Indice del forum Olimpo Informatico
I Forum di Zeus News
Leggi la newsletter gratuita - Attiva il Menu compatto
 
 FAQFAQ   CercaCerca   Lista utentiLista utenti   GruppiGruppi   RegistratiRegistrati 
 ProfiloProfilo   Messaggi privatiMessaggi privati   Log inLog in 

    Newsletter RSS Facebook Twitter Contatti Ricerca
win32 trojan ...mezzo eliminato..ma non del tutto...credo..
Nuovo argomento   Rispondi    Indice del forum -> Pronto Soccorso Virus
Precedente :: Successivo  
Autore Messaggio
argenta3
Comune mortale
Comune mortale


Registrato: 18/08/06 19:50
Messaggi: 4
MessaggioInviato: 19 Ago 2006 01:29    Oggetto: win32 trojan ...mezzo eliminato..ma non del tutto...credo.. Rispondi citando
8) ciao Very Happy ho seguito l'ottima guida per la rimozione del maledetto linkoptimizer. (grazie per le dritte 8) !) Però non sono riuscito a disfarmene del tutto...il programma vero e proprio sembra essersene andato; niente piu .dll e comX.XXX invisibili, niente piu urla dell'avast ogni qualvolta apro explorer e niente piu rallentamento fastidioso all apertura di iexplorer. Però qualcosa è rimasto visto che continua a creare la cartella di identita fasulla ad ogni riavvio.
Qualcuno può dirmi se effettivamente lo ho debellato e aiutarmi a eliminare definitivamente quella cartella per favore?
Posto di seguito i vari log che ho.
Log hijackthis :
Citazione:

Logfile of HijackThis v1.99.1
Scan saved at 1.15.56, on 19/08/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programmi\Alwil Software\Avast4\aswUpdSv.exe
C:\Programmi\Alwil Software\Avast4\ashServ.exe
C:\Programmi\ewido anti-spyware 4.0\guard.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Programmi\Razer\Copperhead\razerhid.exe
C:\Programmi\Razer\Copperhead\razerofa.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmi\Mozilla Firefox\firefox.exe
C:\Programmi\ewido anti-spyware 4.0\ewido.exe
C:\hijackthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it/
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [razer] C:\Programmi\Razer\Copperhead\razerhid.exe
O4 - HKLM\..\Run: [!ewido] "C:\Programmi\ewido anti-spyware 4.0\ewido.exe" /minimized
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O16 - DPF: {8714912E-380D-11D5-B8AA-00D0B78F3D48} (Yahoo! Webcam Upload Wrapper) - http://chat.yahoo.com/cab/yuplapp.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{60D782E9-A57E-419E-9006-E899A7455D11}: NameServer = 62.94.0.1,88.149.128.5
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Programmi\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Programmi\Alwil Software\Avast4\ashServ.exe
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Programmi\ewido anti-spyware 4.0\guard.exe

Log Gmer Rootkit:
Citazione:


GMER 1.0.10.10122 - http://www.gmer.net
Rootkit 2006-08-19 00:50:55
Windows 5.1.2600 Service Pack 2


---- System - GMER 1.0.10 ----

SSDT a347bus.sys ZwClose
SSDT a347bus.sys ZwCreateKey
SSDT a347bus.sys ZwCreatePagingFile
SSDT a347bus.sys ZwEnumerateKey
SSDT a347bus.sys ZwEnumerateValueKey
SSDT a347bus.sys ZwOpenFile
SSDT a347bus.sys ZwOpenKey
SSDT \??\C:\Programmi\ewido anti-spyware 4.0\guard.sys ZwOpenProcess
SSDT a347bus.sys ZwQueryKey
SSDT a347bus.sys ZwQueryValueKey
SSDT a347bus.sys ZwSetSystemPowerState
SSDT sptd.sys ZwSetValueKey
SSDT \??\C:\Programmi\ewido anti-spyware 4.0\guard.sys ZwTerminateProcess

---- Devices - GMER 1.0.10 ----

Device \FileSystem\Ntfs \Ntfs IRP_MJ_CREATE 8658B9C0
Device \FileSystem\Udfs \UdfsCdRom IRP_MJ_CREATE 862622A0
Device \FileSystem\Udfs \UdfsDisk IRP_MJ_CREATE 862622A0
Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_CREATE 865D6808
Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_CREATE 865D6808
Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_CREATE 865D6808
Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_CREATE 865D6808
Device \Driver\00000041 \Device\00000048 IRP_MJ_SYSTEM_CONTROL [F7417EA8] sptd.sys
Device \Driver\00000041 \Device\00000048 IRP_MJ_DEVICE_CHANGE [F742BA70] sptd.sys
Device \Driver\00000041 \Device\00000048 IRP_MJ_PNP_POWER [F7424728] sptd.sys
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_CREATE 865D6A40
Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_CREATE 865D6A40
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_CREATE 86255420
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_CREATE_NAMED_PIPE 86255420
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_CLOSEIRP_MJ_READ 86255420
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_WRITE 86255420
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_QUERY_INFORMATION 86255420
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_SET_INFORMATION 86255420
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_QUERY_EA 86255420
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_SET_EA 86255420
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_FLUSH_BUFFERS 86255420
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_QUERY_VOLUME_INFORMATION 86255420
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_SET_VOLUME_INFORMATION 86255420
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_DIRECTORY_CONTROL 86255420
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_FILE_SYSTEM_CONTROL 86255420
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_DEVICE_CONTROL 86255420
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_INTERNAL_DEVICE_CONTROL 86255420
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_SHUTDOWN 86255420
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_LOCK_CONTROL 86255420
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_CLEANUP 86255420
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_CREATE_MAILSLOT 86255420
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_QUERY_SECURITY 86255420
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_SET_SECURITY 86255420
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_POWER 86255420
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_SYSTEM_CONTROL 86255420
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_DEVICE_CHANGE 86255420
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_QUERY_QUOTA 86255420
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_SET_QUOTA 86255420
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_PNP 86255420
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_PNP_POWER 86255420
Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_CREATE 8628A318
Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_CREATE_NAMED_PIPE 8628A318
Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_CLOSEIRP_MJ_READ 8628A318
Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_WRITE 86284B98
Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_QUERY_INFORMATION 8628A318
Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_SET_INFORMATION 8628A318
Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_QUERY_EA 8628A318
Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_SET_EA 8628A318
Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_FLUSH_BUFFERS 8628A318
Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_QUERY_VOLUME_INFORMATION 8628A318
Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_SET_VOLUME_INFORMATION 8628A318
Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_DIRECTORY_CONTROL 8628A318
Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_FILE_SYSTEM_CONTROL 8628A318
Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_DEVICE_CONTROL 8628A318
Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_INTERNAL_DEVICE_CONTROL 8628A318
Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_SHUTDOWN 8628A318
Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_LOCK_CONTROL 8628A318
Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_CLEANUP 8628A318
Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_CREATE_MAILSLOT 8628A318
Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_QUERY_SECURITY 8628A318
Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_SET_SECURITY 8628A318
Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_POWER 8628A318
Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_SYSTEM_CONTROL 8628A318
Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_DEVICE_CHANGE 8628A318
Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_QUERY_QUOTA 8628A318
Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_SET_QUOTA 8628A318
Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_PNP 8628A318
Device \Driver\Ftdisk \Device\HarddiskVolume3 IRP_MJ_CREATE 865D6A40
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_CREATE 86248C70
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_CREATE_NAMED_PIPE 86248C70
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_CLOSEIRP_MJ_READ 86248C70
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_WRITE 86248C70
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_QUERY_INFORMATION 86248C70
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_SET_INFORMATION 86248C70
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_QUERY_EA 86248C70
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_SET_EA 86248C70
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_FLUSH_BUFFERS 86248C70
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_QUERY_VOLUME_INFORMATION 86248C70
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_SET_VOLUME_INFORMATION 86248C70
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_DIRECTORY_CONTROL 86248C70
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_FILE_SYSTEM_CONTROL 86248C70
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_DEVICE_CONTROL 86248C70
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_INTERNAL_DEVICE_CONTROL 86248C70
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_SHUTDOWN 86248C70
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_LOCK_CONTROL 86248C70
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_CLEANUP 86248C70
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_CREATE_MAILSLOT 86248C70
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_QUERY_SECURITY 86248C70
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_SET_SECURITY 86248C70
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_POWER 86248C70
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_SYSTEM_CONTROL 86248C70
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_DEVICE_CHANGE 86248C70
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_QUERY_QUOTA 86248C70
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_SET_QUOTA 86248C70
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_PNP 86248C70
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_PNP_POWER 86248C70
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 IRP_MJ_CREATE 86248C70
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 IRP_MJ_CREATE_NAMED_PIPE 86248C70
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 IRP_MJ_CLOSEIRP_MJ_READ 86248C70
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 IRP_MJ_WRITE 86248C70
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 IRP_MJ_QUERY_INFORMATION 86248C70
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 IRP_MJ_SET_INFORMATION 86248C70
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 IRP_MJ_QUERY_EA 86248C70
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 IRP_MJ_SET_EA 86248C70
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 IRP_MJ_FLUSH_BUFFERS 86248C70
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 IRP_MJ_QUERY_VOLUME_INFORMATION 86248C70
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 IRP_MJ_SET_VOLUME_INFORMATION 86248C70
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 IRP_MJ_DIRECTORY_CONTROL 86248C70
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 IRP_MJ_FILE_SYSTEM_CONTROL 86248C70
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 IRP_MJ_DEVICE_CONTROL 86248C70
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 IRP_MJ_INTERNAL_DEVICE_CONTROL 86248C70
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 IRP_MJ_SHUTDOWN 86248C70
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 IRP_MJ_LOCK_CONTROL 86248C70
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 IRP_MJ_CLEANUP 86248C70
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 IRP_MJ_CREATE_MAILSLOT 86248C70
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 IRP_MJ_QUERY_SECURITY 86248C70
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 IRP_MJ_SET_SECURITY 86248C70
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 IRP_MJ_POWER 86248C70
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 IRP_MJ_SYSTEM_CONTROL 86248C70
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 IRP_MJ_DEVICE_CHANGE 86248C70
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 IRP_MJ_QUERY_QUOTA 86248C70
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 IRP_MJ_SET_QUOTA 86248C70
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 IRP_MJ_PNP 86248C70
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 IRP_MJ_PNP_POWER 86248C70
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_CREATE 86248C70
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_CREATE_NAMED_PIPE 86248C70
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_CLOSEIRP_MJ_READ 86248C70
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_WRITE 86248C70
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_QUERY_INFORMATION 86248C70
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_SET_INFORMATION 86248C70
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_QUERY_EA 86248C70
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_SET_EA 86248C70
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_FLUSH_BUFFERS 86248C70
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_QUERY_VOLUME_INFORMATION 86248C70
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_SET_VOLUME_INFORMATION 86248C70
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_DIRECTORY_CONTROL 86248C70
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_FILE_SYSTEM_CONTROL 86248C70
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_DEVICE_CONTROL 86248C70
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_INTERNAL_DEVICE_CONTROL 86248C70
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_SHUTDOWN 86248C70
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_LOCK_CONTROL 86248C70
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_CLEANUP 86248C70
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_CREATE_MAILSLOT 86248C70
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_QUERY_SECURITY 86248C70
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_SET_SECURITY 86248C70
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_POWER 86248C70
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_SYSTEM_CONTROL 86248C70
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_DEVICE_CHANGE 86248C70
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_QUERY_QUOTA 86248C70
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_SET_QUOTA 86248C70
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_PNP 86248C70
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_PNP_POWER 86248C70
Device \Driver\atapi \Device\Ide\IdeDeviceP1T1L0-e IRP_MJ_CREATE 86248C70
Device \Driver\atapi \Device\Ide\IdeDeviceP1T1L0-e IRP_MJ_CREATE_NAMED_PIPE 86248C70
Device \Driver\atapi \Device\Ide\IdeDeviceP1T1L0-e IRP_MJ_CLOSEIRP_MJ_READ 86248C70
Device \Driver\atapi \Device\Ide\IdeDeviceP1T1L0-e IRP_MJ_WRITE 86248C70
Device \Driver\atapi \Device\Ide\IdeDeviceP1T1L0-e IRP_MJ_QUERY_INFORMATION 86248C70
Device \Driver\atapi \Device\Ide\IdeDeviceP1T1L0-e IRP_MJ_SET_INFORMATION 86248C70
Device \Driver\atapi \Device\Ide\IdeDeviceP1T1L0-e IRP_MJ_QUERY_EA 86248C70
Device \Driver\atapi \Device\Ide\IdeDeviceP1T1L0-e IRP_MJ_SET_EA 86248C70
Device \Driver\atapi \Device\Ide\IdeDeviceP1T1L0-e IRP_MJ_FLUSH_BUFFERS 86248C70
Device \Driver\atapi \Device\Ide\IdeDeviceP1T1L0-e IRP_MJ_QUERY_VOLUME_INFORMATION 86248C70
Device \Driver\atapi \Device\Ide\IdeDeviceP1T1L0-e IRP_MJ_SET_VOLUME_INFORMATION 86248C70
Device \Driver\atapi \Device\Ide\IdeDeviceP1T1L0-e IRP_MJ_DIRECTORY_CONTROL 86248C70
Device \Driver\atapi \Device\Ide\IdeDeviceP1T1L0-e IRP_MJ_FILE_SYSTEM_CONTROL 86248C70
Device \Driver\atapi \Device\Ide\IdeDeviceP1T1L0-e IRP_MJ_DEVICE_CONTROL 86248C70
Device \Driver\atapi \Device\Ide\IdeDeviceP1T1L0-e IRP_MJ_INTERNAL_DEVICE_CONTROL 86248C70
Device \Driver\atapi \Device\Ide\IdeDeviceP1T1L0-e IRP_MJ_SHUTDOWN 86248C70
Device \Driver\atapi \Device\Ide\IdeDeviceP1T1L0-e IRP_MJ_LOCK_CONTROL 86248C70
Device \Driver\atapi \Device\Ide\IdeDeviceP1T1L0-e IRP_MJ_CLEANUP 86248C70
Device \Driver\atapi \Device\Ide\IdeDeviceP1T1L0-e IRP_MJ_CREATE_MAILSLOT 86248C70
Device \Driver\atapi \Device\Ide\IdeDeviceP1T1L0-e IRP_MJ_QUERY_SECURITY 86248C70
Device \Driver\atapi \Device\Ide\IdeDeviceP1T1L0-e IRP_MJ_SET_SECURITY 86248C70
Device \Driver\atapi \Device\Ide\IdeDeviceP1T1L0-e IRP_MJ_POWER 86248C70
Device \Driver\atapi \Device\Ide\IdeDeviceP1T1L0-e IRP_MJ_SYSTEM_CONTROL 86248C70
Device \Driver\atapi \Device\Ide\IdeDeviceP1T1L0-e IRP_MJ_DEVICE_CHANGE 86248C70
Device \Driver\atapi \Device\Ide\IdeDeviceP1T1L0-e IRP_MJ_QUERY_QUOTA 86248C70
Device \Driver\atapi \Device\Ide\IdeDeviceP1T1L0-e IRP_MJ_SET_QUOTA 86248C70
Device \Driver\atapi \Device\Ide\IdeDeviceP1T1L0-e IRP_MJ_PNP 86248C70
Device \Driver\atapi \Device\Ide\IdeDeviceP1T1L0-e IRP_MJ_PNP_POWER 86248C70
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_CREATE 86255420
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_CREATE_NAMED_PIPE 86255420
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_CLOSEIRP_MJ_READ 86255420
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_WRITE 86255420
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_QUERY_INFORMATION 86255420
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_SET_INFORMATION 86255420
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_QUERY_EA 86255420
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_SET_EA 86255420
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_FLUSH_BUFFERS 86255420
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_QUERY_VOLUME_INFORMATION 86255420
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_SET_VOLUME_INFORMATION 86255420
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_DIRECTORY_CONTROL 86255420
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_FILE_SYSTEM_CONTROL 86255420
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_DEVICE_CONTROL 86255420
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_INTERNAL_DEVICE_CONTROL 86255420
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_SHUTDOWN 86255420
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_LOCK_CONTROL 86255420
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_CLEANUP 86255420
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_CREATE_MAILSLOT 86255420
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_QUERY_SECURITY 86255420
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_SET_SECURITY 86255420
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_POWER 86255420
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_SYSTEM_CONTROL 86255420
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_DEVICE_CHANGE 86255420
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_QUERY_QUOTA 86255420
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_SET_QUOTA 86255420
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_PNP 86255420
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_PNP_POWER 86255420
Device \Driver\Ftdisk \Device\HarddiskVolume4 IRP_MJ_CREATE 865D6A40
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_CREATE 86255420
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_CREATE_NAMED_PIPE 86255420
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_CLOSEIRP_MJ_READ 86255420
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_WRITE 86255420
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_QUERY_INFORMATION 86255420
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_SET_INFORMATION 86255420
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_QUERY_EA 86255420
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_SET_EA 86255420
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_FLUSH_BUFFERS 86255420
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_QUERY_VOLUME_INFORMATION 86255420
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_SET_VOLUME_INFORMATION 86255420
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_DIRECTORY_CONTROL 86255420
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_FILE_SYSTEM_CONTROL 86255420
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_DEVICE_CONTROL 86255420
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_INTERNAL_DEVICE_CONTROL 86255420
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_SHUTDOWN 86255420
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_LOCK_CONTROL 86255420
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_CLEANUP 86255420
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_CREATE_MAILSLOT 86255420
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_QUERY_SECURITY 86255420
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_SET_SECURITY 86255420
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_POWER 86255420
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_SYSTEM_CONTROL 86255420
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_DEVICE_CHANGE 86255420
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_QUERY_QUOTA 86255420
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_SET_QUOTA 86255420
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_PNP 86255420
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_PNP_POWER 86255420
Device \Driver\NetBT \Device\NetBt_Wins_Export IRP_MJ_CREATE 8639AEB0
Device \Driver\NetBT \Device\NetbiosSmb IRP_MJ_CREATE 8639AEB0
Device \Driver\Disk \Device\Harddisk0\DR0 IRP_MJ_CREATE 8658BC78
Device \Driver\Disk \Device\Harddisk1\DR1 IRP_MJ_CREATE 8658BC78
Device \Driver\NetBT \Device\NetBT_Tcpip_{60D782E9-A57E-419E-9006-E899A7455D11} IRP_MJ_CREATE 8639AEB0
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_CREATE 862834C8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_CREATE_NAMED_PIPE 862834C8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_CLOSEIRP_MJ_READ 862834C8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_WRITE 86292308
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_QUERY_INFORMATION 862834C8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_SET_INFORMATION 862834C8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_QUERY_EA 862834C8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_SET_EA 862834C8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_FLUSH_BUFFERS 862834C8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_QUERY_VOLUME_INFORMATION 862834C8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_SET_VOLUME_INFORMATION 862834C8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_DIRECTORY_CONTROL 862834C8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_FILE_SYSTEM_CONTROL 862834C8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_DEVICE_CONTROL 862834C8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_INTERNAL_DEVICE_CONTROL 862834C8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_SHUTDOWN 862834C8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_LOCK_CONTROL 862834C8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_CLEANUP 862834C8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_CREATE_MAILSLOT 862834C8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_QUERY_SECURITY 862834C8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_SET_SECURITY 862834C8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_POWER 862834C8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_SYSTEM_CONTROL 862834C8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_DEVICE_CHANGE 862834C8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_QUERY_QUOTA 862834C8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_SET_QUOTA 862834C8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_PNP 862834C8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_PNP_POWER 862834C8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_CREATE 862834C8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_CREATE_NAMED_PIPE 862834C8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_CLOSEIRP_MJ_READ 862834C8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_WRITE 86292308
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_QUERY_INFORMATION 862834C8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_SET_INFORMATION 862834C8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_QUERY_EA 862834C8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_SET_EA 862834C8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_FLUSH_BUFFERS 862834C8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_QUERY_VOLUME_INFORMATION 862834C8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_SET_VOLUME_INFORMATION 862834C8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_DIRECTORY_CONTROL 862834C8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_FILE_SYSTEM_CONTROL 862834C8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_DEVICE_CONTROL 862834C8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_INTERNAL_DEVICE_CONTROL 862834C8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_SHUTDOWN 862834C8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_LOCK_CONTROL 862834C8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_CLEANUP 862834C8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_CREATE_MAILSLOT 862834C8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_QUERY_SECURITY 862834C8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_SET_SECURITY 862834C8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_POWER 862834C8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_SYSTEM_CONTROL 862834C8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_DEVICE_CHANGE 862834C8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_QUERY_QUOTA 862834C8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_SET_QUOTA 862834C8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_PNP 862834C8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_PNP_POWER 862834C8
Device \FileSystem\Npfs \Device\NamedPipe IRP_MJ_CREATE 8627BEB0
Device \FileSystem\Npfs \Device\NamedPipe IRP_MJ_CREATE_NAMED_PIPE 8627BEB0
Device \FileSystem\Npfs \Device\NamedPipe IRP_MJ_CLOSEIRP_MJ_READ 8627BEB0
Device \FileSystem\Npfs \Device\NamedPipe IRP_MJ_WRITE 86274158
Device \FileSystem\Npfs \Device\NamedPipe IRP_MJ_QUERY_INFORMATION 8627BEB0
Device \FileSystem\Npfs \Device\NamedPipe IRP_MJ_SET_INFORMATION 8627BEB0
Device \FileSystem\Npfs \Device\NamedPipe IRP_MJ_QUERY_EA 8627BEB0
Device \Driver\Ftdisk \Device\FtControl IRP_MJ_CREATE 865D6A40
Device \FileSystem\Msfs \Device\Mailslot IRP_MJ_CREATE 86264EB0
Device \Driver\a347scsi \Device\Scsi\a347scsi1Port4Path0Target0Lun0 IRP_MJ_CREATE 858D6A60
Device \Driver\a347scsi \Device\Scsi\a347scsi1Port4Path0Target0Lun0 IRP_MJ_CREATE_NAMED_PIPE 858D6A60
Device \Driver\a347scsi \Device\Scsi\a347scsi1Port4Path0Target0Lun0 IRP_MJ_CLOSEIRP_MJ_READ 858D6A60
Device \Driver\a347scsi \Device\Scsi\a347scsi1Port4Path0Target0Lun0 IRP_MJ_WRITE 858D6A60
Device \Driver\a347scsi \Device\Scsi\a347scsi1Port4Path0Target0Lun0 IRP_MJ_QUERY_INFORMATION 858D6A60
Device \Driver\a347scsi \Device\Scsi\a347scsi1Port4Path0Target0Lun0 IRP_MJ_SET_INFORMATION 858D6A60
Device \Driver\a347scsi \Device\Scsi\a347scsi1Port4Path0Target0Lun0 IRP_MJ_QUERY_EA 858D6A60
Device \Driver\a347scsi \Device\Scsi\a347scsi1Port4Path0Target0Lun0 IRP_MJ_SET_EA 858D6A60
Device \Driver\a347scsi \Device\Scsi\a347scsi1Port4Path0Target0Lun0 IRP_MJ_FLUSH_BUFFERS 858D6A60
Device \Driver\a347scsi \Device\Scsi\a347scsi1Port4Path0Target0Lun0 IRP_MJ_QUERY_VOLUME_INFORMATION 858D6A60
Device \Driver\a347scsi \Device\Scsi\a347scsi1Port4Path0Target0Lun0 IRP_MJ_SET_VOLUME_INFORMATION 858D6A60
Device \Driver\a347scsi \Device\Scsi\a347scsi1Port4Path0Target0Lun0 IRP_MJ_DIRECTORY_CONTROL 858D6A60
Device \Driver\a347scsi \Device\Scsi\a347scsi1Port4Path0Target0Lun0 IRP_MJ_FILE_SYSTEM_CONTROL 858D6A60
Device \Driver\a347scsi \Device\Scsi\a347scsi1Port4Path0Target0Lun0 IRP_MJ_DEVICE_CONTROL 858D6A60
Device \Driver\a347scsi \Device\Scsi\a347scsi1Port4Path0Target0Lun0 IRP_MJ_INTERNAL_DEVICE_CONTROL 858D6A60
Device \Driver\a347scsi \Device\Scsi\a347scsi1Port4Path0Target0Lun0 IRP_MJ_SHUTDOWN 858D6A60
Device \Driver\a347scsi \Device\Scsi\a347scsi1Port4Path0Target0Lun0 IRP_MJ_LOCK_CONTROL 858D6A60
Device \Driver\a347scsi \Device\Scsi\a347scsi1Port4Path0Target0Lun0 IRP_MJ_CLEANUP 858D6A60
Device \Driver\a347scsi \Device\Scsi\a347scsi1Port4Path0Target0Lun0 IRP_MJ_CREATE_MAILSLOT 858D6A60
Device \Driver\a347scsi \Device\Scsi\a347scsi1Port4Path0Target0Lun0 IRP_MJ_QUERY_SECURITY 858D6A60
Device \Driver\a347scsi \Device\Scsi\a347scsi1Port4Path0Target0Lun0 IRP_MJ_SET_SECURITY 858D6A60
Device \Driver\a347scsi \Device\Scsi\a347scsi1Port4Path0Target0Lun0 IRP_MJ_POWER 858D6A60
Device \Driver\a347scsi \Device\Scsi\a347scsi1Port4Path0Target0Lun0 IRP_MJ_SYSTEM_CONTROL 858D6A60
Device \Driver\a347scsi \Device\Scsi\a347scsi1Port4Path0Target0Lun0 IRP_MJ_DEVICE_CHANGE 858D6A60
Device \Driver\a347scsi \Device\Scsi\a347scsi1Port4Path0Target0Lun0 IRP_MJ_QUERY_QUOTA 858D6A60
Device \Driver\a347scsi \Device\Scsi\a347scsi1Port4Path0Target0Lun0 IRP_MJ_SET_QUOTA 858D6A60
Device \Driver\a347scsi \Device\Scsi\a347scsi1Port4Path0Target0Lun0 IRP_MJ_PNP 858D6A60
Device \Driver\a347scsi \Device\Scsi\a347scsi1Port4Path0Target0Lun0 IRP_MJ_PNP_POWER 858D6A60
Device \Driver\viamraid \Device\Scsi\viamraid1 IRP_MJ_CREATE 8658B0E8
Device \Driver\viamraid \Device\Scsi\viamraid1Port2Path0Target0Lun0 IRP_MJ_CREATE 8658B0E8
Device \Driver\a347scsi \Device\Scsi\a347scsi1 IRP_MJ_CREATE 858D6A60
Device \Driver\a347scsi \Device\Scsi\a347scsi1 IRP_MJ_CREATE_NAMED_PIPE 858D6A60
Device \Driver\a347scsi \Device\Scsi\a347scsi1 IRP_MJ_CLOSEIRP_MJ_READ 858D6A60
Device \Driver\a347scsi \Device\Scsi\a347scsi1 IRP_MJ_WRITE 858D6A60
Device \Driver\a347scsi \Device\Scsi\a347scsi1 IRP_MJ_QUERY_INFORMATION 858D6A60
Device \Driver\a347scsi \Device\Scsi\a347scsi1 IRP_MJ_SET_INFORMATION 858D6A60
Device \Driver\a347scsi \Device\Scsi\a347scsi1 IRP_MJ_QUERY_EA 858D6A60
Device \Driver\a347scsi \Device\Scsi\a347scsi1 IRP_MJ_SET_EA 858D6A60
Device \Driver\a347scsi \Device\Scsi\a347scsi1 IRP_MJ_FLUSH_BUFFERS 858D6A60
Device \Driver\a347scsi \Device\Scsi\a347scsi1 IRP_MJ_QUERY_VOLUME_INFORMATION 858D6A60
Device \Driver\a347scsi \Device\Scsi\a347scsi1 IRP_MJ_SET_VOLUME_INFORMATION 858D6A60
Device \Driver\a347scsi \Device\Scsi\a347scsi1 IRP_MJ_DIRECTORY_CONTROL 858D6A60
Device \Driver\a347scsi \Device\Scsi\a347scsi1 IRP_MJ_FILE_SYSTEM_CONTROL 858D6A60
Device \Driver\a347scsi \Device\Scsi\a347scsi1 IRP_MJ_DEVICE_CONTROL 858D6A60
Device \Driver\a347scsi \Device\Scsi\a347scsi1 IRP_MJ_INTERNAL_DEVICE_CONTROL 858D6A60
Device \Driver\a347scsi \Device\Scsi\a347scsi1 IRP_MJ_SHUTDOWN 858D6A60
Device \Driver\a347scsi \Device\Scsi\a347scsi1 IRP_MJ_LOCK_CONTROL 858D6A60
Device \Driver\a347scsi \Device\Scsi\a347scsi1 IRP_MJ_CLEANUP 858D6A60
Device \Driver\a347scsi \Device\Scsi\a347scsi1 IRP_MJ_CREATE_MAILSLOT 858D6A60
Device \Driver\a347scsi \Device\Scsi\a347scsi1 IRP_MJ_QUERY_SECURITY 858D6A60
Device \Driver\a347scsi \Device\Scsi\a347scsi1 IRP_MJ_SET_SECURITY 858D6A60
Device \Driver\a347scsi \Device\Scsi\a347scsi1 IRP_MJ_POWER 858D6A60
Device \Driver\a347scsi \Device\Scsi\a347scsi1 IRP_MJ_SYSTEM_CONTROL 858D6A60
Device \Driver\a347scsi \Device\Scsi\a347scsi1 IRP_MJ_DEVICE_CHANGE 858D6A60
Device \Driver\a347scsi \Device\Scsi\a347scsi1 IRP_MJ_QUERY_QUOTA 858D6A60
Device \Driver\a347scsi \Device\Scsi\a347scsi1 IRP_MJ_SET_QUOTA 858D6A60
Device \Driver\a347scsi \Device\Scsi\a347scsi1 IRP_MJ_PNP 858D6A60
Device \Driver\a347scsi \Device\Scsi\a347scsi1 IRP_MJ_PNP_POWER 858D6A60
Device \Driver\dtscsi \Device\Scsi\dtscsi1 IRP_MJ_CREATE 86253F00
Device \Driver\dtscsi \Device\Scsi\dtscsi1 IRP_MJ_CREATE_NAMED_PIPE 86253F00
Device \Driver\dtscsi \Device\Scsi\dtscsi1 IRP_MJ_CLOSEIRP_MJ_READ 86253F00
Device \Driver\dtscsi \Device\Scsi\dtscsi1 IRP_MJ_WRITE 86253F00
Device \Driver\dtscsi \Device\Scsi\dtscsi1 IRP_MJ_QUERY_INFORMATION 86253F00
Device \Driver\dtscsi \Device\Scsi\dtscsi1 IRP_MJ_SET_INFORMATION 86253F00
Device \Driver\dtscsi \Device\Scsi\dtscsi1 IRP_MJ_QUERY_EA 86253F00
Device \Driver\dtscsi \Device\Scsi\dtscsi1 IRP_MJ_SET_EA 86253F00
Device \Driver\dtscsi \Device\Scsi\dtscsi1 IRP_MJ_FLUSH_BUFFERS 86253F00
Device \Driver\dtscsi \Device\Scsi\dtscsi1 IRP_MJ_QUERY_VOLUME_INFORMATION 86253F00
Device \Driver\dtscsi \Device\Scsi\dtscsi1 IRP_MJ_SET_VOLUME_INFORMATION 86253F00
Device \Driver\dtscsi \Device\Scsi\dtscsi1 IRP_MJ_DIRECTORY_CONTROL 86253F00
Device \Driver\dtscsi \Device\Scsi\dtscsi1 IRP_MJ_FILE_SYSTEM_CONTROL 86253F00
Device \Driver\dtscsi \Device\Scsi\dtscsi1 IRP_MJ_DEVICE_CONTROL 86253F00
Device \Driver\dtscsi \Device\Scsi\dtscsi1 IRP_MJ_INTERNAL_DEVICE_CONTROL 86253F00
Device \Driver\dtscsi \Device\Scsi\dtscsi1 IRP_MJ_SHUTDOWN 86253F00
Device \Driver\dtscsi \Device\Scsi\dtscsi1 IRP_MJ_LOCK_CONTROL 86253F00
Device \Driver\dtscsi \Device\Scsi\dtscsi1 IRP_MJ_CLEANUP 86253F00
Device \Driver\dtscsi \Device\Scsi\dtscsi1 IRP_MJ_CREATE_MAILSLOT 86253F00
Device \Driver\dtscsi \Device\Scsi\dtscsi1 IRP_MJ_QUERY_SECURITY 86253F00
Device \Driver\dtscsi \Device\Scsi\dtscsi1 IRP_MJ_SET_SECURITY 86253F00
Device \Driver\dtscsi \Device\Scsi\dtscsi1 IRP_MJ_POWER 86253F00
Device \Driver\dtscsi \Device\Scsi\dtscsi1 IRP_MJ_SYSTEM_CONTROL 86253F00
Device \Driver\dtscsi \Device\Scsi\dtscsi1 IRP_MJ_DEVICE_CHANGE 86253F00
Device \Driver\dtscsi \Device\Scsi\dtscsi1 IRP_MJ_QUERY_QUOTA 86253F00
Device \Driver\dtscsi \Device\Scsi\dtscsi1 IRP_MJ_SET_QUOTA 86253F00
Device \Driver\dtscsi \Device\Scsi\dtscsi1 IRP_MJ_PNP 86253F00
Device \Driver\dtscsi \Device\Scsi\dtscsi1 IRP_MJ_PNP_POWER 86253F00
Device \Driver\dtscsi \Device\Scsi\dtscsi1Port3Path0Target0Lun0 IRP_MJ_CREATE 86253F00
Device \Driver\dtscsi \Device\Scsi\dtscsi1Port3Path0Target0Lun0 IRP_MJ_CREATE_NAMED_PIPE 86253F00
Device \Driver\dtscsi \Device\Scsi\dtscsi1Port3Path0Target0Lun0 IRP_MJ_CLOSEIRP_MJ_READ 86253F00
Device \Driver\dtscsi \Device\Scsi\dtscsi1Port3Path0Target0Lun0 IRP_MJ_WRITE 86253F00
Device \Driver\dtscsi \Device\Scsi\dtscsi1Port3Path0Target0Lun0 IRP_MJ_QUERY_INFORMATION 86253F00
Device \Driver\dtscsi \Device\Scsi\dtscsi1Port3Path0Target0Lun0 IRP_MJ_SET_INFORMATION 86253F00
Device \Driver\dtscsi \Device\Scsi\dtscsi1Port3Path0Target0Lun0 IRP_MJ_QUERY_EA 86253F00
Device \Driver\dtscsi \Device\Scsi\dtscsi1Port3Path0Target0Lun0 IRP_MJ_SET_EA 86253F00
Device \Driver\dtscsi \Device\Scsi\dtscsi1Port3Path0Target0Lun0 IRP_MJ_FLUSH_BUFFERS 86253F00
Device \Driver\dtscsi \Device\Scsi\dtscsi1Port3Path0Target0Lun0 IRP_MJ_QUERY_VOLUME_INFORMATION 86253F00
Device \Driver\dtscsi \Device\Scsi\dtscsi1Port3Path0Target0Lun0 IRP_MJ_SET_VOLUME_INFORMATION 86253F00
Device \Driver\dtscsi \Device\Scsi\dtscsi1Port3Path0Target0Lun0 IRP_MJ_DIRECTORY_CONTROL 86253F00
Device \Driver\dtscsi \Device\Scsi\dtscsi1Port3Path0Target0Lun0 IRP_MJ_FILE_SYSTEM_CONTROL 86253F00
Device \Driver\dtscsi \Device\Scsi\dtscsi1Port3Path0Target0Lun0 IRP_MJ_DEVICE_CONTROL 86253F00
Device \Driver\dtscsi \Device\Scsi\dtscsi1Port3Path0Target0Lun0 IRP_MJ_INTERNAL_DEVICE_CONTROL 86253F00
Device \Driver\dtscsi \Device\Scsi\dtscsi1Port3Path0Target0Lun0 IRP_MJ_SHUTDOWN 86253F00
Device \Driver\dtscsi \Device\Scsi\dtscsi1Port3Path0Target0Lun0 IRP_MJ_LOCK_CONTROL 86253F00
Device \Driver\dtscsi \Device\Scsi\dtscsi1Port3Path0Target0Lun0 IRP_MJ_CLEANUP 86253F00
Device \Driver\dtscsi \Device\Scsi\dtscsi1Port3Path0Target0Lun0 IRP_MJ_CREATE_MAILSLOT 86253F00
Device \Driver\dtscsi \Device\Scsi\dtscsi1Port3Path0Target0Lun0 IRP_MJ_QUERY_SECURITY 86253F00
Device \Driver\dtscsi \Device\Scsi\dtscsi1Port3Path0Target0Lun0 IRP_MJ_SET_SECURITY 86253F00
Device \Driver\dtscsi \Device\Scsi\dtscsi1Port3Path0Target0Lun0 IRP_MJ_POWER 86253F00
Device \Driver\dtscsi \Device\Scsi\dtscsi1Port3Path0Target0Lun0 IRP_MJ_SYSTEM_CONTROL 86253F00
Device \Driver\dtscsi \Device\Scsi\dtscsi1Port3Path0Target0Lun0 IRP_MJ_DEVICE_CHANGE 86253F00
Device \Driver\dtscsi \Device\Scsi\dtscsi1Port3Path0Target0Lun0 IRP_MJ_QUERY_QUOTA 86253F00
Device \Driver\dtscsi \Device\Scsi\dtscsi1Port3Path0Target0Lun0 IRP_MJ_SET_QUOTA 86253F00
Device \Driver\dtscsi \Device\Scsi\dtscsi1Port3Path0Target0Lun0 IRP_MJ_PNP 86253F00
Device \Driver\dtscsi \Device\Scsi\dtscsi1Port3Path0Target0Lun0 IRP_MJ_PNP_POWER 86253F00
Device \FileSystem\Cdfs \Cdfs IRP_MJ_CREATE 8626C2E0

---- Modules - GMER 1.0.10 ----

Module _________ F732F000

---- Files - GMER 1.0.10 ----

File C:\System Volume Information\MountPointManagerRemoteDatabase
File C:\System Volume Information\tracking.log

---- EOF - GMER 1.0.10 ----

Log Gmer Autostart:
Citazione:


GMER 1.0.10.10122 - http://www.gmer.net
Autostart 2006-08-19 00:56:41
Windows 5.1.2600 Service Pack 2

Winlogon@System =
Windows@AppInit_DLLs =

HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters@Domain =

HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{60D782E9-A57E-419E-9006-E899A7455D11} /*Connessione alla rete locale (LAN)*/@Domain =

HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved >>>
@{764BF0E1-F219-11ce-972D-00AA00A14F56} /*Estensioni shell per la compressione dei file*/(null) =
@{853FE2B1-B769-11d0-9C4E-00C04FB6C6FA} /*Menu di scelta rapida di crittografia*/(null) =
@{0DF44EAA-FF21-4412-828E-260A8728E7F1} /*Barra delle applicazioni e menu di avvio*/(null) =
@{00E7B358-F65B-4dcf-83DF-CD026B94BFD4} /*Autoplay for SlideShow*/(null) =
@{7A9D77BD-5403-11d2-8785-2E0420524153} /*Account utente*/(null) =
@{ED65AC21-B24F-11d3-BA80-00C0CA16AA37} /*Siemens Device*/(null) =
@{ED65AC22-B24F-11d3-BA80-00C0CA16AA37} /*Siemens Device ContextMenuHandler*/(null) =
@{ED65AC23-B24F-11d3-BA80-00C0CA16AA37} /*Siemens SX1 PropertySheetHandler*/(null) =

HKLM\Software\Classes\ >>>
.exe@ = "%1" %*
.com@ = "%1" %*
.cmd@ = "%1" %*
.bat@ = "%1" %*
.pif@ = "%1" %*
.scr@ = "%1" /S

HKLM\SYSTEM\CurrentControlSet\Services\ >>>
avast! Antivirus /*avast! Antivirus*/@ = "C:\Programmi\Alwil Software\Avast4\ashServ.exe"
aswUpdSv /*avast! iAVS4 Control Service*/@ = "C:\Programmi\Alwil Software\Avast4\aswUpdSv.exe"

HKLM\Software\Microsoft\Windows\CurrentVersion\Run@!ewido = "C:\Programmi\ewido anti-spyware 4.0\ewido.exe" /minimized

HKLM\SYSTEM\CurrentControlSet\Services\NetCut /*NetCut*/@ = "C:\Programmi\File comuni\System\JrAi.exe" /*file not found*/

HKLM\Software\Classes\Folder\shell\explore\command@ = %SystemRoot%\Explorer.exe /e,/idlist,%I,%L

HKLM\Software\Classes\Folder\shell\open\command@ = %SystemRoot%\Explorer.exe /idlist,%I,%L

HKLM\SYSTEM\CurrentControlSet\Services\ALG /*Servizio Gateway di livello applicazione*/@ = %SystemRoot%\System32\alg.exe

HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved >>>
@{352EC2B7-8B9A-11D1-B8AE-006008059382} /*Gestione applicazioni shell*/%SystemRoot%\system32\appwiz.cpl = %SystemRoot%\system32\appwiz.cpl
@{0B124F8F-91F0-11D1-B8B5-006008059382} /*Enumeratore applicazioni installate*/%SystemRoot%\system32\appwiz.cpl = %SystemRoot%\system32\appwiz.cpl
@{CFCCC7A0-A282-11D1-9082-006008059382} /*Darwin App Publisher*/%SystemRoot%\system32\appwiz.cpl = %SystemRoot%\system32\appwiz.cpl

HKLM\SYSTEM\CurrentControlSet\Services\Ati HotKey Poller@ = %SystemRoot%\system32\Ati2evxx.exe

HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved >>>
@{640167b4-59b0-47a6-b335-a6b3c0695aea} /*Portable Media Devices*/%SystemRoot%\system32\Audiodev.dll = %SystemRoot%\system32\Audiodev.dll
@{cc86590a-b60a-48e6-996b-41d25ed39a1e} /*Portable Media Devices Menu*/%SystemRoot%\system32\Audiodev.dll = %SystemRoot%\system32\Audiodev.dll

HKLM\Software\Microsoft\Internet Explorer\Main@Local Page = %SystemRoot%\system32\blank.htm

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler >>>
@{438755C2-A8BA-11D1-B96B-00A0C90312E1}%SystemRoot%\system32\browseui.dll = %SystemRoot%\system32\browseui.dll
@{8C7461EF-2B13-11d2-BE35-3078302C2030}%SystemRoot%\system32\browseui.dll = %SystemRoot%\system32\browseui.dll

HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved >>>
@{5E6AB780-7743-11CF-A12B-00AA004AE837} /*Barra degli strumenti Microsoft Internet*/%SystemRoot%\system32\browseui.dll = %SystemRoot%\system32\browseui.dll
@{22BF0C20-6DA7-11D0-B373-00A0C9034938} /*Stato del download*/%SystemRoot%\system32\browseui.dll = %SystemRoot%\system32\browseui.dll
@{91EA3F8B-C99B-11d0-9815-00C04FD91972} /*Shell Folder accresciuto*/%SystemRoot%\system32\browseui.dll = %SystemRoot%\system32\browseui.dll
@{6413BA2C-B461-11d1-A18A-080036B11A03} /*Shell Folder 2 accresciuto*/%SystemRoot%\system32\browseui.dll = %SystemRoot%\system32\browseui.dll
@{F61FFEC1-754F-11d0-80CA-00AA005B4383} /*BandProxy*/%SystemRoot%\system32\browseui.dll = %SystemRoot%\system32\browseui.dll
@{7BA4C742-9E81-11CF-99D3-00AA004AE837} /*Microsoft BrowserBand*/%SystemRoot%\system32\browseui.dll = %SystemRoot%\system32\browseui.dll
@{30D02401-6A81-11d0-8274-00C04FD5AE38} /*SearchBand*/%SystemRoot%\system32\browseui.dll = %SystemRoot%\system32\browseui.dll
@{169A0691-8DF9-11d1-A1C4-00C04FD75D13} /*Ricerca all'interno*/%SystemRoot%\system32\browseui.dll = %SystemRoot%\system32\browseui.dll
@{07798131-AF23-11d1-9111-00A0C98BA67D} /*Ricerca Web*/%SystemRoot%\system32\browseui.dll = %SystemRoot%\system32\browseui.dll
@{AF4F6510-F982-11d0-8595-00AA004CD6D8} /*Utilità opzioni della struttura del Registro di sistema*/%SystemRoot%\system32\browseui.dll = %SystemRoot%\system32\browseui.dll
@{01E04581-4EEE-11d0-BFE9-00AA005B4383} /*&Indirizzo*/%SystemRoot%\system32\browseui.dll = %SystemRoot%\system32\browseui.dll
@{A08C11D2-A228-11d0-825B-00AA005B4383} /*Address EditBox*/%SystemRoot%\system32\browseui.dll = %SystemRoot%\system32\browseui.dll
@{00BB2763-6A77-11D0-A535-00C04FD7D062} /*Completamento automatico Microsoft*/%SystemRoot%\system32\browseui.dll = %SystemRoot%\system32\browseui.dll
@{7376D660-C583-11d0-A3A5-00C04FD706EC} /*TridentImageExtractor*/%SystemRoot%\system32\browseui.dll = %SystemRoot%\system32\browseui.dll
@{6756A641-DE71-11d0-831B-00AA005B4383} /*Elenco di Completamento automatico MRU*/%SystemRoot%\system32\browseui.dll = %SystemRoot%\system32\browseui.dll
@{6935DB93-21E8-4ccc-BEB9-9FE3C77A297A} /*Elenco di Completamento automatico MRU personalizzato*/%SystemRoot%\system32\browseui.dll = %SystemRoot%\system32\browseui.dll
@{7e653215-fa25-46bd-a339-34a2790f3cb7} /*Accessibile*/%SystemRoot%\system32\browseui.dll = %SystemRoot%\system32\browseui.dll
@{acf35015-526e-4230-9596-becbe19f0ac9} /*Indicatore di avanzamento popup*/%SystemRoot%\system32\browseui.dll = %SystemRoot%\system32\browseui.dll
@{00BB2764-6A77-11D0-A535-00C04FD7D062} /*Elenco di Completamento automatico della Cronologia di Microsoft*/%SystemRoot%\system32\browseui.dll = %SystemRoot%\system32\browseui.dll
@{03C036F1-A186-11D0-824A-00AA005B4383} /*Elenco di Completamento automatico di Shell Folder di Microsoft*/%SystemRoot%\system32\browseui.dll = %SystemRoot%\system32\browseui.dll
@{00BB2765-6A77-11D0-A535-00C04FD7D062} /*Contenitore dell'elenco di Completamento automatico multiplo Microsoft*/%SystemRoot%\system32\browseui.dll = %SystemRoot%\system32\browseui.dll
@{ECD4FC4E-521C-11D0-B792-00A0C90312E1} /*Shell Band Site Menu*/%SystemRoot%\system32\browseui.dll = %SystemRoot%\system32\browseui.dll
@{3CCF8A41-5C85-11d0-9796-00AA00B90ADF} /*Shell DeskBarApp*/%SystemRoot%\system32\browseui.dll = %SystemRoot%\system32\browseui.dll
@{ECD4FC4C-521C-11D0-B792-00A0C90312E1} /*Shell DeskBar*/%SystemRoot%\system32\browseui.dll = %SystemRoot%\system32\browseui.dll
@{ECD4FC4D-521C-11D0-B792-00A0C90312E1} /*Shell Rebar BandSite*/%SystemRoot%\system32\browseui.dll = %SystemRoot%\system32\browseui.dll
@{DD313E04-FEFF-11d1-8ECD-0000F87A470C} /*Assistenza utente*/%SystemRoot%\system32\browseui.dll = %SystemRoot%\system32\browseui.dll
@{EF8AD2D1-AE36-11D1-B2D2-006097DF8C11} /*Impostazioni cartella globale*/%SystemRoot%\system32\browseui.dll = %SystemRoot%\system32\browseui.dll
@{21569614-B795-46b1-85F4-E737A8DC09AD} /*Shell Search Band*/%SystemRoot%\system32\browseui.dll = %SystemRoot%\system32\browseui.dll
@{f39a0dc0-9cc8-11d0-a599-00c04fd64433} /*File del canale*/%SystemRoot%\system32\cdfview.dll = %SystemRoot%\system32\cdfview.dll
@{f3aa0dc0-9cc8-11d0-a599-00c04fd64434} /*Collegamento al canale*/%SystemRoot%\system32\cdfview.dll = %SystemRoot%\system32\cdfview.dll
@{f3ba0dc0-9cc8-11d0-a599-00c04fd64435} /*Channel Handler Object*/%SystemRoot%\system32\cdfview.dll = %SystemRoot%\system32\cdfview.dll
@{f3da0dc0-9cc8-11d0-a599-00c04fd64437} /*Channel Menu*/%SystemRoot%\system32\cdfview.dll = %SystemRoot%\system32\cdfview.dll
@{f3ea0dc0-9cc8-11d0-a599-00c04fd64438} /*Channel Properties*/%SystemRoot%\system32\cdfview.dll = %SystemRoot%\system32\cdfview.dll
@{750fdf0e-2a26-11d1-a3ea-080036587f03} /*Offline Files Menu*/%SystemRoot%\System32\cscui.dll = %SystemRoot%\System32\cscui.dll
@{10CFC467-4392-11d2-8DB4-00C04FA31A66} /*Offline Files Folder Options*/%SystemRoot%\System32\cscui.dll = %SystemRoot%\System32\cscui.dll
@{AFDB1F70-2A4C-11d2-9039-00C04F8EEB3E} /*Cartella file non in linea*/%SystemRoot%\System32\cscui.dll = %SystemRoot%\System32\cscui.dll

HKLM\Software\Classes\*\shellex\ContextMenuHandlers\Offline Files@{750fdf0e-2a26-11d1-a3ea-080036587f03} = %SystemRoot%\System32\cscui.dll

HKLM\Software\Classes\Directory\shellex\ContextMenuHandlers\Offline Files@{750fdf0e-2a26-11d1-a3ea-080036587f03} = %SystemRoot%\System32\cscui.dll

HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems@Windows = %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,3072,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16

HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved >>>
@{8A23E65E-31C2-11d0-891C-00A024AB2DBB} /*Directory Query UI*/%SystemRoot%\system32\dsquery.dll = %SystemRoot%\system32\dsquery.dll
@{9E51E0D0-6E0F-11d2-9601-00C04FA31A86} /*Shell properties for a DS object*/%SystemRoot%\system32\dsquery.dll = %SystemRoot%\system32\dsquery.dll
@{163FDC20-2ABC-11d0-88F0-00A024AB2DBB} /*Directory Object Find*/%SystemRoot%\system32\dsquery.dll = %SystemRoot%\system32\dsquery.dll
@{F020E586-5264-11d1-A532-0000F8757D7E} /*Directory Start/Search Find*/%SystemRoot%\system32\dsquery.dll = %SystemRoot%\system32\dsquery.dll
@{0D45D530-764B-11d0-A1CA-00AA00C16E65} /*Directory Property UI*/%SystemRoot%\system32\dsuiext.dll = %SystemRoot%\system32\dsuiext.dll
@{62AE1F9A-126A-11D0-A14B-0800361B1103} /*Directory Context Menu Verbs*/%SystemRoot%\system32\dsuiext.dll = %SystemRoot%\system32\dsuiext.dll
@{692F0339-CBAA-47e6-B5B5-3B84DB604E87} /*Extensions Manager Folder*/%SystemRoot%\system32\extmgr.dll = %SystemRoot%\system32\extmgr.dll
@{5DB2625A-54DF-11D0-B6C4-0800091AA605} /*Gestore monitor ICM*/%SystemRoot%\System32\icmui.dll = %SystemRoot%\System32\icmui.dll
@{675F097E-4C4D-11D0-B6C1-0800091AA605} /*Gestore stampante ICM*/%SystemRoot%\system32\icmui.dll = %SystemRoot%\system32\icmui.dll
@{DBCE2480-C732-101B-BE72-BA78E9AD5B27} /*Profilo ICC*/%SystemRoot%\system32\icmui.dll = %SystemRoot%\system32\icmui.dll

HKLM\Software\Classes\PROTOCOLS\Handler\mhtml@CLSID = %SystemRoot%\system32\inetcomm.dll

HKLM\SYSTEM\CurrentControlSet\Services\SamSs /*Gestione account di protezione (SAM)*/@ = %SystemRoot%\system32\lsass.exe

HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved@{7A80E4A8-8005-11D2-BCF8-00C04F72C717} /*MMC Icon Handler*/ = %SystemRoot%\System32\mmcshext.dll

HKLM\Software\Classes\PROTOCOLS\Handler\ >>>
about@CLSID = %SystemRoot%\system32\mshtml.dll
javascript@CLSID = %SystemRoot%\system32\mshtml.dll
mailto@CLSID = %SystemRoot%\system32\mshtml.dll
res@CLSID = %SystemRoot%\system32\mshtml.dll
sysimage@CLSID = %SystemRoot%\system32\mshtml.dll
vbscript@CLSID = %SystemRoot%\system32\mshtml.dll

HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\ >>>
000000000001@LibraryPath = %SystemRoot%\System32\mswsock.dll
000000000003@LibraryPath = %SystemRoot%\System32\mswsock.dll

HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\ >>>
000000000001@PackedCatalogItem = %SystemRoot%\system32\mswsock.dll
000000000002@PackedCatalogItem = %SystemRoot%\system32\mswsock.dll
000000000003@PackedCatalogItem = %SystemRoot%\system32\mswsock.dll
000000000006@PackedCatalogItem = %SystemRoot%\system32\mswsock.dll
000000000007@PackedCatalogItem = %SystemRoot%\system32\mswsock.dll
000000000008@PackedCatalogItem = %SystemRoot%\system32\mswsock.dll
000000000009@PackedCatalogItem = %SystemRoot%\system32\mswsock.dll
000000000010@PackedCatalogItem = %SystemRoot%\system32\mswsock.dll
000000000011@PackedCatalogItem = %SystemRoot%\system32\mswsock.dll
000000000012@PackedCatalogItem = %SystemRoot%\system32\mswsock.dll
000000000013@PackedCatalogItem = %SystemRoot%\system32\mswsock.dll

HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved >>>
@{ECF03A33-103D-11d2-854D-006008059367} /*MyDocs Copy Hook*/%SystemRoot%\system32\mydocs.dll = %SystemRoot%\system32\mydocs.dll
@{ECF03A32-103D-11d2-854D-006008059367} /*MyDocs Drop Target*/%SystemRoot%\system32\
Top
Profilo Invia messaggio privato
argenta3
Comune mortale
Comune mortale


Registrato: 18/08/06 19:50
Messaggi: 4
MessaggioInviato: 19 Ago 2006 20:56    Oggetto: Rispondi
Allora, aggiornamento del precedente post . La cartella non la mette piu mi è rimasto un solo un problema con il registro . Il servizio creato dalla versione del trojan che ho preso io è "netcut" riferito all'utente fittizio che creava all'avvio .Il servizio rifiuta in ogni modo di essere tolto o anche solo di essere modificato o letto (anche entrando in modalità provvisoria e provando a cambiare il proprietario ), pertanto rimane in automatico nei servizi (anche se poi controllando bene non essendogli rimasto nulla da usare risulta interrotto). Qualche consiglio su come rimuovere la maledetta chiave di registro? grazie 8)
Top
Profilo Invia messaggio privato
Mostra prima i messaggi di:   
Nuovo argomento   Rispondi    Indice del forum -> Pronto Soccorso Virus Tutti i fusi orari sono GMT + 2 ore
Pagina 1 di 1

 
Vai a:  
Non puoi inserire nuovi argomenti
Non puoi rispondere a nessun argomento
Non puoi modificare i tuoi messaggi
Non puoi cancellare i tuoi messaggi
Non puoi votare nei sondaggi