Re: Problém s virem
Napsal: 05 črc 2010 17:07
od Ti2sto
ROOTREPEAL (c) AD, 2007-2009
==================================================
Scan Start Time: 2010/07/05 18:06
Program Version: Version 1.3.5.0
Windows Version: Windows Vista SP2
==================================================
Drivers
-------------------
Name: 1394BUS.SYS
Image Path: C:\Windows\system32\DRIVERS\1394BUS.SYS
Address: 0x89357000 Size: 57344 File Visible: - Signed: -
Status: -
Name: acpi.sys
Image Path: C:\Windows\system32\drivers\acpi.sys
Address: 0x80609000 Size: 286720 File Visible: - Signed: -
Status: -
Name: ACPI_HAL
Image Path: \Driver\ACPI_HAL
Address: 0x81A02000 Size: 3903488 File Visible: - Signed: -
Status: -
Name: afd.sys
Image Path: C:\Windows\system32\drivers\afd.sys
Address: 0x8A929000 Size: 294912 File Visible: - Signed: -
Status: -
Name: amdk8.sys
Image Path: C:\Windows\system32\DRIVERS\amdk8.sys
Address: 0x85930000 Size: 65536 File Visible: - Signed: -
Status: -
Name: atapi.sys
Image Path: C:\Windows\system32\drivers\atapi.sys
Address: 0x80714000 Size: 32768 File Visible: - Signed: -
Status: -
Name: ataport.SYS
Image Path: C:\Windows\system32\drivers\ataport.SYS
Address: 0x8071C000 Size: 122880 File Visible: - Signed: -
Status: -
Name: BdaSup.SYS
Image Path: C:\Windows\system32\DRIVERS\BdaSup.SYS
Address: 0x89344000 Size: 12288 File Visible: - Signed: -
Status: -
Name: Beep.SYS
Image Path: C:\Windows\System32\Drivers\Beep.SYS
Address: 0x89F00000 Size: 28672 File Visible: - Signed: -
Status: -
Name: BOOTVID.dll
Image Path: C:\Windows\system32\BOOTVID.dll
Address: 0x80419000 Size: 32768 File Visible: - Signed: -
Status: -
Name: bowser.sys
Image Path: C:\Windows\system32\DRIVERS\bowser.sys
Address: 0x917B6000 Size: 102400 File Visible: - Signed: -
Status: -
Name: cdd.dll
Image Path: C:\Windows\System32\cdd.dll
Address: 0x92270000 Size: 57344 File Visible: - Signed: -
Status: -
Name: cdfs.sys
Image Path: C:\Windows\system32\DRIVERS\cdfs.sys
Address: 0x98B18000 Size: 90112 File Visible: - Signed: -
Status: -
Name: cdrom.sys
Image Path: C:\Windows\system32\DRIVERS\cdrom.sys
Address: 0x85997000 Size: 98304 File Visible: - Signed: -
Status: -
Name: CI.dll
Image Path: C:\Windows\system32\CI.dll
Address: 0x80462000 Size: 917504 File Visible: - Signed: -
Status: -
Name: CLASSPNP.SYS
Image Path: C:\Windows\system32\drivers\CLASSPNP.SYS
Address: 0x85BBF000 Size: 135168 File Visible: - Signed: -
Status: -
Name: CLFS.SYS
Image Path: C:\Windows\system32\CLFS.SYS
Address: 0x80421000 Size: 266240 File Visible: - Signed: -
Status: -
Name: crashdmp.sys
Image Path: C:\Windows\System32\Drivers\crashdmp.sys
Address: 0x8A9F3000 Size: 53248 File Visible: - Signed: -
Status: -
Name: crcdisk.sys
Image Path: C:\Windows\system32\drivers\crcdisk.sys
Address: 0x85BE0000 Size: 36864 File Visible: - Signed: -
Status: -
Name: dfsc.sys
Image Path: C:\Windows\System32\Drivers\dfsc.sys
Address: 0x89FDC000 Size: 94208 File Visible: - Signed: -
Status: -
Name: disk.sys
Image Path: C:\Windows\system32\drivers\disk.sys
Address: 0x85BAE000 Size: 69632 File Visible: - Signed: -
Status: -
Name: drmk.sys
Image Path: C:\Windows\system32\drivers\drmk.sys
Address: 0x8A1D8000 Size: 151552 File Visible: - Signed: -
Status: -
Name: dump_diskdump.sys
Image Path: C:\Windows\System32\Drivers\dump_diskdump.sys
Address: 0x89FF3000 Size: 40960 File Visible: No Signed: -
Status: -
Name: dump_nvstor32.sys
Image Path: C:\Windows\System32\Drivers\dump_nvstor32.sys
Address: 0x8590A000 Size: 118784 File Visible: No Signed: -
Status: -
Name: Dxapi.sys
Image Path: C:\Windows\System32\drivers\Dxapi.sys
Address: 0x9161D000 Size: 40960 File Visible: - Signed: -
Status: -
Name: dxgkrnl.sys
Image Path: C:\Windows\System32\drivers\dxgkrnl.sys
Address: 0x89B27000 Size: 651264 File Visible: - Signed: -
Status: -
Name: ecache.sys
Image Path: C:\Windows\System32\drivers\ecache.sys
Address: 0x85B87000 Size: 159744 File Visible: - Signed: -
Status: -
Name: fileinfo.sys
Image Path: C:\Windows\system32\drivers\fileinfo.sys
Address: 0x807CA000 Size: 65536 File Visible: - Signed: -
Status: -
Name: fltmgr.sys
Image Path: C:\Windows\system32\drivers\fltmgr.sys
Address: 0x80798000 Size: 204800 File Visible: - Signed: -
Status: -
Name: Fs_Rec.SYS
Image Path: C:\Windows\System32\Drivers\Fs_Rec.SYS
Address: 0x89EF0000 Size: 36864 File Visible: - Signed: -
Status: -
Name: fwpkclnt.sys
Image Path: C:\Windows\System32\drivers\fwpkclnt.sys
Address: 0x858EF000 Size: 110592 File Visible: - Signed: -
Status: -
Name: hal.dll
Image Path: C:\Windows\system32\hal.dll
Address: 0x81DBB000 Size: 208896 File Visible: - Signed: -
Status: -
Name: HDAudBus.sys
Image Path: C:\Windows\system32\DRIVERS\HDAudBus.sys
Address: 0x89365000 Size: 577536 File Visible: - Signed: -
Status: -
Name: HIDCLASS.SYS
Image Path: C:\Windows\system32\DRIVERS\HIDCLASS.SYS
Address: 0x807EE000 Size: 65536 File Visible: - Signed: -
Status: -
Name: HIDPARSE.SYS
Image Path: C:\Windows\system32\DRIVERS\HIDPARSE.SYS
Address: 0x89F10000 Size: 28672 File Visible: - Signed: -
Status: -
Name: hidusb.sys
Image Path: C:\Windows\system32\DRIVERS\hidusb.sys
Address: 0x8A400000 Size: 36864 File Visible: - Signed: -
Status: -
Name: HTTP.sys
Image Path: C:\Windows\system32\drivers\HTTP.sys
Address: 0x9172C000 Size: 446464 File Visible: - Signed: -
Status: -
Name: i8042prt.sys
Image Path: C:\Windows\system32\DRIVERS\i8042prt.sys
Address: 0x857E2000 Size: 77824 File Visible: - Signed: -
Status: -
Name: int15.sys
Image Path: C:\Acer\Empowering Technology\eRecovery\int15.sys
Address: 0x98B2E000 Size: 69632 File Visible: - Signed: -
Status: -
Name: kbdclass.sys
Image Path: C:\Windows\system32\DRIVERS\kbdclass.sys
Address: 0x857F5000 Size: 45056 File Visible: - Signed: -
Status: -
Name: kbdhid.sys
Image Path: C:\Windows\system32\DRIVERS\kbdhid.sys
Address: 0x89F07000 Size: 36864 File Visible: - Signed: -
Status: -
Name: kdcom.dll
Image Path: C:\Windows\system32\kdcom.dll
Address: 0x80401000 Size: 28672 File Visible: - Signed: -
Status: -
Name: kl1.sys
Image Path: C:\Windows\system32\DRIVERS\kl1.sys
Address: 0x8A409000 Size: 5373952 File Visible: - Signed: -
Status: -
Name: ks.sys
Image Path: C:\Windows\system32\DRIVERS\ks.sys
Address: 0x8931A000 Size: 172032 File Visible: - Signed: -
Status: -
Name: ksecdd.sys
Image Path: C:\Windows\System32\Drivers\ksecdd.sys
Address: 0x85600000 Size: 462848 File Visible: - Signed: -
Status: -
Name: lltdio.sys
Image Path: C:\Windows\system32\DRIVERS\lltdio.sys
Address: 0x91659000 Size: 65536 File Visible: - Signed: -
Status: -
Name: luafv.sys
Image Path: C:\Windows\system32\drivers\luafv.sys
Address: 0x91636000 Size: 110592 File Visible: - Signed: -
Status: -
Name: monitor.sys
Image Path: C:\Windows\system32\DRIVERS\monitor.sys
Address: 0x91627000 Size: 61440 File Visible: - Signed: -
Status: -
Name: mouclass.sys
Image Path: C:\Windows\system32\DRIVERS\mouclass.sys
Address: 0x893F4000 Size: 45056 File Visible: - Signed: -
Status: -
Name: mouhid.sys
Image Path: C:\Windows\system32\DRIVERS\mouhid.sys
Address: 0x89BF6000 Size: 32768 File Visible: - Signed: -
Status: -
Name: mountmgr.sys
Image Path: C:\Windows\System32\drivers\mountmgr.sys
Address: 0x80704000 Size: 65536 File Visible: - Signed: -
Status: -
Name: mpsdrv.sys
Image Path: C:\Windows\System32\drivers\mpsdrv.sys
Address: 0x917CF000 Size: 86016 File Visible: - Signed: -
Status: -
Name: mrxdav.sys
Image Path: C:\Windows\system32\drivers\mrxdav.sys
Address: 0x98A0B000 Size: 135168 File Visible: - Signed: -
Status: -
Name: mrxsmb.sys
Image Path: C:\Windows\system32\DRIVERS\mrxsmb.sys
Address: 0x98A2C000 Size: 126976 File Visible: - Signed: -
Status: -
Name: mrxsmb10.sys
Image Path: C:\Windows\system32\DRIVERS\mrxsmb10.sys
Address: 0x98A4B000 Size: 233472 File Visible: - Signed: -
Status: -
Name: mrxsmb20.sys
Image Path: C:\Windows\system32\DRIVERS\mrxsmb20.sys
Address: 0x98A84000 Size: 98304 File Visible: - Signed: -
Status: -
Name: Msfs.SYS
Image Path: C:\Windows\System32\Drivers\Msfs.SYS
Address: 0x89F54000 Size: 45056 File Visible: - Signed: -
Status: -
Name: msisadrv.sys
Image Path: C:\Windows\system32\drivers\msisadrv.sys
Address: 0x80658000 Size: 32768 File Visible: - Signed: -
Status: -
Name: msiscsi.sys
Image Path: C:\Windows\system32\DRIVERS\msiscsi.sys
Address: 0x805CB000 Size: 192512 File Visible: - Signed: -
Status: -
Name: MSPQM.sys
Image Path: C:\Windows\system32\drivers\MSPQM.sys
Address: 0x95320000 Size: 5504 File Visible: - Signed: -
Status: -
Name: msrpc.sys
Image Path: C:\Windows\system32\drivers\msrpc.sys
Address: 0x8577C000 Size: 176128 File Visible: - Signed: -
Status: -
Name: mssmbios.sys
Image Path: C:\Windows\system32\DRIVERS\mssmbios.sys
Address: 0x89E93000 Size: 40960 File Visible: - Signed: -
Status: -
Name: mup.sys
Image Path: C:\Windows\System32\Drivers\mup.sys
Address: 0x85B78000 Size: 61440 File Visible: - Signed: -
Status: -
Name: ndis.sys
Image Path: C:\Windows\system32\drivers\ndis.sys
Address: 0x85671000 Size: 1093632 File Visible: - Signed: -
Status: -
Name: ndistapi.sys
Image Path: C:\Windows\system32\DRIVERS\ndistapi.sys
Address: 0x89E1B000 Size: 45056 File Visible: - Signed: -
Status: -
Name: ndiswan.sys
Image Path: C:\Windows\system32\DRIVERS\ndiswan.sys
Address: 0x89E26000 Size: 143360 File Visible: - Signed: -
Status: -
Name: NDProxy.SYS
Image Path: C:\Windows\System32\Drivers\NDProxy.SYS
Address: 0x89EDF000 Size: 69632 File Visible: - Signed: -
Status: -
Name: netbios.sys
Image Path: C:\Windows\system32\DRIVERS\netbios.sys
Address: 0x8A9B9000 Size: 57344 File Visible: - Signed: -
Status: -
Name: netbt.sys
Image Path: C:\Windows\System32\DRIVERS\netbt.sys
Address: 0x8A971000 Size: 204800 File Visible: - Signed: -
Status: -
Name: NETIO.SYS
Image Path: C:\Windows\system32\drivers\NETIO.SYS
Address: 0x857A7000 Size: 241664 File Visible: - Signed: -
Status: -
Name: Npfs.SYS
Image Path: C:\Windows\System32\Drivers\Npfs.SYS
Address: 0x89F5F000 Size: 57344 File Visible: - Signed: -
Status: -
Name: nsiproxy.sys
Image Path: C:\Windows\system32\drivers\nsiproxy.sys
Address: 0x8A9E7000 Size: 40960 File Visible: - Signed: -
Status: -
Name: Ntfs.sys
Image Path: C:\Windows\System32\Drivers\Ntfs.sys
Address: 0x85A0C000 Size: 1114112 File Visible: - Signed: -
Status: -
Name: NTIDrvr.sys
Image Path: C:\Windows\system32\DRIVERS\NTIDrvr.sys
Address: 0x893F2000 Size: 6144 File Visible: - Signed: -
Status: -
Name: ntkrnlpa.exe
Image Path: C:\Windows\system32\ntkrnlpa.exe
Address: 0x81A02000 Size: 3903488 File Visible: - Signed: -
Status: -
Name: Null.SYS
Image Path: C:\Windows\System32\Drivers\Null.SYS
Address: 0x89EF9000 Size: 28672 File Visible: - Signed: -
Status: -
Name: nvlddmkm.sys
Image Path: C:\Windows\system32\DRIVERS\nvlddmkm.sys
Address: 0x89407000 Size: 7468128 File Visible: - Signed: -
Status: -
Name: nvstor32.sys
Image Path: C:\Windows\system32\drivers\nvstor32.sys
Address: 0x8073A000 Size: 118784 File Visible: - Signed: -
Status: -
Name: ohci1394.sys
Image Path: C:\Windows\system32\DRIVERS\ohci1394.sys
Address: 0x89347000 Size: 62208 File Visible: - Signed: -
Status: -
Name: pacer.sys
Image Path: C:\Windows\system32\DRIVERS\pacer.sys
Address: 0x8A9A3000 Size: 90112 File Visible: - Signed: -
Status: -
Name: parport.sys
Image Path: C:\Windows\system32\DRIVERS\parport.sys
Address: 0x859E3000 Size: 98304 File Visible: - Signed: -
Status: -
Name: partmgr.sys
Image Path: C:\Windows\System32\drivers\partmgr.sys
Address: 0x80687000 Size: 61440 File Visible: - Signed: -
Status: -
Name: parvdm.sys
Image Path: C:\Windows\system32\DRIVERS\parvdm.sys
Address: 0x98B11000 Size: 28672 File Visible: - Signed: -
Status: -
Name: pci.sys
Image Path: C:\Windows\system32\drivers\pci.sys
Address: 0x80660000 Size: 159744 File Visible: - Signed: -
Status: -
Name: pciide.sys
Image Path: C:\Windows\system32\drivers\pciide.sys
Address: 0x806EF000 Size: 28672 File Visible: - Signed: -
Status: -
Name: PCIIDEX.SYS
Image Path: C:\Windows\system32\drivers\PCIIDEX.SYS
Address: 0x806F6000 Size: 57344 File Visible: - Signed: -
Status: -
Name: peauth.sys
Image Path: C:\Windows\system32\drivers\peauth.sys
Address: 0x95205000 Size: 909312 File Visible: - Signed: -
Status: -
Name: Ph3xIB32.sys
Image Path: C:\Windows\system32\DRIVERS\Ph3xIB32.sys
Address: 0x89205000 Size: 1131136 File Visible: - Signed: -
Status: -
Name: PnpManager
Image Path: \Driver\PnpManager
Address: 0x81A02000 Size: 3903488 File Visible: - Signed: -
Status: -
Name: portcls.sys
Image Path: C:\Windows\system32\drivers\portcls.sys
Address: 0x8A1AB000 Size: 184320 File Visible: - Signed: -
Status: -
Name: psdfilter.sys
Image Path: C:\Windows\system32\DRIVERS\psdfilter.sys
Address: 0x807DA000 Size: 36864 File Visible: - Signed: -
Status: -
Name: PSDNServ.sys
Image Path: C:\Windows\system32\drivers\PSDNServ.sys
Address: 0x85B6F000 Size: 36864 File Visible: - Signed: -
Status: -
Name: psdvdisk.sys
Image Path: C:\Windows\system32\drivers\psdvdisk.sys
Address: 0x85B5D000 Size: 73728 File Visible: - Signed: -
Status: -
Name: PSHED.dll
Image Path: C:\Windows\system32\PSHED.dll
Address: 0x80408000 Size: 69632 File Visible: - Signed: -
Status: -
Name: rasacd.sys
Image Path: C:\Windows\System32\DRIVERS\rasacd.sys
Address: 0x89F6D000 Size: 36864 File Visible: - Signed: -
Status: -
Name: rasl2tp.sys
Image Path: C:\Windows\system32\DRIVERS\rasl2tp.sys
Address: 0x89E04000 Size: 94208 File Visible: - Signed: -
Status: -
Name: raspppoe.sys
Image Path: C:\Windows\system32\DRIVERS\raspppoe.sys
Address: 0x89E49000 Size: 61440 File Visible: - Signed: -
Status: -
Name: raspptp.sys
Image Path: C:\Windows\system32\DRIVERS\raspptp.sys
Address: 0x89E58000 Size: 81920 File Visible: - Signed: -
Status: -
Name: rassstp.sys
Image Path: C:\Windows\system32\DRIVERS\rassstp.sys
Address: 0x89E6C000 Size: 86016 File Visible: - Signed: -
Status: -
Name: RAW
Image Path: \FileSystem\RAW
Address: 0x81A02000 Size: 3903488 File Visible: - Signed: -
Status: -
Name: rdbss.sys
Image Path: C:\Windows\system32\DRIVERS\rdbss.sys
Address: 0x89FA0000 Size: 245760 File Visible: - Signed: -
Status: -
Name: RDPCDD.sys
Image Path: C:\Windows\System32\DRIVERS\RDPCDD.sys
Address: 0x89F44000 Size: 32768 File Visible: - Signed: -
Status: -
Name: rdpencdd.sys
Image Path: C:\Windows\system32\drivers\rdpencdd.sys
Address: 0x89F4C000 Size: 32768 File Visible: - Signed: -
Status: -
Name: rootrepeal.sys
Image Path: C:\Windows\system32\drivers\rootrepeal.sys
Address: 0x95322000 Size: 49152 File Visible: No Signed: -
Status: -
Name: rspndr.sys
Image Path: C:\Windows\system32\DRIVERS\rspndr.sys
Address: 0x91669000 Size: 77824 File Visible: - Signed: -
Status: -
Name: RTKVHDA.sys
Image Path: C:\Windows\system32\drivers\RTKVHDA.sys
Address: 0x8A003000 Size: 1733952 File Visible: - Signed: -
Status: -
Name: SCDEmu.SYS
Image Path: C:\Windows\System32\Drivers\SCDEmu.SYS
Address: 0x8A9DA000 Size: 52768 File Visible: - Signed: -
Status: -
Name: secdrv.SYS
Image Path: C:\Windows\System32\Drivers\secdrv.SYS
Address: 0x952E3000 Size: 40960 File Visible: - Signed: -
Status: -
Name: serenum.sys
Image Path: C:\Windows\system32\DRIVERS\serenum.sys
Address: 0x89BEC000 Size: 40960 File Visible: - Signed: -
Status: -
Name: serial.sys
Image Path: C:\Windows\system32\DRIVERS\serial.sys
Address: 0x89BD2000 Size: 106496 File Visible: - Signed: -
Status: -
Name: smb.sys
Image Path: C:\Windows\system32\DRIVERS\smb.sys
Address: 0x89F8C000 Size: 81920 File Visible: - Signed: -
Status: -
Name: spldr.sys
Image Path: C:\Windows\System32\Drivers\spldr.sys
Address: 0x85B55000 Size: 32768 File Visible: - Signed: -
Status: -
Name: spsys.sys
Image Path: C:\Windows\system32\drivers\spsys.sys
Address: 0x9167C000 Size: 720896 File Visible: - Signed: -
Status: -
Name: srv.sys
Image Path: C:\Windows\System32\DRIVERS\srv.sys
Address: 0x98AC3000 Size: 319488 File Visible: - Signed: -
Status: -
Name: srv2.sys
Image Path: C:\Windows\System32\DRIVERS\srv2.sys
Address: 0x98A9C000 Size: 159744 File Visible: - Signed: -
Status: -
Name: srvnet.sys
Image Path: C:\Windows\System32\DRIVERS\srvnet.sys
Address: 0x91799000 Size: 118784 File Visible: - Signed: -
Status: -
Name: storport.sys
Image Path: C:\Windows\system32\drivers\storport.sys
Address: 0x80757000 Size: 266240 File Visible: - Signed: -
Status: -
Name: swenum.sys
Image Path: C:\Windows\system32\DRIVERS\swenum.sys
Address: 0x89E91000 Size: 4992 File Visible: - Signed: -
Status: -
Name: tcpip.sys
Image Path: C:\Windows\System32\drivers\tcpip.sys
Address: 0x85805000 Size: 958464 File Visible: - Signed: -
Status: -
Name: tcpipreg.sys
Image Path: C:\Windows\System32\drivers\tcpipreg.sys
Address: 0x952ED000 Size: 49152 File Visible: - Signed: -
Status: -
Name: TDI.SYS
Image Path: C:\Windows\system32\DRIVERS\TDI.SYS
Address: 0x807E3000 Size: 45056 File Visible: - Signed: -
Status: -
Name: tdx.sys
Image Path: C:\Windows\system32\DRIVERS\tdx.sys
Address: 0x89F76000 Size: 90112 File Visible: - Signed: -
Status: -
Name: termdd.sys
Image Path: C:\Windows\system32\DRIVERS\termdd.sys
Address: 0x89E81000 Size: 65536 File Visible: - Signed: -
Status: -
Name: TSDDD.dll
Image Path: C:\Windows\System32\TSDDD.dll
Address: 0x92250000 Size: 36864 File Visible: - Signed: -
Status: -
Name: tunmp.sys
Image Path: C:\Windows\system32\DRIVERS\tunmp.sys
Address: 0x85927000 Size: 36864 File Visible: - Signed: -
Status: -
Name: tunnel.sys
Image Path: C:\Windows\system32\DRIVERS\tunnel.sys
Address: 0x85A00000 Size: 45056 File Visible: - Signed: -
Status: -
Name: umbus.sys
Image Path: C:\Windows\system32\DRIVERS\umbus.sys
Address: 0x89E9D000 Size: 53248 File Visible: - Signed: -
Status: -
Name: usbccgp.sys
Image Path: C:\Windows\system32\DRIVERS\usbccgp.sys
Address: 0x85BE9000 Size: 94208 File Visible: - Signed: -
Status: -
Name: USBD.SYS
Image Path: C:\Windows\system32\DRIVERS\USBD.SYS
Address: 0x8A9F1000 Size: 8192 File Visible: - Signed: -
Status: -
Name: usbehci.sys
Image Path: C:\Windows\system32\DRIVERS\usbehci.sys
Address: 0x85988000 Size: 61440 File Visible: - Signed: -
Status: -
Name: usbhub.sys
Image Path: C:\Windows\system32\DRIVERS\usbhub.sys
Address: 0x89EAA000 Size: 217088 File Visible: - Signed: -
Status: -
Name: usbohci.sys
Image Path: C:\Windows\system32\DRIVERS\usbohci.sys
Address: 0x85940000 Size: 40960 File Visible: - Signed: -
Status: -
Name: USBPORT.SYS
Image Path: C:\Windows\system32\DRIVERS\USBPORT.SYS
Address: 0x8594A000 Size: 253952 File Visible: - Signed: -
Status: -
Name: USBSTOR.SYS
Image Path: C:\Windows\system32\DRIVERS\USBSTOR.SYS
Address: 0x91608000 Size: 86016 File Visible: - Signed: -
Status: -
Name: vga.sys
Image Path: C:\Windows\System32\drivers\vga.sys
Address: 0x89F17000 Size: 49152 File Visible: - Signed: -
Status: -
Name: VIDEOPRT.SYS
Image Path: C:\Windows\System32\drivers\VIDEOPRT.SYS
Address: 0x89F23000 Size: 135168 File Visible: - Signed: -
Status: -
Name: volmgr.sys
Image Path: C:\Windows\system32\drivers\volmgr.sys
Address: 0x80696000 Size: 61440 File Visible: - Signed: -
Status: -
Name: volmgrx.sys
Image Path: C:\Windows\System32\drivers\volmgrx.sys
Address: 0x806A5000 Size: 303104 File Visible: - Signed: -
Status: -
Name: volsnap.sys
Image Path: C:\Windows\system32\drivers\volsnap.sys
Address: 0x85B1C000 Size: 233472 File Visible: - Signed: -
Status: -
Name: wanarp.sys
Image Path: C:\Windows\system32\DRIVERS\wanarp.sys
Address: 0x8A9C7000 Size: 77824 File Visible: - Signed: -
Status: -
Name: watchdog.sys
Image Path: C:\Windows\System32\drivers\watchdog.sys
Address: 0x89BC6000 Size: 49152 File Visible: - Signed: -
Status: -
Name: Wdf01000.sys
Image Path: C:\Windows\system32\drivers\Wdf01000.sys
Address: 0x80542000 Size: 507904 File Visible: - Signed: -
Status: -
Name: WDFLDR.SYS
Image Path: C:\Windows\system32\drivers\WDFLDR.SYS
Address: 0x805BE000 Size: 53248 File Visible: - Signed: -
Status: -
Name: Win32k
Image Path: \Driver\Win32k
Address: 0x92030000 Size: 2105344 File Visible: - Signed: -
Status: -
Name: win32k.sys
Image Path: C:\Windows\System32\win32k.sys
Address: 0x92030000 Size: 2105344 File Visible: - Signed: -
Status: -
Name: WMILIB.SYS
Image Path: C:\Windows\system32\drivers\WMILIB.SYS
Address: 0x8064F000 Size: 36864 File Visible: - Signed: -
Status: -
Name: WMIxWDM
Image Path: \Driver\WMIxWDM
Address: 0x81A02000 Size: 3903488 File Visible: - Signed: -
Status: -
Name: WUDFPf.sys
Image Path: C:\Windows\system32\DRIVERS\WUDFPf.sys
Address: 0x9530E000 Size: 73728 File Visible: - Signed: -
Status: -
Name: WUDFRd.sys
Image Path: C:\Windows\system32\DRIVERS\WUDFRd.sys
Address: 0x952F9000 Size: 83328 File Visible: - Signed: -
Status: -
Name: yk60x86.sys
Image Path: C:\Windows\system32\DRIVERS\yk60x86.sys
Address: 0x859AF000 Size: 212992 File Visible: - Signed: -
Status: -
Re: Problém s virem
Napsal: 05 črc 2010 17:25
od stell
no nevidim tu nic skodliveho,,problem je v tom ze v spustacom sectore v MBR-mas neznamy kod..
nemas inst cd tak nevieme to opravit,,bootkit removera nieco blokuje,,ak dobre tusim bude to Tuneup,,takze odinstaluj Tuneup,,a spust Fix.bat z uctu administratora,,a potom napis,,ak nepojde nieco este vymyslime.
Re: Problém s virem
Napsal: 12 črc 2010 07:12
od stell
ak to robi len stou konkretnou hrou ,,hry CS 1.6.,,pravdepodobne problem bude v hre,ale fix.bat zmaz a pouzijes tento program
Stiahnite si
MBRCheck.exe na plochu
XP> dvojklikom na MBRCheck.exe a spustiť
Vista a Windows 7 užívateľov> kliknite pravým tlačidlom myši na MBRCheck.exe a zvoľte Spustiť ako administrátor
Ukáže čierna obrazovka s niektorými údajmi .
Keď sa to urobí> Stlačte Enter pre ukončenie programu.
Súbor s názvom MBRCheck.txt sa objaví na ploche
Prosím, skopírujte do vašej ďalšej odpoveď
Re: Problém s virem
Napsal: 14 črc 2010 17:00
od Ti2sto
MBRCheck, version 1.0.3
(c) 2010, AD
\\.\C: --> \\.\PhysicalDrive0
\\.\D: --> \\.\PhysicalDrive0
Size Device Name MBR Status
--------------------------------------------
298 GB \\.\PhysicalDrive0 Unknown MBR code
Found non-standard or infected MBR.
Enter 'Y' and hit ENTER for more options, or 'N' to exit:
Options:
[1] Dump the MBR of a physical disk to file.
[2] Restore the MBR of a physical disk with a standard boot code.
[3] Exit.
Enter your choice:
Re: Problém s virem
Napsal: 14 črc 2010 19:54
od stell
Stiahnite si prosím Rootkit Unhooker uložiť na plochu.
http://www.rootkit.com/vault/DiabloNova ... okerLE.EXE
* Teraz double-kliknite na RKUnhookerLE.exe .
* Kliknite na kartu správa, kliknite na tlačidlo Skenovať.
* Skontrolujte, či je(zafajknute) Drivers,Stealth.Ostatne Zrusit [vybrat fajku]. kliknite na tlačidlo OK.
* Počkajte, až skener má hotové a potom kliknite na tlačidlo Súbor, Uložiť Report.
* Save the report niekam, kde ju nájdete. Kliknite na tlačidlo Zavrieť.
Skopírujte celý obsah správy a vložiť ho tu.
Re: Problém s virem
Napsal: 14 črc 2010 19:59
od stell
poznamka,,mbrcheck,trebalo spustit Pravy klik a spustit ako administrator.restart,a daj sem aj novy log.
Re: Problém s virem
Napsal: 16 črc 2010 14:39
od Ti2sto
RkU Version: 3.8.388.590, Type LE (SR2)
==============================================
OS Name: Windows Vista
Version 6.0.6002 (Service Pack 2)
Number of processors #1
==============================================
>Drivers
==============================================
0x8960D000 C:\Windows\system32\DRIVERS\nvlddmkm.sys 7471104 bytes (NVIDIA Corporation, NVIDIA Compatible Windows Vista Kernel Mode Driver, Version 175.30 )
0x8A405000 C:\Windows\system32\DRIVERS\kl1.sys 5373952 bytes (Kaspersky Lab, Kaspersky Unified Driver)
0x81A06000 C:\Windows\system32\ntkrnlpa.exe 3903488 bytes (Microsoft Corporation, NT Kernel & System)
0x81A06000 PnpManager 3903488 bytes
0x81A06000 RAW 3903488 bytes
0x81A06000 WMIxWDM 3903488 bytes
0x92200000 Win32k 2105344 bytes
0x92200000 C:\Windows\System32\win32k.sys 2105344 bytes (Microsoft Corporation, Multi-User Win32 Driver)
0x8A203000 C:\Windows\system32\drivers\RTKVHDA.sys 1736704 bytes (Realtek Semiconductor Corp., Realtek(r) High Definition Audio Function Driver)
0x89207000 C:\Windows\system32\DRIVERS\Ph3xIB32.sys 1134592 bytes (Philips Semiconductors GmbH, Ph3xIBxx)
0x85C00000 C:\Windows\System32\Drivers\Ntfs.sys 1114112 bytes (Společnost Microsoft, NT File System Driver)
0x85871000 C:\Windows\system32\drivers\ndis.sys 1093632 bytes (Microsoft Corporation, NDIS 6.0 wrapper driver)
0x85A05000 C:\Windows\System32\drivers\tcpip.sys 958464 bytes (Microsoft Corporation, TCP/IP Driver)
0x80662000 C:\Windows\system32\CI.dll 917504 bytes (Microsoft Corporation, Code Integrity Module)
0x95C05000 C:\Windows\system32\drivers\peauth.sys 909312 bytes (Microsoft Corporation, Protected Environment Authentication and Authorization Export Driver)
0x94AA4000 C:\Windows\system32\drivers\spsys.sys 720896 bytes (Microsoft Corporation, security processor)
0x89D2D000 C:\Windows\System32\drivers\dxgkrnl.sys 651264 bytes (Microsoft Corporation, DirectX Graphics Kernel)
0x89367000 C:\Windows\system32\DRIVERS\HDAudBus.sys 577536 bytes (Microsoft Corporation, High Definition Audio Bus Driver)
0x80742000 C:\Windows\system32\drivers\Wdf01000.sys 507904 bytes (Microsoft Corporation, WDF Dynamic)
0x85800000 C:\Windows\System32\Drivers\ksecdd.sys 462848 bytes (Microsoft Corporation, Kernel Security Support Provider Interface)
0x94B54000 C:\Windows\system32\drivers\HTTP.sys 446464 bytes (Microsoft Corporation, Zásobník protokolu HTTP)
0x994DC000 C:\Windows\System32\DRIVERS\srv.sys 319488 bytes (Microsoft Corporation, Server driver)
0x8569E000 C:\Windows\System32\drivers\volmgrx.sys 303104 bytes (Microsoft Corporation, Volume Manager Extension Driver)
0x8A925000 C:\Windows\system32\drivers\afd.sys 294912 bytes (Microsoft Corporation, Ancillary Function Driver for WinSock)
0x85602000 C:\Windows\system32\drivers\acpi.sys 286720 bytes (Microsoft Corporation, ACPI Driver for NT)
0x80621000 C:\Windows\system32\CLFS.SYS 266240 bytes (Microsoft Corporation, Common Log File System Driver)
0x85750000 C:\Windows\system32\drivers\storport.sys 266240 bytes (Microsoft Corporation, Microsoft Storage Port Driver)
0x85B4A000 C:\Windows\system32\DRIVERS\USBPORT.SYS 253952 bytes (Microsoft Corporation, USB 1.1 & 2.0 Port Driver)
0x8A18F000 C:\Windows\system32\DRIVERS\rdbss.sys 245760 bytes (Microsoft Corporation, Redirected Drive Buffering SubSystem Driver)
0x859A7000 C:\Windows\system32\drivers\NETIO.SYS 241664 bytes (Microsoft Corporation, Network I/O Subsystem)
0x99464000 C:\Windows\system32\DRIVERS\mrxsmb10.sys 233472 bytes (Microsoft Corporation, Longhorn SMB Downlevel SubRdr)
0x85D10000 C:\Windows\system32\drivers\volsnap.sys 233472 bytes (Microsoft Corporation, Volume Shadow Copy Driver)
0x8A099000 C:\Windows\system32\DRIVERS\usbhub.sys 217088 bytes (Microsoft Corporation, Default Hub Driver for USB)
0x85BAF000 C:\Windows\system32\DRIVERS\yk60x86.sys 212992 bytes (Marvell, NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller)
0x81DBF000 ACPI_HAL 208896 bytes
0x81DBF000 C:\Windows\system32\hal.dll 208896 bytes (Microsoft Corporation, Hardware Abstraction Layer DLL)
0x85791000 C:\Windows\system32\drivers\fltmgr.sys 204800 bytes (Společnost Microsoft, Microsoft Filesystem Filter Manager)
0x8A96D000 C:\Windows\System32\DRIVERS\netbt.sys 204800 bytes (Microsoft Corporation, MBT Transport driver)
0x807CB000 C:\Windows\system32\DRIVERS\msiscsi.sys 192512 bytes (Microsoft Corporation, Microsoft iSCSI Initiator Driver)
0x8A3AB000 C:\Windows\system32\drivers\portcls.sys 184320 bytes (Microsoft Corporation, Port Class (Class Driver for Port/Miniport Devices))
0x8597C000 C:\Windows\system32\drivers\msrpc.sys 176128 bytes (Microsoft Corporation, Kernel Remote Procedure Call Provider)
0x8931C000 C:\Windows\system32\DRIVERS\ks.sys 172032 bytes (Microsoft Corporation, Kernel CSA Library)
0x85D7B000 C:\Windows\System32\drivers\ecache.sys 159744 bytes (Microsoft Corporation, Special Memory Device Cache)
0x85659000 C:\Windows\system32\drivers\pci.sys 159744 bytes (Microsoft Corporation, NT Plug and Play PCI Enumerator)
0x994B5000 C:\Windows\System32\DRIVERS\srv2.sys 159744 bytes (Microsoft Corporation, Smb 2.0 Server driver)
0x8A3D8000 C:\Windows\system32\drivers\drmk.sys 151552 bytes (Microsoft Corporation, Microsoft Kernel DRM Descrambler Filter)
0x8A015000 C:\Windows\system32\DRIVERS\ndiswan.sys 143360 bytes (Microsoft Corporation, MS PPP Framing Driver (Strong Encryption))
0x85DB3000 C:\Windows\system32\drivers\CLASSPNP.SYS 135168 bytes (Microsoft Corporation, SCSI Class System Dll)
0x99424000 C:\Windows\system32\drivers\mrxdav.sys 135168 bytes (Microsoft Corporation, Windows NT WebDav Minirdr)
0x8A112000 C:\Windows\System32\drivers\VIDEOPRT.SYS 135168 bytes (Microsoft Corporation, Video Port Driver)
0x99445000 C:\Windows\system32\DRIVERS\mrxsmb.sys 126976 bytes (Microsoft Corporation, Windows NT SMB Minirdr)
0x85715000 C:\Windows\system32\drivers\ataport.SYS 122880 bytes (Microsoft Corporation, ATAPI Driver Extension)
0x85B0A000 C:\Windows\System32\Drivers\dump_nvstor32.sys 118784 bytes
0x85733000 C:\Windows\system32\drivers\nvstor32.sys 118784 bytes (NVIDIA Corporation, NVIDIA® nForce(TM) Sata Performance Driver)
0x94BC1000 C:\Windows\System32\DRIVERS\srvnet.sys 118784 bytes (Microsoft Corporation, Server Network driver)
0x85AEF000 C:\Windows\System32\drivers\fwpkclnt.sys 110592 bytes (Microsoft Corporation, FWP/IPsec Kernel-Mode API)
0x94A5E000 C:\Windows\system32\drivers\luafv.sys 110592 bytes (Microsoft Corporation, LUA File Virtualization Filter Driver)
0x89DD8000 C:\Windows\system32\DRIVERS\serial.sys 106496 bytes (Microsoft Corporation, Serial Device Driver)
0x94BDE000 C:\Windows\system32\DRIVERS\bowser.sys 102400 bytes (Microsoft Corporation, NT Lan Manager Datagram Receiver Driver)
0x85B97000 C:\Windows\system32\DRIVERS\cdrom.sys 98304 bytes (Microsoft Corporation, SCSI CD-ROM Driver)
0x9949D000 C:\Windows\system32\DRIVERS\mrxsmb20.sys 98304 bytes (Microsoft Corporation, Longhorn SMB 2.0 Redirector)
0x85BE3000 C:\Windows\system32\DRIVERS\parport.sys 98304 bytes (Microsoft Corporation, Parallel Port Driver)
0x8A1CB000 C:\Windows\System32\Drivers\dfsc.sys 94208 bytes (Microsoft Corporation, DFS Namespace Client Driver)
0x857E7000 C:\Windows\system32\DRIVERS\rasl2tp.sys 94208 bytes (Microsoft Corporation, RAS L2TP mini-port/call-manager driver)
0x94A0E000 C:\Windows\system32\DRIVERS\usbccgp.sys 94208 bytes (Microsoft Corporation, USB Common Class Generic Parent Driver)
0x99531000 C:\Windows\system32\DRIVERS\cdfs.sys 90112 bytes (Microsoft Corporation, CD-ROM File System Driver)
0x8A99F000 C:\Windows\system32\DRIVERS\pacer.sys 90112 bytes (Microsoft Corporation, Plánovač paketů technologie QoS)
0x8A165000 C:\Windows\system32\DRIVERS\tdx.sys 90112 bytes (Microsoft Corporation, TDI Translation Driver)
0x9940F000 C:\Windows\System32\drivers\mpsdrv.sys 86016 bytes (Microsoft Corporation, Microsoft Protection Service Driver)
0x8A05B000 C:\Windows\system32\DRIVERS\rassstp.sys 86016 bytes (Microsoft Corporation, RAS SSTP Miniport Call Manager)
0x85DDD000 C:\Windows\system32\DRIVERS\USBSTOR.SYS 86016 bytes (Microsoft Corporation, USB Mass Storage Class Driver)
0x95CF9000 C:\Windows\system32\DRIVERS\WUDFRd.sys 86016 bytes (Microsoft Corporation, Windows Driver Foundation - User-mode Driver Framework Reflector)
0x8A047000 C:\Windows\system32\DRIVERS\raspptp.sys 81920 bytes (Microsoft Corporation, Peer-to-Peer Tunneling Protocol)
0x8A17B000 C:\Windows\system32\DRIVERS\smb.sys 81920 bytes (Microsoft Corporation, SMB Transport driver)
0x859E2000 C:\Windows\system32\DRIVERS\i8042prt.sys 77824 bytes (Microsoft Corporation, i8042 Port Driver)
0x94A91000 C:\Windows\system32\DRIVERS\rspndr.sys 77824 bytes (Microsoft Corporation, Link-Layer Topology Responder Driver for NDIS 6)
0x8A9C3000 C:\Windows\system32\DRIVERS\wanarp.sys 77824 bytes (Microsoft Corporation, MS Remote Access and Routing ARP Driver)
0x85D51000 C:\Windows\system32\drivers\psdvdisk.sys 73728 bytes (HiTRUST, PSD Virtual Disk Driver)
0x95D0E000 C:\Windows\system32\DRIVERS\WUDFPf.sys 73728 bytes (Microsoft Corporation, Windows Driver Foundation - User-mode Driver Framework Platform Driver)
0x85DA2000 C:\Windows\system32\drivers\disk.sys 69632 bytes (Microsoft Corporation, PnP Disk Driver)
0x99547000 C:\Acer\Empowering Technology\eRecovery\int15.sys 69632 bytes
0x8A0CE000 C:\Windows\System32\Drivers\NDProxy.SYS 69632 bytes (Microsoft Corporation, NDIS Proxy)
0x80608000 C:\Windows\system32\PSHED.dll 69632 bytes (Microsoft Corporation, Platform Specific Hardware Error Driver)
0x85B30000 C:\Windows\system32\DRIVERS\amdk8.sys 65536 bytes (Microsoft Corporation, Processor Device Driver)
0x857C3000 C:\Windows\system32\drivers\fileinfo.sys 65536 bytes (Microsoft Corporation, FileInfo Filter Driver)
0x94A2E000 C:\Windows\system32\DRIVERS\HIDCLASS.SYS 65536 bytes (Microsoft Corporation, Hid Class Library)
0x94A81000 C:\Windows\system32\DRIVERS\lltdio.sys 65536 bytes (Microsoft Corporation, Link-Layer Topology Mapper I/O Driver)
0x856FD000 C:\Windows\System32\drivers\mountmgr.sys 65536 bytes (Microsoft Corporation, Mount Point Manager)
0x89349000 C:\Windows\system32\DRIVERS\ohci1394.sys 65536 bytes (Microsoft Corporation, 1394 OpenHCI Port Driver)
0x8A070000 C:\Windows\system32\DRIVERS\termdd.sys 65536 bytes (Microsoft Corporation, Terminal Server Driver)
0x94A4F000 C:\Windows\system32\DRIVERS\monitor.sys 61440 bytes (Microsoft Corporation, Monitor Driver)
0x85D6C000 C:\Windows\System32\Drivers\mup.sys 61440 bytes (Microsoft Corporation, Multiple UNC Provider driver)
0x85680000 C:\Windows\System32\drivers\partmgr.sys 61440 bytes (Microsoft Corporation, Partition Management Driver)
0x8A038000 C:\Windows\system32\DRIVERS\raspppoe.sys 61440 bytes (Microsoft Corporation, RAS PPPoE mini-port/call-manager driver)
0x85B88000 C:\Windows\system32\DRIVERS\usbehci.sys 61440 bytes (Microsoft Corporation, EHCI eUSB Miniport Driver)
0x8568F000 C:\Windows\system32\drivers\volmgr.sys 61440 bytes (Microsoft Corporation, Volume Manager Driver)
0x89359000 C:\Windows\system32\DRIVERS\1394BUS.SYS 57344 bytes (Microsoft Corporation, 1394 Bus Device Driver)
0x92440000 C:\Windows\System32\cdd.dll 57344 bytes (Microsoft Corporation, Canonical Display Driver)
0x8A9B5000 C:\Windows\system32\DRIVERS\netbios.sys 57344 bytes (Microsoft Corporation, NetBIOS interface driver)
0x8A14E000 C:\Windows\System32\Drivers\Npfs.SYS 57344 bytes (Microsoft Corporation, NPFS Driver)
0x856EF000 C:\Windows\system32\drivers\PCIIDEX.SYS 57344 bytes (Microsoft Corporation, PCI IDE Bus Driver Extension)
0x8A9ED000 C:\Windows\System32\Drivers\crashdmp.sys 53248 bytes (Microsoft Corporation, Crash Dump Driver)
0x8A9D6000 C:\Windows\System32\Drivers\SCDEmu.SYS 53248 bytes (PowerISO Computing, Inc., PowerISO Virtual Drive)
0x8A08C000 C:\Windows\system32\DRIVERS\umbus.sys 53248 bytes (Microsoft Corporation, User-Mode Bus Enumerator)
0x807BE000 C:\Windows\system32\drivers\WDFLDR.SYS 53248 bytes (Microsoft Corporation, WDFLDR)
0x95CED000 C:\Windows\System32\drivers\tcpipreg.sys 49152 bytes (Microsoft Corporation, TCP/IP Registry Compatibility Driver)
0x8A106000 C:\Windows\System32\drivers\vga.sys 49152 bytes (Microsoft Corporation, VGA/Super VGA Video Driver)
0x89DCC000 C:\Windows\System32\drivers\watchdog.sys 49152 bytes (Microsoft Corporation, Watchdog Driver)
0x859F5000 C:\Windows\system32\DRIVERS\kbdclass.sys 45056 bytes (Microsoft Corporation, Keyboard Class Driver)
0x89600000 C:\Windows\system32\DRIVERS\mouclass.sys 45056 bytes (Microsoft Corporation, Mouse Class Driver)
0x8A143000 C:\Windows\System32\Drivers\Msfs.SYS 45056 bytes (Microsoft Corporation, Mailslot driver)
0x8A00A000 C:\Windows\system32\DRIVERS\ndistapi.sys 45056 bytes (Microsoft Corporation, NDIS 3.0 connection wrapper driver)
0x857DC000 C:\Windows\system32\DRIVERS\TDI.SYS 45056 bytes (Microsoft Corporation, TDI Wrapper)
0x85DF4000 C:\Windows\system32\DRIVERS\tunnel.sys 45056 bytes (Microsoft Corporation, Microsoft Tunnel Interface Driver)
0x8A1E2000 C:\Windows\System32\Drivers\dump_diskdump.sys 40960 bytes
0x8A1EC000 C:\Windows\System32\drivers\Dxapi.sys 40960 bytes (Microsoft Corporation, DirectX API Driver)
0x8A082000 C:\Windows\system32\DRIVERS\mssmbios.sys 40960 bytes (Microsoft Corporation, System Management BIOS Driver)
0x8A9E3000 C:\Windows\system32\drivers\nsiproxy.sys 40960 bytes (Microsoft Corporation, NSI Proxy)
0x95CE3000 C:\Windows\System32\Drivers\secdrv.SYS 40960 bytes (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K., Macrovision SECURITY Driver)
0x89DF2000 C:\Windows\system32\DRIVERS\serenum.sys 40960 bytes (Microsoft Corporation, Serial Port Enumerator)
0x85B40000 C:\Windows\system32\DRIVERS\usbohci.sys 40960 bytes (Microsoft Corporation, OHCI USB Miniport Driver)
0x85DD4000 C:\Windows\system32\drivers\crcdisk.sys 36864 bytes (Microsoft Corporation, Disk Block Verification Filter Driver)
0x8A0DF000 C:\Windows\System32\Drivers\Fs_Rec.SYS 36864 bytes (Microsoft Corporation, File System Recognizer Driver)
0x94A25000 C:\Windows\system32\DRIVERS\hidusb.sys 36864 bytes (Microsoft Corporation, USB Miniport Driver for Input Devices)
0x94A3E000 C:\Windows\system32\DRIVERS\kbdhid.sys 36864 bytes (Microsoft Corporation, HID Keyboard Filter Driver)
0x95D34000 C:\Windows\System32\Drivers\Normandy.SYS 36864 bytes (RKU Driver)
0x857D3000 C:\Windows\system32\DRIVERS\psdfilter.sys 36864 bytes (HiTRUST, PSD Filter Driver)
0x85D63000 C:\Windows\system32\drivers\PSDNServ.sys 36864 bytes (HiTRUST, PSD Named Pipe Driver)
0x8A15C000 C:\Windows\System32\DRIVERS\rasacd.sys 36864 bytes (Microsoft Corporation, RAS Automatic Connection Driver)
0x92420000 C:\Windows\System32\TSDDD.dll 36864 bytes (Microsoft Corporation, Framebuffer Display Driver)
0x85B27000 C:\Windows\system32\DRIVERS\tunmp.sys 36864 bytes (Microsoft Corporation, Microsoft Tunnel Interface Driver)
0x85648000 C:\Windows\system32\drivers\WMILIB.SYS 36864 bytes (Microsoft Corporation, WMILIB WMI support library Dll)
0x8570D000 C:\Windows\system32\drivers\atapi.sys 32768 bytes (Microsoft Corporation, ATAPI IDE Miniport Driver)
0x80619000 C:\Windows\system32\BOOTVID.dll 32768 bytes (Microsoft Corporation, VGA Boot Driver)
0x94A47000 C:\Windows\system32\DRIVERS\mouhid.sys 32768 bytes (Microsoft Corporation, HID Mouse Filter Driver)
0x85651000 C:\Windows\system32\drivers\msisadrv.sys 32768 bytes (Microsoft Corporation, ISA Driver)
0x8A133000 C:\Windows\System32\DRIVERS\RDPCDD.sys 32768 bytes (Microsoft Corporation, RDP Miniport)
0x8A13B000 C:\Windows\system32\drivers\rdpencdd.sys 32768 bytes (Microsoft Corporation, RDP Miniport)
0x85D49000 C:\Windows\System32\Drivers\spldr.sys 32768 bytes (Microsoft Corporation, loader for security processor)
0x8A0EF000 C:\Windows\System32\Drivers\Beep.SYS 28672 bytes (Microsoft Corporation, BEEP Driver)
0x8A0FF000 C:\Windows\system32\DRIVERS\HIDPARSE.SYS 28672 bytes (Microsoft Corporation, Hid Parsing Library)
0x80601000 C:\Windows\system32\kdcom.dll 28672 bytes (Microsoft Corporation, Kernel Debugger HW Extension DLL)
0x8A0E8000 C:\Windows\System32\Drivers\Null.SYS 28672 bytes (Microsoft Corporation, NULL Driver)
0x9952A000 C:\Windows\system32\DRIVERS\parvdm.sys 28672 bytes (Microsoft Corporation, VDM Parallel Driver)
0x856E8000 C:\Windows\system32\drivers\pciide.sys 28672 bytes (Microsoft Corporation, Generic PCI IDE Bus Driver)
0x89346000 C:\Windows\system32\DRIVERS\BdaSup.SYS 12288 bytes (Microsoft Corporation, Microsoft BDA Driver Support Library)
0x95D20000 C:\Windows\system32\drivers\MSPQM.sys 8192 bytes (Microsoft Corporation, MS Proxy Quality Manager)
0x893F4000 C:\Windows\system32\DRIVERS\NTIDrvr.sys 8192 bytes (NewTech Infosystems, Inc., NTI CD-ROM Filter Driver)
0x8A080000 C:\Windows\system32\DRIVERS\swenum.sys 8192 bytes (Microsoft Corporation, Plug and Play Software Device Enumerator)
0x8A9FA000 C:\Windows\system32\DRIVERS\USBD.SYS 8192 bytes (Microsoft Corporation, Universal Serial Bus Driver)
==============================================
>Stealth
==============================================
0x00AE0000 Hidden Image-->log4net.dll [ EPROCESS 0x8405F020 ] PID: 1064, 282624 bytes
0x00AC0000 Hidden Image-->MemCheck.Interface.dll [ EPROCESS 0x8405F020 ] PID: 1064, 28672 bytes
0x00950000 Hidden Image-->ServiceInterface.dll [ EPROCESS 0x84178D90 ] PID: 2468, 28672 bytes
0x00960000 Hidden Image-->IERYETF.dll [ EPROCESS 0x84178D90 ] PID: 2468, 28672 bytes
0x00AD0000 Hidden Image-->ePerformance.Library.dll [ EPROCESS 0x8405F020 ] PID: 1064, 53248 bytes
!!POSSIBLE ROOTKIT ACTIVITY DETECTED!! =)
