It seems the GMER site is down. I wasn't able to find another mirror for the beta, but I did download v1.0.12 and run that.
ComboFix:
azaffiro - 06-12-28 8:10:46.42 Service Pack 2
ComboFix 06.11.27 - Running from: "C:\Documents and Settings\azaffiro\Desktop"
((((((((((((((((((((((((((((((( Files Created from 2006-11-28 to 2006-12-28 ))))))))))))))))))))))))))))))))))
2006-12-27 10:54 <DIR> d-------- C:\Program Files\HijackThis
2006-12-27 10:20 <DIR> d-------- C:\Program Files\TrojanHunter 4.6
2006-12-27 08:47 684,032 --a------ C:\WINDOWS\system32\libeay32.dll
2006-12-27 08:47 21,568 --a------ C:\WINDOWS\system32\drivers\sshrmd.sys
2006-12-27 08:47 21,056 --a------ C:\WINDOWS\system32\drivers\sskbfd.sys
2006-12-27 08:47 20,544 --a------ C:\WINDOWS\system32\drivers\SSFS0509.sys
2006-12-27 08:47 155,648 --a------ C:\WINDOWS\system32\ssleay32.dll
2006-12-27 08:47 128,064 --a------ C:\WINDOWS\system32\drivers\ssidrv.sys
2006-12-27 08:47 <DIR> d-------- C:\Program Files\Webroot
2006-12-27 08:47 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Webroot
2006-12-27 08:45 <DIR> d-------- C:\Documents and Settings\azaffiro\Application Data\Webroot
2006-12-21 15:36 40,960 --a------ C:\WINDOWS\system32\Fish Tycoon.scr
2006-12-21 15:36 <DIR> d-------- C:\Program Files\Fish Tycoon
2006-12-21 15:07 <DIR> d-------- C:\WINDOWS\kdx
2006-12-21 15:07 <DIR> d-------- C:\Documents and Settings\azaffiro\Application Data\Kontiki
2006-12-19 10:39 <DIR> d-------- C:\Program Files\Bitvise Tunnelier
2006-12-18 09:10 <DIR> d-------- C:\WINDOWS\WBEM
2006-12-18 09:10 <DIR> d-------- C:\WINDOWS\system32\en-US
2006-12-18 09:08 <DIR> d--h-c--- C:\WINDOWS\ie7
2006-12-18 09:07 121,856 --------- C:\WINDOWS\system32\xmllite.dll
2006-12-15 14:20 <DIR> d-------- C:\Program Files\Common Files\Macrovision Shared
2006-12-14 15:50 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\GSPNA
2006-12-14 15:47 48,640 --a------ C:\WINDOWS\mmfs.dll
2006-12-14 15:47 2,560 --a------ C:\WINDOWS\Runservice.exe
2006-12-14 15:47 1,577 --ahs---- C:\WINDOWS\system32\mmf.sys
2006-12-14 15:45 <DIR> d-------- C:\Program Files\GSPNA
2006-12-13 16:02 <DIR> d-------- C:\Program Files\Orneta
2006-12-13 15:47 <DIR> d-------- C:\Program Files\SBSH
2006-12-13 15:37 <DIR> d-------- C:\Documents and Settings\azaffiro\Application Data\Sprite Software
2006-12-13 15:37 <DIR> d-------- C:\Documents and Settings\azaffiro\Application Data\Sprite Setup Wizard
2006-12-13 15:37 <DIR> d-------- C:\Documents and Settings\azaffiro\Application Data\Sprite PC Agent
2006-12-12 12:50 <DIR> d-------- C:\log
2006-12-12 12:42 <DIR> d-------- C:\Program Files\Deep Silver
2006-12-12 09:03 <DIR> d-------- C:\Program Files\Adobe
2006-12-12 08:48 <DIR> d-------- C:\Program Files\Windows Installer Clean Up
2006-12-12 08:47 <DIR> d-------- C:\Program Files\MSECACHE
2006-12-11 13:39 <DIR> d-------- C:\WINDOWS\SxsCaPendDel
2006-12-11 13:12 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\FLEXnet
2006-12-08 15:11 86,016 --a------ C:\WINDOWS\unvise32.exe
2006-12-07 12:47 <DIR> d-------- C:\Program Files\Fma
2006-12-07 12:47 <DIR> d-------- C:\Documents and Settings\azaffiro\Application Data\FMA
2006-12-06 15:11 <DIR> d-------- C:\Program Files\TraySoft
2006-11-30 12:36 <DIR> d-------- C:\Program Files\ATI Multimedia
2006-11-30 12:35 <DIR> d-------- C:\Program Files\SnapStream Media
2006-11-30 12:35 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\SnapStream
2006-11-29 08:21 <DIR> d-------- C:\Program Files\NovaLogic
2006-11-28 09:52 <DIR> d-------- C:\Program Files\THQ
(((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))
2006-12-28 08:09 -------- d-------- C:\Program Files\Mozilla Firefox
2006-12-27 12:35 -------- d-------- C:\Program Files\Common Files
2006-12-20 14:55 -------- d---s---- C:\Documents and Settings\azaffiro\Application Data\Microsoft
2006-12-18 16:39 -------- d-------- C:\Program Files\Windows Media Player
2006-12-18 16:39 -------- d-------- C:\Program Files\Windows Media Connect 2
2006-12-18 09:19 -------- d-------- C:\Documents and Settings\azaffiro\Application Data\Adobe
2006-12-18 09:10 -------- d-------- C:\Program Files\Internet Explorer
2006-12-15 14:13 -------- d-------- C:\Program Files\Common Files\Adobe
2006-12-15 03:01 -------- d-------- C:\Program Files\Outlook Express
2006-12-15 03:01 -------- d-------- C:\Program Files\Common Files\System
2006-12-14 15:45 -------- d--h----- C:\Program Files\InstallShield Installation Information
2006-12-08 16:35 -------- d-------- C:\Program Files\shockwave.com
2006-12-08 16:34 -------- d-------- C:\Program Files\Flip Words
2006-12-08 16:33 -------- d-------- C:\Program Files\Word Blitz Deluxe
2006-12-08 15:30 -------- d-------- C:\Program Files\Microsoft ActiveSync
2006-12-08 09:44 25359 --a------ C:\Documents and Settings\azaffiro\Application Data\Comma Separated Values (Windows).ADR
2006-12-07 14:00 2508 --a------ C:\Documents and Settings\azaffiro\Application Data\$_hpcst$.hpc
2006-12-07 12:42 -------- d-------- C:\Program Files\Playtonium Jigsaw Enchanted Forest
2006-11-27 14:39 -------- d-------- C:\Program Files\EA GAMES
2006-11-27 14:38 -------- d-------- C:\Program Files\Five Card Deluxe
2006-11-27 14:37 -------- d-------- C:\Program Files\GameHouse
2006-11-27 14:34 -------- d-------- C:\Program Files\Atomaders
2006-11-27 14:34 -------- d-------- C:\Program Files\Atlantis
2006-11-27 14:34 -------- d-------- C:\Program Files\Around 3D
2006-11-27 14:34 -------- d-------- C:\Program Files\Alpha Ball
2006-11-27 14:34 -------- d-------- C:\Program Files\Alien Sky
2006-11-27 14:33 -------- d-------- C:\Program Files\Word Emperor
2006-11-27 14:33 -------- d-------- C:\Program Files\MicroMan's Crazy Computers
2006-11-27 14:33 -------- d-------- C:\Program Files\Lemonade Tycoon 2
2006-11-27 14:33 -------- d-------- C:\Program Files\Gold Miner
2006-11-27 14:33 -------- d-------- C:\Program Files\Dropheads
2006-11-27 14:30 -------- d-------- C:\Program Files\Air Strike 2
2006-11-27 14:29 -------- d-------- C:\Program Files\Fiber Twig
2006-11-27 14:29 -------- d-------- C:\Program Files\Feed The Snake
2006-11-27 14:29 -------- d-------- C:\Program Files\5 Spots
2006-11-27 14:28 -------- d-------- C:\Program Files\Fusion
2006-11-27 14:27 -------- d-------- C:\Program Files\Anno 1701
2006-11-27 14:26 -------- d-------- C:\Program Files\Electra
2006-11-27 14:04 131 ---hs---- C:\Documents and Settings\azaffiro\Application Data\.zreglib
2006-11-27 14:04 -------- d-------- C:\Documents and Settings\azaffiro\Application Data\SlySoft
2006-11-27 14:04 -------- d-------- C:\Documents and Settings\azaffiro\Application Data\Elaborate Bytes
2006-11-27 14:03 -------- d-------- C:\Program Files\SlySoft
2006-11-27 14:03 -------- d-------- C:\Program Files\Elaborate Bytes
2006-11-14 15:08 -------- d-------- C:\Documents and Settings\azaffiro\Application Data\Ahead
2006-11-14 15:06 -------- d-------- C:\Program Files\Common Files\Ahead
2006-11-14 09:36 271360 --a------ C:\WINDOWS\system32\drivers\atksgt.sys
2006-11-14 09:36 18048 --a------ C:\WINDOWS\system32\drivers\lirsgt.sys
2006-11-13 09:23 -------- d-------- C:\Program Files\Firefly Studios
2006-11-13 03:30 217300 --a------ C:\WINDOWS\system32\Installer.exe
2006-11-09 16:11 -------- d-------- C:\Program Files\Common Files\Microsoft Shared
2006-11-09 16:11 -------- d-------- C:\Program Files\CleanSuite
2006-11-09 09:49 299008 --a------ C:\WINDOWS\system32\miccyhook.dll
2006-11-08 00:06 679424 --a------ C:\WINDOWS\system32\inetcomm.dll
2006-11-07 21:03 6049280 --a------ C:\WINDOWS\system32\ieframe.dll
2006-11-07 21:03 50688 --------- C:\WINDOWS\system32\msfeedsbs.dll
2006-11-07 21:03 458752 --------- C:\WINDOWS\system32\msfeeds.dll
2006-11-07 21:03 413696 --a------ C:\WINDOWS\system32\vbscript.dll
2006-11-07 21:03 231424 --a------ C:\WINDOWS\system32\webcheck.dll
2006-11-07 21:03 180736 --a------ C:\WINDOWS\system32\ieui.dll
2006-11-07 21:03 156160 --a------ C:\WINDOWS\system32\msls31.dll
2006-11-07 03:27 382976 --a------ C:\WINDOWS\system32\iedkcs32.dll
2006-11-07 03:27 229376 --a------ C:\WINDOWS\system32\ieaksie.dll
2006-11-07 03:26 71680 --a------ C:\WINDOWS\system32\admparse.dll
2006-11-07 03:26 55296 --a------ C:\WINDOWS\system32\iesetup.dll
2006-11-07 03:26 54784 --a------ C:\WINDOWS\system32\ie4uinit.exe
2006-11-07 03:26 43008 --a------ C:\WINDOWS\system32\iernonce.dll
2006-11-07 03:26 152064 --a------ C:\WINDOWS\system32\ieakeng.dll
2006-11-07 03:26 13312 --a------ C:\WINDOWS\system32\ieudinit.exe
2006-11-07 03:26 123904 --a------ C:\WINDOWS\system32\advpack.dll
2006-11-07 03:25 161792 --a------ C:\WINDOWS\system32\ieakui.dll
2006-11-06 12:14 -------- d-------- C:\Program Files\Electronic Arts
2006-11-06 12:11 -------- d-------- C:\Program Files\Common Files\EasyInfo
2006-11-04 14:14 1245696 --a------ C:\WINDOWS\system32\msxml4.dll
2006-10-27 12:32 123904 --a------ C:\WINDOWS\system32\keygen.exe
2006-10-19 08:56 713216 --a------ C:\WINDOWS\system32\sxs.dll
2006-10-18 21:58 8704 --a------ C:\WINDOWS\system32\wdfmgr.exe
2006-10-18 21:58 8704 --a------ C:\WINDOWS\system32\uwdf.exe
2006-10-18 21:47 99840 --a------ C:\WINDOWS\system32\wmpshell.dll
2006-10-18 21:47 991744 --a------ C:\WINDOWS\system32\drmv2clt.dll
2006-10-18 21:47 937984 --a------ C:\WINDOWS\system32\WMNetMgr.dll
2006-10-18 21:47 8231936 --a------ C:\WINDOWS\system32\wmploc.dll
2006-10-18 21:47 767488 --------- C:\WINDOWS\system32\WMVSENCD.dll
2006-10-18 21:47 757248 --a------ C:\WINDOWS\system32\WMADMOD.dll
2006-10-18 21:47 7168 --a------ C:\WINDOWS\system32\asferror.dll
2006-10-18 21:47 656896 --------- C:\WINDOWS\system32\WMVXENCD.dll
2006-10-18 21:47 63488 --a------ C:\WINDOWS\system32\wpdmtpus.dll
2006-10-18 21:47 629760 --a------ C:\WINDOWS\system32\wpd_ci.dll
2006-10-18 21:47 613376 --------- C:\WINDOWS\system32\wmpmde.dll
2006-10-18 21:47 603648 --a------ C:\WINDOWS\system32\WMSPDMOD.dll
2006-10-18 21:47 542720 --a------ C:\WINDOWS\system32\blackbox.dll
2006-10-18 21:47 535040 --------- C:\WINDOWS\system32\wmdrmsdk.dll
2006-10-18 21:47 429056 --a------ C:\WINDOWS\system32\wmdrmdev.dll
2006-10-18 21:47 414208 --a------ C:\WINDOWS\system32\msscp.dll
2006-10-18 21:47 4096 --a------ C:\WINDOWS\system32\wmvdmoe2.dll
2006-10-18 21:47 4096 --a------ C:\WINDOWS\system32\wmvdmod.dll
2006-10-18 21:47 4096 --a------ C:\WINDOWS\system32\WMVADVE.DLL
2006-10-18 21:47 4096 --a------ C:\WINDOWS\system32\WMVADVD.dll
2006-10-18 21:47 4096 --a------ C:\WINDOWS\system32\wmsdmoe2.dll
2006-10-18 21:47 4096 --a------ C:\WINDOWS\system32\wmsdmod.dll
2006-10-18 21:47 4096 --a------ C:\WINDOWS\system32\wdfapi.dll
2006-10-18 21:47 4096 --a------ C:\WINDOWS\system32\MPG4DMOD.dll
2006-10-18 21:47 4096 --------- C:\WINDOWS\system32\MP4SDMOD.dll
2006-10-18 21:47 4096 --------- C:\WINDOWS\system32\MP43DMOD.dll
2006-10-18 21:47 38400 --------- C:\WINDOWS\system32\wpdshextres.dll
2006-10-18 21:47 37376 --a------ C:\WINDOWS\system32\wmdmps.dll
2006-10-18 21:47 35840 --a------ C:\WINDOWS\system32\wpdconns.dll
2006-10-18 21:47 356352 --a------ C:\WINDOWS\system32\wpdsp.dll
2006-10-18 21:47 348672 --a------ C:\WINDOWS\system32\wmdrmnet.dll
2006-10-18 21:47 33792 --a------ C:\WINDOWS\system32\wmdmlog.dll
2006-10-18 21:47 321536 --a------ C:\WINDOWS\system32\mswmdm.dll
2006-10-18 21:47 317440 --------- C:\WINDOWS\system32\MP4SDECD.dll
2006-10-18 21:47 314880 --a------ C:\WINDOWS\system32\wmpdxm.dll
2006-10-18 21:47 295936 --------- C:\WINDOWS\system32\wmpeffects.dll
2006-10-18 21:47 284160 --a------ C:\WINDOWS\system32\portabledeviceapi.dll
2006-10-18 21:47 276992 --a------ C:\WINDOWS\system32\audiodev.dll
2006-10-18 21:47 27136 --a------ C:\WINDOWS\system32\mspmsnsv.dll
2006-10-18 21:47 2603008 --------- C:\WINDOWS\system32\WpdShext.dll
2006-10-18 21:47 259072 --------- C:\WINDOWS\system32\MPG4DECD.dll
2006-10-18 21:47 259072 --------- C:\WINDOWS\system32\MP43DECD.dll
2006-10-18 21:47 2450944 --a------ C:\WINDOWS\system32\wmvcore.dll
2006-10-18 21:47 242688 --a------ C:\WINDOWS\system32\wmpasf.dll
2006-10-18 21:47 229376 --a------ C:\WINDOWS\system32\cewmdm.dll
2006-10-18 21:47 227328 --a------ C:\WINDOWS\system32\wmerror.dll
2006-10-18 21:47 222208 --a------ C:\WINDOWS\system32\wmasf.dll
2006-10-18 21:47 212992 --a------ C:\WINDOWS\system32\mfplat.dll
2006-10-18 21:47 211456 --a------ C:\WINDOWS\system32\qasf.dll
2006-10-18 21:47 204288 --a------ C:\WINDOWS\system32\wmpsrcwp.dll
2006-10-18 21:47 199168 --------- C:\WINDOWS\system32\PortableDeviceWMDRM.dll
2006-10-18 21:47 179712 --a------ C:\WINDOWS\system32\msnetobj.dll
2006-10-18 21:47 175616 --a------ C:\WINDOWS\system32\mspmsp.dll
2006-10-18 21:47 166912 --a------ C:\WINDOWS\system32\portabledevicetypes.dll
2006-10-18 21:47 1661440 --a------ C:\WINDOWS\system32\wmpencen.dll
2006-10-18 21:47 1574912 --------- C:\WINDOWS\system32\WMVENCOD.dll
2006-10-18 21:47 157184 --a------ C:\WINDOWS\system32\wmidx.dll
2006-10-18 21:47 154624 --a------ C:\WINDOWS\system32\wpdmtp.dll
2006-10-18 21:47 1543680 --------- C:\WINDOWS\system32\WMVDECOD.dll
2006-10-18 21:47 1382912 --------- C:\WINDOWS\system32\WMVSDECD.dll
2006-10-18 21:47 133632 --a------ C:\WINDOWS\system32\wpdshserviceobj.dll
2006-10-18 21:47 1329152 --a------ C:\WINDOWS\system32\WMSPDMOE.dll
2006-10-18 21:47 132096 --------- C:\WINDOWS\system32\PortableDeviceWiaCompat.dll
2006-10-18 21:47 130048 --------- C:\WINDOWS\system32\wmpps.dll
2006-10-18 21:47 11264 --a------ C:\WINDOWS\system32\LAPRXY.dll
2006-10-18 21:47 1117696 --a------ C:\WINDOWS\system32\WMADMOE.dll
2006-10-18 21:47 101888 --------- C:\WINDOWS\system32\PortableDeviceClassExtension.dll
2006-10-18 20:03 100864 --a------ C:\WINDOWS\system32\logagent.exe
2006-10-18 20:00 249856 --------- C:\WINDOWS\system32\drmupgds.exe
2006-10-18 20:00 17408 --------- C:\WINDOWS\system32\wpdshextautoplay.exe
2006-10-17 12:06 78336 --a------ C:\WINDOWS\system32\ieencode.dll
2006-10-17 12:05 40960 --a------ C:\WINDOWS\system32\licmgr10.dll
2006-10-17 12:05 206336 --------- C:\WINDOWS\system32\WinFXDocObj.exe
2006-10-17 12:05 105984 --a------ C:\WINDOWS\system32\url.dll
2006-10-17 12:04 101376 --a------ C:\WINDOWS\system32\occache.dll
2006-10-17 12:03 17408 --a------ C:\WINDOWS\system32\corpol.dll
2006-10-17 11:58 61952 --------- C:\WINDOWS\system32\icardie.dll
2006-10-17 11:58 12288 --------- C:\WINDOWS\system32\msfeedssync.exe
2006-10-17 11:57 36352 --a------ C:\WINDOWS\system32\imgutil.dll
2006-10-17 11:57 266752 --a------ C:\WINDOWS\system32\iertutil.dll
2006-10-17 11:56 45568 --a------ C:\WINDOWS\system32\mshta.exe
2006-10-17 11:28 48128 --a------ C:\WINDOWS\system32\mshtmler.dll
2006-10-17 11:27 380928 --------- C:\WINDOWS\system32\ieapfltr.dll
2006-10-13 07:35 65536 --a------ C:\WINDOWS\system32\nwwks.dll
2006-10-13 07:35 64000 --a------ C:\WINDOWS\system32\nwapi32.dll
2006-10-13 07:35 142336 --a------ C:\WINDOWS\system32\nwprovau.dll
2006-10-10 08:24 669002 --a------ C:\WINDOWS\unins000.exe
2006-10-06 08:48 737280 --a------ C:\WINDOWS\iun6002.exe
2006-10-02 15:28 312128 --------- C:\WINDOWS\system32\msdelta.dll
2006-09-29 06:56 28248 -ra------ C:\WINDOWS\system32\AdobePDF.dll
2006-09-28 20:13 95344 --------- C:\WINDOWS\system32\WUDFCoinstaller.dll
2006-09-28 18:56 55808 --------- C:\WINDOWS\system32\WudfSvc.dll
2006-09-28 18:56 316416 --------- C:\WINDOWS\system32\WUDFx.dll
2006-09-28 18:56 165376 --------- C:\WINDOWS\system32\WudfPlatform.dll
2006-09-28 18:56 146432 --------- C:\WINDOWS\system32\WudfHost.exe
2006-09-28 16:05 2414360 --a------ C:\WINDOWS\system32\d3dx9_31.dll
2006-09-28 16:05 237848 --a------ C:\WINDOWS\system32\xactengine2_4.dll
2006-09-28 16:04 68888 --a------ C:\WINDOWS\system32\xinput1_3.dll
2006-09-28 16:03 15128 --a------ C:\WINDOWS\system32\x3daudio1_1.dll
(((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))
*Note* empty entries are not shown
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
"ctfmon.exe"="C:\\WINDOWS\\system32\\ctfmon.exe"
"AnyDVD"="\"C:\\Program Files\\SlySoft\\AnyDVD\\AnyDVD.exe\""
"H/PC Connection Agent"="\"C:\\Program Files\\Microsoft ActiveSync\\wcescomm.exe\""
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"Logitech Hardware Abstraction Layer"="KHALMNPR.EXE"
"DAEMON Tools"="\"C:\\Program Files\\DAEMON Tools\\daemon.exe\" -lang 1033"
"SpySweeper"="\"C:\\Program Files\\Webroot\\Spy Sweeper\\SpySweeperUI.exe\" /startintray"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL]
"Installed"="1"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI]
"Installed"="1"
"NoChange"="1"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS]
"Installed"="1"
[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components]
"DeskHtmlVersion"=dword:00000110
"DeskHtmlMinorVersion"=dword:00000005
"Settings"=dword:00000001
"GeneralFlags"=dword:00000005
[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="My Current Home Page"
"Flags"=dword:00000002
"Position"=hex:2c,00,00,00,00,01,00,00,00,00,00,00,00,04,00,00,c4,03,00,00,00,\
00,00,00,01,00,00,00,01,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00
"CurrentState"=hex:04,00,00,40
"OriginalStateInfo"=hex:18,00,00,00,cc,00,00,00,00,00,00,00,34,03,00,00,c4,02,\
00,00,04,00,00,40
"RestoredStateInfo"=hex:18,00,00,00,cc,00,00,00,00,00,00,00,34,03,00,00,c4,02,\
00,00,01,00,00,00
[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
@=""
"ATICCC"="\"C:\\Program Files\\ATI Technologies\\ATI.ACE\\cli.exe\" runtime"
[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\run]
@=""
"ATICCC"="\"C:\\Program Files\\ATI Technologies\\ATI.ACE\\cli.exe\" runtime"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler]
"{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Browseui preloader"
"{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Component Categories cache daemon"
"{553858A7-4922-4e7e-B1C1-97140C1C16EF}"="IE Component Categories cache daemon"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"=""
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091
"NoClose"=dword:00000000
"NoLogOff"=dword:00000000
"NoRun"=dword:00000000
"NoWinKeys"=hex:00,00,00,00
"NoChangeStartMenu"=dword:00000000
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\Run]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"dontdisplaylastusername"=dword:00000000
"legalnoticecaption"=""
"legalnoticetext"=""
"shutdownwithoutlogon"=dword:00000001
"undockwithoutlogon"=dword:00000001
[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091
[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload]
"0aMCPClient"="{F5DF91F9-15E9-416B-A7C3-7519B11ECBFC}"
"PostBootReminder"="{7849596a-48ea-486e-8937-a2a3009f31a9}"
"CDBurn"="{fbeb8a05-beee-4442-804e-409d6c4515e9}"
"WebCheck"="{E6FB5E20-DE35-11CF-9C87-00AA005127ED}"
"SysTray"="{35CEC8A3-2BE6-11D2-8773-92E220524153}"
"WPDShServiceObj"="{AAA288BA-9A4C-45B0-95D7-94D524869DB5}"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll"
HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\WebrootSpySweeperService
Completion time: 06-12-28 8:12:44.82
C:\ComboFix.txt ... 06-12-28 08:12
-----------------------------------------------------------------------
GMER:
GMER 1.0.12.12011 -
http://www.gmer.net
Rootkit scan 2006-12-28 08:42:04
Windows 5.1.2600 Service Pack 2
---- System - GMER 1.0.12 ----
SSDT 89875F30 ZwAllocateVirtualMemory
SSDT a347bus.sys ZwClose
SSDT 8987F198 ZwCreateKey
SSDT a347bus.sys ZwCreatePagingFile
SSDT 898DF868 ZwCreateProcess
SSDT 8987F3C0 ZwCreateProcessEx
SSDT \SystemRoot\system32\DRIVERS\vdiskbus.sys ZwCreateSymbolicLinkObject
SSDT 89878388 ZwCreateThread
SSDT 898C0C98 ZwDeleteKey
SSDT 898DF8E0 ZwDeleteValueKey
SSDT a347bus.sys ZwEnumerateKey
SSDT a347bus.sys ZwEnumerateValueKey
SSDT a347bus.sys ZwOpenKey
SSDT a347bus.sys ZwQueryKey
SSDT a347bus.sys ZwQueryValueKey
SSDT 89875FA8 ZwQueueApcThread
SSDT 89875E40 ZwReadVirtualMemory
SSDT 898C0C20 ZwRenameKey
SSDT 89878220 ZwSetContextThread
SSDT 898E08F8 ZwSetInformationKey
SSDT 8986EB90 ZwSetInformationProcess
SSDT 89878298 ZwSetInformationThread
SSDT a347bus.sys ZwSetSystemPowerState
SSDT 898E0880 ZwSetValueKey
SSDT 8986EB18 ZwSuspendProcess
SSDT 89875020 ZwSuspendThread
SSDT 8987F348 ZwTerminateProcess
SSDT 89878310 ZwTerminateThread
SSDT 89875EB8 ZwWriteVirtualMemory
---- Kernel code sections - GMER 1.0.12 ----
.text ntoskrnl.exe!ZwYieldExecution + 137 804E4971 3 Bytes [ F3, 87, 89 ]
.text ntoskrnl.exe!ZwYieldExecution + 146 804E4980 8 Bytes [ DC, 00, 7C, F7, 88, 83, 87, ... ]
.text ntoskrnl.exe!ZwYieldExecution + 406 804E4C40 8 Bytes [ 90, EB, 86, 89, 98, 82, 87, ... ]
.text ntoskrnl.exe!ZwYieldExecution + 46A 804E4CA4 8 Bytes [ 18, EB, 86, 89, 20, 50, 87, ... ]
.text ntoskrnl.exe!ZwYieldExecution + 47A 804E4CB4 8 Bytes [ 48, F3, 87, 89, 10, 83, 87, ... ]
.text USBPORT.SYS!DllUnload B9C2C62C 5 Bytes JMP 895521B8
---- User code sections - GMER 1.0.12 ----
.text C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe[2296] kernel32.dll!CreateThread + 1A 7C810651 4 Bytes [ DB, E7, C3, 83 ]
.text C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe[2460] kernel32.dll!CreateThread + 1A 7C810651 4 Bytes [ A7, EB, C3, 83 ]
.text C:\Program Files\Webroot\Spy Sweeper\ssu.exe[2904] kernel32.dll!CreateFileA 7C801A24 5 Bytes JMP 0003035C C:\Program Files\Webroot\Spy Sweeper\SSU.EXE
.text C:\Program Files\Webroot\Spy Sweeper\ssu.exe[2904] kernel32.dll!VirtualProtect 7C801AD0 5 Bytes JMP 00030588 C:\Program Files\Webroot\Spy Sweeper\SSU.EXE
.text C:\Program Files\Webroot\Spy Sweeper\ssu.exe[2904] kernel32.dll!LoadLibraryExW 7C801AF1 5 Bytes JMP 0003035C C:\Program Files\Webroot\Spy Sweeper\SSU.EXE
.text C:\Program Files\Webroot\Spy Sweeper\ssu.exe[2904] kernel32.dll!VirtualAlloc 7C809A51 5 Bytes JMP 0003050C C:\Program Files\Webroot\Spy Sweeper\SSU.EXE
.text C:\Program Files\Webroot\Spy Sweeper\ssu.exe[2904] kernel32.dll!VirtualFree 7C809AE4 5 Bytes JMP 0003054C C:\Program Files\Webroot\Spy Sweeper\SSU.EXE
---- Devices - GMER 1.0.12 ----
Device \FileSystem\Ntfs \Ntfs IRP_MJ_CREATE 8989E1D8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_CLOSE 8989E1D8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_READ 8989E1D8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_WRITE 8989E1D8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_INFORMATION 8989E1D8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_SET_INFORMATION 8989E1D8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_EA 8989E1D8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_SET_EA 8989E1D8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_FLUSH_BUFFERS 8989E1D8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_VOLUME_INFORMATION 8989E1D8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_SET_VOLUME_INFORMATION 8989E1D8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_DIRECTORY_CONTROL 8989E1D8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_FILE_SYSTEM_CONTROL 8989E1D8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_DEVICE_CONTROL 8989E1D8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_SHUTDOWN 8989E1D8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_LOCK_CONTROL 8989E1D8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_CLEANUP 8989E1D8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_SECURITY 8989E1D8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_SET_SECURITY 8989E1D8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_QUOTA 8989E1D8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_SET_QUOTA 8989E1D8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_PNP 8989E1D8
Device \FileSystem\Udfs \UdfsCdRom IRP_MJ_CREATE 8946F1D8
Device \FileSystem\Udfs \UdfsCdRom IRP_MJ_CLOSE 8946F1D8
Device \FileSystem\Udfs \UdfsCdRom IRP_MJ_READ 896E0DD8
Device \FileSystem\Udfs \UdfsCdRom IRP_MJ_WRITE 8946F1D8
Device \FileSystem\Udfs \UdfsCdRom IRP_MJ_QUERY_INFORMATION 8946F1D8
Device \FileSystem\Udfs \UdfsCdRom IRP_MJ_SET_INFORMATION 8946F1D8
Device \FileSystem\Udfs \UdfsCdRom IRP_MJ_QUERY_VOLUME_INFORMATION 8946F1D8
Device \FileSystem\Udfs \UdfsCdRom IRP_MJ_DIRECTORY_CONTROL 8946F1D8
Device \FileSystem\Udfs \UdfsCdRom IRP_MJ_FILE_SYSTEM_CONTROL 8946F1D8
Device \FileSystem\Udfs \UdfsCdRom IRP_MJ_DEVICE_CONTROL 8946F1D8
Device \FileSystem\Udfs \UdfsCdRom IRP_MJ_LOCK_CONTROL 8946F1D8
Device \FileSystem\Udfs \UdfsCdRom IRP_MJ_CLEANUP 8946F1D8
Device \FileSystem\Udfs \UdfsCdRom IRP_MJ_PNP 8946F1D8
Device \FileSystem\Udfs \UdfsDisk IRP_MJ_CREATE 8946F1D8
Device \FileSystem\Udfs \UdfsDisk IRP_MJ_CLOSE 8946F1D8
Device \FileSystem\Udfs \UdfsDisk IRP_MJ_READ 896E0DD8
Device \FileSystem\Udfs \UdfsDisk IRP_MJ_WRITE 8946F1D8
Device \FileSystem\Udfs \UdfsDisk IRP_MJ_QUERY_INFORMATION 8946F1D8
Device \FileSystem\Udfs \UdfsDisk IRP_MJ_SET_INFORMATION 8946F1D8
Device \FileSystem\Udfs \UdfsDisk IRP_MJ_QUERY_VOLUME_INFORMATION 8946F1D8
Device \FileSystem\Udfs \UdfsDisk IRP_MJ_DIRECTORY_CONTROL 8946F1D8
Device \FileSystem\Udfs \UdfsDisk IRP_MJ_FILE_SYSTEM_CONTROL 8946F1D8
Device \FileSystem\Udfs \UdfsDisk IRP_MJ_DEVICE_CONTROL 8946F1D8
Device \FileSystem\Udfs \UdfsDisk IRP_MJ_LOCK_CONTROL 8946F1D8
Device \FileSystem\Udfs \UdfsDisk IRP_MJ_CLEANUP 8946F1D8
Device \FileSystem\Udfs \UdfsDisk IRP_MJ_PNP 8946F1D8
Device \Driver\NetBT \Device\NetBT_Tcpip_{597B08B0-4DCC-49F2-B73D-6AB6C0616903} IRP_MJ_CREATE 892B8990
Device \Driver\NetBT \Device\NetBT_Tcpip_{597B08B0-4DCC-49F2-B73D-6AB6C0616903} IRP_MJ_CLOSE 892B8990
Device \Driver\NetBT \Device\NetBT_Tcpip_{597B08B0-4DCC-49F2-B73D-6AB6C0616903} IRP_MJ_DEVICE_CONTROL 892B8990
Device \Driver\NetBT \Device\NetBT_Tcpip_{597B08B0-4DCC-49F2-B73D-6AB6C0616903} IRP_MJ_INTERNAL_DEVICE_CONTROL 892B8990
Device \Driver\NetBT \Device\NetBT_Tcpip_{597B08B0-4DCC-49F2-B73D-6AB6C0616903} IRP_MJ_CLEANUP 892B8990
Device \Driver\NetBT \Device\NetBT_Tcpip_{597B08B0-4DCC-49F2-B73D-6AB6C0616903} IRP_MJ_PNP 892B8990
Device \Driver\Tcpip \Device\Ip IRP_MJ_CREATE 8986ABF0
Device \Driver\Tcpip \Device\Ip IRP_MJ_CREATE_NAMED_PIPE 89503100
Device \Driver\Tcpip \Device\Ip IRP_MJ_CLOSE 8959C2D0
Device \Driver\Tcpip \Device\Ip IRP_MJ_READ 89746FA8
Device \Driver\Tcpip \Device\Ip IRP_MJ_WRITE 898A23E8
Device \Driver\Tcpip \Device\Ip IRP_MJ_QUERY_INFORMATION 896D8978
Device \Driver\Tcpip \Device\Ip IRP_MJ_SET_INFORMATION 896E2A88
Device \Driver\Tcpip \Device\Ip IRP_MJ_QUERY_EA 89355218
Device \Driver\Tcpip \Device\Ip IRP_MJ_SET_EA 8939D020
Device \Driver\Tcpip \Device\Ip IRP_MJ_FLUSH_BUFFERS 8966C020
Device \Driver\Tcpip \Device\Ip IRP_MJ_QUERY_VOLUME_INFORMATION 895058B0
Device \Driver\Tcpip \Device\Ip IRP_MJ_SET_VOLUME_INFORMATION 897FDE00
Device \Driver\Tcpip \Device\Ip IRP_MJ_DIRECTORY_CONTROL 89668C60
Device \Driver\Tcpip \Device\Ip IRP_MJ_FILE_SYSTEM_CONTROL 8963BBE8
Device \Driver\Tcpip \Device\Ip IRP_MJ_DEVICE_CONTROL 8945E1C0
Device \Driver\Tcpip \Device\Ip IRP_MJ_INTERNAL_DEVICE_CONTROL 893D9608
Device \Driver\Tcpip \Device\Ip IRP_MJ_SHUTDOWN 893D3460
Device \Driver\Tcpip \Device\Ip IRP_MJ_LOCK_CONTROL 89618B80
Device \Driver\Tcpip \Device\Ip IRP_MJ_CLEANUP 89631678
Device \Driver\Tcpip \Device\Ip IRP_MJ_CREATE_MAILSLOT 89653330
Device \Driver\Tcpip \Device\Ip IRP_MJ_QUERY_SECURITY 89503A28
Device \Driver\Tcpip \Device\Ip IRP_MJ_SET_SECURITY 894A2100
Device \Driver\Tcpip \Device\Ip IRP_MJ_POWER 895F4C28
Device \Driver\Tcpip \Device\Ip IRP_MJ_SYSTEM_CONTROL 893CBDF8
Device \Driver\Tcpip \Device\Ip IRP_MJ_DEVICE_CHANGE 89510100
Device \Driver\Tcpip \Device\Ip IRP_MJ_QUERY_QUOTA 893DA7A8
Device \Driver\Tcpip \Device\Ip IRP_MJ_SET_QUOTA 894C2D40
Device \Driver\Tcpip \Device\Ip IRP_MJ_PNP 8939B1F8
Device \Driver\usbuhci \Device\USBPDO-0 IRP_MJ_CREATE 895501D8
Device \Driver\usbuhci \Device\USBPDO-0 IRP_MJ_CLOSE 895501D8
Device \Driver\usbuhci \Device\USBPDO-0 IRP_MJ_DEVICE_CONTROL 895501D8
Device \Driver\usbuhci \Device\USBPDO-0 IRP_MJ_INTERNAL_DEVICE_CONTROL 895501D8
Device \Driver\usbuhci \Device\USBPDO-0 IRP_MJ_POWER 895501D8
Device \Driver\usbuhci \Device\USBPDO-0 IRP_MJ_SYSTEM_CONTROL 895501D8
Device \Driver\usbuhci \Device\USBPDO-0 IRP_MJ_PNP 895501D8
Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_CREATE 8990A1D8
Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_CLOSE 8990A1D8
Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_READ 8990A1D8
Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_WRITE 8990A1D8
Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_FLUSH_BUFFERS 8990A1D8
Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_DEVICE_CONTROL 8990A1D8
Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_INTERNAL_DEVICE_CONTROL 8990A1D8
Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_SHUTDOWN 8990A1D8
Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_POWER 8990A1D8
Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_SYSTEM_CONTROL 8990A1D8
Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_PNP 8990A1D8
Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_CREATE 8990A1D8
Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_CLOSE 8990A1D8
Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_READ 8990A1D8
Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_WRITE 8990A1D8
Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_FLUSH_BUFFERS 8990A1D8
Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_DEVICE_CONTROL 8990A1D8
Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_INTERNAL_DEVICE_CONTROL 8990A1D8
Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_SHUTDOWN 8990A1D8
Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_POWER 8990A1D8
Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_SYSTEM_CONTROL 8990A1D8
Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_PNP 8990A1D8
Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_CREATE 8990A1D8
Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_CLOSE 8990A1D8
Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_READ 8990A1D8
Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_WRITE 8990A1D8
Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_FLUSH_BUFFERS 8990A1D8
Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_DEVICE_CONTROL 8990A1D8
Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_INTERNAL_DEVICE_CONTROL 8990A1D8
Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_SHUTDOWN 8990A1D8
Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_POWER 8990A1D8
Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_SYSTEM_CONTROL 8990A1D8
Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_PNP 8990A1D8
Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_CREATE 8990A1D8
Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_CLOSE 8990A1D8
Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_READ 8990A1D8
Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_WRITE 8990A1D8
Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_FLUSH_BUFFERS 8990A1D8
Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_DEVICE_CONTROL 8990A1D8
Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_INTERNAL_DEVICE_CONTROL 8990A1D8
Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_SHUTDOWN 8990A1D8
Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_POWER 8990A1D8
Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_SYSTEM_CONTROL 8990A1D8
Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_PNP 8990A1D8
Device \Driver\usbuhci \Device\USBPDO-1 IRP_MJ_CREATE 895501D8
Device \Driver\usbuhci \Device\USBPDO-1 IRP_MJ_CLOSE 895501D8
Device \Driver\usbuhci \Device\USBPDO-1 IRP_MJ_DEVICE_CONTROL 895501D8
Device \Driver\usbuhci \Device\USBPDO-1 IRP_MJ_INTERNAL_DEVICE_CONTROL 895501D8
Device \Driver\usbuhci \Device\USBPDO-1 IRP_MJ_POWER 895501D8
Device \Driver\usbuhci \Device\USBPDO-1 IRP_MJ_SYSTEM_CONTROL 895501D8
Device \Driver\usbuhci \Device\USBPDO-1 IRP_MJ_PNP 895501D8
Device \Driver\usbuhci \Device\USBPDO-2 IRP_MJ_CREATE 895501D8
Device \Driver\usbuhci \Device\USBPDO-2 IRP_MJ_CLOSE 895501D8
Device \Driver\usbuhci \Device\USBPDO-2 IRP_MJ_DEVICE_CONTROL 895501D8
Device \Driver\usbuhci \Device\USBPDO-2 IRP_MJ_INTERNAL_DEVICE_CONTROL 895501D8
Device \Driver\usbuhci \Device\USBPDO-2 IRP_MJ_POWER 895501D8
Device \Driver\usbuhci \Device\USBPDO-2 IRP_MJ_SYSTEM_CONTROL 895501D8
Device \Driver\usbuhci \Device\USBPDO-2 IRP_MJ_PNP 895501D8
Device \Driver\usbuhci \Device\USBPDO-3 IRP_MJ_CREATE 895501D8
Device \Driver\usbuhci \Device\USBPDO-3 IRP_MJ_CLOSE 895501D8
Device \Driver\usbuhci \Device\USBPDO-3 IRP_MJ_DEVICE_CONTROL 895501D8
Device \Driver\usbuhci \Device\USBPDO-3 IRP_MJ_INTERNAL_DEVICE_CONTROL 895501D8
Device \Driver\usbuhci \Device\USBPDO-3 IRP_MJ_POWER 895501D8
Device \Driver\usbuhci \Device\USBPDO-3 IRP_MJ_SYSTEM_CONTROL 895501D8
Device \Driver\usbuhci \Device\USBPDO-3 IRP_MJ_PNP 895501D8
Device \Driver\usbehci \Device\USBPDO-4 IRP_MJ_CREATE 8951F580
Device \Driver\usbehci \Device\USBPDO-4 IRP_MJ_CLOSE 8951F580
Device \Driver\usbehci \Device\USBPDO-4 IRP_MJ_DEVICE_CONTROL 8951F580
Device \Driver\usbehci \Device\USBPDO-4 IRP_MJ_INTERNAL_DEVICE_CONTROL 8951F580
Device \Driver\usbehci \Device\USBPDO-4 IRP_MJ_POWER 8951F580
Device \Driver\usbehci \Device\USBPDO-4 IRP_MJ_SYSTEM_CONTROL 8951F580
Device \Driver\usbehci \Device\USBPDO-4 IRP_MJ_PNP 8951F580
Device \Driver\00000117 \Device\00000061 IRP_MJ_POWER [F751BDB6] sptd.sys
Device \Driver\00000117 \Device\00000061 IRP_MJ_SYSTEM_CONTROL [F753173C] sptd.sys
Device \Driver\00000117 \Device\00000061 IRP_MJ_PNP [F752A77E] sptd.sys
Device \Driver\Tcpip \Device\Tcp IRP_MJ_CREATE 8986ABF0
Device \Driver\Tcpip \Device\Tcp IRP_MJ_CREATE_NAMED_PIPE 89503100
Device \Driver\Tcpip \Device\Tcp IRP_MJ_CLOSE 8959C2D0
Device \Driver\Tcpip \Device\Tcp IRP_MJ_READ 89746FA8
Device \Driver\Tcpip \Device\Tcp IRP_MJ_WRITE 898A23E8
Device \Driver\Tcpip \Device\Tcp IRP_MJ_QUERY_INFORMATION 896D8978
Device \Driver\Tcpip \Device\Tcp IRP_MJ_SET_INFORMATION 896E2A88
Device \Driver\Tcpip \Device\Tcp IRP_MJ_QUERY_EA 89355218
Device \Driver\Tcpip \Device\Tcp IRP_MJ_SET_EA 8939D020
Device \Driver\Tcpip \Device\Tcp IRP_MJ_FLUSH_BUFFERS 8966C020
Device \Driver\Tcpip \Device\Tcp IRP_MJ_QUERY_VOLUME_INFORMATION 895058B0
Device \Driver\Tcpip \Device\Tcp IRP_MJ_SET_VOLUME_INFORMATION 897FDE00
Device \Driver\Tcpip \Device\Tcp IRP_MJ_DIRECTORY_CONTROL 89668C60
Device \Driver\Tcpip \Device\Tcp IRP_MJ_FILE_SYSTEM_CONTROL 8963BBE8
Device \Driver\Tcpip \Device\Tcp IRP_MJ_DEVICE_CONTROL 8945E1C0
Device \Driver\Tcpip \Device\Tcp IRP_MJ_INTERNAL_DEVICE_CONTROL 893D9608
Device \Driver\Tcpip \Device\Tcp IRP_MJ_SHUTDOWN 893D3460
Device \Driver\Tcpip \Device\Tcp IRP_MJ_LOCK_CONTROL 89618B80
Device \Driver\Tcpip \Device\Tcp IRP_MJ_CLEANUP 89631678
Device \Driver\Tcpip \Device\Tcp IRP_MJ_CREATE_MAILSLOT 89653330
Device \Driver\Tcpip \Device\Tcp IRP_MJ_QUERY_SECURITY 89503A28
Device \Driver\Tcpip \Device\Tcp IRP_MJ_SET_SECURITY 894A2100
Device \Driver\Tcpip \Device\Tcp IRP_MJ_POWER 895F4C28
Device \Driver\Tcpip \Device\Tcp IRP_MJ_SYSTEM_CONTROL 893CBDF8
Device \Driver\Tcpip \Device\Tcp IRP_MJ_DEVICE_CHANGE 89510100
Device \Driver\Tcpip \Device\Tcp IRP_MJ_QUERY_QUOTA 893DA7A8
Device \Driver\Tcpip \Device\Tcp IRP_MJ_SET_QUOTA 894C2D40
Device \Driver\Tcpip \Device\Tcp IRP_MJ_PNP 8939B1F8
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_CREATE 898A11D8
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_READ 898A11D8
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_WRITE 898A11D8
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_FLUSH_BUFFERS 898A11D8
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_DEVICE_CONTROL 898A11D8
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_INTERNAL_DEVICE_CONTROL 898A11D8
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_SHUTDOWN 898A11D8
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_CLEANUP 898A11D8
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_POWER 898A11D8
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_SYSTEM_CONTROL 898A11D8
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_PNP 898A11D8
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_CREATE 89428E08
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_CREATE_NAMED_PIPE 89428E08
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_CLOSE 89428E08
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_READ 89428E08
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_WRITE 89428E08
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_QUERY_INFORMATION 89428E08
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_SET_INFORMATION 89428E08
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_QUERY_EA 89428E08
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_SET_EA 89428E08
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_FLUSH_BUFFERS 89428E08
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_QUERY_VOLUME_INFORMATION 89428E08
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_SET_VOLUME_INFORMATION 89428E08
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_DIRECTORY_CONTROL 89428E08
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_FILE_SYSTEM_CONTROL 89428E08
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_DEVICE_CONTROL 89428E08
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_INTERNAL_DEVICE_CONTROL 89428E08
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_SHUTDOWN 89428E08
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_LOCK_CONTROL 89428E08
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_CLEANUP 89428E08
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_CREATE_MAILSLOT 89428E08
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_QUERY_SECURITY 89428E08
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_SET_SECURITY 89428E08
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_POWER 89428E08
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_SYSTEM_CONTROL 89428E08
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_DEVICE_CHANGE 89428E08
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_QUERY_QUOTA 89428E08
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_SET_QUOTA 89428E08
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_PNP 89428E08
Device \Driver\NetBT \Device\NetBT_Tcpip_{07842AA3-AFEA-46C8-886B-FCEFFC169F1B} IRP_MJ_CREATE 892B8990
Device \Driver\NetBT \Device\NetBT_Tcpip_{07842AA3-AFEA-46C8-886B-FCEFFC169F1B} IRP_MJ_CLOSE 892B8990
Device \Driver\NetBT \Device\NetBT_Tcpip_{07842AA3-AFEA-46C8-886B-FCEFFC169F1B} IRP_MJ_DEVICE_CONTROL 892B8990
Device \Driver\NetBT \Device\NetBT_Tcpip_{07842AA3-AFEA-46C8-886B-FCEFFC169F1B} IRP_MJ_INTERNAL_DEVICE_CONTROL 892B8990
Device \Driver\NetBT \Device\NetBT_Tcpip_{07842AA3-AFEA-46C8-886B-FCEFFC169F1B} IRP_MJ_CLEANUP 892B8990
Device \Driver\NetBT \Device\NetBT_Tcpip_{07842AA3-AFEA-46C8-886B-FCEFFC169F1B} IRP_MJ_PNP 892B8990
Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_READ 8921ECE8
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_CREATE 89428E08
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_CREATE_NAMED_PIPE 89428E08
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_CLOSE 89428E08
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_READ 89428E08
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_WRITE 89428E08
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_QUERY_INFORMATION 89428E08
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_SET_INFORMATION 89428E08
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_QUERY_EA 89428E08
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_SET_EA 89428E08
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_FLUSH_BUFFERS 89428E08
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_QUERY_VOLUME_INFORMATION 89428E08
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_SET_VOLUME_INFORMATION 89428E08
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_DIRECTORY_CONTROL 89428E08
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_FILE_SYSTEM_CONTROL 89428E08
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_DEVICE_CONTROL 89428E08
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_INTERNAL_DEVICE_CONTROL 89428E08
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_SHUTDOWN 89428E08
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_LOCK_CONTROL 89428E08
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_CLEANUP 89428E08
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_CREATE_MAILSLOT 89428E08
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_QUERY_SECURITY 89428E08
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_SET_SECURITY 89428E08
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_POWER 89428E08
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_SYSTEM_CONTROL 89428E08
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_DEVICE_CHANGE 89428E08
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_QUERY_QUOTA 89428E08
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_SET_QUOTA 89428E08
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_PNP 89428E08
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_CREATE 89275008
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_CREATE_NAMED_PIPE 89275008
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_CLOSE 89275008
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_READ 89275008
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_WRITE 89275008
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_QUERY_INFORMATION 89275008
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_SET_INFORMATION 89275008
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_QUERY_EA 89275008
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_SET_EA 89275008
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_FLUSH_BUFFERS 89275008
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_QUERY_VOLUME_INFORMATION 89275008
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_SET_VOLUME_INFORMATION 89275008
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_DIRECTORY_CONTROL 89275008
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_FILE_SYSTEM_CONTROL 89275008
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_DEVICE_CONTROL 89275008
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_INTERNAL_DEVICE_CONTROL 89275008
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_SHUTDOWN 89275008
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_LOCK_CONTROL 89275008
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_CLEANUP 89275008
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_CREATE_MAILSLOT 89275008
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_QUERY_SECURITY 89275008
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_SET_SECURITY 89275008
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_POWER 89275008
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_SYSTEM_CONTROL 89275008
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_DEVICE_CHANGE 89275008
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_QUERY_QUOTA 89275008
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_SET_QUOTA 89275008
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_PNP 89275008
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-4 IRP_MJ_CREATE 89275008
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-4 IRP_MJ_CREATE_NAMED_PIPE 89275008
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-4 IRP_MJ_CLOSE 89275008
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-4 IRP_MJ_READ 89275008
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-4 IRP_MJ_WRITE 89275008
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-4 IRP_MJ_QUERY_INFORMATION 89275008
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-4 IRP_MJ_SET_INFORMATION 89275008
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-4 IRP_MJ_QUERY_EA 89275008
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-4 IRP_MJ_SET_EA 89275008
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-4 IRP_MJ_FLUSH_BUFFERS 89275008
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-4 IRP_MJ_QUERY_VOLUME_INFORMATION 89275008
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-4 IRP_MJ_SET_VOLUME_INFORMATION 89275008
Device \Driver\a