Rootkit scan 2007-02-25 16:16:41
Windows 5.1.2600 Service Pack 2
---- System - GMER 1.0.12 ----
SSDT 8411A280 ZwAlertResumeThread
SSDT 8426B7D0 ZwAlertThread
SSDT 84263508 ZwAllocateVirtualMemory
SSDT 8411F0B0 ZwConnectPort
SSDT \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS ZwCreateKey
SSDT 84112858 ZwCreateMutant
SSDT 84207190 ZwCreateThread
SSDT \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS ZwDeleteKey
SSDT \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS ZwDeleteValueKey
SSDT sptd.sys ZwEnumerateKey
SSDT sptd.sys ZwEnumerateValueKey
SSDT 8426B050 ZwFreeVirtualMemory
SSDT 84119BE8 ZwImpersonateAnonymousToken
SSDT 84119D28 ZwImpersonateThread
SSDT 8412DC50 ZwMapViewOfSection
SSDT 83DCE3E8 ZwOpenEvent
SSDT sptd.sys ZwOpenKey
SSDT 841DF160 ZwOpenProcessToken
SSDT 8418D1E8 ZwOpenThreadToken
SSDT sptd.sys ZwQueryKey
SSDT sptd.sys ZwQueryValueKey
SSDT 8426F0B0 ZwResumeThread
SSDT 841881B8 ZwSetContextThread
SSDT 841AD3A0 ZwSetInformationProcess
SSDT 841871F0 ZwSetInformationThread
SSDT \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS ZwSetValueKey
SSDT 84321F38 ZwSuspendProcess
SSDT 84175A00 ZwSuspendThread
SSDT 84248E50 ZwTerminateProcess
SSDT 84272910 ZwTerminateThread
SSDT 841D1008 ZwUnmapViewOfSection
SSDT 8411E130 ZwWriteVirtualMemory
---- Kernel code sections - GMER 1.0.12 ----
.text USBPORT.SYS!DllUnload F6FBA62C 5 Bytes JMP 83F26578
---- User code sections - GMER 1.0.12 ----
.text C:\Programmi\Internet Explorer\iexplore.exe[1356] USER32.dll!DialogBoxParamW 77D2662C 5 Bytes JMP 7E1FF205 C:\WINDOWS\system32\IEFRAME.dll
.text C:\Programmi\Internet Explorer\iexplore.exe[1356] USER32.dll!DialogBoxIndirectParamW 77D32043 5 Bytes JMP 7E38FEBF C:\WINDOWS\system32\IEFRAME.dll
.text C:\Programmi\Internet Explorer\iexplore.exe[1356] USER32.dll!MessageBoxIndirectA 77D3A05A 5 Bytes JMP 7E38FE40 C:\WINDOWS\system32\IEFRAME.dll
.text C:\Programmi\Internet Explorer\iexplore.exe[1356] USER32.dll!DialogBoxParamA 77D3B11C 5 Bytes JMP 7E38FE84 C:\WINDOWS\system32\IEFRAME.dll
.text C:\Programmi\Internet Explorer\iexplore.exe[1356] USER32.dll!MessageBoxExW 77D50538 5 Bytes JMP 7E38FDCC C:\WINDOWS\system32\IEFRAME.dll
.text C:\Programmi\Internet Explorer\iexplore.exe[1356] USER32.dll!MessageBoxExA 77D5055C 5 Bytes JMP 7E38FE06 C:\WINDOWS\system32\IEFRAME.dll
.text C:\Programmi\Internet Explorer\iexplore.exe[1356] USER32.dll!DialogBoxIndirectParamA 77D56CAD 5 Bytes JMP 7E38FEFA C:\WINDOWS\system32\IEFRAME.dll
.text C:\Programmi\Internet Explorer\iexplore.exe[1356] USER32.dll!MessageBoxIndirectW 77D66093 5 Bytes JMP 7E2215DA C:\WINDOWS\system32\IEFRAME.dll
---- Devices - GMER 1.0.12 ----
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_CREATE 843501D8
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_CLOSE 843501D8
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_READ 843501D8
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_WRITE 843501D8
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_QUERY_INFORMATION 843501D8
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_SET_INFORMATION 843501D8
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_QUERY_EA 843501D8
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_SET_EA 843501D8
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_FLUSH_BUFFERS 843501D8
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_QUERY_VOLUME_INFORMATION 843501D8
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_SET_VOLUME_INFORMATION 843501D8
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_DIRECTORY_CONTROL 843501D8
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_FILE_SYSTEM_CONTROL 843501D8
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_DEVICE_CONTROL 843501D8
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_SHUTDOWN 843501D8
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_LOCK_CONTROL 843501D8
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_CLEANUP 843501D8
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_PNP 843501D8
Device \Driver\NetBT \Device\NetBT_Tcpip_{4F0ECFC3-F5EF-4690-9147-E3D53B6BBB2C} IRP_MJ_CREATE 83F4C980
Device \Driver\NetBT \Device\NetBT_Tcpip_{4F0ECFC3-F5EF-4690-9147-E3D53B6BBB2C} IRP_MJ_CLOSE 83F4C980
Device \Driver\NetBT \Device\NetBT_Tcpip_{4F0ECFC3-F5EF-4690-9147-E3D53B6BBB2C} IRP_MJ_DEVICE_CONTROL 83F4C980
Device \Driver\NetBT \Device\NetBT_Tcpip_{4F0ECFC3-F5EF-4690-9147-E3D53B6BBB2C} IRP_MJ_INTERNAL_DEVICE_CONTROL 83F4C980
Device \Driver\NetBT \Device\NetBT_Tcpip_{4F0ECFC3-F5EF-4690-9147-E3D53B6BBB2C} IRP_MJ_CLEANUP 83F4C980
Device \Driver\NetBT \Device\NetBT_Tcpip_{4F0ECFC3-F5EF-4690-9147-E3D53B6BBB2C} IRP_MJ_PNP 83F4C980
Device \Driver\usbohci \Device\USBPDO-0 IRP_MJ_CREATE 83F111D8
Device \Driver\usbohci \Device\USBPDO-0 IRP_MJ_CLOSE 83F111D8
Device \Driver\usbohci \Device\USBPDO-0 IRP_MJ_DEVICE_CONTROL 83F111D8
Device \Driver\usbohci \Device\USBPDO-0 IRP_MJ_INTERNAL_DEVICE_CONTROL 83F111D8
Device \Driver\usbohci \Device\USBPDO-0 IRP_MJ_POWER 83F111D8
Device \Driver\usbohci \Device\USBPDO-0 IRP_MJ_SYSTEM_CONTROL 83F111D8
Device \Driver\usbohci \Device\USBPDO-0 IRP_MJ_PNP 83F111D8
Device \Driver\usbohci \Device\USBPDO-1 IRP_MJ_CREATE 83F111D8
Device \Driver\usbohci \Device\USBPDO-1 IRP_MJ_CLOSE 83F111D8
Device \Driver\usbohci \Device\USBPDO-1 IRP_MJ_DEVICE_CONTROL 83F111D8
Device \Driver\usbohci \Device\USBPDO-1 IRP_MJ_INTERNAL_DEVICE_CONTROL 83F111D8
Device \Driver\usbohci \Device\USBPDO-1 IRP_MJ_POWER 83F111D8
Device \Driver\usbohci \Device\USBPDO-1 IRP_MJ_SYSTEM_CONTROL 83F111D8
Device \Driver\usbohci \Device\USBPDO-1 IRP_MJ_PNP 83F111D8
Device \Driver\usbehci \Device\USBPDO-2 IRP_MJ_CREATE 83EFA1D8
Device \Driver\usbehci \Device\USBPDO-2 IRP_MJ_CLOSE 83EFA1D8
Device \Driver\usbehci \Device\USBPDO-2 IRP_MJ_DEVICE_CONTROL 83EFA1D8
Device \Driver\usbehci \Device\USBPDO-2 IRP_MJ_INTERNAL_DEVICE_CONTROL 83EFA1D8
Device \Driver\usbehci \Device\USBPDO-2 IRP_MJ_POWER 83EFA1D8
Device \Driver\usbehci \Device\USBPDO-2 IRP_MJ_SYSTEM_CONTROL 83EFA1D8
Device \Driver\usbehci \Device\USBPDO-2 IRP_MJ_PNP 83EFA1D8
Device \Driver\prodrv06 \Device\ProDrv06 IRP_MJ_CREATE E1934798
Device \Driver\prodrv06 \Device\ProDrv06 IRP_MJ_CLOSE E1934798
Device \Driver\prodrv06 \Device\ProDrv06 IRP_MJ_DEVICE_CONTROL E1934798
Device \Driver\NetBT \Device\NetBT_Tcpip_{4266D7F8-DADA-45CA-B634-158953ADFA5B} IRP_MJ_CREATE 83F4C980
Device \Driver\NetBT \Device\NetBT_Tcpip_{4266D7F8-DADA-45CA-B634-158953ADFA5B} IRP_MJ_CLOSE 83F4C980
Device \Driver\NetBT \Device\NetBT_Tcpip_{4266D7F8-DADA-45CA-B634-158953ADFA5B} IRP_MJ_DEVICE_CONTROL 83F4C980
Device \Driver\NetBT \Device\NetBT_Tcpip_{4266D7F8-DADA-45CA-B634-158953ADFA5B} IRP_MJ_INTERNAL_DEVICE_CONTROL 83F4C980
Device \Driver\NetBT \Device\NetBT_Tcpip_{4266D7F8-DADA-45CA-B634-158953ADFA5B} IRP_MJ_CLEANUP 83F4C980
Device \Driver\NetBT \Device\NetBT_Tcpip_{4266D7F8-DADA-45CA-B634-158953ADFA5B} IRP_MJ_PNP 83F4C980
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_CREATE 843661D8
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_READ 843661D8
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_WRITE 843661D8
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_FLUSH_BUFFERS 843661D8
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_DEVICE_CONTROL 843661D8
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_INTERNAL_DEVICE_CONTROL 843661D8
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_SHUTDOWN 843661D8
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_CLEANUP 843661D8
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_POWER 843661D8
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_SYSTEM_CONTROL 843661D8
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_PNP 843661D8
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_CREATE 83EEE1D8
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_CLOSE 83EEE1D8
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_READ 83EEE1D8
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_WRITE 83EEE1D8
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_FLUSH_BUFFERS 83EEE1D8
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_DEVICE_CONTROL 83EEE1D8
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_INTERNAL_DEVICE_CONTROL 83EEE1D8
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_SHUTDOWN 83EEE1D8
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_POWER 83EEE1D8
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_SYSTEM_CONTROL 83EEE1D8
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_PNP 83EEE1D8
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_CREATE 843651D8
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_CLOSE 843651D8
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_DEVICE_CONTROL 843651D8
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_INTERNAL_DEVICE_CONTROL [F7A61661] prosync1.sys
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_POWER 843651D8
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_SYSTEM_CONTROL 843651D8
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_PNP 843651D8
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 IRP_MJ_CREATE 843651D8
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 IRP_MJ_CLOSE 843651D8
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 IRP_MJ_DEVICE_CONTROL 843651D8
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 IRP_MJ_INTERNAL_DEVICE_CONTROL [F7A61661] prosync1.sys
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 IRP_MJ_POWER 843651D8
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 IRP_MJ_SYSTEM_CONTROL 843651D8
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 IRP_MJ_PNP 843651D8
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_CREATE 843651D8
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_CLOSE 843651D8
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_DEVICE_CONTROL 843651D8
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_INTERNAL_DEVICE_CONTROL [F7A61661] prosync1.sys
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_POWER 843651D8
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_SYSTEM_CONTROL 843651D8
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_PNP 843651D8
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-e IRP_MJ_CREATE 843651D8
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-e IRP_MJ_CLOSE 843651D8
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-e IRP_MJ_DEVICE_CONTROL 843651D8
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-e IRP_MJ_INTERNAL_DEVICE_CONTROL [F7A61661] prosync1.sys
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-e IRP_MJ_POWER 843651D8
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-e IRP_MJ_SYSTEM_CONTROL 843651D8
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-e IRP_MJ_PNP 843651D8
Device \Driver\prohlp02 \Device\ProHlp02 IRP_MJ_CREATE E15F29C8
Device \Driver\prohlp02 \Device\ProHlp02 IRP_MJ_CLOSE E15F29C8
Device \Driver\prohlp02 \Device\ProHlp02 IRP_MJ_DEVICE_CONTROL E15F29C8
Device \Driver\NetBT \Device\NetBt_Wins_Export IRP_MJ_CREATE 83F4C980
Device \Driver\NetBT \Device\NetBt_Wins_Export IRP_MJ_CLOSE 83F4C980
Device \Driver\NetBT \Device\NetBt_Wins_Export IRP_MJ_DEVICE_CONTROL 83F4C980
Device \Driver\NetBT \Device\NetBt_Wins_Export IRP_MJ_INTERNAL_DEVICE_CONTROL 83F4C980
Device \Driver\NetBT \Device\NetBt_Wins_Export IRP_MJ_CLEANUP 83F4C980
Device \Driver\NetBT \Device\NetBt_Wins_Export IRP_MJ_PNP 83F4C980
Device \Driver\NetBT \Device\NetbiosSmb IRP_MJ_CREATE 83F4C980
Device \Driver\NetBT \Device\NetbiosSmb IRP_MJ_CLOSE 83F4C980
Device \Driver\NetBT \Device\NetbiosSmb IRP_MJ_DEVICE_CONTROL 83F4C980
Device \Driver\NetBT \Device\NetbiosSmb IRP_MJ_INTERNAL_DEVICE_CONTROL 83F4C980
Device \Driver\NetBT \Device\NetbiosSmb IRP_MJ_CLEANUP 83F4C980
Device \Driver\NetBT \Device\NetbiosSmb IRP_MJ_PNP 83F4C980
Device \Driver\NetBT \Device\NetBT_Tcpip_{E1545AE8-77C9-4370-9751-42B98019DDE6} IRP_MJ_CREATE 83F4C980
Device \Driver\NetBT \Device\NetBT_Tcpip_{E1545AE8-77C9-4370-9751-42B98019DDE6} IRP_MJ_CLOSE 83F4C980
Device \Driver\NetBT \Device\NetBT_Tcpip_{E1545AE8-77C9-4370-9751-42B98019DDE6} IRP_MJ_DEVICE_CONTROL 83F4C980
Device \Driver\NetBT \Device\NetBT_Tcpip_{E1545AE8-77C9-4370-9751-42B98019DDE6} IRP_MJ_INTERNAL_DEVICE_CONTROL 83F4C980
Device \Driver\NetBT \Device\NetBT_Tcpip_{E1545AE8-77C9-4370-9751-42B98019DDE6} IRP_MJ_CLEANUP 83F4C980
Device \Driver\NetBT \Device\NetBT_Tcpip_{E1545AE8-77C9-4370-9751-42B98019DDE6} IRP_MJ_PNP 83F4C980
Device \Driver\usbohci \Device\USBFDO-0 IRP_MJ_CREATE 83F111D8
Device \Driver\usbohci \Device\USBFDO-0 IRP_MJ_CLOSE 83F111D8
Device \Driver\usbohci \Device\USBFDO-0 IRP_MJ_DEVICE_CONTROL 83F111D8
Device \Driver\usbohci \Device\USBFDO-0 IRP_MJ_INTERNAL_DEVICE_CONTROL 83F111D8
Device \Driver\usbohci \Device\USBFDO-0 IRP_MJ_POWER 83F111D8
Device \Driver\usbohci \Device\USBFDO-0 IRP_MJ_SYSTEM_CONTROL 83F111D8
Device \Driver\usbohci \Device\USBFDO-0 IRP_MJ_PNP 83F111D8
Device \Driver\usbohci \Device\USBFDO-1 IRP_MJ_CREATE 83F111D8
Device \Driver\usbohci \Device\USBFDO-1 IRP_MJ_CLOSE 83F111D8
Device \Driver\usbohci \Device\USBFDO-1 IRP_MJ_DEVICE_CONTROL 83F111D8
Device \Driver\usbohci \Device\USBFDO-1 IRP_MJ_INTERNAL_DEVICE_CONTROL 83F111D8
Device \Driver\usbohci \Device\USBFDO-1 IRP_MJ_POWER 83F111D8
Device \Driver\usbohci \Device\USBFDO-1 IRP_MJ_SYSTEM_CONTROL 83F111D8
Device \Driver\usbohci \Device\USBFDO-1 IRP_MJ_PNP 83F111D8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_CREATE 83F581D8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_CREATE_NAMED_PIPE 83F581D8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_CLOSE 83F581D8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_READ 83F581D8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_WRITE 83F581D8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_QUERY_INFORMATION 83F581D8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_SET_INFORMATION 83F581D8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_QUERY_EA 83F581D8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_SET_EA 83F581D8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_FLUSH_BUFFERS 83F581D8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_QUERY_VOLUME_INFORMATION 83F581D8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_SET_VOLUME_INFORMATION 83F581D8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_DIRECTORY_CONTROL 83F581D8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_FILE_SYSTEM_CONTROL 83F581D8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_DEVICE_CONTROL 83F581D8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_INTERNAL_DEVICE_CONTROL 83F581D8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_SHUTDOWN 83F581D8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_LOCK_CONTROL 83F581D8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_CLEANUP 83F581D8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_CREATE_MAILSLOT 83F581D8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_QUERY_SECURITY 83F581D8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_SET_SECURITY 83F581D8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_POWER 83F581D8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_SYSTEM_CONTROL 83F581D8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_DEVICE_CHANGE 83F581D8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_QUERY_QUOTA 83F581D8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_SET_QUOTA 83F581D8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_PNP 83F581D8
Device \Driver\usbehci \Device\USBFDO-2 IRP_MJ_CREATE 83EFA1D8
Device \Driver\usbehci \Device\USBFDO-2 IRP_MJ_CLOSE 83EFA1D8
Device \Driver\usbehci \Device\USBFDO-2 IRP_MJ_DEVICE_CONTROL 83EFA1D8
Device \Driver\usbehci \Device\USBFDO-2 IRP_MJ_INTERNAL_DEVICE_CONTROL 83EFA1D8
Device \Driver\usbehci \Device\USBFDO-2 IRP_MJ_POWER 83EFA1D8
Device \Driver\usbehci \Device\USBFDO-2 IRP_MJ_SYSTEM_CONTROL 83EFA1D8
Device \Driver\usbehci \Device\USBFDO-2 IRP_MJ_PNP 83EFA1D8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_CREATE 83F581D8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_CREATE_NAMED_PIPE 83F581D8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_CLOSE 83F581D8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_READ 83F581D8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_WRITE 83F581D8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_QUERY_INFORMATION 83F581D8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_SET_INFORMATION 83F581D8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_QUERY_EA 83F581D8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_SET_EA 83F581D8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_FLUSH_BUFFERS 83F581D8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_QUERY_VOLUME_INFORMATION 83F581D8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_SET_VOLUME_INFORMATION 83F581D8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_DIRECTORY_CONTROL 83F581D8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_FILE_SYSTEM_CONTROL 83F581D8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_DEVICE_CONTROL 83F581D8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_INTERNAL_DEVICE_CONTROL 83F581D8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_SHUTDOWN 83F581D8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_LOCK_CONTROL 83F581D8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_CLEANUP 83F581D8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_CREATE_MAILSLOT 83F581D8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_QUERY_SECURITY 83F581D8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_SET_SECURITY 83F581D8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_POWER 83F581D8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_SYSTEM_CONTROL 83F581D8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_DEVICE_CHANGE 83F581D8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_QUERY_QUOTA 83F581D8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_SET_QUOTA 83F581D8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_PNP 83F581D8
Device \Driver\Ftdisk \Device\FtControl IRP_MJ_CREATE 843661D8
Device \Driver\Ftdisk \Device\FtControl IRP_MJ_READ 843661D8
Device \Driver\Ftdisk \Device\FtControl IRP_MJ_WRITE 843661D8
Device \Driver\Ftdisk \Device\FtControl IRP_MJ_FLUSH_BUFFERS 843661D8
Device \Driver\Ftdisk \Device\FtControl IRP_MJ_DEVICE_CONTROL 843661D8
Device \Driver\Ftdisk \Device\FtControl IRP_MJ_INTERNAL_DEVICE_CONTROL 843661D8
Device \Driver\Ftdisk \Device\FtControl IRP_MJ_SHUTDOWN 843661D8
Device \Driver\Ftdisk \Device\FtControl IRP_MJ_CLEANUP 843661D8
Device \Driver\Ftdisk \Device\FtControl IRP_MJ_POWER 843661D8
Device \Driver\Ftdisk \Device\FtControl IRP_MJ_SYSTEM_CONTROL 843661D8
Device \Driver\Ftdisk \Device\FtControl IRP_MJ_PNP 843661D8
Device \FileSystem\Fastfat \Fat IRP_MJ_CREATE 843501D8
Device \FileSystem\Fastfat \Fat IRP_MJ_CLOSE 843501D8
Device \FileSystem\Fastfat \Fat IRP_MJ_READ 843501D8
Device \FileSystem\Fastfat \Fat IRP_MJ_WRITE 843501D8
Device \FileSystem\Fastfat \Fat IRP_MJ_QUERY_INFORMATION 843501D8
Device \FileSystem\Fastfat \Fat IRP_MJ_SET_INFORMATION 843501D8
Device \FileSystem\Fastfat \Fat IRP_MJ_QUERY_EA 843501D8
Device \FileSystem\Fastfat \Fat IRP_MJ_SET_EA 843501D8
Device \FileSystem\Fastfat \Fat IRP_MJ_FLUSH_BUFFERS 843501D8
Device \FileSystem\Fastfat \Fat IRP_MJ_QUERY_VOLUME_INFORMATION 843501D8
Device \FileSystem\Fastfat \Fat IRP_MJ_SET_VOLUME_INFORMATION 843501D8
Device \FileSystem\Fastfat \Fat IRP_MJ_DIRECTORY_CONTROL 843501D8
Device \FileSystem\Fastfat \Fat IRP_MJ_FILE_SYSTEM_CONTROL 843501D8
Device \FileSystem\Fastfat \Fat IRP_MJ_DEVICE_CONTROL 843501D8
Device \FileSystem\Fastfat \Fat IRP_MJ_SHUTDOWN 843501D8
Device \FileSystem\Fastfat \Fat IRP_MJ_LOCK_CONTROL 843501D8
Device \FileSystem\Fastfat \Fat IRP_MJ_CLEANUP 843501D8
Device \FileSystem\Fastfat \Fat IRP_MJ_PNP 843501D8
Device \FileSystem\Cdfs \Cdfs IRP_MJ_CREATE 8415B2E8
Device \FileSystem\Cdfs \Cdfs IRP_MJ_CLOSE 8415B2E8
Device \FileSystem\Cdfs \Cdfs IRP_MJ_READ 8415B2E8
Device \FileSystem\Cdfs \Cdfs IRP_MJ_QUERY_INFORMATION 8415B2E8
Device \FileSystem\Cdfs \Cdfs IRP_MJ_SET_INFORMATION 8415B2E8
Device \FileSystem\Cdfs \Cdfs IRP_MJ_QUERY_VOLUME_INFORMATION 8415B2E8
Device \FileSystem\Cdfs \Cdfs IRP_MJ_DIRECTORY_CONTROL 8415B2E8
Device \FileSystem\Cdfs \Cdfs IRP_MJ_FILE_SYSTEM_CONTROL 8415B2E8
Device \FileSystem\Cdfs \Cdfs IRP_MJ_DEVICE_CONTROL 8415B2E8
Device \FileSystem\Cdfs \Cdfs IRP_MJ_SHUTDOWN 8415B2E8
Device \FileSystem\Cdfs \Cdfs IRP_MJ_LOCK_CONTROL 8415B2E8
Device \FileSystem\Cdfs \Cdfs IRP_MJ_CLEANUP 8415B2E8
Device \FileSystem\Cdfs \Cdfs IRP_MJ_PNP 8415B2E8
---- Processes - GMER 1.0.12 ----
Library C:\Programmi\OpenOffice.org (*** hidden *** ) @ C:\WINDOWS\EXPLORER.EXE [1536] 0x62390000
Library C:\Programmi\OpenOffice.org (*** hidden *** ) @ C:\WINDOWS\EXPLORER.EXE [1536] 0x60470000
Library C:\Programmi\OpenOffice.org (*** hidden *** ) @ C:\WINDOWS\EXPLORER.EXE [1536] 0x61EF0000
---- EOF - GMER 1.0.12 ----