Dobré poledne, po zapnutí jakékoliv větší aplikace OS zamrzne a mě nezbývá nic než restart.Internet jede bez problému.
Zde je HijackThis log:
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16981)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\AVG\AVG9\avgchsvx.exe
C:\Program Files\AVG\AVG9\avgrsx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\CyberLink\PowerDVD9\PDVD9Serv.exe
C:\Program Files\Cyberlink\Shared Files\brs.exe
C:\PROGRA~1\SPYWAR~1\SpywareTerminatorShield.exe
C:\Documents and Settings\Jerkyss\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Ray Adams\ATI Tray Tools\atitray.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\AVG\AVG9\avgwdsvc.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\Program Files\AVG\AVG9\avgnsx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\AVG\AVG9\avgemc.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [JMB36X Configure] C:\WINDOWS\system32\JMRaidTool.exe boot
O4 - HKLM\..\Run: [amd_dc_opt] C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [RemoteControl9] "C:\Program Files\CyberLink\PowerDVD9\PDVD9Serv.exe"
O4 - HKLM\..\Run: [PDVD9LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD9\Language\Language.exe"
O4 - HKLM\..\Run: [BDRegion] C:\Program Files\Cyberlink\Shared Files\brs.exe
O4 - HKLM\..\Run: [SpywareTerminator] "C:\PROGRA~1\SPYWAR~1\SpywareTerminatorShield.exe"
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Jerkyss\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [RegistryMechanic] C:\Program Files\Registry Mechanic\RegMech.exe /H
O4 - HKCU\..\Run: [AtiTrayTools] "C:\Program Files\Ray Adams\ATI Tray Tools\atitray.exe"
O4 - HKCU\..\Run: [SpywareTerminatorUpdate] "C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe"
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [FreeRAM XP] "C:\Program Files\YourWare Solutions\FreeRAM XP Pro\FreeRAM XP Pro.exe" -win
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-21-823518204-920026266-682003330-1004\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Bratr')
O4 - HKUS\S-1-5-21-823518204-920026266-682003330-1004\..\Run: [Google Update] "C:\Documents and Settings\Bratr\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" /c (User 'Bratr')
O4 - HKUS\S-1-5-21-823518204-920026266-682003330-1004\..\Run: [SpywareTerminatorUpdate] "C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe" (User 'Bratr')
O4 - HKUS\S-1-5-21-823518204-920026266-682003330-1004\..\Run: [RGSC] C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent (User 'Bratr')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'Default user')
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG Free E-mail Scanner (avg9emc) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgemc.exe
O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: PC Tools Startup and Shutdown Monitor service (PCToolsSSDMonitorSvc) - PC Tools - C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
--
End of file - 7470 bytes
a zde je Combofix:
c:\windows\system32\404Fix.exe
c:\windows\system32\Agent.OMZ.Fix.exe
c:\windows\system32\dumphive.exe
c:\windows\system32\IEDFix.C.exe
c:\windows\system32\IEDFix.exe
c:\windows\system32\o4Patch.exe
c:\windows\system32\Process.exe
c:\windows\system32\SIntf16.dll
c:\windows\system32\SrchSTS.exe
c:\windows\system32\tmp.reg
c:\windows\system32\VACFix.exe
c:\windows\system32\VCCLSID.exe
c:\windows\system32\WS2Fix.exe
.
((((((((((((((((((((((((( Soubory vytvořené od 2010-01-20 do 2010-02-20 )))))))))))))))))))))))))))))))
.
2010-02-20 16:50 . 2010-02-20 16:51 -------- d-----w- c:\program files\Google
2010-02-20 13:10 . 2010-02-20 13:10 -------- d-----w- c:\program files\Common Files\ATI Technologies
2010-02-20 13:07 . 2009-09-18 20:05 593920 ------w- c:\windows\system32\ati2sgag.exe
2010-02-20 13:07 . 2009-09-19 01:42 887724 ----a-r- c:\windows\system32\ativva6x.dat
2010-02-20 13:07 . 2009-09-19 01:42 3 ----a-r- c:\windows\system32\ativva5x.dat
2010-02-20 13:07 . 2009-09-01 19:55 195855 ----a-r- c:\windows\system32\atiicdxx.dat
2010-02-20 13:06 . 2010-02-20 13:12 -------- d-----w- c:\program files\ATI Technologies
2010-02-20 09:44 . 2010-02-20 09:44 -------- d-----w- c:\program files\Spybot - Search & Destroy
2010-02-19 13:44 . 2010-02-19 13:45 -------- d-----w- c:\program files\Winamp
2010-02-17 22:49 . 2010-02-17 22:49 -------- d-----w- c:\program files\Unigine
2010-02-17 13:45 . 2010-02-17 13:45 -------- d-----w- c:\program files\YourWare Solutions
2010-02-16 19:41 . 2010-02-16 19:41 56 ---ha-w- c:\windows\system32\ezsidmv.dat
2010-02-16 19:38 . 2010-02-16 19:38 -------- d-----w- c:\program files\Common Files\Skype
2010-02-16 19:38 . 2010-02-16 19:38 -------- d-----r- c:\program files\Skype
2010-02-14 14:15 . 2010-02-14 14:15 142592 ----a-w- c:\windows\system32\drivers\sp_rsdrv2.sys
2010-02-14 14:15 . 2010-02-20 17:39 -------- d-----w- c:\program files\Spyware Terminator
2010-02-14 13:51 . 2010-02-14 13:51 -------- d-----w- C:\$AVG
2010-02-14 13:51 . 2010-02-14 13:51 360584 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2010-02-14 13:51 . 2010-02-14 13:51 12464 ----a-w- c:\windows\system32\avgrsstx.dll
2010-02-14 13:51 . 2010-02-14 13:51 333192 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2010-02-14 13:51 . 2010-02-14 13:51 28424 ----a-w- c:\windows\system32\drivers\avgmfx86.sys
2010-02-14 13:50 . 2010-02-20 17:39 -------- d-----w- c:\windows\system32\drivers\Avg
2010-02-14 13:50 . 2010-02-14 13:50 -------- d-----w- c:\program files\AVG
2010-02-13 16:47 . 2009-08-19 12:05 100368 ----a-w- c:\windows\system32\drivers\AtiHdmi.sys
2010-02-13 16:45 . 2010-02-13 16:56 -------- d-----w- C:\AMD
2010-02-13 15:16 . 2010-02-13 15:16 -------- d-----w- c:\program files\BRS
2010-02-13 15:16 . 2009-11-18 17:11 1347584 ----a-w- c:\windows\system32\rapture3d_oal.dll
2010-02-13 15:16 . 2009-11-01 12:11 17686528 ----a-w- c:\windows\system32\mkl_blueripple.dll
2010-02-13 15:16 . 2010-02-16 16:22 109080 ----a-w- c:\windows\system32\OpenAL32.dll
2010-02-13 15:16 . 2010-02-15 14:20 -------- d-----w- c:\program files\OpenAL
2010-02-13 15:16 . 2010-02-13 15:16 445016 ----a-w- c:\windows\system32\wrap_oal.dll
2010-02-13 14:37 . 2010-02-13 14:37 -------- d-----w- c:\program files\Rockstar Games
2010-02-13 14:34 . 2010-02-13 14:34 107888 ----a-w- c:\windows\system32\CmdLineExt.dll
2010-02-13 14:32 . 2010-02-13 15:02 -------- d-----w- c:\program files\Microsoft Games for Windows - LIVE
2010-02-13 14:32 . 2010-02-13 14:32 -------- d-----w- c:\windows\system32\xlive
2010-02-13 13:16 . 2010-02-19 18:59 1324 ----a-w- c:\windows\system32\d3d9caps.dat
2010-02-13 11:36 . 2009-12-04 18:22 455424 -c----w- c:\windows\system32\dllcache\mrxsmb.sys
2010-02-03 19:33 . 2010-02-15 21:33 -------- d-----w- c:\program files\Hamachi
2010-01-30 17:00 . 2010-01-30 17:00 -------- d-----w- c:\program files\VideoLAN
2010-01-30 16:51 . 2010-01-30 16:51 -------- d-----w- c:\program files\Common Files\CyberLink
2010-01-30 16:50 . 2010-01-30 16:51 -------- d-----w- c:\program files\CyberLink
2010-01-30 16:50 . 2010-01-30 16:50 505128 ----a-w- c:\windows\system32\msvcp71.dll
2010-01-30 16:50 . 2010-01-30 16:50 353576 ----a-w- c:\windows\system32\msvcr71.dll
2010-01-30 16:50 . 2010-01-30 16:50 29480 ----a-w- c:\windows\system32\msxml3a.dll
2010-01-29 17:16 . 2010-02-20 12:07 -------- d-----w- c:\program files\Steam
2010-01-29 17:13 . 2010-01-29 17:13 -------- d-----w- c:\windows\048298C9A4D3490B9FF9AB023A9238F3.TMP
2010-01-29 02:40 . 2010-01-29 02:40 -------- d-----w- c:\program files\Ray Adams
2010-01-28 12:39 . 2010-01-28 12:39 -------- d-----w- c:\windows\Sun
2010-01-28 12:36 . 2010-01-28 12:36 -------- d-----w- c:\program files\Common Files\Java
2010-01-28 12:36 . 2010-01-28 12:36 411368 ----a-w- c:\windows\system32\deploytk.dll
2010-01-28 12:36 . 2010-01-28 12:36 -------- d-----w- c:\program files\Java
2010-01-27 19:54 . 2009-05-29 12:36 39424 ----a-w- c:\windows\system32\drivers\usbaapl.sys
2010-01-27 19:54 . 2009-05-29 12:36 2060288 ----a-w- c:\windows\system32\usbaaplrc.dll
2010-01-27 19:54 . 2010-01-27 19:54 -------- d-----w- c:\program files\Common Files\Apple
2010-01-27 19:52 . 2010-01-27 19:53 -------- d-----w- c:\program files\QuickTime
2010-01-27 17:03 . 2010-01-27 17:03 -------- d-----w- c:\program files\EA SPORTS
2010-01-23 10:34 . 2010-02-15 16:22 -------- d-----w- c:\program files\Common Files\BioWare
2010-01-22 18:24 . 2010-01-22 18:24 -------- d-----w- c:\program files\Defraggler
2010-01-22 18:21 . 2010-01-22 18:21 -------- d-----w- c:\program files\Common Files\PC Tools
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-02-20 13:07 . 2010-01-06 20:37 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-02-13 13:37 . 2010-01-11 17:39 -------- d-----w- c:\program files\Valve
2010-02-13 13:17 . 2010-02-13 13:17 -------- d-----w- c:\program files\ATI
2010-02-03 19:33 . 2009-09-23 08:41 25280 ----a-w- c:\windows\system32\drivers\hamachi.sys
2010-01-23 10:58 . 2010-01-21 15:13 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2010-01-23 10:57 . 2010-01-21 15:14 -------- d-----w- c:\program files\AGEIA Technologies
2010-01-18 14:23 . 2010-01-16 14:19 21840 ----atw- c:\windows\system32\SIntfNT.dll
2010-01-18 14:23 . 2010-01-16 14:19 17212 ----atw- c:\windows\system32\SIntf32.dll
2010-01-16 14:23 . 2010-01-16 14:23 -------- d-----w- c:\program files\DAEMON Tools Lite
2010-01-16 14:23 . 2010-01-16 14:23 691696 ----a-w- c:\windows\system32\drivers\sptd.sys
2010-01-15 00:15 . 2010-01-15 00:15 -------- d-----w- c:\program files\OpenOffice.org 3
2010-01-08 19:25 . 2010-01-08 17:42 -------- d-----w- c:\program files\Mv2Player
2010-01-08 17:41 . 2010-01-08 17:41 -------- d-----w- c:\program files\Codec Pack - All In 1
2010-01-08 17:40 . 2010-01-08 17:41 737280 ----a-w- c:\windows\iun6002.exe
2010-01-08 11:49 . 2001-10-25 16:00 77872 ----a-w- c:\windows\system32\perfc005.dat
2010-01-08 11:49 . 2001-10-25 16:00 428750 ----a-w- c:\windows\system32\perfh005.dat
2010-01-07 19:22 . 2010-01-06 19:09 86327 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2010-01-07 19:22 . 2010-01-06 19:09 2426 ----a-w- c:\windows\pchealth\helpctr\PackageStore\SkuStore.bin
2010-01-07 19:22 . 2010-01-06 19:09 8972 ----a-w- c:\windows\pchealth\helpctr\Config\Cntstore.bin
2010-01-07 14:36 . 2010-01-07 14:35 -------- d-----w- c:\program files\ICQ6.5
2010-01-07 14:10 . 2010-01-07 14:10 75064 ----a-w- c:\windows\system32\PnkBstrA.exe
2010-01-06 21:12 . 2010-01-06 21:12 -------- d-----w- c:\program files\AMD
2010-01-06 21:03 . 2010-01-06 21:03 -------- d-----w- c:\program files\MSBuild
2010-01-06 21:01 . 2010-01-06 21:01 -------- d-----w- c:\program files\Reference Assemblies
2010-01-06 20:53 . 2010-01-06 20:53 -------- d-----w- c:\program files\Marvell
2010-01-06 20:53 . 2010-01-06 20:37 -------- d-----w- c:\program files\Common Files\InstallShield
2010-01-06 20:46 . 2010-01-06 20:46 -------- d-----w- c:\program files\Analog Devices
2010-01-06 20:39 . 2010-01-06 20:39 0 ----a-w- c:\windows\ativpsrm.bin
2010-01-06 19:10 . 2010-01-06 19:10 -------- d-----w- c:\program files\microsoft frontpage
2010-01-06 19:07 . 2010-01-06 19:07 21812 ----a-w- c:\windows\system32\emptyregdb.dat
2010-01-06 19:06 . 2010-01-06 19:06 -------- d-----w- c:\program files\Windows Media Connect 2
2010-01-05 09:58 . 2008-03-01 13:02 832512 ----a-w- c:\windows\system32\wininet.dll
2010-01-05 09:57 . 2008-05-19 09:15 78336 ----a-w- c:\windows\system32\ieencode.dll
2010-01-05 09:57 . 2008-05-19 09:15 17408 ----a-w- c:\windows\system32\corpol.dll
2009-12-31 16:50 . 2008-04-13 22:45 353792 ----a-w- c:\windows\system32\drivers\srv.sys
2009-12-17 07:42 . 2010-01-06 19:06 343552 ----a-w- c:\windows\system32\mspaint.exe
2009-12-14 07:10 . 2008-04-14 06:51 33280 ----a-w- c:\windows\system32\csrsrv.dll
2009-12-11 20:26 . 2010-02-13 13:17 446464 ----a-w- c:\windows\system32\SET4B.tmp
2009-12-11 19:59 . 2010-02-13 13:17 176128 ----a-w- c:\windows\system32\atiadlxx.dll
2009-12-04 18:22 . 2008-04-13 22:47 455424 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2009-11-30 17:02 . 2009-11-30 17:02 171144 ----a-w- c:\windows\system32\xliveinstall.dll
2009-11-30 17:02 . 2009-11-30 17:02 72840 ----a-w- c:\windows\system32\xliveinstallhost.exe
2009-11-27 17:14 . 2008-04-14 06:51 1294336 ----a-w- c:\windows\system32\quartz.dll
2009-11-27 17:14 . 2008-04-14 08:51 17920 ----a-w- c:\windows\system32\msyuv.dll
2009-11-27 16:09 . 2001-10-25 16:00 28672 ----a-w- c:\windows\system32\msvidc32.dll
2009-11-27 16:09 . 2001-10-24 12:25 8704 ----a-w- c:\windows\system32\tsbyuv.dll
2009-11-27 16:09 . 2008-04-14 08:51 48128 ----a-w- c:\windows\system32\iyuv_32.dll
2009-11-27 16:09 . 2008-04-14 06:51 11264 ----a-w- c:\windows\system32\msrle32.dll
2009-11-27 16:09 . 2008-04-14 06:51 84992 ----a-w- c:\windows\system32\avifil32.dll
.
------- Sigcheck -------
[-] 2008-05-19 . E3B22F050F840306FD522227F68046C5 . 1571840 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Google Update"="c:\documents and settings\Jerkyss\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" [2010-01-09 135664]
"RegistryMechanic"="c:\program files\Registry Mechanic\RegMech.exe" [2009-11-25 3176408]
"AtiTrayTools"="c:\program files\Ray Adams\ATI Tray Tools\atitray.exe" [2009-10-28 658432]
"SpywareTerminatorUpdate"="c:\program files\Spyware Terminator\SpywareTerminatorUpdate.exe" [2010-02-14 3037696]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2009-10-09 25623336]
"FreeRAM XP"="c:\program files\YourWare Solutions\FreeRAM XP Pro\FreeRAM XP Pro.exe" [2006-03-22 1591808]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2008-04-14 1695232]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2006-09-26 872448]
"JMB36X Configure"="c:\windows\system32\JMRaidTool.exe" [2006-08-14 352256]
"amd_dc_opt"="c:\program files\AMD\Dual-Core Optimizer\amd_dc_opt.exe" [2008-07-22 77824]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-05-26 413696]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-01-11 246504]
"RemoteControl9"="c:\program files\CyberLink\PowerDVD9\PDVD9Serv.exe" [2009-04-27 87336]
"PDVD9LanguageShortcut"="c:\program files\CyberLink\PowerDVD9\Language\Language.exe" [2009-04-27 50472]
"BDRegion"="c:\program files\Cyberlink\Shared Files\brs.exe" [2009-05-07 75048]
"SpywareTerminator"="c:\progra~1\SPYWAR~1\SpywareTerminatorShield.exe" [2010-02-14 2166784]
"WinampAgent"="c:\program files\Winamp\winampa.exe" [2010-01-12 37888]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-09-18 98304]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"nltide_2"="shell32" [X]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2010-02-14 13:51 12464 ----a-w- c:\windows\system32\avgrsstx.dll
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\ICQ6.5\\ICQ.exe"=
"d:\\lft2\\left 4 dead 2\\left4dead2.exe"=
"e:\\Rockstar Games\\Grand Theft Auto IV\\LaunchGTAIV.exe"=
"e:\\Rockstar Games\\Grand Theft Auto IV\\GTAIV.exe"=
"c:\\Program Files\\Rockstar Games\\Rockstar Games Social Club\\RGSCLauncher.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\dirt 2\\dirt2.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\dirt 2\\dirt2_game.exe"=
"c:\\Program Files\\Microsoft Games for Windows - LIVE\\Client\\GFWLive.exe"=
"c:\\Program Files\\AVG\\AVG9\\avgemc.exe"=
"c:\\Program Files\\AVG\\AVG9\\avgupd.exe"=
"c:\\Program Files\\AVG\\AVG9\\avgnsx.exe"=
"e:\\EA GAMES\\Battlefield 2\\BF2.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\aliens vs predator demo\\AvP.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\zombie driver\\Release\\ZombieDriver.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\Spyware Terminator\\SpywareTerminatorUpdate.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
R1 atitray;atitray;c:\program files\Ray Adams\ATI Tray Tools\atitray.sys [24.10.2009 19:03 19232]
R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [14.2.2010 14:51 333192]
R1 AvgTdiX;AVG Free Network Redirector;c:\windows\system32\drivers\avgtdix.sys [14.2.2010 14:51 360584]
R1 sp_rsdrv2;Spyware Terminator Driver 2;c:\windows\system32\drivers\sp_rsdrv2.sys [14.2.2010 15:15 142592]
R2 {B154377D-700F-42cc-9474-23858FBDF4BD};Power Control [2010/01/30 17:51];c:\program files\CyberLink\PowerDVD9\000.fcl [7.5.2009 21:05 87536]
R2 avg9emc;AVG Free E-mail Scanner;c:\program files\AVG\AVG9\avgemc.exe [14.2.2010 14:50 906520]
R2 avg9wd;AVG Free WatchDog;c:\program files\AVG\AVG9\avgwdsvc.exe [14.2.2010 14:50 285392]
R2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service;c:\program files\Common Files\PC Tools\sMonitor\StartManSvc.exe [22.1.2010 19:21 583640]
S0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [16.1.2010 15:23 691696]
S2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [20.2.2010 17:50 135664]
.
Obsah adresáře 'Naplánované úlohy'
2010-02-20 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-20 16:50]
2010-02-20 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-20 16:50]
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
AddRemove-CopyTrans Suite - c:\program files\WindSolutions\CopyTrans Suite\CopyTransControlCenter.exe
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-02-20 21:59
Windows 5.1.2600 Service Pack 3 NTFS
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
sken byl úspešně dokončen
skryté soubory: 0
**************************************************************************
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\{B154377D-700F-42cc-9474-23858FBDF4BD}]
"ImagePath"="\??\c:\program files\CyberLink\PowerDVD9\000.fcl"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
[HKEY_USERS\S-1-5-21-823518204-920026266-682003330-1003\Software\SecuROM\License information*]
"datasecu"=hex:4d,57,dc,7a,39,3b,76,5b,30,84,b4,34,02,bf,aa,26,f0,55,30,c6,58,
72,7d,17,59,cd,cb,26,57,3f,85,e5,cb,e6,d4,48,cb,e8,7c,09,a8,dd,4d,fb,ca,c7,\
"rkeysecu"=hex:58,e0,23,38,0f,38,e4,d9,c1,9d,7b,00,c8,58,1f,d9
.
--------------------- Knihovny navázané na běžící procesy ---------------------
- - - - - - - > 'winlogon.exe'(756)
c:\windows\system32\Ati2evxx.dll
.
Celkový čas: 2010-02-20 21:59:57
ComboFix-quarantined-files.txt 2010-02-20 20:59
Před spuštěním: Volných bajtů: 15 477 006 336
Po spuštění: Volných bajtů: 15 701 544 960
WindowsXP-KB310994-SP2-Pro-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect /usepmtimer
- - End Of File - - DBA03A25062CCEF38821870400D28C4E
Prosím poraďte co je tam navíc, už mě z toho cuká v oku...
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
XP zamrznutí
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 119405
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: XP zamrznutí
Vzhledem k tomu, že jste log CF dal bez hlavičky, budu se ptát:
1.
Toto:
2. Kolik máte voného místa na systémovém disku?
1.
Toto:
jsou smazané soubory? Je nad nimi napsáno "Ostatní výmazy"?a zde je Combofix:
c:\windows\system32\404Fix.exe
c:\windows\system32\Agent.OMZ.Fix.exe
c:\windows\system32\dumphive.exe
c:\windows\system32\IEDFix.C.exe
c:\windows\system32\IEDFix.exe.........
2. Kolik máte voného místa na systémovém disku?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: XP zamrznutí
Ano jsou to ostatní výmazy omlouvám se za nepřiloženou hlavičku, teď jsem dodělal Scan SuperAntiSpywarem a také nic nenašel pouze cookies,na systémovém disku mám nad 20gb free.
Re: XP zamrznutí
Zde přikládám rootkit log sám se nevyznám co vymazat
GMER 1.0.12.12011 - http://www.gmer.net
Rootkit scan 2010-02-21 11:51:10
Windows 5.1.2600 Service Pack 3
---- System - GMER 1.0.12 ----
SSDT \??\C:\WINDOWS\system32\drivers\sp_rsdrv2.sys ZwClose
SSDT \??\C:\WINDOWS\system32\drivers\sp_rsdrv2.sys ZwCreateFile
SSDT \??\C:\WINDOWS\system32\drivers\sp_rsdrv2.sys ZwCreateKey
SSDT \??\C:\WINDOWS\system32\drivers\sp_rsdrv2.sys ZwCreateSection
SSDT \??\C:\WINDOWS\system32\drivers\sp_rsdrv2.sys ZwDeleteKey
SSDT \??\C:\WINDOWS\system32\drivers\sp_rsdrv2.sys ZwDeleteValueKey
SSDT spln.sys ZwEnumerateKey
SSDT spln.sys ZwEnumerateValueKey
SSDT \??\C:\WINDOWS\system32\drivers\sp_rsdrv2.sys ZwLoadDriver
SSDT \??\C:\WINDOWS\system32\drivers\sp_rsdrv2.sys ZwOpenFile
SSDT spln.sys ZwOpenKey
SSDT spln.sys ZwQueryKey
SSDT spln.sys ZwQueryValueKey
SSDT \??\C:\WINDOWS\system32\drivers\sp_rsdrv2.sys ZwSetInformationFile
SSDT \??\C:\WINDOWS\system32\drivers\sp_rsdrv2.sys ZwSetValueKey
SSDT \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS ZwTerminateProcess
SSDT \??\C:\WINDOWS\system32\drivers\sp_rsdrv2.sys ZwWriteFile
---- Kernel code sections - GMER 1.0.12 ----
.text ntkrnlpa.exe!ZwCallbackReturn + 2C58 805044F4 1 Byte [ EC ]
.text ntkrnlpa.exe!ZwCallbackReturn + 2C5A 805044F6 2 Bytes [ A1, AC ]
.text USBPORT.SYS!DllUnload B8F228AC 5 Bytes JMP 898C64E0
.text aeppis4k.SYS B8E95386 35 Bytes [ 00, 00, 00, 00, 00, 00, 20, ... ]
.text aeppis4k.SYS B8E953AA 24 Bytes [ 00, 00, 00, 00, 00, 00, 00, ... ]
.text aeppis4k.SYS B8E953C4 3 Bytes [ 00, 80, 02 ]
.text aeppis4k.SYS B8E953C9 1 Byte [ 30 ]
.text aeppis4k.SYS B8E953CB 9 Bytes [ 00, 00, 5E, 02, 00, 00, 00, ... ]
.text ...
---- User code sections - GMER 1.0.12 ----
.text C:\Program Files\Analog Devices\Core\smax4pnp.exe[628] kernel32.dll!LoadLibraryA 7C801D7B 5 Bytes JMP 00D36E60 C:\Program Files\Ray Adams\ATI Tray Tools\raphook.dll
.text C:\Documents and Settings\Jerkyss\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe[1160] kernel32.dll!LoadLibraryA 7C801D7B 5 Bytes JMP 10006E60 C:\Program Files\Ray Adams\ATI Tray Tools\raphook.dll
.text C:\PROGRA~1\SPYWAR~1\SpywareTerminatorShield.Exe[1808] kernel32.dll!LoadLibraryA 7C801D7B 5 Bytes JMP 10006E60 C:\Program Files\Ray Adams\ATI Tray Tools\raphook.dll
.text C:\Documents and Settings\Bratr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[2036] kernel32.dll!LoadLibraryA 7C801D7B 5 Bytes JMP 10006E60 C:\Program Files\Ray Adams\ATI Tray Tools\raphook.dll
.text C:\Documents and Settings\Bratr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[2108] kernel32.dll!LoadLibraryA 7C801D7B 5 Bytes JMP 10006E60 C:\Program Files\Ray Adams\ATI Tray Tools\raphook.dll
.text ...
.text C:\Documents and Settings\Bratr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[2768] ntdll.dll!NtCreateFile + 6 7C90D096 4 Bytes [ 28, 00, 15, 00 ]
.text C:\Documents and Settings\Bratr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[2768] ntdll.dll!NtCreateFile + B 7C90D09B 1 Byte [ E2 ]
.text C:\Documents and Settings\Bratr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[2768] ntdll.dll!NtOpenFile + 6 7C90D586 4 Bytes [ 68, 00, 15, 00 ]
.text C:\Documents and Settings\Bratr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[2768] ntdll.dll!NtOpenFile + B 7C90D58B 1 Byte [ E2 ]
.text C:\Documents and Settings\Bratr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[2768] ntdll.dll!NtOpenProcess + 6 7C90D5E6 4 Bytes [ A8, 01, 15, 00 ]
.text C:\Documents and Settings\Bratr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[2768] ntdll.dll!NtOpenProcess + B 7C90D5EB 1 Byte [ E2 ]
.text C:\Documents and Settings\Bratr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[2768] ntdll.dll!NtOpenProcessToken + 6 7C90D5F6 4 Bytes CALL 7B90EAFC
.text C:\Documents and Settings\Bratr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[2768] ntdll.dll!NtOpenProcessToken + B 7C90D5FB 1 Byte [ E2 ]
.text C:\Documents and Settings\Bratr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[2768] ntdll.dll!NtOpenProcessTokenEx + 6 7C90D606 4 Bytes [ A8, 02, 15, 00 ]
.text C:\Documents and Settings\Bratr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[2768] ntdll.dll!NtOpenProcessTokenEx + B 7C90D60B 1 Byte [ E2 ]
.text C:\Documents and Settings\Bratr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[2768] ntdll.dll!NtOpenThread + 6 7C90D646 4 Bytes [ 68, 01, 15, 00 ]
.text C:\Documents and Settings\Bratr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[2768] ntdll.dll!NtOpenThread + B 7C90D64B 1 Byte [ E2 ]
.text C:\Documents and Settings\Bratr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[2768] ntdll.dll!NtOpenThreadToken + 6 7C90D656 4 Bytes [ 68, 02, 15, 00 ]
.text C:\Documents and Settings\Bratr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[2768] ntdll.dll!NtOpenThreadToken + B 7C90D65B 1 Byte [ E2 ]
.text C:\Documents and Settings\Bratr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[2768] ntdll.dll!NtOpenThreadTokenEx + 6 7C90D666 4 Bytes CALL 7B90EB6D
.text C:\Documents and Settings\Bratr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[2768] ntdll.dll!NtOpenThreadTokenEx + B 7C90D66B 1 Byte [ E2 ]
.text C:\Documents and Settings\Bratr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[2768] ntdll.dll!NtQueryAttributesFile + 6 7C90D6F6 4 Bytes [ A8, 00, 15, 00 ]
.text C:\Documents and Settings\Bratr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[2768] ntdll.dll!NtQueryAttributesFile + B 7C90D6FB 1 Byte [ E2 ]
.text C:\Documents and Settings\Bratr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[2768] ntdll.dll!NtQueryFullAttributesFile + 6 7C90D796 4 Bytes CALL 7B90EC9B
.text C:\Documents and Settings\Bratr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[2768] ntdll.dll!NtQueryFullAttributesFile + B 7C90D79B 1 Byte [ E2 ]
.text C:\Documents and Settings\Bratr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[2768] ntdll.dll!NtSetInformationFile + 6 7C90DC46 4 Bytes [ 28, 01, 15, 00 ]
.text C:\Documents and Settings\Bratr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[2768] ntdll.dll!NtSetInformationFile + B 7C90DC4B 1 Byte [ E2 ]
.text C:\Documents and Settings\Bratr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[2768] ntdll.dll!NtSetInformationThread + 6 7C90DC96 4 Bytes [ 28, 02, 15, 00 ]
.text C:\Documents and Settings\Bratr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[2768] ntdll.dll!NtSetInformationThread + B 7C90DC9B 1 Byte [ E2 ]
.text C:\DOCUME~1\Jerkyss\LOCALS~1\temp\Rar$EX00.781\gmer.exe[3168] kernel32.dll!LoadLibraryA 7C801D7B 5 Bytes JMP 10006E60 C:\Program Files\Ray Adams\ATI Tray Tools\raphook.dll
---- Devices - GMER 1.0.12 ----
Device \FileSystem\Ntfs \Ntfs IRP_MJ_CREATE 89DE21F8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_CLOSE 89DE21F8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_READ 89DE21F8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_WRITE 89DE21F8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_INFORMATION 89DE21F8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_SET_INFORMATION 89DE21F8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_EA 89DE21F8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_SET_EA 89DE21F8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_FLUSH_BUFFERS 89DE21F8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_VOLUME_INFORMATION 89DE21F8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_SET_VOLUME_INFORMATION 89DE21F8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_DIRECTORY_CONTROL 89DE21F8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_FILE_SYSTEM_CONTROL 89DE21F8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_DEVICE_CONTROL 89DE21F8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_SHUTDOWN 89DE21F8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_LOCK_CONTROL 89DE21F8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_CLEANUP 89DE21F8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_SECURITY 89DE21F8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_SET_SECURITY 89DE21F8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_QUOTA 89DE21F8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_SET_QUOTA 89DE21F8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_PNP 89DE21F8
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_CREATE 898E6500
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_CLOSE 898E6500
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_READ 898E6500
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_WRITE 898E6500
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_QUERY_INFORMATION 898E6500
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_SET_INFORMATION 898E6500
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_QUERY_EA 898E6500
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_SET_EA 898E6500
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_FLUSH_BUFFERS 898E6500
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_QUERY_VOLUME_INFORMATION 898E6500
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_SET_VOLUME_INFORMATION 898E6500
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_DIRECTORY_CONTROL 898E6500
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_FILE_SYSTEM_CONTROL 898E6500
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_DEVICE_CONTROL 898E6500
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_SHUTDOWN 898E6500
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_LOCK_CONTROL 898E6500
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_CLEANUP 898E6500
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_PNP 898E6500
Device \Driver\NetBT \Device\NetBT_Tcpip_{4DE3892D-89C6-42B0-B296-D0C25E735B35} IRP_MJ_CREATE 899251F8
Device \Driver\NetBT \Device\NetBT_Tcpip_{4DE3892D-89C6-42B0-B296-D0C25E735B35} IRP_MJ_CLOSE 899251F8
Device \Driver\NetBT \Device\NetBT_Tcpip_{4DE3892D-89C6-42B0-B296-D0C25E735B35} IRP_MJ_DEVICE_CONTROL 899251F8
Device \Driver\NetBT \Device\NetBT_Tcpip_{4DE3892D-89C6-42B0-B296-D0C25E735B35} IRP_MJ_INTERNAL_DEVICE_CONTROL 899251F8
Device \Driver\NetBT \Device\NetBT_Tcpip_{4DE3892D-89C6-42B0-B296-D0C25E735B35} IRP_MJ_CLEANUP 899251F8
Device \Driver\NetBT \Device\NetBT_Tcpip_{4DE3892D-89C6-42B0-B296-D0C25E735B35} IRP_MJ_PNP 899251F8
Device \Driver\usbohci \Device\USBPDO-0 IRP_MJ_CREATE 89971368
Device \Driver\usbohci \Device\USBPDO-0 IRP_MJ_CLOSE 89971368
Device \Driver\usbohci \Device\USBPDO-0 IRP_MJ_DEVICE_CONTROL 89971368
Device \Driver\usbohci \Device\USBPDO-0 IRP_MJ_INTERNAL_DEVICE_CONTROL 89971368
Device \Driver\usbohci \Device\USBPDO-0 IRP_MJ_POWER 89971368
Device \Driver\usbohci \Device\USBPDO-0 IRP_MJ_SYSTEM_CONTROL 89971368
Device \Driver\usbohci \Device\USBPDO-0 IRP_MJ_PNP 89971368
Device \Driver\PCI_PNP1988 \Device\00000044 IRP_MJ_CREATE [B9EF2ABC] spln.sys
Device \Driver\PCI_PNP1988 \Device\00000044 IRP_MJ_CREATE_NAMED_PIPE [B9EF2ABC] spln.sys
Device \Driver\PCI_PNP1988 \Device\00000044 IRP_MJ_CLOSE [B9EF2ABC] spln.sys
Device \Driver\PCI_PNP1988 \Device\00000044 IRP_MJ_READ [B9EF2ABC] spln.sys
Device \Driver\PCI_PNP1988 \Device\00000044 IRP_MJ_WRITE [B9EF2ABC] spln.sys
Device \Driver\PCI_PNP1988 \Device\00000044 IRP_MJ_QUERY_INFORMATION [B9EF2ABC] spln.sys
Device \Driver\PCI_PNP1988 \Device\00000044 IRP_MJ_SET_INFORMATION [B9EF2ABC] spln.sys
Device \Driver\PCI_PNP1988 \Device\00000044 IRP_MJ_QUERY_EA [B9EF2ABC] spln.sys
Device \Driver\PCI_PNP1988 \Device\00000044 IRP_MJ_SET_EA [B9EF2ABC] spln.sys
Device \Driver\PCI_PNP1988 \Device\00000044 IRP_MJ_FLUSH_BUFFERS [B9EF2ABC] spln.sys
Device \Driver\PCI_PNP1988 \Device\00000044 IRP_MJ_QUERY_VOLUME_INFORMATION [B9EF2ABC] spln.sys
Device \Driver\PCI_PNP1988 \Device\00000044 IRP_MJ_SET_VOLUME_INFORMATION [B9EF2ABC] spln.sys
Device \Driver\PCI_PNP1988 \Device\00000044 IRP_MJ_DIRECTORY_CONTROL [B9EF2ABC] spln.sys
Device \Driver\PCI_PNP1988 \Device\00000044 IRP_MJ_FILE_SYSTEM_CONTROL [B9EF2ABC] spln.sys
Device \Driver\PCI_PNP1988 \Device\00000044 IRP_MJ_DEVICE_CONTROL [B9EF2ABC] spln.sys
Device \Driver\PCI_PNP1988 \Device\00000044 IRP_MJ_INTERNAL_DEVICE_CONTROL [B9EF2ABC] spln.sys
Device \Driver\PCI_PNP1988 \Device\00000044 IRP_MJ_SHUTDOWN [B9EF2ABC] spln.sys
Device \Driver\PCI_PNP1988 \Device\00000044 IRP_MJ_LOCK_CONTROL [B9EF2ABC] spln.sys
Device \Driver\PCI_PNP1988 \Device\00000044 IRP_MJ_CLEANUP [B9EF2ABC] spln.sys
Device \Driver\PCI_PNP1988 \Device\00000044 IRP_MJ_CREATE_MAILSLOT [B9EF2ABC] spln.sys
Device \Driver\PCI_PNP1988 \Device\00000044 IRP_MJ_QUERY_SECURITY [B9EF2ABC] spln.sys
Device \Driver\PCI_PNP1988 \Device\00000044 IRP_MJ_SET_SECURITY [B9EF2ABC] spln.sys
Device \Driver\PCI_PNP1988 \Device\00000044 IRP_MJ_POWER [B9EBCE30] spln.sys
Device \Driver\PCI_PNP1988 \Device\00000044 IRP_MJ_SYSTEM_CONTROL [B9ECB518] spln.sys
Device \Driver\PCI_PNP1988 \Device\00000044 IRP_MJ_DEVICE_CHANGE [B9EF2ABC] spln.sys
Device \Driver\PCI_PNP1988 \Device\00000044 IRP_MJ_QUERY_QUOTA [B9EF2ABC] spln.sys
Device \Driver\PCI_PNP1988 \Device\00000044 IRP_MJ_SET_QUOTA [B9EF2ABC] spln.sys
Device \Driver\PCI_PNP1988 \Device\00000044 IRP_MJ_PNP [B9EEFCA6] spln.sys
Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_CREATE 89DE41F8
Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_CLOSE 89DE41F8
Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_READ 89DE41F8
Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_WRITE 89DE41F8
Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_FLUSH_BUFFERS 89DE41F8
Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_DEVICE_CONTROL 89DE41F8
Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_INTERNAL_DEVICE_CONTROL 89DE41F8
Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_SHUTDOWN 89DE41F8
Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_POWER 89DE41F8
Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_SYSTEM_CONTROL 89DE41F8
Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_PNP 89DE41F8
Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_CREATE 89DE41F8
Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_CLOSE 89DE41F8
Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_READ 89DE41F8
Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_WRITE 89DE41F8
Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_FLUSH_BUFFERS 89DE41F8
Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_DEVICE_CONTROL 89DE41F8
Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_INTERNAL_DEVICE_CONTROL 89DE41F8
Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_SHUTDOWN 89DE41F8
Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_POWER 89DE41F8
Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_SYSTEM_CONTROL 89DE41F8
Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_PNP 89DE41F8
Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_CREATE 89DE41F8
Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_CLOSE 89DE41F8
Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_READ 89DE41F8
Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_WRITE 89DE41F8
Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_FLUSH_BUFFERS 89DE41F8
Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_DEVICE_CONTROL 89DE41F8
Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_INTERNAL_DEVICE_CONTROL 89DE41F8
Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_SHUTDOWN 89DE41F8
Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_POWER 89DE41F8
Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_SYSTEM_CONTROL 89DE41F8
Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_PNP 89DE41F8
Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_CREATE 89DE41F8
Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_CLOSE 89DE41F8
Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_READ 89DE41F8
Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_WRITE 89DE41F8
Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_FLUSH_BUFFERS 89DE41F8
Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_DEVICE_CONTROL 89DE41F8
Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_INTERNAL_DEVICE_CONTROL 89DE41F8
Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_SHUTDOWN 89DE41F8
Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_POWER 89DE41F8
Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_SYSTEM_CONTROL 89DE41F8
Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_PNP 89DE41F8
Device \Driver\usbohci \Device\USBPDO-1 IRP_MJ_CREATE 89971368
Device \Driver\usbohci \Device\USBPDO-1 IRP_MJ_CLOSE 89971368
Device \Driver\usbohci \Device\USBPDO-1 IRP_MJ_DEVICE_CONTROL 89971368
Device \Driver\usbohci \Device\USBPDO-1 IRP_MJ_INTERNAL_DEVICE_CONTROL 89971368
Device \Driver\usbohci \Device\USBPDO-1 IRP_MJ_POWER 89971368
Device \Driver\usbohci \Device\USBPDO-1 IRP_MJ_SYSTEM_CONTROL 89971368
Device \Driver\usbohci \Device\USBPDO-1 IRP_MJ_PNP 89971368
Device \Driver\usbohci \Device\USBPDO-2 IRP_MJ_CREATE 89971368
Device \Driver\usbohci \Device\USBPDO-2 IRP_MJ_CLOSE 89971368
Device \Driver\usbohci \Device\USBPDO-2 IRP_MJ_DEVICE_CONTROL 89971368
Device \Driver\usbohci \Device\USBPDO-2 IRP_MJ_INTERNAL_DEVICE_CONTROL 89971368
Device \Driver\usbohci \Device\USBPDO-2 IRP_MJ_POWER 89971368
Device \Driver\usbohci \Device\USBPDO-2 IRP_MJ_SYSTEM_CONTROL 89971368
Device \Driver\usbohci \Device\USBPDO-2 IRP_MJ_PNP 89971368
Device \Driver\usbohci \Device\USBPDO-3 IRP_MJ_CREATE 89971368
Device \Driver\usbohci \Device\USBPDO-3 IRP_MJ_CLOSE 89971368
Device \Driver\usbohci \Device\USBPDO-3 IRP_MJ_DEVICE_CONTROL 89971368
Device \Driver\usbohci \Device\USBPDO-3 IRP_MJ_INTERNAL_DEVICE_CONTROL 89971368
Device \Driver\usbohci \Device\USBPDO-3 IRP_MJ_POWER 89971368
Device \Driver\usbohci \Device\USBPDO-3 IRP_MJ_SYSTEM_CONTROL 89971368
Device \Driver\usbohci \Device\USBPDO-3 IRP_MJ_PNP 89971368
Device \Driver\usbohci \Device\USBPDO-4 IRP_MJ_CREATE 89971368
Device \Driver\usbohci \Device\USBPDO-4 IRP_MJ_CLOSE 89971368
Device \Driver\usbohci \Device\USBPDO-4 IRP_MJ_DEVICE_CONTROL 89971368
Device \Driver\usbohci \Device\USBPDO-4 IRP_MJ_INTERNAL_DEVICE_CONTROL 89971368
Device \Driver\usbohci \Device\USBPDO-4 IRP_MJ_POWER 89971368
Device \Driver\usbohci \Device\USBPDO-4 IRP_MJ_SYSTEM_CONTROL 89971368
Device \Driver\usbohci \Device\USBPDO-4 IRP_MJ_PNP 89971368
Device \Driver\usbehci \Device\USBPDO-5 IRP_MJ_CREATE 89BEC500
Device \Driver\usbehci \Device\USBPDO-5 IRP_MJ_CLOSE 89BEC500
Device \Driver\usbehci \Device\USBPDO-5 IRP_MJ_DEVICE_CONTROL 89BEC500
Device \Driver\usbehci \Device\USBPDO-5 IRP_MJ_INTERNAL_DEVICE_CONTROL 89BEC500
Device \Driver\usbehci \Device\USBPDO-5 IRP_MJ_POWER 89BEC500
Device \Driver\usbehci \Device\USBPDO-5 IRP_MJ_SYSTEM_CONTROL 89BEC500
Device \Driver\usbehci \Device\USBPDO-5 IRP_MJ_PNP 89BEC500
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_CREATE 89E541F8
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_READ 89E541F8
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_WRITE 89E541F8
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_FLUSH_BUFFERS 89E541F8
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_DEVICE_CONTROL 89E541F8
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_INTERNAL_DEVICE_CONTROL 89E541F8
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_SHUTDOWN 89E541F8
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_CLEANUP 89E541F8
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_POWER 89E541F8
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_SYSTEM_CONTROL 89E541F8
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_PNP 89E541F8
Device \Driver\NetBT \Device\NetBT_Tcpip_{1B7D9641-B70C-4E1D-8D97-06C4E6FF6A06} IRP_MJ_CREATE 899251F8
Device \Driver\NetBT \Device\NetBT_Tcpip_{1B7D9641-B70C-4E1D-8D97-06C4E6FF6A06} IRP_MJ_CLOSE 899251F8
Device \Driver\NetBT \Device\NetBT_Tcpip_{1B7D9641-B70C-4E1D-8D97-06C4E6FF6A06} IRP_MJ_DEVICE_CONTROL 899251F8
Device \Driver\NetBT \Device\NetBT_Tcpip_{1B7D9641-B70C-4E1D-8D97-06C4E6FF6A06} IRP_MJ_INTERNAL_DEVICE_CONTROL 899251F8
Device \Driver\NetBT \Device\NetBT_Tcpip_{1B7D9641-B70C-4E1D-8D97-06C4E6FF6A06} IRP_MJ_CLEANUP 899251F8
Device \Driver\NetBT \Device\NetBT_Tcpip_{1B7D9641-B70C-4E1D-8D97-06C4E6FF6A06} IRP_MJ_PNP 899251F8
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_CREATE 89BB6480
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_CLOSE 89BB6480
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_READ 89BB6480
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_WRITE 89BB6480
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_FLUSH_BUFFERS 89BB6480
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_DEVICE_CONTROL 89BB6480
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_INTERNAL_DEVICE_CONTROL 89BB6480
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_SHUTDOWN 89BB6480
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_POWER 89BB6480
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_SYSTEM_CONTROL 89BB6480
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_PNP 89BB6480
Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_CREATE 89E541F8
Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_READ 89E541F8
Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_WRITE 89E541F8
Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_FLUSH_BUFFERS 89E541F8
Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_DEVICE_CONTROL 89E541F8
Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_INTERNAL_DEVICE_CONTROL 89E541F8
Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_SHUTDOWN 89E541F8
Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_CLEANUP 89E541F8
Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_POWER 89E541F8
Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_SYSTEM_CONTROL 89E541F8
Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_PNP 89E541F8
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_CREATE 89BB6480
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_CLOSE 89BB6480
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_READ 89BB6480
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_WRITE 89BB6480
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_FLUSH_BUFFERS 89BB6480
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_DEVICE_CONTROL 89BB6480
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_INTERNAL_DEVICE_CONTROL 89BB6480
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_SHUTDOWN 89BB6480
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_POWER 89BB6480
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_SYSTEM_CONTROL 89BB6480
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_PNP 89BB6480
Device \Driver\NetBT \Device\NetBt_Wins_Export IRP_MJ_CREATE 899251F8
Device \Driver\NetBT \Device\NetBt_Wins_Export IRP_MJ_CLOSE 899251F8
Device \Driver\NetBT \Device\NetBt_Wins_Export IRP_MJ_DEVICE_CONTROL 899251F8
Device \Driver\NetBT \Device\NetBt_Wins_Export IRP_MJ_INTERNAL_DEVICE_CONTROL 899251F8
Device \Driver\NetBT \Device\NetBt_Wins_Export IRP_MJ_CLEANUP 899251F8
Device \Driver\NetBT \Device\NetBt_Wins_Export IRP_MJ_PNP 899251F8
Device \Driver\NetBT \Device\NetbiosSmb IRP_MJ_CREATE 899251F8
Device \Driver\NetBT \Device\NetbiosSmb IRP_MJ_CLOSE 899251F8
Device \Driver\NetBT \Device\NetbiosSmb IRP_MJ_DEVICE_CONTROL 899251F8
Device \Driver\NetBT \Device\NetbiosSmb IRP_MJ_INTERNAL_DEVICE_CONTROL 899251F8
Device \Driver\NetBT \Device\NetbiosSmb IRP_MJ_CLEANUP 899251F8
Device \Driver\NetBT \Device\NetbiosSmb IRP_MJ_PNP 899251F8
Device \Driver\usbohci \Device\USBFDO-0 IRP_MJ_CREATE 89971368
Device \Driver\usbohci \Device\USBFDO-0 IRP_MJ_CLOSE 89971368
Device \Driver\usbohci \Device\USBFDO-0 IRP_MJ_DEVICE_CONTROL 89971368
Device \Driver\usbohci \Device\USBFDO-0 IRP_MJ_INTERNAL_DEVICE_CONTROL 89971368
Device \Driver\usbohci \Device\USBFDO-0 IRP_MJ_POWER 89971368
Device \Driver\usbohci \Device\USBFDO-0 IRP_MJ_SYSTEM_CONTROL 89971368
Device \Driver\usbohci \Device\USBFDO-0 IRP_MJ_PNP 89971368
Device \Driver\usbohci \Device\USBFDO-1 IRP_MJ_CREATE 89971368
Device \Driver\usbohci \Device\USBFDO-1 IRP_MJ_CLOSE 89971368
Device \Driver\usbohci \Device\USBFDO-1 IRP_MJ_DEVICE_CONTROL 89971368
Device \Driver\usbohci \Device\USBFDO-1 IRP_MJ_INTERNAL_DEVICE_CONTROL 89971368
Device \Driver\usbohci \Device\USBFDO-1 IRP_MJ_POWER 89971368
Device \Driver\usbohci \Device\USBFDO-1 IRP_MJ_SYSTEM_CONTROL 89971368
Device \Driver\usbohci \Device\USBFDO-1 IRP_MJ_PNP 89971368
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_CREATE 899231F8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_CREATE_NAMED_PIPE 899231F8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_CLOSE 899231F8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_READ 899231F8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_WRITE 899231F8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_QUERY_INFORMATION 899231F8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_SET_INFORMATION 899231F8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_QUERY_EA 899231F8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_SET_EA 899231F8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_FLUSH_BUFFERS 899231F8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_QUERY_VOLUME_INFORMATION 899231F8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_SET_VOLUME_INFORMATION 899231F8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_DIRECTORY_CONTROL 899231F8
GMER 1.0.12.12011 - http://www.gmer.net
Rootkit scan 2010-02-21 11:51:10
Windows 5.1.2600 Service Pack 3
---- System - GMER 1.0.12 ----
SSDT \??\C:\WINDOWS\system32\drivers\sp_rsdrv2.sys ZwClose
SSDT \??\C:\WINDOWS\system32\drivers\sp_rsdrv2.sys ZwCreateFile
SSDT \??\C:\WINDOWS\system32\drivers\sp_rsdrv2.sys ZwCreateKey
SSDT \??\C:\WINDOWS\system32\drivers\sp_rsdrv2.sys ZwCreateSection
SSDT \??\C:\WINDOWS\system32\drivers\sp_rsdrv2.sys ZwDeleteKey
SSDT \??\C:\WINDOWS\system32\drivers\sp_rsdrv2.sys ZwDeleteValueKey
SSDT spln.sys ZwEnumerateKey
SSDT spln.sys ZwEnumerateValueKey
SSDT \??\C:\WINDOWS\system32\drivers\sp_rsdrv2.sys ZwLoadDriver
SSDT \??\C:\WINDOWS\system32\drivers\sp_rsdrv2.sys ZwOpenFile
SSDT spln.sys ZwOpenKey
SSDT spln.sys ZwQueryKey
SSDT spln.sys ZwQueryValueKey
SSDT \??\C:\WINDOWS\system32\drivers\sp_rsdrv2.sys ZwSetInformationFile
SSDT \??\C:\WINDOWS\system32\drivers\sp_rsdrv2.sys ZwSetValueKey
SSDT \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS ZwTerminateProcess
SSDT \??\C:\WINDOWS\system32\drivers\sp_rsdrv2.sys ZwWriteFile
---- Kernel code sections - GMER 1.0.12 ----
.text ntkrnlpa.exe!ZwCallbackReturn + 2C58 805044F4 1 Byte [ EC ]
.text ntkrnlpa.exe!ZwCallbackReturn + 2C5A 805044F6 2 Bytes [ A1, AC ]
.text USBPORT.SYS!DllUnload B8F228AC 5 Bytes JMP 898C64E0
.text aeppis4k.SYS B8E95386 35 Bytes [ 00, 00, 00, 00, 00, 00, 20, ... ]
.text aeppis4k.SYS B8E953AA 24 Bytes [ 00, 00, 00, 00, 00, 00, 00, ... ]
.text aeppis4k.SYS B8E953C4 3 Bytes [ 00, 80, 02 ]
.text aeppis4k.SYS B8E953C9 1 Byte [ 30 ]
.text aeppis4k.SYS B8E953CB 9 Bytes [ 00, 00, 5E, 02, 00, 00, 00, ... ]
.text ...
---- User code sections - GMER 1.0.12 ----
.text C:\Program Files\Analog Devices\Core\smax4pnp.exe[628] kernel32.dll!LoadLibraryA 7C801D7B 5 Bytes JMP 00D36E60 C:\Program Files\Ray Adams\ATI Tray Tools\raphook.dll
.text C:\Documents and Settings\Jerkyss\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe[1160] kernel32.dll!LoadLibraryA 7C801D7B 5 Bytes JMP 10006E60 C:\Program Files\Ray Adams\ATI Tray Tools\raphook.dll
.text C:\PROGRA~1\SPYWAR~1\SpywareTerminatorShield.Exe[1808] kernel32.dll!LoadLibraryA 7C801D7B 5 Bytes JMP 10006E60 C:\Program Files\Ray Adams\ATI Tray Tools\raphook.dll
.text C:\Documents and Settings\Bratr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[2036] kernel32.dll!LoadLibraryA 7C801D7B 5 Bytes JMP 10006E60 C:\Program Files\Ray Adams\ATI Tray Tools\raphook.dll
.text C:\Documents and Settings\Bratr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[2108] kernel32.dll!LoadLibraryA 7C801D7B 5 Bytes JMP 10006E60 C:\Program Files\Ray Adams\ATI Tray Tools\raphook.dll
.text ...
.text C:\Documents and Settings\Bratr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[2768] ntdll.dll!NtCreateFile + 6 7C90D096 4 Bytes [ 28, 00, 15, 00 ]
.text C:\Documents and Settings\Bratr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[2768] ntdll.dll!NtCreateFile + B 7C90D09B 1 Byte [ E2 ]
.text C:\Documents and Settings\Bratr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[2768] ntdll.dll!NtOpenFile + 6 7C90D586 4 Bytes [ 68, 00, 15, 00 ]
.text C:\Documents and Settings\Bratr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[2768] ntdll.dll!NtOpenFile + B 7C90D58B 1 Byte [ E2 ]
.text C:\Documents and Settings\Bratr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[2768] ntdll.dll!NtOpenProcess + 6 7C90D5E6 4 Bytes [ A8, 01, 15, 00 ]
.text C:\Documents and Settings\Bratr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[2768] ntdll.dll!NtOpenProcess + B 7C90D5EB 1 Byte [ E2 ]
.text C:\Documents and Settings\Bratr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[2768] ntdll.dll!NtOpenProcessToken + 6 7C90D5F6 4 Bytes CALL 7B90EAFC
.text C:\Documents and Settings\Bratr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[2768] ntdll.dll!NtOpenProcessToken + B 7C90D5FB 1 Byte [ E2 ]
.text C:\Documents and Settings\Bratr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[2768] ntdll.dll!NtOpenProcessTokenEx + 6 7C90D606 4 Bytes [ A8, 02, 15, 00 ]
.text C:\Documents and Settings\Bratr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[2768] ntdll.dll!NtOpenProcessTokenEx + B 7C90D60B 1 Byte [ E2 ]
.text C:\Documents and Settings\Bratr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[2768] ntdll.dll!NtOpenThread + 6 7C90D646 4 Bytes [ 68, 01, 15, 00 ]
.text C:\Documents and Settings\Bratr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[2768] ntdll.dll!NtOpenThread + B 7C90D64B 1 Byte [ E2 ]
.text C:\Documents and Settings\Bratr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[2768] ntdll.dll!NtOpenThreadToken + 6 7C90D656 4 Bytes [ 68, 02, 15, 00 ]
.text C:\Documents and Settings\Bratr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[2768] ntdll.dll!NtOpenThreadToken + B 7C90D65B 1 Byte [ E2 ]
.text C:\Documents and Settings\Bratr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[2768] ntdll.dll!NtOpenThreadTokenEx + 6 7C90D666 4 Bytes CALL 7B90EB6D
.text C:\Documents and Settings\Bratr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[2768] ntdll.dll!NtOpenThreadTokenEx + B 7C90D66B 1 Byte [ E2 ]
.text C:\Documents and Settings\Bratr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[2768] ntdll.dll!NtQueryAttributesFile + 6 7C90D6F6 4 Bytes [ A8, 00, 15, 00 ]
.text C:\Documents and Settings\Bratr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[2768] ntdll.dll!NtQueryAttributesFile + B 7C90D6FB 1 Byte [ E2 ]
.text C:\Documents and Settings\Bratr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[2768] ntdll.dll!NtQueryFullAttributesFile + 6 7C90D796 4 Bytes CALL 7B90EC9B
.text C:\Documents and Settings\Bratr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[2768] ntdll.dll!NtQueryFullAttributesFile + B 7C90D79B 1 Byte [ E2 ]
.text C:\Documents and Settings\Bratr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[2768] ntdll.dll!NtSetInformationFile + 6 7C90DC46 4 Bytes [ 28, 01, 15, 00 ]
.text C:\Documents and Settings\Bratr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[2768] ntdll.dll!NtSetInformationFile + B 7C90DC4B 1 Byte [ E2 ]
.text C:\Documents and Settings\Bratr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[2768] ntdll.dll!NtSetInformationThread + 6 7C90DC96 4 Bytes [ 28, 02, 15, 00 ]
.text C:\Documents and Settings\Bratr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[2768] ntdll.dll!NtSetInformationThread + B 7C90DC9B 1 Byte [ E2 ]
.text C:\DOCUME~1\Jerkyss\LOCALS~1\temp\Rar$EX00.781\gmer.exe[3168] kernel32.dll!LoadLibraryA 7C801D7B 5 Bytes JMP 10006E60 C:\Program Files\Ray Adams\ATI Tray Tools\raphook.dll
---- Devices - GMER 1.0.12 ----
Device \FileSystem\Ntfs \Ntfs IRP_MJ_CREATE 89DE21F8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_CLOSE 89DE21F8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_READ 89DE21F8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_WRITE 89DE21F8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_INFORMATION 89DE21F8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_SET_INFORMATION 89DE21F8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_EA 89DE21F8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_SET_EA 89DE21F8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_FLUSH_BUFFERS 89DE21F8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_VOLUME_INFORMATION 89DE21F8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_SET_VOLUME_INFORMATION 89DE21F8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_DIRECTORY_CONTROL 89DE21F8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_FILE_SYSTEM_CONTROL 89DE21F8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_DEVICE_CONTROL 89DE21F8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_SHUTDOWN 89DE21F8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_LOCK_CONTROL 89DE21F8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_CLEANUP 89DE21F8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_SECURITY 89DE21F8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_SET_SECURITY 89DE21F8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_QUOTA 89DE21F8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_SET_QUOTA 89DE21F8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_PNP 89DE21F8
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_CREATE 898E6500
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_CLOSE 898E6500
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_READ 898E6500
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_WRITE 898E6500
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_QUERY_INFORMATION 898E6500
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_SET_INFORMATION 898E6500
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_QUERY_EA 898E6500
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_SET_EA 898E6500
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_FLUSH_BUFFERS 898E6500
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_QUERY_VOLUME_INFORMATION 898E6500
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_SET_VOLUME_INFORMATION 898E6500
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_DIRECTORY_CONTROL 898E6500
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_FILE_SYSTEM_CONTROL 898E6500
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_DEVICE_CONTROL 898E6500
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_SHUTDOWN 898E6500
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_LOCK_CONTROL 898E6500
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_CLEANUP 898E6500
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_PNP 898E6500
Device \Driver\NetBT \Device\NetBT_Tcpip_{4DE3892D-89C6-42B0-B296-D0C25E735B35} IRP_MJ_CREATE 899251F8
Device \Driver\NetBT \Device\NetBT_Tcpip_{4DE3892D-89C6-42B0-B296-D0C25E735B35} IRP_MJ_CLOSE 899251F8
Device \Driver\NetBT \Device\NetBT_Tcpip_{4DE3892D-89C6-42B0-B296-D0C25E735B35} IRP_MJ_DEVICE_CONTROL 899251F8
Device \Driver\NetBT \Device\NetBT_Tcpip_{4DE3892D-89C6-42B0-B296-D0C25E735B35} IRP_MJ_INTERNAL_DEVICE_CONTROL 899251F8
Device \Driver\NetBT \Device\NetBT_Tcpip_{4DE3892D-89C6-42B0-B296-D0C25E735B35} IRP_MJ_CLEANUP 899251F8
Device \Driver\NetBT \Device\NetBT_Tcpip_{4DE3892D-89C6-42B0-B296-D0C25E735B35} IRP_MJ_PNP 899251F8
Device \Driver\usbohci \Device\USBPDO-0 IRP_MJ_CREATE 89971368
Device \Driver\usbohci \Device\USBPDO-0 IRP_MJ_CLOSE 89971368
Device \Driver\usbohci \Device\USBPDO-0 IRP_MJ_DEVICE_CONTROL 89971368
Device \Driver\usbohci \Device\USBPDO-0 IRP_MJ_INTERNAL_DEVICE_CONTROL 89971368
Device \Driver\usbohci \Device\USBPDO-0 IRP_MJ_POWER 89971368
Device \Driver\usbohci \Device\USBPDO-0 IRP_MJ_SYSTEM_CONTROL 89971368
Device \Driver\usbohci \Device\USBPDO-0 IRP_MJ_PNP 89971368
Device \Driver\PCI_PNP1988 \Device\00000044 IRP_MJ_CREATE [B9EF2ABC] spln.sys
Device \Driver\PCI_PNP1988 \Device\00000044 IRP_MJ_CREATE_NAMED_PIPE [B9EF2ABC] spln.sys
Device \Driver\PCI_PNP1988 \Device\00000044 IRP_MJ_CLOSE [B9EF2ABC] spln.sys
Device \Driver\PCI_PNP1988 \Device\00000044 IRP_MJ_READ [B9EF2ABC] spln.sys
Device \Driver\PCI_PNP1988 \Device\00000044 IRP_MJ_WRITE [B9EF2ABC] spln.sys
Device \Driver\PCI_PNP1988 \Device\00000044 IRP_MJ_QUERY_INFORMATION [B9EF2ABC] spln.sys
Device \Driver\PCI_PNP1988 \Device\00000044 IRP_MJ_SET_INFORMATION [B9EF2ABC] spln.sys
Device \Driver\PCI_PNP1988 \Device\00000044 IRP_MJ_QUERY_EA [B9EF2ABC] spln.sys
Device \Driver\PCI_PNP1988 \Device\00000044 IRP_MJ_SET_EA [B9EF2ABC] spln.sys
Device \Driver\PCI_PNP1988 \Device\00000044 IRP_MJ_FLUSH_BUFFERS [B9EF2ABC] spln.sys
Device \Driver\PCI_PNP1988 \Device\00000044 IRP_MJ_QUERY_VOLUME_INFORMATION [B9EF2ABC] spln.sys
Device \Driver\PCI_PNP1988 \Device\00000044 IRP_MJ_SET_VOLUME_INFORMATION [B9EF2ABC] spln.sys
Device \Driver\PCI_PNP1988 \Device\00000044 IRP_MJ_DIRECTORY_CONTROL [B9EF2ABC] spln.sys
Device \Driver\PCI_PNP1988 \Device\00000044 IRP_MJ_FILE_SYSTEM_CONTROL [B9EF2ABC] spln.sys
Device \Driver\PCI_PNP1988 \Device\00000044 IRP_MJ_DEVICE_CONTROL [B9EF2ABC] spln.sys
Device \Driver\PCI_PNP1988 \Device\00000044 IRP_MJ_INTERNAL_DEVICE_CONTROL [B9EF2ABC] spln.sys
Device \Driver\PCI_PNP1988 \Device\00000044 IRP_MJ_SHUTDOWN [B9EF2ABC] spln.sys
Device \Driver\PCI_PNP1988 \Device\00000044 IRP_MJ_LOCK_CONTROL [B9EF2ABC] spln.sys
Device \Driver\PCI_PNP1988 \Device\00000044 IRP_MJ_CLEANUP [B9EF2ABC] spln.sys
Device \Driver\PCI_PNP1988 \Device\00000044 IRP_MJ_CREATE_MAILSLOT [B9EF2ABC] spln.sys
Device \Driver\PCI_PNP1988 \Device\00000044 IRP_MJ_QUERY_SECURITY [B9EF2ABC] spln.sys
Device \Driver\PCI_PNP1988 \Device\00000044 IRP_MJ_SET_SECURITY [B9EF2ABC] spln.sys
Device \Driver\PCI_PNP1988 \Device\00000044 IRP_MJ_POWER [B9EBCE30] spln.sys
Device \Driver\PCI_PNP1988 \Device\00000044 IRP_MJ_SYSTEM_CONTROL [B9ECB518] spln.sys
Device \Driver\PCI_PNP1988 \Device\00000044 IRP_MJ_DEVICE_CHANGE [B9EF2ABC] spln.sys
Device \Driver\PCI_PNP1988 \Device\00000044 IRP_MJ_QUERY_QUOTA [B9EF2ABC] spln.sys
Device \Driver\PCI_PNP1988 \Device\00000044 IRP_MJ_SET_QUOTA [B9EF2ABC] spln.sys
Device \Driver\PCI_PNP1988 \Device\00000044 IRP_MJ_PNP [B9EEFCA6] spln.sys
Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_CREATE 89DE41F8
Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_CLOSE 89DE41F8
Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_READ 89DE41F8
Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_WRITE 89DE41F8
Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_FLUSH_BUFFERS 89DE41F8
Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_DEVICE_CONTROL 89DE41F8
Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_INTERNAL_DEVICE_CONTROL 89DE41F8
Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_SHUTDOWN 89DE41F8
Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_POWER 89DE41F8
Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_SYSTEM_CONTROL 89DE41F8
Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_PNP 89DE41F8
Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_CREATE 89DE41F8
Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_CLOSE 89DE41F8
Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_READ 89DE41F8
Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_WRITE 89DE41F8
Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_FLUSH_BUFFERS 89DE41F8
Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_DEVICE_CONTROL 89DE41F8
Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_INTERNAL_DEVICE_CONTROL 89DE41F8
Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_SHUTDOWN 89DE41F8
Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_POWER 89DE41F8
Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_SYSTEM_CONTROL 89DE41F8
Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_PNP 89DE41F8
Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_CREATE 89DE41F8
Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_CLOSE 89DE41F8
Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_READ 89DE41F8
Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_WRITE 89DE41F8
Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_FLUSH_BUFFERS 89DE41F8
Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_DEVICE_CONTROL 89DE41F8
Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_INTERNAL_DEVICE_CONTROL 89DE41F8
Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_SHUTDOWN 89DE41F8
Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_POWER 89DE41F8
Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_SYSTEM_CONTROL 89DE41F8
Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_PNP 89DE41F8
Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_CREATE 89DE41F8
Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_CLOSE 89DE41F8
Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_READ 89DE41F8
Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_WRITE 89DE41F8
Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_FLUSH_BUFFERS 89DE41F8
Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_DEVICE_CONTROL 89DE41F8
Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_INTERNAL_DEVICE_CONTROL 89DE41F8
Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_SHUTDOWN 89DE41F8
Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_POWER 89DE41F8
Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_SYSTEM_CONTROL 89DE41F8
Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_PNP 89DE41F8
Device \Driver\usbohci \Device\USBPDO-1 IRP_MJ_CREATE 89971368
Device \Driver\usbohci \Device\USBPDO-1 IRP_MJ_CLOSE 89971368
Device \Driver\usbohci \Device\USBPDO-1 IRP_MJ_DEVICE_CONTROL 89971368
Device \Driver\usbohci \Device\USBPDO-1 IRP_MJ_INTERNAL_DEVICE_CONTROL 89971368
Device \Driver\usbohci \Device\USBPDO-1 IRP_MJ_POWER 89971368
Device \Driver\usbohci \Device\USBPDO-1 IRP_MJ_SYSTEM_CONTROL 89971368
Device \Driver\usbohci \Device\USBPDO-1 IRP_MJ_PNP 89971368
Device \Driver\usbohci \Device\USBPDO-2 IRP_MJ_CREATE 89971368
Device \Driver\usbohci \Device\USBPDO-2 IRP_MJ_CLOSE 89971368
Device \Driver\usbohci \Device\USBPDO-2 IRP_MJ_DEVICE_CONTROL 89971368
Device \Driver\usbohci \Device\USBPDO-2 IRP_MJ_INTERNAL_DEVICE_CONTROL 89971368
Device \Driver\usbohci \Device\USBPDO-2 IRP_MJ_POWER 89971368
Device \Driver\usbohci \Device\USBPDO-2 IRP_MJ_SYSTEM_CONTROL 89971368
Device \Driver\usbohci \Device\USBPDO-2 IRP_MJ_PNP 89971368
Device \Driver\usbohci \Device\USBPDO-3 IRP_MJ_CREATE 89971368
Device \Driver\usbohci \Device\USBPDO-3 IRP_MJ_CLOSE 89971368
Device \Driver\usbohci \Device\USBPDO-3 IRP_MJ_DEVICE_CONTROL 89971368
Device \Driver\usbohci \Device\USBPDO-3 IRP_MJ_INTERNAL_DEVICE_CONTROL 89971368
Device \Driver\usbohci \Device\USBPDO-3 IRP_MJ_POWER 89971368
Device \Driver\usbohci \Device\USBPDO-3 IRP_MJ_SYSTEM_CONTROL 89971368
Device \Driver\usbohci \Device\USBPDO-3 IRP_MJ_PNP 89971368
Device \Driver\usbohci \Device\USBPDO-4 IRP_MJ_CREATE 89971368
Device \Driver\usbohci \Device\USBPDO-4 IRP_MJ_CLOSE 89971368
Device \Driver\usbohci \Device\USBPDO-4 IRP_MJ_DEVICE_CONTROL 89971368
Device \Driver\usbohci \Device\USBPDO-4 IRP_MJ_INTERNAL_DEVICE_CONTROL 89971368
Device \Driver\usbohci \Device\USBPDO-4 IRP_MJ_POWER 89971368
Device \Driver\usbohci \Device\USBPDO-4 IRP_MJ_SYSTEM_CONTROL 89971368
Device \Driver\usbohci \Device\USBPDO-4 IRP_MJ_PNP 89971368
Device \Driver\usbehci \Device\USBPDO-5 IRP_MJ_CREATE 89BEC500
Device \Driver\usbehci \Device\USBPDO-5 IRP_MJ_CLOSE 89BEC500
Device \Driver\usbehci \Device\USBPDO-5 IRP_MJ_DEVICE_CONTROL 89BEC500
Device \Driver\usbehci \Device\USBPDO-5 IRP_MJ_INTERNAL_DEVICE_CONTROL 89BEC500
Device \Driver\usbehci \Device\USBPDO-5 IRP_MJ_POWER 89BEC500
Device \Driver\usbehci \Device\USBPDO-5 IRP_MJ_SYSTEM_CONTROL 89BEC500
Device \Driver\usbehci \Device\USBPDO-5 IRP_MJ_PNP 89BEC500
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_CREATE 89E541F8
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_READ 89E541F8
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_WRITE 89E541F8
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_FLUSH_BUFFERS 89E541F8
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_DEVICE_CONTROL 89E541F8
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_INTERNAL_DEVICE_CONTROL 89E541F8
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_SHUTDOWN 89E541F8
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_CLEANUP 89E541F8
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_POWER 89E541F8
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_SYSTEM_CONTROL 89E541F8
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_PNP 89E541F8
Device \Driver\NetBT \Device\NetBT_Tcpip_{1B7D9641-B70C-4E1D-8D97-06C4E6FF6A06} IRP_MJ_CREATE 899251F8
Device \Driver\NetBT \Device\NetBT_Tcpip_{1B7D9641-B70C-4E1D-8D97-06C4E6FF6A06} IRP_MJ_CLOSE 899251F8
Device \Driver\NetBT \Device\NetBT_Tcpip_{1B7D9641-B70C-4E1D-8D97-06C4E6FF6A06} IRP_MJ_DEVICE_CONTROL 899251F8
Device \Driver\NetBT \Device\NetBT_Tcpip_{1B7D9641-B70C-4E1D-8D97-06C4E6FF6A06} IRP_MJ_INTERNAL_DEVICE_CONTROL 899251F8
Device \Driver\NetBT \Device\NetBT_Tcpip_{1B7D9641-B70C-4E1D-8D97-06C4E6FF6A06} IRP_MJ_CLEANUP 899251F8
Device \Driver\NetBT \Device\NetBT_Tcpip_{1B7D9641-B70C-4E1D-8D97-06C4E6FF6A06} IRP_MJ_PNP 899251F8
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_CREATE 89BB6480
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_CLOSE 89BB6480
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_READ 89BB6480
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_WRITE 89BB6480
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_FLUSH_BUFFERS 89BB6480
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_DEVICE_CONTROL 89BB6480
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_INTERNAL_DEVICE_CONTROL 89BB6480
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_SHUTDOWN 89BB6480
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_POWER 89BB6480
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_SYSTEM_CONTROL 89BB6480
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_PNP 89BB6480
Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_CREATE 89E541F8
Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_READ 89E541F8
Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_WRITE 89E541F8
Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_FLUSH_BUFFERS 89E541F8
Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_DEVICE_CONTROL 89E541F8
Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_INTERNAL_DEVICE_CONTROL 89E541F8
Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_SHUTDOWN 89E541F8
Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_CLEANUP 89E541F8
Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_POWER 89E541F8
Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_SYSTEM_CONTROL 89E541F8
Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_PNP 89E541F8
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_CREATE 89BB6480
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_CLOSE 89BB6480
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_READ 89BB6480
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_WRITE 89BB6480
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_FLUSH_BUFFERS 89BB6480
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_DEVICE_CONTROL 89BB6480
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_INTERNAL_DEVICE_CONTROL 89BB6480
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_SHUTDOWN 89BB6480
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_POWER 89BB6480
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_SYSTEM_CONTROL 89BB6480
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_PNP 89BB6480
Device \Driver\NetBT \Device\NetBt_Wins_Export IRP_MJ_CREATE 899251F8
Device \Driver\NetBT \Device\NetBt_Wins_Export IRP_MJ_CLOSE 899251F8
Device \Driver\NetBT \Device\NetBt_Wins_Export IRP_MJ_DEVICE_CONTROL 899251F8
Device \Driver\NetBT \Device\NetBt_Wins_Export IRP_MJ_INTERNAL_DEVICE_CONTROL 899251F8
Device \Driver\NetBT \Device\NetBt_Wins_Export IRP_MJ_CLEANUP 899251F8
Device \Driver\NetBT \Device\NetBt_Wins_Export IRP_MJ_PNP 899251F8
Device \Driver\NetBT \Device\NetbiosSmb IRP_MJ_CREATE 899251F8
Device \Driver\NetBT \Device\NetbiosSmb IRP_MJ_CLOSE 899251F8
Device \Driver\NetBT \Device\NetbiosSmb IRP_MJ_DEVICE_CONTROL 899251F8
Device \Driver\NetBT \Device\NetbiosSmb IRP_MJ_INTERNAL_DEVICE_CONTROL 899251F8
Device \Driver\NetBT \Device\NetbiosSmb IRP_MJ_CLEANUP 899251F8
Device \Driver\NetBT \Device\NetbiosSmb IRP_MJ_PNP 899251F8
Device \Driver\usbohci \Device\USBFDO-0 IRP_MJ_CREATE 89971368
Device \Driver\usbohci \Device\USBFDO-0 IRP_MJ_CLOSE 89971368
Device \Driver\usbohci \Device\USBFDO-0 IRP_MJ_DEVICE_CONTROL 89971368
Device \Driver\usbohci \Device\USBFDO-0 IRP_MJ_INTERNAL_DEVICE_CONTROL 89971368
Device \Driver\usbohci \Device\USBFDO-0 IRP_MJ_POWER 89971368
Device \Driver\usbohci \Device\USBFDO-0 IRP_MJ_SYSTEM_CONTROL 89971368
Device \Driver\usbohci \Device\USBFDO-0 IRP_MJ_PNP 89971368
Device \Driver\usbohci \Device\USBFDO-1 IRP_MJ_CREATE 89971368
Device \Driver\usbohci \Device\USBFDO-1 IRP_MJ_CLOSE 89971368
Device \Driver\usbohci \Device\USBFDO-1 IRP_MJ_DEVICE_CONTROL 89971368
Device \Driver\usbohci \Device\USBFDO-1 IRP_MJ_INTERNAL_DEVICE_CONTROL 89971368
Device \Driver\usbohci \Device\USBFDO-1 IRP_MJ_POWER 89971368
Device \Driver\usbohci \Device\USBFDO-1 IRP_MJ_SYSTEM_CONTROL 89971368
Device \Driver\usbohci \Device\USBFDO-1 IRP_MJ_PNP 89971368
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_CREATE 899231F8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_CREATE_NAMED_PIPE 899231F8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_CLOSE 899231F8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_READ 899231F8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_WRITE 899231F8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_QUERY_INFORMATION 899231F8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_SET_INFORMATION 899231F8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_QUERY_EA 899231F8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_SET_EA 899231F8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_FLUSH_BUFFERS 899231F8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_QUERY_VOLUME_INFORMATION 899231F8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_SET_VOLUME_INFORMATION 899231F8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_DIRECTORY_CONTROL 899231F8
-
Rudy
- Site Admin
- Příspěvky: 119405
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: XP zamrznutí
Požádám vás ještě o sken IceSword: http://www.viry.cz/forum/viewtopic.php?f=29&t=11394 . Dejte logy Process a KernelModule.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: XP zamrznutí
Process:
System Idle Process
System
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Documents and Settings\Jerkyss\Plocha\IceSword122en\IceSword.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Documents and Settings\Jerkyss\Local Settings\Data aplikacˇ\Google\Update\GoogleUpdate.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ati2evxx.exe
C:\Program Files\AVG\AVG9\avgchsvx.exe
C:\Program Files\AVG\AVG9\avgrsx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\AVG\AVG9\avgwdsvc.exe
C:\WINDOWS\system32\alg.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\Program Files\AVG\AVG9\avgnsx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\AVG\AVG9\avgemc.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Jerkyss\Plocha\IceSword122en\IceSword.exe
Kernel Module:
\WINDOWS\system32\ntkrnlpa.exe
\WINDOWS\system32\hal.dll
\WINDOWS\system32\KDCOM.DLL
\WINDOWS\system32\BOOTVID.dll
spwx.sys
\WINDOWS\System32\Drivers\WMILIB.SYS
\WINDOWS\System32\Drivers\SCSIPORT.SYS
ACPI.sys
pci.sys
ohci1394.sys
\WINDOWS\system32\DRIVERS\1394BUS.SYS
isapnp.sys
pciide.sys
\WINDOWS\system32\DRIVERS\PCIIDEX.SYS
MountMgr.sys
ftdisk.sys
dmload.sys
dmio.sys
PartMgr.sys
VolSnap.sys
atapi.sys
jraid.sys
disk.sys
\WINDOWS\system32\DRIVERS\CLASSPNP.SYS
fltMgr.sys
sr.sys
PxHelp20.sys
KSecDD.sys
Ntfs.sys
NDIS.sys
Mup.sys
JGOGO.sys
\SystemRoot\system32\DRIVERS\AmdK8.sys
\SystemRoot\system32\DRIVERS\ati2mtag.sys
\SystemRoot\system32\DRIVERS\VIDEOPRT.SYS
\SystemRoot\system32\DRIVERS\HDAudBus.sys
\SystemRoot\system32\DRIVERS\imapi.sys
\SystemRoot\system32\DRIVERS\cdrom.sys
\SystemRoot\system32\DRIVERS\redbook.sys
\SystemRoot\system32\DRIVERS\ks.sys
\SystemRoot\system32\DRIVERS\usbohci.sys
\SystemRoot\system32\DRIVERS\USBPORT.SYS
\SystemRoot\system32\DRIVERS\usbehci.sys
\SystemRoot\system32\DRIVERS\fdc.sys
\SystemRoot\system32\DRIVERS\kbdclass.sys
\SystemRoot\system32\DRIVERS\mouclass.sys
\SystemRoot\system32\DRIVERS\ASACPI.sys
\SystemRoot\system32\DRIVERS\serial.sys
\SystemRoot\system32\DRIVERS\serenum.sys
\SystemRoot\system32\DRIVERS\nic1394.sys
\SystemRoot\system32\DRIVERS\yk51x86.sys
\SystemRoot\System32\Drivers\amefwagw.SYS
\SystemRoot\system32\DRIVERS\audstub.sys
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\system32\DRIVERS\psched.sys
\SystemRoot\system32\DRIVERS\msgpc.sys
\SystemRoot\system32\DRIVERS\ptilink.sys
\SystemRoot\system32\DRIVERS\raspti.sys
\SystemRoot\system32\DRIVERS\hamachi.sys
\SystemRoot\system32\DRIVERS\rdpdr.sys
\SystemRoot\system32\DRIVERS\termdd.sys
\SystemRoot\system32\DRIVERS\swenum.sys
\SystemRoot\system32\DRIVERS\update.sys
\SystemRoot\system32\DRIVERS\mssmbios.sys
\SystemRoot\system32\DRIVERS\AmdLLD.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\system32\drivers\AtiHdmi.sys
\SystemRoot\system32\drivers\portcls.sys
\SystemRoot\system32\drivers\drmk.sys
\SystemRoot\system32\DRIVERS\usbhub.sys
\SystemRoot\system32\DRIVERS\USBD.SYS
\SystemRoot\system32\drivers\ADIHdAud.sys
\SystemRoot\system32\drivers\AEAudio.sys
\SystemRoot\system32\drivers\Senfilt.sys
\SystemRoot\system32\DRIVERS\flpydisk.sys
\SystemRoot\System32\Drivers\Fs_Rec.SYS
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\system32\DRIVERS\HIDPARSE.SYS
\SystemRoot\System32\drivers\vga.sys
\SystemRoot\System32\Drivers\mnmdd.SYS
\SystemRoot\System32\DRIVERS\RDPCDD.sys
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\system32\DRIVERS\rasacd.sys
\SystemRoot\system32\DRIVERS\ipsec.sys
\SystemRoot\system32\DRIVERS\tcpip.sys
\SystemRoot\System32\Drivers\avgtdix.sys
\SystemRoot\system32\DRIVERS\ipnat.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\SystemRoot\system32\DRIVERS\arp1394.sys
\SystemRoot\system32\DRIVERS\netbt.sys
\SystemRoot\System32\drivers\afd.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\??\C:\WINDOWS\system32\drivers\sp_rsdrv2.sys
\??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
\??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\System32\Drivers\Fips.SYS
\SystemRoot\System32\Drivers\avgmfx86.sys
\SystemRoot\System32\Drivers\avgldx86.sys
\SystemRoot\system32\DRIVERS\usbccgp.sys
\SystemRoot\system32\DRIVERS\hidusb.sys
\SystemRoot\system32\DRIVERS\HIDCLASS.SYS
\SystemRoot\system32\DRIVERS\mouhid.sys
\SystemRoot\system32\DRIVERS\kbdhid.sys
\??\C:\Program Files\Ray Adams\ATI Tray Tools\atitray.sys
\SystemRoot\System32\Drivers\Fastfat.SYS
\SystemRoot\System32\Drivers\Cdfs.SYS
\SystemRoot\System32\Drivers\dump_atapi.sys
\SystemRoot\System32\Drivers\dump_WMILIB.SYS
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\Dxapi.sys
\SystemRoot\System32\watchdog.sys
\SystemRoot\System32\drivers\dxg.sys
\SystemRoot\System32\drivers\dxgthk.sys
\SystemRoot\System32\ati2dvag.dll
\SystemRoot\System32\ati2cqag.dll
\SystemRoot\System32\atikvmag.dll
\SystemRoot\System32\atiok3x2.dll
\SystemRoot\System32\ati3duag.dll
\SystemRoot\System32\ativvaxx.dll
\SystemRoot\System32\ATMFD.DLL
\SystemRoot\system32\DRIVERS\ndisuio.sys
\SystemRoot\system32\drivers\wdmaud.sys
\SystemRoot\system32\drivers\sysaudio.sys
\SystemRoot\system32\DRIVERS\mrxdav.sys
\SystemRoot\system32\DRIVERS\srv.sys
\SystemRoot\System32\Drivers\HTTP.sys
\??\C:\Program Files\SUPERAntiSpyware\SASENUM.SYS
\SystemRoot\System32\Drivers\IsDrv122.sys
\SystemRoot\System32\Drivers\jsskpj.sys
\WINDOWS\system32\ntdll.dll
\Program Files\DAEMON Tools Lite\Engine.dll
C:\WINDOWS\System32\Drivers\sptd.sys
System Idle Process
System
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Documents and Settings\Jerkyss\Plocha\IceSword122en\IceSword.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Documents and Settings\Jerkyss\Local Settings\Data aplikacˇ\Google\Update\GoogleUpdate.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ati2evxx.exe
C:\Program Files\AVG\AVG9\avgchsvx.exe
C:\Program Files\AVG\AVG9\avgrsx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\AVG\AVG9\avgwdsvc.exe
C:\WINDOWS\system32\alg.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\Program Files\AVG\AVG9\avgnsx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\AVG\AVG9\avgemc.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Jerkyss\Plocha\IceSword122en\IceSword.exe
Kernel Module:
\WINDOWS\system32\ntkrnlpa.exe
\WINDOWS\system32\hal.dll
\WINDOWS\system32\KDCOM.DLL
\WINDOWS\system32\BOOTVID.dll
spwx.sys
\WINDOWS\System32\Drivers\WMILIB.SYS
\WINDOWS\System32\Drivers\SCSIPORT.SYS
ACPI.sys
pci.sys
ohci1394.sys
\WINDOWS\system32\DRIVERS\1394BUS.SYS
isapnp.sys
pciide.sys
\WINDOWS\system32\DRIVERS\PCIIDEX.SYS
MountMgr.sys
ftdisk.sys
dmload.sys
dmio.sys
PartMgr.sys
VolSnap.sys
atapi.sys
jraid.sys
disk.sys
\WINDOWS\system32\DRIVERS\CLASSPNP.SYS
fltMgr.sys
sr.sys
PxHelp20.sys
KSecDD.sys
Ntfs.sys
NDIS.sys
Mup.sys
JGOGO.sys
\SystemRoot\system32\DRIVERS\AmdK8.sys
\SystemRoot\system32\DRIVERS\ati2mtag.sys
\SystemRoot\system32\DRIVERS\VIDEOPRT.SYS
\SystemRoot\system32\DRIVERS\HDAudBus.sys
\SystemRoot\system32\DRIVERS\imapi.sys
\SystemRoot\system32\DRIVERS\cdrom.sys
\SystemRoot\system32\DRIVERS\redbook.sys
\SystemRoot\system32\DRIVERS\ks.sys
\SystemRoot\system32\DRIVERS\usbohci.sys
\SystemRoot\system32\DRIVERS\USBPORT.SYS
\SystemRoot\system32\DRIVERS\usbehci.sys
\SystemRoot\system32\DRIVERS\fdc.sys
\SystemRoot\system32\DRIVERS\kbdclass.sys
\SystemRoot\system32\DRIVERS\mouclass.sys
\SystemRoot\system32\DRIVERS\ASACPI.sys
\SystemRoot\system32\DRIVERS\serial.sys
\SystemRoot\system32\DRIVERS\serenum.sys
\SystemRoot\system32\DRIVERS\nic1394.sys
\SystemRoot\system32\DRIVERS\yk51x86.sys
\SystemRoot\System32\Drivers\amefwagw.SYS
\SystemRoot\system32\DRIVERS\audstub.sys
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\system32\DRIVERS\psched.sys
\SystemRoot\system32\DRIVERS\msgpc.sys
\SystemRoot\system32\DRIVERS\ptilink.sys
\SystemRoot\system32\DRIVERS\raspti.sys
\SystemRoot\system32\DRIVERS\hamachi.sys
\SystemRoot\system32\DRIVERS\rdpdr.sys
\SystemRoot\system32\DRIVERS\termdd.sys
\SystemRoot\system32\DRIVERS\swenum.sys
\SystemRoot\system32\DRIVERS\update.sys
\SystemRoot\system32\DRIVERS\mssmbios.sys
\SystemRoot\system32\DRIVERS\AmdLLD.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\system32\drivers\AtiHdmi.sys
\SystemRoot\system32\drivers\portcls.sys
\SystemRoot\system32\drivers\drmk.sys
\SystemRoot\system32\DRIVERS\usbhub.sys
\SystemRoot\system32\DRIVERS\USBD.SYS
\SystemRoot\system32\drivers\ADIHdAud.sys
\SystemRoot\system32\drivers\AEAudio.sys
\SystemRoot\system32\drivers\Senfilt.sys
\SystemRoot\system32\DRIVERS\flpydisk.sys
\SystemRoot\System32\Drivers\Fs_Rec.SYS
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\system32\DRIVERS\HIDPARSE.SYS
\SystemRoot\System32\drivers\vga.sys
\SystemRoot\System32\Drivers\mnmdd.SYS
\SystemRoot\System32\DRIVERS\RDPCDD.sys
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\system32\DRIVERS\rasacd.sys
\SystemRoot\system32\DRIVERS\ipsec.sys
\SystemRoot\system32\DRIVERS\tcpip.sys
\SystemRoot\System32\Drivers\avgtdix.sys
\SystemRoot\system32\DRIVERS\ipnat.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\SystemRoot\system32\DRIVERS\arp1394.sys
\SystemRoot\system32\DRIVERS\netbt.sys
\SystemRoot\System32\drivers\afd.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\??\C:\WINDOWS\system32\drivers\sp_rsdrv2.sys
\??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
\??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\System32\Drivers\Fips.SYS
\SystemRoot\System32\Drivers\avgmfx86.sys
\SystemRoot\System32\Drivers\avgldx86.sys
\SystemRoot\system32\DRIVERS\usbccgp.sys
\SystemRoot\system32\DRIVERS\hidusb.sys
\SystemRoot\system32\DRIVERS\HIDCLASS.SYS
\SystemRoot\system32\DRIVERS\mouhid.sys
\SystemRoot\system32\DRIVERS\kbdhid.sys
\??\C:\Program Files\Ray Adams\ATI Tray Tools\atitray.sys
\SystemRoot\System32\Drivers\Fastfat.SYS
\SystemRoot\System32\Drivers\Cdfs.SYS
\SystemRoot\System32\Drivers\dump_atapi.sys
\SystemRoot\System32\Drivers\dump_WMILIB.SYS
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\Dxapi.sys
\SystemRoot\System32\watchdog.sys
\SystemRoot\System32\drivers\dxg.sys
\SystemRoot\System32\drivers\dxgthk.sys
\SystemRoot\System32\ati2dvag.dll
\SystemRoot\System32\ati2cqag.dll
\SystemRoot\System32\atikvmag.dll
\SystemRoot\System32\atiok3x2.dll
\SystemRoot\System32\ati3duag.dll
\SystemRoot\System32\ativvaxx.dll
\SystemRoot\System32\ATMFD.DLL
\SystemRoot\system32\DRIVERS\ndisuio.sys
\SystemRoot\system32\drivers\wdmaud.sys
\SystemRoot\system32\drivers\sysaudio.sys
\SystemRoot\system32\DRIVERS\mrxdav.sys
\SystemRoot\system32\DRIVERS\srv.sys
\SystemRoot\System32\Drivers\HTTP.sys
\??\C:\Program Files\SUPERAntiSpyware\SASENUM.SYS
\SystemRoot\System32\Drivers\IsDrv122.sys
\SystemRoot\System32\Drivers\jsskpj.sys
\WINDOWS\system32\ntdll.dll
\Program Files\DAEMON Tools Lite\Engine.dll
C:\WINDOWS\System32\Drivers\sptd.sys
-
Rudy
- Site Admin
- Příspěvky: 119405
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: XP zamrznutí
Rootkit v PC nemáte. Zkuste obnovu systému k datu, kdy korektně fungoval.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: XP zamrznutí
a jak udělám tu obnovu systému k datu kdy fungoval? je na to nějaký nástroj ke stažení?
-
Rudy
- Site Admin
- Příspěvky: 119405
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: XP zamrznutí
Start>všechny programy>příslušenství>systémové nástroje>obnovení systému.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: XP zamrznutí
Bohužel mě OS nedokáže najít žádný předchozí bod obnovení, pouze dnešní datum je k dispozici ale problém se zasekáváním mám již třetí den...
-
Rudy
- Site Admin
- Příspěvky: 119405
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: XP zamrznutí
Zkuste udělat sken AVPTool: http://www.viry.cz/forum/viewtopic.php?f=29&t=58179 , abychom potvrdili, či vyloučili vliv viru. Podle výsledku zvolíme řešení.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?