Computer Runs Slow And Sound Delays

G

gard9070

New member
I'm not sure what is wrong with my computer but I have a gateway that has an AMD Athlon 64 bit Processor with 1 GB of RAM, processor is 1.78 GHz and I do have service pack 2 installed for windows.

Here is my log from HijackThis - v1.99.1:

Logfile of HijackThis v1.99.1
Scan saved at 12:47:37 PM, on 6/3/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Trend Micro\Antivirus\Tmntsrv.exe
C:\Program Files\Trend Micro\Antivirus\tmproxy.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\Trend Micro\Antivirus\pccguide.exe
C:\Program Files\Trend Micro\Antivirus\PCClient.exe
C:\Program Files\Trend Micro\Antivirus\TMOAgent.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC1.EXE
C:\WINDOWS\vsnpstd3.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\WINDOWS\VPro610.exe
C:\PROGRA~1\MICROS~3\rapimgr.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Webroot\Spy Sweeper\SSU.EXE
C:\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.gateway.com/g/sidepanel.html?Ch=Retail&Br=GTW&Loc=ENG_US&Sys=PTB&M=MX7527
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.gateway.com/g/startpage.html?Ch=Retail&Br=GTW&Loc=ENG_US&Sys=PTB&M=MX7527
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.gateway.com/g/startpage.html?Ch=Retail&Br=GTW&Loc=ENG_US&Sys=PTB&M=MX7527
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.gateway.com/g/sidepanel.html?Ch=Retail&Br=GTW&Loc=ENG_US&Sys=PTB&M=MX7527
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.gateway.com/g/startpage.html?Ch=Retail&Br=GTW&Loc=ENG_US&Sys=PTB&M=MX7527
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = cache.kettering.edu:3128
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: CBrowserHelperObject Object - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - c:\windows\system32\BAE.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [SynTPLpr] "C:\Program Files\Synaptics\SynTP\SynTPLpr.exe"
O4 - HKLM\..\Run: [SynTPEnh] "C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
O4 - HKLM\..\Run: [MSKDetectorExe] "C:\Program Files\McAfee\SpamKiller\MSKDetct.exe" /uninstall
O4 - HKLM\..\Run: [pccguide.exe] "C:\Program Files\Trend Micro\Antivirus\pccguide.exe"
O4 - HKLM\..\Run: [PCClient.exe] "C:\Program Files\Trend Micro\Antivirus\PCClient.exe"
O4 - HKLM\..\Run: [TM Outbreak Agent] "C:\Program Files\Trend Micro\Antivirus\TMOAgent.exe" /run
O4 - HKLM\..\Run: [EPSON Stylus C42 Series] "C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC1.EXE" /P23 "EPSON Stylus C42 Series" /O6 "USB001" /M "Stylus C42"
O4 - HKLM\..\Run: [snpstd3] C:\WINDOWS\vsnpstd3.exe
O4 - HKLM\..\Run: [UserFaultCheck] C:\WINDOWS\system32\dumprep 0 -u
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [SpySweeper] C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe /startintray
O4 - HKCU\..\Run: [X-Cleaner Freeware] "C:\PROGRA~1\X-CLEA~1\XCleaner_free.exe" -turbo -autostart -NOREBOOT
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - Global Startup: VProperty.lnk = C:\WINDOWS\VPro610.exe
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\Belkin\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Belkin\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Belkin\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Owner\Start Menu\Programs\IMVU\Run IMVU.lnk
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gard9070.spaces.live.com//PhotoUpload/MsnPUpld.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O20 - Winlogon Notify: WRNotifier - C:\WINDOWS\SYSTEM32\WRLogonNTF.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
O23 - Service: Trend NT Realtime Service (Tmntsrv) - Trend Micro Incorporated. - C:\Program Files\Trend Micro\Antivirus\Tmntsrv.exe
O23 - Service: Trend Micro Proxy Service (tmproxy) - Trend Micro Incorporated. - C:\Program Files\Trend Micro\Antivirus\tmproxy.exe
O23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe

If you could help me PLEASE DO...my computer is my baby
 
Hello and welcome to the Forums :)

Let's see...

Please do an online scan with Kaspersky WebScanner

Click on Kaspersky Online Scanner

You will be promted to install an ActiveX component from Kaspersky, Click Yes.
  • The program will launch and then begin downloading the latest definition files:
  • Once the files have been downloaded click on NEXT
  • Now click on Scan Settings
  • In the scan settings make that the following are selected:
    • Scan using the following Anti-Virus database:
    • Extended (if available otherwise Standard)
    • Scan Options:
    • Scan Archives
      Scan Mail Bases
  • Click OK
  • Now under select a target to scan:
    • Select My Computer
  • This will program will start and scan your system.
  • The scan will take a while so be patient and let it run.
  • Once the scan is complete it will display if your system has been infected.
    • Now click on the Save as Text button:
  • Save the file to your desktop.
  • Copy and paste that information in your next post.
 
here are the results for kaspersky:

-------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER REPORT
Tuesday, June 05, 2007 7:37:22 AM
Operating System: Microsoft Windows XP Professional, Service Pack 2 (Build 2600)
Kaspersky Online Scanner version: 5.0.83.0
Kaspersky Anti-Virus database last update: 4/06/2007
Kaspersky Anti-Virus database records: 339591
-------------------------------------------------------------------------------

Scan Settings:
Scan using the following antivirus database: extended
Scan Archives: true
Scan Mail Bases: true

Scan Target - My Computer:
C:\
D:\
E:\
F:\
G:\

Scan Statistics:
Total number of scanned objects: 215393
Number of viruses found: 4
Number of infected objects: 13 / 0
Number of suspicious objects: 0
Duration of the scan process: 07:23:56

Infected Object Name / Virus Name / Last Action
C:\Documents and Settings\All Users\Application Data\Microsoft\eHome\logs\ehRecvr.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Windows NT\MSFax\ActivityLog\InboxLOG.txt Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Windows NT\MSFax\ActivityLog\OutboxLOG.txt Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Data\settings.dat Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS0A618E26-F44D-4CCB-9B93-595B44EDDC4D.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS0D74F5FF-5184-4DDF-81A2-1921CEB8F847.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS0E1D735D-F277-4067-9B86-1F1DF1A744DE.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS1111D8BD-B262-41B9-A303-5077FAD89FC0.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS11981DAB-69E8-41B5-83ED-FF0778437127.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS16BDBDCD-863E-41EE-AA8A-2A66BFF256B6.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS1DECD153-6EC9-4AAA-8C86-4469BD30381E.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS1F7BBE43-FFB8-452F-B183-2C873A88C962.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS22EEF032-C315-40BA-9CB2-5B5F97AE9D89.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS23494218-E05F-4206-887C-D00ABEFF141A.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS23C180B0-0B60-4847-9A56-E1E3F827B435.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS2808357E-6E77-4C3F-AA65-CD1EB215378B.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS2B9E928D-5D03-4B39-BAB6-84E7A158FF83.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS2F52C963-5F67-45DF-9B43-83A28C937956.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS34179B8E-1DDE-4DE9-AAD2-AB64870A4E57.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS3631777A-4FDF-4EA1-B39F-A2F62600D7BE.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS37A7BA58-C561-4DE9-9FEF-12C2951C2BDB.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS38DC4AA9-8B78-4094-860B-7118D2AA5AFA.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS3A3A5EAA-BD9A-4AC0-BE4B-830F2FBA7FE4.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS3EF03875-7014-4ECE-85E6-E1C3DD4B932E.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS3EFEC8F9-C947-4C4D-BEC2-FDAF00171D99.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS418519BC-7B0D-446F-A8C8-0B9FAD48E4E3.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS4461F7FD-AA50-4537-8C2A-73AA4784BB44.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS46BAC35E-13BB-4DFF-94A6-D8012F062EF1.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS53735AB7-C3B1-4B3E-B404-340C35F7663A.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS563D0745-D729-49FB-83DC-FBEEAA48D5F6.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS577E5057-136D-494C-94FC-019D3B92E213.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS6207D944-CBF1-42F3-8760-940762207AFD.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS62553570-1ED7-48E7-B4E7-85EBA55574C8.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS685024EC-BEA8-49DD-8E09-DC6CD3F7057B.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS692BF454-3053-42BD-A32B-6CC510BADA6F.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS6A27DD32-F310-4556-8B7E-892A57853367.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS6AAC10B7-4720-4471-82C4-3BD07D8D7DD6.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS6B22D0C9-DCAE-446A-8067-2B31479EC1BA.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS6BFF752E-AE61-4EA6-A4F5-E0EBEAC77A39.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS6E622D33-407E-4A36-83B3-74316A8E4CD5.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS6FFB3AF0-8097-435C-9C43-3EB5C92C4E9D.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS735C9C56-B8E6-451D-8441-31182EE71E5E.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS73A71EEC-3DBD-4436-9AFD-909DEA25778F.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS75191572-74D8-4654-B479-62EE1096DFC7.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS7C752CBC-5836-409C-8DC7-22E9DACBBA1A.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS8123735A-5C00-4E69-AB2D-C3F8CAB15AA0.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS8E8BA2AA-2136-451E-9C6E-F9C01C68DA45.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS90CFE597-42C4-499E-B97B-E7E1A574BA04.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS931055CE-7EAF-4D97-99F6-6560B5D131E8.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS93A32256-4B0B-4C4D-8A84-A5E947ED6D46.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS9421E08F-E269-4432-A8DA-BDC0B2D58FEA.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS952E0400-1B26-4EA5-AB81-C15335BE03B7.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS9626CE2A-4BD5-458C-8701-E30BCE32748E.tmp Object is locked skipped
 
here is the rest:

C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS96B1790E-5374-4AEC-A1C8-DE2F9840A1CE.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS98DEB606-B846-4098-8DCF-D0B262C4401C.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS993487BF-5AD9-40DC-83D0-76D3FF1F33A8.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS9D3ADBEB-7D31-4062-8C36-D09CA30A2C39.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCSA041F9FD-978A-48FD-B0E5-9647F1BAFC98.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCSA3FE140D-45BA-4FF4-913E-7B47AC2D49CD.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCSA73C0E58-479E-414D-A080-91F40F5EC518.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCSA8602882-A3DF-48D8-AB00-F27D1663A9B9.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCSAEA9C9D1-4326-4584-A15B-F4A70DA7E27F.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCSAFB6A1EA-71A6-4753-BB2F-2A53C7F63EA8.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCSB20EDAEB-7881-470F-8B45-25280BCC41F8.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCSBAF09DBE-B757-4E2A-895E-49D7DFCC8CB9.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCSBC2637D8-E1D1-4222-B996-7808A2FD4D46.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCSBF201988-25FF-4724-97E4-22759F036982.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCSBF2F42A5-6B16-4EA4-927D-DAD6BE1D482F.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCSBF33818B-5110-4180-9091-5FC1C5B1A6AD.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCSC0DA96D5-0D48-4C81-8F28-AEFDE8C073AD.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCSC4FF0EB3-C80C-42D3-BC82-ADED80692E1F.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCSC5B4C5E6-B0DB-455C-B16D-7933EBD27FFC.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCSC6784214-A591-4EF6-9F1B-685BFFCD6544.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCSC6870725-51BE-4BEC-A750-D8FA91607940.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCSC89C279B-61CB-4ED5-A68E-C7F7C8D7FBBF.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCSCB1893AD-4E71-4E27-922A-B37C8411A4F6.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCSD0777F0A-B317-4B46-8B35-010EE816FB5E.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCSD16EBB1D-2D7A-4C92-BA08-3CE95C7ADD72.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCSD48C2AEA-492D-4D58-BB90-3F698CCFA5E3.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCSD7D1D0E2-49AE-4D06-94F9-4DED35FAF56B.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCSD86581C7-EC2F-41AC-9FD5-1F676E8CE554.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCSD8BB325B-ECC5-45BB-AA82-DEF2915FE576.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCSDBA20982-C5F4-463C-BBE7-81A5E0CF061D.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCSE09346B2-4701-4152-BAAD-5C0D305FFD09.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCSE43B4CCF-B4C2-4EFE-B65E-52778B92FE78.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCSE53233B0-6F9A-4379-9869-5A83D007739F.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCSE7C69215-1DBC-4F85-9A7E-FDFED9FF3009.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCSEBA25D10-7A33-4EAE-8119-A55F7E257EA3.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCSEDC59266-4177-4B0A-91E1-BE2A40F03B8D.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCSEFCC6FB3-5254-4DDE-AFB9-C70BED30B86E.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCSF0B264CB-F2B2-4EE5-85DC-6B55E9B1086B.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCSF1BD4299-A9A4-4A2F-B8B4-1BF16B2BCC01.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCSF5227628-19E8-41B5-98E7-EFCBB166E17F.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCSFB1923A2-104F-4F3D-A63A-4AA30F426779.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCSFC87A4BB-1818-4082-B98B-F6B141C78783.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\Owner\Application Data\$_hpcst$.hpc Object is locked skipped
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\8pnw8tiz.default\cert8.db Object is locked skipped
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\8pnw8tiz.default\formhistory.dat Object is locked skipped
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\8pnw8tiz.default\history.dat Object is locked skipped
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\8pnw8tiz.default\key3.db Object is locked skipped
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\8pnw8tiz.default\parent.lock Object is locked skipped
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\8pnw8tiz.default\search.sqlite Object is locked skipped
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\8pnw8tiz.default\urlclassifier2.sqlite Object is locked skipped
C:\Documents and Settings\Owner\Application Data\Webroot\Spy Sweeper\Logs\070604125937.ses Object is locked skipped
C:\Documents and Settings\Owner\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\Application Data\Mozilla\Firefox\Profiles\8pnw8tiz.default\Cache\_CACHE_001_ Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\Application Data\Mozilla\Firefox\Profiles\8pnw8tiz.default\Cache\_CACHE_002_ Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\Application Data\Mozilla\Firefox\Profiles\8pnw8tiz.default\Cache\_CACHE_003_ Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\Application Data\Mozilla\Firefox\Profiles\8pnw8tiz.default\Cache\_CACHE_MAP_ Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\History\History.IE5\MSHist012007060420070605\index.dat Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\Temp\fla5C6.tmp Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\Temp\WCESLog.log Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Owner\My Documents\Downloads\TorrentQ-2.1.0.0-setup-0350.exe/file02 Infected: not-a-virus:AdWare.Win32.Lop.bo skipped
C:\Documents and Settings\Owner\My Documents\Downloads\TorrentQ-2.1.0.0-setup-0350.exe/file13 Infected: Trojan.Win32.Obfuscated.en skipped
C:\Documents and Settings\Owner\My Documents\Downloads\TorrentQ-2.1.0.0-setup-0350.exe Inno: infected - 2 skipped
C:\Documents and Settings\Owner\My Documents\Internet Downloads\DivXInstaller.exe/stream/data0061/product.cab/xpi/components/googletoolbar.dll Infected: not-a-virus:AdWare.Win32.Beginto.f skipped
C:\Documents and Settings\Owner\My Documents\Internet Downloads\DivXInstaller.exe/stream/data0061/product.cab/xpi Infected: not-a-virus:AdWare.Win32.Beginto.f skipped
C:\Documents and Settings\Owner\My Documents\Internet Downloads\DivXInstaller.exe/stream/data0061/product.cab Infected: not-a-virus:AdWare.Win32.Beginto.f skipped
C:\Documents and Settings\Owner\My Documents\Internet Downloads\DivXInstaller.exe/stream/data0061 Infected: not-a-virus:AdWare.Win32.Beginto.f skipped
C:\Documents and Settings\Owner\My Documents\Internet Downloads\DivXInstaller.exe/stream Infected: not-a-virus:AdWare.Win32.Beginto.f skipped
C:\Documents and Settings\Owner\My Documents\Internet Downloads\DivXInstaller.exe NSIS: infected - 5 skipped
C:\Documents and Settings\Owner\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\Owner\ntuser.dat.LOG Object is locked skipped
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\logs\starwind.2007-06-04.12-53-05.log Object is locked skipped
C:\Program Files\themexp\Themexp.org File\NNWDAB638.EXE Infected: not-a-virus:AdWare.Win32.NewDotNet skipped
C:\Program Files\TorrentQ\minime.exe Infected: Trojan.Win32.Obfuscated.en skipped
C:\Program Files\TorrentQ\TorrentManager.dll Infected: not-a-virus:AdWare.Win32.Lop.bo skipped
C:\Program Files\Trend Micro\Antivirus\temp\aubin\AU_Cache\vsapi507.zip Object is locked skipped
C:\Program Files\Trend Micro\Antivirus\temp\aubin\AU_Temp\AU_Down\pattern\vsapi507.zip Object is locked skipped
C:\Program Files\Webroot\Spy Sweeper\Masters\masters.bak Object is locked skipped
C:\Program Files\Webroot\Spy Sweeper\Masters\Masters.const Object is locked skipped
C:\Program Files\Webroot\Spy Sweeper\Masters\masters.mst Object is locked skipped
C:\Program Files\Webroot\Spy Sweeper\Masters.base Object is locked skipped
C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP181\A0043175.exe Infected: not-a-virus:AdWare.Win32.NewDotNet skipped
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP191\change.log Object is locked skipped
C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
C:\WINDOWS\ModemLog_AC97 Soft Data Fax Modem with SmartCP.txt Object is locked skipped
C:\WINDOWS\Registration\{02D4B3F1-FD88-11D1-960D-00805FC79235}.{3B395CFE-6408-44DF-93FC-58F5C32F09CA}.crmlog Object is locked skipped
C:\WINDOWS\SchedLgU.Txt Object is locked skipped
C:\WINDOWS\SoftwareDistribution\EventCache\{626C358B-7B89-477F-8750-35B488CEA8B6}.bin Object is locked skipped
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped
C:\WINDOWS\Sti_Trace.log Object is locked skipped
C:\WINDOWS\system32\CatRoot2\edb.log Object is locked skipped
C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked skipped
C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\default Object is locked skipped
C:\WINDOWS\system32\config\default.LOG Object is locked skipped
C:\WINDOWS\system32\config\Media Ce.evt Object is locked skipped
C:\WINDOWS\system32\config\SAM Object is locked skipped
C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped
C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\SECURITY Object is locked skipped
C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped
C:\WINDOWS\system32\config\software Object is locked skipped
C:\WINDOWS\system32\config\software.LOG Object is locked skipped
C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\system Object is locked skipped
C:\WINDOWS\system32\config\system.LOG Object is locked skipped
C:\WINDOWS\system32\drivers\sptd.sys Object is locked skipped
C:\WINDOWS\system32\drivers\vaxscsi.sys Object is locked skipped
C:\WINDOWS\system32\h323log.txt Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped
C:\WINDOWS\Temp\T30DebugLogFile.txt Object is locked skipped
C:\WINDOWS\wiadebug.log Object is locked skipped
C:\WINDOWS\wiaservc.log Object is locked skipped
C:\WINDOWS\WindowsUpdate.log Object is locked skipped
D:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP191\change.log Object is locked skipped

Scan process completed.
 
Ok only a few adware bundled installers...


Please run a GMER Rootkit scan:

Download GMER's application from here:
http://www.gmer.net/gmer.zip

Unzip it and start the GMER.exe
Click the Rootkit tab and click the Scan button.

Once done, click the Copy button.
This will copy the results to your clipboard.
Paste the results in your next reply.

Warning ! Please, do not select the "Show all" checkbox during the scan.
 
Gmer

GMER 1.0.12.12244 - http://www.gmer.net
Rootkit scan 2007-06-06 13:16:39
Windows 5.1.2600 Service Pack 2


---- System - GMER 1.0.12 ----

SSDT 86FC7918 ZwAllocateVirtualMemory
SSDT 86FAA468 ZwCreateKey
SSDT 86F5A8B8 ZwCreateProcess
SSDT 86F578B8 ZwCreateProcessEx
SSDT 86FCBD40 ZwCreateThread
SSDT 86FAA3F0 ZwDeleteKey
SSDT 86F5EDA0 ZwDeleteValueKey
SSDT sptd.sys ZwEnumerateKey
SSDT sptd.sys ZwEnumerateValueKey
SSDT sptd.sys ZwOpenKey
SSDT sptd.sys ZwQueryKey
SSDT sptd.sys ZwQueryValueKey
SSDT 86FA3100 ZwQueueApcThread
SSDT 86FC5918 ZwReadVirtualMemory
SSDT 86F4F870 ZwRenameKey
SSDT 86FA6350 ZwSetContextThread
SSDT 86FA4098 ZwSetInformationKey
SSDT 86F88428 ZwSetInformationProcess
SSDT 86F588D8 ZwSetInformationThread
SSDT 86FCD8B8 ZwSetValueKey
SSDT 86FA3750 ZwSuspendProcess
SSDT 86FDA100 ZwSuspendThread
SSDT 86F5EB58 ZwTerminateProcess
SSDT 86F5B8D8 ZwTerminateThread
SSDT 86FA6108 ZwWriteVirtualMemory

---- Kernel code sections - GMER 1.0.12 ----

? C:\WINDOWS\system32\drivers\sptd.sys The process cannot access the file because it is being used by another process.
.text USBPORT.SYS!DllUnload F6D1762C 5 Bytes JMP 86DE5970
? C:\WINDOWS\System32\Drivers\vaxscsi.sys The process cannot access the file because it is being used by another process.
? C:\WINDOWS\system32\DRIVERS\update.sys

---- User code sections - GMER 1.0.12 ----

.text C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe[2516] kernel32.dll!CreateThread + 1A 7C810651 4 Bytes [ 03, FF, C3, 83 ]
.text C:\Program Files\Webroot\Spy Sweeper\ssu.exe[2832] kernel32.dll!CreateFileA 7C801A24 5 Bytes JMP 0002FCB0 C:\Program Files\Webroot\Spy Sweeper\SSU.EXE
.text C:\Program Files\Webroot\Spy Sweeper\ssu.exe[2832] kernel32.dll!VirtualProtect 7C801AD0 5 Bytes JMP 0002FEDC C:\Program Files\Webroot\Spy Sweeper\SSU.EXE
.text C:\Program Files\Webroot\Spy Sweeper\ssu.exe[2832] kernel32.dll!LoadLibraryExW 7C801AF1 5 Bytes JMP 0002FCB0 C:\Program Files\Webroot\Spy Sweeper\SSU.EXE
.text C:\Program Files\Webroot\Spy Sweeper\ssu.exe[2832] kernel32.dll!VirtualAlloc 7C809A51 5 Bytes JMP 0002FE60 C:\Program Files\Webroot\Spy Sweeper\SSU.EXE
.text C:\Program Files\Webroot\Spy Sweeper\ssu.exe[2832] kernel32.dll!VirtualFree 7C809AE4 5 Bytes JMP 0002FEA0 C:\Program Files\Webroot\Spy Sweeper\SSU.EXE
.text C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe[3832] kernel32.dll!CreateThread
 
---- Devices - GMER 1.0.12 ----

Device \FileSystem\Ntfs \Ntfs IRP_MJ_CREATE 86F4D1D8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_CLOSE 86F4D1D8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_READ 86F4D1D8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_WRITE 86F4D1D8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_INFORMATION 86F4D1D8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_SET_INFORMATION 86F4D1D8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_EA 86F4D1D8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_SET_EA 86F4D1D8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_FLUSH_BUFFERS 86F4D1D8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_VOLUME_INFORMATION 86F4D1D8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_SET_VOLUME_INFORMATION 86F4D1D8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_DIRECTORY_CONTROL 86F4D1D8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_FILE_SYSTEM_CONTROL 86F4D1D8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_DEVICE_CONTROL 86F4D1D8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_SHUTDOWN 86F4D1D8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_LOCK_CONTROL 86F4D1D8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_CLEANUP 86F4D1D8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_SECURITY 86F4D1D8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_SET_SECURITY 86F4D1D8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_QUOTA 86F4D1D8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_SET_QUOTA 86F4D1D8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_PNP 86F4D1D8
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_CREATE 869E1990
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_CLOSE 869E1990
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_READ 869E1990
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_WRITE 869E1990
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_QUERY_INFORMATION 869E1990
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_SET_INFORMATION 869E1990
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_QUERY_EA 869E1990
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_SET_EA 869E1990
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_FLUSH_BUFFERS 869E1990
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_QUERY_VOLUME_INFORMATION 869E1990
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_SET_VOLUME_INFORMATION 869E1990
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_DIRECTORY_CONTROL 869E1990
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_FILE_SYSTEM_CONTROL 869E1990
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_DEVICE_CONTROL 869E1990
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_SHUTDOWN 869E1990
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_LOCK_CONTROL 869E1990
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_CLEANUP 869E1990
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_PNP
 
Device \Driver\Tcpip \Device\Ip IRP_MJ_CREATE 86A01380
Device \Driver\Tcpip \Device\Ip IRP_MJ_CREATE_NAMED_PIPE 86A01308
Device \Driver\Tcpip \Device\Ip IRP_MJ_CLOSE 86A01290
Device \Driver\Tcpip \Device\Ip IRP_MJ_READ 86A01218
Device \Driver\Tcpip \Device\Ip IRP_MJ_WRITE 86A011A0
Device \Driver\Tcpip \Device\Ip IRP_MJ_QUERY_INFORMATION 86A01128
Device \Driver\Tcpip \Device\Ip IRP_MJ_SET_INFORMATION 869F8020
Device \Driver\Tcpip \Device\Ip IRP_MJ_QUERY_EA 869F8FA8
Device \Driver\Tcpip \Device\Ip IRP_MJ_SET_EA 869F8F30
Device \Driver\Tcpip \Device\Ip IRP_MJ_FLUSH_BUFFERS 869F8EB8
Device \Driver\Tcpip \Device\Ip IRP_MJ_QUERY_VOLUME_INFORMATION 869F8E40
Device \Driver\Tcpip \Device\Ip IRP_MJ_SET_VOLUME_INFORMATION 869F8DC8
Device \Driver\Tcpip \Device\Ip IRP_MJ_DIRECTORY_CONTROL 869F8D50
Device \Driver\Tcpip \Device\Ip IRP_MJ_FILE_SYSTEM_CONTROL 869F8CD8
Device \Driver\Tcpip \Device\Ip IRP_MJ_DEVICE_CONTROL 869F8C60
Device \Driver\Tcpip \Device\Ip IRP_MJ_INTERNAL_DEVICE_CONTROL 869F8BE8
Device \Driver\Tcpip \Device\Ip IRP_MJ_SHUTDOWN 869F8B70
Device \Driver\Tcpip \Device\Ip IRP_MJ_LOCK_CONTROL 869F8AF8
Device \Driver\Tcpip \Device\Ip IRP_MJ_CLEANUP 869F8A80
Device \Driver\Tcpip \Device\Ip IRP_MJ_CREATE_MAILSLOT 869F8A08
Device \Driver\Tcpip \Device\Ip IRP_MJ_QUERY_SECURITY 869F8990
Device \Driver\Tcpip \Device\Ip IRP_MJ_SET_SECURITY 869F8918
Device \Driver\Tcpip \Device\Ip IRP_MJ_POWER 869F88A0
Device \Driver\Tcpip \Device\Ip IRP_MJ_SYSTEM_CONTROL 869F8828
Device \Driver\Tcpip \Device\Ip IRP_MJ_DEVICE_CHANGE 869F87B0
Device \Driver\Tcpip \Device\Ip IRP_MJ_QUERY_QUOTA 869F8738
Device \Driver\Tcpip \Device\Ip IRP_MJ_SET_QUOTA 869F86C0
Device \Driver\Tcpip \Device\Ip IRP_MJ_PNP 869F8648
Device \Driver\usbohci \Device\USBPDO-0 IRP_MJ_CREATE 86DE41D8
Device \Driver\usbohci \Device\USBPDO-0 IRP_MJ_CLOSE 86DE41D8
Device \Driver\usbohci \Device\USBPDO-0 IRP_MJ_DEVICE_CONTROL 86DE41D8
Device \Driver\usbohci \Device\USBPDO-0 IRP_MJ_INTERNAL_DEVICE_CONTROL 86DE41D8
Device \Driver\usbohci \Device\USBPDO-0 IRP_MJ_POWER 86DE41D8
Device \Driver\usbohci \Device\USBPDO-0 IRP_MJ_SYSTEM_CONTROL 86DE41D8
Device \Driver\usbohci \Device\USBPDO-0 IRP_MJ_PNP 86DE41D8
Device \Driver\usbohci \Device\USBPDO-1 IRP_MJ_CREATE 86DE41D8
Device \Driver\usbohci \Device\USBPDO-1 IRP_MJ_CLOSE 86DE41D8
Device \Driver\usbohci \Device\USBPDO-1 IRP_MJ_DEVICE_CONTROL 86DE41D8
Device \Driver\usbohci \Device\USBPDO-1 IRP_MJ_INTERNAL_DEVICE_CONTROL 86DE41D8
Device \Driver\usbohci \Device\USBPDO-1 IRP_MJ_POWER 86DE41D8
Device \Driver\usbohci \Device\USBPDO-1 IRP_MJ_SYSTEM_CONTROL 86DE41D8
Device \Driver\usbohci \Device\USBPDO-1 IRP_MJ_PNP
 
Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_CREATE 86F681D8
Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_CLOSE 86F681D8
Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_READ 86F681D8
Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_WRITE 86F681D8
Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_FLUSH_BUFFERS 86F681D8
Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_DEVICE_CONTROL 86F681D8
Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_INTERNAL_DEVICE_CONTROL 86F681D8
Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_SHUTDOWN 86F681D8
Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_POWER 86F681D8
Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_SYSTEM_CONTROL 86F681D8
Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_PNP 86F681D8
Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_CREATE 86F681D8
Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_CLOSE 86F681D8
Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_READ 86F681D8
Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_WRITE 86F681D8
Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_FLUSH_BUFFERS 86F681D8
Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_DEVICE_CONTROL 86F681D8
Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_INTERNAL_DEVICE_CONTROL 86F681D8
Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_SHUTDOWN 86F681D8
Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_POWER 86F681D8
Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_SYSTEM_CONTROL 86F681D8
Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_PNP 86F681D8
Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_CREATE 86F681D8
Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_CLOSE 86F681D8
Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_READ 86F681D8
Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_WRITE 86F681D8
Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_FLUSH_BUFFERS 86F681D8
Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_DEVICE_CONTROL 86F681D8
Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_INTERNAL_DEVICE_CONTROL 86F681D8
Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_SHUTDOWN 86F681D8
Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_POWER 86F681D8
Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_SYSTEM_CONTROL 86F681D8
Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_PNP 86F681D8
Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_CREATE 86F681D8
Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_CLOSE 86F681D8
Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_READ 86F681D8
Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_WRITE 86F681D8
Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_FLUSH_BUFFERS 86F681D8
Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_DEVICE_CONTROL 86F681D8
Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_INTERNAL_DEVICE_CONTROL 86F681D8
Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_SHUTDOWN 86F681D8
Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_POWER 86F681D8
Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_SYSTEM_CONTROL 86F681D8
Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_PNP
 
Device \Driver\usbehci \Device\USBPDO-2 IRP_MJ_CREATE 86DCD1D8
Device \Driver\usbehci \Device\USBPDO-2 IRP_MJ_CLOSE 86DCD1D8
Device \Driver\usbehci \Device\USBPDO-2 IRP_MJ_DEVICE_CONTROL 86DCD1D8
Device \Driver\usbehci \Device\USBPDO-2 IRP_MJ_INTERNAL_DEVICE_CONTROL 86DCD1D8
Device \Driver\usbehci \Device\USBPDO-2 IRP_MJ_POWER 86DCD1D8
Device \Driver\usbehci \Device\USBPDO-2 IRP_MJ_SYSTEM_CONTROL 86DCD1D8
Device \Driver\usbehci \Device\USBPDO-2 IRP_MJ_PNP 86DCD1D8
Device \Driver\Tcpip \Device\Tcp IRP_MJ_CREATE 86A01380
Device \Driver\Tcpip \Device\Tcp IRP_MJ_CREATE_NAMED_PIPE 86A01308
Device \Driver\Tcpip \Device\Tcp IRP_MJ_CLOSE 86A01290
Device \Driver\Tcpip \Device\Tcp IRP_MJ_READ 86A01218
Device \Driver\Tcpip \Device\Tcp IRP_MJ_WRITE 86A011A0
Device \Driver\Tcpip \Device\Tcp IRP_MJ_QUERY_INFORMATION 86A01128
Device \Driver\Tcpip \Device\Tcp IRP_MJ_SET_INFORMATION 869F8020
Device \Driver\Tcpip \Device\Tcp IRP_MJ_QUERY_EA 869F8FA8
Device \Driver\Tcpip \Device\Tcp IRP_MJ_SET_EA 869F8F30
Device \Driver\Tcpip \Device\Tcp IRP_MJ_FLUSH_BUFFERS 869F8EB8
Device \Driver\Tcpip \Device\Tcp IRP_MJ_QUERY_VOLUME_INFORMATION 869F8E40
Device \Driver\Tcpip \Device\Tcp IRP_MJ_SET_VOLUME_INFORMATION 869F8DC8
Device \Driver\Tcpip \Device\Tcp IRP_MJ_DIRECTORY_CONTROL 869F8D50
Device \Driver\Tcpip \Device\Tcp IRP_MJ_FILE_SYSTEM_CONTROL 869F8CD8
Device \Driver\Tcpip \Device\Tcp IRP_MJ_DEVICE_CONTROL 869F8C60
Device \Driver\Tcpip \Device\Tcp IRP_MJ_INTERNAL_DEVICE_CONTROL 869F8BE8
Device \Driver\Tcpip \Device\Tcp IRP_MJ_SHUTDOWN 869F8B70
Device \Driver\Tcpip \Device\Tcp IRP_MJ_LOCK_CONTROL 869F8AF8
Device \Driver\Tcpip \Device\Tcp IRP_MJ_CLEANUP 869F8A80
Device \Driver\Tcpip \Device\Tcp IRP_MJ_CREATE_MAILSLOT 869F8A08
Device \Driver\Tcpip \Device\Tcp IRP_MJ_QUERY_SECURITY 869F8990
Device \Driver\Tcpip \Device\Tcp IRP_MJ_SET_SECURITY 869F8918
Device \Driver\Tcpip \Device\Tcp IRP_MJ_POWER 869F88A0
Device \Driver\Tcpip \Device\Tcp IRP_MJ_SYSTEM_CONTROL 869F8828
Device \Driver\Tcpip \Device\Tcp IRP_MJ_DEVICE_CHANGE 869F87B0
Device \Driver\Tcpip \Device\Tcp IRP_MJ_QUERY_QUOTA 869F8738
Device \Driver\Tcpip \Device\Tcp IRP_MJ_SET_QUOTA 869F86C0
Device \Driver\Tcpip \Device\Tcp IRP_MJ_PNP
 
86F681D8
869F8648
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_CREATE 86FCE1D8
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_READ 86FCE1D8
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_WRITE 86FCE1D8
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_FLUSH_BUFFERS 86FCE1D8
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_DEVICE_CONTROL 86FCE1D8
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_INTERNAL_DEVICE_CONTROL 86FCE1D8
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_SHUTDOWN 86FCE1D8
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_CLEANUP 86FCE1D8
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_POWER 86FCE1D8
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_SYSTEM_CONTROL 86FCE1D8
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_PNP 86FCE1D8
Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_CREATE 86FCE1D8
Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_READ 86FCE1D8
Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_WRITE 86FCE1D8
Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_FLUSH_BUFFERS 86FCE1D8
Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_DEVICE_CONTROL 86FCE1D8
Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_INTERNAL_DEVICE_CONTROL 86FCE1D8
Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_SHUTDOWN 86FCE1D8
Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_CLEANUP 86FCE1D8
Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_POWER 86FCE1D8
Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_SYSTEM_CONTROL 86FCE1D8
Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_PNP 86FCE1D8
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_CREATE 86DC13F0
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_CLOSE 86DC13F0
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_READ 86DC13F0
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_WRITE 86DC13F0
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_FLUSH_BUFFERS 86DC13F0
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_DEVICE_CONTROL 86DC13F0
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_INTERNAL_DEVICE_CONTROL 86DC13F0
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_SHUTDOWN 86DC13F0
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_POWER 86DC13F0
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_SYSTEM_CONTROL 86DC13F0
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_PNP 86DC13F0
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_CREATE 86DC13F0
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_CLOSE 86DC13F0
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_READ 86DC13F0
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_WRITE 86DC13F0
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_FLUSH_BUFFERS 86DC13F0
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_DEVICE_CONTROL 86DC13F0
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_INTERNAL_DEVICE_CONTROL 86DC13F0
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_SHUTDOWN 86DC13F0
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_POWER 86DC13F0
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_SYSTEM_CONTROL 86DC13F0
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_PNP
 
Device \Driver\Tcpip \Device\RawIp IRP_MJ_CREATE 86A01380
Device \Driver\Tcpip \Device\RawIp IRP_MJ_CREATE_NAMED_PIPE 86A01308
Device \Driver\Tcpip \Device\RawIp IRP_MJ_CLOSE 86A01290
Device \Driver\Tcpip \Device\RawIp IRP_MJ_READ 86A01218
Device \Driver\Tcpip \Device\RawIp IRP_MJ_WRITE 86A011A0
Device \Driver\Tcpip \Device\RawIp IRP_MJ_QUERY_INFORMATION 86A01128
Device \Driver\Tcpip \Device\RawIp IRP_MJ_SET_INFORMATION 869F8020
Device \Driver\Tcpip \Device\RawIp IRP_MJ_QUERY_EA 869F8FA8
Device \Driver\Tcpip \Device\RawIp IRP_MJ_SET_EA 869F8F30
Device \Driver\Tcpip \Device\RawIp IRP_MJ_FLUSH_BUFFERS 869F8EB8
Device \Driver\Tcpip \Device\RawIp IRP_MJ_QUERY_VOLUME_INFORMATION 869F8E40
Device \Driver\Tcpip \Device\RawIp IRP_MJ_SET_VOLUME_INFORMATION 869F8DC8
Device \Driver\Tcpip \Device\RawIp IRP_MJ_DIRECTORY_CONTROL 869F8D50
Device \Driver\Tcpip \Device\RawIp IRP_MJ_FILE_SYSTEM_CONTROL 869F8CD8
Device \Driver\Tcpip \Device\RawIp IRP_MJ_DEVICE_CONTROL 869F8C60
Device \Driver\Tcpip \Device\RawIp IRP_MJ_INTERNAL_DEVICE_CONTROL 869F8BE8
Device \Driver\Tcpip \Device\RawIp IRP_MJ_SHUTDOWN 869F8B70
Device \Driver\Tcpip \Device\RawIp IRP_MJ_LOCK_CONTROL 869F8AF8
Device \Driver\Tcpip \Device\RawIp IRP_MJ_CLEANUP 869F8A80
Device \Driver\Tcpip \Device\RawIp IRP_MJ_CREATE_MAILSLOT 869F8A08
Device \Driver\Tcpip \Device\RawIp IRP_MJ_QUERY_SECURITY 869F8990
Device \Driver\Tcpip \Device\RawIp IRP_MJ_SET_SECURITY 869F8918
Device \Driver\Tcpip \Device\RawIp IRP_MJ_POWER 869F88A0
Device \Driver\Tcpip \Device\RawIp IRP_MJ_SYSTEM_CONTROL 869F8828
Device \Driver\Tcpip \Device\RawIp IRP_MJ_DEVICE_CHANGE 869F87B0
Device \Driver\Tcpip \Device\RawIp IRP_MJ_QUERY_QUOTA 869F8738
Device \Driver\Tcpip \Device\RawIp IRP_MJ_SET_QUOTA 869F86C0
Device \Driver\Tcpip \Device\RawIp IRP_MJ_PNP
 
Device \Driver\usbstor \Device\000000d6 IRP_MJ_CREATE 8694D990
Device \Driver\usbstor \Device\000000d6 IRP_MJ_CLOSE 8694D990
Device \Driver\usbstor \Device\000000d6 IRP_MJ_READ 8694D990
Device \Driver\usbstor \Device\000000d6 IRP_MJ_WRITE 8694D990
Device \Driver\usbstor \Device\000000d6 IRP_MJ_DEVICE_CONTROL 8694D990
Device \Driver\usbstor \Device\000000d6 IRP_MJ_INTERNAL_DEVICE_CONTROL 8694D990
Device \Driver\usbstor \Device\000000d6 IRP_MJ_POWER 8694D990
Device \Driver\usbstor \Device\000000d6 IRP_MJ_SYSTEM_CONTROL 8694D990
Device \Driver\usbstor \Device\000000d6 IRP_MJ_PNP 8694D990
Device \Driver\usbstor \Device\000000d7 IRP_MJ_CREATE 8694D990
Device \Driver\usbstor \Device\000000d7 IRP_MJ_CLOSE 8694D990
Device \Driver\usbstor \Device\000000d7 IRP_MJ_READ 8694D990
Device \Driver\usbstor \Device\000000d7 IRP_MJ_WRITE 8694D990
Device \Driver\usbstor \Device\000000d7 IRP_MJ_DEVICE_CONTROL 8694D990
Device \Driver\usbstor \Device\000000d7 IRP_MJ_INTERNAL_DEVICE_CONTROL 8694D990
Device \Driver\usbstor \Device\000000d7 IRP_MJ_POWER 8694D990
Device \Driver\usbstor \Device\000000d7 IRP_MJ_SYSTEM_CONTROL 8694D990
Device \Driver\usbstor \Device\000000d7 IRP_MJ_PNP 8694D990
Device \Driver\usbohci \Device\USBFDO-0 IRP_MJ_CREATE 86DE41D8
Device \Driver\usbohci \Device\USBFDO-0 IRP_MJ_CLOSE 86DE41D8
Device \Driver\usbohci \Device\USBFDO-0 IRP_MJ_DEVICE_CONTROL 86DE41D8
Device \Driver\usbohci \Device\USBFDO-0 IRP_MJ_INTERNAL_DEVICE_CONTROL 86DE41D8
Device \Driver\usbohci \Device\USBFDO-0 IRP_MJ_POWER 86DE41D8
Device \Driver\usbohci \Device\USBFDO-0 IRP_MJ_SYSTEM_CONTROL 86DE41D8
Device \Driver\usbohci \Device\USBFDO-0 IRP_MJ_PNP 86DE41D8
Device \Driver\usbohci \Device\USBFDO-1 IRP_MJ_CREATE 86DE41D8
Device \Driver\usbohci \Device\USBFDO-1 IRP_MJ_CLOSE 86DE41D8
Device \Driver\usbohci \Device\USBFDO-1 IRP_MJ_DEVICE_CONTROL 86DE41D8
Device \Driver\usbohci \Device\USBFDO-1 IRP_MJ_INTERNAL_DEVICE_CONTROL 86DE41D8
Device \Driver\usbohci \Device\USBFDO-1 IRP_MJ_POWER 86DE41D8
Device \Driver\usbohci \Device\USBFDO-1 IRP_MJ_SYSTEM_CONTROL 86DE41D8
Device \Driver\usbohci \Device\USBFDO-1 IRP_MJ_PNP
 
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_CREATE 869E8990
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_CREATE_NAMED_PIPE 869E8990
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_CLOSE 869E8990
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_READ 869E8990
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_WRITE 869E8990
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_QUERY_INFORMATION 869E8990
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_SET_INFORMATION 869E8990
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_QUERY_EA 869E8990
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_SET_EA 869E8990
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_FLUSH_BUFFERS 869E8990
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_QUERY_VOLUME_INFORMATION 869E8990
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_SET_VOLUME_INFORMATION 869E8990
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_DIRECTORY_CONTROL 869E8990
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_FILE_SYSTEM_CONTROL 869E8990
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_DEVICE_CONTROL 869E8990
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_INTERNAL_DEVICE_CONTROL 869E8990
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_SHUTDOWN 869E8990
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_LOCK_CONTROL 869E8990
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_CLEANUP 869E8990
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_CREATE_MAILSLOT 869E8990
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_QUERY_SECURITY 869E8990
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_SET_SECURITY 869E8990
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_POWER 869E8990
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_SYSTEM_CONTROL 869E8990
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_DEVICE_CHANGE 869E8990
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_QUERY_QUOTA 869E8990
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_SET_QUOTA 869E8990
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_PNP 869E8990
Device \Driver\Tcpip \Device\IPMULTICAST IRP_MJ_CREATE 86A01380
Device \Driver\Tcpip \Device\IPMULTICAST IRP_MJ_CREATE_NAMED_PIPE 86A01308
Device \Driver\Tcpip \Device\IPMULTICAST IRP_MJ_CLOSE 86A01290
Device \Driver\Tcpip \Device\IPMULTICAST IRP_MJ_READ 86A01218
Device \Driver\Tcpip \Device\IPMULTICAST IRP_MJ_WRITE 86A011A0
Device \Driver\Tcpip \Device\IPMULTICAST IRP_MJ_QUERY_INFORMATION 86A01128
Device \Driver\Tcpip \Device\IPMULTICAST IRP_MJ_SET_INFORMATION 869F8020
Device \Driver\Tcpip \Device\IPMULTICAST IRP_MJ_QUERY_EA 869F8FA8
Device \Driver\Tcpip \Device\IPMULTICAST IRP_MJ_SET_EA 869F8F30
Device \Driver\Tcpip \Device\IPMULTICAST IRP_MJ_FLUSH_BUFFERS 869F8EB8
Device \Driver\Tcpip \Device\IPMULTICAST IRP_MJ_QUERY_VOLUME_INFORMATION 869F8E40
Device \Driver\Tcpip \Device\IPMULTICAST IRP_MJ_SET_VOLUME_INFORMATION 869F8DC8
Device \Driver\Tcpip \Device\IPMULTICAST IRP_MJ_DIRECTORY_CONTROL 869F8D50
Device \Driver\Tcpip \Device\IPMULTICAST IRP_MJ_FILE_SYSTEM_CONTROL 869F8CD8
Device \Driver\Tcpip \Device\IPMULTICAST IRP_MJ_DEVICE_CONTROL 869F8C60
Device \Driver\Tcpip \Device\IPMULTICAST IRP_MJ_INTERNAL_DEVICE_CONTROL 869F8BE8
Device \Driver\Tcpip \Device\IPMULTICAST IRP_MJ_SHUTDOWN 869F8B70
Device \Driver\Tcpip \Device\IPMULTICAST IRP_MJ_LOCK_CONTROL 869F8AF8
Device \Driver\Tcpip \Device\IPMULTICAST IRP_MJ_CLEANUP 869F8A80
Device \Driver\Tcpip \Device\IPMULTICAST IRP_MJ_CREATE_MAILSLOT 869F8A08
Device \Driver\Tcpip \Device\IPMULTICAST IRP_MJ_QUERY_SECURITY 869F8990
Device \Driver\Tcpip \Device\IPMULTICAST IRP_MJ_SET_SECURITY 869F8918
Device \Driver\Tcpip \Device\IPMULTICAST IRP_MJ_POWER 869F88A0
Device \Driver\Tcpip \Device\IPMULTICAST IRP_MJ_SYSTEM_CONTROL
 
Device \Driver\Tcpip \Device\IPMULTICAST IRP_MJ_DEVICE_CHANGE 869F87B0
Device \Driver\Tcpip \Device\IPMULTICAST IRP_MJ_QUERY_QUOTA 869F8738
Device \Driver\Tcpip \Device\IPMULTICAST IRP_MJ_SET_QUOTA 869F86C0
Device \Driver\Tcpip \Device\IPMULTICAST IRP_MJ_PNP 869F8648
Device \Driver\usbehci \Device\USBFDO-2 IRP_MJ_CREATE 86DCD1D8
Device \Driver\usbehci \Device\USBFDO-2 IRP_MJ_CLOSE 86DCD1D8
Device \Driver\usbehci \Device\USBFDO-2 IRP_MJ_DEVICE_CONTROL 86DCD1D8
Device \Driver\usbehci \Device\USBFDO-2 IRP_MJ_INTERNAL_DEVICE_CONTROL 86DCD1D8
Device \Driver\usbehci \Device\USBFDO-2 IRP_MJ_POWER 86DCD1D8
Device \Driver\usbehci \Device\USBFDO-2 IRP_MJ_SYSTEM_CONTROL 86DCD1D8
Device \Driver\usbehci \Device\USBFDO-2 IRP_MJ_PNP 86DCD1D8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_CREATE 869E8990
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_CREATE_NAMED_PIPE 869E8990
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_CLOSE 869E8990
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_READ 869E8990
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_WRITE 869E8990
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_QUERY_INFORMATION 869E8990
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_SET_INFORMATION 869E8990
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_QUERY_EA 869E8990
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_SET_EA 869E8990
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_FLUSH_BUFFERS 869E8990
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_QUERY_VOLUME_INFORMATION 869E8990
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_SET_VOLUME_INFORMATION 869E8990
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_DIRECTORY_CONTROL 869E8990
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_FILE_SYSTEM_CONTROL 869E8990
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_DEVICE_CONTROL 869E8990
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_INTERNAL_DEVICE_CONTROL 869E8990
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_SHUTDOWN 869E8990
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_LOCK_CONTROL 869E8990
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_CLEANUP 869E8990
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_CREATE_MAILSLOT 869E8990
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_QUERY_SECURITY 869E8990
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_SET_SECURITY 869E8990
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_POWER 869E8990
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_SYSTEM_CONTROL 869E8990
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_DEVICE_CHANGE 869E8990
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_QUERY_QUOTA 869E8990
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_SET_QUOTA 869E8990
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_PNP 869E8990
Device \Driver\Ftdisk \Device\FtControl IRP_MJ_CREATE 86FCE1D8
Device \Driver\Ftdisk \Device\FtControl IRP_MJ_READ 86FCE1D8
Device \Driver\Ftdisk \Device\FtControl IRP_MJ_WRITE 86FCE1D8
Device \Driver\Ftdisk \Device\FtControl IRP_MJ_FLUSH_BUFFERS 86FCE1D8
Device \Driver\Ftdisk \Device\FtControl IRP_MJ_DEVICE_CONTROL 86FCE1D8
Device \Driver\Ftdisk \Device\FtControl IRP_MJ_INTERNAL_DEVICE_CONTROL 86FCE1D8
Device \Driver\Ftdisk \Device\FtControl IRP_MJ_SHUTDOWN 86FCE1D8
Device \Driver\Ftdisk \Device\FtControl IRP_MJ_CLEANUP 86FCE1D8
Device \Driver\Ftdisk \Device\FtControl IRP_MJ_POWER 86FCE1D8
Device \Driver\Ftdisk \Device\FtControl IRP_MJ_SYSTEM_CONTROL 86FCE1D8
Device \Driver\Ftdisk \Device\FtControl IRP_MJ_PNP
 
Device \Driver\vaxscsi \Device\Scsi\vaxscsi1 IRP_MJ_CREATE 86D85990
Device \Driver\vaxscsi \Device\Scsi\vaxscsi1 IRP_MJ_CLOSE 86D85990
Device \Driver\vaxscsi \Device\Scsi\vaxscsi1 IRP_MJ_DEVICE_CONTROL 86D85990
Device \Driver\vaxscsi \Device\Scsi\vaxscsi1 IRP_MJ_INTERNAL_DEVICE_CONTROL 86D85990
Device \Driver\vaxscsi \Device\Scsi\vaxscsi1 IRP_MJ_POWER 86D85990
Device \Driver\vaxscsi \Device\Scsi\vaxscsi1 IRP_MJ_SYSTEM_CONTROL 86D85990
Device \Driver\vaxscsi \Device\Scsi\vaxscsi1 IRP_MJ_PNP 86D85990
Device \Driver\vaxscsi \Device\Scsi\vaxscsi1Port2Path0Target0Lun0 IRP_MJ_CREATE 86D85990
Device \Driver\vaxscsi \Device\Scsi\vaxscsi1Port2Path0Target0Lun0 IRP_MJ_CLOSE 86D85990
Device \Driver\vaxscsi \Device\Scsi\vaxscsi1Port2Path0Target0Lun0 IRP_MJ_DEVICE_CONTROL 86D85990
Device \Driver\vaxscsi \Device\Scsi\vaxscsi1Port2Path0Target0Lun0 IRP_MJ_INTERNAL_DEVICE_CONTROL 86D85990
Device \Driver\vaxscsi \Device\Scsi\vaxscsi1Port2Path0Target0Lun0 IRP_MJ_POWER 86D85990
Device \Driver\vaxscsi \Device\Scsi\vaxscsi1Port2Path0Target0Lun0 IRP_MJ_SYSTEM_CONTROL 86D85990
Device \Driver\vaxscsi \Device\Scsi\vaxscsi1Port2Path0Target0Lun0 IRP_MJ_PNP 86D85990
Device \FileSystem\Fastfat \Fat IRP_MJ_CREATE 869E1990
Device \FileSystem\Fastfat \Fat IRP_MJ_CLOSE 869E1990
Device \FileSystem\Fastfat \Fat IRP_MJ_READ 869E1990
Device \FileSystem\Fastfat \Fat IRP_MJ_WRITE 869E1990
Device \FileSystem\Fastfat \Fat IRP_MJ_QUERY_INFORMATION 869E1990
Device \FileSystem\Fastfat \Fat IRP_MJ_SET_INFORMATION 869E1990
Device \FileSystem\Fastfat \Fat IRP_MJ_QUERY_EA 869E1990
Device \FileSystem\Fastfat \Fat IRP_MJ_SET_EA 869E1990
Device \FileSystem\Fastfat \Fat IRP_MJ_FLUSH_BUFFERS 869E1990
Device \FileSystem\Fastfat \Fat IRP_MJ_QUERY_VOLUME_INFORMATION 869E1990
Device \FileSystem\Fastfat \Fat IRP_MJ_SET_VOLUME_INFORMATION 869E1990
Device \FileSystem\Fastfat \Fat IRP_MJ_DIRECTORY_CONTROL 869E1990
Device \FileSystem\Fastfat \Fat IRP_MJ_FILE_SYSTEM_CONTROL 869E1990
Device \FileSystem\Fastfat \Fat IRP_MJ_DEVICE_CONTROL 869E1990
Device \FileSystem\Fastfat \Fat IRP_MJ_SHUTDOWN 869E1990
Device \FileSystem\Fastfat \Fat IRP_MJ_LOCK_CONTROL 869E1990
Device \FileSystem\Fastfat \Fat IRP_MJ_CLEANUP 869E1990
Device \FileSystem\Fastfat \Fat IRP_MJ_PNP 869E1990
Device \FileSystem\Cdfs \Cdfs IRP_MJ_CREATE 8679B990
Device \FileSystem\Cdfs \Cdfs IRP_MJ_CLOSE 8679B990
Device \FileSystem\Cdfs \Cdfs IRP_MJ_READ 8679B990
Device \FileSystem\Cdfs \Cdfs IRP_MJ_QUERY_INFORMATION 8679B990
Device \FileSystem\Cdfs \Cdfs IRP_MJ_SET_INFORMATION 8679B990
Device \FileSystem\Cdfs \Cdfs IRP_MJ_QUERY_VOLUME_INFORMATION 8679B990
Device \FileSystem\Cdfs \Cdfs IRP_MJ_DIRECTORY_CONTROL 8679B990
Device \FileSystem\Cdfs \Cdfs IRP_MJ_FILE_SYSTEM_CONTROL 8679B990
Device \FileSystem\Cdfs \Cdfs IRP_MJ_DEVICE_CONTROL 8679B990
Device \FileSystem\Cdfs \Cdfs IRP_MJ_SHUTDOWN 8679B990
Device \FileSystem\Cdfs \Cdfs IRP_MJ_LOCK_CONTROL 8679B990
Device \FileSystem\Cdfs \Cdfs IRP_MJ_CLEANUP 8679B990
Device \FileSystem\Cdfs \Cdfs IRP_MJ_PNP 8679B990

---- Files - GMER 1.0.12 ----

ADS C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Messenger\skatebleeddie@hotmail.com\SharingMetadata\meimeiamaya@hotmail.com\DFSR\Staging\CS{F0E56E7E-977D-FC29-C259-019351DB33E5}\01\10-{F0E56E7E-977D-FC29-C259-019351DB33E5}-v1-{734782BB-2D4C-447B-8C07-FA5613754924}-v10-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS

---- EOF - GMER 1.0.12 ----
 
also my computer lags TONS, it definitely didn't use to. It takes me about 30-40 seconds to open a program when before it took maybe 1 or 2...this is driving me crazy, but I can't clear my hard drive. I have way to much music, movies and important school and work information on it.
 
Hmm we may run one more scanner just in case...

You should print these instructions or save these to a text file. Follow these instructions carefully.

Download Dr.Web CureIt to the desktop -> ftp://ftp.drweb.com/pub/drweb/cureit/drweb-cureit.exe

Restart your computer to the safe mode:
  • Restart your computer
  • Start tapping the F8 key when the computer restarts.
  • When the start menu opens, choose Safe mode
  • Press Enter. The computer then begins to start in Safe mode.
Run a scan with Dr.Web CureIt
  • Doubleclick the drweb-cureit.exe file and Allow to run the express scan
  • This will scan the files currently running in memory and when something is found, click the yes button when it asks you if you want to cure it. This is only a short scan.
  • Once the short scan has finished, you should now mark the drives that you want to scan.
  • Select all drives. A red dot shows which drives have been chosen.
  • Click the green arrow at the right, and the scan will start.
  • Click 'Yes to all' if it asks if you want to cure/move the file.
  • When the scan has finished, look if you can click next icon next to the files found
    check.gif
  • If so, click it and then click the next icon right below and select Move incurable
  • After the scan, in the menu, click file and choose save report list
  • Save the report to your desktop. The report will be called DrWeb.csv
  • Close Dr.Web Cureit.
  • Reboot the computer in Normal Mode,
  • Post the Cure-it report and a fresh HijackThis log
 
You must log in or register to reply here.
Back
Top