Old 09-11-2007, 18:08   #101
*post doppio
Old 09-11-2007, 20:50   #102
* post triplo connessione del cavolo, sorry.
Old 11-11-2007, 18:40   #103
Ciao Chill-Out e grazie, per il consiglio.

Mi sono sentito risolleevato nel sentire che non è grave.

Scusami anche per il ritardo, ma siccome ancora non riesco ad entrare nel Pc, non sono riuscito a risponderti prima. Infatti come dicevo, nel riavvio il PC si bloccava appena appariva la schermata con 2 strisce blu in alto ed in basso, con l'unica possibilità del riavvio all'infinito.

siccome ho solo un Hard Disk, e quindi nessuna possibilità di poterlo usare, come posso riuscire a correggere questo errore da me?

Old 11-11-2007, 20:18   #104
Originariamente inviato da Sangoor Guarda i messaggi
Ciao Chill-Out e grazie, per il consiglio.

Mi sono sentito risolleevato nel sentire che non è grave.

Scusami anche per il ritardo, ma siccome ancora non riesco ad entrare nel Pc, non sono riuscito a risponderti prima. Infatti come dicevo, nel riavvio il PC si bloccava appena appariva la schermata con 2 strisce blu in alto ed in basso, con l'unica possibilità del riavvio all'infinito.

siccome ho solo un Hard Disk, e quindi nessuna possibilità di poterlo usare, come posso riuscire a correggere questo errore da me?

Old 12-11-2007, 20:10   #105
Senior Member
Chill-Out, io provo ad allegare un mio log di GMER sperando me lo prenda, sto facendo ora la scansione, ma di tutti i vari programmi antivirus e sicurezza è l'unico che conosco poco; me lo ha consigliato xcdegasp (Daniele) in persona, quindi mi fido.
Ecco il log:
Ecco il log:
Old 12-11-2007, 20:38   #106
Old 12-11-2007, 21:02   #107
Grazie Bugs
Old 17-12-2007, 18:10   #108
mi trova 3 voci non in rosso ma che dicono msg strani, qlcuno mi può dare 1 controllatina, grazie.
Old 17-12-2007, 18:16   #109
sono questi i mess strani?
---- Kernel code sections - GMER 1.0.13 ----

? C:\WINDOWS\system32\drivers\sptd.sys Impossibile accedere al file. Il file è utilizzato da un altro processo.
.text USBPORT.SYS!DllUnload B90E762C 5 Bytes JMP 899D71C8
? System32\Drivers\ah41v934.SYS Impossibile trovare il file specificato.
? C:\WINDOWS\system32\Drivers\mchInjDrv.sys Impossibile trovare il file specificato.
Old 17-12-2007, 18:49   #110
esatto Murack, forse mi erano già comparsi ma non ci avevo mai fatto caso, io sapevo che se gmer trova righe rosse sono cavoli amari, quelle righe sono nere però danno msg per me strani, parlo da inesperto ovviamente....
Old 17-12-2007, 19:13   #111
hai per caso installato programmi tipo daemon tools?
programmi che creano finte unità dvd/cd x conservere nel pc setup di programmi come office,nero,ecc?
a me quel file (sptd.sys) mi è comparso quando ho installato daemon tools e quando l'ho rimosso ho dovuto rimuovere manualmente quel file e altri casini che nn ricordo...forse è per questo che ti da quei nn ne sono sicuro
Old 17-12-2007, 22:15   #112
Originariamente inviato da murack83pa Guarda i messaggi
hai per caso installato programmi tipo daemon tools?
programmi che creano finte unità dvd/cd x conservere nel pc setup di programmi come office,nero,ecc?
a me quel file (sptd.sys) mi è comparso quando ho installato daemon tools e quando l'ho rimosso ho dovuto rimuovere manualmente quel file e altri casini che nn ricordo...forse è per questo che ti da quei nn ne sono sicuro
si, ho installato daemon tools, mi serviva per montare una immagine, e anche alcohol 120, office e nero li ho da sempre.
dici che avere installato DT può creare problemi?
Old 17-12-2007, 22:16   #113
Originariamente inviato da murack83pa Guarda i messaggi
hai per caso installato programmi tipo daemon tools?
programmi che creano finte unità dvd/cd x conservere nel pc setup di programmi come office,nero,ecc?
a me quel file (sptd.sys) mi è comparso quando ho installato daemon tools e quando l'ho rimosso ho dovuto rimuovere manualmente quel file e altri casini che nn ricordo...forse è per questo che ti da quei nn ne sono sicuro
si, ho installato daemon tools, mi serviva per montare una immagine, e anche alcohol 120, office e nero li ho da sempre.
dici che avere installato DT può creare problemi operativi?

scusate il post doppio, questo è quello buono.
Old 17-12-2007, 22:19   #114
i miei problemi sono sorti quando ho disinstallato daemons tool, nn so xò a cosa sia dovuto il tuo specifico problema
vediamo cosa dicono gli altri
vediamo cosa dicono gli altri
Old 05-01-2008, 22:39   #115
Per quanto riguarda Daemon tools leggete qui:
Old 25-01-2008, 11:35   #116
Version del 2008.01.18

Segnalo l'uscita della nuova versione Version del 2008.01.18

Scaricabile al seguente indirizzo:
Old 07-02-2008, 15:55   #117
potete controllarmi questo log di gmer?ecco il link:
niente voci in rosso cmq...
Old 08-03-2008, 11:31   #118
Non ci capisco più niente...sto usando gmer per analizzare il mio portatile su cui gira windows vista preinstallato da più di un anno (che dovrebbe essere compatibile da come ho letto sul sito di gmer) e certe volte mi trova degli "hidden process" e certe volte non trova nulla...ho riinstallato vista (utilizzando il famigerato dvd di ripristino fornitomi con il portatile) e pochi altri programmi (non daemon tools o simili) e ancora la stessa storia...certe volte ci sono degli "hidden process" e certe volte no...allego l'ultimo log di gmer sperando che possiate aiutarmi a capire. Ah, per la cronaca ho provato anche a utilizzare "avg antirootkit free" per analizzare il sistema, ma lui non trova mai nessun rootkit.

Rootkit scan 2008-03-08 12:18:35
Windows 6.0.6000 

---- Devices - GMER 1.0.14 ----

AttachedDevice  \Driver\kbdclass \Device\KeyboardClass0                                                Wdf01000.sys (WDF dinamico/Microsoft Corporation)
AttachedDevice  \Driver\kbdclass \Device\KeyboardClass1                                                Wdf01000.sys (WDF dinamico/Microsoft Corporation)
AttachedDevice  \Driver\tdx \Device\Tcp                                                                aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
AttachedDevice  \Driver\tdx \Device\Udp                                                                aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
AttachedDevice  \FileSystem\fastfat \Fat                                                               fltmgr.sys (Gestione filtri file system Microsoft/Microsoft Corporation)

---- Processes - GMER 1.0.14 ----

Process         hidden process (*** hidden *** )                                                       724                                                                       
Process         hidden process (*** hidden *** )                                                       1752                                                                      
Process         hidden process (*** hidden *** )                                                       1784                                                                      
Process         hidden process (*** hidden *** )                                                       1816                                                                      
Process         hidden process (*** hidden *** )                                                       2008                                                                      
Process         hidden process (*** hidden *** )                                                       16188                                                                     

---- Registry - GMER 1.0.14 ----

Reg             HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\00173104e249            
Reg             HKLM\SYSTEM\ControlSet003\Services\BTHPORT\Parameters\Keys\00173104e249                
Reg             HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\EMDMgmt\òoÅÃ                         
Reg             HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\EMDMgmt\òoÅÃ@CacheSizeInMB           0
Reg             HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\EMDMgmt\òoÅÃ@CacheStatus             2
Reg             HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\EMDMgmt\òoÅÃ@USBVersion              131072
Reg             HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\EMDMgmt\òoÅÃ@ReadSpeedKBs            0
Reg             HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\EMDMgmt\òoÅÃ@WriteSpeedKBs           0
Reg             HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\EMDMgmt\òoÅÃ@PhysicalDeviceSizeMB    476937
Reg             HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\EMDMgmt\òoÅÃ@RecommendedCacheSizeMB  0
Reg             HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\EMDMgmt\òoÅÃ@HasSlowRegions          0
Reg             HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\EMDMgmt\òoÅÃ@DoRetestDevice          0
Reg             HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\EMDMgmt\òoÅÃ@DeviceStatus            1
Reg             HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\EMDMgmt\òoÅÃ@LastTestedTime          0x00 0x00 0x00 0x00 ...

---- EOF - GMER 1.0.14 ----
Old 09-03-2008, 15:01   #119
salve a tutti.
Ieri ho provato gmer sul mio notebook (con Xp).
Ho avviato l'eseguibile e, dopo una serie di log (di colore nero, quelli che escono all'inizio), ho avviato la scansione tramite il tasto Scan (ovviamente ho lasciato flaggate le voci sulla destra come di default).
Per due volte, dopo una decina di secondi, il programma si è autoterminato chiedendomi se inviare a wndws il messaggio di errore.
La terza volta è riuscito a terminare la scansione producendo log di colore nero.
Ho dunque alcune domande:
1) ho letto in qualche post che gmer lavora a basso livello, dunque può provocare problemi di crash. A me ha dato, come ho già detto, un errore tale da terminarlo automaticamente. è possibile che si verifichino danni seri al so, o ai dati sull'hd?
2) la scansione portata a termine è durata circa 30min. Ciò è dovuto al disordine infernale e al numero spropositato di cartelle e dati presenti sul io pc o è una cosa anormale?
3) il fatto di avere dei log di colore nero garantisce che non sono presenti rootkit?
4) quale altro antirootkit mi consigliate da usare insieme a gmer? (ho visto che i + scrupolosi arrivano ad usare 3 antirootkit diversi)

Old 11-03-2008, 14:30   #120
Ciao ragazzi... ecco il mio log, mi devo preoccupare?

Rootkit scan 2008-03-08 13:51:36
Windows 5.1.2600 Service Pack 2

---- System - GMER 1.0.14 ----

SSDT            \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC)                                                                       ZwConnectPort [0xAE250040]
SSDT            \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC)                                                                       ZwCreateFile [0xAE24C930]
SSDT            \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC)                                                                       ZwCreateKey [0xAE257A80]
SSDT            \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC)                                                                       ZwCreatePort [0xAE250510]
SSDT            \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC)                                                                       ZwCreateProcess [0xAE256870]
SSDT            \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC)                                                                       ZwCreateProcessEx [0xAE256AA0]
SSDT            \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC)                                                                       ZwCreateSection [0xAE259FD0]
SSDT            \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC)                                                                       ZwCreateWaitablePort [0xAE250600]
SSDT            \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC)                                                                       ZwDeleteFile [0xAE24CF20]
SSDT            \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC)                                                                       ZwDeleteKey [0xAE2586E0]
SSDT            \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC)                                                                       ZwDeleteValueKey [0xAE258440]
SSDT            \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC)                                                                       ZwDuplicateObject [0xAE256580]
SSDT            sptd.sys                                                                                                                                          ZwEnumerateKey [0xF772CE2C]
SSDT            sptd.sys                                                                                                                                          ZwEnumerateValueKey [0xF772D1BA]
SSDT            \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC)                                                                       ZwLoadKey [0xAE2588B0]
SSDT            \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC)                                                                       ZwOpenFile [0xAE24CD70]
SSDT            sptd.sys                                                                                                                                          ZwOpenKey [0xF77270B0]
SSDT            \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC)                                                                       ZwOpenProcess [0xAE256350]
SSDT            \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC)                                                                       ZwOpenThread [0xAE256150]
SSDT            sptd.sys                                                                                                                                          ZwQueryKey [0xF772D292]
SSDT            sptd.sys                                                                                                                                          ZwQueryValueKey [0xF772D112]
SSDT            \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC)                                                                       ZwRenameKey [0xAE259250]
SSDT            \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC)                                                                       ZwReplaceKey [0xAE258CB0]
SSDT            \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC)                                                                       ZwRequestWaitReplyPort [0xAE24FC00]
SSDT            \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC)                                                                       ZwRestoreKey [0xAE259080]
SSDT            \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC)                                                                       ZwSecureConnectPort [0xAE250220]
SSDT            \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC)                                                                       ZwSetInformationFile [0xAE24D120]
SSDT            \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC)                                                                       ZwSetValueKey [0xAE258140]
SSDT            \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC)                                                                       ZwTerminateProcess [0xAE256CD0]

INT 0x01        \SystemRoot\system32\DRIVERS\ati2mtag.sys                                                                                                         F6B6F4F6
INT 0x03        \SystemRoot\system32\DRIVERS\ati2mtag.sys                                                                                                         F6B6F59C

Code            AA561E2C                                                                                                                                          IoWriteOperationCount

---- Kernel code sections - GMER 1.0.14 ----

.text           ntoskrnl.exe!ZwYieldExecution + 137                                                                                                               804E4FF8 12 Bytes  [ 10, 05, 25, AE, 70, 68, 25, ... ]
?               C:\WINDOWS\system32\drivers\sptd.sys                                                                                                              Impossibile accedere al file. Il file è utilizzato da un altro processo.
?               srescan.sys                                                                                                                                       Impossibile trovare il file specificato. !
.text           USBPORT.SYS!DllUnload                                                                                                                             F69B462C 5 Bytes  JMP 85A40358 
?               System32\Drivers\ayxfi2ma.SYS                                                                                                                     Impossibile trovare il file specificato. !

---- User code sections - GMER 1.0.14 ----

.text           C:\Documents and Settings\Livios\Desktop\Log ed utility\gmer\gmer.exe[2436] kernel32.dll!LoadLibraryA                                             7C801D77 5 Bytes  JMP 10005BB0 C:\Programmi\ATI Tray Tools\raphook.dll
.text           C:\Programmi\Zone Labs\ZoneAlarm\zlclient.exe[2560] kernel32.dll!LoadLibraryA                                                                     7C801D77 5 Bytes  JMP 01CB5BB0 C:\Programmi\ATI Tray Tools\raphook.dll

---- Kernel IAT/EAT - GMER 1.0.14 ----

IAT             \WINDOWS\System32\Drivers\SCSIPORT.SYS[ntoskrnl.exe!IoConnectInterrupt]                                                                           [F773D886] sptd.sys
IAT             pci.sys[ntoskrnl.exe!IoDetachDevice]                                                                                                              [F773D832] sptd.sys
IAT             pci.sys[ntoskrnl.exe!IoAttachDeviceToDeviceStack]                                                                                                 [F775F892] sptd.sys
IAT             atapi.sys[ntoskrnl.exe!IoConnectInterrupt]                                                                                                        [F773D886] sptd.sys
IAT             atapi.sys[HAL.dll!READ_PORT_UCHAR]                                                                                                                [F7727AD4] sptd.sys
IAT             atapi.sys[HAL.dll!READ_PORT_BUFFER_USHORT]                                                                                                        [F7727C1A] sptd.sys
IAT             atapi.sys[HAL.dll!READ_PORT_USHORT]                                                                                                               [F7727B9C] sptd.sys
IAT             atapi.sys[HAL.dll!WRITE_PORT_BUFFER_USHORT]                                                                                                       [F7728748] sptd.sys
IAT             atapi.sys[HAL.dll!WRITE_PORT_UCHAR]                                                                                                               [F772861E] sptd.sys
IAT             \SystemRoot\System32\DRIVERS\i8042prt.sys[HAL.dll!READ_PORT_UCHAR]                                                                                [F773CACA] sptd.sys
IAT             \SystemRoot\System32\DRIVERS\raspppoe.sys[NDIS.SYS!NdisRegisterProtocol]                                                                          [AE254CA0] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC)
IAT             \SystemRoot\System32\DRIVERS\raspppoe.sys[NDIS.SYS!NdisOpenAdapter]                                                                               [AE2551C0] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC)
IAT             \SystemRoot\System32\DRIVERS\raspppoe.sys[NDIS.SYS!NdisCloseAdapter]                                                                              [AE255320] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC)
IAT             \SystemRoot\System32\DRIVERS\raspppoe.sys[NDIS.SYS!NdisDeregisterProtocol]                                                                        [AE254E10] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC)
IAT             \SystemRoot\System32\DRIVERS\psched.sys[NDIS.SYS!NdisDeregisterProtocol]                                                                          [AE254E10] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC)
IAT             \SystemRoot\System32\DRIVERS\psched.sys[NDIS.SYS!NdisRegisterProtocol]                                                                            [AE254CA0] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC)
IAT             \SystemRoot\System32\DRIVERS\psched.sys[NDIS.SYS!NdisOpenAdapter]                                                                                 [AE2551C0] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC)
IAT             \SystemRoot\System32\DRIVERS\psched.sys[NDIS.SYS!NdisCloseAdapter]                                                                                [AE255320] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC)
IAT             \SystemRoot\System32\Drivers\NDProxy.SYS[NDIS.SYS!NdisRegisterProtocol]                                                                           [AE254CA0] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC)
IAT             \SystemRoot\System32\Drivers\NDProxy.SYS[NDIS.SYS!NdisCloseAdapter]                                                                               [AE255320] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC)
IAT             \SystemRoot\System32\Drivers\NDProxy.SYS[NDIS.SYS!NdisOpenAdapter]                                                                                [AE2551C0] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC)
IAT             \SystemRoot\System32\Drivers\NDProxy.SYS[NDIS.SYS!NdisDeregisterProtocol]                                                                         [AE254E10] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC)
IAT             \SystemRoot\System32\DRIVERS\tcpip.sys[NDIS.SYS!NdisCloseAdapter]                                                                                 [AE255320] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC)
IAT             \SystemRoot\System32\DRIVERS\tcpip.sys[NDIS.SYS!NdisRegisterProtocol]                                                                             [AE254CA0] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC)
IAT             \SystemRoot\System32\DRIVERS\tcpip.sys[NDIS.SYS!NdisOpenAdapter]                                                                                  [AE2551C0] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC)
IAT             \SystemRoot\System32\DRIVERS\wanarp.sys[NDIS.SYS!NdisDeregisterProtocol]                                                                          [AE254E10] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC)
IAT             \SystemRoot\System32\DRIVERS\wanarp.sys[NDIS.SYS!NdisRegisterProtocol]                                                                            [AE254CA0] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC)
IAT             \SystemRoot\System32\DRIVERS\wanarp.sys[NDIS.SYS!NdisOpenAdapter]                                                                                 [AE2551C0] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC)
IAT             \SystemRoot\System32\DRIVERS\wanarp.sys[NDIS.SYS!NdisCloseAdapter]                                                                                [AE255320] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC)
IAT             \SystemRoot\System32\drivers\afd.sys[ntoskrnl.exe!IoCreateFile]                                                                                   [AE262330] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC)
IAT             \SystemRoot\System32\DRIVERS\ndisuio.sys[NDIS.SYS!NdisRegisterProtocol]                                                                           [AE254CA0] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC)
IAT             \SystemRoot\System32\DRIVERS\ndisuio.sys[NDIS.SYS!NdisDeregisterProtocol]                                                                         [AE254E10] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC)
IAT             \SystemRoot\System32\DRIVERS\ndisuio.sys[NDIS.SYS!NdisCloseAdapter]                                                                               [AE255320] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC)
IAT             \SystemRoot\System32\DRIVERS\ndisuio.sys[NDIS.SYS!NdisOpenAdapter]                                                                                [AE2551C0] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC)
IAT             \SystemRoot\System32\DRIVERS\srv.sys[ntoskrnl.exe!NtOpenFile]                                                                                     [AE24D670] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC)
IAT             \SystemRoot\System32\DRIVERS\srv.sys[ntoskrnl.exe!NtSetInformationFile]                                                                           [AE24D5C0] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC)
IAT             \SystemRoot\System32\DRIVERS\srv.sys[ntoskrnl.exe!IoCreateFile]                                                                                   [AE24D770] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC)
IAT             \SystemRoot\System32\DRIVERS\srv.sys[ntoskrnl.exe!NtCreateFile]                                                                                   [AE24D2D0] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC)

---- User IAT/EAT - GMER 1.0.14 ----

IAT             C:\WINDOWS\Explorer.EXE[1536] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile]                                                         [01E72E70] C:\Programmi\File comuni\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
IAT             C:\WINDOWS\Explorer.EXE[1536] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile]                                                [01E72C30] C:\Programmi\File comuni\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
IAT             C:\WINDOWS\Explorer.EXE[1536] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose]                                                              [01E72C50] C:\Programmi\File comuni\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
IAT             C:\WINDOWS\Explorer.EXE[1536] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject]                                                    [01E72C40] C:\Programmi\File comuni\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
IAT             C:\WINDOWS\system32\wscntfy.exe[2264] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile]                                                 [00802E70] C:\Programmi\File comuni\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
IAT             C:\WINDOWS\system32\wscntfy.exe[2264] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile]                                        [00802C30] C:\Programmi\File comuni\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
IAT             C:\WINDOWS\system32\wscntfy.exe[2264] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose]                                                      [00802C50] C:\Programmi\File comuni\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
IAT             C:\WINDOWS\system32\wscntfy.exe[2264] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject]                                            [00802C40] C:\Programmi\File comuni\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
IAT             C:\Programmi\Mozilla Firefox\firefox.exe[2296] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile]                                        [010F2E70] C:\Programmi\File comuni\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
IAT             C:\Programmi\Mozilla Firefox\firefox.exe[2296] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile]                               [010F2C30] C:\Programmi\File comuni\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
IAT             C:\Programmi\Mozilla Firefox\firefox.exe[2296] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose]                                             [010F2C50] C:\Programmi\File comuni\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
IAT             C:\Programmi\Mozilla Firefox\firefox.exe[2296] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject]                                   [010F2C40] C:\Programmi\File comuni\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
IAT             C:\Programmi\Mozilla Firefox\firefox.exe[2296] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter]                      [018973CC] C:\Programmi\Mozilla Firefox\extensions\\components\FULLSOFT.DLL (Talkback Library/Full Circle Software, Inc.)
IAT             C:\Programmi\Mozilla Firefox\firefox.exe[2296] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA]                                     [01897376] C:\Programmi\Mozilla Firefox\extensions\\components\FULLSOFT.DLL (Talkback Library/Full Circle Software, Inc.)
IAT             C:\Programmi\Mozilla Firefox\firefox.exe[2296] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA]                                       [01897376] C:\Programmi\Mozilla Firefox\extensions\\components\FULLSOFT.DLL (Talkback Library/Full Circle Software, Inc.)
IAT             C:\Programmi\Mozilla Firefox\firefox.exe[2296] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!SetUnhandledExceptionFilter]                        [018973CC] C:\Programmi\Mozilla Firefox\extensions\\components\FULLSOFT.DLL (Talkback Library/Full Circle Software, Inc.)
IAT             C:\Programmi\Mozilla Firefox\firefox.exe[2296] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryA]                                       [01897376] C:\Programmi\Mozilla Firefox\extensions\\components\FULLSOFT.DLL (Talkback Library/Full Circle Software, Inc.)
IAT             C:\Programmi\Mozilla Firefox\firefox.exe[2296] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!SetUnhandledExceptionFilter]                        [018973CC] C:\Programmi\Mozilla Firefox\extensions\\components\FULLSOFT.DLL (Talkback Library/Full Circle Software, Inc.)
IAT             C:\Programmi\Mozilla Firefox\firefox.exe[2296] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!SetUnhandledExceptionFilter]                       [018973CC] C:\Programmi\Mozilla Firefox\extensions\\components\FULLSOFT.DLL (Talkback Library/Full Circle Software, Inc.)
IAT             C:\Programmi\Mozilla Firefox\firefox.exe[2296] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!LoadLibraryA]                                      [01897376] C:\Programmi\Mozilla Firefox\extensions\\components\FULLSOFT.DLL (Talkback Library/Full Circle Software, Inc.)
IAT             C:\Programmi\Mozilla Firefox\firefox.exe[2296] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA]                                       [01897376] C:\Programmi\Mozilla Firefox\extensions\\components\FULLSOFT.DLL (Talkback Library/Full Circle Software, Inc.)
IAT             C:\Programmi\Mozilla Firefox\firefox.exe[2296] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!SetUnhandledExceptionFilter]                        [018973CC] C:\Programmi\Mozilla Firefox\extensions\\components\FULLSOFT.DLL (Talkback Library/Full Circle Software, Inc.)
IAT             C:\Programmi\Mozilla Firefox\firefox.exe[2296] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter]                         [018973CC] C:\Programmi\Mozilla Firefox\extensions\\components\FULLSOFT.DLL (Talkback Library/Full Circle Software, Inc.)
IAT             C:\Programmi\Mozilla Firefox\firefox.exe[2296] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA]                                        [01897376] C:\Programmi\Mozilla Firefox\extensions\\components\FULLSOFT.DLL (Talkback Library/Full Circle Software, Inc.)
IAT             C:\Programmi\Mozilla Firefox\firefox.exe[2296] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!SetUnhandledExceptionFilter]                       [018973CC] C:\Programmi\Mozilla Firefox\extensions\\components\FULLSOFT.DLL (Talkback Library/Full Circle Software, Inc.)
IAT             C:\Programmi\Mozilla Firefox\firefox.exe[2296] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA]                                      [01897376] C:\Programmi\Mozilla Firefox\extensions\\components\FULLSOFT.DLL (Talkback Library/Full Circle Software, Inc.)
IAT             C:\Programmi\Mozilla Firefox\firefox.exe[2296] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!SetUnhandledExceptionFilter]                       [018973CC] C:\Programmi\Mozilla Firefox\extensions\\components\FULLSOFT.DLL (Talkback Library/Full Circle Software, Inc.)
IAT             C:\Programmi\Mozilla Firefox\firefox.exe[2296] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA]                                      [01897376] C:\Programmi\Mozilla Firefox\extensions\\components\FULLSOFT.DLL (Talkback Library/Full Circle Software, Inc.)
IAT             C:\Programmi\Mozilla Firefox\firefox.exe[2296] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA]                                        [01897376] C:\Programmi\Mozilla Firefox\extensions\\components\FULLSOFT.DLL (Talkback Library/Full Circle Software, Inc.)
IAT             C:\Programmi\Mozilla Firefox\firefox.exe[2296] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!SetUnhandledExceptionFilter]                         [018973CC] C:\Programmi\Mozilla Firefox\extensions\\components\FULLSOFT.DLL (Talkback Library/Full Circle Software, Inc.)
IAT             C:\Programmi\Mozilla Firefox\firefox.exe[2296] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!LoadLibraryA]                                        [01897376] C:\Programmi\Mozilla Firefox\extensions\\components\FULLSOFT.DLL (Talkback Library/Full Circle Software, Inc.)
IAT             C:\Programmi\Mozilla Firefox\firefox.exe[2296] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!SetUnhandledExceptionFilter]                         [018973CC] C:\Programmi\Mozilla Firefox\extensions\\components\FULLSOFT.DLL (Talkback Library/Full Circle Software, Inc.)
IAT             C:\Programmi\Mozilla Firefox\firefox.exe[2296] @ C:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!SetUnhandledExceptionFilter]                      [018973CC] C:\Programmi\Mozilla Firefox\extensions\\components\FULLSOFT.DLL (Talkback Library/Full Circle Software, Inc.)
IAT             C:\Programmi\Mozilla Firefox\firefox.exe[2296] @ C:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!LoadLibraryA]                                     [01897376] C:\Programmi\Mozilla Firefox\extensions\\components\FULLSOFT.DLL (Talkback Library/Full Circle Software, Inc.)
IAT             C:\Programmi\Mozilla Firefox\firefox.exe[2296] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryA]                                      [01897376] C:\Programmi\Mozilla Firefox\extensions\\components\FULLSOFT.DLL (Talkback Library/Full Circle Software, Inc.)
IAT             C:\Programmi\Mozilla Firefox\firefox.exe[2296] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!SetUnhandledExceptionFilter]                       [018973CC] C:\Programmi\Mozilla Firefox\extensions\\components\FULLSOFT.DLL (Talkback Library/Full Circle Software, Inc.)
IAT             C:\Programmi\Mozilla Firefox\firefox.exe[2296] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!SetUnhandledExceptionFilter]                       [018973CC] C:\Programmi\Mozilla Firefox\extensions\\components\FULLSOFT.DLL (Talkback Library/Full Circle Software, Inc.)
IAT             C:\Programmi\Mozilla Firefox\firefox.exe[2296] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA]                                      [01897376] C:\Programmi\Mozilla Firefox\extensions\\components\FULLSOFT.DLL (Talkback Library/Full Circle Software, Inc.)
IAT             C:\Programmi\Mozilla Firefox\firefox.exe[2296] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter]                      [018973CC] C:\Programmi\Mozilla Firefox\extensions\\components\FULLSOFT.DLL (Talkback Library/Full Circle Software, Inc.)
IAT             C:\Programmi\Mozilla Firefox\firefox.exe[2296] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryA]                                     [01897376] C:\Programmi\Mozilla Firefox\extensions\\components\FULLSOFT.DLL (Talkback Library/Full Circle Software, Inc.)
IAT             C:\Programmi\Mozilla Firefox\firefox.exe[2296] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryA]                                      [01897376] C:\Programmi\Mozilla Firefox\extensions\\components\FULLSOFT.DLL (Talkback Library/Full Circle Software, Inc.)
IAT             C:\Programmi\Mozilla Firefox\firefox.exe[2296] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!SetUnhandledExceptionFilter]                       [018973CC] C:\Programmi\Mozilla Firefox\extensions\\components\FULLSOFT.DLL (Talkback Library/Full Circle Software, Inc.)
IAT             C:\Documents and Settings\Livios\Desktop\Log ed utility\gmer\gmer.exe[2436] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile]           [00A12E70] C:\Programmi\File comuni\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
IAT             C:\Documents and Settings\Livios\Desktop\Log ed utility\gmer\gmer.exe[2436] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile]  [00A12C30] C:\Programmi\File comuni\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
IAT             C:\Documents and Settings\Livios\Desktop\Log ed utility\gmer\gmer.exe[2436] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose]                [00A12C50] C:\Programmi\File comuni\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
IAT             C:\Documents and Settings\Livios\Desktop\Log ed utility\gmer\gmer.exe[2436] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject]      [00A12C40] C:\Programmi\File comuni\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
IAT             C:\WINDOWS\RTHDCPL.EXE[2516] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile]                                                          [01A72E70] C:\Programmi\File comuni\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
IAT             C:\WINDOWS\RTHDCPL.EXE[2516] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile]                                                 [01A72C30] C:\Programmi\File comuni\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
IAT             C:\WINDOWS\RTHDCPL.EXE[2516] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose]                                                               [01A72C50] C:\Programmi\File comuni\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
IAT             C:\WINDOWS\RTHDCPL.EXE[2516] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject]                                                     [01A72C40] C:\Programmi\File comuni\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
IAT             C:\WINDOWS\system32\ctfmon.exe[2576] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile]                                                  [009C2E70] C:\Programmi\File comuni\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
IAT             C:\WINDOWS\system32\ctfmon.exe[2576] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile]                                         [009C2C30] C:\Programmi\File comuni\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
IAT             C:\WINDOWS\system32\ctfmon.exe[2576] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose]                                                       [009C2C50] C:\Programmi\File comuni\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
IAT             C:\WINDOWS\system32\ctfmon.exe[2576] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject]                                             [009C2C40] C:\Programmi\File comuni\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
IAT             C:\Programmi\ATI Tray Tools\atitray.exe[2588] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile]                                         [01642E70] C:\Programmi\File comuni\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
IAT             C:\Programmi\ATI Tray Tools\atitray.exe[2588] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile]                                [01642C30] C:\Programmi\File comuni\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
IAT             C:\Programmi\ATI Tray Tools\atitray.exe[2588] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose]                                              [01642C50] C:\Programmi\File comuni\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
IAT             C:\Programmi\ATI Tray Tools\atitray.exe[2588] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject]                                    [01642C40] C:\Programmi\File comuni\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
IAT             C:\Programmi\PrevxCSI\prevxcsi.exe[2724] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile]                                              [00D62E70] C:\Programmi\File comuni\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
IAT             C:\Programmi\PrevxCSI\prevxcsi.exe[2724] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile]                                     [00D62C30] C:\Programmi\File comuni\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
IAT             C:\Programmi\PrevxCSI\prevxcsi.exe[2724] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose]                                                   [00D62C50] C:\Programmi\File comuni\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
IAT             C:\Programmi\PrevxCSI\prevxcsi.exe[2724] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject]                                         [00D62C40] C:\Programmi\File comuni\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)

---- Devices - GMER 1.0.14 ----

Device          \FileSystem\Ntfs \Ntfs                                                                                                                            867CF1E8

AttachedDevice  \FileSystem\Ntfs \Ntfs                                                                                                                            avg7rsw.sys (AVG Resident Shield Unload Helper/GRISOFT, s.r.o.)

Device          \FileSystem\Fastfat \FatCdrom                                                                                                                     85B427A0
Device          \Driver\Tcpip \Device\Ip                                                                                                                          vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC)
Device          \Driver\Tcpip \Device\Ip                                                                                                                          avgtdi.sys (AVG Network connection watcher/GRISOFT, s.r.o.)
Device          \Driver\usbuhci \Device\USBPDO-0                                                                                                                  85AEC1E8
Device          \Driver\usbuhci \Device\USBPDO-1                                                                                                                  85AEC1E8
Device          \Driver\dmio \Device\DmControl\DmIoDaemon                                                                                                         867D11E8
Device          \Driver\dmio \Device\DmControl\DmConfig                                                                                                           867D11E8
Device          \Driver\dmio \Device\DmControl\DmPnP                                                                                                              867D11E8
Device          \Driver\dmio \Device\DmControl\DmInfo                                                                                                             867D11E8
Device          \Driver\usbuhci \Device\USBPDO-2                                                                                                                  85AEC1E8
Device          \Driver\usbuhci \Device\USBPDO-3                                                                                                                  85AEC1E8
Device          \Driver\usbehci \Device\USBPDO-4                                                                                                                  85BC37A0
Device          \Driver\Tcpip \Device\Tcp                                                                                                                         vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC)
Device          \Driver\Tcpip \Device\Tcp                                                                                                                         avgtdi.sys (AVG Network connection watcher/GRISOFT, s.r.o.)
Device          \Driver\NetBT \Device\NetBT_Tcpip_{8CACF010-4D0E-421E-A3B6-1D31828E5E40}                                                                          85A897A0
Device          \Driver\Ftdisk \Device\HarddiskVolume1                                                                                                            867601E8
Device          \Driver\Ftdisk \Device\HarddiskVolume2                                                                                                            867601E8
Device          \Driver\iaStor \Device\Ide\iaStor0                                                                                                                867D01E8
Device          \Driver\atapi \Device\Ide\IdePort0                                                                                                                8675F1E8
Device          \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-4                                                                                                       8675F1E8
Device          \Driver\atapi \Device\Ide\IdeDeviceP0T1L0-c                                                                                                       8675F1E8
Device          \Driver\NetBT \Device\NetBt_Wins_Export                                                                                                           85A897A0
Device          \Driver\PCI_NTPNP0872 \Device\0000004b                                                                                                            sptd.sys
Device          \Driver\NetBT \Device\NetbiosSmb                                                                                                                  85A897A0
Device          \Driver\Tcpip \Device\Udp                                                                                                                         vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC)
Device          \Driver\Tcpip \Device\Udp                                                                                                                         avgtdi.sys (AVG Network connection watcher/GRISOFT, s.r.o.)
Device          \Driver\Tcpip \Device\RawIp                                                                                                                       vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC)
Device          \Driver\Tcpip \Device\RawIp                                                                                                                       avgtdi.sys (AVG Network connection watcher/GRISOFT, s.r.o.)
Device          \Driver\usbuhci \Device\USBFDO-0                                                                                                                  85AEC1E8
Device          \Driver\usbuhci \Device\USBFDO-1                                                                                                                  85AEC1E8
Device          \FileSystem\MRxSmb \Device\LanmanDatagramReceiver                                                                                                 85A1C498
Device          \Driver\Tcpip \Device\IPMULTICAST                                                                                                                 vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC)
Device          \Driver\Tcpip \Device\IPMULTICAST                                                                                                                 avgtdi.sys (AVG Network connection watcher/GRISOFT, s.r.o.)
Device          \Driver\usbuhci \Device\USBFDO-2                                                                                                                  85AEC1E8
Device          \FileSystem\MRxSmb \Device\LanmanRedirector                                                                                                       85A1C498
Device          \Driver\USBSTOR \Device\0000007c                                                                                                                  85BD0418
Device          \Driver\usbuhci \Device\USBFDO-3                                                                                                                  85AEC1E8
Device          \Driver\USBSTOR \Device\0000007d                                                                                                                  85BD0418
Device          \Driver\usbehci \Device\USBFDO-4                                                                                                                  85BC37A0
Device          \Driver\Ftdisk \Device\FtControl                                                                                                                  867601E8
Device          \Driver\ayxfi2ma \Device\Scsi\ayxfi2ma1Port2Path0Target0Lun0                                                                                      85C221E8
Device          \Driver\ayxfi2ma \Device\Scsi\ayxfi2ma1                                                                                                           85C221E8
Device          \FileSystem\Fastfat \Fat                                                                                                                          85B427A0

AttachedDevice  \FileSystem\Fastfat \Fat                                                                                                                          fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
AttachedDevice  \FileSystem\Fastfat \Fat                                                                                                                          avg7rsw.sys (AVG Resident Shield Unload Helper/GRISOFT, s.r.o.)

Device          \FileSystem\Cdfs \Cdfs                                                                                                                            85A1F7A0

---- Registry - GMER 1.0.14 ----

Reg             HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s1                                                                                                771343423
Reg             HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s2                                                                                                285507792
Reg             HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@h0                                                                                                1
Reg             HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4                                                                  
Reg             HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0                                                               C:\Programmi\DAEMON Tools\
Reg             HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0                                                               0
Reg             HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh                                                            0x59 0x0D 0x80 0x4C ...
Reg             HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001                                                         
Reg             HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0                                                      0x20 0x01 0x00 0x00 ...
Reg             HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh                                                   0x35 0xBA 0x4B 0x78 ...
Reg             HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40                                                   
Reg             HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh                                             0x6A 0x0E 0xC2 0xB0 ...
Reg             HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4                                                                      
Reg             HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0                                                                   C:\Programmi\DAEMON Tools\
Reg             HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0                                                                   0
Reg             HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh                                                                0x59 0x0D 0x80 0x4C ...
Reg             HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001                                                             
Reg             HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0                                                          0x20 0x01 0x00 0x00 ...
Reg             HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh                                                       0x35 0xBA 0x4B 0x78 ...
Reg             HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40                                                       
Reg             HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh                                                 0x6A 0x0E 0xC2 0xB0 ...
Reg             HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{11F0EB7A-4A78-E940-8179-B054CC1B286F}                                   
Reg             HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{11F0EB7A-4A78-E940-8179-B054CC1B286F}@jamppjighggpmepbidhp              0x6B 0x61 0x69 0x67 ...
Reg             HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{11F0EB7A-4A78-E940-8179-B054CC1B286F}@iagpfifklaiiapmhok                0x6B 0x61 0x69 0x67 ...

---- EOF - GMER 1.0.14 ----
