Jump to content

Rootkit and others, Don't know how to fix theseRootkit and others, Don't know how to fix these

china423
 Share

Recommended Posts

china423

china423

Posted
Posted

I've tried scanning with online scanners, malware, etc to get rid of these but they seem to keep popping up. I am getting BSOD on load occassionally but I'm not sure of the exact message because it restarts immediately. My google searches are being hijacked and redirected sometimes as well. Here are my latest logs. and occasiona;y i get a blue screen error sayin driver irql not less or equal then have to manually turn off my comptuer to restart. that happens once a day or every other day.

latest logs:

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 3:12:09 PM, on 8/4/2009

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v8.00 (8.00.6001.18702)

Boot mode: Normal

Running processes:

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Avira\AntiVir Desktop\sched.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Avira\AntiVir Desktop\avguard.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Program Files\Java\jre6\bin\jqs.exe

C:\Program Files\Google\Update\1.2.183.7\GoogleCrashHandler.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

C:\Program Files\PC Tools Firewall Plus\FWService.exe

C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Viewpoint\Common\ViewpointService.exe

C:\Program Files\Internet Explorer\IEXPLORE.EXE

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Program Files\Avira\AntiVir Desktop\avgnt.exe

C:\Program Files\PC Tools Firewall Plus\FirewallGUI.exe

C:\Program Files\Microsoft IntelliPoint\ipoint.exe

C:\WINDOWS\zHotkey.exe

C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe

C:\Program Files\Windows Media Player\WMPNSCFG.exe

c:\Program Files\Microsoft IntelliPoint\dpupdchk.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Program Files\GRISOFT\AVG Anti-Rootkit Free\avgarkt.exe

C:\Program Files\GRISOFT\AVG Anti-Rootkit Free\A43w.exe

C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\WINDOWS\system32\sdra64.exe,

O3 - Toolbar: (no name) - {DC0F2F93-27FA-4f84-ACAA-9416F90B9511} - (no file)

O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray

O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min

O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe

O4 - HKLM\..\Run: [00PCTFW] "C:\Program Files\PC Tools Firewall Plus\FirewallGUI.exe" -s

O4 - HKLM\..\Run: [showWnd] ShowWnd.exe

O4 - HKLM\..\Run: [intelliPoint] "c:\Program Files\Microsoft IntelliPoint\ipoint.exe"

O4 - HKLM\..\Run: [CHotkey] zHotkey.exe

O4 - HKCU\..\Run: [spywareBlaster] C:\Program Files\SpywareBlaster\spywareblaster.exe

O4 - HKCU\..\Run: [iSUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler

O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe

O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'Default user')

O9 - Extra button: (no name) - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.30.0\gears.dll

O9 - Extra 'Tools' menuitem: &Gears Settings - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.30.0\gears.dll

O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll

O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - http://lads.myspace.com/upload/MySpaceUploader1005.cab

O16 - DPF: {5C6698D9-7BE4-4122-8EC5-291D84DBD4A0} (Facebook Photo Uploader 4 Control) - http://upload.facebook.com/controls/Facebo...toUploader3.cab

O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/Facebo...otoUploader.cab

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1169567753390

O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab

O16 - DPF: {BE1BDC4F-2AAC-494E-88B1-86B2EE4F2D6D} - http://download.copysafe.net/Plugin/Download/Copysafe.cab

O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://www.adobe.com/products/acrobat/nos/gp.cab

O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe

O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe

O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe

O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe

O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: Google Update Service (gupdate1c9df3894c7ec24) (gupdate1c9df3894c7ec24) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe

O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe

O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe

O23 - Service: lxbu_device - Lexmark International, Inc. - C:\WINDOWS\system32\lxbucoms.exe

O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

O23 - Service: PC Tools Firewall Plus (PCToolsFirewallPlus) - PC Tools - C:\Program Files\PC Tools Firewall Plus\FWService.exe

O23 - Service: PrismXL - New Boundary Technologies, Inc. - C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS

O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe

O24 - Desktop Component 0: (no name) - http://img401.imageshack.us/img401/4204/cubs7yn.jpg

--

End of file - 7479 bytes

Link to post
Share on other sites
sjpritch25

sjpritch25

Posted
Posted

Welcome to Malwarebytes!!!! :)

Please download Sysprot Antirootkit

Unzip it into a folder on your desktop.

  • Double-Click Sysprot.exe to start the program.
  • Click on the log tab.
  • In the Write to log box select all items.
  • Click on the Create Log button on the Bottom Right.
  • After a few seconds a new windows should appear.
  • Select Scan Root Drive. Click on the Start button.
  • When it is complete a new window will appear to indicate that the scan is finished.
  • The log will be saved automatically in the same folder Sysprot.exe was extracted too.
  • Open the text file and copy/paste the log here
Link to post
Share on other sites
china423

china423

Posted
  • Author
Posted

SysProt AntiRootkit v1.0.1.0

by swatkat

********************************************************************************

**********

********************************************************************************

**********

Process:

Name: [system Idle Process]

PID: 0

Hidden: No

Window Visible: No

Name: System

PID: 4

Hidden: No

Window Visible: No

Name: C:\WINDOWS\system32\csrss.exe

PID: 652

Hidden: No

Window Visible: No

Name: C:\WINDOWS\system32\winlogon.exe

PID: 684

Hidden: No

Window Visible: No

Name: C:\WINDOWS\system32\services.exe

PID: 728

Hidden: No

Window Visible: No

Name: C:\WINDOWS\system32\lsass.exe

PID: 744

Hidden: No

Window Visible: No

Name: C:\WINDOWS\system32\ati2evxx.exe

PID: 932

Hidden: No

Window Visible: No

Name: C:\WINDOWS\system32\svchost.exe

PID: 952

Hidden: No

Window Visible: No

Name: C:\WINDOWS\system32\svchost.exe

PID: 1004

Hidden: No

Window Visible: No

Name: C:\WINDOWS\system32\svchost.exe

PID: 1104

Hidden: No

Window Visible: No

Name: C:\WINDOWS\system32\svchost.exe

PID: 1136

Hidden: No

Window Visible: No

Name: C:\WINDOWS\system32\svchost.exe

PID: 1288

Hidden: No

Window Visible: No

Name: C:\WINDOWS\system32\svchost.exe

PID: 1432

Hidden: No

Window Visible: No

Name: C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe

PID: 1508

Hidden: No

Window Visible: No

Name: C:\WINDOWS\system32\spoolsv.exe

PID: 1604

Hidden: No

Window Visible: No

Name: C:\Program Files\Avira\AntiVir Desktop\sched.exe

PID: 1644

Hidden: No

Window Visible: No

Name: C:\WINDOWS\system32\svchost.exe

PID: 1752

Hidden: No

Window Visible: No

Name: C:\WINDOWS\system32\ati2evxx.exe

PID: 1888

Hidden: No

Window Visible: No

Name: C:\WINDOWS\explorer.exe

PID: 2036

Hidden: No

Window Visible: No

Name: C:\Program Files\Google\Update\1.2.183.7\GoogleCrashHandler.exe

PID: 456

Hidden: No

Window Visible: No

Name: C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

PID: 1060

Hidden: No

Window Visible: No

Name: C:\Program Files\Bonjour\mDNSResponder.exe

PID: 1128

Hidden: No

Window Visible: No

Name: C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe

PID: 1920

Hidden: No

Window Visible: No

Name: C:\Program Files\Java\jre6\bin\jqs.exe

PID: 1936

Hidden: No

Window Visible: No

Name: C:\Program Files\Avira\AntiVir Desktop\avgnt.exe

PID: 1968

Hidden: No

Window Visible: No

Name: C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

PID: 264

Hidden: No

Window Visible: No

Name: C:\Program Files\PC Tools Firewall Plus\FirewallGUI.exe

PID: 356

Hidden: No

Window Visible: No

Name: C:\Program Files\Microsoft IntelliPoint\ipoint.exe

PID: 364

Hidden: No

Window Visible: No

Name: C:\WINDOWS\zHotkey.exe

PID: 388

Hidden: No

Window Visible: No

Name: C:\Program Files\PC Tools Firewall Plus\FWService.exe

PID: 444

Hidden: No

Window Visible: No

Name: C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe

PID: 508

Hidden: No

Window Visible: No

Name: C:\Program Files\Windows Media Player\wmpnscfg.exe

PID: 528

Hidden: No

Window Visible: No

Name: C:\Program Files\Microsoft IntelliPoint\dpupdchk.exe

PID: 1168

Hidden: No

Window Visible: No

Name: C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS

PID: 2484

Hidden: No

Window Visible: No

Name: C:\WINDOWS\system32\svchost.exe

PID: 3508

Hidden: No

Window Visible: No

Name: C:\WINDOWS\system32\svchost.exe

PID: 2064

Hidden: No

Window Visible: No

Name: C:\Program Files\Viewpoint\Common\ViewpointService.exe

PID: 3520

Hidden: No

Window Visible: No

Name: C:\WINDOWS\system32\wbem\unsecapp.exe

PID: 3128

Hidden: No

Window Visible: No

Name: C:\WINDOWS\system32\alg.exe

PID: 3316

Hidden: No

Window Visible: No

Name: C:\WINDOWS\system32\wbem\wmiprvse.exe

PID: 2620

Hidden: No

Window Visible: No

Name: C:\WINDOWS\system32\svchost.exe

PID: 2664

Hidden: No

Window Visible: No

Name: C:\WINDOWS\system32\svchost.exe

PID: 2704

Hidden: No

Window Visible: No

Name: C:\WINDOWS\system32\svchost.exe

PID: 1504

Hidden: No

Window Visible: No

Name: C:\WINDOWS\system32\svchost.exe

PID: 2756

Hidden: No

Window Visible: No

Name: C:\Program Files\Avira\AntiVir Desktop\avguard.exe

PID: 3488

Hidden: No

Window Visible: No

Name: C:\Program Files\Internet Explorer\iexplore.exe

PID: 2960

Hidden: No

Window Visible: No

Name: C:\Program Files\Internet Explorer\iexplore.exe

PID: 1632

Hidden: No

Window Visible: No

Name: C:\Program Files\Internet Explorer\iexplore.exe

PID: 1728

Hidden: No

Window Visible: No

Name: C:\Program Files\Internet Explorer\iexplore.exe

PID: 2240

Hidden: No

Window Visible: No

Name: C:\Program Files\Internet Explorer\iexplore.exe

PID: 3944

Hidden: No

Window Visible: No

Name: C:\Program Files\Internet Explorer\iexplore.exe

PID: 512

Hidden: No

Window Visible: No

Name: C:\Program Files\Mozilla Firefox\firefox.exe

PID: 1952

Hidden: No

Window Visible: No

Name: C:\Documents and Settings\Owner\Desktop\SysProt\SysProt\SysProt.exe

PID: 2316

Hidden: No

Window Visible: Yes

********************************************************************************

**********

********************************************************************************

**********

Kernel Modules:

Module Name: \??\C:\Documents and Settings\Owner\Desktop\SysProt\SysProt\SysProtDrv.sys

Service Name: SysProtDrv.sys

Module Base: AC604000

Module End: AC60F000

Hidden: No

Module Name: \WINDOWS\system32\ntkrnlpa.exe

Service Name: ---

Module Base: 804D7000

Module End: 806CF680

Hidden: No

Module Name: \WINDOWS\system32\hal.dll

Service Name: ---

Module Base: 806D0000

Module End: 806F0300

Hidden: No

Module Name: \WINDOWS\system32\KDCOM.DLL

Service Name: ---

Module Base: BA5A8000

Module End: BA5AA000

Hidden: No

Module Name: \WINDOWS\system32\BOOTVID.dll

Service Name: ---

Module Base: BA4B8000

Module End: BA4BB000

Hidden: No

Module Name: sppt.sys

Service Name: ---

Module Base: B9EA7000

Module End: B9FA7000

Hidden: Yes

Module Name: \WINDOWS\System32\Drivers\WMILIB.SYS

Service Name: ---

Module Base: BA5AA000

Module End: BA5AC000

Hidden: No

Module Name: \WINDOWS\System32\Drivers\SCSIPORT.SYS

Service Name: ScsiPort

Module Base: B9E8F000

Module End: B9EA7000

Hidden: No

Module Name: C:\WINDOWS\system32\drivers\ACPI.sys

Service Name: ACPI

Module Base: B9E61000

Module End: B9E8F000

Hidden: No

Module Name: C:\WINDOWS\system32\drivers\pci.sys

Service Name: PCI

Module Base: B9E50000

Module End: B9E61000

Hidden: No

Module Name: C:\WINDOWS\system32\drivers\isapnp.sys

Service Name: isapnp

Module Base: BA0A8000

Module End: BA0B2000

Hidden: No

Module Name: C:\WINDOWS\system32\drivers\avgarkt.sys

Service Name: AVG Anti-Rootkit

Module Base: BA5AC000

Module End: BA5AE000

Hidden: No

Module Name: C:\WINDOWS\system32\drivers\pciide.sys

Service Name: PCIIde

Module Base: BA670000

Module End: BA671000

Hidden: No

Module Name: \WINDOWS\system32\DRIVERS\PCIIDEX.SYS

Service Name: ---

Module Base: BA328000

Module End: BA32F000

Hidden: No

Module Name: C:\WINDOWS\system32\drivers\aliide.sys

Service Name: AliIde

Module Base: BA5AE000

Module End: BA5B0000

Hidden: No

Module Name: C:\WINDOWS\system32\drivers\cmdide.sys

Service Name: CmdIde

Module Base: BA5B0000

Module End: BA5B2000

Hidden: No

Module Name: C:\WINDOWS\system32\drivers\toside.sys

Service Name: TosIde

Module Base: BA5B2000

Module End: BA5B4000

Hidden: No

Module Name: C:\WINDOWS\system32\drivers\viaide.sys

Service Name: ViaIde

Module Base: BA5B4000

Module End: BA5B6000

Hidden: No

Module Name: C:\WINDOWS\system32\drivers\intelide.sys

Service Name: IntelIde

Module Base: BA5B6000

Module End: BA5B8000

Hidden: No

Module Name: C:\WINDOWS\system32\drivers\MountMgr.sys

Service Name: MountMgr

Module Base: BA0B8000

Module End: BA0C3000

Hidden: No

Module Name: C:\WINDOWS\system32\drivers\ftdisk.sys

Service Name: Disk

Module Base: B9E31000

Module End: B9E50000

Hidden: No

Module Name: C:\WINDOWS\system32\drivers\dmload.sys

Service Name: dmload

Module Base: BA5B8000

Module End: BA5BA000

Hidden: No

Module Name: C:\WINDOWS\system32\drivers\dmio.sys

Service Name: dmio

Module Base: B9E0B000

Module End: B9E31000

Hidden: No

Module Name: C:\WINDOWS\system32\drivers\PartMgr.sys

Service Name: PartMgr

Module Base: BA330000

Module End: BA335000

Hidden: No

Module Name: C:\WINDOWS\system32\drivers\VolSnap.sys

Service Name: VolSnap

Module Base: BA0C8000

Module End: BA0D5000

Hidden: No

Module Name: C:\WINDOWS\system32\drivers\cpqarray.sys

Service Name: Cpqarray

Module Base: BA4BC000

Module End: BA4C0000

Hidden: No

Module Name: C:\WINDOWS\system32\drivers\atapi.sys

Service Name: atapi

Module Base: B9DF3000

Module End: B9E0B000

Hidden: No

Module Name: C:\WINDOWS\system32\drivers\aha154x.sys

Service Name: Aha154x

Module Base: BA4C0000

Module End: BA4C4000

Hidden: No

Module Name: C:\WINDOWS\system32\drivers\sparrow.sys

Service Name: Sparrow

Module Base: BA338000

Module End: BA33D000

Hidden: No

Module Name: C:\WINDOWS\system32\drivers\symc810.sys

Service Name: symc810

Module Base: BA4C4000

Module End: BA4C8000

Hidden: No

Module Name: C:\WINDOWS\system32\drivers\aic78xx.sys

Service Name: aic78xx

Module Base: BA0D8000

Module End: BA0E6000

Hidden: No

Module Name: C:\WINDOWS\system32\drivers\dac960nt.sys

Service Name: dac960nt

Module Base: BA4C8000

Module End: BA4CC000

Hidden: No

Module Name: C:\WINDOWS\system32\drivers\ql10wnt.sys

Service Name: Ql10wnt

Module Base: BA0E8000

Module End: BA0F1000

Hidden: No

Module Name: C:\WINDOWS\system32\drivers\amsint.sys

Service Name: amsint

Module Base: BA4CC000

Module End: BA4CF000

Hidden: No

Module Name: C:\WINDOWS\system32\drivers\asc.sys

Service Name: asc

Module Base: BA340000

Module End: BA347000

Hidden: No

Module Name: C:\WINDOWS\system32\drivers\asc3550.sys

Service Name: asc3550

Module Base: BA4D0000

Module End: BA4D4000

Hidden: No

Module Name: C:\WINDOWS\system32\drivers\mraid35x.sys

Service Name: mraid35x

Module Base: BA348000

Module End: BA34D000

Hidden: No

Module Name: C:\WINDOWS\system32\drivers\i2omp.sys

Service Name: i2omp

Module Base: BA350000

Module End: BA355000

Hidden: No

Module Name: C:\WINDOWS\system32\drivers\ini910u.sys

Service Name: ini910u

Module Base: BA4D4000

Module End: BA4D8000

Hidden: No

Module Name: C:\WINDOWS\system32\drivers\ql1240.sys

Service Name: ql1240

Module Base: BA0F8000

Module End: BA102000

Hidden: No

Module Name: C:\WINDOWS\system32\drivers\aic78u2.sys

Service Name: aic78u2

Module Base: BA108000

Module End: BA116000

Hidden: No

Module Name: C:\WINDOWS\system32\drivers\symc8xx.sys

Service Name: symc8xx

Module Base: BA358000

Module End: BA360000

Hidden: No

Module Name: C:\WINDOWS\system32\drivers\sym_hi.sys

Service Name: sym_hi

Module Base: BA360000

Module End: BA367000

Hidden: No

Module Name: C:\WINDOWS\system32\drivers\sym_u3.sys

Service Name: sym_u3

Module Base: BA368000

Module End: BA370000

Hidden: No

Module Name: C:\WINDOWS\system32\drivers\ABP480N5.SYS

Service Name: abp480n5

Module Base: BA370000

Module End: BA376000

Hidden: No

Module Name: C:\WINDOWS\system32\drivers\asc3350p.sys

Service Name: asc3350p

Module Base: BA378000

Module End: BA37E000

Hidden: No

Module Name: C:\WINDOWS\system32\drivers\cd20xrnt.sys

Service Name: cd20xrnt

Module Base: BA5BA000

Module End: BA5BC000

Hidden: No

Module Name: C:\WINDOWS\system32\drivers\ultra.sys

Service Name: ultra

Module Base: BA118000

Module End: BA121000

Hidden: No

Module Name: C:\WINDOWS\system32\drivers\adpu160m.sys

Service Name: adpu160m

Module Base: B9DDA000

Module End: B9DF3000

Hidden: No

Module Name: C:\WINDOWS\system32\drivers\dpti2o.sys

Service Name: dpti2o

Module Base: BA380000

Module End: BA385000

Hidden: No

Module Name: C:\WINDOWS\system32\drivers\ql1080.sys

Service Name: ql1080

Module Base: BA128000

Module End: BA132000

Hidden: No

Module Name: C:\WINDOWS\system32\drivers\ql1280.sys

Service Name: ql1280

Module Base: BA138000

Module End: BA144000

Hidden: No

Module Name: C:\WINDOWS\system32\drivers\ql12160.sys

Service Name: ql12160

Module Base: BA148000

Module End: BA154000

Hidden: No

Module Name: C:\WINDOWS\system32\drivers\perc2.sys

Service Name: perc2

Module Base: BA388000

Module End: BA38F000

Hidden: No

Module Name: C:\WINDOWS\system32\drivers\perc2hib.sys

Service Name: perc2hib

Module Base: BA5BC000

Module End: BA5BE000

Hidden: No

Module Name: C:\WINDOWS\system32\drivers\hpn.sys

Service Name: hpn

Module Base: BA390000

Module End: BA397000

Hidden: No

Module Name: C:\WINDOWS\system32\drivers\cbidf2k.sys

Service Name: cbidf

Module Base: BA4D8000

Module End: BA4DC000

Hidden: No

Module Name: C:\WINDOWS\system32\drivers\dac2w2k.sys

Service Name: dac2w2k

Module Base: B9DAE000

Module End: B9DDA000

Hidden: No

Module Name: C:\WINDOWS\system32\drivers\disk.sys

Service Name: ---

Module Base: BA158000

Module End: BA161000

Hidden: No

Module Name: \WINDOWS\system32\DRIVERS\CLASSPNP.SYS

Service Name: ---

Module Base: BA168000

Module End: BA175000

Hidden: No

Module Name: C:\WINDOWS\system32\drivers\fltmgr.sys

Service Name: FltMgr

Module Base: B9D8E000

Module End: B9DAE000

Hidden: No

Module Name: C:\WINDOWS\system32\drivers\sr.sys

Service Name: sr

Module Base: B9D7C000

Module End: B9D8E000

Hidden: No

Module Name: C:\WINDOWS\system32\drivers\Lbd.sys

Service Name: Lbd

Module Base: BA178000

Module End: BA187000

Hidden: No

Module Name: C:\WINDOWS\system32\drivers\PxHelp20.sys

Service Name: PxHelp20

Module Base: BA188000

Module End: BA191000

Hidden: No

Module Name: C:\WINDOWS\system32\drivers\KSecDD.sys

Service Name: KSecDD

Module Base: B9D65000

Module End: B9D7C000

Hidden: No

Module Name: C:\WINDOWS\system32\drivers\WudfPf.sys

Service Name: WudfPf

Module Base: B9D52000

Module End: B9D65000

Hidden: No

Module Name: C:\WINDOWS\system32\drivers\Ntfs.sys

Service Name: Ntfs

Module Base: B9CC5000

Module End: B9D52000

Hidden: No

Module Name: C:\WINDOWS\system32\drivers\NDIS.sys

Service Name: NDIS

Module Base: 8A65C000

Module End: 8A688980

Hidden: No

Module Name: C:\WINDOWS\system32\drivers\sisagp.sys

Service Name: sisagp

Module Base: BA198000

Module End: BA1A2000

Hidden: No

Module Name: C:\WINDOWS\system32\drivers\viaagp.sys

Service Name: viaagp

Module Base: BA1A8000

Module End: BA1B3000

Hidden: No

Module Name: C:\WINDOWS\system32\drivers\ohci1394.sys

Service Name: ohci1394

Module Base: BA1B8000

Module End: BA1C8000

Hidden: No

Module Name: \WINDOWS\system32\DRIVERS\1394BUS.SYS

Service Name: ---

Module Base: BA1C8000

Module End: BA1D6000

Hidden: No

Module Name: C:\WINDOWS\system32\drivers\Mup.sys

Service Name: Mup

Module Base: B9C77000

Module End: B9C91000

Hidden: No

Module Name: C:\WINDOWS\system32\drivers\agp440.sys

Service Name: agp440

Module Base: BA1D8000

Module End: BA1E3000

Hidden: No

Module Name: C:\WINDOWS\system32\drivers\alim1541.sys

Service Name: alim1541

Module Base: BA1E8000

Module End: BA1F3000

Hidden: No

Module Name: C:\WINDOWS\system32\drivers\amdagp.sys

Service Name: amdagp

Module Base: BA1F8000

Module End: BA203000

Hidden: No

Module Name: C:\WINDOWS\system32\drivers\agpCPQ.sys

Service Name: agpCPQ

Module Base: BA208000

Module End: BA213000

Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\nic1394.sys

Service Name: NIC1394

Module Base: BA248000

Module End: BA258000

Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\processr.sys

Service Name: Processor

Module Base: BA268000

Module End: BA271000

Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\ati2mtag.sys

Service Name: ati2mtag

Module Base: B8CEC000

Module End: B8DF1000

Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\VIDEOPRT.SYS

Service Name: ---

Module Base: B8CD8000

Module End: B8CEC000

Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\usbohci.sys

Service Name: usbohci

Module Base: BA408000

Module End: BA40D000

Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\USBPORT.SYS

Service Name: ---

Module Base: B8CB4000

Module End: B8CD8000

Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\usbehci.sys

Service Name: usbehci

Module Base: BA410000

Module End: BA418000

Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\imapi.sys

Service Name: Imapi

Module Base: BA298000

Module End: BA2A3000

Hidden: No

Module Name: C:\WINDOWS\system32\drivers\pfc.sys

Service Name: pfc

Module Base: B9B93000

Module End: B9B96000

Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\cdrom.sys

Service Name: Cdrom

Module Base: BA2A8000

Module End: BA2B8000

Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\redbook.sys

Service Name: redbook

Module Base: BA2B8000

Module End: BA2C7000

Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\ks.sys

Service Name: ---

Module Base: B8C91000

Module End: B8CB4000

Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\NTIDrvr.sys

Service Name: NTIDrvr

Module Base: BA600000

Module End: BA602000

Hidden: No

Module Name: C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys

Service Name: GEARAspiWDM

Module Base: BA2C8000

Module End: BA2D2000

Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\EG1032xp.sys

Service Name: RTL8023xp

Module Base: B8C7F000

Module End: B8C91000

Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\HSFHWBS2.sys

Service Name: HSFHWBS2

Module Base: B8C49000

Module End: B8C7F000

Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\HSF_DP.sys

Service Name: HSF_DP

Module Base: B8B4A000

Module End: B8C49000

Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys

Service Name: winachsf

Module Base: B8AA2000

Module End: B8B4A000

Hidden: No

Module Name: C:\WINDOWS\System32\Drivers\Modem.SYS

Service Name: Modem

Module Base: BA418000

Module End: BA420000

Hidden: No

Module Name: C:\WINDOWS\system32\drivers\ALCXWDM.SYS

Service Name: ALCXWDM

Module Base: B86CB000

Module End: B8AA2000

Hidden: No

Module Name: C:\WINDOWS\system32\drivers\portcls.sys

Service Name: ---

Module Base: B86A7000

Module End: B86CB000

Hidden: No

Module Name: C:\WINDOWS\system32\drivers\drmk.sys

Service Name: ---

Module Base: BA2D8000

Module End: BA2E7000

Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\parport.sys

Service Name: Parport

Module Base: B8693000

Module End: B86A7000

Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\i8042prt.sys

Service Name: i8042prt

Module Base: BA2E8000

Module End: BA2F5000

Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\kbdclass.sys

Service Name: Kbdclass

Module Base: BA428000

Module End: BA42E000

Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\audstub.sys

Service Name: audstub

Module Base: BA78E000

Module End: BA78F000

Hidden: No

Module Name: C:\WINDOWS\System32\Drivers\RootMdm.sys

Service Name: ROOTMODEM

Module Base: BA604000

Module End: BA606000

Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\rasl2tp.sys

Service Name: Rasl2tp

Module Base: BA2F8000

Module End: BA305000

Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\ndistapi.sys

Service Name: NdisTapi

Module Base: B9B87000

Module End: B9B8A000

Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\ndiswan.sys

Service Name: NdisWan

Module Base: B867C000

Module End: B8693000

Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\raspppoe.sys

Service Name: RasPppoe

Module Base: BA308000

Module End: BA313000

Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\raspptp.sys

Service Name: PptpMiniport

Module Base: BA318000

Module End: BA324000

Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\TDI.SYS

Service Name: ---

Module Base: BA430000

Module End: BA435000

Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\psched.sys

Service Name: PSched

Module Base: B866B000

Module End: B867C000

Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\msgpc.sys

Service Name: Gpc

Module Base: B9C67000

Module End: B9C70000

Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\ptilink.sys

Service Name: Ptilink

Module Base: BA438000

Module End: BA43D000

Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\raspti.sys

Service Name: Raspti

Module Base: BA440000

Module End: BA445000

Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\RimSerial.sys

Service Name: RimVSerPort

Module Base: BA448000

Module End: BA44F000

Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\rdpdr.sys

Service Name: rdpdr

Module Base: B863B000

Module End: B866B000

Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\termdd.sys

Service Name: TermDD

Module Base: B9C57000

Module End: B9C61000

Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\mouclass.sys

Service Name: Mouclass

Module Base: BA450000

Module End: BA456000

Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\pctfw.sys

Service Name: SFilter

Module Base: B85D3000

Module End: B85EB000

Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\swenum.sys

Service Name: swenum

Module Base: BA606000

Module End: BA608000

Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\update.sys

Service Name: Update

Module Base: B8575000

Module End: B85D3000

Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\mssmbios.sys

Service Name: mssmbios

Module Base: B9B67000

Module End: B9B6B000

Hidden: No

Module Name: C:\WINDOWS\System32\Drivers\NDProxy.SYS

Service Name: NDProxy

Module Base: B9C47000

Module End: B9C51000

Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\usbhub.sys

Service Name: usbhub

Module Base: B9C17000

Module End: B9C26000

Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\USBD.SYS

Service Name: ---

Module Base: BA608000

Module End: BA60A000

Hidden: No

Module Name: C:\WINDOWS\System32\Drivers\i2omgmt.SYS

Service Name: i2omgmt

Module Base: B8DF9000

Module End: B8DFC000

Hidden: No

Module Name: C:\WINDOWS\System32\Drivers\Cdr4_xp.SYS

Service Name: Cdr4_xp

Module Base: BA6B5000

Module End: BA6B6000

Hidden: No

Module Name: C:\WINDOWS\System32\Drivers\Cdralw2k.SYS

Service Name: Cdralw2k

Module Base: BA6B9000

Module End: BA6BA000

Hidden: No

Module Name: C:\WINDOWS\System32\Drivers\Fs_Rec.SYS

Service Name: Fs_Rec

Module Base: BA620000

Module End: BA622000

Hidden: No

Module Name: C:\WINDOWS\System32\Drivers\Null.SYS

Service Name: Null

Module Base: BA6BD000

Module End: BA6BE000

Hidden: No

Module Name: C:\WINDOWS\System32\Drivers\Beep.SYS

Service Name: Beep

Module Base: BA622000

Module End: BA624000

Hidden: No

Module Name: C:\WINDOWS\System32\DRIVERS\AvgArCln.sys

Service Name: AvgArCln

Module Base: BA6C9000

Module End: BA6CA000

Hidden: No

Module Name: C:\WINDOWS\System32\drivers\vga.sys

Service Name: VgaSave

Module Base: BA488000

Module End: BA48E000

Hidden: No

Module Name: C:\WINDOWS\System32\Drivers\mnmdd.SYS

Service Name: mnmdd

Module Base: BA624000

Module End: BA626000

Hidden: No

Module Name: C:\WINDOWS\System32\DRIVERS\RDPCDD.sys

Service Name: RDPCDD

Module Base: BA626000

Module End: BA628000

Hidden: No

Module Name: C:\WINDOWS\System32\Drivers\Msfs.SYS

Service Name: Msfs

Module Base: BA490000

Module End: BA495000

Hidden: No

Module Name: C:\WINDOWS\System32\Drivers\Npfs.SYS

Service Name: Npfs

Module Base: BA498000

Module End: BA4A0000

Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\rasacd.sys

Service Name: RasAcd

Module Base: B8DF5000

Module End: B8DF8000

Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\ipsec.sys

Service Name: IPSec

Module Base: B0458000

Module End: B046B000

Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\tcpip.sys

Service Name: Tcpip

Module Base: B03FF000

Module End: B0458000

Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\netbt.sys

Service Name: NetBT

Module Base: B03D7000

Module End: B03FF000

Hidden: No

Module Name: \??\C:\WINDOWS\system32\drivers\pctgntdi.sys

Service Name: pctgntdi

Module Base: B03B1000

Module End: B03D7000

Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\ipnat.sys

Service Name: IpNat

Module Base: B0363000

Module End: B0389000

Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\wanarp.sys

Service Name: Wanarp

Module Base: B9BE7000

Module End: B9BF0000

Hidden: No

Module Name: C:\WINDOWS\system32\drivers\pxtdi.sys

Service Name: PrevxTdi

Module Base: BA4B0000

Module End: BA4B5000

Hidden: No

Module Name: C:\WINDOWS\system32\drivers\pxcom.SYS

Service Name: pxcom

Module Base: BA62A000

Module End: BA62C000

Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\arp1394.sys

Service Name: Arp1394

Module Base: B9BD7000

Module End: B9BE6000

Hidden: No

Module Name: C:\WINDOWS\System32\drivers\ws2ifsl.sys

Service Name: WS2IFSL

Module Base: BA598000

Module End: BA59B000

Hidden: No

Module Name: C:\WINDOWS\System32\drivers\afd.sys

Service Name: AFD

Module Base: B0341000

Module End: B0363000

Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\netbios.sys

Service Name: NetBIOS

Module Base: BA238000

Module End: BA241000

Hidden: No

Module Name: C:\WINDOWS\System32\Drivers\ParVdm.SYS

Service Name: ParVdm

Module Base: BA62C000

Module End: BA62E000

Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\ssmdrv.sys

Service Name: ssmdrv

Module Base: BA398000

Module End: BA39E000

Hidden: No

Module Name: \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys

Service Name: SASKUTIL

Module Base: B031C000

Module End: B0341000

Hidden: No

Module Name: \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS

Service Name: SASDIFSV

Module Base: BA3D0000

Module End: BA3D6000

Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\rdbss.sys

Service Name: Rdbss

Module Base: B02F1000

Module End: B031C000

Hidden: No

Module Name: \??\C:\WINDOWS\system32\drivers\pxrd.sys

Service Name: PXRDDriver

Module Base: BA5A4000

Module End: BA5A8000

Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\mrxsmb.sys

Service Name: MRxSmb

Module Base: B0281000

Module End: B02F1000

Hidden: No

Module Name: C:\WINDOWS\System32\Drivers\Fips.SYS

Service Name: Fips

Module Base: B9703000

Module End: B970E000

Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\avipbb.sys

Service Name: avipbb

Module Base: B0265000

Module End: B0281000

Hidden: No

Module Name: C:\WINDOWS\System32\Drivers\ASPI32.SYS

Service Name: ASPI32

Module Base: B9BA7000

Module End: B9BAB000

Hidden: No

Module Name: C:\WINDOWS\System32\Drivers\Fastfat.SYS

Service Name: Fastfat

Module Base: B0219000

Module End: B023D000

Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\hidusb.sys

Service Name: HidUsb

Module Base: B8569000

Module End: B856C000

Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\HIDCLASS.SYS

Service Name: ---

Module Base: B96E3000

Module End: B96EC000

Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\HIDPARSE.SYS

Service Name: ---

Module Base: BA3F0000

Module End: BA3F7000

Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS

Service Name: USBSTOR

Module Base: BA3F8000

Module End: BA3FF000

Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\NuidFltr.sys

Service Name: NuidFltr

Module Base: BA400000

Module End: BA407000

Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\WDFLDR.SYS

Service Name: ---

Module Base: B96D3000

Module End: B96E0000

Hidden: No

Module Name: C:\WINDOWS\System32\Drivers\wdf01000.sys

Service Name: Wdf01000

Module Base: B019D000

Module End: B0219000

Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\mouhid.sys

Service Name: mouhid

Module Base: B8559000

Module End: B855C000

Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\point32.sys

Service Name: Point32

Module Base: B862B000

Module End: B8631000

Hidden: No

Module Name: \SystemRoot\System32\Drivers\dump_atapi.sys

Service Name: ---

Module Base: B0185000

Module End: B019D000

Hidden: Yes

Module Name: \SystemRoot\System32\Drivers\dump_WMILIB.SYS

Service Name: ---

Module Base: BA638000

Module End: BA63A000

Hidden: Yes

Module Name: C:\WINDOWS\System32\drivers\Dxapi.sys

Service Name: ---

Module Base: B8DFD000

Module End: B8E00000

Hidden: No

Module Name: C:\WINDOWS\System32\watchdog.sys

Service Name: ---

Module Base: B861B000

Module End: B8620000

Hidden: No

Module Name: C:\WINDOWS\System32\drivers\dxgthk.sys

Service Name: ---

Module Base: BA73E000

Module End: BA73F000

Hidden: No

Module Name: \??\C:\WINDOWS\system32\drivers\mbam.sys

Service Name: MBAMProtector

Module Base: ADF59000

Module End: ADF5D000

Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\ndisuio.sys

Service Name: Ndisuio

Module Base: ADE09000

Module End: ADE0D000

Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\mrxdav.sys

Service Name: MRxDAV

Module Base: ADB6C000

Module End: ADB99000

Hidden: No

Module Name: C:\WINDOWS\system32\drivers\wdmaud.sys

Service Name: wdmaud

Module Base: ADB07000

Module End: ADB1C000

Hidden: No

Module Name: C:\WINDOWS\system32\drivers\sysaudio.sys

Service Name: sysaudio

Module Base: ADE19000

Module End: ADE28000

Hidden: No

Module Name: C:\WINDOWS\System32\Drivers\HTTP.sys

Service Name: HTTP

Module Base: AD870000

Module End: AD8B1000

Hidden: No

Module Name: \??\C:\WINDOWS\system32\drivers\io.sys

Service Name: ---

Module Base: BA6AF000

Module End: BA6B0000

Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\srv.sys

Service Name: Srv

Module Base: AD666000

Module End: AD6B8000

Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys

Service Name: mdmxsdk

Module Base: AD788000

Module End: AD78B000

Hidden: No

Module Name: \??\C:\WINDOWS\system32\drivers\PCTAppEvent.sys

Service Name: PCTAppEvent

Module Base: AD62D000

Module End: AD63E000

Hidden: No

Module Name: C:\WINDOWS\System32\Drivers\Cdfs.SYS

Service Name: Cdfs

Module Base: ADAD4000

Module End: ADAE4000

Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\secdrv.sys

Service Name: Secdrv

Module Base: AD4C5000

Module End: AD4CF000

Hidden: No

Module Name: \??\C:\WINDOWS\system32\drivers\pctplfw.sys

Service Name: pctplfw

Module Base: AD2CF000

Module End: AD2E5000

Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\avgntflt.sys

Service Name: avgntflt

Module Base: AC98F000

Module End: AC9A3000

Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\fdc.sys

Service Name: Fdc

Module Base: BA420000

Module End: BA427000

Hidden: No

********************************************************************************

**********

********************************************************************************

**********

SSDT:

Function Name: ZwAllocateVirtualMemory

Address: AD636B94

Driver Base: AD62D000

Driver End: AD63E000

Driver Name: \??\C:\WINDOWS\system32\drivers\PCTAppEvent.sys

Function Name: ZwAssignProcessToJobObject

Address: AD636586

Driver Base: AD62D000

Driver End: AD63E000

Driver Name: \??\C:\WINDOWS\system32\drivers\PCTAppEvent.sys

Function Name: ZwConnectPort

Address: AD6365DA

Driver Base: AD62D000

Driver End: AD63E000

Driver Name: \??\C:\WINDOWS\system32\drivers\PCTAppEvent.sys

Function Name: ZwCreateFile

Address: AD636640

Driver Base: AD62D000

Driver End: AD63E000

Driver Name: \??\C:\WINDOWS\system32\drivers\PCTAppEvent.sys

Function Name: ZwCreateKey

Address: BA744CCE

Driver Base: 0

Driver End: 0

Driver Name: _unknown_

Function Name: ZwCreateProcess

Address: AD63672E

Driver Base: AD62D000

Driver End: AD63E000

Driver Name: \??\C:\WINDOWS\system32\drivers\PCTAppEvent.sys

Function Name: ZwCreateProcessEx

Address: AD6367BA

Driver Base: AD62D000

Driver End: AD63E000

Driver Name: \??\C:\WINDOWS\system32\drivers\PCTAppEvent.sys

Function Name: ZwCreateThread

Address: BA744CC4

Driver Base: 0

Driver End: 0

Driver Name: _unknown_

Function Name: ZwDebugActiveProcess

Address: AD636980

Driver Base: AD62D000

Driver End: AD63E000

Driver Name: \??\C:\WINDOWS\system32\drivers\PCTAppEvent.sys

Function Name: ZwDeleteKey

Address: BA744CD3

Driver Base: 0

Driver End: 0

Driver Name: _unknown_

Function Name: ZwDeleteValueKey

Address: BA744CDD

Driver Base: 0

Driver End: 0

Driver Name: _unknown_

Function Name: ZwDuplicateObject

Address: AD6369D4

Driver Base: AD62D000

Driver End: AD63E000

Driver Name: \??\C:\WINDOWS\system32\drivers\PCTAppEvent.sys

Function Name: ZwEnumerateKey

Address: B9EC6CA2

Driver Base: B9EA7000

Driver End: B9FA7000

Driver Name: sppt.sys

Function Name: ZwEnumerateValueKey

Address: B9EC7030

Driver Base: B9EA7000

Driver End: B9FA7000

Driver Name: sppt.sys

Function Name: ZwLoadDriver

Address: AD636A3A

Driver Base: AD62D000

Driver End: AD63E000

Driver Name: \??\C:\WINDOWS\system32\drivers\PCTAppEvent.sys

Function Name: ZwLoadKey

Address: BA744CE2

Driver Base: 0

Driver End: 0

Driver Name: _unknown_

Function Name: ZwOpenKey

Address: AD636A8C

Driver Base: AD62D000

Driver End: AD63E000

Driver Name: \??\C:\WINDOWS\system32\drivers\PCTAppEvent.sys

Function Name: ZwOpenProcess

Address: BA744CB0

Driver Base: 0

Driver End: 0

Driver Name: _unknown_

Function Name: ZwOpenSection

Address: AD636AE4

Driver Base: AD62D000

Driver End: AD63E000

Driver Name: \??\C:\WINDOWS\system32\drivers\PCTAppEvent.sys

Function Name: ZwOpenThread

Address: AD636B3C

Driver Base: AD62D000

Driver End: AD63E000

Driver Name: \??\C:\WINDOWS\system32\drivers\PCTAppEvent.sys

Function Name: ZwProtectVirtualMemory

Address: AD636BFA

Driver Base: AD62D000

Driver End: AD63E000

Driver Name: \??\C:\WINDOWS\system32\drivers\PCTAppEvent.sys

Function Name: ZwQueryKey

Address: B9EC7108

Driver Base: B9EA7000

Driver End: B9FA7000

Driver Name: sppt.sys

Function Name: ZwQueryValueKey

Address: B9EC6F88

Driver Base: B9EA7000

Driver End: B9FA7000

Driver Name: sppt.sys

Function Name: ZwReplaceKey

Address: BA744CEC

Driver Base: 0

Driver End: 0

Driver Name: _unknown_

Function Name: ZwRestoreKey

Address: AD636C58

Driver Base: AD62D000

Driver End: AD63E000

Driver Name: \??\C:\WINDOWS\system32\drivers\PCTAppEvent.sys

Function Name: ZwResumeThread

Address: AD636CB6

Driver Base: AD62D000

Driver End: AD63E000

Driver Name: \??\C:\WINDOWS\system32\drivers\PCTAppEvent.sys

Function Name: ZwSecureConnectPort

Address: AD636D74

Driver Base: AD62D000

Driver End: AD63E000

Driver Name: \??\C:\WINDOWS\system32\drivers\PCTAppEvent.sys

Function Name: ZwSetValueKey

Address: AD636D08

Driver Base: AD62D000

Driver End: AD63E000

Driver Name: \??\C:\WINDOWS\system32\drivers\PCTAppEvent.sys

Function Name: ZwSuspendProcess

Address: AD636DDE

Driver Base: AD62D000

Driver End: AD63E000

Driver Name: \??\C:\WINDOWS\system32\drivers\PCTAppEvent.sys

Function Name: ZwSystemDebugControl

Address: AD636E30

Driver Base: AD62D000

Driver End: AD63E000

Driver Name: \??\C:\WINDOWS\system32\drivers\PCTAppEvent.sys

Function Name: ZwTerminateProcess

Address: AD636E90

Driver Base: AD62D000

Driver End: AD63E000

Driver Name: \??\C:\WINDOWS\system32\drivers\PCTAppEvent.sys

Function Name: ZwWriteVirtualMemory

Address: AD636EF4

Driver Base: AD62D000

Driver End: AD63E000

Driver Name: \??\C:\WINDOWS\system32\drivers\PCTAppEvent.sys

********************************************************************************

**********

********************************************************************************

**********

No Kernel Hooks found

********************************************************************************

**********

********************************************************************************

**********

IRP Hooks:

Hooked Module: C:\WINDOWS\system32\DRIVERS\raspti.sys

Hooked IRP: IRP_MJ_CREATE

Jump To: 8A65CE4E

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\DRIVERS\raspti.sys

Hooked IRP: IRP_MJ_CREATE_NAMED_PIPE

Jump To: 8A6631F4

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\DRIVERS\raspti.sys

Hooked IRP: IRP_MJ_CLOSE

Jump To: 8A65CD7F

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\DRIVERS\raspti.sys

Hooked IRP: IRP_MJ_READ

Jump To: 8A6631F4

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\DRIVERS\raspti.sys

Hooked IRP: IRP_MJ_WRITE

Jump To: 8A6631F4

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\DRIVERS\raspti.sys

Hooked IRP: IRP_MJ_QUERY_INFORMATION

Jump To: 8A6631F4

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\DRIVERS\raspti.sys

Hooked IRP: IRP_MJ_SET_INFORMATION

Jump To: 8A6631F4

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\DRIVERS\raspti.sys

Hooked IRP: IRP_MJ_QUERY_EA

Jump To: 8A6631F4

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\DRIVERS\raspti.sys

Hooked IRP: IRP_MJ_SET_EA

Jump To: 8A6631F4

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\DRIVERS\raspti.sys

Hooked IRP: IRP_MJ_FLUSH_BUFFERS

Jump To: 8A6631F4

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\DRIVERS\raspti.sys

Hooked IRP: IRP_MJ_QUERY_VOLUME_INFORMATION

Jump To: 8A6631F4

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\DRIVERS\raspti.sys

Hooked IRP: IRP_MJ_SET_VOLUME_INFORMATION

Jump To: 8A6631F4

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\DRIVERS\raspti.sys

Hooked IRP: IRP_MJ_DIRECTORY_CONTROL

Jump To: 8A6631F4

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\DRIVERS\raspti.sys

Hooked IRP: IRP_MJ_FILE_SYSTEM_CONTROL

Jump To: 8A6631F4

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\DRIVERS\raspti.sys

Hooked IRP: IRP_MJ_DEVICE_CONTROL

Jump To: 8A663010

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\DRIVERS\raspti.sys

Hooked IRP: IRP_MJ_INTERNAL_DEVICE_CONTROL

Jump To: 8A6631F4

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\DRIVERS\raspti.sys

Hooked IRP: IRP_MJ_SHUTDOWN

Jump To: 8A6631F4

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\DRIVERS\raspti.sys

Hooked IRP: IRP_MJ_LOCK_CONTROL

Jump To: 8A6631F4

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\DRIVERS\raspti.sys

Hooked IRP: IRP_MJ_CLEANUP

Jump To: 8A6631F4

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\DRIVERS\raspti.sys

Hooked IRP: IRP_MJ_CREATE_MAILSLOT

Jump To: 8A6631F4

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\DRIVERS\raspti.sys

Hooked IRP: IRP_MJ_QUERY_SECURITY

Jump To: 8A6631F4

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\DRIVERS\raspti.sys

Hooked IRP: IRP_MJ_SET_SECURITY

Jump To: 8A6631F4

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\DRIVERS\raspti.sys

Hooked IRP: IRP_MJ_POWER

Jump To: 8A67089A

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\DRIVERS\raspti.sys

Hooked IRP: IRP_MJ_SYSTEM_CONTROL

Jump To: 8A663415

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\DRIVERS\raspti.sys

Hooked IRP: IRP_MJ_DEVICE_CHANGE

Jump To: 8A6631F4

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\DRIVERS\raspti.sys

Hooked IRP: IRP_MJ_QUERY_QUOTA

Jump To: 8A6631F4

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\DRIVERS\raspti.sys

Hooked IRP: IRP_MJ_SET_QUOTA

Jump To: 8A6631F4

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\drivers\perc2.sys

Hooked IRP: IRP_MJ_CREATE

Jump To: 8A7781F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\perc2.sys

Hooked IRP: IRP_MJ_CLOSE

Jump To: 8A7781F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\perc2.sys

Hooked IRP: IRP_MJ_DEVICE_CONTROL

Jump To: 8A7781F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\perc2.sys

Hooked IRP: IRP_MJ_INTERNAL_DEVICE_CONTROL

Jump To: 8A7781F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\perc2.sys

Hooked IRP: IRP_MJ_POWER

Jump To: 8A7781F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\perc2.sys

Hooked IRP: IRP_MJ_SYSTEM_CONTROL

Jump To: 8A7781F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\ql10wnt.sys

Hooked IRP: IRP_MJ_CREATE

Jump To: 8A7811F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\ql10wnt.sys

Hooked IRP: IRP_MJ_CLOSE

Jump To: 8A7811F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\ql10wnt.sys

Hooked IRP: IRP_MJ_DEVICE_CONTROL

Jump To: 8A7811F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\ql10wnt.sys

Hooked IRP: IRP_MJ_INTERNAL_DEVICE_CONTROL

Jump To: 8A7811F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\ql10wnt.sys

Hooked IRP: IRP_MJ_POWER

Jump To: 8A7811F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\ql10wnt.sys

Hooked IRP: IRP_MJ_SYSTEM_CONTROL

Jump To: 8A7811F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\cbidf2k.sys

Hooked IRP: IRP_MJ_CREATE

Jump To: 8A7751F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\cbidf2k.sys

Hooked IRP: IRP_MJ_CLOSE

Jump To: 8A7751F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\cbidf2k.sys

Hooked IRP: IRP_MJ_DEVICE_CONTROL

Jump To: 8A7751F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\cbidf2k.sys

Hooked IRP: IRP_MJ_INTERNAL_DEVICE_CONTROL

Jump To: 8A7751F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\cbidf2k.sys

Hooked IRP: IRP_MJ_POWER

Jump To: 8A7751F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\cbidf2k.sys

Hooked IRP: IRP_MJ_SYSTEM_CONTROL

Jump To: 8A7751F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\ini910u.sys

Hooked IRP: IRP_MJ_CREATE

Jump To: 8A77E1F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\ini910u.sys

Hooked IRP: IRP_MJ_CLOSE

Jump To: 8A77E1F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\ini910u.sys

Hooked IRP: IRP_MJ_DEVICE_CONTROL

Jump To: 8A77E1F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\ini910u.sys

Hooked IRP: IRP_MJ_INTERNAL_DEVICE_CONTROL

Jump To: 8A77E1F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\ini910u.sys

Hooked IRP: IRP_MJ_POWER

Jump To: 8A77E1F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\ini910u.sys

Hooked IRP: IRP_MJ_SYSTEM_CONTROL

Jump To: 8A77E1F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\DRIVERS\pctfw.sys

Hooked IRP: IRP_MJ_POWER

Jump To: 8A67089A

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\DRIVERS\pctfw.sys

Hooked IRP: IRP_MJ_SYSTEM_CONTROL

Jump To: 8A663415

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\drivers\ql1280.sys

Hooked IRP: IRP_MJ_CREATE

Jump To: 8A7E71F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\ql1280.sys

Hooked IRP: IRP_MJ_CLOSE

Jump To: 8A7E71F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\ql1280.sys

Hooked IRP: IRP_MJ_DEVICE_CONTROL

Jump To: 8A7E71F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\ql1280.sys

Hooked IRP: IRP_MJ_INTERNAL_DEVICE_CONTROL

Jump To: 8A7E71F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\ql1280.sys

Hooked IRP: IRP_MJ_POWER

Jump To: 8A7E71F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\ql1280.sys

Hooked IRP: IRP_MJ_SYSTEM_CONTROL

Jump To: 8A7E71F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\asc.sys

Hooked IRP: IRP_MJ_CREATE

Jump To: 8A7801F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\asc.sys

Hooked IRP: IRP_MJ_CLOSE

Jump To: 8A7801F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\asc.sys

Hooked IRP: IRP_MJ_DEVICE_CONTROL

Jump To: 8A7801F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\asc.sys

Hooked IRP: IRP_MJ_INTERNAL_DEVICE_CONTROL

Jump To: 8A7801F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\asc.sys

Hooked IRP: IRP_MJ_POWER

Jump To: 8A7801F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\asc.sys

Hooked IRP: IRP_MJ_SYSTEM_CONTROL

Jump To: 8A7801F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\asc3350p.sys

Hooked IRP: IRP_MJ_CREATE

Jump To: 8A7EB1F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\asc3350p.sys

Hooked IRP: IRP_MJ_CLOSE

Jump To: 8A7EB1F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\asc3350p.sys

Hooked IRP: IRP_MJ_DEVICE_CONTROL

Jump To: 8A7EB1F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\asc3350p.sys

Hooked IRP: IRP_MJ_INTERNAL_DEVICE_CONTROL

Jump To: 8A7EB1F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\asc3350p.sys

Hooked IRP: IRP_MJ_POWER

Jump To: 8A7EB1F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\asc3350p.sys

Hooked IRP: IRP_MJ_SYSTEM_CONTROL

Jump To: 8A7EB1F8

Hooking Module: _unknown_

Hooked Module: \Driver\PCI_PNP6010

Hooked IRP: IRP_MJ_CREATE

Jump To: B9EEBB1C

Hooking Module: sppt.sys

Hooked Module: \Driver\PCI_PNP6010

Hooked IRP: IRP_MJ_CREATE_NAMED_PIPE

Jump To: B9EEBB1C

Hooking Module: sppt.sys

Hooked Module: \Driver\PCI_PNP6010

Hooked IRP: IRP_MJ_CLOSE

Jump To: B9EEBB1C

Hooking Module: sppt.sys

Hooked Module: \Driver\PCI_PNP6010

Hooked IRP: IRP_MJ_READ

Jump To: B9EEBB1C

Hooking Module: sppt.sys

Hooked Module: \Driver\PCI_PNP6010

Hooked IRP: IRP_MJ_WRITE

Jump To: B9EEBB1C

Hooking Module: sppt.sys

Hooked Module: \Driver\PCI_PNP6010

Hooked IRP: IRP_MJ_QUERY_INFORMATION

Jump To: B9EEBB1C

Hooking Module: sppt.sys

Hooked Module: \Driver\PCI_PNP6010

Hooked IRP: IRP_MJ_SET_INFORMATION

Jump To: B9EEBB1C

Hooking Module: sppt.sys

Hooked Module: \Driver\PCI_PNP6010

Hooked IRP: IRP_MJ_QUERY_EA

Jump To: B9EEBB1C

Hooking Module: sppt.sys

Hooked Module: \Driver\PCI_PNP6010

Hooked IRP: IRP_MJ_SET_EA

Jump To: B9EEBB1C

Hooking Module: sppt.sys

Hooked Module: \Driver\PCI_PNP6010

Hooked IRP: IRP_MJ_FLUSH_BUFFERS

Jump To: B9EEBB1C

Hooking Module: sppt.sys

Hooked Module: \Driver\PCI_PNP6010

Hooked IRP: IRP_MJ_QUERY_VOLUME_INFORMATION

Jump To: B9EEBB1C

Hooking Module: sppt.sys

Hooked Module: \Driver\PCI_PNP6010

Hooked IRP: IRP_MJ_SET_VOLUME_INFORMATION

Jump To: B9EEBB1C

Hooking Module: sppt.sys

Hooked Module: \Driver\PCI_PNP6010

Hooked IRP: IRP_MJ_DIRECTORY_CONTROL

Jump To: B9EEBB1C

Hooking Module: sppt.sys

Hooked Module: \Driver\PCI_PNP6010

Hooked IRP: IRP_MJ_FILE_SYSTEM_CONTROL

Jump To: B9EEBB1C

Hooking Module: sppt.sys

Hooked Module: \Driver\PCI_PNP6010

Hooked IRP: IRP_MJ_DEVICE_CONTROL

Jump To: B9EEBB1C

Hooking Module: sppt.sys

Hooked Module: \Driver\PCI_PNP6010

Hooked IRP: IRP_MJ_INTERNAL_DEVICE_CONTROL

Jump To: B9EEBB1C

Hooking Module: sppt.sys

Hooked Module: \Driver\PCI_PNP6010

Hooked IRP: IRP_MJ_SHUTDOWN

Jump To: B9EEBB1C

Hooking Module: sppt.sys

Hooked Module: \Driver\PCI_PNP6010

Hooked IRP: IRP_MJ_LOCK_CONTROL

Jump To: B9EEBB1C

Hooking Module: sppt.sys

Hooked Module: \Driver\PCI_PNP6010

Hooked IRP: IRP_MJ_CLEANUP

Jump To: B9EEBB1C

Hooking Module: sppt.sys

Hooked Module: \Driver\PCI_PNP6010

Hooked IRP: IRP_MJ_CREATE_MAILSLOT

Jump To: B9EEBB1C

Hooking Module: sppt.sys

Hooked Module: \Driver\PCI_PNP6010

Hooked IRP: IRP_MJ_QUERY_SECURITY

Jump To: B9EEBB1C

Hooking Module: sppt.sys

Hooked Module: \Driver\PCI_PNP6010

Hooked IRP: IRP_MJ_SET_SECURITY

Jump To: B9EEBB1C

Hooking Module: sppt.sys

Hooked Module: \Driver\PCI_PNP6010

Hooked IRP: IRP_MJ_POWER

Jump To: B9EAFE1C

Hooking Module: sppt.sys

Hooked Module: \Driver\PCI_PNP6010

Hooked IRP: IRP_MJ_SYSTEM_CONTROL

Jump To: B9EC4514

Hooking Module: sppt.sys

Hooked Module: \Driver\PCI_PNP6010

Hooked IRP: IRP_MJ_DEVICE_CHANGE

Jump To: B9EEBB1C

Hooking Module: sppt.sys

Hooked Module: \Driver\PCI_PNP6010

Hooked IRP: IRP_MJ_QUERY_QUOTA

Jump To: B9EEBB1C

Hooking Module: sppt.sys

Hooked Module: \Driver\PCI_PNP6010

Hooked IRP: IRP_MJ_SET_QUOTA

Jump To: B9EEBB1C

Hooking Module: sppt.sys

Hooked Module: C:\WINDOWS\system32\drivers\cd20xrnt.sys

Hooked IRP: IRP_MJ_CREATE

Jump To: 8A77A1F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\cd20xrnt.sys

Hooked IRP: IRP_MJ_CLOSE

Jump To: 8A77A1F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\cd20xrnt.sys

Hooked IRP: IRP_MJ_DEVICE_CONTROL

Jump To: 8A77A1F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\cd20xrnt.sys

Hooked IRP: IRP_MJ_INTERNAL_DEVICE_CONTROL

Jump To: 8A77A1F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\cd20xrnt.sys

Hooked IRP: IRP_MJ_POWER

Jump To: 8A77A1F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\cd20xrnt.sys

Hooked IRP: IRP_MJ_SYSTEM_CONTROL

Jump To: 8A77A1F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\mraid35x.sys

Hooked IRP: IRP_MJ_CREATE

Jump To: 8A77F1F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\mraid35x.sys

Hooked IRP: IRP_MJ_CLOSE

Jump To: 8A77F1F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\mraid35x.sys

Hooked IRP: IRP_MJ_DEVICE_CONTROL

Jump To: 8A77F1F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\mraid35x.sys

Hooked IRP: IRP_MJ_INTERNAL_DEVICE_CONTROL

Jump To: 8A77F1F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\mraid35x.sys

Hooked IRP: IRP_MJ_POWER

Jump To: 8A77F1F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\mraid35x.sys

Hooked IRP: IRP_MJ_SYSTEM_CONTROL

Jump To: 8A77F1F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS

Hooked IRP: IRP_MJ_CREATE

Jump To: 8A40D500

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS

Hooked IRP: IRP_MJ_CLOSE

Jump To: 8A40D500

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS

Hooked IRP: IRP_MJ_READ

Jump To: 8A40D500

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS

Hooked IRP: IRP_MJ_WRITE

Jump To: 8A40D500

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS

Hooked IRP: IRP_MJ_DEVICE_CONTROL

Jump To: 8A40D500

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS

Hooked IRP: IRP_MJ_INTERNAL_DEVICE_CONTROL

Jump To: 8A40D500

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS

Hooked IRP: IRP_MJ_POWER

Jump To: 8A40D500

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS

Hooked IRP: IRP_MJ_SYSTEM_CONTROL

Jump To: 8A40D500

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\DRIVERS\psched.sys

Hooked IRP: IRP_MJ_CREATE

Jump To: 8A65CE4E

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\DRIVERS\psched.sys

Hooked IRP: IRP_MJ_CREATE_NAMED_PIPE

Jump To: 8A6631F4

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\DRIVERS\psched.sys

Hooked IRP: IRP_MJ_CLOSE

Jump To: 8A65CD7F

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\DRIVERS\psched.sys

Hooked IRP: IRP_MJ_READ

Jump To: 8A6631F4

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\DRIVERS\psched.sys

Hooked IRP: IRP_MJ_WRITE

Jump To: 8A6631F4

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\DRIVERS\psched.sys

Hooked IRP: IRP_MJ_QUERY_INFORMATION

Jump To: 8A6631F4

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\DRIVERS\psched.sys

Hooked IRP: IRP_MJ_SET_INFORMATION

Jump To: 8A6631F4

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\DRIVERS\psched.sys

Hooked IRP: IRP_MJ_QUERY_EA

Jump To: 8A6631F4

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\DRIVERS\psched.sys

Hooked IRP: IRP_MJ_SET_EA

Jump To: 8A6631F4

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\DRIVERS\psched.sys

Hooked IRP: IRP_MJ_FLUSH_BUFFERS

Jump To: 8A6631F4

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\DRIVERS\psched.sys

Hooked IRP: IRP_MJ_QUERY_VOLUME_INFORMATION

Jump To: 8A6631F4

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\DRIVERS\psched.sys

Hooked IRP: IRP_MJ_SET_VOLUME_INFORMATION

Jump To: 8A6631F4

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\DRIVERS\psched.sys

Hooked IRP: IRP_MJ_DIRECTORY_CONTROL

Jump To: 8A6631F4

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\DRIVERS\psched.sys

Hooked IRP: IRP_MJ_FILE_SYSTEM_CONTROL

Jump To: 8A6631F4

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\DRIVERS\psched.sys

Hooked IRP: IRP_MJ_DEVICE_CONTROL

Jump To: 8A663010

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\DRIVERS\psched.sys

Hooked IRP: IRP_MJ_INTERNAL_DEVICE_CONTROL

Jump To: 8A6631F4

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\DRIVERS\psched.sys

Hooked IRP: IRP_MJ_SHUTDOWN

Jump To: 8A6631F4

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\DRIVERS\psched.sys

Hooked IRP: IRP_MJ_LOCK_CONTROL

Jump To: 8A6631F4

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\DRIVERS\psched.sys

Hooked IRP: IRP_MJ_CLEANUP

Jump To: 8A6631F4

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\DRIVERS\psched.sys

Hooked IRP: IRP_MJ_CREATE_MAILSLOT

Jump To: 8A6631F4

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\DRIVERS\psched.sys

Hooked IRP: IRP_MJ_QUERY_SECURITY

Jump To: 8A6631F4

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\DRIVERS\psched.sys

Hooked IRP: IRP_MJ_SET_SECURITY

Jump To: 8A6631F4

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\DRIVERS\psched.sys

Hooked IRP: IRP_MJ_POWER

Jump To: 8A67089A

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\DRIVERS\psched.sys

Hooked IRP: IRP_MJ_SYSTEM_CONTROL

Jump To: 8A663415

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\DRIVERS\psched.sys

Hooked IRP: IRP_MJ_DEVICE_CHANGE

Jump To: 8A6631F4

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\DRIVERS\psched.sys

Hooked IRP: IRP_MJ_QUERY_QUOTA

Jump To: 8A6631F4

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\DRIVERS\psched.sys

Hooked IRP: IRP_MJ_SET_QUOTA

Jump To: 8A6631F4

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\drivers\dmio.sys

Hooked IRP: IRP_MJ_CREATE

Jump To: 8A7851F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\dmio.sys

Hooked IRP: IRP_MJ_CLOSE

Jump To: 8A7851F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\dmio.sys

Hooked IRP: IRP_MJ_READ

Jump To: 8A7851F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\dmio.sys

Hooked IRP: IRP_MJ_WRITE

Jump To: 8A7851F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\dmio.sys

Hooked IRP: IRP_MJ_FLUSH_BUFFERS

Jump To: 8A7851F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\dmio.sys

Hooked IRP: IRP_MJ_DEVICE_CONTROL

Jump To: 8A7851F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\dmio.sys

Hooked IRP: IRP_MJ_INTERNAL_DEVICE_CONTROL

Jump To: 8A7851F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\dmio.sys

Hooked IRP: IRP_MJ_SHUTDOWN

Jump To: 8A7851F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\dmio.sys

Hooked IRP: IRP_MJ_POWER

Jump To: 8A7851F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\dmio.sys

Hooked IRP: IRP_MJ_SYSTEM_CONTROL

Jump To: 8A7851F8

Hooking Module: _unknown_

Hooked Module: \Driver\sptd

Hooked IRP: IRP_MJ_CREATE

Jump To: B9EA8000

Hooking Module: sppt.sys

Hooked Module: \Driver\sptd

Hooked IRP: IRP_MJ_CREATE_NAMED_PIPE

Jump To: B9EA8000

Hooking Module: sppt.sys

Hooked Module: \Driver\sptd

Hooked IRP: IRP_MJ_CLOSE

Jump To: B9EA8000

Hooking Module: sppt.sys

Hooked Module: \Driver\sptd

Hooked IRP: IRP_MJ_READ

Jump To: B9EA8000

Hooking Module: sppt.sys

Hooked Module: \Driver\sptd

Hooked IRP: IRP_MJ_WRITE

Jump To: B9EA8000

Hooking Module: sppt.sys

Hooked Module: \Driver\sptd

Hooked IRP: IRP_MJ_QUERY_INFORMATION

Jump To: B9EA8000

Hooking Module: sppt.sys

Hooked Module: \Driver\sptd

Hooked IRP: IRP_MJ_SET_INFORMATION

Jump To: B9EA8000

Hooking Module: sppt.sys

Hooked Module: \Driver\sptd

Hooked IRP: IRP_MJ_QUERY_EA

Jump To: B9EA8000

Hooking Module: sppt.sys

Hooked Module: \Driver\sptd

Hooked IRP: IRP_MJ_SET_EA

Jump To: B9EA8000

Hooking Module: sppt.sys

Hooked Module: \Driver\sptd

Hooked IRP: IRP_MJ_FLUSH_BUFFERS

Jump To: B9EA8000

Hooking Module: sppt.sys

Hooked Module: \Driver\sptd

Hooked IRP: IRP_MJ_QUERY_VOLUME_INFORMATION

Jump To: B9EA8000

Hooking Module: sppt.sys

Hooked Module: \Driver\sptd

Hooked IRP: IRP_MJ_SET_VOLUME_INFORMATION

Jump To: B9EA8000

Hooking Module: sppt.sys

Hooked Module: \Driver\sptd

Hooked IRP: IRP_MJ_DIRECTORY_CONTROL

Jump To: B9EA8000

Hooking Module: sppt.sys

Hooked Module: \Driver\sptd

Hooked IRP: IRP_MJ_FILE_SYSTEM_CONTROL

Jump To: B9EA8000

Hooking Module: sppt.sys

Hooked Module: \Driver\sptd

Hooked IRP: IRP_MJ_DEVICE_CONTROL

Jump To: B9EA8000

Hooking Module: sppt.sys

Hooked Module: \Driver\sptd

Hooked IRP: IRP_MJ_INTERNAL_DEVICE_CONTROL

Jump To: B9EA8000

Hooking Module: sppt.sys

Hooked Module: \Driver\sptd

Hooked IRP: IRP_MJ_SHUTDOWN

Jump To: B9EA8000

Hooking Module: sppt.sys

Hooked Module: \Driver\sptd

Hooked IRP: IRP_MJ_LOCK_CONTROL

Jump To: B9EA8000

Hooking Module: sppt.sys

Hooked Module: \Driver\sptd

Hooked IRP: IRP_MJ_CLEANUP

Jump To: B9EA8000

Hooking Module: sppt.sys

Hooked Module: \Driver\sptd

Hooked IRP: IRP_MJ_CREATE_MAILSLOT

Jump To: B9EA8000

Hooking Module: sppt.sys

Hooked Module: \Driver\sptd

Hooked IRP: IRP_MJ_QUERY_SECURITY

Jump To: B9EA8000

Hooking Module: sppt.sys

Hooked Module: \Driver\sptd

Hooked IRP: IRP_MJ_SET_SECURITY

Jump To: B9EA8000

Hooking Module: sppt.sys

Hooked Module: \Driver\sptd

Hooked IRP: IRP_MJ_POWER

Jump To: B9EA8000

Hooking Module: sppt.sys

Hooked Module: \Driver\sptd

Hooked IRP: IRP_MJ_SYSTEM_CONTROL

Jump To: B9EA8000

Hooking Module: sppt.sys

Hooked Module: \Driver\sptd

Hooked IRP: IRP_MJ_DEVICE_CHANGE

Jump To: B9EA8000

Hooking Module: sppt.sys

Hooked Module: \Driver\sptd

Hooked IRP: IRP_MJ_QUERY_QUOTA

Jump To: B9EA8000

Hooking Module: sppt.sys

Hooked Module: \Driver\sptd

Hooked IRP: IRP_MJ_SET_QUOTA

Jump To: B9EA8000

Hooking Module: sppt.sys

Hooked Module: C:\WINDOWS\system32\DRIVERS\usbohci.sys

Hooked IRP: IRP_MJ_CREATE

Jump To: 8A416368

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\DRIVERS\usbohci.sys

Hooked IRP: IRP_MJ_CLOSE

Jump To: 8A416368

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\DRIVERS\usbohci.sys

Hooked IRP: IRP_MJ_DEVICE_CONTROL

Jump To: 8A416368

Hooking Module: _unknown_

Link to post
Share on other sites
china423

china423

Posted
  • Author
Posted

Hooked IRP: IRP_MJ_INTERNAL_DEVICE_CONTROL

Jump To: 8A416368

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\DRIVERS\usbohci.sys

Hooked IRP: IRP_MJ_POWER

Jump To: 8A416368

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\DRIVERS\usbohci.sys

Hooked IRP: IRP_MJ_SYSTEM_CONTROL

Jump To: 8A416368

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\symc8xx.sys

Hooked IRP: IRP_MJ_CREATE

Jump To: 8A7ED1F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\symc8xx.sys

Hooked IRP: IRP_MJ_CLOSE

Jump To: 8A7ED1F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\symc8xx.sys

Hooked IRP: IRP_MJ_DEVICE_CONTROL

Jump To: 8A7ED1F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\symc8xx.sys

Hooked IRP: IRP_MJ_INTERNAL_DEVICE_CONTROL

Jump To: 8A7ED1F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\symc8xx.sys

Hooked IRP: IRP_MJ_POWER

Jump To: 8A7ED1F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\symc8xx.sys

Hooked IRP: IRP_MJ_SYSTEM_CONTROL

Jump To: 8A7ED1F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\ultra.sys

Hooked IRP: IRP_MJ_CREATE

Jump To: 8A7EA1F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\ultra.sys

Hooked IRP: IRP_MJ_CLOSE

Jump To: 8A7EA1F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\ultra.sys

Hooked IRP: IRP_MJ_DEVICE_CONTROL

Jump To: 8A7EA1F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\ultra.sys

Hooked IRP: IRP_MJ_INTERNAL_DEVICE_CONTROL

Jump To: 8A7EA1F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\ultra.sys

Hooked IRP: IRP_MJ_POWER

Jump To: 8A7EA1F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\ultra.sys

Hooked IRP: IRP_MJ_SYSTEM_CONTROL

Jump To: 8A7EA1F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\DRIVERS\raspppoe.sys

Hooked IRP: IRP_MJ_CREATE

Jump To: 8A65CE4E

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\DRIVERS\raspppoe.sys

Hooked IRP: IRP_MJ_CREATE_NAMED_PIPE

Jump To: 8A6631F4

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\DRIVERS\raspppoe.sys

Hooked IRP: IRP_MJ_CLOSE

Jump To: 8A65CD7F

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\DRIVERS\raspppoe.sys

Hooked IRP: IRP_MJ_READ

Jump To: 8A6631F4

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\DRIVERS\raspppoe.sys

Hooked IRP: IRP_MJ_WRITE

Jump To: 8A6631F4

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\DRIVERS\raspppoe.sys

Hooked IRP: IRP_MJ_QUERY_INFORMATION

Jump To: 8A6631F4

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\DRIVERS\raspppoe.sys

Hooked IRP: IRP_MJ_SET_INFORMATION

Jump To: 8A6631F4

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\DRIVERS\raspppoe.sys

Hooked IRP: IRP_MJ_QUERY_EA

Jump To: 8A6631F4

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\DRIVERS\raspppoe.sys

Hooked IRP: IRP_MJ_SET_EA

Jump To: 8A6631F4

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\DRIVERS\raspppoe.sys

Hooked IRP: IRP_MJ_FLUSH_BUFFERS

Jump To: 8A6631F4

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\DRIVERS\raspppoe.sys

Hooked IRP: IRP_MJ_QUERY_VOLUME_INFORMATION

Jump To: 8A6631F4

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\DRIVERS\raspppoe.sys

Hooked IRP: IRP_MJ_SET_VOLUME_INFORMATION

Jump To: 8A6631F4

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\DRIVERS\raspppoe.sys

Hooked IRP: IRP_MJ_DIRECTORY_CONTROL

Jump To: 8A6631F4

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\DRIVERS\raspppoe.sys

Hooked IRP: IRP_MJ_FILE_SYSTEM_CONTROL

Jump To: 8A6631F4

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\DRIVERS\raspppoe.sys

Hooked IRP: IRP_MJ_DEVICE_CONTROL

Jump To: 8A663010

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\DRIVERS\raspppoe.sys

Hooked IRP: IRP_MJ_INTERNAL_DEVICE_CONTROL

Jump To: 8A6631F4

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\DRIVERS\raspppoe.sys

Hooked IRP: IRP_MJ_SHUTDOWN

Jump To: 8A6631F4

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\DRIVERS\raspppoe.sys

Hooked IRP: IRP_MJ_LOCK_CONTROL

Jump To: 8A6631F4

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\DRIVERS\raspppoe.sys

Hooked IRP: IRP_MJ_CLEANUP

Jump To: 8A6631F4

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\DRIVERS\raspppoe.sys

Hooked IRP: IRP_MJ_CREATE_MAILSLOT

Jump To: 8A6631F4

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\DRIVERS\raspppoe.sys

Hooked IRP: IRP_MJ_QUERY_SECURITY

Jump To: 8A6631F4

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\DRIVERS\raspppoe.sys

Hooked IRP: IRP_MJ_SET_SECURITY

Jump To: 8A6631F4

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\DRIVERS\raspppoe.sys

Hooked IRP: IRP_MJ_POWER

Jump To: 8A67089A

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\DRIVERS\raspppoe.sys

Hooked IRP: IRP_MJ_SYSTEM_CONTROL

Jump To: 8A663415

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\DRIVERS\raspppoe.sys

Hooked IRP: IRP_MJ_DEVICE_CHANGE

Jump To: 8A6631F4

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\DRIVERS\raspppoe.sys

Hooked IRP: IRP_MJ_QUERY_QUOTA

Jump To: 8A6631F4

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\DRIVERS\raspppoe.sys

Hooked IRP: IRP_MJ_SET_QUOTA

Jump To: 8A6631F4

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\drivers\aic78u2.sys

Hooked IRP: IRP_MJ_CREATE

Jump To: 8A77D1F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\aic78u2.sys

Hooked IRP: IRP_MJ_CLOSE

Jump To: 8A77D1F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\aic78u2.sys

Hooked IRP: IRP_MJ_DEVICE_CONTROL

Jump To: 8A77D1F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\aic78u2.sys

Hooked IRP: IRP_MJ_INTERNAL_DEVICE_CONTROL

Jump To: 8A77D1F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\aic78u2.sys

Hooked IRP: IRP_MJ_POWER

Jump To: 8A77D1F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\aic78u2.sys

Hooked IRP: IRP_MJ_SYSTEM_CONTROL

Jump To: 8A77D1F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\dac960nt.sys

Hooked IRP: IRP_MJ_CREATE

Jump To: 8A7F21F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\dac960nt.sys

Hooked IRP: IRP_MJ_CLOSE

Jump To: 8A7F21F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\dac960nt.sys

Hooked IRP: IRP_MJ_DEVICE_CONTROL

Jump To: 8A7F21F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\dac960nt.sys

Hooked IRP: IRP_MJ_INTERNAL_DEVICE_CONTROL

Jump To: 8A7F21F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\dac960nt.sys

Hooked IRP: IRP_MJ_POWER

Jump To: 8A7F21F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\dac960nt.sys

Hooked IRP: IRP_MJ_SYSTEM_CONTROL

Jump To: 8A7F21F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\adpu160m.sys

Hooked IRP: IRP_MJ_CREATE

Jump To: 8A7791F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\adpu160m.sys

Hooked IRP: IRP_MJ_CLOSE

Jump To: 8A7791F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\adpu160m.sys

Hooked IRP: IRP_MJ_DEVICE_CONTROL

Jump To: 8A7791F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\adpu160m.sys

Hooked IRP: IRP_MJ_INTERNAL_DEVICE_CONTROL

Jump To: 8A7791F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\adpu160m.sys

Hooked IRP: IRP_MJ_POWER

Jump To: 8A7791F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\adpu160m.sys

Hooked IRP: IRP_MJ_SYSTEM_CONTROL

Jump To: 8A7791F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\ftdisk.sys

Hooked IRP: IRP_MJ_CREATE

Jump To: 8A7F61F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\ftdisk.sys

Hooked IRP: IRP_MJ_READ

Jump To: 8A7F61F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\ftdisk.sys

Hooked IRP: IRP_MJ_WRITE

Jump To: 8A7F61F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\ftdisk.sys

Hooked IRP: IRP_MJ_FLUSH_BUFFERS

Jump To: 8A7F61F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\ftdisk.sys

Hooked IRP: IRP_MJ_DEVICE_CONTROL

Jump To: 8A7F61F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\ftdisk.sys

Hooked IRP: IRP_MJ_INTERNAL_DEVICE_CONTROL

Jump To: 8A7F61F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\ftdisk.sys

Hooked IRP: IRP_MJ_SHUTDOWN

Jump To: 8A7F61F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\ftdisk.sys

Hooked IRP: IRP_MJ_CLEANUP

Jump To: 8A7F61F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\ftdisk.sys

Hooked IRP: IRP_MJ_POWER

Jump To: 8A7F61F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\ftdisk.sys

Hooked IRP: IRP_MJ_SYSTEM_CONTROL

Jump To: 8A7F61F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\DRIVERS\rasl2tp.sys

Hooked IRP: IRP_MJ_CREATE

Jump To: 8A65CE4E

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\DRIVERS\rasl2tp.sys

Hooked IRP: IRP_MJ_CREATE_NAMED_PIPE

Jump To: 8A6631F4

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\DRIVERS\rasl2tp.sys

Hooked IRP: IRP_MJ_CLOSE

Jump To: 8A65CD7F

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\DRIVERS\rasl2tp.sys

Hooked IRP: IRP_MJ_READ

Jump To: 8A6631F4

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\DRIVERS\rasl2tp.sys

Hooked IRP: IRP_MJ_WRITE

Jump To: 8A6631F4

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\DRIVERS\rasl2tp.sys

Hooked IRP: IRP_MJ_QUERY_INFORMATION

Jump To: 8A6631F4

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\DRIVERS\rasl2tp.sys

Hooked IRP: IRP_MJ_SET_INFORMATION

Jump To: 8A6631F4

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\DRIVERS\rasl2tp.sys

Hooked IRP: IRP_MJ_QUERY_EA

Jump To: 8A6631F4

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\DRIVERS\rasl2tp.sys

Hooked IRP: IRP_MJ_SET_EA

Jump To: 8A6631F4

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\DRIVERS\rasl2tp.sys

Hooked IRP: IRP_MJ_FLUSH_BUFFERS

Jump To: 8A6631F4

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\DRIVERS\rasl2tp.sys

Hooked IRP: IRP_MJ_QUERY_VOLUME_INFORMATION

Jump To: 8A6631F4

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\DRIVERS\rasl2tp.sys

Hooked IRP: IRP_MJ_SET_VOLUME_INFORMATION

Jump To: 8A6631F4

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\DRIVERS\rasl2tp.sys

Hooked IRP: IRP_MJ_DIRECTORY_CONTROL

Jump To: 8A6631F4

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\DRIVERS\rasl2tp.sys

Hooked IRP: IRP_MJ_FILE_SYSTEM_CONTROL

Jump To: 8A6631F4

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\DRIVERS\rasl2tp.sys

Hooked IRP: IRP_MJ_DEVICE_CONTROL

Jump To: 8A663010

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\DRIVERS\rasl2tp.sys

Hooked IRP: IRP_MJ_INTERNAL_DEVICE_CONTROL

Jump To: 8A6631F4

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\DRIVERS\rasl2tp.sys

Hooked IRP: IRP_MJ_SHUTDOWN

Jump To: 8A6631F4

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\DRIVERS\rasl2tp.sys

Hooked IRP: IRP_MJ_LOCK_CONTROL

Jump To: 8A6631F4

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\DRIVERS\rasl2tp.sys

Hooked IRP: IRP_MJ_CLEANUP

Jump To: 8A6631F4

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\DRIVERS\rasl2tp.sys

Hooked IRP: IRP_MJ_CREATE_MAILSLOT

Jump To: 8A6631F4

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\DRIVERS\rasl2tp.sys

Hooked IRP: IRP_MJ_QUERY_SECURITY

Jump To: 8A6631F4

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\DRIVERS\rasl2tp.sys

Hooked IRP: IRP_MJ_SET_SECURITY

Jump To: 8A6631F4

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\DRIVERS\rasl2tp.sys

Hooked IRP: IRP_MJ_POWER

Jump To: 8A67089A

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\DRIVERS\rasl2tp.sys

Hooked IRP: IRP_MJ_SYSTEM_CONTROL

Jump To: 8A663415

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\DRIVERS\rasl2tp.sys

Hooked IRP: IRP_MJ_DEVICE_CHANGE

Jump To: 8A6631F4

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\DRIVERS\rasl2tp.sys

Hooked IRP: IRP_MJ_QUERY_QUOTA

Jump To: 8A6631F4

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\DRIVERS\rasl2tp.sys

Hooked IRP: IRP_MJ_SET_QUOTA

Jump To: 8A6631F4

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\drivers\sym_u3.sys

Hooked IRP: IRP_MJ_CREATE

Jump To: 8A7EC1F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\sym_u3.sys

Hooked IRP: IRP_MJ_CLOSE

Jump To: 8A7EC1F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\sym_u3.sys

Hooked IRP: IRP_MJ_DEVICE_CONTROL

Jump To: 8A7EC1F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\sym_u3.sys

Hooked IRP: IRP_MJ_INTERNAL_DEVICE_CONTROL

Jump To: 8A7EC1F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\sym_u3.sys

Hooked IRP: IRP_MJ_POWER

Jump To: 8A7EC1F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\sym_u3.sys

Hooked IRP: IRP_MJ_SYSTEM_CONTROL

Jump To: 8A7EC1F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\ABP480N5.SYS

Hooked IRP: IRP_MJ_CREATE

Jump To: 8A77B1F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\ABP480N5.SYS

Hooked IRP: IRP_MJ_CLOSE

Jump To: 8A77B1F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\ABP480N5.SYS

Hooked IRP: IRP_MJ_DEVICE_CONTROL

Jump To: 8A77B1F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\ABP480N5.SYS

Hooked IRP: IRP_MJ_INTERNAL_DEVICE_CONTROL

Jump To: 8A77B1F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\ABP480N5.SYS

Hooked IRP: IRP_MJ_POWER

Jump To: 8A77B1F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\ABP480N5.SYS

Hooked IRP: IRP_MJ_SYSTEM_CONTROL

Jump To: 8A77B1F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\DRIVERS\raspptp.sys

Hooked IRP: IRP_MJ_CREATE

Jump To: 8A65CE4E

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\DRIVERS\raspptp.sys

Hooked IRP: IRP_MJ_CREATE_NAMED_PIPE

Jump To: 8A6631F4

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\DRIVERS\raspptp.sys

Hooked IRP: IRP_MJ_CLOSE

Jump To: 8A65CD7F

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\DRIVERS\raspptp.sys

Hooked IRP: IRP_MJ_READ

Jump To: 8A6631F4

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\DRIVERS\raspptp.sys

Hooked IRP: IRP_MJ_WRITE

Jump To: 8A6631F4

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\DRIVERS\raspptp.sys

Hooked IRP: IRP_MJ_QUERY_INFORMATION

Jump To: 8A6631F4

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\DRIVERS\raspptp.sys

Hooked IRP: IRP_MJ_SET_INFORMATION

Jump To: 8A6631F4

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\DRIVERS\raspptp.sys

Hooked IRP: IRP_MJ_QUERY_EA

Jump To: 8A6631F4

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\DRIVERS\raspptp.sys

Hooked IRP: IRP_MJ_SET_EA

Jump To: 8A6631F4

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\DRIVERS\raspptp.sys

Hooked IRP: IRP_MJ_FLUSH_BUFFERS

Jump To: 8A6631F4

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\DRIVERS\raspptp.sys

Hooked IRP: IRP_MJ_QUERY_VOLUME_INFORMATION

Jump To: 8A6631F4

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\DRIVERS\raspptp.sys

Hooked IRP: IRP_MJ_SET_VOLUME_INFORMATION

Jump To: 8A6631F4

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\DRIVERS\raspptp.sys

Hooked IRP: IRP_MJ_DIRECTORY_CONTROL

Jump To: 8A6631F4

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\DRIVERS\raspptp.sys

Hooked IRP: IRP_MJ_FILE_SYSTEM_CONTROL

Jump To: 8A6631F4

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\DRIVERS\raspptp.sys

Hooked IRP: IRP_MJ_DEVICE_CONTROL

Jump To: 8A663010

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\DRIVERS\raspptp.sys

Hooked IRP: IRP_MJ_INTERNAL_DEVICE_CONTROL

Jump To: 8A6631F4

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\DRIVERS\raspptp.sys

Hooked IRP: IRP_MJ_SHUTDOWN

Jump To: 8A6631F4

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\DRIVERS\raspptp.sys

Hooked IRP: IRP_MJ_LOCK_CONTROL

Jump To: 8A6631F4

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\DRIVERS\raspptp.sys

Hooked IRP: IRP_MJ_CLEANUP

Jump To: 8A6631F4

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\DRIVERS\raspptp.sys

Hooked IRP: IRP_MJ_CREATE_MAILSLOT

Jump To: 8A6631F4

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\DRIVERS\raspptp.sys

Hooked IRP: IRP_MJ_QUERY_SECURITY

Jump To: 8A6631F4

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\DRIVERS\raspptp.sys

Hooked IRP: IRP_MJ_SET_SECURITY

Jump To: 8A6631F4

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\DRIVERS\raspptp.sys

Hooked IRP: IRP_MJ_POWER

Jump To: 8A67089A

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\DRIVERS\raspptp.sys

Hooked IRP: IRP_MJ_SYSTEM_CONTROL

Jump To: 8A663415

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\DRIVERS\raspptp.sys

Hooked IRP: IRP_MJ_DEVICE_CHANGE

Jump To: 8A6631F4

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\DRIVERS\raspptp.sys

Hooked IRP: IRP_MJ_QUERY_QUOTA

Jump To: 8A6631F4

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\DRIVERS\raspptp.sys

Hooked IRP: IRP_MJ_SET_QUOTA

Jump To: 8A6631F4

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\DRIVERS\EG1032xp.sys

Hooked IRP: IRP_MJ_CREATE

Jump To: 8A65CE4E

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\DRIVERS\EG1032xp.sys

Hooked IRP: IRP_MJ_CREATE_NAMED_PIPE

Jump To: 8A6631F4

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\DRIVERS\EG1032xp.sys

Hooked IRP: IRP_MJ_CLOSE

Jump To: 8A65CD7F

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\DRIVERS\EG1032xp.sys

Hooked IRP: IRP_MJ_READ

Jump To: 8A6631F4

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\DRIVERS\EG1032xp.sys

Hooked IRP: IRP_MJ_WRITE

Jump To: 8A6631F4

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\DRIVERS\EG1032xp.sys

Hooked IRP: IRP_MJ_QUERY_INFORMATION

Jump To: 8A6631F4

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\DRIVERS\EG1032xp.sys

Hooked IRP: IRP_MJ_SET_INFORMATION

Jump To: 8A6631F4

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\DRIVERS\EG1032xp.sys

Hooked IRP: IRP_MJ_QUERY_EA

Jump To: 8A6631F4

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\DRIVERS\EG1032xp.sys

Hooked IRP: IRP_MJ_SET_EA

Jump To: 8A6631F4

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\DRIVERS\EG1032xp.sys

Hooked IRP: IRP_MJ_FLUSH_BUFFERS

Jump To: 8A6631F4

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\DRIVERS\EG1032xp.sys

Hooked IRP: IRP_MJ_QUERY_VOLUME_INFORMATION

Jump To: 8A6631F4

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\DRIVERS\EG1032xp.sys

Hooked IRP: IRP_MJ_SET_VOLUME_INFORMATION

Jump To: 8A6631F4

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\DRIVERS\EG1032xp.sys

Hooked IRP: IRP_MJ_DIRECTORY_CONTROL

Jump To: 8A6631F4

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\DRIVERS\EG1032xp.sys

Hooked IRP: IRP_MJ_FILE_SYSTEM_CONTROL

Jump To: 8A6631F4

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\DRIVERS\EG1032xp.sys

Hooked IRP: IRP_MJ_DEVICE_CONTROL

Jump To: 8A663010

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\DRIVERS\EG1032xp.sys

Hooked IRP: IRP_MJ_INTERNAL_DEVICE_CONTROL

Jump To: 8A6631F4

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\DRIVERS\EG1032xp.sys

Hooked IRP: IRP_MJ_SHUTDOWN

Jump To: 8A6631F4

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\DRIVERS\EG1032xp.sys

Hooked IRP: IRP_MJ_LOCK_CONTROL

Jump To: 8A6631F4

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\DRIVERS\EG1032xp.sys

Hooked IRP: IRP_MJ_CLEANUP

Jump To: 8A6631F4

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\DRIVERS\EG1032xp.sys

Hooked IRP: IRP_MJ_CREATE_MAILSLOT

Jump To: 8A6631F4

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\DRIVERS\EG1032xp.sys

Hooked IRP: IRP_MJ_QUERY_SECURITY

Jump To: 8A6631F4

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\DRIVERS\EG1032xp.sys

Hooked IRP: IRP_MJ_SET_SECURITY

Jump To: 8A6631F4

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\DRIVERS\EG1032xp.sys

Hooked IRP: IRP_MJ_POWER

Jump To: 8A67089A

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\DRIVERS\EG1032xp.sys

Hooked IRP: IRP_MJ_SYSTEM_CONTROL

Jump To: 8A663415

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\DRIVERS\EG1032xp.sys

Hooked IRP: IRP_MJ_DEVICE_CHANGE

Jump To: 8A6631F4

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\DRIVERS\EG1032xp.sys

Hooked IRP: IRP_MJ_QUERY_QUOTA

Jump To: 8A6631F4

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\DRIVERS\EG1032xp.sys

Hooked IRP: IRP_MJ_SET_QUOTA

Jump To: 8A6631F4

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\drivers\ql1080.sys

Hooked IRP: IRP_MJ_CREATE

Jump To: 8A7E81F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\ql1080.sys

Hooked IRP: IRP_MJ_CLOSE

Jump To: 8A7E81F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\ql1080.sys

Hooked IRP: IRP_MJ_DEVICE_CONTROL

Jump To: 8A7E81F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\ql1080.sys

Hooked IRP: IRP_MJ_INTERNAL_DEVICE_CONTROL

Jump To: 8A7E81F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\ql1080.sys

Hooked IRP: IRP_MJ_POWER

Jump To: 8A7E81F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\ql1080.sys

Hooked IRP: IRP_MJ_SYSTEM_CONTROL

Jump To: 8A7E81F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\hpn.sys

Hooked IRP: IRP_MJ_CREATE

Jump To: 8A7761F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\hpn.sys

Hooked IRP: IRP_MJ_CLOSE

Jump To: 8A7761F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\hpn.sys

Hooked IRP: IRP_MJ_DEVICE_CONTROL

Jump To: 8A7761F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\hpn.sys

Hooked IRP: IRP_MJ_INTERNAL_DEVICE_CONTROL

Jump To: 8A7761F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\hpn.sys

Hooked IRP: IRP_MJ_POWER

Jump To: 8A7761F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\hpn.sys

Hooked IRP: IRP_MJ_SYSTEM_CONTROL

Jump To: 8A7761F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\symc810.sys

Hooked IRP: IRP_MJ_CREATE

Jump To: 8A7F31F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\symc810.sys

Hooked IRP: IRP_MJ_CLOSE

Jump To: 8A7F31F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\symc810.sys

Hooked IRP: IRP_MJ_DEVICE_CONTROL

Jump To: 8A7F31F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\symc810.sys

Hooked IRP: IRP_MJ_INTERNAL_DEVICE_CONTROL

Jump To: 8A7F31F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\symc810.sys

Hooked IRP: IRP_MJ_POWER

Jump To: 8A7F31F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\symc810.sys

Hooked IRP: IRP_MJ_SYSTEM_CONTROL

Jump To: 8A7F31F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\DRIVERS\netbt.sys

Hooked IRP: IRP_MJ_CREATE

Jump To: 8A5CF500

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\DRIVERS\netbt.sys

Hooked IRP: IRP_MJ_CLOSE

Jump To: 8A5CF500

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\DRIVERS\netbt.sys

Hooked IRP: IRP_MJ_DEVICE_CONTROL

Jump To: 8A5CF500

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\DRIVERS\netbt.sys

Hooked IRP: IRP_MJ_INTERNAL_DEVICE_CONTROL

Jump To: 8A5CF500

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\DRIVERS\netbt.sys

Hooked IRP: IRP_MJ_CLEANUP

Jump To: 8A5CF500

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\ql12160.sys

Hooked IRP: IRP_MJ_CREATE

Jump To: 8A7E61F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\ql12160.sys

Hooked IRP: IRP_MJ_CLOSE

Jump To: 8A7E61F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\ql12160.sys

Hooked IRP: IRP_MJ_DEVICE_CONTROL

Jump To: 8A7E61F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\ql12160.sys

Hooked IRP: IRP_MJ_INTERNAL_DEVICE_CONTROL

Jump To: 8A7E61F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\ql12160.sys

Hooked IRP: IRP_MJ_POWER

Jump To: 8A7E61F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\ql12160.sys

Hooked IRP: IRP_MJ_SYSTEM_CONTROL

Jump To: 8A7E61F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\DRIVERS\cdrom.sys

Hooked IRP: IRP_MJ_CREATE

Jump To: 8A5541F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\DRIVERS\cdrom.sys

Hooked IRP: IRP_MJ_CLOSE

Jump To: 8A5541F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\DRIVERS\cdrom.sys

Hooked IRP: IRP_MJ_READ

Jump To: 8A5541F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\DRIVERS\cdrom.sys

Hooked IRP: IRP_MJ_WRITE

Jump To: 8A5541F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\DRIVERS\cdrom.sys

Hooked IRP: IRP_MJ_FLUSH_BUFFERS

Jump To: 8A5541F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\DRIVERS\cdrom.sys

Hooked IRP: IRP_MJ_DEVICE_CONTROL

Jump To: 8A5541F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\DRIVERS\cdrom.sys

Hooked IRP: IRP_MJ_INTERNAL_DEVICE_CONTROL

Jump To: 8A5541F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\DRIVERS\cdrom.sys

Hooked IRP: IRP_MJ_SHUTDOWN

Jump To: 8A5541F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\DRIVERS\cdrom.sys

Hooked IRP: IRP_MJ_POWER

Jump To: 8A5541F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\DRIVERS\cdrom.sys

Hooked IRP: IRP_MJ_SYSTEM_CONTROL

Jump To: 8A5541F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\aic78xx.sys

Hooked IRP: IRP_MJ_CREATE

Jump To: 8A7821F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\aic78xx.sys

Hooked IRP: IRP_MJ_CLOSE

Jump To: 8A7821F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\aic78xx.sys

Hooked IRP: IRP_MJ_DEVICE_CONTROL

Jump To: 8A7821F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\aic78xx.sys

Hooked IRP: IRP_MJ_INTERNAL_DEVICE_CONTROL

Jump To: 8A7821F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\aic78xx.sys

Hooked IRP: IRP_MJ_POWER

Jump To: 8A7821F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\aic78xx.sys

Hooked IRP: IRP_MJ_SYSTEM_CONTROL

Jump To: 8A7821F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\DRIVERS\nic1394.sys

Hooked IRP: IRP_MJ_CREATE

Jump To: 8A65CE4E

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\DRIVERS\nic1394.sys

Hooked IRP: IRP_MJ_CREATE_NAMED_PIPE

Jump To: 8A6631F4

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\DRIVERS\nic1394.sys

Hooked IRP: IRP_MJ_CLOSE

Jump To: 8A65CD7F

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\DRIVERS\nic1394.sys

Hooked IRP: IRP_MJ_READ

Jump To: 8A6631F4

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\DRIVERS\nic1394.sys

Hooked IRP: IRP_MJ_WRITE

Jump To: 8A6631F4

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\DRIVERS\nic1394.sys

Hooked IRP: IRP_MJ_QUERY_INFORMATION

Jump To: 8A6631F4

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\DRIVERS\nic1394.sys

Hooked IRP: IRP_MJ_SET_INFORMATION

Jump To: 8A6631F4

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\DRIVERS\nic1394.sys

Hooked IRP: IRP_MJ_QUERY_EA

Jump To: 8A6631F4

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\DRIVERS\nic1394.sys

Hooked IRP: IRP_MJ_SET_EA

Jump To: 8A6631F4

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\DRIVERS\nic1394.sys

Hooked IRP: IRP_MJ_FLUSH_BUFFERS

Jump To: 8A6631F4

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\DRIVERS\nic1394.sys

Hooked IRP: IRP_MJ_QUERY_VOLUME_INFORMATION

Jump To: 8A6631F4

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\DRIVERS\nic1394.sys

Hooked IRP: IRP_MJ_SET_VOLUME_INFORMATION

Jump To: 8A6631F4

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\DRIVERS\nic1394.sys

Hooked IRP: IRP_MJ_DIRECTORY_CONTROL

Jump To: 8A6631F4

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\DRIVERS\nic1394.sys

Hooked IRP: IRP_MJ_FILE_SYSTEM_CONTROL

Jump To: 8A6631F4

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\DRIVERS\nic1394.sys

Hooked IRP: IRP_MJ_DEVICE_CONTROL

Jump To: 8A663010

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\DRIVERS\nic1394.sys

Hooked IRP: IRP_MJ_INTERNAL_DEVICE_CONTROL

Jump To: 8A6631F4

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\DRIVERS\nic1394.sys

Hooked IRP: IRP_MJ_SHUTDOWN

Jump To: 8A6631F4

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\DRIVERS\nic1394.sys

Hooked IRP: IRP_MJ_LOCK_CONTROL

Jump To: 8A6631F4

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\DRIVERS\nic1394.sys

Hooked IRP: IRP_MJ_CLEANUP

Jump To: 8A6631F4

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\DRIVERS\nic1394.sys

Hooked IRP: IRP_MJ_CREATE_MAILSLOT

Jump To: 8A6631F4

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\DRIVERS\nic1394.sys

Hooked IRP: IRP_MJ_QUERY_SECURITY

Jump To: 8A6631F4

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\DRIVERS\nic1394.sys

Hooked IRP: IRP_MJ_SET_SECURITY

Jump To: 8A6631F4

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\DRIVERS\nic1394.sys

Hooked IRP: IRP_MJ_POWER

Jump To: 8A67089A

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\DRIVERS\nic1394.sys

Hooked IRP: IRP_MJ_SYSTEM_CONTROL

Jump To: 8A663415

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\DRIVERS\nic1394.sys

Hooked IRP: IRP_MJ_DEVICE_CHANGE

Jump To: 8A6631F4

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\DRIVERS\nic1394.sys

Hooked IRP: IRP_MJ_QUERY_QUOTA

Jump To: 8A6631F4

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\DRIVERS\nic1394.sys

Hooked IRP: IRP_MJ_SET_QUOTA

Jump To: 8A6631F4

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\drivers\dac2w2k.sys

Hooked IRP: IRP_MJ_CREATE

Jump To: 8A7741F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\dac2w2k.sys

Hooked IRP: IRP_MJ_CLOSE

Jump To: 8A7741F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\dac2w2k.sys

Hooked IRP: IRP_MJ_DEVICE_CONTROL

Jump To: 8A7741F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\dac2w2k.sys

Hooked IRP: IRP_MJ_INTERNAL_DEVICE_CONTROL

Jump To: 8A7741F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\dac2w2k.sys

Hooked IRP: IRP_MJ_POWER

Jump To: 8A7741F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\dac2w2k.sys

Hooked IRP: IRP_MJ_SYSTEM_CONTROL

Jump To: 8A7741F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\amsint.sys

Hooked IRP: IRP_MJ_CREATE

Jump To: 8A7F11F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\amsint.sys

Hooked IRP: IRP_MJ_CLOSE

Jump To: 8A7F11F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\amsint.sys

Hooked IRP: IRP_MJ_DEVICE_CONTROL

Jump To: 8A7F11F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\amsint.sys

Hooked IRP: IRP_MJ_INTERNAL_DEVICE_CONTROL

Jump To: 8A7F11F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\amsint.sys

Hooked IRP: IRP_MJ_POWER

Jump To: 8A7F11F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\amsint.sys

Hooked IRP: IRP_MJ_SYSTEM_CONTROL

Jump To: 8A7F11F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\DRIVERS\usbehci.sys

Hooked IRP: IRP_MJ_CREATE

Jump To: 8A3EE500

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\DRIVERS\usbehci.sys

Hooked IRP: IRP_MJ_CLOSE

Jump To: 8A3EE500

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\DRIVERS\usbehci.sys

Hooked IRP: IRP_MJ_DEVICE_CONTROL

Jump To: 8A3EE500

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\DRIVERS\usbehci.sys

Hooked IRP: IRP_MJ_INTERNAL_DEVICE_CONTROL

Jump To: 8A3EE500

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\DRIVERS\usbehci.sys

Hooked IRP: IRP_MJ_POWER

Jump To: 8A3EE500

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\DRIVERS\usbehci.sys

Hooked IRP: IRP_MJ_SYSTEM_CONTROL

Jump To: 8A3EE500

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\ql1240.sys

Hooked IRP: IRP_MJ_CREATE

Jump To: 8A7EE1F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\ql1240.sys

Hooked IRP: IRP_MJ_CLOSE

Jump To: 8A7EE1F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\ql1240.sys

Hooked IRP: IRP_MJ_DEVICE_CONTROL

Jump To: 8A7EE1F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\ql1240.sys

Hooked IRP: IRP_MJ_INTERNAL_DEVICE_CONTROL

Jump To: 8A7EE1F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\ql1240.sys

Hooked IRP: IRP_MJ_POWER

Jump To: 8A7EE1F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\ql1240.sys

Hooked IRP: IRP_MJ_SYSTEM_CONTROL

Jump To: 8A7EE1F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\sparrow.sys

Hooked IRP: IRP_MJ_CREATE

Jump To: 8A7831F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\sparrow.sys

Hooked IRP: IRP_MJ_CLOSE

Jump To: 8A7831F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\sparrow.sys

Hooked IRP: IRP_MJ_DEVICE_CONTROL

Jump To: 8A7831F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\sparrow.sys

Hooked IRP: IRP_MJ_INTERNAL_DEVICE_CONTROL

Jump To: 8A7831F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\sparrow.sys

Hooked IRP: IRP_MJ_POWER

Jump To: 8A7831F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\sparrow.sys

Hooked IRP: IRP_MJ_SYSTEM_CONTROL

Jump To: 8A7831F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\sym_hi.sys

Hooked IRP: IRP_MJ_CREATE

Jump To: 8A77C1F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\sym_hi.sys

Hooked IRP: IRP_MJ_CLOSE

Jump To: 8A77C1F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\sym_hi.sys

Hooked IRP: IRP_MJ_DEVICE_CONTROL

Jump To: 8A77C1F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\sym_hi.sys

Hooked IRP: IRP_MJ_INTERNAL_DEVICE_CONTROL

Jump To: 8A77C1F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\sym_hi.sys

Hooked IRP: IRP_MJ_POWER

Jump To: 8A77C1F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\sym_hi.sys

Hooked IRP: IRP_MJ_SYSTEM_CONTROL

Jump To: 8A77C1F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\DRIVERS\ndiswan.sys

Hooked IRP: IRP_MJ_CREATE

Jump To: 8A65CE4E

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\DRIVERS\ndiswan.sys

Hooked IRP: IRP_MJ_CREATE_NAMED_PIPE

Jump To: 8A6631F4

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\DRIVERS\ndiswan.sys

Hooked IRP: IRP_MJ_CLOSE

Jump To: 8A65CD7F

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\DRIVERS\ndiswan.sys

Hooked IRP: IRP_MJ_READ

Jump To: 8A6631F4

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\DRIVERS\ndiswan.sys

Hooked IRP: IRP_MJ_WRITE

Jump To: 8A6631F4

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\DRIVERS\ndiswan.sys

Hooked IRP: IRP_MJ_QUERY_INFORMATION

Jump To: 8A6631F4

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\DRIVERS\ndiswan.sys

Hooked IRP: IRP_MJ_SET_INFORMATION

Jump To: 8A6631F4

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\DRIVERS\ndiswan.sys

Hooked IRP: IRP_MJ_QUERY_EA

Jump To: 8A6631F4

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\DRIVERS\ndiswan.sys

Hooked IRP: IRP_MJ_SET_EA

Jump To: 8A6631F4

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\DRIVERS\ndiswan.sys

Hooked IRP: IRP_MJ_FLUSH_BUFFERS

Jump To: 8A6631F4

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\DRIVERS\ndiswan.sys

Hooked IRP: IRP_MJ_QUERY_VOLUME_INFORMATION

Jump To: 8A6631F4

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\DRIVERS\ndiswan.sys

Hooked IRP: IRP_MJ_SET_VOLUME_INFORMATION

Jump To: 8A6631F4

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\DRIVERS\ndiswan.sys

Hooked IRP: IRP_MJ_DIRECTORY_CONTROL

Jump To: 8A6631F4

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\DRIVERS\ndiswan.sys

Hooked IRP: IRP_MJ_FILE_SYSTEM_CONTROL

Jump To: 8A6631F4

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\DRIVERS\ndiswan.sys

Hooked IRP: IRP_MJ_DEVICE_CONTROL

Jump To: 8A663010

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\DRIVERS\ndiswan.sys

Hooked IRP: IRP_MJ_INTERNAL_DEVICE_CONTROL

Jump To: 8A6631F4

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\DRIVERS\ndiswan.sys

Hooked IRP: IRP_MJ_SHUTDOWN

Jump To: 8A6631F4

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\DRIVERS\ndiswan.sys

Hooked IRP: IRP_MJ_LOCK_CONTROL

Jump To: 8A6631F4

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\DRIVERS\ndiswan.sys

Hooked IRP: IRP_MJ_CLEANUP

Jump To: 8A6631F4

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\DRIVERS\ndiswan.sys

Hooked IRP: IRP_MJ_CREATE_MAILSLOT

Jump To: 8A6631F4

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\DRIVERS\ndiswan.sys

Hooked IRP: IRP_MJ_QUERY_SECURITY

Jump To: 8A6631F4

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\DRIVERS\ndiswan.sys

Hooked IRP: IRP_MJ_SET_SECURITY

Jump To: 8A6631F4

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\DRIVERS\ndiswan.sys

Hooked IRP: IRP_MJ_POWER

Jump To: 8A67089A

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\DRIVERS\ndiswan.sys

Hooked IRP: IRP_MJ_SYSTEM_CONTROL

Jump To: 8A663415

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\DRIVERS\ndiswan.sys

Hooked IRP: IRP_MJ_DEVICE_CHANGE

Jump To: 8A6631F4

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\DRIVERS\ndiswan.sys

Hooked IRP: IRP_MJ_QUERY_QUOTA

Jump To: 8A6631F4

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\DRIVERS\ndiswan.sys

Hooked IRP: IRP_MJ_SET_QUOTA

Jump To: 8A6631F4

Hooking Module: C:\WINDOWS\system32\drivers\NDIS.sys

Hooked Module: C:\WINDOWS\system32\drivers\perc2hib.sys

Hooked IRP: IRP_MJ_CREATE

Jump To: 8A7771F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\perc2hib.sys

Hooked IRP: IRP_MJ_CREATE_NAMED_PIPE

Jump To: 8A7771F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\perc2hib.sys

Hooked IRP: IRP_MJ_CLOSE

Jump To: 8A7771F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\perc2hib.sys

Hooked IRP: IRP_MJ_READ

Jump To: 8A7771F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\perc2hib.sys

Hooked IRP: IRP_MJ_WRITE

Jump To: 8A7771F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\perc2hib.sys

Hooked IRP: IRP_MJ_QUERY_INFORMATION

Jump To: 8A7771F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\perc2hib.sys

Hooked IRP: IRP_MJ_SET_INFORMATION

Jump To: 8A7771F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\perc2hib.sys

Hooked IRP: IRP_MJ_QUERY_EA

Jump To: 8A7771F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\perc2hib.sys

Hooked IRP: IRP_MJ_SET_EA

Jump To: 8A7771F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\perc2hib.sys

Hooked IRP: IRP_MJ_FLUSH_BUFFERS

Jump To: 8A7771F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\perc2hib.sys

Hooked IRP: IRP_MJ_QUERY_VOLUME_INFORMATION

Jump To: 8A7771F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\perc2hib.sys

Hooked IRP: IRP_MJ_SET_VOLUME_INFORMATION

Jump To: 8A7771F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\perc2hib.sys

Hooked IRP: IRP_MJ_DIRECTORY_CONTROL

Jump To: 8A7771F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\perc2hib.sys

Hooked IRP: IRP_MJ_FILE_SYSTEM_CONTROL

Jump To: 8A7771F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\perc2hib.sys

Hooked IRP: IRP_MJ_DEVICE_CONTROL

Jump To: 8A7771F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\perc2hib.sys

Hooked IRP: IRP_MJ_INTERNAL_DEVICE_CONTROL

Jump To: 8A7771F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\perc2hib.sys

Hooked IRP: IRP_MJ_SHUTDOWN

Jump To: 8A7771F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\perc2hib.sys

Hooked IRP: IRP_MJ_LOCK_CONTROL

Jump To: 8A7771F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\perc2hib.sys

Hooked IRP: IRP_MJ_CLEANUP

Jump To: 8A7771F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\perc2hib.sys

Hooked IRP: IRP_MJ_CREATE_MAILSLOT

Jump To: 8A7771F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\perc2hib.sys

Hooked IRP: IRP_MJ_QUERY_SECURITY

Jump To: 8A7771F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\perc2hib.sys

Hooked IRP: IRP_MJ_SET_SECURITY

Jump To: 8A7771F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\perc2hib.sys

Hooked IRP: IRP_MJ_POWER

Jump To: 8A7771F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\perc2hib.sys

Hooked IRP: IRP_MJ_SYSTEM_CONTROL

Jump To: 8A7771F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\perc2hib.sys

Hooked IRP: IRP_MJ_DEVICE_CHANGE

Jump To: 8A7771F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\perc2hib.sys

Hooked IRP: IRP_MJ_QUERY_QUOTA

Jump To: 8A7771F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\perc2hib.sys

Hooked IRP: IRP_MJ_SET_QUOTA

Jump To: 8A7771F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\aha154x.sys

Hooked IRP: IRP_MJ_CREATE

Jump To: 8A7F41F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\aha154x.sys

Hooked IRP: IRP_MJ_CLOSE

Jump To: 8A7F41F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\aha154x.sys

Hooked IRP: IRP_MJ_DEVICE_CONTROL

Jump To: 8A7F41F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\aha154x.sys

Hooked IRP: IRP_MJ_INTERNAL_DEVICE_CONTROL

Jump To: 8A7F41F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\aha154x.sys

Hooked IRP: IRP_MJ_POWER

Jump To: 8A7F41F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\aha154x.sys

Hooked IRP: IRP_MJ_SYSTEM_CONTROL

Jump To: 8A7F41F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\i2omp.sys

Hooked IRP: IRP_MJ_CREATE

Jump To: 8A7EF1F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\i2omp.sys

Hooked IRP: IRP_MJ_CLOSE

Jump To: 8A7EF1F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\i2omp.sys

Hooked IRP: IRP_MJ_DEVICE_CONTROL

Jump To: 8A7EF1F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\i2omp.sys

Hooked IRP: IRP_MJ_INTERNAL_DEVICE_CONTROL

Jump To: 8A7EF1F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\i2omp.sys

Hooked IRP: IRP_MJ_POWER

Jump To: 8A7EF1F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\i2omp.sys

Hooked IRP: IRP_MJ_SYSTEM_CONTROL

Jump To: 8A7EF1F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\dpti2o.sys

Hooked IRP: IRP_MJ_CREATE

Jump To: 8A7E91F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\dpti2o.sys

Hooked IRP: IRP_MJ_CLOSE

Jump To: 8A7E91F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\dpti2o.sys

Hooked IRP: IRP_MJ_DEVICE_CONTROL

Jump To: 8A7E91F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\dpti2o.sys

Hooked IRP: IRP_MJ_INTERNAL_DEVICE_CONTROL

Jump To: 8A7E91F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\dpti2o.sys

Hooked IRP: IRP_MJ_POWER

Jump To: 8A7E91F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\dpti2o.sys

Hooked IRP: IRP_MJ_SYSTEM_CONTROL

Jump To: 8A7E91F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\asc3550.sys

Hooked IRP: IRP_MJ_CREATE

Jump To: 8A7F01F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\asc3550.sys

Hooked IRP: IRP_MJ_CLOSE

Jump To: 8A7F01F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\asc3550.sys

Hooked IRP: IRP_MJ_DEVICE_CONTROL

Jump To: 8A7F01F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\asc3550.sys

Hooked IRP: IRP_MJ_INTERNAL_DEVICE_CONTROL

Jump To: 8A7F01F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\asc3550.sys

Hooked IRP: IRP_MJ_POWER

Jump To: 8A7F01F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\asc3550.sys

Hooked IRP: IRP_MJ_SYSTEM_CONTROL

Jump To: 8A7F01F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\cpqarray.sys

Hooked IRP: IRP_MJ_CREATE

Jump To: 8A7F51F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\cpqarray.sys

Hooked IRP: IRP_MJ_CLOSE

Jump To: 8A7F51F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\cpqarray.sys

Hooked IRP: IRP_MJ_DEVICE_CONTROL

Jump To: 8A7F51F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\cpqarray.sys

Hooked IRP: IRP_MJ_INTERNAL_DEVICE_CONTROL

Jump To: 8A7F51F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\cpqarray.sys

Hooked IRP: IRP_MJ_POWER

Jump To: 8A7F51F8

Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\cpqarray.sys

Hooked IRP: IRP_MJ_SYSTEM_CONTROL

Jump To: 8A7F51F8

Hooking Module: _unknown_

********************************************************************************

**********

********************************************************************************

**********

Ports:

Local Address: KEVIN.HSD1.IN.COMCAST.NET.:4292

Remote Address: A96-17-77-105.DEPLOY.AKAMAITECHNOLOGIES.COM:HTTP

Type: TCP

Process: C:\Program Files\Mozilla Firefox\firefox.exe

State: ESTABLISHED

Local Address: KEVIN.HSD1.IN.COMCAST.NET.:4285

Remote Address: A96-17-72-137.DEPLOY.AKAMAITECHNOLOGIES.COM:HTTP

Type: TCP

Process: C:\Program Files\Mozilla Firefox\firefox.exe

State: ESTABLISHED

Local Address: KEVIN.HSD1.IN.COMCAST.NET.:4280

Remote Address: IY-IN-F154.GOOGLE.COM:HTTP

Type: TCP

Process: C:\Program Files\Mozilla Firefox\firefox.exe

State: ESTABLISHED

Local Address: KEVIN.HSD1.IN.COMCAST.NET.:4279

Remote Address: IY-IN-F166.GOOGLE.COM:HTTP

Type: TCP

Process: C:\Program Files\Mozilla Firefox\firefox.exe

State: ESTABLISHED

Local Address: KEVIN.HSD1.IN.COMCAST.NET.:4277

Remote Address: IY-IN-F100.GOOGLE.COM:HTTP

Type: TCP

Process: C:\Program Files\Mozilla Firefox\firefox.exe

State: ESTABLISHED

Local Address: KEVIN.HSD1.IN.COMCAST.NET.:4276

Remote Address: IY-IN-F99.GOOGLE.COM:HTTP

Type: TCP

Process: C:\Program Files\Mozilla Firefox\firefox.exe

State: ESTABLISHED

Local Address: KEVIN.HSD1.IN.COMCAST.NET.:4275

Remote Address: IY-IN-F99.GOOGLE.COM:HTTP

Type: TCP

Process: C:\Program Files\Mozilla Firefox\firefox.exe

State: ESTABLISHED

Local Address: KEVIN.HSD1.IN.COMCAST.NET.:4274

Remote Address: IY-IN-F102.GOOGLE.COM:HTTP

Type: TCP

Process: C:\Program Files\Mozilla Firefox\firefox.exe

State: ESTABLISHED

Local Address: KEVIN.HSD1.IN.COMCAST.NET.:4257

Remote Address: IY-IN-F101.GOOGLE.COM:HTTP

Type: TCP

Process: C:\Program Files\Mozilla Firefox\firefox.exe

State: ESTABLISHED

Local Address: KEVIN.HSD1.IN.COMCAST.NET.:4246

Remote Address: IY-IN-F133.GOOGLE.COM:HTTP

Type: TCP

Process: C:\Program Files\Mozilla Firefox\firefox.exe

State: ESTABLISHED

Local Address: KEVIN.HSD1.IN.COMCAST.NET.:4245

Remote Address: IW-IN-F118.GOOGLE.COM:HTTP

Type: TCP

Process: C:\Program Files\Mozilla Firefox\firefox.exe

State: ESTABLISHED

Local Address: KEVIN.HSD1.IN.COMCAST.NET.:4244

Remote Address: IW-IN-F191.GOOGLE.COM:HTTP

Type: TCP

Process: C:\Program Files\Mozilla Firefox\firefox.exe

State: ESTABLISHED

Local Address: KEVIN.HSD1.IN.COMCAST.NET.:4243

Remote Address: IW-IN-F191.GOOGLE.COM:HTTP

Type: TCP

Process: C:\Program Files\Mozilla Firefox\firefox.exe

State: ESTABLISHED

Local Address: KEVIN.HSD1.IN.COMCAST.NET.:4240

Remote Address: IY-IN-F191.GOOGLE.COM:HTTP

Type: TCP

Process: C:\Program Files\Mozilla Firefox\firefox.exe

State: ESTABLISHED

Local Address: KEVIN.HSD1.IN.COMCAST.NET.:4239

Remote Address: IW-IN-F191.GOOGLE.COM:HTTP

Type: TCP

Process: C:\Program Files\Mozilla Firefox\firefox.exe

State: ESTABLISHED

Local Address: KEVIN.HSD1.IN.COMCAST.NET.:NETBIOS-SSN

Remote Address: 0.0.0.0:0

Type: TCP

Process: System

State: LISTENING

Local Address: KEVIN:27015

Remote Address: 0.0.0.0:0

Type: TCP

Process: C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

State: LISTENING

Local Address: KEVIN:5354

Remote Address: 0.0.0.0:0

Type: TCP

Process: C:\Program Files\Bonjour\mDNSResponder.exe

State: LISTENING

Local Address: KEVIN:5152

Remote Address: LOCALHOST:3704

Type: TCP

Process: C:\Program Files\Java\jre6\bin\jqs.exe

State: CLOSE_WAIT

Local Address: KEVIN:5152

Remote Address: 0.0.0.0:0

Type: TCP

Process: C:\Program Files\Java\jre6\bin\jqs.exe

State: LISTENING

Local Address: KEVIN:3703

Remote Address: LOCALHOST:3702

Type: TCP

Process: C:\Program Files\Mozilla Firefox\firefox.exe

State: ESTABLISHED

Local Address: KEVIN:3702

Remote Address: LOCALHOST:3703

Type: TCP

Process: C:\Program Files\Mozilla Firefox\firefox.exe

State: ESTABLISHED

Local Address: KEVIN:3699

Remote Address: LOCALHOST:3698

Type: TCP

Process: C:\Program Files\Mozilla Firefox\firefox.exe

State: ESTABLISHED

Local Address: KEVIN:3698

Remote Address: LOCALHOST:3699

Type: TCP

Process: C:\Program Files\Mozilla Firefox\firefox.exe

State: ESTABLISHED

Local Address: KEVIN:1035

Remote Address: 0.0.0.0:0

Type: TCP

Process: C:\WINDOWS\system32\alg.exe

State: LISTENING

Local Address: KEVIN:30103

Remote Address: 0.0.0.0:0

Type: TCP

Process: C:\WINDOWS\system32\svchost.exe

State: LISTENING

Local Address: KEVIN:MICROSOFT-DS

Remote Address: 0.0.0.0:0

Type: TCP

Process: System

State: LISTENING

Local Address: KEVIN:EPMAP

Remote Address: 0.0.0.0:0

Type: TCP

Process: C:\WINDOWS\system32\svchost.exe

State: LISTENING

Local Address: KEVIN.HSD1.IN.COMCAST.NET.:5353

Remote Address: NA

Type: UDP

Process: C:\Program Files\Bonjour\mDNSResponder.exe

State: NA

Local Address: KEVIN.HSD1.IN.COMCAST.NET.:1900

Remote Address: NA

Type: UDP

Process: C:\WINDOWS\system32\svchost.exe

State: NA

Local Address: KEVIN.HSD1.IN.COMCAST.NET.:138

Remote Address: NA

Type: UDP

Process: System

State: NA

Local Address: KEVIN.HSD1.IN.COMCAST.NET.:NETBIOS-NS

Remote Address: NA

Type: UDP

Process: System

State: NA

Local Address: KEVIN.HSD1.IN.COMCAST.NET.:123

Remote Address: NA

Type: UDP

Process: C:\WINDOWS\system32\svchost.exe

State: NA

Local Address: KEVIN:4870

Remote Address: NA

Type: UDP

Process: C:\Program Files\Internet Explorer\iexplore.exe

State: NA

Local Address: KEVIN:4132

Remote Address: NA

Type: UDP

Process: C:\Program Files\Internet Explorer\iexplore.exe

State: NA

Local Address: KEVIN:4071

Remote Address: NA

Type: UDP

Process: C:\Program Files\Internet Explorer\iexplore.exe

State: NA

Local Address: KEVIN:4003

Remote Address: NA

Type: UDP

Process: C:\Program Files\Internet Explorer\iexplore.exe

State: NA

Local Address: KEVIN:3982

Remote Address: NA

Type: UDP

Process: C:\Program Files\Internet Explorer\iexplore.exe

State: NA

Local Address: KEVIN:3647

Remote Address: NA

Type: UDP

Process: C:\Program Files\Internet Explorer\iexplore.exe

State: NA

Local Address: KEVIN:1900

Remote Address: NA

Type: UDP

Process: C:\WINDOWS\system32\svchost.exe

State: NA

Local Address: KEVIN:1044

Remote Address: NA

Type: UDP

Process: C:\WINDOWS\system32\svchost.exe

State: NA

Local Address: KEVIN:1037

Remote Address: NA

Type: UDP

Process: C:\WINDOWS\explorer.exe

State: NA

Local Address: KEVIN:123

Remote Address: NA

Type: UDP

Process: C:\WINDOWS\system32\svchost.exe

State: NA

Local Address: KEVIN:61185

Remote Address: NA

Type: UDP

Process: C:\Program Files\Bonjour\mDNSResponder.exe

State: NA

Local Address: KEVIN:4500

Remote Address: NA

Type: UDP

Process: C:\WINDOWS\system32\lsass.exe

State: NA

Local Address: KEVIN:1027

Remote Address: NA

Type: UDP

Process: C:\Program Files\Bonjour\mDNSResponder.exe

State: NA

Local Address: KEVIN:500

Remote Address: NA

Type: UDP

Process: C:\WINDOWS\system32\lsass.exe

State: NA

Local Address: KEVIN:MICROSOFT-DS

Remote Address: NA

Type: UDP

Process: System

State: NA

********************************************************************************

**********

********************************************************************************

**********

Hidden files/folders:

Object: C:\System Volume Information\catalog.wci

Status: Access denied

Object: C:\System Volume Information\MountPointManagerRemoteDatabase

Status: Access denied

Object: C:\System Volume Information\tracking.log

Status: Access denied

Object: C:\System Volume Information\_restore{4653E8F8-6519-4964-B7BD-828D96FBCC0E}

Status: Access denied

Link to post
Share on other sites
sjpritch25

sjpritch25

Posted
Posted

The only thing i see is that you have daemon tools which could be causing the BSOD.

Lets run another scan to be sure though.

Download Combofix from this webpage: http://www.bleepingcomputer.com/combofix/how-to-use-combofix

**Note: It is important that it is saved directly to your desktop**

--------------------------------------------------------------------

1. Close any open browsers.

2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

--------------------------------------------------------------------

Double click on combofix.exe & follow the prompts.

  • When finished, it will produce a report for you.
  • Please post the "C:\ComboFix.txt" along with a new HijackThis log for further review.

Note:

Do not mouseclick combofix's window while it's running. That may cause it to stall

Link to post
Share on other sites
china423

china423

Posted
  • Author
Posted

ComboFix 09-08-06.01 - Owner 08/06/2009 15:20.5.1 - NTFSx86

Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1406.877 [GMT -5:00]

Running from: c:\documents and settings\Owner\Desktop\ComboFix.exe

Command switches used :: c:\documents and settings\Owner\Desktop\CFScript.txt

AV: AntiVir Desktop *On-access scanning disabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7}

FW: PC Tools Firewall Plus *disabled* {ABBD5028-5A95-4B6D-996E-98D64AE88D52}

* Created a new restore point

FILE ::

"C:\cchksw.exe"

"c:\windows\arazaqawi.dll"

"c:\windows\ibupopep.dll"

"c:\windows\system32\bincd32.dat"

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

C:\cchksw.exe

c:\documents and settings\All Users\Application Data\12743754

c:\documents and settings\All Users\Application Data\12743754\12743754.glu

c:\documents and settings\All Users\Application Data\16491714

c:\documents and settings\All Users\Application Data\16491714\16491714

c:\documents and settings\All Users\Application Data\17665624

c:\documents and settings\All Users\Application Data\17665624\17665624

c:\documents and settings\All Users\Application Data\92753746

c:\documents and settings\Owner\Local Settings\Application Data\{C1CA01F8-FA0A-4FEA-A967-633E09549F65}

c:\documents and settings\Owner\Local Settings\Application Data\{C1CA01F8-FA0A-4FEA-A967-633E09549F65}\chrome.manifest

c:\documents and settings\Owner\Local Settings\Application Data\{C1CA01F8-FA0A-4FEA-A967-633E09549F65}\chrome\content\_cfg.js

c:\documents and settings\Owner\Local Settings\Application Data\{C1CA01F8-FA0A-4FEA-A967-633E09549F65}\chrome\content\overlay.xul

c:\documents and settings\Owner\Local Settings\Application Data\{C1CA01F8-FA0A-4FEA-A967-633E09549F65}\install.rdf

c:\program files\AskBarDis

c:\program files\AskBarDis\bar\bin\askBar.dll

c:\program files\AskBarDis\bar\History\search

c:\program files\Viewpoint

c:\program files\Viewpoint\Common\ViewpointService.exe

c:\program files\Viewpoint\Common\VistaBoot.sdll

c:\program files\Viewpoint\Viewpoint Experience Technology\AxMetaStream.dll

c:\program files\Viewpoint\Viewpoint Experience Technology\ClassIDs.ini

c:\program files\Viewpoint\Viewpoint Experience Technology\ComponentMgr_0305001C.dll

c:\program files\Viewpoint\Viewpoint Experience Technology\ComponentRegistry.ini

c:\program files\Viewpoint\Viewpoint Experience Technology\Components\AOLArt.dll

c:\program files\Viewpoint\Viewpoint Experience Technology\Components\AOLShell.dll

c:\program files\Viewpoint\Viewpoint Experience Technology\Components\AOLUserShell.dll

c:\program files\Viewpoint\Viewpoint Experience Technology\Components\Cursors.dll

c:\program files\Viewpoint\Viewpoint Experience Technology\Components\DataTracking.dll

c:\program files\Viewpoint\Viewpoint Experience Technology\Components\GifReader.dll

c:\program files\Viewpoint\Viewpoint Experience Technology\Components\JpegReader.dll

c:\program files\Viewpoint\Viewpoint Experience Technology\Components\LensFlares.dll

c:\program files\Viewpoint\Viewpoint Experience Technology\Components\Mts3Reader.dll

c:\program files\Viewpoint\Viewpoint Experience Technology\Components\ObjectMovie.dll

c:\program files\Viewpoint\Viewpoint Experience Technology\Components\SceneComponent.dll

c:\program files\Viewpoint\Viewpoint Experience Technology\Components\ServiceComponent.dll

c:\program files\Viewpoint\Viewpoint Experience Technology\Components\SreeDMMX.dll

c:\program files\Viewpoint\Viewpoint Experience Technology\Components\SWFView.dll

c:\program files\Viewpoint\Viewpoint Experience Technology\Components\VectorView.dll

c:\program files\Viewpoint\Viewpoint Experience Technology\Components\VETScriptInterpreter.dll

c:\program files\Viewpoint\Viewpoint Experience Technology\Components\VMPAudio.dll

c:\program files\Viewpoint\Viewpoint Experience Technology\Components\VMPExtras.dll

c:\program files\Viewpoint\Viewpoint Experience Technology\Components\VMPSpeech.dll

c:\program files\Viewpoint\Viewpoint Experience Technology\Components\VMPVideo.dll

c:\program files\Viewpoint\Viewpoint Experience Technology\Components\VMPVideo2.dll

c:\program files\Viewpoint\Viewpoint Experience Technology\Components\WaveletReader.dll

c:\program files\Viewpoint\Viewpoint Experience Technology\Components\ZoomView.dll

c:\program files\Viewpoint\Viewpoint Experience Technology\DownLoadHist.ini

c:\program files\Viewpoint\Viewpoint Experience Technology\HostRegistry.ini

c:\program files\Viewpoint\Viewpoint Experience Technology\MetaStreamConfig.ini

c:\program files\Viewpoint\Viewpoint Experience Technology\MetaStreamID.ini

c:\program files\Viewpoint\Viewpoint Experience Technology\MtsAxInstaller.exe

c:\program files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll

c:\program files\Viewpoint\Viewpoint Experience Technology\npViewpoint.xpt

c:\windows\arazaqawi.dll

c:\windows\ibupopep.dll

c:\windows\system32\bincd32.dat

c:\windows\system32\lowsec

c:\windows\system32\lowsec\local.ds

c:\windows\system32\lowsec\user.ds

c:\windows\system32\sdra64.exe

Infected copy of c:\windows\system32\drivers\ndis.sys was found and disinfected

Restored copy from - The cat ate it :)

.

((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))

.

-------\Legacy_VIEWPOINT_MANAGER_SERVICE

-------\Service_Viewpoint Manager Service

((((((((((((((((((((((((( Files Created from 2009-07-06 to 2009-08-06 )))))))))))))))))))))))))))))))

.

2009-08-03 17:47 . 2009-08-03 17:47 -------- d-----w- c:\documents and settings\Owner\Application Data\AVG8

2009-08-03 02:46 . 2009-08-04 20:45 -------- d-----w- C:\DVD_01_1

2009-08-03 02:32 . 2003-01-26 18:41 40960 ----a-w- c:\windows\system32\ssubtmr6.dll

2009-08-03 01:44 . 2009-08-03 01:44 -------- d-----w- c:\documents and settings\Owner\Local Settings\Application Data\WinAVI

2009-08-03 01:44 . 2009-08-03 02:49 -------- d-----w- c:\program files\WinAVI Video Converter

2009-08-03 01:01 . 2009-08-03 01:01 -------- d-----w- C:\ConverterOutput

2009-08-03 00:58 . 2009-08-03 00:58 -------- d-----w- c:\program files\Cucusoft

2009-08-01 21:25 . 2009-08-01 21:25 1140 ---ha-w- C:\aaw7boot.cmd

2009-08-01 15:04 . 2009-08-01 15:04 -------- dc----w- c:\documents and settings\All Users\Application Data\{EF63305C-BAD7-4144-9208-D65528260864}

2009-08-01 15:04 . 2009-07-08 17:28 2920112 -c--a-w- c:\documents and settings\All Users\Application Data\{EF63305C-BAD7-4144-9208-D65528260864}\Ad-AwareAE.exe

2009-07-30 04:31 . 2009-07-30 04:31 -------- d-----w- c:\program files\Common Files\DVDVideoSoft

2009-07-30 04:31 . 2009-07-30 04:31 -------- d-----w- c:\program files\DVDVideoSoft

2009-07-30 01:27 . 2009-07-30 01:27 -------- d-----w- c:\program files\Pixelan

2009-07-30 01:25 . 2009-07-30 01:25 -------- d-----w- c:\program files\Sonic Foundry

2009-07-30 01:23 . 2009-07-30 01:23 -------- d-----w- c:\program files\Common Files\eSellerate

2009-07-30 01:22 . 2004-03-29 21:23 90112 ----a-w- c:\windows\unvise32.exe

2009-07-30 01:21 . 2009-07-30 01:22 -------- d-----w- c:\program files\Magic Bullet Editors 2.0 Vegas

2009-07-30 00:32 . 2009-07-30 00:32 -------- d-----w- c:\documents and settings\Owner\Application Data\DivX

2009-07-29 23:41 . 2009-07-29 23:41 -------- d-----w- C:\DVDVideoSoft

2009-07-29 02:10 . 2009-07-29 02:11 -------- d-----w- c:\documents and settings\All Users\CyberLink

2009-07-29 01:06 . 2009-07-30 00:47 -------- d-----w- c:\program files\ACE Mega CoDecS Pack

2009-07-29 00:47 . 2002-01-16 13:45 224256 ----a-w- c:\windows\system32\MMIJG32.dll

2009-07-29 00:44 . 2009-07-29 00:44 120 ----a-w- c:\windows\Thofirogodinire.dat

2009-07-28 12:44 . 2009-07-28 12:44 -------- d-sh--w- c:\documents and settings\Administrator\IETldCache

2009-07-27 22:22 . 2004-08-05 20:58 65536 ----a-w- c:\windows\system32\NeroCo.dll

2009-07-27 22:22 . 2004-08-04 19:19 2031616 ------w- c:\windows\UNNeroBurnRights.exe

2009-07-27 01:11 . 2009-07-27 01:11 -------- d-----w- c:\program files\Vstplugins

2009-07-27 01:11 . 2009-07-27 01:11 -------- d-----w- c:\documents and settings\All Users\Application Data\Sony

2009-07-19 16:46 . 2009-07-19 16:47 -------- d-----w- c:\program files\LimeWire

2009-07-18 21:40 . 2009-07-18 21:40 69632 ----a-r- c:\documents and settings\Owner\Application Data\Microsoft\Installer\{EE59E3BD-6B7D-4BBB-B9CD-20EA7AEF1E10}\NewShortcut600_C6ABA3677F944B9FBB00F060701B0B5A.exe

2009-07-18 21:40 . 2009-07-18 21:40 69632 ----a-r- c:\documents and settings\Owner\Application Data\Microsoft\Installer\{EE59E3BD-6B7D-4BBB-B9CD-20EA7AEF1E10}\NewShortcut60_C6ABA3677F944B9FBB00F060701B0B5A.exe

2009-07-18 21:40 . 2009-07-18 21:40 69632 ----a-r- c:\documents and settings\Owner\Application Data\Microsoft\Installer\{EE59E3BD-6B7D-4BBB-B9CD-20EA7AEF1E10}\NewShortcut6_C6ABA3677F944B9FBB00F060701B0B5A.exe

2009-07-18 21:40 . 2009-07-18 21:40 69632 ----a-r- c:\documents and settings\Owner\Application Data\Microsoft\Installer\{EE59E3BD-6B7D-4BBB-B9CD-20EA7AEF1E10}\NewShortcut5_C6ABA3677F944B9FBB00F060701B0B5A.exe

2009-07-18 21:40 . 2009-07-18 21:40 69632 ----a-r- c:\documents and settings\Owner\Application Data\Microsoft\Installer\{EE59E3BD-6B7D-4BBB-B9CD-20EA7AEF1E10}\NewShortcut4_C6ABA3677F944B9FBB00F060701B0B5A.exe

2009-07-18 21:40 . 2009-07-18 21:40 69632 ----a-r- c:\documents and settings\Owner\Application Data\Microsoft\Installer\{EE59E3BD-6B7D-4BBB-B9CD-20EA7AEF1E10}\NewShortcut3_C6ABA3677F944B9FBB00F060701B0B5A.exe

2009-07-18 21:40 . 2009-07-18 21:40 69632 ----a-r- c:\documents and settings\Owner\Application Data\Microsoft\Installer\{EE59E3BD-6B7D-4BBB-B9CD-20EA7AEF1E10}\NewShortcut12_C6ABA3677F944B9FBB00F060701B0B5A.exe

2009-07-18 21:40 . 2009-07-18 21:40 69632 ----a-r- c:\documents and settings\Owner\Application Data\Microsoft\Installer\{EE59E3BD-6B7D-4BBB-B9CD-20EA7AEF1E10}\DesktopMgr.exe

2009-07-18 21:40 . 2009-07-18 21:40 49152 ----a-r- c:\documents and settings\Owner\Application Data\Microsoft\Installer\{EE59E3BD-6B7D-4BBB-B9CD-20EA7AEF1E10}\RedirectorEXE2_770DFD1204C24F4DA163D64FACCB5CBD.exe

2009-07-18 21:40 . 2009-07-18 21:40 49152 ----a-r- c:\documents and settings\Owner\Application Data\Microsoft\Installer\{EE59E3BD-6B7D-4BBB-B9CD-20EA7AEF1E10}\RedirectorEXE1_770DFD1204C24F4DA163D64FACCB5CBD.exe

2009-07-18 21:40 . 2009-07-18 21:40 49152 ----a-r- c:\documents and settings\Owner\Application Data\Microsoft\Installer\{EE59E3BD-6B7D-4BBB-B9CD-20EA7AEF1E10}\RedirectorEXE_770DFD1204C24F4DA163D64FACCB5CBD.exe

2009-07-16 19:25 . 2009-07-16 19:26 -------- d-----w- c:\program files\iTunes

2009-07-16 19:20 . 2009-07-16 19:20 75040 ----a-w- c:\documents and settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 8.2.1.6\SetupAdmin.exe

2009-07-15 23:12 . 2009-07-15 23:12 -------- d-sh--w- c:\windows\System Volume Information

2009-07-15 20:33 . 2009-07-18 00:33 -------- d-----w- c:\documents and settings\Owner\Local Settings\Application Data\Temp

2009-07-12 20:46 . 2009-07-12 20:46 -------- d-----w- c:\documents and settings\Owner\Application Data\Prevx

2009-07-12 16:50 . 2009-07-12 16:50 -------- d-sh--w- c:\windows\system32\config\systemprofile\PrivacIE

2009-07-12 16:33 . 2009-08-06 20:18 182656 -c--a-w- c:\windows\system32\dllcache\ndis.sys

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2009-08-06 20:38 . 2007-04-11 22:34 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP

2009-08-06 20:18 . 2005-04-13 16:55 182656 ----a-w- c:\windows\system32\drivers\ndis.sys

2009-08-05 12:53 . 2008-06-12 20:37 256 ----a-w- c:\windows\system32\pool.bin

2009-08-05 12:41 . 2009-05-17 15:16 55656 ----a-w- c:\windows\system32\drivers\avgntflt.sys

2009-08-04 23:15 . 2008-09-07 16:42 -------- d-----w- c:\program files\SpywareBlaster

2009-08-04 22:55 . 2009-02-23 17:05 -------- d-----w- c:\program files\Sony

2009-08-03 03:12 . 2005-08-10 23:49 -------- d-----w- c:\documents and settings\Owner\Application Data\Azureus

2009-08-03 02:47 . 2009-03-09 18:14 58904 ----a-w- c:\windows\system32\azipcontmn.dll

2009-08-01 15:04 . 2009-06-05 12:17 -------- d-----w- c:\program files\Lavasoft

2009-08-01 14:38 . 2006-01-02 03:46 -------- d-----w- c:\program files\DivX

2009-08-01 14:20 . 2009-05-17 14:51 117760 ----a-w- c:\documents and settings\Owner\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL

2009-08-01 14:12 . 2005-08-06 02:48 -------- d--h--w- c:\program files\InstallShield Installation Information

2009-08-01 14:12 . 2005-08-06 03:10 -------- d-----w- c:\program files\CyberLink

2009-08-01 14:07 . 2009-05-17 17:14 -------- d-----w- c:\program files\MoviePod

2009-08-01 13:09 . 2008-05-06 01:38 -------- d-----w- c:\program files\Microsoft Silverlight

2009-07-30 22:21 . 2009-02-23 17:05 -------- d-----w- c:\program files\Sony Setup

2009-07-30 03:52 . 2009-02-23 17:07 -------- d-----w- c:\documents and settings\Owner\Application Data\Sony

2009-07-30 00:17 . 2006-01-17 02:52 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy

2009-07-29 01:48 . 2009-02-22 17:58 36864 ----a-w- c:\documents and settings\All Users\Application Data\TEMP\{9867824A-C86D-4A83-8F3C-E7A86BE0AFD3}\PostBuild.exe

2009-07-29 01:08 . 2009-01-26 13:26 -------- d-----w- c:\program files\QuickTime

2009-07-28 12:47 . 2009-07-12 17:34 -------- d-----w- c:\documents and settings\All Users\Application Data\Prevx

2009-07-28 02:31 . 2007-07-10 15:41 -------- d-----w- c:\documents and settings\Owner\Application Data\Ahead

2009-07-27 22:22 . 2008-02-09 16:18 -------- d-----w- c:\program files\Ahead

2009-07-27 00:25 . 2006-01-20 01:16 -------- d-----w- c:\program files\Azureus

2009-07-26 00:14 . 2008-08-20 02:22 -------- d-----w- c:\documents and settings\Owner\Application Data\FrostWire

2009-07-19 16:43 . 2008-10-24 00:59 410984 ----a-w- c:\windows\system32\deploytk.dll

2009-07-18 21:40 . 2008-01-17 19:35 -------- d-----w- c:\program files\Common Files\Research In Motion

2009-07-18 00:33 . 2009-05-28 02:03 -------- d-----w- c:\program files\Google

2009-07-16 19:54 . 2008-06-12 20:40 256 ----a-w- c:\documents and settings\Owner\pool.bin

2009-07-16 19:25 . 2006-02-04 20:27 -------- d-----w- c:\program files\iPod

2009-07-16 19:25 . 2007-07-11 18:53 -------- d-----w- c:\program files\Common Files\Apple

2009-07-16 01:21 . 2008-08-23 22:57 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2009-07-16 01:12 . 2009-03-29 00:26 3775176 ----a-w- c:\documents and settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe

2009-07-15 23:19 . 2008-10-19 20:17 -------- d-----w- c:\program files\Spybot - Search & Destroy

2009-07-13 18:36 . 2008-08-23 22:58 38160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2009-07-13 18:36 . 2008-08-23 22:58 19096 ----a-w- c:\windows\system32\drivers\mbam.sys

2009-07-12 21:42 . 2005-08-08 23:47 49152 ----a-r- c:\documents and settings\Owner\Application Data\Microsoft\Installer\{15377C3E-9655-400F-B441-E69F0A6BEAFE}\NewShortcut3_15377C3E9655400FB441E69F0A6BEAFE.EXE

2009-07-12 21:42 . 2005-08-08 23:47 45056 ----a-r- c:\documents and settings\Owner\Application Data\Microsoft\Installer\{15377C3E-9655-400F-B441-E69F0A6BEAFE}\NewShortcut2_15377C3E9655400FB441E69F0A6BEAFE.EXE

2009-07-12 21:42 . 2005-08-08 23:47 45056 ----a-r- c:\documents and settings\Owner\Application Data\Microsoft\Installer\{15377C3E-9655-400F-B441-E69F0A6BEAFE}\NewShortcut1_15377C3E9655400FB441E69F0A6BEAFE.exe

2009-07-12 21:42 . 2005-08-08 23:47 10134 ----a-r- c:\documents and settings\Owner\Application Data\Microsoft\Installer\{15377C3E-9655-400F-B441-E69F0A6BEAFE}\ARPPRODUCTICON.exe

2009-07-12 20:59 . 2006-08-05 15:03 -------- d-----w- c:\documents and settings\Owner\Application Data\RipIt4Me

2009-07-09 21:16 . 2006-11-09 22:24 664 ----a-w- c:\windows\system32\d3d9caps.dat

2009-07-09 00:14 . 2005-10-24 17:15 -------- d-----w- c:\documents and settings\Owner\Application Data\Apple Computer

2009-07-03 17:09 . 2005-04-13 16:56 915456 ----a-w- c:\windows\system32\wininet.dll

2009-07-03 14:49 . 2009-06-05 12:17 64160 ----a-w- c:\windows\system32\drivers\Lbd.sys

2009-06-29 22:29 . 2009-02-07 17:40 -------- d-----w- c:\program files\PC Tools Firewall Plus

2009-06-23 03:46 . 2009-06-23 03:46 12685312 ---ha-w- c:\documents and settings\Owner\ntuser.tmp

2009-06-22 12:39 . 2008-03-03 17:47 -------- d-----w- c:\documents and settings\All Users\Application Data\Lavasoft

2009-06-16 21:08 . 2009-06-16 20:49 -------- d-----w- c:\program files\AZPR

2009-06-16 14:36 . 2005-04-13 16:56 119808 ------w- c:\windows\system32\t2embed.dll

2009-06-16 14:36 . 2005-04-13 16:55 81920 ------w- c:\windows\system32\fontsub.dll

2009-06-14 14:40 . 2009-06-14 14:40 26694 ----a-r- c:\documents and settings\Owner\Application Data\Microsoft\Installer\{51D7494B-6C54-468F-98E1-1A9997C89329}\NewShortcut600_C6ABA3677F944B9FBB00F060701B0B5A.exe

2009-06-14 14:40 . 2009-06-14 14:40 26694 ----a-r- c:\documents and settings\Owner\Application Data\Microsoft\Installer\{51D7494B-6C54-468F-98E1-1A9997C89329}\NewShortcut60_C6ABA3677F944B9FBB00F060701B0B5A.exe

2009-06-14 14:40 . 2009-06-14 14:40 26694 ----a-r- c:\documents and settings\Owner\Application Data\Microsoft\Installer\{51D7494B-6C54-468F-98E1-1A9997C89329}\NewShortcut6_C6ABA3677F944B9FBB00F060701B0B5A.exe

2009-06-14 14:40 . 2009-06-14 14:40 26694 ----a-r- c:\documents and settings\Owner\Application Data\Microsoft\Installer\{51D7494B-6C54-468F-98E1-1A9997C89329}\NewShortcut5_C6ABA3677F944B9FBB00F060701B0B5A.exe

2009-06-14 14:40 . 2009-06-14 14:40 26694 ----a-r- c:\documents and settings\Owner\Application Data\Microsoft\Installer\{51D7494B-6C54-468F-98E1-1A9997C89329}\NewShortcut4_C6ABA3677F944B9FBB00F060701B0B5A.exe

2009-06-14 14:40 . 2009-06-14 14:40 26694 ----a-r- c:\documents and settings\Owner\Application Data\Microsoft\Installer\{51D7494B-6C54-468F-98E1-1A9997C89329}\NewShortcut3_C6ABA3677F944B9FBB00F060701B0B5A.exe

2009-06-14 14:40 . 2009-06-14 14:40 26694 ----a-r- c:\documents and settings\Owner\Application Data\Microsoft\Installer\{51D7494B-6C54-468F-98E1-1A9997C89329}\NewShortcut12_C6ABA3677F944B9FBB00F060701B0B5A.exe

2009-06-14 14:40 . 2009-06-14 14:40 69632 ----a-r- c:\documents and settings\Owner\Application Data\Microsoft\Installer\{51D7494B-6C54-468F-98E1-1A9997C89329}\DesktopMgr.exe

2009-06-14 14:38 . 2009-06-14 14:38 -------- d-----w- c:\documents and settings\Owner\Application Data\InstallShield

2009-06-11 14:35 . 2009-06-11 14:48 177844 ----a-w- c:\windows\pchealth\helpctr\Config\Cache\Professional_32_1033.dat

2009-06-05 16:42 . 2009-03-28 16:14 2060288 ----a-w- c:\windows\system32\usbaaplrc.dll

2009-06-05 16:42 . 2007-11-22 20:36 39424 ----a-w- c:\windows\system32\drivers\usbaapl.sys

2009-06-04 02:22 . 2005-08-09 02:32 94576 ----a-w- c:\documents and settings\Owner\Local Settings\Application Data\GDIPFONTCACHEV1.DAT

2009-06-03 19:09 . 2005-04-13 16:55 1291264 ----a-w- c:\windows\system32\quartz.dll

2009-05-09 06:14 . 2009-02-11 16:07 1418120 ----a-w- c:\windows\system32\wdfcoinstaller01005.dll

2009-05-09 06:14 . 2009-02-11 16:07 14736 ----a-w- c:\windows\system32\drivers\nuidfltr.sys

2005-08-09 00:32 . 2005-08-09 00:32 0 -csha-w- c:\windows\SMINST\HPCD.sys

.

((((((((((((((((((((((((((((( SnapShot@2009-08-03_22.44.38 )))))))))))))))))))))))))))))))))))))))))

.

- 2009-08-03 22:40 . 2009-08-03 22:40 32768 c:\windows\Temp\Temporary Internet Files\Content.IE5\index.dat

+ 2009-08-06 20:18 . 2009-08-06 20:18 32768 c:\windows\Temp\Temporary Internet Files\Content.IE5\index.dat

+ 2009-08-06 20:29 . 2009-08-06 20:29 16384 c:\windows\Temp\Perflib_Perfdata_ec.dat

+ 2009-08-06 20:18 . 2009-08-06 20:18 16384 c:\windows\Temp\History\History.IE5\index.dat

- 2009-08-03 22:40 . 2009-08-03 22:40 16384 c:\windows\Temp\History\History.IE5\index.dat

+ 2009-08-06 20:18 . 2009-08-06 20:18 16384 c:\windows\Temp\Cookies\index.dat

- 2009-08-03 22:40 . 2009-08-03 22:40 16384 c:\windows\Temp\Cookies\index.dat

+ 2009-08-06 12:19 . 2009-08-06 20:18 32768 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\MSHist012009080620090807\index.dat

+ 2009-08-05 13:25 . 2009-08-06 00:15 49152 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\MSHist012009080520090806\index.dat

+ 2009-08-04 19:53 . 2009-08-05 04:40 49152 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\MSHist012009080420090805\index.dat

- 2009-08-03 12:40 . 2009-08-03 21:34 32768 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\MSHist012009080320090804\index.dat

+ 2009-08-03 12:40 . 2009-08-03 22:54 32768 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\MSHist012009080320090804\index.dat

+ 2009-08-04 23:41 . 2009-08-05 04:45 12288 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{577BA317-8150-11DE-A999-0018F808FE77}.dat

+ 2009-08-05 13:23 . 2009-08-06 00:14 18432 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{2B19421B-81C3-11DE-A99A-0018F808FE77}.dat

+ 2009-08-05 16:35 . 2009-08-05 16:41 39424 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{F56EBF88-81DD-11DE-A99A-0018F808FE77}.dat

+ 2009-08-05 03:27 . 2009-08-05 03:28 13824 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{E8EC3F38-816F-11DE-A999-0018F808FE77}.dat

+ 2009-08-05 16:49 . 2009-08-05 16:59 30208 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{DE75F5BA-81DF-11DE-A99A-0018F808FE77}.dat

+ 2009-08-05 15:29 . 2009-08-05 15:31 95232 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{D5060F0C-81D4-11DE-A99A-0018F808FE77}.dat

+ 2009-08-05 02:13 . 2009-08-05 02:14 95232 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{9488EAEA-8165-11DE-A999-0018F808FE77}.dat

+ 2009-08-04 22:17 . 2009-08-04 23:11 22528 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{8E8C9756-8144-11DE-A998-0018F808FE77}.dat

+ 2009-08-05 04:43 . 2009-08-05 04:43 41984 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{7D298DD6-817A-11DE-A999-0018F808FE77}.dat

+ 2009-08-05 03:24 . 2009-08-05 03:25 17920 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{7C203044-816F-11DE-A999-0018F808FE77}.dat

+ 2009-08-05 01:44 . 2009-08-05 01:49 27136 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{77A58FB8-8161-11DE-A999-0018F808FE77}.dat

+ 2009-08-05 18:25 . 2009-08-05 18:26 39936 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{63D2D5CC-81ED-11DE-A99A-0018F808FE77}.dat

+ 2009-08-05 17:13 . 2009-08-05 17:14 95744 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{59CF9D12-81E3-11DE-A99A-0018F808FE77}.dat

+ 2009-08-04 23:41 . 2009-08-05 00:41 36864 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{577BA318-8150-11DE-A999-0018F808FE77}.dat

+ 2009-08-05 03:23 . 2009-08-05 03:23 13824 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{509D45C4-816F-11DE-A999-0018F808FE77}.dat

+ 2009-08-06 00:15 . 2009-08-06 00:39 35840 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{49BAF4F8-821E-11DE-A99A-0018F808FE77}.dat

+ 2009-08-05 13:24 . 2009-08-05 14:27 34816 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{475D4316-81C3-11DE-A99A-0018F808FE77}.dat

+ 2009-08-05 04:41 . 2009-08-05 04:42 95744 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{364521BE-817A-11DE-A999-0018F808FE77}.dat

+ 2009-08-06 20:17 . 2009-08-06 20:18 41472 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{28F7C7DA-82C6-11DE-A99A-0018F808FE77}.dat

+ 2009-08-04 21:52 . 2009-08-04 22:05 10240 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{25CE8A66-8141-11DE-A997-0018F808FE77}.dat

+ 2009-08-05 17:12 . 2009-08-05 17:13 95232 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{1634CF14-81E3-11DE-A99A-0018F808FE77}.dat

- 2009-07-15 23:12 . 2009-08-03 22:06 32768 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Feeds Cache\index.dat

+ 2009-07-15 23:12 . 2009-08-06 20:18 32768 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Feeds Cache\index.dat

+ 2009-06-05 12:26 . 2009-08-06 20:18 16384 c:\windows\system32\config\systemprofile\IETldCache\index.dat

- 2009-06-05 12:26 . 2009-08-03 22:06 16384 c:\windows\system32\config\systemprofile\IETldCache\index.dat

+ 2005-04-13 17:24 . 2009-08-06 20:18 32768 c:\windows\system32\config\systemprofile\Cookies\index.dat

- 2005-04-13 17:24 . 2009-08-03 22:06 32768 c:\windows\system32\config\systemprofile\Cookies\index.dat

- 2009-07-12 17:11 . 2009-08-03 12:35 32768 c:\windows\system32\config\systemprofile\Application Data\Microsoft\Internet Explorer\UserData\index.dat

+ 2009-07-12 17:11 . 2009-08-06 00:14 32768 c:\windows\system32\config\systemprofile\Application Data\Microsoft\Internet Explorer\UserData\index.dat

+ 2009-08-03 22:54 . 2009-08-04 01:46 6656 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{AAB3ED85-8080-11DE-A996-0018F808FE77}.dat

+ 2009-08-04 22:17 . 2009-08-04 22:17 3584 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{8E8C9755-8144-11DE-A998-0018F808FE77}.dat

+ 2009-08-06 20:18 . 2009-08-06 20:18 3584 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{49D59287-82C6-11DE-A99A-0018F808FE77}.dat

+ 2009-08-06 00:15 . 2009-08-06 20:17 7168 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{49BAF4F7-821E-11DE-A99A-0018F808FE77}.dat

+ 2009-08-04 19:37 . 2009-08-04 21:52 5120 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{44DDDB07-812E-11DE-A997-0018F808FE77}.dat

+ 2009-08-04 22:06 . 2009-08-04 22:06 3584 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{0E3AC7C1-8143-11DE-A997-0018F808FE77}.dat

+ 2009-08-05 02:16 . 2009-08-05 02:16 9728 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{FB6FC954-8165-11DE-A999-0018F808FE77}.dat

+ 2009-08-05 17:25 . 2009-08-05 17:25 3584 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{F5DFE9F4-81E4-11DE-A99A-0018F808FE77}.dat

+ 2009-08-05 19:55 . 2009-08-05 19:55 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{F0EA15EA-81F9-11DE-A99A-0018F808FE77}.dat

+ 2009-08-06 00:13 . 2009-08-06 00:13 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{E77C2E52-821D-11DE-A99A-0018F808FE77}.dat

+ 2009-08-05 03:34 . 2009-08-05 03:35 9728 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{E64ECA2E-8170-11DE-A999-0018F808FE77}.dat

+ 2009-08-05 23:08 . 2009-08-05 23:08 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{E39A40AC-8214-11DE-A99A-0018F808FE77}.dat

+ 2009-08-05 17:17 . 2009-08-05 17:17 9728 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{DC8CD04E-81E3-11DE-A99A-0018F808FE77}.dat

+ 2009-08-04 00:07 . 2009-08-04 00:08 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{D8BACBBA-808A-11DE-A996-0018F808FE77}.dat

+ 2009-08-03 23:03 . 2009-08-03 23:03 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{D856EFEA-8081-11DE-A996-0018F808FE77}.dat

+ 2009-08-05 04:45 . 2009-08-05 04:45 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{CD2C181C-817A-11DE-A999-0018F808FE77}.dat

+ 2009-08-05 19:54 . 2009-08-05 19:54 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{C9F044A0-81F9-11DE-A99A-0018F808FE77}.dat

+ 2009-08-05 17:16 . 2009-08-05 17:17 9728 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{BC68FD10-81E3-11DE-A99A-0018F808FE77}.dat

+ 2009-08-03 22:54 . 2009-08-03 22:55 9216 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{AAB3ED86-8080-11DE-A996-0018F808FE77}.dat

+ 2009-08-05 18:27 . 2009-08-05 18:27 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{AA9AA5AC-81ED-11DE-A99A-0018F808FE77}.dat

+ 2009-08-03 23:02 . 2009-08-03 23:02 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{A5FE075E-8081-11DE-A996-0018F808FE77}.dat

+ 2009-08-05 04:44 . 2009-08-05 04:44 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{A2789A32-817A-11DE-A999-0018F808FE77}.dat

+ 2009-08-06 20:13 . 2009-08-06 20:13 7168 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{9882ACC4-82C5-11DE-A99A-0018F808FE77}.dat

+ 2009-08-05 03:32 . 2009-08-05 03:32 9728 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{952BC35E-8170-11DE-A999-0018F808FE77}.dat

+ 2009-08-04 01:45 . 2009-08-04 01:46 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{8A7D15B2-8098-11DE-A996-0018F808FE77}.dat

+ 2009-08-05 15:34 . 2009-08-05 15:34 3584 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{8658F4CC-81D5-11DE-A99A-0018F808FE77}.dat

+ 2009-08-05 18:26 . 2009-08-05 18:26 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{83DED186-81ED-11DE-A99A-0018F808FE77}.dat

+ 2009-08-05 21:03 . 2009-08-05 21:03 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{79103874-8203-11DE-A99A-0018F808FE77}.dat

+ 2009-08-05 03:31 . 2009-08-05 03:31 9728 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{785B17A2-8170-11DE-A999-0018F808FE77}.dat

+ 2009-08-05 15:34 . 2009-08-05 15:34 9728 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{78204DF6-81D5-11DE-A99A-0018F808FE77}.dat

+ 2009-08-04 01:16 . 2009-08-04 01:16 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{6E2402E4-8094-11DE-A996-0018F808FE77}.dat

+ 2009-08-04 00:11 . 2009-08-04 00:11 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{6BAA1854-808B-11DE-A996-0018F808FE77}.dat

+ 2009-08-06 20:12 . 2009-08-06 20:12 9728 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{68F505B0-82C5-11DE-A99A-0018F808FE77}.dat

+ 2009-08-06 12:19 . 2009-08-06 12:19 3584 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{61C01B00-8283-11DE-A99A-0018F808FE77}.dat

+ 2009-08-05 22:07 . 2009-08-05 22:07 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{54204334-820C-11DE-A99A-0018F808FE77}.dat

+ 2009-08-05 21:02 . 2009-08-05 21:02 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{520A7B68-8203-11DE-A99A-0018F808FE77}.dat

+ 2009-08-05 14:29 . 2009-08-05 14:29 3584 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{4E080FDA-81CC-11DE-A99A-0018F808FE77}.dat

+ 2009-08-04 19:52 . 2009-08-04 19:53 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{4DCAE750-8130-11DE-A997-0018F808FE77}.dat

+ 2009-08-06 20:18 . 2009-08-06 20:18 4608 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{49D59288-82C6-11DE-A99A-0018F808FE77}.dat

+ 2009-08-04 01:22 . 2009-08-04 01:22 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{47559BAE-8095-11DE-A996-0018F808FE77}.dat

+ 2009-08-04 19:37 . 2009-08-04 19:37 4608 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{44DDDB08-812E-11DE-A997-0018F808FE77}.dat

+ 2009-08-04 00:10 . 2009-08-04 00:10 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{4388A372-808B-11DE-A996-0018F808FE77}.dat

+ 2009-08-05 17:20 . 2009-08-05 17:20 9728 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{3D71E1F6-81E4-11DE-A99A-0018F808FE77}.dat

+ 2009-08-05 23:10 . 2009-08-05 23:11 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{3992ABF2-8215-11DE-A99A-0018F808FE77}.dat

+ 2009-08-05 15:32 . 2009-08-05 15:33 9728 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{397780A6-81D5-11DE-A99A-0018F808FE77}.dat

+ 2009-08-05 02:17 . 2009-08-05 02:17 3584 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{2BFA29AC-8166-11DE-A999-0018F808FE77}.dat

+ 2009-08-05 22:06 . 2009-08-05 22:06 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{2B76E848-820C-11DE-A99A-0018F808FE77}.dat

+ 2009-08-05 21:01 . 2009-08-05 21:01 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{2A9BD6E4-8203-11DE-A99A-0018F808FE77}.dat

+ 2009-08-05 03:36 . 2009-08-05 03:36 3584 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{279CB356-8171-11DE-A999-0018F808FE77}.dat

+ 2009-08-05 04:40 . 2009-08-05 04:41 9728 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{2722D474-817A-11DE-A999-0018F808FE77}.dat

+ 2009-08-05 02:17 . 2009-08-05 02:17 9728 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{1B3DC7EA-8166-11DE-A999-0018F808FE77}.dat

+ 2009-08-05 19:56 . 2009-08-05 19:56 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{1877B900-81FA-11DE-A99A-0018F808FE77}.dat

+ 2009-08-05 03:28 . 2009-08-05 03:29 9728 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{11FE819C-8170-11DE-A999-0018F808FE77}.dat

+ 2009-08-06 00:14 . 2009-08-06 00:14 4096 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{11A563E6-821E-11DE-A99A-0018F808FE77}.dat

+ 2009-08-06 00:14 . 2009-08-06 00:14 4096 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{11A563E5-821E-11DE-A99A-0018F808FE77}.dat

+ 2009-08-06 00:14 . 2009-08-06 00:14 4096 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{11A563E4-821E-11DE-A99A-0018F808FE77}.dat

+ 2009-08-06 00:14 . 2009-08-06 00:14 4096 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{11A563E3-821E-11DE-A99A-0018F808FE77}.dat

+ 2009-08-06 00:14 . 2009-08-06 00:14 4096 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{11A563E2-821E-11DE-A99A-0018F808FE77}.dat

+ 2009-08-06 00:14 . 2009-08-06 00:14 4096 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{11A563E1-821E-11DE-A99A-0018F808FE77}.dat

+ 2009-08-06 00:14 . 2009-08-06 00:14 4096 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{11A563E0-821E-11DE-A99A-0018F808FE77}.dat

+ 2009-08-06 00:14 . 2009-08-06 00:14 4096 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{11A563DF-821E-11DE-A99A-0018F808FE77}.dat

+ 2009-08-06 00:14 . 2009-08-06 00:14 4096 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{11A563DE-821E-11DE-A99A-0018F808FE77}.dat

+ 2009-08-06 00:14 . 2009-08-06 00:14 4096 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{11A563DD-821E-11DE-A99A-0018F808FE77}.dat

+ 2009-08-06 00:14 . 2009-08-06 00:14 4096 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{11A563DC-821E-11DE-A99A-0018F808FE77}.dat

+ 2009-08-06 00:14 . 2009-08-06 00:14 4096 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{11A563DB-821E-11DE-A99A-0018F808FE77}.dat

+ 2009-08-06 00:14 . 2009-08-06 00:14 4096 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{11A563DA-821E-11DE-A99A-0018F808FE77}.dat

+ 2009-08-06 00:14 . 2009-08-06 00:14 4096 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{11A563D9-821E-11DE-A99A-0018F808FE77}.dat

+ 2009-08-06 00:14 . 2009-08-06 00:14 4096 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{11A563D8-821E-11DE-A99A-0018F808FE77}.dat

+ 2009-08-05 23:09 . 2009-08-05 23:09 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{0EBDCD1C-8215-11DE-A99A-0018F808FE77}.dat

+ 2009-08-04 22:06 . 2009-08-04 22:06 7680 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{0E3AC7C2-8143-11DE-A997-0018F808FE77}.dat

+ 2009-08-05 00:43 . 2009-08-05 00:44 3584 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{0BA4EF5A-8159-11DE-A999-0018F808FE77}.dat

+ 2009-08-05 04:40 . 2009-08-05 04:40 9728 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{09F78F5C-817A-11DE-A999-0018F808FE77}.dat

+ 2009-08-05 17:18 . 2009-08-05 17:19 9728 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{08A5EEF4-81E4-11DE-A99A-0018F808FE77}.dat

+ 2009-08-05 03:35 . 2009-08-05 03:36 9728 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{065AC5E8-8171-11DE-A999-0018F808FE77}.dat

+ 2009-08-05 22:05 . 2009-08-05 22:05 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{039CF9F2-820C-11DE-A99A-0018F808FE77}.dat

+ 2009-07-12 16:50 . 2009-08-06 20:18 245760 c:\windows\system32\config\systemprofile\PrivacIE\index.dat

- 2005-04-13 17:24 . 2009-08-03 22:06 983040 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat

+ 2005-04-13 17:24 . 2009-08-06 20:18 983040 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat

+ 2009-08-05 17:17 . 2009-08-05 17:20 185344 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{E8DCB512-81E3-11DE-A99A-0018F808FE77}.dat

+ 2009-08-05 02:15 . 2009-08-05 02:17 177152 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{DA540186-8165-11DE-A999-0018F808FE77}.dat

+ 2009-08-05 03:26 . 2009-08-05 03:29 174592 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{C72992CE-816F-11DE-A999-0018F808FE77}.dat

+ 2009-08-05 03:33 . 2009-08-05 03:36 178176 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{C60733AA-8170-11DE-A999-0018F808FE77}.dat

+ 2009-08-05 17:23 . 2009-08-05 17:24 148480 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{A9296022-81E4-11DE-A99A-0018F808FE77}.dat

+ 2009-08-05 17:15 . 2009-08-05 17:17 174080 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{9CF597D6-81E3-11DE-A99A-0018F808FE77}.dat

+ 2009-08-05 03:18 . 2009-08-05 03:20 105984 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{9CB12FEE-816E-11DE-A999-0018F808FE77}.dat

+ 2009-08-05 04:36 . 2009-08-05 04:41 190464 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{97190330-8179-11DE-A999-0018F808FE77}.dat

+ 2009-08-05 17:20 . 2009-08-05 17:22 157184 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{52618846-81E4-11DE-A99A-0018F808FE77}.dat

+ 2009-08-06 20:11 . 2009-08-06 20:17 179712 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{489F2110-82C5-11DE-A99A-0018F808FE77}.dat

+ 2009-08-05 03:29 . 2009-08-05 03:32 215040 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{34196508-8170-11DE-A999-0018F808FE77}.dat

+ 2009-08-05 15:31 . 2009-08-05 15:34 179200 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{1966C038-81D5-11DE-A99A-0018F808FE77}.dat

+ 2009-08-05 03:21 . 2009-08-05 03:25 218112 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{097FA13C-816F-11DE-A999-0018F808FE77}.dat

+ 2008-07-20 23:38 . 2004-08-10 19:00 182912 c:\windows\$NtServicePackUninstall$\ndis.sys

- 2005-04-13 17:24 . 2009-08-03 22:06 2129920 c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat

+ 2005-04-13 17:24 . 2009-08-06 20:18 2129920 c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat

.

-- Snapshot reset to current date --

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"SpywareBlaster"="c:\program files\SpywareBlaster\spywareblaster.exe" [2009-04-09 1340944]

"ISUSPM"="c:\program files\Common Files\InstallShield\UpdateService\ISUSPM.exe" [2007-08-30 205480]

"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2006-10-19 204288]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2009-07-13 414992]

"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]

"ATIPTA"="c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2005-03-18 339968]

"00PCTFW"="c:\program files\PC Tools Firewall Plus\FirewallGUI.exe" [2009-02-24 2652056]

"IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2008-06-10 1406024]

"ShowWnd"="ShowWnd.exe" - c:\windows\ShowWnd.exe [2003-09-19 36864]

"CHotkey"="zHotkey.exe" - c:\windows\zHotkey.exe [2004-05-18 543232]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-02-26 437160]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]

"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]

@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

@="Driver"

[HKLM\~\startupfolder\C:^Documents and Settings^Owner^Start Menu^Programs^Startup^MagicDisc.lnk]

backup=c:\windows\pss\MagicDisc.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]

"PREVXAgent"=2 (0x2)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]

"EnableFirewall"= 0 (0x0)

"mW[

Link to post
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.