
 
Nie wiem co mam zrobic, prosze o pomoc...
 
				
 
	
Logfile of HijackThis v1.99.1
Scan saved at 12:21:39, on 2007-01-28
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2600.0000)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\RUNDLL32.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\D-Tools\daemon.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Gadu-Gadu\gg.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\HPZipm12.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Winamp\winamp.exe
C:\Program Files\Winamp\winamp.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Dan\Moje dokumenty\hijackthis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.wp.pl/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Gainward] C:\WINDOWS\TBPanel.exe /A
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [nTrayFw] C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nTrayFw.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Gadu-Gadu] "C:\Program Files\Gadu-Gadu\gg.exe" /tray
O4 - HKCU\..\Run: [Komunikator] C:\Program Files\Tlen.pl\tlen.exe
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM95\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: Download all links using BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: Download all videos using BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: Download link using &BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM95\aim.exe
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {1A781DED-C22D-4153-3213-A3211E29DF13} (GameDesire Card Games) - http://67.15.101.3/g_bin/pl/cards_2_0_0_71.cab
O16 - DPF: {41ACD49D-1974-791A-0981-AA9872721044} (Ganymede Board Games) - http://67.15.101.3/g_bin/pl/boards_2_0_0_30.cab
O16 - DPF: {AD7013FF-1D9A-4F36-94A6-3CD408A663F9} (GameDesire BreakOut) - http://67.15.101.3/g_bin/pl/breakout_2_0_0_24.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://cdn2.zone.msn.com/binFramework/v10/ZIntro.cab53083.cab
O16 - DPF: {E23FABEE-12E3-33DA-DA12-195DAC123984} (GameDesire Mahjong) - http://67.15.101.3/g_bin/pl/mahjong_2_0_0_24.cab
O16 - DPF: {FDDBE2B8-6602-4AD8-946D-94C5A32FA6C5} (GameDesire Snooker) - http://67.15.101.3/g_bin/pl/snooker_2_0_0_28.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
O23 - Service: Forceware Web Interface (ForcewareWebInterface) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe" -k runservice (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: ForceWare IP service (nSvcIp) - NVIDIA - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
O23 - Service: ForceWare user log service (nSvcLog) - NVIDIA - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
"Silent Runners.vbs", revision 49, http://www.silentrunners.org/
Operating System: Windows XP
Output limited to non-default values, except where indicated by "{++}"
Startup items buried in registry:
---------------------------------
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\ {++}
"CTFMON.EXE" = "C:\WINDOWS\System32\ctfmon.exe" [MS]
"MSMSGS" = ""C:\Program Files\Messenger\msmsgs.exe" /background" [MS]
"Gadu-Gadu" = ""C:\Program Files\Gadu-Gadu\gg.exe" /tray" ["Gadu-Gadu S.A."]
"Komunikator" = "C:\Program Files\Tlen.pl\tlen.exe" [file not found]
"AIM" = "C:\Program Files\AIM95\aim.exe -cnetwait.odl" ["America Online, Inc."]
"MsnMsgr" = ""C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background" [MS]
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\ {++}
"NeroFilterCheck" = "C:\WINDOWS\system32\NeroCheck.exe" ["Ahead Software Gmbh"]
"Gainward" = "C:\WINDOWS\TBPanel.exe /A" ["Gainward Co."]
"NvCplDaemon" = "RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup" [MS]
"nwiz" = "nwiz.exe /install" ["NVIDIA Corporation"]
"NvMediaCenter" = "RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit" [MS]
"nTrayFw" = "C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nTrayFw.exe" ["NVIDIA Corporation"]
"SoundMan" = "SOUNDMAN.EXE" ["Realtek Semiconductor Corp."]
"SunJavaUpdateSched" = ""C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"" ["Sun Microsystems, Inc."]
"avast!" = "C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [null data]
"HP Software Update" = "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" ["Hewlett-Packard Co."]
"WinampAgent" = "C:\Program Files\Winamp\winampa.exe" [null data]
"DAEMON Tools-1033" = ""C:\Program Files\D-Tools\daemon.exe" -lang 1033" ["DAEMON'S HOME"]
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}\(Default) = (no title provided)
-> {HKLM...CLSID} = "AcroIEHlprObj Class"
\InProcServer32\(Default) = "C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx" [empty string]
{39F7E362-828A-4B5A-BCAF-5B79BFDFEA60}\(Default) = "BitComet ClickCapture"
-> {HKLM...CLSID} = "BitComet Helper"
\InProcServer32\(Default) = "C:\Program Files\BitComet\tools\BitCometBHO.dll" ["BitComet"]
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\(Default) = (no title provided)
-> {HKLM...CLSID} = "SSVHelper Class"
\InProcServer32\(Default) = "C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll" ["Sun Microsystems, Inc."]
HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\
"{42071714-76d4-11d1-8b24-00a0c9068ff3}" = "Rozszerzenie CPL kadrowania wyświetlania"
-> {HKLM...CLSID} = "Rozszerzenie CPL kadrowania wyświetlania"
\InProcServer32\(Default) = "deskpan.dll" [file not found]
"{88895560-9AA2-1069-930E-00AA0030EBC8}" = "Rozszerzenie ikony HyperTerminalu"
-> {HKLM...CLSID} = "HyperTerminal Icon Ext"
\InProcServer32\(Default) = "C:\WINDOWS\System32\hticons.dll" ["Hilgraeve, Inc."]
 Poczekaj az sie wygeneruje caly, a poinformue cie o tym komunikat...
 Poczekaj az sie wygeneruje caly, a poinformue cie o tym komunikat... 

 
	
"Silent Runners.vbs", revision 49, http://www.silentrunners.org/
Operating System: Windows XP
Output limited to non-default values, except where indicated by "{++}"
Startup items buried in registry:
---------------------------------
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\ {++}
"CTFMON.EXE" = "C:\WINDOWS\System32\ctfmon.exe" [MS]
"MSMSGS" = ""C:\Program Files\Messenger\msmsgs.exe" /background" [MS]
"Gadu-Gadu" = ""C:\Program Files\Gadu-Gadu\gg.exe" /tray" ["Gadu-Gadu S.A."]
"Komunikator" = "C:\Program Files\Tlen.pl\tlen.exe" [file not found]
"AIM" = "C:\Program Files\AIM95\aim.exe -cnetwait.odl" ["America Online, Inc."]
"MsnMsgr" = ""C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background" [MS]
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\ {++}
"NeroFilterCheck" = "C:\WINDOWS\system32\NeroCheck.exe" ["Ahead Software Gmbh"]
"Gainward" = "C:\WINDOWS\TBPanel.exe /A" ["Gainward Co."]
"NvCplDaemon" = "RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup" [MS]
"nwiz" = "nwiz.exe /install" ["NVIDIA Corporation"]
"NvMediaCenter" = "RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit" [MS]
"nTrayFw" = "C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nTrayFw.exe" ["NVIDIA Corporation"]
"SoundMan" = "SOUNDMAN.EXE" ["Realtek Semiconductor Corp."]
"SunJavaUpdateSched" = ""C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"" ["Sun Microsystems, Inc."]
"avast!" = "C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [null data]
"HP Software Update" = "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" ["Hewlett-Packard Co."]
"WinampAgent" = "C:\Program Files\Winamp\winampa.exe" [null data]
"DAEMON Tools-1033" = ""C:\Program Files\D-Tools\daemon.exe" -lang 1033" ["DAEMON'S HOME"]
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}\(Default) = (no title provided)
-> {HKLM...CLSID} = "AcroIEHlprObj Class"
\InProcServer32\(Default) = "C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx" [empty string]
{39F7E362-828A-4B5A-BCAF-5B79BFDFEA60}\(Default) = "BitComet ClickCapture"
-> {HKLM...CLSID} = "BitComet Helper"
\InProcServer32\(Default) = "C:\Program Files\BitComet\tools\BitCometBHO.dll" ["BitComet"]
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\(Default) = (no title provided)
-> {HKLM...CLSID} = "SSVHelper Class"
\InProcServer32\(Default) = "C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll" ["Sun Microsystems, Inc."]
HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\
"{42071714-76d4-11d1-8b24-00a0c9068ff3}" = "Rozszerzenie CPL kadrowania wyświetlania"
-> {HKLM...CLSID} = "Rozszerzenie CPL kadrowania wyświetlania"
\InProcServer32\(Default) = "deskpan.dll" [file not found]
"{88895560-9AA2-1069-930E-00AA0030EBC8}" = "Rozszerzenie ikony HyperTerminalu"
-> {HKLM...CLSID} = "HyperTerminal Icon Ext"
\InProcServer32\(Default) = "C:\WINDOWS\System32\hticons.dll" ["Hilgraeve, Inc."]
"{A70C977A-BF00-412C-90B7-034C51DA2439}" = "NvCpl DesktopContext Class"
-> {HKLM...CLSID} = "DesktopContext Class"
\InProcServer32\(Default) = "C:\WINDOWS\System32\nvcpl.dll" ["NVIDIA Corporation"]
"{FFB699E0-306A-11d3-8BD1-00104B6F7516}" = "Play on my TV helper"
-> {HKLM...CLSID} = "NVIDIA CPL Extension"
\InProcServer32\(Default) = "C:\WINDOWS\System32\nvcpl.dll" ["NVIDIA Corporation"]
"{1CDB2949-8F65-4355-8456-263E7C208A5D}" = "Desktop Explorer"
-> {HKLM...CLSID} = "Desktop Explorer"
\InProcServer32\(Default) = "C:\WINDOWS\System32\nvshell.dll" ["NVIDIA Corporation"]
"{1E9B04FB-F9E5-4718-997B-B8DA88302A47}" = "Desktop Explorer Menu"
-> {HKLM...CLSID} = (no title provided)
\InProcServer32\(Default) = "C:\WINDOWS\System32\nvshell.dll" ["NVIDIA Corporation"]
"{1E9B04FB-F9E5-4718-997B-B8DA88302A48}" = "nView Desktop Context Menu"
-> {HKLM...CLSID} = "nView Desktop Context Menu"
\InProcServer32\(Default) = "C:\WINDOWS\System32\nvshell.dll" ["NVIDIA Corporation"]
"{472083B0-C522-11CF-8763-00608CC02F24}" = "avast"
-> {HKLM...CLSID} = "avast"
\InProcServer32\(Default) = "C:\Program Files\Alwil Software\Avast4\ashShell.dll" ["ALWIL Software"]
"{B41DB860-8EE4-11D2-9906-E49FADC173CA}" = "WinRAR shell extension"
-> {HKLM...CLSID} = "WinRAR"
\InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" [null data]
"{B327765E-D724-4347-8B16-78AE18552FC3}" = "NeroDigitalIconHandler"
-> {HKLM...CLSID} = "NeroDigitalIconHandler Class"
\InProcServer32\(Default) = "C:\Program Files\Common Files\Ahead\Lib\NeroDigitalExt.dll" ["Nero AG"]
"{7F1CF152-04F8-453A-B34C-E609530A9DC8}" = "NeroDigitalPropSheetHandler"
-> {HKLM...CLSID} = "NeroDigitalPropSheetHandler Class"
\InProcServer32\(Default) = "C:\Program Files\Common Files\Ahead\Lib\NeroDigitalExt.dll" ["Nero AG"]
"{32020A01-506E-484D-A2A8-BE3CF17601C3}" = "AlcoholShellEx"
-> {HKLM...CLSID} = "AlcoholShellEx"
\InProcServer32\(Default) = "C:\PROGRA~1\ALCOHO~1\ALCOHO~1\AXShlEx.dll" ["Alcohol Soft Development Team"]
HKLM\Software\Classes\Folder\shellex\ColumnHandlers\
{7D4D6379-F301-4311-BEBA-E26EB0561882}\(Default) = "NeroDigitalExt.NeroDigitalColumnHandler"
-> {HKLM...CLSID} = "NeroDigitalColumnHandler Class"
\InProcServer32\(Default) = "C:\Program Files\Common Files\Ahead\Lib\NeroDigitalExt.dll" ["Nero AG"]
HKLM\Software\Classes\*\shellex\ContextMenuHandlers\
avast\(Default) = "{472083B0-C522-11CF-8763-00608CC02F24}"
-> {HKLM...CLSID} = "avast"
\InProcServer32\(Default) = "C:\Program Files\Alwil Software\Avast4\ashShell.dll" ["ALWIL Software"]
WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"
-> {HKLM...CLSID} = "WinRAR"
\InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" [null data]
HKLM\Software\Classes\Directory\shellex\ContextMenuHandlers\
WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"
-> {HKLM...CLSID} = "WinRAR"
\InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" [null data]
HKLM\Software\Classes\Folder\shellex\ContextMenuHandlers\
avast\(Default) = "{472083B0-C522-11CF-8763-00608CC02F24}"
-> {HKLM...CLSID} = "avast"
\InProcServer32\(Default) = "C:\Program Files\Alwil Software\Avast4\ashShell.dll" ["ALWIL Software"]
WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"
-> {HKLM...CLSID} = "WinRAR"
\InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" [null data]
Group Policies {GPedit.msc branch and setting}:
-----------------------------------------------
Note: detected settings may not have any effect.
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System\
"shutdownwithoutlogon" = (REG_DWORD) hex:0x00000001
{Computer Configuration|Windows Settings|Security Settings|Local Policies|Security Options|
Shutdown: Allow system to be shut down without having to log on}
"undockwithoutlogon" = (REG_DWORD) hex:0x00000001
{Computer Configuration|Windows Settings|Security Settings|Local Policies|Security Options|
Devices: Allow undock without having to log on}
Active Desktop and Wallpaper:
-----------------------------
Active Desktop may be disabled at this entry:
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellState
Displayed if Active Desktop enabled and wallpaper not set by Group Policy:
HKCU\Software\Microsoft\Internet Explorer\Desktop\General\
"Wallpaper" = "C:\Documents and Settings\Dan\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp"
Displayed if Active Desktop disabled and wallpaper not set by Group Policy:
HKCU\Control Panel\Desktop\
"Wallpaper" = "C:\Documents and Settings\Dan\Dane aplikacji\Microsoft\Internet Explorer\Tapeta programu Internet Explorer.bmp"
Enabled Screen Saver:
---------------------
HKCU\Control Panel\Desktop\
"SCRNSAVE.EXE" = "C:\WINDOWS\System32\logon.scr" [MS]
Startup items in "Dan" & "All Users" startup folders:
-----------------------------------------------------
C:\Documents and Settings\All Users\Menu Start\Programy\Autostart
"Adobe Gamma Loader" -> shortcut to: "C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe" ["Adobe Systems, Inc."]
Enabled Scheduled Tasks:
------------------------
"HPpromotions journeysoftware" -> launches: "C:\Program Files\hp\digital imaging\bin\hp promotions\journeysoftware\HPpromo.exe /N "journeysoftware" -r" ["hp"]
Winsock2 Service Provider DLLs:
-------------------------------
Namespace Service Providers
HKLM\System\CurrentControlSet\Services\Winsock2\Parameters\NameSpace_Catalog5\Catalog_Entries\ {++}
000000000001\LibraryPath = "%SystemRoot%\System32\mswsock.dll" [MS]
000000000002\LibraryPath = "%SystemRoot%\System32\winrnr.dll" [MS]
000000000003\LibraryPath = "%SystemRoot%\System32\mswsock.dll" [MS]
Transport Service Providers
HKLM\System\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\ {++}
0000000000##\PackedCatalogItem (contains) DLL [Company Name], (at) ## range:
%SYSTEMROOT%\system32\nvappfilter.dll ["NVIDIA"], 01 - 15, 31
%SystemRoot%\system32\mswsock.dll [MS], 16 - 18, 21 - 30
%SystemRoot%\system32\rsvpsp.dll [MS], 19 - 20
Toolbars, Explorer Bars, Extensions:
------------------------------------
Extensions (Tools menu items, main toolbar menu buttons)
HKLM\Software\Microsoft\Internet Explorer\Extensions\
{08B0E5C0-4FCB-11CF-AAA5-00401C608501}\
"MenuText" = "Sun Java Console"
"CLSIDExtension" = "{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBC}"
-> {HKCU...CLSID} = "Java Plug-in 1.5.0_10"
\InProcServer32\(Default) = "C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll" ["Sun Microsystems, Inc."]
-> {HKLM...CLSID} = "Java Plug-in 1.5.0_10"
\InProcServer32\(Default) = "C:\Program Files\Java\jre1.5.0_10\bin\npjpi150_10.dll" ["Sun Microsystems, Inc."]
{AC9E2541-2814-11D5-BC6D-00B0D0A1DE45}\
"ButtonText" = "AIM"
"Exec" = "C:\Program Files\AIM95\aim.exe" ["America Online, Inc."]
Running Services (Display Name, Service Name, Path {Service DLL}):
------------------------------------------------------------------
avast! Antivirus, avast! Antivirus, ""C:\Program Files\Alwil Software\Avast4\ashServ.exe"" [null data]
avast! iAVS4 Control Service, aswUpdSv, ""C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe"" [null data]
avast! Mail Scanner, avast! Mail Scanner, ""C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service" ["ALWIL Software"]
avast! Web Scanner, avast! Web Scanner, ""C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service" ["ALWIL Software"]
ForceWare Intelligent Application Manager (IAM), ForceWare Intelligent Application Manager (IAM), "C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe" [empty string]
ForceWare IP service, nSvcIp, "C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe" ["NVIDIA"]
ForceWare user log service, nSvcLog, "C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe" ["NVIDIA"]
Forceware Web Interface, ForcewareWebInterface, ""C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe" -k runservice" ["Apache Software Foundation"]
LightScribeService Direct Disc Labeling Service, LightScribeService, "C:\Program Files\Common Files\LightScribe\LSSrvc.exe" ["Hewlett-Packard Company"]
NVIDIA Display Driver Service, NVSvc, "C:\WINDOWS\System32\nvsvc32.exe" ["NVIDIA Corporation"]
Pml Driver HPZ12, Pml Driver HPZ12, "C:\WINDOWS\System32\HPZipm12.exe" ["HP"]
Windows User Mode Driver Framework, UMWdf, "C:\WINDOWS\System32\wdfmgr.exe" [MS]
Print Monitors:
---------------
HKLM\System\CurrentControlSet\Control\Print\Monitors\
hpzlnt12\Driver = "hpzlnt12.dll" ["HP"]
----------
+ This report excludes default entries except where indicated.
+ To see *everywhere* the script checks and *everything* it finds,
launch it from a command prompt or a shortcut with the -all parameter.
+ To search all directories of local fixed drives for DESKTOP.INI
DLL launch points, use the -supp parameter or answer "No" at the
first message box and "Yes" at the second message box.
---------- (total run time: 3547 seconds, including 4 seconds for message boxes)


 
	


 
	
HAXFIX logfile - by Marckie
version 4.37
2007-01-28 20:21:31,68
--- Checking for Haxdoor ---
checking for a3d files
a3d files not found
checking for matching notify keys
no matching notify keys found
checking for matching services
no matching services found
checking for matching safeboot services
no matching safeboot services found
checking for other Haxdoor-files
no other Haxdoor-files found
--- Checking for Goldun ---
checking for SSODL keys
no ssodl keys found
checking for notify keys
no notify keys found
checking for services
no services found
checking for other Goldun-files
no other Goldun-files found
checking iexplore.exe
iexplore.exe is infected!!
iexplore.exe found in dllcache and is not infected
checking sfc_os.dll
sfc_os.dll is not infected
Finished!
iexplore.exe is infected!!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}


 
	

 
	
Rootkit >>> zaznaczone Pokaż wszystko >>> wskazane tylko Usługi >>> Szukaj >>> Kopiuj >>> CTRL+V do posta
- Rootkit >>> odznaczone Pokaż wszystko >>> wskazane wszystkie obiekty do skanu >>> Szukaj >>> Kopiuj >>> CTRL+V do posta


 
	
GMER 1.0.12.12011 - http://www.gmer.net
Rootkit scan 2007-01-29 18:24:46
Windows 5.1.2600
---- System - GMER 1.0.12 ----
SSDT d347bus.sys ZwClose
SSDT d347bus.sys ZwCreateKey
SSDT d347bus.sys ZwCreatePagingFile
SSDT d347bus.sys ZwEnumerateKey
SSDT d347bus.sys ZwEnumerateValueKey
SSDT a347bus.sys ZwOpenFile
SSDT d347bus.sys ZwOpenKey
SSDT d347bus.sys ZwQueryKey
SSDT d347bus.sys ZwQueryValueKey
SSDT d347bus.sys ZwSetSystemPowerState
---- Kernel code sections - GMER 1.0.12 ----
.text ntoskrnl.exe!FsRtlLegalAnsiCharacterArray + F0 804F2058 4 Bytes [ 18, 58, 42, F7 ]
.text ntoskrnl.exe!FsRtlLegalAnsiCharacterArray + 130 804F2098 4 Bytes [ D0, 57, 42, F7 ]
.text ntoskrnl.exe!FsRtlLegalAnsiCharacterArray + 141 804F20A9 3 Bytes [ 9A, 41, F7 ]
.text ntoskrnl.exe!FsRtlLegalAnsiCharacterArray + 1A8 804F2110 4 Bytes [ A8, A2, 41, F7 ]
.text ntoskrnl.exe!FsRtlLegalAnsiCharacterArray + 1B0 804F2118 4 Bytes [ 10, 59, 42, F7 ]
.text ...
---- User code sections - GMER 1.0.12 ----
.text C:\Program Files\Winamp\winamp.exe[3840] USER32.dll!SetScrollInfo 77D3466C 7 Bytes JMP 01B7AAA2 C:\Program Files\Winamp\Plugins\gen_jumpex.dll
.text C:\Program Files\Winamp\winamp.exe[3840] USER32.dll!SetScrollRange 77D393E8 6 Bytes JMP 01B7AAF8 C:\Program Files\Winamp\Plugins\gen_jumpex.dll
.text C:\Program Files\Winamp\winamp.exe[3840] USER32.dll!ShowScrollBar 77D4BE13 5 Bytes JMP 01B7AB26 C:\Program Files\Winamp\Plugins\gen_jumpex.dll
.text C:\Program Files\Winamp\winamp.exe[3840] USER32.dll!GetScrollInfo 77D4C6AE 7 Bytes JMP 01B7AA2A C:\Program Files\Winamp\Plugins\gen_jumpex.dll
.text C:\Program Files\Winamp\winamp.exe[3840] USER32.dll!GetScrollRange 77D4D6DF 6 Bytes JMP 01B7AA77 C:\Program Files\Winamp\Plugins\gen_jumpex.dll
.text C:\Program Files\Winamp\winamp.exe[3840] USER32.dll!SetScrollPos 77D4D729 6 Bytes JMP 01B7AACD C:\Program Files\Winamp\Plugins\gen_jumpex.dll
.text C:\Program Files\Winamp\winamp.exe[3840] USER32.dll!GetScrollPos 77D4D759 9 Bytes JMP 01B7AA52 C:\Program Files\Winamp\Plugins\gen_jumpex.dll
.text C:\Program Files\Winamp\winamp.exe[3840] USER32.dll!EnableScrollBar 77D56C25 7 Bytes JMP 01B7AA02 C:\Program Files\Winamp\Plugins\gen_jumpex.dll
---- Devices - GMER 1.0.12 ----
Device \FileSystem\Ntfs \Ntfs IRP_MJ_READ 85DA6FB0
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_CREATE 85B8FAB8
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_CREATE_NAMED_PIPE 85B8FAB8
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_CLOSE 85B8FAB8
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_READ 85B8FAB8
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_WRITE 85B8FAB8
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_QUERY_INFORMATION 85B8FAB8
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_SET_INFORMATION 85B8FAB8
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_QUERY_EA 85B8FAB8
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_SET_EA 85B8FAB8
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_FLUSH_BUFFERS 85B8FAB8
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_QUERY_VOLUME_INFORMATION 85B8FAB8
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_SET_VOLUME_INFORMATION 85B8FAB8
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_DIRECTORY_CONTROL 85B8FAB8
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_FILE_SYSTEM_CONTROL 85B8FAB8
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_DEVICE_CONTROL 85B8FAB8
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_INTERNAL_DEVICE_CONTROL 85B8FAB8
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_SHUTDOWN 85B8FAB8
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_LOCK_CONTROL 85B8FAB8
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_CLEANUP 85B8FAB8
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_CREATE_MAILSLOT 85B8FAB8
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_QUERY_SECURITY 85B8FAB8
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_SET_SECURITY 85B8FAB8
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_POWER 85B8FAB8
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_SYSTEM_CONTROL 85B8FAB8
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_DEVICE_CHANGE 85B8FAB8
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_QUERY_QUOTA 85B8FAB8
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_SET_QUOTA 85B8FAB8
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_PNP 85B8FAB8
Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_READ 85CB1290
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_CREATE 85B8FAB8
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_CREATE_NAMED_PIPE 85B8FAB8
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_CLOSE 85B8FAB8
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_READ 85B8FAB8
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_WRITE 85B8FAB8
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_QUERY_INFORMATION 85B8FAB8
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_SET_INFORMATION 85B8FAB8
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_QUERY_EA 85B8FAB8
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_SET_EA 85B8FAB8
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_FLUSH_BUFFERS 85B8FAB8
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_QUERY_VOLUME_INFORMATION 85B8FAB8
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_SET_VOLUME_INFORMATION 85B8FAB8
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_DIRECTORY_CONTROL 85B8FAB8
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_FILE_SYSTEM_CONTROL 85B8FAB8
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_DEVICE_CONTROL 85B8FAB8
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_INTERNAL_DEVICE_CONTROL 85B8FAB8
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_SHUTDOWN 85B8FAB8
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_LOCK_CONTROL 85B8FAB8
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_CLEANUP 85B8FAB8
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_CREATE_MAILSLOT 85B8FAB8
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_QUERY_SECURITY 85B8FAB8
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_SET_SECURITY 85B8FAB8
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_POWER 85B8FAB8
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_SYSTEM_CONTROL 85B8FAB8
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_DEVICE_CHANGE 85B8FAB8
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_QUERY_QUOTA 85B8FAB8
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_SET_QUOTA 85B8FAB8
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_PNP 85B8FAB8
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_CREATE 85BA1460
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_CREATE_NAMED_PIPE 85BA1460
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_CLOSE 85BA1460
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_READ 85BA1460
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_WRITE 85BA1460
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_QUERY_INFORMATION 85BA1460
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_SET_INFORMATION 85BA1460
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_QUERY_EA 85BA1460
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_SET_EA 85BA1460
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_FLUSH_BUFFERS 85BA1460
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_QUERY_VOLUME_INFORMATION 85BA1460
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_SET_VOLUME_INFORMATION 85BA1460
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_DIRECTORY_CONTROL 85BA1460
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_FILE_SYSTEM_CONTROL 85BA1460
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_DEVICE_CONTROL 85BA1460
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_INTERNAL_DEVICE_CONTROL 85BA1460
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_SHUTDOWN 85BA1460
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_LOCK_CONTROL 85BA1460
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_CLEANUP 85BA1460
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_CREATE_MAILSLOT 85BA1460
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_QUERY_SECURITY 85BA1460
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_SET_SECURITY 85BA1460
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_POWER 85BA1460
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_SYSTEM_CONTROL 85BA1460
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_DEVICE_CHANGE 85BA1460
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_QUERY_QUOTA 85BA1460
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_SET_QUOTA 85BA1460
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_PNP 85BA1460
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_CREATE 85BA1460
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_CREATE_NAMED_PIPE 85BA1460
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_CLOSE 85BA1460
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_READ 85BA1460
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_WRITE 85BA1460
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_QUERY_INFORMATION 85BA1460
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_SET_INFORMATION 85BA1460
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_QUERY_EA 85BA1460
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_SET_EA 85BA1460
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_FLUSH_BUFFERS 85BA1460
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_QUERY_VOLUME_INFORMATION 85BA1460
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_SET_VOLUME_INFORMATION 85BA1460
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_DIRECTORY_CONTROL 85BA1460
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_FILE_SYSTEM_CONTROL 85BA1460
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_DEVICE_CONTROL 85BA1460
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_INTERNAL_DEVICE_CONTROL 85BA1460
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_SHUTDOWN 85BA1460
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_LOCK_CONTROL 85BA1460
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_CLEANUP 85BA1460
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_CREATE_MAILSLOT 85BA1460
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_QUERY_SECURITY 85BA1460
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_SET_SECURITY 85BA1460
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_POWER 85BA1460
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_SYSTEM_CONTROL 85BA1460
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_DEVICE_CHANGE 85BA1460
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_QUERY_QUOTA 85BA1460
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_SET_QUOTA 85BA1460
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_PNP 85BA1460
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-5 IRP_MJ_CREATE 85BA1460
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-5 IRP_MJ_CREATE_NAMED_PIPE 85BA1460
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-5 IRP_MJ_CLOSE 85BA1460
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-5 IRP_MJ_READ 85BA1460
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-5 IRP_MJ_WRITE 85BA1460
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-5 IRP_MJ_QUERY_INFORMATION 85BA1460
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-5 IRP_MJ_SET_INFORMATION 85BA1460
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-5 IRP_MJ_QUERY_EA 85BA1460
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-5 IRP_MJ_SET_EA 85BA1460
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-5 IRP_MJ_FLUSH_BUFFERS 85BA1460
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-5 IRP_MJ_QUERY_VOLUME_INFORMATION 85BA1460
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-5 IRP_MJ_SET_VOLUME_INFORMATION 85BA1460
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-5 IRP_MJ_DIRECTORY_CONTROL 85BA1460
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-5 IRP_MJ_FILE_SYSTEM_CONTROL 85BA1460
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-5 IRP_MJ_DEVICE_CONTROL 85BA1460
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-5 IRP_MJ_INTERNAL_DEVICE_CONTROL 85BA1460
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-5 IRP_MJ_SHUTDOWN 85BA1460
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-5 IRP_MJ_LOCK_CONTROL 85BA1460
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-5 IRP_MJ_CLEANUP 85BA1460
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-5 IRP_MJ_CREATE_MAILSLOT 85BA1460
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-5 IRP_MJ_QUERY_SECURITY 85BA1460
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-5 IRP_MJ_SET_SECURITY 85BA1460
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-5 IRP_MJ_POWER 85BA1460
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-5 IRP_MJ_SYSTEM_CONTROL 85BA1460
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-5 IRP_MJ_DEVICE_CHANGE 85BA1460
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-5 IRP_MJ_QUERY_QUOTA 85BA1460
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-5 IRP_MJ_SET_QUOTA 85BA1460
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-5 IRP_MJ_PNP 85BA1460
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_CREATE 85B8FAB8
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_CREATE_NAMED_PIPE 85B8FAB8
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_CLOSE 85B8FAB8
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_READ 85B8FAB8
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_WRITE 85B8FAB8
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_QUERY_INFORMATION 85B8FAB8
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_SET_INFORMATION 85B8FAB8
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_QUERY_EA 85B8FAB8
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_SET_EA 85B8FAB8
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_FLUSH_BUFFERS 85B8FAB8
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_QUERY_VOLUME_INFORMATION 85B8FAB8
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_SET_VOLUME_INFORMATION 85B8FAB8
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_DIRECTORY_CONTROL 85B8FAB8
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_FILE_SYSTEM_CONTROL 85B8FAB8
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_DEVICE_CONTROL 85B8FAB8
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_INTERNAL_DEVICE_CONTROL 85B8FAB8
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_SHUTDOWN 85B8FAB8
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_LOCK_CONTROL 85B8FAB8
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_CLEANUP 85B8FAB8
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_CREATE_MAILSLOT 85B8FAB8
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_QUERY_SECURITY 85B8FAB8
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_SET_SECURITY 85B8FAB8
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_POWER 85B8FAB8
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_SYSTEM_CONTROL 85B8FAB8
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_DEVICE_CHANGE 85B8FAB8
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_QUERY_QUOTA 85B8FAB8
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_SET_QUOTA 85B8FAB8
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_PNP 85B8FAB8
Device \FileSystem\Srv \Device\LanmanServer IRP_MJ_READ 85945AE8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_READ 85A21E18
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_READ 85A21E18
Device \FileSystem\Npfs \Device\NamedPipe IRP_MJ_READ 85949178
Device \FileSystem\Msfs \Device\Mailslot IRP_MJ_READ 85A09170
Device \Driver\a347scsi \Device\Scsi\a347scsi1Port5Path0Target0Lun0 IRP_MJ_CREATE 85BB6008
Device \Driver\a347scsi \Device\Scsi\a347scsi1Port5Path0Target0Lun0 IRP_MJ_CREATE_NAMED_PIPE 85BB6008
Device \Driver\a347scsi \Device\Scsi\a347scsi1Port5Path0Target0Lun0 IRP_MJ_CLOSE 85BB6008
Device \Driver\a347scsi \Device\Scsi\a347scsi1Port5Path0Target0Lun0 IRP_MJ_READ 85BB6008
Device \Driver\a347scsi \Device\Scsi\a347scsi1Port5Path0Target0Lun0 IRP_MJ_WRITE 85BB6008
Device \Driver\a347scsi \Device\Scsi\a347scsi1Port5Path0Target0Lun0 IRP_MJ_QUERY_INFORMATION 85BB6008
Device \Driver\a347scsi \Device\Scsi\a347scsi1Port5Path0Target0Lun0 IRP_MJ_SET_INFORMATION 85BB6008
Device \Driver\a347scsi \Device\Scsi\a347scsi1Port5Path0Target0Lun0 IRP_MJ_QUERY_EA 85BB6008
Device \Driver\a347scsi \Device\Scsi\a347scsi1Port5Path0Target0Lun0 IRP_MJ_SET_EA 85BB6008
Device \Driver\a347scsi \Device\Scsi\a347scsi1Port5Path0Target0Lun0 IRP_MJ_FLUSH_BUFFERS 85BB6008
Device \Driver\a347scsi \Device\Scsi\a347scsi1Port5Path0Target0Lun0 IRP_MJ_QUERY_VOLUME_INFORMATION 85BB6008
Device \Driver\a347scsi \Device\Scsi\a347scsi1Port5Path0Target0Lun0 IRP_MJ_SET_VOLUME_INFORMATION 85BB6008
Device \Driver\a347scsi \Device\Scsi\a347scsi1Port5Path0Target0Lun0 IRP_MJ_DIRECTORY_CONTROL 85BB6008
Device \Driver\a347scsi \Device\Scsi\a347scsi1Port5Path0Target0Lun0 IRP_MJ_FILE_SYSTEM_CONTROL 85BB6008
Device \Driver\a347scsi \Device\Scsi\a347scsi1Port5Path0Target0Lun0 IRP_MJ_DEVICE_CONTROL 85BB6008
Device \Driver\a347scsi \Device\Scsi\a347scsi1Port5Path0Target0Lun0 IRP_MJ_INTERNAL_DEVICE_CONTROL 85BB6008
Device \Driver\a347scsi \Device\Scsi\a347scsi1Port5Path0Target0Lun0 IRP_MJ_SHUTDOWN 85BB6008
Device \Driver\a347scsi \Device\Scsi\a347scsi1Port5Path0Target0Lun0 IRP_MJ_LOCK_CONTROL 85BB6008
Device \Driver\a347scsi \Device\Scsi\a347scsi1Port5Path0Target0Lun0 IRP_MJ_CLEANUP 85BB6008
Device \Driver\a347scsi \Device\Scsi\a347scsi1Port5Path0Target0Lun0 IRP_MJ_CREATE_MAILSLOT 85BB6008
Device \Driver\a347scsi \Device\Scsi\a347scsi1Port5Path0Target0Lun0 IRP_MJ_QUERY_SECURITY 85BB6008
Device \Driver\a347scsi \Device\Scsi\a347scsi1Port5Path0Target0Lun0 IRP_MJ_SET_SECURITY 85BB6008
Device \Driver\a347scsi \Device\Scsi\a347scsi1Port5Path0Target0Lun0 IRP_MJ_POWER 85BB6008
Device \Driver\a347scsi \Device\Scsi\a347scsi1Port5Path0Target0Lun0 IRP_MJ_SYSTEM_CONTROL 85BB6008
Device \Driver\a347scsi \Device\Scsi\a347scsi1Port5Path0Target0Lun0 IRP_MJ_DEVICE_CHANGE 85BB6008
Device \Driver\a347scsi \Device\Scsi\a347scsi1Port5Path0Target0Lun0 IRP_MJ_QUERY_QUOTA 85BB6008
Device \Driver\a347scsi \Device\Scsi\a347scsi1Port5Path0Target0Lun0 IRP_MJ_SET_QUOTA 85BB6008
Device \Driver\a347scsi \Device\Scsi\a347scsi1Port5Path0Target0Lun0 IRP_MJ_PNP 85BB6008
Device \Driver\d347prt \Device\Scsi\d347prt1Port4Path0Target0Lun0 IRP_MJ_CREATE 85B71290
Device \Driver\d347prt \Device\Scsi\d347prt1Port4Path0Target0Lun0 IRP_MJ_CREATE_NAMED_PIPE 85B71290
Device \Driver\d347prt \Device\Scsi\d347prt1Port4Path0Target0Lun0 IRP_MJ_CLOSE 85B71290
Device \Driver\d347prt \Device\Scsi\d347prt1Port4Path0Target0Lun0 IRP_MJ_READ 85B71290
Device \Driver\d347prt \Device\Scsi\d347prt1Port4Path0Target0Lun0 IRP_MJ_WRITE 85B71290
Device \Driver\d347prt \Device\Scsi\d347prt1Port4Path0Target0Lun0 IRP_MJ_QUERY_INFORMATION 85B71290
Device \Driver\d347prt \Device\Scsi\d347prt1Port4Path0Target0Lun0 IRP_MJ_SET_INFORMATION 85B71290
Device \Driver\d347prt \Device\Scsi\d347prt1Port4Path0Target0Lun0 IRP_MJ_QUERY_EA 85B71290
Device \Driver\d347prt \Device\Scsi\d347prt1Port4Path0Target0Lun0 IRP_MJ_SET_EA 85B71290
Device \Driver\d347prt \Device\Scsi\d347prt1Port4Path0Target0Lun0 IRP_MJ_FLUSH_BUFFERS 85B71290
Device \Driver\d347prt \Device\Scsi\d347prt1Port4Path0Target0Lun0 IRP_MJ_QUERY_VOLUME_INFORMATION 85B71290
Device \Driver\d347prt \Device\Scsi\d347prt1Port4Path0Target0Lun0 IRP_MJ_SET_VOLUME_INFORMATION 85B71290
Device \Driver\d347prt \Device\Scsi\d347prt1Port4Path0Target0Lun0 IRP_MJ_DIRECTORY_CONTROL 85B71290
Device \Driver\d347prt \Device\Scsi\d347prt1Port4Path0Target0Lun0 IRP_MJ_FILE_SYSTEM_CONTROL 85B71290
Device \Driver\d347prt \Device\Scsi\d347prt1Port4Path0Target0Lun0 IRP_MJ_DEVICE_CONTROL 85B71290
Device \Driver\d347prt \Device\Scsi\d347prt1Port4Path0Target0Lun0 IRP_MJ_INTERNAL_DEVICE_CONTROL 85B71290
Device \Driver\d347prt \Device\Scsi\d347prt1Port4Path0Target0Lun0 IRP_MJ_SHUTDOWN 85B71290
Device \Driver\d347prt \Device\Scsi\d347prt1Port4Path0Target0Lun0 IRP_MJ_LOCK_CONTROL 85B71290
Device \Driver\d347prt \Device\Scsi\d347prt1Port4Path0Target0Lun0 IRP_MJ_CLEANUP 85B71290
Device \Driver\d347prt \Device\Scsi\d347prt1Port4Path0Target0Lun0 IRP_MJ_CREATE_MAILSLOT 85B71290
Device \Driver\d347prt \Device\Scsi\d347prt1Port4Path0Target0Lun0 IRP_MJ_QUERY_SECURITY 85B71290
Device \Driver\d347prt \Device\Scsi\d347prt1Port4Path0Target0Lun0 IRP_MJ_SET_SECURITY 85B71290
Device \Driver\d347prt \Device\Scsi\d347prt1Port4Path0Target0Lun0 IRP_MJ_POWER 85B71290
Device \Driver\d347prt \Device\Scsi\d347prt1Port4Path0Target0Lun0 IRP_MJ_SYSTEM_CONTROL 85B71290
Device \Driver\d347prt \Device\Scsi\d347prt1Port4Path0Target0Lun0 IRP_MJ_DEVICE_CHANGE 85B71290
Device \Driver\d347prt \Device\Scsi\d347prt1Port4Path0Target0Lun0 IRP_MJ_QUERY_QUOTA 85B71290
Device \Driver\d347prt \Device\Scsi\d347prt1Port4Path0Target0Lun0 IRP_MJ_SET_QUOTA 85B71290
Device \Driver\d347prt \Device\Scsi\d347prt1Port4Path0Target0Lun0 IRP_MJ_PNP 85B71290
Device \Driver\a347scsi \Device\Scsi\a347scsi1 IRP_MJ_CREATE 85BB6008
Device \Driver\a347scsi \Device\Scsi\a347scsi1 IRP_MJ_CREATE_NAMED_PIPE 85BB6008
Device \Driver\a347scsi \Device\Scsi\a347scsi1 IRP_MJ_CLOSE 85BB6008
Device \Driver\a347scsi \Device\Scsi\a347scsi1 IRP_MJ_READ 85BB6008
Device \Driver\a347scsi \Device\Scsi\a347scsi1 IRP_MJ_WRITE 85BB6008
Device \Driver\a347scsi \Device\Scsi\a347scsi1 IRP_MJ_QUERY_INFORMATION 85BB6008
Device \Driver\a347scsi \Device\Scsi\a347scsi1 IRP_MJ_SET_INFORMATION 85BB6008
Device \Driver\a347scsi \Device\Scsi\a347scsi1 IRP_MJ_QUERY_EA 85BB6008
Device \Driver\a347scsi \Device\Scsi\a347scsi1 IRP_MJ_SET_EA 85BB6008
Device \Driver\a347scsi \Device\Scsi\a347scsi1 IRP_MJ_FLUSH_BUFFERS 85BB6008
Device \Driver\a347scsi \Device\Scsi\a347scsi1 IRP_MJ_QUERY_VOLUME_INFORMATION 85BB6008
Device \Driver\a347scsi \Device\Scsi\a347scsi1 IRP_MJ_SET_VOLUME_INFORMATION 85BB6008
Device \Driver\a347scsi \Device\Scsi\a347scsi1 IRP_MJ_DIRECTORY_CONTROL 85BB6008
Device \Driver\a347scsi \Device\Scsi\a347scsi1 IRP_MJ_FILE_SYSTEM_CONTROL 85BB6008
Device \Driver\a347scsi \Device\Scsi\a347scsi1 IRP_MJ_DEVICE_CONTROL 85BB6008
Device \Driver\a347scsi \Device\Scsi\a347scsi1 IRP_MJ_INTERNAL_DEVICE_CONTROL 85BB6008
Device \Driver\a347scsi \Device\Scsi\a347scsi1 IRP_MJ_SHUTDOWN 85BB6008
Device \Driver\a347scsi \Device\Scsi\a347scsi1 IRP_MJ_LOCK_CONTROL 85BB6008
Device \Driver\a347scsi \Device\Scsi\a347scsi1 IRP_MJ_CLEANUP 85BB6008
Device \Driver\a347scsi \Device\Scsi\a347scsi1 IRP_MJ_CREATE_MAILSLOT 85BB6008
Device \Driver\a347scsi \Device\Scsi\a347scsi1 IRP_MJ_QUERY_SECURITY 85BB6008
Device \Driver\a347scsi \Device\Scsi\a347scsi1 IRP_MJ_SET_SECURITY 85BB6008
Device \Driver\a347scsi \Device\Scsi\a347scsi1 IRP_MJ_POWER 85BB6008
Device \Driver\a347scsi \Device\Scsi\a347scsi1 IRP_MJ_SYSTEM_CONTROL 85BB6008
Device \Driver\a347scsi \Device\Scsi\a347scsi1 IRP_MJ_DEVICE_CHANGE 85BB6008
Device \Driver\a347scsi \Device\Scsi\a347scsi1 IRP_MJ_QUERY_QUOTA 85BB6008
Device \Driver\a347scsi \Device\Scsi\a347scsi1 IRP_MJ_SET_QUOTA 85BB6008
Device \Driver\a347scsi \Device\Scsi\a347scsi1 IRP_MJ_PNP 85BB6008
Device \Driver\d347prt \Device\Scsi\d347prt1 IRP_MJ_CREATE 85B71290
Device \Driver\d347prt \Device\Scsi\d347prt1 IRP_MJ_CREATE_NAMED_PIPE 85B71290
Device \Driver\d347prt \Device\Scsi\d347prt1 IRP_MJ_CLOSE 85B71290
Device \Driver\d347prt \Device\Scsi\d347prt1 IRP_MJ_READ 85B71290
Device \Driver\d347prt \Device\Scsi\d347prt1 IRP_MJ_WRITE 85B71290
Device \Driver\d347prt \Device\Scsi\d347prt1 IRP_MJ_QUERY_INFORMATION 85B71290
Device \Driver\d347prt \Device\Scsi\d347prt1 IRP_MJ_SET_INFORMATION 85B71290
Device \Driver\d347prt \Device\Scsi\d347prt1 IRP_MJ_QUERY_EA 85B71290
Device \Driver\d347prt \Device\Scsi\d347prt1 IRP_MJ_SET_EA 85B71290
Device \Driver\d347prt \Device\Scsi\d347prt1 IRP_MJ_FLUSH_BUFFERS 85B71290
Device \Driver\d347prt \Device\Scsi\d347prt1 IRP_MJ_QUERY_VOLUME_INFORMATION 85B71290
Device \Driver\d347prt \Device\Scsi\d347prt1 IRP_MJ_SET_VOLUME_INFORMATION 85B71290
Device \Driver\d347prt \Device\Scsi\d347prt1 IRP_MJ_DIRECTORY_CONTROL 85B71290
Device \Driver\d347prt \Device\Scsi\d347prt1 IRP_MJ_FILE_SYSTEM_CONTROL 85B71290
Device \Driver\d347prt \Device\Scsi\d347prt1 IRP_MJ_DEVICE_CONTROL 85B71290
Device \Driver\d347prt \Device\Scsi\d347prt1 IRP_MJ_INTERNAL_DEVICE_CONTROL 85B71290
Device \Driver\d347prt \Device\Scsi\d347prt1 IRP_MJ_SHUTDOWN 85B71290
Device \Driver\d347prt \Device\Scsi\d347prt1 IRP_MJ_LOCK_CONTROL 85B71290
Device \Driver\d347prt \Device\Scsi\d347prt1 IRP_MJ_CLEANUP 85B71290
Device \Driver\d347prt \Device\Scsi\d347prt1 IRP_MJ_CREATE_MAILSLOT 85B71290
Device \Driver\d347prt \Device\Scsi\d347prt1 IRP_MJ_QUERY_SECURITY 85B71290
Device \Driver\d347prt \Device\Scsi\d347prt1 IRP_MJ_SET_SECURITY 85B71290
Device \Driver\d347prt \Device\Scsi\d347prt1 IRP_MJ_POWER 85B71290
Device \Driver\d347prt \Device\Scsi\d347prt1 IRP_MJ_SYSTEM_CONTROL 85B71290
Device \Driver\d347prt \Device\Scsi\d347prt1 IRP_MJ_DEVICE_CHANGE 85B71290
Device \Driver\d347prt \Device\Scsi\d347prt1 IRP_MJ_QUERY_QUOTA 85B71290
Device \Driver\d347prt \Device\Scsi\d347prt1 IRP_MJ_SET_QUOTA 85B71290
Device \Driver\d347prt \Device\Scsi\d347prt1 IRP_MJ_PNP 85B71290
Device \FileSystem\Fs_Rec \FileSystem\UdfsCdRomRecognizer IRP_MJ_READ 85A63DF8
Device \FileSystem\Fs_Rec \FileSystem\FatCdRomRecognizer IRP_MJ_READ 85A63DF8
Device \FileSystem\Fs_Rec \FileSystem\CdfsRecognizer IRP_MJ_READ 85A63DF8
Device \FileSystem\Fs_Rec \FileSystem\FatDiskRecognizer IRP_MJ_READ 85A63DF8
Device \FileSystem\Fs_Rec \FileSystem\UdfsDiskRecognizer IRP_MJ_READ 85A63DF8
Device \FileSystem\Cdfs \Cdfs IRP_MJ_READ 85AB54C0
---- Modules - GMER 1.0.12 ----
Module _________ F7393000

Użytkownicy przeglądający to forum: Brak zarejestrowanych użytkowników oraz 19 gości