Poslao: 06 Maj 2007 22:51
|
offline
- milosh86
- Građanin
- Pridružio: 02 Jan 2006
- Poruke: 232
|
Komp mi se u zadnje vreme neshto chudno ponasha pa neka mi neko kaze da li je neki service od ovih problematichan ili malicijozan.
Logfile of HijackThis v1.99.1
Scan saved at 10:42:38 PM, on 5/6/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\WINDOWS\system32\RunDLL32.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Office Mouse Driver\MouseDrv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Leon\Desktop\HiJack\HijackThis.exe
O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files\Orbitdownloader\orbitcth.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O4 - HKLM\..\Run: [NvCplDaemon] "RUNDLL32.EXE" C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] "nwiz.exe" /install
O4 - HKLM\..\Run: [NvMediaCenter] "RunDLL32.exe" NvMCTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [WireLessMouse] "C:\Program Files\Office Mouse Driver\StartAutorun.exe" MouseDrv.exe
O4 - HKLM\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe" /startintray
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O8 - Extra context menu item: &Download all by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/202
O8 - Extra context menu item: &Download by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/201
O8 - Extra context menu item: &Download selected by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/203
O8 - Extra context menu item: &Grab video by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/204
O8 - Extra context menu item: Add to Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\ie_banner_deny.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: Web Anti-Virus - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\scieplugin.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{35C89F7B-7EF2-43BE-8B4F-B1C2EAD63D29}: NameServer = 82.208.208.10 213.246.55.5
O20 - AppInit_DLLs: "C:\PROGRA~1\KASPER~1\KASPER~1.0\adialhk.dll"
O20 - Winlogon Notify: klogon - C:\WINDOWS\system32\klogon.dll
O20 - Winlogon Notify: WRNotifier - C:\WINDOWS\SYSTEM32\WRLogonNTF.dll
O23 - Service: Kaspersky Internet Security 6.0 (AVP) - Unknown owner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe" -r (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
|
|
|
|
Poslao: 07 Maj 2007 18:28
|
offline
- marko antonije
- Ugledni građanin
- Pridružio: 09 Jan 2006
- Poruke: 317
|
Zdravo milosh86, ja cu pokusati da ti pomognem, prvo skeniraj komp sa GMER-om i postavi nam ovde log.
Uradi sledeće:
Preuzmi fajl gmer.zip sa ovog linka i sačuvaj na Desktop-u.
Raspakuj ga u neki folder.
Dupli klik na gmer.exe za početak: Izaberi Rootkit Tab na vrhu.
Klikni na Scan.
Kada je skeniranje završeno, klik na Copy dugme ispod - ovo će sačuvati to u Clipboard.
U polju za pisanje poruke na forumu klikni desno dugme misa i odaberi opciju Paste.
|
|
|
|
Poslao: 07 Maj 2007 21:41
|
offline
- milosh86
- Građanin
- Pridružio: 02 Jan 2006
- Poruke: 232
|
Kaspersky Internet Security mi prijavljuje suspicious driver installation!!!
Jel da mu dozvolim rad ili da ga odbijem (allow or deny)?
|
|
|
|
|
Poslao: 07 Maj 2007 22:04
|
offline
- milosh86
- Građanin
- Pridružio: 02 Jan 2006
- Poruke: 232
|
GMER 1.0.12.12244 - http://www.gmer.net
Rootkit scan 2007-05-07 22:05:56
Windows 5.1.2600 Service Pack 2
---- System - GMER 1.0.12 ----
SSDT 86726F30 ZwAllocateVirtualMemory
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwClose
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwCreateKey
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwCreateProcess
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwCreateProcessEx
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwCreateSection
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwCreateSymbolicLinkObject
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwCreateThread
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwDeleteKey
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwDeleteValueKey
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwDuplicateObject
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwEnumerateKey
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwEnumerateValueKey
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwFlushKey
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwInitializeRegistry
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwLoadKey
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwLoadKey2
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwNotifyChangeKey
SSDT kl1.sys ZwOpenFile
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwOpenKey
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwOpenProcess
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwOpenSection
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwQueryKey
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwQueryMultipleValueKey
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwQuerySystemInformation
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwQueryValueKey
SSDT 86726FA8 ZwQueueApcThread
SSDT 86726E40 ZwReadVirtualMemory
SSDT 86743170 ZwRenameKey
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwReplaceKey
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwRestoreKey
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwResumeThread
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwSaveKey
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwSetContextThread
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwSetInformationFile
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwSetInformationKey
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwSetInformationProcess
SSDT 86727968 ZwSetInformationThread
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwSetSecurityObject
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwSetValueKey
SSDT 86727AD0 ZwSuspendProcess
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwSuspendThread
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwTerminateProcess
SSDT 867279E0 ZwTerminateThread
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwUnloadKey
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwWriteVirtualMemory
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys SSDT[284]
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys SSDT[285]
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys SSDT[286]
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys SSDT[287]
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys SSDT[288]
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys SSDT[289]
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys SSDT[290]
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys SSDT[291]
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys SSDT[292]
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys SSDT[293]
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys SSDT[294]
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys SSDT[295]
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys SSDT[296]
Code \??\C:\WINDOWS\system32\drivers\klif.sys FsRtlCheckLockForReadAccess
Code \??\C:\WINDOWS\system32\drivers\klif.sys IoIsOperationSynchronous
---- Kernel code sections - GMER 1.0.12 ----
.text ntoskrnl.exe!KiDispatchInterrupt + C0 804DBEC3 7 Bytes JMP F4B4CCD0 \??\C:\WINDOWS\system32\drivers\klif.sys
.text ntoskrnl.exe!IoIsOperationSynchronous 804E8EBA 5 Bytes JMP F4B49C50 \??\C:\WINDOWS\system32\drivers\klif.sys
.text ntoskrnl.exe!FsRtlCheckLockForReadAccess 804FDAF1 5 Bytes JMP F4B49760 \??\C:\WINDOWS\system32\drivers\klif.sys
? C:\WINDOWS\system32\drivers\sptd.sys The process cannot access the file because it is being used by another process.
.text USBPORT.SYS!DllUnload F707C62C 5 Bytes JMP 8637D960
? System32\Drivers\ahijn23j.SYS The system cannot find the file specified.
? C:\WINDOWS\system32\DRIVERS\update.sys
---- User code sections - GMER 1.0.12 ----
.text C:\WINDOWS\explorer.exe[1432] SHELL32.dll!StrStrW + FFE2D929 7C9C6CF4 4 Bytes [ 82, 03, E7, 00 ]
.text C:\WINDOWS\explorer.exe[1432] SHELL32.dll!StrStrW + FFE2D99D 7C9C6D68 4 Bytes [ AC, 03, E7, 00 ]
.text C:\WINDOWS\explorer.exe[1432] SHELL32.dll!StrStrW + FFE32AAD 7C9CBE78 4 Bytes [ 04, 03, E7, 00 ]
.text C:\WINDOWS\explorer.exe[1432] SHELL32.dll!StrStrW + FFE32ABD 7C9CBE88 4 Bytes [ FC, 04, E7, 00 ]
.text C:\WINDOWS\explorer.exe[1432] SHELL32.dll!StrStrW + FFE339A5 7C9CCD70 4 Bytes [ 50, 05, E7, 00 ]
.text ...
.text C:\WINDOWS\explorer.exe[1432] SHELL32.dll!SHPropStgReadMultiple + 472 7CA1A578 4 Bytes [ 00, 04, E7, 00 ]
.text C:\WINDOWS\explorer.exe[1432] SHELL32.dll!SHPropStgReadMultiple + 57E 7CA1A684 4 Bytes [ D6, 03, E7, 00 ]
.text C:\WINDOWS\explorer.exe[1432] SHELL32.dll!SHGetSetFolderCustomSettingsW + 5126 7CA30C34 4 Bytes [ 22, 06, E7, 00 ]
.text C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe[1976] kernel32.dll!CreateThread + 1A 7C810849 4 Bytes [ B3, F8, C3, 83 ]
---- Devices - GMER 1.0.12 ----
Device \FileSystem\Ntfs \Ntfs IRP_MJ_CREATE 867D11D8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_CLOSE 867D11D8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_READ 867D11D8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_WRITE 867D11D8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_INFORMATION 867D11D8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_SET_INFORMATION 867D11D8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_EA 867D11D8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_SET_EA 867D11D8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_FLUSH_BUFFERS 867D11D8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_VOLUME_INFORMATION 867D11D8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_SET_VOLUME_INFORMATION 867D11D8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_DIRECTORY_CONTROL 867D11D8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_FILE_SYSTEM_CONTROL 867D11D8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_DEVICE_CONTROL 867D11D8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_SHUTDOWN 867D11D8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_LOCK_CONTROL 867D11D8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_CLEANUP 867D11D8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_SECURITY 867D11D8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_SET_SECURITY 867D11D8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_QUOTA 867D11D8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_SET_QUOTA 867D11D8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_PNP 867D11D8
Device \Driver\NetBT \Device\NetBT_Tcpip_{35C89F7B-7EF2-43BE-8B4F-B1C2EAD63D29} IRP_MJ_CREATE 8624E1D8
Device \Driver\NetBT \Device\NetBT_Tcpip_{35C89F7B-7EF2-43BE-8B4F-B1C2EAD63D29} IRP_MJ_CLOSE 8624E1D8
Device \Driver\NetBT \Device\NetBT_Tcpip_{35C89F7B-7EF2-43BE-8B4F-B1C2EAD63D29} IRP_MJ_DEVICE_CONTROL 8624E1D8
Device \Driver\NetBT \Device\NetBT_Tcpip_{35C89F7B-7EF2-43BE-8B4F-B1C2EAD63D29} IRP_MJ_INTERNAL_DEVICE_CONTROL 8624E1D8
Device \Driver\NetBT \Device\NetBT_Tcpip_{35C89F7B-7EF2-43BE-8B4F-B1C2EAD63D29} IRP_MJ_CLEANUP 8624E1D8
Device \Driver\NetBT \Device\NetBT_Tcpip_{35C89F7B-7EF2-43BE-8B4F-B1C2EAD63D29} IRP_MJ_PNP 8624E1D8
Device \Driver\Tcpip \Device\Ip IRP_MJ_CREATE 86507720
Device \Driver\Tcpip \Device\Ip IRP_MJ_CREATE_NAMED_PIPE 8657FCA8
Device \Driver\Tcpip \Device\Ip IRP_MJ_CLOSE 8659E368
Device \Driver\Tcpip \Device\Ip IRP_MJ_READ 86566B88
Device \Driver\Tcpip \Device\Ip IRP_MJ_WRITE 864AD108
Device \Driver\Tcpip \Device\Ip IRP_MJ_QUERY_INFORMATION 862A2128
Device \Driver\Tcpip \Device\Ip IRP_MJ_SET_INFORMATION 86408530
Device \Driver\Tcpip \Device\Ip IRP_MJ_QUERY_EA 862202B0
Device \Driver\Tcpip \Device\Ip IRP_MJ_SET_EA 86411590
Device \Driver\Tcpip \Device\Ip IRP_MJ_FLUSH_BUFFERS 86553218
Device \Driver\Tcpip \Device\Ip IRP_MJ_QUERY_VOLUME_INFORMATION 8637E588
Device \Driver\Tcpip \Device\Ip IRP_MJ_SET_VOLUME_INFORMATION 86582250
Device \Driver\Tcpip \Device\Ip IRP_MJ_DIRECTORY_CONTROL 86480F18
Device \Driver\Tcpip \Device\Ip IRP_MJ_FILE_SYSTEM_CONTROL 863D8668
Device \Driver\Tcpip \Device\Ip IRP_MJ_DEVICE_CONTROL 8658DB58
Device \Driver\Tcpip \Device\Ip IRP_MJ_INTERNAL_DEVICE_CONTROL 8642AF10
Device \Driver\Tcpip \Device\Ip IRP_MJ_SHUTDOWN 86499ED0
Device \Driver\Tcpip \Device\Ip IRP_MJ_LOCK_CONTROL 865536E0
Device \Driver\Tcpip \Device\Ip IRP_MJ_CLEANUP 86553BA0
Device \Driver\Tcpip \Device\Ip IRP_MJ_CREATE_MAILSLOT 861AF188
Device \Driver\Tcpip \Device\Ip IRP_MJ_QUERY_SECURITY 8658D820
Device \Driver\Tcpip \Device\Ip IRP_MJ_SET_SECURITY 8651C540
Device \Driver\Tcpip \Device\Ip IRP_MJ_POWER 863FE2B0
Device \Driver\Tcpip \Device\Ip IRP_MJ_SYSTEM_CONTROL 86446D20
Device \Driver\Tcpip \Device\Ip IRP_MJ_DEVICE_CHANGE 86340F38
Device \Driver\Tcpip \Device\Ip IRP_MJ_QUERY_QUOTA 86484970
Device \Driver\Tcpip \Device\Ip IRP_MJ_SET_QUOTA 86580478
Device \Driver\Tcpip \Device\Ip IRP_MJ_PNP 861CD168
Device \Driver\usbuhci \Device\USBPDO-0 IRP_MJ_CREATE 8637C1D8
Device \Driver\usbuhci \Device\USBPDO-0 IRP_MJ_CLOSE 8637C1D8
Device \Driver\usbuhci \Device\USBPDO-0 IRP_MJ_DEVICE_CONTROL 8637C1D8
Device \Driver\usbuhci \Device\USBPDO-0 IRP_MJ_INTERNAL_DEVICE_CONTROL 8637C1D8
Device \Driver\usbuhci \Device\USBPDO-0 IRP_MJ_POWER 8637C1D8
Device \Driver\usbuhci \Device\USBPDO-0 IRP_MJ_SYSTEM_CONTROL 8637C1D8
Device \Driver\usbuhci \Device\USBPDO-0 IRP_MJ_PNP 8637C1D8
Device \Driver\00000049 \Device\00000044 IRP_MJ_POWER [F777AC7E] sptd.sys
Device \Driver\00000049 \Device\00000044 IRP_MJ_SYSTEM_CONTROL [F77942A2] sptd.sys
Device \Driver\00000049 \Device\00000044 IRP_MJ_PNP [F7795228] sptd.sys
Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_CREATE 867D31D8
Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_CLOSE 867D31D8
Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_READ 867D31D8
Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_WRITE 867D31D8
Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_FLUSH_BUFFERS 867D31D8
Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_DEVICE_CONTROL 867D31D8
Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_INTERNAL_DEVICE_CONTROL 867D31D8
Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_SHUTDOWN 867D31D8
Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_POWER 867D31D8
Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_SYSTEM_CONTROL 867D31D8
Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_PNP 867D31D8
Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_CREATE 867D31D8
Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_CLOSE 867D31D8
Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_READ 867D31D8
Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_WRITE 867D31D8
Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_FLUSH_BUFFERS 867D31D8
Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_DEVICE_CONTROL 867D31D8
Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_INTERNAL_DEVICE_CONTROL 867D31D8
Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_SHUTDOWN 867D31D8
Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_POWER 867D31D8
Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_SYSTEM_CONTROL 867D31D8
Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_PNP 867D31D8
Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_CREATE 867D31D8
Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_CLOSE 867D31D8
Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_READ 867D31D8
Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_WRITE 867D31D8
Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_FLUSH_BUFFERS 867D31D8
Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_DEVICE_CONTROL 867D31D8
Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_INTERNAL_DEVICE_CONTROL 867D31D8
Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_SHUTDOWN 867D31D8
Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_POWER 867D31D8
Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_SYSTEM_CONTROL 867D31D8
Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_PNP 867D31D8
Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_CREATE 867D31D8
Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_CLOSE 867D31D8
Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_READ 867D31D8
Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_WRITE 867D31D8
Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_FLUSH_BUFFERS 867D31D8
Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_DEVICE_CONTROL 867D31D8
Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_INTERNAL_DEVICE_CONTROL 867D31D8
Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_SHUTDOWN 867D31D8
Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_POWER 867D31D8
Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_SYSTEM_CONTROL 867D31D8
Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_PNP 867D31D8
Device \Driver\usbuhci \Device\USBPDO-1 IRP_MJ_CREATE 8637C1D8
Device \Driver\usbuhci \Device\USBPDO-1 IRP_MJ_CLOSE 8637C1D8
Device \Driver\usbuhci \Device\USBPDO-1 IRP_MJ_DEVICE_CONTROL 8637C1D8
Device \Driver\usbuhci \Device\USBPDO-1 IRP_MJ_INTERNAL_DEVICE_CONTROL 8637C1D8
Device \Driver\usbuhci \Device\USBPDO-1 IRP_MJ_POWER 8637C1D8
Device \Driver\usbuhci \Device\USBPDO-1 IRP_MJ_SYSTEM_CONTROL 8637C1D8
Device \Driver\usbuhci \Device\USBPDO-1 IRP_MJ_PNP 8637C1D8
Device \Driver\usbuhci \Device\USBPDO-2 IRP_MJ_CREATE 8637C1D8
Device \Driver\usbuhci \Device\USBPDO-2 IRP_MJ_CLOSE 8637C1D8
Device \Driver\usbuhci \Device\USBPDO-2 IRP_MJ_DEVICE_CONTROL 8637C1D8
Device \Driver\usbuhci \Device\USBPDO-2 IRP_MJ_INTERNAL_DEVICE_CONTROL 8637C1D8
Device \Driver\usbuhci \Device\USBPDO-2 IRP_MJ_POWER 8637C1D8
Device \Driver\usbuhci \Device\USBPDO-2 IRP_MJ_SYSTEM_CONTROL 8637C1D8
Device \Driver\usbuhci \Device\USBPDO-2 IRP_MJ_PNP 8637C1D8
Device \Driver\usbuhci \Device\USBPDO-3 IRP_MJ_CREATE 8637C1D8
Device \Driver\usbuhci \Device\USBPDO-3 IRP_MJ_CLOSE 8637C1D8
Device \Driver\usbuhci \Device\USBPDO-3 IRP_MJ_DEVICE_CONTROL 8637C1D8
Device \Driver\usbuhci \Device\USBPDO-3 IRP_MJ_INTERNAL_DEVICE_CONTROL 8637C1D8
Device \Driver\usbuhci \Device\USBPDO-3 IRP_MJ_POWER 8637C1D8
Device \Driver\usbuhci \Device\USBPDO-3 IRP_MJ_SYSTEM_CONTROL 8637C1D8
Device \Driver\usbuhci \Device\USBPDO-3 IRP_MJ_PNP 8637C1D8
Device \Driver\usbehci \Device\USBPDO-4 IRP_MJ_CREATE 8634E1D8
Device \Driver\usbehci \Device\USBPDO-4 IRP_MJ_CLOSE 8634E1D8
Device \Driver\usbehci \Device\USBPDO-4 IRP_MJ_DEVICE_CONTROL 8634E1D8
Device \Driver\usbehci \Device\USBPDO-4 IRP_MJ_INTERNAL_DEVICE_CONTROL 8634E1D8
Device \Driver\usbehci \Device\USBPDO-4 IRP_MJ_POWER 8634E1D8
Device \Driver\usbehci \Device\USBPDO-4 IRP_MJ_SYSTEM_CONTROL 8634E1D8
Device \Driver\usbehci \Device\USBPDO-4 IRP_MJ_PNP 8634E1D8
Device \Driver\Tcpip \Device\Tcp IRP_MJ_CREATE 86507720
Device \Driver\Tcpip \Device\Tcp IRP_MJ_CREATE_NAMED_PIPE 8657FCA8
Device \Driver\Tcpip \Device\Tcp IRP_MJ_CLOSE 8659E368
Device \Driver\Tcpip \Device\Tcp IRP_MJ_READ 86566B88
Device \Driver\Tcpip \Device\Tcp IRP_MJ_WRITE 864AD108
Device \Driver\Tcpip \Device\Tcp IRP_MJ_QUERY_INFORMATION 862A2128
Device \Driver\Tcpip \Device\Tcp IRP_MJ_SET_INFORMATION 86408530
Device \Driver\Tcpip \Device\Tcp IRP_MJ_QUERY_EA 862202B0
Device \Driver\Tcpip \Device\Tcp IRP_MJ_SET_EA 86411590
Device \Driver\Tcpip \Device\Tcp IRP_MJ_FLUSH_BUFFERS 86553218
Device \Driver\Tcpip \Device\Tcp IRP_MJ_QUERY_VOLUME_INFORMATION 8637E588
Device \Driver\Tcpip \Device\Tcp IRP_MJ_SET_VOLUME_INFORMATION 86582250
Device \Driver\Tcpip \Device\Tcp IRP_MJ_DIRECTORY_CONTROL 86480F18
Device \Driver\Tcpip \Device\Tcp IRP_MJ_FILE_SYSTEM_CONTROL 863D8668
Device \Driver\Tcpip \Device\Tcp IRP_MJ_DEVICE_CONTROL 8658DB58
Device \Driver\Tcpip \Device\Tcp IRP_MJ_INTERNAL_DEVICE_CONTROL 8642AF10
Device \Driver\Tcpip \Device\Tcp IRP_MJ_SHUTDOWN 86499ED0
Device \Driver\Tcpip \Device\Tcp IRP_MJ_LOCK_CONTROL 865536E0
Device \Driver\Tcpip \Device\Tcp IRP_MJ_CLEANUP 86553BA0
Device \Driver\Tcpip \Device\Tcp IRP_MJ_CREATE_MAILSLOT 861AF188
Device \Driver\Tcpip \Device\Tcp IRP_MJ_QUERY_SECURITY 8658D820
Device \Driver\Tcpip \Device\Tcp IRP_MJ_SET_SECURITY 8651C540
Device \Driver\Tcpip \Device\Tcp IRP_MJ_POWER 863FE2B0
Device \Driver\Tcpip \Device\Tcp IRP_MJ_SYSTEM_CONTROL 86446D20
Device \Driver\Tcpip \Device\Tcp IRP_MJ_DEVICE_CHANGE 86340F38
Device \Driver\Tcpip \Device\Tcp IRP_MJ_QUERY_QUOTA 86484970
Device \Driver\Tcpip \Device\Tcp IRP_MJ_SET_QUOTA 86580478
Device \Driver\Tcpip \Device\Tcp IRP_MJ_PNP 861CD168
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_CREATE 867671D8
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_READ 867671D8
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_WRITE 867671D8
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_FLUSH_BUFFERS 867671D8
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_DEVICE_CONTROL 867671D8
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_INTERNAL_DEVICE_CONTROL 867671D8
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_SHUTDOWN 867671D8
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_CLEANUP 867671D8
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_POWER 867671D8
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_SYSTEM_CONTROL 867671D8
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_PNP 867671D8
Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_CREATE 867671D8
Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_READ 867671D8
Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_WRITE 867671D8
Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_FLUSH_BUFFERS 867671D8
Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_DEVICE_CONTROL 867671D8
Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_INTERNAL_DEVICE_CONTROL 867671D8
Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_SHUTDOWN 867671D8
Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_CLEANUP 867671D8
Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_POWER 867671D8
Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_SYSTEM_CONTROL 867671D8
Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_PNP 867671D8
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_CREATE 864837A0
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_CLOSE 864837A0
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_READ 864837A0
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_WRITE 864837A0
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_FLUSH_BUFFERS 864837A0
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_DEVICE_CONTROL 864837A0
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_INTERNAL_DEVICE_CONTROL 864837A0
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_SHUTDOWN 864837A0
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_POWER 864837A0
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_SYSTEM_CONTROL 864837A0
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_PNP 864837A0
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_CREATE 864837A0
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_CLOSE 864837A0
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_READ 864837A0
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_WRITE 864837A0
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_FLUSH_BUFFERS 864837A0
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_DEVICE_CONTROL 864837A0
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_INTERNAL_DEVICE_CONTROL 864837A0
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_SHUTDOWN 864837A0
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_POWER 864837A0
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_SYSTEM_CONTROL 864837A0
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_PNP 864837A0
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 IRP_MJ_CREATE 867661D8
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 IRP_MJ_CLOSE 867661D8
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 IRP_MJ_DEVICE_CONTROL 867661D8
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 IRP_MJ_INTERNAL_DEVICE_CONTROL 867661D8
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 IRP_MJ_POWER 867661D8
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 IRP_MJ_SYSTEM_CONTROL 867661D8
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 IRP_MJ_PNP 867661D8
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_CREATE 867661D8
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_CLOSE 867661D8
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_DEVICE_CONTROL 867661D8
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_INTERNAL_DEVICE_CONTROL 867661D8
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_POWER 867661D8
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_SYSTEM_CONTROL 867661D8
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_PNP 867661D8
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_CREATE 867661D8
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_CLOSE 867661D8
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_DEVICE_CONTROL 867661D8
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_INTERNAL_DEVICE_CONTROL 867661D8
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_POWER 867661D8
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_SYSTEM_CONTROL 867661D8
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_PNP 867661D8
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-e IRP_MJ_CREATE 867661D8
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-e IRP_MJ_CLOSE 867661D8
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-e IRP_MJ_DEVICE_CONTROL 867661D8
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-e IRP_MJ_INTERNAL_DEVICE_CONTROL 867661D8
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-e IRP_MJ_POWER 867661D8
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-e IRP_MJ_SYSTEM_CONTROL 867661D8
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-e IRP_MJ_PNP 867661D8
Device \Driver\NetBT \Device\NetBt_Wins_Export IRP_MJ_CREATE 8624E1D8
Device \Driver\NetBT \Device\NetBt_Wins_Export IRP_MJ_CLOSE 8624E1D8
Device \Driver\NetBT \Device\NetBt_Wins_Export IRP_MJ_DEVICE_CONTROL 8624E1D8
Device \Driver\NetBT \Device\NetBt_Wins_Export IRP_MJ_INTERNAL_DEVICE_CONTROL 8624E1D8
Device \Driver\NetBT \Device\NetBt_Wins_Export IRP_MJ_CLEANUP 8624E1D8
Device \Driver\NetBT \Device\NetBt_Wins_Export IRP_MJ_PNP 8624E1D8
Device \Driver\NetBT \Device\NetbiosSmb IRP_MJ_CREATE 8624E1D8
Device \Driver\NetBT \Device\NetbiosSmb IRP_MJ_CLOSE 8624E1D8
Device \Driver\NetBT \Device\NetbiosSmb IRP_MJ_DEVICE_CONTROL 8624E1D8
Device \Driver\NetBT \Device\NetbiosSmb IRP_MJ_INTERNAL_DEVICE_CONTROL 8624E1D8
Device \Driver\NetBT \Device\NetbiosSmb IRP_MJ_CLEANUP 8624E1D8
Device \Driver\NetBT \Device\NetbiosSmb IRP_MJ_PNP 8624E1D8
Device \Driver\Tcpip \Device\Udp IRP_MJ_CREATE 86507720
Device \Driver\Tcpip \Device\Udp IRP_MJ_CREATE_NAMED_PIPE 8657FCA8
Device \Driver\Tcpip \Device\Udp IRP_MJ_CLOSE 8659E368
Device \Driver\Tcpip \Device\Udp IRP_MJ_READ 86566B88
Device \Driver\Tcpip \Device\Udp IRP_MJ_WRITE 864AD108
Device \Driver\Tcpip \Device\Udp IRP_MJ_QUERY_INFORMATION 862A2128
Device \Driver\Tcpip \Device\Udp IRP_MJ_SET_INFORMATION 86408530
Device \Driver\Tcpip \Device\Udp IRP_MJ_QUERY_EA 862202B0
Device \Driver\Tcpip \Device\Udp IRP_MJ_SET_EA 86411590
Device \Driver\Tcpip \Device\Udp IRP_MJ_FLUSH_BUFFERS 86553218
Device \Driver\Tcpip \Device\Udp IRP_MJ_QUERY_VOLUME_INFORMATION 8637E588
Device \Driver\Tcpip \Device\Udp IRP_MJ_SET_VOLUME_INFORMATION 86582250
Device \Driver\Tcpip \Device\Udp IRP_MJ_DIRECTORY_CONTROL 86480F18
Device \Driver\Tcpip \Device\Udp IRP_MJ_FILE_SYSTEM_CONTROL 863D8668
Device \Driver\Tcpip \Device\Udp IRP_MJ_DEVICE_CONTROL 8658DB58
Device \Driver\Tcpip \Device\Udp IRP_MJ_INTERNAL_DEVICE_CONTROL 8642AF10
Device \Driver\Tcpip \Device\Udp IRP_MJ_SHUTDOWN 86499ED0
Device \Driver\Tcpip \Device\Udp IRP_MJ_LOCK_CONTROL 865536E0
Device \Driver\Tcpip \Device\Udp IRP_MJ_CLEANUP 86553BA0
Device \Driver\Tcpip \Device\Udp IRP_MJ_CREATE_MAILSLOT 861AF188
Device \Driver\Tcpip \Device\Udp IRP_MJ_QUERY_SECURITY 8658D820
Device \Driver\Tcpip \Device\Udp IRP_MJ_SET_SECURITY 8651C540
Device \Driver\Tcpip \Device\Udp IRP_MJ_POWER 863FE2B0
Device \Driver\Tcpip \Device\Udp IRP_MJ_SYSTEM_CONTROL 86446D20
Device \Driver\Tcpip \Device\Udp IRP_MJ_DEVICE_CHANGE 86340F38
Device \Driver\Tcpip \Device\Udp IRP_MJ_QUERY_QUOTA 86484970
Device \Driver\Tcpip \Device\Udp IRP_MJ_SET_QUOTA 86580478
Device \Driver\Tcpip \Device\Udp IRP_MJ_PNP 861CD168
Device \Driver\Tcpip \Device\RawIp IRP_MJ_CREATE 86507720
Device \Driver\Tcpip \Device\RawIp IRP_MJ_CREATE_NAMED_PIPE 8657FCA8
Device \Driver\Tcpip \Device\RawIp IRP_MJ_CLOSE 8659E368
Device \Driver\Tcpip \Device\RawIp IRP_MJ_READ 86566B88
Device \Driver\Tcpip \Device\RawIp IRP_MJ_WRITE 864AD108
Device \Driver\Tcpip \Device\RawIp IRP_MJ_QUERY_INFORMATION 862A2128
Device \Driver\Tcpip \Device\RawIp IRP_MJ_SET_INFORMATION 86408530
Device \Driver\Tcpip \Device\RawIp IRP_MJ_QUERY_EA 862202B0
Device \Driver\Tcpip \Device\RawIp IRP_MJ_SET_EA 86411590
Device \Driver\Tcpip \Device\RawIp IRP_MJ_FLUSH_BUFFERS 86553218
Device \Driver\Tcpip \Device\RawIp IRP_MJ_QUERY_VOLUME_INFORMATION 8637E588
Device \Driver\Tcpip \Device\RawIp IRP_MJ_SET_VOLUME_INFORMATION 86582250
Device \Driver\Tcpip \Device\RawIp IRP_MJ_DIRECTORY_CONTROL 86480F18
Device \Driver\Tcpip \Device\RawIp IRP_MJ_FILE_SYSTEM_CONTROL 863D8668
Device \Driver\Tcpip \Device\RawIp IRP_MJ_DEVICE_CONTROL 8658DB58
Device \Driver\Tcpip \Device\RawIp IRP_MJ_INTERNAL_DEVICE_CONTROL 8642AF10
Device \Driver\Tcpip \Device\RawIp IRP_MJ_SHUTDOWN 86499ED0
Device \Driver\Tcpip \Device\RawIp IRP_MJ_LOCK_CONTROL 865536E0
Device \Driver\Tcpip \Device\RawIp IRP_MJ_CLEANUP 86553BA0
Device \Driver\Tcpip \Device\RawIp IRP_MJ_CREATE_MAILSLOT 861AF188
Device \Driver\Tcpip \Device\RawIp IRP_MJ_QUERY_SECURITY 8658D820
Device \Driver\Tcpip \Device\RawIp IRP_MJ_SET_SECURITY 8651C540
Device \Driver\Tcpip \Device\RawIp IRP_MJ_POWER 863FE2B0
Device \Driver\Tcpip \Device\RawIp IRP_MJ_SYSTEM_CONTROL 86446D20
Device \Driver\Tcpip \Device\RawIp IRP_MJ_DEVICE_CHANGE 86340F38
Device \Driver\Tcpip \Device\RawIp IRP_MJ_QUERY_QUOTA 86484970
Device \Driver\Tcpip \Device\RawIp IRP_MJ_SET_QUOTA 86580478
Device \Driver\Tcpip \Device\RawIp IRP_MJ_PNP 861CD168
Device \Driver\usbuhci \Device\USBFDO-0 IRP_MJ_CREATE 8637C1D8
Device \Driver\usbuhci \Device\USBFDO-0 IRP_MJ_CLOSE 8637C1D8
Device \Driver\usbuhci \Device\USBFDO-0 IRP_MJ_DEVICE_CONTROL 8637C1D8
Device \Driver\usbuhci \Device\USBFDO-0 IRP_MJ_INTERNAL_DEVICE_CONTROL 8637C1D8
Device \Driver\usbuhci \Device\USBFDO-0 IRP_MJ_POWER 8637C1D8
Device \Driver\usbuhci \Device\USBFDO-0 IRP_MJ_SYSTEM_CONTROL 8637C1D8
Device \Driver\usbuhci \Device\USBFDO-0 IRP_MJ_PNP 8637C1D8
Device \Driver\usbuhci \Device\USBFDO-1 IRP_MJ_CREATE 8637C1D8
Device \Driver\usbuhci \Device\USBFDO-1 IRP_MJ_CLOSE 8637C1D8
Device \Driver\usbuhci \Device\USBFDO-1 IRP_MJ_DEVICE_CONTROL 8637C1D8
Device \Driver\usbuhci \Device\USBFDO-1 IRP_MJ_INTERNAL_DEVICE_CONTROL 8637C1D8
Device \Driver\usbuhci \Device\USBFDO-1 IRP_MJ_POWER 8637C1D8
Device \Driver\usbuhci \Device\USBFDO-1 IRP_MJ_SYSTEM_CONTROL 8637C1D8
Device \Driver\usbuhci \Device\USBFDO-1 IRP_MJ_PNP 8637C1D8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_CREATE 861A5980
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_CREATE_NAMED_PIPE 861A5980
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_CLOSE 861A5980
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_READ 861A5980
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_WRITE 861A5980
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_QUERY_INFORMATION 861A5980
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_SET_INFORMATION 861A5980
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_QUERY_EA 861A5980
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_SET_EA 861A5980
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_FLUSH_BUFFERS 861A5980
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_QUERY_VOLUME_INFORMATION 861A5980
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_SET_VOLUME_INFORMATION 861A5980
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_DIRECTORY_CONTROL 861A5980
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_FILE_SYSTEM_CONTROL 861A5980
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_DEVICE_CONTROL 861A5980
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_INTERNAL_DEVICE_CONTROL 861A5980
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_SHUTDOWN 861A5980
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_LOCK_CONTROL 861A5980
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_CLEANUP 861A5980
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_CREATE_MAILSLOT 861A5980
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_QUERY_SECURITY 861A5980
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_SET_SECURITY 861A5980
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_POWER 861A5980
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_SYSTEM_CONTROL 861A5980
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_DEVICE_CHANGE 861A5980
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_QUERY_QUOTA 861A5980
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_SET_QUOTA 861A5980
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_PNP 861A5980
Device \Driver\Tcpip \Device\IPMULTICAST IRP_MJ_CREATE 86507720
Device \Driver\Tcpip \Device\IPMULTICAST IRP_MJ_CREATE_NAMED_PIPE 8657FCA8
Device \Driver\Tcpip \Device\IPMULTICAST IRP_MJ_CLOSE 8659E368
Device \Driver\Tcpip \Device\IPMULTICAST IRP_MJ_READ 86566B88
Device \Driver\Tcpip \Device\IPMULTICAST IRP_MJ_WRITE 864AD108
Device \Driver\Tcpip \Device\IPMULTICAST IRP_MJ_QUERY_INFORMATION 862A2128
Device \Driver\Tcpip \Device\IPMULTICAST IRP_MJ_SET_INFORMATION 86408530
Device \Driver\Tcpip \Device\IPMULTICAST IRP_MJ_QUERY_EA 862202B0
Device \Driver\Tcpip \Device\IPMULTICAST IRP_MJ_SET_EA 86411590
Device \Driver\Tcpip \Device\IPMULTICAST IRP_MJ_FLUSH_BUFFERS 86553218
Device \Driver\Tcpip \Device\IPMULTICAST IRP_MJ_QUERY_VOLUME_INFORMATION 8637E588
Device \Driver\Tcpip \Device\IPMULTICAST IRP_MJ_SET_VOLUME_INFORMATION 86582250
Device \Driver\Tcpip \Device\IPMULTICAST IRP_MJ_DIRECTORY_CONTROL 86480F18
Device \Driver\Tcpip \Device\IPMULTICAST IRP_MJ_FILE_SYSTEM_CONTROL 863D8668
Device \Driver\Tcpip \Device\IPMULTICAST IRP_MJ_DEVICE_CONTROL 8658DB58
Device \Driver\Tcpip \Device\IPMULTICAST IRP_MJ_INTERNAL_DEVICE_CONTROL 8642AF10
Device \Driver\Tcpip \Device\IPMULTICAST IRP_MJ_SHUTDOWN 86499ED0
Device \Driver\Tcpip \Device\IPMULTICAST IRP_MJ_LOCK_CONTROL 865536E0
Device \Driver\Tcpip \Device\IPMULTICAST IRP_MJ_CLEANUP 86553BA0
Device \Driver\Tcpip \Device\IPMULTICAST IRP_MJ_CREATE_MAILSLOT 861AF188
Device \Driver\Tcpip \Device\IPMULTICAST IRP_MJ_QUERY_SECURITY 8658D820
Device \Driver\Tcpip \Device\IPMULTICAST IRP_MJ_SET_SECURITY 8651C540
Device \Driver\Tcpip \Device\IPMULTICAST IRP_MJ_POWER 863FE2B0
Device \Driver\Tcpip \Device\IPMULTICAST IRP_MJ_SYSTEM_CONTROL 86446D20
Device \Driver\Tcpip \Device\IPMULTICAST IRP_MJ_DEVICE_CHANGE 86340F38
Device \Driver\Tcpip \Device\IPMULTICAST IRP_MJ_QUERY_QUOTA 86484970
Device \Driver\Tcpip \Device\IPMULTICAST IRP_MJ_SET_QUOTA 86580478
Device \Driver\Tcpip \Device\IPMULTICAST IRP_MJ_PNP 861CD168
Device \Driver\usbuhci \Device\USBFDO-2 IRP_MJ_CREATE 8637C1D8
Device \Driver\usbuhci \Device\USBFDO-2 IRP_MJ_CLOSE 8637C1D8
Device \Driver\usbuhci \Device\USBFDO-2 IRP_MJ_DEVICE_CONTROL 8637C1D8
Device \Driver\usbuhci \Device\USBFDO-2 IRP_MJ_INTERNAL_DEVICE_CONTROL 8637C1D8
Device \Driver\usbuhci \Device\USBFDO-2 IRP_MJ_POWER 8637C1D8
Device \Driver\usbuhci \Device\USBFDO-2 IRP_MJ_SYSTEM_CONTROL 8637C1D8
Device \Driver\usbuhci \Device\USBFDO-2 IRP_MJ_PNP 8637C1D8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_CREATE 861A5980
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_CREATE_NAMED_PIPE 861A5980
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_CLOSE 861A5980
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_READ 861A5980
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_WRITE 861A5980
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_QUERY_INFORMATION 861A5980
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_SET_INFORMATION 861A5980
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_QUERY_EA 861A5980
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_SET_EA 861A5980
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_FLUSH_BUFFERS 861A5980
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_QUERY_VOLUME_INFORMATION 861A5980
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_SET_VOLUME_INFORMATION 861A5980
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_DIRECTORY_CONTROL 861A5980
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_FILE_SYSTEM_CONTROL 861A5980
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_DEVICE_CONTROL 861A5980
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_INTERNAL_DEVICE_CONTROL 861A5980
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_SHUTDOWN 861A5980
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_LOCK_CONTROL 861A5980
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_CLEANUP 861A5980
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_CREATE_MAILSLOT 861A5980
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_QUERY_SECURITY 861A5980
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_SET_SECURITY 861A5980
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_POWER 861A5980
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_SYSTEM_CONTROL 861A5980
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_DEVICE_CHANGE 861A5980
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_QUERY_QUOTA 861A5980
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_SET_QUOTA 861A5980
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_PNP 861A5980
Device \Driver\usbuhci \Device\USBFDO-3 IRP_MJ_CREATE 8637C1D8
Device \Driver\usbuhci \Device\USBFDO-3 IRP_MJ_CLOSE 8637C1D8
Device \Driver\usbuhci \Device\USBFDO-3 IRP_MJ_DEVICE_CONTROL 8637C1D8
Device \Driver\usbuhci \Device\USBFDO-3 IRP_MJ_INTERNAL_DEVICE_CONTROL 8637C1D8
Device \Driver\usbuhci \Device\USBFDO-3 IRP_MJ_POWER 8637C1D8
Device \Driver\usbuhci \Device\USBFDO-3 IRP_MJ_SYSTEM_CONTROL 8637C1D8
Device \Driver\usbuhci \Device\USBFDO-3 IRP_MJ_PNP 8637C1D8
Device \Driver\usbehci \Device\USBFDO-4 IRP_MJ_CREATE 8634E1D8
Device \Driver\usbehci \Device\USBFDO-4 IRP_MJ_CLOSE 8634E1D8
Device \Driver\usbehci \Device\USBFDO-4 IRP_MJ_DEVICE_CONTROL 8634E1D8
Device \Driver\usbehci \Device\USBFDO-4 IRP_MJ_INTERNAL_DEVICE_CONTROL 8634E1D8
Device \Driver\usbehci \Device\USBFDO-4 IRP_MJ_POWER 8634E1D8
Device \Driver\usbehci \Device\USBFDO-4 IRP_MJ_SYSTEM_CONTROL 8634E1D8
Device \Driver\usbehci \Device\USBFDO-4 IRP_MJ_PNP 8634E1D8
Device \Driver\Ftdisk \Device\FtControl IRP_MJ_CREATE 867671D8
Device \Driver\Ftdisk \Device\FtControl IRP_MJ_READ 867671D8
Device \Driver\Ftdisk \Device\FtControl IRP_MJ_WRITE 867671D8
Device \Driver\Ftdisk \Device\FtControl IRP_MJ_FLUSH_BUFFERS 867671D8
Device \Driver\Ftdisk \Device\FtControl IRP_MJ_DEVICE_CONTROL 867671D8
Device \Driver\Ftdisk \Device\FtControl IRP_MJ_INTERNAL_DEVICE_CONTROL 867671D8
Device \Driver\Ftdisk \Device\FtControl IRP_MJ_SHUTDOWN 867671D8
Device \Driver\Ftdisk \Device\FtControl IRP_MJ_CLEANUP 867671D8
Device \Driver\Ftdisk \Device\FtControl IRP_MJ_POWER 867671D8
Device \Driver\Ftdisk \Device\FtControl IRP_MJ_SYSTEM_CONTROL 867671D8
Device \Driver\Ftdisk \Device\FtControl IRP_MJ_PNP 867671D8
Device \Driver\NetBT \Device\NetBT_Tcpip_{FACBD59E-CA8D-46D8-A1CB-18FF03CA2D67} IRP_MJ_CREATE 8624E1D8
Device \Driver\NetBT \Device\NetBT_Tcpip_{FACBD59E-CA8D-46D8-A1CB-18FF03CA2D67} IRP_MJ_CLOSE 8624E1D8
Device \Driver\NetBT \Device\NetBT_Tcpip_{FACBD59E-CA8D-46D8-A1CB-18FF03CA2D67} IRP_MJ_DEVICE_CONTROL 8624E1D8
Device \Driver\NetBT \Device\NetBT_Tcpip_{FACBD59E-CA8D-46D8-A1CB-18FF03CA2D67} IRP_MJ_INTERNAL_DEVICE_CONTROL 8624E1D8
Device \Driver\NetBT \Device\NetBT_Tcpip_{FACBD59E-CA8D-46D8-A1CB-18FF03CA2D67} IRP_MJ_CLEANUP 8624E1D8
Device \Driver\NetBT \Device\NetBT_Tcpip_{FACBD59E-CA8D-46D8-A1CB-18FF03CA2D67} IRP_MJ_PNP 8624E1D8
Device \Driver\viasraid \Device\Scsi\viasraid1 IRP_MJ_CREATE 867D21D8
Device \Driver\viasraid \Device\Scsi\viasraid1 IRP_MJ_CLOSE 867D21D8
Device \Driver\viasraid \Device\Scsi\viasraid1 IRP_MJ_DEVICE_CONTRO
|
|
|
|
Poslao: 08 Maj 2007 21:50
|
offline
- milosh86
- Građanin
- Pridružio: 02 Jan 2006
- Poruke: 232
|
Pomozite molim vas poshto mi se komp kochi uzasno a KIS nishta ne prijavljuje kao ni SpySweeper!!
|
|
|
|
Poslao: 08 Maj 2007 21:57
|
offline
- bobby
- Administrator
- Pridružio: 04 Sep 2003
- Poruke: 24135
- Gde živiš: Wien
|
C:\WINDOWS\System32\Drivers\ahijn23j.SYS - uploaduj ovaj fajl na http://www.mycity.rs/ambulanta-upload.php
Dopuna: 08 Maj 2007 21:57
Promeni ime programa HijackThis u nesto drugo (HijackThis.exe > t3.exe) kao i ime foldera u kojem se nalazi HijackThis, tako da ne podseca na ime ovog programa.
Napravi novi log i postavi ga ovde.
Osim toga, posto imas vec instaliran GMER, uradi i skeniranje na Autostart kartici, pa iskopiraj i taj log ovde.
|
|
|
|
Poslao: 08 Maj 2007 22:30
|
offline
- milosh86
- Građanin
- Pridružio: 02 Jan 2006
- Poruke: 232
|
Logfile of HijackThis v1.99.1
Scan saved at 10:06:02 PM, on 5/8/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\WINDOWS\system32\RunDLL32.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Office Mouse Driver\MouseDrv.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Documents and Settings\Leon\Desktop\T3\T3.exe.exe
O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files\Orbitdownloader\orbitcth.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O4 - HKLM\..\Run: [NvCplDaemon] "RUNDLL32.EXE" C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] "nwiz.exe" /install
O4 - HKLM\..\Run: [NvMediaCenter] "RunDLL32.exe" NvMCTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [WireLessMouse] "C:\Program Files\Office Mouse Driver\StartAutorun.exe" MouseDrv.exe
O4 - HKLM\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe" /startintray
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O8 - Extra context menu item: &Download all by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/202
O8 - Extra context menu item: &Download by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/201
O8 - Extra context menu item: &Download selected by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/203
O8 - Extra context menu item: &Grab video by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/204
O8 - Extra context menu item: Add to Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\ie_banner_deny.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: Web Anti-Virus - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\scieplugin.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{35C89F7B-7EF2-43BE-8B4F-B1C2EAD63D29}: NameServer = 82.208.208.10 213.246.55.5
O20 - AppInit_DLLs: "C:\PROGRA~1\KASPER~1\KASPER~1.0\adialhk.dll"
O20 - Winlogon Notify: klogon - C:\WINDOWS\system32\klogon.dll
O20 - Winlogon Notify: WRNotifier - C:\WINDOWS\SYSTEM32\WRLogonNTF.dll
O23 - Service: Kaspersky Internet Security 6.0 (AVP) - Unknown owner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe" -r (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
Dopuna: 08 Maj 2007 22:05
GMER 1.0.12.12244 - http://www.gmer.net
Autostart scan 2007-05-08 22:07:15
Windows 5.1.2600 Service Pack 2
HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems@Windows = %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,3072,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon@Userinit = C:\WINDOWS\system32\userinit.exe,
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ >>>
klogon@DLLName = C:\WINDOWS\system32\klogon.dll
WRNotifier@DLLName = WRLogonNTF.dll
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Windows@AppInit_DLLs = "C:\PROGRA~1\KASPER~1\KASPER~1.0\adialhk.dll"
HKLM\SYSTEM\CurrentControlSet\Services\ >>>
AVP /*Kaspersky Internet Security 6.0*/@ = "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe" -r
MDM /*Machine Debug Manager*/@ = "C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe"
NVSvc /*NVIDIA Display Driver Service*/@ = %SystemRoot%\system32\nvsvc32.exe
SoundMAX Agent Service (default) /*SoundMAX Agent Service*/@ = C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
Spooler /*Print Spooler*/@ = %SystemRoot%\system32\spoolsv.exe
UMWdf /*Windows User Mode Driver Framework*/@ = C:\WINDOWS\system32\wdfmgr.exe
WebrootSpySweeperService /*Webroot Spy Sweeper Engine*/@ = "C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe"
HKLM\Software\Microsoft\Windows\CurrentVersion\Run >>>
@NvCplDaemon"RUNDLL32.EXE" C:\WINDOWS\system32\NvCpl.dll,NvStartup = "RUNDLL32.EXE" C:\WINDOWS\system32\NvCpl.dll,NvStartup
@nwiz"nwiz.exe" /install = "nwiz.exe" /install
@NvMediaCenter"RunDLL32.exe" NvMCTray.dll,NvTaskbarInit = "RunDLL32.exe" NvMCTray.dll,NvTaskbarInit
@AVP"C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe" = "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe"
@ /*file not found*/ = /*file not found*/
@NeroFilterCheckC:\WINDOWS\system32\NeroCheck.exe = C:\WINDOWS\system32\NeroCheck.exe
@WireLessMouse"C:\Program Files\Office Mouse Driver\StartAutorun.exe" MouseDrv.exe = "C:\Program Files\Office Mouse Driver\StartAutorun.exe" MouseDrv.exe
@SpySweeper"C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe" /startintray = "C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe" /startintray
HKCU\Software\Microsoft\Windows\CurrentVersion\Run@ctfmon.exe = C:\WINDOWS\system32\ctfmon.exe
HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved >>>
@{42071714-76d4-11d1-8b24-00a0c9068ff3} /*Display Panning CPL Extension*/deskpan.dll /*file not found*/ = deskpan.dll /*file not found*/
@{596AB062-B4D2-4215-9F74-E9109B0A8153} /*Previous Versions Property Page*/%SystemRoot%\system32\twext.dll = %SystemRoot%\system32\twext.dll
@{9DB7A13C-F208-4981-8353-73CC61AE2783} /*Previous Versions*/%SystemRoot%\system32\twext.dll = %SystemRoot%\system32\twext.dll
@{00E7B358-F65B-4dcf-83DF-CD026B94BFD4} /*Autoplay for SlideShow*/(null) =
@{692F0339-CBAA-47e6-B5B5-3B84DB604E87} /*Extensions Manager Folder*/%SystemRoot%\system32\extmgr.dll = %SystemRoot%\system32\extmgr.dll
@{A70C977A-BF00-412C-90B7-034C51DA2439} /*NvCpl DesktopContext Class*/C:\WINDOWS\system32\nvcpl.dll = C:\WINDOWS\system32\nvcpl.dll
@{FFB699E0-306A-11d3-8BD1-00104B6F7516} /*Play on my TV helper*/C:\WINDOWS\system32\nvcpl.dll = C:\WINDOWS\system32\nvcpl.dll
@{1CDB2949-8F65-4355-8456-263E7C208A5D} /*Desktop Explorer*/C:\WINDOWS\system32\nvshell.dll = C:\WINDOWS\system32\nvshell.dll
@{1E9B04FB-F9E5-4718-997B-B8DA88302A47} /*Desktop Explorer Menu*/C:\WINDOWS\system32\nvshell.dll = C:\WINDOWS\system32\nvshell.dll
@{1E9B04FB-F9E5-4718-997B-B8DA88302A48} /*nView Desktop Context Menu*/C:\WINDOWS\system32\nvshell.dll = C:\WINDOWS\system32\nvshell.dll
@{85E0B171-04FA-11D1-B7DA-00A0C90348D6} /*Web Anti-Virus*/C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\scieplugin.dll = C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\scieplugin.dll
@{BDEADF00-C265-11D0-BCED-00A0C90AB50F} /*Web Folders*/C:\PROGRA~1\COMMON~1\MICROS~1\WEBFOL~1\MSONSEXT.DLL = C:\PROGRA~1\COMMON~1\MICROS~1\WEBFOL~1\MSONSEXT.DLL
@{0006F045-0000-0000-C000-000000000046} /*Microsoft Outlook Custom Icon Handler*/C:\Program Files\Microsoft Office\Office10\OLKFSTUB.DLL = C:\Program Files\Microsoft Office\Office10\OLKFSTUB.DLL
@{42042206-2D85-11D3-8CFF-005004838597} /*Microsoft Office HTML Icon Handler*/C:\Program Files\Microsoft Office\Office10\msohev.dll = C:\Program Files\Microsoft Office\Office10\msohev.dll
@{B41DB860-8EE4-11D2-9906-E49FADC173CA} /*WinRAR shell extension*/C:\Program Files\WinRAR\rarext.dll = C:\Program Files\WinRAR\rarext.dll
@{B327765E-D724-4347-8B16-78AE18552FC3} /*NeroDigitalIconHandler*/C:\Program Files\Common Files\Ahead\Lib\NeroDigitalExt.dll = C:\Program Files\Common Files\Ahead\Lib\NeroDigitalExt.dll
@{7F1CF152-04F8-453A-B34C-E609530A9DC8} /*NeroDigitalPropSheetHandler*/C:\Program Files\Common Files\Ahead\Lib\NeroDigitalExt.dll = C:\Program Files\Common Files\Ahead\Lib\NeroDigitalExt.dll
@{7C9D5882-CB4A-4090-96C8-430BFE8B795B} /*Webroot Spy Sweeper Context Menu Integration*/C:\PROGRA~1\Webroot\SPYSWE~1\SSCtxMnu.dll = C:\PROGRA~1\Webroot\SPYSWE~1\SSCtxMnu.dll
@{44440D00-FF19-4AFC-B765-9A0970567D97} /*TuneUp Theme Extension*/%SystemRoot%\system32\uxtuneup.dll = %SystemRoot%\system32\uxtuneup.dll
@{4858E7D9-8E12-45a3-B6A3-1CD128C9D403} /*TuneUp Shredder Shell Extension*/C:\PROGRA~1\TUNEUP~1\SDShelEx-win32.dll = C:\PROGRA~1\TUNEUP~1\SDShelEx-win32.dll
@{e82a2d71-5b2f-43a0-97b8-81be15854de8} /*ShellLink for Application References*/C:\WINDOWS\system32\dfshim.dll = C:\WINDOWS\system32\dfshim.dll
@{E37E2028-CE1A-4f42-AF05-6CEABC4E5D75} /*Shell Icon Handler for Application References*/C:\WINDOWS\system32\dfshim.dll = C:\WINDOWS\system32\dfshim.dll
HKLM\Software\Classes\*\shellex\ContextMenuHandlers\ >>>
Kaspersky Anti-Virus@{dd230880-495a-11d1-b064-008048ec2fc5} = C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\ShellEx.dll
TuneUp Shredder Shell Extension@{4858E7D9-8E12-45a3-B6A3-1CD128C9D403} = C:\PROGRA~1\TUNEUP~1\SDShelEx-win32.dll
WinRAR@{B41DB860-8EE4-11D2-9906-E49FADC173CA} = C:\Program Files\WinRAR\rarext.dll
HKLM\Software\Classes\*\shellex\ContextMenuHandlers@{EB4D3CFE-E2AA-4C6E-B2FE-2A749F95D208} = C:\Program Files\Nero\Nero 7\Nero BackItUp\NBShell.dll
HKLM\Software\Classes\Directory\shellex\ContextMenuHandlers\ >>>
TuneUp Shredder Shell Extension@{4858E7D9-8E12-45a3-B6A3-1CD128C9D403} = C:\PROGRA~1\TUNEUP~1\SDShelEx-win32.dll
WinRAR@{B41DB860-8EE4-11D2-9906-E49FADC173CA} = C:\Program Files\WinRAR\rarext.dll
HKLM\Software\Classes\Folder\shellex\ContextMenuHandlers\ >>>
Kaspersky Anti-Virus@{dd230880-495a-11d1-b064-008048ec2fc5} = C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\ShellEx.dll
SpySweeper@{7C9D5882-CB4A-4090-96C8-430BFE8B795B} = C:\PROGRA~1\Webroot\SPYSWE~1\SSCtxMnu.dll
WinRAR@{B41DB860-8EE4-11D2-9906-E49FADC173CA} = C:\Program Files\WinRAR\rarext.dll
HKLM\Software\Classes\Folder\shellex\ContextMenuHandlers@{EB4D3CFE-E2AA-4C6E-B2FE-2A749F95D208} = C:\Program Files\Nero\Nero 7\Nero BackItUp\NBShell.dll
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects >>>
@{000123B4-9B42-4900-B3F7-F4B073EFC214}C:\Program Files\Orbitdownloader\orbitcth.dll = C:\Program Files\Orbitdownloader\orbitcth.dll
@{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll = C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
@{53707962-6F74-2D53-2644-206D7942484F}C:\PROGRA~1\SPYBOT~1\SDHelper.dll = C:\PROGRA~1\SPYBOT~1\SDHelper.dll
HKCU\Control Panel\Desktop@SCRNSAVE.EXE = C:\WINDOWS\System32\logon.scr
HKLM\Software\Microsoft\Internet Explorer\Main >>>
@Default_Page_URLhttp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
@Start Pagehttp://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home = http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
@Local Page%SystemRoot%\system32\blank.htm = %SystemRoot%\system32\blank.htm
HKCU\Software\Microsoft\Internet Explorer\Main >>>
@Start Pagehttp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
@Local PageC:\WINDOWS\system32\blank.htm = C:\WINDOWS\system32\blank.htm
HKLM\Software\Classes\PROTOCOLS\Handler\ >>>
cdo@CLSID = C:\Program Files\Common Files\Microsoft Shared\Web Folders\PKMCDO.DLL
dvd@CLSID = C:\WINDOWS\system32\msvidctl.dll
its@CLSID = C:\WINDOWS\system32\itss.dll
mhtml@CLSID = %SystemRoot%\system32\inetcomm.dll
ms-its@CLSID = C:\WINDOWS\system32\itss.dll
ms-itss@CLSID = C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL
mso-offdap@CLSID = C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\10\OWC10.DLL
tv@CLSID = C:\WINDOWS\system32\msvidctl.dll
HKLM\Software\Classes\PROTOCOLS\Handler\wia@CLSID = C:\WINDOWS\system32\wiascr.dll
---- EOF - GMER 1.0.12 ----
Dopuna: 08 Maj 2007 22:30
C:\WINDOWS\System32\Drivers\ahijn23j.SYS -nema ovog file ili ne mogu da ga nadjem!
|
|
|
|
Poslao: 08 Maj 2007 22:39
|
offline
- bobby
- Administrator
- Pridružio: 04 Sep 2003
- Poruke: 24135
- Gde živiš: Wien
|
I dalje nista...
Ako imas dobru vezu i nije ti tesko da skines nekih 8mb onda skini Ewido micro:
http://downloads.ewido.net/ewido_micro.exe
Kako se radi sa Ewido micro:
- na prvom ekranu odaberi sve particije (štikliraj polja ispred njih)
- klikni na dugme Start Scan
- nakon završenog skeniranja klikni na Save Report i snimi log fajl na sigurno mesto
- klikni na Remove Infections
- iskopiraj nam ovde sadržaj log fajla koji je malopre snimljen
|
|
|
|
Poslao: 09 Maj 2007 01:04
|
offline
- milosh86
- Građanin
- Pridružio: 02 Jan 2006
- Poruke: 232
|
Imam ISDN konekciju sa nemogucstvom ukljuicivanja oba kanala tako da ce malo potrajati ali izbacicu ga cim bude gotovo!
Dopuna: 09 Maj 2007 1:04
__________________________________________________
ewido anti-spyware online scanner
http://www.ewido.net
__________________________________________________
Name: TrackingCookie.Atdmt
Path: :mozilla.70:C:\Documents and Settings\Leon\Application Data\Mozilla\Firefox\Profiles\0plph5ae.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Estat
Path: :mozilla.104:C:\Documents and Settings\Leon\Application Data\Mozilla\Firefox\Profiles\0plph5ae.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Gemius
Path: :mozilla.117:C:\Documents and Settings\Leon\Application Data\Mozilla\Firefox\Profiles\0plph5ae.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Gemius
Path: :mozilla.118:C:\Documents and Settings\Leon\Application Data\Mozilla\Firefox\Profiles\0plph5ae.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Gemius
Path: :mozilla.119:C:\Documents and Settings\Leon\Application Data\Mozilla\Firefox\Profiles\0plph5ae.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Weborama
Path: :mozilla.164:C:\Documents and Settings\Leon\Application Data\Mozilla\Firefox\Profiles\0plph5ae.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Weborama
Path: :mozilla.165:C:\Documents and Settings\Leon\Application Data\Mozilla\Firefox\Profiles\0plph5ae.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Webtrends
Path: :mozilla.176:C:\Documents and Settings\Leon\Application Data\Mozilla\Firefox\Profiles\0plph5ae.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Atdmt
Path: :mozilla.18:D:\Back-up\Documents and Settings\Milos\Application Data\Mozilla\Firefox\Profiles\bglnekpu.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Statcounter
Path: :mozilla.24:D:\Back-up\Documents and Settings\Milos\Application Data\Mozilla\Firefox\Profiles\bglnekpu.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Com
Path: :mozilla.102:D:\Back-up\Documents and Settings\Milos\Application Data\Mozilla\Firefox\Profiles\bglnekpu.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Msn
Path: D:\Back-up\Documents and Settings\Milos\Cookies\milos@ie.search.msn[1].txt
Risk: Medium
|
|
|
|