Condividi:        

esito scansione con gmer

Come rimuovere virus e spyware? Le carte di credito sono davvero sicure in rete? È possibile navigare anonimi? Con quali programmi tutelare la propria privacy? Come proteggere i file importanti? Se volete una risposta a queste e altre domande questo è il luogo giusto!

Moderatori: m.paolo, kadosh, Luke57

esito scansione con gmer

Postdi cassathecaptain » 13/02/07 17:26

Ecco i risultati alla fine delle due scansioni con gmer:


GMER 1.0.12.12027 - http://www.gmer.net
Rootkit scan 2007-02-13 17:22:26
Windows 5.1.2600 Service Pack 2


---- System - GMER 1.0.12 ----

SSDT sptd.sys ZwCreateKey
SSDT sptd.sys ZwEnumerateKey
SSDT sptd.sys ZwEnumerateValueKey
SSDT sptd.sys ZwOpenKey
SSDT sptd.sys ZwQueryKey
SSDT sptd.sys ZwQueryValueKey
SSDT sptd.sys ZwSetValueKey

---- Kernel code sections - GMER 1.0.12 ----

.text USBPORT.SYS!DllUnload F709C62C 5 Bytes JMP 863FD1B8

---- User code sections - GMER 1.0.12 ----

.text C:\WINDOWS\system32\csrss.exe[468] ntdll.dll!NtTerminateProcess 7C91E88E 3 Bytes [ FF, 25, 1E ]
.text C:\WINDOWS\system32\csrss.exe[468] ntdll.dll!NtTerminateProcess + 4 7C91E892 2 Bytes [ 0E, 5F ]
.text C:\WINDOWS\system32\csrss.exe[468] KERNEL32.dll!LoadLibraryExW 7C801AF1 6 Bytes [ FF, 25, 1E, 00, 08, 5F ]
.text C:\WINDOWS\system32\csrss.exe[468] KERNEL32.dll!CreateProcessW 7C802332 6 Bytes [ FF, 25, 1E, 00, 0B, 5F ]
.text C:\WINDOWS\system32\csrss.exe[468] KERNEL32.dll!CreateProcessA 7C802367 6 Bytes [ FF, 25, 1E, 00, 05, 5F ]
.text C:\WINDOWS\system32\winlogon.exe[496] ntdll.dll!NtTerminateProcess 7C91E88E 3 Bytes [ FF, 25, 1E ]
.text C:\WINDOWS\system32\winlogon.exe[496] ntdll.dll!NtTerminateProcess + 4 7C91E892 2 Bytes [ 0E, 5F ]
.text C:\WINDOWS\system32\winlogon.exe[496] kernel32.dll!LoadLibraryExW 7C801AF1 6 Bytes [ FF, 25, 1E, 00, 08, 5F ]
.text C:\WINDOWS\system32\winlogon.exe[496] kernel32.dll!CreateProcessW 7C802332 6 Bytes [ FF, 25, 1E, 00, 0B, 5F ]
.text C:\WINDOWS\system32\winlogon.exe[496] kernel32.dll!CreateProcessA 7C802367 6 Bytes [ FF, 25, 1E, 00, 05, 5F ]
.text C:\WINDOWS\system32\services.exe[540] ntdll.dll!NtTerminateProcess 7C91E88E 3 Bytes [ FF, 25, 1E ]
.text C:\WINDOWS\system32\services.exe[540] ntdll.dll!NtTerminateProcess + 4 7C91E892 2 Bytes [ 0E, 5F ]
.text C:\WINDOWS\system32\services.exe[540] kernel32.dll!LoadLibraryExW 7C801AF1 6 Bytes [ FF, 25, 1E, 00, 08, 5F ]
.text C:\WINDOWS\system32\services.exe[540] kernel32.dll!CreateProcessW 7C802332 6 Bytes [ FF, 25, 1E, 00, 0B, 5F ]
.text C:\WINDOWS\system32\services.exe[540] kernel32.dll!CreateProcessA 7C802367 6 Bytes [ FF, 25, 1E, 00, 05, 5F ]
.text C:\WINDOWS\system32\lsass.exe[552] ntdll.dll!NtTerminateProcess 7C91E88E 3 Bytes [ FF, 25, 1E ]
.text C:\WINDOWS\system32\lsass.exe[552] ntdll.dll!NtTerminateProcess + 4 7C91E892 2 Bytes [ 0E, 5F ]
.text C:\WINDOWS\system32\lsass.exe[552] kernel32.dll!LoadLibraryExW 7C801AF1 6 Bytes [ FF, 25, 1E, 00, 08, 5F ]
.text C:\WINDOWS\system32\lsass.exe[552] kernel32.dll!CreateProcessW 7C802332 6 Bytes [ FF, 25, 1E, 00, 0B, 5F ]
.text C:\WINDOWS\system32\lsass.exe[552] kernel32.dll!CreateProcessA 7C802367 6 Bytes [ FF, 25, 1E, 00, 05, 5F ]
.text C:\WINDOWS\system32\ati2evxx.exe[708] ntdll.dll!NtTerminateProcess 7C91E88E 3 Bytes [ FF, 25, 1E ]
.text C:\WINDOWS\system32\ati2evxx.exe[708] ntdll.dll!NtTerminateProcess + 4 7C91E892 2 Bytes [ 0E, 5F ]
.text C:\WINDOWS\system32\ati2evxx.exe[708] kernel32.dll!LoadLibraryExW 7C801AF1 6 Bytes [ FF, 25, 1E, 00, 08, 5F ]
.text C:\WINDOWS\system32\ati2evxx.exe[708] kernel32.dll!CreateProcessW 7C802332 6 Bytes [ FF, 25, 1E, 00, 0B, 5F ]
.text C:\WINDOWS\system32\ati2evxx.exe[708] kernel32.dll!CreateProcessA 7C802367 6 Bytes [ FF, 25, 1E, 00, 05, 5F ]
.text C:\WINDOWS\system32\svchost.exe[736] ntdll.dll!NtTerminateProcess 7C91E88E 3 Bytes [ FF, 25, 1E ]
.text C:\WINDOWS\system32\svchost.exe[736] ntdll.dll!NtTerminateProcess + 4 7C91E892 2 Bytes [ 0E, 5F ]
.text C:\WINDOWS\system32\svchost.exe[736] kernel32.dll!LoadLibraryExW 7C801AF1 6 Bytes [ FF, 25, 1E, 00, 08, 5F ]
.text C:\WINDOWS\system32\svchost.exe[736] kernel32.dll!CreateProcessW 7C802332 6 Bytes [ FF, 25, 1E, 00, 0B, 5F ]
.text C:\WINDOWS\system32\svchost.exe[736] kernel32.dll!CreateProcessA 7C802367 6 Bytes [ FF, 25, 1E, 00, 05, 5F ]
.text C:\WINDOWS\system32\svchost.exe[804] ntdll.dll!NtTerminateProcess 7C91E88E 3 Bytes [ FF, 25, 1E ]
.text C:\WINDOWS\system32\svchost.exe[804] ntdll.dll!NtTerminateProcess + 4 7C91E892 2 Bytes [ 0E, 5F ]
.text C:\WINDOWS\system32\svchost.exe[804] kernel32.dll!LoadLibraryExW 7C801AF1 6 Bytes [ FF, 25, 1E, 00, 08, 5F ]
.text C:\WINDOWS\system32\svchost.exe[804] kernel32.dll!CreateProcessW 7C802332 6 Bytes [ FF, 25, 1E, 00, 0B, 5F ]
.text C:\WINDOWS\system32\svchost.exe[804] kernel32.dll!CreateProcessA 7C802367 6 Bytes [ FF, 25, 1E, 00, 05, 5F ]
.text C:\WINDOWS\system32\svchost.exe[852] ntdll.dll!NtTerminateProcess 7C91E88E 3 Bytes [ FF, 25, 1E ]
.text C:\WINDOWS\system32\svchost.exe[852] ntdll.dll!NtTerminateProcess + 4 7C91E892 2 Bytes [ 0E, 5F ]
.text C:\WINDOWS\system32\svchost.exe[852] kernel32.dll!LoadLibraryExW 7C801AF1 6 Bytes [ FF, 25, 1E, 00, 08, 5F ]
.text C:\WINDOWS\system32\svchost.exe[852] kernel32.dll!CreateProcessW 7C802332 6 Bytes [ FF, 25, 1E, 00, 0B, 5F ]
.text C:\WINDOWS\system32\svchost.exe[852] kernel32.dll!CreateProcessA 7C802367 6 Bytes [ FF, 25, 1E, 00, 05, 5F ]
.text C:\WINDOWS\system32\svchost.exe[888] ntdll.dll!NtTerminateProcess 7C91E88E 3 Bytes [ FF, 25, 1E ]
.text C:\WINDOWS\system32\svchost.exe[888] ntdll.dll!NtTerminateProcess + 4 7C91E892 2 Bytes [ 0E, 5F ]
.text C:\WINDOWS\system32\svchost.exe[888] kernel32.dll!LoadLibraryExW 7C801AF1 6 Bytes [ FF, 25, 1E, 00, 08, 5F ]
.text C:\WINDOWS\system32\svchost.exe[888] kernel32.dll!CreateProcessW 7C802332 6 Bytes [ FF, 25, 1E, 00, 0B, 5F ]
.text C:\WINDOWS\system32\svchost.exe[888] kernel32.dll!CreateProcessA 7C802367 6 Bytes [ FF, 25, 1E, 00, 05, 5F ]
.text C:\WINDOWS\system32\svchost.exe[940] ntdll.dll!NtTerminateProcess 7C91E88E 3 Bytes [ FF, 25, 1E ]
.text C:\WINDOWS\system32\svchost.exe[940] ntdll.dll!NtTerminateProcess + 4 7C91E892 2 Bytes [ 0E, 5F ]
.text C:\WINDOWS\system32\svchost.exe[940] kernel32.dll!LoadLibraryExW 7C801AF1 6 Bytes [ FF, 25, 1E, 00, 08, 5F ]
.text C:\WINDOWS\system32\svchost.exe[940] kernel32.dll!CreateProcessW 7C802332 6 Bytes [ FF, 25, 1E, 00, 0B, 5F ]
.text C:\WINDOWS\system32\svchost.exe[940] kernel32.dll!CreateProcessA 7C802367 6 Bytes [ FF, 25, 1E, 00, 05, 5F ]
.text C:\WINDOWS\system32\spoolsv.exe[1188] ntdll.dll!NtTerminateProcess 7C91E88E 3 Bytes [ FF, 25, 1E ]
.text C:\WINDOWS\system32\spoolsv.exe[1188] ntdll.dll!NtTerminateProcess + 4 7C91E892 2 Bytes [ 0E, 5F ]
.text C:\WINDOWS\system32\spoolsv.exe[1188] kernel32.dll!LoadLibraryExW 7C801AF1 6 Bytes [ FF, 25, 1E, 00, 08, 5F ]
.text C:\WINDOWS\system32\spoolsv.exe[1188] kernel32.dll!CreateProcessW 7C802332 6 Bytes [ FF, 25, 1E, 00, 0B, 5F ]
.text C:\WINDOWS\system32\spoolsv.exe[1188] kernel32.dll!CreateProcessA 7C802367 6 Bytes [ FF, 25, 1E, 00, 05, 5F ]
.text C:\WINDOWS\system32\ati2evxx.exe[1384] ntdll.dll!NtTerminateProcess 7C91E88E 3 Bytes [ FF, 25, 1E ]
.text C:\WINDOWS\system32\ati2evxx.exe[1384] ntdll.dll!NtTerminateProcess + 4 7C91E892 2 Bytes [ 0E, 5F ]
.text C:\WINDOWS\system32\ati2evxx.exe[1384] kernel32.dll!LoadLibraryExW 7C801AF1 6 Bytes [ FF, 25, 1E, 00, 08, 5F ]
.text C:\WINDOWS\system32\ati2evxx.exe[1384] kernel32.dll!CreateProcessW 7C802332 6 Bytes [ FF, 25, 1E, 00, 0B, 5F ]
.text C:\WINDOWS\system32\ati2evxx.exe[1384] kernel32.dll!CreateProcessA 7C802367 6 Bytes [ FF, 25, 1E, 00, 05, 5F ]
.text C:\Programmi\iPod\bin\iPodService.exe[1404] ntdll.dll!NtTerminateProcess 7C91E88E 3 Bytes [ FF, 25, 1E ]
.text C:\Programmi\iPod\bin\iPodService.exe[1404] ntdll.dll!NtTerminateProcess + 4 7C91E892 2 Bytes [ 0E, 5F ]
.text C:\Programmi\iPod\bin\iPodService.exe[1404] kernel32.dll!LoadLibraryExW 7C801AF1 6 Bytes [ FF, 25, 1E, 00, 08, 5F ]
.text C:\Programmi\iPod\bin\iPodService.exe[1404] kernel32.dll!CreateProcessW 7C802332 6 Bytes [ FF, 25, 1E, 00, 0B, 5F ]
.text C:\Programmi\iPod\bin\iPodService.exe[1404] kernel32.dll!CreateProcessA 7C802367 6 Bytes [ FF, 25, 1E, 00, 05, 5F ]
.text C:\Programmi\iPod\bin\iPodService.exe[1404] kernel32.dll!FreeLibrary + 15 7C80AA7B 4 Bytes [ BD, 55, 7F, E2 ]
.text C:\WINDOWS\explorer.exe[1532] ntdll.dll!NtTerminateProcess 7C91E88E 3 Bytes [ FF, 25, 1E ]
.text C:\WINDOWS\explorer.exe[1532] ntdll.dll!NtTerminateProcess + 4 7C91E892 2 Bytes [ 0E, 5F ]
.text C:\WINDOWS\explorer.exe[1532] kernel32.dll!LoadLibraryExW 7C801AF1 6 Bytes [ FF, 25, 1E, 00, 08, 5F ]
.text C:\WINDOWS\explorer.exe[1532] kernel32.dll!CreateProcessW 7C802332 6 Bytes [ FF, 25, 1E, 00, 0B, 5F ]
.text C:\WINDOWS\explorer.exe[1532] kernel32.dll!CreateProcessA 7C802367 6 Bytes [ FF, 25, 1E, 00, 05, 5F ]
.text C:\Programmi\Synaptics\SynTP\SynTPEnh.exe[1620] ntdll.dll!NtTerminateProcess 7C91E88E 3 Bytes [ FF, 25, 1E ]
.text C:\Programmi\Synaptics\SynTP\SynTPEnh.exe[1620] ntdll.dll!NtTerminateProcess + 4 7C91E892 2 Bytes [ 0E, 5F ]
.text C:\Programmi\Synaptics\SynTP\SynTPEnh.exe[1620] kernel32.dll!LoadLibraryExW 7C801AF1 6 Bytes [ FF, 25, 1E, 00, 08, 5F ]
.text C:\Programmi\Synaptics\SynTP\SynTPEnh.exe[1620] kernel32.dll!CreateProcessW 7C802332 6 Bytes [ FF, 25, 1E, 00, 0B, 5F ]
.text C:\Programmi\Synaptics\SynTP\SynTPEnh.exe[1620] kernel32.dll!CreateProcessA 7C802367 6 Bytes [ FF, 25, 1E, 00, 05, 5F ]
.text C:\Programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe[1628] ntdll.dll!NtTerminateProcess 7C91E88E 3 Bytes [ FF, 25, 1E ]
.text C:\Programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe[1628] ntdll.dll!NtTerminateProcess + 4 7C91E892 2 Bytes [ 0E, 5F ]
.text C:\Programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe[1628] kernel32.dll!LoadLibraryExW 7C801AF1 6 Bytes [ FF, 25, 1E, 00, 08, 5F ]
.text C:\Programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe[1628] kernel32.dll!CreateProcessW 7C802332 6 Bytes [ FF, 25, 1E, 00, 0B, 5F ]
.text C:\Programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe[1628] kernel32.dll!CreateProcessA 7C802367 6 Bytes [ FF, 25, 1E, 00, 05, 5F ]
.text C:\Programmi\HPQ\Quick Launch Buttons\eabservr.exe[1644] ntdll.dll!NtTerminateProcess 7C91E88E 3 Bytes [ FF, 25, 1E ]
.text C:\Programmi\HPQ\Quick Launch Buttons\eabservr.exe[1644] ntdll.dll!NtTerminateProcess + 4 7C91E892 2 Bytes [ 0E, 5F ]
.text C:\Programmi\HPQ\Quick Launch Buttons\eabservr.exe[1644] kernel32.dll!LoadLibraryExW 7C801AF1 6 Bytes [ FF, 25, 1E, 00, 08, 5F ]
.text C:\Programmi\HPQ\Quick Launch Buttons\eabservr.exe[1644] kernel32.dll!CreateProcessW 7C802332 6 Bytes [ FF, 25, 1E, 00, 0B, 5F ]
.text C:\Programmi\HPQ\Quick Launch Buttons\eabservr.exe[1644] kernel32.dll!CreateProcessA 7C802367 6 Bytes [ FF, 25, 1E, 00, 05, 5F ]
.text C:\Programmi\Java\jre1.5.0_05\bin\jusched.exe[1652] ntdll.dll!NtTerminateProcess 7C91E88E 3 Bytes [ FF, 25, 1E ]
.text C:\Programmi\Java\jre1.5.0_05\bin\jusched.exe[1652] ntdll.dll!NtTerminateProcess + 4 7C91E892 2 Bytes [ 0E, 5F ]
.text C:\Programmi\Java\jre1.5.0_05\bin\jusched.exe[1652] kernel32.dll!LoadLibraryExW 7C801AF1 6 Bytes [ FF, 25, 1E, 00, 08, 5F ]
.text C:\Programmi\Java\jre1.5.0_05\bin\jusched.exe[1652] kernel32.dll!CreateProcessW 7C802332 6 Bytes [ FF, 25, 1E, 00, 0B, 5F ]
.text C:\Programmi\Java\jre1.5.0_05\bin\jusched.exe[1652] kernel32.dll!CreateProcessA 7C802367 6 Bytes [ FF, 25, 1E, 00, 05, 5F ]
.text C:\Programmi\HPQ\HP Wireless Assistant\HP Wireless Assistant.exe[1660] ntdll.dll!NtTerminateProcess 7C91E88E 3 Bytes [ FF, 25, 1E ]
.text C:\Programmi\HPQ\HP Wireless Assistant\HP Wireless Assistant.exe[1660] ntdll.dll!NtTerminateProcess + 4 7C91E892 2 Bytes [ 0E, 5F ]
.text C:\Programmi\HPQ\HP Wireless Assistant\HP Wireless Assistant.exe[1660] kernel32.dll!LoadLibraryExW 7C801AF1 6 Bytes [ FF, 25, 1E, 00, 08, 5F ]
.text C:\Programmi\HPQ\HP Wireless Assistant\HP Wireless Assistant.exe[1660] kernel32.dll!CreateProcessW 7C802332 6 Bytes [ FF, 25, 1E, 00, 0B, 5F ]
.text C:\Programmi\HPQ\HP Wireless Assistant\HP Wireless Assistant.exe[1660] kernel32.dll!CreateProcessA 7C802367 6 Bytes [ FF, 25, 1E, 00, 05, 5F ]
.text C:\Programmi\ESET\nod32kui.exe[1668] ntdll.dll!NtTerminateProcess 7C91E88E 3 Bytes [ FF, 25, 1E ]
.text C:\Programmi\ESET\nod32kui.exe[1668] ntdll.dll!NtTerminateProcess + 4 7C91E892 2 Bytes [ 0E, 5F ]
.text C:\Programmi\ESET\nod32kui.exe[1668] kernel32.dll!LoadLibraryExW 7C801AF1 6 Bytes [ FF, 25, 1E, 00, 08, 5F ]
.text C:\Programmi\ESET\nod32kui.exe[1668] kernel32.dll!CreateProcessW 7C802332 6 Bytes [ FF, 25, 1E, 00, 0B, 5F ]
.text C:\Programmi\ESET\nod32kui.exe[1668] kernel32.dll!CreateProcessA 7C802367 6 Bytes [ FF, 25, 1E, 00, 05, 5F ]
.text C:\Programmi\CyberLink\PowerDVD\PDVDServ.exe[1676] ntdll.dll!NtTerminateProcess 7C91E88E 3 Bytes [ FF, 25, 1E ]
.text C:\Programmi\CyberLink\PowerDVD\PDVDServ.exe[1676] ntdll.dll!NtTerminateProcess + 4 7C91E892 2 Bytes [ 0E, 5F ]
.text C:\Programmi\CyberLink\PowerDVD\PDVDServ.exe[1676] kernel32.dll!LoadLibraryExW 7C801AF1 6 Bytes [ FF, 25, 1E, 00, 08, 5F ]
.text C:\Programmi\CyberLink\PowerDVD\PDVDServ.exe[1676] kernel32.dll!CreateProcessW 7C802332 6 Bytes [ FF, 25, 1E, 00, 0B, 5F ]
.text C:\Programmi\CyberLink\PowerDVD\PDVDServ.exe[1676] kernel32.dll!CreateProcessA 7C802367 6 Bytes [ FF, 25, 1E, 00, 05, 5F ]
.text C:\Programmi\iTunes\iTunesHelper.exe[1704] ntdll.dll!NtTerminateProcess 7C91E88E 3 Bytes [ FF, 25, 1E ]
.text C:\Programmi\iTunes\iTunesHelper.exe[1704] ntdll.dll!NtTerminateProcess + 4 7C91E892 2 Bytes [ 0E, 5F ]
.text C:\Programmi\iTunes\iTunesHelper.exe[1704] kernel32.dll!LoadLibraryExW 7C801AF1 6 Bytes [ FF, 25, 1E, 00, 08, 5F ]
.text C:\Programmi\iTunes\iTunesHelper.exe[1704] kernel32.dll!CreateProcessW 7C802332 6 Bytes [ FF, 25, 1E, 00, 0B, 5F ]
.text C:\Programmi\iTunes\iTunesHelper.exe[1704] kernel32.dll!CreateProcessA 7C802367 6 Bytes [ FF, 25, 1E, 00, 05, 5F ]
.text C:\Programmi\QuickTime\qttask.exe[1712] ntdll.dll!NtTerminateProcess 7C91E88E 3 Bytes [ FF, 25, 1E ]
.text C:\Programmi\QuickTime\qttask.exe[1712] ntdll.dll!NtTerminateProcess + 4 7C91E892 2 Bytes [ 0E, 5F ]
.text C:\Programmi\QuickTime\qttask.exe[1712] kernel32.dll!LoadLibraryExW 7C801AF1 6 Bytes [ FF, 25, 1E, 00, 08, 5F ]
.text C:\Programmi\QuickTime\qttask.exe[1712] kernel32.dll!CreateProcessW 7C802332 6 Bytes [ FF, 25, 1E, 00, 0B, 5F ]
.text C:\Programmi\QuickTime\qttask.exe[1712] kernel32.dll!CreateProcessA 7C802367 6 Bytes [ FF, 25, 1E, 00, 05, 5F ]
.text C:\DOCUME~1\Emanuele\IMPOST~1\Temp\dtkxaa.exe[1740] ntdll.dll!NtTerminateProcess 7C91E88E 3 Bytes [ FF, 25, 1E ]
.text C:\DOCUME~1\Emanuele\IMPOST~1\Temp\dtkxaa.exe[1740] ntdll.dll!NtTerminateProcess + 4 7C91E892 2 Bytes [ 0E, 5F ]
.text C:\DOCUME~1\Emanuele\IMPOST~1\Temp\dtkxaa.exe[1740] kernel32.dll!LoadLibraryExW 7C801AF1 6 Bytes [ FF, 25, 1E, 00, 08, 5F ]
.text C:\DOCUME~1\Emanuele\IMPOST~1\Temp\dtkxaa.exe[1740] kernel32.dll!CreateProcessW 7C802332 6 Bytes [ FF, 25, 1E, 00, 0B, 5F ]
.text C:\DOCUME~1\Emanuele\IMPOST~1\Temp\dtkxaa.exe[1740] kernel32.dll!CreateProcessA 7C802367 6 Bytes [ FF, 25, 1E, 00, 05, 5F ]
.text C:\WINDOWS\system32\ctfmon.exe[1840] ntdll.dll!NtTerminateProcess 7C91E88E 3 Bytes [ FF, 25, 1E ]
.text C:\WINDOWS\system32\ctfmon.exe[1840] ntdll.dll!NtTerminateProcess + 4 7C91E892 2 Bytes [ 0E, 5F ]
.text C:\WINDOWS\system32\ctfmon.exe[1840] kernel32.dll!LoadLibraryExW 7C801AF1 6 Bytes [ FF, 25, 1E, 00, 08, 5F ]
.text C:\WINDOWS\system32\ctfmon.exe[1840] kernel32.dll!CreateProcessW 7C802332 6 Bytes [ FF, 25, 1E, 00, 0B, 5F ]
.text C:\WINDOWS\system32\ctfmon.exe[1840] kernel32.dll!CreateProcessA 7C802367 6 Bytes [ FF, 25, 1E, 00, 05, 5F ]
.text C:\Programmi\MSN Messenger\msnmsgr.exe[1872] ntdll.dll!NtTerminateProcess 7C91E88E 3 Bytes [ FF, 25, 1E ]
.text C:\Programmi\MSN Messenger\msnmsgr.exe[1872] ntdll.dll!NtTerminateProcess + 4 7C91E892 2 Bytes [ 0E, 5F ]
.text C:\Programmi\MSN Messenger\msnmsgr.exe[1872] kernel32.dll!LoadLibraryExW 7C801AF1 6 Bytes [ FF, 25, 1E, 00, 08, 5F ]
.text C:\Programmi\MSN Messenger\msnmsgr.exe[1872] kernel32.dll!CreateProcessW 7C802332 6 Bytes [ FF, 25, 1E, 00, 0B, 5F ]
.text C:\Programmi\MSN Messenger\msnmsgr.exe[1872] kernel32.dll!CreateProcessA 7C802367 6 Bytes [ FF, 25, 1E, 00, 05, 5F ]
.text C:\Programmi\MSN Messenger\msnmsgr.exe[1872] kernel32.dll!SetUnhandledExceptionFilter 7C810386 5 Bytes JMP 004DE392 C:\Programmi\MSN Messenger\MsnMsgr.Exe
.text C:\Programmi\ESET\nod32krn.exe[1960] ntdll.dll!NtTerminateProcess 7C91E88E 3 Bytes [ FF, 25, 1E ]
.text C:\Programmi\ESET\nod32krn.exe[1960] ntdll.dll!NtTerminateProcess + 4 7C91E892 2 Bytes [ 0E, 5F ]
.text C:\Programmi\ESET\nod32krn.exe[1960] kernel32.dll!LoadLibraryExW 7C801AF1 6 Bytes [ FF, 25, 1E, 00, 08, 5F ]
.text C:\Programmi\ESET\nod32krn.exe[1960] kernel32.dll!CreateProcessW 7C802332 6 Bytes [ FF, 25, 1E, 00, 0B, 5F ]
.text C:\Programmi\ESET\nod32krn.exe[1960] kernel32.dll!CreateProcessA 7C802367 6 Bytes [ FF, 25, 1E, 00, 05, 5F ]
.text C:\Programmi\MSN Messenger\usnsvc.exe[2068] ntdll.dll!NtTerminateProcess 7C91E88E 3 Bytes [ FF, 25, 1E ]
.text C:\Programmi\MSN Messenger\usnsvc.exe[2068] ntdll.dll!NtTerminateProcess + 4 7C91E892 2 Bytes [ 0E, 5F ]
.text C:\Programmi\MSN Messenger\usnsvc.exe[2068] kernel32.dll!LoadLibraryExW 7C801AF1 6 Bytes [ FF, 25, 1E, 00, 08, 5F ]
.text C:\Programmi\MSN Messenger\usnsvc.exe[2068] kernel32.dll!CreateProcessW 7C802332 6 Bytes [ FF, 25, 1E, 00, 0B, 5F ]
.text C:\Programmi\MSN Messenger\usnsvc.exe[2068] kernel32.dll!CreateProcessA 7C802367 6 Bytes [ FF, 25, 1E, 00, 05, 5F ]
.text C:\Programmi\MSN Messenger\usnsvc.exe[2068] kernel32.dll!FreeLibrary + 15 7C80AA7B 4 Bytes [ BD, 55, 7F, E2 ]
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[2160] ntdll.dll!NtTerminateProcess 7C91E88E 3 Bytes [ FF, 25, 1E ]
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[2160] ntdll.dll!NtTerminateProcess + 4 7C91E892 2 Bytes [ 0E, 5F ]
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[2160] kernel32.dll!LoadLibraryExW 7C801AF1 6 Bytes [ FF, 25, 1E, 00, 08, 5F ]
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[2160] kernel32.dll!CreateProcessW 7C802332 6 Bytes [ FF, 25, 1E, 00, 0B, 5F ]
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[2160] kernel32.dll!CreateProcessA 7C802367 6 Bytes [ FF, 25, 1E, 00, 05, 5F ]
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[2160] kernel32.dll!FreeLibrary + 15 7C80AA7B 4 Bytes [ BD, 55, 7F, E2 ]
.text C:\WINDOWS\system32\alg.exe[2372] ntdll.dll!NtTerminateProcess 7C91E88E 3 Bytes [ FF, 25, 1E ]
.text C:\WINDOWS\system32\alg.exe[2372] ntdll.dll!NtTerminateProcess + 4 7C91E892 2 Bytes [ 0E, 5F ]
.text C:\WINDOWS\system32\alg.exe[2372] kernel32.dll!LoadLibraryExW 7C801AF1 6 Bytes [ FF, 25, 1E, 00, 08, 5F ]
.text C:\WINDOWS\system32\alg.exe[2372] kernel32.dll!CreateProcessW 7C802332 6 Bytes [ FF, 25, 1E, 00, 0B, 5F ]
.text C:\WINDOWS\system32\alg.exe[2372] kernel32.dll!CreateProcessA 7C802367 6 Bytes [ FF, 25, 1E, 00, 05, 5F ]
.text C:\WINDOWS\system32\alg.exe[2372] kernel32.dll!FreeLibrary + 15 7C80AA7B 4 Bytes [ BD, 55, 7F, E2 ]
.text C:\Programmi\HPQ\shared\hpqwmi.exe[2568] ntdll.dll!NtTerminateProcess 7C91E88E 3 Bytes [ FF, 25, 1E ]
.text C:\Programmi\HPQ\shared\hpqwmi.exe[2568] ntdll.dll!NtTerminateProcess + 4 7C91E892 2 Bytes [ 0E, 5F ]
.text C:\Programmi\HPQ\shared\hpqwmi.exe[2568] kernel32.dll!LoadLibraryExW 7C801AF1 6 Bytes [ FF, 25, 1E, 00, 08, 5F ]
.text C:\Programmi\HPQ\shared\hpqwmi.exe[2568] kernel32.dll!CreateProcessW 7C802332 6 Bytes [ FF, 25, 1E, 00, 0B, 5F ]
.text C:\Programmi\HPQ\shared\hpqwmi.exe[2568] kernel32.dll!CreateProcessA 7C802367 6 Bytes [ FF, 25, 1E, 00, 05, 5F ]
.text C:\Programmi\HPQ\shared\hpqwmi.exe[2568] kernel32.dll!FreeLibrary + 15 7C80AA7B 4 Bytes [ BD, 55, 7F, E2 ]
.text C:\Programmi\Mozilla Firefox\firefox.exe[3408] ntdll.dll!NtTerminateProcess 7C91E88E 3 Bytes [ FF, 25, 1E ]
.text C:\Programmi\Mozilla Firefox\firefox.exe[3408] ntdll.dll!NtTerminateProcess + 4 7C91E892 2 Bytes [ 0E, 5F ]
.text C:\Programmi\Mozilla Firefox\firefox.exe[3408] kernel32.dll!LoadLibraryExW 7C801AF1 6 Bytes [ FF, 25, 1E, 00, 08, 5F ]
.text C:\Programmi\Mozilla Firefox\firefox.exe[3408] kernel32.dll!CreateProcessW 7C802332 6 Bytes [ FF, 25, 1E, 00, 0B, 5F ]
.text C:\Programmi\Mozilla Firefox\firefox.exe[3408] kernel32.dll!CreateProcessA 7C802367 6 Bytes [ FF, 25, 1E, 00, 05, 5F ]
.text C:\Programmi\Mozilla Firefox\firefox.exe[3408] kernel32.dll!FreeLibrary + 15 7C80AA7B 4 Bytes [ BD, 55, 7F, E2 ]
.text C:\Documents and Settings\Marco\Desktop\gmer.exe[3588] ntdll.dll!NtTerminateProcess 7C91E88E 3 Bytes [ FF, 25, 1E ]
.text C:\Documents and Settings\Marco\Desktop\gmer.exe[3588] ntdll.dll!NtTerminateProcess + 4 7C91E892 2 Bytes [ 0E, 5F ]
.text C:\Documents and Settings\Marco\Desktop\gmer.exe[3588] kernel32.dll!LoadLibraryExW 7C801AF1 6 Bytes [ FF, 25, 1E, 00, 08, 5F ]
.text C:\Documents and Settings\Marco\Desktop\gmer.exe[3588] kernel32.dll!CreateProcessW 7C802332 6 Bytes [ FF, 25, 1E, 00, 0B, 5F ]
.text C:\Documents and Settings\Marco\Desktop\gmer.exe[3588] kernel32.dll!CreateProcessA 7C802367 6 Bytes [ FF, 25, 1E, 00, 05, 5F ]
.text C:\Documents and Settings\Marco\Desktop\gmer.exe[3588] kernel32.dll!FreeLibrary + 15 7C80AA7B 4 Bytes [ BD, 55, 7F, E2 ]

---- Devices - GMER 1.0.12 ----

Device \FileSystem\Ntfs \Ntfs IRP_MJ_CREATE 8657B1D8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_CLOSE 8657B1D8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_READ 8657B1D8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_WRITE 8657B1D8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_INFORMATION 8657B1D8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_SET_INFORMATION 8657B1D8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_EA 8657B1D8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_SET_EA 8657B1D8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_FLUSH_BUFFERS 8657B1D8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_VOLUME_INFORMATION 8657B1D8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_SET_VOLUME_INFORMATION 8657B1D8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_DIRECTORY_CONTROL 8657B1D8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_FILE_SYSTEM_CONTROL 8657B1D8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_DEVICE_CONTROL 8657B1D8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_SHUTDOWN 8657B1D8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_LOCK_CONTROL 8657B1D8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_CLEANUP 8657B1D8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_SECURITY 8657B1D8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_SET_SECURITY 8657B1D8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_QUOTA 8657B1D8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_SET_QUOTA 8657B1D8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_PNP 8657B1D8
Device \Driver\00000031 \Device\00000042 IRP_MJ_POWER [F7456DB6] sptd.sys
Device \Driver\00000031 \Device\00000042 IRP_MJ_SYSTEM_CONTROL [F746C73C] sptd.sys
Device \Driver\00000031 \Device\00000042 IRP_MJ_PNP [F746577E] sptd.sys
Device \Driver\usbohci \Device\USBPDO-0 IRP_MJ_CREATE 863371D8
Device \Driver\usbohci \Device\USBPDO-0 IRP_MJ_CLOSE 863371D8
Device \Driver\usbohci \Device\USBPDO-0 IRP_MJ_DEVICE_CONTROL 863371D8
Device \Driver\usbohci \Device\USBPDO-0 IRP_MJ_INTERNAL_DEVICE_CONTROL 863371D8
Device \Driver\usbohci \Device\USBPDO-0 IRP_MJ_POWER 863371D8
Device \Driver\usbohci \Device\USBPDO-0 IRP_MJ_SYSTEM_CONTROL 863371D8
Device \Driver\usbohci \Device\USBPDO-0 IRP_MJ_PNP 863371D8
Device \Driver\usbohci \Device\USBPDO-1 IRP_MJ_CREATE 863371D8
Device \Driver\usbohci \Device\USBPDO-1 IRP_MJ_CLOSE 863371D8
Device \Driver\usbohci \Device\USBPDO-1 IRP_MJ_DEVICE_CONTROL 863371D8
Device \Driver\usbohci \Device\USBPDO-1 IRP_MJ_INTERNAL_DEVICE_CONTROL 863371D8
Device \Driver\usbohci \Device\USBPDO-1 IRP_MJ_POWER 863371D8
Device \Driver\usbohci \Device\USBPDO-1 IRP_MJ_SYSTEM_CONTROL 863371D8
Device \Driver\usbohci \Device\USBPDO-1 IRP_MJ_PNP 863371D8
Device \Driver\usbehci \Device\USBPDO-2 IRP_MJ_CREATE 863F11D8
Device \Driver\usbehci \Device\USBPDO-2 IRP_MJ_CLOSE 863F11D8
Device \Driver\usbehci \Device\USBPDO-2 IRP_MJ_DEVICE_CONTROL 863F11D8
Device \Driver\usbehci \Device\USBPDO-2 IRP_MJ_INTERNAL_DEVICE_CONTROL 863F11D8
Device \Driver\usbehci \Device\USBPDO-2 IRP_MJ_POWER 863F11D8
Device \Driver\usbehci \Device\USBPDO-2 IRP_MJ_SYSTEM_CONTROL 863F11D8
Device \Driver\usbehci \Device\USBPDO-2 IRP_MJ_PNP 863F11D8
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_CREATE 8657E1D8
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_READ 8657E1D8
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_WRITE 8657E1D8
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_FLUSH_BUFFERS 8657E1D8
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_DEVICE_CONTROL 8657E1D8
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_INTERNAL_DEVICE_CONTROL 8657E1D8
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_SHUTDOWN 8657E1D8
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_CLEANUP 8657E1D8
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_POWER 8657E1D8
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_SYSTEM_CONTROL 8657E1D8
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_PNP 8657E1D8
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_CREATE 863ED1D8
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_CLOSE 863ED1D8
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_READ 863ED1D8
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_WRITE 863ED1D8
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_FLUSH_BUFFERS 863ED1D8
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_DEVICE_CONTROL 863ED1D8
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_INTERNAL_DEVICE_CONTROL 863ED1D8
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_SHUTDOWN 863ED1D8
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_POWER 863ED1D8
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_SYSTEM_CONTROL 863ED1D8
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_PNP 863ED1D8
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_CREATE 863ED1D8
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_CLOSE 863ED1D8
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_READ 863ED1D8
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_WRITE 863ED1D8
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_FLUSH_BUFFERS 863ED1D8
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_DEVICE_CONTROL 863ED1D8
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_INTERNAL_DEVICE_CONTROL 863ED1D8
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_SHUTDOWN 863ED1D8
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_POWER 863ED1D8
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_SYSTEM_CONTROL 863ED1D8
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_PNP 863ED1D8
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_CREATE 8657D1D8
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_CLOSE 8657D1D8
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_DEVICE_CONTROL 8657D1D8
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_INTERNAL_DEVICE_CONTROL 8657D1D8
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_POWER 8657D1D8
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_SYSTEM_CONTROL 8657D1D8
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_PNP 8657D1D8
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 IRP_MJ_CREATE 8657D1D8
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 IRP_MJ_CLOSE
cassathecaptain
Utente Junior
 
Post: 31
Iscritto il: 16/01/07 19:34

Sponsor
 

Postdi andorra24 » 13/02/07 17:42

Ciao, ma cosa stai combinando? Stai riempendo la sezione con i tuoi topic! Per scrivere un post devi cliccare su ''rispondi'' e non su ''nuovo topic''!

Luke57 ti sta già seguendo in questo thread e devi continuare a scrivere li':

http://www.pc-facile.com/forum/viewtopic.php?t=57974

Inserisci il log di gmer nella discussione che ti ho linkato sopra.

Gli altri topic che hai aperto li chiudo.
andorra24
Utente Senior
 
Post: 2742
Iscritto il: 21/05/06 15:44
Località: Palermo


Torna a Sicurezza e Privacy


Topic correlati a "esito scansione con gmer":


Chi c’è in linea

Visitano il forum: Nessuno e 66 ospiti