Rösta fram årets bästa pepparkakshus!
  1. Dator och IT
  2. IT-säkerhet

Är det något virus?

Svara
2007-01-31, 20:40
  #37
Andy_yngel
Medlem
ok här är den:


"Andreas" - 07-01-31 20:36:43 Service Pack 2
ComboFix 07.01.31 - Running from: "C:\Documents and Settings\Andreas\Skrivbord"

(((((((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))


C:\WINDOWS\system32\SVKP.sys
C:\WINDOWS\system32\drivers\npf.sys


((((((((((((((((((((((((((((((( Files Created from 2006-12-31 to 2007-01-31 ))))))))))))))))))))))))))))))))))


2007-01-31 20:07 <KAT> d-------- C:\WINDOWS\LastGood
2007-01-31 20:07 <KAT> d-------- C:\WINDOWS\BDOSCAN8
2007-01-31 17:02 <KAT> d-------- C:\DOCUME~1\Marcus\Application Data\Skype
2007-01-28 19:05 <KAT> d-------- C:\WINDOWS\system32\Kaspersky Lab
2007-01-25 18:16 <KAT> d-------- C:\Dev-Cpp
2007-01-25 00:03 <KAT> d-------- C:\DOCUME~1\Thomas\.freemind
2007-01-25 00:03 <KAT> d-------- C:\DOCUME~1\ALLUSE~1\Application Data\Adobe
2007-01-22 17:05 33,952 --a------ C:\WINDOWS\system32\drivers\oreans32.sys
2007-01-22 17:05 <KAT> d-------- C:\Program\Mount&Blade
2007-01-19 20:46 <KAT> d---s---- C:\DOCUME~1\ANN-CH~1\UserData
2007-01-19 20:33 <KAT> d-------- C:\Program\FreeMind
2007-01-19 20:33 <KAT> d-------- C:\DOCUME~1\ANN-CH~1\.freemind
2007-01-19 20:29 <KAT> d-------- C:\Program\Photo Story 3 for Windows
2007-01-19 20:26 <KAT> d-------- C:\Program\Audacity1
2007-01-19 20:24 <KAT> d-------- C:\Program\PhotoFiltre
2007-01-17 15:20 61,088 --a------ C:\WINDOWS\system\TX_HTML.DLL
2007-01-17 15:20 57,984 --a------ C:\WINDOWS\system\QPRO200.DLL
2007-01-17 15:20 53,376 --a------ C:\WINDOWS\system\TXTLS16.DLL
2007-01-17 15:20 50,160 --a------ C:\WINDOWS\system\Ic16.dll
2007-01-17 15:20 44,208 --a------ C:\WINDOWS\system\TX_RTF.DLL
2007-01-17 15:20 398,416 --a------ C:\WINDOWS\system\Vbrun300.dll
2007-01-17 15:20 321,488 --a------ C:\WINDOWS\system\TX16.DLL
2007-01-17 15:20 30,608 --a------ C:\WINDOWS\system\WNDTLS16.DLL
2007-01-17 15:20 26,768 --a------ C:\WINDOWS\system\Ctl3d.dll
2007-01-17 15:20 <KAT> d-------- C:\Program\TOLKEN99
2007-01-16 19:24 36,864 --------- C:\WINDOWS\system32\wbsys.dll
2007-01-16 19:24 20,480 --a------ C:\WINDOWS\system32\wbload.dll
2007-01-16 19:24 <KAT> d-------- C:\Program\Stardock
2007-01-15 22:44 <KAT> d-------- C:\DOCUME~1\LOCALS~1\Application Data\Google
2007-01-15 22:43 <KAT> dr------- C:\DOCUME~1\LOCALS~1\Favoriter
2007-01-15 18:53 <KAT> d-------- C:\WINDOWS\Sys
2007-01-14 20:02 <KAT> d-------- C:\Program\Mozilla Thunderbird
2007-01-14 20:02 <KAT> d-------- C:\DOCUME~1\Andreas\Application Data\Thunderbird
2007-01-14 20:02 <KAT> d-------- C:\DOCUME~1\Andreas\Application Data\Talkback
2007-01-12 19:22 <KAT> d-------- C:\Program\HGI
2007-01-12 17:44 <KAT> d-------- C:\DOCUME~1\Andreas\Application Data\Dev-Cpp
2007-01-05 09:45 319,488 -ra------ C:\WINDOWS\system32\MafiaSetup.exe
2007-01-02 10:29 <KAT> d-------- C:\Program\Delade filer\Skype
2007-01-02 10:29 <KAT> d-------- C:\DOCUME~1\Andreas\Application Data\Skype
2007-01-02 10:29 <KAT> d-------- C:\DOCUME~1\ALLUSE~1\Application Data\Skype
2007-01-02 10:28 <KAT> d-------- C:\Program\Skype
2007-01-01 19:47 <KAT> d-------- C:\DOCUME~1\Thomas\Application Data\Souptoys
2006-12-31 09:07 <KAT> d-------- C:\DOCUME~1\ALLUSE~1\Application Data\Spybot - Search & Destroy


(((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))) )))


2007-01-31 20:10 -------- d-------- C:\Program\steam
2007-01-30 17:04 -------- d-------- C:\Program\satellitetvforpc
2007-01-30 17:04 -------- d-------- C:\Program\project64 1.6
2007-01-21 12:15 -------- d-------- C:\Program\msn messenger
2007-01-20 13:42 -------- d-------- C:\Program\game cam v1.4
2007-01-17 15:15 -------- d-------- C:\DOCUME~1\Andreas\Application Data\utorrent
2007-01-16 19:22 -------- d-------- C:\Program\torrent master
2007-01-14 20:02 -------- d-------- C:\DOCUME~1\Andreas\Application Data\mozilla
2007-01-11 17:39 -------- d-------- C:\Program\windows live safety center
2007-01-09 18:23 -------- d-------- C:\Program\fairuse wizard 2
2007-01-05 16:47 -------- d-------- C:\Program\super internet tv
2007-01-05 09:50 -------- d-------- C:\Program\creative
2006-12-31 09:16 -------- d-------- C:\Program\bearshare
2006-12-30 21:43 -------- d---s---- C:\DOCUME~1\Andreas\Application Data\microsoft
2006-12-30 21:41 82380 --a------ C:\WINDOWS\system32\drivers\AFS2K.SYS
2006-12-27 12:33 -------- d-------- C:\Program\utero digital media
2006-12-27 11:54 -------- d--h----- C:\Program\installshield installation information
2006-12-25 20:11 43602 --a------ C:\WINDOWS\system32\xvid-uninstall.exe
2006-12-25 20:11 -------- d-------- C:\Program\avisynth 2.5
2006-12-25 11:06 -------- d-------- C:\Program\pc vga camera
2006-12-25 11:06 -------- d-------- C:\Program\Delade filer\pccamera
2006-12-25 10:50 -------- d-------- C:\Program\backburner 2
2006-12-23 09:40 -------- d-------- C:\DOCUME~1\Andreas\Application Data\adobeum
2006-12-22 19:08 -------- d-------- C:\Program\souptoys
2006-12-17 20:27 -------- d-------- C:\Program\scripts
2006-12-17 20:27 -------- d-------- C:\Program\samurize
2006-12-17 20:27 -------- d-------- C:\Program\plugins
2006-12-17 20:27 -------- d-------- C:\Program\pedevice
2006-12-17 20:27 -------- d-------- C:\Program\icons
2006-12-17 20:27 -------- d-------- C:\Program\bitcomet
2006-12-17 20:27 -------- d-------- C:\Program\audacity
2006-12-17 20:27 -------- d-------- C:\DOCUME~1\Andreas\Application Data\shareaza
2006-12-17 10:06 -------- d-------- C:\Program\skins
2006-12-17 10:06 -------- d-------- C:\Program\lang
2006-12-15 18:15 73216 --a------ C:\WINDOWS\st6unst.exe
2006-12-15 18:15 286720 --------- C:\WINDOWS\setup1.exe
2006-12-14 17:39 -------- d-------- C:\Program\k-litepro
2006-12-10 18:26 -------- d-------- C:\Program\messenger plus! live
2006-12-08 13:50 217088 --a------ C:\WINDOWS\system32\xvidvfw.dll
2006-12-08 13:47 1159168 --a------ C:\WINDOWS\system32\xvidcore.dll
2006-12-07 06:29 2374472 --a------ C:\WINDOWS\system32\wmvcore.dll
2006-12-06 18:31 -------- d-------- C:\Program\xrools
2006-11-24 17:20 43520 --a------ C:\WINDOWS\system32\cmdlineext03.dll
2006-11-08 06:07 679424 --a------ C:\WINDOWS\system32\inetcomm.dll
2006-11-04 14:14 1245696 --a------ C:\WINDOWS\system32\msxml4.dll
2006-11-03 21:42 8464 --a------ C:\WINDOWS\system32\sporder.dll


(((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))

*Note* empty entries & legit default entries are not shown

[HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\run]
"CTFMON.EXE"="C:\\WINDOWS\\system32\\ctfmon.ex e"
"SweetIM"="C:\\Program\\Macrogaming\\SweetIM\\Swee tIM.exe"
"msnmsgr"="~\"C:\\Program\\MSN Messenger\\msnmsgr.exe\" /background"
"Steam"="\"c:\\program\\steam\\steam.exe\" -silent"
"updateMgr"="\"C:\\Program\\Adobe\\Acrobat 7.0\\Reader\\AdobeUpdateManager.exe\" AcRdB7_0_7 -reboot 1"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\run]
"F-Secure Manager"="\"C:\\Program\\Telia\\Telias Sakerhetstjanster\\Common\\FSM32.EXE\" /splash"
"F-Secure TNB"="\"C:\\Program\\Telia\\Telias Sakerhetstjanster\\TNB\\TNBUtil.exe\" /CHECKALL /WAITFORSW"
"F-Secure Startup Wizard"="\"C:\\Program\\Telia\\Telias Sakerhetstjanster\\FSGUI\\FSSW.EXE\" /reboot"
"NvCplDaemon"="RUNDLL32.EXE C:\\WINDOWS\\system32\\NvCpl.dll,NvStartup"
"SsAAD.exe"="C:\\Program\\Sony\\SONICS~1\\SsAAD.ex e"
"KernelFaultCheck"=hex(2):25,73,79,73,74,65,6d,72, 6f,6f,74,25,5c,73,79,73,74,\
65,6d,33,32,5c,64,75,6d,70,72,65,70,20,30,20,2d,6b ,00

[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\shellserviceobjectdelayload]
"UPnPMonitor"="{e57ce738-33e8-4c51-8354-bb4de9d215d1}"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\contro l\securityproviders]
"SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll"


[HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Svchost]
HTTPFilter REG_MULTI_SZ HTTPFilter\0\0
LocalService REG_MULTI_SZ Alerter\0WebClient\0LmHosts\0RemoteRegistry\0upnph ost\0SSDPSRV\0\0
NetworkService REG_MULTI_SZ DnsCache\0\0
DcomLaunch REG_MULTI_SZ DcomLaunch\0TermService\0\0
rpcss REG_MULTI_SZ RpcSs\0\0
imgsvc REG_MULTI_SZ StiSvc\0\0
termsvcs REG_MULTI_SZ TermService\0\0
Usnsvc REG_MULTI_SZ usnsvc\0\0


[HKCU\Software\Microsoft\Windows\CurrentVersion\Exp lorer\MountPoints2\{85f8ef57-d847-11da-a90a-0013d3c2832e}]
Shell\AutoRun\command N:\setupSNK.exe


Contents of the 'Scheduled Tasks' folder
C:\WINDOWS\tasks\FRU Task #Hewlett-Packard#hp psc 2170 series#1167516373.job
C:\WINDOWS\tasks\Scheduled scanning task.job

Completion time: 07-01-31 20:39:43
Citera
2007-01-31, 20:55
  #38
MannenGbg
Medlem
MannenGbgs avatar
inget ont där heller vad jag kunde se

Då provar vi ett sista program som söker efter sk rootkit

Ladda ner GMER från länken under
http://www.majorgeeks.com/GMER_d5198.html

Packa upp det till skrivbordet

Öppna programmet och tryck på "rootkit" knappen
Se till så att alla rutor är i kryssade till höger om skärmen förutom ‘Show All’.
Tryck på "scan".
Efter den är klar så kopiera in resultatet hit.
Citera
2007-01-31, 20:58
  #39
Andy_yngel
Medlem
du får loggen imon, ska gå nu
Citera
2007-02-01, 17:43
  #40
Andy_yngel
Medlem
Rootkit scan 2007-02-01 17:43:03
Windows 5.1.2600 Service Pack 2


---- System - GMER 1.0.12 ----

SSDT sptd.sys ZwCreateKey
SSDT \WINDOWS\System32\drivers\fsndis5.sys ZwCreateProcess
SSDT \WINDOWS\System32\drivers\fsndis5.sys ZwCreateProcessEx
SSDT \WINDOWS\System32\drivers\fsndis5.sys ZwCreateSection
SSDT \WINDOWS\System32\drivers\fsndis5.sys ZwCreateThread
SSDT sptd.sys ZwEnumerateKey
SSDT sptd.sys ZwEnumerateValueKey
SSDT sptd.sys ZwOpenKey
SSDT sptd.sys ZwQueryKey
SSDT sptd.sys ZwQueryValueKey
SSDT sptd.sys ZwSetValueKey
SSDT \WINDOWS\System32\drivers\fsndis5.sys ZwWriteVirtualMemory

Code \WINDOWS\System32\drivers\fsndis5.sys IoCreateDevice

---- Kernel code sections - GMER 1.0.12 ----
Citera
2007-02-01, 17:44
  #41
Andy_yngel
Medlem
.text ntkrnlpa.exe!ZwCallbackReturn + 2C48 8050392C 8 Bytes [ 7C, A6, 92, BA, 10, A7, 92, ... ]
PAGE ntkrnlpa.exe!IoCreateDevice 80574708 5 Bytes JMP BA928FD0 \WINDOWS\System32\drivers\fsndis5.sys
PAGENPNP NDIS.SYS!NdisRegisterProtocol BA51E17D 5 Bytes JMP BA928C49 \WINDOWS\System32\drivers\fsndis5.sys
PAGENPNP NDIS.SYS!NdisOpenAdapter BA51E397 5 Bytes JMP BA928EB4 \WINDOWS\System32\drivers\fsndis5.sys
PAGENPNP NDIS.SYS!NdisCloseAdapter BA52861E 5 Bytes JMP BA928EE4 \WINDOWS\System32\drivers\fsndis5.sys
PAGENPNP NDIS.SYS!NdisDeregisterProtocol BA5287FD 5 Bytes JMP BA928CB0 \WINDOWS\System32\drivers\fsndis5.sys
PAGENDSP NDIS.SYS!NdisReturnPackets BA52B800 5 Bytes JMP BA92D13A \WINDOWS\System32\drivers\fsndis5.sys
PAGENDSP NDIS.SYS!NdisRequest BA52B96B 5 Bytes JMP BA92B578 \WINDOWS\System32\drivers\fsndis5.sys
PAGENDSP NDIS.SYS!NdisSend BA52E977 5 Bytes JMP BA92D3FE \WINDOWS\System32\drivers\fsndis5.sys
PAGENDSP NDIS.SYS!NdisSendPackets BA52E994 5 Bytes JMP BA92D4D0 \WINDOWS\System32\drivers\fsndis5.sys
PAGENDSP NDIS.SYS!NdisTransferData BA52E9AF 5 Bytes JMP BA92D25C \WINDOWS\System32\drivers\fsndis5.sys
.text USBPORT.SYS!DllUnload B8F4362C 5 Bytes JMP 89B656D0

---- User code sections - GMER 1.0.12 ----
Citera
2007-02-01, 17:44
  #42
Andy_yngel
Medlem
.text C:\Program\MSN Messenger\msnmsgr.exe[760] kernel32.dll!LoadResource 7C809FB5 7 Bytes JMP 27001B70 C:\Program\Messenger Plus! Live\MsgPlusLive.dll
.text C:\Program\MSN Messenger\msnmsgr.exe[760] kernel32.dll!FindResourceExW 7C80AC88 7 Bytes JMP 27001AE0 C:\Program\Messenger Plus! Live\MsgPlusLive.dll
.text C:\Program\MSN Messenger\msnmsgr.exe[760] kernel32.dll!FindResourceW 7C80BBCE 7 Bytes JMP 27001A60 C:\Program\Messenger Plus! Live\MsgPlusLive.dll
.text C:\Program\MSN Messenger\msnmsgr.exe[760] kernel32.dll!SizeofResource 7C80BC69 7 Bytes JMP 27001C20 C:\Program\Messenger Plus! Live\MsgPlusLive.dll
.text C:\Program\MSN Messenger\msnmsgr.exe[760] kernel32.dll!LockResource 7C80CC97 5 Bytes JMP 27001CD0 C:\Program\Messenger Plus! Live\MsgPlusLive.dll
.text C:\Program\MSN Messenger\msnmsgr.exe[760] kernel32.dll!CreateEventA 7C8308AD 5 Bytes JMP 27001840 C:\Program\Messenger Plus! Live\MsgPlusLive.dll
.text C:\Program\MSN Messenger\msnmsgr.exe[760] kernel32.dll!SetUnhandledExceptionFilter 7C84479D 5 Bytes JMP 004E12D0 C:\Program\MSN Messenger\msnmsgr.exe
.text C:\Program\MSN Messenger\msnmsgr.exe[760] ADVAPI32.dll!CryptDeriveKey 77DDA685 7 Bytes JMP 27001000 C:\Program\Messenger Plus! Live\MsgPlusLive.dll
.text C:\Program\MSN Messenger\msnmsgr.exe[760] ADVAPI32.dll!CryptDecrypt 77DDA7B1 2 Bytes JMP 27001050 C:\Program\Messenger Plus! Live\MsgPlusLive.dll
.text C:\Program\MSN Messenger\msnmsgr.exe[760] ADVAPI32.dll!CryptDecrypt + 3 77DDA7B4 4 Bytes [ 22, AF, CC, CC ]
.text C:\Program\MSN Messenger\msnmsgr.exe[760] USER32.dll!PeekMessageW 77D3929B 5 Bytes JMP 27003760 C:\Program\Messenger Plus! Live\MsgPlusLive.dll
.text C:\Program\MSN Messenger\msnmsgr.exe[760] USER32.dll!CreateWindowExW 77D3FF50 5 Bytes JMP 27003270 C:\Program\Messenger Plus! Live\MsgPlusLive.dll
.text C:\Program\MSN Messenger\msnmsgr.exe[760] USER32.dll!SetWindowRgn 77D402DD 7 Bytes JMP 27004AB0 C:\Program\Messenger Plus! Live\MsgPlusLive.dll
.text C:\Program\MSN Messenger\msnmsgr.exe[760] USER32.dll!CreateDialogParamW 77D484EE 5 Bytes JMP 27004E30 C:\Program\Messenger Plus! Live\MsgPlusLive.dll
.text C:\Program\MSN Messenger\msnmsgr.exe[760] USER32.dll!SetWindowPlacement 77D4DF46 5 Bytes JMP 270049D0 C:\Program\Messenger Plus! Live\MsgPlusLive.dll
.text C:\Program\MSN Messenger\msnmsgr.exe[760] USER32.dll!FlashWindow 77D75C5C 5 Bytes JMP 27004B50 C:\Program\Messenger Plus! Live\MsgPlusLive.dll
.text C:\Program\MSN Messenger\msnmsgr.exe[760] USER32.dll!MessageBoxIndirectW 77D86093 5 Bytes JMP 27004F90 C:\Program\Messenger Plus! Live\MsgPlusLive.dll
Citera
2007-02-01, 17:45
  #43
Andy_yngel
Medlem
.text C:\Program\MSN Messenger\msnmsgr.exe[760] USER32.dll!TrackPopupMenuEx 77D8CB1A 5 Bytes JMP 27003F30 C:\Program\Messenger Plus! Live\MsgPlusLive.dll
.text C:\Program\MSN Messenger\msnmsgr.exe[760] WS2_32.dll!send 71AA428A 5 Bytes JMP 270095A0 C:\Program\Messenger Plus! Live\MsgPlusLive.dll
.text C:\Program\MSN Messenger\msnmsgr.exe[760] WS2_32.dll!WSARecv 71AA4318 5 Bytes JMP 27009390 C:\Program\Messenger Plus! Live\MsgPlusLive.dll
.text C:\Program\MSN Messenger\msnmsgr.exe[760] WS2_32.dll!recv 71AA615A 5 Bytes JMP 27009200 C:\Program\Messenger Plus! Live\MsgPlusLive.dll
.text C:\Program\MSN Messenger\msnmsgr.exe[760] WS2_32.dll!WSASend 71AA6233 5 Bytes JMP 27009720 C:\Program\Messenger Plus! Live\MsgPlusLive.dll
.text C:\Program\MSN Messenger\msnmsgr.exe[760] WS2_32.dll!closesocket 71AA9639 5 Bytes JMP 27009930 C:\Program\Messenger Plus! Live\MsgPlusLive.dll
.text C:\Program\MSN Messenger\msnmsgr.exe[760] SHELL32.dll!Shell_NotifyIconW 7CA21B5A 5 Bytes JMP 27002BA0 C:\Program\Messenger Plus! Live\MsgPlusLive.dll
.text C:\Program\MSN Messenger\msnmsgr.exe[760] ole32.dll!CoInitializeEx 774EEF6B 5 Bytes JMP 27001D30 C:\Program\Messenger Plus! Live\MsgPlusLive.dll
.text C:\Program\MSN Messenger\msnmsgr.exe[760] ole32.dll!CoRegisterClassObject 77508720 5 Bytes JMP 27001E30 C:\Program\Messenger Plus! Live\MsgPlusLive.dll
.text C:\Program\MSN Messenger\msnmsgr.exe[760] WININET.dll!HttpOpenRequestA 771B2AC9 5 Bytes JMP 27008180 C:\Program\Messenger Plus! Live\MsgPlusLive.dll
.text C:\Program\MSN Messenger\msnmsgr.exe[760] WININET.dll!InternetCloseHandle 771B4D5C 1 Byte [ E9 ]
.text C:\Program\MSN Messenger\msnmsgr.exe[760] WININET.dll!InternetCloseHandle + 2 771B4D5E 3 Bytes [ 36, E5, AF ]
.text C:\Program\MSN Messenger\msnmsgr.exe[760] WININET.dll!HttpSendRequestA 771B61B9 5 Bytes JMP 270083B0 C:\Program\Messenger Plus! Live\MsgPlusLive.dll
.text C:\Program\MSN Messenger\msnmsgr.exe[760] WININET.dll!InternetReadFile 771B80F2 5 Bytes JMP 270082E0 C:\Program\Messenger Plus! Live\MsgPlusLive.dll
Citera
2007-02-01, 17:46
  #44
Andy_yngel
Medlem
---- Devices - GMER 1.0.12 ----

Device \FileSystem\Ntfs \Ntfs IRP_MJ_CREATE 89D541D8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_CLOSE 89D541D8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_READ 89D541D8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_WRITE 89D541D8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_INFORMATION 89D541D8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_SET_INFORMATION 89D541D8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_EA 89D541D8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_SET_EA 89D541D8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_FLUSH_BUFFERS 89D541D8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_VOLUME_INFORMATION 89D541D8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_SET_VOLUME_INFORMATION 89D541D8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_DIRECTORY_CONTROL 89D541D8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_FILE_SYSTEM_CONTROL 89D541D8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_DEVICE_CONTROL 89D541D8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_SHUTDOWN 89D541D8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_LOCK_CONTROL 89D541D8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_CLEANUP 89D541D8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_SECURITY 89D541D8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_SET_SECURITY 89D541D8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_QUOTA 89D541D8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_SET_QUOTA 89D541D8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_PNP 89D541D8
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_CREATE 877971D8
Citera
2007-02-01, 17:47
  #45
Andy_yngel
Medlem
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_CLOSE 877971D8
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_READ 877971D8
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_WRITE 877971D8
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_QUERY_INFORMATION 877971D8
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_SET_INFORMATION 877971D8
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_QUERY_EA 877971D8
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_SET_EA 877971D8
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_FLUSH_BUFFERS 877971D8
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_QUERY_VOLUME_INFORMATION 877971D8
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_SET_VOLUME_INFORMATION 877971D8
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_DIRECTORY_CONTROL 877971D8
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_FILE_SYSTEM_CONTROL 877971D8
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_DEVICE_CONTROL 877971D8
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_SHUTDOWN 877971D8
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_LOCK_CONTROL 877971D8
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_CLEANUP 877971D8
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_PNP 877971D8
Device \Driver\usbstor \Device\0000008e IRP_MJ_CREATE 878401D8
Citera
2007-02-01, 17:47
  #46
Andy_yngel
Medlem
Device \Driver\usbstor \Device\0000008e IRP_MJ_CLOSE 878401D8
Device \Driver\usbstor \Device\0000008e IRP_MJ_READ 878401D8
Device \Driver\usbstor \Device\0000008e IRP_MJ_WRITE 878401D8
Device \Driver\usbstor \Device\0000008e IRP_MJ_DEVICE_CONTROL 878401D8
Device \Driver\usbstor \Device\0000008e IRP_MJ_INTERNAL_DEVICE_CONTROL [BA8E98B4] sfsync02.sys
Device \Driver\usbstor \Device\0000008e IRP_MJ_POWER 878401D8
Device \Driver\usbstor \Device\0000008e IRP_MJ_SYSTEM_CONTROL 878401D8
Device \Driver\usbstor \Device\0000008e IRP_MJ_PNP 878401D8
Device \Driver\usbstor \Device\0000008f IRP_MJ_CREATE 878401D8
Device \Driver\usbstor \Device\0000008f IRP_MJ_CLOSE 878401D8
Device \Driver\usbstor \Device\0000008f IRP_MJ_READ 878401D8
Device \Driver\usbstor \Device\0000008f IRP_MJ_WRITE 878401D8
Device \Driver\usbstor \Device\0000008f IRP_MJ_DEVICE_CONTROL 878401D8
Device \Driver\usbstor \Device\0000008f IRP_MJ_INTERNAL_DEVICE_CONTROL [BA8E98B4] sfsync02.sys
Device \Driver\usbstor \Device\0000008f IRP_MJ_POWER 878401D8
Device \Driver\usbstor \Device\0000008f IRP_MJ_SYSTEM_CONTROL 878401D8
Device \Driver\usbstor \Device\0000008f IRP_MJ_PNP 878401D8
Device \Driver\Tcpip \Device\Ip IRP_MJ_CREATE [BA54A9E8] fsdfw.sys
Device \Driver\Tcpip \Device\Ip IRP_MJ_CREATE_NAMED_PIPE [BA54A9E8] fsdfw.sys
Device \Driver\Tcpip \Device\Ip IRP_MJ_CLOSE [BA54A9E8] fsdfw.sys
Device \Driver\Tcpip \Device\Ip IRP_MJ_READ [BA54A9E8] fsdfw.sys
Citera
2007-02-01, 17:48
  #47
Andy_yngel
Medlem
Device \Driver\Tcpip \Device\Ip IRP_MJ_WRITE [BA54A9E8] fsdfw.sys
Device \Driver\Tcpip \Device\Ip IRP_MJ_QUERY_INFORMATION [BA54A9E8] fsdfw.sys
Device \Driver\Tcpip \Device\Ip IRP_MJ_SET_INFORMATION [BA54A9E8] fsdfw.sys
Device \Driver\Tcpip \Device\Ip IRP_MJ_QUERY_EA [BA54A9E8] fsdfw.sys
Device \Driver\Tcpip \Device\Ip IRP_MJ_SET_EA [BA54A9E8] fsdfw.sys
Device \Driver\Tcpip \Device\Ip IRP_MJ_FLUSH_BUFFERS [BA54A9E8] fsdfw.sys
Device \Driver\Tcpip \Device\Ip IRP_MJ_QUERY_VOLUME_INFORMATION [BA54A9E8] fsdfw.sys
Device \Driver\Tcpip \Device\Ip IRP_MJ_SET_VOLUME_INFORMATION [BA54A9E8] fsdfw.sys
Device \Driver\Tcpip \Device\Ip IRP_MJ_DIRECTORY_CONTROL [BA54A9E8] fsdfw.sys
Device \Driver\Tcpip \Device\Ip IRP_MJ_FILE_SYSTEM_CONTROL [BA54A9E8] fsdfw.sys
Device \Driver\Tcpip \Device\Ip IRP_MJ_DEVICE_CONTROL [BA54A9E8] fsdfw.sys
Device \Driver\Tcpip \Device\Ip IRP_MJ_INTERNAL_DEVICE_CONTROL [BA54A9E8] fsdfw.sys
Device \Driver\Tcpip \Device\Ip IRP_MJ_SHUTDOWN [BA54A9E8] fsdfw.sys
Device \Driver\Tcpip \Device\Ip IRP_MJ_LOCK_CONTROL [BA54A9E8] fsdfw.sys
Device \Driver\Tcpip \Device\Ip IRP_MJ_CLEANUP [BA54A9E8] fsdfw.sys
Device \Driver\Tcpip \Device\Ip IRP_MJ_CREATE_MAILSLOT [BA54A9E8] fsdfw.sys
Device \Driver\Tcpip \Device\Ip IRP_MJ_QUERY_SECURITY [BA54A9E8] fsdfw.sys
Device \Driver\Tcpip \Device\Ip IRP_MJ_SET_SECURITY [BA54A9E8] fsdfw.sys
Device \Driver\Tcpip \Device\Ip IRP_MJ_POWER [BA54A9E8] fsdfw.sys
Device \Driver\Tcpip \Device\Ip IRP_MJ_SYSTEM_CONTROL [BA54A9E8] fsdfw.sys
Device \Driver\Tcpip \Device\Ip IRP_MJ_DEVICE_CHANGE [BA54A9E8] fsdfw.sys
Device \Driver\Tcpip \Device\Ip IRP_MJ_QUERY_QUOTA [BA54A9E8] fsdfw.sys
Device \Driver\Tcpip \Device\Ip IRP_MJ_SET_QUOTA [BA54A9E8] fsdfw.sys
Device \Driver\Tcpip \Device\Ip IRP_MJ_PNP [BA54A9E8] fsdfw.sys
Citera
2007-02-01, 17:48
  #48
Andy_yngel
Medlem
Device \Driver\usbohci \Device\USBPDO-0 IRP_MJ_CREATE 89B6E6A8
Device \Driver\usbohci \Device\USBPDO-0 IRP_MJ_CLOSE 89B6E6A8
Device \Driver\usbohci \Device\USBPDO-0 IRP_MJ_DEVICE_CONTROL 89B6E6A8
Device \Driver\usbohci \Device\USBPDO-0 IRP_MJ_INTERNAL_DEVICE_CONTROL 89B6E6A8
Device \Driver\usbohci \Device\USBPDO-0 IRP_MJ_POWER 89B6E6A8
Device \Driver\usbohci \Device\USBPDO-0 IRP_MJ_SYSTEM_CONTROL 89B6E6A8
Device \Driver\usbohci \Device\USBPDO-0 IRP_MJ_PNP 89B6E6A8
Device \Driver\NetBT \Device\NetBT_Tcpip_{1E472208-5FEE-4709-912F-ED24EDFD081E} IRP_MJ_CREATE 878791D8
Device \Driver\NetBT \Device\NetBT_Tcpip_{1E472208-5FEE-4709-912F-ED24EDFD081E} IRP_MJ_CLOSE 878791D8
Device \Driver\NetBT \Device\NetBT_Tcpip_{1E472208-5FEE-4709-912F-ED24EDFD081E} IRP_MJ_DEVICE_CONTROL 878791D8
Device \Driver\NetBT \Device\NetBT_Tcpip_{1E472208-5FEE-4709-912F-ED24EDFD081E} IRP_MJ_INTERNAL_DEVICE_CONTROL 878791D8
Device \Driver\NetBT \Device\NetBT_Tcpip_{1E472208-5FEE-4709-912F-ED24EDFD081E} IRP_MJ_CLEANUP 878791D8
Device \Driver\NetBT \Device\NetBT_Tcpip_{1E472208-5FEE-4709-912F-ED24EDFD081E} IRP_MJ_PNP 878791D8
Device \Driver\usbehci \Device\USBPDO-1 IRP_MJ_CREATE 89BA58B0
Device \Driver\usbehci \Device\USBPDO-1 IRP_MJ_CLOSE 89BA58B0
Device \Driver\usbehci \Device\USBPDO-1 IRP_MJ_DEVICE_CONTROL 89BA58B0
Device \Driver\usbehci \Device\USBPDO-1 IRP_MJ_INTERNAL_DEVICE_CONTROL 89BA58B0
Device \Driver\usbehci \Device\USBPDO-1 IRP_MJ_POWER 89BA58B0
Device \Driver\usbehci \Device\USBPDO-1 IRP_MJ_SYSTEM_CONTROL 89BA58B0
Device \Driver\usbehci \Device\USBPDO-1 IRP_MJ_PNP 89BA58B0
Device \Driver\00000049 \Device\00000055 IRP_MJ_POWER [BA6DFD74] sptd.sys
Device \Driver\00000049 \Device\00000055 IRP_MJ_SYSTEM_CONTROL [BA6F92A2] sptd.sys
Device \Driver\00000049 \Device\00000055 IRP_MJ_PNP [BA6FA228] sptd.sys
Device \Driver\Tcpip \Device\Tcp IRP_MJ_CREATE [BA54A9E8] fsdfw.sys
Device \Driver\Tcpip \Device\Tcp IRP_MJ_CREATE_NAMED_PIPE [BA54A9E8] fsdfw.sys
Citera
Svara

Skapa ett konto eller logga in för att kommentera

Du måste vara medlem för att kunna kommentera

Skapa ett konto

Det är enkelt att registrera ett nytt konto

Bli medlem

Logga in

Har du redan ett konto? Logga in här

Logga in