1. You are viewing our forum as a guest. For full access please Register. WindowsBBS.com is completely free, paid for by advertisers and donations.

XP: Taskbar/Start Menu gone, desktop icons unmovable, more sypmtoms inside

Discussion in 'Malware and Virus Removal Archive' started by Flapdoodle, 2007/10/09.

Page 3 of 3
  1. 2007/10/12
    noahdfear

    noahdfear Inactive

    Joined:
    2003/04/06
    Messages:
    12,178
    Likes Received:
    15
    Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_CREATE 8AECE1E8
    Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_CLOSE 8AECE1E8
    Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_READ 8AECE1E8
    Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_WRITE 8AECE1E8
    Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_FLUSH_BUFFERS 8AECE1E8
    Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_DEVICE_CONTROL 8AECE1E8
    Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_INTERNAL_DEVICE_CONTROL 8AECE1E8
    Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_SHUTDOWN 8AECE1E8
    Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_POWER 8AECE1E8
    Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_SYSTEM_CONTROL 8AECE1E8
    Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_PNP 8AECE1E8
    Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_CREATE 8AECE1E8
    Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_CLOSE 8AECE1E8
    Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_READ 8AECE1E8
    Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_WRITE 8AECE1E8
    Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_FLUSH_BUFFERS 8AECE1E8
    Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_DEVICE_CONTROL 8AECE1E8
    Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_INTERNAL_DEVICE_CONTROL 8AECE1E8
    Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_SHUTDOWN 8AECE1E8
    Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_POWER 8AECE1E8
    Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_SYSTEM_CONTROL 8AECE1E8
    Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_PNP 8AECE1E8
    Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_CREATE 8AECE1E8
    Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_CLOSE 8AECE1E8
    Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_READ 8AECE1E8
    Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_WRITE 8AECE1E8
    Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_FLUSH_BUFFERS 8AECE1E8
    Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_DEVICE_CONTROL 8AECE1E8
    Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_INTERNAL_DEVICE_CONTROL 8AECE1E8
    Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_SHUTDOWN 8AECE1E8
    Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_POWER 8AECE1E8
    Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_SYSTEM_CONTROL 8AECE1E8
    Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_PNP 8AECE1E8
    Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_CREATE 8AECE1E8
    Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_CLOSE 8AECE1E8
    Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_READ 8AECE1E8
    Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_WRITE 8AECE1E8
    Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_FLUSH_BUFFERS 8AECE1E8
    Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_DEVICE_CONTROL 8AECE1E8
    Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_INTERNAL_DEVICE_CONTROL 8AECE1E8
    Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_SHUTDOWN 8AECE1E8
    Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_POWER 8AECE1E8
    Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_SYSTEM_CONTROL 8AECE1E8
    Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_PNP 8AECE1E8
    Device \Driver\usbehci \Device\USBPDO-1 IRP_MJ_CREATE 8ACA75E0
    Device \Driver\usbehci \Device\USBPDO-1 IRP_MJ_CLOSE 8ACA75E0
    Device \Driver\usbehci \Device\USBPDO-1 IRP_MJ_DEVICE_CONTROL 8ACA75E0
    Device \Driver\usbehci \Device\USBPDO-1 IRP_MJ_INTERNAL_DEVICE_CONTROL 8ACA75E0
    Device \Driver\usbehci \Device\USBPDO-1 IRP_MJ_POWER 8ACA75E0
    Device \Driver\usbehci \Device\USBPDO-1 IRP_MJ_SYSTEM_CONTROL 8ACA75E0
    Device \Driver\usbehci \Device\USBPDO-1 IRP_MJ_PNP 8ACA75E0
    Device \Driver\Tcpip \Device\Tcp IRP_MJ_CREATE [AA2EBEA0] vsdatant.sys
    Device \Driver\Tcpip \Device\Tcp IRP_MJ_CLOSE [AA2EBEA0] vsdatant.sys
    Device \Driver\Tcpip \Device\Tcp IRP_MJ_DEVICE_CONTROL [AA2EBEA0] vsdatant.sys
    Device \Driver\Tcpip \Device\Tcp IRP_MJ_INTERNAL_DEVICE_CONTROL [BAE4685A] avgtdi.sys
    Device \Driver\Tcpip \Device\Tcp IRP_MJ_CLEANUP [AA2EBEA0] vsdatant.sys
    Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_CREATE 8AE641E8
    Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_READ 8AE641E8
    Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_WRITE 8AE641E8
    Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_FLUSH_BUFFERS 8AE641E8
    Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_DEVICE_CONTROL 8AE641E8
    Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_INTERNAL_DEVICE_CONTROL 8AE641E8
    Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_SHUTDOWN 8AE641E8
    Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_CLEANUP 8AE641E8
    Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_POWER 8AE641E8
    Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_SYSTEM_CONTROL 8AE641E8
    Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_PNP 8AE641E8
    Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_CREATE 8AE641E8
    Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_READ 8AE641E8
    Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_WRITE 8AE641E8
    Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_FLUSH_BUFFERS 8AE641E8
    Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_DEVICE_CONTROL 8AE641E8
    Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_INTERNAL_DEVICE_CONTROL 8AE641E8
    Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_SHUTDOWN 8AE641E8
    Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_CLEANUP 8AE641E8
    Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_POWER 8AE641E8
    Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_SYSTEM_CONTROL 8AE641E8
    Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_PNP 8AE641E8
    Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_CREATE 8AC861E8
    Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_CLOSE 8AC861E8
    Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_READ 8AC861E8
    Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_WRITE 8AC861E8
    Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_FLUSH_BUFFERS 8AC861E8
    Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_DEVICE_CONTROL 8AC861E8
    Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_INTERNAL_DEVICE_CONTROL 8AC861E8
    Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_SHUTDOWN 8AC861E8
    Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_POWER 8AC861E8
    Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_SYSTEM_CONTROL 8AC861E8
    Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_PNP 8AC861E8
    Device \Driver\nvata \Device\00000072 IRP_MJ_CREATE 8AE621E8
    Device \Driver\nvata \Device\00000072 IRP_MJ_CREATE_NAMED_PIPE 8AE621E8
    Device \Driver\nvata \Device\00000072 IRP_MJ_CLOSE 8AE621E8
    Device \Driver\nvata \Device\00000072 IRP_MJ_READ 8AE621E8
    Device \Driver\nvata \Device\00000072 IRP_MJ_WRITE 8AE621E8
    Device \Driver\nvata \Device\00000072 IRP_MJ_QUERY_INFORMATION 8AE621E8
    Device \Driver\nvata \Device\00000072 IRP_MJ_SET_INFORMATION 8AE621E8
    Device \Driver\nvata \Device\00000072 IRP_MJ_QUERY_EA 8AE621E8
    Device \Driver\nvata \Device\00000072 IRP_MJ_SET_EA 8AE621E8
    Device \Driver\nvata \Device\00000072 IRP_MJ_FLUSH_BUFFERS 8AE621E8
    Device \Driver\nvata \Device\00000072 IRP_MJ_QUERY_VOLUME_INFORMATION 8AE621E8
    Device \Driver\nvata \Device\00000072 IRP_MJ_SET_VOLUME_INFORMATION 8AE621E8
    Device \Driver\nvata \Device\00000072 IRP_MJ_DIRECTORY_CONTROL 8AE621E8
    Device \Driver\nvata \Device\00000072 IRP_MJ_FILE_SYSTEM_CONTROL 8AE621E8
    Device \Driver\nvata \Device\00000072 IRP_MJ_DEVICE_CONTROL 8AE621E8
    Device \Driver\nvata \Device\00000072 IRP_MJ_INTERNAL_DEVICE_CONTROL 8AE621E8
    Device \Driver\nvata \Device\00000072 IRP_MJ_SHUTDOWN 8AE621E8
    Device \Driver\nvata \Device\00000072 IRP_MJ_LOCK_CONTROL 8AE621E8
    Device \Driver\nvata \Device\00000072 IRP_MJ_CLEANUP 8AE621E8
    Device \Driver\nvata \Device\00000072 IRP_MJ_CREATE_MAILSLOT 8AE621E8
    Device \Driver\nvata \Device\00000072 IRP_MJ_QUERY_SECURITY 8AE621E8
    Device \Driver\nvata \Device\00000072 IRP_MJ_SET_SECURITY 8AE621E8
    Device \Driver\nvata \Device\00000072 IRP_MJ_POWER 8AE621E8
    Device \Driver\nvata \Device\00000072 IRP_MJ_SYSTEM_CONTROL 8AE621E8
    Device \Driver\nvata \Device\00000072 IRP_MJ_DEVICE_CHANGE 8AE621E8
    Device \Driver\nvata \Device\00000072 IRP_MJ_QUERY_QUOTA 8AE621E8
    Device \Driver\nvata \Device\00000072 IRP_MJ_SET_QUOTA 8AE621E8
    Device \Driver\nvata \Device\00000072 IRP_MJ_PNP 8AE621E8
    Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_CREATE 8AC861E8
    Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_CLOSE 8AC861E8
    Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_READ 8AC861E8
    Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_WRITE 8AC861E8
    Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_FLUSH_BUFFERS 8AC861E8
    Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_DEVICE_CONTROL 8AC861E8
    Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_INTERNAL_DEVICE_CONTROL 8AC861E8
    Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_SHUTDOWN 8AC861E8
    Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_POWER 8AC861E8
    Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_SYSTEM_CONTROL 8AC861E8
    Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_PNP 8AC861E8
    Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_CREATE 8AC861E8
    Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_CLOSE 8AC861E8
    Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_READ 8AC861E8
    Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_WRITE 8AC861E8
    Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_FLUSH_BUFFERS 8AC861E8
    Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_DEVICE_CONTROL 8AC861E8
    Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_INTERNAL_DEVICE_CONTROL 8AC861E8
    Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_SHUTDOWN 8AC861E8
    Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_POWER 8AC861E8
    Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_SYSTEM_CONTROL 8AC861E8
    Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_PNP 8AC861E8
    Device \Driver\PCI_NTPNP9496 \Device\0000004a IRP_MJ_CREATE [BA6F5AD2] sptd.sys
    Device \Driver\PCI_NTPNP9496 \Device\0000004a IRP_MJ_CREATE_NAMED_PIPE [BA6F5AD2] sptd.sys
    Device \Driver\PCI_NTPNP9496 \Device\0000004a IRP_MJ_CLOSE [BA6F5AD2] sptd.sys
    Device \Driver\PCI_NTPNP9496 \Device\0000004a IRP_MJ_READ [BA6F5AD2] sptd.sys
    Device \Driver\PCI_NTPNP9496 \Device\0000004a IRP_MJ_WRITE [BA6F5AD2] sptd.sys
    Device \Driver\PCI_NTPNP9496 \Device\0000004a IRP_MJ_QUERY_INFORMATION [BA6F5AD2] sptd.sys
    Device \Driver\PCI_NTPNP9496 \Device\0000004a IRP_MJ_SET_INFORMATION [BA6F5AD2] sptd.sys
    Device \Driver\PCI_NTPNP9496 \Device\0000004a IRP_MJ_QUERY_EA [BA6F5AD2] sptd.sys
    Device \Driver\PCI_NTPNP9496 \Device\0000004a IRP_MJ_SET_EA [BA6F5AD2] sptd.sys
    Device \Driver\PCI_NTPNP9496 \Device\0000004a IRP_MJ_FLUSH_BUFFERS [BA6F5AD2] sptd.sys
    Device \Driver\PCI_NTPNP9496 \Device\0000004a IRP_MJ_QUERY_VOLUME_INFORMATION [BA6F5AD2] sptd.sys
    Device \Driver\PCI_NTPNP9496 \Device\0000004a IRP_MJ_SET_VOLUME_INFORMATION [BA6F5AD2] sptd.sys
    Device \Driver\PCI_NTPNP9496 \Device\0000004a IRP_MJ_DIRECTORY_CONTROL [BA6F5AD2] sptd.sys
    Device \Driver\PCI_NTPNP9496 \Device\0000004a IRP_MJ_FILE_SYSTEM_CONTROL [BA6F5AD2] sptd.sys
    Device \Driver\PCI_NTPNP9496 \Device\0000004a IRP_MJ_DEVICE_CONTROL [BA6F5AD2] sptd.sys
    Device \Driver\PCI_NTPNP9496 \Device\0000004a IRP_MJ_INTERNAL_DEVICE_CONTROL [BA6F5AD2] sptd.sys
    Device \Driver\PCI_NTPNP9496 \Device\0000004a IRP_MJ_SHUTDOWN [BA6F5AD2] sptd.sys
    Device \Driver\PCI_NTPNP9496 \Device\0000004a IRP_MJ_LOCK_CONTROL [BA6F5AD2] sptd.sys
    Device \Driver\PCI_NTPNP9496 \Device\0000004a IRP_MJ_CLEANUP [BA6F5AD2] sptd.sys
    Device \Driver\PCI_NTPNP9496 \Device\0000004a IRP_MJ_CREATE_MAILSLOT [BA6F5AD2] sptd.sys
    Device \Driver\PCI_NTPNP9496 \Device\0000004a IRP_MJ_QUERY_SECURITY [BA6F5AD2] sptd.sys
    Device \Driver\PCI_NTPNP9496 \Device\0000004a IRP_MJ_SET_SECURITY [BA6F5AD2] sptd.sys
    Device \Driver\PCI_NTPNP9496 \Device\0000004a IRP_MJ_POWER [BA6CF712] sptd.sys
    Device \Driver\PCI_NTPNP9496 \Device\0000004a IRP_MJ_SYSTEM_CONTROL [BA6F22C8] sptd.sys
    Device \Driver\PCI_NTPNP9496 \Device\0000004a IRP_MJ_DEVICE_CHANGE [BA6F5AD2] sptd.sys
    Device \Driver\PCI_NTPNP9496 \Device\0000004a IRP_MJ_QUERY_QUOTA [BA6F5AD2] sptd.sys
    Device \Driver\PCI_NTPNP9496 \Device\0000004a IRP_MJ_SET_QUOTA [BA6F5AD2] sptd.sys
    Device \Driver\PCI_NTPNP9496 \Device\0000004a IRP_MJ_PNP [BA6F3238] sptd.sys
     
    noahdfear,
    #41
  2. 2007/10/12
    noahdfear

    noahdfear Inactive

    Joined:
    2003/04/06
    Messages:
    12,178
    Likes Received:
    15
    Device \Driver\NetBT \Device\NetBt_Wins_Export IRP_MJ_CREATE 8ABB11E8
    Device \Driver\NetBT \Device\NetBt_Wins_Export IRP_MJ_CLOSE 8ABB11E8
    Device \Driver\NetBT \Device\NetBt_Wins_Export IRP_MJ_DEVICE_CONTROL 8ABB11E8
    Device \Driver\NetBT \Device\NetBt_Wins_Export IRP_MJ_INTERNAL_DEVICE_CONTROL 8ABB11E8
    Device \Driver\NetBT \Device\NetBt_Wins_Export IRP_MJ_CLEANUP 8ABB11E8
    Device \Driver\NetBT \Device\NetBt_Wins_Export IRP_MJ_PNP 8ABB11E8
    Device \Driver\NetBT \Device\NetbiosSmb IRP_MJ_CREATE 8ABB11E8
    Device \Driver\NetBT \Device\NetbiosSmb IRP_MJ_CLOSE 8ABB11E8
    Device \Driver\NetBT \Device\NetbiosSmb IRP_MJ_DEVICE_CONTROL 8ABB11E8
    Device \Driver\NetBT \Device\NetbiosSmb IRP_MJ_INTERNAL_DEVICE_CONTROL 8ABB11E8
    Device \Driver\NetBT \Device\NetbiosSmb IRP_MJ_CLEANUP 8ABB11E8
    Device \Driver\NetBT \Device\NetbiosSmb IRP_MJ_PNP 8ABB11E8
    Device \Driver\Tcpip \Device\Udp IRP_MJ_CREATE [AA2EBEA0] vsdatant.sys
    Device \Driver\Tcpip \Device\Udp IRP_MJ_CLOSE [AA2EBEA0] vsdatant.sys
    Device \Driver\Tcpip \Device\Udp IRP_MJ_DEVICE_CONTROL [AA2EBEA0] vsdatant.sys
    Device \Driver\Tcpip \Device\Udp IRP_MJ_INTERNAL_DEVICE_CONTROL [BAE4685A] avgtdi.sys
    Device \Driver\Tcpip \Device\Udp IRP_MJ_CLEANUP [AA2EBEA0] vsdatant.sys
    Device \Driver\Tcpip \Device\RawIp IRP_MJ_CREATE [AA2EBEA0] vsdatant.sys
    Device \Driver\Tcpip \Device\RawIp IRP_MJ_CLOSE [AA2EBEA0] vsdatant.sys
    Device \Driver\Tcpip \Device\RawIp IRP_MJ_DEVICE_CONTROL [AA2EBEA0] vsdatant.sys
    Device \Driver\Tcpip \Device\RawIp IRP_MJ_INTERNAL_DEVICE_CONTROL [BAE4685A] avgtdi.sys
    Device \Driver\Tcpip \Device\RawIp IRP_MJ_CLEANUP [AA2EBEA0] vsdatant.sys
    Device \Driver\usbohci \Device\USBFDO-0 IRP_MJ_CREATE 8ACB01E8
    Device \Driver\usbohci \Device\USBFDO-0 IRP_MJ_CLOSE 8ACB01E8
    Device \Driver\usbohci \Device\USBFDO-0 IRP_MJ_DEVICE_CONTROL 8ACB01E8
    Device \Driver\usbohci \Device\USBFDO-0 IRP_MJ_INTERNAL_DEVICE_CONTROL 8ACB01E8
    Device \Driver\usbohci \Device\USBFDO-0 IRP_MJ_POWER 8ACB01E8
    Device \Driver\usbohci \Device\USBFDO-0 IRP_MJ_SYSTEM_CONTROL 8ACB01E8
    Device \Driver\usbohci \Device\USBFDO-0 IRP_MJ_PNP 8ACB01E8
    Device \Driver\nvata \Device\NvAta0 IRP_MJ_CREATE 8AE621E8
    Device \Driver\nvata \Device\NvAta0 IRP_MJ_CREATE_NAMED_PIPE 8AE621E8
    Device \Driver\nvata \Device\NvAta0 IRP_MJ_CLOSE 8AE621E8
    Device \Driver\nvata \Device\NvAta0 IRP_MJ_READ 8AE621E8
    Device \Driver\nvata \Device\NvAta0 IRP_MJ_WRITE 8AE621E8
    Device \Driver\nvata \Device\NvAta0 IRP_MJ_QUERY_INFORMATION 8AE621E8
    Device \Driver\nvata \Device\NvAta0 IRP_MJ_SET_INFORMATION 8AE621E8
    Device \Driver\nvata \Device\NvAta0 IRP_MJ_QUERY_EA 8AE621E8
    Device \Driver\nvata \Device\NvAta0 IRP_MJ_SET_EA 8AE621E8
    Device \Driver\nvata \Device\NvAta0 IRP_MJ_FLUSH_BUFFERS 8AE621E8
    Device \Driver\nvata \Device\NvAta0 IRP_MJ_QUERY_VOLUME_INFORMATION 8AE621E8
    Device \Driver\nvata \Device\NvAta0 IRP_MJ_SET_VOLUME_INFORMATION 8AE621E8
    Device \Driver\nvata \Device\NvAta0 IRP_MJ_DIRECTORY_CONTROL 8AE621E8
    Device \Driver\nvata \Device\NvAta0 IRP_MJ_FILE_SYSTEM_CONTROL 8AE621E8
    Device \Driver\nvata \Device\NvAta0 IRP_MJ_DEVICE_CONTROL 8AE621E8
    Device \Driver\nvata \Device\NvAta0 IRP_MJ_INTERNAL_DEVICE_CONTROL 8AE621E8
    Device \Driver\nvata \Device\NvAta0 IRP_MJ_SHUTDOWN 8AE621E8
    Device \Driver\nvata \Device\NvAta0 IRP_MJ_LOCK_CONTROL 8AE621E8
    Device \Driver\nvata \Device\NvAta0 IRP_MJ_CLEANUP 8AE621E8
    Device \Driver\nvata \Device\NvAta0 IRP_MJ_CREATE_MAILSLOT 8AE621E8
    Device \Driver\nvata \Device\NvAta0 IRP_MJ_QUERY_SECURITY 8AE621E8
    Device \Driver\nvata \Device\NvAta0 IRP_MJ_SET_SECURITY 8AE621E8
    Device \Driver\nvata \Device\NvAta0 IRP_MJ_POWER 8AE621E8
    Device \Driver\nvata \Device\NvAta0 IRP_MJ_SYSTEM_CONTROL 8AE621E8
    Device \Driver\nvata \Device\NvAta0 IRP_MJ_DEVICE_CHANGE 8AE621E8
    Device \Driver\nvata \Device\NvAta0 IRP_MJ_QUERY_QUOTA 8AE621E8
    Device \Driver\nvata \Device\NvAta0 IRP_MJ_SET_QUOTA 8AE621E8
    Device \Driver\nvata \Device\NvAta0 IRP_MJ_PNP 8AE621E8
    Device \Driver\usbehci \Device\USBFDO-1 IRP_MJ_CREATE 8ACA75E0
    Device \Driver\usbehci \Device\USBFDO-1 IRP_MJ_CLOSE 8ACA75E0
    Device \Driver\usbehci \Device\USBFDO-1 IRP_MJ_DEVICE_CONTROL 8ACA75E0
    Device \Driver\usbehci \Device\USBFDO-1 IRP_MJ_INTERNAL_DEVICE_CONTROL 8ACA75E0
    Device \Driver\usbehci \Device\USBFDO-1 IRP_MJ_POWER 8ACA75E0
    Device \Driver\usbehci \Device\USBFDO-1 IRP_MJ_SYSTEM_CONTROL 8ACA75E0
    Device \Driver\usbehci \Device\USBFDO-1 IRP_MJ_PNP 8ACA75E0
    Device \Driver\nvata \Device\0000006d IRP_MJ_CREATE 8AE621E8
    Device \Driver\nvata \Device\0000006d IRP_MJ_CREATE_NAMED_PIPE 8AE621E8
    Device \Driver\nvata \Device\0000006d IRP_MJ_CLOSE 8AE621E8
    Device \Driver\nvata \Device\0000006d IRP_MJ_READ 8AE621E8
    Device \Driver\nvata \Device\0000006d IRP_MJ_WRITE 8AE621E8
    Device \Driver\nvata \Device\0000006d IRP_MJ_QUERY_INFORMATION 8AE621E8
    Device \Driver\nvata \Device\0000006d IRP_MJ_SET_INFORMATION 8AE621E8
    Device \Driver\nvata \Device\0000006d IRP_MJ_QUERY_EA 8AE621E8
    Device \Driver\nvata \Device\0000006d IRP_MJ_SET_EA 8AE621E8
    Device \Driver\nvata \Device\0000006d IRP_MJ_FLUSH_BUFFERS 8AE621E8
    Device \Driver\nvata \Device\0000006d IRP_MJ_QUERY_VOLUME_INFORMATION 8AE621E8
    Device \Driver\nvata \Device\0000006d IRP_MJ_SET_VOLUME_INFORMATION 8AE621E8
    Device \Driver\nvata \Device\0000006d IRP_MJ_DIRECTORY_CONTROL 8AE621E8
    Device \Driver\nvata \Device\0000006d IRP_MJ_FILE_SYSTEM_CONTROL 8AE621E8
    Device \Driver\nvata \Device\0000006d IRP_MJ_DEVICE_CONTROL 8AE621E8
    Device \Driver\nvata \Device\0000006d IRP_MJ_INTERNAL_DEVICE_CONTROL 8AE621E8
    Device \Driver\nvata \Device\0000006d IRP_MJ_SHUTDOWN 8AE621E8
    Device \Driver\nvata \Device\0000006d IRP_MJ_LOCK_CONTROL 8AE621E8
    Device \Driver\nvata \Device\0000006d IRP_MJ_CLEANUP 8AE621E8
    Device \Driver\nvata \Device\0000006d IRP_MJ_CREATE_MAILSLOT 8AE621E8
    Device \Driver\nvata \Device\0000006d IRP_MJ_QUERY_SECURITY 8AE621E8
    Device \Driver\nvata \Device\0000006d IRP_MJ_SET_SECURITY 8AE621E8
    Device \Driver\nvata \Device\0000006d IRP_MJ_POWER 8AE621E8
    Device \Driver\nvata \Device\0000006d IRP_MJ_SYSTEM_CONTROL 8AE621E8
    Device \Driver\nvata \Device\0000006d IRP_MJ_DEVICE_CHANGE 8AE621E8
    Device \Driver\nvata \Device\0000006d IRP_MJ_QUERY_QUOTA 8AE621E8
    Device \Driver\nvata \Device\0000006d IRP_MJ_SET_QUOTA 8AE621E8
    Device \Driver\nvata \Device\0000006d IRP_MJ_PNP 8AE621E8
    Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_CREATE 89B2F1E8
    Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_CREATE_NAMED_PIPE 89B2F1E8
    Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_CLOSE 89B2F1E8
    Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_READ 89B2F1E8
    Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_WRITE 89B2F1E8
    Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_QUERY_INFORMATION 89B2F1E8
    Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_SET_INFORMATION 89B2F1E8
    Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_QUERY_EA 89B2F1E8
    Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_SET_EA 89B2F1E8
    Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_FLUSH_BUFFERS 89B2F1E8
    Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_QUERY_VOLUME_INFORMATION 89B2F1E8
    Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_SET_VOLUME_INFORMATION 89B2F1E8
    Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_DIRECTORY_CONTROL 89B2F1E8
    Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_FILE_SYSTEM_CONTROL 89B2F1E8
    Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_DEVICE_CONTROL 89B2F1E8
    Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_INTERNAL_DEVICE_CONTROL 89B2F1E8
    Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_SHUTDOWN 89B2F1E8
    Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_LOCK_CONTROL 89B2F1E8
    Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_CLEANUP 89B2F1E8
    Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_CREATE_MAILSLOT 89B2F1E8
    Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_QUERY_SECURITY 89B2F1E8
    Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_SET_SECURITY 89B2F1E8
    Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_POWER 89B2F1E8
    Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_SYSTEM_CONTROL 89B2F1E8
    Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_DEVICE_CHANGE 89B2F1E8
    Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_QUERY_QUOTA 89B2F1E8
    Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_SET_QUOTA 89B2F1E8
    Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_PNP 89B2F1E8
    Device \Driver\nvata \Device\NvAta1 IRP_MJ_CREATE 8AE621E8
    Device \Driver\nvata \Device\NvAta1 IRP_MJ_CREATE_NAMED_PIPE 8AE621E8
    Device \Driver\nvata \Device\NvAta1 IRP_MJ_CLOSE 8AE621E8
    Device \Driver\nvata \Device\NvAta1 IRP_MJ_READ 8AE621E8
    Device \Driver\nvata \Device\NvAta1 IRP_MJ_WRITE 8AE621E8
    Device \Driver\nvata \Device\NvAta1 IRP_MJ_QUERY_INFORMATION 8AE621E8
    Device \Driver\nvata \Device\NvAta1 IRP_MJ_SET_INFORMATION 8AE621E8
    Device \Driver\nvata \Device\NvAta1 IRP_MJ_QUERY_EA 8AE621E8
    Device \Driver\nvata \Device\NvAta1 IRP_MJ_SET_EA 8AE621E8
    Device \Driver\nvata \Device\NvAta1 IRP_MJ_FLUSH_BUFFERS 8AE621E8
    Device \Driver\nvata \Device\NvAta1 IRP_MJ_QUERY_VOLUME_INFORMATION 8AE621E8
    Device \Driver\nvata \Device\NvAta1 IRP_MJ_SET_VOLUME_INFORMATION 8AE621E8
    Device \Driver\nvata \Device\NvAta1 IRP_MJ_DIRECTORY_CONTROL 8AE621E8
    Device \Driver\nvata \Device\NvAta1 IRP_MJ_FILE_SYSTEM_CONTROL 8AE621E8
    Device \Driver\nvata \Device\NvAta1 IRP_MJ_DEVICE_CONTROL 8AE621E8
    Device \Driver\nvata \Device\NvAta1 IRP_MJ_INTERNAL_DEVICE_CONTROL 8AE621E8
    Device \Driver\nvata \Device\NvAta1 IRP_MJ_SHUTDOWN 8AE621E8
    Device \Driver\nvata \Device\NvAta1 IRP_MJ_LOCK_CONTROL 8AE621E8
    Device \Driver\nvata \Device\NvAta1 IRP_MJ_CLEANUP 8AE621E8
    Device \Driver\nvata \Device\NvAta1 IRP_MJ_CREATE_MAILSLOT 8AE621E8
    Device \Driver\nvata \Device\NvAta1 IRP_MJ_QUERY_SECURITY 8AE621E8
    Device \Driver\nvata \Device\NvAta1 IRP_MJ_SET_SECURITY 8AE621E8
    Device \Driver\nvata \Device\NvAta1 IRP_MJ_POWER 8AE621E8
    Device \Driver\nvata \Device\NvAta1 IRP_MJ_SYSTEM_CONTROL 8AE621E8
    Device \Driver\nvata \Device\NvAta1 IRP_MJ_DEVICE_CHANGE 8AE621E8
    Device \Driver\nvata \Device\NvAta1 IRP_MJ_QUERY_QUOTA 8AE621E8
    Device \Driver\nvata \Device\NvAta1 IRP_MJ_SET_QUOTA 8AE621E8
    Device \Driver\nvata \Device\NvAta1 IRP_MJ_PNP 8AE621E8
    Device \Driver\Tcpip \Device\IPMULTICAST IRP_MJ_CREATE [AA2EBEA0] vsdatant.sys
    Device \Driver\Tcpip \Device\IPMULTICAST IRP_MJ_CLOSE [AA2EBEA0] vsdatant.sys
    Device \Driver\Tcpip \Device\IPMULTICAST IRP_MJ_DEVICE_CONTROL [AA2EBEA0] vsdatant.sys
    Device \Driver\Tcpip \Device\IPMULTICAST IRP_MJ_INTERNAL_DEVICE_CONTROL [BAE4685A] avgtdi.sys
    Device \Driver\Tcpip \Device\IPMULTICAST IRP_MJ_CLEANUP [AA2EBEA0] vsdatant.sys
    Device \Driver\nvata \Device\0000006e IRP_MJ_CREATE 8AE621E8
    Device \Driver\nvata \Device\0000006e IRP_MJ_CREATE_NAMED_PIPE 8AE621E8
    Device \Driver\nvata \Device\0000006e IRP_MJ_CLOSE 8AE621E8
    Device \Driver\nvata \Device\0000006e IRP_MJ_READ 8AE621E8
    Device \Driver\nvata \Device\0000006e IRP_MJ_WRITE 8AE621E8
    Device \Driver\nvata \Device\0000006e IRP_MJ_QUERY_INFORMATION 8AE621E8
    Device \Driver\nvata \Device\0000006e IRP_MJ_SET_INFORMATION 8AE621E8
    Device \Driver\nvata \Device\0000006e IRP_MJ_QUERY_EA 8AE621E8
    Device \Driver\nvata \Device\0000006e IRP_MJ_SET_EA 8AE621E8
    Device \Driver\nvata \Device\0000006e IRP_MJ_FLUSH_BUFFERS 8AE621E8
    Device \Driver\nvata \Device\0000006e IRP_MJ_QUERY_VOLUME_INFORMATION 8AE621E8
    Device \Driver\nvata \Device\0000006e IRP_MJ_SET_VOLUME_INFORMATION 8AE621E8
    Device \Driver\nvata \Device\0000006e IRP_MJ_DIRECTORY_CONTROL 8AE621E8
    Device \Driver\nvata \Device\0000006e IRP_MJ_FILE_SYSTEM_CONTROL 8AE621E8
    Device \Driver\nvata \Device\0000006e IRP_MJ_DEVICE_CONTROL 8AE621E8
    Device \Driver\nvata \Device\0000006e IRP_MJ_INTERNAL_DEVICE_CONTROL 8AE621E8
    Device \Driver\nvata \Device\0000006e IRP_MJ_SHUTDOWN 8AE621E8
    Device \Driver\nvata \Device\0000006e IRP_MJ_LOCK_CONTROL 8AE621E8
    Device \Driver\nvata \Device\0000006e IRP_MJ_CLEANUP 8AE621E8
    Device \Driver\nvata \Device\0000006e IRP_MJ_CREATE_MAILSLOT 8AE621E8
    Device \Driver\nvata \Device\0000006e IRP_MJ_QUERY_SECURITY 8AE621E8
    Device \Driver\nvata \Device\0000006e IRP_MJ_SET_SECURITY 8AE621E8
    Device \Driver\nvata \Device\0000006e IRP_MJ_POWER 8AE621E8
    Device \Driver\nvata \Device\0000006e IRP_MJ_SYSTEM_CONTROL 8AE621E8
    Device \Driver\nvata \Device\0000006e IRP_MJ_DEVICE_CHANGE 8AE621E8
    Device \Driver\nvata \Device\0000006e IRP_MJ_QUERY_QUOTA 8AE621E8
    Device \Driver\nvata \Device\0000006e IRP_MJ_SET_QUOTA 8AE621E8
    Device \Driver\nvata \Device\0000006e IRP_MJ_PNP 8AE621E8
    Device \Driver\nvata \Device\NvAta2 IRP_MJ_CREATE 8AE621E8
    Device \Driver\nvata \Device\NvAta2 IRP_MJ_CREATE_NAMED_PIPE 8AE621E8
    Device \Driver\nvata \Device\NvAta2 IRP_MJ_CLOSE 8AE621E8
    Device \Driver\nvata \Device\NvAta2 IRP_MJ_READ 8AE621E8
    Device \Driver\nvata \Device\NvAta2 IRP_MJ_WRITE 8AE621E8
    Device \Driver\nvata \Device\NvAta2 IRP_MJ_QUERY_INFORMATION 8AE621E8
    Device \Driver\nvata \Device\NvAta2 IRP_MJ_SET_INFORMATION 8AE621E8
    Device \Driver\nvata \Device\NvAta2 IRP_MJ_QUERY_EA 8AE621E8
    Device \Driver\nvata \Device\NvAta2 IRP_MJ_SET_EA 8AE621E8
    Device \Driver\nvata \Device\NvAta2 IRP_MJ_FLUSH_BUFFERS 8AE621E8
    Device \Driver\nvata \Device\NvAta2 IRP_MJ_QUERY_VOLUME_INFORMATION 8AE621E8
    Device \Driver\nvata \Device\NvAta2 IRP_MJ_SET_VOLUME_INFORMATION 8AE621E8
    Device \Driver\nvata \Device\NvAta2 IRP_MJ_DIRECTORY_CONTROL 8AE621E8
    Device \Driver\nvata \Device\NvAta2 IRP_MJ_FILE_SYSTEM_CONTROL 8AE621E8
    Device \Driver\nvata \Device\NvAta2 IRP_MJ_DEVICE_CONTROL 8AE621E8
    Device \Driver\nvata \Device\NvAta2 IRP_MJ_INTERNAL_DEVICE_CONTROL 8AE621E8
    Device \Driver\nvata \Device\NvAta2 IRP_MJ_SHUTDOWN 8AE621E8
    Device \Driver\nvata \Device\NvAta2 IRP_MJ_LOCK_CONTROL 8AE621E8
    Device \Driver\nvata \Device\NvAta2 IRP_MJ_CLEANUP 8AE621E8
    Device \Driver\nvata \Device\NvAta2 IRP_MJ_CREATE_MAILSLOT 8AE621E8
    Device \Driver\nvata \Device\NvAta2 IRP_MJ_QUERY_SECURITY 8AE621E8
    Device \Driver\nvata \Device\NvAta2 IRP_MJ_SET_SECURITY 8AE621E8
    Device \Driver\nvata \Device\NvAta2 IRP_MJ_POWER 8AE621E8
    Device \Driver\nvata \Device\NvAta2 IRP_MJ_SYSTEM_CONTROL 8AE621E8
    Device \Driver\nvata \Device\NvAta2 IRP_MJ_DEVICE_CHANGE 8AE621E8
    Device \Driver\nvata \Device\NvAta2 IRP_MJ_QUERY_QUOTA 8AE621E8
    Device \Driver\nvata \Device\NvAta2 IRP_MJ_SET_QUOTA 8AE621E8
    Device \Driver\nvata \Device\NvAta2 IRP_MJ_PNP 8AE621E8
     
    noahdfear,
    #42


  3. to hide this advert.

  4. 2007/10/12
    noahdfear

    noahdfear Inactive

    Joined:
    2003/04/06
    Messages:
    12,178
    Likes Received:
    15
    Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_CREATE 89B2F1E8
    Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_CREATE_NAMED_PIPE 89B2F1E8
    Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_CLOSE 89B2F1E8
    Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_READ 89B2F1E8
    Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_WRITE 89B2F1E8
    Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_QUERY_INFORMATION 89B2F1E8
    Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_SET_INFORMATION 89B2F1E8
    Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_QUERY_EA 89B2F1E8
    Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_SET_EA 89B2F1E8
    Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_FLUSH_BUFFERS 89B2F1E8
    Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_QUERY_VOLUME_INFORMATION 89B2F1E8
    Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_SET_VOLUME_INFORMATION 89B2F1E8
    Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_DIRECTORY_CONTROL 89B2F1E8
    Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_FILE_SYSTEM_CONTROL 89B2F1E8
    Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_DEVICE_CONTROL 89B2F1E8
    Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_INTERNAL_DEVICE_CONTROL 89B2F1E8
    Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_SHUTDOWN 89B2F1E8
    Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_LOCK_CONTROL 89B2F1E8
    Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_CLEANUP 89B2F1E8
    Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_CREATE_MAILSLOT 89B2F1E8
    Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_QUERY_SECURITY 89B2F1E8
    Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_SET_SECURITY 89B2F1E8
    Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_POWER 89B2F1E8
    Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_SYSTEM_CONTROL 89B2F1E8
    Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_DEVICE_CHANGE 89B2F1E8
    Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_QUERY_QUOTA 89B2F1E8
    Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_SET_QUOTA 89B2F1E8
    Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_PNP 89B2F1E8
    Device \Driver\nvata \Device\0000006f IRP_MJ_CREATE 8AE621E8
    Device \Driver\nvata \Device\0000006f IRP_MJ_CREATE_NAMED_PIPE 8AE621E8
    Device \Driver\nvata \Device\0000006f IRP_MJ_CLOSE 8AE621E8
    Device \Driver\nvata \Device\0000006f IRP_MJ_READ 8AE621E8
    Device \Driver\nvata \Device\0000006f IRP_MJ_WRITE 8AE621E8
    Device \Driver\nvata \Device\0000006f IRP_MJ_QUERY_INFORMATION 8AE621E8
    Device \Driver\nvata \Device\0000006f IRP_MJ_SET_INFORMATION 8AE621E8
    Device \Driver\nvata \Device\0000006f IRP_MJ_QUERY_EA 8AE621E8
    Device \Driver\nvata \Device\0000006f IRP_MJ_SET_EA 8AE621E8
    Device \Driver\nvata \Device\0000006f IRP_MJ_FLUSH_BUFFERS 8AE621E8
    Device \Driver\nvata \Device\0000006f IRP_MJ_QUERY_VOLUME_INFORMATION 8AE621E8
    Device \Driver\nvata \Device\0000006f IRP_MJ_SET_VOLUME_INFORMATION 8AE621E8
    Device \Driver\nvata \Device\0000006f IRP_MJ_DIRECTORY_CONTROL 8AE621E8
    Device \Driver\nvata \Device\0000006f IRP_MJ_FILE_SYSTEM_CONTROL 8AE621E8
    Device \Driver\nvata \Device\0000006f IRP_MJ_DEVICE_CONTROL 8AE621E8
    Device \Driver\nvata \Device\0000006f IRP_MJ_INTERNAL_DEVICE_CONTROL 8AE621E8
    Device \Driver\nvata \Device\0000006f IRP_MJ_SHUTDOWN 8AE621E8
    Device \Driver\nvata \Device\0000006f IRP_MJ_LOCK_CONTROL 8AE621E8
    Device \Driver\nvata \Device\0000006f IRP_MJ_CLEANUP 8AE621E8
    Device \Driver\nvata \Device\0000006f IRP_MJ_CREATE_MAILSLOT 8AE621E8
    Device \Driver\nvata \Device\0000006f IRP_MJ_QUERY_SECURITY 8AE621E8
    Device \Driver\nvata \Device\0000006f IRP_MJ_SET_SECURITY 8AE621E8
    Device \Driver\nvata \Device\0000006f IRP_MJ_POWER 8AE621E8
    Device \Driver\nvata \Device\0000006f IRP_MJ_SYSTEM_CONTROL 8AE621E8
    Device \Driver\nvata \Device\0000006f IRP_MJ_DEVICE_CHANGE 8AE621E8
    Device \Driver\nvata \Device\0000006f IRP_MJ_QUERY_QUOTA 8AE621E8
    Device \Driver\nvata \Device\0000006f IRP_MJ_SET_QUOTA 8AE621E8
    Device \Driver\nvata \Device\0000006f IRP_MJ_PNP 8AE621E8
    Device \Driver\Ftdisk \Device\FtControl IRP_MJ_CREATE 8AE641E8
    Device \Driver\Ftdisk \Device\FtControl IRP_MJ_READ 8AE641E8
    Device \Driver\Ftdisk \Device\FtControl IRP_MJ_WRITE 8AE641E8
    Device \Driver\Ftdisk \Device\FtControl IRP_MJ_FLUSH_BUFFERS 8AE641E8
    Device \Driver\Ftdisk \Device\FtControl IRP_MJ_DEVICE_CONTROL 8AE641E8
    Device \Driver\Ftdisk \Device\FtControl IRP_MJ_INTERNAL_DEVICE_CONTROL 8AE641E8
    Device \Driver\Ftdisk \Device\FtControl IRP_MJ_SHUTDOWN 8AE641E8
    Device \Driver\Ftdisk \Device\FtControl IRP_MJ_CLEANUP 8AE641E8
    Device \Driver\Ftdisk \Device\FtControl IRP_MJ_POWER 8AE641E8
    Device \Driver\Ftdisk \Device\FtControl IRP_MJ_SYSTEM_CONTROL 8AE641E8
    Device \Driver\Ftdisk \Device\FtControl IRP_MJ_PNP 8AE641E8
    Device \Driver\NetBT \Device\NetBT_Tcpip_{D2EC7E50-71FC-46E9-BACA-B5D03DB36DEA} IRP_MJ_CREATE 8ABB11E8
    Device \Driver\NetBT \Device\NetBT_Tcpip_{D2EC7E50-71FC-46E9-BACA-B5D03DB36DEA} IRP_MJ_CLOSE 8ABB11E8
    Device \Driver\NetBT \Device\NetBT_Tcpip_{D2EC7E50-71FC-46E9-BACA-B5D03DB36DEA} IRP_MJ_DEVICE_CONTROL 8ABB11E8
    Device \Driver\NetBT \Device\NetBT_Tcpip_{D2EC7E50-71FC-46E9-BACA-B5D03DB36DEA} IRP_MJ_INTERNAL_DEVICE_CONTROL 8ABB11E8
    Device \Driver\NetBT \Device\NetBT_Tcpip_{D2EC7E50-71FC-46E9-BACA-B5D03DB36DEA} IRP_MJ_CLEANUP 8ABB11E8
    Device \Driver\NetBT \Device\NetBT_Tcpip_{D2EC7E50-71FC-46E9-BACA-B5D03DB36DEA} IRP_MJ_PNP 8ABB11E8
    Device \Driver\a6w0kosu \Device\Scsi\a6w0kosu1 IRP_MJ_CREATE 8AB21510
    Device \Driver\a6w0kosu \Device\Scsi\a6w0kosu1 IRP_MJ_CLOSE 8AB21510
    Device \Driver\a6w0kosu \Device\Scsi\a6w0kosu1 IRP_MJ_DEVICE_CONTROL 8AB21510
    Device \Driver\a6w0kosu \Device\Scsi\a6w0kosu1 IRP_MJ_INTERNAL_DEVICE_CONTROL 8AB21510
    Device \Driver\a6w0kosu \Device\Scsi\a6w0kosu1 IRP_MJ_POWER 8AB21510
    Device \Driver\a6w0kosu \Device\Scsi\a6w0kosu1 IRP_MJ_SYSTEM_CONTROL 8AB21510
    Device \Driver\a6w0kosu \Device\Scsi\a6w0kosu1 IRP_MJ_PNP 8AB21510
    Device \Driver\a6w0kosu \Device\Scsi\a6w0kosu1Port3Path0Target0Lun0 IRP_MJ_CREATE 8AB21510
    Device \Driver\a6w0kosu \Device\Scsi\a6w0kosu1Port3Path0Target0Lun0 IRP_MJ_CLOSE 8AB21510
    Device \Driver\a6w0kosu \Device\Scsi\a6w0kosu1Port3Path0Target0Lun0 IRP_MJ_DEVICE_CONTROL 8AB21510
    Device \Driver\a6w0kosu \Device\Scsi\a6w0kosu1Port3Path0Target0Lun0 IRP_MJ_INTERNAL_DEVICE_CONTROL 8AB21510
    Device \Driver\a6w0kosu \Device\Scsi\a6w0kosu1Port3Path0Target0Lun0 IRP_MJ_POWER 8AB21510
    Device \Driver\a6w0kosu \Device\Scsi\a6w0kosu1Port3Path0Target0Lun0 IRP_MJ_SYSTEM_CONTROL 8AB21510
    Device \Driver\a6w0kosu \Device\Scsi\a6w0kosu1Port3Path0Target0Lun0 IRP_MJ_PNP 8AB21510
    Device \FileSystem\Fastfat \Fat IRP_MJ_CREATE 89BF31E8
    Device \FileSystem\Fastfat \Fat IRP_MJ_CLOSE 89BF31E8
    Device \FileSystem\Fastfat \Fat IRP_MJ_READ 89BF31E8
    Device \FileSystem\Fastfat \Fat IRP_MJ_WRITE 89BF31E8
    Device \FileSystem\Fastfat \Fat IRP_MJ_QUERY_INFORMATION 89BF31E8
    Device \FileSystem\Fastfat \Fat IRP_MJ_SET_INFORMATION 89BF31E8
    Device \FileSystem\Fastfat \Fat IRP_MJ_QUERY_EA 89BF31E8
    Device \FileSystem\Fastfat \Fat IRP_MJ_SET_EA 89BF31E8
    Device \FileSystem\Fastfat \Fat IRP_MJ_FLUSH_BUFFERS 89BF31E8
    Device \FileSystem\Fastfat \Fat IRP_MJ_QUERY_VOLUME_INFORMATION 89BF31E8
    Device \FileSystem\Fastfat \Fat IRP_MJ_SET_VOLUME_INFORMATION 89BF31E8
    Device \FileSystem\Fastfat \Fat IRP_MJ_DIRECTORY_CONTROL 89BF31E8
    Device \FileSystem\Fastfat \Fat IRP_MJ_FILE_SYSTEM_CONTROL 89BF31E8
    Device \FileSystem\Fastfat \Fat IRP_MJ_DEVICE_CONTROL 89BF31E8
    Device \FileSystem\Fastfat \Fat IRP_MJ_SHUTDOWN 89BF31E8
    Device \FileSystem\Fastfat \Fat IRP_MJ_LOCK_CONTROL 89BF31E8
    Device \FileSystem\Fastfat \Fat IRP_MJ_CLEANUP 89BF31E8
    Device \FileSystem\Fastfat \Fat IRP_MJ_PNP 89BF31E8

    AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_CREATE [BAE6E404] avg7rsw.sys
    AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_CREATE_NAMED_PIPE [BAE6E404] avg7rsw.sys
    AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_CLOSE [BAE6E404] avg7rsw.sys
    AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_READ [BAE6E404] avg7rsw.sys
    AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_WRITE [BAE6E404] avg7rsw.sys
    AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_QUERY_INFORMATION [BAE6E404] avg7rsw.sys
    AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_SET_INFORMATION [BAE6E404] avg7rsw.sys
    AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_QUERY_EA [BAE6E404] avg7rsw.sys
    AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_SET_EA [BAE6E404] avg7rsw.sys
    AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_FLUSH_BUFFERS [BAE6E404] avg7rsw.sys
    AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_QUERY_VOLUME_INFORMATION [BAE6E404] avg7rsw.sys
    AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_SET_VOLUME_INFORMATION [BAE6E404] avg7rsw.sys
    AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_DIRECTORY_CONTROL [BAE6E404] avg7rsw.sys
    AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_FILE_SYSTEM_CONTROL [BAE6E404] avg7rsw.sys
    AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_DEVICE_CONTROL [BAE6E404] avg7rsw.sys
    AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_INTERNAL_DEVICE_CONTROL [BAE6E404] avg7rsw.sys
    AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_SHUTDOWN [BAE6E404] avg7rsw.sys
    AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_LOCK_CONTROL [BAE6E404] avg7rsw.sys
    AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_CLEANUP [BAE6E404] avg7rsw.sys
    AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_CREATE_MAILSLOT [BAE6E404] avg7rsw.sys
    AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_QUERY_SECURITY [BAE6E404] avg7rsw.sys
    AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_SET_SECURITY [BAE6E404] avg7rsw.sys
    AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_POWER [BAE6E404] avg7rsw.sys
    AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_SYSTEM_CONTROL [BAE6E404] avg7rsw.sys
    AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_DEVICE_CHANGE [BAE6E404] avg7rsw.sys
    AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_QUERY_QUOTA [BAE6E404] avg7rsw.sys
    AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_SET_QUOTA [BAE6E404] avg7rsw.sys

    Device \FileSystem\Cdfs \Cdfs IRP_MJ_CREATE 8ADD91E8
    Device \FileSystem\Cdfs \Cdfs IRP_MJ_CLOSE 8ADD91E8
    Device \FileSystem\Cdfs \Cdfs IRP_MJ_READ 8ADD91E8
    Device \FileSystem\Cdfs \Cdfs IRP_MJ_QUERY_INFORMATION 8ADD91E8
    Device \FileSystem\Cdfs \Cdfs IRP_MJ_SET_INFORMATION 8ADD91E8
    Device \FileSystem\Cdfs \Cdfs IRP_MJ_QUERY_VOLUME_INFORMATION 8ADD91E8
    Device \FileSystem\Cdfs \Cdfs IRP_MJ_DIRECTORY_CONTROL 8ADD91E8
    Device \FileSystem\Cdfs \Cdfs IRP_MJ_FILE_SYSTEM_CONTROL 8ADD91E8
    Device \FileSystem\Cdfs \Cdfs IRP_MJ_DEVICE_CONTROL 8ADD91E8
    Device \FileSystem\Cdfs \Cdfs IRP_MJ_SHUTDOWN 8ADD91E8
    Device \FileSystem\Cdfs \Cdfs IRP_MJ_LOCK_CONTROL 8ADD91E8
    Device \FileSystem\Cdfs \Cdfs IRP_MJ_CLEANUP 8ADD91E8
    Device \FileSystem\Cdfs \Cdfs IRP_MJ_PNP 8ADD91E8

    ---- EOF - GMER 1.0.13 ----
     
    noahdfear,
    #43
  5. 2007/10/12
    noahdfear

    noahdfear Inactive

    Joined:
    2003/04/06
    Messages:
    12,178
    Likes Received:
    15
    Gmer log is clean too :)

    Lets see if the catalog files needed for file signature verification are present. Edit the check.bat file we made, replacing it's contents with the following info.

    @echo off
    if exist check.txt del /q check.txt
    dir %Systemroot%\nt5*.cat /a h /s > check.txt
    start notepad check.txt
    cls
    exit

    Double click to run and post the contents of check.txt
     
    noahdfear,
    #44
  6. 2007/10/13
    Flapdoodle

    Flapdoodle Inactive Thread Starter

    Joined:
    2007/10/09
    Messages:
    25
    Likes Received:
    0
    Good to know the log was clean, despite the length.

    check.txt:

    Volume in drive C has no label.
    Volume Serial Number is C88E-D82C

    Directory of C:\WINDOWS\$NtServicePackUninstall$

    08/23/2001 10:00 AM 1,761,253 nt5.cat
    08/23/2001 11:00 AM 470,369 nt5inf.cat
    2 File(s) 2,231,622 bytes

    Directory of C:\WINDOWS\ServicePackFiles\i386

    08/04/2004 03:58 AM 2,012,670 nt5.cat
    08/04/2004 03:58 AM 502,724 nt5inf.cat
    2 File(s) 2,515,394 bytes

    Directory of C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}

    08/04/2004 03:58 AM 2,012,670 nt5.cat
    08/23/2001 10:00 AM 797,189 NT5IIS.CAT
    08/04/2004 03:58 AM 502,724 nt5inf.cat
    3 File(s) 3,312,583 bytes

    Directory of C:\WINDOWS\system32\dllcache

    08/23/2001 10:00 AM 797,189 NT5IIS.CAT
    1 File(s) 797,189 bytes
     
    Flapdoodle,
    #45
  7. 2007/10/13
    noahdfear

    noahdfear Inactive

    Joined:
    2003/04/06
    Messages:
    12,178
    Likes Received:
    15
    Catalog files appear to be in order as well.

    I'm stumped. I've asked around a bit about this as well, just haven't gotten anything back on it. I'll continue trying to find an answer.

    Meanwhile, everything seems to working as it should?
     
    noahdfear,
    #46
  8. 2007/10/13
    Flapdoodle

    Flapdoodle Inactive Thread Starter

    Joined:
    2007/10/09
    Messages:
    25
    Likes Received:
    0
    Haven't noticed anything working out of the ordinary. I'm still watching important online accounts and such as well as I can to be safe.
     
    Flapdoodle,
    #47
  9. 2007/10/14
    noahdfear

    noahdfear Inactive

    Joined:
    2003/04/06
    Messages:
    12,178
    Likes Received:
    15
    Worth a shot ....... go to Windows Update and run the Custom option (note - you may need to install the latest Windows Update software to use the site). Check the Optional updates for any Root Certificate updates and install them. Try running the sigverif tool again using the same options we previously ran.
     
    noahdfear,
    #48
  10. 2007/10/14
    noahdfear

    noahdfear Inactive

    Joined:
    2003/04/06
    Messages:
    12,178
    Likes Received:
    15
    Did you upload another copy of svchost.exe to my submission channel today? If so, where did that copy come from?
     
    noahdfear,
    #49
  11. 2007/10/14
    noahdfear

    noahdfear Inactive

    Joined:
    2003/04/06
    Messages:
    12,178
    Likes Received:
    15
    I'm wondering now if the sigverif problem might have something to do with WMI. Your dss logs indicated a WMI problem. Lets check something else.

    Download the WMI Diagnosis Utility from Microsoft. It is a self-extracting exe. Run it then open the folder it creates and double click the WMIDiag.vbs file to start the tool. You may be prompted that wscript is your default scripting engine and WMIDiag will not produce any echo, which is fine, just means you won't see a graphical interface when it runs. Task Manager will show wscript.exe running on the processes tab until it completes. It should also display a message when it completes.

    When done, click Start>Run and type %temp% then hit Enter. You will see 3 logs named WMIDIAG-V2.0_XP******
    There will be a .log, a .txt and a .csv
    Please post the contents of the txt file. It may be large and require splitting into 2 or more posts.
     
    noahdfear,
    #50
  12. 2007/10/15
    Flapdoodle

    Flapdoodle Inactive Thread Starter

    Joined:
    2007/10/09
    Messages:
    25
    Likes Received:
    0
    No help from Windows Update, and no, that wasn't me uploading another svchost.exe.

    log:
    Code:
    17667 07:34:33 (0) ** WMIDiag v2.0 started on Monday, October 15, 2007 at 07:31.
17668 07:34:33 (0) ** 
17669 07:34:33 (0) ** Copyright (c) Microsoft Corporation. All rights reserved - January 2007.
17670 07:34:33 (0) ** 
17671 07:34:33 (0) ** This script is not supported under any Microsoft standard support program or service.
17672 07:34:33 (0) ** The script is provided AS IS without warranty of any kind. Microsoft further disclaims all
17673 07:34:33 (0) ** implied warranties including, without limitation, any implied warranties of merchantability
17674 07:34:33 (0) ** or of fitness for a particular purpose. The entire risk arising out of the use or performance
17675 07:34:33 (0) ** of the scripts and documentation remains with you. In no event shall Microsoft, its authors,
17676 07:34:33 (0) ** or anyone else involved in the creation, production, or delivery of the script be liable for
17677 07:34:33 (0) ** any damages whatsoever (including, without limitation, damages for loss of business profits,
17678 07:34:33 (0) ** business interruption, loss of business information, or other pecuniary loss) arising out of
17679 07:34:33 (0) ** the use of or inability to use the script or documentation, even if Microsoft has been advised
17680 07:34:33 (0) ** of the possibility of such damages.
17681 07:34:33 (0) ** 
17682 07:34:33 (0) ** 
17683 07:34:33 (0) ** ----------------------------------------------------------------------------------------------------------------------------------
17684 07:34:33 (0) ** ----------------------------------------------------- WMI REPORT: BEGIN ----------------------------------------------------------
17685 07:34:33 (0) ** ----------------------------------------------------------------------------------------------------------------------------------
17686 07:34:33 (0) ** 
17687 07:34:33 (0) ** ----------------------------------------------------------------------------------------------------------------------------------
17688 07:34:33 (0) ** Windows XP - Service pack 2 - 32-bit (2600) - User 'COMPUTRON\KEN' on computer 'COMPUTRON'.
17689 07:34:33 (0) ** ----------------------------------------------------------------------------------------------------------------------------------
17690 07:34:33 (0) ** Environment: ........................................................................................................ OK..
17691 07:34:33 (0) ** System drive: ....................................................................................................... C: (Disk #1 Partition #0).
17692 07:34:33 (0) ** Drive type: ......................................................................................................... IDE (SAMSUNG SP1213C).
17693 07:34:33 (0) ** There are no missing WMI system files: .............................................................................. OK.
17694 07:34:33 (0) ** There are no missing WMI repository files: .......................................................................... OK.
17695 07:34:33 (0) ** WMI repository state: ............................................................................................... NOT TESTED.
17696 07:34:33 (0) ** BEFORE running WMIDiag:
17697 07:34:33 (0) ** The WMI repository has a size of: ................................................................................... 7 MB.
17698 07:34:33 (0) ** - Disk free space on 'C:': .......................................................................................... 31833 MB.
17699 07:34:33 (0) **   - INDEX.BTR,                     1531904 bytes,      10/14/2007 11:35:17 PM
17700 07:34:33 (0) **   - INDEX.MAP,                     800 bytes,          10/15/2007 6:25:23 AM
17701 07:34:33 (0) **   - MAPPING.VER,                   4 bytes,            10/15/2007 6:25:23 AM
17702 07:34:33 (0) **   - MAPPING1.MAP,                  3708 bytes,         10/15/2007 6:25:23 AM
17703 07:34:33 (0) **   - MAPPING2.MAP,                  3708 bytes,         10/15/2007 4:40:23 AM
17704 07:34:33 (0) **   - OBJECTS.DATA,                  5873664 bytes,      10/14/2007 11:35:17 PM
17705 07:34:33 (0) **   - OBJECTS.MAP,                   2916 bytes,         10/15/2007 6:25:23 AM
17706 07:34:33 (0) ** AFTER running WMIDiag:
17707 07:34:33 (0) ** The WMI repository has a size of: ................................................................................... 7 MB.
17708 07:34:33 (0) ** - Disk free space on 'C:': .......................................................................................... 31831 MB.
17709 07:34:33 (0) **   - INDEX.BTR,                     1531904 bytes,      10/14/2007 11:35:17 PM
17710 07:34:33 (0) **   - INDEX.MAP,                     800 bytes,          10/15/2007 6:25:23 AM
17711 07:34:33 (0) **   - MAPPING.VER,                   4 bytes,            10/15/2007 6:25:23 AM
17712 07:34:33 (0) **   - MAPPING1.MAP,                  3708 bytes,         10/15/2007 6:25:23 AM
17713 07:34:33 (0) **   - MAPPING2.MAP,                  3708 bytes,         10/15/2007 4:40:23 AM
17714 07:34:33 (0) **   - OBJECTS.DATA,                  5873664 bytes,      10/14/2007 11:35:17 PM
17715 07:34:33 (0) **   - OBJECTS.MAP,                   2916 bytes,         10/15/2007 6:25:23 AM
17716 07:34:33 (0) ** ----------------------------------------------------------------------------------------------------------------------------------
17717 07:34:33 (2) !! WARNING: Windows Firewall: .......................................................................................... DISABLED.
17718 07:34:33 (0) ** ----------------------------------------------------------------------------------------------------------------------------------
17719 07:34:33 (0) ** DCOM Status: ........................................................................................................ OK.
17720 07:34:33 (0) ** WMI registry setup: ................................................................................................. OK.
17721 07:34:33 (0) ** INFO: WMI service has dependents: ................................................................................... 2 SERVICE(S)!
17722 07:34:33 (0) ** - Security Center (WSCSVC, StartMode='Automatic')
17723 07:34:33 (0) ** - Windows Firewall/Internet Connection Sharing (ICS) (SHAREDACCESS, StartMode='Automatic')
17724 07:34:33 (0) ** => If the WMI service is stopped, the listed service(s) will have to be stopped as well.
17725 07:34:33 (0) **    Note: If the service is marked with (*), it means that the service/application uses WMI but
17726 07:34:33 (0) **          there is no hard dependency on WMI. However, if the WMI service is stopped,
17727 07:34:33 (0) **          this can prevent the service/application to work as expected.
17728 07:34:33 (0) ** 
17729 07:34:33 (0) ** RPCSS service: ...................................................................................................... OK (Already started).
17730 07:34:33 (0) ** WINMGMT service: .................................................................................................... OK (Already started).
17731 07:34:33 (0) ** ----------------------------------------------------------------------------------------------------------------------------------
17732 07:34:33 (0) ** WMI service DCOM setup: ............................................................................................. OK.
17733 07:34:33 (0) ** WMI components DCOM registrations: .................................................................................. OK.
17734 07:34:33 (0) ** WMI ProgID registrations: ........................................................................................... OK.
17735 07:34:33 (0) ** WMI provider DCOM registrations: .................................................................................... OK.
17736 07:34:33 (0) ** WMI provider CIM registrations: ..................................................................................... OK.
17737 07:34:33 (0) ** WMI provider CLSIDs: ................................................................................................ OK.
17738 07:34:33 (0) ** WMI providers EXE/DLL availability: ................................................................................. OK.
17739 07:34:33 (0) ** ----------------------------------------------------------------------------------------------------------------------------------
17740 07:34:33 (0) ** Overall DCOM security status: ....................................................................................... OK.
17741 07:34:33 (0) ** Overall WMI security status: ........................................................................................ OK.
17742 07:34:33 (0) ** - Started at 'Root' --------------------------------------------------------------------------------------------------------------
17743 07:34:33 (0) ** INFO: WMI permanent SUBSCRIPTION(S): ................................................................................ 2.
17744 07:34:33 (0) ** - ROOT/SUBSCRIPTION, MSFT_UCScenarioControl.Name= "Microsoft WMI Updating Consumer Scenario Control ".
17745 07:34:33 (0) **   'SELECT * FROM __InstanceOperationEvent WHERE TargetInstance ISA 'MSFT_UCScenario''
17746 07:34:33 (0) ** - ROOT/SUBSCRIPTION, NTEventLogEventConsumer.Name= "SCM Event Log Consumer ".
17747 07:34:33 (0) **   'select * from MSFT_SCMEventLogEvent'
17748 07:34:33 (0) ** 
17749 07:34:33 (0) ** WMI TIMER instruction(s): ........................................................................................... NONE.
17750 07:34:33 (0) ** INFO: WMI ADAP status: .............................................................................................. 2.
17751 07:34:33 (0) ** => The WMI ADAP process is processing a performance library (2).
17752 07:34:33 (0) **    Some WMI performance classes could be missing at the time WMIDiag was executed.
17753 07:34:33 (0) ** WMI MONIKER CONNECTIONS: ............................................................................................ OK.
17754 07:34:33 (0) ** WMI CONNECTIONS: .................................................................................................... OK.
17755 07:34:33 (0) ** WMI GET operations: ................................................................................................. OK.
17756 07:34:33 (0) ** WMI MOF representations: ............................................................................................ OK.
17757 07:34:33 (0) ** WMI QUALIFIER access operations: .................................................................................... OK.
17758 07:34:33 (0) ** WMI ENUMERATION operations: ......................................................................................... OK.
17759 07:34:33 (0) ** WMI EXECQUERY operations: ........................................................................................... OK.
17760 07:34:33 (0) ** WMI GET VALUE operations: ........................................................................................... OK.
17761 07:34:33 (0) ** WMI WRITE operations: ............................................................................................... NOT TESTED.
17762 07:34:33 (0) ** WMI PUT operations: ................................................................................................. NOT TESTED.
17763 07:34:33 (0) ** WMI DELETE operations: .............................................................................................. NOT TESTED.
17764 07:34:33 (0) ** WMI static instances retrieved: ..................................................................................... 611.
17765 07:34:33 (0) ** WMI dynamic instances retrieved: .................................................................................... 0.
17766 07:34:33 (0) ** WMI instance request cancellations (to limit performance impact): ................................................... 0.
17767 07:34:33 (0) ** ----------------------------------------------------------------------------------------------------------------------------------
17768 07:34:33 (0) ** # of Event Log events BEFORE WMIDiag execution since the last 20 day(s):
17769 07:34:33 (0) **   DCOM: ............................................................................................................. 0.
17770 07:34:33 (0) **   WINMGMT: .......................................................................................................... 0.
17771 07:34:33 (0) **   WMIADAPTER: ....................................................................................................... 0.
17772 07:34:33 (0) ** 
17773 07:34:33 (0) ** # of additional Event Log events AFTER WMIDiag execution:
17774 07:34:33 (0) **   DCOM: ............................................................................................................. 0.
17775 07:34:33 (0) **   WINMGMT: .......................................................................................................... 0.
17776 07:34:33 (0) **   WMIADAPTER: ....................................................................................................... 0.
17777 07:34:33 (0) ** ----------------------------------------------------------------------------------------------------------------------------------
17778 07:34:33 (0) ** WMI Registry key setup: ............................................................................................. OK.
17779 07:34:33 (0) ** ----------------------------------------------------------------------------------------------------------------------------------
17780 07:34:33 (0) ** ----------------------------------------------------------------------------------------------------------------------------------
17781 07:34:33 (0) ** ----------------------------------------------------------------------------------------------------------------------------------
17782 07:34:33 (0) ** ----------------------------------------------------------------------------------------------------------------------------------
17783 07:34:33 (0) ** 
17784 07:34:33 (0) ** ----------------------------------------------------------------------------------------------------------------------------------
17785 07:34:33 (0) ** ------------------------------------------------------ WMI REPORT: END -----------------------------------------------------------
17786 07:34:33 (0) ** ----------------------------------------------------------------------------------------------------------------------------------
17787 07:34:33 (0) ** 
17788 07:34:33 (0) ** SUCCESS: WMIDiag determined that WMI works CORRECTLY.
17789 07:34:33 (0) ** 
17790 07:34:33 (0) ** WMIDiag v2.0 ended on Monday, October 15, 2007 at 07:34 (W:46 E:2 S:0).
     
    Flapdoodle,
    #51
  13. 2007/10/15
    noahdfear

    noahdfear Inactive

    Joined:
    2003/04/06
    Messages:
    12,178
    Likes Received:
    15
    Well shucks! Appears WMI is working correctly. I have nothing else to offer at the moment, but I will let you know as soon as I do.
     
    noahdfear,
    #52
  14. 2007/10/15
    noahdfear

    noahdfear Inactive

    Joined:
    2003/04/06
    Messages:
    12,178
    Likes Received:
    15
    Boot to safe mode and logon to the Administrator account, then run sigverif, again selecting the advanced scan options for system32 and *.exe

    If you get normal results, try creating a new user account with Admin rights, while logged on the Admin account, then run sigverif from the new account in normal mode.
     
    noahdfear,
    #53
Page 3 of 3

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...