| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: 20 tans werden abgefragt onlinebanking => rootkit?Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
| |
08.09.2010, 22:03
| #1 |
| /// Winkelfunktion /// TB-Süch-Tiger™   |  20 tans werden abgefragt onlinebanking => rootkit? Ok. Bitte nun Logs mit GMER und OSAM erstellen und posten. GMER stürzt häufiger ab, wenn das Tool auch beim 2. Mal nicht will, lass es einfach weg und führ nur OSAM aus Anschließend den bootkit_remover herunterladen. Entpacke das Tool in einen eigenen Ordner auf dem Desktop und führe in diesem Ordner die Datei remove.exe aus. Wenn Du Windows Vista oder Windows 7 verwendest, musst Du die remover.exe über ein Rechtsklick => als Administrator ausführen Ein schwarzes Fenster wird sich öffnen und automatisch nach bösartigen Veränderungen im MBR suchen. Poste dann bitte, ob es Veränderungen gibt und wenn ja in welchem device. Am besten alles posten was die remover.exe ausgibt.
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
10.09.2010, 21:16
| #2 |
 | 20 tans werden abgefragt onlinebanking => rootkit? Hi, GMER hat nicht funktioniert, aber OSAM:
__________________OSAM Logfile: Code:
ATTFilter Report of OSAM: Autorun Manager v5.0.11926.0 hxxp://www.online-solutions.ru/en/ Saved at 22:15:25 on 10.09.2010 OS: Windows XP Professional Service Pack 3 (Build 2600) Default Browser: Mozilla Corporation Firefox 3.6.9 Scanner Settings [x] Rootkits detection (hidden registry) [x] Rootkits detection (hidden files) [x] Retrieve files information [x] Check Microsoft signatures Filters [ ] Trusted entries [ ] Empty entries [x] Hidden registry entries (rootkit activity) [x] Exclusively opened files [x] Not found files [x] Files without detailed information [x] Existing files [ ] Non-startable services [ ] Non-startable drivers [x] Active entries [x] Disabled entries [Common] -----( %SystemRoot%\Tasks )----- "1-Klick-Wartung.job" - "TuneUp Software GmbH" - C:\Programme\TuneUp Utilities 2009\OneClickStarter.exe [Control Panel Objects] -----( %SystemRoot%\system32 )----- "BCMWLCPL.CPL" - "Dell Inc." - C:\WINDOWS\system32\BCMWLCPL.CPL "infocardcpl.cpl" - "Microsoft Corporation" - C:\WINDOWS\system32\infocardcpl.cpl "ISUSPM.cpl" - "Macrovision Corporation" - C:\WINDOWS\system32\ISUSPM.cpl "javacpl.cpl" - "Sun Microsystems, Inc." - C:\WINDOWS\system32\javacpl.cpl "nvcpl.cpl" - "NVIDIA Corporation" - C:\WINDOWS\system32\nvcpl.cpl -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Control Panel\Cpls )----- "Avira AntiVir Personal - Free Antivirus " - "Avira GmbH" - C:\PROGRA~1\Avira\ANTIVI~1\avconfig.cpl "QuickTime" - "Apple Inc." - C:\Programme\QT Lite\QTSystem\QuickTime.cpl [Drivers] -----( HKLM\SYSTEM\CurrentControlSet\Services )----- "Aspi32" (Aspi32) - "Adaptec" - C:\WINDOWS\system32\drivers\Aspi32.sys "avgio" (avgio) - "Avira GmbH" - C:\Programme\Avira\AntiVir Desktop\avgio.sys "avgntflt" (avgntflt) - "Avira GmbH" - C:\WINDOWS\System32\DRIVERS\avgntflt.sys "avipbb" (avipbb) - "Avira GmbH" - C:\WINDOWS\System32\DRIVERS\avipbb.sys "catchme" (catchme) - ? - C:\DOKUME~1\Uli\LOKALE~1\Temp\catchme.sys (File not found) "Changer" (Changer) - ? - C:\WINDOWS\system32\drivers\Changer.sys (File not found) "Diag69xp" (Diag69xp) - "Realtek Semiconductor Corporation" - C:\WINDOWS\System32\Drivers\Diag69xp.sys "DLABMFSM" (DLABMFSM) - "Roxio" - C:\WINDOWS\System32\Drivers\DLABMFSM.SYS "DLABOIOM" (DLABOIOM) - "Roxio" - C:\WINDOWS\System32\Drivers\DLABOIOM.SYS "DLACDBHM" (DLACDBHM) - "Roxio" - C:\WINDOWS\System32\Drivers\DLACDBHM.SYS "DLADResM" (DLADResM) - "Roxio" - C:\WINDOWS\System32\Drivers\DLADResM.SYS "DLAIFS_M" (DLAIFS_M) - "Roxio" - C:\WINDOWS\System32\Drivers\DLAIFS_M.SYS "DLAOPIOM" (DLAOPIOM) - "Roxio" - C:\WINDOWS\System32\Drivers\DLAOPIOM.SYS "DLAPoolM" (DLAPoolM) - "Roxio" - C:\WINDOWS\System32\Drivers\DLAPoolM.SYS "DLARTL_M" (DLARTL_M) - "Roxio" - C:\WINDOWS\System32\Drivers\DLARTL_M.SYS "DLAUDFAM" (DLAUDFAM) - "Roxio" - C:\WINDOWS\System32\Drivers\DLAUDFAM.SYS "DLAUDF_M" (DLAUDF_M) - "Roxio" - C:\WINDOWS\System32\Drivers\DLAUDF_M.SYS "DRVMCDB" (DRVMCDB) - "Sonic Solutions" - C:\WINDOWS\System32\Drivers\DRVMCDB.SYS "DRVNDDM" (DRVNDDM) - "Roxio" - C:\WINDOWS\System32\Drivers\DRVNDDM.SYS "Intel RAID Controller" (iaStor) - "Intel Corporation" - C:\WINDOWS\System32\drivers\iaStor.sys "lbrtfdc" (lbrtfdc) - ? - C:\WINDOWS\system32\drivers\lbrtfdc.sys (File not found) "MarxDev1" (MarxDev1) - ? - C:\WINDOWS\system32\drivers\MarxDev1.sys "MarxDev2" (MarxDev2) - ? - C:\WINDOWS\system32\drivers\MarxDev2.sys "MarxDev3" (MarxDev3) - ? - C:\WINDOWS\system32\drivers\MarxDev3.sys "MMRTKRNL" (MMRTKRNL) - "ALCATech GmbH" - C:\WINDOWS\System32\drivers\mmrtkrnl.sys "PCIDump" (PCIDump) - ? - C:\WINDOWS\system32\drivers\PCIDump.sys (File not found) "PDCOMP" (PDCOMP) - ? - C:\WINDOWS\system32\drivers\PDCOMP.sys (File not found) "PDFRAME" (PDFRAME) - ? - C:\WINDOWS\system32\drivers\PDFRAME.sys (File not found) "PDRELI" (PDRELI) - ? - C:\WINDOWS\system32\drivers\PDRELI.sys (File not found) "PDRFRAME" (PDRFRAME) - ? - C:\WINDOWS\system32\drivers\PDRFRAME.sys (File not found) "ssmdrv" (ssmdrv) - "Avira GmbH" - C:\WINDOWS\System32\DRIVERS\ssmdrv.sys "StarOpen" (StarOpen) - ? - C:\WINDOWS\system32\drivers\StarOpen.sys (File found, but it contains no detailed information) "WDICA" (WDICA) - ? - C:\WINDOWS\system32\drivers\WDICA.sys (File not found) [Explorer] -----( HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components )----- {89B4C1CD-B018-4511-B0A1-5476DBF70820} "StubPath" - "Microsoft Corporation" - c:\WINDOWS\system32\Rundll32.exe c:\WINDOWS\system32\mscories.dll,Install -----( HKLM\Software\Classes\Folder\shellex\ColumnHandlers )----- {F9DB5320-233E-11D1-9F84-707F02C10627} "PDF Shell Extension" - "Adobe Systems, Inc." - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\PDFShell.dll {C52AF81D-F7A0-4AAB-8E87-F80A60CCD396} "{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}" - ? - C:\Programme\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll -----( HKLM\Software\Classes\Protocols\Filter )----- {1E66F26B-79EE-11D2-8710-00C04F79ED0D} "Cor MIME Filter, CorFltr, CorFltr 1" - "Microsoft Corporation" - C:\WINDOWS\system32\mscoree.dll {1E66F26B-79EE-11D2-8710-00C04F79ED0D} "Cor MIME Filter, CorFltr, CorFltr 1" - "Microsoft Corporation" - C:\WINDOWS\system32\mscoree.dll {1E66F26B-79EE-11D2-8710-00C04F79ED0D} "Cor MIME Filter, CorFltr, CorFltr 1" - "Microsoft Corporation" - C:\WINDOWS\system32\mscoree.dll -----( HKLM\Software\Classes\Protocols\Handler )----- {CD00020A-8B95-11D1-82DB-00C04FB1625D} "Microsoft PKM KnowledgePluggable Class" - "Microsoft Corporation" - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Folders\PKMCDO.DLL -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )----- {23170F69-40C1-278A-1000-000100020000} "7-Zip Shell Extension" - "Igor Pavlov" - C:\Programme\7-Zip\7-zip.dll {42071714-76d4-11d1-8b24-00a0c9068ff3} "CPL-Erweiterung für Anzeigeverschiebung" - ? - deskpan.dll (File not found) {88895560-9AA2-1069-930E-00AA0030EBC8} "Erweiterung für HyperTerminal-Icons" - ? - (File not found | COM-object registry key not found) {1D2680C9-0E2A-469d-B787-065558BC7D43} "Fusion Cache" - "Microsoft Corporation" - c:\WINDOWS\system32\mscoree.dll {B9E1D2CB-CCFF-4AA6-9579-D7A4754030EF} "iTunes" - "Apple Inc." - C:\Programme\iTunes\iTunesMiniPlayer.dll {853FE2B1-B769-11d0-9C4E-00C04FB6C6FA} "Kontextmenü für die Verschlüsselung" - ? - (File not found | COM-object registry key not found) {42042206-2D85-11D3-8CFF-005004838597} "Microsoft Office HTML Icon Handler" - "Microsoft Corporation" - C:\Programme\Microsoft Office\Office10\msohev.dll {993BE281-6695-4BA5-8A2A-7AACBFAAB69E} "Microsoft Office Metadata Handler" - "Microsoft Corporation" - C:\PROGRA~1\GEMEIN~1\MICROS~1\OFFICE12\msoshext.dll {C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97} "Microsoft Office Thumbnail Handler" - "Microsoft Corporation" - C:\PROGRA~1\GEMEIN~1\MICROS~1\OFFICE12\msoshext.dll {C52AF81D-F7A0-4AAB-8E87-F80A60CCD396} "OpenOffice.org Column Handler" - ? - C:\Programme\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll {087B3AE3-E237-4467-B8DB-5A38AB959AC9} "OpenOffice.org Infotip Handler" - ? - C:\Programme\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll {63542C48-9552-494A-84F7-73AA6A7C99C1} "OpenOffice.org Property Sheet Handler" - ? - C:\Programme\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll {3B092F0C-7696-40E3-A80F-68D74DA84210} "OpenOffice.org Thumbnail Viewer" - ? - C:\Programme\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll {0006F045-0000-0000-C000-000000000046} "Outlook-Dateisymbolerweiterung" - "Microsoft Corporation" - C:\Programme\Microsoft Office\Office10\OLKFSTUB.DLL {45AC2688-0253-4ED8-97DE-B5370FA7D48A} "Shell Extension for Malware scanning" - "Avira GmbH" - C:\Programme\Avira\AntiVir Desktop\shlext.dll {E37E2028-CE1A-4f42-AF05-6CEABC4E5D75} "Shell Icon Handler for Application References" - "Microsoft Corporation" - c:\WINDOWS\system32\dfshim.dll {764BF0E1-F219-11ce-972D-00AA00A14F56} "Shellerweiterungen für die Dateikomprimierung" - ? - (File not found | COM-object registry key not found) {e82a2d71-5b2f-43a0-97b8-81be15854de8} "ShellLink for Application References" - "Microsoft Corporation" - c:\WINDOWS\system32\dfshim.dll {4838CD50-7E5D-4811-9B17-C47A85539F28} "TuneUp Disk Space Explorer Shell Extension" - "TuneUp Software" - C:\Programme\TuneUp Utilities 2009\DseShExt-x86.dll {4858E7D9-8E12-45a3-B6A3-1CD128C9D403} "TuneUp Shredder Shell Extension" - "TuneUp Software" - C:\Programme\TuneUp Utilities 2009\SDShelEx-win32.dll {44440D00-FF19-4AFC-B765-9A0970567D97} "TuneUp Theme Extension" - "TuneUp Software" - C:\WINDOWS\System32\uxtuneup.dll {BDEADF00-C265-11D0-BCED-00A0C90AB50F} "Webordner" - "Microsoft Corporation" - C:\PROGRA~1\GEMEIN~1\MICROS~1\WEBFOL~1\MSONSEXT.DLL FF_TB_Property Shell Extension "{9519D9F3-360F-49b4-BAEC-7E1691F4C0EF}" - ? - (File not found | COM-object registry key not found) [Internet Explorer] -----( HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser )----- <binary data> "DVDVideoSoftTB Toolbar" - "Conduit Ltd." - C:\Programme\DVDVideoSoft\tbDVD1.dll <binary data> "ITBar7Layout" - ? - (File not found | COM-object registry key not found) <binary data> "ITBarLayout" - ? - (File not found | COM-object registry key not found) <binary data> "PDFCreator Toolbar" - ? - C:\Programme\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll -----( HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks )----- {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} "DVDVideoSoftTB Toolbar" - "Conduit Ltd." - C:\Programme\DVDVideoSoft\tbDVD1.dll -----( HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units )----- {8AD9C840-044E-11D1-B3E9-00805F499D93} "Java Plug-in 1.6.0_21" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\npjpi160_21.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} "Java Plug-in 1.6.0_21" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\npjpi160_21.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} "Java Plug-in 1.6.0_21" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\npjpi160_21.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} "{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}" - ? - (File not found | COM-object registry key not found) / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab -----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions )----- "Messenger" - ? - C:\Programme\Messenger\msmsgs.exe (File not found) -----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar )----- {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} "DVDVideoSoftTB Toolbar" - "Conduit Ltd." - C:\Programme\DVDVideoSoft\tbDVD1.dll {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} "PDFCreator Toolbar" - ? - C:\Programme\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects )----- {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} "Adobe PDF Reader" - "Adobe Systems Incorporated" - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelper.dll {CA6319C0-31B7-401E-A518-A07C3DB8F777} "CBrowserHelperObject Object" - "Dell Inc." - C:\Programme\Dell\BAE\BAE.dll {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} "DVDVideoSoftTB Toolbar" - "Conduit Ltd." - C:\Programme\DVDVideoSoft\tbDVD1.dll {DBC80044-A445-435b-BC74-9C25C1C588A9} "Java(tm) Plug-In 2 SSV Helper" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\jp2ssv.dll {E7E6F031-17CE-4C07-BC86-EABFE594F69C} "JQSIEStartDetectorImpl Class" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll {C451C08A-EC37-45DF-AAAD-18B51AB5E837} "PDFCreator Toolbar Helper" - ? - C:\Programme\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll [Logon] -----( %AllUsersProfile%\Startmenü\Programme\Autostart )----- "desktop.ini" - ? - C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\desktop.ini -----( %UserProfile%\Startmenü\Programme\Autostart )----- "desktop.ini" - ? - C:\Dokumente und Einstellungen\Uli\Startmenü\Programme\Autostart\desktop.ini -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Run )----- "8169Diag" - "Realtek" - C:\Programme\Realtek\Diagnostics Utility\8169Diag.exe /hw "avgnt" - "Avira GmbH" - "C:\Programme\Avira\AntiVir Desktop\avgnt.exe" /min "Broadcom Wireless Manager UI" - "Dell Inc." - C:\WINDOWS\system32\WLTRAY.exe "dellsupportcenter" - "SupportSoft, Inc." - "C:\Programme\Dell Support Center\bin\sprtcmd.exe" /P dellsupportcenter "dscactivate" - " " - "C:\Programme\Dell Support Center\gs_agent\custom\dsca.exe" "LexwareInfoService" - "Lexware GmbH & Co. KG" - C:\Programme\Gemeinsame Dateien\Lexware\Update Manager\LxUpdateManager.exe /autostart "SunJavaUpdateSched" - "Sun Microsystems, Inc." - "C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe" [Network Providers] -----( HKLM\SYSTEM\CurrentControlSet\Control\NetworkProvider\Order )----- "Dell Wireless WLAN Card Logon Provider" - "Dell Inc." - C:\WINDOWS\System32\BCMLogon.dll [Print Monitors] -----( HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors )----- "Canon BJNP Port" - "CANON INC." - C:\WINDOWS\system32\CNMNPPM.DLL "PDFCreator" - "internet-support foehr.com" - C:\WINDOWS\system32\pdfcmnnt.dll [Services] -----( HKLM\SYSTEM\CurrentControlSet\Services )----- ".NET Runtime Optimization Service v2.0.50727_X86" (clr_optimization_v2.0.50727_32) - "Microsoft Corporation" - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe "Apple Mobile Device" (Apple Mobile Device) - "Apple Inc." - C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe "ASP.NET-Zustandsdienst" (aspnet_state) - "Microsoft Corporation" - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe "Avira AntiVir Guard" (AntiVirService) - "Avira GmbH" - C:\Programme\Avira\AntiVir Desktop\avguard.exe "Avira AntiVir Planer" (AntiVirSchedulerService) - "Avira GmbH" - C:\Programme\Avira\AntiVir Desktop\sched.exe "Dell Wireless WLAN Tray Service" (wltrysvc) - ? - C:\WINDOWS\System32\WLTRYSVC.EXE (File found, but it contains no detailed information) "Dienst "Bonjour"" (Bonjour Service) - "Apple Inc." - C:\Programme\Bonjour\mDNSResponder.exe "Firebird Server - MAGIX Instance" (FirebirdServerMAGIXInstance) - "MAGIX®" - C:\Programme\MAGIX\Common\Database\bin\fbserver.exe "HID Input Service" (HidServ) - ? - C:\WINDOWS\System32\hidserv.dll (File not found) "iPod-Dienst" (iPod Service) - "Apple Inc." - C:\Programme\iPod\bin\iPodService.exe "Java Quick Starter" (JavaQuickStarterService) - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\jqs.exe "NMSAccessU" (NMSAccessU) - ? - C:\Programme\CDBurnerXP\NMSAccessU.exe (File found, but it contains no detailed information) "SupportSoft Sprocket Service (dellsupportcenter)" (sprtsvc_dellsupportcenter) - "SupportSoft, Inc." - C:\Programme\Dell Support Center\bin\sprtsvc.exe "TuneUp Designerweiterung" (UxTuneUp) - "TuneUp Software" - C:\WINDOWS\System32\uxtuneup.dll "TuneUp Drive Defrag-Dienst" (TuneUp.Defrag) - "TuneUp Software" - C:\WINDOWS\System32\TuneUpDefragService.exe "TuneUp Program Statistics Service" (TuneUp.ProgramStatisticsSvc) - "TuneUp Software" - C:\WINDOWS\System32\TUProgSt.exe "Windows CardSpace" (idsvc) - "Microsoft Corporation" - c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe "Windows Presentation Foundation Font Cache 3.0.0.0" (FontCache3.0.0.0) - "Microsoft Corporation" - c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [Winlogon] -----( HKCU\Control Panel\IOProcs )----- "MVB" - ? - mvfs32.dll (File not found) -----( HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify )----- "WgaLogon" - "Microsoft Corporation" - C:\WINDOWS\system32\WgaLogon.dll [Winsock Providers] -----( HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries )----- "mdnsNSP" - "Apple Inc." - C:\Programme\Bonjour\mdnsNSP.dll ===[ Logfile end ]=========================================[ Logfile end ]=== If You have questions or want to get some help, You can visit hxxp://forum.online-solutions.ru |
|
10.09.2010, 21:30
| #3 |
| | 20 tans werden abgefragt onlinebanking => rootkit? .\debug.cpp(238) : Debug log started at 10.09.2010 - 20:27:59
__________________.\boot_cleaner.cpp(527) : Bootkit Remover .\boot_cleaner.cpp(528) : (c) 2009 eSage Lab .\boot_cleaner.cpp(529) : www.esagelab.com .\boot_cleaner.cpp(533) : Program version: 1.2.0.0 .\boot_cleaner.cpp(540) : OS Version: Microsoft Windows XP Professional Service Pack 3 (build 2600) .\debug.cpp(248) : ********************************************** .\debug.cpp(249) : *** [ LOADED MODULES INFORMATION ] *********** .\debug.cpp(250) : ********************************************** .\debug.cpp(256) : 0x804d7000 0x0020e000 "\WINDOWS\system32\ntkrnlpa.exe" .\debug.cpp(256) : 0x806e5000 0x00020d00 "\WINDOWS\system32\hal.dll" .\debug.cpp(256) : 0xba5a8000 0x00002000 "\WINDOWS\system32\KDCOM.DLL" .\debug.cpp(256) : 0xba4b8000 0x00003000 "\WINDOWS\system32\BOOTVID.dll" .\debug.cpp(256) : 0xb9f78000 0x0002f000 "ACPI.sys" .\debug.cpp(256) : 0xba5aa000 0x00002000 "\WINDOWS\system32\DRIVERS\WMILIB.SYS" .\debug.cpp(256) : 0xb9f67000 0x00011000 "pci.sys" .\debug.cpp(256) : 0xba0a8000 0x0000a000 "isapnp.sys" .\debug.cpp(256) : 0xba670000 0x00001000 "pciide.sys" .\debug.cpp(256) : 0xba328000 0x00007000 "\WINDOWS\system32\DRIVERS\PCIIDEX.SYS" .\debug.cpp(256) : 0xba0b8000 0x0000b000 "MountMgr.sys" .\debug.cpp(256) : 0xb9f48000 0x0001f000 "ftdisk.sys" .\debug.cpp(256) : 0xba5ac000 0x00002000 "dmload.sys" .\debug.cpp(256) : 0xb9f22000 0x00026000 "dmio.sys" .\debug.cpp(256) : 0xba330000 0x00005000 "PartMgr.sys" .\debug.cpp(256) : 0xba0c8000 0x0000e000 "VolSnap.sys" .\debug.cpp(256) : 0xb9f0a000 0x00018000 "atapi.sys" .\debug.cpp(256) : 0xb9e42000 0x000c8000 "iaStor.sys" .\debug.cpp(256) : 0xba0d8000 0x00009000 "disk.sys" .\debug.cpp(256) : 0xba0e8000 0x0000d000 "\WINDOWS\system32\DRIVERS\CLASSPNP.SYS" .\debug.cpp(256) : 0xb9e22000 0x00020000 "fltmgr.sys" .\debug.cpp(256) : 0xb9e10000 0x00012000 "sr.sys" .\debug.cpp(256) : 0xba5ae000 0x00002000 "DLACDBHM.SYS" .\debug.cpp(256) : 0xb9df9000 0x00017000 "DRVMCDB.SYS" .\debug.cpp(256) : 0xb9de2000 0x00017000 "KSecDD.sys" .\debug.cpp(256) : 0xb9d55000 0x0008d000 "Ntfs.sys" .\debug.cpp(256) : 0xb9d28000 0x0002d000 "NDIS.sys" .\debug.cpp(256) : 0xba0f8000 0x0000b000 "sbp2port.sys" .\debug.cpp(256) : 0xba108000 0x00010000 "ohci1394.sys" .\debug.cpp(256) : 0xba118000 0x0000e000 "\WINDOWS\system32\DRIVERS\1394BUS.SYS" .\debug.cpp(256) : 0xb9d0e000 0x0001a000 "Mup.sys" .\debug.cpp(256) : 0xba288000 0x00010000 "\SystemRoot\system32\DRIVERS\nic1394.sys" .\debug.cpp(256) : 0xb94d8000 0x0000a000 "\SystemRoot\system32\DRIVERS\intelppm.sys" .\debug.cpp(256) : 0xb8c63000 0x00715000 "\SystemRoot\system32\DRIVERS\nv4_mini.sys" .\debug.cpp(256) : 0xb8c4f000 0x00014000 "\SystemRoot\system32\DRIVERS\VIDEOPRT.SYS" .\debug.cpp(256) : 0xba450000 0x00006000 "\SystemRoot\system32\DRIVERS\usbuhci.sys" .\debug.cpp(256) : 0xb8c2b000 0x00024000 "\SystemRoot\system32\DRIVERS\USBPORT.SYS" .\debug.cpp(256) : 0xba458000 0x00008000 "\SystemRoot\system32\DRIVERS\usbehci.sys" .\debug.cpp(256) : 0xb8c03000 0x00028000 "\SystemRoot\system32\DRIVERS\HDAudBus.sys" .\debug.cpp(256) : 0xb8b6f000 0x00094000 "\SystemRoot\system32\DRIVERS\bcmwl5.sys" .\debug.cpp(256) : 0xb8b55000 0x0001a000 "\SystemRoot\system32\DRIVERS\Rtenicxp.sys" .\debug.cpp(256) : 0xba460000 0x00007000 "\SystemRoot\system32\DRIVERS\fdc.sys" .\debug.cpp(256) : 0xb94c8000 0x00010000 "\SystemRoot\system32\DRIVERS\cdrom.sys" .\debug.cpp(256) : 0xb94b8000 0x0000f000 "\SystemRoot\system32\DRIVERS\redbook.sys" .\debug.cpp(256) : 0xb8b32000 0x00023000 "\SystemRoot\system32\DRIVERS\ks.sys" .\debug.cpp(256) : 0xba468000 0x00006000 "\SystemRoot\system32\DRIVERS\GEARAspiWDM.sys" .\debug.cpp(256) : 0xb94a8000 0x0000b000 "\SystemRoot\system32\DRIVERS\imapi.sys" .\debug.cpp(256) : 0xba792000 0x00001000 "\SystemRoot\system32\DRIVERS\audstub.sys" .\debug.cpp(256) : 0xb9498000 0x0000d000 "\SystemRoot\system32\DRIVERS\rasl2tp.sys" .\debug.cpp(256) : 0xb9cca000 0x00003000 "\SystemRoot\system32\DRIVERS\ndistapi.sys" .\debug.cpp(256) : 0xb8b1b000 0x00017000 "\SystemRoot\system32\DRIVERS\ndiswan.sys" .\debug.cpp(256) : 0xb9488000 0x0000b000 "\SystemRoot\system32\DRIVERS\raspppoe.sys" .\debug.cpp(256) : 0xb9478000 0x0000c000 "\SystemRoot\system32\DRIVERS\raspptp.sys" .\debug.cpp(256) : 0xba470000 0x00005000 "\SystemRoot\system32\DRIVERS\TDI.SYS" .\debug.cpp(256) : 0xb8b0a000 0x00011000 "\SystemRoot\system32\DRIVERS\psched.sys" .\debug.cpp(256) : 0xba148000 0x00009000 "\SystemRoot\system32\DRIVERS\msgpc.sys" .\debug.cpp(256) : 0xba478000 0x00005000 "\SystemRoot\system32\DRIVERS\ptilink.sys" .\debug.cpp(256) : 0xba480000 0x00005000 "\SystemRoot\system32\DRIVERS\raspti.sys" .\debug.cpp(256) : 0xb8ada000 0x00030000 "\SystemRoot\system32\DRIVERS\rdpdr.sys" .\debug.cpp(256) : 0xba158000 0x0000a000 "\SystemRoot\system32\DRIVERS\termdd.sys" .\debug.cpp(256) : 0xba488000 0x00007000 "\SystemRoot\system32\DRIVERS\kbdclass.sys" .\debug.cpp(256) : 0xba490000 0x00006000 "\SystemRoot\system32\DRIVERS\mouclass.sys" .\debug.cpp(256) : 0xba168000 0x00009000 "\SystemRoot\system32\drivers\mmrtkrnl.sys" .\debug.cpp(256) : 0xba5dc000 0x00002000 "\SystemRoot\system32\DRIVERS\swenum.sys" .\debug.cpp(256) : 0xb8a7c000 0x0005e000 "\SystemRoot\system32\DRIVERS\update.sys" .\debug.cpp(256) : 0xb9cae000 0x00004000 "\SystemRoot\system32\DRIVERS\mssmbios.sys" .\debug.cpp(256) : 0xba198000 0x0000a000 "\SystemRoot\System32\Drivers\NDProxy.SYS" .\debug.cpp(256) : 0xba208000 0x0000f000 "\SystemRoot\system32\DRIVERS\usbhub.sys" .\debug.cpp(256) : 0xba5e4000 0x00002000 "\SystemRoot\system32\DRIVERS\USBD.SYS" .\debug.cpp(256) : 0xb6416000 0x00496000 "\SystemRoot\system32\drivers\RtkHDAud.sys" .\debug.cpp(256) : 0xb63f2000 0x00024000 "\SystemRoot\system32\drivers\portcls.sys" .\debug.cpp(256) : 0xba218000 0x0000f000 "\SystemRoot\system32\drivers\drmk.sys" .\debug.cpp(256) : 0xb9cea000 0x00003000 "\SystemRoot\System32\Drivers\i2omgmt.SYS" .\debug.cpp(256) : 0xba388000 0x00008000 "\SystemRoot\system32\DRIVERS\usbccgp.sys" .\debug.cpp(256) : 0xba5f4000 0x00002000 "\SystemRoot\System32\Drivers\Fs_Rec.SYS" .\debug.cpp(256) : 0xba720000 0x00001000 "\SystemRoot\System32\Drivers\Null.SYS" .\debug.cpp(256) : 0xba5f6000 0x00002000 "\SystemRoot\System32\Drivers\Beep.SYS" .\debug.cpp(256) : 0xba398000 0x00006000 "\SystemRoot\System32\Drivers\DLARTL_M.SYS" .\debug.cpp(256) : 0xba3a0000 0x00007000 "\SystemRoot\system32\DRIVERS\HIDPARSE.SYS" .\debug.cpp(256) : 0xba3a8000 0x00006000 "\SystemRoot\System32\drivers\vga.sys" .\debug.cpp(256) : 0xba5fa000 0x00002000 "\SystemRoot\System32\Drivers\mnmdd.SYS" .\debug.cpp(256) : 0xba5fc000 0x00002000 "\SystemRoot\System32\DRIVERS\RDPCDD.sys" .\debug.cpp(256) : 0xba3b0000 0x00005000 "\SystemRoot\System32\Drivers\Msfs.SYS" .\debug.cpp(256) : 0xba3b8000 0x00008000 "\SystemRoot\System32\Drivers\Npfs.SYS" .\debug.cpp(256) : 0xb9ce2000 0x00003000 "\SystemRoot\system32\DRIVERS\rasacd.sys" .\debug.cpp(256) : 0xb627c000 0x00013000 "\SystemRoot\system32\DRIVERS\ipsec.sys" .\debug.cpp(256) : 0xb6223000 0x00059000 "\SystemRoot\system32\DRIVERS\tcpip.sys" .\debug.cpp(256) : 0xb61fb000 0x00028000 "\SystemRoot\system32\DRIVERS\netbt.sys" .\debug.cpp(256) : 0xb61d5000 0x00026000 "\SystemRoot\system32\DRIVERS\ipnat.sys" .\debug.cpp(256) : 0xba238000 0x00009000 "\SystemRoot\system32\DRIVERS\wanarp.sys" .\debug.cpp(256) : 0xb61b3000 0x00022000 "\SystemRoot\System32\drivers\afd.sys" .\debug.cpp(256) : 0xba248000 0x00009000 "\SystemRoot\system32\DRIVERS\netbios.sys" .\debug.cpp(256) : 0xba268000 0x0000f000 "\SystemRoot\system32\DRIVERS\arp1394.sys" .\debug.cpp(256) : 0xba3c0000 0x00006000 "\SystemRoot\system32\DRIVERS\ssmdrv.sys" .\debug.cpp(256) : 0xb60e8000 0x0002b000 "\SystemRoot\system32\DRIVERS\rdbss.sys" .\debug.cpp(256) : 0xb6078000 0x00070000 "\SystemRoot\system32\DRIVERS\mrxsmb.sys" .\debug.cpp(256) : 0xba278000 0x0000b000 "\SystemRoot\System32\Drivers\Fips.SYS" .\debug.cpp(256) : 0xb600c000 0x0001c000 "\SystemRoot\system32\DRIVERS\avipbb.sys" .\debug.cpp(256) : 0xba604000 0x00002000 "\??\C:\Programme\Avira\AntiVir Desktop\avgio.sys" .\debug.cpp(256) : 0xba3d8000 0x00007000 "\SystemRoot\system32\DRIVERS\USBSTOR.SYS" .\debug.cpp(256) : 0xb68f0000 0x00003000 "\SystemRoot\system32\DRIVERS\hidusb.sys" .\debug.cpp(256) : 0xba2a8000 0x00009000 "\SystemRoot\system32\DRIVERS\HIDCLASS.SYS" .\debug.cpp(256) : 0xb63d5000 0x00004000 "\SystemRoot\system32\DRIVERS\usbscan.sys" .\debug.cpp(256) : 0xba3e8000 0x00007000 "\SystemRoot\system32\DRIVERS\usbprint.sys" .\debug.cpp(256) : 0xb63c9000 0x00004000 "\SystemRoot\system32\DRIVERS\kbdhid.sys" .\debug.cpp(256) : 0xb63c5000 0x00003000 "\SystemRoot\system32\DRIVERS\mouhid.sys" .\debug.cpp(256) : 0xb9508000 0x00010000 "\SystemRoot\System32\Drivers\Cdfs.SYS" .\debug.cpp(256) : 0xb5fa4000 0x00018000 "\SystemRoot\System32\Drivers\dump_atapi.sys" .\debug.cpp(256) : 0xba636000 0x00002000 "\SystemRoot\System32\Drivers\dump_WMILIB.SYS" .\debug.cpp(256) : 0xbf800000 0x001c5000 "\SystemRoot\System32\win32k.sys" .\debug.cpp(256) : 0xb62bf000 0x00003000 "\SystemRoot\System32\drivers\Dxapi.sys" .\debug.cpp(256) : 0xba418000 0x00005000 "\SystemRoot\System32\watchdog.sys" .\debug.cpp(256) : 0xbf000000 0x00012000 "\SystemRoot\System32\drivers\dxg.sys" .\debug.cpp(256) : 0xba7ad000 0x00001000 "\SystemRoot\System32\drivers\dxgthk.sys" .\debug.cpp(256) : 0xbf012000 0x00580000 "\SystemRoot\System32\nv4_disp.dll" .\debug.cpp(256) : 0xbffa0000 0x00046000 "\SystemRoot\System32\ATMFD.DLL" .\debug.cpp(256) : 0xb5c78000 0x00014000 "\SystemRoot\system32\DRIVERS\avgntflt.sys" .\debug.cpp(256) : 0xba1e8000 0x0000b000 "\SystemRoot\System32\Drivers\DRVNDDM.SYS" .\debug.cpp(256) : 0xba6eb000 0x00001000 "\SystemRoot\System32\Drivers\DLADResM.SYS" .\debug.cpp(256) : 0xb5c37000 0x00019000 "\SystemRoot\System32\Drivers\DLAIFS_M.SYS" .\debug.cpp(256) : 0xba420000 0x00006000 "\SystemRoot\System32\Drivers\DLAOPIOM.SYS" .\debug.cpp(256) : 0xb5ccc000 0x00003000 "\SystemRoot\System32\Drivers\DLAPoolM.SYS" .\debug.cpp(256) : 0xba428000 0x00008000 "\SystemRoot\System32\Drivers\DLABMFSM.SYS" .\debug.cpp(256) : 0xba430000 0x00007000 "\SystemRoot\System32\Drivers\DLABOIOM.SYS" .\debug.cpp(256) : 0xb5bf9000 0x00016000 "\SystemRoot\System32\Drivers\DLAUDFAM.SYS" .\debug.cpp(256) : 0xb5be2000 0x00017000 "\SystemRoot\System32\Drivers\DLAUDF_M.SYS" .\debug.cpp(256) : 0xb5bde000 0x00004000 "\SystemRoot\system32\DRIVERS\ndisuio.sys" .\debug.cpp(256) : 0xb5a96000 0x00003000 "\SystemRoot\System32\Drivers\MarxDev1.SYS" .\debug.cpp(256) : 0xb5a92000 0x00003000 "\SystemRoot\System32\Drivers\MarxDev2.SYS" .\debug.cpp(256) : 0xb5a8e000 0x00003000 "\SystemRoot\System32\Drivers\MarxDev3.SYS" .\debug.cpp(256) : 0xb5a86000 0x00004000 "\SystemRoot\System32\Drivers\Aspi32.SYS" .\debug.cpp(256) : 0xb581b000 0x00057000 "\SystemRoot\system32\DRIVERS\srv.sys" .\debug.cpp(256) : 0xb57de000 0x00015000 "\SystemRoot\system32\drivers\wdmaud.sys" .\debug.cpp(256) : 0xb6123000 0x0000f000 "\SystemRoot\system32\drivers\sysaudio.sys" .\debug.cpp(256) : 0xb48c2000 0x00003000 "\SystemRoot\system32\DRIVERS\LANPkt.sys" .\debug.cpp(256) : 0xb50a0000 0x00003000 "\SystemRoot\System32\Drivers\Diag69xp.sys" .\debug.cpp(256) : 0x7c910000 0x000b9000 "\WINDOWS\system32\ntdll.dll" .\debug.cpp(263) : ********************************************** .\debug.cpp(307) : *** [ DEVICE OBJECTS INFORMATION ] *********** .\debug.cpp(308) : ********************************************** .\debug.cpp(369) : SymbolicLink "\GLOBAL??\D:" .\debug.cpp(400) : Destination "\Device\HarddiskVolume3" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\Volume{cbb428c0-6ee9-11dd-9cfc-806d6172696f}" .\debug.cpp(400) : Destination "\Device\HarddiskVolume2" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\IDE#CdRomTSSTcorp_DVD-ROM_TS-H353B_______________D500____#5&1ab7cbc9&0&0.1.0#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}" .\debug.cpp(400) : Destination "\Device\Ide\IdeDeviceP0T1L0-c" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\NDIS" .\debug.cpp(400) : Destination "\Device\Ndis" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\HDAUDIO#FUNC_01&VEN_10EC&DEV_0888&SUBSYS_10280278&REV_1000#4&2498870a&0&0201#{65e8773e-8f56-11d0-a3b9-00a0c9223196}" .\debug.cpp(400) : Destination "\Device\0000007b" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\Scsi3:" .\debug.cpp(400) : Destination "\Device\Ide\IdePort3" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\{60F5FADD-9D1A-4F53-9A68-D06B14ADC7DA}" .\debug.cpp(400) : Destination "\Device\{60F5FADD-9D1A-4F53-9A68-D06B14ADC7DA}" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\DISPLAY1" .\debug.cpp(400) : Destination "\Device\Video0" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\IDE#CdRomTSSTcorp_DVD+-RW_TS-H653B_______________D300____#5&7fe1b24&0&0.1.0#{53f56308-b6bf-11d0-94f2-00a0c91efb8b}" .\debug.cpp(400) : Destination "\Device\Ide\IdeDeviceP1T1L0-20" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#SYSTEM#0000#{ffbb6e3f-ccfe-4d84-90d9-421418b03a8e}" .\debug.cpp(400) : Destination "\Device\0000003c" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\USB#Vid_04a9&Pid_172c#11D3A5#{a5dcbf10-6530-11d2-901f-00c04fb951ed}" .\debug.cpp(400) : Destination "\Device\USBPDO-9" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\DISPLAY2" .\debug.cpp(400) : Destination "\Device\Video1" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#SYSTEM#0000#{71985f4a-1ca1-11d3-9cc8-00c04f7971e0}" .\debug.cpp(400) : Destination "\Device\0000003c" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#MS_PPPOEMINIPORT#0000#{ad498944-762f-11d0-8dcb-00c04fc3358c}" .\debug.cpp(400) : Destination "\Device\00000032" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\ACPI#GenuineIntel_-_x86_Family_6_Model_23#_1#{97fadb10-4e33-40ae-359c-8bef029dbdd0}" .\debug.cpp(400) : Destination "\Device\00000042" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\DmIoDaemon" .\debug.cpp(400) : Destination "\Device\DmControl\DmIoDaemon" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\ACPI#PNP0C0C#2&daba3ff&0#{4afa3d53-74a7-11d0-be5e-00a0c9062857}" .\debug.cpp(400) : Destination "\Device\00000045" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\Volume{84c60694-f560-11dd-9e81-002268b304ea}" .\debug.cpp(400) : Destination "\Device\Harddisk6\DP(1)0-0+e" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\Ip" .\debug.cpp(400) : Destination "\Device\Ip" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\USB#Vid_0644&Pid_0200#000001153959#{a5dcbf10-6530-11d2-901f-00c04fb951ed}" .\debug.cpp(400) : Destination "\Device\USBPDO-10" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\DISPLAY3" .\debug.cpp(400) : Destination "\Device\Video2" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\USB#ROOT_HUB#4&183a7a8c&0#{f18a0e88-c30c-11d0-8815-00a0c906bed8}" .\debug.cpp(400) : Destination "\Device\USBPDO-4" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\E:" .\debug.cpp(400) : Destination "\Device\CdRom0" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\USBSTOR#Disk&Ven_TEAC&Prod_USB___HS-SD_Card&Rev_4.08#000001153959&3#{53f56307-b6bf-11d0-94f2-00a0c91efb8b}" .\debug.cpp(400) : Destination "\Device\0000008a" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\avgio" .\debug.cpp(400) : Destination "\Device\avgio" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\IPSECDev" .\debug.cpp(400) : Destination "\Device\IPSEC" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\DISPLAY4" .\debug.cpp(400) : Destination "\Device\Video3" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\{5D65CB0E-1A95-431B-8DF8-03683B341252}" .\debug.cpp(400) : Destination "\Device\{5D65CB0E-1A95-431B-8DF8-03683B341252}" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#MS_NDISWANIP#0000#{ad498944-762f-11d0-8dcb-00c04fc3358c}" .\debug.cpp(400) : Destination "\Device\00000031" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\ACPI#GenuineIntel_-_x86_Family_6_Model_23#_3#{97fadb10-4e33-40ae-359c-8bef029dbdd0}" .\debug.cpp(400) : Destination "\Device\00000044" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\Volume{cbb428c7-6ee9-11dd-9cfc-806d6172696f}" .\debug.cpp(400) : Destination "\Device\Harddisk5\DP(1)0-0+d" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\NDPROXY" .\debug.cpp(400) : Destination "\Device\NDProxy" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#SYSTEM#0000#{9aa4a2cc-81e0-4cfd-802f-0f74526d2bd3}" .\debug.cpp(400) : Destination "\Device\0000003c" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\STORAGE#RemovableMedia#8&13318303&0&RM#{53f5630a-b6bf-11d0-94f2-00a0c91efb8b}" .\debug.cpp(400) : Destination "\Device\Harddisk6\DP(1)0-0+e" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#SYSTEM#0000#{3c0d501a-140b-11d1-b40f-00a0c9223196}" .\debug.cpp(400) : Destination "\Device\0000003c" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#SYSTEM#0000#{fd0a5af4-b41d-11d2-9c95-00c04f7971e0}" .\debug.cpp(400) : Destination "\Device\0000003c" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\{1B2658EA-F73B-418A-B2EB-073F8A216FB8}" .\debug.cpp(400) : Destination "\Device\{1B2658EA-F73B-418A-B2EB-073F8A216FB8}" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\RdpDrDvMgr" .\debug.cpp(400) : Destination "\Device\RdpDrDvMgr" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\HID#Vid_046d&Pid_c517&MI_00#7&18a8479&0&0000#{4d1e55b2-f16f-11cf-88cb-001111000030}" .\debug.cpp(400) : Destination "\Device\0000008b" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\PCI#VEN_8086&DEV_293A&SUBSYS_02781028&REV_02#3&2411e6fe&0&EF#{3abf6f2d-71c4-462a-8a92-1e6861e6af27}" .\debug.cpp(400) : Destination "\Device\NTPNP_PCI0013" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\WMIDataDevice" .\debug.cpp(400) : Destination "\Device\WMIDataDevice" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\STORAGE#RemovableMedia#7&2e36cf93&0&RM#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}" .\debug.cpp(400) : Destination "\Device\Harddisk4\DP(1)0-0+c" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\Volume{cbb428c2-6ee9-11dd-9cfc-806d6172696f}" .\debug.cpp(400) : Destination "\Device\CdRom0" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\Volume{cbb428c6-6ee9-11dd-9cfc-806d6172696f}" .\debug.cpp(400) : Destination "\Device\Harddisk4\DP(1)0-0+c" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\F:" .\debug.cpp(400) : Destination "\Device\CdRom1" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\USB#ROOT_HUB#4&20cc1c9c&0#{f18a0e88-c30c-11d0-8815-00a0c906bed8}" .\debug.cpp(400) : Destination "\Device\USBPDO-5" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\STORAGE#RemovableMedia#8&13318303&0&RM#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}" .\debug.cpp(400) : Destination "\Device\Harddisk6\DP(1)0-0+e" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\STORAGE#RemovableMedia#7&3206b847&0&RM#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}" .\debug.cpp(400) : Destination "\Device\Harddisk2\DP(1)0-0+a" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\RTLPKT_{07DEBA0A-1108-4C50-A0FA-BF3C7AAB8D94}" .\debug.cpp(400) : Destination "\Device\RTLPKT_{07DEBA0A-1108-4C50-A0FA-BF3C7AAB8D94}" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#SYSTEM#0000#{dff220f3-f70f-11d0-b917-00a0c9223196}" .\debug.cpp(400) : Destination "\Device\0000003c" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\avgntflt" .\debug.cpp(400) : Destination "\FileSystem\Filters\avgntflt" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\PCI#VEN_8086&DEV_2939&SUBSYS_02781028&REV_02#3&2411e6fe&0&D2#{3abf6f2d-71c4-462a-8a92-1e6861e6af27}" .\debug.cpp(400) : Destination "\Device\NTPNP_PCI0004" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\ACPI#GenuineIntel_-_x86_Family_6_Model_23#_0#{97fadb10-4e33-40ae-359c-8bef029dbdd0}" .\debug.cpp(400) : Destination "\Device\00000041" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\PIPE" .\debug.cpp(400) : Destination "\Device\NamedPipe" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\Usbscan0" .\debug.cpp(400) : Destination "\Device\Usbscan0" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\USB#Vid_04a9&Pid_172c&MI_00#6&1d32a1&0&0000#{6bdd1fc6-810f-11d0-bec7-08002be2092f}" .\debug.cpp(400) : Destination "\Device\00000082" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\SW#{a7c7a5b0-5af3-11d1-9ced-00a024bf0407}#{9B365890-165F-11D0-A195-0020AFD156E4}#{d6c5066e-72c1-11d2-9755-0000f8004788}" .\debug.cpp(400) : Destination "\Device\KSENUM#00000002" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#SYSTEM#0000#{2eb07ea0-7e70-11d0-a5d6-28db04c10000}" .\debug.cpp(400) : Destination "\Device\0000003c" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\USB#ROOT_HUB20#4&2574b651&0#{f18a0e88-c30c-11d0-8815-00a0c906bed8}" .\debug.cpp(400) : Destination "\Device\USBPDO-1" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\STORAGE#RemovableMedia#7&7faa55a&0&RM#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}" .\debug.cpp(400) : Destination "\Device\Harddisk5\DP(1)0-0+d" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\G:" .\debug.cpp(400) : Destination "\Device\Harddisk2\DP(1)0-0+a" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\UNC" .\debug.cpp(400) : Destination "\Device\Mup" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\IPNAT" .\debug.cpp(400) : Destination "\Device\IPNAT" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\USB#ROOT_HUB#4&303df5de&0#{f18a0e88-c30c-11d0-8815-00a0c906bed8}" .\debug.cpp(400) : Destination "\Device\USBPDO-7" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#SYSTEM#0000#{0a4252a0-7e70-11d0-a5d6-28db04c10000}" .\debug.cpp(400) : Destination "\Device\0000003c" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\PSched" .\debug.cpp(400) : Destination "\Device\PSched" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\GEARAspiWDMDevice" .\debug.cpp(400) : Destination "\Device\GEARAspiWDMDevice" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#SYSTEM#0000#{6994ad04-93ef-11d0-a3cc-00a0c9223196}" .\debug.cpp(400) : Destination "\Device\0000003c" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\HCD0" .\debug.cpp(400) : Destination "\Device\USBFDO-0" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\FltMgrMsg" .\debug.cpp(400) : Destination "\FileSystem\Filters\FltMgrMsg" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\Tcp" .\debug.cpp(400) : Destination "\Device\Tcp" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\I2OExec" .\debug.cpp(400) : Destination "\Device\I2OExec" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\PCI#VEN_10EC&DEV_8168&SUBSYS_02781028&REV_02#4&e5b9abb&0&00E5#{ad498944-762f-11d0-8dcb-00c04fc3358c}" .\debug.cpp(400) : Destination "\Device\NTPNP_PCI0022" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\IDE#CdRomTSSTcorp_DVD+-RW_TS-H653B_______________D300____#5&7fe1b24&0&0.1.0#{1186654d-47b8-48b9-beb9-7df113ae3c67}" .\debug.cpp(400) : Destination "\Device\Ide\IdeDeviceP1T1L0-20" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\LCD" .\debug.cpp(400) : Destination "\Device\VideoPdo0" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\HCD1" .\debug.cpp(400) : Destination "\Device\USBFDO-1" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#MS_PTIMINIPORT#0000#{ad498944-762f-11d0-8dcb-00c04fc3358c}" .\debug.cpp(400) : Destination "\Device\00000037" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\PhysicalDrive0" .\debug.cpp(400) : Destination "\Device\Harddisk0\DR0" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\HID#Vid_046d&Pid_c517&MI_01&Col04#7&29f53242&0&0003#{4d1e55b2-f16f-11cf-88cb-001111000030}" .\debug.cpp(400) : Destination "\Device\0000008f" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\HID#Vid_046d&Pid_c517&MI_01&Col03#7&29f53242&0&0002#{4d1e55b2-f16f-11cf-88cb-001111000030}" .\debug.cpp(400) : Destination "\Device\0000008e" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\USBSTOR#Disk&Ven_TEAC&Prod_USB___HS-CF_Card&Rev_4.08#000001153959&0#{53f56307-b6bf-11d0-94f2-00a0c91efb8b}" .\debug.cpp(400) : Destination "\Device\00000087" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\PRN" .\debug.cpp(400) : Destination "\DosDevices\LPT1" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\PCI#VEN_8086&DEV_293C&SUBSYS_02781028&REV_02#3&2411e6fe&0&D7#{3abf6f2d-71c4-462a-8a92-1e6861e6af27}" .\debug.cpp(400) : Destination "\Device\NTPNP_PCI0005" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\HCD2" .\debug.cpp(400) : Destination "\Device\USBFDO-2" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\USB#ROOT_HUB#4&a169679&0#{f18a0e88-c30c-11d0-8815-00a0c906bed8}" .\debug.cpp(400) : Destination "\Device\USBPDO-0" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#SYSTEM#0000#{cf1dda2c-9743-11d0-a3ee-00a0c9223196}" .\debug.cpp(400) : Destination "\Device\0000003c" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#SYSTEM#0000#{53172480-4791-11d0-a5d6-28db04c10000}" .\debug.cpp(400) : Destination "\Device\0000003c" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#MS_PSCHEDMP#0001#{ad498944-762f-11d0-8dcb-00c04fc3358c}" .\debug.cpp(400) : Destination "\Device\00000035" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\H:" .\debug.cpp(400) : Destination "\Device\Harddisk3\DP(1)0-0+b" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\HID#Vid_046d&Pid_c517&MI_01&Col01#7&29f53242&0&0000#{4d1e55b2-f16f-11cf-88cb-001111000030}" .\debug.cpp(400) : Destination "\Device\0000008c" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\PhysicalDrive1" .\debug.cpp(400) : Destination "\Device\Harddisk1\DR1" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\sysaudio" .\debug.cpp(400) : Destination "\Device\sysaudio" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\USB#Vid_046d&Pid_c517#5&8b3c571&0&2#{a5dcbf10-6530-11d2-901f-00c04fb951ed}" .\debug.cpp(400) : Destination "\Device\USBPDO-8" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\fsWrap" .\debug.cpp(400) : Destination "\Device\FsWrap" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#MS_PSCHEDMP#0002#{ad498944-762f-11d0-8dcb-00c04fc3358c}" .\debug.cpp(400) : Destination "\Device\00000036" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#MS_PSCHEDMP#0000#{ad498944-762f-11d0-8dcb-00c04fc3358c}" .\debug.cpp(400) : Destination "\Device\00000034" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\HCD3" .\debug.cpp(400) : Destination "\Device\USBFDO-3" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#SYSTEM#0000#{97ebaacb-95bd-11d0-a3ea-00a0c9223196}" .\debug.cpp(400) : Destination "\Device\0000003c" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\CdRom0" .\debug.cpp(400) : Destination "\Device\CdRom0" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\Volume{cbb428c1-6ee9-11dd-9cfc-806d6172696f}" .\debug.cpp(400) : Destination "\Device\HarddiskVolume3" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\PhysicalDrive2" .\debug.cpp(400) : Destination "\Device\Harddisk2\DR5" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\MbMmDp32" .\debug.cpp(400) : Destination "\Device\MbMmDp32" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\HDAUDIO#FUNC_01&VEN_10EC&DEV_0888&SUBSYS_10280278&REV_1000#4&2498870a&0&0201#{86841137-ed8e-4d97-9975-f2ed56b4430e}" .\debug.cpp(400) : Destination "\Device\0000007b" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\HCD4" .\debug.cpp(400) : Destination "\Device\USBFDO-4" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\CdRom1" .\debug.cpp(400) : Destination "\Device\CdRom1" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\PhysicalDrive3" .\debug.cpp(400) : Destination "\Device\Harddisk3\DR6" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\USBSTOR#Disk&Ven_TEAC&Prod_USB___HS-xD#SM&Rev_4.08#000001153959&1#{53f56307-b6bf-11d0-94f2-00a0c91efb8b}" .\debug.cpp(400) : Destination "\Device\00000088" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\HID#Vid_046d&Pid_c517&MI_01&Col01#7&29f53242&0&0000#{378de44c-56ef-11d1-bc8c-00a0c91405dd}" .\debug.cpp(400) : Destination "\Device\0000008c" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\HCD5" .\debug.cpp(400) : Destination "\Device\USBFDO-5" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\ACPI#FixedButton#2&daba3ff&0#{4afa3d53-74a7-11d0-be5e-00a0c9062857}" .\debug.cpp(400) : Destination "\Device\0000004a" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\Global" .\debug.cpp(400) : Destination "\GLOBAL??" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\Volume{cbb428c5-6ee9-11dd-9cfc-806d6172696f}" .\debug.cpp(400) : Destination "\Device\Harddisk3\DP(1)0-0+b" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\I:" .\debug.cpp(400) : Destination "\Device\Harddisk4\DP(1)0-0+c" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\PhysicalDrive4" .\debug.cpp(400) : Destination "\Device\Harddisk4\DR7" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\drvnddm" .\debug.cpp(400) : Destination "\Device\drvnddm" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\HCD6" .\debug.cpp(400) : Destination "\Device\USBFDO-6" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\PCI#VEN_8086&DEV_2937&SUBSYS_02781028&REV_02#3&2411e6fe&0&D0#{3abf6f2d-71c4-462a-8a92-1e6861e6af27}" .\debug.cpp(400) : Destination "\Device\NTPNP_PCI0002" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\PhysicalDrive5" .\debug.cpp(400) : Destination "\Device\Harddisk5\DR8" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\{441218EC-8F6C-48A3-94AD-B3D61356223E}" .\debug.cpp(400) : Destination "\Device\{441218EC-8F6C-48A3-94AD-B3D61356223E}" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\SW#{a7c7a5b0-5af3-11d1-9ced-00a024bf0407}#{9B365890-165F-11D0-A195-0020AFD156E4}#{d6c50671-72c1-11d2-9755-0000f8004788}" .\debug.cpp(400) : Destination "\Device\KSENUM#00000002" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\PCI#VEN_8086&DEV_2934&SUBSYS_02781028&REV_02#3&2411e6fe&0&E8#{3abf6f2d-71c4-462a-8a92-1e6861e6af27}" .\debug.cpp(400) : Destination "\Device\NTPNP_PCI0010" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\PCI#VEN_8086&DEV_2938&SUBSYS_02781028&REV_02#3&2411e6fe&0&D1#{3abf6f2d-71c4-462a-8a92-1e6861e6af27}" .\debug.cpp(400) : Destination "\Device\NTPNP_PCI0003" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\HCD7" .\debug.cpp(400) : Destination "\Device\USBFDO-7" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\ACPI#ThermalZone#THRM#{4afa3d51-74a7-11d0-be5e-00a0c9062857}" .\debug.cpp(400) : Destination "\Device\00000049" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#SYSTEM#0000#{3e227e76-690d-11d2-8161-0000f8775bf1}" .\debug.cpp(400) : Destination "\Device\0000003c" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\PhysicalDrive6" .\debug.cpp(400) : Destination "\Device\Harddisk6\DR9" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\{07DEBA0A-1108-4C50-A0FA-BF3C7AAB8D94}" .\debug.cpp(400) : Destination "\Device\{07DEBA0A-1108-4C50-A0FA-BF3C7AAB8D94}" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\HDAUDIO#FUNC_01&VEN_10EC&DEV_0888&SUBSYS_10280278&REV_1000#4&2498870a&0&0201#{6994ad04-93ef-11d0-a3cc-00a0c9223196}" .\debug.cpp(400) : Destination "\Device\0000007b" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#SYSTEM#0000#{ad809c00-7b88-11d0-a5d6-28db04c10000}" .\debug.cpp(400) : Destination "\Device\0000003c" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#SYSTEM#0000#{9ea331fa-b91b-45f8-9285-bd2bc77afcde}" .\debug.cpp(400) : Destination "\Device\0000003c" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\ARP1394" .\debug.cpp(400) : Destination "\Device\ARP1394" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\USB#ROOT_HUB#4&2da9c2ff&0#{f18a0e88-c30c-11d0-8815-00a0c906bed8}" .\debug.cpp(400) : Destination "\Device\USBPDO-2" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#SYSTEM#0000#{07dad660-22f1-11d1-a9f4-00c04fbbde8f}" .\debug.cpp(400) : Destination "\Device\0000003c" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\J:" .\debug.cpp(400) : Destination "\Device\Harddisk5\DP(1)0-0+d" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\STORAGE#RemovableMedia#7&7faa55a&0&RM#{53f5630a-b6bf-11d0-94f2-00a0c91efb8b}" .\debug.cpp(400) : Destination "\Device\Harddisk5\DP(1)0-0+d" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\USB#ROOT_HUB#4&113da56d&0#{f18a0e88-c30c-11d0-8815-00a0c906bed8}" .\debug.cpp(400) : Destination "\Device\USBPDO-3" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\MountPointManager" .\debug.cpp(400) : Destination "\Device\MountPointManager" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\SW#{a7c7a5b0-5af3-11d1-9ced-00a024bf0407}#{9B365890-165F-11D0-A195-0020AFD156E4}#{d6c50674-72c1-11d2-9755-0000f8004788}" .\debug.cpp(400) : Destination "\Device\KSENUM#00000002" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\STORAGE#RemovableMedia#7&3206b847&0&RM#{53f5630a-b6bf-11d0-94f2-00a0c91efb8b}" .\debug.cpp(400) : Destination "\Device\Harddisk2\DP(1)0-0+a" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\ssmctl" .\debug.cpp(400) : Destination "\Device\ssmctl" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#MS_L2TPMINIPORT#0000#{ad498944-762f-11d0-8dcb-00c04fc3358c}" .\debug.cpp(400) : Destination "\Device\00000030" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\{33DE7603-FB4C-4810-B32E-16D2B514A863}" .\debug.cpp(400) : Destination "\Device\{33DE7603-FB4C-4810-B32E-16D2B514A863}" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\ACPI#GenuineIntel_-_x86_Family_6_Model_23#_2#{97fadb10-4e33-40ae-359c-8bef029dbdd0}" .\debug.cpp(400) : Destination "\Device\00000043" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\DmConfig" .\debug.cpp(400) : Destination "\Device\DmControl\DmConfig" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\Diag69xp" .\debug.cpp(400) : Destination "\Device\Diag69xp" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\WanArp" .\debug.cpp(400) : Destination "\Device\WANARP" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\IDE#CdRomTSSTcorp_DVD-ROM_TS-H353B_______________D500____#5&1ab7cbc9&0&0.1.0#{53f56308-b6bf-11d0-94f2-00a0c91efb8b}" .\debug.cpp(400) : Destination "\Device\Ide\IdeDeviceP0T1L0-c" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\IDE#DiskSAMSUNG_HD251HJ_________________________1AC01113#5&7fe1b24&0&0.0.0#{53f56307-b6bf-11d0-94f2-00a0c91efb8b}" .\debug.cpp(400) : Destination "\Device\Ide\IdeDeviceP1T0L0-18" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\IDE#DiskSAMSUNG_HD251HJ_________________________1AC01113#5&1ab7cbc9&0&0.0.0#{53f56307-b6bf-11d0-94f2-00a0c91efb8b}" .\debug.cpp(400) : Destination "\Device\Ide\IdeDeviceP0T0L0-4" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\RealTekCard" .\debug.cpp(400) : Destination "\Device\RealTekCard" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#ftdisk#0000#{53f5630e-b6bf-11d0-94f2-00a0c91efb8b}" .\debug.cpp(400) : Destination "\Device\00000003" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\PCI#VEN_8086&DEV_2936&SUBSYS_02781028&REV_02#3&2411e6fe&0&EA#{3abf6f2d-71c4-462a-8a92-1e6861e6af27}" .\debug.cpp(400) : Destination "\Device\NTPNP_PCI0012" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\{D173229D-FB7D-4710-8E5B-D150CAE49CAA}" .\debug.cpp(400) : Destination "\Device\{D173229D-FB7D-4710-8E5B-D150CAE49CAA}" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\DmTrace" .\debug.cpp(400) : Destination "\Device\DmControl\DmTrace" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\STORAGE#RemovableMedia#7&2e36cf93&0&RM#{53f5630a-b6bf-11d0-94f2-00a0c91efb8b}" .\debug.cpp(400) : Destination "\Device\Harddisk4\DP(1)0-0+c" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\STORAGE#RemovableMedia#7&31e2fe1d&0&RM#{53f5630a-b6bf-11d0-94f2-00a0c91efb8b}" .\debug.cpp(400) : Destination "\Device\Harddisk3\DP(1)0-0+b" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#SYSTEM#0000#{ad498944-762f-11d0-8dcb-00c04fc3358c}" .\debug.cpp(400) : Destination "\Device\0000003c" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\NDISWANIP" .\debug.cpp(400) : Destination "\Device\NdisWanIp" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#dmio#0000#{53f5630e-b6bf-11d0-94f2-00a0c91efb8b}" .\debug.cpp(400) : Destination "\Device\00000002" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\IDE#CdRomTSSTcorp_DVD+-RW_TS-H653B_______________D300____#5&7fe1b24&0&0.1.0#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}" .\debug.cpp(400) : Destination "\Device\Ide\IdeDeviceP1T1L0-20" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#SYSTEM#0000#{bf963d80-c559-11d0-8a2b-00a0c9255ac1}" .\debug.cpp(400) : Destination "\Device\0000003c" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\SW#{a7c7a5b0-5af3-11d1-9ced-00a024bf0407}#{9B365890-165F-11D0-A195-0020AFD156E4}#{fbf6f530-07b9-11d2-a71e-0000f8004788}" .\debug.cpp(400) : Destination "\Device\KSENUM#00000002" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\HID#Vid_046d&Pid_c517&MI_00#7&18a8479&0&0000#{884b96c3-56ef-11d1-bc8c-00a0c91405dd}" .\debug.cpp(400) : Destination "\Device\0000008b" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\Scsi0:" .\debug.cpp(400) : Destination "\Device\Ide\IdePort0" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\PCI#VEN_8086&DEV_2935&SUBSYS_02781028&REV_02#3&2411e6fe&0&E9#{3abf6f2d-71c4-462a-8a92-1e6861e6af27}" .\debug.cpp(400) : Destination "\Device\NTPNP_PCI0011" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\STORAGE#Volume#1&30a96598&0&Signature23F12D67Offset5649600Length3A2EBCDA00#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}" .\debug.cpp(400) : Destination "\Device\HarddiskVolume2" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\L:" .\debug.cpp(400) : Destination "\Device\Harddisk6\DP(1)0-0+e" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\{FA518659-6A32-47CC-B13F-FCC8C797E7B1}" .\debug.cpp(400) : Destination "\Device\{FA518659-6A32-47CC-B13F-FCC8C797E7B1}" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\HDAUDIO#FUNC_01&VEN_10EC&DEV_0888&SUBSYS_10280278&REV_1000#4&2498870a&0&0201#{dda54a40-1e4c-11d1-a050-405705c10000}" .\debug.cpp(400) : Destination "\Device\0000007b" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\USB#ROOT_HUB20#4&342fe76a&0#{f18a0e88-c30c-11d0-8815-00a0c906bed8}" .\debug.cpp(400) : Destination "\Device\USBPDO-6" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\1394BUS0" .\debug.cpp(400) : Destination "\Device\1394BUS0" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\USB#Vid_04a9&Pid_172c&MI_03#6&1d32a1&0&0003#{28d78fad-5a12-11d1-ae5b-0000f803a8c2}" .\debug.cpp(400) : Destination "\Device\00000085" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#SYSTEM#0000#{4747b320-62ce-11cf-a5d6-28db04c10000}" .\debug.cpp(400) : Destination "\Device\0000003c" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#MS_PPTPMINIPORT#0000#{ad498944-762f-11d0-8dcb-00c04fc3358c}" .\debug.cpp(400) : Destination "\Device\00000033" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\PTILINK1" .\debug.cpp(400) : Destination "\Device\ParTechInc0" .\debug.cpp(409) : -- .\debug.cpp(369) : Device "\GLOBAL??\MMRTKRNL" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\Volume{cbb428c3-6ee9-11dd-9cfc-806d6172696f}" .\debug.cpp(400) : Destination "\Device\CdRom1" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#SYSTEM#0000#{a7c7a5b1-5af3-11d1-9ced-00a024bf0407}" .\debug.cpp(400) : Destination "\Device\0000003c" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\NDISTAPI" .\debug.cpp(400) : Destination "\Device\NdisTapi" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\NdisWan" .\debug.cpp(400) : Destination "\Device\NdisWan" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\Scsi1:" .\debug.cpp(400) : Destination "\Device\Ide\IdePort1" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\IPMULTICAST" .\debug.cpp(400) : Destination "\Device\IPMULTICAST" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\PTILINK2" .\debug.cpp(400) : Destination "\Device\ParTechInc1" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\DmLoader" .\debug.cpp(400) : Destination "\Device\DmLoader" .\debug.cpp(409) : -- .\debug.cpp(369) : Device "\GLOBAL??\DLAIFS" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\STORAGE#RemovableMedia#7&31e2fe1d&0&RM#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}" .\debug.cpp(400) : Destination "\Device\Harddisk3\DP(1)0-0+b" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\Shadow" .\debug.cpp(400) : Destination "\Device\LanmanRedirector" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\MARXDEV1" .\debug.cpp(400) : Destination "\Device\MDEV1" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\PTILINK3" .\debug.cpp(400) : Destination "\Device\ParTechInc2" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\drvmcdb" .\debug.cpp(400) : Destination "\Device\drvmcdb" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\FltMgr" .\debug.cpp(400) : Destination "\FileSystem\Filters\FltMgr" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\MARXDEV2" .\debug.cpp(400) : Destination "\Device\MDEV2" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\PCI#VEN_10DE&DEV_0611&SUBSYS_053C10DE&REV_A2#4&b71b61b&0&0008#{5b45201d-f2f2-4f3b-85bb-30ff1f953599}" .\debug.cpp(400) : Destination "\Device\NTPNP_PCI0020" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\FtControl" .\debug.cpp(400) : Destination "\Device\FtControl" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\C:" .\debug.cpp(400) : Destination "\Device\HarddiskVolume2" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\HID#Vid_046d&Pid_c517&MI_01&Col05#7&29f53242&0&0004#{4d1e55b2-f16f-11cf-88cb-001111000030}" .\debug.cpp(400) : Destination "\Device\00000090" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\HID#Vid_046d&Pid_c517&MI_01&Col02#7&29f53242&0&0001#{4d1e55b2-f16f-11cf-88cb-001111000030}" .\debug.cpp(400) : Destination "\Device\0000008d" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\MARXDEV3" .\debug.cpp(400) : Destination "\Device\MDEV3" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\USBSTOR#Disk&Ven_Canon&Prod_MX850_series&Rev_1060#7&2d18dba1&0&11D3A5&0#{53f56307-b6bf-11d0-94f2-00a0c91efb8b}" .\debug.cpp(400) : Destination "\Device\00000092" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\MAILSLOT" .\debug.cpp(400) : Destination "\Device\MailSlot" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\AUX" .\debug.cpp(400) : Destination "\DosDevices\COM1" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\PCI#VEN_14E4&DEV_4328&SUBSYS_000A1028&REV_03#4&3597c417&0&00E2#{ad498944-762f-11d0-8dcb-00c04fc3358c}" .\debug.cpp(400) : Destination "\Device\NTPNP_PCI0021" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\{3A9FC0D5-546D-4D41-B573-C796E6C5DBC2}" .\debug.cpp(400) : Destination "\Device\{3A9FC0D5-546D-4D41-B573-C796E6C5DBC2}" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\Ndisuio" .\debug.cpp(400) : Destination "\Device\Ndisuio" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\GLOBALROOT" .\debug.cpp(400) : Destination "" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\USBSTOR#Disk&Ven_TEAC&Prod_USB___HS-MS_Card&Rev_4.08#000001153959&2#{53f56307-b6bf-11d0-94f2-00a0c91efb8b}" .\debug.cpp(400) : Destination "\Device\00000089" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#RDP_MOU#0000#{378de44c-56ef-11d1-bc8c-00a0c91405dd}" .\debug.cpp(400) : Destination "\Device\0000003a" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\Scsi2:" .\debug.cpp(400) : Destination "\Device\Ide\IdePort2" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\NUL" .\debug.cpp(400) : Destination "\Device\Null" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\{63B20959-98C5-45C2-BB34-D15B23B7E84F}" .\debug.cpp(400) : Destination "\Device\{63B20959-98C5-45C2-BB34-D15B23B7E84F}" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\STORAGE#Volume#1&30a96598&0&Signature81Offset7E00Length3A349E7400#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}" .\debug.cpp(400) : Destination "\Device\HarddiskVolume3" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#RDP_KBD#0000#{884b96c3-56ef-11d1-bc8c-00a0c91405dd}" .\debug.cpp(400) : Destination "\Device\00000039" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\PCI#VEN_11C1&DEV_5811&SUBSYS_80101028&REV_61#4&bb29fa6&0&08F0#{6bdd1fc1-810f-11d0-bec7-08002be2092f}" .\debug.cpp(400) : Destination "\Device\NTPNP_PCI0019" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\Volume{cbb428c4-6ee9-11dd-9cfc-806d6172696f}" .\debug.cpp(400) : Destination "\Device\Harddisk2\DP(1)0-0+a" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\RTLPKT_{FA518659-6A32-47CC-B13F-FCC8C797E7B1}" .\debug.cpp(400) : Destination "\Device\RTLPKT_{FA518659-6A32-47CC-B13F-FCC8C797E7B1}" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\RTLPKT" .\debug.cpp(400) : Destination "\Device\RTLPKT" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\avipbb" .\debug.cpp(400) : Destination "\Device\avipbb" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\HDAUDIO#FUNC_01&VEN_10EC&DEV_0888&SUBSYS_10280278&REV_1000#4&2498870a&0&0201#{65e8773d-8f56-11d0-a3b9-00a0c9223196}" .\debug.cpp(400) : Destination "\Device\0000007b" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\USB#Vid_04a9&Pid_172c&MI_01#6&1d32a1&0&0001#{28d78fad-5a12-11d1-ae5b-0000f803a8c2}" .\debug.cpp(400) : Destination "\Device\00000083" .\debug.cpp(409) : -- .\debug.cpp(369) : SymbolicLink "\GLOBAL??\DmInfo" .\debug.cpp(400) : Destination "\Device\DmControl\DmInfo" .\debug.cpp(409) : -- .\debug.cpp(453) : ********************************************** .\boot_cleaner.cpp(565) : System volume is \\.\C: .\boot_cleaner.cpp(600) : \\.\C: -> \\.\PhysicalDrive0 at offset 0x00000000`05649600 .\boot_cleaner.cpp(276) : Boot sector MD5 is: 6def5ffcbcdbdb4082f1015625e597bd .\boot_cleaner.cpp(1060) : .\boot_cleaner.cpp(1061) : Size Device Name MBR Status .\boot_cleaner.cpp(1062) : -------------------------------------------- .\boot_cleaner.cpp(1106) : 232 GB \\.\PhysicalDrive0 OK (DOS/Win32 Boot code found) .\boot_cleaner.cpp(1112) : .\boot_cleaner.cpp(1151) : Done; |
|
| Themen zu 20 tans werden abgefragt onlinebanking => rootkit? |
| 20 tans, andere, automatisch, compu, computer, ebanking, erfolg, fenster, funktionieren, heute, inter, interne, internetseite, internetseiten, laden, onlinebanking, rootkit, rootkit?, seiten, tagen, tans, unterstützung, wenige, wenigen |
Hybrid-Darstellung
