Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Not Being Able To Install Antivirus..


  • Please log in to reply
2 replies to this topic

#1 goolimari

goolimari

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:11:09 AM

Posted 16 January 2008 - 07:50 PM

Hello,

this is my first post here..looks like i have a virus problem never ran into anything like this
before, so any help would be appreciated..

I stupidly tried to use a crack to run an exam simulator (the real deal was costing $159 :thumbsup: ). my
NOD32 anti virus wouldnt let me, so i closed the antivirs and ran the crack. i didnt bother to
restart the antivirus. next thing i know, the antivirus files have been deleted from the program
files folder! and IE explorer is opening random windows. also, i'm not beng able to start in safe mode...

I followed the "Preparation Guide For Use Before Posting A Hijackthis Log, Instructions for
receiving help in cleaning your computer" but its not helping. Spybot - Search and Destroy had
its *.exe removed as soon as it was installed, and I can’t windows defender. Alos, Trend
Housecall doesnt seem to work ( i tried both firefox and IE), and a Panda scan revealed around 15 viruses,
of which it disinfected only 11.

but i still cant install any antivirus, and get a meeage "cannot create the anti virus exe file,
please check if you have the permission). am clueless as to what to do..

here is the HijackThis log file


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 6:27:42 PM, on 1/16/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
C:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\PROGRA~1\Intel\Wireless\Bin\1XConfig.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE
C:\WINDOWS\system32\crypserv.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Ad Muncher\AdMunch.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\D-Link\AirPlus G\AirGCFG.exe
C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
C:\Program Files\eMule\emule.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\Mozilla Firefox\firefox.exe
C:\Program Files\FlashGet\flashget.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dell.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer =
202.159.203.194:80
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program
Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: IeCatch5 Class - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} -
C:\PROGRA~1\FlashGet\jccatch.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} -
C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program
Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: gFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} -
C:\PROGRA~1\FlashGet\getflash.dll
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} -
C:\PROGRA~1\FlashGet\fgiebar.dll
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [IntelWireless] C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe /tf Intel
PROSet/Wireless
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [D_V_T] C:\\dvt.exe /S \C:\\d_v_t.reg\
O4 - HKLM\..\Run: [Ad Muncher] C:\Program Files\Ad Muncher\AdMunch.exe /bt
O4 - HKLM\..\Run: [D-Link AirPlus G] C:\Program Files\D-Link\AirPlus G\AirGCFG.exe
O4 - HKLM\..\Run: [ANIWZCS2Service] C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKCU\..\Run: [AROReminder] C:\Program Files\Advanced Registry Optimizer\aro.exe -rem
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [eMuleAutoStart] C:\Program Files\eMule\emule.exe -AutoStart
O8 - Extra context menu item: Block frame with Ad Muncher -
http://www.admuncher.com/request_will_be_i...d=menu_ie_frame
O8 - Extra context menu item: Block image with Ad Muncher -
http://www.admuncher.com/request_will_be_i...d=menu_ie_image
O8 - Extra context menu item: Block link with Ad Muncher -
http://www.admuncher.com/request_will_be_i...id=menu_ie_link
O8 - Extra context menu item: Don't filter page with Ad Muncher -
http://www.admuncher.com/request_will_be_i...menu_ie_exclude
O8 - Extra context menu item: Download All by FlashGet - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: Download using FlashGet - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: E&xport to Microsoft Excel -
res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Report page to the Ad Muncher developers -
http://www.admuncher.com/request_will_be_i...=menu_ie_report
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program
Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} -
C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} -
C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program
Files\PartyGaming\PartyPoker\RunApp.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program
Files\PartyGaming\PartyPoker\RunApp.exe (file missing)
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} -
C:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} -
C:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} -
C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration -
{DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program
Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} -
C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {1239CC52-59EF-4DFA-8C61-90FFA846DF7E} (Musicnotes Viewer) -
http://www.musicnotes.com/download/mnviewer.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) -
http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {3EA4FA88-E0BE-419A-A732-9B79B87A6ED0} - http://dl.tvunetworks.com/TVUAx.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) -
http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) -
http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {B7D07999-2ADB-4AEB-997E-F61CB7B2E2CD} (TSEasyInstallX Control) -
http://www.trendsecure.com/easy_install/_a...asyInstallX.CAB
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware
2007\aawservice.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile
Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: C-DillaSrv - C-Dilla Ltd - C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE
O23 - Service: Crypkey License - CrypKey (Canada) Ltd. - C:\WINDOWS\SYSTEM32\crypserv.exe
O23 - Service: EvtEng - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program
Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common
Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: RegSrvc - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Program
Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: WLANKEEPER - Intel® Corporation - C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe

--
End of file - 8614 bytes




here is the GMER Rootkit scan file (i unchecked registry and files)



GMER 1.0.13.12551 - http://www.gmer.net
Rootkit scan 2008-01-16 18:49:57
Windows 5.1.2600 Service Pack 2


---- System - GMER 1.0.13 ----

SSDT sptd.sys SSDT[41]
SSDT sptd.sys SSDT[71]
SSDT sptd.sys SSDT[73]
SSDT sptd.sys SSDT[119]
SSDT sptd.sys SSDT[160]
SSDT sptd.sys SSDT[177]
SSDT sptd.sys SSDT[247]
SSDT \WINDOWS\system32\ntoskrnl.exe [80580115] PUSH 0000009C; RET SSDT[0]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[1]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[2]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[3]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[4]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[5]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[6]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[7]
SSDT \WINDOWS\system32\ntoskrnl.exe [8057833F] PUSH 000000B4; RET SSDT[8]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[9]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[10]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[11]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[12]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[13]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[14]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[15]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[16]
SSDT \WINDOWS\system32\ntoskrnl.exe [8056819D] PUSH 00000104; RET SSDT[17]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[18]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[19]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[20]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[21]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[22]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[23]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[24]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[25]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[26]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[27]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[28]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[29]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[30]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[31]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[32]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[33]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[34]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[35]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[36]
SSDT \WINDOWS\system32\ntoskrnl.exe [805710D8] PUSH EDEDB510; RET \??\C:\WINDOWS\system32\drivers\srosa.sys SSDT[37]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[38]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[39]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[40]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[42]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[43]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[44]
SSDT \WINDOWS\system32\ntoskrnl.exe [805BA640] PUSH 000000DC; RET SSDT[45]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[46]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[47]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[48]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[49]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[50]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[51]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[52]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[53]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[54]
SSDT \WINDOWS\system32\ntoskrnl.exe [805A79D0] PUSH 000000BC; RET SSDT[55]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[56]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[57]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[58]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[59]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[60]
SSDT \WINDOWS\system32\ntoskrnl.exe [805D6A4F] PUSH EDED63CC; RET \??\C:\WINDOWS\system32\drivers\srosa.sys SSDT[62]
SSDT \WINDOWS\system32\ntoskrnl.exe [80594D25] PUSH EDED695E; RET \??\C:\WINDOWS\system32\drivers\srosa.sys SSDT[63]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[64]
SSDT \WINDOWS\system32\ntoskrnl.exe [805936FB] PUSH EDED675E; RET \??\C:\WINDOWS\system32\drivers\srosa.sys SSDT[65]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[66]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[67]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[68]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[69]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[72]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[74]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[75]
SSDT \WINDOWS\system32\ntoskrnl.exe [8058A66E] PUSH 000000B0; RET SSDT[76]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[77]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[78]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[79]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[80]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[81]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[82]
SSDT \WINDOWS\system32\ntoskrnl.exe [80568AC7] PUSH 00000080; RET SSDT[83]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[84]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[85]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[86]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[87]
SSDT \WINDOWS\system32\ntoskrnl.exe [8053AE8D] PUSH 0000046C; RET SSDT[88]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[89]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[90]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[91]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[92]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[93]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[94]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[95]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[96]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[97]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[98]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[99]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[100]
SSDT \WINDOWS\system32\ntoskrnl.exe [805AFB53] PUSH 000008B4; RET SSDT[101]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[102]
SSDT \WINDOWS\system32\ntoskrnl.exe [805AEFC0] PUSH 00000080; RET SSDT[103]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[104]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[105]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[106]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[107]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[108]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[110]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[111]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[112]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[113]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[114]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[115]
SSDT \WINDOWS\system32\ntoskrnl.exe [80571073] PUSH EDEDB5D0; RET \??\C:\WINDOWS\system32\drivers\srosa.sys SSDT[116]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[117]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[118]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[120]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[121]
SSDT \WINDOWS\system32\ntoskrnl.exe [805741E6] PUSH EDED631E; RET \??\C:\WINDOWS\system32\drivers\srosa.sys SSDT[122]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[123]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[124]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[125]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[126]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[127]
SSDT \WINDOWS\system32\ntoskrnl.exe [8058D73E] PUSH 000000C0; RET SSDT[128]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[129]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[130]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[131]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[132]
SSDT \WINDOWS\system32\ntoskrnl.exe [8059944E] PUSH 00000344; RET SSDT[133]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[134]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[135]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[136]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[137]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[138]
SSDT \WINDOWS\system32\ntoskrnl.exe [80571953] PUSH 00000144; RET SSDT[139]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[142]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[143]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[144]
SSDT \WINDOWS\system32\ntoskrnl.exe [805749F5] PUSH EDEDBB8C; RET \??\C:\WINDOWS\system32\drivers\srosa.sys SSDT[145]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[146]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[147]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[148]
SSDT \WINDOWS\system32\ntoskrnl.exe [8057AAF2] PUSH 00000148; RET SSDT[149]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[150]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[151]
SSDT \WINDOWS\system32\ntoskrnl.exe [80582C57] PUSH 00000160; RET SSDT[152]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[153]
SSDT \WINDOWS\system32\ntoskrnl.exe [8056BE7C] PUSH 000001E0; RET SSDT[154]
SSDT \WINDOWS\system32\ntoskrnl.exe [80566677] PUSH 00000090; RET SSDT[155]
SSDT \WINDOWS\system32\ntoskrnl.exe [8056C9AB] PUSH 00000100; RET SSDT[156]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[157]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[158]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[159]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[161]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[162]
SSDT \WINDOWS\system32\ntoskrnl.exe [80581858] PUSH 000000BC; RET SSDT[163]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[164]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[165]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[166]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[167]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[168]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[169]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[170]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[171]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[172]
SSDT \WINDOWS\system32\ntoskrnl.exe [8057D666] PUSH EDEDBD3E; RET \??\C:\WINDOWS\system32\drivers\srosa.sys SSDT[173]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[174]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[175]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[176]
SSDT \WINDOWS\system32\ntoskrnl.exe [8056C538] PUSH 00000084; RET SSDT[178]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[179]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[180]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[181]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[182]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[183]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[184]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[185]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[186]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[187]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[188]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[189]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[190]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[191]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[192]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[193]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[194]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[195]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[196]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[197]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[198]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[199]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[200]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[201]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[202]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[203]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[204]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[205]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[206]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[207]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[208]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[209]
SSDT \WINDOWS\system32\ntoskrnl.exe [8057F801] PUSH 00000084; RET SSDT[210]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[213]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[214]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[215]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[216]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[217]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[218]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[219]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[220]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[221]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[222]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[223]
SSDT \WINDOWS\system32\ntoskrnl.exe [805792F1] PUSH EDED641C; RET \??\C:\WINDOWS\system32\drivers\srosa.sys SSDT[224]
SSDT \WINDOWS\system32\ntoskrnl.exe [805AA13A] PUSH 0000028C; RET SSDT[225]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[226]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[227]
SSDT \WINDOWS\system32\ntoskrnl.exe [8056BF4D] PUSH 0000011C; RET SSDT[228]
SSDT \WINDOWS\system32\ntoskrnl.exe [80575978] PUSH 000000EC; RET SSDT[229]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[230]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[231]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[232]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[233]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[234]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[235]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[236]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[237]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[238]
SSDT \WINDOWS\system32\ntoskrnl.exe [805A6934] PUSH 00000174; RET SSDT[240]
SSDT \WINDOWS\system32\ntoskrnl.exe [80665DB3] PUSH 000000AC; RET SSDT[241]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[242]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[243]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[244]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[245]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[246]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[248]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[249]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[250]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[251]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[252]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[253]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[254]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[255]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[256]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[257]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[258]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[259]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[260]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[261]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[262]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[263]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[264]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[265]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[266]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[267]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[268]
SSDT \WINDOWS\system32\ntoskrnl.exe [8065905C] PUSH 000000A0; RET SSDT[269]
SSDT \WINDOWS\system32\ntoskrnl.exe [80565C6E] PUSH 0000034C; RET SSDT[270]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[271]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[272]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[273]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[274]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[275]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[276]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[277]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[278]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[279]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[280]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[281]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[282]
SSDT \WINDOWS\system32\ntoskrnl.exe SSDT[283]

---- Kernel code sections - GMER 1.0.13 ----

? C:\WINDOWS\system32\ntoskrnl.exe The system cannot find the file specified.
? C:\WINDOWS\system32\drivers\sptd.sys The process cannot access the file because it is being used by another process.
.text USBPORT.SYS!DllUnload F6B3468E 5 Bytes JMP 860EA1C8
? System32\Drivers\ag7kjer3.SYS The system cannot find the file specified.

---- User code sections - GMER 1.0.13 ----

.text C:\WINDOWS\system32\wintems.exe[916] WS2_32.dll!connect 71AB406A 6 Bytes JMP 009B0000
.text C:\WINDOWS\system32\wintems.exe[916] WS2_32.dll!WSAStartup 71AB664D 6 Bytes JMP 00990000
.text C:\WINDOWS\system32\wintems.exe[916] WS2_32.dll!getsockname 71AB951E 6 Bytes JMP 009C0000
.text C:\WINDOWS\system32\wintems.exe[916] WS2_32.dll!getpeername 71AC0B50 6 Bytes JMP 009D0000
.text C:\WINDOWS\system32\wintems.exe[916] WS2_32.dll!WSAConnect 71AC0C69 6 Bytes JMP 009A0000
.text C:\Program Files\eMule\emule.exe[1016] WS2_32.dll!connect 71AB406A 6 Bytes JMP 031E0000
.text C:\Program Files\eMule\emule.exe[1016] WS2_32.dll!WSAStartup 71AB664D 6 Bytes JMP 031C0000
.text C:\Program Files\eMule\emule.exe[1016] WS2_32.dll!getsockname 71AB951E 6 Bytes JMP 031F0000
.text C:\Program Files\eMule\emule.exe[1016] WS2_32.dll!getpeername 71AC0B50 6 Bytes JMP 03200000
.text C:\Program Files\eMule\emule.exe[1016] WS2_32.dll!WSAConnect 71AC0C69 6 Bytes JMP 031D0000
.text C:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exe[1588] ws2_32.dll!connect 71AB406A 6 Bytes JMP 01A70000
.text C:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exe[1588] ws2_32.dll!WSAStartup 71AB664D 6 Bytes JMP 011F0000
.text C:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exe[1588] ws2_32.dll!getsockname 71AB951E 6 Bytes JMP 01A80000
.text C:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exe[1588] ws2_32.dll!getpeername 71AC0B50 6 Bytes JMP 01A90000
.text C:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exe[1588] ws2_32.dll!WSAConnect 71AC0C69 6 Bytes JMP 01A60000
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[1712] ws2_32.dll!connect 71AB406A 6 Bytes JMP 01190000
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[1712] ws2_32.dll!WSAStartup 71AB664D 6 Bytes JMP 01170000
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[1712] ws2_32.dll!getsockname 71AB951E 6 Bytes JMP 011A0000
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[1712] ws2_32.dll!getpeername 71AC0B50 6 Bytes JMP 011B0000
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[1712] ws2_32.dll!WSAConnect 71AC0C69 6 Bytes JMP 01180000
.text C:\WINDOWS\Explorer.EXE[1720] WS2_32.dll!connect 71AB406A 6 Bytes JMP 00D20000
.text C:\WINDOWS\Explorer.EXE[1720] WS2_32.dll!WSAStartup 71AB664D 6 Bytes JMP 00BF0000
.text C:\WINDOWS\Explorer.EXE[1720] WS2_32.dll!getsockname 71AB951E 6 Bytes JMP 01590000
.text C:\WINDOWS\Explorer.EXE[1720] WS2_32.dll!getpeername 71AC0B50 6 Bytes JMP 015F0000
.text C:\WINDOWS\Explorer.EXE[1720] WS2_32.dll!WSAConnect 71AC0C69 6 Bytes JMP 00D10000
.text C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe[1868] ws2_32.dll!connect 71AB406A 6 Bytes JMP 01A20000
.text C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe[1868] ws2_32.dll!WSAStartup 71AB664D 6 Bytes JMP 01A00000
.text C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe[1868] ws2_32.dll!getsockname 71AB951E 6 Bytes JMP 01A30000
.text C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe[1868] ws2_32.dll!getpeername 71AC0B50 6 Bytes JMP 01A40000
.text C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe[1868] ws2_32.dll!WSAConnect 71AC0C69 6 Bytes JMP 01A10000
.text C:\WINDOWS\system32\hkcmd.exe[1888] ws2_32.dll!connect 71AB406A 6 Bytes JMP 00A80000
.text C:\WINDOWS\system32\hkcmd.exe[1888] ws2_32.dll!WSAStartup 71AB664D 6 Bytes JMP 00A60000
.text C:\WINDOWS\system32\hkcmd.exe[1888] ws2_32.dll!getsockname 71AB951E 6 Bytes JMP 00A90000
.text C:\WINDOWS\system32\hkcmd.exe[1888] ws2_32.dll!getpeername 71AC0B50 6 Bytes JMP 00AA0000
.text C:\WINDOWS\system32\hkcmd.exe[1888] ws2_32.dll!WSAConnect 71AC0C69 6 Bytes JMP 00A70000
.text C:\WINDOWS\system32\igfxpers.exe[1912] ws2_32.dll!connect 71AB406A 6 Bytes JMP 00A70000
.text C:\WINDOWS\system32\igfxpers.exe[1912] ws2_32.dll!WSAStartup 71AB664D 6 Bytes JMP 00A50000
.text C:\WINDOWS\system32\igfxpers.exe[1912] ws2_32.dll!getsockname 71AB951E 6 Bytes JMP 00A80000
.text C:\WINDOWS\system32\igfxpers.exe[1912] ws2_32.dll!getpeername 71AC0B50 6 Bytes JMP 00A90000
.text C:\WINDOWS\system32\igfxpers.exe[1912] ws2_32.dll!WSAConnect 71AC0C69 6 Bytes JMP 00A60000
.text C:\Program Files\D-Link\AirPlus G\AirGCFG.exe[1928] ws2_32.dll!connect 71AB406A 6 Bytes JMP 00C00000
.text C:\Program Files\D-Link\AirPlus G\AirGCFG.exe[1928] ws2_32.dll!WSAStartup 71AB664D 6 Bytes JMP 00BE0000
.text C:\Program Files\D-Link\AirPlus G\AirGCFG.exe[1928] ws2_32.dll!getsockname 71AB951E 6 Bytes JMP 00C10000
.text C:\Program Files\D-Link\AirPlus G\AirGCFG.exe[1928] ws2_32.dll!getpeername 71AC0B50 6 Bytes JMP 00C20000
.text C:\Program Files\D-Link\AirPlus G\AirGCFG.exe[1928] ws2_32.dll!WSAConnect 71AC0C69 6 Bytes JMP 00BF0000
.text C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe[1952] ws2_32.dll!connect 71AB406A 6 Bytes JMP 00C80000
.text C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe[1952] ws2_32.dll!WSAStartup 71AB664D 6 Bytes JMP 00B10000
.text C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe[1952] ws2_32.dll!getsockname 71AB951E 6 Bytes JMP 00C90000
.text C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe[1952] ws2_32.dll!getpeername 71AC0B50 6 Bytes JMP 00CA0000
.text C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe[1952] ws2_32.dll!WSAConnect 71AC0C69 6 Bytes JMP 00C70000
.text C:\Program Files\FlashGet\flashget.exe[2092] WS2_32.dll!connect 71AB406A 6 Bytes JMP 00C30000
.text C:\Program Files\FlashGet\flashget.exe[2092] WS2_32.dll!WSAStartup 71AB664D 6 Bytes JMP 00B00000
.text C:\Program Files\FlashGet\flashget.exe[2092] WS2_32.dll!getsockname 71AB951E 6 Bytes JMP 00C40000
.text C:\Program Files\FlashGet\flashget.exe[2092] WS2_32.dll!getpeername 71AC0B50 6 Bytes JMP 00C50000
.text C:\Program Files\FlashGet\flashget.exe[2092] WS2_32.dll!WSAConnect 71AC0C69 6 Bytes JMP 00C20000
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[2248] ws2_32.dll!connect 71AB406A 6 Bytes JMP 00A90000
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[2248] ws2_32.dll!WSAStartup 71AB664D 6 Bytes JMP 003E0000
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[2248] ws2_32.dll!getsockname 71AB951E 6 Bytes JMP 00AA0000
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[2248] ws2_32.dll!getpeername 71AC0B50 6 Bytes JMP 00AB0000
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[2248] ws2_32.dll!WSAConnect 71AC0C69 6 Bytes JMP 003F0000
.text C:\DOCUME~1\GOOLID~1\LOCALS~1\Temp\Temporary Directory 1 for gmer.zip\gmer.exe[2524] ws2_32.dll!connect 71AB406A 6 Bytes JMP 00AE0000
.text C:\DOCUME~1\GOOLID~1\LOCALS~1\Temp\Temporary Directory 1 for gmer.zip\gmer.exe[2524] ws2_32.dll!WSAStartup 71AB664D 6 Bytes JMP 00960000
.text C:\DOCUME~1\GOOLID~1\LOCALS~1\Temp\Temporary Directory 1 for gmer.zip\gmer.exe[2524] ws2_32.dll!getsockname 71AB951E 6 Bytes JMP 00AF0000
.text C:\DOCUME~1\GOOLID~1\LOCALS~1\Temp\Temporary Directory 1 for gmer.zip\gmer.exe[2524] ws2_32.dll!getpeername 71AC0B50 6 Bytes JMP 00B00000
.text C:\DOCUME~1\GOOLID~1\LOCALS~1\Temp\Temporary Directory 1 for gmer.zip\gmer.exe[2524] ws2_32.dll!WSAConnect 71AC0C69 6 Bytes JMP 00AD0000

---- Kernel IAT/EAT - GMER 1.0.13 ----

IAT atapi.sys[HAL.dll!READ_PORT_UCHAR] [F76A9AD4] sptd.sys
IAT atapi.sys[HAL.dll!READ_PORT_BUFFER_USHORT] [F76A9C1A] sptd.sys
IAT atapi.sys[HAL.dll!READ_PORT_USHORT] [F76A9B9C] sptd.sys
IAT atapi.sys[HAL.dll!WRITE_PORT_BUFFER_USHORT] [F76AA748] sptd.sys
IAT atapi.sys[HAL.dll!WRITE_PORT_UCHAR] [F76AA61E] sptd.sys
IAT \SystemRoot\system32\DRIVERS\i8042prt.sys[HAL.dll!READ_PORT_UCHAR] [F76BF29A] sptd.sys

---- User IAT/EAT - GMER 1.0.13 ----

IAT C:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exe[1588] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [5CB77774] C:\WINDOWS\system32\ShimEng.dll
IAT C:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exe[1588] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] [5CB77774] C:\WINDOWS\system32\ShimEng.dll
IAT C:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exe[1588] @ C:\WINDOWS\system32\RPCRT4.dll [ADVAPI32.dll!OpenServiceW] [6F8A065D] C:\WINDOWS\AppPatch\AcGenral.DLL
IAT C:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exe[1588] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [5CB77774] C:\WINDOWS\system32\ShimEng.dll
IAT C:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exe[1588] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [5CB77774] C:\WINDOWS\system32\ShimEng.dll
IAT C:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exe[1588] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetProcAddress] [5CB77774] C:\WINDOWS\system32\ShimEng.dll
IAT C:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exe[1588] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!GetProcAddress] [5CB77774] C:\WINDOWS\system32\ShimEng.dll
IAT C:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exe[1588] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [5CB77774] C:\WINDOWS\system32\ShimEng.dll
IAT C:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exe[1588] @ C:\WINDOWS\system32\SHELL32.dll [ADVAPI32.dll!ControlService] [6F8A0680] C:\WINDOWS\AppPatch\AcGenral.DLL
IAT C:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exe[1588] @ C:\WINDOWS\system32\SHELL32.dll [ADVAPI32.dll!OpenServiceW] [6F8A065D] C:\WINDOWS\AppPatch\AcGenral.DLL
IAT C:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exe[1588] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] [5CB77774] C:\WINDOWS\system32\ShimEng.dll
IAT C:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exe[1588] @ C:\WINDOWS\system32\CRYPT32.dll [ADVAPI32.dll!OpenServiceW] [6F8A065D] C:\WINDOWS\AppPatch\AcGenral.DLL
IAT C:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exe[1588] @ C:\WINDOWS\system32\CRYPT32.dll [ADVAPI32.dll!ControlService] [6F8A0680] C:\WINDOWS\AppPatch\AcGenral.DLL
IAT C:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exe[1588] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress] [5CB77774] C:\WINDOWS\system32\ShimEng.dll
IAT C:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exe[1588] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!GetProcAddress] [5CB77774] C:\WINDOWS\system32\ShimEng.dll
IAT C:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exe[1588] @ C:\WINDOWS\system32\netapi32.dll [ADVAPI32.dll!OpenServiceA] [6F8A063A] C:\WINDOWS\AppPatch\AcGenral.DLL
IAT C:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exe[1588] @ C:\WINDOWS\system32\netapi32.dll [ADVAPI32.dll!ControlService] [6F8A0680] C:\WINDOWS\AppPatch\AcGenral.DLL
IAT C:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exe[1588] @ C:\WINDOWS\system32\netapi32.dll [ADVAPI32.dll!OpenServiceW] [6F8A065D] C:\WINDOWS\AppPatch\AcGenral.DLL
IAT C:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exe[1588] @ C:\WINDOWS\system32\netapi32.dll [KERNEL32.dll!GetProcAddress] [5CB77774] C:\WINDOWS\system32\ShimEng.dll
IAT C:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exe[1588] @ C:\WINDOWS\system32\ws2_32.dll [KERNEL32.dll!GetProcAddress] [5CB77774] C:\WINDOWS\system32\ShimEng.dll
IAT C:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exe[1588] @ C:\WINDOWS\system32\WS2HELP.dll [ADVAPI32.dll!OpenServiceA] [6F8A063A] C:\WINDOWS\AppPatch\AcGenral.DLL
IAT C:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exe[1588] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!GetProcAddress] [5CB77774] C:\WINDOWS\system32\ShimEng.dll

Device \FileSystem\Ntfs \Ntfs IRP_MJ_CREATE 863D11E8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_CLOSE 863D11E8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_READ 863D11E8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_WRITE 863D11E8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_INFORMATION 863D11E8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_SET_INFORMATION 863D11E8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_EA 863D11E8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_SET_EA 863D11E8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_FLUSH_BUFFERS 863D11E8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_VOLUME_INFORMATION 863D11E8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_SET_VOLUME_INFORMATION 863D11E8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_DIRECTORY_CONTROL 863D11E8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_FILE_SYSTEM_CONTROL 863D11E8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_DEVICE_CONTROL 863D11E8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_SHUTDOWN 863D11E8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_LOCK_CONTROL 863D11E8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_CLEANUP 863D11E8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_SECURITY 863D11E8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_SET_SECURITY 863D11E8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_QUOTA 863D11E8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_SET_QUOTA 863D11E8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_PNP 863D11E8
Device \Driver\NetBT \Device\NetBT_Tcpip_{ECDD4257-C4D1-4911-8AB8-92AB33058FA2} IRP_MJ_CREATE 8558E1E8
Device \Driver\NetBT \Device\NetBT_Tcpip_{ECDD4257-C4D1-4911-8AB8-92AB33058FA2} IRP_MJ_CLOSE 8558E1E8
Device \Driver\NetBT \Device\NetBT_Tcpip_{ECDD4257-C4D1-4911-8AB8-92AB33058FA2} IRP_MJ_DEVICE_CONTROL 8558E1E8
Device \Driver\NetBT \Device\NetBT_Tcpip_{ECDD4257-C4D1-4911-8AB8-92AB33058FA2} IRP_MJ_INTERNAL_DEVICE_CONTROL 8558E1E8
Device \Driver\NetBT \Device\NetBT_Tcpip_{ECDD4257-C4D1-4911-8AB8-92AB33058FA2} IRP_MJ_CLEANUP 8558E1E8
Device \Driver\NetBT \Device\NetBT_Tcpip_{ECDD4257-C4D1-4911-8AB8-92AB33058FA2} IRP_MJ_PNP 8558E1E8

AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 IRP_MJ_CREATE [F67A09D0] SynTP.sys
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 IRP_MJ_CREATE_NAMED_PIPE [F67A09D0] SynTP.sys
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 IRP_MJ_CLOSE [F67A09D0] SynTP.sys
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 IRP_MJ_READ [F67A09D0] SynTP.sys
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 IRP_MJ_WRITE [F67A09D0] SynTP.sys
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 IRP_MJ_QUERY_INFORMATION [F67A09D0] SynTP.sys
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 IRP_MJ_SET_INFORMATION [F67A09D0] SynTP.sys
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 IRP_MJ_QUERY_EA [F67A09D0] SynTP.sys
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 IRP_MJ_SET_EA [F67A09D0] SynTP.sys
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 IRP_MJ_FLUSH_BUFFERS [F67A09D0] SynTP.sys
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 IRP_MJ_QUERY_VOLUME_INFORMATION [F67A09D0] SynTP.sys
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 IRP_MJ_SET_VOLUME_INFORMATION [F67A09D0] SynTP.sys
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 IRP_MJ_DIRECTORY_CONTROL [F67A09D0] SynTP.sys
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 IRP_MJ_FILE_SYSTEM_CONTROL [F67A09D0] SynTP.sys
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 IRP_MJ_DEVICE_CONTROL [F67A09D0] SynTP.sys
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 IRP_MJ_INTERNAL_DEVICE_CONTROL [F67A09D0] SynTP.sys
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 IRP_MJ_SHUTDOWN [F67A09D0] SynTP.sys
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 IRP_MJ_LOCK_CONTROL [F67A09D0] SynTP.sys
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 IRP_MJ_CLEANUP [F67A09D0] SynTP.sys
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 IRP_MJ_CREATE_MAILSLOT [F67A09D0] SynTP.sys
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 IRP_MJ_QUERY_SECURITY [F67A09D0] SynTP.sys
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 IRP_MJ_SET_SECURITY [F67A09D0] SynTP.sys
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 IRP_MJ_POWER [F67A09D0] SynTP.sys
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 IRP_MJ_SYSTEM_CONTROL [F67A09D0] SynTP.sys
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 IRP_MJ_DEVICE_CHANGE [F67A09D0] SynTP.sys
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 IRP_MJ_QUERY_QUOTA [F67A09D0] SynTP.sys
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 IRP_MJ_SET_QUOTA [F67A09D0] SynTP.sys

Device \Driver\NetworkX \Device\ckldrv IRP_MJ_CREATE [F7ABB349] ckldrv.sys
Device \Driver\NetworkX \Device\ckldrv IRP_MJ_CREATE_NAMED_PIPE [F7ABB349] ckldrv.sys
Device \Driver\NetworkX \Device\ckldrv IRP_MJ_CLOSE [F7ABB349] ckldrv.sys
Device \Driver\NetworkX \Device\ckldrv IRP_MJ_READ [F7ABB349] ckldrv.sys
Device \Driver\NetworkX \Device\ckldrv IRP_MJ_WRITE [F7ABB349] ckldrv.sys
Device \Driver\NetworkX \Device\ckldrv IRP_MJ_QUERY_INFORMATION [F7ABB349] ckldrv.sys
Device \Driver\NetworkX \Device\ckldrv IRP_MJ_SET_INFORMATION [F7ABB349] ckldrv.sys
Device \Driver\NetworkX \Device\ckldrv IRP_MJ_QUERY_EA [F7ABB349] ckldrv.sys
Device \Driver\NetworkX \Device\ckldrv IRP_MJ_SET_EA [F7ABB349] ckldrv.sys
Device \Driver\NetworkX \Device\ckldrv IRP_MJ_FLUSH_BUFFERS [F7ABB349] ckldrv.sys
Device \Driver\NetworkX \Device\ckldrv IRP_MJ_QUERY_VOLUME_INFORMATION [F7ABB349] ckldrv.sys
Device \Driver\NetworkX \Device\ckldrv IRP_MJ_SET_VOLUME_INFORMATION [F7ABB349] ckldrv.sys
Device \Driver\NetworkX \Device\ckldrv IRP_MJ_DIRECTORY_CONTROL [F7ABB349] ckldrv.sys
Device \Driver\NetworkX \Device\ckldrv IRP_MJ_FILE_SYSTEM_CONTROL [F7ABB349] ckldrv.sys
Device \Driver\NetworkX \Device\ckldrv IRP_MJ_DEVICE_CONTROL [F7ABB349] ckldrv.sys
Device \Driver\NetworkX \Device\ckldrv IRP_MJ_INTERNAL_DEVICE_CONTROL [F7ABB349] ckldrv.sys
Device \Driver\NetworkX \Device\ckldrv IRP_MJ_SHUTDOWN [F7ABB349] ckldrv.sys
Device \Driver\NetworkX \Device\ckldrv IRP_MJ_LOCK_CONTROL [F7ABB349] ckldrv.sys
Device \Driver\NetworkX \Device\ckldrv IRP_MJ_CLEANUP [F7ABB349] ckldrv.sys
Device \Driver\NetworkX \Device\ckldrv IRP_MJ_CREATE_MAILSLOT [F7ABB349] ckldrv.sys
Device \Driver\NetworkX \Device\ckldrv IRP_MJ_QUERY_SECURITY [F7ABB349] ckldrv.sys
Device \Driver\NetworkX \Device\ckldrv IRP_MJ_SET_SECURITY [F7ABB349] ckldrv.sys

AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 IRP_MJ_CREATE [F67A09D0] SynTP.sys
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 IRP_MJ_CREATE_NAMED_PIPE [F67A09D0] SynTP.sys
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 IRP_MJ_CLOSE [F67A09D0] SynTP.sys
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 IRP_MJ_READ [F67A09D0] SynTP.sys
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 IRP_MJ_WRITE [F67A09D0] SynTP.sys
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 IRP_MJ_QUERY_INFORMATION [F67A09D0] SynTP.sys
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 IRP_MJ_SET_INFORMATION [F67A09D0] SynTP.sys
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 IRP_MJ_QUERY_EA [F67A09D0] SynTP.sys
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 IRP_MJ_SET_EA [F67A09D0] SynTP.sys
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 IRP_MJ_FLUSH_BUFFERS [F67A09D0] SynTP.sys
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 IRP_MJ_QUERY_VOLUME_INFORMATION [F67A09D0] SynTP.sys
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 IRP_MJ_SET_VOLUME_INFORMATION [F67A09D0] SynTP.sys
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 IRP_MJ_DIRECTORY_CONTROL [F67A09D0] SynTP.sys
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 IRP_MJ_FILE_SYSTEM_CONTROL [F67A09D0] SynTP.sys
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 IRP_MJ_DEVICE_CONTROL [F67A09D0] SynTP.sys
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 IRP_MJ_INTERNAL_DEVICE_CONTROL [F67A09D0] SynTP.sys
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 IRP_MJ_SHUTDOWN [F67A09D0] SynTP.sys
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 IRP_MJ_LOCK_CONTROL [F67A09D0] SynTP.sys
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 IRP_MJ_CLEANUP [F67A09D0] SynTP.sys
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 IRP_MJ_CREATE_MAILSLOT [F67A09D0] SynTP.sys
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 IRP_MJ_QUERY_SECURITY [F67A09D0] SynTP.sys
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 IRP_MJ_SET_SECURITY [F67A09D0] SynTP.sys
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 IRP_MJ_POWER [F67A09D0] SynTP.sys
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 IRP_MJ_SYSTEM_CONTROL [F67A09D0] SynTP.sys
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 IRP_MJ_DEVICE_CHANGE [F67A09D0] SynTP.sys
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 IRP_MJ_QUERY_QUOTA [F67A09D0] SynTP.sys
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 IRP_MJ_SET_QUOTA [F67A09D0] SynTP.sys

Device \Driver\usbuhci \Device\USBPDO-0 IRP_MJ_CREATE 861A81E8
Device \Driver\usbuhci \Device\USBPDO-0 IRP_MJ_CLOSE 861A81E8
Device \Driver\usbuhci \Device\USBPDO-0 IRP_MJ_DEVICE_CONTROL 861A81E8
Device \Driver\usbuhci \Device\USBPDO-0 IRP_MJ_INTERNAL_DEVICE_CONTROL 861A81E8
Device \Driver\usbuhci \Device\USBPDO-0 IRP_MJ_POWER 861A81E8
Device \Driver\usbuhci \Device\USBPDO-0 IRP_MJ_SYSTEM_CONTROL 861A81E8
Device \Driver\usbuhci \Device\USBPDO-0 IRP_MJ_PNP 861A81E8
Device \Driver\PCI_NTPNP1712 \Device\00000051 IRP_MJ_CREATE [F76DFB0E] sptd.sys
Device \Driver\PCI_NTPNP1712 \Device\00000051 IRP_MJ_CREATE_NAMED_PIPE [F76DFB0E] sptd.sys
Device \Driver\PCI_NTPNP1712 \Device\00000051 IRP_MJ_CLOSE [F76DFB0E] sptd.sys
Device \Driver\PCI_NTPNP1712 \Device\00000051 IRP_MJ_READ [F76DFB0E] sptd.sys
Device \Driver\PCI_NTPNP1712 \Device\00000051 IRP_MJ_WRITE [F76DFB0E] sptd.sys
Device \Driver\PCI_NTPNP1712 \Device\00000051 IRP_MJ_QUERY_INFORMATION [F76DFB0E] sptd.sys
Device \Driver\PCI_NTPNP1712 \Device\00000051 IRP_MJ_SET_INFORMATION [F76DFB0E] sptd.sys
Device \Driver\PCI_NTPNP1712 \Device\00000051 IRP_MJ_QUERY_EA [F76DFB0E] sptd.sys
Device \Driver\PCI_NTPNP1712 \Device\00000051 IRP_MJ_SET_EA [F76DFB0E] sptd.sys
Device \Driver\PCI_NTPNP1712 \Device\00000051 IRP_MJ_FLUSH_BUFFERS [F76DFB0E] sptd.sys
Device \Driver\PCI_NTPNP1712 \Device\00000051 IRP_MJ_QUERY_VOLUME_INFORMATION [F76DFB0E] sptd.sys
Device \Driver\PCI_NTPNP1712 \Device\00000051 IRP_MJ_SET_VOLUME_INFORMATION [F76DFB0E] sptd.sys
Device \Driver\PCI_NTPNP1712 \Device\00000051 IRP_MJ_DIRECTORY_CONTROL [F76DFB0E] sptd.sys
Device \Driver\PCI_NTPNP1712 \Device\00000051 IRP_MJ_FILE_SYSTEM_CONTROL [F76DFB0E] sptd.sys
Device \Driver\PCI_NTPNP1712 \Device\00000051 IRP_MJ_DEVICE_CONTROL [F76DFB0E] sptd.sys
Device \Driver\PCI_NTPNP1712 \Device\00000051 IRP_MJ_INTERNAL_DEVICE_CONTROL [F76DFB0E] sptd.sys
Device \Driver\PCI_NTPNP1712 \Device\00000051 IRP_MJ_SHUTDOWN [F76DFB0E] sptd.sys
Device \Driver\PCI_NTPNP1712 \Device\00000051 IRP_MJ_LOCK_CONTROL [F76DFB0E] sptd.sys
Device \Driver\PCI_NTPNP1712 \Device\00000051 IRP_MJ_CLEANUP [F76DFB0E] sptd.sys
Device \Driver\PCI_NTPNP1712 \Device\00000051 IRP_MJ_CREATE_MAILSLOT [F76DFB0E] sptd.sys
Device \Driver\PCI_NTPNP1712 \Device\00000051 IRP_MJ_QUERY_SECURITY [F76DFB0E] sptd.sys
Device \Driver\PCI_NTPNP1712 \Device\00000051 IRP_MJ_SET_SECURITY [F76DFB0E] sptd.sys
Device \Driver\PCI_NTPNP1712 \Device\00000051 IRP_MJ_POWER [F76B8EA8] sptd.sys
Device \Driver\PCI_NTPNP1712 \Device\00000051 IRP_MJ_SYSTEM_CONTROL [F76DC2C8] sptd.sys
Device \Driver\PCI_NTPNP1712 \Device\00000051 IRP_MJ_DEVICE_CHANGE [F76DFB0E] sptd.sys
Device \Driver\PCI_NTPNP1712 \Device\00000051 IRP_MJ_QUERY_QUOTA [F76DFB0E] sptd.sys
Device \Driver\PCI_NTPNP1712 \Device\00000051 IRP_MJ_SET_QUOTA [F76DFB0E] sptd.sys
Device \Driver\PCI_NTPNP1712 \Device\00000051 IRP_MJ_PNP [F76DD238] sptd.sys
Device \Driver\usbuhci \Device\USBPDO-1 IRP_MJ_CREATE 861A81E8
Device \Driver\usbuhci \Device\USBPDO-1 IRP_MJ_CLOSE 861A81E8
Device \Driver\usbuhci \Device\USBPDO-1 IRP_MJ_DEVICE_CONTROL 861A81E8
Device \Driver\usbuhci \Device\USBPDO-1 IRP_MJ_INTERNAL_DEVICE_CONTROL 861A81E8
Device \Driver\usbuhci \Device\USBPDO-1 IRP_MJ_POWER 861A81E8
Device \Driver\usbuhci \Device\USBPDO-1 IRP_MJ_SYSTEM_CONTROL 861A81E8
Device \Driver\usbuhci \Device\USBPDO-1 IRP_MJ_PNP 861A81E8
Device \Driver\usbuhci \Device\USBPDO-2 IRP_MJ_CREATE 861A81E8
Device \Driver\usbuhci \Device\USBPDO-2 IRP_MJ_CLOSE 861A81E8
Device \Driver\usbuhci \Device\USBPDO-2 IRP_MJ_DEVICE_CONTROL 861A81E8
Device \Driver\usbuhci \Device\USBPDO-2 IRP_MJ_INTERNAL_DEVICE_CONTROL 861A81E8
Device \Driver\usbuhci \Device\USBPDO-2 IRP_MJ_POWER 861A81E8
Device \Driver\usbuhci \Device\USBPDO-2 IRP_MJ_SYSTEM_CONTROL 861A81E8
Device \Driver\usbuhci \Device\USBPDO-2 IRP_MJ_PNP 861A81E8
Device \Driver\usbehci \Device\USBPDO-3 IRP_MJ_CREATE 860DB1E8
Device \Driver\usbehci \Device\USBPDO-3 IRP_MJ_CLOSE 860DB1E8
Device \Driver\usbehci \Device\USBPDO-3 IRP_MJ_DEVICE_CONTROL 860DB1E8
Device \Driver\usbehci \Device\USBPDO-3 IRP_MJ_INTERNAL_DEVICE_CONTROL 860DB1E8
Device \Driver\usbehci \Device\USBPDO-3 IRP_MJ_POWER 860DB1E8
Device \Driver\usbehci \Device\USBPDO-3 IRP_MJ_SYSTEM_CONTROL 860DB1E8
Device \Driver\usbehci \Device\USBPDO-3 IRP_MJ_PNP 860DB1E8
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_CREATE 863631E8
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_READ 863631E8
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_WRITE 863631E8
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_FLUSH_BUFFERS 863631E8
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_DEVICE_CONTROL 863631E8
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_INTERNAL_DEVICE_CONTROL 863631E8
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_SHUTDOWN 863631E8
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_CLEANUP 863631E8
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_POWER 863631E8
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_SYSTEM_CONTROL 863631E8
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_PNP 863631E8
Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_CREATE 863631E8
Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_READ 863631E8
Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_WRITE 863631E8
Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_FLUSH_BUFFERS 863631E8
Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_DEVICE_CONTROL 863631E8
Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_INTERNAL_DEVICE_CONTROL 863631E8
Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_SHUTDOWN 863631E8
Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_CLEANUP 863631E8
Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_POWER 863631E8
Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_SYSTEM_CONTROL 863631E8
Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_PNP 863631E8
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_CREATE 860091E8
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_CLOSE 860091E8
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_READ 860091E8
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_WRITE 860091E8
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_FLUSH_BUFFERS 860091E8
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_DEVICE_CONTROL 860091E8
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_INTERNAL_DEVICE_CONTROL 860091E8
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_SHUTDOWN 860091E8
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_POWER 860091E8
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_SYSTEM_CONTROL 860091E8
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_PNP 860091E8
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_CREATE 860091E8
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_CLOSE 860091E8
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_READ 860091E8
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_WRITE 860091E8
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_FLUSH_BUFFERS 860091E8
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_DEVICE_CONTROL 860091E8
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_INTERNAL_DEVICE_CONTROL 860091E8
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_SHUTDOWN 860091E8
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_POWER 860091E8
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_SYSTEM_CONTROL 860091E8
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_PNP 860091E8
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_CREATE 863D21E8
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_CLOSE 863D21E8
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_DEVICE_CONTROL 863D21E8
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_INTERNAL_DEVICE_CONTROL 863D21E8
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_POWER 863D21E8
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_SYSTEM_CONTROL 863D21E8
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_PNP 863D21E8
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 IRP_MJ_CREATE 863D21E8
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 IRP_MJ_CLOSE 863D21E8
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 IRP_MJ_DEVICE_CONTROL 863D21E8
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 IRP_MJ_INTERNAL_DEVICE_CONTROL 863D21E8
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 IRP_MJ_POWER 863D21E8
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 IRP_MJ_SYSTEM_CONTROL 863D21E8
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 IRP_MJ_PNP 863D21E8
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_CREATE 863D21E8
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_CLOSE 863D21E8
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_DEVICE_CONTROL 863D21E8
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_INTERNAL_DEVICE_CONTROL 863D21E8
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_POWER 863D21E8
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_SYSTEM_CONTROL 863D21E8
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_PNP 863D21E8
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-e IRP_MJ_CREATE 863D21E8
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-e IRP_MJ_CLOSE 863D21E8
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-e IRP_MJ_DEVICE_CONTROL 863D21E8
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-e IRP_MJ_INTERNAL_DEVICE_CONTROL 863D21E8
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-e IRP_MJ_POWER 863D21E8
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-e IRP_MJ_SYSTEM_CONTROL 863D21E8
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-e IRP_MJ_PNP 863D21E8
Device \Driver\Ftdisk \Device\HarddiskVolume3 IRP_MJ_CREATE 863631E8
Device \Driver\Ftdisk \Device\HarddiskVolume3 IRP_MJ_READ 863631E8
Device \Driver\Ftdisk \Device\HarddiskVolume3 IRP_MJ_WRITE 863631E8
Device \Driver\Ftdisk \Device\HarddiskVolume3 IRP_MJ_FLUSH_BUFFERS 863631E8
Device \Driver\Ftdisk \Device\HarddiskVolume3 IRP_MJ_DEVICE_CONTROL 863631E8
Device \Driver\Ftdisk \Device\HarddiskVolume3 IRP_MJ_INTERNAL_DEVICE_CONTROL 863631E8
Device \Driver\Ftdisk \Device\HarddiskVolume3 IRP_MJ_SHUTDOWN 863631E8
Device \Driver\Ftdisk \Device\HarddiskVolume3 IRP_MJ_CLEANUP 863631E8
Device \Driver\Ftdisk \Device\HarddiskVolume3 IRP_MJ_POWER 863631E8
Device \Driver\Ftdisk \Device\HarddiskVolume3 IRP_MJ_SYSTEM_CONTROL 863631E8
Device \Driver\Ftdisk \Device\HarddiskVolume3 IRP_MJ_PNP 863631E8
Device \Driver\NetBT \Device\NetBt_Wins_Export IRP_MJ_CREATE 8558E1E8
Device \Driver\NetBT \Device\NetBt_Wins_Export IRP_MJ_CLOSE 8558E1E8
Device \Driver\NetBT \Device\NetBt_Wins_Export IRP_MJ_DEVICE_CONTROL 8558E1E8
Device \Driver\NetBT \Device\NetBt_Wins_Export IRP_MJ_INTERNAL_DEVICE_CONTROL 8558E1E8
Device \Driver\NetBT \Device\NetBt_Wins_Export IRP_MJ_CLEANUP 8558E1E8
Device \Driver\NetBT \Device\NetBt_Wins_Export IRP_MJ_PNP 8558E1E8
Device \Driver\NetBT \Device\NetbiosSmb IRP_MJ_CREATE 8558E1E8
Device \Driver\NetBT \Device\NetbiosSmb IRP_MJ_CLOSE 8558E1E8
Device \Driver\NetBT \Device\NetbiosSmb IRP_MJ_DEVICE_CONTROL 8558E1E8
Device \Driver\NetBT \Device\NetbiosSmb IRP_MJ_INTERNAL_DEVICE_CONTROL 8558E1E8
Device \Driver\NetBT \Device\NetbiosSmb IRP_MJ_CLEANUP 8558E1E8
Device \Driver\NetBT \Device\NetbiosSmb IRP_MJ_PNP 8558E1E8
Device \Driver\usbuhci \Device\USBFDO-0 IRP_MJ_CREATE 861A81E8
Device \Driver\usbuhci \Device\USBFDO-0 IRP_MJ_CLOSE 861A81E8
Device \Driver\usbuhci \Device\USBFDO-0 IRP_MJ_DEVICE_CONTROL 861A81E8
Device \Driver\usbuhci \Device\USBFDO-0 IRP_MJ_INTERNAL_DEVICE_CONTROL 861A81E8
Device \Driver\usbuhci \Device\USBFDO-0 IRP_MJ_POWER 861A81E8
Device \Driver\usbuhci \Device\USBFDO-0 IRP_MJ_SYSTEM_CONTROL 861A81E8
Device \Driver\usbuhci \Device\USBFDO-0 IRP_MJ_PNP 861A81E8
Device \Driver\usbuhci \Device\USBFDO-1 IRP_MJ_CREATE 861A81E8
Device \Driver\usbuhci \Device\USBFDO-1 IRP_MJ_CLOSE 861A81E8
Device \Driver\usbuhci \Device\USBFDO-1 IRP_MJ_DEVICE_CONTROL 861A81E8
Device \Driver\usbuhci \Device\USBFDO-1 IRP_MJ_INTERNAL_DEVICE_CONTROL 861A81E8
Device \Driver\usbuhci \Device\USBFDO-1 IRP_MJ_POWER 861A81E8
Device \Driver\usbuhci \Device\USBFDO-1 IRP_MJ_SYSTEM_CONTROL 861A81E8
Device \Driver\usbuhci \Device\USBFDO-1 IRP_MJ_PNP 861A81E8
Device \Driver\NetBT \Device\NetBT_Tcpip_{67E001B5-1E68-447A-8CDB-3BA797A8A456} IRP_MJ_CREATE 8558E1E8
Device \Driver\NetBT \Device\NetBT_Tcpip_{67E001B5-1E68-447A-8CDB-3BA797A8A456} IRP_MJ_CLOSE 8558E1E8
Device \Driver\NetBT \Device\NetBT_Tcpip_{67E001B5-1E68-447A-8CDB-3BA797A8A456} IRP_MJ_DEVICE_CONTROL 8558E1E8
Device \Driver\NetBT \Device\NetBT_Tcpip_{67E001B5-1E68-447A-8CDB-3BA797A8A456} IRP_MJ_INTERNAL_DEVICE_CONTROL 8558E1E8
Device \Driver\NetBT \Device\NetBT_Tcpip_{67E001B5-1E68-447A-8CDB-3BA797A8A456} IRP_MJ_CLEANUP 8558E1E8
Device \Driver\NetBT \Device\NetBT_Tcpip_{67E001B5-1E68-447A-8CDB-3BA797A8A456} IRP_MJ_PNP 8558E1E8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_CREATE 8556C1E8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_CREATE_NAMED_PIPE 8556C1E8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_CLOSE 8556C1E8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_READ 8556C1E8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_WRITE 8556C1E8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_QUERY_INFORMATION 8556C1E8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_SET_INFORMATION 8556C1E8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_QUERY_EA 8556C1E8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_SET_EA 8556C1E8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_FLUSH_BUFFERS 8556C1E8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_QUERY_VOLUME_INFORMATION 8556C1E8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_SET_VOLUME_INFORMATION 8556C1E8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_DIRECTORY_CONTROL 8556C1E8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_FILE_SYSTEM_CONTROL 8556C1E8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_DEVICE_CONTROL 8556C1E8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_INTERNAL_DEVICE_CONTROL 8556C1E8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_SHUTDOWN 8556C1E8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_LOCK_CONTROL 8556C1E8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_CLEANUP 8556C1E8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_CREATE_MAILSLOT 8556C1E8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_QUERY_SECURITY 8556C1E8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_SET_SECURITY 8556C1E8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_POWER 8556C1E8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_SYSTEM_CONTROL 8556C1E8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_DEVICE_CHANGE 8556C1E8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_QUERY_QUOTA 8556C1E8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_SET_QUOTA 8556C1E8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_PNP 8556C1E8
Device \Driver\usbuhci \Device\USBFDO-2 IRP_MJ_CREATE 861A81E8
Device \Driver\usbuhci \Device\USBFDO-2 IRP_MJ_CLOSE 861A81E8
Device \Driver\usbuhci \Device\USBFDO-2 IRP_MJ_DEVICE_CONTROL 861A81E8
Device \Driver\usbuhci \Device\USBFDO-2 IRP_MJ_INTERNAL_DEVICE_CONTROL 861A81E8
Device \Driver\usbuhci \Device\USBFDO-2 IRP_MJ_POWER 861A81E8
Device \Driver\usbuhci \Device\USBFDO-2 IRP_MJ_SYSTEM_CONTROL 861A81E8
Device \Driver\usbuhci \Device\USBFDO-2 IRP_MJ_PNP 861A81E8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_CREATE 8556C1E8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_CREATE_NAMED_PIPE 8556C1E8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_CLOSE 8556C1E8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_READ 8556C1E8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_WRITE 8556C1E8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_QUERY_INFORMATION 8556C1E8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_SET_INFORMATION 8556C1E8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_QUERY_EA 8556C1E8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_SET_EA 8556C1E8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_FLUSH_BUFFERS 8556C1E8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_QUERY_VOLUME_INFORMATION 8556C1E8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_SET_VOLUME_INFORMATION 8556C1E8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_DIRECTORY_CONTROL 8556C1E8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_FILE_SYSTEM_CONTROL 8556C1E8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_DEVICE_CONTROL 8556C1E8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_INTERNAL_DEVICE_CONTROL 8556C1E8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_SHUTDOWN 8556C1E8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_LOCK_CONTROL 8556C1E8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_CLEANUP 8556C1E8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_CREATE_MAILSLOT 8556C1E8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_QUERY_SECURITY 8556C1E8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_SET_SECURITY 8556C1E8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_POWER 8556C1E8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_SYSTEM_CONTROL 8556C1E8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_DEVICE_CHANGE 8556C1E8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_QUERY_QUOTA 8556C1E8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_SET_QUOTA 8556C1E8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_PNP 8556C1E8
Device \Driver\Gpc \Device\Gpc IRP_MJ_CREATE [F78CA886] msgpc.sys
Device \Driver\Gpc \Device\Gpc IRP_MJ_CREATE_NAMED_PIPE [F78CA886] msgpc.sys
Device \Driver\Gpc \Device\Gpc IRP_MJ_CLOSE [F78CA886] msgpc.sys
Device \Driver\Gpc \Device\Gpc IRP_MJ_READ [F78CA886] msgpc.sys
Device \Driver\Gpc \Device\Gpc IRP_MJ_WRITE [F78CA886] msgpc.sys
Device \Driver\Gpc \Device\Gpc IRP_MJ_QUERY_INFORMATION [F78CA886] msgpc.sys
Device \Driver\Gpc \Device\Gpc IRP_MJ_SET_INFORMATION [F78CA886] msgpc.sys
Device \Driver\Gpc \Device\Gpc IRP_MJ_QUERY_EA [F78CA886] msgpc.sys
Device \Driver\Gpc \Device\Gpc IRP_MJ_SET_EA [F78CA886] msgpc.sys
Device \Driver\Gpc \Device\Gpc IRP_MJ_FLUSH_BUFFERS [F78CA886] msgpc.sys
Device \Driver\Gpc \Device\Gpc IRP_MJ_QUERY_VOLUME_INFORMATION [F78CA886] msgpc.sys
Device \Driver\Gpc \Device\Gpc IRP_MJ_SET_VOLUME_INFORMATION [F78CA886] msgpc.sys
Device \Driver\Gpc \Device\Gpc IRP_MJ_DIRECTORY_CONTROL [F78CA886] msgpc.sys
Device \Driver\Gpc \Device\Gpc IRP_MJ_FILE_SYSTEM_CONTROL [F78CA886] msgpc.sys
Device \Driver\Gpc \Device\Gpc IRP_MJ_DEVICE_CONTROL [F78CA886] msgpc.sys
Device \Driver\Gpc \Device\Gpc IRP_MJ_INTERNAL_DEVICE_CONTROL [F78CA886] msgpc.sys
Device \Driver\Gpc \Device\Gpc IRP_MJ_SHUTDOWN [F78CA886] msgpc.sys
Device \Driver\Gpc \Device\Gpc IRP_MJ_LOCK_CONTROL [F78CA886] msgpc.sys
Device \Driver\Gpc \Device\Gpc IRP_MJ_CLEANUP [F78CA886] msgpc.sys
Device \Driver\Gpc \Device\Gpc IRP_MJ_CREATE_MAILSLOT [F78CA886] msgpc.sys
Device \Driver\Gpc \Device\Gpc IRP_MJ_QUERY_SECURITY [F78CA886] msgpc.sys
Device \Driver\Gpc \Device\Gpc IRP_MJ_SET_SECURITY [F78CA886] msgpc.sys
Device \Driver\Gpc \Device\Gpc IRP_MJ_POWER [F78CA886] msgpc.sys
Device \Driver\Gpc \Device\Gpc IRP_MJ_SYSTEM_CONTROL [F78CA886] msgpc.sys
Device \Driver\Gpc \Device\Gpc IRP_MJ_DEVICE_CHANGE [F78CA886] msgpc.sys
Device \Driver\Gpc \Device\Gpc IRP_MJ_QUERY_QUOTA [F78CA886] msgpc.sys
Device \Driver\Gpc \Device\Gpc IRP_MJ_SET_QUOTA [F78CA886] msgpc.sys
Device \Driver\Gpc \Device\Gpc IRP_MJ_PNP [F78CA886] msgpc.sys
Device \Driver\usbehci \Device\USBFDO-3 IRP_MJ_CREATE 860DB1E8
Device \Driver\usbehci \Device\USBFDO-3 IRP_MJ_CLOSE 860DB1E8
Device \Driver\usbehci \Device\USBFDO-3 IRP_MJ_DEVICE_CONTROL 860DB1E8
Device \Driver\usbehci \Device\USBFDO-3 IRP_MJ_INTERNAL_DEVICE_CONTROL 860DB1E8
Device \Driver\usbehci \Device\USBFDO-3 IRP_MJ_POWER 860DB1E8
Device \Driver\usbehci \Device\USBFDO-3 IRP_MJ_SYSTEM_CONTROL 860DB1E8
Device \Driver\usbehci \Device\USBFDO-3 IRP_MJ_PNP 860DB1E8
Device \Driver\Ftdisk \Device\FtControl IRP_MJ_CREATE 863631E8
Device \Driver\Ftdisk \Device\FtControl IRP_MJ_READ 863631E8
Device \Driver\Ftdisk \Device\FtControl IRP_MJ_WRITE 863631E8
Device \Driver\Ftdisk \Device\FtControl IRP_MJ_FLUSH_BUFFERS 863631E8
Device \Driver\Ftdisk \Device\FtControl IRP_MJ_DEVICE_CONTROL 863631E8
Device \Driver\Ftdisk \Device\FtControl IRP_MJ_INTERNAL_DEVICE_CONTROL 863631E8
Device \Driver\Ftdisk \Device\FtControl IRP_MJ_SHUTDOWN 863631E8
Device \Driver\Ftdisk \Device\FtControl IRP_MJ_CLEANUP 863631E8
Device \Driver\Ftdisk \Device\FtControl IRP_MJ_POWER 863631E8
Device \Driver\Ftdisk \Device\FtControl IRP_MJ_SYSTEM_CONTROL 863631E8
Device \Driver\Ftdisk \Device\FtControl IRP_MJ_PNP 863631E8
Device \Driver\winachsf \Device\Winachsf0 IRP_MJ_CREATE [F65CC966] HSF_CNXT.sys
Device \Driver\winachsf \Device\Winachsf0 IRP_MJ_CLOSE [F65CCB60] HSF_CNXT.sys
Device \Driver\winachsf \Device\Winachsf0 IRP_MJ_READ [F65CCBEE] HSF_CNXT.sys
Device \Driver\winachsf \Device\Winachsf0 IRP_MJ_WRITE [F65CCC7E] HSF_CNXT.sys
Device \Driver\winachsf \Device\Winachsf0 IRP_MJ_QUERY_INFORMATION [F65CC894] HSF_CNXT.sys
Device \Driver\winachsf \Device\Winachsf0 IRP_MJ_SET_INFORMATION [F65CC8FC] HSF_CNXT.sys
Device \Driver\winachsf \Device\Winachsf0 IRP_MJ_FLUSH_BUFFERS [F65CCCD8] HSF_CNXT.sys
Device \Driver\winachsf \Device\Winachsf0 IRP_MJ_DEVICE_CONTROL [F65CCD06] HSF_CNXT.sys
Device \Driver\winachsf \Device\Winachsf0 IRP_MJ_INTERNAL_DEVICE_CONTROL [F65D0320] HSF_CNXT.sys
Device \Driver\winachsf \Device\Winachsf0 IRP_MJ_CLEANUP [F65CC7D2] HSF_CNXT.sys
Device \Driver\winachsf \Device\Winachsf0 IRP_MJ_POWER [F65D0C7A] HSF_CNXT.sys
Device \Driver\winachsf \Device\Winachsf0 IRP_MJ_SYSTEM_CONTROL [F65D1910] HSF_CNXT.sys
Device \Driver\winachsf \Device\Winachsf0 IRP_MJ_PNP [F65CFB4A] HSF_CNXT.sys
Device \Driver\ag7kjer3 \Device\Scsi\ag7kjer31 IRP_MJ_CREATE 85FED1E8
Device \Driver\ag7kjer3 \Device\Scsi\ag7kjer31 IRP_MJ_CLOSE 85FED1E8
Device \Driver\ag7kjer3 \Device\Scsi\ag7kjer31 IRP_MJ_DEVICE_CONTROL 85FED1E8
Device \Driver\ag7kjer3 \Device\Scsi\ag7kjer31 IRP_MJ_INTERNAL_DEVICE_CONTROL 85FED1E8
Device \Driver\ag7kjer3 \Device\Scsi\ag7kjer31 IRP_MJ_POWER 85FED1E8
Device \Driver\ag7kjer3 \Device\Scsi\ag7kjer31 IRP_MJ_SYSTEM_CONTROL 85FED1E8
Device \Driver\ag7kjer3 \Device\Scsi\ag7kjer31 IRP_MJ_PNP 85FED1E8
Device \Driver\ag7kjer3 \Device\Scsi\ag7kjer31Port2Path0Target0Lun0 IRP_MJ_CREATE 85FED1E8
Device \Driver\ag7kjer3 \Device\Scsi\ag7kjer31Port2Path0Target0Lun0 IRP_MJ_CLOSE 85FED1E8
Device \Driver\ag7kjer3 \Device\Scsi\ag7kjer31Port2Path0Target0Lun0 IRP_MJ_DEVICE_CONTROL 85FED1E8
Device \Driver\ag7kjer3 \Device\Scsi\ag7kjer31Port2Path0Target0Lun0 IRP_MJ_INTERNAL_DEVICE_CONTROL 85FED1E8
Device \Driver\ag7kjer3 \Device\Scsi\ag7kjer31Port2Path0Target0Lun0 IRP_MJ_POWER 85FED1E8
Device \Driver\ag7kjer3 \Device\Scsi\ag7kjer31Port2Path0Target0Lun0 IRP_MJ_SYSTEM_CONTROL 85FED1E8
Device \Driver\ag7kjer3 \Device\Scsi\ag7kjer31Port2Path0Target0Lun0 IRP_MJ_PNP 85FED1E8
Device \FileSystem\Fastfat \Fat IRP_MJ_CREATE 85FAF488
Device \FileSystem\Fastfat \Fat IRP_MJ_CLOSE 85FAF488
Device \FileSystem\Fastfat \Fat IRP_MJ_READ 85FAF488
Device \FileSystem\Fastfat \Fat IRP_MJ_WRITE 85FAF488
Device \FileSystem\Fastfat \Fat IRP_MJ_QUERY_INFORMATION 85FAF488
Device \FileSystem\Fastfat \Fat IRP_MJ_SET_INFORMATION 85FAF488
Device \FileSystem\Fastfat \Fat IRP_MJ_QUERY_EA 85FAF488
Device \FileSystem\Fastfat \Fat IRP_MJ_SET_EA 85FAF488
Device \FileSystem\Fastfat \Fat IRP_MJ_FLUSH_BUFFERS 85FAF488
Device \FileSystem\Fastfat \Fat IRP_MJ_QUERY_VOLUME_INFORMATION 85FAF488
Device \FileSystem\Fastfat \Fat IRP_MJ_SET_VOLUME_INFORMATION 85FAF488
Device \FileSystem\Fastfat \Fat IRP_MJ_DIRECTORY_CONTROL 85FAF488
Device \FileSystem\Fastfat \Fat IRP_MJ_FILE_SYSTEM_CONTROL 85FAF488
Device \FileSystem\Fastfat \Fat IRP_MJ_DEVICE_CONTROL 85FAF488
Device \FileSystem\Fastfat \Fat IRP_MJ_SHUTDOWN 85FAF488
Device \FileSystem\Fastfat \Fat IRP_MJ_LOCK_CONTROL 85FAF488
Device \FileSystem\Fastfat \Fat IRP_MJ_CLEANUP 85FAF488
Device \FileSystem\Fastfat \Fat IRP_MJ_PNP 85FAF488
Device \FileSystem\Fastfat \Fat FastIoCheckIfPossible ECD551F9
Device \FileSystem\Cdfs \Cdfs IRP_MJ_CREATE 86140698
Device \FileSystem\Cdfs \Cdfs IRP_MJ_CLOSE 86140698
Device \FileSystem\Cdfs \Cdfs IRP_MJ_READ 86140698
Device \FileSystem\Cdfs \Cdfs IRP_MJ_QUERY_INFORMATION 86140698
Device \FileSystem\Cdfs \Cdfs IRP_MJ_SET_INFORMATION 86140698
Device \FileSystem\Cdfs \Cdfs IRP_MJ_QUERY_VOLUME_INFORMATION 86140698
Device \FileSystem\Cdfs \Cdfs IRP_MJ_DIRECTORY_CONTROL 86140698
Device \FileSystem\Cdfs \Cdfs IRP_MJ_FILE_SYSTEM_CONTROL 86140698
Device \FileSystem\Cdfs \Cdfs IRP_MJ_DEVICE_CONTROL 86140698
Device \FileSystem\Cdfs \Cdfs IRP_MJ_SHUTDOWN 86140698
Device \FileSystem\Cdfs \Cdfs IRP_MJ_LOCK_CONTROL 86140698
Device \FileSystem\Cdfs \Cdfs IRP_MJ_CLEANUP 86140698
Device \FileSystem\Cdfs \Cdfs IRP_MJ_PNP 86140698

---- Processes - GMER 1.0.13 ----

Process C:\WINDOWS\system32\hldrrr.exe (*** hidden *** ) 472
Process C:\WINDOWS\system32\hldrrr.exe (*** hidden *** ) 1192

---- EOF - GMER 1.0.13 ----

BC AdBot (Login to Remove)

 


#2 goolimari

goolimari
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:11:09 AM

Posted 17 January 2008 - 01:24 PM

can anybody please help..its getting worse..i tried trend micro online scan and panda scan, it doesnt seem to help..

cant seem to start in safe mode, computer crashes when i try to run Dr. Web scan... IE fires a thousand windows upon start up..firefox doesnt seem to work properly..

#3 Grinler

Grinler

    Lawrence Abrams


  • Admin
  • 43,639 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:11:09 AM

Posted 04 February 2008 - 11:40 AM

I apologize for the very long delay. We have a huge backlog of HijackThis Logs to handle and it has been taking us greater time than normal to get caught up. If you are still having a problem, and want us to analyze your information, please post a brand new hijackthis log. If we do not hear back from you within a couple of days we will need to close your topic.

When posting your logs please post them directly into the reply. Do not attach them.

Also make sure you have already followed the steps outlined below:

Preparation Guide For Use Before Posting A Hijackthis Log

Thank you for your patience.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users