Thread: Firefox/norton/program crashes
View Single Post
Old 06-26-2006, 10:00 PM   #25 (permalink)
anksmashpunk
Registered User
 
Join Date: Jun 2006
Posts: 17
OS: Windows XP SP2


heres that gmer log:

GMER 1.0.10.10122 - http://www.gmer.net
Rootkit 2006-06-26 20:59:35
Windows 5.1.2600 Service Pack 2


---- System - GMER 1.0.10 ----

SSDT a347bus.sys ZwClose
SSDT 8600B7D0 ZwConnectPort
SSDT a347bus.sys ZwCreateKey
SSDT a347bus.sys ZwCreatePagingFile
SSDT a347bus.sys ZwEnumerateKey
SSDT a347bus.sys ZwEnumerateValueKey
SSDT a347bus.sys ZwOpenFile
SSDT a347bus.sys ZwOpenKey
SSDT 85E6D218 ZwOpenProcess
SSDT 860246F8 ZwOpenThread
SSDT a347bus.sys ZwQueryKey
SSDT a347bus.sys ZwQueryValueKey
SSDT a347bus.sys ZwSetSystemPowerState
SSDT sptd.sys ZwSetValueKey

---- Devices - GMER 1.0.10 ----

Device \FileSystem\Ntfs \Ntfs IRP_MJ_CREATE 86990EB0
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_CREATE 86448C18
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_CREATE 86997648
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_CREATE 85E25268
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_CREATE_NAMED_PIPE 85E25268
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_CLOSEIRP_MJ_READ 85E25268
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_WRITE 85E25268
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_QUERY_INFORMATION 85E25268
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_SET_INFORMATION 85E25268
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_QUERY_EA 85E25268
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_SET_EA 85E25268
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_FLUSH_BUFFERS 85E25268
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_QUERY_VOLUME_INFORMATION 85E25268
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_SET_VOLUME_INFORMATION 85E25268
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_DIRECTORY_CONTROL 85E25268
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_FILE_SYSTEM_CONTROL 85E25268
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_DEVICE_CONTROL 85E25268
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_INTERNAL_DEVICE_CONTROL 85E25268
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_SHUTDOWN 85E25268
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_LOCK_CONTROL 85E25268
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_CLEANUP 85E25268
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_CREATE_MAILSLOT 85E25268
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_QUERY_SECURITY 85E25268
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_SET_SECURITY 85E25268
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_POWER 85E25268
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_SYSTEM_CONTROL 85E25268
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_DEVICE_CHANGE 85E25268
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_QUERY_QUOTA 85E25268
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_SET_QUOTA 85E25268
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_PNP 85E25268
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_PNP_POWER 85E25268
Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_CREATE 86997648
Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_CREATE 860550E8
Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_CREATE_NAMED_PIPE 860550E8
Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_CLOSEIRP_MJ_READ 860550E8
Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_WRITE 85E74150
Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_QUERY_INFORMATION 860550E8
Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_SET_INFORMATION 860550E8
Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_QUERY_EA 860550E8
Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_SET_EA 860550E8
Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_FLUSH_BUFFERS 860550E8
Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_QUERY_VOLUME_INFORMATION 860550E8
Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_SET_VOLUME_INFORMATION 860550E8
Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_DIRECTORY_CONTROL 860550E8
Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_FILE_SYSTEM_CONTROL 860550E8
Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_DEVICE_CONTROL 860550E8
Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_INTERNAL_DEVICE_CONTROL 860550E8
Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_SHUTDOWN 860550E8
Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_LOCK_CONTROL 860550E8
Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_CLEANUP 860550E8
Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_CREATE_MAILSLOT 860550E8
Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_QUERY_SECURITY 860550E8
Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_SET_SECURITY 860550E8
Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_POWER 860550E8
Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_SYSTEM_CONTROL 860550E8
Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_DEVICE_CHANGE 860550E8
Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_QUERY_QUOTA 860550E8
Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_SET_QUOTA 860550E8
Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_PNP 860550E8
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_CREATE 85E25268
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_CREATE_NAMED_PIPE 85E25268
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_CLOSEIRP_MJ_READ 85E25268
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_WRITE 85E25268
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_QUERY_INFORMATION 85E25268
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_SET_INFORMATION 85E25268
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_QUERY_EA 85E25268
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_SET_EA 85E25268
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_FLUSH_BUFFERS 85E25268
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_QUERY_VOLUME_INFORMATION 85E25268
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_SET_VOLUME_INFORMATION 85E25268
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_DIRECTORY_CONTROL 85E25268
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_FILE_SYSTEM_CONTROL 85E25268
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_DEVICE_CONTROL 85E25268
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_INTERNAL_DEVICE_CONTROL 85E25268
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_SHUTDOWN 85E25268
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_LOCK_CONTROL 85E25268
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_CLEANUP 85E25268
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_CREATE_MAILSLOT 85E25268
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_QUERY_SECURITY 85E25268
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_SET_SECURITY 85E25268
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_POWER 85E25268
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_SYSTEM_CONTROL 85E25268
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_DEVICE_CHANGE 85E25268
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_QUERY_QUOTA 85E25268
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_SET_QUOTA 85E25268
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_PNP 85E25268
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_PNP_POWER 85E25268
Device \Driver\iaStor \Device\Ide\iaStor0 IRP_MJ_CREATE 86996EB0
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 IRP_MJ_CREATE 863049D0
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 IRP_MJ_CREATE_NAMED_PIPE 863049D0
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 IRP_MJ_CLOSEIRP_MJ_READ 863049D0
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 IRP_MJ_WRITE 863049D0
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 IRP_MJ_QUERY_INFORMATION 863049D0
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 IRP_MJ_SET_INFORMATION 863049D0
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 IRP_MJ_QUERY_EA 863049D0
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 IRP_MJ_SET_EA 863049D0
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 IRP_MJ_FLUSH_BUFFERS 863049D0
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 IRP_MJ_QUERY_VOLUME_INFORMATION 863049D0
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 IRP_MJ_SET_VOLUME_INFORMATION 863049D0
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 IRP_MJ_DIRECTORY_CONTROL 863049D0
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 IRP_MJ_FILE_SYSTEM_CONTROL 863049D0
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 IRP_MJ_DEVICE_CONTROL 863049D0
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 IRP_MJ_INTERNAL_DEVICE_CONTROL 863049D0
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 IRP_MJ_SHUTDOWN 863049D0
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 IRP_MJ_LOCK_CONTROL 863049D0
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 IRP_MJ_CLEANUP 863049D0
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 IRP_MJ_CREATE_MAILSLOT 863049D0
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 IRP_MJ_QUERY_SECURITY 863049D0
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 IRP_MJ_SET_SECURITY 863049D0
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 IRP_MJ_POWER 863049D0
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 IRP_MJ_SYSTEM_CONTROL 863049D0
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 IRP_MJ_DEVICE_CHANGE 863049D0
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 IRP_MJ_QUERY_QUOTA 863049D0
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 IRP_MJ_SET_QUOTA 863049D0
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 IRP_MJ_PNP 863049D0
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 IRP_MJ_PNP_POWER 863049D0
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_CREATE 863049D0
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_CREATE_NAMED_PIPE 863049D0
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_CLOSEIRP_MJ_READ 863049D0
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_WRITE 863049D0
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_QUERY_INFORMATION 863049D0
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_SET_INFORMATION 863049D0
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_QUERY_EA 863049D0
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_SET_EA 863049D0
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_FLUSH_BUFFERS 863049D0
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_QUERY_VOLUME_INFORMATION 863049D0
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_SET_VOLUME_INFORMATION 863049D0
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_DIRECTORY_CONTROL 863049D0
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_FILE_SYSTEM_CONTROL 863049D0
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_DEVICE_CONTROL 863049D0
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_INTERNAL_DEVICE_CONTROL 863049D0
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_SHUTDOWN 863049D0
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_LOCK_CONTROL 863049D0
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_CLEANUP 863049D0
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_CREATE_MAILSLOT 863049D0
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_QUERY_SECURITY 863049D0
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_SET_SECURITY 863049D0
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_POWER 863049D0
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_SYSTEM_CONTROL 863049D0
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_DEVICE_CHANGE 863049D0
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_QUERY_QUOTA 863049D0
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_SET_QUOTA 863049D0
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_PNP 863049D0
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_PNP_POWER 863049D0
Device \Driver\iaStor \Device\Ide\IAAStorageDevice-0 IRP_MJ_CREATE 86996EB0
Device \Driver\Ftdisk \Device\HarddiskVolume3 IRP_MJ_CREATE 86997648
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_CREATE 85E25268
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_CREATE_NAMED_PIPE 85E25268
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_CLOSEIRP_MJ_READ 85E25268
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_WRITE 85E25268
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_QUERY_INFORMATION 85E25268
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_SET_INFORMATION 85E25268
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_QUERY_EA 85E25268
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_SET_EA 85E25268
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_FLUSH_BUFFERS 85E25268
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_QUERY_VOLUME_INFORMATION 85E25268
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_SET_VOLUME_INFORMATION 85E25268
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_DIRECTORY_CONTROL 85E25268
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_FILE_SYSTEM_CONTROL 85E25268
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_DEVICE_CONTROL 85E25268
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_INTERNAL_DEVICE_CONTROL 85E25268
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_SHUTDOWN 85E25268
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_LOCK_CONTROL 85E25268
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_CLEANUP 85E25268
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_CREATE_MAILSLOT 85E25268
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_QUERY_SECURITY 85E25268
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_SET_SECURITY 85E25268
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_POWER 85E25268
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_SYSTEM_CONTROL 85E25268
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_DEVICE_CHANGE 85E25268
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_QUERY_QUOTA 85E25268
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_SET_QUOTA 85E25268
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_PNP 85E25268
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_PNP_POWER 85E25268
Device \Driver\00000072 \Device\00000080 IRP_MJ_SYSTEM_CONTROL [F73F4A26] sptd.sys
Device \Driver\00000072 \Device\00000080 IRP_MJ_DEVICE_CHANGE [F7408BD8] sptd.sys
Device \Driver\00000072 \Device\00000080 IRP_MJ_PNP_POWER [F740154E] sptd.sys
Device \Driver\NetBT \Device\NetBt_Wins_Export IRP_MJ_CREATE 862CF8E0
Device \Driver\NetBT \Device\NetbiosSmb IRP_MJ_CREATE 862CF8E0
Device \Driver\NetBT \Device\NetBT_Tcpip_{02B0A09E-0184-4AA6-BD3C-7E2F459119D2} IRP_MJ_CREATE 862CF8E0
Device \Driver\Disk \Device\Harddisk0\DR0 IRP_MJ_CREATE 869900E8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_CREATE 862BDC08
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_CREATE_NAMED_PIPE 862BDC08
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_CLOSEIRP_MJ_READ 862BDC08
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_WRITE 85E6D150
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_QUERY_INFORMATION 862BDC08
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_SET_INFORMATION 862BDC08
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_QUERY_EA 862BDC08
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_SET_EA 862BDC08
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_FLUSH_BUFFERS 862BDC08
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_QUERY_VOLUME_INFORMATION 862BDC08
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_SET_VOLUME_INFORMATION 862BDC08
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_DIRECTORY_CONTROL 862BDC08
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_FILE_SYSTEM_CONTROL 862BDC08
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_DEVICE_CONTROL 862BDC08
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_INTERNAL_DEVICE_CONTROL 862BDC08
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_SHUTDOWN 862BDC08
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_LOCK_CONTROL 862BDC08
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_CLEANUP 862BDC08
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_CREATE_MAILSLOT 862BDC08
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_QUERY_SECURITY 862BDC08
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_SET_SECURITY 862BDC08
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_POWER 862BDC08
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_SYSTEM_CONTROL 862BDC08
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_DEVICE_CHANGE 862BDC08
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_QUERY_QUOTA 862BDC08
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_SET_QUOTA 862BDC08
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_PNP 862BDC08
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_PNP_POWER 862BDC08
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_CREATE 862BDC08
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_CREATE_NAMED_PIPE 862BDC08
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_CLOSEIRP_MJ_READ 862BDC08
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_WRITE 85E6D150
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_QUERY_INFORMATION 862BDC08
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_SET_INFORMATION 862BDC08
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_QUERY_EA 862BDC08
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_SET_EA 862BDC08
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_FLUSH_BUFFERS 862BDC08
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_QUERY_VOLUME_INFORMATION 862BDC08
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_SET_VOLUME_INFORMATION 862BDC08
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_DIRECTORY_CONTROL 862BDC08
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_FILE_SYSTEM_CONTROL 862BDC08
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_DEVICE_CONTROL 862BDC08
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_INTERNAL_DEVICE_CONTROL 862BDC08
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_SHUTDOWN 862BDC08
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_LOCK_CONTROL 862BDC08
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_CLEANUP 862BDC08
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_CREATE_MAILSLOT 862BDC08
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_QUERY_SECURITY 862BDC08
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_SET_SECURITY 862BDC08
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_POWER 862BDC08
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_SYSTEM_CONTROL 862BDC08
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_DEVICE_CHANGE 862BDC08
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_QUERY_QUOTA 862BDC08
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_SET_QUOTA 862BDC08
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_PNP 862BDC08
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_PNP_POWER 862BDC08
Device \FileSystem\Npfs \Device\NamedPipe IRP_MJ_CREATE 8600DE40
Device \FileSystem\Npfs \Device\NamedPipe IRP_MJ_CREATE_NAMED_PIPE 8600DE40
Device \FileSystem\Npfs \Device\NamedPipe IRP_MJ_CLOSEIRP_MJ_READ 8600DE40
Device \FileSystem\Npfs \Device\NamedPipe IRP_MJ_WRITE 85FFD4B8
Device \FileSystem\Npfs \Device\NamedPipe IRP_MJ_QUERY_INFORMATION 8600DE40
Device \FileSystem\Npfs \Device\NamedPipe IRP_MJ_SET_INFORMATION 8600DE40
Device \FileSystem\Npfs \Device\NamedPipe IRP_MJ_QUERY_EA 8600DE40
Device \Driver\Ftdisk \Device\FtControl IRP_MJ_CREATE 86997648
Device \FileSystem\Msfs \Device\Mailslot IRP_MJ_CREATE 86354420
Device \Driver\dtscsi \Device\Scsi\dtscsi1Port2Path0Target0Lun0 IRP_MJ_CREATE 8637A5D0
Device \Driver\dtscsi \Device\Scsi\dtscsi1Port2Path0Target0Lun0 IRP_MJ_CREATE_NAMED_PIPE 8637A5D0
Device \Driver\dtscsi \Device\Scsi\dtscsi1Port2Path0Target0Lun0 IRP_MJ_CLOSEIRP_MJ_READ 8637A5D0
Device \Driver\dtscsi \Device\Scsi\dtscsi1Port2Path0Target0Lun0 IRP_MJ_WRITE 8637A5D0
Device \Driver\dtscsi \Device\Scsi\dtscsi1Port2Path0Target0Lun0 IRP_MJ_QUERY_INFORMATION 8637A5D0
Device \Driver\dtscsi \Device\Scsi\dtscsi1Port2Path0Target0Lun0 IRP_MJ_SET_INFORMATION 8637A5D0
Device \Driver\dtscsi \Device\Scsi\dtscsi1Port2Path0Target0Lun0 IRP_MJ_QUERY_EA 8637A5D0
Device \Driver\dtscsi \Device\Scsi\dtscsi1Port2Path0Target0Lun0 IRP_MJ_SET_EA 8637A5D0
Device \Driver\dtscsi \Device\Scsi\dtscsi1Port2Path0Target0Lun0 IRP_MJ_FLUSH_BUFFERS 8637A5D0
Device \Driver\dtscsi \Device\Scsi\dtscsi1Port2Path0Target0Lun0 IRP_MJ_QUERY_VOLUME_INFORMATION 8637A5D0
Device \Driver\dtscsi \Device\Scsi\dtscsi1Port2Path0Target0Lun0 IRP_MJ_SET_VOLUME_INFORMATION 8637A5D0
Device \Driver\dtscsi \Device\Scsi\dtscsi1Port2Path0Target0Lun0 IRP_MJ_DIRECTORY_CONTROL 8637A5D0
Device \Driver\dtscsi \Device\Scsi\dtscsi1Port2Path0Target0Lun0 IRP_MJ_FILE_SYSTEM_CONTROL 8637A5D0
Device \Driver\dtscsi \Device\Scsi\dtscsi1Port2Path0Target0Lun0 IRP_MJ_DEVICE_CONTROL 8637A5D0
Device \Driver\dtscsi \Device\Scsi\dtscsi1Port2Path0Target0Lun0 IRP_MJ_INTERNAL_DEVICE_CONTROL 8637A5D0
Device \Driver\dtscsi \Device\Scsi\dtscsi1Port2Path0Target0Lun0 IRP_MJ_SHUTDOWN 8637A5D0
Device \Driver\dtscsi \Device\Scsi\dtscsi1Port2Path0Target0Lun0 IRP_MJ_LOCK_CONTROL 8637A5D0
Device \Driver\dtscsi \Device\Scsi\dtscsi1Port2Path0Target0Lun0 IRP_MJ_CLEANUP 8637A5D0
Device \Driver\dtscsi \Device\Scsi\dtscsi1Port2Path0Target0Lun0 IRP_MJ_CREATE_MAILSLOT 8637A5D0
Device \Driver\dtscsi \Device\Scsi\dtscsi1Port2Path0Target0Lun0 IRP_MJ_QUERY_SECURITY 8637A5D0
Device \Driver\dtscsi \Device\Scsi\dtscsi1Port2Path0Target0Lun0 IRP_MJ_SET_SECURITY 8637A5D0
Device \Driver\dtscsi \Device\Scsi\dtscsi1Port2Path0Target0Lun0 IRP_MJ_POWER 8637A5D0
Device \Driver\dtscsi \Device\Scsi\dtscsi1Port2Path0Target0Lun0 IRP_MJ_SYSTEM_CONTROL 8637A5D0
Device \Driver\dtscsi \Device\Scsi\dtscsi1Port2Path0Target0Lun0 IRP_MJ_DEVICE_CHANGE 8637A5D0
Device \Driver\dtscsi \Device\Scsi\dtscsi1Port2Path0Target0Lun0 IRP_MJ_QUERY_QUOTA 8637A5D0
Device \Driver\dtscsi \Device\Scsi\dtscsi1Port2Path0Target0Lun0 IRP_MJ_SET_QUOTA 8637A5D0
Device \Driver\dtscsi \Device\Scsi\dtscsi1Port2Path0Target0Lun0 IRP_MJ_PNP 8637A5D0
Device \Driver\dtscsi \Device\Scsi\dtscsi1Port2Path0Target0Lun0 IRP_MJ_PNP_POWER 8637A5D0
Device \Driver\a347scsi \Device\Scsi\a347scsi1 IRP_MJ_CREATE 8576B188
Device \Driver\a347scsi \Device\Scsi\a347scsi1 IRP_MJ_CREATE_NAMED_PIPE 8576B188
Device \Driver\a347scsi \Device\Scsi\a347scsi1 IRP_MJ_CLOSEIRP_MJ_READ 8576B188
Device \Driver\a347scsi \Device\Scsi\a347scsi1 IRP_MJ_WRITE 8576B188
Device \Driver\a347scsi \Device\Scsi\a347scsi1 IRP_MJ_QUERY_INFORMATION 8576B188
Device \Driver\a347scsi \Device\Scsi\a347scsi1 IRP_MJ_SET_INFORMATION 8576B188
Device \Driver\a347scsi \Device\Scsi\a347scsi1 IRP_MJ_QUERY_EA 8576B188
Device \Driver\a347scsi \Device\Scsi\a347scsi1 IRP_MJ_SET_EA 8576B188
Device \Driver\a347scsi \Device\Scsi\a347scsi1 IRP_MJ_FLUSH_BUFFERS 8576B188
Device \Driver\a347scsi \Device\Scsi\a347scsi1 IRP_MJ_QUERY_VOLUME_INFORMATION 8576B188
Device \Driver\a347scsi \Device\Scsi\a347scsi1 IRP_MJ_SET_VOLUME_INFORMATION 8576B188
Device \Driver\a347scsi \Device\Scsi\a347scsi1 IRP_MJ_DIRECTORY_CONTROL 8576B188
Device \Driver\a347scsi \Device\Scsi\a347scsi1 IRP_MJ_FILE_SYSTEM_CONTROL 8576B188
Device \Driver\a347scsi \Device\Scsi\a347scsi1 IRP_MJ_DEVICE_CONTROL 8576B188
Device \Driver\a347scsi \Device\Scsi\a347scsi1 IRP_MJ_INTERNAL_DEVICE_CONTROL 8576B188
Device \Driver\a347scsi \Device\Scsi\a347scsi1 IRP_MJ_SHUTDOWN 8576B188
Device \Driver\a347scsi \Device\Scsi\a347scsi1 IRP_MJ_LOCK_CONTROL 8576B188
Device \Driver\a347scsi \Device\Scsi\a347scsi1 IRP_MJ_CLEANUP 8576B188
Device \Driver\a347scsi \Device\Scsi\a347scsi1 IRP_MJ_CREATE_MAILSLOT 8576B188
Device \Driver\a347scsi \Device\Scsi\a347scsi1 IRP_MJ_QUERY_SECURITY 8576B188
Device \Driver\a347scsi \Device\Scsi\a347scsi1 IRP_MJ_SET_SECURITY 8576B188
Device \Driver\a347scsi \Device\Scsi\a347scsi1 IRP_MJ_POWER 8576B188
Device \Driver\a347scsi \Device\Scsi\a347scsi1 IRP_MJ_SYSTEM_CONTROL 8576B188
Device \Driver\a347scsi \Device\Scsi\a347scsi1 IRP_MJ_DEVICE_CHANGE 8576B188
Device \Driver\a347scsi \Device\Scsi\a347scsi1 IRP_MJ_QUERY_QUOTA 8576B188
Device \Driver\a347scsi \Device\Scsi\a347scsi1 IRP_MJ_SET_QUOTA 8576B188
Device \Driver\a347scsi \Device\Scsi\a347scsi1 IRP_MJ_PNP 8576B188
Device \Driver\a347scsi \Device\Scsi\a347scsi1 IRP_MJ_PNP_POWER 8576B188
Device \Driver\dtscsi \Device\Scsi\dtscsi1 IRP_MJ_CREATE 8637A5D0
Device \Driver\dtscsi \Device\Scsi\dtscsi1 IRP_MJ_CREATE_NAMED_PIPE 8637A5D0
Device \Driver\dtscsi \Device\Scsi\dtscsi1 IRP_MJ_CLOSEIRP_MJ_READ 8637A5D0
Device \Driver\dtscsi \Device\Scsi\dtscsi1 IRP_MJ_WRITE 8637A5D0
Device \Driver\dtscsi \Device\Scsi\dtscsi1 IRP_MJ_QUERY_INFORMATION 8637A5D0
Device \Driver\dtscsi \Device\Scsi\dtscsi1 IRP_MJ_SET_INFORMATION 8637A5D0
Device \Driver\dtscsi \Device\Scsi\dtscsi1 IRP_MJ_QUERY_EA 8637A5D0
Device \Driver\dtscsi \Device\Scsi\dtscsi1 IRP_MJ_SET_EA 8637A5D0
Device \Driver\dtscsi \Device\Scsi\dtscsi1 IRP_MJ_FLUSH_BUFFERS 8637A5D0
Device \Driver\dtscsi \Device\Scsi\dtscsi1 IRP_MJ_QUERY_VOLUME_INFORMATION 8637A5D0
Device \Driver\dtscsi \Device\Scsi\dtscsi1 IRP_MJ_SET_VOLUME_INFORMATION 8637A5D0
Device \Driver\dtscsi \Device\Scsi\dtscsi1 IRP_MJ_DIRECTORY_CONTROL 8637A5D0
Device \Driver\dtscsi \Device\Scsi\dtscsi1 IRP_MJ_FILE_SYSTEM_CONTROL 8637A5D0
Device \Driver\dtscsi \Device\Scsi\dtscsi1 IRP_MJ_DEVICE_CONTROL 8637A5D0
Device \Driver\dtscsi \Device\Scsi\dtscsi1 IRP_MJ_INTERNAL_DEVICE_CONTROL 8637A5D0
Device \Driver\dtscsi \Device\Scsi\dtscsi1 IRP_MJ_SHUTDOWN 8637A5D0
Device \Driver\dtscsi \Device\Scsi\dtscsi1 IRP_MJ_LOCK_CONTROL 8637A5D0
Device \Driver\dtscsi \Device\Scsi\dtscsi1 IRP_MJ_CLEANUP 8637A5D0
Device \Driver\dtscsi \Device\Scsi\dtscsi1 IRP_MJ_CREATE_MAILSLOT 8637A5D0
Device \Driver\dtscsi \Device\Scsi\dtscsi1 IRP_MJ_QUERY_SECURITY 8637A5D0
Device \Driver\dtscsi \Device\Scsi\dtscsi1 IRP_MJ_SET_SECURITY 8637A5D0
Device \Driver\dtscsi \Device\Scsi\dtscsi1 IRP_MJ_POWER 8637A5D0
Device \Driver\dtscsi \Device\Scsi\dtscsi1 IRP_MJ_SYSTEM_CONTROL 8637A5D0
Device \Driver\dtscsi \Device\Scsi\dtscsi1 IRP_MJ_DEVICE_CHANGE 8637A5D0
Device \Driver\dtscsi \Device\Scsi\dtscsi1 IRP_MJ_QUERY_QUOTA 8637A5D0
Device \Driver\dtscsi \Device\Scsi\dtscsi1 IRP_MJ_SET_QUOTA 8637A5D0
Device \Driver\dtscsi \Device\Scsi\dtscsi1 IRP_MJ_PNP 8637A5D0
Device \Driver\dtscsi \Device\Scsi\dtscsi1 IRP_MJ_PNP_POWER 8637A5D0
Device \Driver\a347scsi \Device\Scsi\a347scsi1Port3Path0Target0Lun0 IRP_MJ_CREATE 8576B188
Device \Driver\a347scsi \Device\Scsi\a347scsi1Port3Path0Target0Lun0 IRP_MJ_CREATE_NAMED_PIPE 8576B188
Device \Driver\a347scsi \Device\Scsi\a347scsi1Port3Path0Target0Lun0 IRP_MJ_CLOSEIRP_MJ_READ 8576B188
Device \Driver\a347scsi \Device\Scsi\a347scsi1Port3Path0Target0Lun0 IRP_MJ_WRITE 8576B188
Device \Driver\a347scsi \Device\Scsi\a347scsi1Port3Path0Target0Lun0 IRP_MJ_QUERY_INFORMATION 8576B188
Device \Driver\a347scsi \Device\Scsi\a347scsi1Port3Path0Target0Lun0 IRP_MJ_SET_INFORMATION 8576B188
Device \Driver\a347scsi \Device\Scsi\a347scsi1Port3Path0Target0Lun0 IRP_MJ_QUERY_EA 8576B188
Device \Driver\a347scsi \Device\Scsi\a347scsi1Port3Path0Target0Lun0 IRP_MJ_SET_EA 8576B188
Device \Driver\a347scsi \Device\Scsi\a347scsi1Port3Path0Target0Lun0 IRP_MJ_FLUSH_BUFFERS 8576B188
Device \Driver\a347scsi \Device\Scsi\a347scsi1Port3Path0Target0Lun0 IRP_MJ_QUERY_VOLUME_INFORMATION 8576B188
Device \Driver\a347scsi \Device\Scsi\a347scsi1Port3Path0Target0Lun0 IRP_MJ_SET_VOLUME_INFORMATION 8576B188
Device \Driver\a347scsi \Device\Scsi\a347scsi1Port3Path0Target0Lun0 IRP_MJ_DIRECTORY_CONTROL 8576B188
Device \Driver\a347scsi \Device\Scsi\a347scsi1Port3Path0Target0Lun0 IRP_MJ_FILE_SYSTEM_CONTROL 8576B188
Device \Driver\a347scsi \Device\Scsi\a347scsi1Port3Path0Target0Lun0 IRP_MJ_DEVICE_CONTROL 8576B188
Device \Driver\a347scsi \Device\Scsi\a347scsi1Port3Path0Target0Lun0 IRP_MJ_INTERNAL_DEVICE_CONTROL 8576B188
Device \Driver\a347scsi \Device\Scsi\a347scsi1Port3Path0Target0Lun0 IRP_MJ_SHUTDOWN 8576B188
Device \Driver\a347scsi \Device\Scsi\a347scsi1Port3Path0Target0Lun0 IRP_MJ_LOCK_CONTROL 8576B188
Device \Driver\a347scsi \Device\Scsi\a347scsi1Port3Path0Target0Lun0 IRP_MJ_CLEANUP 8576B188
Device \Driver\a347scsi \Device\Scsi\a347scsi1Port3Path0Target0Lun0 IRP_MJ_CREATE_MAILSLOT 8576B188
Device \Driver\a347scsi \Device\Scsi\a347scsi1Port3Path0Target0Lun0 IRP_MJ_QUERY_SECURITY 8576B188
Device \Driver\a347scsi \Device\Scsi\a347scsi1Port3Path0Target0Lun0 IRP_MJ_SET_SECURITY 8576B188
Device \Driver\a347scsi \Device\Scsi\a347scsi1Port3Path0Target0Lun0 IRP_MJ_POWER 8576B188
Device \Driver\a347scsi \Device\Scsi\a347scsi1Port3Path0Target0Lun0 IRP_MJ_SYSTEM_CONTROL 8576B188
Device \Driver\a347scsi \Device\Scsi\a347scsi1Port3Path0Target0Lun0 IRP_MJ_DEVICE_CHANGE 8576B188
Device \Driver\a347scsi \Device\Scsi\a347scsi1Port3Path0Target0Lun0 IRP_MJ_QUERY_QUOTA 8576B188
Device \Driver\a347scsi \Device\Scsi\a347scsi1Port3Path0Target0Lun0 IRP_MJ_SET_QUOTA 8576B188
Device \Driver\a347scsi \Device\Scsi\a347scsi1Port3Path0Target0Lun0 IRP_MJ_PNP 8576B188
Device \Driver\a347scsi \Device\Scsi\a347scsi1Port3Path0Target0Lun0 IRP_MJ_PNP_POWER 8576B188
Device \FileSystem\Fastfat \Fat IRP_MJ_CREATE 86448C18
Device \FileSystem\Cdfs \Cdfs IRP_MJ_CREATE 86033658

---- Modules - GMER 1.0.10 ----

Module _________ F72A7000

---- Files - GMER 1.0.10 ----

File C:\System Volume Information\MountPointManagerRemoteDatabase
File C:\System Volume Information\tracking.log
File C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}

---- EOF - GMER 1.0.10 ----
anksmashpunk is offline