ok!!
ma il rootkit devo tagliarlo altrimenti intero nn t arriva
GMER 1.0.10.10122 -
http://www.gmer.net
Rootkit 2006-08-30 17:36:36
Windows 5.1.2600 Service Pack 2
---- System - GMER 1.0.10 ----
SSDT \??\C:\Programmi\ewido anti-spyware 4.0\guard.sys ZwOpenProcess <-- ROOTKIT !!!
SSDT \??\C:\Programmi\ewido anti-spyware 4.0\guard.sys ZwTerminateProcess <-- ROOTKIT !!!
INT 0x00 \WINDOWS\system32\ntoskrnl.exe 804DF350
INT 0x01 \WINDOWS\system32\ntoskrnl.exe 804DF4CB
INT 0x03 \WINDOWS\system32\ntoskrnl.exe 804DF89D
INT 0x04 \WINDOWS\system32\ntoskrnl.exe 804DFA20
INT 0x05 \WINDOWS\system32\ntoskrnl.exe 804DFB81
INT 0x06 \WINDOWS\system32\ntoskrnl.exe 804DFD02
INT 0x07 \WINDOWS\system32\ntoskrnl.exe 804E036A
INT 0x09 \WINDOWS\system32\ntoskrnl.exe 804E078F
INT 0x0A \WINDOWS\system32\ntoskrnl.exe 804E08AC
INT 0x0B \WINDOWS\system32\ntoskrnl.exe 804E09E9
INT 0x0C \WINDOWS\system32\ntoskrnl.exe 804E0C42
INT 0x0D \WINDOWS\system32\ntoskrnl.exe 804E0F38
INT 0x0E \WINDOWS\system32\ntoskrnl.exe 804E164F
INT 0x0F \WINDOWS\system32\ntoskrnl.exe 804E197C
INT 0x10 \WINDOWS\system32\ntoskrnl.exe 804E1A99
INT 0x11 \WINDOWS\system32\ntoskrnl.exe 804E1BCE
INT 0x12 \WINDOWS\system32\ntoskrnl.exe 804E197C
INT 0x13 \WINDOWS\system32\ntoskrnl.exe 804E1D34
INT 0x14 \WINDOWS\system32\ntoskrnl.exe 804E197C
INT 0x15 \WINDOWS\system32\ntoskrnl.exe 804E197C
INT 0x16 \WINDOWS\system32\ntoskrnl.exe 804E197C
INT 0x17 \WINDOWS\system32\ntoskrnl.exe 804E197C
INT 0x18 \WINDOWS\system32\ntoskrnl.exe 804E197C
INT 0x19 \WINDOWS\system32\ntoskrnl.exe 804E197C
INT 0x1A \WINDOWS\system32\ntoskrnl.exe 804E197C
INT 0x1B \WINDOWS\system32\ntoskrnl.exe 804E197C
INT 0x1C \WINDOWS\system32\ntoskrnl.exe 804E197C
INT 0x1D \WINDOWS\system32\ntoskrnl.exe 804E197C
INT 0x1E \WINDOWS\system32\ntoskrnl.exe 804E197C
INT 0x1F \WINDOWS\system32\hal.dll 806EDFD0
INT 0x2A \WINDOWS\system32\ntoskrnl.exe 804DEB92
INT 0x2B \WINDOWS\system32\ntoskrnl.exe 804DEC95
INT 0x2C \WINDOWS\system32\ntoskrnl.exe 804DEE34
INT 0x2D \WINDOWS\system32\ntoskrnl.exe 804DF77C
INT 0x2E \WINDOWS\system32\ntoskrnl.exe 804DE631
INT 0x2F \WINDOWS\system32\ntoskrnl.exe 804E197C
INT 0x30 \WINDOWS\system32\ntoskrnl.exe 804DDCF0
INT 0x31 \WINDOWS\system32\ntoskrnl.exe 804DDCFA
INT 0x32 \WINDOWS\system32\ntoskrnl.exe 804DDD04
INT 0x33 \WINDOWS\system32\ntoskrnl.exe 804DDD0E
INT 0x34 \WINDOWS\system32\ntoskrnl.exe 804DDD18
INT 0x35 \WINDOWS\system32\ntoskrnl.exe 804DDD22
INT 0x36 \WINDOWS\system32\ntoskrnl.exe 804DDD2C
INT 0x37 \WINDOWS\system32\hal.dll 806ED728
INT 0x38 \WINDOWS\system32\ntoskrnl.exe 804DDD40
INT 0x39 \WINDOWS\system32\ntoskrnl.exe 804DDD4A
INT 0x3A \WINDOWS\system32\ntoskrnl.exe 804DDD54
INT 0x3B \WINDOWS\system32\ntoskrnl.exe 804DDD5E
INT 0x3C \WINDOWS\system32\ntoskrnl.exe 804DDD68
INT 0x3D \WINDOWS\system32\hal.dll 806EEB70
INT 0x3E \WINDOWS\system32\ntoskrnl.exe 804DDD7C
INT 0x3F \WINDOWS\system32\ntoskrnl.exe 804DDD86
INT 0x40 \WINDOWS\system32\ntoskrnl.exe 804DDD90
INT 0x41 \WINDOWS\system32\hal.dll 806EE9CC
INT 0x42 \WINDOWS\system32\ntoskrnl.exe 804DDDA4
INT 0x43 \WINDOWS\system32\ntoskrnl.exe 804DDDAE
INT 0x44 \WINDOWS\system32\ntoskrnl.exe 804DDDB8
INT 0x45 \WINDOWS\system32\ntoskrnl.exe 804DDDC2
INT 0x46 \WINDOWS\system32\ntoskrnl.exe 804DDDCC
INT 0x47 \WINDOWS\system32\ntoskrnl.exe 804DDDD6
INT 0x48 \WINDOWS\system32\ntoskrnl.exe 804DDDE0
INT 0x49 \WINDOWS\system32\ntoskrnl.exe 804DDDEA
INT 0x4A \WINDOWS\system32\ntoskrnl.exe 804DDDF4
INT 0x4B \WINDOWS\system32\ntoskrnl.exe 804DDDFE
INT 0x4C \WINDOWS\system32\ntoskrnl.exe 804DDE08
INT 0x4D \WINDOWS\system32\ntoskrnl.exe 804DDE12
INT 0x4E \WINDOWS\system32\ntoskrnl.exe 804DDE1C
INT 0x4F \WINDOWS\system32\ntoskrnl.exe 804DDE26
INT 0x50 \WINDOWS\system32\hal.dll 806ED800
INT 0x51 \WINDOWS\system32\ntoskrnl.exe 804DDE3A
INT 0x52 \WINDOWS\system32\ntoskrnl.exe 804DDE44
INT 0x53 \WINDOWS\system32\ntoskrnl.exe 804DDE4E
INT 0x54 \WINDOWS\system32\ntoskrnl.exe 804DDE58
INT 0x55 \WINDOWS\system32\ntoskrnl.exe 804DDE62
INT 0x56 \WINDOWS\system32\ntoskrnl.exe 804DDE6C
INT 0x57 \WINDOWS\system32\ntoskrnl.exe 804DDE76
INT 0x58 \WINDOWS\system32\ntoskrnl.exe 804DDE80
INT 0x59 \WINDOWS\system32\ntoskrnl.exe 804DDE8A
INT 0x5A \WINDOWS\system32\ntoskrnl.exe 804DDE94
INT 0x5B \WINDOWS\system32\ntoskrnl.exe 804DDE9E
INT 0x5C \WINDOWS\system32\ntoskrnl.exe 804DDEA8
INT 0x5D \WINDOWS\system32\ntoskrnl.exe 804DDEB2
INT 0x5E \WINDOWS\system32\ntoskrnl.exe 804DDEBC
INT 0x5F \WINDOWS\system32\ntoskrnl.exe 804DDEC6
INT 0x60 \WINDOWS\system32\ntoskrnl.exe 804DDED0
INT 0x61 \WINDOWS\system32\ntoskrnl.exe 804DDEDA
INT 0x64 \WINDOWS\system32\ntoskrnl.exe 804DDEF8
INT 0x65 \WINDOWS\system32\ntoskrnl.exe 804DDF02
INT 0x66 \WINDOWS\system32\ntoskrnl.exe 804DDF0C
INT 0x67 \WINDOWS\system32\ntoskrnl.exe 804DDF16
INT 0x68 \WINDOWS\system32\ntoskrnl.exe 804DDF20
INT 0x69 \WINDOWS\system32\ntoskrnl.exe 804DDF2A
INT 0x6A \WINDOWS\system32\ntoskrnl.exe 804DDF34
INT 0x6B \WINDOWS\system32\ntoskrnl.exe 804DDF3E
INT 0x6C \WINDOWS\system32\ntoskrnl.exe 804DDF48
INT 0x6D \WINDOWS\system32\ntoskrnl.exe 804DDF52
INT 0x6E \WINDOWS\system32\ntoskrnl.exe 804DDF5C
INT 0x6F \WINDOWS\system32\ntoskrnl.exe 804DDF66
INT 0x70 \WINDOWS\system32\ntoskrnl.exe 804DDF70
INT 0x71 \WINDOWS\system32\ntoskrnl.exe 804DDF7A
INT 0x72 \WINDOWS\system32\ntoskrnl.exe 804DDF84
INT 0x74 \WINDOWS\system32\ntoskrnl.exe 804DDF98
INT 0x75 \WINDOWS\system32\ntoskrnl.exe 804DDFA2
INT 0x76 \WINDOWS\system32\ntoskrnl.exe 804DDFAC
INT 0x77 \WINDOWS\system32\ntoskrnl.exe 804DDFB6
INT 0x78 \WINDOWS\system32\ntoskrnl.exe 804DDFC0
INT 0x79 \WINDOWS\system32\ntoskrnl.exe 804DDFCA
INT 0x7A \WINDOWS\system32\ntoskrnl.exe 804DDFD4
INT 0x7B \WINDOWS\system32\ntoskrnl.exe 804DDFDE
INT 0x7C \WINDOWS\system32\ntoskrnl.exe 804DDFE8
INT 0x7D \WINDOWS\system32\ntoskrnl.exe 804DDFF2
INT 0x7E \WINDOWS\system32\ntoskrnl.exe 804DDFFC
INT 0x7F \WINDOWS\system32\ntoskrnl.exe 804DE006
INT 0x80 \WINDOWS\system32\ntoskrnl.exe 804DE010
INT 0x81 \WINDOWS\system32\ntoskrnl.exe 804DE01A
INT 0x85 \WINDOWS\system32\ntoskrnl.exe 804DE042
INT 0x86 \WINDOWS\system32\ntoskrnl.exe 804DE04C
INT 0x87 \WINDOWS\system32\ntoskrnl.exe 804DE056
INT 0x88 \WINDOWS\system32\ntoskrnl.exe 804DE060
INT 0x89 \WINDOWS\system32\ntoskrnl.exe 804DE06A
INT 0x8A \WINDOWS\system32\ntoskrnl.exe 804DE074
INT 0x8B \WINDOWS\system32\ntoskrnl.exe 804DE07E
INT 0x8C \WINDOWS\system32\ntoskrnl.exe 804DE088
INT 0x8D \WINDOWS\system32\ntoskrnl.exe 804DE092
INT 0x8E \WINDOWS\system32\ntoskrnl.exe 804DE09C
INT 0x8F \WINDOWS\system32\ntoskrnl.exe 804DE0A6
INT 0x90 \WINDOWS\system32\ntoskrnl.exe 804DE0B0
INT 0x91 \WINDOWS\system32\ntoskrnl.exe 804DE0BA
INT 0x95 \WINDOWS\system32\ntoskrnl.exe 804DE0E2
INT 0x96 \WINDOWS\system32\ntoskrnl.exe 804DE0EC
INT 0x97 \WINDOWS\system32\ntoskrnl.exe 804DE0F6
INT 0x98 \WINDOWS\system32\ntoskrnl.exe 804DE100
INT 0x99 \WINDOWS\system32\ntoskrnl.exe 804DE10A
INT 0x9A \WINDOWS\system32\ntoskrnl.exe 804DE114
INT 0x9B \WINDOWS\system32\ntoskrnl.exe 804DE11E
INT 0x9C \WINDOWS\system32\ntoskrnl.exe 804DE128
INT 0x9D \WINDOWS\system32\ntoskrnl.exe 804DE132
INT 0x9E \WINDOWS\system32\ntoskrnl.exe 804DE13C
INT 0x9F \WINDOWS\system32\ntoskrnl.exe 804DE146
INT 0xA0 \WINDOWS\system32\ntoskrnl.exe 804DE150
INT 0xA1 \WINDOWS\system32\ntoskrnl.exe 804DE15A
INT 0xA2 \WINDOWS\system32\ntoskrnl.exe 804DE164
INT 0xA5 \WINDOWS\system32\ntoskrnl.exe 804DE182
INT 0xA6 \WINDOWS\system32\ntoskrnl.exe 804DE18C
INT 0xA7 \WINDOWS\system32\ntoskrnl.exe 804DE196
INT 0xA8 \WINDOWS\system32\ntoskrnl.exe 804DE1A0
INT 0xA9 \WINDOWS\system32\ntoskrnl.exe 804DE1AA
INT 0xAA \WINDOWS\system32\ntoskrnl.exe 804DE1B4
INT 0xAB \WINDOWS\system32\ntoskrnl.exe 804DE1BE
INT 0xAC \WINDOWS\system32\ntoskrnl.exe 804DE1C8
INT 0xAD \WINDOWS\system32\ntoskrnl.exe 804DE1D2
INT 0xAE \WINDOWS\system32\ntoskrnl.exe 804DE1DC
INT 0xAF \WINDOWS\system32\ntoskrnl.exe 804DE1E6
INT 0xB0 \WINDOWS\system32\ntoskrnl.exe 804DE1F0
INT 0xB3 \WINDOWS\system32\ntoskrnl.exe 804DE20E
INT 0xB5 \WINDOWS\system32\ntoskrnl.exe 804DE222
INT 0xB6 \WINDOWS\system32\ntoskrnl.exe 804DE22C
INT 0xB7 \WINDOWS\system32\ntoskrnl.exe 804DE236
INT 0xB8 \WINDOWS\system32\ntoskrnl.exe 804DE240
INT 0xB9 \WINDOWS\system32\ntoskrnl.exe 804DE24A
INT 0xBA \WINDOWS\system32\ntoskrnl.exe 804DE254
INT 0xBB \WINDOWS\system32\ntoskrnl.exe 804DE25E
INT 0xBC \WINDOWS\system32\ntoskrnl.exe 804DE268
INT 0xBD \WINDOWS\system32\ntoskrnl.exe 804DE272
INT 0xBE \WINDOWS\system32\ntoskrnl.exe 804DE27C
INT 0xBF \WINDOWS\system32\ntoskrnl.exe 804DE286
INT 0xC0 \WINDOWS\system32\ntoskrnl.exe 804DE290
INT 0xC1 \WINDOWS\system32\hal.dll 806ED984
INT 0xC2 \WINDOWS\system32\ntoskrnl.exe 804DE2A4
INT 0xC3 \WINDOWS\system32\ntoskrnl.exe 804DE2AE
INT 0xC4 \WINDOWS\system32\ntoskrnl.exe 804DE2B8
INT 0xC5 \WINDOWS\system32\ntoskrnl.exe 804DE2C2
INT 0xC6 \WINDOWS\system32\ntoskrnl.exe 804DE2CC
INT 0xC7 \WINDOWS\system32\ntoskrnl.exe 804DE2D6
INT 0xC8 \WINDOWS\system32\ntoskrnl.exe 804DE2E0
INT 0xC9 \WINDOWS\system32\ntoskrnl.exe 804DE2EA
INT 0xCA \WINDOWS\system32\ntoskrnl.exe 804DE2F4
INT 0xCB \WINDOWS\system32\ntoskrnl.exe 804DE2FE
INT 0xCC \WINDOWS\system32\ntoskrnl.exe 804DE308
INT 0xCD \WINDOWS\system32\ntoskrnl.exe 804DE312
INT 0xCE \WINDOWS\system32\ntoskrnl.exe 804DE31C
INT 0xCF \WINDOWS\system32\ntoskrnl.exe 804DE326
INT 0xD0 \WINDOWS\system32\ntoskrnl.exe 804DE330
INT 0xD1 \WINDOWS\system32\hal.dll 806ECD34
INT 0xD2 \WINDOWS\system32\ntoskrnl.exe 804DE344
INT 0xD3 \WINDOWS\system32\ntoskrnl.exe 804DE34E
INT 0xD4 \WINDOWS\system32\ntoskrnl.exe 804DE358
INT 0xD5 \WINDOWS\system32\ntoskrnl.exe 804DE362
INT 0xD6 \WINDOWS\system32\ntoskrnl.exe 804DE36C
INT 0xD7 \WINDOWS\system32\ntoskrnl.exe 804DE376
INT 0xD8 \WINDOWS\system32\ntoskrnl.exe 804DE380
INT 0xD9 \WINDOWS\system32\ntoskrnl.exe 804DE38A
INT 0xDA \WINDOWS\system32\ntoskrnl.exe 804DE394
INT 0xDB \WINDOWS\system32\ntoskrnl.exe 804DE39E
INT 0xDC \WINDOWS\system32\ntoskrnl.exe 804DE3A8
INT 0xDD \WINDOWS\system32\ntoskrnl.exe 804DE3B2
INT 0xDE \WINDOWS\system32\ntoskrnl.exe 804DE3BC
INT 0xDF \WINDOWS\system32\ntoskrnl.exe 804DE3C6
INT 0xE0 \WINDOWS\system32\ntoskrnl.exe 804DE3D0
INT 0xE1 \WINDOWS\system32\hal.dll 806EDF0C
INT 0xE2 \WINDOWS\system32\ntoskrnl.exe 804DE3E4
INT 0xE3 \WINDOWS\system32\hal.dll 806EDC70
INT 0xE4 \WINDOWS\system32\ntoskrnl.exe 804DE3F8
INT 0xE5 \WINDOWS\system32\ntoskrnl.exe 804DE402
INT 0xE6 \WINDOWS\system32\ntoskrnl.exe 804DE40C
INT 0xE7 \WINDOWS\system32\ntoskrnl.exe 804DE416
INT 0xE8 \WINDOWS\system32\ntoskrnl.exe 804DE420
INT 0xE9 \WINDOWS\system32\ntoskrnl.exe 804DE42A
INT 0xEA \WINDOWS\system32\ntoskrnl.exe 804DE434
INT 0xEB \WINDOWS\system32\ntoskrnl.exe 804DE43E
INT 0xEC \WINDOWS\system32\ntoskrnl.exe 804DE448
INT 0xED \WINDOWS\system32\ntoskrnl.exe 804DE452
INT 0xEE \WINDOWS\system32\ntoskrnl.exe 804DE459
INT 0xEF \WINDOWS\system32\ntoskrnl.exe 804DE460
INT 0xF0 \WINDOWS\system32\ntoskrnl.exe 804DE467
INT 0xF1 \WINDOWS\system32\ntoskrnl.exe 804DE46E
INT 0xF2 \WINDOWS\system32\ntoskrnl.exe 804DE475
INT 0xF3 \WINDOWS\system32\ntoskrnl.exe 804DE47C
INT 0xF4 \WINDOWS\system32\ntoskrnl.exe 804DE483
INT 0xF5 \WINDOWS\system32\ntoskrnl.exe 804DE48A
INT 0xF6 \WINDOWS\system32\ntoskrnl.exe 804DE491
INT 0xF7 \WINDOWS\system32\ntoskrnl.exe 804DE498
INT 0xF8 \WINDOWS\system32\ntoskrnl.exe 804DE49F
INT 0xF9 \WINDOWS\system32\ntoskrnl.exe 804DE4A6
INT 0xFA \WINDOWS\system32\ntoskrnl.exe 804DE4AD
INT 0xFB \WINDOWS\system32\ntoskrnl.exe 804DE4B4
INT 0xFC \WINDOWS\system32\ntoskrnl.exe 804DE4BB
INT 0xFD \WINDOWS\system32\hal.dll 806EE464
INT 0xFE \WINDOWS\system32\hal.dll 806EE604
INT 0xFF \WINDOWS\system32\ntoskrnl.exe 804DE4D0
SYSENTER \WINDOWS\system32\ntoskrnl.exe 804DE6F0
---- Devices - GMER 1.0.10 ----
Device \FileSystem\Ntfs \Ntfs IRP_MJ_CREATE [F83DAE37] Ntfs.sys
Device \FileSystem\Ntfs \Ntfs IRP_MJ_CREATE_NAMED_PIPE [805031BE] ntoskrnl.exe
Device \FileSystem\Ntfs \Ntfs IRP_MJ_CLOSEIRP_MJ_READ [F83DA320] Ntfs.sys
Device \FileSystem\Ntfs \Ntfs IRP_MJ_WRITE [F83B7EE4] Ntfs.sys
Device \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_INFORMATION [F83B6BCA] Ntfs.sys
Device \FileSystem\Ntfs \Ntfs IRP_MJ_SET_INFORMATION [F83DB4D1] Ntfs.sys
Device \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_EA [F83B8A58] Ntfs.sys
Device \FileSystem\Ntfs \Ntfs IRP_MJ_SET_EA [F83DB4D1] Ntfs.sys
Device \FileSystem\Ntfs \Ntfs IRP_MJ_FLUSH_BUFFERS [F83DB4D1] Ntfs.sys
Device \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_VOLUME_INFORMATION [F83E0A68] Ntfs.sys
Device \FileSystem\Ntfs \Ntfs IRP_MJ_SET_VOLUME_INFORMATION [F83DB61C] Ntfs.sys
Device \FileSystem\Ntfs \Ntfs IRP_MJ_DIRECTORY_CONTROL [F83DB61C] Ntfs.sys
Device \FileSystem\Ntfs \Ntfs IRP_MJ_FILE_SYSTEM_CONTROL [F83DD2C3] Ntfs.sys
Device \FileSystem\Ntfs \Ntfs IRP_MJ_DEVICE_CONTROL [F83E26D5] Ntfs.sys
Device \FileSystem\Ntfs \Ntfs IRP_MJ_INTERNAL_DEVICE_CONTROL [F83DB61C] Ntfs.sys
Device \FileSystem\Ntfs \Ntfs IRP_MJ_SHUTDOWN [805031BE] ntoskrnl.exe
Device \FileSystem\Ntfs \Ntfs IRP_MJ_LOCK_CONTROL [F83C9621] Ntfs.sys
Device \FileSystem\Ntfs \Ntfs IRP_MJ_CLEANUP [F842EB11] Ntfs.sys
Device \FileSystem\Ntfs \Ntfs IRP_MJ_CREATE_MAILSLOT [F83DACEE] Ntfs.sys
Device \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_SECURITY [805031BE] ntoskrnl.exe
Device \FileSystem\Ntfs \Ntfs IRP_MJ_SET_SECURITY [F83DB61C] Ntfs.sys
Device \FileSystem\Ntfs \Ntfs IRP_MJ_POWER [F83DB61C] Ntfs.sys
Device \FileSystem\Ntfs \Ntfs IRP_MJ_SYSTEM_CONTROL [805031BE] ntoskrnl.exe
Device \FileSystem\Ntfs \Ntfs IRP_MJ_DEVICE_CHANGE [805031BE] ntoskrnl.exe
Device \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_QUOTA [805031BE] ntoskrnl.exe
Device \FileSystem\Ntfs \Ntfs IRP_MJ_SET_QUOTA [F83DB4D1] Ntfs.sys
Device \FileSystem\Ntfs \Ntfs IRP_MJ_PNP [F83DB4D1] Ntfs.sys
Device \FileSystem\Ntfs \Ntfs IRP_MJ_PNP_POWER [F83F9F3F] Ntfs.sys
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_CREATE [EFC4CC8A] Fastfat.SYS
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_CREATE_NAMED_PIPE [805031BE] ntoskrnl.exe
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_CLOSEIRP_MJ_READ [EFC497C8] Fastfat.SYS
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_WRITE [EFC4560A] Fastfat.SYS
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_QUERY_INFORMATION [EFC45AED] Fastfat.SYS
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_SET_INFORMATION [EFC50958] Fastfat.SYS
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_QUERY_EA [EFC53821] Fastfat.SYS
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_SET_EA [EFC5C38A] Fastfat.SYS
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_FLUSH_BUFFERS [EFC5BD49] Fastfat.SYS
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_QUERY_VOLUME_INFORMATION [EFC55BBE] Fastfat.SYS
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_SET_VOLUME_INFORMATION [EFC56331] Fastfat.SYS
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_DIRECTORY_CONTROL [EFC644F4] Fastfat.SYS
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_FILE_SYSTEM_CONTROL [EFC4CB37] Fastfat.SYS
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_DEVICE_CONTROL [EFC48948] Fastfat.SYS
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_INTERNAL_DEVICE_CONTROL [EFC5246B] Fastfat.SYS
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_SHUTDOWN [805031BE] ntoskrnl.exe
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_LOCK_CONTROL [EFC6379D] Fastfat.SYS
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_CLEANUP [EFC62C4A] Fastfat.SYS
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_CREATE_MAILSLOT [EFC492FD] Fastfat.SYS
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_QUERY_SECURITY [805031BE] ntoskrnl.exe
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_SET_SECURITY [805031BE] ntoskrnl.exe
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_POWER [805031BE] ntoskrnl.exe
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_SYSTEM_CONTROL [805031BE] ntoskrnl.exe
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_DEVICE_CHANGE [805031BE] ntoskrnl.exe
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_QUERY_QUOTA [805031BE] ntoskrnl.exe
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_SET_QUOTA [805031BE] ntoskrnl.exe
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_PNP [805031BE] ntoskrnl.exe
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_PNP_POWER [EFC631DB] Fastfat.SYS
Device \FileSystem\Mup \Dfs IRP_MJ_CREATE [F8372A80] Mup.sys
Device \FileSystem\Mup \Dfs IRP_MJ_CREATE_NAMED_PIPE [F8372A80] Mup.sys
Device \FileSystem\Mup \Dfs IRP_MJ_CLOSEIRP_MJ_READ [F8377A76] Mup.sys
Device \FileSystem\Mup \Dfs IRP_MJ_WRITE [F836F52D] Mup.sys
Device \FileSystem\Mup \Dfs IRP_MJ_QUERY_INFORMATION [F8374159] Mup.sys
Device \FileSystem\Mup \Dfs IRP_MJ_SET_INFORMATION [F837FB88] Mup.sys
Device \FileSystem\Mup \Dfs IRP_MJ_QUERY_EA [F837FDF2] Mup.sys
Device \FileSystem\Mup \Dfs IRP_MJ_SET_EA [F836F52D] Mup.sys
Device \FileSystem\Mup \Dfs IRP_MJ_FLUSH_BUFFERS [F836F52D] Mup.sys
Device \FileSystem\Mup \Dfs IRP_MJ_QUERY_VOLUME_INFORMATION [F836F52D] Mup.sys
Device \FileSystem\Mup \Dfs IRP_MJ_SET_VOLUME_INFORMATION [F8384492] Mup.sys
Device \FileSystem\Mup \Dfs IRP_MJ_DIRECTORY_CONTROL [F8384585] Mup.sys
Device \FileSystem\Mup \Dfs IRP_MJ_FILE_SYSTEM_CONTROL [F836F52D] Mup.sys
Device \FileSystem\Mup \Dfs IRP_MJ_DEVICE_CONTROL [F83775D2] Mup.sys
Device \FileSystem\Mup \Dfs IRP_MJ_INTERNAL_DEVICE_CONTROL [F836F52D] Mup.sys
Device \FileSystem\Mup \Dfs IRP_MJ_SHUTDOWN [F836F52D] Mup.sys
Device \FileSystem\Mup \Dfs IRP_MJ_LOCK_CONTROL [F837F33D] Mup.sys
Device \FileSystem\Mup \Dfs IRP_MJ_CLEANUP [F836F52D] Mup.sys
Device \FileSystem\Mup \Dfs IRP_MJ_CREATE_MAILSLOT [F8377AB9] Mup.sys
Device \FileSystem\Mup \Dfs IRP_MJ_QUERY_SECURITY [F8372A80] Mup.sys
Device \FileSystem\Mup \Dfs IRP_MJ_SET_SECURITY [F836F52D] Mup.sys
Device \FileSystem\Mup \Dfs IRP_MJ_POWER [F836F52D] Mup.sys
Device \FileSystem\Mup \Dfs IRP_MJ_SYSTEM_CONTROL [F836F52D] Mup.sys
Device \FileSystem\Mup \Dfs IRP_MJ_DEVICE_CHANGE [F836E35A] Mup.sys
Device \FileSystem\Mup \Dfs IRP_MJ_QUERY_QUOTA [F836F52D] Mup.sys
Device \FileSystem\Mup \Dfs IRP_MJ_SET_QUOTA [F836F52D] Mup.sys
Device \FileSystem\Mup \Dfs IRP_MJ_PNP [F836F52D] Mup.sys
Device \FileSystem\Mup \Dfs IRP_MJ_PNP_POWER [F836F52D] Mup.sys
Device \Driver\NDIS \Device\Ndis IRP_MJ_CREATE [F8390982] NDIS.sys
Device \Driver\NDIS \Device\Ndis IRP_MJ_CREATE_NAMED_PIPE [F8390982] NDIS.sys
Device \Driver\NDIS \Device\Ndis IRP_MJ_CLOSEIRP_MJ_READ [F8390982] NDIS.sys
Device \Driver\NDIS \Device\Ndis IRP_MJ_WRITE [F8390982] NDIS.sys
Device \Driver\NDIS \Device\Ndis IRP_MJ_QUERY_INFORMATION [F8390982] NDIS.sys
Device \Driver\NDIS \Device\Ndis IRP_MJ_SET_INFORMATION [F8390982] NDIS.sys
Device \Driver\NDIS \Device\Ndis IRP_MJ_QUERY_EA [F8390982] NDIS.sys
Device \Driver\NDIS \Device\Ndis IRP_MJ_SET_EA [F8390982] NDIS.sys
Device \Driver\NDIS \Device\Ndis IRP_MJ_FLUSH_BUFFERS [F8390982] NDIS.sys
Device \Driver\NDIS \Device\Ndis IRP_MJ_QUERY_VOLUME_INFORMATION [F8390982] NDIS.sys
Device \Driver\NDIS \Device\Ndis IRP_MJ_SET_VOLUME_INFORMATION [F8390982] NDIS.sys
Device \Driver\NDIS \Device\Ndis IRP_MJ_DIRECTORY_CONTROL [F8390982] NDIS.sys
Device \Driver\NDIS \Device\Ndis IRP_MJ_FILE_SYSTEM_CONTROL [F8390982] NDIS.sys
Device \Driver\NDIS \Device\Ndis IRP_MJ_DEVICE_CONTROL [F8390982] NDIS.sys
Device \Driver\NDIS \Device\Ndis IRP_MJ_INTERNAL_DEVICE_CONTROL [F8390982] NDIS.sys
Device \Driver\NDIS \Device\Ndis IRP_MJ_SHUTDOWN [F8390982] NDIS.sys
Device \Driver\NDIS \Device\Ndis IRP_MJ_LOCK_CONTROL [F8390982] NDIS.sys
Device \Driver\NDIS \Device\Ndis IRP_MJ_CLEANUP [F8390982] NDIS.sys
Device \Driver\NDIS \Device\Ndis IRP_MJ_CREATE_MAILSLOT [F8390982] NDIS.sys
Device \Driver\NDIS \Device\Ndis IRP_MJ_QUERY_SECURITY [F8390982] NDIS.sys
Device \Driver\NDIS \Device\Ndis IRP_MJ_SET_SECURITY [F8390982] NDIS.sys
Device \Driver\NDIS \Device\Ndis IRP_MJ_POWER [F8390982] NDIS.sys
Device \Driver\NDIS \Device\Ndis IRP_MJ_SYSTEM_CONTROL [F8390982] NDIS.sys
Device \Driver\NDIS \Device\Ndis IRP_MJ_DEVICE_CHANGE [F8390982] NDIS.sys
Device \Driver\NDIS \Device\Ndis IRP_MJ_QUERY_QUOTA [F8390982] NDIS.sys
Device \Driver\NDIS \Device\Ndis IRP_MJ_SET_QUOTA [F8390982] NDIS.sys
Device \Driver\NDIS \Device\Ndis IRP_MJ_PNP [F8390982] NDIS.sys
Device \Driver\NDIS \Device\Ndis IRP_MJ_PNP_POWER [F8390982] NDIS.sys
Device \Driver\KSecDD \Device\KsecDD IRP_MJ_CREATE [F8448D62] KSecDD.sys
Device \Driver\KSecDD \Device\KsecDD IRP_MJ_CREATE_NAMED_PIPE [805031BE] ntoskrnl.exe
Device \Driver\KSecDD \Device\KsecDD IRP_MJ_CLOSEIRP_MJ_READ [F8448D62] KSecDD.sys
Device \Driver\KSecDD \Device\KsecDD IRP_MJ_WRITE [F8448D62] KSecDD.sys
Device \Driver\KSecDD \Device\KsecDD IRP_MJ_QUERY_INFORMATION [F8448D62] KSecDD.sys
Device \Driver\KSecDD \Device\KsecDD IRP_MJ_SET_INFORMATION [F8448D62] KSecDD.sys
Device \Driver\KSecDD \Device\KsecDD IRP_MJ_QUERY_EA [805031BE] ntoskrnl.exe
Device \Driver\KSecDD \Device\KsecDD IRP_MJ_SET_EA [805031BE] ntoskrnl.exe
Device \Driver\KSecDD \Device\KsecDD IRP_MJ_FLUSH_BUFFERS [805031BE] ntoskrnl.exe
Device \Driver\KSecDD \Device\KsecDD IRP_MJ_QUERY_VOLUME_INFORMATION [805031BE] ntoskrnl.exe
Device \Driver\KSecDD \Device\KsecDD IRP_MJ_SET_VOLUME_INFORMATION [F8448D62] KSecDD.sys
Device \Driver\KSecDD \Device\KsecDD IRP_MJ_DIRECTORY_CONTROL [805031BE] ntoskrnl.exe
Device \Driver\KSecDD \Device\KsecDD IRP_MJ_FILE_SYSTEM_CONTROL [805031BE] ntoskrnl.exe
Device \Driver\KSecDD \Device\KsecDD IRP_MJ_DEVICE_CONTROL [805031BE] ntoskrnl.exe
Device \Driver\KSecDD \Device\KsecDD IRP_MJ_INTERNAL_DEVICE_CONTROL [F8448D62] KSecDD.sys
Device \Driver\KSecDD \Device\KsecDD IRP_MJ_SHUTDOWN [805031BE] ntoskrnl.exe
Device \Driver\KSecDD \Device\KsecDD IRP_MJ_LOCK_CONTROL [805031BE] ntoskrnl.exe
Device \Driver\KSecDD \Device\KsecDD IRP_MJ_CLEANUP [805031BE] ntoskrnl.exe
Device \Driver\KSecDD \Device\KsecDD IRP_MJ_CREATE_MAILSLOT [805031BE] ntoskrnl.exe
Device \Driver\KSecDD \Device\KsecDD IRP_MJ_QUERY_SECURITY [805031BE] ntoskrnl.exe
Device \Driver\KSecDD \Device\KsecDD IRP_MJ_SET_SECURITY [805031BE] ntoskrnl.exe
Device \Driver\KSecDD \Device\KsecDD IRP_MJ_POWER [805031BE] ntoskrnl.exe
Device \Driver\KSecDD \Device\KsecDD IRP_MJ_SYSTEM_CONTROL [805031BE] ntoskrnl.exe
Device \Driver\KSecDD \Device\KsecDD IRP_MJ_DEVICE_CHANGE [805031BE] ntoskrnl.exe
Device \Driver\KSecDD \Device\KsecDD IRP_MJ_QUERY_QUOTA [805031BE] ntoskrnl.exe
Device \Driver\KSecDD \Device\KsecDD IRP_MJ_SET_QUOTA [805031BE] ntoskrnl.exe
Device \Driver\KSecDD \Device\KsecDD IRP_MJ_PNP [805031BE] ntoskrnl.exe
Device \Driver\KSecDD \Device\KsecDD IRP_MJ_PNP_POWER [805031BE] ntoskrnl.exe
Device \Device\00000019
Device \Device\00000025
Device \Driver\PnpManager \Device\00000032 IRP_MJ_CREATE [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000032 IRP_MJ_CREATE_NAMED_PIPE [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000032 IRP_MJ_CLOSEIRP_MJ_READ [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000032 IRP_MJ_WRITE [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000032 IRP_MJ_QUERY_INFORMATION [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000032 IRP_MJ_SET_INFORMATION [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000032 IRP_MJ_QUERY_EA [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000032 IRP_MJ_SET_EA [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000032 IRP_MJ_FLUSH_BUFFERS [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000032 IRP_MJ_QUERY_VOLUME_INFORMATION [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000032 IRP_MJ_SET_VOLUME_INFORMATION [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000032 IRP_MJ_DIRECTORY_CONTROL [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000032 IRP_MJ_FILE_SYSTEM_CONTROL [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000032 IRP_MJ_DEVICE_CONTROL [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000032 IRP_MJ_INTERNAL_DEVICE_CONTROL [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000032 IRP_MJ_SHUTDOWN [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000032 IRP_MJ_LOCK_CONTROL [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000032 IRP_MJ_CLEANUP [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000032 IRP_MJ_CREATE_MAILSLOT [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000032 IRP_MJ_QUERY_SECURITY [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000032 IRP_MJ_SET_SECURITY [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000032 IRP_MJ_POWER [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000032 IRP_MJ_SYSTEM_CONTROL [80531651] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000032 IRP_MJ_DEVICE_CHANGE [8061DEEF] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000032 IRP_MJ_QUERY_QUOTA [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000032 IRP_MJ_SET_QUOTA [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000032 IRP_MJ_PNP [805031BE] ntoskrnl.exe
Device \Driver\PnpManager \Device\00000032 IRP_MJ_PNP_POWER [805AD182] ntoskrnl.exe
Device \Driver\Beep \Device\Beep IRP_MJ_CREATE [F8A6746A] Beep.SYS
Device \Driver\Beep \Device\Beep IRP_MJ_CREATE_NAMED_PIPE [805031BE] ntoskrnl.exe
Device \Driver\Beep \Device\Beep IRP_MJ_CLOSEIRP_MJ_READ [F8A674B8] Beep.SYS
Device \Driver\Beep \Device\Beep IRP_MJ_WRITE [805031BE] ntoskrnl.exe
Device \Driver\Beep \Device\Beep IRP_MJ_QUERY_INFORMATION [805031BE] ntoskrnl.exe
Device \Driver\Beep \Device\Beep IRP_MJ_SET_INFORMATION [805031BE] ntoskrnl.exe
Device \Driver\Beep \Device\Beep IRP_MJ_QUERY_EA [805031BE] ntoskrnl.exe
Device \Driver\Beep \Device\Beep IRP_MJ_SET_EA [805031BE] ntoskrnl.exe
Device \Driver\Beep \Device\Beep IRP_MJ_FLUSH_BUFFERS [805031BE] ntoskrnl.exe
Device \Driver\Beep \Device\Beep IRP_MJ_QUERY_VOLUME_INFORMATION [805031BE] ntoskrnl.exe
Device \Driver\Beep \Device\Beep IRP_MJ_SET_VOLUME_INFORMATION [805031BE] ntoskrnl.exe
Device \Driver\Beep \Device\Beep IRP_MJ_DIRECTORY_CONTROL [805031BE] ntoskrnl.exe
Device \Driver\Beep \Device\Beep IRP_MJ_FILE_SYSTEM_CONTROL [805031BE] ntoskrnl.exe
Device \Driver\Beep \Device\Beep IRP_MJ_DEVICE_CONTROL [805031BE] ntoskrnl.exe
Device \Driver\Beep \Device\Beep IRP_MJ_INTERNAL_DEVICE_CONTROL [F8A67400] Beep.SYS
Device \Driver\Beep \Device\Beep IRP_MJ_SHUTDOWN [805031BE] ntoskrnl.exe
Device \Driver\Beep \Device\Beep IRP_MJ_LOCK_CONTROL [805031BE] ntoskrnl.exe
Device \Driver\Beep \Device\Beep IRP_MJ_CLEANUP [805031BE] ntoskrnl.exe
Device \Driver\Beep \Device\Beep IRP_MJ_CREATE_MAILSLOT