Worm Bagle, aiuto
Inviato: sab feb 10, 2007 6:25 pmSalve a tutti sono nuovo credo di essere infettato dal worm
Ho letto la vostra guida e ho fatto la scansione
VI prego è urgente
GMER 1.0.12.12027 - http://www.gmer.net
Rootkit scan 2007-02-10 17:23:13
Windows 5.1.2600 Service Pack 2
---- System - GMER 1.0.12 ----
SSDT \??\C:\Documents and Settings\Master\Dati applicazioni\hidires\m_hook.sys ZwCreateFile
SSDT sptd.sys ZwCreateKey
SSDT \??\C:\Documents and Settings\Master\Dati applicazioni\hidires\m_hook.sys ZwEnumerateKey
SSDT \??\C:\Documents and Settings\Master\Dati applicazioni\hidires\m_hook.sys ZwEnumerateValueKey
SSDT sptd.sys ZwOpenKey
SSDT \??\C:\Documents and Settings\Master\Dati applicazioni\hidires\m_hook.sys ZwQueryDirectoryFile
SSDT \??\C:\Documents and Settings\Master\Dati applicazioni\hidires\m_hook.sys ZwQueryKey
SSDT \??\C:\Documents and Settings\Master\Dati applicazioni\hidires\m_hook.sys ZwQuerySystemInformation
SSDT sptd.sys ZwQueryValueKey
SSDT sptd.sys ZwSetValueKey
---- Kernel code sections - GMER 1.0.12 ----
.text USBPORT.SYS!DllUnload F804262C 5 Bytes JMP 82319760
---- User code sections - GMER 1.0.12 ----
.text C:\Programmi\MSN Messenger\msnmsgr.exe[1352] kernel32.dll!LoadResource 7C809FB5 7 Bytes JMP 27001B70 C:\Programmi\Messenger Plus! Live\MsgPlusLive.dll
.text C:\Programmi\MSN Messenger\msnmsgr.exe[1352] kernel32.dll!FindResourceExW 7C80AC88 7 Bytes JMP 27001AE0 C:\Programmi\Messenger Plus! Live\MsgPlusLive.dll
.text C:\Programmi\MSN Messenger\msnmsgr.exe[1352] kernel32.dll!FindResourceW 7C80BBCE 7 Bytes JMP 27001A60 C:\Programmi\Messenger Plus! Live\MsgPlusLive.dll
.text C:\Programmi\MSN Messenger\msnmsgr.exe[1352] kernel32.dll!SizeofResource 7C80BC69 7 Bytes JMP 27001C20 C:\Programmi\Messenger Plus! Live\MsgPlusLive.dll
.text C:\Programmi\MSN Messenger\msnmsgr.exe[1352] kernel32.dll!LockResource 7C80CC97 5 Bytes JMP 27001CD0 C:\Programmi\Messenger Plus! Live\MsgPlusLive.dll
.text C:\Programmi\MSN Messenger\msnmsgr.exe[1352] kernel32.dll!CreateEventA 7C8308AD 5 Bytes JMP 27001840 C:\Programmi\Messenger Plus! Live\MsgPlusLive.dll
.text C:\Programmi\MSN Messenger\msnmsgr.exe[1352] kernel32.dll!SetUnhandledExceptionFilter 7C84479D 5 Bytes JMP 004E12D0 C:\Programmi\MSN Messenger\MsnMsgr.Exe
.text C:\Programmi\MSN Messenger\msnmsgr.exe[1352] ADVAPI32.dll!CryptDeriveKey 77F5A685 7 Bytes JMP 27001000 C:\Programmi\Messenger Plus! Live\MsgPlusLive.dll
.text C:\Programmi\MSN Messenger\msnmsgr.exe[1352] ADVAPI32.dll!CryptDecrypt 77F5A7B1 2 Bytes JMP 27001050 C:\Programmi\Messenger Plus! Live\MsgPlusLive.dll
.text C:\Programmi\MSN Messenger\msnmsgr.exe[1352] ADVAPI32.dll!CryptDecrypt + 3 77F5A7B4 4 Bytes [ 0A, AF, CC, CC ]
.text C:\Programmi\MSN Messenger\msnmsgr.exe[1352] USER32.dll!PeekMessageW 77D1929B 5 Bytes JMP 27003760 C:\Programmi\Messenger Plus! Live\MsgPlusLive.dll
.text C:\Programmi\MSN Messenger\msnmsgr.exe[1352] USER32.dll!CreateWindowExW 77D1FF50 5 Bytes JMP 27003270 C:\Programmi\Messenger Plus! Live\MsgPlusLive.dll
.text C:\Programmi\MSN Messenger\msnmsgr.exe[1352] USER32.dll!SetWindowRgn 77D202DD 7 Bytes JMP 27004AB0 C:\Programmi\Messenger Plus! Live\MsgPlusLive.dll
.text C:\Programmi\MSN Messenger\msnmsgr.exe[1352] USER32.dll!CreateDialogParamW 77D284EE 5 Bytes JMP 27004E30 C:\Programmi\Messenger Plus! Live\MsgPlusLive.dll
.text C:\Programmi\MSN Messenger\msnmsgr.exe[1352] USER32.dll!SetWindowPlacement 77D2DF46 5 Bytes JMP 270049D0 C:\Programmi\Messenger Plus! Live\MsgPlusLive.dll
.text C:\Programmi\MSN Messenger\msnmsgr.exe[1352] USER32.dll!FlashWindow 77D55C5C 5 Bytes JMP 27004B50 C:\Programmi\Messenger Plus! Live\MsgPlusLive.dll
.text C:\Programmi\MSN Messenger\msnmsgr.exe[1352] USER32.dll!MessageBoxIndirectW 77D66093 5 Bytes JMP 27004F90 C:\Programmi\Messenger Plus! Live\MsgPlusLive.dll
.text C:\Programmi\MSN Messenger\msnmsgr.exe[1352] USER32.dll!TrackPopupMenuEx 77D6CB1A 5 Bytes JMP 27003F30 C:\Programmi\Messenger Plus! Live\MsgPlusLive.dll
.text C:\Programmi\MSN Messenger\msnmsgr.exe[1352] WS2_32.dll!send 71A3428A 5 Bytes JMP 270095A0 C:\Programmi\Messenger Plus! Live\MsgPlusLive.dll
.text C:\Programmi\MSN Messenger\msnmsgr.exe[1352] WS2_32.dll!WSARecv 71A34318 5 Bytes JMP 27009390 C:\Programmi\Messenger Plus! Live\MsgPlusLive.dll
.text C:\Programmi\MSN Messenger\msnmsgr.exe[1352] WS2_32.dll!recv 71A3615A 5 Bytes JMP 27009200 C:\Programmi\Messenger Plus! Live\MsgPlusLive.dll
.text C:\Programmi\MSN Messenger\msnmsgr.exe[1352] WS2_32.dll!WSASend 71A36233 5 Bytes JMP 27009720 C:\Programmi\Messenger Plus! Live\MsgPlusLive.dll
.text C:\Programmi\MSN Messenger\msnmsgr.exe[1352] WS2_32.dll!closesocket 71A39639 5 Bytes JMP 27009930 C:\Programmi\Messenger Plus! Live\MsgPlusLive.dll
.text C:\Programmi\MSN Messenger\msnmsgr.exe[1352] SHELL32.dll!Shell_NotifyIconW 7CA31B5A 5 Bytes JMP 27002BA0 C:\Programmi\Messenger Plus! Live\MsgPlusLive.dll
.text C:\Programmi\MSN Messenger\msnmsgr.exe[1352] ole32.dll!CoInitializeEx 774CEF6B 5 Bytes JMP 27001D30 C:\Programmi\Messenger Plus! Live\MsgPlusLive.dll
.text C:\Programmi\MSN Messenger\msnmsgr.exe[1352] ole32.dll!CoRegisterClassObject 774E8720 5 Bytes JMP 27001E30 C:\Programmi\Messenger Plus! Live\MsgPlusLive.dll
.text C:\Programmi\MSN Messenger\msnmsgr.exe[1352] WININET.dll!HttpOpenRequestA 771936AD 5 Bytes JMP 27008180 C:\Programmi\Messenger Plus! Live\MsgPlusLive.dll
.text C:\Programmi\MSN Messenger\msnmsgr.exe[1352] WININET.dll!InternetCloseHandle 77194D6C 5 Bytes JMP 27008460 C:\Programmi\Messenger Plus! Live\MsgPlusLive.dll
.text C:\Programmi\MSN Messenger\msnmsgr.exe[1352] WININET.dll!HttpSendRequestA 77196249 5 Bytes JMP 270083B0 C:\Programmi\Messenger Plus! Live\MsgPlusLive.dll
.text C:\Programmi\MSN Messenger\msnmsgr.exe[1352] WININET.dll!InternetReadFile 771980F4 5 Bytes JMP 270082E0 C:\Programmi\Messenger Plus! Live\MsgPlusLive.dll
---- Devices - GMER 1.0.12 ----
Device \FileSystem\Ntfs \Ntfs IRP_MJ_CREATE 823681E8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_CLOSE 823681E8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_READ 823681E8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_WRITE 823681E8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_INFORMATION 823681E8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_SET_INFORMATION 823681E8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_EA 823681E8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_SET_EA 823681E8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_FLUSH_BUFFERS 823681E8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_VOLUME_INFORMATION 823681E8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_SET_VOLUME_INFORMATION 823681E8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_DIRECTORY_CONTROL 823681E8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_FILE_SYSTEM_CONTROL 823681E8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_DEVICE_CONTROL 823681E8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_SHUTDOWN 823681E8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_LOCK_CONTROL 823681E8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_CLEANUP 823681E8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_SECURITY 823681E8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_SET_SECURITY 823681E8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_QUOTA 823681E8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_SET_QUOTA 823681E8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_PNP 823681E8
Device \Driver\PCI_NTPNP9882 \Device\00000041 IRP_MJ_CREATE [F8468F18] sptd.sys
Device \Driver\PCI_NTPNP9882 \Device\00000041 IRP_MJ_CREATE_NAMED_PIPE [F8468F18] sptd.sys
Device \Driver\PCI_NTPNP9882 \Device\00000041 IRP_MJ_CLOSE [F8468F18] sptd.sys
Device \Driver\PCI_NTPNP9882 \Device\00000041 IRP_MJ_READ [F8468F18] sptd.sys
Device \Driver\PCI_NTPNP9882 \Device\00000041 IRP_MJ_WRITE [F8468F18] sptd.sys
Device \Driver\PCI_NTPNP9882 \Device\00000041 IRP_MJ_QUERY_INFORMATION [F8468F18] sptd.sys
Device \Driver\PCI_NTPNP9882 \Device\00000041 IRP_MJ_SET_INFORMATION [F8468F18] sptd.sys
Device \Driver\PCI_NTPNP9882 \Device\00000041 IRP_MJ_QUERY_EA [F8468F18] sptd.sys
Device \Driver\PCI_NTPNP9882 \Device\00000041 IRP_MJ_SET_EA [F8468F18] sptd.sys
Device \Driver\PCI_NTPNP9882 \Device\00000041 IRP_MJ_FLUSH_BUFFERS [F8468F18] sptd.sys
Device \Driver\PCI_NTPNP9882 \Device\00000041 IRP_MJ_QUERY_VOLUME_INFORMATION [F8468F18] sptd.sys
Device \Driver\PCI_NTPNP9882 \Device\00000041 IRP_MJ_SET_VOLUME_INFORMATION [F8468F18] sptd.sys
Device \Driver\PCI_NTPNP9882 \Device\00000041 IRP_MJ_DIRECTORY_CONTROL [F8468F18] sptd.sys
Device \Driver\PCI_NTPNP9882 \Device\00000041 IRP_MJ_FILE_SYSTEM_CONTROL [F8468F18] sptd.sys
Device \Driver\PCI_NTPNP9882 \Device\00000041 IRP_MJ_DEVICE_CONTROL [F8468F18] sptd.sys
Device \Driver\PCI_NTPNP9882 \Device\00000041 IRP_MJ_INTERNAL_DEVICE_CONTROL [F8468F18] sptd.sys
Device \Driver\PCI_NTPNP9882 \Device\00000041 IRP_MJ_SHUTDOWN [F8468F18] sptd.sys
Device \Driver\PCI_NTPNP9882 \Device\00000041 IRP_MJ_LOCK_CONTROL [F8468F18] sptd.sys
Device \Driver\PCI_NTPNP9882 \Device\00000041 IRP_MJ_CLEANUP [F8468F18] sptd.sys
Device \Driver\PCI_NTPNP9882 \Device\00000041 IRP_MJ_CREATE_MAILSLOT [F8468F18] sptd.sys
Device \Driver\PCI_NTPNP9882 \Device\00000041 IRP_MJ_QUERY_SECURITY [F8468F18] sptd.sys
Device \Driver\PCI_NTPNP9882 \Device\00000041 IRP_MJ_SET_SECURITY [F8468F18] sptd.sys
Device \Driver\PCI_NTPNP9882 \Device\00000041 IRP_MJ_POWER [F844ADB8] sptd.sys
Device \Driver\PCI_NTPNP9882 \Device\00000041 IRP_MJ_SYSTEM_CONTROL [F8465344] sptd.sys
Device \Driver\PCI_NTPNP9882 \Device\00000041 IRP_MJ_DEVICE_CHANGE [F8468F18] sptd.sys
Device \Driver\PCI_NTPNP9882 \Device\00000041 IRP_MJ_QUERY_QUOTA [F8468F18] sptd.sys
Device \Driver\PCI_NTPNP9882 \Device\00000041 IRP_MJ_SET_QUOTA [F8468F18] sptd.sys
Device \Driver\PCI_NTPNP9882 \Device\00000041 IRP_MJ_PNP [F84662D0] sptd.sys
Device \Driver\usbuhci \Device\USBPDO-0 IRP_MJ_CREATE 820E51E8
Device \Driver\usbuhci \Device\USBPDO-0 IRP_MJ_CLOSE 820E51E8
Device \Driver\usbuhci \Device\USBPDO-0 IRP_MJ_DEVICE_CONTROL 820E51E8
Device \Driver\usbuhci \Device\USBPDO-0 IRP_MJ_INTERNAL_DEVICE_CONTROL 820E51E8
Device \Driver\usbuhci \Device\USBPDO-0 IRP_MJ_POWER 820E51E8
Device \Driver\usbuhci \Device\USBPDO-0 IRP_MJ_SYSTEM_CONTROL 820E51E8
Device \Driver\usbuhci \Device\USBPDO-0 IRP_MJ_PNP 820E51E8
Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_CREATE 8236A1E8
Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_CLOSE 8236A1E8
Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_READ 8236A1E8
Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_WRITE 8236A1E8
Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_FLUSH_BUFFERS 8236A1E8
Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_DEVICE_CONTROL 8236A1E8
Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_INTERNAL_DEVICE_CONTROL 8236A1E8
Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_SHUTDOWN 8236A1E8
Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_POWER 8236A1E8
Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_SYSTEM_CONTROL 8236A1E8
Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_PNP 8236A1E8
Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_CREATE 8236A1E8
Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_CLOSE 8236A1E8
Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_READ 8236A1E8
Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_WRITE 8236A1E8
Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_FLUSH_BUFFERS 8236A1E8
Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_DEVICE_CONTROL 8236A1E8
Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_INTERNAL_DEVICE_CONTROL 8236A1E8
Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_SHUTDOWN 8236A1E8
Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_POWER 8236A1E8
Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_SYSTEM_CONTROL 8236A1E8
Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_PNP 8236A1E8
Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_CREATE 8236A1E8
Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_CLOSE 8236A1E8
Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_READ 8236A1E8
Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_WRITE 8236A1E8
Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_FLUSH_BUFFERS 8236A1E8
Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_DEVICE_CONTROL 8236A1E8
Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_INTERNAL_DEVICE_CONTROL 8236A1E8
Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_SHUTDOWN 8236A1E8
Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_POWER 8236A1E8
Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_SYSTEM_CONTROL 8236A1E8
Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_PNP 8236A1E8
Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_CREATE 8236A1E8
Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_CLOSE 8236A1E8
Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_READ 8236A1E8
Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_WRITE 8236A1E8
Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_FLUSH_BUFFERS 8236A1E8
Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_DEVICE_CONTROL 8236A1E8
Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_INTERNAL_DEVICE_CONTROL 8236A1E8
Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_SHUTDOWN 8236A1E8
Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_POWER 8236A1E8
Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_SYSTEM_CONTROL 8236A1E8
Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_PNP 8236A1E8
Device \Driver\usbuhci \Device\USBPDO-1 IRP_MJ_CREATE 820E51E8
Device \Driver\usbuhci \Device\USBPDO-1 IRP_MJ_CLOSE 820E51E8
Device \Driver\usbuhci \Device\USBPDO-1 IRP_MJ_DEVICE_CONTROL 820E51E8
Device \Driver\usbuhci \Device\USBPDO-1 IRP_MJ_INTERNAL_DEVICE_CONTROL 820E51E8
Device \Driver\usbuhci \Device\USBPDO-1 IRP_MJ_POWER 820E51E8
Device \Driver\usbuhci \Device\USBPDO-1 IRP_MJ_SYSTEM_CONTROL 820E51E8
Device \Driver\usbuhci \Device\USBPDO-1 IRP_MJ_PNP 820E51E8
Device \Driver\usbuhci \Device\USBPDO-2 IRP_MJ_CREATE 820E51E8
Device \Driver\usbuhci \Device\USBPDO-2 IRP_MJ_CLOSE 820E51E8
Device \Driver\usbuhci \Device\USBPDO-2 IRP_MJ_DEVICE_CONTROL 820E51E8
Device \Driver\usbuhci \Device\USBPDO-2 IRP_MJ_INTERNAL_DEVICE_CONTROL 820E51E8
Device \Driver\usbuhci \Device\USBPDO-2 IRP_MJ_POWER 820E51E8
Device \Driver\usbuhci \Device\USBPDO-2 IRP_MJ_SYSTEM_CONTROL 820E51E8
Device \Driver\usbuhci \Device\USBPDO-2 IRP_MJ_PNP 820E51E8
Device \Driver\usbuhci \Device\USBPDO-3 IRP_MJ_CREATE 820E51E8
Device \Driver\usbuhci \Device\USBPDO-3 IRP_MJ_CLOSE 820E51E8
Device \Driver\usbuhci \Device\USBPDO-3 IRP_MJ_DEVICE_CONTROL 820E51E8
Device \Driver\usbuhci \Device\USBPDO-3 IRP_MJ_INTERNAL_DEVICE_CONTROL 820E51E8
Device \Driver\usbuhci \Device\USBPDO-3 IRP_MJ_POWER 820E51E8
Device \Driver\usbuhci \Device\USBPDO-3 IRP_MJ_SYSTEM_CONTROL 820E51E8
Device \Driver\usbuhci \Device\USBPDO-3 IRP_MJ_PNP 820E51E8
Device \Driver\usbehci \Device\USBPDO-4 IRP_MJ_CREATE 820E4980
Device \Driver\usbehci \Device\USBPDO-4 IRP_MJ_CLOSE 820E4980
Device \Driver\usbehci \Device\USBPDO-4 IRP_MJ_DEVICE_CONTROL 820E4980
Device \Driver\usbehci \Device\USBPDO-4 IRP_MJ_INTERNAL_DEVICE_CONTROL 820E4980
Device \Driver\usbehci \Device\USBPDO-4 IRP_MJ_POWER 820E4980
Device \Driver\usbehci \Device\USBPDO-4 IRP_MJ_SYSTEM_CONTROL 820E4980
Device \Driver\usbehci \Device\USBPDO-4 IRP_MJ_PNP 820E4980
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_CREATE 823D91E8
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_READ 823D91E8
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_WRITE 823D91E8
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_FLUSH_BUFFERS 823D91E8
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_DEVICE_CONTROL 823D91E8
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_INTERNAL_DEVICE_CONTROL 823D91E8
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_SHUTDOWN 823D91E8
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_CLEANUP 823D91E8
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_POWER 823D91E8
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_SYSTEM_CONTROL 823D91E8
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_PNP 823D91E8
Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_CREATE 823D91E8
Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_READ 823D91E8
Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_WRITE 823D91E8
Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_FLUSH_BUFFERS 823D91E8
Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_DEVICE_CONTROL 823D91E8
Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_INTERNAL_DEVICE_CONTROL 823D91E8
Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_SHUTDOWN 823D91E8
Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_CLEANUP 823D91E8
Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_POWER 823D91E8
Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_SYSTEM_CONTROL 823D91E8
Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_PNP 823D91E8
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_CREATE 820FA1E8
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_CLOSE 820FA1E8
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_READ 820FA1E8
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_WRITE 820FA1E8
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_FLUSH_BUFFERS 820FA1E8
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_DEVICE_CONTROL 820FA1E8
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_INTERNAL_DEVICE_CONTROL 820FA1E8
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_SHUTDOWN 820FA1E8
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_POWER 820FA1E8
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_SYSTEM_CONTROL 820FA1E8
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_PNP 820FA1E8
Device \Driver\atapi \Device\Ide\IdeDeviceP1T1L0-17 IRP_MJ_CREATE 823D81E8
Device \Driver\atapi \Device\Ide\IdeDeviceP1T1L0-17 IRP_MJ_CLOSE 823D81E8
Device \Driver\atapi \Device\Ide\IdeDeviceP1T1L0-17 IRP_MJ_DEVICE_CONTROL 823D81E8
Device \Driver\atapi \Device\Ide\IdeDeviceP1T1L0-17 IRP_MJ_INTERNAL_DEVICE_CONTROL 823D81E8
Device \Driver\atapi \Device\Ide\IdeDeviceP1T1L0-17 IRP_MJ_POWER 823D81E8
Device \Driver\atapi \Device\Ide\IdeDeviceP1T1L0-17 IRP_MJ_SYSTEM_CONTROL 823D81E8
Device \Driver\atapi \Device\Ide\IdeDeviceP1T1L0-17 IRP_MJ_PNP 823D81E8
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_CREATE 823D81E8
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_CLOSE 823D81E8
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_DEVICE_CONTROL 823D81E8
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_INTERNAL_DEVICE_CONTROL 823D81E8
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_POWER 823D81E8
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_SYSTEM_CONTROL 823D81E8
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_PNP 823D81E8
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 IRP_MJ_CREATE 823D81E8
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 IRP_MJ_CLOSE 823D81E8
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 IRP_MJ_DEVICE_CONTROL 823D81E8
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 IRP_MJ_INTERNAL_DEVICE_CONTROL 823D81E8
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 IRP_MJ_POWER 823D81E8
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 IRP_MJ_SYSTEM_CONTROL 823D81E8
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 IRP_MJ_PNP 823D81E8
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_CREATE
Ho letto la vostra guida e ho fatto la scansione
VI prego è urgente
GMER 1.0.12.12027 - http://www.gmer.net
Rootkit scan 2007-02-10 17:23:13
Windows 5.1.2600 Service Pack 2
---- System - GMER 1.0.12 ----
SSDT \??\C:\Documents and Settings\Master\Dati applicazioni\hidires\m_hook.sys ZwCreateFile
SSDT sptd.sys ZwCreateKey
SSDT \??\C:\Documents and Settings\Master\Dati applicazioni\hidires\m_hook.sys ZwEnumerateKey
SSDT \??\C:\Documents and Settings\Master\Dati applicazioni\hidires\m_hook.sys ZwEnumerateValueKey
SSDT sptd.sys ZwOpenKey
SSDT \??\C:\Documents and Settings\Master\Dati applicazioni\hidires\m_hook.sys ZwQueryDirectoryFile
SSDT \??\C:\Documents and Settings\Master\Dati applicazioni\hidires\m_hook.sys ZwQueryKey
SSDT \??\C:\Documents and Settings\Master\Dati applicazioni\hidires\m_hook.sys ZwQuerySystemInformation
SSDT sptd.sys ZwQueryValueKey
SSDT sptd.sys ZwSetValueKey
---- Kernel code sections - GMER 1.0.12 ----
.text USBPORT.SYS!DllUnload F804262C 5 Bytes JMP 82319760
---- User code sections - GMER 1.0.12 ----
.text C:\Programmi\MSN Messenger\msnmsgr.exe[1352] kernel32.dll!LoadResource 7C809FB5 7 Bytes JMP 27001B70 C:\Programmi\Messenger Plus! Live\MsgPlusLive.dll
.text C:\Programmi\MSN Messenger\msnmsgr.exe[1352] kernel32.dll!FindResourceExW 7C80AC88 7 Bytes JMP 27001AE0 C:\Programmi\Messenger Plus! Live\MsgPlusLive.dll
.text C:\Programmi\MSN Messenger\msnmsgr.exe[1352] kernel32.dll!FindResourceW 7C80BBCE 7 Bytes JMP 27001A60 C:\Programmi\Messenger Plus! Live\MsgPlusLive.dll
.text C:\Programmi\MSN Messenger\msnmsgr.exe[1352] kernel32.dll!SizeofResource 7C80BC69 7 Bytes JMP 27001C20 C:\Programmi\Messenger Plus! Live\MsgPlusLive.dll
.text C:\Programmi\MSN Messenger\msnmsgr.exe[1352] kernel32.dll!LockResource 7C80CC97 5 Bytes JMP 27001CD0 C:\Programmi\Messenger Plus! Live\MsgPlusLive.dll
.text C:\Programmi\MSN Messenger\msnmsgr.exe[1352] kernel32.dll!CreateEventA 7C8308AD 5 Bytes JMP 27001840 C:\Programmi\Messenger Plus! Live\MsgPlusLive.dll
.text C:\Programmi\MSN Messenger\msnmsgr.exe[1352] kernel32.dll!SetUnhandledExceptionFilter 7C84479D 5 Bytes JMP 004E12D0 C:\Programmi\MSN Messenger\MsnMsgr.Exe
.text C:\Programmi\MSN Messenger\msnmsgr.exe[1352] ADVAPI32.dll!CryptDeriveKey 77F5A685 7 Bytes JMP 27001000 C:\Programmi\Messenger Plus! Live\MsgPlusLive.dll
.text C:\Programmi\MSN Messenger\msnmsgr.exe[1352] ADVAPI32.dll!CryptDecrypt 77F5A7B1 2 Bytes JMP 27001050 C:\Programmi\Messenger Plus! Live\MsgPlusLive.dll
.text C:\Programmi\MSN Messenger\msnmsgr.exe[1352] ADVAPI32.dll!CryptDecrypt + 3 77F5A7B4 4 Bytes [ 0A, AF, CC, CC ]
.text C:\Programmi\MSN Messenger\msnmsgr.exe[1352] USER32.dll!PeekMessageW 77D1929B 5 Bytes JMP 27003760 C:\Programmi\Messenger Plus! Live\MsgPlusLive.dll
.text C:\Programmi\MSN Messenger\msnmsgr.exe[1352] USER32.dll!CreateWindowExW 77D1FF50 5 Bytes JMP 27003270 C:\Programmi\Messenger Plus! Live\MsgPlusLive.dll
.text C:\Programmi\MSN Messenger\msnmsgr.exe[1352] USER32.dll!SetWindowRgn 77D202DD 7 Bytes JMP 27004AB0 C:\Programmi\Messenger Plus! Live\MsgPlusLive.dll
.text C:\Programmi\MSN Messenger\msnmsgr.exe[1352] USER32.dll!CreateDialogParamW 77D284EE 5 Bytes JMP 27004E30 C:\Programmi\Messenger Plus! Live\MsgPlusLive.dll
.text C:\Programmi\MSN Messenger\msnmsgr.exe[1352] USER32.dll!SetWindowPlacement 77D2DF46 5 Bytes JMP 270049D0 C:\Programmi\Messenger Plus! Live\MsgPlusLive.dll
.text C:\Programmi\MSN Messenger\msnmsgr.exe[1352] USER32.dll!FlashWindow 77D55C5C 5 Bytes JMP 27004B50 C:\Programmi\Messenger Plus! Live\MsgPlusLive.dll
.text C:\Programmi\MSN Messenger\msnmsgr.exe[1352] USER32.dll!MessageBoxIndirectW 77D66093 5 Bytes JMP 27004F90 C:\Programmi\Messenger Plus! Live\MsgPlusLive.dll
.text C:\Programmi\MSN Messenger\msnmsgr.exe[1352] USER32.dll!TrackPopupMenuEx 77D6CB1A 5 Bytes JMP 27003F30 C:\Programmi\Messenger Plus! Live\MsgPlusLive.dll
.text C:\Programmi\MSN Messenger\msnmsgr.exe[1352] WS2_32.dll!send 71A3428A 5 Bytes JMP 270095A0 C:\Programmi\Messenger Plus! Live\MsgPlusLive.dll
.text C:\Programmi\MSN Messenger\msnmsgr.exe[1352] WS2_32.dll!WSARecv 71A34318 5 Bytes JMP 27009390 C:\Programmi\Messenger Plus! Live\MsgPlusLive.dll
.text C:\Programmi\MSN Messenger\msnmsgr.exe[1352] WS2_32.dll!recv 71A3615A 5 Bytes JMP 27009200 C:\Programmi\Messenger Plus! Live\MsgPlusLive.dll
.text C:\Programmi\MSN Messenger\msnmsgr.exe[1352] WS2_32.dll!WSASend 71A36233 5 Bytes JMP 27009720 C:\Programmi\Messenger Plus! Live\MsgPlusLive.dll
.text C:\Programmi\MSN Messenger\msnmsgr.exe[1352] WS2_32.dll!closesocket 71A39639 5 Bytes JMP 27009930 C:\Programmi\Messenger Plus! Live\MsgPlusLive.dll
.text C:\Programmi\MSN Messenger\msnmsgr.exe[1352] SHELL32.dll!Shell_NotifyIconW 7CA31B5A 5 Bytes JMP 27002BA0 C:\Programmi\Messenger Plus! Live\MsgPlusLive.dll
.text C:\Programmi\MSN Messenger\msnmsgr.exe[1352] ole32.dll!CoInitializeEx 774CEF6B 5 Bytes JMP 27001D30 C:\Programmi\Messenger Plus! Live\MsgPlusLive.dll
.text C:\Programmi\MSN Messenger\msnmsgr.exe[1352] ole32.dll!CoRegisterClassObject 774E8720 5 Bytes JMP 27001E30 C:\Programmi\Messenger Plus! Live\MsgPlusLive.dll
.text C:\Programmi\MSN Messenger\msnmsgr.exe[1352] WININET.dll!HttpOpenRequestA 771936AD 5 Bytes JMP 27008180 C:\Programmi\Messenger Plus! Live\MsgPlusLive.dll
.text C:\Programmi\MSN Messenger\msnmsgr.exe[1352] WININET.dll!InternetCloseHandle 77194D6C 5 Bytes JMP 27008460 C:\Programmi\Messenger Plus! Live\MsgPlusLive.dll
.text C:\Programmi\MSN Messenger\msnmsgr.exe[1352] WININET.dll!HttpSendRequestA 77196249 5 Bytes JMP 270083B0 C:\Programmi\Messenger Plus! Live\MsgPlusLive.dll
.text C:\Programmi\MSN Messenger\msnmsgr.exe[1352] WININET.dll!InternetReadFile 771980F4 5 Bytes JMP 270082E0 C:\Programmi\Messenger Plus! Live\MsgPlusLive.dll
---- Devices - GMER 1.0.12 ----
Device \FileSystem\Ntfs \Ntfs IRP_MJ_CREATE 823681E8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_CLOSE 823681E8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_READ 823681E8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_WRITE 823681E8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_INFORMATION 823681E8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_SET_INFORMATION 823681E8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_EA 823681E8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_SET_EA 823681E8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_FLUSH_BUFFERS 823681E8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_VOLUME_INFORMATION 823681E8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_SET_VOLUME_INFORMATION 823681E8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_DIRECTORY_CONTROL 823681E8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_FILE_SYSTEM_CONTROL 823681E8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_DEVICE_CONTROL 823681E8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_SHUTDOWN 823681E8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_LOCK_CONTROL 823681E8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_CLEANUP 823681E8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_SECURITY 823681E8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_SET_SECURITY 823681E8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_QUOTA 823681E8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_SET_QUOTA 823681E8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_PNP 823681E8
Device \Driver\PCI_NTPNP9882 \Device\00000041 IRP_MJ_CREATE [F8468F18] sptd.sys
Device \Driver\PCI_NTPNP9882 \Device\00000041 IRP_MJ_CREATE_NAMED_PIPE [F8468F18] sptd.sys
Device \Driver\PCI_NTPNP9882 \Device\00000041 IRP_MJ_CLOSE [F8468F18] sptd.sys
Device \Driver\PCI_NTPNP9882 \Device\00000041 IRP_MJ_READ [F8468F18] sptd.sys
Device \Driver\PCI_NTPNP9882 \Device\00000041 IRP_MJ_WRITE [F8468F18] sptd.sys
Device \Driver\PCI_NTPNP9882 \Device\00000041 IRP_MJ_QUERY_INFORMATION [F8468F18] sptd.sys
Device \Driver\PCI_NTPNP9882 \Device\00000041 IRP_MJ_SET_INFORMATION [F8468F18] sptd.sys
Device \Driver\PCI_NTPNP9882 \Device\00000041 IRP_MJ_QUERY_EA [F8468F18] sptd.sys
Device \Driver\PCI_NTPNP9882 \Device\00000041 IRP_MJ_SET_EA [F8468F18] sptd.sys
Device \Driver\PCI_NTPNP9882 \Device\00000041 IRP_MJ_FLUSH_BUFFERS [F8468F18] sptd.sys
Device \Driver\PCI_NTPNP9882 \Device\00000041 IRP_MJ_QUERY_VOLUME_INFORMATION [F8468F18] sptd.sys
Device \Driver\PCI_NTPNP9882 \Device\00000041 IRP_MJ_SET_VOLUME_INFORMATION [F8468F18] sptd.sys
Device \Driver\PCI_NTPNP9882 \Device\00000041 IRP_MJ_DIRECTORY_CONTROL [F8468F18] sptd.sys
Device \Driver\PCI_NTPNP9882 \Device\00000041 IRP_MJ_FILE_SYSTEM_CONTROL [F8468F18] sptd.sys
Device \Driver\PCI_NTPNP9882 \Device\00000041 IRP_MJ_DEVICE_CONTROL [F8468F18] sptd.sys
Device \Driver\PCI_NTPNP9882 \Device\00000041 IRP_MJ_INTERNAL_DEVICE_CONTROL [F8468F18] sptd.sys
Device \Driver\PCI_NTPNP9882 \Device\00000041 IRP_MJ_SHUTDOWN [F8468F18] sptd.sys
Device \Driver\PCI_NTPNP9882 \Device\00000041 IRP_MJ_LOCK_CONTROL [F8468F18] sptd.sys
Device \Driver\PCI_NTPNP9882 \Device\00000041 IRP_MJ_CLEANUP [F8468F18] sptd.sys
Device \Driver\PCI_NTPNP9882 \Device\00000041 IRP_MJ_CREATE_MAILSLOT [F8468F18] sptd.sys
Device \Driver\PCI_NTPNP9882 \Device\00000041 IRP_MJ_QUERY_SECURITY [F8468F18] sptd.sys
Device \Driver\PCI_NTPNP9882 \Device\00000041 IRP_MJ_SET_SECURITY [F8468F18] sptd.sys
Device \Driver\PCI_NTPNP9882 \Device\00000041 IRP_MJ_POWER [F844ADB8] sptd.sys
Device \Driver\PCI_NTPNP9882 \Device\00000041 IRP_MJ_SYSTEM_CONTROL [F8465344] sptd.sys
Device \Driver\PCI_NTPNP9882 \Device\00000041 IRP_MJ_DEVICE_CHANGE [F8468F18] sptd.sys
Device \Driver\PCI_NTPNP9882 \Device\00000041 IRP_MJ_QUERY_QUOTA [F8468F18] sptd.sys
Device \Driver\PCI_NTPNP9882 \Device\00000041 IRP_MJ_SET_QUOTA [F8468F18] sptd.sys
Device \Driver\PCI_NTPNP9882 \Device\00000041 IRP_MJ_PNP [F84662D0] sptd.sys
Device \Driver\usbuhci \Device\USBPDO-0 IRP_MJ_CREATE 820E51E8
Device \Driver\usbuhci \Device\USBPDO-0 IRP_MJ_CLOSE 820E51E8
Device \Driver\usbuhci \Device\USBPDO-0 IRP_MJ_DEVICE_CONTROL 820E51E8
Device \Driver\usbuhci \Device\USBPDO-0 IRP_MJ_INTERNAL_DEVICE_CONTROL 820E51E8
Device \Driver\usbuhci \Device\USBPDO-0 IRP_MJ_POWER 820E51E8
Device \Driver\usbuhci \Device\USBPDO-0 IRP_MJ_SYSTEM_CONTROL 820E51E8
Device \Driver\usbuhci \Device\USBPDO-0 IRP_MJ_PNP 820E51E8
Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_CREATE 8236A1E8
Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_CLOSE 8236A1E8
Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_READ 8236A1E8
Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_WRITE 8236A1E8
Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_FLUSH_BUFFERS 8236A1E8
Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_DEVICE_CONTROL 8236A1E8
Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_INTERNAL_DEVICE_CONTROL 8236A1E8
Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_SHUTDOWN 8236A1E8
Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_POWER 8236A1E8
Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_SYSTEM_CONTROL 8236A1E8
Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_PNP 8236A1E8
Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_CREATE 8236A1E8
Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_CLOSE 8236A1E8
Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_READ 8236A1E8
Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_WRITE 8236A1E8
Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_FLUSH_BUFFERS 8236A1E8
Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_DEVICE_CONTROL 8236A1E8
Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_INTERNAL_DEVICE_CONTROL 8236A1E8
Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_SHUTDOWN 8236A1E8
Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_POWER 8236A1E8
Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_SYSTEM_CONTROL 8236A1E8
Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_PNP 8236A1E8
Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_CREATE 8236A1E8
Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_CLOSE 8236A1E8
Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_READ 8236A1E8
Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_WRITE 8236A1E8
Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_FLUSH_BUFFERS 8236A1E8
Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_DEVICE_CONTROL 8236A1E8
Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_INTERNAL_DEVICE_CONTROL 8236A1E8
Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_SHUTDOWN 8236A1E8
Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_POWER 8236A1E8
Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_SYSTEM_CONTROL 8236A1E8
Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_PNP 8236A1E8
Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_CREATE 8236A1E8
Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_CLOSE 8236A1E8
Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_READ 8236A1E8
Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_WRITE 8236A1E8
Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_FLUSH_BUFFERS 8236A1E8
Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_DEVICE_CONTROL 8236A1E8
Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_INTERNAL_DEVICE_CONTROL 8236A1E8
Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_SHUTDOWN 8236A1E8
Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_POWER 8236A1E8
Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_SYSTEM_CONTROL 8236A1E8
Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_PNP 8236A1E8
Device \Driver\usbuhci \Device\USBPDO-1 IRP_MJ_CREATE 820E51E8
Device \Driver\usbuhci \Device\USBPDO-1 IRP_MJ_CLOSE 820E51E8
Device \Driver\usbuhci \Device\USBPDO-1 IRP_MJ_DEVICE_CONTROL 820E51E8
Device \Driver\usbuhci \Device\USBPDO-1 IRP_MJ_INTERNAL_DEVICE_CONTROL 820E51E8
Device \Driver\usbuhci \Device\USBPDO-1 IRP_MJ_POWER 820E51E8
Device \Driver\usbuhci \Device\USBPDO-1 IRP_MJ_SYSTEM_CONTROL 820E51E8
Device \Driver\usbuhci \Device\USBPDO-1 IRP_MJ_PNP 820E51E8
Device \Driver\usbuhci \Device\USBPDO-2 IRP_MJ_CREATE 820E51E8
Device \Driver\usbuhci \Device\USBPDO-2 IRP_MJ_CLOSE 820E51E8
Device \Driver\usbuhci \Device\USBPDO-2 IRP_MJ_DEVICE_CONTROL 820E51E8
Device \Driver\usbuhci \Device\USBPDO-2 IRP_MJ_INTERNAL_DEVICE_CONTROL 820E51E8
Device \Driver\usbuhci \Device\USBPDO-2 IRP_MJ_POWER 820E51E8
Device \Driver\usbuhci \Device\USBPDO-2 IRP_MJ_SYSTEM_CONTROL 820E51E8
Device \Driver\usbuhci \Device\USBPDO-2 IRP_MJ_PNP 820E51E8
Device \Driver\usbuhci \Device\USBPDO-3 IRP_MJ_CREATE 820E51E8
Device \Driver\usbuhci \Device\USBPDO-3 IRP_MJ_CLOSE 820E51E8
Device \Driver\usbuhci \Device\USBPDO-3 IRP_MJ_DEVICE_CONTROL 820E51E8
Device \Driver\usbuhci \Device\USBPDO-3 IRP_MJ_INTERNAL_DEVICE_CONTROL 820E51E8
Device \Driver\usbuhci \Device\USBPDO-3 IRP_MJ_POWER 820E51E8
Device \Driver\usbuhci \Device\USBPDO-3 IRP_MJ_SYSTEM_CONTROL 820E51E8
Device \Driver\usbuhci \Device\USBPDO-3 IRP_MJ_PNP 820E51E8
Device \Driver\usbehci \Device\USBPDO-4 IRP_MJ_CREATE 820E4980
Device \Driver\usbehci \Device\USBPDO-4 IRP_MJ_CLOSE 820E4980
Device \Driver\usbehci \Device\USBPDO-4 IRP_MJ_DEVICE_CONTROL 820E4980
Device \Driver\usbehci \Device\USBPDO-4 IRP_MJ_INTERNAL_DEVICE_CONTROL 820E4980
Device \Driver\usbehci \Device\USBPDO-4 IRP_MJ_POWER 820E4980
Device \Driver\usbehci \Device\USBPDO-4 IRP_MJ_SYSTEM_CONTROL 820E4980
Device \Driver\usbehci \Device\USBPDO-4 IRP_MJ_PNP 820E4980
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_CREATE 823D91E8
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_READ 823D91E8
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_WRITE 823D91E8
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_FLUSH_BUFFERS 823D91E8
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_DEVICE_CONTROL 823D91E8
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_INTERNAL_DEVICE_CONTROL 823D91E8
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_SHUTDOWN 823D91E8
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_CLEANUP 823D91E8
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_POWER 823D91E8
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_SYSTEM_CONTROL 823D91E8
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_PNP 823D91E8
Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_CREATE 823D91E8
Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_READ 823D91E8
Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_WRITE 823D91E8
Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_FLUSH_BUFFERS 823D91E8
Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_DEVICE_CONTROL 823D91E8
Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_INTERNAL_DEVICE_CONTROL 823D91E8
Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_SHUTDOWN 823D91E8
Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_CLEANUP 823D91E8
Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_POWER 823D91E8
Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_SYSTEM_CONTROL 823D91E8
Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_PNP 823D91E8
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_CREATE 820FA1E8
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_CLOSE 820FA1E8
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_READ 820FA1E8
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_WRITE 820FA1E8
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_FLUSH_BUFFERS 820FA1E8
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_DEVICE_CONTROL 820FA1E8
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_INTERNAL_DEVICE_CONTROL 820FA1E8
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_SHUTDOWN 820FA1E8
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_POWER 820FA1E8
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_SYSTEM_CONTROL 820FA1E8
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_PNP 820FA1E8
Device \Driver\atapi \Device\Ide\IdeDeviceP1T1L0-17 IRP_MJ_CREATE 823D81E8
Device \Driver\atapi \Device\Ide\IdeDeviceP1T1L0-17 IRP_MJ_CLOSE 823D81E8
Device \Driver\atapi \Device\Ide\IdeDeviceP1T1L0-17 IRP_MJ_DEVICE_CONTROL 823D81E8
Device \Driver\atapi \Device\Ide\IdeDeviceP1T1L0-17 IRP_MJ_INTERNAL_DEVICE_CONTROL 823D81E8
Device \Driver\atapi \Device\Ide\IdeDeviceP1T1L0-17 IRP_MJ_POWER 823D81E8
Device \Driver\atapi \Device\Ide\IdeDeviceP1T1L0-17 IRP_MJ_SYSTEM_CONTROL 823D81E8
Device \Driver\atapi \Device\Ide\IdeDeviceP1T1L0-17 IRP_MJ_PNP 823D81E8
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_CREATE 823D81E8
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_CLOSE 823D81E8
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_DEVICE_CONTROL 823D81E8
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_INTERNAL_DEVICE_CONTROL 823D81E8
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_POWER 823D81E8
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_SYSTEM_CONTROL 823D81E8
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_PNP 823D81E8
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 IRP_MJ_CREATE 823D81E8
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 IRP_MJ_CLOSE 823D81E8
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 IRP_MJ_DEVICE_CONTROL 823D81E8
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 IRP_MJ_INTERNAL_DEVICE_CONTROL 823D81E8
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 IRP_MJ_POWER 823D81E8
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 IRP_MJ_SYSTEM_CONTROL 823D81E8
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 IRP_MJ_PNP 823D81E8
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_CREATE
![[:)]](http://www.megalab.it/forum/images/smilies/smile.gif "Smile")
![[;)]](http://www.megalab.it/forum/images/smilies/wink.gif "Occhiolino")