Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Can't Install Any Antivirus


  • This topic is locked This topic is locked
4 replies to this topic

#1 Speed_Rock

Speed_Rock

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:12:04 PM

Posted 30 November 2007 - 03:37 AM

Hello everyone

this is my first post here and i hope someone can help me

i downloaded cracks for some programs two days ago
suddenly all my antivirus and antispyware programs had their exe deleted
and i couldn't download any antivirus or anti spyware after that

this is my Gmer scan result

GMER 1.0.13.12551 - http://www.gmer.net
Rootkit scan 2007-11-30 10:33:47
Windows 5.1.2600 Service Pack 2


---- System - GMER 1.0.13 ----

SSDT \??\C:\WINDOWS\system32\drivers\srosa.sys ZwCreateFile
SSDT sptd.sys ZwCreateKey
SSDT \??\C:\WINDOWS\system32\drivers\srosa.sys ZwEnumerateKey
SSDT \??\C:\WINDOWS\system32\drivers\srosa.sys ZwEnumerateValueKey
SSDT sptd.sys ZwOpenKey
SSDT \??\C:\WINDOWS\system32\drivers\srosa.sys ZwQueryDirectoryFile
SSDT \??\C:\WINDOWS\system32\drivers\srosa.sys ZwQueryKey
SSDT \??\C:\WINDOWS\system32\drivers\srosa.sys ZwQuerySystemInformation
SSDT sptd.sys ZwQueryValueKey
SSDT sptd.sys ZwSetValueKey

---- Kernel code sections - GMER 1.0.13 ----

? C:\WINDOWS\system32\drivers\sptd.sys The process cannot access the file because it is being used by another process.
.text USBPORT.SYS!DllUnload F70ED80C 5 Bytes JMP 865281C8
? System32\Drivers\ayrkpgal.SYS The system cannot find the file specified.

---- Kernel IAT/EAT - GMER 1.0.13 ----

IAT atapi.sys[HAL.dll!READ_PORT_UCHAR] [F7426AD4] sptd.sys
IAT atapi.sys[HAL.dll!READ_PORT_BUFFER_USHORT] [F7426C1A] sptd.sys
IAT atapi.sys[HAL.dll!READ_PORT_USHORT] [F7426B9C] sptd.sys
IAT atapi.sys[HAL.dll!WRITE_PORT_BUFFER_USHORT] [F7427748] sptd.sys
IAT atapi.sys[HAL.dll!WRITE_PORT_UCHAR] [F742761E] sptd.sys
IAT \SystemRoot\system32\DRIVERS\i8042prt.sys[HAL.dll!READ_PORT_UCHAR] [F743C29A] sptd.sys

---- User IAT/EAT - GMER 1.0.13 ----

IAT C:\WINDOWS\Explorer.EXE[1672] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [5CB77774] C:\WINDOWS\system32\ShimEng.dll
IAT C:\WINDOWS\Explorer.EXE[1672] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] [5CB77774] C:\WINDOWS\system32\ShimEng.dll
IAT C:\WINDOWS\Explorer.EXE[1672] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [5CB77774] C:\WINDOWS\system32\ShimEng.dll
IAT C:\WINDOWS\Explorer.EXE[1672] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [5CB77774] C:\WINDOWS\system32\ShimEng.dll
IAT C:\WINDOWS\Explorer.EXE[1672] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetProcAddress] [5CB77774] C:\WINDOWS\system32\ShimEng.dll
IAT C:\WINDOWS\Explorer.EXE[1672] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [5CB77774] C:\WINDOWS\system32\ShimEng.dll
IAT C:\WINDOWS\Explorer.EXE[1672] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress] [5CB77774] C:\WINDOWS\system32\ShimEng.dll
IAT C:\WINDOWS\Explorer.EXE[1672] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!GetProcAddress] [5CB77774] C:\WINDOWS\system32\ShimEng.dll
IAT C:\WINDOWS\Explorer.EXE[1672] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!GetProcAddress] [5CB77774] C:\WINDOWS\system32\ShimEng.dll
IAT C:\WINDOWS\Explorer.EXE[1672] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] [5CB77774] C:\WINDOWS\system32\ShimEng.dll
IAT C:\WINDOWS\Explorer.EXE[1672] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!GetProcAddress] [5CB77774] C:\WINDOWS\system32\ShimEng.dll
IAT C:\WINDOWS\Explorer.EXE[1672] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!GetProcAddress] [5CB77774] C:\WINDOWS\system32\ShimEng.dll
IAT C:\WINDOWS\Explorer.EXE[1672] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!GetProcAddress] [5CB77774] C:\WINDOWS\system32\ShimEng.dll
IAT C:\WINDOWS\Explorer.EXE[1672] @ C:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!GetProcAddress] [5CB77774] C:\WINDOWS\system32\ShimEng.dll
IAT C:\WINDOWS\Explorer.EXE[1672] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!GetProcAddress] [5CB77774] C:\WINDOWS\system32\ShimEng.dll
IAT C:\WINDOWS\Explorer.EXE[1672] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!GetProcAddress] [5CB77774] C:\WINDOWS\system32\ShimEng.dll
IAT C:\Program Files\Mozilla Firefox\firefox.exe[2928] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [019973CC] C:\Program Files\Mozilla Firefox\extensions\talkback@mozilla.org\components\FULLSOFT.DLL
IAT C:\Program Files\Mozilla Firefox\firefox.exe[2928] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [01997376] C:\Program Files\Mozilla Firefox\extensions\talkback@mozilla.org\components\FULLSOFT.DLL
IAT C:\Program Files\Mozilla Firefox\firefox.exe[2928] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [01997376] C:\Program Files\Mozilla Firefox\extensions\talkback@mozilla.org\components\FULLSOFT.DLL
IAT C:\Program Files\Mozilla Firefox\firefox.exe[2928] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [019973CC] C:\Program Files\Mozilla Firefox\extensions\talkback@mozilla.org\components\FULLSOFT.DLL
IAT C:\Program Files\Mozilla Firefox\firefox.exe[2928] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryA] [01997376] C:\Program Files\Mozilla Firefox\extensions\talkback@mozilla.org\components\FULLSOFT.DLL
IAT C:\Program Files\Mozilla Firefox\firefox.exe[2928] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [019973CC] C:\Program Files\Mozilla Firefox\extensions\talkback@mozilla.org\components\FULLSOFT.DLL
IAT C:\Program Files\Mozilla Firefox\firefox.exe[2928] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [019973CC] C:\Program Files\Mozilla Firefox\extensions\talkback@mozilla.org\components\FULLSOFT.DLL
IAT C:\Program Files\Mozilla Firefox\firefox.exe[2928] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!LoadLibraryA] [01997376] C:\Program Files\Mozilla Firefox\extensions\talkback@mozilla.org\components\FULLSOFT.DLL
IAT C:\Program Files\Mozilla Firefox\firefox.exe[2928] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [01997376] C:\Program Files\Mozilla Firefox\extensions\talkback@mozilla.org\components\FULLSOFT.DLL
IAT C:\Program Files\Mozilla Firefox\firefox.exe[2928] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [019973CC] C:\Program Files\Mozilla Firefox\extensions\talkback@mozilla.org\components\FULLSOFT.DLL
IAT C:\Program Files\Mozilla Firefox\firefox.exe[2928] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [019973CC] C:\Program Files\Mozilla Firefox\extensions\talkback@mozilla.org\components\FULLSOFT.DLL
IAT C:\Program Files\Mozilla Firefox\firefox.exe[2928] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [01997376] C:\Program Files\Mozilla Firefox\extensions\talkback@mozilla.org\components\FULLSOFT.DLL
IAT C:\Program Files\Mozilla Firefox\firefox.exe[2928] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [019973CC] C:\Program Files\Mozilla Firefox\extensions\talkback@mozilla.org\components\FULLSOFT.DLL
IAT C:\Program Files\Mozilla Firefox\firefox.exe[2928] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [01997376] C:\Program Files\Mozilla Firefox\extensions\talkback@mozilla.org\components\FULLSOFT.DLL
IAT C:\Program Files\Mozilla Firefox\firefox.exe[2928] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [019973CC] C:\Program Files\Mozilla Firefox\extensions\talkback@mozilla.org\components\FULLSOFT.DLL
IAT C:\Program Files\Mozilla Firefox\firefox.exe[2928] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [01997376] C:\Program Files\Mozilla Firefox\extensions\talkback@mozilla.org\components\FULLSOFT.DLL
IAT C:\Program Files\Mozilla Firefox\firefox.exe[2928] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [01997376] C:\Program Files\Mozilla Firefox\extensions\talkback@mozilla.org\components\FULLSOFT.DLL
IAT C:\Program Files\Mozilla Firefox\firefox.exe[2928] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [019973CC] C:\Program Files\Mozilla Firefox\extensions\talkback@mozilla.org\components\FULLSOFT.DLL
IAT C:\Program Files\Mozilla Firefox\firefox.exe[2928] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!LoadLibraryA] [01997376] C:\Program Files\Mozilla Firefox\extensions\talkback@mozilla.org\components\FULLSOFT.DLL
IAT C:\Program Files\Mozilla Firefox\firefox.exe[2928] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!SetUnhandledExceptionFilter] [019973CC] C:\Program Files\Mozilla Firefox\extensions\talkback@mozilla.org\components\FULLSOFT.DLL
IAT C:\Program Files\Mozilla Firefox\firefox.exe[2928] @ C:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [019973CC] C:\Program Files\Mozilla Firefox\extensions\talkback@mozilla.org\components\FULLSOFT.DLL
IAT C:\Program Files\Mozilla Firefox\firefox.exe[2928] @ C:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!LoadLibraryA] [01997376] C:\Program Files\Mozilla Firefox\extensions\talkback@mozilla.org\components\FULLSOFT.DLL
IAT C:\Program Files\Mozilla Firefox\firefox.exe[2928] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [019973CC] C:\Program Files\Mozilla Firefox\extensions\talkback@mozilla.org\components\FULLSOFT.DLL
IAT C:\Program Files\Mozilla Firefox\firefox.exe[2928] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryA] [01997376] C:\Program Files\Mozilla Firefox\extensions\talkback@mozilla.org\components\FULLSOFT.DLL
IAT C:\Program Files\Mozilla Firefox\firefox.exe[2928] @ C:\WINDOWS\system32\SAMLIB.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [019973CC] C:\Program Files\Mozilla Firefox\extensions\talkback@mozilla.org\components\FULLSOFT.DLL
IAT C:\Program Files\Mozilla Firefox\firefox.exe[2928] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [019973CC] C:\Program Files\Mozilla Firefox\extensions\talkback@mozilla.org\components\FULLSOFT.DLL
IAT C:\Program Files\Mozilla Firefox\firefox.exe[2928] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [01997376] C:\Program Files\Mozilla Firefox\extensions\talkback@mozilla.org\components\FULLSOFT.DLL
IAT C:\Program Files\Mozilla Firefox\firefox.exe[2928] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [019973CC] C:\Program Files\Mozilla Firefox\extensions\talkback@mozilla.org\components\FULLSOFT.DLL
IAT C:\Program Files\Mozilla Firefox\firefox.exe[2928] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryA] [01997376] C:\Program Files\Mozilla Firefox\extensions\talkback@mozilla.org\components\FULLSOFT.DLL
IAT C:\Program Files\Mozilla Firefox\firefox.exe[2928] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryA] [01997376] C:\Program Files\Mozilla Firefox\extensions\talkback@mozilla.org\components\FULLSOFT.DLL
IAT C:\Program Files\Mozilla Firefox\firefox.exe[2928] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [019973CC] C:\Program Files\Mozilla Firefox\extensions\talkback@mozilla.org\components\FULLSOFT.DLL
IAT C:\Program Files\Mozilla Firefox\firefox.exe[2928] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryA] [01997376] C:\Program Files\Mozilla Firefox\extensions\talkback@mozilla.org\components\FULLSOFT.DLL
IAT C:\Program Files\Mozilla Firefox\firefox.exe[2928] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [019973CC] C:\Program Files\Mozilla Firefox\extensions\talkback@mozilla.org\components\FULLSOFT.DLL

Device \FileSystem\Ntfs \Ntfs IRP_MJ_CREATE 867D01E8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_CLOSE 867D01E8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_READ 867D01E8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_WRITE 867D01E8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_INFORMATION 867D01E8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_SET_INFORMATION 867D01E8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_EA 867D01E8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_SET_EA 867D01E8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_FLUSH_BUFFERS 867D01E8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_VOLUME_INFORMATION 867D01E8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_SET_VOLUME_INFORMATION 867D01E8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_DIRECTORY_CONTROL 867D01E8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_FILE_SYSTEM_CONTROL 867D01E8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_DEVICE_CONTROL 867D01E8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_SHUTDOWN 867D01E8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_LOCK_CONTROL 867D01E8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_CLEANUP 867D01E8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_SECURITY 867D01E8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_SET_SECURITY 867D01E8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_QUOTA 867D01E8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_SET_QUOTA 867D01E8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_PNP 867D01E8
Device \Driver\PCI_NTPNP6046 \Device\00000042 IRP_MJ_CREATE [F745CB0E] sptd.sys
Device \Driver\PCI_NTPNP6046 \Device\00000042 IRP_MJ_CREATE_NAMED_PIPE [F745CB0E] sptd.sys
Device \Driver\PCI_NTPNP6046 \Device\00000042 IRP_MJ_CLOSE [F745CB0E] sptd.sys
Device \Driver\PCI_NTPNP6046 \Device\00000042 IRP_MJ_READ [F745CB0E] sptd.sys
Device \Driver\PCI_NTPNP6046 \Device\00000042 IRP_MJ_WRITE [F745CB0E] sptd.sys
Device \Driver\PCI_NTPNP6046 \Device\00000042 IRP_MJ_QUERY_INFORMATION [F745CB0E] sptd.sys
Device \Driver\PCI_NTPNP6046 \Device\00000042 IRP_MJ_SET_INFORMATION [F745CB0E] sptd.sys
Device \Driver\PCI_NTPNP6046 \Device\00000042 IRP_MJ_QUERY_EA [F745CB0E] sptd.sys
Device \Driver\PCI_NTPNP6046 \Device\00000042 IRP_MJ_SET_EA [F745CB0E] sptd.sys
Device \Driver\PCI_NTPNP6046 \Device\00000042 IRP_MJ_FLUSH_BUFFERS [F745CB0E] sptd.sys
Device \Driver\PCI_NTPNP6046 \Device\00000042 IRP_MJ_QUERY_VOLUME_INFORMATION [F745CB0E] sptd.sys
Device \Driver\PCI_NTPNP6046 \Device\00000042 IRP_MJ_SET_VOLUME_INFORMATION [F745CB0E] sptd.sys
Device \Driver\PCI_NTPNP6046 \Device\00000042 IRP_MJ_DIRECTORY_CONTROL [F745CB0E] sptd.sys
Device \Driver\PCI_NTPNP6046 \Device\00000042 IRP_MJ_FILE_SYSTEM_CONTROL [F745CB0E] sptd.sys
Device \Driver\PCI_NTPNP6046 \Device\00000042 IRP_MJ_DEVICE_CONTROL [F745CB0E] sptd.sys
Device \Driver\PCI_NTPNP6046 \Device\00000042 IRP_MJ_INTERNAL_DEVICE_CONTROL [F745CB0E] sptd.sys
Device \Driver\PCI_NTPNP6046 \Device\00000042 IRP_MJ_SHUTDOWN [F745CB0E] sptd.sys
Device \Driver\PCI_NTPNP6046 \Device\00000042 IRP_MJ_LOCK_CONTROL [F745CB0E] sptd.sys
Device \Driver\PCI_NTPNP6046 \Device\00000042 IRP_MJ_CLEANUP [F745CB0E] sptd.sys
Device \Driver\PCI_NTPNP6046 \Device\00000042 IRP_MJ_CREATE_MAILSLOT [F745CB0E] sptd.sys
Device \Driver\PCI_NTPNP6046 \Device\00000042 IRP_MJ_QUERY_SECURITY [F745CB0E] sptd.sys
Device \Driver\PCI_NTPNP6046 \Device\00000042 IRP_MJ_SET_SECURITY [F745CB0E] sptd.sys
Device \Driver\PCI_NTPNP6046 \Device\00000042 IRP_MJ_POWER [F7435EA8] sptd.sys
Device \Driver\PCI_NTPNP6046 \Device\00000042 IRP_MJ_SYSTEM_CONTROL [F74592C8] sptd.sys
Device \Driver\PCI_NTPNP6046 \Device\00000042 IRP_MJ_DEVICE_CHANGE [F745CB0E] sptd.sys
Device \Driver\PCI_NTPNP6046 \Device\00000042 IRP_MJ_QUERY_QUOTA [F745CB0E] sptd.sys
Device \Driver\PCI_NTPNP6046 \Device\00000042 IRP_MJ_SET_QUOTA [F745CB0E] sptd.sys
Device \Driver\PCI_NTPNP6046 \Device\00000042 IRP_MJ_PNP [F745A238] sptd.sys
Device \Driver\usbuhci \Device\USBPDO-0 IRP_MJ_CREATE 865D91E8
Device \Driver\usbuhci \Device\USBPDO-0 IRP_MJ_CLOSE 865D91E8
Device \Driver\usbuhci \Device\USBPDO-0 IRP_MJ_DEVICE_CONTROL 865D91E8
Device \Driver\usbuhci \Device\USBPDO-0 IRP_MJ_INTERNAL_DEVICE_CONTROL 865D91E8
Device \Driver\usbuhci \Device\USBPDO-0 IRP_MJ_POWER 865D91E8
Device \Driver\usbuhci \Device\USBPDO-0 IRP_MJ_SYSTEM_CONTROL 865D91E8
Device \Driver\usbuhci \Device\USBPDO-0 IRP_MJ_PNP 865D91E8
Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_CREATE 867611E8
Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_CLOSE 867611E8
Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_READ 867611E8
Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_WRITE 867611E8
Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_FLUSH_BUFFERS 867611E8
Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_DEVICE_CONTROL 867611E8
Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_INTERNAL_DEVICE_CONTROL 867611E8
Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_SHUTDOWN 867611E8
Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_POWER 867611E8
Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_SYSTEM_CONTROL 867611E8
Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_PNP 867611E8
Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_CREATE 867611E8
Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_CLOSE 867611E8
Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_READ 867611E8
Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_WRITE 867611E8
Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_FLUSH_BUFFERS 867611E8
Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_DEVICE_CONTROL 867611E8
Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_INTERNAL_DEVICE_CONTROL 867611E8
Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_SHUTDOWN 867611E8
Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_POWER 867611E8
Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_SYSTEM_CONTROL 867611E8
Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_PNP 867611E8
Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_CREATE 867611E8
Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_CLOSE 867611E8
Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_READ 867611E8
Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_WRITE 867611E8
Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_FLUSH_BUFFERS 867611E8
Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_DEVICE_CONTROL 867611E8
Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_INTERNAL_DEVICE_CONTROL 867611E8
Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_SHUTDOWN 867611E8
Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_POWER 867611E8
Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_SYSTEM_CONTROL 867611E8
Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_PNP 867611E8
Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_CREATE 867611E8
Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_CLOSE 867611E8
Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_READ 867611E8
Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_WRITE 867611E8
Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_FLUSH_BUFFERS 867611E8
Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_DEVICE_CONTROL 867611E8
Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_INTERNAL_DEVICE_CONTROL 867611E8
Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_SHUTDOWN 867611E8
Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_POWER 867611E8
Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_SYSTEM_CONTROL 867611E8
Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_PNP 867611E8
Device \Driver\usbuhci \Device\USBPDO-1 IRP_MJ_CREATE 865D91E8
Device \Driver\usbuhci \Device\USBPDO-1 IRP_MJ_CLOSE 865D91E8
Device \Driver\usbuhci \Device\USBPDO-1 IRP_MJ_DEVICE_CONTROL 865D91E8
Device \Driver\usbuhci \Device\USBPDO-1 IRP_MJ_INTERNAL_DEVICE_CONTROL 865D91E8
Device \Driver\usbuhci \Device\USBPDO-1 IRP_MJ_POWER 865D91E8
Device \Driver\usbuhci \Device\USBPDO-1 IRP_MJ_SYSTEM_CONTROL 865D91E8
Device \Driver\usbuhci \Device\USBPDO-1 IRP_MJ_PNP 865D91E8
Device \Driver\usbuhci \Device\USBPDO-2 IRP_MJ_CREATE 865D91E8
Device \Driver\usbuhci \Device\USBPDO-2 IRP_MJ_CLOSE 865D91E8
Device \Driver\usbuhci \Device\USBPDO-2 IRP_MJ_DEVICE_CONTROL 865D91E8
Device \Driver\usbuhci \Device\USBPDO-2 IRP_MJ_INTERNAL_DEVICE_CONTROL 865D91E8
Device \Driver\usbuhci \Device\USBPDO-2 IRP_MJ_POWER 865D91E8
Device \Driver\usbuhci \Device\USBPDO-2 IRP_MJ_SYSTEM_CONTROL 865D91E8
Device \Driver\usbuhci \Device\USBPDO-2 IRP_MJ_PNP 865D91E8
Device \Driver\usbuhci \Device\USBPDO-3 IRP_MJ_CREATE 865D91E8
Device \Driver\usbuhci \Device\USBPDO-3 IRP_MJ_CLOSE 865D91E8
Device \Driver\usbuhci \Device\USBPDO-3 IRP_MJ_DEVICE_CONTROL 865D91E8
Device \Driver\usbuhci \Device\USBPDO-3 IRP_MJ_INTERNAL_DEVICE_CONTROL 865D91E8
Device \Driver\usbuhci \Device\USBPDO-3 IRP_MJ_POWER 865D91E8
Device \Driver\usbuhci \Device\USBPDO-3 IRP_MJ_SYSTEM_CONTROL 865D91E8
Device \Driver\usbuhci \Device\USBPDO-3 IRP_MJ_PNP 865D91E8
Device \Driver\usbehci \Device\USBPDO-4 IRP_MJ_CREATE 865C21E8
Device \Driver\usbehci \Device\USBPDO-4 IRP_MJ_CLOSE 865C21E8
Device \Driver\usbehci \Device\USBPDO-4 IRP_MJ_DEVICE_CONTROL 865C21E8
Device \Driver\usbehci \Device\USBPDO-4 IRP_MJ_INTERNAL_DEVICE_CONTROL 865C21E8
Device \Driver\usbehci \Device\USBPDO-4 IRP_MJ_POWER 865C21E8
Device \Driver\usbehci \Device\USBPDO-4 IRP_MJ_SYSTEM_CONTROL 865C21E8
Device \Driver\usbehci \Device\USBPDO-4 IRP_MJ_PNP 865C21E8
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_CREATE 867D21E8
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_READ 867D21E8
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_WRITE 867D21E8
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_FLUSH_BUFFERS 867D21E8
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_DEVICE_CONTROL 867D21E8
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_INTERNAL_DEVICE_CONTROL 867D21E8
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_SHUTDOWN 867D21E8
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_CLEANUP 867D21E8
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_POWER 867D21E8
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_SYSTEM_CONTROL 867D21E8
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_PNP 867D21E8
Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_CREATE 867D21E8
Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_READ 867D21E8
Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_WRITE 867D21E8
Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_FLUSH_BUFFERS 867D21E8
Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_DEVICE_CONTROL 867D21E8
Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_INTERNAL_DEVICE_CONTROL 867D21E8
Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_SHUTDOWN 867D21E8
Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_CLEANUP 867D21E8
Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_POWER 867D21E8
Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_SYSTEM_CONTROL 867D21E8
Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_PNP 867D21E8
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_CREATE 86502790
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_CLOSE 86502790
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_READ 86502790
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_WRITE 86502790
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_FLUSH_BUFFERS 86502790
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_DEVICE_CONTROL 86502790
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_INTERNAL_DEVICE_CONTROL 86502790
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_SHUTDOWN 86502790
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_POWER 86502790
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_SYSTEM_CONTROL 86502790
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_PNP 86502790
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_CREATE 86502790
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_CLOSE 86502790
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_READ 86502790
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_WRITE 86502790
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_FLUSH_BUFFERS 86502790
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_DEVICE_CONTROL 86502790
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_INTERNAL_DEVICE_CONTROL 86502790
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_SHUTDOWN 86502790
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_POWER 86502790
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_SYSTEM_CONTROL 86502790
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_PNP 86502790
Device \Driver\Ftdisk \Device\HarddiskVolume3 IRP_MJ_CREATE 867D21E8
Device \Driver\Ftdisk \Device\HarddiskVolume3 IRP_MJ_READ 867D21E8
Device \Driver\Ftdisk \Device\HarddiskVolume3 IRP_MJ_WRITE 867D21E8
Device \Driver\Ftdisk \Device\HarddiskVolume3 IRP_MJ_FLUSH_BUFFERS 867D21E8
Device \Driver\Ftdisk \Device\HarddiskVolume3 IRP_MJ_DEVICE_CONTROL 867D21E8
Device \Driver\Ftdisk \Device\HarddiskVolume3 IRP_MJ_INTERNAL_DEVICE_CONTROL 867D21E8
Device \Driver\Ftdisk \Device\HarddiskVolume3 IRP_MJ_SHUTDOWN 867D21E8
Device \Driver\Ftdisk \Device\HarddiskVolume3 IRP_MJ_CLEANUP 867D21E8
Device \Driver\Ftdisk \Device\HarddiskVolume3 IRP_MJ_POWER 867D21E8
Device \Driver\Ftdisk \Device\HarddiskVolume3 IRP_MJ_SYSTEM_CONTROL 867D21E8
Device \Driver\Ftdisk \Device\HarddiskVolume3 IRP_MJ_PNP 867D21E8
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_CREATE 867D11E8
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_CLOSE 867D11E8
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_DEVICE_CONTROL 867D11E8
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_INTERNAL_DEVICE_CONTROL 867D11E8
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_POWER 867D11E8
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_SYSTEM_CONTROL 867D11E8
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_PNP 867D11E8
Device \Driver\atapi \Device\Ide\IdeDeviceP2T0L0-5 IRP_MJ_CREATE 867D11E8
Device \Driver\atapi \Device\Ide\IdeDeviceP2T0L0-5 IRP_MJ_CLOSE 867D11E8
Device \Driver\atapi \Device\Ide\IdeDeviceP2T0L0-5 IRP_MJ_DEVICE_CONTROL 867D11E8
Device \Driver\atapi \Device\Ide\IdeDeviceP2T0L0-5 IRP_MJ_INTERNAL_DEVICE_CONTROL 867D11E8
Device \Driver\atapi \Device\Ide\IdeDeviceP2T0L0-5 IRP_MJ_POWER 867D11E8
Device \Driver\atapi \Device\Ide\IdeDeviceP2T0L0-5 IRP_MJ_SYSTEM_CONTROL 867D11E8
Device \Driver\atapi \Device\Ide\IdeDeviceP2T0L0-5 IRP_MJ_PNP 867D11E8
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_CREATE 867D11E8
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_CLOSE 867D11E8
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_DEVICE_CONTROL 867D11E8
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_INTERNAL_DEVICE_CONTROL 867D11E8
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_POWER 867D11E8
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_SYSTEM_CONTROL 867D11E8
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_PNP 867D11E8
Device \Driver\atapi \Device\Ide\IdePort2 IRP_MJ_CREATE 867D11E8
Device \Driver\atapi \Device\Ide\IdePort2 IRP_MJ_CLOSE 867D11E8
Device \Driver\atapi \Device\Ide\IdePort2 IRP_MJ_DEVICE_CONTROL 867D11E8
Device \Driver\atapi \Device\Ide\IdePort2 IRP_MJ_INTERNAL_DEVICE_CONTROL 867D11E8
Device \Driver\atapi \Device\Ide\IdePort2 IRP_MJ_POWER 867D11E8
Device \Driver\atapi \Device\Ide\IdePort2 IRP_MJ_SYSTEM_CONTROL 867D11E8
Device \Driver\atapi \Device\Ide\IdePort2 IRP_MJ_PNP 867D11E8
Device \Driver\atapi \Device\Ide\IdePort3 IRP_MJ_CREATE 867D11E8
Device \Driver\atapi \Device\Ide\IdePort3 IRP_MJ_CLOSE 867D11E8
Device \Driver\atapi \Device\Ide\IdePort3 IRP_MJ_DEVICE_CONTROL 867D11E8
Device \Driver\atapi \Device\Ide\IdePort3 IRP_MJ_INTERNAL_DEVICE_CONTROL 867D11E8
Device \Driver\atapi \Device\Ide\IdePort3 IRP_MJ_POWER 867D11E8
Device \Driver\atapi \Device\Ide\IdePort3 IRP_MJ_SYSTEM_CONTROL 867D11E8
Device \Driver\atapi \Device\Ide\IdePort3 IRP_MJ_PNP 867D11E8
Device \Driver\atapi \Device\Ide\IdeDeviceP1T1L0-1b IRP_MJ_CREATE 867D11E8
Device \Driver\atapi \Device\Ide\IdeDeviceP1T1L0-1b IRP_MJ_CLOSE 867D11E8
Device \Driver\atapi \Device\Ide\IdeDeviceP1T1L0-1b IRP_MJ_DEVICE_CONTROL 867D11E8
Device \Driver\atapi \Device\Ide\IdeDeviceP1T1L0-1b IRP_MJ_INTERNAL_DEVICE_CONTROL 867D11E8
Device \Driver\atapi \Device\Ide\IdeDeviceP1T1L0-1b IRP_MJ_POWER 867D11E8
Device \Driver\atapi \Device\Ide\IdeDeviceP1T1L0-1b IRP_MJ_SYSTEM_CONTROL 867D11E8
Device \Driver\atapi \Device\Ide\IdeDeviceP1T1L0-1b IRP_MJ_PNP 867D11E8
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-13 IRP_MJ_CREATE 867D11E8
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-13 IRP_MJ_CLOSE 867D11E8
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-13 IRP_MJ_DEVICE_CONTROL 867D11E8
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-13 IRP_MJ_INTERNAL_DEVICE_CONTROL 867D11E8
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-13 IRP_MJ_POWER 867D11E8
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-13 IRP_MJ_SYSTEM_CONTROL 867D11E8
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-13 IRP_MJ_PNP 867D11E8
Device \Driver\NetBT \Device\NetBt_Wins_Export IRP_MJ_CREATE 862FF1E8
Device \Driver\NetBT \Device\NetBt_Wins_Export IRP_MJ_CLOSE 862FF1E8
Device \Driver\NetBT \Device\NetBt_Wins_Export IRP_MJ_DEVICE_CONTROL 862FF1E8
Device \Driver\NetBT \Device\NetBt_Wins_Export IRP_MJ_INTERNAL_DEVICE_CONTROL 862FF1E8
Device \Driver\NetBT \Device\NetBt_Wins_Export IRP_MJ_CLEANUP 862FF1E8
Device \Driver\NetBT \Device\NetBt_Wins_Export IRP_MJ_PNP 862FF1E8
Device \Driver\NetBT \Device\NetbiosSmb IRP_MJ_CREATE 862FF1E8
Device \Driver\NetBT \Device\NetbiosSmb IRP_MJ_CLOSE 862FF1E8
Device \Driver\NetBT \Device\NetbiosSmb IRP_MJ_DEVICE_CONTROL 862FF1E8
Device \Driver\NetBT \Device\NetbiosSmb IRP_MJ_INTERNAL_DEVICE_CONTROL 862FF1E8
Device \Driver\NetBT \Device\NetbiosSmb IRP_MJ_CLEANUP 862FF1E8
Device \Driver\NetBT \Device\NetbiosSmb IRP_MJ_PNP 862FF1E8
Device \Driver\NetBT \Device\NetBT_Tcpip_{CBC69F84-9234-4ECE-9CC1-309DFE21703A} IRP_MJ_CREATE 862FF1E8
Device \Driver\NetBT \Device\NetBT_Tcpip_{CBC69F84-9234-4ECE-9CC1-309DFE21703A} IRP_MJ_CLOSE 862FF1E8
Device \Driver\NetBT \Device\NetBT_Tcpip_{CBC69F84-9234-4ECE-9CC1-309DFE21703A} IRP_MJ_DEVICE_CONTROL 862FF1E8
Device \Driver\NetBT \Device\NetBT_Tcpip_{CBC69F84-9234-4ECE-9CC1-309DFE21703A} IRP_MJ_INTERNAL_DEVICE_CONTROL 862FF1E8
Device \Driver\NetBT \Device\NetBT_Tcpip_{CBC69F84-9234-4ECE-9CC1-309DFE21703A} IRP_MJ_CLEANUP 862FF1E8
Device \Driver\NetBT \Device\NetBT_Tcpip_{CBC69F84-9234-4ECE-9CC1-309DFE21703A} IRP_MJ_PNP 862FF1E8
Device \Driver\usbuhci \Device\USBFDO-0 IRP_MJ_CREATE 865D91E8
Device \Driver\usbuhci \Device\USBFDO-0 IRP_MJ_CLOSE 865D91E8
Device \Driver\usbuhci \Device\USBFDO-0 IRP_MJ_DEVICE_CONTROL 865D91E8
Device \Driver\usbuhci \Device\USBFDO-0 IRP_MJ_INTERNAL_DEVICE_CONTROL 865D91E8
Device \Driver\usbuhci \Device\USBFDO-0 IRP_MJ_POWER 865D91E8
Device \Driver\usbuhci \Device\USBFDO-0 IRP_MJ_SYSTEM_CONTROL 865D91E8
Device \Driver\usbuhci \Device\USBFDO-0 IRP_MJ_PNP 865D91E8
Device \Driver\NetBT \Device\NetBT_Tcpip_{2E8324A8-C3DC-43A6-BEC1-6C5BA8BF56D9} IRP_MJ_CREATE 862FF1E8
Device \Driver\NetBT \Device\NetBT_Tcpip_{2E8324A8-C3DC-43A6-BEC1-6C5BA8BF56D9} IRP_MJ_CLOSE 862FF1E8
Device \Driver\NetBT \Device\NetBT_Tcpip_{2E8324A8-C3DC-43A6-BEC1-6C5BA8BF56D9} IRP_MJ_DEVICE_CONTROL 862FF1E8
Device \Driver\NetBT \Device\NetBT_Tcpip_{2E8324A8-C3DC-43A6-BEC1-6C5BA8BF56D9} IRP_MJ_INTERNAL_DEVICE_CONTROL 862FF1E8
Device \Driver\NetBT \Device\NetBT_Tcpip_{2E8324A8-C3DC-43A6-BEC1-6C5BA8BF56D9} IRP_MJ_CLEANUP 862FF1E8
Device \Driver\NetBT \Device\NetBT_Tcpip_{2E8324A8-C3DC-43A6-BEC1-6C5BA8BF56D9} IRP_MJ_PNP 862FF1E8
Device \Driver\usbuhci \Device\USBFDO-1 IRP_MJ_CREATE 865D91E8
Device \Driver\usbuhci \Device\USBFDO-1 IRP_MJ_CLOSE 865D91E8
Device \Driver\usbuhci \Device\USBFDO-1 IRP_MJ_DEVICE_CONTROL 865D91E8
Device \Driver\usbuhci \Device\USBFDO-1 IRP_MJ_INTERNAL_DEVICE_CONTROL 865D91E8
Device \Driver\usbuhci \Device\USBFDO-1 IRP_MJ_POWER 865D91E8
Device \Driver\usbuhci \Device\USBFDO-1 IRP_MJ_SYSTEM_CONTROL 865D91E8
Device \Driver\usbuhci \Device\USBFDO-1 IRP_MJ_PNP 865D91E8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_CREATE 8620C1E8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_CREATE_NAMED_PIPE 8620C1E8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_CLOSE 8620C1E8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_READ 8620C1E8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_WRITE 8620C1E8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_QUERY_INFORMATION 8620C1E8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_SET_INFORMATION 8620C1E8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_QUERY_EA 8620C1E8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_SET_EA 8620C1E8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_FLUSH_BUFFERS 8620C1E8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_QUERY_VOLUME_INFORMATION 8620C1E8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_SET_VOLUME_INFORMATION 8620C1E8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_DIRECTORY_CONTROL 8620C1E8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_FILE_SYSTEM_CONTROL 8620C1E8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_DEVICE_CONTROL 8620C1E8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_INTERNAL_DEVICE_CONTROL 8620C1E8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_SHUTDOWN 8620C1E8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_LOCK_CONTROL 8620C1E8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_CLEANUP 8620C1E8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_CREATE_MAILSLOT 8620C1E8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_QUERY_SECURITY 8620C1E8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_SET_SECURITY 8620C1E8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_POWER 8620C1E8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_SYSTEM_CONTROL 8620C1E8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_DEVICE_CHANGE 8620C1E8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_QUERY_QUOTA 8620C1E8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_SET_QUOTA 8620C1E8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_PNP 8620C1E8
Device \Driver\usbuhci \Device\USBFDO-2 IRP_MJ_CREATE 865D91E8
Device \Driver\usbuhci \Device\USBFDO-2 IRP_MJ_CLOSE 865D91E8
Device \Driver\usbuhci \Device\USBFDO-2 IRP_MJ_DEVICE_CONTROL 865D91E8
Device \Driver\usbuhci \Device\USBFDO-2 IRP_MJ_INTERNAL_DEVICE_CONTROL 865D91E8
Device \Driver\usbuhci \Device\USBFDO-2 IRP_MJ_POWER 865D91E8
Device \Driver\usbuhci \Device\USBFDO-2 IRP_MJ_SYSTEM_CONTROL 865D91E8
Device \Driver\usbuhci \Device\USBFDO-2 IRP_MJ_PNP 865D91E8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_CREATE 8620C1E8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_CREATE_NAMED_PIPE 8620C1E8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_CLOSE 8620C1E8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_READ 8620C1E8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_WRITE 8620C1E8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_QUERY_INFORMATION 8620C1E8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_SET_INFORMATION 8620C1E8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_QUERY_EA 8620C1E8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_SET_EA 8620C1E8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_FLUSH_BUFFERS 8620C1E8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_QUERY_VOLUME_INFORMATION 8620C1E8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_SET_VOLUME_INFORMATION 8620C1E8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_DIRECTORY_CONTROL 8620C1E8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_FILE_SYSTEM_CONTROL 8620C1E8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_DEVICE_CONTROL 8620C1E8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_INTERNAL_DEVICE_CONTROL 8620C1E8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_SHUTDOWN 8620C1E8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_LOCK_CONTROL 8620C1E8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_CLEANUP 8620C1E8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_CREATE_MAILSLOT 8620C1E8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_QUERY_SECURITY 8620C1E8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_SET_SECURITY 8620C1E8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_POWER 8620C1E8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_SYSTEM_CONTROL 8620C1E8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_DEVICE_CHANGE 8620C1E8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_QUERY_QUOTA 8620C1E8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_SET_QUOTA 8620C1E8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_PNP 8620C1E8
Device \Driver\usbuhci \Device\USBFDO-3 IRP_MJ_CREATE 865D91E8
Device \Driver\usbuhci \Device\USBFDO-3 IRP_MJ_CLOSE 865D91E8
Device \Driver\usbuhci \Device\USBFDO-3 IRP_MJ_DEVICE_CONTROL 865D91E8
Device \Driver\usbuhci \Device\USBFDO-3 IRP_MJ_INTERNAL_DEVICE_CONTROL 865D91E8
Device \Driver\usbuhci \Device\USBFDO-3 IRP_MJ_POWER 865D91E8
Device \Driver\usbuhci \Device\USBFDO-3 IRP_MJ_SYSTEM_CONTROL 865D91E8
Device \Driver\usbuhci \Device\USBFDO-3 IRP_MJ_PNP 865D91E8
Device \Driver\usbehci \Device\USBFDO-4 IRP_MJ_CREATE 865C21E8
Device \Driver\usbehci \Device\USBFDO-4 IRP_MJ_CLOSE 865C21E8
Device \Driver\usbehci \Device\USBFDO-4 IRP_MJ_DEVICE_CONTROL 865C21E8
Device \Driver\usbehci \Device\USBFDO-4 IRP_MJ_INTERNAL_DEVICE_CONTROL 865C21E8
Device \Driver\usbehci \Device\USBFDO-4 IRP_MJ_POWER 865C21E8
Device \Driver\usbehci \Device\USBFDO-4 IRP_MJ_SYSTEM_CONTROL 865C21E8
Device \Driver\usbehci \Device\USBFDO-4 IRP_MJ_PNP 865C21E8
Device \Driver\Ftdisk \Device\FtControl IRP_MJ_CREATE 867D21E8
Device \Driver\Ftdisk \Device\FtControl IRP_MJ_READ 867D21E8
Device \Driver\Ftdisk \Device\FtControl IRP_MJ_WRITE 867D21E8
Device \Driver\Ftdisk \Device\FtControl IRP_MJ_FLUSH_BUFFERS 867D21E8
Device \Driver\Ftdisk \Device\FtControl IRP_MJ_DEVICE_CONTROL 867D21E8
Device \Driver\Ftdisk \Device\FtControl IRP_MJ_INTERNAL_DEVICE_CONTROL 867D21E8
Device \Driver\Ftdisk \Device\FtControl IRP_MJ_SHUTDOWN 867D21E8
Device \Driver\Ftdisk \Device\FtControl IRP_MJ_CLEANUP 867D21E8
Device \Driver\Ftdisk \Device\FtControl IRP_MJ_POWER 867D21E8
Device \Driver\Ftdisk \Device\FtControl IRP_MJ_SYSTEM_CONTROL 867D21E8
Device \Driver\Ftdisk \Device\FtControl IRP_MJ_PNP 867D21E8
Device \Driver\ayrkpgal \Device\Scsi\ayrkpgal1Port4Path0Target0Lun0 IRP_MJ_CREATE 865A1550
Device \Driver\ayrkpgal \Device\Scsi\ayrkpgal1Port4Path0Target0Lun0 IRP_MJ_CLOSE 865A1550
Device \Driver\ayrkpgal \Device\Scsi\ayrkpgal1Port4Path0Target0Lun0 IRP_MJ_DEVICE_CONTROL 865A1550
Device \Driver\ayrkpgal \Device\Scsi\ayrkpgal1Port4Path0Target0Lun0 IRP_MJ_INTERNAL_DEVICE_CONTROL 865A1550
Device \Driver\ayrkpgal \Device\Scsi\ayrkpgal1Port4Path0Target0Lun0 IRP_MJ_POWER 865A1550
Device \Driver\ayrkpgal \Device\Scsi\ayrkpgal1Port4Path0Target0Lun0 IRP_MJ_SYSTEM_CONTROL 865A1550
Device \Driver\ayrkpgal \Device\Scsi\ayrkpgal1Port4Path0Target0Lun0 IRP_MJ_PNP 865A1550
Device \Driver\ayrkpgal \Device\Scsi\ayrkpgal1 IRP_MJ_CREATE 865A1550
Device \Driver\ayrkpgal \Device\Scsi\ayrkpgal1 IRP_MJ_CLOSE 865A1550
Device \Driver\ayrkpgal \Device\Scsi\ayrkpgal1 IRP_MJ_DEVICE_CONTROL 865A1550
Device \Driver\ayrkpgal \Device\Scsi\ayrkpgal1 IRP_MJ_INTERNAL_DEVICE_CONTROL 865A1550
Device \Driver\ayrkpgal \Device\Scsi\ayrkpgal1 IRP_MJ_POWER 865A1550
Device \Driver\ayrkpgal \Device\Scsi\ayrkpgal1 IRP_MJ_SYSTEM_CONTROL 865A1550
Device \Driver\ayrkpgal \Device\Scsi\ayrkpgal1 IRP_MJ_PNP 865A1550
Device \FileSystem\Cdfs \Cdfs IRP_MJ_CREATE 86589790
Device \FileSystem\Cdfs \Cdfs IRP_MJ_CLOSE 86589790
Device \FileSystem\Cdfs \Cdfs IRP_MJ_READ 86589790
Device \FileSystem\Cdfs \Cdfs IRP_MJ_QUERY_INFORMATION 86589790
Device \FileSystem\Cdfs \Cdfs IRP_MJ_SET_INFORMATION 86589790
Device \FileSystem\Cdfs \Cdfs IRP_MJ_QUERY_VOLUME_INFORMATION 86589790
Device \FileSystem\Cdfs \Cdfs IRP_MJ_DIRECTORY_CONTROL 86589790
Device \FileSystem\Cdfs \Cdfs IRP_MJ_FILE_SYSTEM_CONTROL 86589790
Device \FileSystem\Cdfs \Cdfs IRP_MJ_DEVICE_CONTROL 86589790
Device \FileSystem\Cdfs \Cdfs IRP_MJ_SHUTDOWN 86589790
Device \FileSystem\Cdfs \Cdfs IRP_MJ_LOCK_CONTROL 86589790
Device \FileSystem\Cdfs \Cdfs IRP_MJ_CLEANUP 86589790
Device \FileSystem\Cdfs \Cdfs IRP_MJ_PNP 86589790

---- Processes - GMER 1.0.13 ----

Process C:\WINDOWS\system32\drivers\hidr.exe (*** hidden *** ) 2004






i wish someone can help
thanks in advance

BC AdBot (Login to Remove)

 


m

#2 Speed_Rock

Speed_Rock
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:12:04 PM

Posted 30 November 2007 - 03:42 AM

and this is my hijack this log

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:40:40 AM, on 11/30/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.20583)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\VistaDrive\VistaDrive.exe
C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\RocketDock\RocketDock.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\Rainlendar2\Rainlendar2.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\FolderSize\FolderSizeSvc.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\Program Files\Adobe\Adobe Dreamweaver CS3\Dreamweaver.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\XPPRESP3\Desktop\gmer\gmer.exe
C:\WINDOWS\system32\msiexec.exe
C:\Documents and Settings\XPPRESP3\Desktop\Hijackthis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: IE7Pro - {00011268-E188-40DF-A514-835FCD78B1BF} - C:\Program Files\IE7Pro\IE7Pro.dll
O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files\Orbitdownloader\orbitcth.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O4 - HKLM\..\Run: [VistaDrive] C:\WINDOWS\VistaDrive\VistaDrive.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [LClock] C:\Program Files\LClock\LClock.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKCU\..\Run: [Rainlendar2] C:\Program Files\Rainlendar2\Rainlendar2.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe" (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user')
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &Download by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/201
O8 - Extra context menu item: &Grab video by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/204
O8 - Extra context menu item: Do&wnload selected by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/203
O8 - Extra context menu item: Down&load all by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/202
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Lookup on Merriam Webster - file://C:\Program Files\ieSpell\Merriam Webster.HTM
O8 - Extra context menu item: Lookup on Wikipedia - file://C:\Program Files\ieSpell\wikipedia.HTM
O9 - Extra button: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IE7Pro\IE7Pro.dll
O9 - Extra 'Tools' menuitem: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IE7Pro\IE7Pro.dll
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{CBC69F84-9234-4ECE-9CC1-309DFE21703A}: NameServer = 195.112.195.34 195.112.195.35
O23 - Service: Adobe Version Cue CS3 - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe
O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Folder Size (FolderSize) - Brio - C:\Program Files\FolderSize\FolderSizeSvc.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: Windows Driver Foundation - User-mode Driver Framework (WudfSvc) - Unknown owner - hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,74,00,25,00,5c,00,73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,73,00,76,00,63,00,68,00,6f,00,73,00,74,00,2e,00,65,00,78,00,65,00,20,00,2d,00,6b,00,20,00,57,00,75,00,64,00,66,00,53,00,65,00,72,00,76,00,69,00,63,00,65,00,47,00,72,00,6f,00,75,00,70,00,00,00 (file missing)

--
End of file - 6807 bytes

#3 Speed_Rock

Speed_Rock
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:12:04 PM

Posted 30 November 2007 - 07:58 AM

guys i really need urgent help, because i am working on a project that needs internet and i have to install an antivirus software,

i appreciate any help

#4 Shaba

Shaba

    Koutsi


  • Members
  • 7,872 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Finland
  • Local time:07:04 PM

Posted 17 December 2007 - 01:38 PM

Hi Speed_Rock

Run gmer.exe
Click the tab called Processes and click the Safe... button. The computer will reboot and the Gmer screen will open.
Click Files... and browse to the following file:
C:\WINDOWS\system32\drivers\hidr.exe
Now click Delete
Also do that with these files:

C:\WINDOWS\system32\drivers\srosa.sys

Now click the Services tab. Click the entries in red one by one with your right mouse button and click Delete... Answer Yes to all the warning windows.
When you've removed all the Service entries in red, reboot your computer.

Re-run gmer

Post:

- a fresh HijackThis log
- gmer log
Microsoft MVP Consumer Security
Posted Image

Posted Image

#5 Shaba

Shaba

    Koutsi


  • Members
  • 7,872 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Finland
  • Local time:07:04 PM

Posted 24 December 2007 - 05:44 AM

Due to the lack of feedback this Topic is closed.

If you need this topic reopened, please request this by sending the moderating team
a PM with the address of the thread. This applies only to the original topic starter.

Everyone else please begin a New Topic.
Microsoft MVP Consumer Security
Posted Image

Posted Image




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users