Pomagajte drugovi

1

Pomagajte drugovi

offline
  • Pridružio: 02 Jan 2006
  • Poruke: 232

Komp mi se u zadnje vreme neshto chudno ponasha pa neka mi neko kaze da li je neki service od ovih problematichan ili malicijozan.


Logfile of HijackThis v1.99.1
Scan saved at 10:42:38 PM, on 5/6/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\WINDOWS\system32\RunDLL32.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Office Mouse Driver\MouseDrv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Leon\Desktop\HiJack\HijackThis.exe

O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files\Orbitdownloader\orbitcth.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O4 - HKLM\..\Run: [NvCplDaemon] "RUNDLL32.EXE" C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] "nwiz.exe" /install
O4 - HKLM\..\Run: [NvMediaCenter] "RunDLL32.exe" NvMCTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [WireLessMouse] "C:\Program Files\Office Mouse Driver\StartAutorun.exe" MouseDrv.exe
O4 - HKLM\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe" /startintray
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O8 - Extra context menu item: &Download all by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/202
O8 - Extra context menu item: &Download by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/201
O8 - Extra context menu item: &Download selected by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/203
O8 - Extra context menu item: &Grab video by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/204
O8 - Extra context menu item: Add to Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\ie_banner_deny.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: Web Anti-Virus - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\scieplugin.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{35C89F7B-7EF2-43BE-8B4F-B1C2EAD63D29}: NameServer = 82.208.208.10 213.246.55.5
O20 - AppInit_DLLs: "C:\PROGRA~1\KASPER~1\KASPER~1.0\adialhk.dll"
O20 - Winlogon Notify: klogon - C:\WINDOWS\system32\klogon.dll
O20 - Winlogon Notify: WRNotifier - C:\WINDOWS\SYSTEM32\WRLogonNTF.dll
O23 - Service: Kaspersky Internet Security 6.0 (AVP) - Unknown owner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe" -r (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe

offline
  • Pridružio: 09 Jan 2006
  • Poruke: 317

Zdravo milosh86, ja cu pokusati da ti pomognem, prvo skeniraj komp sa GMER-om i postavi nam ovde log.

Uradi sledeće:
Preuzmi fajl gmer.zip sa ovog linka i sačuvaj na Desktop-u.
Raspakuj ga u neki folder.

Dupli klik na gmer.exe za početak: Izaberi Rootkit Tab na vrhu.
Klikni na Scan.
Kada je skeniranje završeno, klik na Copy dugme ispod - ovo će sačuvati to u Clipboard.
U polju za pisanje poruke na forumu klikni desno dugme misa i odaberi opciju Paste.

offline
  • Pridružio: 02 Jan 2006
  • Poruke: 232

Kaspersky Internet Security mi prijavljuje suspicious driver installation!!!
Jel da mu dozvolim rad ili da ga odbijem (allow or deny)?

offline
  • Pridružio: 04 Sep 2003
  • Poruke: 24135
  • Gde živiš: Wien

Allow

offline
  • Pridružio: 02 Jan 2006
  • Poruke: 232

GMER 1.0.12.12244 - http://www.gmer.net
Rootkit scan 2007-05-07 22:05:56
Windows 5.1.2600 Service Pack 2


---- System - GMER 1.0.12 ----

SSDT 86726F30 ZwAllocateVirtualMemory
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwClose
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwCreateKey
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwCreateProcess
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwCreateProcessEx
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwCreateSection
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwCreateSymbolicLinkObject
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwCreateThread
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwDeleteKey
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwDeleteValueKey
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwDuplicateObject
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwEnumerateKey
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwEnumerateValueKey
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwFlushKey
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwInitializeRegistry
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwLoadKey
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwLoadKey2
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwNotifyChangeKey
SSDT kl1.sys ZwOpenFile
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwOpenKey
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwOpenProcess
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwOpenSection
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwQueryKey
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwQueryMultipleValueKey
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwQuerySystemInformation
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwQueryValueKey
SSDT 86726FA8 ZwQueueApcThread
SSDT 86726E40 ZwReadVirtualMemory
SSDT 86743170 ZwRenameKey
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwReplaceKey
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwRestoreKey
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwResumeThread
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwSaveKey
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwSetContextThread
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwSetInformationFile
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwSetInformationKey
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwSetInformationProcess
SSDT 86727968 ZwSetInformationThread
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwSetSecurityObject
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwSetValueKey
SSDT 86727AD0 ZwSuspendProcess
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwSuspendThread
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwTerminateProcess
SSDT 867279E0 ZwTerminateThread
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwUnloadKey
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwWriteVirtualMemory
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys SSDT[284]
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys SSDT[285]
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys SSDT[286]
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys SSDT[287]
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys SSDT[288]
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys SSDT[289]
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys SSDT[290]
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys SSDT[291]
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys SSDT[292]
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys SSDT[293]
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys SSDT[294]
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys SSDT[295]
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys SSDT[296]

Code \??\C:\WINDOWS\system32\drivers\klif.sys FsRtlCheckLockForReadAccess
Code \??\C:\WINDOWS\system32\drivers\klif.sys IoIsOperationSynchronous

---- Kernel code sections - GMER 1.0.12 ----

.text ntoskrnl.exe!KiDispatchInterrupt + C0 804DBEC3 7 Bytes JMP F4B4CCD0 \??\C:\WINDOWS\system32\drivers\klif.sys
.text ntoskrnl.exe!IoIsOperationSynchronous 804E8EBA 5 Bytes JMP F4B49C50 \??\C:\WINDOWS\system32\drivers\klif.sys
.text ntoskrnl.exe!FsRtlCheckLockForReadAccess 804FDAF1 5 Bytes JMP F4B49760 \??\C:\WINDOWS\system32\drivers\klif.sys
? C:\WINDOWS\system32\drivers\sptd.sys The process cannot access the file because it is being used by another process.
.text USBPORT.SYS!DllUnload F707C62C 5 Bytes JMP 8637D960
? System32\Drivers\ahijn23j.SYS The system cannot find the file specified.
? C:\WINDOWS\system32\DRIVERS\update.sys

---- User code sections - GMER 1.0.12 ----

.text C:\WINDOWS\explorer.exe[1432] SHELL32.dll!StrStrW + FFE2D929 7C9C6CF4 4 Bytes [ 82, 03, E7, 00 ]
.text C:\WINDOWS\explorer.exe[1432] SHELL32.dll!StrStrW + FFE2D99D 7C9C6D68 4 Bytes [ AC, 03, E7, 00 ]
.text C:\WINDOWS\explorer.exe[1432] SHELL32.dll!StrStrW + FFE32AAD 7C9CBE78 4 Bytes [ 04, 03, E7, 00 ]
.text C:\WINDOWS\explorer.exe[1432] SHELL32.dll!StrStrW + FFE32ABD 7C9CBE88 4 Bytes [ FC, 04, E7, 00 ]
.text C:\WINDOWS\explorer.exe[1432] SHELL32.dll!StrStrW + FFE339A5 7C9CCD70 4 Bytes [ 50, 05, E7, 00 ]
.text ...
.text C:\WINDOWS\explorer.exe[1432] SHELL32.dll!SHPropStgReadMultiple + 472 7CA1A578 4 Bytes [ 00, 04, E7, 00 ]
.text C:\WINDOWS\explorer.exe[1432] SHELL32.dll!SHPropStgReadMultiple + 57E 7CA1A684 4 Bytes [ D6, 03, E7, 00 ]
.text C:\WINDOWS\explorer.exe[1432] SHELL32.dll!SHGetSetFolderCustomSettingsW + 5126 7CA30C34 4 Bytes [ 22, 06, E7, 00 ]
.text C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe[1976] kernel32.dll!CreateThread + 1A 7C810849 4 Bytes [ B3, F8, C3, 83 ]

---- Devices - GMER 1.0.12 ----

Device \FileSystem\Ntfs \Ntfs IRP_MJ_CREATE 867D11D8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_CLOSE 867D11D8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_READ 867D11D8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_WRITE 867D11D8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_INFORMATION 867D11D8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_SET_INFORMATION 867D11D8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_EA 867D11D8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_SET_EA 867D11D8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_FLUSH_BUFFERS 867D11D8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_VOLUME_INFORMATION 867D11D8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_SET_VOLUME_INFORMATION 867D11D8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_DIRECTORY_CONTROL 867D11D8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_FILE_SYSTEM_CONTROL 867D11D8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_DEVICE_CONTROL 867D11D8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_SHUTDOWN 867D11D8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_LOCK_CONTROL 867D11D8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_CLEANUP 867D11D8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_SECURITY 867D11D8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_SET_SECURITY 867D11D8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_QUOTA 867D11D8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_SET_QUOTA 867D11D8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_PNP 867D11D8
Device \Driver\NetBT \Device\NetBT_Tcpip_{35C89F7B-7EF2-43BE-8B4F-B1C2EAD63D29} IRP_MJ_CREATE 8624E1D8
Device \Driver\NetBT \Device\NetBT_Tcpip_{35C89F7B-7EF2-43BE-8B4F-B1C2EAD63D29} IRP_MJ_CLOSE 8624E1D8
Device \Driver\NetBT \Device\NetBT_Tcpip_{35C89F7B-7EF2-43BE-8B4F-B1C2EAD63D29} IRP_MJ_DEVICE_CONTROL 8624E1D8
Device \Driver\NetBT \Device\NetBT_Tcpip_{35C89F7B-7EF2-43BE-8B4F-B1C2EAD63D29} IRP_MJ_INTERNAL_DEVICE_CONTROL 8624E1D8
Device \Driver\NetBT \Device\NetBT_Tcpip_{35C89F7B-7EF2-43BE-8B4F-B1C2EAD63D29} IRP_MJ_CLEANUP 8624E1D8
Device \Driver\NetBT \Device\NetBT_Tcpip_{35C89F7B-7EF2-43BE-8B4F-B1C2EAD63D29} IRP_MJ_PNP 8624E1D8
Device \Driver\Tcpip \Device\Ip IRP_MJ_CREATE 86507720
Device \Driver\Tcpip \Device\Ip IRP_MJ_CREATE_NAMED_PIPE 8657FCA8
Device \Driver\Tcpip \Device\Ip IRP_MJ_CLOSE 8659E368
Device \Driver\Tcpip \Device\Ip IRP_MJ_READ 86566B88
Device \Driver\Tcpip \Device\Ip IRP_MJ_WRITE 864AD108
Device \Driver\Tcpip \Device\Ip IRP_MJ_QUERY_INFORMATION 862A2128
Device \Driver\Tcpip \Device\Ip IRP_MJ_SET_INFORMATION 86408530
Device \Driver\Tcpip \Device\Ip IRP_MJ_QUERY_EA 862202B0
Device \Driver\Tcpip \Device\Ip IRP_MJ_SET_EA 86411590
Device \Driver\Tcpip \Device\Ip IRP_MJ_FLUSH_BUFFERS 86553218
Device \Driver\Tcpip \Device\Ip IRP_MJ_QUERY_VOLUME_INFORMATION 8637E588
Device \Driver\Tcpip \Device\Ip IRP_MJ_SET_VOLUME_INFORMATION 86582250
Device \Driver\Tcpip \Device\Ip IRP_MJ_DIRECTORY_CONTROL 86480F18
Device \Driver\Tcpip \Device\Ip IRP_MJ_FILE_SYSTEM_CONTROL 863D8668
Device \Driver\Tcpip \Device\Ip IRP_MJ_DEVICE_CONTROL 8658DB58
Device \Driver\Tcpip \Device\Ip IRP_MJ_INTERNAL_DEVICE_CONTROL 8642AF10
Device \Driver\Tcpip \Device\Ip IRP_MJ_SHUTDOWN 86499ED0
Device \Driver\Tcpip \Device\Ip IRP_MJ_LOCK_CONTROL 865536E0
Device \Driver\Tcpip \Device\Ip IRP_MJ_CLEANUP 86553BA0
Device \Driver\Tcpip \Device\Ip IRP_MJ_CREATE_MAILSLOT 861AF188
Device \Driver\Tcpip \Device\Ip IRP_MJ_QUERY_SECURITY 8658D820
Device \Driver\Tcpip \Device\Ip IRP_MJ_SET_SECURITY 8651C540
Device \Driver\Tcpip \Device\Ip IRP_MJ_POWER 863FE2B0
Device \Driver\Tcpip \Device\Ip IRP_MJ_SYSTEM_CONTROL 86446D20
Device \Driver\Tcpip \Device\Ip IRP_MJ_DEVICE_CHANGE 86340F38
Device \Driver\Tcpip \Device\Ip IRP_MJ_QUERY_QUOTA 86484970
Device \Driver\Tcpip \Device\Ip IRP_MJ_SET_QUOTA 86580478
Device \Driver\Tcpip \Device\Ip IRP_MJ_PNP 861CD168
Device \Driver\usbuhci \Device\USBPDO-0 IRP_MJ_CREATE 8637C1D8
Device \Driver\usbuhci \Device\USBPDO-0 IRP_MJ_CLOSE 8637C1D8
Device \Driver\usbuhci \Device\USBPDO-0 IRP_MJ_DEVICE_CONTROL 8637C1D8
Device \Driver\usbuhci \Device\USBPDO-0 IRP_MJ_INTERNAL_DEVICE_CONTROL 8637C1D8
Device \Driver\usbuhci \Device\USBPDO-0 IRP_MJ_POWER 8637C1D8
Device \Driver\usbuhci \Device\USBPDO-0 IRP_MJ_SYSTEM_CONTROL 8637C1D8
Device \Driver\usbuhci \Device\USBPDO-0 IRP_MJ_PNP 8637C1D8
Device \Driver\00000049 \Device\00000044 IRP_MJ_POWER [F777AC7E] sptd.sys
Device \Driver\00000049 \Device\00000044 IRP_MJ_SYSTEM_CONTROL [F77942A2] sptd.sys
Device \Driver\00000049 \Device\00000044 IRP_MJ_PNP [F7795228] sptd.sys
Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_CREATE 867D31D8
Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_CLOSE 867D31D8
Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_READ 867D31D8
Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_WRITE 867D31D8
Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_FLUSH_BUFFERS 867D31D8
Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_DEVICE_CONTROL 867D31D8
Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_INTERNAL_DEVICE_CONTROL 867D31D8
Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_SHUTDOWN 867D31D8
Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_POWER 867D31D8
Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_SYSTEM_CONTROL 867D31D8
Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_PNP 867D31D8
Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_CREATE 867D31D8
Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_CLOSE 867D31D8
Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_READ 867D31D8
Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_WRITE 867D31D8
Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_FLUSH_BUFFERS 867D31D8
Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_DEVICE_CONTROL 867D31D8
Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_INTERNAL_DEVICE_CONTROL 867D31D8
Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_SHUTDOWN 867D31D8
Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_POWER 867D31D8
Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_SYSTEM_CONTROL 867D31D8
Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_PNP 867D31D8
Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_CREATE 867D31D8
Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_CLOSE 867D31D8
Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_READ 867D31D8
Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_WRITE 867D31D8
Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_FLUSH_BUFFERS 867D31D8
Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_DEVICE_CONTROL 867D31D8
Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_INTERNAL_DEVICE_CONTROL 867D31D8
Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_SHUTDOWN 867D31D8
Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_POWER 867D31D8
Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_SYSTEM_CONTROL 867D31D8
Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_PNP 867D31D8
Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_CREATE 867D31D8
Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_CLOSE 867D31D8
Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_READ 867D31D8
Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_WRITE 867D31D8
Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_FLUSH_BUFFERS 867D31D8
Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_DEVICE_CONTROL 867D31D8
Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_INTERNAL_DEVICE_CONTROL 867D31D8
Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_SHUTDOWN 867D31D8
Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_POWER 867D31D8
Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_SYSTEM_CONTROL 867D31D8
Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_PNP 867D31D8
Device \Driver\usbuhci \Device\USBPDO-1 IRP_MJ_CREATE 8637C1D8
Device \Driver\usbuhci \Device\USBPDO-1 IRP_MJ_CLOSE 8637C1D8
Device \Driver\usbuhci \Device\USBPDO-1 IRP_MJ_DEVICE_CONTROL 8637C1D8
Device \Driver\usbuhci \Device\USBPDO-1 IRP_MJ_INTERNAL_DEVICE_CONTROL 8637C1D8
Device \Driver\usbuhci \Device\USBPDO-1 IRP_MJ_POWER 8637C1D8
Device \Driver\usbuhci \Device\USBPDO-1 IRP_MJ_SYSTEM_CONTROL 8637C1D8
Device \Driver\usbuhci \Device\USBPDO-1 IRP_MJ_PNP 8637C1D8
Device \Driver\usbuhci \Device\USBPDO-2 IRP_MJ_CREATE 8637C1D8
Device \Driver\usbuhci \Device\USBPDO-2 IRP_MJ_CLOSE 8637C1D8
Device \Driver\usbuhci \Device\USBPDO-2 IRP_MJ_DEVICE_CONTROL 8637C1D8
Device \Driver\usbuhci \Device\USBPDO-2 IRP_MJ_INTERNAL_DEVICE_CONTROL 8637C1D8
Device \Driver\usbuhci \Device\USBPDO-2 IRP_MJ_POWER 8637C1D8
Device \Driver\usbuhci \Device\USBPDO-2 IRP_MJ_SYSTEM_CONTROL 8637C1D8
Device \Driver\usbuhci \Device\USBPDO-2 IRP_MJ_PNP 8637C1D8
Device \Driver\usbuhci \Device\USBPDO-3 IRP_MJ_CREATE 8637C1D8
Device \Driver\usbuhci \Device\USBPDO-3 IRP_MJ_CLOSE 8637C1D8
Device \Driver\usbuhci \Device\USBPDO-3 IRP_MJ_DEVICE_CONTROL 8637C1D8
Device \Driver\usbuhci \Device\USBPDO-3 IRP_MJ_INTERNAL_DEVICE_CONTROL 8637C1D8
Device \Driver\usbuhci \Device\USBPDO-3 IRP_MJ_POWER 8637C1D8
Device \Driver\usbuhci \Device\USBPDO-3 IRP_MJ_SYSTEM_CONTROL 8637C1D8
Device \Driver\usbuhci \Device\USBPDO-3 IRP_MJ_PNP 8637C1D8
Device \Driver\usbehci \Device\USBPDO-4 IRP_MJ_CREATE 8634E1D8
Device \Driver\usbehci \Device\USBPDO-4 IRP_MJ_CLOSE 8634E1D8
Device \Driver\usbehci \Device\USBPDO-4 IRP_MJ_DEVICE_CONTROL 8634E1D8
Device \Driver\usbehci \Device\USBPDO-4 IRP_MJ_INTERNAL_DEVICE_CONTROL 8634E1D8
Device \Driver\usbehci \Device\USBPDO-4 IRP_MJ_POWER 8634E1D8
Device \Driver\usbehci \Device\USBPDO-4 IRP_MJ_SYSTEM_CONTROL 8634E1D8
Device \Driver\usbehci \Device\USBPDO-4 IRP_MJ_PNP 8634E1D8
Device \Driver\Tcpip \Device\Tcp IRP_MJ_CREATE 86507720
Device \Driver\Tcpip \Device\Tcp IRP_MJ_CREATE_NAMED_PIPE 8657FCA8
Device \Driver\Tcpip \Device\Tcp IRP_MJ_CLOSE 8659E368
Device \Driver\Tcpip \Device\Tcp IRP_MJ_READ 86566B88
Device \Driver\Tcpip \Device\Tcp IRP_MJ_WRITE 864AD108
Device \Driver\Tcpip \Device\Tcp IRP_MJ_QUERY_INFORMATION 862A2128
Device \Driver\Tcpip \Device\Tcp IRP_MJ_SET_INFORMATION 86408530
Device \Driver\Tcpip \Device\Tcp IRP_MJ_QUERY_EA 862202B0
Device \Driver\Tcpip \Device\Tcp IRP_MJ_SET_EA 86411590
Device \Driver\Tcpip \Device\Tcp IRP_MJ_FLUSH_BUFFERS 86553218
Device \Driver\Tcpip \Device\Tcp IRP_MJ_QUERY_VOLUME_INFORMATION 8637E588
Device \Driver\Tcpip \Device\Tcp IRP_MJ_SET_VOLUME_INFORMATION 86582250
Device \Driver\Tcpip \Device\Tcp IRP_MJ_DIRECTORY_CONTROL 86480F18
Device \Driver\Tcpip \Device\Tcp IRP_MJ_FILE_SYSTEM_CONTROL 863D8668
Device \Driver\Tcpip \Device\Tcp IRP_MJ_DEVICE_CONTROL 8658DB58
Device \Driver\Tcpip \Device\Tcp IRP_MJ_INTERNAL_DEVICE_CONTROL 8642AF10
Device \Driver\Tcpip \Device\Tcp IRP_MJ_SHUTDOWN 86499ED0
Device \Driver\Tcpip \Device\Tcp IRP_MJ_LOCK_CONTROL 865536E0
Device \Driver\Tcpip \Device\Tcp IRP_MJ_CLEANUP 86553BA0
Device \Driver\Tcpip \Device\Tcp IRP_MJ_CREATE_MAILSLOT 861AF188
Device \Driver\Tcpip \Device\Tcp IRP_MJ_QUERY_SECURITY 8658D820
Device \Driver\Tcpip \Device\Tcp IRP_MJ_SET_SECURITY 8651C540
Device \Driver\Tcpip \Device\Tcp IRP_MJ_POWER 863FE2B0
Device \Driver\Tcpip \Device\Tcp IRP_MJ_SYSTEM_CONTROL 86446D20
Device \Driver\Tcpip \Device\Tcp IRP_MJ_DEVICE_CHANGE 86340F38
Device \Driver\Tcpip \Device\Tcp IRP_MJ_QUERY_QUOTA 86484970
Device \Driver\Tcpip \Device\Tcp IRP_MJ_SET_QUOTA 86580478
Device \Driver\Tcpip \Device\Tcp IRP_MJ_PNP 861CD168
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_CREATE 867671D8
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_READ 867671D8
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_WRITE 867671D8
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_FLUSH_BUFFERS 867671D8
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_DEVICE_CONTROL 867671D8
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_INTERNAL_DEVICE_CONTROL 867671D8
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_SHUTDOWN 867671D8
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_CLEANUP 867671D8
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_POWER 867671D8
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_SYSTEM_CONTROL 867671D8
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_PNP 867671D8
Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_CREATE 867671D8
Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_READ 867671D8
Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_WRITE 867671D8
Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_FLUSH_BUFFERS 867671D8
Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_DEVICE_CONTROL 867671D8
Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_INTERNAL_DEVICE_CONTROL 867671D8
Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_SHUTDOWN 867671D8
Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_CLEANUP 867671D8
Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_POWER 867671D8
Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_SYSTEM_CONTROL 867671D8
Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_PNP 867671D8
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_CREATE 864837A0
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_CLOSE 864837A0
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_READ 864837A0
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_WRITE 864837A0
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_FLUSH_BUFFERS 864837A0
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_DEVICE_CONTROL 864837A0
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_INTERNAL_DEVICE_CONTROL 864837A0
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_SHUTDOWN 864837A0
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_POWER 864837A0
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_SYSTEM_CONTROL 864837A0
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_PNP 864837A0
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_CREATE 864837A0
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_CLOSE 864837A0
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_READ 864837A0
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_WRITE 864837A0
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_FLUSH_BUFFERS 864837A0
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_DEVICE_CONTROL 864837A0
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_INTERNAL_DEVICE_CONTROL 864837A0
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_SHUTDOWN 864837A0
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_POWER 864837A0
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_SYSTEM_CONTROL 864837A0
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_PNP 864837A0
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 IRP_MJ_CREATE 867661D8
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 IRP_MJ_CLOSE 867661D8
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 IRP_MJ_DEVICE_CONTROL 867661D8
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 IRP_MJ_INTERNAL_DEVICE_CONTROL 867661D8
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 IRP_MJ_POWER 867661D8
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 IRP_MJ_SYSTEM_CONTROL 867661D8
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 IRP_MJ_PNP 867661D8
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_CREATE 867661D8
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_CLOSE 867661D8
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_DEVICE_CONTROL 867661D8
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_INTERNAL_DEVICE_CONTROL 867661D8
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_POWER 867661D8
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_SYSTEM_CONTROL 867661D8
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_PNP 867661D8
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_CREATE 867661D8
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_CLOSE 867661D8
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_DEVICE_CONTROL 867661D8
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_INTERNAL_DEVICE_CONTROL 867661D8
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_POWER 867661D8
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_SYSTEM_CONTROL 867661D8
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_PNP 867661D8
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-e IRP_MJ_CREATE 867661D8
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-e IRP_MJ_CLOSE 867661D8
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-e IRP_MJ_DEVICE_CONTROL 867661D8
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-e IRP_MJ_INTERNAL_DEVICE_CONTROL 867661D8
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-e IRP_MJ_POWER 867661D8
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-e IRP_MJ_SYSTEM_CONTROL 867661D8
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-e IRP_MJ_PNP 867661D8
Device \Driver\NetBT \Device\NetBt_Wins_Export IRP_MJ_CREATE 8624E1D8
Device \Driver\NetBT \Device\NetBt_Wins_Export IRP_MJ_CLOSE 8624E1D8
Device \Driver\NetBT \Device\NetBt_Wins_Export IRP_MJ_DEVICE_CONTROL 8624E1D8
Device \Driver\NetBT \Device\NetBt_Wins_Export IRP_MJ_INTERNAL_DEVICE_CONTROL 8624E1D8
Device \Driver\NetBT \Device\NetBt_Wins_Export IRP_MJ_CLEANUP 8624E1D8
Device \Driver\NetBT \Device\NetBt_Wins_Export IRP_MJ_PNP 8624E1D8
Device \Driver\NetBT \Device\NetbiosSmb IRP_MJ_CREATE 8624E1D8
Device \Driver\NetBT \Device\NetbiosSmb IRP_MJ_CLOSE 8624E1D8
Device \Driver\NetBT \Device\NetbiosSmb IRP_MJ_DEVICE_CONTROL 8624E1D8
Device \Driver\NetBT \Device\NetbiosSmb IRP_MJ_INTERNAL_DEVICE_CONTROL 8624E1D8
Device \Driver\NetBT \Device\NetbiosSmb IRP_MJ_CLEANUP 8624E1D8
Device \Driver\NetBT \Device\NetbiosSmb IRP_MJ_PNP 8624E1D8
Device \Driver\Tcpip \Device\Udp IRP_MJ_CREATE 86507720
Device \Driver\Tcpip \Device\Udp IRP_MJ_CREATE_NAMED_PIPE 8657FCA8
Device \Driver\Tcpip \Device\Udp IRP_MJ_CLOSE 8659E368
Device \Driver\Tcpip \Device\Udp IRP_MJ_READ 86566B88
Device \Driver\Tcpip \Device\Udp IRP_MJ_WRITE 864AD108
Device \Driver\Tcpip \Device\Udp IRP_MJ_QUERY_INFORMATION 862A2128
Device \Driver\Tcpip \Device\Udp IRP_MJ_SET_INFORMATION 86408530
Device \Driver\Tcpip \Device\Udp IRP_MJ_QUERY_EA 862202B0
Device \Driver\Tcpip \Device\Udp IRP_MJ_SET_EA 86411590
Device \Driver\Tcpip \Device\Udp IRP_MJ_FLUSH_BUFFERS 86553218
Device \Driver\Tcpip \Device\Udp IRP_MJ_QUERY_VOLUME_INFORMATION 8637E588
Device \Driver\Tcpip \Device\Udp IRP_MJ_SET_VOLUME_INFORMATION 86582250
Device \Driver\Tcpip \Device\Udp IRP_MJ_DIRECTORY_CONTROL 86480F18
Device \Driver\Tcpip \Device\Udp IRP_MJ_FILE_SYSTEM_CONTROL 863D8668
Device \Driver\Tcpip \Device\Udp IRP_MJ_DEVICE_CONTROL 8658DB58
Device \Driver\Tcpip \Device\Udp IRP_MJ_INTERNAL_DEVICE_CONTROL 8642AF10
Device \Driver\Tcpip \Device\Udp IRP_MJ_SHUTDOWN 86499ED0
Device \Driver\Tcpip \Device\Udp IRP_MJ_LOCK_CONTROL 865536E0
Device \Driver\Tcpip \Device\Udp IRP_MJ_CLEANUP 86553BA0
Device \Driver\Tcpip \Device\Udp IRP_MJ_CREATE_MAILSLOT 861AF188
Device \Driver\Tcpip \Device\Udp IRP_MJ_QUERY_SECURITY 8658D820
Device \Driver\Tcpip \Device\Udp IRP_MJ_SET_SECURITY 8651C540
Device \Driver\Tcpip \Device\Udp IRP_MJ_POWER 863FE2B0
Device \Driver\Tcpip \Device\Udp IRP_MJ_SYSTEM_CONTROL 86446D20
Device \Driver\Tcpip \Device\Udp IRP_MJ_DEVICE_CHANGE 86340F38
Device \Driver\Tcpip \Device\Udp IRP_MJ_QUERY_QUOTA 86484970
Device \Driver\Tcpip \Device\Udp IRP_MJ_SET_QUOTA 86580478
Device \Driver\Tcpip \Device\Udp IRP_MJ_PNP 861CD168
Device \Driver\Tcpip \Device\RawIp IRP_MJ_CREATE 86507720
Device \Driver\Tcpip \Device\RawIp IRP_MJ_CREATE_NAMED_PIPE 8657FCA8
Device \Driver\Tcpip \Device\RawIp IRP_MJ_CLOSE 8659E368
Device \Driver\Tcpip \Device\RawIp IRP_MJ_READ 86566B88
Device \Driver\Tcpip \Device\RawIp IRP_MJ_WRITE 864AD108
Device \Driver\Tcpip \Device\RawIp IRP_MJ_QUERY_INFORMATION 862A2128
Device \Driver\Tcpip \Device\RawIp IRP_MJ_SET_INFORMATION 86408530
Device \Driver\Tcpip \Device\RawIp IRP_MJ_QUERY_EA 862202B0
Device \Driver\Tcpip \Device\RawIp IRP_MJ_SET_EA 86411590
Device \Driver\Tcpip \Device\RawIp IRP_MJ_FLUSH_BUFFERS 86553218
Device \Driver\Tcpip \Device\RawIp IRP_MJ_QUERY_VOLUME_INFORMATION 8637E588
Device \Driver\Tcpip \Device\RawIp IRP_MJ_SET_VOLUME_INFORMATION 86582250
Device \Driver\Tcpip \Device\RawIp IRP_MJ_DIRECTORY_CONTROL 86480F18
Device \Driver\Tcpip \Device\RawIp IRP_MJ_FILE_SYSTEM_CONTROL 863D8668
Device \Driver\Tcpip \Device\RawIp IRP_MJ_DEVICE_CONTROL 8658DB58
Device \Driver\Tcpip \Device\RawIp IRP_MJ_INTERNAL_DEVICE_CONTROL 8642AF10
Device \Driver\Tcpip \Device\RawIp IRP_MJ_SHUTDOWN 86499ED0
Device \Driver\Tcpip \Device\RawIp IRP_MJ_LOCK_CONTROL 865536E0
Device \Driver\Tcpip \Device\RawIp IRP_MJ_CLEANUP 86553BA0
Device \Driver\Tcpip \Device\RawIp IRP_MJ_CREATE_MAILSLOT 861AF188
Device \Driver\Tcpip \Device\RawIp IRP_MJ_QUERY_SECURITY 8658D820
Device \Driver\Tcpip \Device\RawIp IRP_MJ_SET_SECURITY 8651C540
Device \Driver\Tcpip \Device\RawIp IRP_MJ_POWER 863FE2B0
Device \Driver\Tcpip \Device\RawIp IRP_MJ_SYSTEM_CONTROL 86446D20
Device \Driver\Tcpip \Device\RawIp IRP_MJ_DEVICE_CHANGE 86340F38
Device \Driver\Tcpip \Device\RawIp IRP_MJ_QUERY_QUOTA 86484970
Device \Driver\Tcpip \Device\RawIp IRP_MJ_SET_QUOTA 86580478
Device \Driver\Tcpip \Device\RawIp IRP_MJ_PNP 861CD168
Device \Driver\usbuhci \Device\USBFDO-0 IRP_MJ_CREATE 8637C1D8
Device \Driver\usbuhci \Device\USBFDO-0 IRP_MJ_CLOSE 8637C1D8
Device \Driver\usbuhci \Device\USBFDO-0 IRP_MJ_DEVICE_CONTROL 8637C1D8
Device \Driver\usbuhci \Device\USBFDO-0 IRP_MJ_INTERNAL_DEVICE_CONTROL 8637C1D8
Device \Driver\usbuhci \Device\USBFDO-0 IRP_MJ_POWER 8637C1D8
Device \Driver\usbuhci \Device\USBFDO-0 IRP_MJ_SYSTEM_CONTROL 8637C1D8
Device \Driver\usbuhci \Device\USBFDO-0 IRP_MJ_PNP 8637C1D8
Device \Driver\usbuhci \Device\USBFDO-1 IRP_MJ_CREATE 8637C1D8
Device \Driver\usbuhci \Device\USBFDO-1 IRP_MJ_CLOSE 8637C1D8
Device \Driver\usbuhci \Device\USBFDO-1 IRP_MJ_DEVICE_CONTROL 8637C1D8
Device \Driver\usbuhci \Device\USBFDO-1 IRP_MJ_INTERNAL_DEVICE_CONTROL 8637C1D8
Device \Driver\usbuhci \Device\USBFDO-1 IRP_MJ_POWER 8637C1D8
Device \Driver\usbuhci \Device\USBFDO-1 IRP_MJ_SYSTEM_CONTROL 8637C1D8
Device \Driver\usbuhci \Device\USBFDO-1 IRP_MJ_PNP 8637C1D8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_CREATE 861A5980
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_CREATE_NAMED_PIPE 861A5980
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_CLOSE 861A5980
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_READ 861A5980
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_WRITE 861A5980
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_QUERY_INFORMATION 861A5980
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_SET_INFORMATION 861A5980
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_QUERY_EA 861A5980
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_SET_EA 861A5980
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_FLUSH_BUFFERS 861A5980
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_QUERY_VOLUME_INFORMATION 861A5980
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_SET_VOLUME_INFORMATION 861A5980
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_DIRECTORY_CONTROL 861A5980
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_FILE_SYSTEM_CONTROL 861A5980
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_DEVICE_CONTROL 861A5980
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_INTERNAL_DEVICE_CONTROL 861A5980
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_SHUTDOWN 861A5980
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_LOCK_CONTROL 861A5980
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_CLEANUP 861A5980
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_CREATE_MAILSLOT 861A5980
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_QUERY_SECURITY 861A5980
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_SET_SECURITY 861A5980
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_POWER 861A5980
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_SYSTEM_CONTROL 861A5980
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_DEVICE_CHANGE 861A5980
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_QUERY_QUOTA 861A5980
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_SET_QUOTA 861A5980
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_PNP 861A5980
Device \Driver\Tcpip \Device\IPMULTICAST IRP_MJ_CREATE 86507720
Device \Driver\Tcpip \Device\IPMULTICAST IRP_MJ_CREATE_NAMED_PIPE 8657FCA8
Device \Driver\Tcpip \Device\IPMULTICAST IRP_MJ_CLOSE 8659E368
Device \Driver\Tcpip \Device\IPMULTICAST IRP_MJ_READ 86566B88
Device \Driver\Tcpip \Device\IPMULTICAST IRP_MJ_WRITE 864AD108
Device \Driver\Tcpip \Device\IPMULTICAST IRP_MJ_QUERY_INFORMATION 862A2128
Device \Driver\Tcpip \Device\IPMULTICAST IRP_MJ_SET_INFORMATION 86408530
Device \Driver\Tcpip \Device\IPMULTICAST IRP_MJ_QUERY_EA 862202B0
Device \Driver\Tcpip \Device\IPMULTICAST IRP_MJ_SET_EA 86411590
Device \Driver\Tcpip \Device\IPMULTICAST IRP_MJ_FLUSH_BUFFERS 86553218
Device \Driver\Tcpip \Device\IPMULTICAST IRP_MJ_QUERY_VOLUME_INFORMATION 8637E588
Device \Driver\Tcpip \Device\IPMULTICAST IRP_MJ_SET_VOLUME_INFORMATION 86582250
Device \Driver\Tcpip \Device\IPMULTICAST IRP_MJ_DIRECTORY_CONTROL 86480F18
Device \Driver\Tcpip \Device\IPMULTICAST IRP_MJ_FILE_SYSTEM_CONTROL 863D8668
Device \Driver\Tcpip \Device\IPMULTICAST IRP_MJ_DEVICE_CONTROL 8658DB58
Device \Driver\Tcpip \Device\IPMULTICAST IRP_MJ_INTERNAL_DEVICE_CONTROL 8642AF10
Device \Driver\Tcpip \Device\IPMULTICAST IRP_MJ_SHUTDOWN 86499ED0
Device \Driver\Tcpip \Device\IPMULTICAST IRP_MJ_LOCK_CONTROL 865536E0
Device \Driver\Tcpip \Device\IPMULTICAST IRP_MJ_CLEANUP 86553BA0
Device \Driver\Tcpip \Device\IPMULTICAST IRP_MJ_CREATE_MAILSLOT 861AF188
Device \Driver\Tcpip \Device\IPMULTICAST IRP_MJ_QUERY_SECURITY 8658D820
Device \Driver\Tcpip \Device\IPMULTICAST IRP_MJ_SET_SECURITY 8651C540
Device \Driver\Tcpip \Device\IPMULTICAST IRP_MJ_POWER 863FE2B0
Device \Driver\Tcpip \Device\IPMULTICAST IRP_MJ_SYSTEM_CONTROL 86446D20
Device \Driver\Tcpip \Device\IPMULTICAST IRP_MJ_DEVICE_CHANGE 86340F38
Device \Driver\Tcpip \Device\IPMULTICAST IRP_MJ_QUERY_QUOTA 86484970
Device \Driver\Tcpip \Device\IPMULTICAST IRP_MJ_SET_QUOTA 86580478
Device \Driver\Tcpip \Device\IPMULTICAST IRP_MJ_PNP 861CD168
Device \Driver\usbuhci \Device\USBFDO-2 IRP_MJ_CREATE 8637C1D8
Device \Driver\usbuhci \Device\USBFDO-2 IRP_MJ_CLOSE 8637C1D8
Device \Driver\usbuhci \Device\USBFDO-2 IRP_MJ_DEVICE_CONTROL 8637C1D8
Device \Driver\usbuhci \Device\USBFDO-2 IRP_MJ_INTERNAL_DEVICE_CONTROL 8637C1D8
Device \Driver\usbuhci \Device\USBFDO-2 IRP_MJ_POWER 8637C1D8
Device \Driver\usbuhci \Device\USBFDO-2 IRP_MJ_SYSTEM_CONTROL 8637C1D8
Device \Driver\usbuhci \Device\USBFDO-2 IRP_MJ_PNP 8637C1D8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_CREATE 861A5980
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_CREATE_NAMED_PIPE 861A5980
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_CLOSE 861A5980
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_READ 861A5980
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_WRITE 861A5980
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_QUERY_INFORMATION 861A5980
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_SET_INFORMATION 861A5980
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_QUERY_EA 861A5980
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_SET_EA 861A5980
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_FLUSH_BUFFERS 861A5980
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_QUERY_VOLUME_INFORMATION 861A5980
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_SET_VOLUME_INFORMATION 861A5980
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_DIRECTORY_CONTROL 861A5980
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_FILE_SYSTEM_CONTROL 861A5980
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_DEVICE_CONTROL 861A5980
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_INTERNAL_DEVICE_CONTROL 861A5980
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_SHUTDOWN 861A5980
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_LOCK_CONTROL 861A5980
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_CLEANUP 861A5980
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_CREATE_MAILSLOT 861A5980
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_QUERY_SECURITY 861A5980
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_SET_SECURITY 861A5980
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_POWER 861A5980
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_SYSTEM_CONTROL 861A5980
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_DEVICE_CHANGE 861A5980
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_QUERY_QUOTA 861A5980
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_SET_QUOTA 861A5980
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_PNP 861A5980
Device \Driver\usbuhci \Device\USBFDO-3 IRP_MJ_CREATE 8637C1D8
Device \Driver\usbuhci \Device\USBFDO-3 IRP_MJ_CLOSE 8637C1D8
Device \Driver\usbuhci \Device\USBFDO-3 IRP_MJ_DEVICE_CONTROL 8637C1D8
Device \Driver\usbuhci \Device\USBFDO-3 IRP_MJ_INTERNAL_DEVICE_CONTROL 8637C1D8
Device \Driver\usbuhci \Device\USBFDO-3 IRP_MJ_POWER 8637C1D8
Device \Driver\usbuhci \Device\USBFDO-3 IRP_MJ_SYSTEM_CONTROL 8637C1D8
Device \Driver\usbuhci \Device\USBFDO-3 IRP_MJ_PNP 8637C1D8
Device \Driver\usbehci \Device\USBFDO-4 IRP_MJ_CREATE 8634E1D8
Device \Driver\usbehci \Device\USBFDO-4 IRP_MJ_CLOSE 8634E1D8
Device \Driver\usbehci \Device\USBFDO-4 IRP_MJ_DEVICE_CONTROL 8634E1D8
Device \Driver\usbehci \Device\USBFDO-4 IRP_MJ_INTERNAL_DEVICE_CONTROL 8634E1D8
Device \Driver\usbehci \Device\USBFDO-4 IRP_MJ_POWER 8634E1D8
Device \Driver\usbehci \Device\USBFDO-4 IRP_MJ_SYSTEM_CONTROL 8634E1D8
Device \Driver\usbehci \Device\USBFDO-4 IRP_MJ_PNP 8634E1D8
Device \Driver\Ftdisk \Device\FtControl IRP_MJ_CREATE 867671D8
Device \Driver\Ftdisk \Device\FtControl IRP_MJ_READ 867671D8
Device \Driver\Ftdisk \Device\FtControl IRP_MJ_WRITE 867671D8
Device \Driver\Ftdisk \Device\FtControl IRP_MJ_FLUSH_BUFFERS 867671D8
Device \Driver\Ftdisk \Device\FtControl IRP_MJ_DEVICE_CONTROL 867671D8
Device \Driver\Ftdisk \Device\FtControl IRP_MJ_INTERNAL_DEVICE_CONTROL 867671D8
Device \Driver\Ftdisk \Device\FtControl IRP_MJ_SHUTDOWN 867671D8
Device \Driver\Ftdisk \Device\FtControl IRP_MJ_CLEANUP 867671D8
Device \Driver\Ftdisk \Device\FtControl IRP_MJ_POWER 867671D8
Device \Driver\Ftdisk \Device\FtControl IRP_MJ_SYSTEM_CONTROL 867671D8
Device \Driver\Ftdisk \Device\FtControl IRP_MJ_PNP 867671D8
Device \Driver\NetBT \Device\NetBT_Tcpip_{FACBD59E-CA8D-46D8-A1CB-18FF03CA2D67} IRP_MJ_CREATE 8624E1D8
Device \Driver\NetBT \Device\NetBT_Tcpip_{FACBD59E-CA8D-46D8-A1CB-18FF03CA2D67} IRP_MJ_CLOSE 8624E1D8
Device \Driver\NetBT \Device\NetBT_Tcpip_{FACBD59E-CA8D-46D8-A1CB-18FF03CA2D67} IRP_MJ_DEVICE_CONTROL 8624E1D8
Device \Driver\NetBT \Device\NetBT_Tcpip_{FACBD59E-CA8D-46D8-A1CB-18FF03CA2D67} IRP_MJ_INTERNAL_DEVICE_CONTROL 8624E1D8
Device \Driver\NetBT \Device\NetBT_Tcpip_{FACBD59E-CA8D-46D8-A1CB-18FF03CA2D67} IRP_MJ_CLEANUP 8624E1D8
Device \Driver\NetBT \Device\NetBT_Tcpip_{FACBD59E-CA8D-46D8-A1CB-18FF03CA2D67} IRP_MJ_PNP 8624E1D8
Device \Driver\viasraid \Device\Scsi\viasraid1 IRP_MJ_CREATE 867D21D8
Device \Driver\viasraid \Device\Scsi\viasraid1 IRP_MJ_CLOSE 867D21D8
Device \Driver\viasraid \Device\Scsi\viasraid1 IRP_MJ_DEVICE_CONTRO

offline
  • Pridružio: 02 Jan 2006
  • Poruke: 232

Pomozite molim vas poshto mi se komp kochi uzasno a KIS nishta ne prijavljuje kao ni SpySweeper!!

offline
  • Pridružio: 04 Sep 2003
  • Poruke: 24135
  • Gde živiš: Wien

C:\WINDOWS\System32\Drivers\ahijn23j.SYS - uploaduj ovaj fajl na http://www.mycity.rs/ambulanta-upload.php

Dopuna: 08 Maj 2007 21:57

Promeni ime programa HijackThis u nesto drugo (HijackThis.exe > t3.exe) kao i ime foldera u kojem se nalazi HijackThis, tako da ne podseca na ime ovog programa.

Napravi novi log i postavi ga ovde.

Osim toga, posto imas vec instaliran GMER, uradi i skeniranje na Autostart kartici, pa iskopiraj i taj log ovde.

offline
  • Pridružio: 02 Jan 2006
  • Poruke: 232

Logfile of HijackThis v1.99.1
Scan saved at 10:06:02 PM, on 5/8/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\WINDOWS\system32\RunDLL32.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Office Mouse Driver\MouseDrv.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Documents and Settings\Leon\Desktop\T3\T3.exe.exe

O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files\Orbitdownloader\orbitcth.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O4 - HKLM\..\Run: [NvCplDaemon] "RUNDLL32.EXE" C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] "nwiz.exe" /install
O4 - HKLM\..\Run: [NvMediaCenter] "RunDLL32.exe" NvMCTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [WireLessMouse] "C:\Program Files\Office Mouse Driver\StartAutorun.exe" MouseDrv.exe
O4 - HKLM\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe" /startintray
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O8 - Extra context menu item: &Download all by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/202
O8 - Extra context menu item: &Download by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/201
O8 - Extra context menu item: &Download selected by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/203
O8 - Extra context menu item: &Grab video by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/204
O8 - Extra context menu item: Add to Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\ie_banner_deny.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: Web Anti-Virus - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\scieplugin.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{35C89F7B-7EF2-43BE-8B4F-B1C2EAD63D29}: NameServer = 82.208.208.10 213.246.55.5
O20 - AppInit_DLLs: "C:\PROGRA~1\KASPER~1\KASPER~1.0\adialhk.dll"
O20 - Winlogon Notify: klogon - C:\WINDOWS\system32\klogon.dll
O20 - Winlogon Notify: WRNotifier - C:\WINDOWS\SYSTEM32\WRLogonNTF.dll
O23 - Service: Kaspersky Internet Security 6.0 (AVP) - Unknown owner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe" -r (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe

Dopuna: 08 Maj 2007 22:05

GMER 1.0.12.12244 - http://www.gmer.net
Autostart scan 2007-05-08 22:07:15
Windows 5.1.2600 Service Pack 2


HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems@Windows = %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,3072,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16

HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon@Userinit = C:\WINDOWS\system32\userinit.exe,

HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ >>>
klogon@DLLName = C:\WINDOWS\system32\klogon.dll
WRNotifier@DLLName = WRLogonNTF.dll

HKLM\Software\Microsoft\Windows NT\CurrentVersion\Windows@AppInit_DLLs = "C:\PROGRA~1\KASPER~1\KASPER~1.0\adialhk.dll"

HKLM\SYSTEM\CurrentControlSet\Services\ >>>
AVP /*Kaspersky Internet Security 6.0*/@ = "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe" -r
MDM /*Machine Debug Manager*/@ = "C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe"
NVSvc /*NVIDIA Display Driver Service*/@ = %SystemRoot%\system32\nvsvc32.exe
SoundMAX Agent Service (default) /*SoundMAX Agent Service*/@ = C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
Spooler /*Print Spooler*/@ = %SystemRoot%\system32\spoolsv.exe
UMWdf /*Windows User Mode Driver Framework*/@ = C:\WINDOWS\system32\wdfmgr.exe
WebrootSpySweeperService /*Webroot Spy Sweeper Engine*/@ = "C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe"

HKLM\Software\Microsoft\Windows\CurrentVersion\Run >>>
@NvCplDaemon"RUNDLL32.EXE" C:\WINDOWS\system32\NvCpl.dll,NvStartup = "RUNDLL32.EXE" C:\WINDOWS\system32\NvCpl.dll,NvStartup
@nwiz"nwiz.exe" /install = "nwiz.exe" /install
@NvMediaCenter"RunDLL32.exe" NvMCTray.dll,NvTaskbarInit = "RunDLL32.exe" NvMCTray.dll,NvTaskbarInit
@AVP"C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe" = "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe"
@ /*file not found*/ = /*file not found*/
@NeroFilterCheckC:\WINDOWS\system32\NeroCheck.exe = C:\WINDOWS\system32\NeroCheck.exe
@WireLessMouse"C:\Program Files\Office Mouse Driver\StartAutorun.exe" MouseDrv.exe = "C:\Program Files\Office Mouse Driver\StartAutorun.exe" MouseDrv.exe
@SpySweeper"C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe" /startintray = "C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe" /startintray

HKCU\Software\Microsoft\Windows\CurrentVersion\Run@ctfmon.exe = C:\WINDOWS\system32\ctfmon.exe

HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved >>>
@{42071714-76d4-11d1-8b24-00a0c9068ff3} /*Display Panning CPL Extension*/deskpan.dll /*file not found*/ = deskpan.dll /*file not found*/
@{596AB062-B4D2-4215-9F74-E9109B0A8153} /*Previous Versions Property Page*/%SystemRoot%\system32\twext.dll = %SystemRoot%\system32\twext.dll
@{9DB7A13C-F208-4981-8353-73CC61AE2783} /*Previous Versions*/%SystemRoot%\system32\twext.dll = %SystemRoot%\system32\twext.dll
@{00E7B358-F65B-4dcf-83DF-CD026B94BFD4} /*Autoplay for SlideShow*/(null) =
@{692F0339-CBAA-47e6-B5B5-3B84DB604E87} /*Extensions Manager Folder*/%SystemRoot%\system32\extmgr.dll = %SystemRoot%\system32\extmgr.dll
@{A70C977A-BF00-412C-90B7-034C51DA2439} /*NvCpl DesktopContext Class*/C:\WINDOWS\system32\nvcpl.dll = C:\WINDOWS\system32\nvcpl.dll
@{FFB699E0-306A-11d3-8BD1-00104B6F7516} /*Play on my TV helper*/C:\WINDOWS\system32\nvcpl.dll = C:\WINDOWS\system32\nvcpl.dll
@{1CDB2949-8F65-4355-8456-263E7C208A5D} /*Desktop Explorer*/C:\WINDOWS\system32\nvshell.dll = C:\WINDOWS\system32\nvshell.dll
@{1E9B04FB-F9E5-4718-997B-B8DA88302A47} /*Desktop Explorer Menu*/C:\WINDOWS\system32\nvshell.dll = C:\WINDOWS\system32\nvshell.dll
@{1E9B04FB-F9E5-4718-997B-B8DA88302A48} /*nView Desktop Context Menu*/C:\WINDOWS\system32\nvshell.dll = C:\WINDOWS\system32\nvshell.dll
@{85E0B171-04FA-11D1-B7DA-00A0C90348D6} /*Web Anti-Virus*/C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\scieplugin.dll = C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\scieplugin.dll
@{BDEADF00-C265-11D0-BCED-00A0C90AB50F} /*Web Folders*/C:\PROGRA~1\COMMON~1\MICROS~1\WEBFOL~1\MSONSEXT.DLL = C:\PROGRA~1\COMMON~1\MICROS~1\WEBFOL~1\MSONSEXT.DLL
@{0006F045-0000-0000-C000-000000000046} /*Microsoft Outlook Custom Icon Handler*/C:\Program Files\Microsoft Office\Office10\OLKFSTUB.DLL = C:\Program Files\Microsoft Office\Office10\OLKFSTUB.DLL
@{42042206-2D85-11D3-8CFF-005004838597} /*Microsoft Office HTML Icon Handler*/C:\Program Files\Microsoft Office\Office10\msohev.dll = C:\Program Files\Microsoft Office\Office10\msohev.dll
@{B41DB860-8EE4-11D2-9906-E49FADC173CA} /*WinRAR shell extension*/C:\Program Files\WinRAR\rarext.dll = C:\Program Files\WinRAR\rarext.dll
@{B327765E-D724-4347-8B16-78AE18552FC3} /*NeroDigitalIconHandler*/C:\Program Files\Common Files\Ahead\Lib\NeroDigitalExt.dll = C:\Program Files\Common Files\Ahead\Lib\NeroDigitalExt.dll
@{7F1CF152-04F8-453A-B34C-E609530A9DC8} /*NeroDigitalPropSheetHandler*/C:\Program Files\Common Files\Ahead\Lib\NeroDigitalExt.dll = C:\Program Files\Common Files\Ahead\Lib\NeroDigitalExt.dll
@{7C9D5882-CB4A-4090-96C8-430BFE8B795B} /*Webroot Spy Sweeper Context Menu Integration*/C:\PROGRA~1\Webroot\SPYSWE~1\SSCtxMnu.dll = C:\PROGRA~1\Webroot\SPYSWE~1\SSCtxMnu.dll
@{44440D00-FF19-4AFC-B765-9A0970567D97} /*TuneUp Theme Extension*/%SystemRoot%\system32\uxtuneup.dll = %SystemRoot%\system32\uxtuneup.dll
@{4858E7D9-8E12-45a3-B6A3-1CD128C9D403} /*TuneUp Shredder Shell Extension*/C:\PROGRA~1\TUNEUP~1\SDShelEx-win32.dll = C:\PROGRA~1\TUNEUP~1\SDShelEx-win32.dll
@{e82a2d71-5b2f-43a0-97b8-81be15854de8} /*ShellLink for Application References*/C:\WINDOWS\system32\dfshim.dll = C:\WINDOWS\system32\dfshim.dll
@{E37E2028-CE1A-4f42-AF05-6CEABC4E5D75} /*Shell Icon Handler for Application References*/C:\WINDOWS\system32\dfshim.dll = C:\WINDOWS\system32\dfshim.dll

HKLM\Software\Classes\*\shellex\ContextMenuHandlers\ >>>
Kaspersky Anti-Virus@{dd230880-495a-11d1-b064-008048ec2fc5} = C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\ShellEx.dll
TuneUp Shredder Shell Extension@{4858E7D9-8E12-45a3-B6A3-1CD128C9D403} = C:\PROGRA~1\TUNEUP~1\SDShelEx-win32.dll
WinRAR@{B41DB860-8EE4-11D2-9906-E49FADC173CA} = C:\Program Files\WinRAR\rarext.dll

HKLM\Software\Classes\*\shellex\ContextMenuHandlers@{EB4D3CFE-E2AA-4C6E-B2FE-2A749F95D208} = C:\Program Files\Nero\Nero 7\Nero BackItUp\NBShell.dll

HKLM\Software\Classes\Directory\shellex\ContextMenuHandlers\ >>>
TuneUp Shredder Shell Extension@{4858E7D9-8E12-45a3-B6A3-1CD128C9D403} = C:\PROGRA~1\TUNEUP~1\SDShelEx-win32.dll
WinRAR@{B41DB860-8EE4-11D2-9906-E49FADC173CA} = C:\Program Files\WinRAR\rarext.dll

HKLM\Software\Classes\Folder\shellex\ContextMenuHandlers\ >>>
Kaspersky Anti-Virus@{dd230880-495a-11d1-b064-008048ec2fc5} = C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\ShellEx.dll
SpySweeper@{7C9D5882-CB4A-4090-96C8-430BFE8B795B} = C:\PROGRA~1\Webroot\SPYSWE~1\SSCtxMnu.dll
WinRAR@{B41DB860-8EE4-11D2-9906-E49FADC173CA} = C:\Program Files\WinRAR\rarext.dll

HKLM\Software\Classes\Folder\shellex\ContextMenuHandlers@{EB4D3CFE-E2AA-4C6E-B2FE-2A749F95D208} = C:\Program Files\Nero\Nero 7\Nero BackItUp\NBShell.dll

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects >>>
@{000123B4-9B42-4900-B3F7-F4B073EFC214}C:\Program Files\Orbitdownloader\orbitcth.dll = C:\Program Files\Orbitdownloader\orbitcth.dll
@{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll = C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
@{53707962-6F74-2D53-2644-206D7942484F}C:\PROGRA~1\SPYBOT~1\SDHelper.dll = C:\PROGRA~1\SPYBOT~1\SDHelper.dll

HKCU\Control Panel\Desktop@SCRNSAVE.EXE = C:\WINDOWS\System32\logon.scr

HKLM\Software\Microsoft\Internet Explorer\Main >>>
@Default_Page_URLhttp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
@Start Pagehttp://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home = http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
@Local Page%SystemRoot%\system32\blank.htm = %SystemRoot%\system32\blank.htm

HKCU\Software\Microsoft\Internet Explorer\Main >>>
@Start Pagehttp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
@Local PageC:\WINDOWS\system32\blank.htm = C:\WINDOWS\system32\blank.htm

HKLM\Software\Classes\PROTOCOLS\Handler\ >>>
cdo@CLSID = C:\Program Files\Common Files\Microsoft Shared\Web Folders\PKMCDO.DLL
dvd@CLSID = C:\WINDOWS\system32\msvidctl.dll
its@CLSID = C:\WINDOWS\system32\itss.dll
mhtml@CLSID = %SystemRoot%\system32\inetcomm.dll
ms-its@CLSID = C:\WINDOWS\system32\itss.dll
ms-itss@CLSID = C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL
mso-offdap@CLSID = C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\10\OWC10.DLL
tv@CLSID = C:\WINDOWS\system32\msvidctl.dll

HKLM\Software\Classes\PROTOCOLS\Handler\wia@CLSID = C:\WINDOWS\system32\wiascr.dll

---- EOF - GMER 1.0.12 ----

Dopuna: 08 Maj 2007 22:30

C:\WINDOWS\System32\Drivers\ahijn23j.SYS -nema ovog file ili ne mogu da ga nadjem!

offline
  • Pridružio: 04 Sep 2003
  • Poruke: 24135
  • Gde živiš: Wien

I dalje nista...

Ako imas dobru vezu i nije ti tesko da skines nekih 8mb onda skini Ewido micro:
http://downloads.ewido.net/ewido_micro.exe

Kako se radi sa Ewido micro:
- na prvom ekranu odaberi sve particije (štikliraj polja ispred njih)
- klikni na dugme Start Scan
- nakon završenog skeniranja klikni na Save Report i snimi log fajl na sigurno mesto
- klikni na Remove Infections
- iskopiraj nam ovde sadržaj log fajla koji je malopre snimljen

offline
  • Pridružio: 02 Jan 2006
  • Poruke: 232

Imam ISDN konekciju sa nemogucstvom ukljuicivanja oba kanala tako da ce malo potrajati ali izbacicu ga cim bude gotovo!

Dopuna: 09 Maj 2007 1:04

__________________________________________________
ewido anti-spyware online scanner
http://www.ewido.net
__________________________________________________


Name: TrackingCookie.Atdmt
Path: :mozilla.70:C:\Documents and Settings\Leon\Application Data\Mozilla\Firefox\Profiles\0plph5ae.default\cookies.txt
Risk: Medium

Name: TrackingCookie.Estat
Path: :mozilla.104:C:\Documents and Settings\Leon\Application Data\Mozilla\Firefox\Profiles\0plph5ae.default\cookies.txt
Risk: Medium

Name: TrackingCookie.Gemius
Path: :mozilla.117:C:\Documents and Settings\Leon\Application Data\Mozilla\Firefox\Profiles\0plph5ae.default\cookies.txt
Risk: Medium

Name: TrackingCookie.Gemius
Path: :mozilla.118:C:\Documents and Settings\Leon\Application Data\Mozilla\Firefox\Profiles\0plph5ae.default\cookies.txt
Risk: Medium

Name: TrackingCookie.Gemius
Path: :mozilla.119:C:\Documents and Settings\Leon\Application Data\Mozilla\Firefox\Profiles\0plph5ae.default\cookies.txt
Risk: Medium

Name: TrackingCookie.Weborama
Path: :mozilla.164:C:\Documents and Settings\Leon\Application Data\Mozilla\Firefox\Profiles\0plph5ae.default\cookies.txt
Risk: Medium

Name: TrackingCookie.Weborama
Path: :mozilla.165:C:\Documents and Settings\Leon\Application Data\Mozilla\Firefox\Profiles\0plph5ae.default\cookies.txt
Risk: Medium

Name: TrackingCookie.Webtrends
Path: :mozilla.176:C:\Documents and Settings\Leon\Application Data\Mozilla\Firefox\Profiles\0plph5ae.default\cookies.txt
Risk: Medium

Name: TrackingCookie.Atdmt
Path: :mozilla.18:D:\Back-up\Documents and Settings\Milos\Application Data\Mozilla\Firefox\Profiles\bglnekpu.default\cookies.txt
Risk: Medium

Name: TrackingCookie.Statcounter
Path: :mozilla.24:D:\Back-up\Documents and Settings\Milos\Application Data\Mozilla\Firefox\Profiles\bglnekpu.default\cookies.txt
Risk: Medium

Name: TrackingCookie.Com
Path: :mozilla.102:D:\Back-up\Documents and Settings\Milos\Application Data\Mozilla\Firefox\Profiles\bglnekpu.default\cookies.txt
Risk: Medium

Name: TrackingCookie.Msn
Path: D:\Back-up\Documents and Settings\Milos\Cookies\milos@ie.search.msn[1].txt
Risk: Medium

Ko je trenutno na forumu
 

Ukupno su 1067 korisnika na forumu :: 50 registrovanih, 10 sakrivenih i 1007 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: anta, aramis s, bobomicek, Bobrock1, Boris90, brundo65, ccoogg123, celik, DPera, Faki-Valjevo, Georgius, gmlale, ikan, Insan, ivica976, ivicasimo, Kaplar2, Karla, Klecaviks, Kubovac, kunktator, Leonov, Metanoja, Mihajlo, mile23, milenko crazy north, Miškić, MrNo, nebkv, Niko Bitan, ObicanUser, panzerwaffe, pein, Prašinar, predragc, raptorsi, Romibrat, Saratoga, savaskytec, sevenino, Silvertooth, srbijaiznadsvega, Srky Boy, tubular, vargas, Vatreni Zmaj, Vlada1389, zhuki8, Žrnov, šumar bk2