A
INT 0x52 \WINDOWS\system32\ntoskrnl.exe 804DDE44
INT 0x53 \WINDOWS\system32\ntoskrnl.exe 804DDE4E
INT 0x54 \WINDOWS\system32\ntoskrnl.exe 804DDE58
INT 0x55 \WINDOWS\system32\ntoskrnl.exe 804DDE62
INT 0x56 \WINDOWS\system32\ntoskrnl.exe 804DDE6C
INT 0x57 \WINDOWS\system32\ntoskrnl.exe 804DDE76
INT 0x58 \WINDOWS\system32\ntoskrnl.exe 804DDE80
INT 0x59 \WINDOWS\system32\ntoskrnl.exe 804DDE8A
INT 0x5A \WINDOWS\system32\ntoskrnl.exe 804DDE94
INT 0x5B \WINDOWS\system32\ntoskrnl.exe 804DDE9E
INT 0x5C \WINDOWS\system32\ntoskrnl.exe 804DDEA8
INT 0x5D \WINDOWS\system32\ntoskrnl.exe 804DDEB2
INT 0x5E \WINDOWS\system32\ntoskrnl.exe 804DDEBC
INT 0x5F \WINDOWS\system32\ntoskrnl.exe 804DDEC6
INT 0x60 \WINDOWS\system32\ntoskrnl.exe 804DDED0
INT 0x61 \WINDOWS\system32\ntoskrnl.exe 804DDEDA
INT 0x64 \WINDOWS\system32\ntoskrnl.exe 804DDEF8
INT 0x65 \WINDOWS\system32\ntoskrnl.exe 804DDF02
INT 0x66 \WINDOWS\system32\ntoskrnl.exe 804DDF0C
INT 0x67 \WINDOWS\system32\ntoskrnl.exe 804DDF16
INT 0x68 \WINDOWS\system32\ntoskrnl.exe 804DDF20
INT 0x69 \WINDOWS\system32\ntoskrnl.exe 804DDF2A
INT 0x6A \WINDOWS\system32\ntoskrnl.exe 804DDF34
INT 0x6B \WINDOWS\system32\ntoskrnl.exe 804DDF3E
INT 0x6C \WINDOWS\system32\ntoskrnl.exe 804DDF48
INT 0x6D \WINDOWS\system32\ntoskrnl.exe 804DDF52
INT 0x6E \WINDOWS\system32\ntoskrnl.exe 804DDF5C
INT 0x6F \WINDOWS\system32\ntoskrnl.exe 804DDF66
INT 0x70 \WINDOWS\system32\ntoskrnl.exe 804DDF70
INT 0x71 \WINDOWS\system32\ntoskrnl.exe 804DDF7A
INT 0x72 \WINDOWS\system32\ntoskrnl.exe 804DDF84
INT 0x74 \WINDOWS\system32\ntoskrnl.exe 804DDF98
INT 0x75 \WINDOWS\system32\ntoskrnl.exe 804DDFA2
INT 0x76 \WINDOWS\system32\ntoskrnl.exe 804DDFAC
INT 0x77 \WINDOWS\system32\ntoskrnl.exe 804DDFB6
INT 0x78 \WINDOWS\system32\ntoskrnl.exe 804DDFC0
INT 0x79 \WINDOWS\system32\ntoskrnl.exe 804DDFCA
INT 0x7A \WINDOWS\system32\ntoskrnl.exe 804DDFD4
INT 0x7B \WINDOWS\system32\ntoskrnl.exe 804DDFDE
INT 0x7C \WINDOWS\system32\ntoskrnl.exe 804DDFE8
INT 0x7D \WINDOWS\system32\ntoskrnl.exe 804DDFF2
INT 0x7E \WINDOWS\system32\ntoskrnl.exe 804DDFFC
INT 0x7F \WINDOWS\system32\ntoskrnl.exe 804DE006
INT 0x80 \WINDOWS\system32\ntoskrnl.exe 804DE010
INT 0x81 \WINDOWS\system32\ntoskrnl.exe 804DE01A
INT 0x85 \WINDOWS\system32\ntoskrnl.exe 804DE042
INT 0x86 \WINDOWS\system32\ntoskrnl.exe 804DE04C
INT 0x87 \WINDOWS\system32\ntoskrnl.exe 804DE056
INT 0x88 \WINDOWS\system32\ntoskrnl.exe 804DE060
INT 0x89 \WINDOWS\system32\ntoskrnl.exe 804DE06A
INT 0x8A \WINDOWS\system32\ntoskrnl.exe 804DE074
INT 0x8B \WINDOWS\system32\ntoskrnl.exe 804DE07E
INT 0x8C \WINDOWS\system32\ntoskrnl.exe 804DE088
INT 0x8D \WINDOWS\system32\ntoskrnl.exe 804DE092
INT 0x8E \WINDOWS\system32\ntoskrnl.exe 804DE09C
INT 0x8F \WINDOWS\system32\ntoskrnl.exe 804DE0A6
INT 0x90 \WINDOWS\system32\ntoskrnl.exe 804DE0B0
INT 0x91 \WINDOWS\system32\ntoskrnl.exe 804DE0BA
INT 0x95 \WINDOWS\system32\ntoskrnl.exe 804DE0E2
INT 0x96 \WINDOWS\system32\ntoskrnl.exe 804DE0EC
INT 0x97 \WINDOWS\system32\ntoskrnl.exe 804DE0F6
INT 0x98 \WINDOWS\system32\ntoskrnl.exe 804DE100
INT 0x99 \WINDOWS\system32\ntoskrnl.exe 804DE10A
INT 0x9A \WINDOWS\system32\ntoskrnl.exe 804DE114
INT 0x9B \WINDOWS\system32\ntoskrnl.exe 804DE11E
INT 0x9C \WINDOWS\system32\ntoskrnl.exe 804DE128
INT 0x9D \WINDOWS\system32\ntoskrnl.exe 804DE132
INT 0x9E \WINDOWS\system32\ntoskrnl.exe 804DE13C
INT 0x9F \WINDOWS\system32\ntoskrnl.exe 804DE146
INT 0xA0 \WINDOWS\system32\ntoskrnl.exe 804DE150
INT 0xA1 \WINDOWS\system32\ntoskrnl.exe 804DE15A
INT 0xA2 \WINDOWS\system32\ntoskrnl.exe 804DE164
INT 0xA5 \WINDOWS\system32\ntoskrnl.exe 804DE182
INT 0xA6 \WINDOWS\system32\ntoskrnl.exe 804DE18C
INT 0xA7 \WINDOWS\system32\ntoskrnl.exe 804DE196
INT 0xA8 \WINDOWS\system32\ntoskrnl.exe 804DE1A0
INT 0xA9 \WINDOWS\system32\ntoskrnl.exe 804DE1AA
INT 0xAA \WINDOWS\system32\ntoskrnl.exe 804DE1B4
INT 0xAB \WINDOWS\system32\ntoskrnl.exe 804DE1BE
INT 0xAC \WINDOWS\system32\ntoskrnl.exe 804DE1C8
INT 0xAD \WINDOWS\system32\ntoskrnl.exe 804DE1D2
INT 0xAE \WINDOWS\system32\ntoskrnl.exe 804DE1DC
INT 0xAF \WINDOWS\system32\ntoskrnl.exe 804DE1E6
INT 0xB0 \WINDOWS\system32\ntoskrnl.exe 804DE1F0
INT 0xB3 \WINDOWS\system32\ntoskrnl.exe 804DE20E
INT 0xB5 \WINDOWS\system32\ntoskrnl.exe 804DE222
INT 0xB6 \WINDOWS\system32\ntoskrnl.exe 804DE22C
INT 0xB7 \WINDOWS\system32\ntoskrnl.exe 804DE236
INT 0xB8 \WINDOWS\system32\ntoskrnl.exe 804DE240
INT 0xB9 \WINDOWS\system32\ntoskrnl.exe 804DE24A
INT 0xBA \WINDOWS\system32\ntoskrnl.exe 804DE254
INT 0xBB \WINDOWS\system32\ntoskrnl.exe 804DE25E
INT 0xBC \WINDOWS\system32\ntoskrnl.exe 804DE268
INT 0xBD \WINDOWS\system32\ntoskrnl.exe 804DE272
INT 0xBE \WINDOWS\system32\ntoskrnl.exe 804DE27C
INT 0xBF \WINDOWS\system32\ntoskrnl.exe 804DE286
INT 0xC0 \WINDOWS\system32\ntoskrnl.exe 804DE290
INT 0xC1 \WINDOWS\system32\hal.dll 806ED984
INT 0xC2 \WINDOWS\system32\ntoskrnl.exe 804DE2A4
INT 0xC3 \WINDOWS\system32\ntoskrnl.exe 804DE2AE
INT 0xC4 \WINDOWS\system32\ntoskrnl.exe 804DE2B8
INT 0xC5 \WINDOWS\system32\ntoskrnl.exe 804DE2C2
INT 0xC6 \WINDOWS\system32\ntoskrnl.exe 804DE2CC
INT 0xC7 \WINDOWS\system32\ntoskrnl.exe 804DE2D6
INT 0xC8 \WINDOWS\system32\ntoskrnl.exe 804DE2E0
INT 0xC9 \WINDOWS\system32\ntoskrnl.exe 804DE2EA
INT 0xCA \WINDOWS\system32\ntoskrnl.exe 804DE2F4
INT 0xCB \WINDOWS\system32\ntoskrnl.exe 804DE2FE
INT 0xCC \WINDOWS\system32\ntoskrnl.exe 804DE308
INT 0xCD \WINDOWS\system32\ntoskrnl.exe 804DE312
INT 0xCE \WINDOWS\system32\ntoskrnl.exe 804DE31C
INT 0xCF \WINDOWS\system32\ntoskrnl.exe 804DE326
INT 0xD0 \WINDOWS\system32\ntoskrnl.exe 804DE330
INT 0xD1 \WINDOWS\system32\hal.dll 806ECD34
INT 0xD2 \WINDOWS\system32\ntoskrnl.exe 804DE344
INT 0xD3 \WINDOWS\system32\ntoskrnl.exe 804DE34E
INT 0xD4 \WINDOWS\system32\ntoskrnl.exe 804DE358
INT 0xD5 \WINDOWS\system32\ntoskrnl.exe 804DE362
INT 0xD6 \WINDOWS\system32\ntoskrnl.exe 804DE36C
INT 0xD7 \WINDOWS\system32\ntoskrnl.exe 804DE376
INT 0xD8 \WINDOWS\system32\ntoskrnl.exe 804DE380
INT 0xD9 \WINDOWS\system32\ntoskrnl.exe 804DE38A
INT 0xDA \WINDOWS\system32\ntoskrnl.exe 804DE394
INT 0xDB \WINDOWS\system32\ntoskrnl.exe 804DE39E
INT 0xDC \WINDOWS\system32\ntoskrnl.exe 804DE3A8
INT 0xDD \WINDOWS\system32\ntoskrnl.exe 804DE3B2
INT 0xDE \WINDOWS\system32\ntoskrnl.exe 804DE3BC
INT 0xDF \WINDOWS\system32\ntoskrnl.exe 804DE3C6
INT 0xE0 \WINDOWS\system32\ntoskrnl.exe 804DE3D0
INT 0xE1 \WINDOWS\system32\hal.dll 806EDF0C
INT 0xE2 \WINDOWS\system32\ntoskrnl.exe 804DE3E4
INT 0xE3 \WINDOWS\system32\hal.dll 806EDC70
INT 0xE4 \WINDOWS\system32\ntoskrnl.exe 804DE3F8
INT 0xE5 \WINDOWS\system32\ntoskrnl.exe 804DE402
INT 0xE6 \WINDOWS\system32\ntoskrnl.exe 804DE40C
INT 0xE7 \WINDOWS\system32\ntoskrnl.exe 804DE416
INT 0xE8 \WINDOWS\system32\ntoskrnl.exe 804DE420
INT 0xE9 \WINDOWS\system32\ntoskrnl.exe 804DE42A
INT 0xEA \WINDOWS\system32\ntoskrnl.exe 804DE434
INT 0xEB \WINDOWS\system32\ntoskrnl.exe 804DE43E
INT 0xEC \WINDOWS\system32\ntoskrnl.exe 804DE448
INT 0xED \WINDOWS\system32\ntoskrnl.exe 804DE452
INT 0xEE \WINDOWS\system32\ntoskrnl.exe 804DE459
INT 0xEF \WINDOWS\system32\ntoskrnl.exe 804DE460
INT 0xF0 \WINDOWS\system32\ntoskrnl.exe 804DE467
INT 0xF1 \WINDOWS\system32\ntoskrnl.exe 804DE46E
INT 0xF2 \WINDOWS\system32\ntoskrnl.exe 804DE475
INT 0xF3 \WINDOWS\system32\ntoskrnl.exe 804DE47C
INT 0xF4 \WINDOWS\system32\ntoskrnl.exe 804DE483
INT 0xF5 \WINDOWS\system32\ntoskrnl.exe 804DE48A
INT 0xF6 \WINDOWS\system32\ntoskrnl.exe 804DE491
INT 0xF7 \WINDOWS\system32\ntoskrnl.exe 804DE498
INT 0xF8 \WINDOWS\system32\ntoskrnl.exe 804DE49F
INT 0xF9 \WINDOWS\system32\ntoskrnl.exe 804DE4A6
INT 0xFA \WINDOWS\system32\ntoskrnl.exe 804DE4AD
INT 0xFB \WINDOWS\system32\ntoskrnl.exe 804DE4B4
INT 0xFC \WINDOWS\system32\ntoskrnl.exe 804DE4BB
INT 0xFD \WINDOWS\system32\hal.dll 806EE464
INT 0xFE \WINDOWS\system32\hal.dll 806EE604
INT 0xFF \WINDOWS\system32\ntoskrnl.exe 804DE4D0

SYSENTER \WINDOWS\system32\ntoskrnl.exe 804DE6F0
[/img]
frontrunner
Utente Junior
 
Post: 96
Iscritto il: 26/06/06 17:04

Postdi frontrunner » 30/08/06 18:18

---- Devices - GMER 1.0.10 ----

Device \FileSystem\Ntfs \Ntfs IRP_MJ_CREATE [F83DAE37] Ntfs.sys
Device \FileSystem\Ntfs \Ntfs IRP_MJ_CREATE_NAMED_PIPE [805031BE] ntoskrnl.exe
Device \FileSystem\Ntfs \Ntfs IRP_MJ_CLOSEIRP_MJ_READ [F83DA320] Ntfs.sys
Device \FileSystem\Ntfs \Ntfs IRP_MJ_WRITE [F83B7EE4] Ntfs.sys
Device \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_INFORMATION [F83B6BCA] Ntfs.sys
Device \FileSystem\Ntfs \Ntfs IRP_MJ_SET_INFORMATION [F83DB4D1] Ntfs.sys
Device \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_EA [F83B8A58] Ntfs.sys
Device \FileSystem\Ntfs \Ntfs IRP_MJ_SET_EA [F83DB4D1] Ntfs.sys
Device \FileSystem\Ntfs \Ntfs IRP_MJ_FLUSH_BUFFERS [F83DB4D1] Ntfs.sys
Device \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_VOLUME_INFORMATION [F83E0A68] Ntfs.sys
Device \FileSystem\Ntfs \Ntfs IRP_MJ_SET_VOLUME_INFORMATION [F83DB61C] Ntfs.sys
Device \FileSystem\Ntfs \Ntfs IRP_MJ_DIRECTORY_CONTROL [F83DB61C] Ntfs.sys
Device \FileSystem\Ntfs \Ntfs IRP_MJ_FILE_SYSTEM_CONTROL [F83DD2C3] Ntfs.sys
Device \FileSystem\Ntfs \Ntfs IRP_MJ_DEVICE_CONTROL [F83E26D5] Ntfs.sys
Device \FileSystem\Ntfs \Ntfs IRP_MJ_INTERNAL_DEVICE_CONTROL [F83DB61C] Ntfs.sys
Device \FileSystem\Ntfs \Ntfs IRP_MJ_SHUTDOWN [805031BE] ntoskrnl.exe
Device \FileSystem\Ntfs \Ntfs IRP_MJ_LOCK_CONTROL [F83C9621] Ntfs.sys
Device \FileSystem\Ntfs \Ntfs IRP_MJ_CLEANUP [F842EB11] Ntfs.sys
Device \FileSystem\Ntfs \Ntfs IRP_MJ_CREATE_MAILSLOT [F83DACEE] Ntfs.sys
Device \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_SECURITY [805031BE] ntoskrnl.exe
Device \FileSystem\Ntfs \Ntfs IRP_MJ_SET_SECURITY [F83DB61C] Ntfs.sys
Device \FileSystem\Ntfs \Ntfs IRP_MJ_POWER [F83DB61C] Ntfs.sys
Device \FileSystem\Ntfs \Ntfs IRP_MJ_SYSTEM_CONTROL [805031BE] ntoskrnl.exe
Device \FileSystem\Ntfs \Ntfs IRP_MJ_DEVICE_CHANGE [805031BE] ntoskrnl.exe
Device \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_QUOTA [805031BE] ntoskrnl.exe
Device \FileSystem\Ntfs \Ntfs IRP_MJ_SET_QUOTA [F83DB4D1] Ntfs.sys
Device \FileSystem\Ntfs \Ntfs IRP_MJ_PNP [F83DB4D1] Ntfs.sys
Device \FileSystem\Ntfs \Ntfs IRP_MJ_PNP_POWER [F83F9F3F] Ntfs.sys
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_CREATE [EFC4CC8A] Fastfat.SYS
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_CREATE_NAMED_PIPE [805031BE] ntoskrnl.exe
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_CLOSEIRP_MJ_READ [EFC497C8] Fastfat.SYS
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_WRITE [EFC4560A] Fastfat.SYS
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_QUERY_INFORMATION [EFC45AED] Fastfat.SYS
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_SET_INFORMATION [EFC50958] Fastfat.SYS
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_QUERY_EA [EFC53821] Fastfat.SYS
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_SET_EA [EFC5C38A] Fastfat.SYS
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_FLUSH_BUFFERS [EFC5BD49] Fastfat.SYS
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_QUERY_VOLUME_INFORMATION [EFC55BBE] Fastfat.SYS
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_SET_VOLUME_INFORMATION [EFC56331] Fastfat.SYS
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_DIRECTORY_CONTROL [EFC644F4] Fastfat.SYS
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_FILE_SYSTEM_CONTROL [EFC4CB37] Fastfat.SYS
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_DEVICE_CONTROL [EFC48948] Fastfat.SYS
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_INTERNAL_DEVICE_CONTROL [EFC5246B] Fastfat.SYS
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_SHUTDOWN [805031BE] ntoskrnl.exe
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_LOCK_CONTROL [EFC6379D] Fastfat.SYS
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_CLEANUP [EFC62C4A] Fastfat.SYS
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_CREATE_MAILSLOT [EFC492FD] Fastfat.SYS
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_QUERY_SECURITY [805031BE] ntoskrnl.exe
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_SET_SECURITY [805031BE] ntoskrnl.exe
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_POWER [805031BE] ntoskrnl.exe
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_SYSTEM_CONTROL [805031BE] ntoskrnl.exe
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_DEVICE_CHANGE [805031BE] ntoskrnl.exe
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_QUERY_QUOTA [805031BE] ntoskrnl.exe
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_SET_QUOTA [805031BE] ntoskrnl.exe
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_PNP [805031BE] ntoskrnl.exe
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_PNP_POWER [EFC631DB] Fastfat.SYS
Device \FileSystem\Mup \Dfs IRP_MJ_CREATE [F8372A80] Mup.sys
Device \FileSystem\Mup \Dfs IRP_MJ_CREATE_NAMED_PIPE [F8372A80] Mup.sys
Device \FileSystem\Mup \Dfs IRP_MJ_CLOSEIRP_MJ_READ [F8377A76] Mup.sys
Device \FileSystem\Mup \Dfs IRP_MJ_WRITE [F836F52D] Mup.sys
Device \FileSystem\Mup \Dfs IRP_MJ_QUERY_INFORMATION [F8374159] Mup.sys
Device \FileSystem\Mup \Dfs IRP_MJ_SET_INFORMATION [F837FB88] Mup.sys
Device \FileSystem\Mup \Dfs IRP_MJ_QUERY_EA [F837FDF2] Mup.sys
Device \FileSystem\Mup \Dfs IRP_MJ_SET_EA [F836F52D] Mup.sys
Device \FileSystem\Mup \Dfs IRP_MJ_FLUSH_BUFFERS [F836F52D] Mup.sys
Device \FileSystem\Mup \Dfs IRP_MJ_QUERY_VOLUME_INFORMATION [F836F52D] Mup.sys
Device \FileSystem\Mup \Dfs IRP_MJ_SET_VOLUME_INFORMATION [F8384492] Mup.sys
Device \FileSystem\Mup \Dfs IRP_MJ_DIRECTORY_CONTROL [F8384585] Mup.sys
Device \FileSystem\Mup \Dfs IRP_MJ_FILE_SYSTEM_CONTROL [F836F52D] Mup.sys
Device \FileSystem\Mup \Dfs IRP_MJ_DEVICE_CONTROL [F83775D2] Mup.sys
Device \FileSystem\Mup \Dfs IRP_MJ_INTERNAL_DEVICE_CONTROL [F836F52D] Mup.sys
Device \FileSystem\Mup \Dfs IRP_MJ_SHUTDOWN [F836F52D] Mup.sys
Device \FileSystem\Mup \Dfs IRP_MJ_LOCK_CONTROL [F837F33D] Mup.sys
Device \FileSystem\Mup \Dfs IRP_MJ_CLEANUP [F836F52D] Mup.sys
Device \FileSystem\Mup \Dfs IRP_MJ_CREATE_MAILSLOT [F8377AB9] Mup.sys
Device \FileSystem\Mup \Dfs IRP_MJ_QUERY_SECURITY [F8372A80] Mup.sys
Device \FileSystem\Mup \Dfs IRP_MJ_SET_SECURITY [F836F52D] Mup.sys
Device \FileSystem\Mup \Dfs IRP_MJ_POWER [F836F52D] Mup.sys
Device \FileSystem\Mup \Dfs IRP_MJ_SYSTEM_CONTROL [F836F52D] Mup.sys
Device \FileSystem\Mup \Dfs IRP_MJ_DEVICE_CHANGE [F836E35A] Mup.sys
Device \FileSystem\Mup \Dfs IRP_MJ_QUERY_QUOTA [F836F52D] Mup.sys
Device \FileSystem\Mup \Dfs IRP_MJ_SET_QUOTA [F836F52D] Mup.sys
Device \FileSystem\Mup \Dfs IRP_MJ_PNP [F836F52D] Mup.sys
Device \FileSystem\Mup \Dfs IRP_MJ_PNP_POWER [F836F52D] Mup.sys
Device \Driver\NDIS \Device\Ndis IRP_MJ_CREATE [F8390982] NDIS.sys
Device \Driver\NDIS \Device\Ndis IRP_MJ_CREATE_NAMED_PIPE [F8390982] NDIS.sys
Device \Driver\NDIS \Device\Ndis IRP_MJ_CLOSEIRP_MJ_READ [F8390982] NDIS.sys
Device \Driver\NDIS \Device\Ndis IRP_MJ_WRITE [F8390982] NDIS.sys
Device \Driver\NDIS \Device\Ndis IRP_MJ_QUERY_INFORMATION [F8390982] NDIS.sys
Device \Driver\NDIS \Device\Ndis IRP_MJ_SET_INFORMATION [F8390982] NDIS.sys
Device \Driver\NDIS \Device\Ndis IRP_MJ_QUERY_EA [F8390982] NDIS.sys
Device \Driver\NDIS \Device\Ndis IRP_MJ_SET_EA [F8390982] NDIS.sys
Device \Driver\NDIS \Device\Ndis IRP_MJ_FLUSH_BUFFERS [F8390982] NDIS.sys
Device \Driver\NDIS \Device\Ndis IRP_MJ_QUERY_VOLUME_INFORMATION [F8390982] NDIS.sys
Device \Driver\NDIS \Device\Ndis IRP_MJ_SET_VOLUME_INFORMATION [F8390982] NDIS.sys
Device \Driver\NDIS \Device\Ndis IRP_MJ_DIRECTORY_CONTROL [F8390982] NDIS.sys
Device \Driver\NDIS \Device\Ndis IRP_MJ_FILE_SYSTEM_CONTROL [F8390982] NDIS.sys
Device \Driver\NDIS \Device\Ndis IRP_MJ_DEVICE_CONTROL [F8390982] NDIS.sys
Device \Driver\NDIS \Device\Ndis IRP_MJ_INTERNAL_DEVICE_CONTROL [F8390982] NDIS.sys
Device \Driver\NDIS \Device\Ndis IRP_MJ_SHUTDOWN [F8390982] NDIS.sys
Device \Driver\NDIS \Device\Ndis IRP_MJ_LOCK_CONTROL [F8390982] NDIS.sys
Device \Driver\NDIS \Device\Ndis IRP_MJ_CLEANUP [F8390982] NDIS.sys
Device \Driver\NDIS \Device\Ndis IRP_MJ_CREATE_MAILSLOT [F8390982] NDIS.sys
Device \Driver\NDIS \Device\Ndis IRP_MJ_QUERY_SECURITY [F8390982] NDIS.sys
Device \Driver\NDIS \Device\Ndis IRP_MJ_SET_SECURITY [F8390982] NDIS.sys
Device \Driver\NDIS \Device\Ndis IRP_MJ_POWER [F8390982] NDIS.sys
Device \Driver\NDIS \Device\Ndis IRP_MJ_SYSTEM_CONTROL [F8390982] NDIS.sys
Device \Driver\NDIS \Device\Ndis IRP_MJ_DEVICE_CHANGE [F8390982] NDIS.sys
Device \Driver\NDIS \Device\Ndis IRP_MJ_QUERY_QUOTA [F8390982] NDIS.sys
Device \Driver\NDIS \Device\Ndis IRP_MJ_SET_QUOTA [F8390982] NDIS.sys
Device \Driver\NDIS \Device\Ndis IRP_MJ_PNP [F8390982] NDIS.sys
Device \Driver\NDIS \Device\Ndis IRP_MJ_PNP_POWER [F8390982] NDIS.sys
Device \Driver\KSecDD \Device\KsecDD IRP_MJ_CREATE [F8448D62] KSecDD.sys
Device \Driver\KSecDD \Device\KsecDD IRP_MJ_CREATE_NAMED_PIPE [805031BE] ntoskrnl.exe
Device \Driver\KSecDD \Device\KsecDD IRP_MJ_CLOSEIRP_MJ_READ [F8448D62] KSecDD.sys
Device \Driver\KSecDD \Device\KsecDD IRP_MJ_WRITE [F8448D62] KSecDD.sys
Device \Driver\KSecDD \Device\KsecDD IRP_MJ_QUERY_INFORMATION [F8448D62] KSecDD.sys
Device \Driver\KSecDD \Device\KsecDD IRP_MJ_SET_INFORMATION [F8448D62] KSecDD.sys
Device \Driver\KSecDD \Device\KsecDD IRP_MJ_QUERY_EA [805031BE] ntoskrnl.exe
Device \Driver\KSecDD \Device\KsecDD IRP_MJ_SET_EA [805031BE] ntoskrnl.exe
Device \Driver\KSecDD \Device\KsecDD IRP_MJ_FLUSH_BUFFERS [805031BE] ntoskrnl.exe
Device \Driver\KSecDD \Device\KsecDD IRP_MJ_QUERY_VOLUME_INFORMATION [805031BE] ntoskrnl.exe
Device \Driver\KSecDD \Device\KsecDD IRP_MJ_SET_VOLUME_INFORMATION [F8448D62] KSecDD.sys
Device \Driver\KSecDD \Device\KsecDD IRP_MJ_DIRECTORY_CONTROL [805031BE] ntoskrnl.exe
Device \Driver\KSecDD \Device\KsecDD IRP_MJ_FILE_SYSTEM_CONTROL [805031BE] ntoskrnl.exe
Device \Driver\KSecDD \Device\KsecDD IRP_MJ_DEVICE_CONTROL [805031BE] ntoskrnl.exe
Device \Driver\KSecDD \Device\KsecDD IRP_MJ_INTERNAL_DEVICE_CONTROL [F8448D62] KSecDD.sys
Device \Driver\KSecDD \Device\KsecDD IRP_MJ_SHUTDOWN [805031BE] ntoskrnl.exe
Device \Driver\KSecDD \Device\KsecDD IRP_MJ_LOCK_CONTROL [805031BE] ntoskrnl.exe
Device \Driver\KSecDD \Device\KsecDD IRP_MJ_CLEANUP [805031BE] ntoskrnl.exe
Device \Driver\KSecDD \Device\KsecDD IRP_MJ_CREATE_MAILSLOT [805031BE] ntoskrnl.exe
Device \Driver\KSecDD \Device\KsecDD IRP_MJ_QUERY_SECURITY [805031BE] ntoskrnl.exe
Device \Driver\KSecDD \Device\KsecDD IRP_MJ_SET_SECURITY [805031BE] ntoskrnl.exe
Device \Driver\KSecDD \Device\KsecDD IRP_MJ_POWER [805031BE] ntoskrnl.exe
Device \Driver\KSecDD \Device\KsecDD IRP_MJ_SYSTEM_CONTROL [805031BE] ntoskrnl.exe
Device \Driver\KSecDD \Device\KsecDD IRP_MJ_DEVICE_CHANGE [805031BE] ntoskrnl.exe
Device \Driver\KSecDD \Device\KsecDD IRP_MJ_QUERY_QUOTA [805031BE] ntoskrnl.exe
Device \Driver\KSecDD \Device\KsecDD IRP_MJ_SET_QUOTA [805031BE] ntoskrnl.exe
Device \Driver\KSecDD \Device\KsecDD IRP_MJ_PNP [805031BE] ntoskrnl.exe
Device \Driver\KSecDD \Device\KsecDD IRP_MJ_PNP_POWER [805031BE] ntoskrnl.exe
Device \Device\00000019
Device \Device\00000025
Device \Driver\PnpManager \Device\00000032 IRP_MJ_CREATE [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000032 IRP_MJ_CREATE_NAMED_PIPE [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000032 IRP_MJ_CLOSEIRP_MJ_READ [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000032 IRP_MJ_WRITE [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000032 IRP_MJ_QUERY_INFORMATION [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000032 IRP_MJ_SET_INFORMATION [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000032 IRP_MJ_QUERY_EA [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000032 IRP_MJ_SET_EA [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000032 IRP_MJ_FLUSH_BUFFERS [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000032 IRP_MJ_QUERY_VOLUME_INFORMATION [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000032 IRP_MJ_SET_VOLUME_INFORMATION [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000032 IRP_MJ_DIRECTORY_CONTROL [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000032 IRP_MJ_FILE_SYSTEM_CONTROL [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000032 IRP_MJ_DEVICE_CONTROL [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000032 IRP_MJ_INTERNAL_DEVICE_CONTROL [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000032 IRP_MJ_SHUTDOWN [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000032 IRP_MJ_LOCK_CONTROL [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000032 IRP_MJ_CLEANUP [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000032 IRP_MJ_CREATE_MAILSLOT [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000032 IRP_MJ_QUERY_SECURITY [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000032 IRP_MJ_SET_SECURITY [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000032 IRP_MJ_POWER [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000032 IRP_MJ_SYSTEM_CONTROL [80531651] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000032 IRP_MJ_DEVICE_CHANGE [8061DEEF] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000032 IRP_MJ_QUERY_QUOTA [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000032 IRP_MJ_SET_QUOTA [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000032 IRP_MJ_PNP [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000032 IRP_MJ_PNP_POWER [805AD182] ntoskrnl.exe
Device \Driver\Beep \Device\Beep IRP_MJ_CREATE [F8A6746A] Beep.SYS
Device \Driver\Beep \Device\Beep IRP_MJ_CREATE_NAMED_PIPE [805031BE] ntoskrnl.exe
Device \Driver\Beep \Device\Beep IRP_MJ_CLOSEIRP_MJ_READ [F8A674B8] Beep.SYS
Device \Driver\Beep \Device\Beep IRP_MJ_WRITE [805031BE] ntoskrnl.exe
Device \Driver\Beep \Device\Beep IRP_MJ_QUERY_INFORMATION [805031BE] ntoskrnl.exe
Device \Driver\Beep \Device\Beep IRP_MJ_SET_INFORMATION [805031BE] ntoskrnl.exe
Device \Driver\Beep \Device\Beep IRP_MJ_QUERY_EA [805031BE] ntoskrnl.exe
Device \Driver\Beep \Device\Beep IRP_MJ_SET_EA [805031BE] ntoskrnl.exe
Device \Driver\Beep \Device\Beep IRP_MJ_FLUSH_BUFFERS [805031BE] ntoskrnl.exe
Device \Driver\Beep \Device\Beep IRP_MJ_QUERY_VOLUME_INFORMATION [805031BE] ntoskrnl.exe
Device \Driver\Beep \Device\Beep IRP_MJ_SET_VOLUME_INFORMATION [805031BE] ntoskrnl.exe
Device \Driver\Beep \Device\Beep IRP_MJ_DIRECTORY_CONTROL [805031BE] ntoskrnl.exe
Device \Driver\Beep \Device\Beep IRP_MJ_FILE_SYSTEM_CONTROL [805031BE] ntoskrnl.exe
Device \Driver\Beep \Device\Beep IRP_MJ_DEVICE_CONTROL [805031BE] ntoskrnl.exe
Device \Driver\Beep \Device\Beep IRP_MJ_INTERNAL_DEVICE_CONTROL [F8A67400] Beep.SYS
Device \Driver\Beep \Device\Beep IRP_MJ_SHUTDOWN [805031BE] ntoskrnl.exe
Device \Driver\Beep \Device\Beep IRP_MJ_LOCK_CONTROL [805031BE] ntoskrnl.exe
Device \Driver\Beep \Device\Beep IRP_MJ_CLEANUP [805031BE] ntoskrnl.exe
Device \Driver\Beep \Device\Beep IRP_MJ_CREATE_MAILSLOT [F8A67354] Beep.SYS
Device \Driver\Beep \Device\Beep IRP_MJ_QUERY_SECURITY [805031BE] ntoskrnl.exe
Device \Driver\Beep \Device\Beep IRP_MJ_SET_SECURITY [805031BE] ntoskrnl.exe
Device \Driver\Beep \Device\Beep IRP_MJ_POWER [805031BE] ntoskrnl.exe
Device \Driver\Beep \Device\Beep IRP_MJ_SYSTEM_CONTROL [805031BE] ntoskrnl.exe
Device \Driver\Beep \Device\Beep IRP_MJ_DEVICE_CHANGE [805031BE] ntoskrnl.exe
Device \Driver\Beep \Device\Beep IRP_MJ_QUERY_QUOTA [805031BE] ntoskrnl.exe
Device \Driver\Beep \Device\Beep IRP_MJ_SET_QUOTA [805031BE] ntoskrnl.exe
Device \Driver\Beep \Device\Beep IRP_MJ_PNP [805031BE] ntoskrnl.exe
Device \Driver\Beep \Device\Beep IRP_MJ_PNP_POWER [805031BE] ntoskrnl.exe
Device \Device\00000026
Device \Driver\PnpManager \Device\00000033 IRP_MJ_CREATE [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000033 IRP_MJ_CREATE_NAMED_PIPE [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000033 IRP_MJ_CLOSEIRP_MJ_READ [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000033 IRP_MJ_WRITE [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000033 IRP_MJ_QUERY_INFORMATION [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000033 IRP_MJ_SET_INFORMATION [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000033 IRP_MJ_QUERY_EA [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000033 IRP_MJ_SET_EA [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000033 IRP_MJ_FLUSH_BUFFERS [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000033 IRP_MJ_QUERY_VOLUME_INFORMATION [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000033 IRP_MJ_SET_VOLUME_INFORMATION [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000033 IRP_MJ_DIRECTORY_CONTROL [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000033 IRP_MJ_FILE_SYSTEM_CONTROL [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000033 IRP_MJ_DEVICE_CONTROL [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000033 IRP_MJ_INTERNAL_DEVICE_CONTROL [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000033 IRP_MJ_SHUTDOWN [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000033 IRP_MJ_LOCK_CONTROL [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000033 IRP_MJ_CLEANUP [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000033 IRP_MJ_CREATE_MAILSLOT [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000033 IRP_MJ_QUERY_SECURITY [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000033 IRP_MJ_SET_SECURITY [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000033 IRP_MJ_POWER [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000033 IRP_MJ_SYSTEM_CONTROL [80531651] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000033 IRP_MJ_DEVICE_CHANGE [8061DEEF] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000033 IRP_MJ_QUERY_QUOTA [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000033 IRP_MJ_SET_QUOTA [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000033 IRP_MJ_PNP [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000033 IRP_MJ_PNP_POWER [805AD182] ntoskrnl.exe
Device \FileSystem\NetBIOS \Device\Netbios IRP_MJ_CREATE [F866BCCE] netbios.sys
Device \FileSystem\NetBIOS \Device\Netbios IRP_MJ_CREATE_NAMED_PIPE [805031BE] ntoskrnl.exe
Device \FileSystem\NetBIOS \Device\Netbios IRP_MJ_CLOSEIRP_MJ_READ [F866BCCE] netbios.sys
Device \FileSystem\NetBIOS \Device\Netbios IRP_MJ_WRITE [805031BE] ntoskrnl.exe
Device \FileSystem\NetBIOS \Device\Netbios IRP_MJ_QUERY_INFORMATION [805031BE] ntoskrnl.exe
Device \FileSystem\NetBIOS \Device\Netbios IRP_MJ_SET_INFORMATION [805031BE] ntoskrnl.exe
Device \FileSystem\NetBIOS \Device\Netbios IRP_MJ_QUERY_EA [805031BE] ntoskrnl.exe
Device \FileSystem\NetBIOS \Device\Netbios IRP_MJ_SET_EA [805031BE] ntoskrnl.exe
Device \FileSystem\NetBIOS \Device\Netbios IRP_MJ_FLUSH_BUFFERS [805031BE] ntoskrnl.exe
Device \FileSystem\NetBIOS \Device\Netbios IRP_MJ_QUERY_VOLUME_INFORMATION [805031BE] ntoskrnl.exe
Device \FileSystem\NetBIOS \Device\Netbios IRP_MJ_SET_VOLUME_INFORMATION [805031BE] ntoskrnl.exe
Device \FileSystem\NetBIOS \Device\Netbios IRP_MJ_DIRECTORY_CONTROL [805031BE] ntoskrnl.exe
Device \FileSystem\NetBIOS \Device\Netbios IRP_MJ_FILE_SYSTEM_CONTROL [805031BE] ntoskrnl.exe
Device \FileSystem\NetBIOS \Device\Netbios IRP_MJ_DEVICE_CONTROL [805031BE] ntoskrnl.exe
Device \FileSystem\NetBIOS \Device\Netbios IRP_MJ_INTERNAL_DEVICE_CONTROL [F866BCCE] netbios.sys
Device \FileSystem\NetBIOS \Device\Netbios IRP_MJ_SHUTDOWN [805031BE] ntoskrnl.exe
Device \FileSystem\NetBIOS \Device\Netbios IRP_MJ_LOCK_CONTROL [805031BE] ntoskrnl.exe
Device \FileSystem\NetBIOS \Device\Netbios IRP_MJ_CLEANUP [805031BE] ntoskrnl.exe
Device \FileSystem\NetBIOS \Device\Netbios IRP_MJ_CREATE_MAILSLOT [F866BCCE] netbios.sys
Device \FileSystem\NetBIOS \Device\Netbios IRP_MJ_QUERY_SECURITY [805031BE] ntoskrnl.exe
Device \FileSystem\NetBIOS \Device\Netbios IRP_MJ_SET_SECURITY [805031BE] ntoskrnl.exe
Device \FileSystem\NetBIOS \Device\Netbios IRP_MJ_POWER [805031BE] ntoskrnl.exe
Device \FileSystem\NetBIOS \Device\Netbios IRP_MJ_SYSTEM_CONTROL [805031BE] ntoskrnl.exe
Device \FileSystem\NetBIOS \Device\Netbios IRP_MJ_DEVICE_CHANGE [805031BE] ntoskrnl.exe
Device \FileSystem\NetBIOS \Device\Netbios IRP_MJ_QUERY_QUOTA [805031BE] ntoskrnl.exe
Device \FileSystem\NetBIOS \Device\Netbios IRP_MJ_SET_QUOTA [805031BE] ntoskrnl.exe
Device \FileSystem\NetBIOS \Device\Netbios IRP_MJ_PNP [805031BE] ntoskrnl.exe
Device \FileSystem\NetBIOS \Device\Netbios IRP_MJ_PNP_POWER [805031BE] ntoskrnl.exe
Device \Driver\Tcpip \Device\Ip IRP_MJ_CREATE [EFE3AF80] tcpip.sys
Device \Driver\Tcpip \Device\Ip IRP_MJ_CREATE_NAMED_PIPE [EFE3AF80] tcpip.sys
Device \Driver\Tcpip \Device\Ip IRP_MJ_CLOSEIRP_MJ_READ [EFE3AF80] tcpip.sys
Device \Driver\Tcpip \Device\Ip IRP_MJ_WRITE [EFE3AF80] tcpip.sys
Device \Driver\Tcpip \Device\Ip IRP_MJ_QUERY_INFORMATION [EFE3AF80] tcpip.sys
Device \Driver\Tcpip \Device\Ip IRP_MJ_SET_INFORMATION [EFE3AF80] tcpip.sys
Device \Driver\Tcpip \Device\Ip IRP_MJ_QUERY_EA [EFE3AF80] tcpip.sys
Device \Driver\Tcpip \Device\Ip IRP_MJ_SET_EA [EFE3AF80] tcpip.sys
Device \Driver\Tcpip \Device\Ip IRP_MJ_FLUSH_BUFFERS [EFE3AF80] tcpip.sys
Device \Driver\Tcpip \Device\Ip IRP_MJ_QUERY_VOLUME_INFORMATION [EFE3AF80] tcpip.sys
Device \Driver\Tcpip \Device\Ip IRP_MJ_SET_VOLUME_INFORMATION [EFE3AF80] tcpip.sys
Device \Driver\Tcpip \Device\Ip IRP_MJ_DIRECTORY_CONTROL [EFE3AF80] tcpip.sys
Device \Driver\Tcpip \Device\Ip IRP_MJ_FILE_SYSTEM_CONTROL [EFE3AF80] tcpip.sys
Device \Driver\Tcpip \Device\Ip IRP_MJ_DEVICE_CONTROL [EFE3AF80] tcpip.sys
Device \Driver\Tcpip \Device\Ip IRP_MJ_INTERNAL_DEVICE_CONTROL [EFE3AF80] tcpip.sys
Device \Driver\Tcpip \Device\Ip IRP_MJ_SHUTDOWN [EFE3B19F] tcpip.sys
Device \Driver\Tcpip \Device\Ip IRP_MJ_LOCK_CONTROL [EFE3AF80] tcpip.sys
Device \Driver\Tcpip \Device\Ip IRP_MJ_CLEANUP [EFE3AF80] tcpip.sys
Device \Driver\Tcpip \Device\Ip IRP_MJ_CREATE_MAILSLOT [EFE3AF80] tcpip.sys
Device \Driver\Tcpip \Device\Ip IRP_MJ_QUERY_SECURITY [EFE3AF80] tcpip.sys
Device \Driver\Tcpip \Device\Ip IRP_MJ_SET_SECURITY [EFE3AF80] tcpip.sys
Device \Driver\Tcpip \Device\Ip IRP_MJ_POWER [EFE3AF80] tcpip.sys
Device \Driver\Tcpip \Device\Ip IRP_MJ_SYSTEM_CONTROL [EFE3AF80] tcpip.sys
Device \Driver\Tcpip \Device\Ip IRP_MJ_DEVICE_CHANGE [EFE3AF80] tcpip.sys
Device \Driver\Tcpip \Device\Ip IRP_MJ_QUERY_QUOTA [EFE3AF80] tcpip.sys
Device \Driver\Tcpip \Device\Ip IRP_MJ_SET_QUOTA [EFE3AF80] tcpip.sys
Device \Driver\Tcpip \Device\Ip IRP_MJ_PNP [EFE3AF80] tcpip.sys
Device \Driver\Tcpip \Device\Ip IRP_MJ_PNP_POWER [EFE3AF80] tcpip.sys
Device \Device\00000027
Device \Driver\ACPI \Device\00000040 IRP_MJ_CREATE [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\00000040 IRP_MJ_CREATE_NAMED_PIPE [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\00000040 IRP_MJ_CLOSEIRP_MJ_READ [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\00000040 IRP_MJ_WRITE [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\00000040 IRP_MJ_QUERY_INFORMATION [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\00000040 IRP_MJ_SET_INFORMATION [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\00000040 IRP_MJ_QUERY_EA [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\00000040 IRP_MJ_SET_EA [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\00000040 IRP_MJ_FLUSH_BUFFERS [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\00000040 IRP_MJ_QUERY_VOLUME_INFORMATION [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\00000040 IRP_MJ_SET_VOLUME_INFORMATION [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\00000040 IRP_MJ_DIRECTORY_CONTROL [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\00000040 IRP_MJ_FILE_SYSTEM_CONTROL [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\00000040 IRP_MJ_DEVICE_CONTROL [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\00000040 IRP_MJ_INTERNAL_DEVICE_CONTROL [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\00000040 IRP_MJ_SHUTDOWN [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\00000040 IRP_MJ_LOCK_CONTROL [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\00000040 IRP_MJ_CLEANUP [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\00000040 IRP_MJ_CREATE_MAILSLOT [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\00000040 IRP_MJ_QUERY_SECURITY [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\00000040 IRP_MJ_SET_SECURITY [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\00000040 IRP_MJ_POWER [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\00000040 IRP_MJ_SYSTEM_CONTROL [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\00000040 IRP_MJ_DEVICE_CHANGE [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\00000040 IRP_MJ_QUERY_QUOTA [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\00000040 IRP_MJ_SET_QUOTA [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\00000040 IRP_MJ_PNP [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\00000040 IRP_MJ_PNP_POWER [F84ECCB8] ACPI.sys
Device \Driver\TermDD \Device\RDP_CONSOLE0 IRP_MJ_CREATE [F85F7E58] termdd.sys
Device \Driver\TermDD \Device\RDP_CONSOLE0 IRP_MJ_CREATE_NAMED_PIPE [F85F7E58] termdd.sys
Device \Driver\TermDD \Device\RDP_CONSOLE0 IRP_MJ_CLOSEIRP_MJ_READ [F85F7E58] termdd.sys
Device \Driver\TermDD \Device\RDP_CONSOLE0 IRP_MJ_WRITE [F85F7E58] termdd.sys
Device \Driver\TermDD \Device\RDP_CONSOLE0 IRP_MJ_QUERY_INFORMATION [F85F7E58] termdd.sys
Device \Driver\TermDD \Device\RDP_CONSOLE0 IRP_MJ_SET_INFORMATION [F85F7E58] termdd.sys
Device \Driver\TermDD \Device\RDP_CONSOLE0 IRP_MJ_QUERY_EA [F85F7E58] termdd.sys
Device \Driver\TermDD \Device\RDP_CONSOLE0 IRP_MJ_SET_EA [F85F7E58] termdd.sys
Device \Driver\TermDD \Device\RDP_CONSOLE0 IRP_MJ_FLUSH_BUFFERS [F85F7E58] termdd.sys
Device \Driver\TermDD \Device\RDP_CONSOLE0 IRP_MJ_QUERY_VOLUME_INFORMATION [F85F7E58] termdd.sys
Device \Driver\TermDD \Device\RDP_CONSOLE0 IRP_MJ_SET_VOLUME_INFORMATION [F85F7E58] termdd.sys
Device \Driver\TermDD \Device\RDP_CONSOLE0 IRP_MJ_DIRECTORY_CONTROL [F85F7E58] termdd.sys
Device \Driver\TermDD \Device\RDP_CONSOLE0 IRP_MJ_FILE_SYSTEM_CONTROL [F85F7E58] termdd.sys
Device \Driver\TermDD \Device\RDP_CONSOLE0 IRP_MJ_DEVICE_CONTROL [F85F7E58] termdd.sys
Device \Driver\TermDD \Device\RDP_CONSOLE0 IRP_MJ_INTERNAL_DEVICE_CONTROL [F85F7E58] termdd.sys
Device \Driver\TermDD \Device\RDP_CONSOLE0 IRP_MJ_SHUTDOWN [F85F7E58] termdd.sys
Device \Driver\TermDD \Device\RDP_CONSOLE0 IRP_MJ_LOCK_CONTROL [F85F7E58] termdd.sys
Device \Driver\TermDD \Device\RDP_CONSOLE0 IRP_MJ_CLEANUP [F85F7E58] termdd.sys
Device \Driver\TermDD \Device\RDP_CONSOLE0 IRP_MJ_CREATE_MAILSLOT [F85F7E58] termdd.sys
Device \Driver\TermDD \Device\RDP_CONSOLE0 IRP_MJ_QUERY_SECURITY [F85F7E58] termdd.sys
Device \Driver\TermDD \Device\RDP_CONSOLE0 IRP_MJ_SET_SECURITY [F85F7E58] termdd.sys
Device \Driver\TermDD \Device\RDP_CONSOLE0 IRP_MJ_POWER [F85F7E58] termdd.sys
Device \Driver\TermDD \Device\RDP_CONSOLE0 IRP_MJ_SYSTEM_CONTROL [F85F7E58] termdd.sys
Device \Driver\TermDD \Device\RDP_CONSOLE0 IRP_MJ_DEVICE_CHANGE [F85F7E58] termdd.sys
Device \Driver\TermDD \Device\RDP_CONSOLE0 IRP_MJ_QUERY_QUOTA [F85F7E58] termdd.sys
Device \Driver\TermDD \Device\RDP_CONSOLE0 IRP_MJ_SET_QUOTA [F85F7E58] termdd.sys
Device \Driver\TermDD \Device\RDP_CONSOLE0 IRP_MJ_PNP [F85F7E58] termdd.sys
Device \Driver\TermDD \Device\RDP_CONSOLE0 IRP_MJ_PNP_POWER [F85F7E58] termdd.sys
Device \Device\00000034
Device \Driver\swenum \Device\KSENUM#00000001 IRP_MJ_CREATE [F8A57768] swenum.sys
Device \Driver\swenum \Device\KSENUM#00000001 IRP_MJ_CREATE_NAMED_PIPE [805031BE] ntoskrnl.exe
Device \Driver\swenum \Device\KSENUM#00000001 IRP_MJ_CLOSEIRP_MJ_READ [F8A57828] swenum.sys
Device \Driver\swenum \Device\KSENUM#00000001 IRP_MJ_WRITE [805031BE] ntoskrnl.exe
Device \Driver\swenum \Device\KSENUM#00000001 IRP_MJ_QUERY_INFORMATION [805031BE] ntoskrnl.exe
Device \Driver\swenum \Device\KSENUM#00000001 IRP_MJ_SET_INFORMATION [805031BE] ntoskrnl.exe
Device \Driver\swenum \Device\KSENUM#00000001 IRP_MJ_QUERY_EA [805031BE] ntoskrnl.exe
Device \Driver\swenum \Device\KSENUM#00000001 IRP_MJ_SET_EA [805031BE] ntoskrnl.exe
Device \Driver\swenum \Device\KSENUM#00000001 IRP_MJ_FLUSH_BUFFERS [805031BE] ntoskrnl.exe
Device \Driver\swenum \Device\KSENUM#00000001 IRP_MJ_QUERY_VOLUME_INFORMATION [805031BE] ntoskrnl.exe
Device \Driver\swenum \Device\KSENUM#00000001 IRP_MJ_SET_VOLUME_INFORMATION [805031BE] ntoskrnl.exe
Device \Driver\swenum \Device\KSENUM#00000001 IRP_MJ_DIRECTORY_CONTROL [805031BE] ntoskrnl.exe
Device \Driver\swenum \Device\KSENUM#00000001 IRP_MJ_FILE_SYSTEM_CONTROL [805031BE] ntoskrnl.exe
Device \Driver\swenum \Device\KSENUM#00000001 IRP_MJ_DEVICE_CONTROL [805031BE] ntoskrnl.exe
Device \Driver\swenum \Device\KSENUM#00000001 IRP_MJ_INTERNAL_DEVICE_CONTROL [F8A577D2] swenum.sys
Device \Driver\swenum \Device\KSENUM#00000001 IRP_MJ_SHUTDOWN [805031BE] ntoskrnl.exe
Device \Driver\swenum \Device\KSENUM#00000001 IRP_MJ_LOCK_CONTROL [805031BE] ntoskrnl.exe
Device \Driver\swenum \Device\KSENUM#00000001 IRP_MJ_CLEANUP [805031BE] ntoskrnl.exe
Device \Driver\swenum \Device\KSENUM#00000001 IRP_MJ_CREATE_MAILSLOT [805031BE] ntoskrnl.exe
Device \Driver\swenum \Device\KSENUM#00000001 IRP_MJ_QUERY_SECURITY [805031BE] ntoskrnl.exe
Device \Driver\swenum \Device\KSENUM#00000001 IRP_MJ_SET_SECURITY [805031BE] ntoskrnl.exe
Device \Driver\swenum \Device\KSENUM#00000001 IRP_MJ_POWER [805031BE] ntoskrnl.exe
Device \Driver\swenum \Device\KSENUM#00000001 IRP_MJ_SYSTEM_CONTROL [F8A57396] swenum.sys
Device \Driver\swenum \Device\KSENUM#00000001 IRP_MJ_DEVICE_CHANGE [F8A57332] swenum.sys
Device \Driver\swenum \Device\KSENUM#00000001 IRP_MJ_QUERY_QUOTA [805031BE] ntoskrnl.exe
Device \Driver\swenum \Device\KSENUM#00000001 IRP_MJ_SET_QUOTA [805031BE] ntoskrnl.exe
Device \Driver\swenum \Device\KSENUM#00000001 IRP_MJ_PNP [805031BE] ntoskrnl.exe
Device \Driver\swenum \Device\KSENUM#00000001 IRP_MJ_PNP_POWER [F8A57690] swenum.sys
Device \Driver\swenum \Device\KSENUM#00000002 IRP_MJ_CREATE [F8A57768] swenum.sys
Device \Driver\swenum \Device\KSENUM#00000002 IRP_MJ_CREATE_NAMED_PIPE [805031BE] ntoskrnl.exe
Device \Driver\swenum \Device\KSENUM#00000002 IRP_MJ_CLOSEIRP_MJ_READ [F8A57828] swenum.sys
Device \Driver\swenum \Device\KSENUM#00000002 IRP_MJ_WRITE [805031BE] ntoskrnl.exe
Device \Driver\swenum \Device\KSENUM#00000002 IRP_MJ_QUERY_INFORMATION [805031BE] ntoskrnl.exe
Device \Driver\swenum \Device\KSENUM#00000002 IRP_MJ_SET_INFORMATION [805031BE] ntoskrnl.exe
Device \Driver\swenum \Device\KSENUM#00000002 IRP_MJ_QUERY_EA [805031BE] ntoskrnl.exe
Device \Driver\swenum \Device\KSENUM#00000002 IRP_MJ_SET_EA [805031BE] ntoskrnl.exe
Device \Driver\swenum \Device\KSENUM#00000002 IRP_MJ_FLUSH_BUFFERS [805031BE] ntoskrnl.exe
Device \Driver\swenum \Device\KSENUM#00000002 IRP_MJ_QUERY_VOLUME_INFORMATION [805031BE] ntoskrnl.exe
Device \Driver\swenum \Device\KSENUM#00000002 IRP_MJ_SET_VOLUME_INFORMATION [805031BE] ntoskrnl.exe
Device \Driver\swenum \Device\KSENUM#00000002 IRP_MJ_DIRECTORY_CONTROL [805031BE] ntoskrnl.exe
Device \Driver\swenum \Device\KSENUM#00000002 IRP_MJ_FILE_SYSTEM_CONTROL [805031BE] ntoskrnl.exe
Device \Driver\swenum \Device\KSENUM#00000002 IRP_MJ_DEVICE_CONTROL [805031BE] ntoskrnl.exe
Device \Driver\swenum \Device\KSENUM#00000002 IRP_MJ_INTERNAL_DEVICE_CONTROL [F8A577D2] swenum.sys
Device \Driver\swenum \Device\KSENUM#00000002 IRP_MJ_SHUTDOWN [805031BE] ntoskrnl.exe
Device \Driver\swenum \Device\KSENUM#00000002 IRP_MJ_LOCK_CONTROL [805031BE] ntoskrnl.exe
Device \Driver\swenum \Device\KSENUM#00000002 IRP_MJ_CLEANUP [805031BE] ntoskrnl.exe
Device \Driver\swenum \Device\KSENUM#00000002 IRP_MJ_CREATE_MAILSLOT [805031BE] ntoskrnl.exe
Device \Driver\swenum \Device\KSENUM#00000002 IRP_MJ_QUERY_SECURITY [805031BE] ntoskrnl.exe
Device \Driver\swenum \Device\KSENUM#00000002 IRP_MJ_SET_SECURITY [805031BE] ntoskrnl.exe
Device \Driver\swenum \Device\KSENUM#00000002 IRP_MJ_POWER [805031BE] ntoskrnl.exe
Device \Driver\swenum \Device\KSENUM#00000002 IRP_MJ_SYSTEM_CONTROL [F8A57396] swenum.sys
Device \Driver\swenum \Device\KSENUM#00000002 IRP_MJ_DEVICE_CHANGE [F8A57332] swenum.sys
Device \Driver\swenum \Device\KSENUM#00000002 IRP_MJ_QUERY_QUOTA [805031BE] ntoskrnl.exe
Device \Driver\swenum \Device\KSENUM#00000002 IRP_MJ_SET_QUOTA [805031BE] ntoskrnl.exe
Device \Driver\swenum \Device\KSENUM#00000002 IRP_MJ_PNP [805031BE] ntoskrnl.exe
Device \Driver\swenum \Device\KSENUM#00000002 IRP_MJ_PNP_POWER [F8A57690] swenum.sys
Device \Device\00000028
Device \Driver\PnpManager \Device\00000035 IRP_MJ_CREATE [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000035 IRP_MJ_CREATE_NAMED_PIPE [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000035 IRP_MJ_CLOSEIRP_MJ_READ [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000035 IRP_MJ_WRITE [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000035 IRP_MJ_QUERY_INFORMATION [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000035 IRP_MJ_SET_INFORMATION [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000035 IRP_
frontrunner
Utente Junior
 
Post: 96
Iscritto il: 26/06/06 17:04

Postdi frontrunner » 30/08/06 18:20

riesco a copiare l'immagine ma poi come te la mando??

ora spacco tutto!!! :evil:
frontrunner
Utente Junior
 
Post: 96
Iscritto il: 26/06/06 17:04

Postdi frontrunner » 30/08/06 18:41

ritento in questo modo

speriamo bene
GMER 1.0.10.10122 - http://www.gmer.net
Rootkit 2006-08-30 17:36:36
Windows 5.1.2600 Service Pack 2


---- System - GMER 1.0.10 ----

SSDT \??\C:\Programmi\ewido anti-spyware 4.0\guard.sys ZwOpenProcess <-- ROOTKIT !!!
SSDT \??\C:\Programmi\ewido anti-spyware 4.0\guard.sys ZwTerminateProcess <-- ROOTKIT !!!

INT 0x00 \WINDOWS\system32\ntoskrnl.exe 804DF350
INT 0x01 \WINDOWS\system32\ntoskrnl.exe 804DF4CB
INT 0x03 \WINDOWS\system32\ntoskrnl.exe 804DF89D
INT 0x04 \WINDOWS\system32\ntoskrnl.exe 804DFA20
INT 0x05 \WINDOWS\system32\ntoskrnl.exe 804DFB81
INT 0x06 \WINDOWS\system32\ntoskrnl.exe 804DFD02
INT 0x07 \WINDOWS\system32\ntoskrnl.exe 804E036A
INT 0x09 \WINDOWS\system32\ntoskrnl.exe 804E078F
INT 0x0A \WINDOWS\system32\ntoskrnl.exe 804E08AC
INT 0x0B \WINDOWS\system32\ntoskrnl.exe 804E09E9
INT 0x0C \WINDOWS\system32\ntoskrnl.exe 804E0C42
INT 0x0D \WINDOWS\system32\ntoskrnl.exe 804E0F38
INT 0x0E \WINDOWS\system32\ntoskrnl.exe 804E164F
INT 0x0F \WINDOWS\system32\ntoskrnl.exe 804E197C
INT 0x10 \WINDOWS\system32\ntoskrnl.exe 804E1A99
INT 0x11 \WINDOWS\system32\ntoskrnl.exe 804E1BCE
INT 0x12 \WINDOWS\system32\ntoskrnl.exe 804E197C
INT 0x13 \WINDOWS\system32\ntoskrnl.exe 804E1D34
INT 0x14 \WINDOWS\system32\ntoskrnl.exe 804E197C
INT 0x15 \WINDOWS\system32\ntoskrnl.exe 804E197C
INT 0x16 \WINDOWS\system32\ntoskrnl.exe 804E197C
INT 0x17 \WINDOWS\system32\ntoskrnl.exe 804E197C
INT 0x18 \WINDOWS\system32\ntoskrnl.exe 804E197C
INT 0x19 \WINDOWS\system32\ntoskrnl.exe 804E197C
INT 0x1A \WINDOWS\system32\ntoskrnl.exe 804E197C
INT 0x1B \WINDOWS\system32\ntoskrnl.exe 804E197C
INT 0x1C \WINDOWS\system32\ntoskrnl.exe 804E197C
INT 0x1D \WINDOWS\system32\ntoskrnl.exe 804E197C
INT 0x1E \WINDOWS\system32\ntoskrnl.exe 804E197C
INT 0x1F \WINDOWS\system32\hal.dll 806EDFD0
INT 0x2A \WINDOWS\system32\ntoskrnl.exe 804DEB92
INT 0x2B \WINDOWS\system32\ntoskrnl.exe 804DEC95
INT 0x2C \WINDOWS\system32\ntoskrnl.exe 804DEE34
INT 0x2D \WINDOWS\system32\ntoskrnl.exe 804DF77C
INT 0x2E \WINDOWS\system32\ntoskrnl.exe 804DE631
INT 0x2F \WINDOWS\system32\ntoskrnl.exe 804E197C
INT 0x30 \WINDOWS\system32\ntoskrnl.exe 804DDCF0
INT 0x31 \WINDOWS\system32\ntoskrnl.exe 804DDCFA
INT 0x32 \WINDOWS\system32\ntoskrnl.exe 804DDD04
INT 0x33 \WINDOWS\system32\ntoskrnl.exe 804DDD0E
INT 0x34 \WINDOWS\system32\ntoskrnl.exe 804DDD18
INT 0x35 \WINDOWS\system32\ntoskrnl.exe 804DDD22
INT 0x36 \WINDOWS\system32\ntoskrnl.exe 804DDD2C
INT 0x37 \WINDOWS\system32\hal.dll 806ED728
INT 0x38 \WINDOWS\system32\ntoskrnl.exe 804DDD40
INT 0x39 \WINDOWS\system32\ntoskrnl.exe 804DDD4A
INT 0x3A \WINDOWS\system32\ntoskrnl.exe 804DDD54
INT 0x3B \WINDOWS\system32\ntoskrnl.exe 804DDD5E
INT 0x3C \WINDOWS\system32\ntoskrnl.exe 804DDD68
INT 0x3D \WINDOWS\system32\hal.dll 806EEB70
INT 0x3E \WINDOWS\system32\ntoskrnl.exe 804DDD7C
INT 0x3F \WINDOWS\system32\ntoskrnl.exe 804DDD86
INT 0x40 \WINDOWS\system32\ntoskrnl.exe 804DDD90
INT 0x41 \WINDOWS\system32\hal.dll 806EE9CC
INT 0x42 \WINDOWS\system32\ntoskrnl.exe 804DDDA4
INT 0x43 \WINDOWS\system32\ntoskrnl.exe 804DDDAE
INT 0x44 \WINDOWS\system32\ntoskrnl.exe 804DDDB8
INT 0x45 \WINDOWS\system32\ntoskrnl.exe 804DDDC2
INT 0x46 \WINDOWS\system32\ntoskrnl.exe 804DDDCC
INT 0x47 \WINDOWS\system32\ntoskrnl.exe 804DDDD6
INT 0x48 \WINDOWS\system32\ntoskrnl.exe 804DDDE0
INT 0x49 \WINDOWS\system32\ntoskrnl.exe 804DDDEA
INT 0x4A \WINDOWS\system32\ntoskrnl.exe 804DDDF4
INT 0x4B \WINDOWS\system32\ntoskrnl.exe 804DDDFE
INT 0x4C \WINDOWS\system32\ntoskrnl.exe 804DDE08
INT 0x4D \WINDOWS\system32\ntoskrnl.exe 804DDE12
INT 0x4E \WINDOWS\system32\ntoskrnl.exe 804DDE1C
INT 0x4F \WINDOWS\system32\ntoskrnl.exe 804DDE26
INT 0x50 \WINDOWS\system32\hal.dll 806ED800
INT 0x51 \WINDOWS\system32\ntoskrnl.exe 804DDE3A
INT 0x52 \WINDOWS\system32\ntoskrnl.exe 804DDE44
INT 0x53 \WINDOWS\system32\ntoskrnl.exe 804DDE4E
INT 0x54 \WINDOWS\system32\ntoskrnl.exe 804DDE58
INT 0x55 \WINDOWS\system32\ntoskrnl.exe 804DDE62
INT 0x56 \WINDOWS\system32\ntoskrnl.exe 804DDE6C
INT 0x57 \WINDOWS\system32\ntoskrnl.exe 804DDE76
INT 0x58 \WINDOWS\system32\ntoskrnl.exe 804DDE80
INT 0x59 \WINDOWS\system32\ntoskrnl.exe 804DDE8A
INT 0x5A \WINDOWS\system32\ntoskrnl.exe 804DDE94
INT 0x5B \WINDOWS\system32\ntoskrnl.exe 804DDE9E
INT 0x5C \WINDOWS\system32\ntoskrnl.exe 804DDEA8
INT 0x5D \WINDOWS\system32\ntoskrnl.exe 804DDEB2
INT 0x5E \WINDOWS\system32\ntoskrnl.exe 804DDEBC
INT 0x5F \WINDOWS\system32\ntoskrnl.exe 804DDEC6
INT 0x60 \WINDOWS\system32\ntoskrnl.exe 804DDED0
INT 0x61 \WINDOWS\system32\ntoskrnl.exe 804DDEDA
INT 0x64 \WINDOWS\system32\ntoskrnl.exe 804DDEF8
INT 0x65 \WINDOWS\system32\ntoskrnl.exe 804DDF02
INT 0x66 \WINDOWS\system32\ntoskrnl.exe 804DDF0C
INT 0x67 \WINDOWS\system32\ntoskrnl.exe 804DDF16
INT 0x68 \WINDOWS\system32\ntoskrnl.exe 804DDF20
INT 0x69 \WINDOWS\system32\ntoskrnl.exe 804DDF2A
INT 0x6A \WINDOWS\system32\ntoskrnl.exe 804DDF34
INT 0x6B \WINDOWS\system32\ntoskrnl.exe 804DDF3E
INT 0x6C \WINDOWS\system32\ntoskrnl.exe 804DDF48
INT 0x6D \WINDOWS\system32\ntoskrnl.exe 804DDF52
INT 0x6E \WINDOWS\system32\ntoskrnl.exe 804DDF5C
INT 0x6F \WINDOWS\system32\ntoskrnl.exe 804DDF66
INT 0x70 \WINDOWS\system32\ntoskrnl.exe 804DDF70
INT 0x71 \WINDOWS\system32\ntoskrnl.exe 804DDF7A
INT 0x72 \WINDOWS\system32\ntoskrnl.exe 804DDF84
INT 0x74 \WINDOWS\system32\ntoskrnl.exe 804DDF98
INT 0x75 \WINDOWS\system32\ntoskrnl.exe 804DDFA2
INT 0x76 \WINDOWS\system32\ntoskrnl.exe 804DDFAC
INT 0x77 \WINDOWS\system32\ntoskrnl.exe 804DDFB6
INT 0x78 \WINDOWS\system32\ntoskrnl.exe 804DDFC0
INT 0x79 \WINDOWS\system32\ntoskrnl.exe 804DDFCA
INT 0x7A \WINDOWS\system32\ntoskrnl.exe 804DDFD4
INT 0x7B \WINDOWS\system32\ntoskrnl.exe 804DDFDE
INT 0x7C \WINDOWS\system32\ntoskrnl.exe 804DDFE8
INT 0x7D \WINDOWS\system32\ntoskrnl.exe 804DDFF2
INT 0x7E \WINDOWS\system32\ntoskrnl.exe 804DDFFC
INT 0x7F \WINDOWS\system32\ntoskrnl.exe 804DE006
INT 0x80 \WINDOWS\system32\ntoskrnl.exe 804DE010
INT 0x81 \WINDOWS\system32\ntoskrnl.exe 804DE01A
INT 0x85 \WINDOWS\system32\ntoskrnl.exe 804DE042
INT 0x86 \WINDOWS\system32\ntoskrnl.exe 804DE04C
INT 0x87 \WINDOWS\system32\ntoskrnl.exe 804DE056
INT 0x88 \WINDOWS\system32\ntoskrnl.exe 804DE060
INT 0x89 \WINDOWS\system32\ntoskrnl.exe 804DE06A
INT 0x8A \WINDOWS\system32\ntoskrnl.exe 804DE074
INT 0x8B \WINDOWS\system32\ntoskrnl.exe 804DE07E
INT 0x8C \WINDOWS\system32\ntoskrnl.exe 804DE088
INT 0x8D \WINDOWS\system32\ntoskrnl.exe 804DE092
INT 0x8E \WINDOWS\system32\ntoskrnl.exe 804DE09C
INT 0x8F \WINDOWS\system32\ntoskrnl.exe 804DE0A6
INT 0x90 \WINDOWS\system32\ntoskrnl.exe 804DE0B0
INT 0x91 \WINDOWS\system32\ntoskrnl.exe 804DE0BA
INT 0x95 \WINDOWS\system32\ntoskrnl.exe 804DE0E2
INT 0x96 \WINDOWS\system32\ntoskrnl.exe 804DE0EC
INT 0x97 \WINDOWS\system32\ntoskrnl.exe 804DE0F6
INT 0x98 \WINDOWS\system32\ntoskrnl.exe 804DE100
INT 0x99 \WINDOWS\system32\ntoskrnl.exe 804DE10A
INT 0x9A \WINDOWS\system32\ntoskrnl.exe 804DE114
INT 0x9B \WINDOWS\system32\ntoskrnl.exe 804DE11E
INT 0x9C \WINDOWS\system32\ntoskrnl.exe 804DE128
INT 0x9D \WINDOWS\system32\ntoskrnl.exe 804DE132
INT 0x9E \WINDOWS\system32\ntoskrnl.exe 804DE13C
INT 0x9F \WINDOWS\system32\ntoskrnl.exe 804DE146
INT 0xA0 \WINDOWS\system32\ntoskrnl.exe 804DE150
INT 0xA1 \WINDOWS\system32\ntoskrnl.exe 804DE15A
INT 0xA2 \WINDOWS\system32\ntoskrnl.exe 804DE164
INT 0xA5 \WINDOWS\system32\ntoskrnl.exe 804DE182
INT 0xA6 \WINDOWS\system32\ntoskrnl.exe 804DE18C
INT 0xA7 \WINDOWS\system32\ntoskrnl.exe 804DE196
INT 0xA8 \WINDOWS\system32\ntoskrnl.exe 804DE1A0
INT 0xA9 \WINDOWS\system32\ntoskrnl.exe 804DE1AA
INT 0xAA \WINDOWS\system32\ntoskrnl.exe 804DE1B4
INT 0xAB \WINDOWS\system32\ntoskrnl.exe 804DE1BE
INT 0xAC \WINDOWS\system32\ntoskrnl.exe 804DE1C8
INT 0xAD \WINDOWS\system32\ntoskrnl.exe 804DE1D2
INT 0xAE \WINDOWS\system32\ntoskrnl.exe 804DE1DC
INT 0xAF \WINDOWS\system32\ntoskrnl.exe 804DE1E6
INT 0xB0 \WINDOWS\system32\ntoskrnl.exe 804DE1F0
INT 0xB3 \WINDOWS\system32\ntoskrnl.exe 804DE20E
INT 0xB5 \WINDOWS\system32\ntoskrnl.exe 804DE222
INT 0xB6 \WINDOWS\system32\ntoskrnl.exe 804DE22C
INT 0xB7 \WINDOWS\system32\ntoskrnl.exe 804DE236
INT 0xB8 \WINDOWS\system32\ntoskrnl.exe 804DE240
INT 0xB9 \WINDOWS\system32\ntoskrnl.exe 804DE24A
INT 0xBA \WINDOWS\system32\ntoskrnl.exe 804DE254
INT 0xBB \WINDOWS\system32\ntoskrnl.exe 804DE25E
INT 0xBC \WINDOWS\system32\ntoskrnl.exe 804DE268
INT 0xBD \WINDOWS\system32\ntoskrnl.exe 804DE272
INT 0xBE \WINDOWS\system32\ntoskrnl.exe 804DE27C
INT 0xBF \WINDOWS\system32\ntoskrnl.exe 804DE286
INT 0xC0 \WINDOWS\system32\ntoskrnl.exe 804DE290
INT 0xC1 \WINDOWS\system32\hal.dll 806ED984
INT 0xC2 \WINDOWS\system32\ntoskrnl.exe 804DE2A4
INT 0xC3 \WINDOWS\system32\ntoskrnl.exe 804DE2AE
INT 0xC4 \WINDOWS\system32\ntoskrnl.exe 804DE2B8
INT 0xC5 \WINDOWS\system32\ntoskrnl.exe 804DE2C2
INT 0xC6 \WINDOWS\system32\ntoskrnl.exe 804DE2CC
INT 0xC7 \WINDOWS\system32\ntoskrnl.exe 804DE2D6
INT 0xC8 \WINDOWS\system32\ntoskrnl.exe 804DE2E0
INT 0xC9 \WINDOWS\system32\ntoskrnl.exe 804DE2EA
INT 0xCA \WINDOWS\system32\ntoskrnl.exe 804DE2F4
INT 0xCB \WINDOWS\system32\ntoskrnl.exe 804DE2FE
INT 0xCC \WINDOWS\system32\ntoskrnl.exe 804DE308
INT 0xCD \WINDOWS\system32\ntoskrnl.exe 804DE312
INT 0xCE \WINDOWS\system32\ntoskrnl.exe 804DE31C
INT 0xCF \WINDOWS\system32\ntoskrnl.exe 804DE326
INT 0xD0 \WINDOWS\system32\ntoskrnl.exe 804DE330
INT 0xD1 \WINDOWS\system32\hal.dll 806ECD34
INT 0xD2 \WINDOWS\system32\ntoskrnl.exe 804DE344
INT 0xD3 \WINDOWS\system32\ntoskrnl.exe 804DE34E
INT 0xD4 \WINDOWS\system32\ntoskrnl.exe 804DE358
INT 0xD5 \WINDOWS\system32\ntoskrnl.exe 804DE362
INT 0xD6 \WINDOWS\system32\ntoskrnl.exe 804DE36C
INT 0xD7 \WINDOWS\system32\ntoskrnl.exe 804DE376
INT 0xD8 \WINDOWS\system32\ntoskrnl.exe 804DE380
INT 0xD9 \WINDOWS\system32\ntoskrnl.exe 804DE38A
INT 0xDA \WINDOWS\system32\ntoskrnl.exe 804DE394
INT 0xDB \WINDOWS\system32\ntoskrnl.exe 804DE39E
INT 0xDC \WINDOWS\system32\ntoskrnl.exe 804DE3A8
INT 0xDD \WINDOWS\system32\ntoskrnl.exe 804DE3B2
INT 0xDE \WINDOWS\system32\ntoskrnl.exe 804DE3BC
INT 0xDF \WINDOWS\system32\ntoskrnl.exe 804DE3C6
INT 0xE0 \WINDOWS\system32\ntoskrnl.exe 804DE3D0
INT 0xE1 \WINDOWS\system32\hal.dll 806EDF0C
INT 0xE2 \WINDOWS\system32\ntoskrnl.exe 804DE3E4
INT 0xE3 \WINDOWS\system32\hal.dll 806EDC70
INT 0xE4 \WINDOWS\system32\ntoskrnl.exe 804DE3F8
INT 0xE5 \WINDOWS\system32\ntoskrnl.exe 804DE402
INT 0xE6 \WINDOWS\system32\ntoskrnl.exe 804DE40C
INT 0xE7 \WINDOWS\system32\ntoskrnl.exe 804DE416
INT 0xE8 \WINDOWS\system32\ntoskrnl.exe 804DE420
INT 0xE9 \WINDOWS\system32\ntoskrnl.exe 804DE42A
INT 0xEA \WINDOWS\system32\ntoskrnl.exe 804DE434
INT 0xEB \WINDOWS\system32\ntoskrnl.exe 804DE43E
INT 0xEC \WINDOWS\system32\ntoskrnl.exe 804DE448
INT 0xED \WINDOWS\system32\ntoskrnl.exe 804DE452
INT 0xEE \WINDOWS\system32\ntoskrnl.exe 804DE459
INT 0xEF \WINDOWS\system32\ntoskrnl.exe 804DE460
INT 0xF0 \WINDOWS\system32\ntoskrnl.exe 804DE467
INT 0xF1 \WINDOWS\system32\ntoskrnl.exe 804DE46E
INT 0xF2 \WINDOWS\system32\ntoskrnl.exe 804DE475
INT 0xF3 \WINDOWS\system32\ntoskrnl.exe 804DE47C
INT 0xF4 \WINDOWS\system32\ntoskrnl.exe 804DE483
INT 0xF5 \WINDOWS\system32\ntoskrnl.exe 804DE48A
INT 0xF6 \WINDOWS\system32\ntoskrnl.exe 804DE491
INT 0xF7 \WINDOWS\system32\ntoskrnl.exe 804DE498
INT 0xF8 \WINDOWS\system32\ntoskrnl.exe 804DE49F
INT 0xF9 \WINDOWS\system32\ntoskrnl.exe 804DE4A6
INT 0xFA \WINDOWS\system32\ntoskrnl.exe 804DE4AD
INT 0xFB \WINDOWS\system32\ntoskrnl.exe 804DE4B4
INT 0xFC \WINDOWS\system32\ntoskrnl.exe 804DE4BB
INT 0xFD \WINDOWS\system32\hal.dll 806EE464
INT 0xFE \WINDOWS\system32\hal.dll 806EE604
INT 0xFF \WINDOWS\system32\ntoskrnl.exe 804DE4D0

SYSENTER \WINDOWS\system32\ntoskrnl.exe 804DE6F0
frontrunner
Utente Junior
 
Post: 96
Iscritto il: 26/06/06 17:04

Postdi frontrunner » 30/08/06 18:43

---- Devices - GMER 1.0.10 ----

Device \FileSystem\Ntfs \Ntfs IRP_MJ_CREATE [F83DAE37] Ntfs.sys
Device \FileSystem\Ntfs \Ntfs IRP_MJ_CREATE_NAMED_PIPE [805031BE] ntoskrnl.exe
Device \FileSystem\Ntfs \Ntfs IRP_MJ_CLOSEIRP_MJ_READ [F83DA320] Ntfs.sys
Device \FileSystem\Ntfs \Ntfs IRP_MJ_WRITE [F83B7EE4] Ntfs.sys
Device \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_INFORMATION [F83B6BCA] Ntfs.sys
Device \FileSystem\Ntfs \Ntfs IRP_MJ_SET_INFORMATION [F83DB4D1] Ntfs.sys
Device \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_EA [F83B8A58] Ntfs.sys
Device \FileSystem\Ntfs \Ntfs IRP_MJ_SET_EA [F83DB4D1] Ntfs.sys
Device \FileSystem\Ntfs \Ntfs IRP_MJ_FLUSH_BUFFERS [F83DB4D1] Ntfs.sys
Device \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_VOLUME_INFORMATION [F83E0A68] Ntfs.sys
Device \FileSystem\Ntfs \Ntfs IRP_MJ_SET_VOLUME_INFORMATION [F83DB61C] Ntfs.sys
Device \FileSystem\Ntfs \Ntfs IRP_MJ_DIRECTORY_CONTROL [F83DB61C] Ntfs.sys
Device \FileSystem\Ntfs \Ntfs IRP_MJ_FILE_SYSTEM_CONTROL [F83DD2C3] Ntfs.sys
Device \FileSystem\Ntfs \Ntfs IRP_MJ_DEVICE_CONTROL [F83E26D5] Ntfs.sys
Device \FileSystem\Ntfs \Ntfs IRP_MJ_INTERNAL_DEVICE_CONTROL [F83DB61C] Ntfs.sys
Device \FileSystem\Ntfs \Ntfs IRP_MJ_SHUTDOWN [805031BE] ntoskrnl.exe
Device \FileSystem\Ntfs \Ntfs IRP_MJ_LOCK_CONTROL [F83C9621] Ntfs.sys
Device \FileSystem\Ntfs \Ntfs IRP_MJ_CLEANUP [F842EB11] Ntfs.sys
Device \FileSystem\Ntfs \Ntfs IRP_MJ_CREATE_MAILSLOT [F83DACEE] Ntfs.sys
Device \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_SECURITY [805031BE] ntoskrnl.exe
Device \FileSystem\Ntfs \Ntfs IRP_MJ_SET_SECURITY [F83DB61C] Ntfs.sys
Device \FileSystem\Ntfs \Ntfs IRP_MJ_POWER [F83DB61C] Ntfs.sys
Device \FileSystem\Ntfs \Ntfs IRP_MJ_SYSTEM_CONTROL [805031BE] ntoskrnl.exe
Device \FileSystem\Ntfs \Ntfs IRP_MJ_DEVICE_CHANGE [805031BE] ntoskrnl.exe
Device \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_QUOTA [805031BE] ntoskrnl.exe
Device \FileSystem\Ntfs \Ntfs IRP_MJ_SET_QUOTA [F83DB4D1] Ntfs.sys
Device \FileSystem\Ntfs \Ntfs IRP_MJ_PNP [F83DB4D1] Ntfs.sys
Device \FileSystem\Ntfs \Ntfs IRP_MJ_PNP_POWER [F83F9F3F] Ntfs.sys
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_CREATE [EFC4CC8A] Fastfat.SYS
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_CREATE_NAMED_PIPE [805031BE] ntoskrnl.exe
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_CLOSEIRP_MJ_READ [EFC497C8] Fastfat.SYS
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_WRITE [EFC4560A] Fastfat.SYS
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_QUERY_INFORMATION [EFC45AED] Fastfat.SYS
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_SET_INFORMATION [EFC50958] Fastfat.SYS
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_QUERY_EA [EFC53821] Fastfat.SYS
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_SET_EA [EFC5C38A] Fastfat.SYS
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_FLUSH_BUFFERS [EFC5BD49] Fastfat.SYS
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_QUERY_VOLUME_INFORMATION [EFC55BBE] Fastfat.SYS
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_SET_VOLUME_INFORMATION [EFC56331] Fastfat.SYS
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_DIRECTORY_CONTROL [EFC644F4] Fastfat.SYS
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_FILE_SYSTEM_CONTROL [EFC4CB37] Fastfat.SYS
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_DEVICE_CONTROL [EFC48948] Fastfat.SYS
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_INTERNAL_DEVICE_CONTROL [EFC5246B] Fastfat.SYS
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_SHUTDOWN [805031BE] ntoskrnl.exe
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_LOCK_CONTROL [EFC6379D] Fastfat.SYS
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_CLEANUP [EFC62C4A] Fastfat.SYS
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_CREATE_MAILSLOT [EFC492FD] Fastfat.SYS
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_QUERY_SECURITY [805031BE] ntoskrnl.exe
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_SET_SECURITY [805031BE] ntoskrnl.exe
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_POWER [805031BE] ntoskrnl.exe
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_SYSTEM_CONTROL [805031BE] ntoskrnl.exe
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_DEVICE_CHANGE [805031BE] ntoskrnl.exe
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_QUERY_QUOTA [805031BE] ntoskrnl.exe
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_SET_QUOTA [805031BE] ntoskrnl.exe
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_PNP [805031BE] ntoskrnl.exe
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_PNP_POWER [EFC631DB] Fastfat.SYS
Device \FileSystem\Mup \Dfs IRP_MJ_CREATE [F8372A80] Mup.sys
Device \FileSystem\Mup \Dfs IRP_MJ_CREATE_NAMED_PIPE [F8372A80] Mup.sys
Device \FileSystem\Mup \Dfs IRP_MJ_CLOSEIRP_MJ_READ [F8377A76] Mup.sys
Device \FileSystem\Mup \Dfs IRP_MJ_WRITE [F836F52D] Mup.sys
Device \FileSystem\Mup \Dfs IRP_MJ_QUERY_INFORMATION [F8374159] Mup.sys
Device \FileSystem\Mup \Dfs IRP_MJ_SET_INFORMATION [F837FB88] Mup.sys
Device \FileSystem\Mup \Dfs IRP_MJ_QUERY_EA [F837FDF2] Mup.sys
Device \FileSystem\Mup \Dfs IRP_MJ_SET_EA [F836F52D] Mup.sys
Device \FileSystem\Mup \Dfs IRP_MJ_FLUSH_BUFFERS [F836F52D] Mup.sys
Device \FileSystem\Mup \Dfs IRP_MJ_QUERY_VOLUME_INFORMATION [F836F52D] Mup.sys
Device \FileSystem\Mup \Dfs IRP_MJ_SET_VOLUME_INFORMATION [F8384492] Mup.sys
Device \FileSystem\Mup \Dfs IRP_MJ_DIRECTORY_CONTROL [F8384585] Mup.sys
Device \FileSystem\Mup \Dfs IRP_MJ_FILE_SYSTEM_CONTROL [F836F52D] Mup.sys
Device \FileSystem\Mup \Dfs IRP_MJ_DEVICE_CONTROL [F83775D2] Mup.sys
Device \FileSystem\Mup \Dfs IRP_MJ_INTERNAL_DEVICE_CONTROL [F836F52D] Mup.sys
Device \FileSystem\Mup \Dfs IRP_MJ_SHUTDOWN [F836F52D] Mup.sys
Device \FileSystem\Mup \Dfs IRP_MJ_LOCK_CONTROL [F837F33D] Mup.sys
Device \FileSystem\Mup \Dfs IRP_MJ_CLEANUP [F836F52D] Mup.sys
Device \FileSystem\Mup \Dfs IRP_MJ_CREATE_MAILSLOT [F8377AB9] Mup.sys
Device \FileSystem\Mup \Dfs IRP_MJ_QUERY_SECURITY [F8372A80] Mup.sys
Device \FileSystem\Mup \Dfs IRP_MJ_SET_SECURITY [F836F52D] Mup.sys
Device \FileSystem\Mup \Dfs IRP_MJ_POWER [F836F52D] Mup.sys
Device \FileSystem\Mup \Dfs IRP_MJ_SYSTEM_CONTROL [F836F52D] Mup.sys
Device \FileSystem\Mup \Dfs IRP_MJ_DEVICE_CHANGE [F836E35A] Mup.sys
Device \FileSystem\Mup \Dfs IRP_MJ_QUERY_QUOTA [F836F52D] Mup.sys
Device \FileSystem\Mup \Dfs IRP_MJ_SET_QUOTA [F836F52D] Mup.sys
Device \FileSystem\Mup \Dfs IRP_MJ_PNP [F836F52D] Mup.sys
Device \FileSystem\Mup \Dfs IRP_MJ_PNP_POWER [F836F52D] Mup.sys
Device \Driver\NDIS \Device\Ndis IRP_MJ_CREATE [F8390982] NDIS.sys
Device \Driver\NDIS \Device\Ndis IRP_MJ_CREATE_NAMED_PIPE [F8390982] NDIS.sys
Device \Driver\NDIS \Device\Ndis IRP_MJ_CLOSEIRP_MJ_READ [F8390982] NDIS.sys
Device \Driver\NDIS \Device\Ndis IRP_MJ_WRITE [F8390982] NDIS.sys
Device \Driver\NDIS \Device\Ndis IRP_MJ_QUERY_INFORMATION [F8390982] NDIS.sys
Device \Driver\NDIS \Device\Ndis IRP_MJ_SET_INFORMATION [F8390982] NDIS.sys
Device \Driver\NDIS \Device\Ndis IRP_MJ_QUERY_EA [F8390982] NDIS.sys
Device \Driver\NDIS \Device\Ndis IRP_MJ_SET_EA [F8390982] NDIS.sys
Device \Driver\NDIS \Device\Ndis IRP_MJ_FLUSH_BUFFERS [F8390982] NDIS.sys
Device \Driver\NDIS \Device\Ndis IRP_MJ_QUERY_VOLUME_INFORMATION [F8390982] NDIS.sys
Device \Driver\NDIS \Device\Ndis IRP_MJ_SET_VOLUME_INFORMATION [F8390982] NDIS.sys
Device \Driver\NDIS \Device\Ndis IRP_MJ_DIRECTORY_CONTROL [F8390982] NDIS.sys
Device \Driver\NDIS \Device\Ndis IRP_MJ_FILE_SYSTEM_CONTROL [F8390982] NDIS.sys
Device \Driver\NDIS \Device\Ndis IRP_MJ_DEVICE_CONTROL [F8390982] NDIS.sys
Device \Driver\NDIS \Device\Ndis IRP_MJ_INTERNAL_DEVICE_CONTROL [F8390982] NDIS.sys
Device \Driver\NDIS \Device\Ndis IRP_MJ_SHUTDOWN [F8390982] NDIS.sys
Device \Driver\NDIS \Device\Ndis IRP_MJ_LOCK_CONTROL [F8390982] NDIS.sys
Device \Driver\NDIS \Device\Ndis IRP_MJ_CLEANUP [F8390982] NDIS.sys
Device \Driver\NDIS \Device\Ndis IRP_MJ_CREATE_MAILSLOT [F8390982] NDIS.sys
Device \Driver\NDIS \Device\Ndis IRP_MJ_QUERY_SECURITY [F8390982] NDIS.sys
Device \Driver\NDIS \Device\Ndis IRP_MJ_SET_SECURITY [F8390982] NDIS.sys
Device \Driver\NDIS \Device\Ndis IRP_MJ_POWER [F8390982] NDIS.sys
Device \Driver\NDIS \Device\Ndis IRP_MJ_SYSTEM_CONTROL [F8390982] NDIS.sys
Device \Driver\NDIS \Device\Ndis IRP_MJ_DEVICE_CHANGE [F8390982] NDIS.sys
Device \Driver\NDIS \Device\Ndis IRP_MJ_QUERY_QUOTA [F8390982] NDIS.sys
Device \Driver\NDIS \Device\Ndis IRP_MJ_SET_QUOTA [F8390982] NDIS.sys
Device \Driver\NDIS \Device\Ndis IRP_MJ_PNP [F8390982] NDIS.sys
Device \Driver\NDIS \Device\Ndis IRP_MJ_PNP_POWER [F8390982] NDIS.sys
Device \Driver\KSecDD \Device\KsecDD IRP_MJ_CREATE [F8448D62] KSecDD.sys
Device \Driver\KSecDD \Device\KsecDD IRP_MJ_CREATE_NAMED_PIPE [805031BE] ntoskrnl.exe
Device \Driver\KSecDD \Device\KsecDD IRP_MJ_CLOSEIRP_MJ_READ [F8448D62] KSecDD.sys
Device \Driver\KSecDD \Device\KsecDD IRP_MJ_WRITE [F8448D62] KSecDD.sys
Device \Driver\KSecDD \Device\KsecDD IRP_MJ_QUERY_INFORMATION [F8448D62] KSecDD.sys
Device \Driver\KSecDD \Device\KsecDD IRP_MJ_SET_INFORMATION [F8448D62] KSecDD.sys
Device \Driver\KSecDD \Device\KsecDD IRP_MJ_QUERY_EA [805031BE] ntoskrnl.exe
Device \Driver\KSecDD \Device\KsecDD IRP_MJ_SET_EA [805031BE] ntoskrnl.exe
Device \Driver\KSecDD \Device\KsecDD IRP_MJ_FLUSH_BUFFERS [805031BE] ntoskrnl.exe
Device \Driver\KSecDD \Device\KsecDD IRP_MJ_QUERY_VOLUME_INFORMATION [805031BE] ntoskrnl.exe
Device \Driver\KSecDD \Device\KsecDD IRP_MJ_SET_VOLUME_INFORMATION [F8448D62] KSecDD.sys
Device \Driver\KSecDD \Device\KsecDD IRP_MJ_DIRECTORY_CONTROL [805031BE] ntoskrnl.exe
Device \Driver\KSecDD \Device\KsecDD IRP_MJ_FILE_SYSTEM_CONTROL [805031BE] ntoskrnl.exe
Device \Driver\KSecDD \Device\KsecDD IRP_MJ_DEVICE_CONTROL [805031BE] ntoskrnl.exe
Device \Driver\KSecDD \Device\KsecDD IRP_MJ_INTERNAL_DEVICE_CONTROL [F8448D62] KSecDD.sys
Device \Driver\KSecDD \Device\KsecDD IRP_MJ_SHUTDOWN [805031BE] ntoskrnl.exe
Device \Driver\KSecDD \Device\KsecDD IRP_MJ_LOCK_CONTROL [805031BE] ntoskrnl.exe
Device \Driver\KSecDD \Device\KsecDD IRP_MJ_CLEANUP [805031BE] ntoskrnl.exe
Device \Driver\KSecDD \Device\KsecDD IRP_MJ_CREATE_MAILSLOT [805031BE] ntoskrnl.exe
Device \Driver\KSecDD \Device\KsecDD IRP_MJ_QUERY_SECURITY [805031BE] ntoskrnl.exe
Device \Driver\KSecDD \Device\KsecDD IRP_MJ_SET_SECURITY [805031BE] ntoskrnl.exe
Device \Driver\KSecDD \Device\KsecDD IRP_MJ_POWER [805031BE] ntoskrnl.exe
Device \Driver\KSecDD \Device\KsecDD IRP_MJ_SYSTEM_CONTROL [805031BE] ntoskrnl.exe
Device \Driver\KSecDD \Device\KsecDD IRP_MJ_DEVICE_CHANGE [805031BE] ntoskrnl.exe
Device \Driver\KSecDD \Device\KsecDD IRP_MJ_QUERY_QUOTA [805031BE] ntoskrnl.exe
Device \Driver\KSecDD \Device\KsecDD IRP_MJ_SET_QUOTA [805031BE] ntoskrnl.exe
Device \Driver\KSecDD \Device\KsecDD IRP_MJ_PNP [805031BE] ntoskrnl.exe
Device \Driver\KSecDD \Device\KsecDD IRP_MJ_PNP_POWER [805031BE] ntoskrnl.exe
Device \Device\00000019
Device \Device\00000025
Device \Driver\PnpManager \Device\00000032 IRP_MJ_CREATE [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000032 IRP_MJ_CREATE_NAMED_PIPE [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000032 IRP_MJ_CLOSEIRP_MJ_READ [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000032 IRP_MJ_WRITE [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000032 IRP_MJ_QUERY_INFORMATION [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000032 IRP_MJ_SET_INFORMATION [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000032 IRP_MJ_QUERY_EA [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000032 IRP_MJ_SET_EA [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000032 IRP_MJ_FLUSH_BUFFERS [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000032 IRP_MJ_QUERY_VOLUME_INFORMATION [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000032 IRP_MJ_SET_VOLUME_INFORMATION [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000032 IRP_MJ_DIRECTORY_CONTROL [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000032 IRP_MJ_FILE_SYSTEM_CONTROL [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000032 IRP_MJ_DEVICE_CONTROL [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000032 IRP_MJ_INTERNAL_DEVICE_CONTROL [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000032 IRP_MJ_SHUTDOWN [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000032 IRP_MJ_LOCK_CONTROL [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000032 IRP_MJ_CLEANUP [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000032 IRP_MJ_CREATE_MAILSLOT [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000032 IRP_MJ_QUERY_SECURITY [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000032 IRP_MJ_SET_SECURITY [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000032 IRP_MJ_POWER [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000032 IRP_MJ_SYSTEM_CONTROL [80531651] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000032 IRP_MJ_DEVICE_CHANGE [8061DEEF] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000032 IRP_MJ_QUERY_QUOTA [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000032 IRP_MJ_SET_QUOTA [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000032 IRP_MJ_PNP [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000032 IRP_MJ_PNP_POWER [805AD182] ntoskrnl.exe
Device \Driver\Beep \Device\Beep IRP_MJ_CREATE [F8A6746A] Beep.SYS
Device \Driver\Beep \Device\Beep IRP_MJ_CREATE_NAMED_PIPE [805031BE] ntoskrnl.exe
Device \Driver\Beep \Device\Beep IRP_MJ_CLOSEIRP_MJ_READ [F8A674B8] Beep.SYS
Device \Driver\Beep \Device\Beep IRP_MJ_WRITE [805031BE] ntoskrnl.exe
Device \Driver\Beep \Device\Beep IRP_MJ_QUERY_INFORMATION [805031BE] ntoskrnl.exe
Device \Driver\Beep \Device\Beep IRP_MJ_SET_INFORMATION [805031BE] ntoskrnl.exe
Device \Driver\Beep \Device\Beep IRP_MJ_QUERY_EA [805031BE] ntoskrnl.exe
Device \Driver\Beep \Device\Beep IRP_MJ_SET_EA [805031BE] ntoskrnl.exe
Device \Driver\Beep \Device\Beep IRP_MJ_FLUSH_BUFFERS [805031BE] ntoskrnl.exe
Device \Driver\Beep \Device\Beep IRP_MJ_QUERY_VOLUME_INFORMATION [805031BE] ntoskrnl.exe
Device \Driver\Beep \Device\Beep IRP_MJ_SET_VOLUME_INFORMATION [805031BE] ntoskrnl.exe
Device \Driver\Beep \Device\Beep IRP_MJ_DIRECTORY_CONTROL [805031BE] ntoskrnl.exe
Device \Driver\Beep \Device\Beep IRP_MJ_FILE_SYSTEM_CONTROL [805031BE] ntoskrnl.exe
Device \Driver\Beep \Device\Beep IRP_MJ_DEVICE_CONTROL [805031BE] ntoskrnl.exe
Device \Driver\Beep \Device\Beep IRP_MJ_INTERNAL_DEVICE_CONTROL [F8A67400] Beep.SYS
Device \Driver\Beep \Device\Beep IRP_MJ_SHUTDOWN [805031BE] ntoskrnl.exe
Device \Driver\Beep \Device\Beep IRP_MJ_LOCK_CONTROL [805031BE] ntoskrnl.exe
Device \Driver\Beep \Device\Beep IRP_MJ_CLEANUP [805031BE] ntoskrnl.exe
Device \Driver\Beep \Device\Beep IRP_MJ_CREATE_MAILSLOT [F8A67354] Beep.SYS
Device \Driver\Beep \Device\Beep IRP_MJ_QUERY_SECURITY [805031BE] ntoskrnl.exe
Device \Driver\Beep \Device\Beep IRP_MJ_SET_SECURITY [805031BE] ntoskrnl.exe
Device \Driver\Beep \Device\Beep IRP_MJ_POWER [805031BE] ntoskrnl.exe
Device \Driver\Beep \Device\Beep IRP_MJ_SYSTEM_CONTROL [805031BE] ntoskrnl.exe
Device \Driver\Beep \Device\Beep IRP_MJ_DEVICE_CHANGE [805031BE] ntoskrnl.exe
Device \Driver\Beep \Device\Beep IRP_MJ_QUERY_QUOTA [805031BE] ntoskrnl.exe
Device \Driver\Beep \Device\Beep IRP_MJ_SET_QUOTA [805031BE] ntoskrnl.exe
Device \Driver\Beep \Device\Beep IRP_MJ_PNP [805031BE] ntoskrnl.exe
Device \Driver\Beep \Device\Beep IRP_MJ_PNP_POWER [805031BE] ntoskrnl.exe
Device \Device\00000026
Device \Driver\PnpManager \Device\00000033 IRP_MJ_CREATE [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000033 IRP_MJ_CREATE_NAMED_PIPE [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000033 IRP_MJ_CLOSEIRP_MJ_READ [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000033 IRP_MJ_WRITE [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000033 IRP_MJ_QUERY_INFORMATION [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000033 IRP_MJ_SET_INFORMATION [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000033 IRP_MJ_QUERY_EA [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000033 IRP_MJ_SET_EA [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000033 IRP_MJ_FLUSH_BUFFERS [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000033 IRP_MJ_QUERY_VOLUME_INFORMATION [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000033 IRP_MJ_SET_VOLUME_INFORMATION [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000033 IRP_MJ_DIRECTORY_CONTROL [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000033 IRP_MJ_FILE_SYSTEM_CONTROL [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000033 IRP_MJ_DEVICE_CONTROL [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000033 IRP_MJ_INTERNAL_DEVICE_CONTROL [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000033 IRP_MJ_SHUTDOWN [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000033 IRP_MJ_LOCK_CONTROL [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000033 IRP_MJ_CLEANUP [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000033 IRP_MJ_CREATE_MAILSLOT [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000033 IRP_MJ_QUERY_SECURITY [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000033 IRP_MJ_SET_SECURITY [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000033 IRP_MJ_POWER [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000033 IRP_MJ_SYSTEM_CONTROL [80531651] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000033 IRP_MJ_DEVICE_CHANGE [8061DEEF] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000033 IRP_MJ_QUERY_QUOTA [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000033 IRP_MJ_SET_QUOTA [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000033 IRP_MJ_PNP [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000033 IRP_MJ_PNP_POWER [805AD182] ntoskrnl.exe
Device \FileSystem\NetBIOS \Device\Netbios IRP_MJ_CREATE [F866BCCE] netbios.sys
Device \FileSystem\NetBIOS \Device\Netbios IRP_MJ_CREATE_NAMED_PIPE [805031BE] ntoskrnl.exe
Device \FileSystem\NetBIOS \Device\Netbios IRP_MJ_CLOSEIRP_MJ_READ [F866BCCE] netbios.sys
Device \FileSystem\NetBIOS \Device\Netbios IRP_MJ_WRITE [805031BE] ntoskrnl.exe
Device \FileSystem\NetBIOS \Device\Netbios IRP_MJ_QUERY_INFORMATION [805031BE] ntoskrnl.exe
Device \FileSystem\NetBIOS \Device\Netbios IRP_MJ_SET_INFORMATION [805031BE] ntoskrnl.exe
Device \FileSystem\NetBIOS \Device\Netbios IRP_MJ_QUERY_EA [805031BE] ntoskrnl.exe
Device \FileSystem\NetBIOS \Device\Netbios IRP_MJ_SET_EA [805031BE] ntoskrnl.exe
Device \FileSystem\NetBIOS \Device\Netbios IRP_MJ_FLUSH_BUFFERS [805031BE] ntoskrnl.exe
Device \FileSystem\NetBIOS \Device\Netbios IRP_MJ_QUERY_VOLUME_INFORMATION [805031BE] ntoskrnl.exe
Device \FileSystem\NetBIOS \Device\Netbios IRP_MJ_SET_VOLUME_INFORMATION [805031BE] ntoskrnl.exe
Device \FileSystem\NetBIOS \Device\Netbios IRP_MJ_DIRECTORY_CONTROL [805031BE] ntoskrnl.exe
Device \FileSystem\NetBIOS \Device\Netbios IRP_MJ_FILE_SYSTEM_CONTROL [805031BE] ntoskrnl.exe
Device \FileSystem\NetBIOS \Device\Netbios IRP_MJ_DEVICE_CONTROL [805031BE] ntoskrnl.exe
Device \FileSystem\NetBIOS \Device\Netbios IRP_MJ_INTERNAL_DEVICE_CONTROL [F866BCCE] netbios.sys
Device \FileSystem\NetBIOS \Device\Netbios IRP_MJ_SHUTDOWN [805031BE] ntoskrnl.exe
Device \FileSystem\NetBIOS \Device\Netbios IRP_MJ_LOCK_CONTROL [805031BE] ntoskrnl.exe
Device \FileSystem\NetBIOS \Device\Netbios IRP_MJ_CLEANUP [805031BE] ntoskrnl.exe
Device \FileSystem\NetBIOS \Device\Netbios IRP_MJ_CREATE_MAILSLOT [F866BCCE] netbios.sys
Device \FileSystem\NetBIOS \Device\Netbios IRP_MJ_QUERY_SECURITY [805031BE] ntoskrnl.exe
Device \FileSystem\NetBIOS \Device\Netbios IRP_MJ_SET_SECURITY [805031BE] ntoskrnl.exe
Device \FileSystem\NetBIOS \Device\Netbios IRP_MJ_POWER [805031BE] ntoskrnl.exe
Device \FileSystem\NetBIOS \Device\Netbios IRP_MJ_SYSTEM_CONTROL [805031BE] ntoskrnl.exe
Device \FileSystem\NetBIOS \Device\Netbios IRP_MJ_DEVICE_CHANGE [805031BE] ntoskrnl.exe
Device \FileSystem\NetBIOS \Device\Netbios IRP_MJ_QUERY_QUOTA [805031BE] ntoskrnl.exe
Device \FileSystem\NetBIOS \Device\Netbios IRP_MJ_SET_QUOTA [805031BE] ntoskrnl.exe
Device \FileSystem\NetBIOS \Device\Netbios IRP_MJ_PNP [805031BE] ntoskrnl.exe
Device \FileSystem\NetBIOS \Device\Netbios IRP_MJ_PNP_POWER [805031BE] ntoskrnl.exe
Device \Driver\Tcpip \Device\Ip IRP_MJ_CREATE [EFE3AF80] tcpip.sys
Device \Driver\Tcpip \Device\Ip IRP_MJ_CREATE_NAMED_PIPE [EFE3AF80] tcpip.sys
Device \Driver\Tcpip \Device\Ip IRP_MJ_CLOSEIRP_MJ_READ [EFE3AF80] tcpip.sys
Device \Driver\Tcpip \Device\Ip IRP_MJ_WRITE [EFE3AF80] tcpip.sys
Device \Driver\Tcpip \Device\Ip IRP_MJ_QUERY_INFORMATION [EFE3AF80] tcpip.sys
Device \Driver\Tcpip \Device\Ip IRP_MJ_SET_INFORMATION [EFE3AF80] tcpip.sys
Device \Driver\Tcpip \Device\Ip IRP_MJ_QUERY_EA [EFE3AF80] tcpip.sys
Device \Driver\Tcpip \Device\Ip IRP_MJ_SET_EA [EFE3AF80] tcpip.sys
Device \Driver\Tcpip \Device\Ip IRP_MJ_FLUSH_BUFFERS [EFE3AF80] tcpip.sys
Device \Driver\Tcpip \Device\Ip IRP_MJ_QUERY_VOLUME_INFORMATION [EFE3AF80] tcpip.sys
Device \Driver\Tcpip \Device\Ip IRP_MJ_SET_VOLUME_INFORMATION [EFE3AF80] tcpip.sys
Device \Driver\Tcpip \Device\Ip IRP_MJ_DIRECTORY_CONTROL [EFE3AF80] tcpip.sys
Device \Driver\Tcpip \Device\Ip IRP_MJ_FILE_SYSTEM_CONTROL [EFE3AF80] tcpip.sys
Device \Driver\Tcpip \Device\Ip IRP_MJ_DEVICE_CONTROL [EFE3AF80] tcpip.sys
Device \Driver\Tcpip \Device\Ip IRP_MJ_INTERNAL_DEVICE_CONTROL [EFE3AF80] tcpip.sys
Device \Driver\Tcpip \Device\Ip IRP_MJ_SHUTDOWN [EFE3B19F] tcpip.sys
Device \Driver\Tcpip \Device\Ip IRP_MJ_LOCK_CONTROL [EFE3AF80] tcpip.sys
Device \Driver\Tcpip \Device\Ip IRP_MJ_CLEANUP [EFE3AF80] tcpip.sys
Device \Driver\Tcpip \Device\Ip IRP_MJ_CREATE_MAILSLOT [EFE3AF80] tcpip.sys
Device \Driver\Tcpip \Device\Ip IRP_MJ_QUERY_SECURITY [EFE3AF80] tcpip.sys
Device \Driver\Tcpip \Device\Ip IRP_MJ_SET_SECURITY [EFE3AF80] tcpip.sys
Device \Driver\Tcpip \Device\Ip IRP_MJ_POWER [EFE3AF80] tcpip.sys
Device \Driver\Tcpip \Device\Ip IRP_MJ_SYSTEM_CONTROL [EFE3AF80] tcpip.sys
Device \Driver\Tcpip \Device\Ip IRP_MJ_DEVICE_CHANGE [EFE3AF80] tcpip.sys
Device \Driver\Tcpip \Device\Ip IRP_MJ_QUERY_QUOTA [EFE3AF80] tcpip.sys
Device \Driver\Tcpip \Device\Ip IRP_MJ_SET_QUOTA [EFE3AF80] tcpip.sys
Device \Driver\Tcpip \Device\Ip IRP_MJ_PNP [EFE3AF80] tcpip.sys
Device \Driver\Tcpip \Device\Ip IRP_MJ_PNP_POWER [EFE3AF80] tcpip.sys
Device \Device\00000027
Device \Driver\ACPI \Device\00000040 IRP_MJ_CREATE [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\00000040 IRP_MJ_CREATE_NAMED_PIPE [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\00000040 IRP_MJ_CLOSEIRP_MJ_READ [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\00000040 IRP_MJ_WRITE [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\00000040 IRP_MJ_QUERY_INFORMATION [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\00000040 IRP_MJ_SET_INFORMATION [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\00000040 IRP_MJ_QUERY_EA [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\00000040 IRP_MJ_SET_EA [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\00000040 IRP_MJ_FLUSH_BUFFERS [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\00000040 IRP_MJ_QUERY_VOLUME_INFORMATION [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\00000040 IRP_MJ_SET_VOLUME_INFORMATION [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\00000040 IRP_MJ_DIRECTORY_CONTROL [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\00000040 IRP_MJ_FILE_SYSTEM_CONTROL [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\00000040 IRP_MJ_DEVICE_CONTROL [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\00000040 IRP_MJ_INTERNAL_DEVICE_CONTROL [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\00000040 IRP_MJ_SHUTDOWN [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\00000040 IRP_MJ_LOCK_CONTROL [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\00000040 IRP_MJ_CLEANUP [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\00000040 IRP_MJ_CREATE_MAILSLOT [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\00000040 IRP_MJ_QUERY_SECURITY [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\00000040 IRP_MJ_SET_SECURITY [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\00000040 IRP_MJ_POWER [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\00000040 IRP_MJ_SYSTEM_CONTROL [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\00000040 IRP_MJ_DEVICE_CHANGE [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\00000040 IRP_MJ_QUERY_QUOTA [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\00000040 IRP_MJ_SET_QUOTA [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\00000040 IRP_MJ_PNP [F84ECCB8] ACPI.sys
Device \Driver\ACPI \Device\00000040 IRP_MJ_PNP_POWER [F84ECCB8] ACPI.sys
Device \Driver\TermDD \Device\RDP_CONSOLE0 IRP_MJ_CREATE [F85F7E58] termdd.sys
Device \Driver\TermDD \Device\RDP_CONSOLE0 IRP_MJ_CREATE_NAMED_PIPE [F85F7E58] termdd.sys
Device \Driver\TermDD \Device\RDP_CONSOLE0 IRP_MJ_CLOSEIRP_MJ_READ [F85F7E58] termdd.sys
Device \Driver\TermDD \Device\RDP_CONSOLE0 IRP_MJ_WRITE [F85F7E58] termdd.sys
Device \Driver\TermDD \Device\RDP_CONSOLE0 IRP_MJ_QUERY_INFORMATION [F85F7E58] termdd.sys
Device \Driver\TermDD \Device\RDP_CONSOLE0 IRP_MJ_SET_INFORMATION [F85F7E58] termdd.sys
Device \Driver\TermDD \Device\RDP_CONSOLE0 IRP_MJ_QUERY_EA [F85F7E58] termdd.sys
Device \Driver\TermDD \Device\RDP_CONSOLE0 IRP_MJ_SET_EA [F85F7E58] termdd.sys
Device \Driver\TermDD \Device\RDP_CONSOLE0 IRP_MJ_FLUSH_BUFFERS [F85F7E58] termdd.sys
Device \Driver\TermDD \Device\RDP_CONSOLE0 IRP_MJ_QUERY_VOLUME_INFORMATION [F85F7E58] termdd.sys
Device \Driver\TermDD \Device\RDP_CONSOLE0 IRP_MJ_SET_VOLUME_INFORMATION [F85F7E58] termdd.sys
Device \Driver\TermDD \Device\RDP_CONSOLE0 IRP_MJ_DIRECTORY_CONTROL [F85F7E58] termdd.sys
Device \Driver\TermDD \Device\RDP_CONSOLE0 IRP_MJ_FILE_SYSTEM_CONTROL [F85F7E58] termdd.sys
Device \Driver\TermDD \Device\RDP_CONSOLE0 IRP_MJ_DEVICE_CONTROL [F85F7E58] termdd.sys
Device \Driver\TermDD \Device\RDP_CONSOLE0 IRP_MJ_INTERNAL_DEVICE_CONTROL [F85F7E58] termdd.sys
Device \Driver\TermDD \Device\RDP_CONSOLE0 IRP_MJ_SHUTDOWN [F85F7E58] termdd.sys
Device \Driver\TermDD \Device\RDP_CONSOLE0 IRP_MJ_LOCK_CONTROL [F85F7E58] termdd.sys
Device \Driver\TermDD \Device\RDP_CONSOLE0 IRP_MJ_CLEANUP [F85F7E58] termdd.sys
Device \Driver\TermDD \Device\RDP_CONSOLE0 IRP_MJ_CREATE_MAILSLOT [F85F7E58] termdd.sys
Device \Driver\TermDD \Device\RDP_CONSOLE0 IRP_MJ_QUERY_SECURITY [F85F7E58] termdd.sys
Device \Driver\TermDD \Device\RDP_CONSOLE0 IRP_MJ_SET_SECURITY [F85F7E58] termdd.sys
Device \Driver\TermDD \Device\RDP_CONSOLE0 IRP_MJ_POWER [F85F7E58] termdd.sys
Device \Driver\TermDD \Device\RDP_CONSOLE0 IRP_MJ_SYSTEM_CONTROL [F85F7E58] termdd.sys
Device \Driver\TermDD \Device\RDP_CONSOLE0 IRP_MJ_DEVICE_CHANGE [F85F7E58] termdd.sys
Device \Driver\TermDD \Device\RDP_CONSOLE0 IRP_MJ_QUERY_QUOTA [F85F7E58] termdd.sys
Device \Driver\TermDD \Device\RDP_CONSOLE0 IRP_MJ_SET_QUOTA [F85F7E58] termdd.sys
Device \Driver\TermDD \Device\RDP_CONSOLE0 IRP_MJ_PNP [F85F7E58] termdd.sys
Device \Driver\TermDD \Device\RDP_CONSOLE0 IRP_MJ_PNP_POWER [F85F7E58] termdd.sys
Device \Device\00000034
Device \Driver\swenum \Device\KSENUM#00000001 IRP_MJ_CREATE [F8A57768] swenum.sys
Device \Driver\swenum \Device\KSENUM#00000001 IRP_MJ_CREATE_NAMED_PIPE [805031BE] ntoskrnl.exe
Device \Driver\swenum \Device\KSENUM#00000001 IRP_MJ_CLOSEIRP_MJ_READ [F8A57828] swenum.sys
Device \Driver\swenum \Device\KSENUM#00000001 IRP_MJ_WRITE [805031BE] ntoskrnl.exe
Device \Driver\swenum \Device\KSENUM#00000001 IRP_MJ_QUERY_INFORMATION [805031BE] ntoskrnl.exe
Device \Driver\swenum \Device\KSENUM#00000001 IRP_MJ_SET_INFORMATION [805031BE] ntoskrnl.exe
Device \Driver\swenum \Device\KSENUM#00000001 IRP_MJ_QUERY_EA [805031BE] ntoskrnl.exe
Device \Driver\swenum \Device\KSENUM#00000001 IRP_MJ_SET_EA [805031BE] ntoskrnl.exe
Device \Driver\swenum \Device\KSENUM#00000001 IRP_MJ_FLUSH_BUFFERS [805031BE] ntoskrnl.exe
Device \Driver\swenum \Device\KSENUM#00000001 IRP_MJ_QUERY_VOLUME_INFORMATION [805031BE] ntoskrnl.exe
Device \Driver\swenum \Device\KSENUM#00000001 IRP_MJ_SET_VOLUME_INFORMATION [805031BE] ntoskrnl.exe
Device \Driver\swenum \Device\KSENUM#00000001 IRP_MJ_DIRECTORY_CONTROL [805031BE] ntoskrnl.exe
Device \Driver\swenum \Device\KSENUM#00000001 IRP_MJ_FILE_SYSTEM_CONTROL [805031BE] ntoskrnl.exe
Device \Driver\swenum \Device\KSENUM#00000001 IRP_MJ_DEVICE_CONTROL [805031BE] ntoskrnl.exe
Device \Driver\swenum \Device\KSENUM#00000001 IRP_MJ_INTERNAL_DEVICE_CONTROL [F8A577D2] swenum.sys
Device \Driver\swenum \Device\KSENUM#00000001 IRP_MJ_SHUTDOWN [805031BE] ntoskrnl.exe
Device \Driver\swenum \Device\KSENUM#00000001 IRP_MJ_LOCK_CONTROL [805031BE] ntoskrnl.exe
Device \Driver\swenum \Device\KSENUM#00000001 IRP_MJ_CLEANUP [805031BE] ntoskrnl.exe
Device \Driver\swenum \Device\KSENUM#00000001 IRP_MJ_CREATE_MAILSLOT [805031BE] ntoskrnl.exe
Device \Driver\swenum \Device\KSENUM#00000001 IRP_MJ_QUERY_SECURITY [805031BE] ntoskrnl.exe
Device \Driver\swenum \Device\KSENUM#00000001 IRP_MJ_SET_SECURITY [805031BE] ntoskrnl.exe
Device \Driver\swenum \Device\KSENUM#00000001 IRP_MJ_POWER [805031BE] ntoskrnl.exe
Device \Driver\swenum \Device\KSENUM#00000001 IRP_MJ_SYSTEM_CONTROL [F8A57396] swenum.sys
Device \Driver\swenum \Device\KSENUM#00000001 IRP_MJ_DEVICE_CHANGE [F8A57332] swenum.sys
Device \Driver\swenum \Device\KSENUM#00000001 IRP_MJ_QUERY_QUOTA [805031BE] ntoskrnl.exe
Device \Driver\swenum \Device\KSENUM#00000001 IRP_MJ_SET_QUOTA [805031BE] ntoskrnl.exe
Device \Driver\swenum \Device\KSENUM#00000001 IRP_MJ_PNP [805031BE] ntoskrnl.exe
Device \Driver\swenum \Device\KSENUM#00000001 IRP_MJ_PNP_POWER [F8A57690] swenum.sys
Device \Driver\swenum \Device\KSENUM#00000002 IRP_MJ_CREATE [F8A57768] swenum.sys
Device \Driver\swenum \Device\KSENUM#00000002 IRP_MJ_CREATE_NAMED_PIPE [805031BE] ntoskrnl.exe
Device \Driver\swenum \Device\KSENUM#00000002 IRP_MJ_CLOSEIRP_MJ_READ [F8A57828] swenum.sys
Device \Driver\swenum \Device\KSENUM#00000002 IRP_MJ_WRITE [805031BE] ntoskrnl.exe
Device \Driver\swenum \Device\KSENUM#00000002 IRP_MJ_QUERY_INFORMATION [805031BE] ntoskrnl.exe
Device \Driver\swenum \Device\KSENUM#00000002 IRP_MJ_SET_INFORMATION [805031BE] ntoskrnl.exe
Device \Driver\swenum \Device\KSENUM#00000002 IRP_MJ_QUERY_EA [805031BE] ntoskrnl.exe
Device \Driver\swenum \Device\KSENUM#00000002 IRP_MJ_SET_EA [805031BE] ntoskrnl.exe
Device \Driver\swenum \Device\KSENUM#00000002 IRP_MJ_FLUSH_BUFFERS [805031BE] ntoskrnl.exe
Device \Driver\swenum \Device\KSENUM#00000002 IRP_MJ_QUERY_VOLUME_INFORMATION [805031BE] ntoskrnl.exe
Device \Driver\swenum \Device\KSENUM#00000002 IRP_MJ_SET_VOLUME_INFORMATION [805031BE] ntoskrnl.exe
Device \Driver\swenum \Device\KSENUM#00000002 IRP_MJ_DIRECTORY_CONTROL [805031BE] ntoskrnl.exe
Device \Driver\swenum \Device\KSENUM#00000002 IRP_MJ_FILE_SYSTEM_CONTROL [805031BE] ntoskrnl.exe
Device \Driver\swenum \Device\KSENUM#00000002 IRP_MJ_DEVICE_CONTROL [805031BE] ntoskrnl.exe
Device \Driver\swenum \Device\KSENUM#00000002 IRP_MJ_INTERNAL_DEVICE_CONTROL [F8A577D2] swenum.sys
Device \Driver\swenum \Device\KSENUM#00000002 IRP_MJ_SHUTDOWN [805031BE] ntoskrnl.exe
Device \Driver\swenum \Device\KSENUM#00000002 IRP_MJ_LOCK_CONTROL [805031BE] ntoskrnl.exe
Device \Driver\swenum \Device\KSENUM#00000002 IRP_MJ_CLEANUP [805031BE] ntoskrnl.exe
Device \Driver\swenum \Device\KSENUM#00000002 IRP_MJ_CREATE_MAILSLOT [805031BE] ntoskrnl.exe
Device \Driver\swenum \Device\KSENUM#00000002 IRP_MJ_QUERY_SECURITY [805031BE] ntoskrnl.exe
Device \Driver\swenum \Device\KSENUM#00000002 IRP_MJ_SET_SECURITY [805031BE] ntoskrnl.exe
Device \Driver\swenum \Device\KSENUM#00000002 IRP_MJ_POWER [805031BE] ntoskrnl.exe
Device \Driver\swenum \Device\KSENUM#00000002 IRP_MJ_SYSTEM_CONTROL [F8A57396] swenum.sys
Device \Driver\swenum \Device\KSENUM#00000002 IRP_MJ_DEVICE_CHANGE [F8A57332] swenum.sys
Device \Driver\swenum \Device\KSENUM#00000002 IRP_MJ_QUERY_QUOTA [805031BE] ntoskrnl.exe
Device \Driver\swenum \Device\KSENUM#00000002 IRP_MJ_SET_QUOTA [805031BE] ntoskrnl.exe
Device \Driver\swenum \Device\KSENUM#00000002 IRP_MJ_PNP [805031BE] ntoskrnl.exe
Device \Driver\swenum \Device\KSENUM#00000002 IRP_MJ_PNP_POWER [F8A57690] swenum.sys
Device \Device\00000028
Device \Driver\PnpManager \Device\00000035 IRP_MJ_CREATE [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000035 IRP_MJ_CREATE_NAMED_PIPE [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000035 IRP_MJ_CLOSEIRP_MJ_READ [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000035 IRP_MJ_WRITE [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000035 IRP_MJ_QUERY_INFORMATION [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000035 IRP_MJ_SET_INFORMATION [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000035 IRP_
frontrunner
Utente Junior
 
Post: 96
Iscritto il: 26/06/06 17:04

Prossimo

Torna a Sicurezza e Privacy


Topic correlati a "pc lentissimo-non abbastanza memoria e aumento del paging":

Memoria esterna
Autore: crisge73
Forum: Consigli per gli acquisti
Risposte: 14

Chi c’è in linea

Visitano il forum: Nessuno e 42 ospiti