prośba o sprawdzenie

**Posty:** 250 · przez **^Wulf** 07 Lip 2007, 20:21

Witam

.
Od pewnego momentu gdy chcę włączyć program a konkretnie AQQ, Tlen Plus, Hamachi to gdy klikam na ikonę nic się nie dzieję, dopiero ponowne zainstalowanie w/w programów pomaga...

. Ale jest to już trochę męczące co chwilę (po wyłączeniu programu) no nowo go instalować...
Poniżej zamieszczam loga

Kod: Zaznacz wszystko: Logfile of HijackThis v1.99.1 Scan saved at 19:55:52, on 2007-07-07 Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16473) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\CTsvcCDA.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\MsPMSPSv.exe C:\PROGRA~1\NEOSTR~1\CnxMon.exe C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe C:\PROGRA~1\NEOSTR~1\TaskbarIcon.exe C:\Program Files\DAEMON Tools\daemon.exe C:\Program Files\Winamp\winampa.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\system32\ctfmon.exe C:\PROGRA~1\WapSter\AQQ\AQQ.exe C:\Program Files\Neostrada TP\NeostradaTP.exe C:\Program Files\Neostrada TP\ComComp.exe C:\Program Files\Neostrada TP\Watch.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Xfire\xfire.exe C:\Program Files\Mozilla Firefox\firefox.exe D:\Logi\hijackthis_199\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.idg.pl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.idg.pl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.idg.pl R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\NEOSTR~1\SEARCH~1.DLL O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.2.7.dll O4 - HKLM\..\Run: [WooCnxMon] C:\PROGRA~1\NEOSTR~1\CnxMon.exe O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\NEOSTR~1\Watch.exe O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\NEOSTR~1\TaskbarIcon.exe O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033 O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE O4 - HKLM\..\Run: [Jet Detection] "C:\Program Files\Creative\SBLive\PROGRAM\ADGJDet.exe" O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [AQQ] C:\PROGRA~1\WapSter\AQQ\AQQ.exe O8 - Extra context menu item: Download all links using BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm O8 - Extra context menu item: Download all videos using BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm O8 - Extra context menu item: Download link using &BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O11 - Options group: [INTERNATIONAL] International* O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll O17 - HKLM\System\CCS\Services\Tcpip\..\{C543D952-CE39-4362-8BB2-8CFAE9715B48}: NameServer = 194.204.159.1 217.98.63.164 O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL O20 - Winlogon Notify: WBSrv - C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbsrv.dll O23 - Service: ASP.NET State Service (aspnet_state) - Unknown owner - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (file missing) O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe

**Posty:** 18165 · przez **wojtas** 07 Lip 2007, 20:26

daj loga z:

http://download.bleepingcomputer.com/sUBs/ComboFix.exe

**Posty:** 250 · przez **^Wulf** 07 Lip 2007, 20:31

Kod: Zaznacz wszystko: "Admint" - 2007-07-07 20:04:14 - ComboFix 07-07-07.3 - Dodatek Service Pack 2 ((((((((((((((((((((((((( Files Created from 2007-06-07 to 2007-07-07 ))))))))))))))))))))))))))))))) 2007-07-07 20:03 51,200 --a------ C:\WINDOWS\nircmd.exe 2007-07-06 16:28 5,632 --a------ C:\WINDOWS\system32\ptpusb.dll 2007-07-06 16:28 159,232 --a------ C:\WINDOWS\system32\ptpusd.dll 2007-07-06 16:28 15,104 --a------ C:\WINDOWS\system32\drivers\usbscan.sys 2007-07-06 14:36 <DIR> d--h----- C:\WINDOWS\msdownld.tmp 2007-07-06 14:32 <DIR> d-------- C:\WINDOWS\network diagnostic 2007-07-06 14:30 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\DANEAP~1\Windows Genuine Advantage 2007-07-06 14:27 <DIR> d-------- C:\WINDOWS\system32\pl-PL 2007-07-06 14:18 14,048 --------- C:\WINDOWS\system32\spmsg2.dll 2007-07-06 14:18 <DIR> d-------- C:\Program Files\Reference Assemblies 2007-07-05 21:09 <DIR> d-------- C:\DOCUME~1\ADMIN~1\DANEAP~1\WinRAR 2007-07-05 21:08 36,864 --a------ C:\WINDOWS\system32\wbsys.dll 2007-07-05 21:08 20,480 --a------ C:\WINDOWS\system32\wbload.dll 2007-07-05 21:08 <DIR> d-------- C:\Program Files\Stardock 2007-07-05 11:22 <DIR> d-------- C:\chatlog 2007-07-05 01:08 221,184 --a------ C:\WINDOWS\system32\wmpns.dll 2007-07-05 01:01 <DIR> d-------- C:\Program Files\BearShare 2007-07-05 01:01 <DIR> d-------- C:\My Downloads 2007-07-04 15:52 <DIR> d-------- C:\Program Files\Microsoft Works 2007-07-04 15:49 <DIR> d-------- C:\WINDOWS\SHELLNEW 2007-07-04 15:48 <DIR> dr-h----- C:\MSOCache 2007-07-04 15:48 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\DANEAP~1\Microsoft Help 2007-07-04 13:19 <DIR> d-------- C:\DOCUME~1\ADMIN~1\DANEAP~1\Opera 2007-07-04 02:56 23,856 --a------ C:\WINDOWS\system32\spupdsvc.exe 2007-07-04 02:56 <DIR> d-------- C:\WINDOWS\system32\PreInstall 2007-07-04 01:14 58,624 --a------ C:\WINDOWS\system32\drivers\redbook.sys 2007-07-04 01:14 3,072 --a------ C:\WINDOWS\system32\drivers\audstub.sys 2007-07-04 01:13 870,784 --a------ C:\WINDOWS\system32\ati3d1ag.dll 2007-07-04 01:13 77,312 --a------ C:\WINDOWS\system32\usbui.dll 2007-07-04 01:13 701,440 --a------ C:\WINDOWS\system32\drivers\ati2mtag.sys 2007-07-04 01:13 516,768 --a------ C:\WINDOWS\system32\ativvaxx.dll 2007-07-04 01:13 44,672 --a------ C:\WINDOWS\system32\drivers\UAGP35.SYS 2007-07-04 01:13 3,712 --a------ C:\WINDOWS\system32\drivers\ctljystk.sys 2007-07-04 01:13 27,165 --a------ C:\WINDOWS\system32\drivers\fetnd5.sys 2007-07-04 01:13 229,376 --a------ C:\WINDOWS\system32\ati2cqag.dll 2007-07-04 01:13 201,728 --a------ C:\WINDOWS\system32\ati2dvag.dll 2007-07-04 01:13 10,624 --a------ C:\WINDOWS\system32\drivers\gameenum.sys 2007-07-04 01:13 1,888,992 --a------ C:\WINDOWS\system32\ati3duag.dll 2007-07-04 01:12 9,936 --a------ C:\WINDOWS\system\LZEXPAND.DLL 2007-07-04 01:12 9,168 --a------ C:\WINDOWS\system\VER.DLL 2007-07-04 01:12 85,532 --a------ C:\WINDOWS\system32\dgsetup.dll 2007-07-04 01:12 83,456 --a------ C:\WINDOWS\system\OLECLI.DLL 2007-07-04 01:12 8,192 -ra------ C:\WINDOWS\system32\kbdhept.dll 2007-07-04 01:12 7,168 --a------ C:\WINDOWS\system32\kbdcz.dll 2007-07-04 01:12 6,656 -ra------ C:\WINDOWS\system32\kbdhela3.dll 2007-07-04 01:12 6,656 --a------ C:\WINDOWS\system32\kbdycl.dll 2007-07-04 01:12 6,656 --a------ C:\WINDOWS\system32\kbdsl1.dll 2007-07-04 01:12 6,656 --a------ C:\WINDOWS\system32\kbdsl.dll 2007-07-04 01:12 6,656 --a------ C:\WINDOWS\system32\kbdhu.dll 2007-07-04 01:12 6,656 --a------ C:\WINDOWS\system32\kbdcz2.dll 2007-07-04 01:12 6,656 --a------ C:\WINDOWS\system32\kbdcz1.dll 2007-07-04 01:12 6,656 --a------ C:\WINDOWS\system32\kbdcr.dll 2007-07-04 01:12 6,656 --a------ C:\WINDOWS\system32\KBDAL.DLL 2007-07-04 01:12 6,144 -ra------ C:\WINDOWS\system32\kbdtuq.dll 2007-07-04 01:12 6,144 -ra------ C:\WINDOWS\system32\kbdtuf.dll 2007-07-04 01:12 6,144 -ra------ C:\WINDOWS\system32\kbdlv1.dll 2007-07-04 01:12 6,144 -ra------ C:\WINDOWS\system32\kbdlv.dll 2007-07-04 01:12 6,144 -ra------ C:\WINDOWS\system32\kbdhela2.dll 2007-07-04 01:12 6,144 -ra------ C:\WINDOWS\system32\kbdgkl.dll 2007-07-04 01:12 6,144 -ra------ C:\WINDOWS\system32\kbdest.dll 2007-07-04 01:12 5,632 -ra------ C:\WINDOWS\system32\kbdmon.dll 2007-07-04 01:12 5,632 -ra------ C:\WINDOWS\system32\kbdlt1.dll 2007-07-04 01:12 5,632 -ra------ C:\WINDOWS\system32\kbdlt.dll 2007-07-04 01:12 5,632 -ra------ C:\WINDOWS\system32\kbdkyr.dll 2007-07-04 01:12 5,632 -ra------ C:\WINDOWS\system32\kbdhe319.dll 2007-07-04 01:12 5,632 -ra------ C:\WINDOWS\system32\kbdhe220.dll 2007-07-04 01:12 5,632 -ra------ C:\WINDOWS\system32\kbdhe.dll 2007-07-04 01:12 5,632 -ra------ C:\WINDOWS\system32\kbdazel.dll 2007-07-04 01:12 5,632 --a------ C:\WINDOWS\system32\kbdro.dll 2007-07-04 01:12 5,632 --a------ C:\WINDOWS\system32\kbdhu1.dll 2007-07-04 01:12 5,120 --a------ C:\WINDOWS\system\SHELL.DLL 2007-07-04 01:12 33,376 --a------ C:\WINDOWS\system\COMMDLG.DLL 2007-07-04 01:12 24,661 --a------ C:\WINDOWS\system32\spxcoins.dll 2007-07-04 01:12 24,064 --a------ C:\WINDOWS\system\OLESVR.DLL 2007-07-04 01:12 19,200 --a------ C:\WINDOWS\system\TAPI.DLL 2007-07-04 01:12 176,157 --a------ C:\WINDOWS\system32\dgrpsetu.dll 2007-07-04 01:12 13,312 --a------ C:\WINDOWS\system32\irclass.dll 2007-07-04 01:12 127,008 --a------ C:\WINDOWS\system\MSVIDEO.DLL 2007-07-04 01:12 109,488 --a------ C:\WINDOWS\system\AVIFILE.DLL 2007-07-04 01:12 103,424 --a------ C:\WINDOWS\system32\EqnClass.Dll 2007-07-04 01:12 <DIR> dr------- C:\Program Files 2007-07-04 01:12 <DIR> d--hs---- C:\WINDOWS\Installer 2007-07-04 01:12 <DIR> d-------- C:\Program Files\Common Files\SpeechEngines 2007-07-04 01:12 <DIR> d-------- C:\Program Files\Common Files\ODBC 2007-07-04 01:12 <DIR> d-------- C:\Downloads 2007-07-04 01:11 8,704 --a------ C:\WINDOWS\system32\batt.dll 2007-07-04 01:11 75,776 --a------ C:\WINDOWS\system32\storprop.dll 2007-07-04 01:11 70,144 --a------ C:\WINDOWS\NOTEPAD.EXE 2007-07-04 01:11 70,096 --a------ C:\WINDOWS\system\AVICAP.DLL 2007-07-04 01:11 69,552 --a------ C:\WINDOWS\system\MMSYSTEM.DLL 2007-07-04 01:11 15,360 --a------ C:\WINDOWS\TASKMAN.EXE 2007-07-04 01:11 11,264 --a------ C:\WINDOWS\system32\drivers\irenum.sys 2007-07-04 01:11 <DIR> dr-h----- C:\DOCUME~1\DEFAUL~1\Ustawienia lokalne 2007-07-04 01:11 <DIR> dr-h----- C:\DOCUME~1\DEFAUL~1\Dane aplikacji 2007-07-04 01:11 <DIR> dr-h----- C:\DOCUME~1\ALLUSE~1\Dane aplikacji 2007-07-04 01:11 <DIR> dr------- C:\DOCUME~1\DEFAUL~1\Menu Start 2007-07-04 01:11 <DIR> dr------- C:\DOCUME~1\ALLUSE~1\Menu Start 2007-07-04 01:11 <DIR> dr------- C:\DOCUME~1\ALLUSE~1\Dokumenty 2007-07-04 01:11 <DIR> d--hs---- C:\System Volume Information 2007-07-04 01:11 <DIR> d--h----- C:\DOCUME~1\DEFAUL~1\Szablony (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) 2007-07-07 10:50:35 64,638 ----a-w C:\WINDOWS\system32\perfc015.dat 2007-07-07 10:50:35 382,894 ----a-w C:\WINDOWS\system32\perfh015.dat 2007-07-03 23:12:44 2,560 ----a-w C:\WINDOWS\system32\BitCometRes.dll 2007-07-03 21:20:26 -------- d-----w C:\Program Files\Usługi online 2007-04-25 14:23:30 144,896 ----a-w C:\WINDOWS\system32\schannel.dll 2007-04-18 16:14:32 2,854,400 ----a-w C:\WINDOWS\system32\msi.dll 2007-04-16 20:45:28 92,504 ----a-w C:\WINDOWS\system32\cdm.dll 2007-04-16 20:45:20 43,352 ----a-w C:\WINDOWS\system32\wups2.dll ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) *Note* empty entries & legit default entries are not shown [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}] 2001-03-02 12:02 37808 --------- C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{39F7E362-828A-4B5A-BCAF-5B79BFDFEA60}] 2007-02-08 07:04 158272 --a------ C:\Program Files\BitComet\tools\BitCometBHO_1.1.2.7.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "WooCnxMon"="C:\PROGRA~1\NEOSTR~1\CnxMon.exe" [2003-10-16 18:07] "SpeedTouch USB Diagnostics"="C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" [2004-01-26 11:38] "WOOWATCH"="C:\PROGRA~1\NEOSTR~1\Watch.exe" [2003-10-16 18:07] "WOOTASKBARICON"="C:\PROGRA~1\NEOSTR~1\TaskbarIcon.exe" [2003-10-16 18:07] "DAEMON Tools"="C:\Program Files\DAEMON Tools\daemon.exe" [2005-12-10 16:57] "WinampAgent"="C:\Program Files\Winamp\winampa.exe" [2006-10-25 07:37] "CTHelper"="CTHELPER.EXE" [] "Jet Detection"="C:\Program Files\Creative\SBLive\PROGRAM\ADGJDet.exe" [2001-11-29 01:00] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2006-03-02 14:00] "AQQ"="C:\PROGRA~1\WapSter\AQQ\AQQ.exe" [2007-02-28 14:18] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\WBSrv] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbsrv.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "appinit_dlls"=wbsys.dll ************************************************************************** catchme 0.3.915 W2K/XP/Vista - rootkit detector by Gmer, http://www.gmer.net Rootkit scan 2007-07-07 20:05:18 Windows 5.1.2600 Dodatek Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** Completion time: 2007-07-07 20:05:53 --- E O F ---

**Posty:** 18165 · przez **wojtas** 07 Lip 2007, 20:34

sciagnij gmera:

http://gmer.net/gmer.zip

1. Zakładka Rootkit >>> zaznaczone wszystko oprócz Pokazuj wszystko >>> kliknij Szukaj >>> czekaj cierpliwie aż skończy >>> Kopiuj >>> wklej do posta
2. Zakładka Rootkit >>> zaznaczone tylko Usługi i Pokazuj wszystko >>> kliknij Szukaj >>> czekaj cierpliwie aż skończy >>> Kopiuj >>> wklej do posta

**Posty:** 250 · przez **^Wulf** 07 Lip 2007, 20:47

1.

Kod: Zaznacz wszystko: GMER 1.0.13.12551 - http://www.gmer.net Rootkit scan 2007-07-07 20:20:08 Windows 5.1.2600 Dodatek Service Pack 2 ---- System - GMER 1.0.13 ---- SSDT sptd.sys ZwCreateKey SSDT sptd.sys ZwEnumerateKey SSDT sptd.sys ZwEnumerateValueKey SSDT sptd.sys ZwOpenKey SSDT sptd.sys ZwQueryKey SSDT sptd.sys ZwQueryValueKey SSDT sptd.sys ZwSetValueKey ---- Kernel code sections - GMER 1.0.13 ---- ? C:\WINDOWS\system32\drivers\sptd.sys Proces nie może uzyskać dostępu do pliku, ponieważ jest on używany przez inny proces. ? C:\WINDOWS\System32\Drivers\SPTD0861.SYS Proces nie może uzyskać dostępu do pliku, ponieważ jest on używany przez inny proces. ? C:\WINDOWS\System32\Drivers\dtscsi.sys Proces nie może uzyskać dostępu do pliku, ponieważ jest on używany przez inny proces. ? C:\WINDOWS\system32\Drivers\PROCEXP90.SYS Nie można odnaleźć określonego pliku. ? C:\DOCUME~1\ADMIN~1\USTAWI~1\Temp\catchme.sys Nie można odnaleźć określonego pliku. ---- Kernel IAT/EAT - GMER 1.0.13 ---- IAT pci.sys[ntoskrnl.exe!IoDetachDevice] [F774CDB2] sptd.sys IAT pci.sys[ntoskrnl.exe!IoAttachDeviceToDeviceStack] [F776271E] sptd.sys IAT ftdisk.sys[ntoskrnl.exe!IoGetAttachedDeviceReference] [F774D3B2] sptd.sys IAT ftdisk.sys[ntoskrnl.exe!IoGetDeviceObjectPointer] [F774D2B6] sptd.sys IAT ftdisk.sys[ntoskrnl.exe!IofCallDriver] [F774D482] sptd.sys IAT PartMgr.sys[ntoskrnl.exe!IoAttachDeviceToDeviceStack] [F7762032] sptd.sys IAT PartMgr.sys[ntoskrnl.exe!IoDetachDevice] [F774CF6E] sptd.sys IAT atapi.sys[ntoskrnl.exe!IofCompleteRequest] [F7761C76] sptd.sys IAT atapi.sys[ntoskrnl.exe!IoConnectInterrupt] [F774CE06] sptd.sys IAT atapi.sys[HAL.dll!READ_PORT_UCHAR] [F773FA32] sptd.sys IAT atapi.sys[HAL.dll!READ_PORT_BUFFER_USHORT] [F773FB6E] sptd.sys IAT atapi.sys[HAL.dll!READ_PORT_USHORT] [F773FAF6] sptd.sys IAT atapi.sys[HAL.dll!WRITE_PORT_BUFFER_USHORT] [F77406CC] sptd.sys IAT atapi.sys[HAL.dll!WRITE_PORT_UCHAR] [F77405A2] sptd.sys IAT disk.sys[ntoskrnl.exe!IoAttachDeviceToDeviceStack] [F7762864] sptd.sys IAT \WINDOWS\system32\DRIVERS\CLASSPNP.SYS[ntoskrnl.exe!IoDetachDevice] [F7751F78] sptd.sys IAT \SystemRoot\system32\DRIVERS\USBPORT.SYS[ntoskrnl.exe!IofCompleteRequest] [F7761C76] sptd.sys IAT \SystemRoot\system32\DRIVERS\cdrom.sys[ntoskrnl.exe!IoAttachDeviceToDeviceStack] [F7762864] sptd.sys IAT \SystemRoot\system32\DRIVERS\i8042prt.sys[HAL.dll!READ_PORT_UCHAR] [F7761C82] sptd.sys IAT \SystemRoot\system32\DRIVERS\rdbss.sys[ntoskrnl.exe!IofCallDriver] [F773F020] sptd.sys IAT \SystemRoot\system32\DRIVERS\mrxsmb.sys[ntoskrnl.exe!IofCallDriver] [F773F020] sptd.sys ---- User IAT/EAT - GMER 1.0.13 ---- IAT C:\Program Files\Mozilla Firefox\firefox.exe[888] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [01CB73CC] C:\Program Files\Mozilla Firefox\extensions\talkback@mozilla.org\components\FULLSOFT.DLL IAT C:\Program Files\Mozilla Firefox\firefox.exe[888] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [01CB7376] C:\Program Files\Mozilla Firefox\extensions\talkback@mozilla.org\components\FULLSOFT.DLL IAT C:\Program Files\Mozilla Firefox\firefox.exe[888] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [01CB7376] C:\Program Files\Mozilla Firefox\extensions\talkback@mozilla.org\components\FULLSOFT.DLL IAT C:\Program Files\Mozilla Firefox\firefox.exe[888] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [01CB73CC] C:\Program Files\Mozilla Firefox\extensions\talkback@mozilla.org\components\FULLSOFT.DLL IAT C:\Program Files\Mozilla Firefox\firefox.exe[888] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryA] [01CB7376] C:\Program Files\Mozilla Firefox\extensions\talkback@mozilla.org\components\FULLSOFT.DLL IAT C:\Program Files\Mozilla Firefox\firefox.exe[888] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [01CB73CC] C:\Program Files\Mozilla Firefox\extensions\talkback@mozilla.org\components\FULLSOFT.DLL IAT C:\Program Files\Mozilla Firefox\firefox.exe[888] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [01CB73CC] C:\Program Files\Mozilla Firefox\extensions\talkback@mozilla.org\components\FULLSOFT.DLL IAT C:\Program Files\Mozilla Firefox\firefox.exe[888] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!LoadLibraryA] [01CB7376] C:\Program Files\Mozilla Firefox\extensions\talkback@mozilla.org\components\FULLSOFT.DLL IAT C:\Program Files\Mozilla Firefox\firefox.exe[888] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [01CB7376] C:\Program Files\Mozilla Firefox\extensions\talkback@mozilla.org\components\FULLSOFT.DLL IAT C:\Program Files\Mozilla Firefox\firefox.exe[888] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [01CB73CC] C:\Program Files\Mozilla Firefox\extensions\talkback@mozilla.org\components\FULLSOFT.DLL IAT C:\Program Files\Mozilla Firefox\firefox.exe[888] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [01CB73CC] C:\Program Files\Mozilla Firefox\extensions\talkback@mozilla.org\components\FULLSOFT.DLL IAT C:\Program Files\Mozilla Firefox\firefox.exe[888] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [01CB7376] C:\Program Files\Mozilla Firefox\extensions\talkback@mozilla.org\components\FULLSOFT.DLL IAT C:\Program Files\Mozilla Firefox\firefox.exe[888] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [01CB73CC] C:\Program Files\Mozilla Firefox\extensions\talkback@mozilla.org\components\FULLSOFT.DLL IAT C:\Program Files\Mozilla Firefox\firefox.exe[888] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [01CB7376] C:\Program Files\Mozilla Firefox\extensions\talkback@mozilla.org\components\FULLSOFT.DLL IAT C:\Program Files\Mozilla Firefox\firefox.exe[888] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [01CB73CC] C:\Program Files\Mozilla Firefox\extensions\talkback@mozilla.org\components\FULLSOFT.DLL IAT C:\Program Files\Mozilla Firefox\firefox.exe[888] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [01CB7376] C:\Program Files\Mozilla Firefox\extensions\talkback@mozilla.org\components\FULLSOFT.DLL IAT C:\Program Files\Mozilla Firefox\firefox.exe[888] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [01CB7376] C:\Program Files\Mozilla Firefox\extensions\talkback@mozilla.org\components\FULLSOFT.DLL IAT C:\Program Files\Mozilla Firefox\firefox.exe[888] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [01CB73CC] C:\Program Files\Mozilla Firefox\extensions\talkback@mozilla.org\components\FULLSOFT.DLL IAT C:\Program Files\Mozilla Firefox\firefox.exe[888] @ C:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [01CB73CC] C:\Program Files\Mozilla Firefox\extensions\talkback@mozilla.org\components\FULLSOFT.DLL IAT C:\Program Files\Mozilla Firefox\firefox.exe[888] @ C:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!LoadLibraryA] [01CB7376] C:\Program Files\Mozilla Firefox\extensions\talkback@mozilla.org\components\FULLSOFT.DLL IAT C:\Program Files\Mozilla Firefox\firefox.exe[888] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryA] [01CB7376] C:\Program Files\Mozilla Firefox\extensions\talkback@mozilla.org\components\FULLSOFT.DLL IAT C:\Program Files\Mozilla Firefox\firefox.exe[888] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [01CB73CC] C:\Program Files\Mozilla Firefox\extensions\talkback@mozilla.org\components\FULLSOFT.DLL IAT C:\Program Files\Mozilla Firefox\firefox.exe[888] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [01CB73CC] C:\Program Files\Mozilla Firefox\extensions\talkback@mozilla.org\components\FULLSOFT.DLL IAT C:\Program Files\Mozilla Firefox\firefox.exe[888] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [01CB7376] C:\Program Files\Mozilla Firefox\extensions\talkback@mozilla.org\components\FULLSOFT.DLL IAT C:\Program Files\Mozilla Firefox\firefox.exe[888] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [01CB73CC] C:\Program Files\Mozilla Firefox\extensions\talkback@mozilla.org\components\FULLSOFT.DLL IAT C:\Program Files\Mozilla Firefox\firefox.exe[888] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryA] [01CB7376] C:\Program Files\Mozilla Firefox\extensions\talkback@mozilla.org\components\FULLSOFT.DLL IAT C:\Program Files\Mozilla Firefox\firefox.exe[888] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryA] [01CB7376] C:\Program Files\Mozilla Firefox\extensions\talkback@mozilla.org\components\FULLSOFT.DLL IAT C:\Program Files\Mozilla Firefox\firefox.exe[888] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [01CB73CC] C:\Program Files\Mozilla Firefox\extensions\talkback@mozilla.org\components\FULLSOFT.DLL ---- Devices - GMER 1.0.13 ---- Device \FileSystem\Ntfs \Ntfs IRP_MJ_CREATE 8679DE30 Device \FileSystem\Ntfs \Ntfs IRP_MJ_CLOSE 8679DE30 Device \FileSystem\Ntfs \Ntfs IRP_MJ_READ 8679DE30 Device \FileSystem\Ntfs \Ntfs IRP_MJ_WRITE 8679DE30 Device \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_INFORMATION 8679DE30 Device \FileSystem\Ntfs \Ntfs IRP_MJ_SET_INFORMATION 8679DE30 Device \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_EA 8679DE30 Device \FileSystem\Ntfs \Ntfs IRP_MJ_SET_EA 8679DE30 Device \FileSystem\Ntfs \Ntfs IRP_MJ_FLUSH_BUFFERS 8679DE30 Device \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_VOLUME_INFORMATION 8679DE30 Device \FileSystem\Ntfs \Ntfs IRP_MJ_SET_VOLUME_INFORMATION 8679DE30 Device \FileSystem\Ntfs \Ntfs IRP_MJ_DIRECTORY_CONTROL 8679DE30 Device \FileSystem\Ntfs \Ntfs IRP_MJ_FILE_SYSTEM_CONTROL 8679DE30 Device \FileSystem\Ntfs \Ntfs IRP_MJ_DEVICE_CONTROL 8679DE30 Device \FileSystem\Ntfs \Ntfs IRP_MJ_SHUTDOWN 8679DE30 Device \FileSystem\Ntfs \Ntfs IRP_MJ_LOCK_CONTROL 8679DE30 Device \FileSystem\Ntfs \Ntfs IRP_MJ_CLEANUP 8679DE30 Device \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_SECURITY 8679DE30 Device \FileSystem\Ntfs \Ntfs IRP_MJ_SET_SECURITY 8679DE30 Device \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_QUOTA 8679DE30 Device \FileSystem\Ntfs \Ntfs IRP_MJ_SET_QUOTA 8679DE30 Device \FileSystem\Ntfs \Ntfs IRP_MJ_PNP 8679DE30 Device \Driver\NetBT \Device\NetBT_Tcpip_{C543D952-CE39-4362-8BB2-8CFAE9715B48} IRP_MJ_CREATE 863AB2D0 Device \Driver\NetBT \Device\NetBT_Tcpip_{C543D952-CE39-4362-8BB2-8CFAE9715B48} IRP_MJ_CLOSE 863AB2D0 Device \Driver\NetBT \Device\NetBT_Tcpip_{C543D952-CE39-4362-8BB2-8CFAE9715B48} IRP_MJ_DEVICE_CONTROL 863AB2D0 Device \Driver\NetBT \Device\NetBT_Tcpip_{C543D952-CE39-4362-8BB2-8CFAE9715B48} IRP_MJ_INTERNAL_DEVICE_CONTROL 863AB2D0 Device \Driver\NetBT \Device\NetBT_Tcpip_{C543D952-CE39-4362-8BB2-8CFAE9715B48} IRP_MJ_CLEANUP 863AB2D0 Device \Driver\NetBT \Device\NetBT_Tcpip_{C543D952-CE39-4362-8BB2-8CFAE9715B48} IRP_MJ_PNP 863AB2D0 Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_CREATE 8679E4F0 Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_READ 8679E4F0 Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_WRITE 8679E4F0 Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_FLUSH_BUFFERS 8679E4F0 Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_DEVICE_CONTROL 8679E4F0 Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_INTERNAL_DEVICE_CONTROL 8679E4F0 Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_SHUTDOWN 8679E4F0 Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_CLEANUP 8679E4F0 Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_POWER 8679E4F0 Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_SYSTEM_CONTROL 8679E4F0 Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_PNP 8679E4F0 Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_CREATE 8679E4F0 Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_READ 8679E4F0 Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_WRITE 8679E4F0 Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_FLUSH_BUFFERS 8679E4F0 Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_DEVICE_CONTROL 8679E4F0 Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_INTERNAL_DEVICE_CONTROL 8679E4F0 Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_SHUTDOWN 8679E4F0 Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_CLEANUP 8679E4F0 Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_POWER 8679E4F0 Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_SYSTEM_CONTROL 8679E4F0 Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_PNP 8679E4F0 Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_CREATE 86427EB0 Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_CLOSE 86427EB0 Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_READ 86427EB0 Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_WRITE 86427EB0 Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_FLUSH_BUFFERS 86427EB0 Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_DEVICE_CONTROL 86427EB0 Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_INTERNAL_DEVICE_CONTROL 86427EB0 Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_SHUTDOWN 86427EB0 Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_POWER 86427EB0 Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_SYSTEM_CONTROL 86427EB0 Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_PNP 86427EB0 Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_CREATE 863CB2D0 Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_CREATE_NAMED_PIPE 863CB2D0 Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_CLOSE 863CB2D0 Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_READ 863CB2D0 Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_WRITE 863CB2D0 Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_QUERY_INFORMATION 863CB2D0 Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_SET_INFORMATION 863CB2D0 Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_QUERY_EA 863CB2D0 Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_SET_EA 863CB2D0 Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_FLUSH_BUFFERS 863CB2D0 Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_QUERY_VOLUME_INFORMATION 863CB2D0 Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_SET_VOLUME_INFORMATION 863CB2D0 Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_DIRECTORY_CONTROL 863CB2D0 Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_FILE_SYSTEM_CONTROL 863CB2D0 Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_DEVICE_CONTROL 863CB2D0 Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_INTERNAL_DEVICE_CONTROL 863CB2D0 Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_SHUTDOWN 863CB2D0 Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_LOCK_CONTROL 863CB2D0 Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_CLEANUP 863CB2D0 Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_CREATE_MAILSLOT 863CB2D0 Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_QUERY_SECURITY 863CB2D0 Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_SET_SECURITY 863CB2D0 Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_POWER 863CB2D0 Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_SYSTEM_CONTROL 863CB2D0 Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_DEVICE_CHANGE 863CB2D0 Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_QUERY_QUOTA 863CB2D0 Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_SET_QUOTA 863CB2D0 Device \Driver\Ftdisk \Device\HarddiskVolume3 IRP_MJ_CREATE 8679E4F0 Device \Driver\Ftdisk \Device\HarddiskVolume3 IRP_MJ_READ 8679E4F0 Device \Driver\Ftdisk \Device\HarddiskVolume3 IRP_MJ_WRITE 8679E4F0 Device \Driver\Ftdisk \Device\HarddiskVolume3 IRP_MJ_FLUSH_BUFFERS 8679E4F0 Device \Driver\Ftdisk \Device\HarddiskVolume3 IRP_MJ_DEVICE_CONTROL 8679E4F0 Device \Driver\Ftdisk \Device\HarddiskVolume3 IRP_MJ_INTERNAL_DEVICE_CONTROL 8679E4F0 Device \Driver\Ftdisk \Device\HarddiskVolume3 IRP_MJ_SHUTDOWN 8679E4F0 Device \Driver\Ftdisk \Device\HarddiskVolume3 IRP_MJ_CLEANUP 8679E4F0 Device \Driver\Ftdisk \Device\HarddiskVolume3 IRP_MJ_POWER 8679E4F0 Device \Driver\Ftdisk \Device\HarddiskVolume3 IRP_MJ_SYSTEM_CONTROL 8679E4F0 Device \Driver\Ftdisk \Device\HarddiskVolume3 IRP_MJ_PNP 8679E4F0 Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_CREATE 86427EB0 Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_CLOSE 86427EB0 Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_READ 86427EB0 Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_WRITE 86427EB0 Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_FLUSH_BUFFERS 86427EB0 Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_DEVICE_CONTROL 86427EB0 Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_INTERNAL_DEVICE_CONTROL 86427EB0 Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_SHUTDOWN 86427EB0 Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_POWER 86427EB0 Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_SYSTEM_CONTROL 86427EB0 Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_PNP 86427EB0 Device \Driver\00000093 \Device\0000003d IRP_MJ_POWER [F774AEA8] sptd.sys Device \Driver\00000093 \Device\0000003d IRP_MJ_SYSTEM_CONTROL [F775EA70] sptd.sys Device \Driver\00000093 \Device\0000003d IRP_MJ_PNP [F7757728] sptd.sys Device \Driver\NetBT \Device\NetBt_Wins_Export IRP_MJ_CREATE 863AB2D0 Device \Driver\NetBT \Device\NetBt_Wins_Export IRP_MJ_CLOSE 863AB2D0 Device \Driver\NetBT \Device\NetBt_Wins_Export IRP_MJ_DEVICE_CONTROL 863AB2D0 Device \Driver\NetBT \Device\NetBt_Wins_Export IRP_MJ_INTERNAL_DEVICE_CONTROL 863AB2D0 Device \Driver\NetBT \Device\NetBt_Wins_Export IRP_MJ_CLEANUP 863AB2D0 Device \Driver\NetBT \Device\NetBt_Wins_Export IRP_MJ_PNP 863AB2D0 Device \Driver\NetBT \Device\NetbiosSmb IRP_MJ_CREATE 863AB2D0 Device \Driver\NetBT \Device\NetbiosSmb IRP_MJ_CLOSE 863AB2D0 Device \Driver\NetBT \Device\NetbiosSmb IRP_MJ_DEVICE_CONTROL 863AB2D0 Device \Driver\NetBT \Device\NetbiosSmb IRP_MJ_INTERNAL_DEVICE_CONTROL 863AB2D0 Device \Driver\NetBT \Device\NetbiosSmb IRP_MJ_CLEANUP 863AB2D0 Device \Driver\NetBT \Device\NetbiosSmb IRP_MJ_PNP 863AB2D0 Device \Driver\Disk \Device\Harddisk0\DR0 IRP_MJ_CREATE 8679D0E8 Device \Driver\Disk \Device\Harddisk0\DR0 IRP_MJ_CLOSE 8679D0E8 Device \Driver\Disk \Device\Harddisk0\DR0 IRP_MJ_READ 8679D0E8 Device \Driver\Disk \Device\Harddisk0\DR0 IRP_MJ_WRITE 8679D0E8 Device \Driver\Disk \Device\Harddisk0\DR0 IRP_MJ_FLUSH_BUFFERS 8679D0E8 Device \Driver\Disk \Device\Harddisk0\DR0 IRP_MJ_DEVICE_CONTROL 8679D0E8 Device \Driver\Disk \Device\Harddisk0\DR0 IRP_MJ_INTERNAL_DEVICE_CONTROL 8679D0E8 Device \Driver\Disk \Device\Harddisk0\DR0 IRP_MJ_SHUTDOWN 8679D0E8 Device \Driver\Disk \Device\Harddisk0\DR0 IRP_MJ_POWER 8679D0E8 Device \Driver\Disk \Device\Harddisk0\DR0 IRP_MJ_SYSTEM_CONTROL 8679D0E8 Device \Driver\Disk \Device\Harddisk0\DR0 IRP_MJ_PNP 8679D0E8 Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_CREATE 863EE2D0 Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_CREATE_NAMED_PIPE 863EE2D0 Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_CLOSE 863EE2D0 Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_READ 863EE2D0 Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_WRITE 863EE2D0 Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_QUERY_INFORMATION 863EE2D0 Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_SET_INFORMATION 863EE2D0 Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_QUERY_EA 863EE2D0 Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_SET_EA 863EE2D0 Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_FLUSH_BUFFERS 863EE2D0 Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_QUERY_VOLUME_INFORMATION 863EE2D0 Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_SET_VOLUME_INFORMATION 863EE2D0 Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_DIRECTORY_CONTROL 863EE2D0 Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_FILE_SYSTEM_CONTROL 863EE2D0 Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_DEVICE_CONTROL 863EE2D0 Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_INTERNAL_DEVICE_CONTROL 863EE2D0 Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_SHUTDOWN 863EE2D0 Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_LOCK_CONTROL 863EE2D0 Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_CLEANUP 863EE2D0 Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_CREATE_MAILSLOT 863EE2D0 Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_QUERY_SECURITY 863EE2D0 Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_SET_SECURITY 863EE2D0 Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_POWER 863EE2D0 Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_SYSTEM_CONTROL 863EE2D0 Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_DEVICE_CHANGE 863EE2D0 Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_QUERY_QUOTA 863EE2D0 Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_SET_QUOTA 863EE2D0 Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_PNP 863EE2D0 Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_CREATE 863EE2D0 Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_CREATE_NAMED_PIPE 863EE2D0 Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_CLOSE 863EE2D0 Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_READ 863EE2D0 Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_WRITE 863EE2D0 Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_QUERY_INFORMATION 863EE2D0 Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_SET_INFORMATION 863EE2D0 Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_QUERY_EA 863EE2D0 Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_SET_EA 863EE2D0 Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_FLUSH_BUFFERS 863EE2D0 Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_QUERY_VOLUME_INFORMATION 863EE2D0 Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_SET_VOLUME_INFORMATION 863EE2D0 Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_DIRECTORY_CONTROL 863EE2D0 Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_FILE_SYSTEM_CONTROL 863EE2D0 Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_DEVICE_CONTROL 863EE2D0 Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_INTERNAL_DEVICE_CONTROL 863EE2D0 Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_SHUTDOWN 863EE2D0 Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_LOCK_CONTROL 863EE2D0 Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_CLEANUP 863EE2D0 Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_CREATE_MAILSLOT 863EE2D0 Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_QUERY_SECURITY 863EE2D0 Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_SET_SECURITY 863EE2D0 Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_POWER 863EE2D0 Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_SYSTEM_CONTROL 863EE2D0 Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_DEVICE_CHANGE 863EE2D0 Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_QUERY_QUOTA 863EE2D0 Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_SET_QUOTA 863EE2D0 Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_PNP 863EE2D0 Device \FileSystem\Npfs \Device\NamedPipe IRP_MJ_CREATE 863AC2D0 Device \FileSystem\Npfs \Device\NamedPipe IRP_MJ_CREATE_NAMED_PIPE 863AC2D0 Device \FileSystem\Npfs \Device\NamedPipe IRP_MJ_CLOSE 863AC2D0 Device \FileSystem\Npfs \Device\NamedPipe IRP_MJ_READ 863AC2D0 Device \FileSystem\Npfs \Device\NamedPipe IRP_MJ_WRITE 863AC2D0 Device \FileSystem\Npfs \Device\NamedPipe IRP_MJ_QUERY_INFORMATION 863AC2D0 Device \FileSystem\Npfs \Device\NamedPipe IRP_MJ_SET_INFORMATION 863AC2D0 Device \FileSystem\Npfs \Device\NamedPipe IRP_MJ_FLUSH_BUFFERS 863AC2D0 Device \FileSystem\Npfs \Device\NamedPipe IRP_MJ_QUERY_VOLUME_INFORMATION 863AC2D0 Device \FileSystem\Npfs \Device\NamedPipe IRP_MJ_DIRECTORY_CONTROL 863AC2D0 Device \FileSystem\Npfs \Device\NamedPipe IRP_MJ_FILE_SYSTEM_CONTROL 863AC2D0 Device \FileSystem\Npfs \Device\NamedPipe IRP_MJ_CLEANUP 863AC2D0 Device \FileSystem\Npfs \Device\NamedPipe IRP_MJ_QUERY_SECURITY 863AC2D0 Device \FileSystem\Npfs \Device\NamedPipe IRP_MJ_SET_SECURITY 863AC2D0 Device \Driver\Ftdisk \Device\FtControl IRP_MJ_CREATE 8679E4F0 Device \Driver\Ftdisk \Device\FtControl IRP_MJ_READ 8679E4F0 Device \Driver\Ftdisk \Device\FtControl IRP_MJ_WRITE 8679E4F0 Device \Driver\Ftdisk \Device\FtControl IRP_MJ_FLUSH_BUFFERS 8679E4F0 Device \Driver\Ftdisk \Device\FtControl IRP_MJ_DEVICE_CONTROL 8679E4F0 Device \Driver\Ftdisk \Device\FtControl IRP_MJ_INTERNAL_DEVICE_CONTROL 8679E4F0 Device \Driver\Ftdisk \Device\FtControl IRP_MJ_SHUTDOWN 8679E4F0 Device \Driver\Ftdisk \Device\FtControl IRP_MJ_CLEANUP 8679E4F0 Device \Driver\Ftdisk \Device\FtControl IRP_MJ_POWER 8679E4F0 Device \Driver\Ftdisk \Device\FtControl IRP_MJ_SYSTEM_CONTROL 8679E4F0 Device \Driver\Ftdisk \Device\FtControl IRP_MJ_PNP 8679E4F0 Device \FileSystem\Msfs \Device\Mailslot IRP_MJ_CREATE 864E7840 Device \FileSystem\Msfs \Device\Mailslot IRP_MJ_CLOSE 864E7840 Device \FileSystem\Msfs \Device\Mailslot IRP_MJ_READ 864E7840 Device \FileSystem\Msfs \Device\Mailslot IRP_MJ_WRITE 864E7840 Device \FileSystem\Msfs \Device\Mailslot IRP_MJ_QUERY_INFORMATION 864E7840 Device \FileSystem\Msfs \Device\Mailslot IRP_MJ_SET_INFORMATION 864E7840 Device \FileSystem\Msfs \Device\Mailslot IRP_MJ_QUERY_VOLUME_INFORMATION 864E7840 Device \FileSystem\Msfs \Device\Mailslot IRP_MJ_DIRECTORY_CONTROL 864E7840 Device \FileSystem\Msfs \Device\Mailslot IRP_MJ_FILE_SYSTEM_CONTROL 864E7840 Device \FileSystem\Msfs \Device\Mailslot IRP_MJ_CLEANUP 864E7840 Device \FileSystem\Msfs \Device\Mailslot IRP_MJ_CREATE_MAILSLOT 864E7840 Device \FileSystem\Msfs \Device\Mailslot IRP_MJ_QUERY_SECURITY 864E7840 Device \FileSystem\Msfs \Device\Mailslot IRP_MJ_SET_SECURITY 864E7840 Device \Driver\NetBT \Device\NetBT_Tcpip_{C41272AC-9CCA-4209-8276-406201F516DC} IRP_MJ_CREATE 863AB2D0 Device \Driver\NetBT \Device\NetBT_Tcpip_{C41272AC-9CCA-4209-8276-406201F516DC} IRP_MJ_CLOSE 863AB2D0 Device \Driver\NetBT \Device\NetBT_Tcpip_{C41272AC-9CCA-4209-8276-406201F516DC} IRP_MJ_DEVICE_CONTROL 863AB2D0 Device \Driver\NetBT \Device\NetBT_Tcpip_{C41272AC-9CCA-4209-8276-406201F516DC} IRP_MJ_INTERNAL_DEVICE_CONTROL 863AB2D0 Device \Driver\NetBT \Device\NetBT_Tcpip_{C41272AC-9CCA-4209-8276-406201F516DC} IRP_MJ_CLEANUP 863AB2D0 Device \Driver\NetBT \Device\NetBT_Tcpip_{C41272AC-9CCA-4209-8276-406201F516DC} IRP_MJ_PNP 863AB2D0 Device \Driver\dtscsi \Device\Scsi\dtscsi1Port2Path0Target0Lun0 IRP_MJ_CREATE 863B2268 Device \Driver\dtscsi \Device\Scsi\dtscsi1Port2Path0Target0Lun0 IRP_MJ_CLOSE 863B2268 Device \Driver\dtscsi \Device\Scsi\dtscsi1Port2Path0Target0Lun0 IRP_MJ_DEVICE_CONTROL 863B2268 Device \Driver\dtscsi \Device\Scsi\dtscsi1Port2Path0Target0Lun0 IRP_MJ_INTERNAL_DEVICE_CONTROL 863B2268 Device \Driver\dtscsi \Device\Scsi\dtscsi1Port2Path0Target0Lun0 IRP_MJ_POWER 863B2268 Device \Driver\dtscsi \Device\Scsi\dtscsi1Port2Path0Target0Lun0 IRP_MJ_SYSTEM_CONTROL 863B2268 Device \Driver\dtscsi \Device\Scsi\dtscsi1Port2Path0Target0Lun0 IRP_MJ_PNP 863B2268 Device \Driver\dtscsi \Device\Scsi\dtscsi1 IRP_MJ_CREATE 863B2268 Device \Driver\dtscsi \Device\Scsi\dtscsi1 IRP_MJ_CLOSE 863B2268 Device \Driver\dtscsi \Device\Scsi\dtscsi1 IRP_MJ_DEVICE_CONTROL 863B2268 Device \Driver\dtscsi \Device\Scsi\dtscsi1 IRP_MJ_INTERNAL_DEVICE_CONTROL 863B2268 Device \Driver\dtscsi \Device\Scsi\dtscsi1 IRP_MJ_POWER 863B2268 Device \Driver\dtscsi \Device\Scsi\dtscsi1 IRP_MJ_SYSTEM_CONTROL 863B2268 Device \Driver\dtscsi \Device\Scsi\dtscsi1 IRP_MJ_PNP 863B2268 Device \FileSystem\Cdfs \Cdfs IRP_MJ_CREATE 860230E8 Device \FileSystem\Cdfs \Cdfs IRP_MJ_CLOSE 860230E8 Device \FileSystem\Cdfs \Cdfs IRP_MJ_READ 860230E8 Device \FileSystem\Cdfs \Cdfs IRP_MJ_QUERY_INFORMATION 860230E8 Device \FileSystem\Cdfs \Cdfs IRP_MJ_SET_INFORMATION 860230E8 Device \FileSystem\Cdfs \Cdfs IRP_MJ_QUERY_VOLUME_INFORMATION 860230E8 Device \FileSystem\Cdfs \Cdfs IRP_MJ_DIRECTORY_CONTROL 860230E8 Device \FileSystem\Cdfs \Cdfs IRP_MJ_FILE_SYSTEM_CONTROL 860230E8 Device \FileSystem\Cdfs \Cdfs IRP_MJ_DEVICE_CONTROL 860230E8 Device \FileSystem\Cdfs \Cdfs IRP_MJ_SHUTDOWN 860230E8 Device \FileSystem\Cdfs \Cdfs IRP_MJ_LOCK_CONTROL 860230E8 Device \FileSystem\Cdfs \Cdfs IRP_MJ_CLEANUP 860230E8 Device \FileSystem\Cdfs \Cdfs IRP_MJ_PNP 860230E8 ---- EOF - GMER 1.0.13 ----

**Posty:** 18165 · przez **wojtas** 07 Lip 2007, 20:51

wklej caly 2 logi bo sie nie zmiescil

**Posty:** 250 · przez **^Wulf** 07 Lip 2007, 20:53

Właśnie zauważyłem ;]

2.

Kod: Zaznacz wszystko: GMER 1.0.13.12551 - http://www.gmer.net Rootkit scan 2007-07-07 20:27:33 Windows 5.1.2600 Dodatek Service Pack 2 ---- Services - GMER 1.0.13 ---- Service .NET CLR Data Service .NET CLR Networking Service .NET Data Provider for Oracle Service .NET Data Provider for SqlServer Service .NETFramework Service [DISABLED] Abiosdsk Service [DISABLED] abp480n5 Service C:\WINDOWS\system32\DRIVERS\ACPI.sys [BOOT] ACPI Service [DISABLED] ACPIEC Service [DISABLED] adpu160m Service C:\WINDOWS\system32\drivers\aec.sys [MANUAL] aec Service C:\WINDOWS\System32\drivers\afd.sys [SYSTEM] AFD Service [DISABLED] Aha154x Service [DISABLED] aic78u2 Service [DISABLED] aic78xx Service C:\WINDOWS\system32\DRIVERS\alcan5wn.sys [MANUAL] alcan5wn Service C:\WINDOWS\system32\DRIVERS\alcaudsl.sys [MANUAL] alcaudsl Service C:\WINDOWS\system32\svchost.exe [DISABLED] Alerter Service C:\WINDOWS\System32\alg.exe [MANUAL] ALG Service [DISABLED] AliIde Service C:\WINDOWS\system32\DRIVERS\amdk7.sys [SYSTEM] AmdK7 Service [DISABLED] amsint Service C:\WINDOWS\system32\svchost.exe [MANUAL] AppMgmt Service [DISABLED] asc Service [DISABLED] asc3350p Service [DISABLED] asc3550 Service ASP.NET Service ASP.NET_2.0.50727 Service C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [MANUAL] aspnet_state Service C:\WINDOWS\system32\DRIVERS\asyncmac.sys [MANUAL] AsyncMac Service C:\WINDOWS\system32\DRIVERS\atapi.sys [BOOT] atapi Service [DISABLED] Atdisk Service C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [MANUAL] ati2mtag Service C:\WINDOWS\system32\DRIVERS\atmarpc.sys [MANUAL] Atmarpc Service C:\WINDOWS\System32\svchost.exe [AUTO] AudioSrv Service C:\WINDOWS\system32\DRIVERS\audstub.sys [MANUAL] audstub Service BattC Service [SYSTEM] Beep Service C:\WINDOWS\system32\svchost.exe [MANUAL] BITS Service C:\WINDOWS\system32\svchost.exe [AUTO] Browser Service C:\DOCUME~1\ADMIN~1\USTAWI~1\Temp\catchme.sys [MANUAL] catchme Service [DISABLED] cbidf2k Service [DISABLED] cd20xrnt Service [SYSTEM] Cdaudio Service [DISABLED] Cdfs Service C:\WINDOWS\system32\DRIVERS\cdrom.sys [SYSTEM] Cdrom Service [SYSTEM] Changer Service C:\WINDOWS\system32\cisvc.exe [MANUAL] CiSvc Service C:\WINDOWS\system32\clipsrv.exe [DISABLED] ClipSrv Service [DISABLED] CmdIde Service C:\WINDOWS\system32\dllhost.exe [MANUAL] COMSysApp Service ContentFilter Service ContentIndex Service [DISABLED] Cpqarray Service C:\WINDOWS\system32\CTsvcCDA.exe [AUTO] Creative Service for CDROM Access Service C:\WINDOWS\system32\svchost.exe [AUTO] CryptSvc Service System32\drivers\ctac32k.sys [MANUAL] ctac32k Service C:\WINDOWS\system32\drivers\ctaud2k.sys [MANUAL] ctaud2k Service System32\drivers\ctdvda2k.sys [MANUAL] ctdvda2k Service C:\WINDOWS\system32\DRIVERS\ctljystk.sys [MANUAL] ctljystk Service System32\drivers\ctprxy2k.sys [MANUAL] ctprxy2k Service System32\drivers\ctsfm2k.sys [MANUAL] ctsfm2k Service [DISABLED] dac2w2k Service [DISABLED] dac960nt Service C:\WINDOWS\system32\svchost.exe [AUTO] DcomLaunch Service C:\WINDOWS\system32\svchost.exe [AUTO] Dhcp Service C:\WINDOWS\system32\DRIVERS\disk.sys [BOOT] Disk Service C:\WINDOWS\System32\dmadmin.exe [MANUAL] dmadmin Service C:\WINDOWS\System32\drivers\dmboot.sys [DISABLED] dmboot Service C:\WINDOWS\System32\drivers\dmio.sys [DISABLED] dmio Service C:\WINDOWS\System32\drivers\dmload.sys [DISABLED] dmload Service C:\WINDOWS\System32\svchost.exe [MANUAL] dmserver Service C:\WINDOWS\system32\drivers\DMusic.sys [MANUAL] DMusic Service C:\WINDOWS\system32\svchost.exe [AUTO] Dnscache Service [DISABLED] dpti2o Service C:\WINDOWS\system32\drivers\drmkaud.sys [MANUAL] drmkaud Service C:\WINDOWS\System32\Drivers\dtscsi.sys [MANUAL] dtscsi Service System32\drivers\emupia2k.sys [MANUAL] emupia Service C:\WINDOWS\System32\svchost.exe [AUTO] ERSvc Service C:\WINDOWS\system32\services.exe [AUTO] Eventlog Service C:\WINDOWS\system32\svchost.exe [MANUAL] EventSystem Service [DISABLED] Fastfat Service C:\WINDOWS\System32\svchost.exe [MANUAL] FastUserSwitchingCompatibility Service C:\WINDOWS\system32\DRIVERS\fdc.sys [MANUAL] Fdc Service C:\WINDOWS\system32\DRIVERS\fetnd5.sys [MANUAL] FETNDIS Service [SYSTEM] Fips Service C:\WINDOWS\system32\DRIVERS\flpydisk.sys [MANUAL] Flpydisk Service C:\WINDOWS\system32\DRIVERS\fltMgr.sys [BOOT] FltMgr Service [SYSTEM] Fs_Rec Service C:\WINDOWS\system32\DRIVERS\ftdisk.sys [BOOT] Ftdisk Service C:\WINDOWS\system32\DRIVERS\gameenum.sys [MANUAL] gameenum Service C:\WINDOWS\System32\DRIVERS\gmer.sys [MANUAL] gmer Service C:\WINDOWS\system32\DRIVERS\msgpc.sys [MANUAL] Gpc Service C:\WINDOWS\System32\drivers\ha10kx2k.sys [MANUAL] ha10kx2k Service System32\drivers\hap16v2k.sys [MANUAL] hap16v2k Service C:\WINDOWS\System32\svchost.exe [AUTO] helpsvc Service C:\WINDOWS\System32\svchost.exe [DISABLED] HidServ Service C:\WINDOWS\system32\DRIVERS\hidusb.sys [MANUAL] hidusb Service [DISABLED] hpn Service C:\WINDOWS\System32\Drivers\HTTP.sys [MANUAL] HTTP Service C:\WINDOWS\System32\svchost.exe [MANUAL] HTTPFilter Service [SYSTEM] i2omgmt Service [DISABLED] i2omp Service C:\WINDOWS\system32\DRIVERS\i8042prt.sys [SYSTEM] i8042prt Service C:\WINDOWS\system32\DRIVERS\imapi.sys [SYSTEM] Imapi Service C:\WINDOWS\system32\imapi.exe [MANUAL] ImapiService Service inetaccs Service [DISABLED] ini910u Service Inport Service [DISABLED] IntelIde Service C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys [MANUAL] Ip6Fw Service C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys [MANUAL] IpFilterDriver Service C:\WINDOWS\system32\DRIVERS\ipinip.sys [MANUAL] IpInIp Service C:\WINDOWS\system32\DRIVERS\ipnat.sys [MANUAL] IpNat Service C:\WINDOWS\system32\DRIVERS\ipsec.sys [SYSTEM] IPSec Service C:\WINDOWS\system32\DRIVERS\irenum.sys [MANUAL] IRENUM Service ISAPISearch Service C:\WINDOWS\system32\DRIVERS\isapnp.sys [BOOT] isapnp Service C:\WINDOWS\system32\DRIVERS\kbdclass.sys [SYSTEM] Kbdclass Service C:\WINDOWS\system32\drivers\kmixer.sys [MANUAL] kmixer Service [BOOT] KSecDD Service C:\WINDOWS\system32\svchost.exe [AUTO] lanmanserver Service C:\WINDOWS\system32\svchost.exe [AUTO] lanmanworkstation Service [SYSTEM] lbrtfdc Service ldap Service LicenseService Service C:\WINDOWS\system32\svchost.exe [AUTO] LmHosts Service C:\WINDOWS\system32\svchost.exe [DISABLED] Messenger Service [SYSTEM] mnmdd Service C:\WINDOWS\system32\mnmsrvc.exe [MANUAL] mnmsrvc Service [MANUAL] Modem Service C:\WINDOWS\system32\DRIVERS\mouclass.sys [SYSTEM] Mouclass Service C:\WINDOWS\system32\DRIVERS\mouhid.sys [MANUAL] mouhid Service [BOOT] MountMgr Service [DISABLED] mraid35x Service C:\WINDOWS\system32\DRIVERS\mrxdav.sys [MANUAL] MRxDAV Service C:\WINDOWS\system32\DRIVERS\mrxsmb.sys [SYSTEM] MRxSmb Service C:\WINDOWS\system32\msdtc.exe [MANUAL] MSDTC Service MSDTC Bridge 3.0.0.0 Service [SYSTEM] Msfs Service C:\WINDOWS\system32\msiexec.exe [MANUAL] MSIServer Service C:\WINDOWS\system32\drivers\MSKSSRV.sys [MANUAL] MSKSSRV Service C:\WINDOWS\system32\drivers\MSPCLOCK.sys [MANUAL] MSPCLOCK Service C:\WINDOWS\system32\drivers\MSPQM.sys [MANUAL] MSPQM Service C:\WINDOWS\system32\DRIVERS\mssmbios.sys [MANUAL] mssmbios Service [BOOT] Mup Service [BOOT] NDIS Service C:\WINDOWS\system32\DRIVERS\ndistapi.sys [MANUAL] NdisTapi Service C:\WINDOWS\system32\DRIVERS\ndisuio.sys [MANUAL] Ndisuio Service C:\WINDOWS\system32\DRIVERS\ndiswan.sys [MANUAL] NdisWan Service [MANUAL] NDProxy Service C:\WINDOWS\system32\DRIVERS\netbios.sys [SYSTEM] NetBIOS Service C:\WINDOWS\system32\DRIVERS\netbt.sys [SYSTEM] NetBT Service C:\WINDOWS\system32\netdde.exe [DISABLED] NetDDE Service C:\WINDOWS\system32\netdde.exe [DISABLED] NetDDEdsdm Service C:\WINDOWS\system32\lsass.exe [MANUAL] Netlogon Service C:\WINDOWS\System32\svchost.exe [MANUAL] Netman Service C:\WINDOWS\system32\svchost.exe [MANUAL] Nla Service [SYSTEM] Npfs Service [DISABLED] Ntfs Service C:\WINDOWS\system32\lsass.exe [MANUAL] NtLmSsp Service C:\WINDOWS\system32\svchost.exe [MANUAL] NtmsSvc Service [SYSTEM] Null Service C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys [MANUAL] NwlnkFlt Service C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys [MANUAL] NwlnkFwd Service C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [MANUAL] odserv Service C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [MANUAL] ose Service C:\WINDOWS\system32\drivers\ctoss2k.sys [MANUAL] ossrv Service Outlook Service C:\WINDOWS\system32\DRIVERS\parport.sys [MANUAL] Parport Service [BOOT] PartMgr Service [AUTO] ParVdm Service C:\WINDOWS\system32\DRIVERS\pci.sys [BOOT] PCI Service [SYSTEM] PCIDump Service [DISABLED] PCIIde Service [DISABLED] Pcmcia Service [MANUAL] PDCOMP Service [MANUAL] PDFRAME Service [MANUAL] PDRELI Service [MANUAL] PDRFRAME Service [DISABLED] perc2 Service [DISABLED] perc2hib Service PerfDisk Service PerfNet Service PerfOS Service PerfProc Service C:\WINDOWS\system32\drivers\PfModNT.sys [AUTO] PfModNT Service C:\WINDOWS\system32\services.exe [AUTO] PlugPlay Service C:\WINDOWS\system32\lsass.exe [AUTO] PolicyAgent Service C:\WINDOWS\system32\DRIVERS\raspptp.sys [MANUAL] PptpMiniport Service C:\WINDOWS\system32\lsass.exe [AUTO] ProtectedStorage Service C:\WINDOWS\system32\DRIVERS\psched.sys [MANUAL] PSched Service C:\WINDOWS\system32\DRIVERS\ptilink.sys [MANUAL] Ptilink Service C:\WINDOWS\System32\Drivers\PxHelp20.sys [BOOT] PxHelp20 Service [DISABLED] ql1080 Service [DISABLED] Ql10wnt Service [DISABLED] ql12160 Service [DISABLED] ql1240 Service [DISABLED] ql1280 Service C:\WINDOWS\system32\DRIVERS\rasacd.sys [SYSTEM] RasAcd Service C:\WINDOWS\system32\svchost.exe [MANUAL] RasAuto Service C:\WINDOWS\system32\DRIVERS\rasl2tp.sys [MANUAL] Rasl2tp Service C:\WINDOWS\system32\svchost.exe [MANUAL] RasMan Service C:\WINDOWS\system32\DRIVERS\raspppoe.sys [MANUAL] RasPppoe Service C:\WINDOWS\system32\DRIVERS\raspti.sys [MANUAL] Raspti Service C:\WINDOWS\system32\DRIVERS\rdbss.sys [SYSTEM] Rdbss Service C:\WINDOWS\System32\DRIVERS\RDPCDD.sys [SYSTEM] RDPCDD Service RDPDD Service RDPNP Service [MANUAL] RDPWD Service C:\WINDOWS\system32\sessmgr.exe [MANUAL] RDSessMgr Service C:\WINDOWS\system32\DRIVERS\redbook.sys [SYSTEM] redbook Service C:\WINDOWS\system32\svchost.exe [DISABLED] RemoteAccess Service C:\WINDOWS\system32\locator.exe [MANUAL] RpcLocator Service C:\WINDOWS\system32\svchost.exe [AUTO] RpcSs Service C:\WINDOWS\system32\rsvp.exe [MANUAL] RSVP Service C:\WINDOWS\system32\lsass.exe [AUTO] SamSs Service C:\WINDOWS\System32\SCardSvr.exe [MANUAL] SCardSvr Service C:\WINDOWS\System32\svchost.exe [AUTO] Schedule Service C:\WINDOWS\system32\DRIVERS\secdrv.sys [MANUAL] Secdrv Service C:\WINDOWS\System32\svchost.exe [AUTO] seclogon Service C:\WINDOWS\system32\svchost.exe [AUTO] SENS Service C:\WINDOWS\system32\DRIVERS\serenum.sys [MANUAL] serenum Service C:\WINDOWS\system32\DRIVERS\serial.sys [SYSTEM] Serial Service ServiceModelEndpoint 3.0.0.0 Service ServiceModelOperation 3.0.0.0 Service ServiceModelService 3.0.0.0 Service [SYSTEM] Sfloppy Service C:\WINDOWS\System32\svchost.exe [AUTO] SharedAccess Service C:\WINDOWS\System32\svchost.exe [AUTO] ShellHWDetection Service [DISABLED] Simbad Service SMSvcHost 3.0.0.0 Service [DISABLED] Sparrow Service C:\WINDOWS\system32\drivers\splitter.sys [MANUAL] splitter Service C:\WINDOWS\system32\spoolsv.exe [AUTO] Spooler Service C:\WINDOWS\System32\Drivers\sptd.sys [BOOT] sptd Service C:\WINDOWS\system32\DRIVERS\sr.sys [BOOT] sr Service C:\WINDOWS\system32\svchost.exe [AUTO] srservice Service C:\WINDOWS\system32\DRIVERS\srv.sys [MANUAL] Srv Service C:\WINDOWS\system32\svchost.exe [MANUAL] SSDPSRV Service C:\WINDOWS\system32\svchost.exe [AUTO] stisvc Service C:\WINDOWS\system32\DRIVERS\swenum.sys [MANUAL] swenum Service C:\WINDOWS\system32\drivers\swmidi.sys [MANUAL] swmidi Service C:\WINDOWS\system32\dllhost.exe [MANUAL] SwPrv Service [DISABLED] symc810 Service [DISABLED] symc8xx Service [DISABLED] sym_hi Service [DISABLED] sym_u3 Service C:\WINDOWS\system32\drivers\sysaudio.sys [MANUAL] sysaudio Service C:\WINDOWS\system32\smlogsvc.exe [MANUAL] SysmonLog Service C:\WINDOWS\System32\svchost.exe [MANUAL] TapiSrv Service C:\WINDOWS\system32\DRIVERS\tcpip.sys [SYSTEM] Tcpip Service [MANUAL] TDPIPE Service [MANUAL] TDTCP Service C:\WINDOWS\system32\DRIVERS\termdd.sys [SYSTEM] TermDD Service C:\WINDOWS\System32\svchost.exe [MANUAL] TermService Service C:\WINDOWS\System32\svchost.exe [AUTO] Themes Service [DISABLED] TosIde Service C:\WINDOWS\system32\svchost.exe [AUTO] TrkWks Service TSDDD Service C:\WINDOWS\system32\DRIVERS\uagp35.sys [BOOT] uagp35 Service [DISABLED] Udfs Service [DISABLED] ultra Service C:\WINDOWS\system32\DRIVERS\update.sys [MANUAL] Update Service C:\WINDOWS\system32\svchost.exe [MANUAL] upnphost Service C:\WINDOWS\System32\ups.exe [MANUAL] UPS Service C:\WINDOWS\system32\DRIVERS\usbehci.sys [MANUAL] usbehci Service C:\WINDOWS\system32\DRIVERS\usbhub.sys [MANUAL] usbhub Service C:\WINDOWS\system32\DRIVERS\usbohci.sys [MANUAL] usbohci Service C:\WINDOWS\system32\DRIVERS\usbscan.sys [MANUAL] usbscan Service C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [MANUAL] USBSTOR Service C:\WINDOWS\system32\DRIVERS\usbuhci.sys [MANUAL] usbuhci Service C:\WINDOWS\System32\drivers\vga.sys [SYSTEM] VgaSave Service C:\WINDOWS\system32\DRIVERS\viaide.sys [BOOT] ViaIde Service [BOOT] VolSnap Service C:\WINDOWS\System32\vssvc.exe [MANUAL] VSS Service C:\WINDOWS\System32\svchost.exe [AUTO] W32Time Service W3SVC Service C:\WINDOWS\system32\DRIVERS\wanarp.sys [MANUAL] Wanarp Service [MANUAL] WDICA Service C:\WINDOWS\system32\drivers\wdmaud.sys [MANUAL] wdmaud Service C:\WINDOWS\system32\svchost.exe [AUTO] WebClient Service C:\WINDOWS\system32\svchost.exe [AUTO] winmgmt Service [MANUAL] Winsock Service WinSock2 Service WinTrust Service C:\WINDOWS\system32\MsPMSPSv.exe [AUTO] WMDM PMSP Service Service C:\WINDOWS\System32\svchost.exe [MANUAL] WmdmPmSN Service WmiApRpl Service C:\WINDOWS\system32\wbem\wmiapsrv.exe [MANUAL] WmiApSrv Service [SYSTEM] WS2IFSL Service C:\WINDOWS\System32\svchost.exe [AUTO] wscsvc Service C:\WINDOWS\system32\svchost.exe [AUTO] wuauserv Service C:\WINDOWS\System32\svchost.exe [AUTO] WZCSVC Service C:\WINDOWS\System32\svchost.exe [MANUAL] xmlprov Service {C41272AC-9CCA-4209-8276-406201F516DC} ---- EOF - GMER 1.0.13 ----

**Posty:** 18165 · przez **wojtas** 07 Lip 2007, 21:09

sciagnij: ATF_Cleaner

http://www.atribune.org/ccount/click.php?id=1
zaznacz
Windows Temp
Temporary internet files
i wcisnij EMPTY SELECTED

w logach nic nie masz zlego

Autor postu otrzymał pochwałę

**Posty:** 250 · przez **^Wulf** 07 Lip 2007, 21:13

Ok. To dzięki serdecznie za pomoc.

Temat do zamknięcia

prośba o sprawdzenie

Prośba o sprawdzenie

Kto jest na forum