Innanzi tutto grazie pidue per il tempo che mi stai dedicando e le cose che sto imparando, ho preso nota ma prima vorrei sottoporti alcuni miei dubbi prima che creo qualche casino.
Io nel frattempo dal sito "megalab.it" ho letto qualcosa e scaricato alcuni programmini tipo il sophos, in particolare Il "Panda" "DarkSpy105" infine il "gmer" (l'ultimo sembrerebbe più acreditato), tutti questi non mi hanno rilevato alcun problema. Dalla scansione del Gmer ti mando il log della mia situazione. cosa ne pensi?
saluti.
GMER 1.0.13.12551 -
http://www.gmer.netRootkit scan 2007-09-03 17:44:17
Windows 5.1.2600 Service Pack 2
---- System - GMER 1.0.13 ----
SSDT sptd.sys ZwCreateKey
SSDT sptd.sys ZwEnumerateKey
SSDT sptd.sys ZwEnumerateValueKey
SSDT sptd.sys ZwOpenKey
SSDT sptd.sys ZwQueryKey
SSDT sptd.sys ZwQueryValueKey
SSDT sptd.sys ZwSetValueKey
Code \SystemRoot\system32\drivers\mfehidk.sys ZwCreateFile
Code \SystemRoot\system32\drivers\mfehidk.sys ZwCreateProcess
Code \SystemRoot\system32\drivers\mfehidk.sys ZwDeleteKey
Code \SystemRoot\system32\drivers\mfehidk.sys ZwDeleteValueKey
Code \SystemRoot\system32\drivers\mfehidk.sys ZwMapViewOfSection
Code \SystemRoot\system32\drivers\mfehidk.sys ZwProtectVirtualMemory
Code \SystemRoot\system32\drivers\mfehidk.sys ZwRenameKey
Code \SystemRoot\system32\drivers\mfehidk.sys ZwTerminateProcess
Code \SystemRoot\system32\drivers\mfehidk.sys ZwUnmapViewOfSection
Code \SystemRoot\system32\drivers\mfehidk.sys ZwYieldExecution
Code \SystemRoot\system32\drivers\mfehidk.sys NtCreateFile
Code \SystemRoot\system32\drivers\mfehidk.sys NtMapViewOfSection
---- Kernel code sections - GMER 1.0.13 ----
.text ntoskrnl.exe!_abnormal_termination + F3 804E2DC4 1 Byte [ B0 ]
.text ntoskrnl.exe!_abnormal_termination + F5 804E2DC6 2 Bytes [ 50, F7 ]
.text ntoskrnl.exe!ZwYieldExecution 804FC679 7 Bytes JMP B6CEE5C3 \SystemRoot\system32\drivers\mfehidk.sys
PAGE ntoskrnl.exe!NtCreateFile 8057164C 5 Bytes JMP B6CEE585 \SystemRoot\system32\drivers\mfehidk.sys
PAGE ntoskrnl.exe!ZwUnmapViewOfSection 80573789 5 Bytes JMP B6CEE5EF \SystemRoot\system32\drivers\mfehidk.sys
PAGE ntoskrnl.exe!NtMapViewOfSection 80573C04 7 Bytes JMP B6CEE5D9 \SystemRoot\system32\drivers\mfehidk.sys
PAGE ntoskrnl.exe!ZwProtectVirtualMemory 8057494D 7 Bytes JMP B6CEE599 \SystemRoot\system32\drivers\mfehidk.sys
PAGE ntoskrnl.exe!ZwTerminateProcess 8058AE1E 5 Bytes JMP B6CEE571 \SystemRoot\system32\drivers\mfehidk.sys
PAGE ntoskrnl.exe!ZwDeleteValueKey 80597430 7 Bytes JMP B6CEE545 \SystemRoot\system32\drivers\mfehidk.sys
PAGE ntoskrnl.exe!ZwDeleteKey 8059D6BD 7 Bytes JMP B6CEE519 \SystemRoot\system32\drivers\mfehidk.sys
PAGE ntoskrnl.exe!ZwCreateProcess 805B3543 5 Bytes JMP B6CEE5AF \SystemRoot\system32\drivers\mfehidk.sys
PAGE ntoskrnl.exe!ZwRenameKey 8064D39F 7 Bytes JMP B6CEE52F \SystemRoot\system32\drivers\mfehidk.sys
? C:\WINDOWS\system32\drivers\sptd.sys Impossibile accedere al file. Il file è utilizzato da un altro processo.
.text USBPORT.SYS!DllUnload B9C5762C 5 Bytes JMP 895C21B8
? System32\Drivers\aojktyf0.SYS Impossibile trovare il file specificato.
---- User code sections - GMER 1.0.13 ----
.text C:\WINDOWS\system32\svchost.exe[660] kernel32.dll!CreateFileA 7C801A24 5 Bytes JMP 003C000A
.text C:\WINDOWS\system32\svchost.exe[660] kernel32.dll!VirtualProtectEx 7C801A5D 5 Bytes JMP 003C00B8
.text C:\WINDOWS\system32\svchost.exe[660] kernel32.dll!VirtualProtect 7C801AD0 5 Bytes JMP 003C0FCD
.text C:\WINDOWS\system32\svchost.exe[660] kernel32.dll!LoadLibraryExW 7C801AF1 5 Bytes JMP 003C0FDE
.text C:\WINDOWS\system32\svchost.exe[660] kernel32.dll!LoadLibraryExA 7C801D4F 5 Bytes JMP 003C009B
.text C:\WINDOWS\system32\svchost.exe[660] kernel32.dll!LoadLibraryA 7C801D77 5 Bytes JMP 003C006C
.text C:\WINDOWS\system32\svchost.exe[660] kernel32.dll!GetStartupInfoW 7C801E50 5 Bytes JMP 003C0F8D
.text C:\WINDOWS\system32\svchost.exe[660] kernel32.dll!GetStartupInfoA 7C801EEE 5 Bytes JMP 003C00DF
.text C:\WINDOWS\system32\svchost.exe[660] kernel32.dll!CreateProcessW 7C802332 5 Bytes JMP 003C0F7C
.text C:\WINDOWS\system32\svchost.exe[660] kernel32.dll!CreateProcessA 7C802367 5 Bytes JMP 003C0115
.text C:\WINDOWS\system32\svchost.exe[660] kernel32.dll!GetProcAddress 7C80AC28 2 Bytes JMP 003C0130
.text C:\WINDOWS\system32\svchost.exe[660] kernel32.dll!GetProcAddress + 3 7C80AC2B 2 Bytes [ BB, 83 ]
.text C:\WINDOWS\system32\svchost.exe[660] kernel32.dll!LoadLibraryW 7C80ACD3 5 Bytes JMP 003C0FEF
.text C:\WINDOWS\system32\svchost.exe[660] kernel32.dll!CreateFileW 7C810976 5 Bytes JMP 003C0025
.text C:\WINDOWS\system32\svchost.exe[660] kernel32.dll!CreatePipe 7C81DD9A 5 Bytes JMP 003C0FA8
.text C:\WINDOWS\system32\svchost.exe[660] kernel32.dll!CreateNamedPipeW 7C82631D 5 Bytes JMP 003C005B
.text C:\WINDOWS\system32\svchost.exe[660] kernel32.dll!CreateNamedPipeA 7C85FA54 5 Bytes JMP 003C0040
.text C:\WINDOWS\system32\svchost.exe[660] kernel32.dll!WinExec 7C86114D 5 Bytes JMP 003C00FA
.text C:\WINDOWS\system32\svchost.exe[660] ADVAPI32.dll!RegOpenKeyExW 77F46A78 5 Bytes JMP 003B0FD4
.text C:\WINDOWS\system32\svchost.exe[660] ADVAPI32.dll!RegCreateKeyExW 77F47535 5 Bytes JMP 003B0F94
.text C:\WINDOWS\system32\svchost.exe[660] ADVAPI32.dll!RegOpenKeyExA 77F4761B 5 Bytes JMP 003B001B
.text C:\WINDOWS\system32\svchost.exe[660] ADVAPI32.dll!RegOpenKeyW 77F4770F 5 Bytes JMP 003B0FE5
.text C:\WINDOWS\system32\svchost.exe[660] ADVAPI32.dll!RegCreateKeyExA 77F4EAF4 5 Bytes JMP 003B0051
.text C:\WINDOWS\system32\svchost.exe[660] ADVAPI32.dll!RegCreateKeyW 77F68F7D 5 Bytes JMP 003B0FB9
.text C:\WINDOWS\system32\svchost.exe[660] ADVAPI32.dll!RegOpenKeyA 77F6C41B 5 Bytes JMP 003B0000
.text C:\WINDOWS\system32\svchost.exe[660] ADVAPI32.dll!RegCreateKeyA 77F6D5BB 5 Bytes JMP 003B0040
.text C:\WINDOWS\system32\svchost.exe[660] WS2_32.dll!socket 71A33B91 5 Bytes JMP 00390FEF
.text C:\WINDOWS\system32\services.exe[756] kernel32.dll!CreateFileA 7C801A24 5 Bytes JMP 00CE0FEF
.text C:\WINDOWS\system32\services.exe[756] kernel32.dll!VirtualProtectEx 7C801A5D 5 Bytes JMP 00CE00AB
.text C:\WINDOWS\system32\services.exe[756] kernel32.dll!VirtualProtect 7C801AD0 5 Bytes JMP 00CE009A
.text C:\WINDOWS\system32\services.exe[756] kernel32.dll!LoadLibraryExW 7C801AF1 5 Bytes JMP 00CE0FC0
.text C:\WINDOWS\system32\services.exe[756] kernel32.dll!LoadLibraryExA 7C801D4F 5 Bytes JMP 00CE007D
.text C:\WINDOWS\system32\services.exe[756] kernel32.dll!LoadLibraryA 7C801D77 5 Bytes JMP 00CE0051
.text C:\WINDOWS\system32\services.exe[756] kernel32.dll!GetStartupInfoW 7C801E50 5 Bytes JMP 00CE00E8
.text C:\WINDOWS\system32\services.exe[756] kernel32.dll!GetStartupInfoA 7C801EEE 5 Bytes JMP 00CE00CD
.text C:\WINDOWS\system32\services.exe[756] kernel32.dll!CreateProcessW 7C802332 5 Bytes JMP 00CE0F4F
.text C:\WINDOWS\system32\services.exe[756] kernel32.dll!CreateProcessA 7C802367 5 Bytes JMP 00CE0F6A
.text C:\WINDOWS\system32\services.exe[756] kernel32.dll!GetProcAddress 7C80AC28 5 Bytes JMP 00CE0F34
.text C:\WINDOWS\system32\services.exe[756] kernel32.dll!LoadLibraryW 7C80ACD3 5 Bytes JMP 00CE0062
.text C:\WINDOWS\system32\services.exe[756] kernel32.dll!CreateFileW 7C810976 5 Bytes JMP 00CE000A
.text C:\WINDOWS\system32\services.exe[756] kernel32.dll!CreatePipe 7C81DD9A 5 Bytes JMP 00CE00BC
.text C:\WINDOWS\system32\services.exe[756] kernel32.dll!CreateNamedPipeW 7C82631D 5 Bytes JMP 00CE0040
.text C:\WINDOWS\system32\services.exe[756] kernel32.dll!CreateNamedPipeA 7C85FA54 5 Bytes JMP 00CE0025
.text C:\WINDOWS\system32\services.exe[756] kernel32.dll!WinExec 7C86114D 5 Bytes JMP 00CE0F7B
.text C:\WINDOWS\system32\services.exe[756] ADVAPI32.dll!RegOpenKeyExW 77F46A78 5 Bytes JMP 00A10FA8
.text C:\WINDOWS\system32\services.exe[756] ADVAPI32.dll!RegCreateKeyExW 77F47535 5 Bytes JMP 00A10F57
.text C:\WINDOWS\system32\services.exe[756] ADVAPI32.dll!RegOpenKeyExA 77F4761B 5 Bytes JMP 00A10FC3
.text C:\WINDOWS\system32\services.exe[756] ADVAPI32.dll!RegOpenKeyW 77F4770F 5 Bytes JMP 00A10FD4
.text C:\WINDOWS\system32\services.exe[756] ADVAPI32.dll!RegCreateKeyExA 77F4EAF4 5 Bytes JMP 00A10F72
.text C:\WINDOWS\system32\services.exe[756] ADVAPI32.dll!RegCreateKeyW 77F68F7D 5 Bytes JMP 00A10014
.text C:\WINDOWS\system32\services.exe[756] ADVAPI32.dll!RegOpenKeyA 77F6C41B 5 Bytes JMP 00A10FEF
.text C:\WINDOWS\system32\services.exe[756] ADVAPI32.dll!RegCreateKeyA 77F6D5BB 5 Bytes JMP 00A10F8D
.text C:\WINDOWS\system32\services.exe[756] WS2_32.dll!socket 71A33B91 5 Bytes JMP 009E0000
.text C:\WINDOWS\system32\lsass.exe[768] kernel32.dll!CreateFileA 7C801A24 5 Bytes JMP 00E6000A
.text C:\WINDOWS\system32\lsass.exe[768] kernel32.dll!VirtualProtectEx 7C801A5D 5 Bytes JMP 00E60093
.text C:\WINDOWS\system32\lsass.exe[768] kernel32.dll!VirtualProtect 7C801AD0 5 Bytes JMP 00E60082
.text C:\WINDOWS\system32\lsass.exe[768] kernel32.dll!LoadLibraryExW 7C801AF1 5 Bytes JMP 00E6005B
.text C:\WINDOWS\system32\lsass.exe[768] kernel32.dll!LoadLibraryExA 7C801D4F 5 Bytes JMP 00E6004A
.text C:\WINDOWS\system32\lsass.exe[768] kernel32.dll!LoadLibraryA 7C801D77 5 Bytes JMP 00E60FB9
.text C:\WINDOWS\system32\lsass.exe[768] kernel32.dll!GetStartupInfoW 7C801E50 5 Bytes JMP 00E60F4D
.text C:\WINDOWS\system32\lsass.exe[768] kernel32.dll!GetStartupInfoA 7C801EEE 5 Bytes JMP 00E60F68
.text C:\WINDOWS\system32\lsass.exe[768] kernel32.dll!CreateProcessW 7C802332 5 Bytes JMP 00E600E6
.text C:\WINDOWS\system32\lsass.exe[768] kernel32.dll!CreateProcessA 7C802367 5 Bytes JMP 00E600D5
.text C:\WINDOWS\system32\lsass.exe[768] kernel32.dll!GetProcAddress 7C80AC28 5 Bytes JMP 00E60F28
.text C:\WINDOWS\system32\lsass.exe[768] kernel32.dll!LoadLibraryW 7C80ACD3 5 Bytes JMP 00E60FA8
.text C:\WINDOWS\system32\lsass.exe[768] kernel32.dll!CreateFileW 7C810976 5 Bytes JMP 00E6001B
.text C:\WINDOWS\system32\lsass.exe[768] kernel32.dll!CreatePipe 7C81DD9A 5 Bytes JMP 00E60F79
.text C:\WINDOWS\system32\lsass.exe[768] kernel32.dll!CreateNamedPipeW 7C82631D 5 Bytes JMP 00E60FCA
.text C:\WINDOWS\system32\lsass.exe[768] kernel32.dll!CreateNamedPipeA 7C85FA54 5 Bytes JMP 00E60FDB
.text C:\WINDOWS\system32\lsass.exe[768] kernel32.dll!WinExec 7C86114D 5 Bytes JMP 00E600BA
.text C:\WINDOWS\system32\lsass.exe[768] ADVAPI32.dll!RegOpenKeyExW 77F46A78 5 Bytes JMP 00E5003D
.text C:\WINDOWS\system32\lsass.exe[768] ADVAPI32.dll!RegCreateKeyExW 77F47535 5 Bytes JMP 00E50FA5
.text C:\WINDOWS\system32\lsass.exe[768] ADVAPI32.dll!RegOpenKeyExA 77F4761B 5 Bytes JMP 00E5002C
.text C:\WINDOWS\system32\lsass.exe[768] ADVAPI32.dll!RegOpenKeyW 77F4770F 5 Bytes JMP 00E5001B
.text C:\WINDOWS\system32\lsass.exe[768] ADVAPI32.dll!RegCreateKeyExA 77F4EAF4 5 Bytes JMP 00E50062
.text C:\WINDOWS\system32\lsass.exe[768] ADVAPI32.dll!RegCreateKeyW 77F68F7D 5 Bytes JMP 00E50FB6
.text C:\WINDOWS\system32\lsass.exe[768] ADVAPI32.dll!RegOpenKeyA 77F6C41B 5 Bytes JMP 00E50000
.text C:\WINDOWS\system32\lsass.exe[768] ADVAPI32.dll!RegCreateKeyA 77F6D5BB 5 Bytes JMP 00E50FC7
.text C:\WINDOWS\system32\lsass.exe[768] WS2_32.dll!socket 71A33B91 5 Bytes JMP 00BC0FEF
.text C:\WINDOWS\system32\svchost.exe[912] kernel32.dll!CreateFileA 7C801A24 5 Bytes JMP 007F0000
.text C:\WINDOWS\system32\svchost.exe[912] kernel32.dll!VirtualProtectEx 7C801A5D 5 Bytes JMP 007F0F83
.text C:\WINDOWS\system32\svchost.exe[912] kernel32.dll!VirtualProtect 7C801AD0 5 Bytes JMP 007F006E
.text C:\WINDOWS\system32\svchost.exe[912] kernel32.dll!LoadLibraryExW 7C801AF1 5 Bytes JMP 007F005D
.text C:\WINDOWS\system32\svchost.exe[912] kernel32.dll!LoadLibraryExA 7C801D4F 5 Bytes JMP 007F0F94
.text C:\WINDOWS\system32\svchost.exe[912] kernel32.dll!LoadLibraryA 7C801D77 5 Bytes JMP 007F0FAF
.text C:\WINDOWS\system32\svchost.exe[912] kernel32.dll!GetStartupInfoW 7C801E50 5 Bytes JMP 007F00BA
.text C:\WINDOWS\system32\svchost.exe[912] kernel32.dll!GetStartupInfoA 7C801EEE 5 Bytes JMP 007F009D
.text C:\WINDOWS\system32\svchost.exe[912] kernel32.dll!CreateProcessW 7C802332 5 Bytes JMP 007F0F32
.text C:\WINDOWS\system32\svchost.exe[912] kernel32.dll!CreateProcessA 7C802367 5 Bytes JMP 007F00CB
.text C:\WINDOWS\system32\svchost.exe[912] kernel32.dll!GetProcAddress 7C80AC28 5 Bytes JMP 007F0F17
.text C:\WINDOWS\system32\svchost.exe[912] kernel32.dll!LoadLibraryW 7C80ACD3 5 Bytes JMP 007F0036
.text C:\WINDOWS\system32\svchost.exe[912] kernel32.dll!CreateFileW 7C810976 5 Bytes JMP 007F001B
.text C:\WINDOWS\system32\svchost.exe[912] kernel32.dll!CreatePipe 7C81DD9A 5 Bytes JMP 007F0F72
.text C:\WINDOWS\system32\svchost.exe[912] kernel32.dll!CreateNamedPipeW 7C82631D 5 Bytes JMP 007F0FCA
.text C:\WINDOWS\system32\svchost.exe[912] kernel32.dll!CreateNamedPipeA 7C85FA54 5 Bytes JMP 007F0FDB
.text C:\WINDOWS\system32\svchost.exe[912] kernel32.dll!WinExec 7C86114D 5 Bytes JMP 007F0F57
.text C:\WINDOWS\system32\svchost.exe[912] ADVAPI32.dll!RegOpenKeyExW 77F46A78 5 Bytes JMP 007E0FC0
.text C:\WINDOWS\system32\svchost.exe[912] ADVAPI32.dll!RegCreateKeyExW 77F47535 5 Bytes JMP 007E005B
.text C:\WINDOWS\system32\svchost.exe[912] ADVAPI32.dll!RegOpenKeyExA 77F4761B 5 Bytes JMP 007E0011
.text C:\WINDOWS\system32\svchost.exe[912] ADVAPI32.dll!RegOpenKeyW 77F4770F 5 Bytes JMP 007E0000
.text C:\WINDOWS\system32\svchost.exe[912] ADVAPI32.dll!RegCreateKeyExA 77F4EAF4 5 Bytes JMP 007E0F9E
.text C:\WINDOWS\system32\svchost.exe[912] ADVAPI32.dll!RegCreateKeyW 77F68F7D 5 Bytes JMP 007E0FAF
.text C:\WINDOWS\system32\svchost.exe[912] ADVAPI32.dll!RegOpenKeyA 77F6C41B 5 Bytes JMP 007E0FE5
.text C:\WINDOWS\system32\svchost.exe[912] ADVAPI32.dll!RegCreateKeyA 77F6D5BB 5 Bytes JMP 007E002C
.text C:\WINDOWS\system32\svchost.exe[912] WS2_32.dll!socket 71A33B91 5 Bytes JMP 007C0FEF
.text C:\WINDOWS\system32\svchost.exe[992] kernel32.dll!CreateFileA 7C801A24 5 Bytes JMP 00940FE5
.text C:\WINDOWS\system32\svchost.exe[992] kernel32.dll!VirtualProtectEx 7C801A5D 5 Bytes JMP 00940084
.text C:\WINDOWS\system32\svchost.exe[992] kernel32.dll!VirtualProtect 7C801AD0 5 Bytes JMP 00940F99
.text C:\WINDOWS\system32\svchost.exe[992] kernel32.dll!LoadLibraryExW 7C801AF1 5 Bytes JMP 00940073
.text C:\WINDOWS\system32\svchost.exe[992] kernel32.dll!LoadLibraryExA 7C801D4F 5 Bytes JMP 00940FB6
.text C:\WINDOWS\system32\svchost.exe[992] kernel32.dll!LoadLibraryA 7C801D77 5 Bytes JMP 00940047
.text C:\WINDOWS\system32\svchost.exe[992] kernel32.dll!GetStartupInfoW 7C801E50 5 Bytes JMP 00940F52
.text C:\WINDOWS\system32\svchost.exe[992] kernel32.dll!GetStartupInfoA 7C801EEE 5 Bytes JMP 00940F6D
.text C:\WINDOWS\system32\svchost.exe[992] kernel32.dll!CreateProcessW 7C802332 5 Bytes JMP 009400F5
.text C:\WINDOWS\system32\svchost.exe[992] kernel32.dll!CreateProcessA 7C802367 5 Bytes JMP 009400DA
.text C:\WINDOWS\system32\svchost.exe[992] kernel32.dll!GetProcAddress 7C80AC28 5 Bytes JMP 00940F41
.text C:\WINDOWS\system32\svchost.exe[992] kernel32.dll!LoadLibraryW 7C80ACD3 5 Bytes JMP 00940058
.text C:\WINDOWS\system32\svchost.exe[992] kernel32.dll!CreateFileW 7C810976 5 Bytes JMP 00940000
.text C:\WINDOWS\system32\svchost.exe[992] kernel32.dll!CreatePipe 7C81DD9A 5 Bytes JMP 00940F7E
.text C:\WINDOWS\system32\svchost.exe[992] kernel32.dll!CreateNamedPipeW 7C82631D 5 Bytes JMP 0094002C
.text C:\WINDOWS\system32\svchost.exe[992] kernel32.dll!CreateNamedPipeA 7C85FA54 5 Bytes JMP 0094001B
.text C:\WINDOWS\system32\svchost.exe[992] kernel32.dll!WinExec 7C86114D 5 Bytes JMP 009400BF
.text C:\WINDOWS\system32\svchost.exe[992] ADVAPI32.dll!RegOpenKeyExW 77F46A78 5 Bytes JMP 00930FDB
.text C:\WINDOWS\system32\svchost.exe[992] ADVAPI32.dll!RegCreateKeyExW 77F47535 5 Bytes JMP 0093005B
.text C:\WINDOWS\system32\svchost.exe[992] ADVAPI32.dll!RegOpenKeyExA 77F4761B 5 Bytes JMP 0093002C
.text C:\WINDOWS\system32\svchost.exe[992] ADVAPI32.dll!RegOpenKeyW 77F4770F 5 Bytes JMP 00930011
.text C:\WINDOWS\system32\svchost.exe[992] ADVAPI32.dll!RegCreateKeyExA 77F4EAF4 5 Bytes JMP 00930F9E
.text C:\WINDOWS\system32\svchost.exe[992] ADVAPI32.dll!RegCreateKeyW 77F68F7D 5 Bytes JMP 00930FAF
.text C:\WINDOWS\system32\svchost.exe[992] ADVAPI32.dll!RegOpenKeyA 77F6C41B 5 Bytes JMP 00930000
.text C:\WINDOWS\system32\svchost.exe[992] ADVAPI32.dll!RegCreateKeyA 77F6D5BB 5 Bytes JMP 00930FCA
.text C:\WINDOWS\system32\svchost.exe[992] WS2_32.dll!socket 71A33B91 5 Bytes JMP 00910000
.text C:\WINDOWS\System32\svchost.exe[1028] kernel32.dll!CreateFileA 7C801A24 5 Bytes JMP 01390000
.text C:\WINDOWS\System32\svchost.exe[1028] kernel32.dll!VirtualProtectEx 7C801A5D 5 Bytes JMP 01390087
.text C:\WINDOWS\System32\svchost.exe[1028] kernel32.dll!VirtualProtect 7C801AD0 5 Bytes JMP 01390F92
.text C:\WINDOWS\System32\svchost.exe[1028] kernel32.dll!LoadLibraryExW 7C801AF1 5 Bytes JMP 01390FAF
.text C:\WINDOWS\System32\svchost.exe[1028] kernel32.dll!LoadLibraryExA 7C801D4F 5 Bytes JMP 0139006C
.text C:\WINDOWS\System32\svchost.exe[1028] kernel32.dll!LoadLibraryA 7C801D77 5 Bytes JMP 01390FCA
.text C:\WINDOWS\System32\svchost.exe[1028] kernel32.dll!GetStartupInfoW 7C801E50 5 Bytes JMP 013900B5
.text C:\WINDOWS\System32\svchost.exe[1028] kernel32.dll!GetStartupInfoA 7C801EEE 5 Bytes JMP 01390098
.text C:\WINDOWS\System32\svchost.exe[1028] kernel32.dll!CreateProcessW 7C802332 5 Bytes JMP 013900F2
.text C:\WINDOWS\System32\svchost.exe[1028] kernel32.dll!CreateProcessA 7C802367 5 Bytes JMP 013900E1
.text C:\WINDOWS\System32\svchost.exe[1028] kernel32.dll!GetProcAddress 7C80AC28 5 Bytes JMP 01390F3E
.text C:\WINDOWS\System32\svchost.exe[1028] kernel32.dll!LoadLibraryW 7C80ACD3 5 Bytes JMP 0139005B
.text C:\WINDOWS\System32\svchost.exe[1028] kernel32.dll!CreateFileW 7C810976 5 Bytes JMP 0139001B
.text C:\WINDOWS\System32\svchost.exe[1028] kernel32.dll!CreatePipe 7C81DD9A 5 Bytes JMP 01390F6D
.text C:\WINDOWS\System32\svchost.exe[1028] kernel32.dll!CreateNamedPipeW 7C82631D 5 Bytes JMP 01390040
.text C:\WINDOWS\System32\svchost.exe[1028] kernel32.dll!CreateNamedPipeA 7C85FA54 5 Bytes JMP 01390FE5
.text C:\WINDOWS\System32\svchost.exe[1028] kernel32.dll!WinExec 7C86114D 5 Bytes JMP 013900C6
.text C:\WINDOWS\System32\svchost.exe[1028] ADVAPI32.dll!RegOpenKeyExW 77F46A78 5 Bytes JMP 00CE001B
.text C:\WINDOWS\System32\svchost.exe[1028] ADVAPI32.dll!RegCreateKeyExW 77F47535 5 Bytes JMP 00CE0F68
.text C:\WINDOWS\System32\svchost.exe[1028] ADVAPI32.dll!RegOpenKeyExA 77F4761B 5 Bytes JMP 00CE0FD4
.text C:\WINDOWS\System32\svchost.exe[1028] ADVAPI32.dll!RegOpenKeyW 77F4770F 5 Bytes JMP 00CE0000
.text C:\WINDOWS\System32\svchost.exe[1028] ADVAPI32.dll!RegCreateKeyExA 77F4EAF4 5 Bytes JMP 00CE0F83
.text C:\WINDOWS\System32\svchost.exe[1028] ADVAPI32.dll!RegCreateKeyW 77F68F7D 5 Bytes JMP 00CE0F9E
.text C:\WINDOWS\System32\svchost.exe[1028] ADVAPI32.dll!RegOpenKeyA 77F6C41B 5 Bytes JMP 00CE0FE5
.text C:\WINDOWS\System32\svchost.exe[1028] ADVAPI32.dll!RegCreateKeyA 77F6D5BB 5 Bytes JMP 00CE0FAF
.text C:\WINDOWS\System32\svchost.exe[1028] WS2_32.dll!socket 71A33B91 5 Bytes JMP 00C60FEF
.text C:\WINDOWS\System32\svchost.exe[1028] WININET.dll!InternetOpenA 77196D2A 5 Bytes JMP 00CC0000
.text C:\WINDOWS\System32\svchost.exe[1028] WININET.dll!InternetOpenUrlA 77196FDD 5 Bytes JMP 00CC0FCF
.text C:\WINDOWS\System32\svchost.exe[1028] WININET.dll!InternetOpenW 771A6CF3 5 Bytes JMP 00CC0011
.text C:\WINDOWS\System32\svchost.exe[1028] WININET.dll!InternetOpenUrlW 771A7304 5 Bytes JMP 00CC0FB4
.text C:\WINDOWS\system32\svchost.exe[1076] kernel32.dll!CreateFileA 7C801A24 5 Bytes JMP 0065000A
.text C:\WINDOWS\system32\svchost.exe[1076] kernel32.dll!VirtualProtectEx 7C801A5D 5 Bytes JMP 0065009A
.text C:\WINDOWS\system32\svchost.exe[1076] kernel32.dll!VirtualProtect 7C801AD0 5 Bytes JMP 00650089
.text C:\WINDOWS\system32\svchost.exe[1076] kernel32.dll!LoadLibraryExW 7C801AF1 5 Bytes JMP 00650FAF
.text C:\WINDOWS\system32\svchost.exe[1076] kernel32.dll!LoadLibraryExA 7C801D4F 5 Bytes JMP 0065006C
.text C:\WINDOWS\system32\svchost.exe[1076] kernel32.dll!LoadLibraryA 7C801D77 5 Bytes JMP 00650FCA
.text C:\WINDOWS\system32\svchost.exe[1076] kernel32.dll!GetStartupInfoW 7C801E50 5 Bytes JMP 006500E1
.text C:\WINDOWS\system32\svchost.exe[1076] kernel32.dll!GetStartupInfoA 7C801EEE 5 Bytes JMP 006500D0
.text C:\WINDOWS\system32\svchost.exe[1076] kernel32.dll!CreateProcessW 7C802332 5 Bytes JMP 006500FC
.text C:\WINDOWS\system32\svchost.exe[1076] kernel32.dll!CreateProcessA 7C802367 5 Bytes JMP 00650F63
.text C:\WINDOWS\system32\svchost.exe[1076] kernel32.dll!GetProcAddress 7C80AC28 5 Bytes JMP 00650F48
.text C:\WINDOWS\system32\svchost.exe[1076] kernel32.dll!LoadLibraryW 7C80ACD3 5 Bytes JMP 00650051
.text C:\WINDOWS\system32\svchost.exe[1076] kernel32.dll!CreateFileW 7C810976 5 Bytes JMP 0065001B
.text C:\WINDOWS\system32\svchost.exe[1076] kernel32.dll!CreatePipe 7C81DD9A 5 Bytes JMP 006500B5
.text C:\WINDOWS\system32\svchost.exe[1076] kernel32.dll!CreateNamedPipeW 7C82631D 5 Bytes JMP 00650FE5
.text C:\WINDOWS\system32\svchost.exe[1076] kernel32.dll!CreateNamedPipeA 7C85FA54 5 Bytes JMP 00650036
.text C:\WINDOWS\system32\svchost.exe[1076] kernel32.dll!WinExec 7C86114D 5 Bytes JMP 00650F7E
.text C:\WINDOWS\system32\svchost.exe[1076] ADVAPI32.dll!RegOpenKeyExW 77F46A78 5 Bytes JMP 00640FCD
.text C:\WINDOWS\system32\svchost.exe[1076] ADVAPI32.dll!RegCreateKeyExW 77F47535 5 Bytes JMP 00640051
.text C:\WINDOWS\system32\svchost.exe[1076] ADVAPI32.dll!RegOpenKeyExA 77F4761B 5 Bytes JMP 00640FDE
.text C:\WINDOWS\system32\svchost.exe[1076] ADVAPI32.dll!RegOpenKeyW 77F4770F 5 Bytes JMP 00640014
.text C:\WINDOWS\system32\svchost.exe[1076] ADVAPI32.dll!RegCreateKeyExA 77F4EAF4 5 Bytes JMP 00640040
.text C:\WINDOWS\system32\svchost.exe[1076] ADVAPI32.dll!RegCreateKeyW 77F68F7D 5 Bytes JMP 00640FA8
.text C:\WINDOWS\system32\svchost.exe[1076] ADVAPI32.dll!RegOpenKeyA 77F6C41B 5 Bytes JMP 00640FEF
.text C:\WINDOWS\system32\svchost.exe[1076] ADVAPI32.dll!RegCreateKeyA 77F6D5BB 5 Bytes JMP 0064002F
.text C:\WINDOWS\system32\svchost.exe[1076] WS2_32.dll!socket 71A33B91 5 Bytes JMP 00620FEF
.text C:\WINDOWS\system32\svchost.exe[1196] kernel32.dll!CreateFileA 7C801A24 5 Bytes JMP 00780000
.text C:\WINDOWS\system32\svchost.exe[1196] kernel32.dll!VirtualProtectEx 7C801A5D 5 Bytes JMP 00780078
.text C:\WINDOWS\system32\svchost.exe[1196] kernel32.dll!VirtualProtect 7C801AD0 5 Bytes JMP 00780F79
.text C:\WINDOWS\system32\svchost.exe[1196] kernel32.dll!LoadLibraryExW 7C801AF1 5 Bytes JMP 00780F94
.text C:\WINDOWS\system32\svchost.exe[1196] kernel32.dll!LoadLibraryExA 7C801D4F 5 Bytes JMP 00780051
.text C:\WINDOWS\system32\svchost.exe[1196] kernel32.dll!LoadLibraryA 7C801D77 5 Bytes JMP 00780036
.text C:\WINDOWS\system32\svchost.exe[1196] kernel32.dll!GetStartupInfoW 7C801E50 5 Bytes JMP 007800B0
.text C:\WINDOWS\system32\svchost.exe[1196] kernel32.dll!GetStartupInfoA 7C801EEE 5 Bytes JMP 00780F68
.text C:\WINDOWS\system32\svchost.exe[1196] kernel32.dll!CreateProcessW 7C802332 5 Bytes JMP 00780F46
.text C:\WINDOWS\system32\svchost.exe[1196] kernel32.dll!CreateProcessA 7C802367 5 Bytes JMP 007800D5
.text C:\WINDOWS\system32\svchost.exe[1196] kernel32.dll!GetProcAddress 7C80AC28 5 Bytes JMP 00780F35
.text C:\WINDOWS\system32\svchost.exe[1196] kernel32.dll!LoadLibraryW 7C80ACD3 5 Bytes JMP 00780FAF
.text C:\WINDOWS\system32\svchost.exe[1196] kernel32.dll!CreateFileW 7C810976 5 Bytes JMP 00780011
.text C:\WINDOWS\system32\svchost.exe[1196] kernel32.dll!CreatePipe 7C81DD9A 5 Bytes JMP 00780089
.text C:\WINDOWS\system32\svchost.exe[1196] kernel32.dll!CreateNamedPipeW 7C82631D 5 Bytes JMP 00780FCA
.text C:\WINDOWS\system32\svchost.exe[1196] kernel32.dll!CreateNamedPipeA 7C85FA54 5 Bytes JMP 00780FDB
.text C:\WINDOWS\system32\svchost.exe[1196] kernel32.dll!WinExec 7C86114D 5 Bytes JMP 00780F57
.text C:\WINDOWS\system32\svchost.exe[1196] ADVAPI32.dll!RegOpenKeyExW 77F46A78 5 Bytes JMP 006D002C
.text C:\WINDOWS\system32\svchost.exe[1196] ADVAPI32.dll!RegCreateKeyExW 77F47535 5 Bytes JMP 006D0F6F
.text C:\WINDOWS\system32\svchost.exe[1196] ADVAPI32.dll!RegOpenKeyExA 77F4761B 5 Bytes JMP 006D0011
.text C:\WINDOWS\system32\svchost.exe[1196] ADVAPI32.dll!RegOpenKeyW 77F4770F 5 Bytes JMP 006D0000
.text C:\WINDOWS\system32\svchost.exe[1196] ADVAPI32.dll!RegCreateKeyExA 77F4EAF4 5 Bytes JMP 006D0F8A
.text C:\WINDOWS\system32\svchost.exe[1196] ADVAPI32.dll!RegCreateKeyW 77F68F7D 5 Bytes JMP 006D0FAF
.text C:\WINDOWS\system32\svchost.exe[1196] ADVAPI32.dll!RegOpenKeyA 77F6C41B 5 Bytes JMP 006D0FEF
.text C:\WINDOWS\system32\svchost.exe[1196] ADVAPI32.dll!RegCreateKeyA 77F6D5BB 5 Bytes JMP 006D0FC0
.text C:\WINDOWS\system32\svchost.exe[1196] WS2_32.dll!socket 71A33B91 5 Bytes JMP 006A0000
.text C:\WINDOWS\system32\svchost.exe[1196] WININET.dll!InternetOpenA 77196D2A 5 Bytes JMP 006B0FEF
.text C:\WINDOWS\system32\svchost.exe[1196] WININET.dll!InternetOpenUrlA 77196FDD 5 Bytes JMP 006B0FB7
.text C:\WINDOWS\system32\svchost.exe[1196] WININET.dll!InternetOpenW 771A6CF3 5 Bytes JMP 006B0FDE
.text C:\WINDOWS\system32\svchost.exe[1196] WININET.dll!InternetOpenUrlW 771A7304 5 Bytes JMP 006B0FA6
.text C:\WINDOWS\Explorer.EXE[2156] kernel32.dll!CreateFileA 7C801A24 5 Bytes JMP 001A0000
.text C:\WINDOWS\Explorer.EXE[2156] kernel32.dll!VirtualProtectEx 7C801A5D 5 Bytes JMP 001A0F66
.text C:\WINDOWS\Explorer.EXE[2156] kernel32.dll!VirtualProtect 7C801AD0 5 Bytes JMP 001A0F77
.text C:\WINDOWS\Explorer.EXE[2156] kernel32.dll!LoadLibraryExW 7C801AF1 5 Bytes JMP 001A0F88
.text C:\WINDOWS\Explorer.EXE[2156] kernel32.dll!LoadLibraryExA 7C801D4F 5 Bytes JMP 001A0051
.text C:\WINDOWS\Explorer.EXE[2156] kernel32.dll!LoadLibraryA 7C801D77 5 Bytes JMP 001A0FAF
.text C:\WINDOWS\Explorer.EXE[2156] kernel32.dll!GetStartupInfoW 7C801E50 5 Bytes JMP 001A0098
.text C:\WINDOWS\Explorer.EXE[2156] kernel32.dll!GetStartupInfoA 7C801EEE 5 Bytes JMP 001A0087
.text C:\WINDOWS\Explorer.EXE[2156] kernel32.dll!CreateProcessW 7C802332 5 Bytes JMP 001A0F2E
.text C:\WINDOWS\Explorer.EXE[2156] kernel32.dll!CreateProcessA 7C802367 5 Bytes JMP 001A00BD
.text C:\WINDOWS\Explorer.EXE[2156] kernel32.dll!GetProcAddress 7C80AC28 5 Bytes JMP 001A00E2
.text C:\WINDOWS\Explorer.EXE[2156] kernel32.dll!LoadLibraryW 7C80ACD3 5 Bytes JMP 001A0040
.text C:\WINDOWS\Explorer.EXE[2156] kernel32.dll!CreateFileW 7C810976 5 Bytes JMP 001A0FDB
.text C:\WINDOWS\Explorer.EXE[2156] kernel32.dll!CreatePipe 7C81DD9A 5 Bytes JMP 001A0076
.text C:\WINDOWS\Explorer.EXE[2156] kernel32.dll!CreateNamedPipeW 7C82631D 5 Bytes JMP 001A0FC0
.text C:\WINDOWS\Explorer.EXE[2156] kernel32.dll!CreateNamedPipeA 7C85FA54 5 Bytes JMP 001A0011
.text C:\WINDOWS\Explorer.EXE[2156] kernel32.dll!WinExec 7C86114D 5 Bytes JMP 001A0F3F
.text C:\WINDOWS\Explorer.EXE[2156] ADVAPI32.dll!RegOpenKeyExW 77F46A78 5 Bytes JMP 00290FCA
.text C:\WINDOWS\Explorer.EXE[2156] ADVAPI32.dll!RegCreateKeyExW 77F47535 5 Bytes JMP 0029005B
.text C:\WINDOWS\Explorer.EXE[2156] ADVAPI32.dll!RegOpenKeyExA 77F4761B 5 Bytes JMP 0029001B
.text C:\WINDOWS\Explorer.EXE[2156] ADVAPI32.dll!RegOpenKeyW 77F4770F 5 Bytes JMP 00290FE5
.text C:\WINDOWS\Explorer.EXE[2156] ADVAPI32.dll!RegCreateKeyExA 77F4EAF4 5 Bytes JMP 00290F9E
.text C:\WINDOWS\Explorer.EXE[2156] ADVAPI32.dll!RegCreateKeyW 77F68F7D 5 Bytes JMP 00290040
.text C:\WINDOWS\Explorer.EXE[2156] ADVAPI32.dll!RegOpenKeyA 77F6C41B 5 Bytes JMP 00290000
.text C:\WINDOWS\Explorer.EXE[2156] ADVAPI32.dll!RegCreateKeyA 77F6D5BB 5 Bytes JMP 00290FB9
.text C:\WINDOWS\Explorer.EXE[2156] WININET.dll!InternetOpenA 77196D2A 5 Bytes JMP 002B000A
.text C:\WINDOWS\Explorer.EXE[2156] WININET.dll!InternetOpenUrlA 77196FDD 5 Bytes JMP 002B0036
.text C:\WINDOWS\Explorer.EXE[2156] WININET.dll!InternetOpenW 771A6CF3 5 Bytes JMP 002B0025
.text C:\WINDOWS\Explorer.EXE[2156] WININET.dll!InternetOpenUrlW 771A7304 5 Bytes JMP 002B0FE3
.text C:\WINDOWS\Explorer.EXE[2156] WS2_32.dll!socket 71A33B91 5 Bytes JMP 01510000
---- Kernel IAT/EAT - GMER 1.0.13 ----
IAT \WINDOWS\System32\Drivers\SPTDDRV1.SYS[ntoskrnl.exe!IoConnectInterrupt] [F751F718] sptd.sys
IAT \WINDOWS\System32\Drivers\SPTDDRV1.SYS[ntoskrnl.exe!IofCompleteRequest] [F7534656] sptd.sys
IAT pci.sys[ntoskrnl.exe!IoDetachDevice] [F751F6C4] sptd.sys
IAT pci.sys[ntoskrnl.exe!IoAttachDeviceToDeviceStack] [F7535394] sptd.sys
IAT atapi.sys[ntoskrnl.exe!IoConnectInterrupt] [F751F718] sptd.sys
IAT atapi.sys[HAL.dll!READ_PORT_UCHAR] [F750FAB6] sptd.sys
IAT atapi.sys[HAL.dll!READ_PORT_BUFFER_USHORT] [F750FBEE] sptd.sys
IAT atapi.sys[HAL.dll!READ_PORT_USHORT] [F750FB76] sptd.sys
IAT atapi.sys[HAL.dll!WRITE_PORT_BUFFER_USHORT] [F751071C] sptd.sys
IAT atapi.sys[HAL.dll!WRITE_PORT_UCHAR] [F75105F2] sptd.sys
IAT disk.sys[ntoskrnl.exe!IoAttachDeviceToDeviceStack] [F75354E8] sptd.sys
IAT \SystemRoot\system32\DRIVERS\i8042prt.sys[HAL.dll!READ_PORT_UCHAR] [F75347AE] sptd.sys
IAT \SystemRoot\system32\DRIVERS\cdrom.sys[ntoskrnl.exe!IoAttachDeviceToDeviceStack] [F75354E8] sptd.sys
---- Devices - GMER 1.0.13 ----
Device \FileSystem\Ntfs \Ntfs IRP_MJ_CREATE 897931D8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_CLOSE 897931D8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_READ 897931D8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_WRITE 897931D8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_INFORMATION 897931D8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_SET_INFORMATION 897931D8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_EA 897931D8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_SET_EA 897931D8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_FLUSH_BUFFERS 897931D8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_VOLUME_INFORMATION 897931D8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_SET_VOLUME_INFORMATION 897931D8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_DIRECTORY_CONTROL 897931D8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_FILE_SYSTEM_CONTROL 897931D8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_DEVICE_CONTROL 897931D8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_SHUTDOWN 897931D8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_LOCK_CONTROL 897931D8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_CLEANUP 897931D8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_SECURITY 897931D8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_SET_SECURITY 897931D8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_QUOTA 897931D8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_SET_QUOTA 897931D8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_PNP 897931D8
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_CREATE [B6CEFE01] mfehidk.sys
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_CREATE_NAMED_PIPE [B6CEFE01] mfehidk.sys
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_CLOSE [B6CEFE01] mfehidk.sys
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_READ [B6CEFE01] mfehidk.sys
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_WRITE [B6CEFE01] mfehidk.sys
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_INFORMATION [B6CEFE01] mfehidk.sys
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_SET_INFORMATION [B6CEFE01] mfehidk.sys
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_EA [B6CEFE01] mfehidk.sys
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_SET_EA [B6CEFE01] mfehidk.sys
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_FLUSH_BUFFERS [B6CEFE01] mfehidk.sys
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_VOLUME_INFORMATION [B6CEFE01] mfehidk.sys
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_SET_VOLUME_INFORMATION [B6CEFE01] mfehidk.sys
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_DIRECTORY_CONTROL [B6CEFE01] mfehidk.sys
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_FILE_SYSTEM_CONTROL [B6CEFE01] mfehidk.sys
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_DEVICE_CONTROL [B6CEFE01] mfehidk.sys
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_INTERNAL_DEVICE_CONTROL [B6CEFE01] mfehidk.sys
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_SHUTDOWN [B6CEFE01] mfehidk.sys
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_LOCK_CONTROL [B6CEFE01] mfehidk.sys
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_CLEANUP [B6CEFE01] mfehidk.sys
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_CREATE_MAILSLOT [B6CEFE01] mfehidk.sys
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_SECURITY [B6CEFE01] mfehidk.sys
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_SET_SECURITY [B6CEFE01] mfehidk.sys
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_POWER [B6CEFE01] mfehidk.sys
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_SYSTEM_CONTROL [B6CEFE01] mfehidk.sys
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_DEVICE_CHANGE [B6CEFE01] mfehidk.sys
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_QUOTA [B6CEFE01] mfehidk.sys
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_SET_QUOTA [B6CEFE01] mfehidk.sys
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_CREATE 894D5340
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_CLOSE 894D5340
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_READ 894D5340
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_WRITE 894D5340
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_QUERY_INFORMATION 894D5340
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_SET_INFORMATION 894D5340
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_QUERY_EA 894D5340
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_SET_EA 894D5340
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_FLUSH_BUFFERS 894D5340
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_QUERY_VOLUME_INFORMATION 894D5340
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_SET_VOLUME_INFORMATION 894D5340
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_DIRECTORY_CONTROL 894D5340
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_FILE_SYSTEM_CONTROL 894D5340
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_DEVICE_CONTROL 894D5340
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_SHUTDOWN 894D5340
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_LOCK_CONTROL 894D5340
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_CLEANUP 894D5340
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_PNP 894D5340
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_CREATE [B840B10E] Mpfp.sys
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_CREATE_NAMED_PIPE [B840B10E] Mpfp.sys
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_CLOSE [B840B10E] Mpfp.sys
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_READ [B840B10E] Mpfp.sys
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_WRITE [B840B10E] Mpfp.sys
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_QUERY_INFORMATION [B840B10E] Mpfp.sys
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_SET_INFORMATION [B840B10E] Mpfp.sys
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_QUERY_EA [B840B10E] Mpfp.sys
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_SET_EA [B840B10E] Mpfp.sys
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_FLUSH_BUFFERS [B840B10E] Mpfp.sys
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_QUERY_VOLUME_INFORMATION [B840B10E] Mpfp.sys
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_SET_VOLUME_INFORMATION [B840B10E] Mpfp.sys
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_DIRECTORY_CONTROL [B840B10E] Mpfp.sys
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_FILE_SYSTEM_CONTROL [B840B10E] Mpfp.sys
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_DEVICE_CONTROL [B840B10E] Mpfp.sys
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_INTERNAL_DEVICE_CONTROL [B840B10E] Mpfp.sys
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_SHUTDOWN [B840B10E] Mpfp.sys
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_LOCK_CONTROL [B840B10E] Mpfp.sys
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_CLEANUP [B840B10E] Mpfp.sys
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_CREATE_MAILSLOT [B840B10E] Mpfp.sys
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_QUERY_SECURITY [B840B10E] Mpfp.sys
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_SET_SECURITY [B840B10E] Mpfp.sys
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_POWER [B840B10E] Mpfp.sys
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_SYSTEM_CONTROL [B840B10E] Mpfp.sys
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_DEVICE_CHANGE [B840B10E] Mpfp.sys
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_QUERY_QUOTA [B840B10E] Mpfp.sys
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_SET_QUOTA [B840B10E] Mpfp.sys
Device \Driver\usbuhci \Device\USBPDO-0 IRP_MJ_CREATE 895B31D8
Device \Driver\usbuhci \Device\USBPDO-0 IRP_MJ_CLOSE 895B31D8
Device \Driver\usbuhci \Device\USBPDO-0 IRP_MJ_DEVICE_CONTROL 895B31D8
Device \Driver\usbuhci \Device\USBPDO-0 IRP_MJ_INTERNAL_DEVICE_CONTROL 895B31D8
Device \Driver\usbuhci \Device\USBPDO-0 IRP_MJ_POWER 895B31D8
Device \Driver\usbuhci \Device\USBPDO-0 IRP_MJ_SYSTEM_CONTROL 895B31D8
Device \Driver\usbuhci \Device\USBPDO-0 IRP_MJ_PNP 895B31D8
Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_CREATE 8972E1D8
Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_CLOSE 8972E1D8
Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_READ 8972E1D8
Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_WRITE 8972E1D8
Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_FLUSH_BUFFERS 8972E1D8
Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_DEVICE_CONTROL 8972E1D8
Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_INTERNAL_DEVICE_CONTROL 8972E1D8
Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_SHUTDOWN 8972E1D8
Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_POWER 8972E1D8
Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_SYSTEM_CONTROL 8972E1D8
Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_PNP 8972E1D8
Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_CREATE 8972E1D8
Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_CLOSE 8972E1D8
Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_READ 8972E1D8
Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_WRITE 8972E1D8
Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_FLUSH_BUFFERS 8972E1D8
Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_DEVICE_CONTROL 8972E1D8
Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_INTERNAL_DEVICE_CONTROL 8972E1D8
Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_SHUTDOWN 8972E1D8
Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_POWER 8972E1D8
Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_SYSTEM_CONTROL 8972E1D8
Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_PNP 8972E1D8
Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_CREATE 8972E1D8
Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_CLOSE 8972E1D8
Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_READ 8972E1D8
Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_WRITE 8972E1D8
Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_FLUSH_BUFFERS 8972E1D8
Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_DEVICE_CONTROL 8972E1D8
Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_INTERNAL_DEVICE_CONTROL 8972E1D8
Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_SHUTDOWN 8972E1D8
Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_POWER 8972E1D8
Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_SYSTEM_CONTROL 8972E1D8
Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_PNP 8972E1D8
Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_CREATE 8972E1D8
Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_CLOSE 8972E1D8
Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_READ 8972E1D8
Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_WRITE 8972E1D8
Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_FLUSH_BUFFERS 8972E1D8
Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_DEVICE_CONTROL 8972E1D8
Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_INTERNAL_DEVICE_CONTROL 8972E1D8
Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_SHUTDOWN 8972E1D8
Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_POWER 8972E1D8
Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_SYSTEM_CONTROL 8972E1D8
Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_PNP 8972E1D8
Device \Driver\usbuhci \Device\USBPDO-1 IRP_MJ_CREATE 895B31D8
Device \Driver\usbuhci \Device\USBPDO-1 IRP_MJ_CLOSE 895B31D8
Device \Driver\usbuhci \Device\USBPDO-1 IRP_MJ_DEVICE_CONTROL 895B31D8
Device \Driver\usbuhci \Device\USBPDO-1 IRP_MJ_INTERNAL_DEVICE_CONTROL 895B31D8
Device \Driver\usbuhci \Device\USBPDO-1 IRP_MJ_POWER 895B31D8
Device \Driver\usbuhci \Device\USBPDO-1 IRP_MJ_SYSTEM_CONTROL 895B31D8
Device \Driver\usbuhci \Device\USBPDO-1 IRP_MJ_PNP 895B31D8
Device \Driver\usbuhci \Device\USBPDO-2 IRP_MJ_CREATE 895B31D8
Device \Driver\usbuhci \Device\USBPDO-2 IRP_MJ_CLOSE 895B31D8
Device \Driver\usbuhci \Device\USBPDO-2 IRP_MJ_DEVICE_CONTROL 895B31D8
Device \Driver\usbuhci \Device\USBPDO-2 IRP_MJ_INTERNAL_DEVICE_CONTROL 895B31D8
Device \Driver\usbuhci \Device\USBPDO-2 IRP_MJ_POWER 895B31D8
Device \Driver\usbuhci \Device\USBPDO-2 IRP_MJ_SYSTEM_CONTROL 895B31D8
Device \Driver\usbuhci \Device\USBPDO-2 IRP_MJ_PNP 895B31D8
Device \Driver\usbehci \Device\USBPDO-3 IRP_MJ_CREATE 895A71D8
Device \Driver\usbehci \Device\USBPDO-3 IRP_MJ_CLOSE 895A71D8
Device \Driver\usbehci \Device\USBPDO-3 IRP_MJ_DEVICE_CONTROL 895A71D8
Device \Driver\usbehci \Device\USBPDO-3 IRP_MJ_INTERNAL_DEVICE_CONTROL 895A71D8
Device \Driver\usbehci \Device\USBPDO-3 IRP_MJ_POWER 895A71D8
Device \Driver\usbehci \Device\USBPDO-3 IRP_MJ_SYSTEM_CONTROL 895A71D8
Device \Driver\usbehci \Device\USBPDO-3 IRP_MJ_PNP 895A71D8
Device \Driver\00000047 \Device\00000047 IRP_MJ_POWER [F751BDB6] sptd.sys
Device \Driver\00000047 \Device\00000047 IRP_MJ_SYSTEM_CONTROL [F753173C] sptd.sys
Device \Driver\00000047 \Device\00000047 IRP_MJ_PNP [F752A77E] sptd.sys
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_CREATE [B840B10E] Mpfp.sys
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_CREATE_NAMED_PIPE [B840B10E] Mpfp.sys
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_CLOSE [B840B10E] Mpfp.sys
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_READ [B840B10E] Mpfp.sys
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_WRITE [B840B10E] Mpfp.sys
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_QUERY_INFORMATION [B840B10E] Mpfp.sys
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_SET_INFORMATION [B840B10E] Mpfp.sys
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_QUERY_EA [B840B10E] Mpfp.sys
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_SET_EA [B840B10E] Mpfp.sys
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_FLUSH_BUFFERS [B840B10E] Mpfp.sys
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_QUERY_VOLUME_INFORMATION [B840B10E] Mpfp.sys
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_SET_VOLUME_INFORMATION [B840B10E] Mpfp.sys
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_DIRECTORY_CONTROL [B840B10E] Mpfp.sys
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_FILE_SYSTEM_CONTROL [B840B10E] Mpfp.sys
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_DEVICE_CONTROL [B840B10E] Mpfp.sys
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_INTERNAL_DEVICE_CONTROL [B840B10E] Mpfp.sys
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_SHUTDOWN [B840B10E] Mpfp.sys
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_LOCK_CONTROL [B840B10E] Mpfp.sys
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_CLEANUP [B840B10E] Mpfp.sys
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_CREATE_MAILSLOT [B840B10E] Mpfp.sys
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_QUERY_SECURITY [B840B10E] Mpfp.sys
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_SET_SECURITY [B840B10E] Mpfp.sys
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_POWER [B840B10E] Mpfp.sys
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_SYSTEM_CONTROL [B840B10E] Mpfp.sys
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_DEVICE_CHANGE [B840B10E] Mpfp.sys
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_QUERY_QUOTA [B840B10E] Mpfp.sys
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_SET_QUOTA [B840B10E] Mpfp.sys
Device \Driver\NetBT \Device\NetBT_Tcpip_{E940A3F4-A0CB-4DC9-A2B1-272EC6EAED55} IRP_MJ_CREATE 894377D0
Device \Driver\NetBT \Device\NetBT_Tcpip_{E940A3F4-A0CB-4DC9-A2B1-272EC6EAED55} IRP_MJ_CLOSE 894377D0
Device \Driver\NetBT \Device\NetBT_Tcpip_{E940A3F4-A0CB-4DC9-A2B1-272EC6EAED55} IRP_MJ_DEVICE_CONTROL 894377D0
Device \Driver\NetBT \Device\NetBT_Tcpip_{E940A3F4-A0CB-4DC9-A2B1-272EC6EAED55} IRP_MJ_INTERNAL_DEVICE_CONTROL 894377D0
Device \Driver\NetBT \Device\NetBT_Tcpip_{E940A3F4-A0CB-4DC9-A2B1-272EC6EAED55} IRP_MJ_CLEANUP 894377D0
Device \Driver\NetBT \Device\NetBT_Tcpip_{E940A3F4-A0CB-4DC9-A2B1-272EC6EAED55} IRP_MJ_PNP 894377D0
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_CREATE 897951D8
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_READ 897951D8
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_WRITE 897951D8
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_FLUSH_BUFFERS 897951D8
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_DEVICE_CONTROL 897951D8
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_INTERNAL_DEVICE_CONTROL 897951D8
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_SHUTDOWN 897951D8
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_CLEANUP 897951D8
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_POWER 897951D8
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_SYSTEM_CONTROL 897951D8
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_PNP 897951D8
Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_CREATE 897951D8
Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_READ 897951D8
Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_WRITE 897951D8
Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_FLUSH_BUFFERS 897951D8
Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_DEVICE_CONTROL 897951D8
Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_INTERNAL_DEVICE_CONTROL 897951D8
Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_SHUTDOWN 897951D8
Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_CLEANUP 897951D8
Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_POWER 897951D8
Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_SYSTEM_CONTROL 897951D8
Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_PNP 897951D8
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_CREATE 89598990
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_CLOSE 89598990
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_READ 89598990
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_WRITE 89598990
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_FLUSH_BUFFERS 89598990
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_DEVICE_CONTROL 89598990
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_INTERNAL_DEVICE_CONTROL 89598990
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_SHUTDOWN 89598990
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_POWER 89598990
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_SYSTEM_CONTROL 89598990
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_PNP 89598990
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_CREATE 89598990
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_CLOSE 89598990
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_READ 89598990
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_WRITE 89598990
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_FLUSH_BUFFERS 89598990
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_DEVICE_CONTROL 89598990
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_INTERNAL_DEVICE_CONTROL 89598990
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_SHUTDOWN 89598990
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_POWER 89598990
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_SYSTEM_CONTROL 89598990
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_PNP 89598990
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_CREATE 897941D8
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_CLOSE 897941D8
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_DEVICE_CONTROL 897941D8
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_INTERNAL_DEVICE_CONTROL 897941D8
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_POWER 897941D8
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_SYSTEM_CONTROL 897941D8
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_PNP 897941D8
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-4 IRP_MJ_CREATE 897941D8
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-4 IRP_MJ_CLOSE 897941D8
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-4 IRP_MJ_DEVICE_CONTROL 897941D8
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-4 IRP_MJ_INTERNAL_DEVICE_CONTROL 897941D8
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-4 IRP_MJ_POWER 897941D8
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-4 IRP_MJ_SYSTEM_CONTROL 897941D8
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-4 IRP_MJ_PNP 897941D8
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_CREATE 897941D8
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_CLOSE 897941D8
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_DEVICE_CONTROL 897941D8
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_INTERNAL_DEVICE_CONTROL 897941D8
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_POWER 897941D8
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_SYSTEM_CONTROL 897941D8
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_PNP 897941D8
Device \Driver\atapi \Device\Ide\IdeDeviceP0T1L0-c IRP_MJ_CREATE 897941D8
Device \Driver\atapi \Device\Ide\IdeDeviceP0T1L0-c IRP_MJ_CLOSE 897941D8
Device \Driver\atapi \Device\Ide\IdeDeviceP0T1L0-c IRP_MJ_DEVICE_CONTROL 897941D8
Device \Driver\atapi \Device\Ide\IdeDeviceP0T1L0-c IRP_MJ_INTERNAL_DEVICE_CONTROL 897941D8
Device \Driver\atapi \Device\Ide\IdeDeviceP0T1L0-c IRP_MJ_POWER 897941D8
Device \Driver\atapi \Device\Ide\IdeDeviceP0T1L0-c IRP_MJ_SYSTEM_CONTROL 897941D8
Device \Driver\atapi \Device\Ide\IdeDeviceP0T1L0-c IRP_MJ_PNP 897941D8
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-18 IRP_MJ_CREATE 897941D8
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-18 IRP_MJ_CLOSE 897941D8
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-18 IRP_MJ_DEVICE_CONTROL 897941D8
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-18 IRP_MJ_INTERNAL_DEVICE_CONTROL 897941D8
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-18 IRP_MJ_POWER 897941D8
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-18 IRP_MJ_SYSTEM_CONTROL 897941D8
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-18 IRP_MJ_PNP 897941D8
Device \Driver\atapi \Device\Ide\IdeDeviceP1T1L0-20 IRP_MJ_CREATE 897941D8
Device \Driver\atapi \Device\Ide\IdeDeviceP1T1L0-20 IRP_MJ_CLOSE 897941D8
Device \Driver\atapi \Device\Ide\IdeDeviceP1T1L0-20 IRP_MJ_DEVICE_CONTROL 897941D8
Device \Driver\atapi \Device\Ide\IdeDeviceP1T1L0-20 IRP_MJ_INTERNAL_DEVICE_CONTROL 897941D8
Device \Driver\atapi \Device\Ide\IdeDeviceP1T1L0-20 IRP_MJ_POWER 897941D8
Device \Driver\atapi \Device\Ide\IdeDeviceP1T1L0-20 IRP_MJ_SYSTEM_CONTROL 897941D8
Device \Driver\atapi \Device\Ide\IdeDeviceP1T1L0-20 IRP_MJ_PNP 897941D8
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_CREATE 89598990
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_CLOSE 89598990
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_READ 89598990
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_WRITE 89598990
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_FLUSH_BUFFERS 89598990
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_DEVICE_CONTROL 89598990
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_INTERNAL_DEVICE_CONTROL 89598990
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_SHUTDOWN 89598990
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_POWER 89598990
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_SYSTEM_CONTROL 89598990
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_PNP 89598990
Device \Driver\NetBT \Device\NetBt_Wins_Export IRP_MJ_CREATE 894377D0
Device \Driver\NetBT \Device\NetBt_Wins_Export IRP_MJ_CLOSE 894377D0
Device \Driver\NetBT \Device\NetBt_Wins_Export IRP_MJ_DEVICE_CONTROL 894377D0
Device \Driver\NetBT \Device\NetBt_Wins_Export IRP_MJ_INTERNAL_DEVICE_CONTROL 894377D0
Device \Driver\NetBT \Device\NetBt_Wins_Export IRP_MJ_CLEANUP 894377D0
Device \Driver\NetBT \Device\NetBt_Wins_Export IRP_MJ_PNP 894377D0
Device \Driver\NetBT \Device\NetbiosSmb IRP_MJ_CREATE 894377D0
Device \Driver\NetBT \Device\NetbiosSmb IRP_MJ_CLOSE 894377D0
Device \Driver\NetBT \Device\NetbiosSmb IRP_MJ_DEVICE_CONTROL 894377D0
Device \Driver\NetBT \Device\NetbiosSmb IRP_MJ_INTERNAL_DEVICE_CONTROL 894377D0
Device \Driver\NetBT \Device\NetbiosSmb IRP_MJ_CLEANUP 894377D0
Device \Driver\NetBT \Device\NetbiosSmb IRP_MJ_PNP 894377D0
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_CREATE [B840B10E] Mpfp.sys
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_CREATE_NAMED_PIPE [B840B10E] Mpfp.sys
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_CLOSE [B840B10E] Mpfp.sys
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_READ [B840B10E] Mpfp.sys
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_WRITE [B840B10E] Mpfp.sys
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_QUERY_INFORMATION [B840B10E] Mpfp.sys
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_SET_INFORMATION [B840B10E] Mpfp.sys
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_QUERY_EA [B840B10E] Mpfp.sys
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_SET_EA [B840B10E] Mpfp.sys
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_FLUSH_BUFFERS [B840B10E] Mpfp.sys
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_QUERY_VOLUME_INFORMATION [B840B10E] Mpfp.sys
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_SET_VOLUME_INFORMATION [B840B10E] Mpfp.sys
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_DIRECTORY_CONTROL [B840B10E] Mpfp.sys
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_FILE_SYSTEM_CONTROL [B840B10E] Mpfp.sys
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_DEVICE_CONTROL [B840B10E] Mpfp.sys
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_INTERNAL_DEVICE_CONTROL [B840B10E] Mpfp.sys
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_SHUTDOWN [B840B10E] Mpfp.sys
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_LOCK_CONTROL [B840B10E] Mpfp.sys
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_CLEANUP [B840B10E] Mpfp.sys
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_CREATE_MAILSLOT [B840B10E] Mpfp.sys
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_QUERY_SECURITY [B840B10E] Mpfp.sys
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_SET_SECURITY [B840B10E] Mpfp.sys
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_POWER [B840B10E] Mpfp.sys
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_SYSTEM_CONTROL [B840B10E] Mpfp.sys
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_DEVICE_CHANGE [B840B10E] Mpfp.sys
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_QUERY_QUOTA [B840B10E] Mpfp.sys
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_SET_QUOTA [B840B10E] Mpfp.sys
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_CREATE [B840B10E] Mpfp.sys
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_CREATE_NAMED_PIPE [B840B10E] Mpfp.sys
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_CLOSE [B840B10E] Mpfp.sys
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_READ [B840B10E] Mpfp.sys
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_WRITE [B840B10E] Mpfp.sys
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_QUERY_INFORMATION [B840B10E] Mpfp.sys
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_SET_INFORMATION [B840B10E] Mpfp.sys
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_QUERY_EA [B840B10E] Mpfp.sys
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_SET_EA [B840B10E] Mpfp.sys
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_FLUSH_BUFFERS [B840B10E] Mpfp.sys
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_QUERY_VOLUME_INFORMATION [B840B10E] Mpfp.sys
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_SET_VOLUME_INFORMATION [B840B10E] Mpfp.sys
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_DIRECTORY_CONTROL [B840B10E] Mpfp.sys
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_FILE_SYSTEM_CONTROL [B840B10E] Mpfp.sys
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_DEVICE_CONTROL [B840B10E] Mpfp.sys
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_INTERNAL_DEVICE_CONTROL [B840B10E] Mpfp.sys
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_SHUTDOWN [B840B10E] Mpfp.sys
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_LOCK_CONTROL [B840B10E] Mpfp.sys
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_CLEANUP [B840B10E] Mpfp.sys
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_CREATE_MAILSLOT [B840B10E] Mpfp.sys
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_QUERY_SECURITY [B840B10E] Mpfp.sys
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_SET_SECURITY [B840B10E] Mpfp.sys
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_POWER [B840B10E] Mpfp.sys
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_SYSTEM_CONTROL [B840B10E] Mpfp.sys
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_DEVICE_CHANGE [B840B10E] Mpfp.sys
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_QUERY_QUOTA [B840B10E] Mpfp.sys
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_SET_QUOTA [B840B10E] Mpfp.sys
Device \Driver\usbuhci \Device\USBFDO-0 IRP_MJ_CREATE 895B31D8
Device \Driver\usbuhci \Device\USBFDO-0 IRP_MJ_CLOSE 895B31D8
Device \Driver\usbuhci \Device\USBFDO-0 IRP_MJ_DEVICE_CONTROL 895B31D8
Device \Driver\usbuhci \Device\USBFDO-0 IRP_MJ_INTERNAL_DEVICE_CONTROL 895B31D8
Device \Driver\usbuhci \Device\USBFDO-0 IRP_MJ_POWER 895B31D8
Device \Driver\usbuhci \Device\USBFDO-0 IRP_MJ_SYSTEM_CONTROL 895B31D8
Device \Driver\usbuhci \Device\USBFDO-0 IRP_MJ_PNP 895B31D8
Device \Driver\usbuhci \Device\USBFDO-1 IRP_MJ_CREATE 895B31D8
Device \Driver\usbuhci \Device\USBFDO-1 IRP_MJ_CLOSE 895B31D8
Device \Driver\usbuhci \Device\USBFDO-1 IRP_MJ_DEVICE_CONTROL 895B31D8
Device \Driver\usbuhci \Device\USBFDO-1 IRP_MJ_INTERNAL_DEVICE_CONTROL 895B31D8
Device \Driver\usbuhci \Device\USBFDO-1 IRP_MJ_POWER 895B31D8
Device \Driver\usbuhci \Device\USBFDO-1 IRP_MJ_SYSTEM_CONTROL 895B31D8
Device \Driver\usbuhci \Device\USBFDO-1 IRP_MJ_PNP 895B31D8
Device \Driver\NetBT \Device\NetBT_Tcpip_{D45A3479-D790-45E5-AA58-5EC948A1873A} IRP_MJ_CREATE 894377D0
Device \Driver\NetBT \Device\NetBT_Tcpip_{D45A3479-D790-45E5-AA58-5EC948A1873A} IRP_MJ_CLOSE 894377D0
Device \Driver\NetBT \Device\NetBT_Tcpip_{D45A3479-D790-45E5-AA58-5EC948A1873A} IRP_MJ_DEVICE_CONTROL 894377D0
Device \Driver\NetBT \Device\NetBT_Tcpip_{D45A3479-D790-45E5-AA58-5EC948A1873A} IRP_MJ_INTERNAL_DEVICE_CONTROL 894377D0
Device \Driver\NetBT \Device\NetBT_Tcpip_{D45A3479-D790-45E5-AA58-5EC948A1873A} IRP_MJ_CLEANUP 894377D0
Device \Driver\NetBT \Device\NetBT_Tcpip_{D45A3479-D790-45E5-AA58-5EC948A1873A} IRP_MJ_PNP 894377D0
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_CREATE 892931D8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_CREATE_NAMED_PIPE 892931D8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_CLOSE 892931D8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_READ 892931D8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_WRITE 892931D8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_QUERY_INFORMATION 892931D8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_SET_INFORMATION 892931D8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_QUERY_EA 892931D8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_SET_EA 892931D8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_FLUSH_BUFFERS 892931D8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_QUERY_VOLUME_INFORMATION 892931D8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_SET_VOLUME_INFORMATION 892931D8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_DIRECTORY_CONTROL 892931D8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_FILE_SYSTEM_CONTROL 892931D8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_DEVICE_CONTROL 892931D8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_INTERNAL_DEVICE_CONTROL 892931D8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_SHUTDOWN 892931D8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_LOCK_CONTROL 892931D8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_CLEANUP 892931D8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_CREATE_MAILSLOT 892931D8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_QUERY_SECURITY 892931D8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_SET_SECURITY 892931D8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_POWER 892931D8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_SYSTEM_CONTROL 892931D8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_DEVICE_CHANGE 892931D8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_QUERY_QUOTA 892931D8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_SET_QUOTA 892931D8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_PNP 892931D8
Device \Driver\usbuhci \Device\USBFDO-2 IRP_MJ_CREATE 895B31D8
Device \Driver\usbuhci \Device\USBFDO-2 IRP_MJ_CLOSE 895B31D8
Device \Driver\usbuhci \Device\USBFDO-2 IRP_MJ_DEVICE_CONTROL 895B31D8
Device \Driver\usbuhci \Device\USBFDO-2 IRP_MJ_INTERNAL_DEVICE_CONTROL 895B31D8
Device \Driver\usbuhci \Device\USBFDO-2 IRP_MJ_POWER 895B31D8
Device \Driver\usbuhci \Device\USBFDO-2 IRP_MJ_SYSTEM_CONTROL 895B31D8
Device \Driver\usbuhci \Device\USBFDO-2 IRP_MJ_PNP 895B31D8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_CREATE 892931D8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_CREATE_NAMED_PIPE 892931D8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_CLOSE 892931D8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_READ 892931D8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_WRITE 892931D8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_QUERY_INFORMATION 892931D8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_SET_INFORMATION 892931D8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_QUERY_EA 892931D8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_SET_EA 892931D8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_FLUSH_BUFFERS 892931D8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_QUERY_VOLUME_INFORMATION 892931D8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_SET_VOLUME_INFORMATION 892931D8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_DIRECTORY_CONTROL 892931D8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_FILE_SYSTEM_CONTROL 892931D8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_DEVICE_CONTROL 892931D8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_INTERNAL_DEVICE_CONTROL 892931D8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_SHUTDOWN 892931D8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_LOCK_CONTROL 892931D8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_CLEANUP 892931D8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_CREATE_MAILSLOT 892931D8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_QUERY_SECURITY 892931D8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_SET_SECURITY 892931D8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_POWER 892931D8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_SYSTEM_CONTROL 892931D8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_DEVICE_CHANGE 892931D8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_QUERY_QUOTA 892931D8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_SET_QUOTA 892931D8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_PNP 892931D8
Device \Driver\usbehci \Device\USBFDO-3 IRP_MJ_CREATE 895A71D8
Device \Driver\usbehci \Device\USBFDO-3 IRP_MJ_CLOSE 895A71D8
Device \Driver\usbehci \Device\USBFDO-3 IRP_MJ_DEVICE_CONTROL 895A71D8
Device \Driver\usbehci \Device\USBFDO-3 IRP_MJ_INTERNAL_DEVICE_CONTROL 895A71D8
Device \Driver\usbehci \Device\USBFDO-3 IRP_MJ_POWER 895A71D8
Device \Driver\usbehci \Device\USBFDO-3 IRP_MJ_SYSTEM_CONTROL 895A71D8
Device \Driver\usbehci \Device\USBFDO-3 IRP_MJ_PNP 895A71D8
Device \Driver\Ftdisk \Device\FtControl IRP_MJ_CREATE 897951D8
Device \Driver\Ftdisk \Device\FtControl IRP_MJ_READ 897951D8
Device \Driver\Ftdisk \Device\FtControl IRP_MJ_WRITE 897951D8
Device \Driver\Ftdisk \Device\FtControl IRP_MJ_FLUSH_BUFFERS 897951D8
Device \Driver\Ftdisk \Device\FtControl IRP_MJ_DEVICE_CONTROL 897951D8
Device \Driver\Ftdisk \Device\FtControl IRP_MJ_INTERNAL_DEVICE_CONTROL 897951D8
Device \Driver\Ftdisk \Device\FtControl IRP_MJ_SHUTDOWN 897951D8
Device \Driver\Ftdisk \Device\FtControl IRP_MJ_CLEANUP 897951D8
Device \Driver\Ftdisk \Device\FtControl IRP_MJ_POWER 897951D8
Device \Driver\Ftdisk \Device\FtControl IRP_MJ_SYSTEM_CONTROL 897951D8
Device \Driver\Ftdisk \Device\FtControl IRP_MJ_PNP 897951D8
Device \Driver\aojktyf0 \Device\Scsi\aojktyf01Port2Path0Target0Lun0 IRP_MJ_CREATE 895031D8
Device \Driver\aojktyf0 \Device\Scsi\aojktyf01Port2Path0Target0Lun0 IRP_MJ_CLOSE 895031D8
Device \Driver\aojktyf0 \Device\Scsi\aojktyf01Port2Path0Target0Lun0 IRP_MJ_DEVICE_CONTROL 895031D8
Device \Driver\aojktyf0 \Device\Scsi\aojktyf01Port2Path0Target0Lun0 IRP_MJ_INTERNAL_DEVICE_CONTROL 895031D8
Device \Driver\aojktyf0 \Device\Scsi\aojktyf01Port2Path0Target0Lun0 IRP_MJ_POWER 895031D8
Device \Driver\aojktyf0 \Device\Scsi\aojktyf01Port2Path0Target0Lun0 IRP_MJ_SYSTEM_CONTROL 895031D8
Device \Driver\aojktyf0 \Device\Scsi\aojktyf01Port2Path0Target0Lun0 IRP_MJ_PNP 895031D8
Device \Driver\aojktyf0 \Device\Scsi\aojktyf01 IRP_MJ_CREATE 895031D8
Device \Driver\aojktyf0 \Device\Scsi\aojktyf01 IRP_MJ_CLOSE 895031D8
Device \Driver\aojktyf0 \Device\Scsi\aojktyf01 IRP_MJ_DEVICE_CONTROL 895031D8
Device \Driver\aojktyf0 \Device\Scsi\aojktyf01 IRP_MJ_INTERNAL_DEVICE_CONTROL 895031D8
Device \Driver\aojktyf0 \Device\Scsi\aojktyf01 IRP_MJ_POWER 895031D8
Device \Driver\aojktyf0 \Device\Scsi\aojktyf01 IRP_MJ_SYSTEM_CONTROL 895031D8
Device \Driver\aojktyf0 \Device\Scsi\aojktyf01 IRP_MJ_PNP 895031D8
Device \FileSystem\Fastfat \Fat IRP_MJ_CREATE 894D5340
Device \FileSystem\Fastfat \Fat IRP_MJ_CLOSE 894D5340
Device \FileSystem\Fastfat \Fat IRP_MJ_READ 894D5340
Device \FileSystem\Fastfat \Fat IRP_MJ_WRITE 894D5340
Device \FileSystem\Fastfat \Fat IRP_MJ_QUERY_INFORMATION 894D5340
Device \FileSystem\Fastfat \Fat IRP_MJ_SET_INFORMATION 894D5340
Device \FileSystem\Fastfat \Fat IRP_MJ_QUERY_EA 894D5340
Device \FileSystem\Fastfat \Fat IRP_MJ_SET_EA 894D5340
Device \FileSystem\Fastfat \Fat IRP_MJ_FLUSH_BUFFERS 894D5340
Device \FileSystem\Fastfat \Fat IRP_MJ_QUERY_VOLUME_INFORMATION 894D5340
Device \FileSystem\Fastfat \Fat IRP_MJ_SET_VOLUME_INFORMATION 894D5340
Device \FileSystem\Fastfat \Fat IRP_MJ_DIRECTORY_CONTROL 894D5340
Device \FileSystem\Fastfat \Fat IRP_MJ_FILE_SYSTEM_CONTROL 894D5340
Device \FileSystem\Fastfat \Fat IRP_MJ_DEVICE_CONTROL 894D5340
Device \FileSystem\Fastfat \Fat IRP_MJ_SHUTDOWN 894D5340
Device \FileSystem\Fastfat \Fat IRP_MJ_LOCK_CONTROL 894D5340
Device \FileSystem\Fastfat \Fat IRP_MJ_CLEANUP 894D5340
Device \FileSystem\Fastfat \Fat IRP_MJ_PNP 894D5340
AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_CREATE [B6CEFE01] mfehidk.sys
AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_CREATE_NAMED_PIPE [B6CEFE01] mfehidk.sys
AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_CLOSE [B6CEFE01] mfehidk.sys
AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_READ [B6CEFE01] mfehidk.sys
AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_WRITE [B6CEFE01] mfehidk.sys
AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_QUERY_INFORMATION [B6CEFE01] mfehidk.sys
AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_SET_INFORMATION [B6CEFE01] mfehidk.sys
AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_QUERY_EA [B6CEFE01] mfehidk.sys
AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_SET_EA [B6CEFE01] mfehidk.sys
AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_FLUSH_BUFFERS [B6CEFE01] mfehidk.sys
AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_QUERY_VOLUME_INFORMATION [B6CEFE01] mfehidk.sys
AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_SET_VOLUME_INFORMATION [B6CEFE01] mfehidk.sys
AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_DIRECTORY_CONTROL [B6CEFE01] mfehidk.sys
AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_FILE_SYSTEM_CONTROL [B6CEFE01] mfehidk.sys
AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_DEVICE_CONTROL [B6CEFE01] mfehidk.sys
AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_INTERNAL_DEVICE_CONTROL [B6CEFE01] mfehidk.sys
AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_SHUTDOWN [B6CEFE01] mfehidk.sys
AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_LOCK_CONTROL [B6CEFE01] mfehidk.sys
AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_CLEANUP [B6CEFE01] mfehidk.sys
AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_CREATE_MAILSLOT [B6CEFE01] mfehidk.sys
AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_QUERY_SECURITY [B6CEFE01] mfehidk.sys
AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_SET_SECURITY [B6CEFE01] mfehidk.sys
AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_POWER [B6CEFE01] mfehidk.sys
AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_SYSTEM_CONTROL [B6CEFE01] mfehidk.sys
AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_DEVICE_CHANGE [B6CEFE01] mfehidk.sys
AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_QUERY_QUOTA [B6CEFE01] mfehidk.sys
AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_SET_QUOTA [B6CEFE01] mfehidk.sys
Device \FileSystem\Cdfs \Cdfs IRP_MJ_CREATE 88C36990
Device \FileSystem\Cdfs \Cdfs IRP_MJ_CLOSE 88C36990
Device \FileSystem\Cdfs \Cdfs IRP_MJ_READ 88C36990
Device \FileSystem\Cdfs \Cdfs IRP_MJ_QUERY_INFORMATION 88C36990
Device \FileSystem\Cdfs \Cdfs IRP_MJ_SET_INFORMATION 88C36990
Device \FileSystem\Cdfs \Cdfs IRP_MJ_QUERY_VOLUME_INFORMATION 88C36990
Device \FileSystem\Cdfs \Cdfs IRP_MJ_DIRECTORY_CONTROL 88C36990
Device \FileSystem\Cdfs \Cdfs IRP_MJ_FILE_SYSTEM_CONTROL 88C36990
Device \FileSystem\Cdfs \Cdfs IRP_MJ_DEVICE_CONTROL 88C36990
Device \FileSystem\Cdfs \Cdfs IRP_MJ_SHUTDOWN 88C36990
Device \FileSystem\Cdfs \Cdfs IRP_MJ_LOCK_CONTROL 88C36990
Device \FileSystem\Cdfs \Cdfs IRP_MJ_CLEANUP 88C36990
Device \FileSystem\Cdfs \Cdfs IRP_MJ_PNP 88C36990
---- EOF - GMER 1.0.13 ----