- This topic has 16 ответов, 2 участника, and was last updated 15 years, 10 months назад by
.
-
Сообщения
-
Извините, не хотел показаться навязчивым. Ещё раз огромное спасибо за внимание! 😉
Ниже логи
ROOTREPEAL (c) AD, 2007-2009
==================================================
Scan Start Time: 2009/12/27 18:16
Program Version: Version 1.3.5.0
Windows Version: Windows XP SP3
==================================================Drivers
Name: dump_iaStor.sys
Image Path: C:WINDOWSSystem32Driversdump_iaStor.sys
Address: 0xACBDA000 Size: 892928 File Visible: No Signed: —
Status: —Name: PCI_PNP1270
Image Path: DriverPCI_PNP1270
Address: 0x00000000 Size: 0 File Visible: No Signed: —
Status: —Name: RKREVEAL150.SYS
Image Path: C:WINDOWSsystem32DriversRKREVEAL150.SYS
Address: 0xF79F1000 Size: 4128 File Visible: No Signed: —
Status: —Name: rootrepeal.sys
Image Path: C:WINDOWSsystem32driversrootrepeal.sys
Address: 0xA9575000 Size: 49152 File Visible: No Signed: —
Status: —Name: spkw.sys
Image Path: spkw.sys
Address: 0xF7436000 Size: 1048576 File Visible: No Signed: —
Status: —Name: sptd
Image Path: Driversptd
Address: 0x00000000 Size: 0 File Visible: No Signed: —
Status: —Hidden/Locked Files
Path: C:hiberfil.sys
Status: Locked to the Windows API!Path: c:documents and settingsall usersapplication datakaspersky labavp9basescacheav77.tmp
Status: Allocation size mismatch (API: 21069824, Raw: 0)SSDT
#: 011 Function Name: NtAdjustPrivilegesToken
Status: Hooked by «C:WINDOWSsystem32DRIVERSklif.sys» at address 0xad67e58c#: 025 Function Name: NtClose
Status: Hooked by «C:WINDOWSsystem32DRIVERSklif.sys» at address 0xad67ee0c#: 031 Function Name: NtConnectPort
Status: Hooked by «C:WINDOWSsystem32DRIVERSklif.sys» at address 0xad67f922#: 035 Function Name: NtCreateEvent
Status: Hooked by «C:WINDOWSsystem32DRIVERSklif.sys» at address 0xad67fe94#: 037 Function Name: NtCreateFile
Status: Hooked by «C:WINDOWSsystem32DRIVERSklif.sys» at address 0xad67f0ee#: 041 Function Name: NtCreateKey
Status: Hooked by «C:WINDOWSsystem32DRIVERSklif.sys» at address 0xad67d436#: 043 Function Name: NtCreateMutant
Status: Hooked by «C:WINDOWSsystem32DRIVERSklif.sys» at address 0xad67fd6c#: 044 Function Name: NtCreateNamedPipeFile
Status: Hooked by «C:WINDOWSsystem32DRIVERSklif.sys» at address 0xad67e192#: 046 Function Name: NtCreatePort
Status: Hooked by «C:WINDOWSsystem32DRIVERSklif.sys» at address 0xad67fc28#: 050 Function Name: NtCreateSection
Status: Hooked by «C:WINDOWSsystem32DRIVERSklif.sys» at address 0xad67e34e#: 051 Function Name: NtCreateSemaphore
Status: Hooked by «C:WINDOWSsystem32DRIVERSklif.sys» at address 0xad67ffc6#: 052 Function Name: NtCreateSymbolicLinkObject
Status: Hooked by «C:WINDOWSsystem32DRIVERSklif.sys» at address 0xad681c08#: 053 Function Name: NtCreateThread
Status: Hooked by «C:WINDOWSsystem32DRIVERSklif.sys» at address 0xad67eaaa#: 056 Function Name: NtCreateWaitablePort
Status: Hooked by «C:WINDOWSsystem32DRIVERSklif.sys» at address 0xad67fcca#: 057 Function Name: NtDebugActiveProcess
Status: Hooked by «C:WINDOWSsystem32DRIVERSklif.sys» at address 0xad6815fa#: 063 Function Name: NtDeleteKey
Status: Hooked by «C:WINDOWSsystem32DRIVERSklif.sys» at address 0xad67d9fa#: 065 Function Name: NtDeleteValueKey
Status: Hooked by «C:WINDOWSsystem32DRIVERSklif.sys» at address 0xad67dd88#: 066 Function Name: NtDeviceIoControlFile
Status: Hooked by «C:WINDOWSsystem32DRIVERSklif.sys» at address 0xad67f576#: 068 Function Name: NtDuplicateObject
Status: Hooked by «C:WINDOWSsystem32DRIVERSklif.sys» at address 0xad6825ca#: 071 Function Name: NtEnumerateKey
Status: Hooked by «C:WINDOWSsystem32DRIVERSklif.sys» at address 0xad67deca#: 073 Function Name: NtEnumerateValueKey
Status: Hooked by «C:WINDOWSsystem32DRIVERSklif.sys» at address 0xad67df74#: 084 Function Name: NtFsControlFile
Status: Hooked by «C:WINDOWSsystem32DRIVERSklif.sys» at address 0xad67f382#: 097 Function Name: NtLoadDriver
Status: Hooked by «C:WINDOWSsystem32DRIVERSklif.sys» at address 0xad68168c#: 098 Function Name: NtLoadKey
Status: Hooked by «C:WINDOWSsystem32DRIVERSklif.sys» at address 0xad67d412#: 099 Function Name: NtLoadKey2
Status: Hooked by «C:WINDOWSsystem32DRIVERSklif.sys» at address 0xad67d424#: 108 Function Name: NtMapViewOfSection
Status: Hooked by «C:WINDOWSsystem32DRIVERSklif.sys» at address 0xad681cbc#: 111 Function Name: NtNotifyChangeKey
Status: Hooked by «C:WINDOWSsystem32DRIVERSklif.sys» at address 0xad67e0c0#: 114 Function Name: NtOpenEvent
Status: Hooked by «C:WINDOWSsystem32DRIVERSklif.sys» at address 0xad67ff36#: 116 Function Name: NtOpenFile
Status: Hooked by «C:WINDOWSsystem32DRIVERSklif.sys» at address 0xad67ee8e#: 119 Function Name: NtOpenKey
Status: Hooked by «C:WINDOWSsystem32DRIVERSklif.sys» at address 0xad67d5dc#: 120 Function Name: NtOpenMutant
Status: Hooked by «C:WINDOWSsystem32DRIVERSklif.sys» at address 0xad67fe04#: 122 Function Name: NtOpenProcess
Status: Hooked by «C:WINDOWSsystem32DRIVERSklif.sys» at address 0xad67e792#: 125 Function Name: NtOpenSection
Status: Hooked by «C:WINDOWSsystem32DRIVERSklif.sys» at address 0xad681c32#: 126 Function Name: NtOpenSemaphore
Status: Hooked by «C:WINDOWSsystem32DRIVERSklif.sys» at address 0xad680068#: 128 Function Name: NtOpenThread
Status: Hooked by «C:WINDOWSsystem32DRIVERSklif.sys» at address 0xad67e6b6#: 160 Function Name: NtQueryKey
Status: Hooked by «C:WINDOWSsystem32DRIVERSklif.sys» at address 0xad67e01e#: 161 Function Name: NtQueryMultipleValueKey
Status: Hooked by «C:WINDOWSsystem32DRIVERSklif.sys» at address 0xad67dc46#: 167 Function Name: NtQuerySection
Status: Hooked by «C:WINDOWSsystem32DRIVERSklif.sys» at address 0xad681fd4#: 177 Function Name: NtQueryValueKey
Status: Hooked by «C:WINDOWSsystem32DRIVERSklif.sys» at address 0xad67d896#: 180 Function Name: NtQueueApcThread
Status: Hooked by «C:WINDOWSsystem32DRIVERSklif.sys» at address 0xad681922#: 192 Function Name: NtRenameKey
Status: Hooked by «C:WINDOWSsystem32DRIVERSklif.sys» at address 0xad67db0e#: 193 Function Name: NtReplaceKey
Status: Hooked by «C:WINDOWSsystem32DRIVERSklif.sys» at address 0xad67d2b0#: 194 Function Name: NtReplyPort
Status: Hooked by «C:WINDOWSsystem32DRIVERSklif.sys» at address 0xad6803f2#: 195 Function Name: NtReplyWaitReceivePort
Status: Hooked by «C:WINDOWSsystem32DRIVERSklif.sys» at address 0xad6802b8#: 200 Function Name: NtRequestWaitReplyPort
Status: Hooked by «C:WINDOWSsystem32DRIVERSklif.sys» at address 0xad68139a#: 204 Function Name: NtRestoreKey
Status: Hooked by «C:WINDOWSsystem32DRIVERSklif.sys» at address 0xad684e2c#: 206 Function Name: NtResumeThread
Status: Hooked by «C:WINDOWSsystem32DRIVERSklif.sys» at address 0xad6824ac#: 207 Function Name: NtSaveKey
Status: Hooked by «C:WINDOWSsystem32DRIVERSklif.sys» at address 0xad67d248#: 210 Function Name: NtSecureConnectPort
Status: Hooked by «C:WINDOWSsystem32DRIVERSklif.sys» at address 0xad67f65c#: 213 Function Name: NtSetContextThread
Status: Hooked by «C:WINDOWSsystem32DRIVERSklif.sys» at address 0xad67ecc8#: 230 Function Name: NtSetInformationToken
Status: Hooked by «C:WINDOWSsystem32DRIVERSklif.sys» at address 0xad680c4a#: 237 Function Name: NtSetSecurityObject
Status: Hooked by «C:WINDOWSsystem32DRIVERSklif.sys» at address 0xad681786#: 240 Function Name: NtSetSystemInformation
Status: Hooked by «C:WINDOWSsystem32DRIVERSklif.sys» at address 0xad682114#: 247 Function Name: NtSetValueKey
Status: Hooked by «C:WINDOWSsystem32DRIVERSklif.sys» at address 0xad67d71e#: 253 Function Name: NtSuspendProcess
Status: Hooked by «C:WINDOWSsystem32DRIVERSklif.sys» at address 0xad6821f8#: 254 Function Name: NtSuspendThread
Status: Hooked by «C:WINDOWSsystem32DRIVERSklif.sys» at address 0xad682320#: 255 Function Name: NtSystemDebugControl
Status: Hooked by «C:WINDOWSsystem32DRIVERSklif.sys» at address 0xad681526#: 257 Function Name: NtTerminateProcess
Status: Hooked by «C:WINDOWSsystem32DRIVERSklif.sys» at address 0xad67e90a#: 258 Function Name: NtTerminateThread
Status: Hooked by «C:WINDOWSsystem32DRIVERSklif.sys» at address 0xad67e860#: 267 Function Name: NtUnmapViewOfSection
Status: Hooked by «C:WINDOWSsystem32DRIVERSklif.sys» at address 0xad681e8a#: 277 Function Name: NtWriteVirtualMemory
Status: Hooked by «C:WINDOWSsystem32DRIVERSklif.sys» at address 0xad67e9eaStealth Objects
Object: Hidden Code [Driver: Ntfs, IRP_MJ_CREATE]
Process: System Address: 0x89b9f1f8 Size: 121Object: Hidden Code [Driver: Ntfs, IRP_MJ_CLOSE]
Process: System Address: 0x89b9f1f8 Size: 121Object: Hidden Code [Driver: Ntfs, IRP_MJ_READ]
Process: System Address: 0x89b9f1f8 Size: 121Object: Hidden Code [Driver: Ntfs, IRP_MJ_WRITE]
Process: System Address: 0x89b9f1f8 Size: 121Object: Hidden Code [Driver: Ntfs, IRP_MJ_QUERY_INFORMATION]
Process: System Address: 0x89b9f1f8 Size: 121Object: Hidden Code [Driver: Ntfs, IRP_MJ_SET_INFORMATION]
Process: System Address: 0x89b9f1f8 Size: 121Object: Hidden Code [Driver: Ntfs, IRP_MJ_QUERY_EA]
Process: System Address: 0x89b9f1f8 Size: 121Object: Hidden Code [Driver: Ntfs, IRP_MJ_SET_EA]
Process: System Address: 0x89b9f1f8 Size: 121Object: Hidden Code [Driver: Ntfs, IRP_MJ_FLUSH_BUFFERS]
Process: System Address: 0x89b9f1f8 Size: 121Object: Hidden Code [Driver: Ntfs, IRP_MJ_QUERY_VOLUME_INFORMATION]
Process: System Address: 0x89b9f1f8 Size: 121Object: Hidden Code [Driver: Ntfs, IRP_MJ_SET_VOLUME_INFORMATION]
Process: System Address: 0x89b9f1f8 Size: 121Object: Hidden Code [Driver: Ntfs, IRP_MJ_DIRECTORY_CONTROL]
Process: System Address: 0x89b9f1f8 Size: 121Object: Hidden Code [Driver: Ntfs, IRP_MJ_FILE_SYSTEM_CONTROL]
Process: System Address: 0x89b9f1f8 Size: 121Object: Hidden Code [Driver: Ntfs, IRP_MJ_DEVICE_CONTROL]
Process: System Address: 0x89b9f1f8 Size: 121Object: Hidden Code [Driver: Ntfs, IRP_MJ_SHUTDOWN]
Process: System Address: 0x89b9f1f8 Size: 121Object: Hidden Code [Driver: Ntfs, IRP_MJ_LOCK_CONTROL]
Process: System Address: 0x89b9f1f8 Size: 121Object: Hidden Code [Driver: Ntfs, IRP_MJ_CLEANUP]
Process: System Address: 0x89b9f1f8 Size: 121Object: Hidden Code [Driver: Ntfs, IRP_MJ_QUERY_SECURITY]
Process: System Address: 0x89b9f1f8 Size: 121Object: Hidden Code [Driver: Ntfs, IRP_MJ_SET_SECURITY]
Process: System Address: 0x89b9f1f8 Size: 121Object: Hidden Code [Driver: Ntfs, IRP_MJ_QUERY_QUOTA]
Process: System Address: 0x89b9f1f8 Size: 121Object: Hidden Code [Driver: Ntfs, IRP_MJ_SET_QUOTA]
Process: System Address: 0x89b9f1f8 Size: 121Object: Hidden Code [Driver: Ntfs, IRP_MJ_PNP]
Process: System Address: 0x89b9f1f8 Size: 121Object: Hidden Code [Driver: Fastfat, IRP_MJ_CREATE]
Process: System Address: 0x823561f8 Size: 121Object: Hidden Code [Driver: Fastfat, IRP_MJ_CLOSE]
Process: System Address: 0x823561f8 Size: 121Object: Hidden Code [Driver: Fastfat, IRP_MJ_READ]
Process: System Address: 0x823561f8 Size: 121Object: Hidden Code [Driver: Fastfat, IRP_MJ_WRITE]
Process: System Address: 0x823561f8 Size: 121Object: Hidden Code [Driver: Fastfat, IRP_MJ_QUERY_INFORMATION]
Process: System Address: 0x823561f8 Size: 121Object: Hidden Code [Driver: Fastfat, IRP_MJ_SET_INFORMATION]
Process: System Address: 0x823561f8 Size: 121Object: Hidden Code [Driver: Fastfat, IRP_MJ_QUERY_EA]
Process: System Address: 0x823561f8 Size: 121Object: Hidden Code [Driver: Fastfat, IRP_MJ_SET_EA]
Process: System Address: 0x823561f8 Size: 121Object: Hidden Code [Driver: Fastfat, IRP_MJ_FLUSH_BUFFERS]
Process: System Address: 0x823561f8 Size: 121Object: Hidden Code [Driver: Fastfat, IRP_MJ_QUERY_VOLUME_INFORMATION]
Process: System Address: 0x823561f8 Size: 121Object: Hidden Code [Driver: Fastfat, IRP_MJ_SET_VOLUME_INFORMATION]
Process: System Address: 0x823561f8 Size: 121Object: Hidden Code [Driver: Fastfat, IRP_MJ_DIRECTORY_CONTROL]
Process: System Address: 0x823561f8 Size: 121Object: Hidden Code [Driver: Fastfat, IRP_MJ_FILE_SYSTEM_CONTROL]
Process: System Address: 0x823561f8 Size: 121Object: Hidden Code [Driver: Fastfat, IRP_MJ_DEVICE_CONTROL]
Process: System Address: 0x823561f8 Size: 121Object: Hidden Code [Driver: Fastfat, IRP_MJ_SHUTDOWN]
Process: System Address: 0x823561f8 Size: 121Object: Hidden Code [Driver: Fastfat, IRP_MJ_LOCK_CONTROL]
Process: System Address: 0x823561f8 Size: 121Object: Hidden Code [Driver: Fastfat, IRP_MJ_CLEANUP]
Process: System Address: 0x823561f8 Size: 121Object: Hidden Code [Driver: Fastfat, IRP_MJ_PNP]
Process: System Address: 0x823561f8 Size: 121Object: Hidden Code [Driver: USBSTOR, IRP_MJ_CREATE]
Process: System Address: 0x853f61f8 Size: 121Object: Hidden Code [Driver: USBSTOR, IRP_MJ_CLOSE]
Process: System Address: 0x853f61f8 Size: 121Object: Hidden Code [Driver: USBSTOR, IRP_MJ_READ]
Process: System Address: 0x853f61f8 Size: 121Object: Hidden Code [Driver: USBSTOR, IRP_MJ_WRITE]
Process: System Address: 0x853f61f8 Size: 121Object: Hidden Code [Driver: USBSTOR, IRP_MJ_DEVICE_CONTROL]
Process: System Address: 0x853f61f8 Size: 121Object: Hidden Code [Driver: USBSTOR, IRP_MJ_INTERNAL_DEVICE_CONTROL]
Process: System Address: 0x853f61f8 Size: 121Object: Hidden Code [Driver: USBSTOR, IRP_MJ_POWER]
Process: System Address: 0x853f61f8 Size: 121Object: Hidden Code [Driver: USBSTOR, IRP_MJ_SYSTEM_CONTROL]
Process: System Address: 0x853f61f8 Size: 121Object: Hidden Code [Driver: USBSTOR, IRP_MJ_PNP]
Process: System Address: 0x853f61f8 Size: 121Object: Hidden Code [Driver: dmio, IRP_MJ_CREATE]
Process: System Address: 0x89c0f1f8 Size: 121Object: Hidden Code [Driver: dmio, IRP_MJ_CLOSE]
Process: System Address: 0x89c0f1f8 Size: 121Object: Hidden Code [Driver: dmio, IRP_MJ_READ]
Process: System Address: 0x89c0f1f8 Size: 121Object: Hidden Code [Driver: dmio, IRP_MJ_WRITE]
Process: System Address: 0x89c0f1f8 Size: 121Object: Hidden Code [Driver: dmio, IRP_MJ_FLUSH_BUFFERS]
Process: System Address: 0x89c0f1f8 Size: 121Object: Hidden Code [Driver: dmio, IRP_MJ_DEVICE_CONTROL]
Process: System Address: 0x89c0f1f8 Size: 121Object: Hidden Code [Driver: dmio, IRP_MJ_INTERNAL_DEVICE_CONTROL]
Process: System Address: 0x89c0f1f8 Size: 121Object: Hidden Code [Driver: dmio, IRP_MJ_SHUTDOWN]
Process: System Address: 0x89c0f1f8 Size: 121Object: Hidden Code [Driver: dmio, IRP_MJ_POWER]
Process: System Address: 0x89c0f1f8 Size: 121Object: Hidden Code [Driver: dmio, IRP_MJ_SYSTEM_CONTROL]
Process: System Address: 0x89c0f1f8 Size: 121Object: Hidden Code [Driver: dmio, IRP_MJ_PNP]
Process: System Address: 0x89c0f1f8 Size: 121Object: Hidden Code [Driver: usbuhci, IRP_MJ_CREATE]
Process: System Address: 0x89b171f8 Size: 121Object: Hidden Code [Driver: usbuhci, IRP_MJ_CLOSE]
Process: System Address: 0x89b171f8 Size: 121Object: Hidden Code [Driver: usbuhci, IRP_MJ_DEVICE_CONTROL]
Process: System Address: 0x89b171f8 Size: 121Object: Hidden Code [Driver: usbuhci, IRP_MJ_INTERNAL_DEVICE_CONTROL]
Process: System Address: 0x89b171f8 Size: 121Object: Hidden Code [Driver: usbuhci, IRP_MJ_POWER]
Process: System Address: 0x89b171f8 Size: 121Object: Hidden Code [Driver: usbuhci, IRP_MJ_SYSTEM_CONTROL]
Process: System Address: 0x89b171f8 Size: 121Object: Hidden Code [Driver: usbuhci, IRP_MJ_PNP]
Process: System Address: 0x89b171f8 Size: 121Object: Hidden Code [Driver: Cdrom, IRP_MJ_CREATE]
Process: System Address: 0x89081500 Size: 121Object: Hidden Code [Driver: Cdrom, IRP_MJ_CLOSE]
Process: System Address: 0x89081500 Size: 121Object: Hidden Code [Driver: Cdrom, IRP_MJ_READ]
Process: System Address: 0x89081500 Size: 121Object: Hidden Code [Driver: Cdrom, IRP_MJ_WRITE]
Process: System Address: 0x89081500 Size: 121Object: Hidden Code [Driver: Cdrom, IRP_MJ_FLUSH_BUFFERS]
Process: System Address: 0x89081500 Size: 121Object: Hidden Code [Driver: Cdrom, IRP_MJ_DEVICE_CONTROL]
Process: System Address: 0x89081500 Size: 121Object: Hidden Code [Driver: Cdrom, IRP_MJ_INTERNAL_DEVICE_CONTROL]
Process: System Address: 0x89081500 Size: 121Object: Hidden Code [Driver: Cdrom, IRP_MJ_SHUTDOWN]
Process: System Address: 0x89081500 Size: 121Object: Hidden Code [Driver: Cdrom, IRP_MJ_POWER]
Process: System Address: 0x89081500 Size: 121Object: Hidden Code [Driver: Cdrom, IRP_MJ_SYSTEM_CONTROL]
Process: System Address: 0x89081500 Size: 121Object: Hidden Code [Driver: Cdrom, IRP_MJ_PNP]
Process: System Address: 0x89081500 Size: 121Object: Hidden Code [Driver: Ftdisk, IRP_MJ_CREATE]
Process: System Address: 0x89ba11f8 Size: 121Object: Hidden Code [Driver: Ftdisk, IRP_MJ_READ]
Process: System Address: 0x89ba11f8 Size: 121Object: Hidden Code [Driver: Ftdisk, IRP_MJ_WRITE]
Process: System Address: 0x89ba11f8 Size: 121Object: Hidden Code [Driver: Ftdisk, IRP_MJ_FLUSH_BUFFERS]
Process: System Address: 0x89ba11f8 Size: 121Object: Hidden Code [Driver: Ftdisk, IRP_MJ_DEVICE_CONTROL]
Process: System Address: 0x89ba11f8 Size: 121Object: Hidden Code [Driver: Ftdisk, IRP_MJ_INTERNAL_DEVICE_CONTROL]
Process: System Address: 0x89ba11f8 Size: 121Object: Hidden Code [Driver: Ftdisk, IRP_MJ_SHUTDOWN]
Process: System Address: 0x89ba11f8 Size: 121Object: Hidden Code [Driver: Ftdisk, IRP_MJ_CLEANUP]
Process: System Address: 0x89ba11f8 Size: 121Object: Hidden Code [Driver: Ftdisk, IRP_MJ_POWER]
Process: System Address: 0x89ba11f8 Size: 121Object: Hidden Code [Driver: Ftdisk, IRP_MJ_SYSTEM_CONTROL]
Process: System Address: 0x89ba11f8 Size: 121Object: Hidden Code [Driver: Ftdisk, IRP_MJ_PNP]
Process: System Address: 0x89ba11f8 Size: 121Object: Hidden Code [Driver: a30ymgiaȅఐ卆浩, IRP_MJ_CREATE]
Process: System Address: 0x8907c1f8 Size: 121Object: Hidden Code [Driver: a30ymgiaȅఐ卆浩, IRP_MJ_CLOSE]
Process: System Address: 0x8907c1f8 Size: 121Object: Hidden Code [Driver: a30ymgiaȅఐ卆浩, IRP_MJ_DEVICE_CONTROL]
Process: System Address: 0x8907c1f8 Size: 121Object: Hidden Code [Driver: a30ymgiaȅఐ卆浩, IRP_MJ_INTERNAL_DEVICE_CONTROL]
Process: System Address: 0x8907c1f8 Size: 121Object: Hidden Code [Driver: a30ymgiaȅఐ卆浩, IRP_MJ_POWER]
Process: System Address: 0x8907c1f8 Size: 121Object: Hidden Code [Driver: a30ymgiaȅఐ卆浩, IRP_MJ_SYSTEM_CONTROL]
Process: System Address: 0x8907c1f8 Size: 121Object: Hidden Code [Driver: a30ymgiaȅఐ卆浩, IRP_MJ_PNP]
Process: System Address: 0x8907c1f8 Size: 121Object: Hidden Code [Driver: NetBT, IRP_MJ_CREATE]
Process: System Address: 0x85440500 Size: 121Object: Hidden Code [Driver: NetBT, IRP_MJ_CLOSE]
Process: System Address: 0x85440500 Size: 121Object: Hidden Code [Driver: NetBT, IRP_MJ_DEVICE_CONTROL]
Process: System Address: 0x85440500 Size: 121Object: Hidden Code [Driver: NetBT, IRP_MJ_INTERNAL_DEVICE_CONTROL]
Process: System Address: 0x85440500 Size: 121Object: Hidden Code [Driver: NetBT, IRP_MJ_CLEANUP]
Process: System Address: 0x85440500 Size: 121Object: Hidden Code [Driver: NetBT, IRP_MJ_PNP]
Process: System Address: 0x85440500 Size: 121Object: Hidden Code [Driver: usbehci, IRP_MJ_CREATE]
Process: System Address: 0x89b19500 Size: 121Object: Hidden Code [Driver: usbehci, IRP_MJ_CLOSE]
Process: System Address: 0x89b19500 Size: 121Object: Hidden Code [Driver: usbehci, IRP_MJ_DEVICE_CONTROL]
Process: System Address: 0x89b19500 Size: 121Object: Hidden Code [Driver: usbehci, IRP_MJ_INTERNAL_DEVICE_CONTROL]
Process: System Address: 0x89b19500 Size: 121Object: Hidden Code [Driver: usbehci, IRP_MJ_POWER]
Process: System Address: 0x89b19500 Size: 121Object: Hidden Code [Driver: usbehci, IRP_MJ_SYSTEM_CONTROL]
Process: System Address: 0x89b19500 Size: 121Object: Hidden Code [Driver: usbehci, IRP_MJ_PNP]
Process: System Address: 0x89b19500 Size: 121Object: Hidden Code [Driver: MRxSmb, IRP_MJ_CREATE]
Process: System Address: 0x8541b1f8 Size: 121Object: Hidden Code [Driver: MRxSmb, IRP_MJ_CREATE_NAMED_PIPE]
Process: System Address: 0x8541b1f8 Size: 121Object: Hidden Code [Driver: MRxSmb, IRP_MJ_CLOSE]
Process: System Address: 0x8541b1f8 Size: 121Object: Hidden Code [Driver: MRxSmb, IRP_MJ_READ]
Process: System Address: 0x8541b1f8 Size: 121Object: Hidden Code [Driver: MRxSmb, IRP_MJ_WRITE]
Process: System Address: 0x8541b1f8 Size: 121Object: Hidden Code [Driver: MRxSmb, IRP_MJ_QUERY_INFORMATION]
Process: System Address: 0x8541b1f8 Size: 121Object: Hidden Code [Driver: MRxSmb, IRP_MJ_SET_INFORMATION]
Process: System Address: 0x8541b1f8 Size: 121Object: Hidden Code [Driver: MRxSmb, IRP_MJ_QUERY_EA]
Process: System Address: 0x8541b1f8 Size: 121Object: Hidden Code [Driver: MRxSmb, IRP_MJ_SET_EA]
Process: System Address: 0x8541b1f8 Size: 121Object: Hidden Code [Driver: MRxSmb, IRP_MJ_FLUSH_BUFFERS]
Process: System Address: 0x8541b1f8 Size: 121Object: Hidden Code [Driver: MRxSmb, IRP_MJ_QUERY_VOLUME_INFORMATION]
Process: System Address: 0x8541b1f8 Size: 121Object: Hidden Code [Driver: MRxSmb, IRP_MJ_SET_VOLUME_INFORMATION]
Process: System Address: 0x8541b1f8 Size: 121Object: Hidden Code [Driver: MRxSmb, IRP_MJ_DIRECTORY_CONTROL]
Process: System Address: 0x8541b1f8 Size: 121Object: Hidden Code [Driver: MRxSmb, IRP_MJ_FILE_SYSTEM_CONTROL]
Process: System Address: 0x8541b1f8 Size: 121Object: Hidden Code [Driver: MRxSmb, IRP_MJ_DEVICE_CONTROL]
Process: System Address: 0x8541b1f8 Size: 121Object: Hidden Code [Driver: MRxSmb, IRP_MJ_INTERNAL_DEVICE_CONTROL]
Process: System Address: 0x8541b1f8 Size: 121Object: Hidden Code [Driver: MRxSmb, IRP_MJ_SHUTDOWN]
Process: System Address: 0x8541b1f8 Size: 121Object: Hidden Code [Driver: MRxSmb, IRP_MJ_LOCK_CONTROL]
Process: System Address: 0x8541b1f8 Size: 121Object: Hidden Code [Driver: MRxSmb, IRP_MJ_CLEANUP]
Process: System Address: 0x8541b1f8 Size: 121Object: Hidden Code [Driver: MRxSmb, IRP_MJ_CREATE_MAILSLOT]
Process: System Address: 0x8541b1f8 Size: 121Object: Hidden Code [Driver: MRxSmb, IRP_MJ_QUERY_SECURITY]
Process: System Address: 0x8541b1f8 Size: 121Object: Hidden Code [Driver: MRxSmb, IRP_MJ_SET_SECURITY]
Process: System Address: 0x8541b1f8 Size: 121Object: Hidden Code [Driver: MRxSmb, IRP_MJ_POWER]
Process: System Address: 0x8541b1f8 Size: 121Object: Hidden Code [Driver: MRxSmb, IRP_MJ_SYSTEM_CONTROL]
Process: System Address: 0x8541b1f8 Size: 121Object: Hidden Code [Driver: MRxSmb, IRP_MJ_DEVICE_CHANGE]
Process: System Address: 0x8541b1f8 Size: 121Object: Hidden Code [Driver: MRxSmb, IRP_MJ_QUERY_QUOTA]
Process: System Address: 0x8541b1f8 Size: 121Object: Hidden Code [Driver: MRxSmb, IRP_MJ_SET_QUOTA]
Process: System Address: 0x8541b1f8 Size: 121Object: Hidden Code [Driver: MRxSmb, IRP_MJ_PNP]
Process: System Address: 0x8541b1f8 Size: 121Object: Hidden Code [Driver: Cdfsȅఝ䵆湦Ú, IRP_MJ_CREATE]
Process: System Address: 0x823b21f8 Size: 121Object: Hidden Code [Driver: Cdfsȅఝ䵆湦Ú, IRP_MJ_CLOSE]
Process: System Address: 0x823b21f8 Size: 121Object: Hidden Code [Driver: Cdfsȅఝ䵆湦Ú, IRP_MJ_READ]
Process: System Address: 0x823b21f8 Size: 121Object: Hidden Code [Driver: Cdfsȅఝ䵆湦Ú, IRP_MJ_QUERY_INFORMATION]
Process: System Address: 0x823b21f8 Size: 121Object: Hidden Code [Driver: Cdfsȅఝ䵆湦Ú, IRP_MJ_SET_INFORMATION]
Process: System Address: 0x823b21f8 Size: 121Object: Hidden Code [Driver: Cdfsȅఝ䵆湦Ú, IRP_MJ_QUERY_VOLUME_INFORMATION]
Process: System Address: 0x823b21f8 Size: 121Object: Hidden Code [Driver: Cdfsȅఝ䵆湦Ú, IRP_MJ_DIRECTORY_CONTROL]
Process: System Address: 0x823b21f8 Size: 121Object: Hidden Code [Driver: Cdfsȅఝ䵆湦Ú, IRP_MJ_FILE_SYSTEM_CONTROL]
Process: System Address: 0x823b21f8 Size: 121Object: Hidden Code [Driver: Cdfsȅఝ䵆湦Ú, IRP_MJ_DEVICE_CONTROL]
Process: System Address: 0x823b21f8 Size: 121Object: Hidden Code [Driver: Cdfsȅఝ䵆湦Ú, IRP_MJ_SHUTDOWN]
Process: System Address: 0x823b21f8 Size: 121Object: Hidden Code [Driver: Cdfsȅఝ䵆湦Ú, IRP_MJ_LOCK_CONTROL]
Process: System Address: 0x823b21f8 Size: 121Object: Hidden Code [Driver: Cdfsȅఝ䵆湦Ú, IRP_MJ_CLEANUP]
Process: System Address: 0x823b21f8 Size: 121Object: Hidden Code [Driver: Cdfsȅఝ䵆湦Ú, IRP_MJ_PNP]
Process: System Address: 0x823b21f8 Size: 121==EOF==
- Для ответа в этой теме необходимо авторизоваться.
