| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Desktop Security 2010 nicht entfernbarWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
| |
20.08.2010, 17:52
| #5 |
 |  Desktop Security 2010 nicht entfernbar Mhm, scheint doch eigentlich ganz einfach zu sein, weiß der kuckuck wieso das net funktionert.... Code:
ATTFilter Adobe Flash Player 10 Plugin Adobe Systems Incorporated 10.0.22.87
Adobe Flash Player ActiveX Adobe Systems Incorporated 9.0.124.0
Adobe Reader 7.0.7 - Deutsch Adobe Systems Incorporated 7.0.7
Adobe Shockwave Player 11.5 Adobe Systems, Inc. 11.5.7.609
ATI Catalyst Control Center 1.2.2285.37197
ATI Display Driver 8.25-060404a1-032845C
Avatar Screensaver
Avira AntiVir Personal - Free Antivirus Avira GmbH
BLASC 2.0 Computec Internet Agency 2.0
CCleaner Piriform 2.34
devolo dLAN-Konfigurationsassistent devolo AG 9.0.0.0
Digitale Bibliothek 3
DivX Codec DivX, Inc. 6.8.5
DivX Web Player DivX,Inc. 1.4.3
Firebird SQL Server (D) 1.5.2.4732
Free Audio CD Burner version 1.4 DVDVideoSoft Limited.
Free Fire Screensaver Laconic Software
Free YouTube to MP3 Converter version 3.6 DVDVideoSoft Limited.
GEAR 32bit Driver Installer GEAR Software, Inc. 2.002.8
Google Earth Google 5.2.0.5932
Google Updater Google Inc. 2.4.1601.7122
High Definition Audio - KB888111 Microsoft Corporation 20040219.000000
hp business inkjet 1100 Hewlett-Packard 1.10.0000
HP Business Inkjet 1200
ICQ Toolbar
ICQ6.5 ICQ 6.5
Java 2 Runtime Environment, SE v1.4.2 Sun Microsystems, Inc. 1.4.2
Learn2 Player (Uninstall Only)
Macromedia Flash Player 8 Macromedia 8.0.24.0
MAGIX Digital Foto Maker SE (D) MAGIX AG 3.0.1.84
MAGIX Fotos auf CD (D) MAGIX AG 4.5.4.0
MAGIX Media Suite - Standard Edition (D) MAGIX AG 1.7.1.42
MAGIX mp3 maker SE (D) MAGIX AG 1.1.1.664
MAGIX Online Druck Service (FS) Silverwire Software AG
MAGIX Video deLuxe SE (D) MAGIX AG 5.0.4.0
Malwarebytes' Anti-Malware Malwarebytes Corporation
MCE Software Encoder 1.0
Microsoft .NET Framework 1.0 Hotfix (KB887998) Microsoft Corporation
Microsoft .NET Framework 1.0 Hotfix (KB930494) Microsoft Corporation
Microsoft .NET Framework 1.0 Hotfix (KB953295) Microsoft Corporation
Microsoft .NET Framework 1.0 Hotfix (KB979904) Microsoft Corporation
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 German Language Pack Microsoft 1.1.4322
Microsoft Office Home and Student 2007 Microsoft Corporation 12.0.6425.1000
Microsoft Visual J# .NET Redistributable Package 1.1 Microsoft 1.1.4322
Microsoft Works Microsoft Corporation 08.05.0822
Minuscule.01
Minuscule.03
Molecular Cell Biology
Motorola SM56 Data Fax Modem
Mozilla Firefox (3.6.8) Mozilla 3.6.8 (de)
MSXML 4.0 SP2 (KB927978) Microsoft Corporation 4.20.9841.0
MSXML 4.0 SP2 (KB936181) Microsoft Corporation 4.20.9848.0
MSXML 4.0 SP2 (KB954430) Microsoft Corporation 4.20.9870.0
MSXML 4.0 SP2 (KB973688) Microsoft Corporation 4.20.9876.0
Mumble and Murmur Mumble 1.1.6
Nero BurnRights
Nero Digital
Nero OEM
NeroVision Express Content
Norton Security Scan Symantec Corporation 2.7.3.34
O2Micro Flash Memory Card Windows Driver V2.04 O2Micro International LTD. 2.04
Open Season Ubisoft 1.00
PDF24 Creator PDF24.org
Polymorf3D Screen Saver
PowerDVD CyberLink Corporation
QuickTime
RealPlayer Basic
Realtek High Definition Audio Driver
SAMSUNG CDMA Modem Driver Set
SAMSUNG Mobile USB Modem 1.0 Software
SAMSUNG Mobile USB Modem Software
Samsung PC Studio 2.0 PIM & File Manager Samsung Electornics Co., Ltd. 2.00.60612
Samsung PC Studio PC Sync Samsung 21.00.007
Samsung PC Studio USB Driver Installer Samsung Electronics Co., Ltd. 1.00.0000
Skype™ 4.2 Skype Technologies S.A. 4.2.169
SweetIM for Messenger 2.7 SweetIM Technologies Ltd. 2.7.0008
SweetIM Toolbar for Internet Explorer 3.4 SweetIM Technologies Ltd. 3.4.0010
T-Online 6.0
T-Online WLAN-Access Finder
TeamSpeak 2 RC2 Dominating Bytes Design 2.0.32.60
Uninstall 1.0.0.1
USB-Flachbettscanner
Viewpoint Media Player
Was ist Zeit - die fallenden Uhren
Winamp Nullsoft, Inc 5.51
Windows Installer 3.1 (KB893803) Microsoft Corporation
Windows Live Anmelde-Assistent Microsoft Corporation 5.000.818.6
Windows Live Essentials Microsoft Corporation 14.0.8089.0726
Windows Live-Uploadtool Microsoft Corporation 14.0.8014.1029
Windows Media Player Firefox Plugin Microsoft Corp 1.0.0.8
Windows Messenger 5.1 MUI Pack Microsoft Corporation 5.1.0701
WinRAR
World of Warcraft Blizzard Entertainment 3.3.0.11159
World of Warcraft Trial Blizzard Entertainment
ZoneAlarm Zone Labs, Inc 6.5.737.000
GMER Logfile: Code:
ATTFilter GMER 1.0.15.15281 - hxxp://www.gmer.net
Rootkit scan 2010-08-20 14:15:45
Windows 5.1.2600 Service Pack 2
Running: gmer.exe; Driver: C:\DOKUME~1\***\LOKALE~1\Temp\agnyrfow.sys
---- System - GMER 1.0.15 ----
SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) ZwCreateFile [0xEDA202D0]
SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) ZwCreateKey [0xEDA2B0D0]
SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) ZwCreatePort [0xEDA23C60]
SSDT F7C279BC ZwCreateThread
SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) ZwCreateWaitablePort [0xEDA23D40]
SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) ZwDeleteFile [0xEDA20950]
SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) ZwDeleteKey [0xEDA2C0B0]
SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) ZwDeleteValueKey [0xEDA2BD00]
SSDT spfs.sys ZwEnumerateKey [0xF72F1CA2]
SSDT spfs.sys ZwEnumerateValueKey [0xF72F2030]
SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) ZwLoadKey [0xEDA2C3E0]
SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) ZwOpenFile [0xEDA207A0]
SSDT spfs.sys ZwOpenKey [0xF72D40C0]
SSDT F7C279A8 ZwOpenProcess
SSDT F7C279AD ZwOpenThread
SSDT spfs.sys ZwQueryKey [0xF72F2108]
SSDT spfs.sys ZwQueryValueKey [0xF72F1F88]
SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) ZwReplaceKey [0xEDA2C6D0]
SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) ZwRestoreKey [0xEDA2C980]
SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) ZwSetInformationFile [0xEDA20AC0]
SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) ZwSetValueKey [0xEDA2B897]
SSDT F7C279B7 ZwTerminateProcess
SSDT F7C279B2 ZwWriteVirtualMemory
INT 0x62 ? 84B69BF8
INT 0x63 ? 84B6CDD8
INT 0x73 ? 84B69BF8
INT 0xA4 ? 849A1BF8
INT 0xA4 ? 849A1BF8
INT 0xA4 ? 849A1BF8
INT 0xA4 ? 849A1BF8
---- Kernel code sections - GMER 1.0.15 ----
? spfs.sys Das System kann die angegebene Datei nicht finden. !
? srescan.sys Das System kann die angegebene Datei nicht finden. !
.text USBPORT.SYS!DllUnload F62F17AE 5 Bytes JMP 849A11D8
.text ahvjsguc.SYS F61A0384 1 Byte [20]
.text ahvjsguc.SYS F61A0384 37 Bytes [20, 00, 00, 68, 00, 00, 00, ...]
.text ahvjsguc.SYS F61A03AA 24 Bytes [00, 00, 20, 00, 00, E0, 00, ...]
.text ahvjsguc.SYS F61A03C4 3 Bytes [00, 00, 00]
.text ahvjsguc.SYS F61A03C9 1 Byte [00]
.text ...
---- User code sections - GMER 1.0.15 ----
.text C:\Programme\Windows Live\Messenger\msnmsgr.exe[1292] kernel32.dll!LoadLibraryExW + C4 7C801BB5 4 Bytes CALL 012A0001
.text C:\Programme\Windows Live\Messenger\msnmsgr.exe[1292] kernel32.dll!LoadLibraryA 7C801D77 6 Bytes JMP 5F3B0F5A
.text C:\Programme\Windows Live\Messenger\msnmsgr.exe[1292] kernel32.dll!LoadResource 7C809FC5 6 Bytes JMP 5F290F5A
.text C:\Programme\Windows Live\Messenger\msnmsgr.exe[1292] kernel32.dll!GetProcAddress 7C80ADB0 6 Bytes JMP 5F2C0F5A
.text C:\Programme\Windows Live\Messenger\msnmsgr.exe[1292] kernel32.dll!LoadLibraryW 7C80AE5B 6 Bytes JMP 5F2F0F5A
.text C:\Programme\Windows Live\Messenger\msnmsgr.exe[1292] kernel32.dll!FindResourceW 7C80BBDE 6 Bytes JMP 5F230F5A
.text C:\Programme\Windows Live\Messenger\msnmsgr.exe[1292] kernel32.dll!SizeofResource 7C80BC79 6 Bytes JMP 5F260F5A
.text C:\Programme\Windows Live\Messenger\msnmsgr.exe[1292] ADVAPI32.dll!RegOpenKeyExW 77DA6AAF 6 Bytes JMP 5F0D0F5A
.text C:\Programme\Windows Live\Messenger\msnmsgr.exe[1292] ADVAPI32.dll!RegQueryValueExW 77DA6FFF 6 Bytes JMP 5F0A0F5A
.text C:\Programme\Windows Live\Messenger\msnmsgr.exe[1292] ADVAPI32.dll!RegQueryValueExA 77DA7ABB 6 Bytes JMP 5F040F5A
.text C:\Programme\Windows Live\Messenger\msnmsgr.exe[1292] ADVAPI32.dll!RegCreateKeyExA 77DAE9D4 6 Bytes JMP 5F410F5A
.text C:\Programme\Windows Live\Messenger\msnmsgr.exe[1292] ADVAPI32.dll!RegSetValueExA 77DAEAC7 6 Bytes JMP 5F3E0F5A
.text C:\Programme\Windows Live\Messenger\msnmsgr.exe[1292] USER32.dll!DispatchMessageW 7E368A01 6 Bytes JMP 5F200F5A
.text C:\Programme\Windows Live\Messenger\msnmsgr.exe[1292] USER32.dll!SetWindowLongW 7E36D62B 6 Bytes JMP 5F1A0F5A
.text C:\Programme\Windows Live\Messenger\msnmsgr.exe[1292] USER32.dll!DestroyWindow 7E36DAEA 3 Bytes [FF, 25, 1E]
.text C:\Programme\Windows Live\Messenger\msnmsgr.exe[1292] USER32.dll!DestroyWindow + 4 7E36DAEE 2 Bytes [1E, 5F] {PUSH DS; POP EDI}
.text C:\Programme\Windows Live\Messenger\msnmsgr.exe[1292] USER32.dll!CreateWindowExW 7E36FC25 6 Bytes JMP 5F170F5A
.text C:\Programme\Windows Live\Messenger\msnmsgr.exe[1292] WININET.dll!HttpOpenRequestA 77192B29 6 Bytes JMP 5F4A0F5A
.text C:\Programme\Windows Live\Messenger\msnmsgr.exe[1292] WININET.dll!InternetCloseHandle 77194DBC 6 Bytes JMP 5F570F5A
.text C:\Programme\Windows Live\Messenger\msnmsgr.exe[1292] WININET.dll!HttpQueryInfoA 7719792A 6 Bytes JMP 5F4D0F5A
.text C:\Programme\Windows Live\Messenger\msnmsgr.exe[1292] WININET.dll!InternetReadFile 77197C3F 6 Bytes JMP 5F540F5A
.text C:\Programme\Windows Live\Messenger\msnmsgr.exe[1292] WININET.dll!GetUrlCacheEntryInfoExW 771A68ED 6 Bytes JMP 5F5A0F5A
---- Kernel IAT/EAT - GMER 1.0.15 ----
IAT atapi.sys[HAL.dll!READ_PORT_UCHAR] [F72D5046] spfs.sys
IAT atapi.sys[HAL.dll!READ_PORT_BUFFER_USHORT] [F72D5142] spfs.sys
IAT atapi.sys[HAL.dll!READ_PORT_USHORT] [F72D50C4] spfs.sys
IAT atapi.sys[HAL.dll!WRITE_PORT_BUFFER_USHORT] [F72D57CE] spfs.sys
IAT atapi.sys[HAL.dll!WRITE_PORT_UCHAR] [F72D56A4] spfs.sys
IAT \SystemRoot\system32\DRIVERS\i8042prt.sys[HAL.dll!READ_PORT_UCHAR] [F72E0D7A] spfs.sys
IAT \SystemRoot\System32\Drivers\ahvjsguc.SYS[HAL.dll!KfAcquireSpinLock] 0A64D90F
IAT \SystemRoot\System32\Drivers\ahvjsguc.SYS[HAL.dll!READ_PORT_UCHAR] 046FD406
IAT \SystemRoot\System32\Drivers\ahvjsguc.SYS[HAL.dll!KeGetCurrentIrql] 1672C31D
IAT \SystemRoot\System32\Drivers\ahvjsguc.SYS[HAL.dll!KfRaiseIrql] 1879CE14
IAT \SystemRoot\System32\Drivers\ahvjsguc.SYS[HAL.dll!KfLowerIrql] 3248ED2B
IAT \SystemRoot\System32\Drivers\ahvjsguc.SYS[HAL.dll!HalGetInterruptVector] 3C43E022
IAT \SystemRoot\System32\Drivers\ahvjsguc.SYS[HAL.dll!HalTranslateBusAddress] 2E5EF739
IAT \SystemRoot\System32\Drivers\ahvjsguc.SYS[HAL.dll!KeStallExecutionProcessor] 2055FA30
IAT \SystemRoot\System32\Drivers\ahvjsguc.SYS[HAL.dll!KfReleaseSpinLock] EC01B79A
IAT \SystemRoot\System32\Drivers\ahvjsguc.SYS[HAL.dll!READ_PORT_BUFFER_USHORT] E20ABA93
IAT \SystemRoot\System32\Drivers\ahvjsguc.SYS[HAL.dll!READ_PORT_USHORT] F017AD88
IAT \SystemRoot\System32\Drivers\ahvjsguc.SYS[HAL.dll!WRITE_PORT_BUFFER_USHORT] FE1CA081
IAT \SystemRoot\System32\Drivers\ahvjsguc.SYS[HAL.dll!WRITE_PORT_UCHAR] D42D83BE
IAT \SystemRoot\System32\Drivers\ahvjsguc.SYS[WMILIB.SYS!WmiSystemControl] C83B99AC
IAT \SystemRoot\System32\Drivers\ahvjsguc.SYS[WMILIB.SYS!WmiCompleteRequest] C63094A5
IAT \SystemRoot\system32\DRIVERS\raspppoe.sys[NDIS.SYS!NdisRegisterProtocol] [EDA283E0] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC)
IAT \SystemRoot\system32\DRIVERS\raspppoe.sys[NDIS.SYS!NdisOpenAdapter] [EDA28900] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC)
IAT \SystemRoot\system32\DRIVERS\raspppoe.sys[NDIS.SYS!NdisCloseAdapter] [EDA28A60] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC)
IAT \SystemRoot\system32\DRIVERS\raspppoe.sys[NDIS.SYS!NdisDeregisterProtocol] [EDA28550] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC)
IAT \SystemRoot\system32\DRIVERS\psched.sys[NDIS.SYS!NdisDeregisterProtocol] [EDA28550] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC)
IAT \SystemRoot\system32\DRIVERS\psched.sys[NDIS.SYS!NdisRegisterProtocol] [EDA283E0] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC)
IAT \SystemRoot\system32\DRIVERS\psched.sys[NDIS.SYS!NdisOpenAdapter] [EDA28900] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC)
IAT \SystemRoot\system32\DRIVERS\psched.sys[NDIS.SYS!NdisCloseAdapter] [EDA28A60] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC)
IAT \SystemRoot\System32\Drivers\NDProxy.SYS[NDIS.SYS!NdisRegisterProtocol] [EDA283E0] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC)
IAT \SystemRoot\System32\Drivers\NDProxy.SYS[NDIS.SYS!NdisCloseAdapter] [EDA28A60] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC)
IAT \SystemRoot\System32\Drivers\NDProxy.SYS[NDIS.SYS!NdisOpenAdapter] [EDA28900] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC)
IAT \SystemRoot\System32\Drivers\NDProxy.SYS[NDIS.SYS!NdisDeregisterProtocol] [EDA28550] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC)
IAT \SystemRoot\system32\DRIVERS\tcpip.sys[NDIS.SYS!NdisCloseAdapter] [EDA28A60] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC)
IAT \SystemRoot\system32\DRIVERS\tcpip.sys[NDIS.SYS!NdisOpenAdapter] [EDA28900] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC)
IAT \SystemRoot\system32\DRIVERS\tcpip.sys[NDIS.SYS!NdisRegisterProtocol] [EDA283E0] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC)
IAT \SystemRoot\system32\DRIVERS\wanarp.sys[NDIS.SYS!NdisDeregisterProtocol] [EDA28550] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC)
IAT \SystemRoot\system32\DRIVERS\wanarp.sys[NDIS.SYS!NdisRegisterProtocol] [EDA283E0] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC)
IAT \SystemRoot\system32\DRIVERS\wanarp.sys[NDIS.SYS!NdisOpenAdapter] [EDA28900] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC)
IAT \SystemRoot\system32\DRIVERS\wanarp.sys[NDIS.SYS!NdisCloseAdapter] [EDA28A60] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC)
IAT \SystemRoot\system32\DRIVERS\arp1394.sys[NDIS.SYS!NdisCloseAdapter] [EDA28A60] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC)
IAT \SystemRoot\system32\DRIVERS\arp1394.sys[NDIS.SYS!NdisOpenAdapter] [EDA28900] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC)
IAT \SystemRoot\system32\DRIVERS\arp1394.sys[NDIS.SYS!NdisDeregisterProtocol] [EDA28550] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC)
IAT \SystemRoot\system32\DRIVERS\arp1394.sys[NDIS.SYS!NdisRegisterProtocol] [EDA283E0] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC)
IAT \SystemRoot\system32\DRIVERS\ndisuio.sys[NDIS.SYS!NdisRegisterProtocol] [EDA283E0] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC)
IAT \SystemRoot\system32\DRIVERS\ndisuio.sys[NDIS.SYS!NdisDeregisterProtocol] [EDA28550] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC)
IAT \SystemRoot\system32\DRIVERS\ndisuio.sys[NDIS.SYS!NdisCloseAdapter] [EDA28A60] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC)
IAT \SystemRoot\system32\DRIVERS\ndisuio.sys[NDIS.SYS!NdisOpenAdapter] [EDA28900] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC)
---- Devices - GMER 1.0.15 ----
Device \FileSystem\Ntfs \Ntfs 84BD61F8
Device \Driver\Tcpip \Device\Ip vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC)
Device \Driver\Tcpip \Device\Ip GDTdiIcpt.sys
Device \Driver\NetBT \Device\NetBT_Tcpip_{BB0B098E-F56B-4E4C-BF56-935C27C1FEEC} 840E81F8
Device \Driver\usbohci \Device\USBPDO-0 849C71F8
Device \Driver\dmio \Device\DmControl\DmIoDaemon 84BDA1F8
Device \Driver\dmio \Device\DmControl\DmConfig 84BDA1F8
Device \Driver\dmio \Device\DmControl\DmPnP 84BDA1F8
Device \Driver\dmio \Device\DmControl\DmInfo 84BDA1F8
Device \Driver\usbohci \Device\USBPDO-1 849C71F8
Device \Driver\usbehci \Device\USBPDO-2 849C61F8
Device \Driver\Tcpip \Device\Tcp vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC)
Device \Driver\Tcpip \Device\Tcp GDTdiIcpt.sys
Device \Driver\PCI_PNP2170 \Device\00000056 spfs.sys
Device \Driver\PCI_PNP2170 \Device\00000056 spfs.sys
Device \Driver\Ftdisk \Device\HarddiskVolume1 84B6A1F8
Device \Driver\Cdrom \Device\CdRom0 8498C1F8
Device \Driver\Cdrom \Device\CdRom1 8498C1F8
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 84B691F8
Device \Driver\atapi \Device\Ide\IdePort0 84B691F8
Device \Driver\atapi \Device\Ide\IdePort1 84B691F8
Device \Driver\atapi \Device\Ide\IdePort2 84B691F8
Device \Driver\atapi \Device\Ide\IdePort3 84B691F8
Device \Driver\atapi \Device\Ide\IdeDeviceP2T0L0-12 84B691F8
Device \Driver\NetBT \Device\NetBT_Tcpip_{0A2EE08F-70F9-41F1-8B4D-31B4C7091D1E} 840E81F8
Device \Driver\NetBT \Device\NetBt_Wins_Export 840E81F8
Device \Driver\sptd \Device\540485920 spfs.sys
Device \Driver\NetBT \Device\NetbiosSmb 840E81F8
Device \Driver\Tcpip \Device\Udp vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC)
Device \Driver\Tcpip \Device\Udp GDTdiIcpt.sys
Device \Driver\Tcpip \Device\RawIp vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC)
Device \Driver\Tcpip \Device\RawIp GDTdiIcpt.sys
Device \Driver\usbohci \Device\USBFDO-0 849C71F8
Device \Driver\usbohci \Device\USBFDO-1 849C71F8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver 83F711F8
Device \Driver\Tcpip \Device\IPMULTICAST vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC)
Device \Driver\Tcpip \Device\IPMULTICAST GDTdiIcpt.sys
Device \Driver\usbehci \Device\USBFDO-2 849C61F8
Device \FileSystem\MRxSmb \Device\LanmanRedirector 83F711F8
Device \Driver\Ftdisk \Device\FtControl 84B6A1F8
Device \Driver\ahvjsguc \Device\Scsi\ahvjsguc1 848BA1F8
Device \Driver\ahvjsguc \Device\Scsi\ahvjsguc1Port6Path0Target0Lun0 848BA1F8
Device \FileSystem\Cdfs \Cdfs 847CE398
---- Registry - GMER 1.0.15 ----
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s1 771343423
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s2 285507792
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@h0 1
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 C:\Programme\DAEMON Tools Lite\
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0x38 0xD1 0xCA 0x80 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0x9A 0xB2 0xA4 0x5E ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0x38 0x67 0xC3 0x25 ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 C:\Programme\DAEMON Tools Lite\
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0x38 0xD1 0xCA 0x80 ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0x9A 0xB2 0xA4 0x5E ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0x38 0x67 0xC3 0x25 ...
---- EOF - GMER 1.0.15 ----
Code:
ATTFilter ROOTREPEAL (c) AD, 2007-2009
==================================================
Scan Start Time: 2010/08/20 14:23
Program Version: Version 1.3.5.0
Windows Version: Windows XP Media Center Edition SP2
==================================================
Drivers
-------------------
Name: 1394BUS.SYS
Image Path: C:\WINDOWS\system32\DRIVERS\1394BUS.SYS
Address: 0xF74E2000 Size: 53248 File Visible: - Signed: -
Status: -
Name: ACPI.sys
Image Path: ACPI.sys
Address: 0xF728C000 Size: 188800 File Visible: - Signed: -
Status: -
Name: ACPI_HAL
Image Path: \Driver\ACPI_HAL
Address: 0x804D7000 Size: 2150400 File Visible: - Signed: -
Status: -
Name: ACPIEC.sys
Image Path: ACPIEC.sys
Address: 0xF78EE000 Size: 12160 File Visible: - Signed: -
Status: -
Name: afd.sys
Image Path: C:\WINDOWS\System32\drivers\afd.sys
Address: 0xED9CF000 Size: 138368 File Visible: - Signed: -
Status: -
Name: agnyrfow.sys
Image Path: C:\DOKUME~1\Sarah\LOKALE~1\Temp\agnyrfow.sys
Address: 0xBA0E9000 Size: 93056 File Visible: No Signed: -
Status: -
Name: ahvjsguc.SYS
Image Path: C:\WINDOWS\System32\Drivers\ahvjsguc.SYS
Address: 0xF61A0000 Size: 413696 File Visible: - Signed: -
Status: -
Name: AmdK8.sys
Image Path: C:\WINDOWS\system32\DRIVERS\AmdK8.sys
Address: 0xF75A2000 Size: 65536 File Visible: - Signed: -
Status: -
Name: ar5211.sys
Image Path: C:\WINDOWS\system32\DRIVERS\ar5211.sys
Address: 0xF6219000 Size: 488992 File Visible: - Signed: -
Status: -
Name: arp1394.sys
Image Path: C:\WINDOWS\system32\DRIVERS\arp1394.sys
Address: 0xF76D2000 Size: 60800 File Visible: - Signed: -
Status: -
Name: ASCTRM.SYS
Image Path: C:\WINDOWS\System32\Drivers\ASCTRM.SYS
Address: 0xF79F4000 Size: 7488 File Visible: - Signed: -
Status: -
Name: asyncmac.sys
Image Path: C:\WINDOWS\system32\DRIVERS\asyncmac.sys
Address: 0xF6B67000 Size: 14336 File Visible: - Signed: -
Status: -
Name: atapi.sys
Image Path: atapi.sys
Address: 0xF721E000 Size: 98304 File Visible: - Signed: -
Status: -
Name: atapi.sys
Image Path: atapi.sys
Address: 0x00000000 Size: 0 File Visible: - Signed: -
Status: -
Name: ati2cqag.dll
Image Path: C:\WINDOWS\System32\ati2cqag.dll
Address: 0xBF055000 Size: 282624 File Visible: - Signed: -
Status: -
Name: ati2dvag.dll
Image Path: C:\WINDOWS\System32\ati2dvag.dll
Address: 0xBF012000 Size: 274432 File Visible: - Signed: -
Status: -
Name: ati2mtag.sys
Image Path: C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
Address: 0xF6310000 Size: 1597440 File Visible: - Signed: -
Status: -
Name: ati3duag.dll
Image Path: C:\WINDOWS\System32\ati3duag.dll
Address: 0xBF0D0000 Size: 2695168 File Visible: - Signed: -
Status: -
Name: atikvmag.dll
Image Path: C:\WINDOWS\System32\atikvmag.dll
Address: 0xBF09A000 Size: 221184 File Visible: - Signed: -
Status: -
Name: ativvaxx.dll
Image Path: C:\WINDOWS\System32\ativvaxx.dll
Address: 0xBF362000 Size: 1409024 File Visible: - Signed: -
Status: -
Name: audstub.sys
Image Path: C:\WINDOWS\system32\DRIVERS\audstub.sys
Address: 0xF7B76000 Size: 3072 File Visible: - Signed: -
Status: -
Name: avgio.sys
Image Path: C:\Programme\Avira\AntiVir PersonalEdition Classic\avgio.sys
Address: 0xF7A5E000 Size: 6144 File Visible: - Signed: -
Status: -
Name: avgntflt.sys
Image Path: C:\Programme\Avira\AntiVir PersonalEdition Classic\avgntflt.sys
Address: 0xEB258000 Size: 81920 File Visible: - Signed: -
Status: -
Name: avipbb.sys
Image Path: C:\WINDOWS\system32\DRIVERS\avipbb.sys
Address: 0xED85C000 Size: 69632 File Visible: - Signed: -
Status: -
Name: BATTC.SYS
Image Path: C:\WINDOWS\system32\DRIVERS\BATTC.SYS
Address: 0xF78EA000 Size: 16384 File Visible: - Signed: -
Status: -
Name: Beep.SYS
Image Path: C:\WINDOWS\System32\Drivers\Beep.SYS
Address: 0xF7A10000 Size: 4224 File Visible: - Signed: -
Status: -
Name: BOOTVID.dll
Image Path: C:\WINDOWS\system32\BOOTVID.dll
Address: 0xF78E2000 Size: 12288 File Visible: - Signed: -
Status: -
Name: Cdfs.SYS
Image Path: C:\WINDOWS\System32\Drivers\Cdfs.SYS
Address: 0xF6506000 Size: 63744 File Visible: - Signed: -
Status: -
Name: cdrom.sys
Image Path: C:\WINDOWS\system32\DRIVERS\cdrom.sys
Address: 0xF75D2000 Size: 49536 File Visible: - Signed: -
Status: -
Name: CLASSPNP.SYS
Image Path: C:\WINDOWS\system32\drivers\CLASSPNP.SYS
Address: 0xF7532000 Size: 53248 File Visible: - Signed: -
Status: -
Name: CmBatt.sys
Image Path: C:\WINDOWS\system32\DRIVERS\CmBatt.sys
Address: 0xF6FC2000 Size: 14080 File Visible: - Signed: -
Status: -
Name: compbatt.sys
Image Path: compbatt.sys
Address: 0xF78E6000 Size: 9344 File Visible: - Signed: -
Status: -
Name: disk.sys
Image Path: disk.sys
Address: 0xF7542000 Size: 36352 File Visible: - Signed: -
Status: -
Name: dmio.sys
Image Path: dmio.sys
Address: 0xF7236000 Size: 154112 File Visible: - Signed: -
Status: -
Name: dmload.sys
Image Path: dmload.sys
Address: 0xF79D6000 Size: 5888 File Visible: - Signed: -
Status: -
Name: drmk.sys
Image Path: C:\WINDOWS\system32\drivers\drmk.sys
Address: 0xF76B2000 Size: 61440 File Visible: - Signed: -
Status: -
Name: dump_atapi.sys
Image Path: C:\WINDOWS\System32\Drivers\dump_atapi.sys
Address: 0xED844000 Size: 98304 File Visible: No Signed: -
Status: -
Name: dump_WMILIB.SYS
Image Path: C:\WINDOWS\System32\Drivers\dump_WMILIB.SYS
Address: 0xF79DC000 Size: 8192 File Visible: No Signed: -
Status: -
Name: Dxapi.sys
Image Path: C:\WINDOWS\System32\drivers\Dxapi.sys
Address: 0xED889000 Size: 12288 File Visible: - Signed: -
Status: -
Name: dxg.sys
Image Path: C:\WINDOWS\System32\drivers\dxg.sys
Address: 0xBF000000 Size: 73728 File Visible: - Signed: -
Status: -
Name: dxgthk.sys
Image Path: C:\WINDOWS\System32\drivers\dxgthk.sys
Address: 0xF7C1F000 Size: 4096 File Visible: - Signed: -
Status: -
Name: Fips.SYS
Image Path: C:\WINDOWS\System32\Drivers\Fips.SYS
Address: 0xF7702000 Size: 35072 File Visible: - Signed: -
Status: -
Name: fltMgr.sys
Image Path: fltMgr.sys
Address: 0xF70E7000 Size: 128896 File Visible: - Signed: -
Status: -
Name: Fs_Rec.SYS
Image Path: C:\WINDOWS\System32\Drivers\Fs_Rec.SYS
Address: 0xF7A0E000 Size: 7936 File Visible: - Signed: -
Status: -
Name: ftdisk.sys
Image Path: ftdisk.sys
Address: 0xF725C000 Size: 126336 File Visible: - Signed: -
Status: -
Name: GDTdiIcpt.sys
Image Path: C:\WINDOWS\system32\drivers\GDTdiIcpt.sys
Address: 0xF77D2000 Size: 28224 File Visible: - Signed: -
Status: -
Name: GEARAspiWDM.sys
Image Path: C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys
Address: 0xF78BA000 Size: 28672 File Visible: - Signed: -
Status: -
Name: hal.dll
Image Path: C:\WINDOWS\system32\hal.dll
Address: 0x806E4000 Size: 134272 File Visible: - Signed: -
Status: -
Name: HDAudBus.sys
Image Path: C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
Address: 0xF6291000 Size: 151552 File Visible: - Signed: -
Status: -
Name: HIDCLASS.SYS
Image Path: C:\WINDOWS\system32\DRIVERS\HIDCLASS.SYS
Address: 0xF7722000 Size: 36864 File Visible: - Signed: -
Status: -
Name: HIDPARSE.SYS
Image Path: C:\WINDOWS\system32\DRIVERS\HIDPARSE.SYS
Address: 0xF7842000 Size: 28672 File Visible: - Signed: -
Status: -
Name: hidusb.sys
Image Path: C:\WINDOWS\system32\DRIVERS\hidusb.sys
Address: 0xF60F7000 Size: 9600 File Visible: - Signed: -
Status: -
Name: HTTP.sys
Image Path: C:\WINDOWS\System32\Drivers\HTTP.sys
Address: 0xEB00B000 Size: 263552 File Visible: - Signed: -
Status: -
Name: i8042prt.sys
Image Path: C:\WINDOWS\system32\DRIVERS\i8042prt.sys
Address: 0xF75F2000 Size: 53248 File Visible: - Signed: -
Status: -
Name: iaStor.sys
Image Path: iaStor.sys
Address: 0xF7148000 Size: 876544 File Visible: - Signed: -
Status: -
Name: iaStor.sys
Image Path: iaStor.sys
Address: 0x00000000 Size: 0 File Visible: - Signed: -
Status: -
Name: imapi.sys
Image Path: C:\WINDOWS\system32\DRIVERS\imapi.sys
Address: 0xF75C2000 Size: 41856 File Visible: - Signed: -
Status: -
Name: ipsec.sys
Image Path: C:\WINDOWS\system32\DRIVERS\ipsec.sys
Address: 0xEDAF9000 Size: 74752 File Visible: - Signed: -
Status: -
Name: isapnp.sys
Image Path: isapnp.sys
Address: 0xF74F2000 Size: 36224 File Visible: - Signed: -
Status: -
Name: kbdclass.sys
Image Path: C:\WINDOWS\system32\DRIVERS\kbdclass.sys
Address: 0xF78C2000 Size: 25216 File Visible: - Signed: -
Status: -
Name: KDCOM.DLL
Image Path: C:\WINDOWS\system32\KDCOM.DLL
Address: 0xF79D2000 Size: 8192 File Visible: - Signed: -
Status: -
Name: ks.sys
Image Path: C:\WINDOWS\system32\DRIVERS\ks.sys
Address: 0xF62B6000 Size: 143360 File Visible: - Signed: -
Status: -
Name: KSecDD.sys
Image Path: KSecDD.sys
Address: 0xF70BE000 Size: 92544 File Visible: - Signed: -
Status: -
Name: mnmdd.SYS
Image Path: C:\WINDOWS\System32\Drivers\mnmdd.SYS
Address: 0xF7A14000 Size: 4224 File Visible: - Signed: -
Status: -
Name: Modem.SYS
Image Path: C:\WINDOWS\System32\Drivers\Modem.SYS
Address: 0xF7822000 Size: 30336 File Visible: - Signed: -
Status: -
Name: mouclass.sys
Image Path: C:\WINDOWS\system32\DRIVERS\mouclass.sys
Address: 0xF78CA000 Size: 23552 File Visible: - Signed: -
Status: -
Name: mouhid.sys
Image Path: C:\WINDOWS\system32\DRIVERS\mouhid.sys
Address: 0xF60F3000 Size: 12288 File Visible: - Signed: -
Status: -
Name: MountMgr.sys
Image Path: MountMgr.sys
Address: 0xF7502000 Size: 42240 File Visible: - Signed: -
Status: -
Name: mrxdav.sys
Image Path: C:\WINDOWS\system32\DRIVERS\mrxdav.sys
Address: 0xEB1B4000 Size: 179584 File Visible: - Signed: -
Status: -
Name: mrxsmb.sys
Image Path: C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
Address: 0xED895000 Size: 454016 File Visible: - Signed: -
Status: -
Name: Msfs.SYS
Image Path: C:\WINDOWS\System32\Drivers\Msfs.SYS
Address: 0xF787A000 Size: 19072 File Visible: - Signed: -
Status: -
Name: msgpc.sys
Image Path: C:\WINDOWS\system32\DRIVERS\msgpc.sys
Address: 0xF7642000 Size: 35072 File Visible: - Signed: -
Status: -
Name: mssmbios.sys
Image Path: C:\WINDOWS\system32\DRIVERS\mssmbios.sys
Address: 0xF79A6000 Size: 15488 File Visible: - Signed: -
Status: -
Name: Mup.sys
Image Path: Mup.sys
Address: 0xF6FEA000 Size: 104704 File Visible: - Signed: -
Status: -
Name: NDIS.sys
Image Path: NDIS.sys
Address: 0xF7004000 Size: 182912 File Visible: - Signed: -
Status: -
Name: ndistapi.sys
Image Path: C:\WINDOWS\system32\DRIVERS\ndistapi.sys
Address: 0xF6F7E000 Size: 9600 File Visible: - Signed: -
Status: -
Name: ndisuio.sys
Image Path: C:\WINDOWS\system32\DRIVERS\ndisuio.sys
Address: 0xEB614000 Size: 14592 File Visible: - Signed: -
Status: -
Name: ndiswan.sys
Image Path: C:\WINDOWS\system32\DRIVERS\ndiswan.sys
Address: 0xF613D000 Size: 91776 File Visible: - Signed: -
Status: -
Name: NDProxy.SYS
Image Path: C:\WINDOWS\System32\Drivers\NDProxy.SYS
Address: 0xF7662000 Size: 38016 File Visible: - Signed: -
Status: -
Name: netbios.sys
Image Path: C:\WINDOWS\system32\DRIVERS\netbios.sys
Address: 0xF76E2000 Size: 34560 File Visible: - Signed: -
Status: -
Name: netbt.sys
Image Path: C:\WINDOWS\system32\DRIVERS\netbt.sys
Address: 0xEDA50000 Size: 162816 File Visible: - Signed: -
Status: -
Name: nic1394.sys
Image Path: C:\WINDOWS\system32\DRIVERS\nic1394.sys
Address: 0xF7602000 Size: 61824 File Visible: - Signed: -
Status: -
Name: Npfs.SYS
Image Path: C:\WINDOWS\System32\Drivers\Npfs.SYS
Address: 0xF7852000 Size: 30848 File Visible: - Signed: -
Status: -
Name: Ntfs.sys
Image Path: Ntfs.sys
Address: 0xF7031000 Size: 574464 File Visible: - Signed: -
Status: -
Name: ntkrnlpa.exe
Image Path: C:\WINDOWS\system32\ntkrnlpa.exe
Address: 0x804D7000 Size: 2150400 File Visible: - Signed: -
Status: -
Name: Null.SYS
Image Path: C:\WINDOWS\System32\Drivers\Null.SYS
Address: 0xF7B46000 Size: 2944 File Visible: - Signed: -
Status: -
Name: nvatabus.sys
Image Path: nvatabus.sys
Address: 0xF7131000 Size: 94208 File Visible: - Signed: -
Status: -
Name: nvatabus.sys
Image Path: nvatabus.sys
Address: 0x00000000 Size: 0 File Visible: - Signed: -
Status: -
Name: nvraid.sys
Image Path: nvraid.sys
Address: 0xF711E000 Size: 77056 File Visible: - Signed: -
Status: -
Name: o2media.sys
Image Path: o2media.sys
Address: 0xF7522000 Size: 34880 File Visible: - Signed: -
Status: -
Name: o2sd.sys
Image Path: o2sd.sys
Address: 0xF7762000 Size: 29056 File Visible: - Signed: -
Status: -
Name: ohci1394.sys
Image Path: ohci1394.sys
Address: 0xF74D2000 Size: 61056 File Visible: - Signed: -
Status: -
Name: OPRGHDLR.SYS
Image Path: C:\WINDOWS\system32\DRIVERS\OPRGHDLR.SYS
Address: 0xF7A9B000 Size: 4096 File Visible: - Signed: -
Status: -
Name: PartMgr.sys
Image Path: PartMgr.sys
Address: 0xF775A000 Size: 18688 File Visible: - Signed: -
Status: -
Name: pci.sys
Image Path: pci.sys
Address: 0xF727B000 Size: 68224 File Visible: - Signed: -
Status: -
Name: PCI_PNP2170
Image Path: \Driver\PCI_PNP2170
Address: 0x00000000 Size: 0 File Visible: No Signed: -
Status: -
Name: pciide.sys
Image Path: pciide.sys
Address: 0xF7A9A000 Size: 3328 File Visible: - Signed: -
Status: -
Name: PCIIDEX.SYS
Image Path: C:\WINDOWS\system32\DRIVERS\PCIIDEX.SYS
Address: 0xF7752000 Size: 28672 File Visible: - Signed: -
Status: -
Name: plcndis5.sys
Image Path: C:\WINDOWS\system32\plcndis5.sys
Address: 0xF77DA000 Size: 17280 File Visible: - Signed: -
Status: -
Name: PnpManager
Image Path: \Driver\PnpManager
Address: 0x804D7000 Size: 2150400 File Visible: - Signed: -
Status: -
Name: portcls.sys
Image Path: C:\WINDOWS\system32\drivers\portcls.sys
Address: 0xEDB2C000 Size: 139264 File Visible: - Signed: -
Status: -
Name: psched.sys
Image Path: C:\WINDOWS\system32\DRIVERS\psched.sys
Address: 0xF612C000 Size: 69120 File Visible: - Signed: -
Status: -
Name: ptilink.sys
Image Path: C:\WINDOWS\system32\DRIVERS\ptilink.sys
Address: 0xF780A000 Size: 17792 File Visible: - Signed: -
Status: -
Name: PxHelp20.sys
Image Path: PxHelp20.sys
Address: 0xF7552000 Size: 35712 File Visible: - Signed: -
Status: -
Name: rasacd.sys
Image Path: C:\WINDOWS\system32\DRIVERS\rasacd.sys
Address: 0xF6FAA000 Size: 8832 File Visible: - Signed: -
Status: -
Name: rasl2tp.sys
Image Path: C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
Address: 0xF7612000 Size: 51328 File Visible: - Signed: -
Status: -
Name: raspppoe.sys
Image Path: C:\WINDOWS\system32\DRIVERS\raspppoe.sys
Address: 0xF7622000 Size: 41472 File Visible: - Signed: -
Status: -
Name: raspptp.sys
Image Path: C:\WINDOWS\system32\DRIVERS\raspptp.sys
Address: 0xF7632000 Size: 48384 File Visible: - Signed: -
Status: -
Name: raspti.sys
Image Path: C:\WINDOWS\system32\DRIVERS\raspti.sys
Address: 0xF7812000 Size: 16512 File Visible: - Signed: -
Status: -
Name: RAW
Image Path: \FileSystem\RAW
Address: 0x804D7000 Size: 2150400 File Visible: - Signed: -
Status: -
Name: rdbss.sys
Image Path: C:\WINDOWS\system32\DRIVERS\rdbss.sys
Address: 0xED904000 Size: 174592 File Visible: - Signed: -
Status: -
Name: RDPCDD.sys
Image Path: C:\WINDOWS\System32\DRIVERS\RDPCDD.sys
Address: 0xF7A16000 Size: 4224 File Visible: - Signed: -
Status: -
Name: rdpdr.sys
Image Path: C:\WINDOWS\system32\DRIVERS\rdpdr.sys
Address: 0xF60FB000 Size: 196864 File Visible: - Signed: -
Status: -
Name: redbook.sys
Image Path: C:\WINDOWS\system32\DRIVERS\redbook.sys
Address: 0xF75E2000 Size: 57600 File Visible: - Signed: -
Status: -
Name: rootrepeal.sys
Image Path: C:\WINDOWS\system32\drivers\rootrepeal.sys
Address: 0xF6F3A000 Size: 49152 File Visible: No Signed: -
Status: -
Name: RtkHDAud.sys
Image Path: C:\WINDOWS\system32\drivers\RtkHDAud.sys
Address: 0xEDB4E000 Size: 4415488 File Visible: - Signed: -
Status: -
Name: Rtnicxp.sys
Image Path: C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys
Address: 0xF6205000 Size: 81408 File Visible: - Signed: -
Status: -
Name: SCSIPORT.SYS
Image Path: C:\WINDOWS\System32\Drivers\SCSIPORT.SYS
Address: 0xF72BB000 Size: 98304 File Visible: - Signed: -
Status: -
Name: SiSRaid2.sys
Image Path: SiSRaid2.sys
Address: 0xF776A000 Size: 30976 File Visible: - Signed: -
Status: -
Name: smserial.sys
Image Path: C:\WINDOWS\system32\DRIVERS\smserial.sys
Address: 0xEDF84000 Size: 862272 File Visible: - Signed: -
Status: -
Name: spfs.sys
Image Path: spfs.sys
Address: 0xF72D3000 Size: 1040384 File Visible: No Signed: -
Status: -
Name: sptd
Image Path: \Driver\sptd
Address: 0x00000000 Size: 0 File Visible: No Signed: -
Status: -
Name: sr.sys
Image Path: sr.sys
Address: 0xF70D5000 Size: 73472 File Visible: - Signed: -
Status: -
Name: srescan.sys
Image Path: srescan.sys
Address: 0xF7562000 Size: 45056 File Visible: No Signed: -
Status: -
Name: srv.sys
Image Path: C:\WINDOWS\system32\DRIVERS\srv.sys
Address: 0xF6EA3000 Size: 352640 File Visible: - Signed: -
Status: -
Name: ssmdrv.sys
Image Path: C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
Address: 0xF785A000 Size: 21248 File Visible: - Signed: -
Status: -
Name: swenum.sys
Image Path: C:\WINDOWS\system32\DRIVERS\swenum.sys
Address: 0xF7A06000 Size: 4352 File Visible: - Signed: -
Status: -
Name: sysaudio.sys
Image Path: C:\WINDOWS\system32\drivers\sysaudio.sys
Address: 0xEB50C000 Size: 60800 File Visible: - Signed: -
Status: -
Name: tcpip.sys
Image Path: C:\WINDOWS\system32\DRIVERS\tcpip.sys
Address: 0xEDAA0000 Size: 360960 File Visible: - Signed: -
Status: -
Name: TDI.SYS
Image Path: C:\WINDOWS\system32\DRIVERS\TDI.SYS
Address: 0xF77F2000 Size: 20480 File Visible: - Signed: -
Status: -
Name: termdd.sys
Image Path: C:\WINDOWS\system32\DRIVERS\termdd.sys
Address: 0xF7652000 Size: 40704 File Visible: - Signed: -
Status: -
Name: update.sys
Image Path: C:\WINDOWS\system32\DRIVERS\update.sys
Address: 0xF609F000 Size: 209408 File Visible: - Signed: -
Status: -
Name: USBD.SYS
Image Path: C:\WINDOWS\system32\DRIVERS\USBD.SYS
Address: 0xF7A0A000 Size: 8192 File Visible: - Signed: -
Status: -
Name: usbehci.sys
Image Path: C:\WINDOWS\system32\DRIVERS\usbehci.sys
Address: 0xF78B2000 Size: 30080 File Visible: - Signed: -
Status: -
Name: usbhub.sys
Image Path: C:\WINDOWS\system32\DRIVERS\usbhub.sys
Address: 0xF7692000 Size: 57856 File Visible: - Signed: -
Status: -
Name: usbohci.sys
Image Path: C:\WINDOWS\system32\DRIVERS\usbohci.sys
Address: 0xF78AA000 Size: 17152 File Visible: - Signed: -
Status: -
Name: USBPORT.SYS
Image Path: C:\WINDOWS\system32\DRIVERS\USBPORT.SYS
Address: 0xF62D9000 Size: 143360 File Visible: - Signed: -
Status: -
Name: vga.sys
Image Path: C:\WINDOWS\System32\drivers\vga.sys
Address: 0xF784A000 Size: 20992 File Visible: - Signed: -
Status: -
Name: viamraid.sys
Image Path: viamraid.sys
Address: 0xF7107000 Size: 92672 File Visible: - Signed: -
Status: -
Name: VIDEOPRT.SYS
Image Path: C:\WINDOWS\system32\DRIVERS\VIDEOPRT.SYS
Address: 0xF62FC000 Size: 81920 File Visible: - Signed: -
Status: -
Name: VolSnap.sys
Image Path: VolSnap.sys
Address: 0xF7512000 Size: 53760 File Visible: - Signed: -
Status: -
Name: vsdatant.sys
Image Path: C:\WINDOWS\System32\vsdatant.sys
Address: 0xED9F1000 Size: 386688 File Visible: - Signed: -
Status: -
Name: wanarp.sys
Image Path: C:\WINDOWS\system32\DRIVERS\wanarp.sys
Address: 0xF76C2000 Size: 34560 File Visible: - Signed: -
Status: -
Name: watchdog.sys
Image Path: C:\WINDOWS\System32\watchdog.sys
Address: 0xF78D2000 Size: 20480 File Visible: - Signed: -
Status: -
Name: wdmaud.sys
Image Path: C:\WINDOWS\system32\drivers\wdmaud.sys
Address: 0xF6A62000 Size: 82944 File Visible: - Signed: -
Status: -
Name: Win32k
Image Path: \Driver\Win32k
Address: 0xBF800000 Size: 1851392 File Visible: - Signed: -
Status: -
Name: win32k.sys
Image Path: C:\WINDOWS\System32\win32k.sys
Address: 0xBF800000 Size: 1851392 File Visible: - Signed: -
Status: -
Name: WMILIB.SYS
Image Path: C:\WINDOWS\System32\Drivers\WMILIB.SYS
Address: 0xF79D4000 Size: 8192 File Visible: - Signed: -
Status: -
Name: WMIxWDM
Image Path: \Driver\WMIxWDM
Address: 0x804D7000 Size: 2150400 File Visible: - Signed: -
Status: -
Code:
ATTFilter ROOTREPEAL (c) AD, 2007-2009
==================================================
Scan Start Time: 2010/08/20 14:24
Program Version: Version 1.3.5.0
Windows Version: Windows XP Media Center Edition SP2
==================================================
Stealth Objects
-------------------
Object: Hidden Code [Driver: Ntfs, IRP_MJ_CREATE]
Process: System Address: 0x84bd61f8 Size: 121
Object: Hidden Code [Driver: Ntfs, IRP_MJ_CLOSE]
Process: System Address: 0x84bd61f8 Size: 121
Object: Hidden Code [Driver: Ntfs, IRP_MJ_READ]
Process: System Address: 0x84bd61f8 Size: 121
Object: Hidden Code [Driver: Ntfs, IRP_MJ_WRITE]
Process: System Address: 0x84bd61f8 Size: 121
Object: Hidden Code [Driver: Ntfs, IRP_MJ_QUERY_INFORMATION]
Process: System Address: 0x84bd61f8 Size: 121
Object: Hidden Code [Driver: Ntfs, IRP_MJ_SET_INFORMATION]
Process: System Address: 0x84bd61f8 Size: 121
Object: Hidden Code [Driver: Ntfs, IRP_MJ_QUERY_EA]
Process: System Address: 0x84bd61f8 Size: 121
Object: Hidden Code [Driver: Ntfs, IRP_MJ_SET_EA]
Process: System Address: 0x84bd61f8 Size: 121
Object: Hidden Code [Driver: Ntfs, IRP_MJ_FLUSH_BUFFERS]
Process: System Address: 0x84bd61f8 Size: 121
Object: Hidden Code [Driver: Ntfs, IRP_MJ_QUERY_VOLUME_INFORMATION]
Process: System Address: 0x84bd61f8 Size: 121
Object: Hidden Code [Driver: Ntfs, IRP_MJ_SET_VOLUME_INFORMATION]
Process: System Address: 0x84bd61f8 Size: 121
Object: Hidden Code [Driver: Ntfs, IRP_MJ_DIRECTORY_CONTROL]
Process: System Address: 0x84bd61f8 Size: 121
Object: Hidden Code [Driver: Ntfs, IRP_MJ_FILE_SYSTEM_CONTROL]
Process: System Address: 0x84bd61f8 Size: 121
Object: Hidden Code [Driver: Ntfs, IRP_MJ_DEVICE_CONTROL]
Process: System Address: 0x84bd61f8 Size: 121
Object: Hidden Code [Driver: Ntfs, IRP_MJ_SHUTDOWN]
Process: System Address: 0x84bd61f8 Size: 121
Object: Hidden Code [Driver: Ntfs, IRP_MJ_LOCK_CONTROL]
Process: System Address: 0x84bd61f8 Size: 121
Object: Hidden Code [Driver: Ntfs, IRP_MJ_CLEANUP]
Process: System Address: 0x84bd61f8 Size: 121
Object: Hidden Code [Driver: Ntfs, IRP_MJ_QUERY_SECURITY]
Process: System Address: 0x84bd61f8 Size: 121
Object: Hidden Code [Driver: Ntfs, IRP_MJ_SET_SECURITY]
Process: System Address: 0x84bd61f8 Size: 121
Object: Hidden Code [Driver: Ntfs, IRP_MJ_QUERY_QUOTA]
Process: System Address: 0x84bd61f8 Size: 121
Object: Hidden Code [Driver: Ntfs, IRP_MJ_SET_QUOTA]
Process: System Address: 0x84bd61f8 Size: 121
Object: Hidden Code [Driver: Ntfs, IRP_MJ_PNP]
Process: System Address: 0x84bd61f8 Size: 121
Object: Hidden Code [Driver: SiSRaid2, IRP_MJ_CREATE]
Process: System Address: 0x84b671f8 Size: 121
Object: Hidden Code [Driver: SiSRaid2, IRP_MJ_CLOSE]
Process: System Address: 0x84b671f8 Size: 121
Object: Hidden Code [Driver: SiSRaid2, IRP_MJ_DEVICE_CONTROL]
Process: System Address: 0x84b671f8 Size: 121
Object: Hidden Code [Driver: SiSRaid2, IRP_MJ_INTERNAL_DEVICE_CONTROL]
Process: System Address: 0x84b671f8 Size: 121
Object: Hidden Code [Driver: SiSRaid2, IRP_MJ_POWER]
Process: System Address: 0x84b671f8 Size: 121
Object: Hidden Code [Driver: SiSRaid2, IRP_MJ_SYSTEM_CONTROL]
Process: System Address: 0x84b671f8 Size: 121
Object: Hidden Code [Driver: SiSRaid2, IRP_MJ_PNP]
Process: System Address: 0x84b671f8 Size: 121
Object: Hidden Code [Driver: atapi, IRP_MJ_CREATE]
Process: System Address: 0x84b691f8 Size: 121
Object: Hidden Code [Driver: atapi, IRP_MJ_CLOSE]
Process: System Address: 0x84b691f8 Size: 121
Object: Hidden Code [Driver: atapi, IRP_MJ_DEVICE_CONTROL]
Process: System Address: 0x84b691f8 Size: 121
Object: Hidden Code [Driver: atapi, IRP_MJ_INTERNAL_DEVICE_CONTROL]
Process: System Address: 0x84b691f8 Size: 121
Object: Hidden Code [Driver: atapi, IRP_MJ_POWER]
Process: System Address: 0x84b691f8 Size: 121
Object: Hidden Code [Driver: atapi, IRP_MJ_SYSTEM_CONTROL]
Process: System Address: 0x84b691f8 Size: 121
Object: Hidden Code [Driver: atapi, IRP_MJ_PNP]
Process: System Address: 0x84b691f8 Size: 121
Object: Hidden Code [Driver: Cdrom, IRP_MJ_CREATE]
Process: System Address: 0x8498c1f8 Size: 121
Object: Hidden Code [Driver: Cdrom, IRP_MJ_CLOSE]
Process: System Address: 0x8498c1f8 Size: 121
Object: Hidden Code [Driver: Cdrom, IRP_MJ_READ]
Process: System Address: 0x8498c1f8 Size: 121
Object: Hidden Code [Driver: Cdrom, IRP_MJ_WRITE]
Process: System Address: 0x8498c1f8 Size: 121
Object: Hidden Code [Driver: Cdrom, IRP_MJ_FLUSH_BUFFERS]
Process: System Address: 0x8498c1f8 Size: 121
Object: Hidden Code [Driver: Cdrom, IRP_MJ_DEVICE_CONTROL]
Process: System Address: 0x8498c1f8 Size: 121
Object: Hidden Code [Driver: Cdrom, IRP_MJ_INTERNAL_DEVICE_CONTROL]
Process: System Address: 0x8498c1f8 Size: 121
Object: Hidden Code [Driver: Cdrom, IRP_MJ_SHUTDOWN]
Process: System Address: 0x8498c1f8 Size: 121
Object: Hidden Code [Driver: Cdrom, IRP_MJ_POWER]
Process: System Address: 0x8498c1f8 Size: 121
Object: Hidden Code [Driver: Cdrom, IRP_MJ_SYSTEM_CONTROL]
Process: System Address: 0x8498c1f8 Size: 121
Object: Hidden Code [Driver: Cdrom, IRP_MJ_PNP]
Process: System Address: 0x8498c1f8 Size: 121
Object: Hidden Code [Driver: dmio, IRP_MJ_CREATE]
Process: System Address: 0x84bda1f8 Size: 121
Object: Hidden Code [Driver: dmio, IRP_MJ_CLOSE]
Process: System Address: 0x84bda1f8 Size: 121
Object: Hidden Code [Driver: dmio, IRP_MJ_READ]
Process: System Address: 0x84bda1f8 Size: 121
Object: Hidden Code [Driver: dmio, IRP_MJ_WRITE]
Process: System Address: 0x84bda1f8 Size: 121
Object: Hidden Code [Driver: dmio, IRP_MJ_FLUSH_BUFFERS]
Process: System Address: 0x84bda1f8 Size: 121
Object: Hidden Code [Driver: dmio, IRP_MJ_DEVICE_CONTROL]
Process: System Address: 0x84bda1f8 Size: 121
Object: Hidden Code [Driver: dmio, IRP_MJ_INTERNAL_DEVICE_CONTROL]
Process: System Address: 0x84bda1f8 Size: 121
Object: Hidden Code [Driver: dmio, IRP_MJ_SHUTDOWN]
Process: System Address: 0x84bda1f8 Size: 121
Object: Hidden Code [Driver: dmio, IRP_MJ_POWER]
Process: System Address: 0x84bda1f8 Size: 121
Object: Hidden Code [Driver: dmio, IRP_MJ_SYSTEM_CONTROL]
Process: System Address: 0x84bda1f8 Size: 121
Object: Hidden Code [Driver: dmio, IRP_MJ_PNP]
Process: System Address: 0x84bda1f8 Size: 121
Object: Hidden Code [Driver: usbohci, IRP_MJ_CREATE]
Process: System Address: 0x849c71f8 Size: 121
Object: Hidden Code [Driver: usbohci, IRP_MJ_CLOSE]
Process: System Address: 0x849c71f8 Size: 121
Object: Hidden Code [Driver: usbohci, IRP_MJ_DEVICE_CONTROL]
Process: System Address: 0x849c71f8 Size: 121
Object: Hidden Code [Driver: usbohci, IRP_MJ_INTERNAL_DEVICE_CONTROL]
Process: System Address: 0x849c71f8 Size: 121
Object: Hidden Code [Driver: usbohci, IRP_MJ_POWER]
Process: System Address: 0x849c71f8 Size: 121
Object: Hidden Code [Driver: usbohci, IRP_MJ_SYSTEM_CONTROL]
Process: System Address: 0x849c71f8 Size: 121
Object: Hidden Code [Driver: usbohci, IRP_MJ_PNP]
Process: System Address: 0x849c71f8 Size: 121
Object: Hidden Code [Driver: ahvjsgucఆ剒敬a, IRP_MJ_CREATE]
Process: System Address: 0x848ba1f8 Size: 121
Object: Hidden Code [Driver: ahvjsgucఆ剒敬a, IRP_MJ_CLOSE]
Process: System Address: 0x848ba1f8 Size: 121
Object: Hidden Code [Driver: ahvjsgucఆ剒敬a, IRP_MJ_DEVICE_CONTROL]
Process: System Address: 0x848ba1f8 Size: 121
Object: Hidden Code [Driver: ahvjsgucఆ剒敬a, IRP_MJ_INTERNAL_DEVICE_CONTROL]
Process: System Address: 0x848ba1f8 Size: 121
Object: Hidden Code [Driver: ahvjsgucఆ剒敬a, IRP_MJ_POWER]
Process: System Address: 0x848ba1f8 Size: 121
Object: Hidden Code [Driver: ahvjsgucఆ剒敬a, IRP_MJ_SYSTEM_CONTROL]
Process: System Address: 0x848ba1f8 Size: 121
Object: Hidden Code [Driver: ahvjsgucఆ剒敬a, IRP_MJ_PNP]
Process: System Address: 0x848ba1f8 Size: 121
Object: Hidden Code [Driver: Ftdisk, IRP_MJ_CREATE]
Process: System Address: 0x84b6a1f8 Size: 121
Object: Hidden Code [Driver: Ftdisk, IRP_MJ_READ]
Process: System Address: 0x84b6a1f8 Size: 121
Object: Hidden Code [Driver: Ftdisk, IRP_MJ_WRITE]
Process: System Address: 0x84b6a1f8 Size: 121
Object: Hidden Code [Driver: Ftdisk, IRP_MJ_FLUSH_BUFFERS]
Process: System Address: 0x84b6a1f8 Size: 121
Object: Hidden Code [Driver: Ftdisk, IRP_MJ_DEVICE_CONTROL]
Process: System Address: 0x84b6a1f8 Size: 121
Object: Hidden Code [Driver: Ftdisk, IRP_MJ_INTERNAL_DEVICE_CONTROL]
Process: System Address: 0x84b6a1f8 Size: 121
Object: Hidden Code [Driver: Ftdisk, IRP_MJ_SHUTDOWN]
Process: System Address: 0x84b6a1f8 Size: 121
Object: Hidden Code [Driver: Ftdisk, IRP_MJ_CLEANUP]
Process: System Address: 0x84b6a1f8 Size: 121
Object: Hidden Code [Driver: Ftdisk, IRP_MJ_POWER]
Process: System Address: 0x84b6a1f8 Size: 121
Object: Hidden Code [Driver: Ftdisk, IRP_MJ_SYSTEM_CONTROL]
Process: System Address: 0x84b6a1f8 Size: 121
Object: Hidden Code [Driver: Ftdisk, IRP_MJ_PNP]
Process: System Address: 0x84b6a1f8 Size: 121
Object: Hidden Code [Driver: viamraid, IRP_MJ_CREATE]
Process: System Address: 0x84bd71f8 Size: 121
Object: Hidden Code [Driver: viamraid, IRP_MJ_CLOSE]
Process: System Address: 0x84bd71f8 Size: 121
Object: Hidden Code [Driver: viamraid, IRP_MJ_DEVICE_CONTROL]
Process: System Address: 0x84bd71f8 Size: 121
Object: Hidden Code [Driver: viamraid, IRP_MJ_INTERNAL_DEVICE_CONTROL]
Process: System Address: 0x84bd71f8 Size: 121
Object: Hidden Code [Driver: viamraid, IRP_MJ_POWER]
Process: System Address: 0x84bd71f8 Size: 121
Object: Hidden Code [Driver: viamraid, IRP_MJ_SYSTEM_CONTROL]
Process: System Address: 0x84bd71f8 Size: 121
Object: Hidden Code [Driver: viamraid, IRP_MJ_PNP]
Process: System Address: 0x84bd71f8 Size: 121
Object: Hidden Code [Driver: NetBT, IRP_MJ_CREATE]
Process: System Address: 0x840e81f8 Size: 121
Object: Hidden Code [Driver: NetBT, IRP_MJ_CLOSE]
Process: System Address: 0x840e81f8 Size: 121
Object: Hidden Code [Driver: NetBT, IRP_MJ_DEVICE_CONTROL]
Process: System Address: 0x840e81f8 Size: 121
Object: Hidden Code [Driver: NetBT, IRP_MJ_INTERNAL_DEVICE_CONTROL]
Process: System Address: 0x840e81f8 Size: 121
Object: Hidden Code [Driver: NetBT, IRP_MJ_CLEANUP]
Process: System Address: 0x840e81f8 Size: 121
Object: Hidden Code [Driver: NetBT, IRP_MJ_PNP]
Process: System Address: 0x840e81f8 Size: 121
Object: Hidden Code [Driver: nvraid, IRP_MJ_CREATE]
Process: System Address: 0x84bd81f8 Size: 121
Object: Hidden Code [Driver: nvraid, IRP_MJ_CREATE_NAMED_PIPE]
Process: System Address: 0x84bd81f8 Size: 121
Object: Hidden Code [Driver: nvraid, IRP_MJ_CLOSE]
Process: System Address: 0x84bd81f8 Size: 121
Object: Hidden Code [Driver: nvraid, IRP_MJ_READ]
Process: System Address: 0x84bd81f8 Size: 121
Object: Hidden Code [Driver: nvraid, IRP_MJ_WRITE]
Process: System Address: 0x84bd81f8 Size: 121
Object: Hidden Code [Driver: nvraid, IRP_MJ_QUERY_INFORMATION]
Process: System Address: 0x84bd81f8 Size: 121
Object: Hidden Code [Driver: nvraid, IRP_MJ_SET_INFORMATION]
Process: System Address: 0x84bd81f8 Size: 121
Object: Hidden Code [Driver: nvraid, IRP_MJ_QUERY_EA]
Process: System Address: 0x84bd81f8 Size: 121
Object: Hidden Code [Driver: nvraid, IRP_MJ_SET_EA]
Process: System Address: 0x84bd81f8 Size: 121
Object: Hidden Code [Driver: nvraid, IRP_MJ_FLUSH_BUFFERS]
Process: System Address: 0x84bd81f8 Size: 121
Object: Hidden Code [Driver: nvraid, IRP_MJ_QUERY_VOLUME_INFORMATION]
Process: System Address: 0x84bd81f8 Size: 121
Object: Hidden Code [Driver: nvraid, IRP_MJ_SET_VOLUME_INFORMATION]
Process: System Address: 0x84bd81f8 Size: 121
Object: Hidden Code [Driver: nvraid, IRP_MJ_DIRECTORY_CONTROL]
Process: System Address: 0x84bd81f8 Size: 121
Object: Hidden Code [Driver: nvraid, IRP_MJ_FILE_SYSTEM_CONTROL]
Process: System Address: 0x84bd81f8 Size: 121
Object: Hidden Code [Driver: nvraid, IRP_MJ_DEVICE_CONTROL]
Process: System Address: 0x84bd81f8 Size: 121
Object: Hidden Code [Driver: nvraid, IRP_MJ_INTERNAL_DEVICE_CONTROL]
Process: System Address: 0x84bd81f8 Size: 121
Object: Hidden Code [Driver: nvraid, IRP_MJ_SHUTDOWN]
Process: System Address: 0x84bd81f8 Size: 121
Object: Hidden Code [Driver: nvraid, IRP_MJ_LOCK_CONTROL]
Process: System Address: 0x84bd81f8 Size: 121
Object: Hidden Code [Driver: nvraid, IRP_MJ_CLEANUP]
Process: System Address: 0x84bd81f8 Size: 121
Object: Hidden Code [Driver: nvraid, IRP_MJ_CREATE_MAILSLOT]
Process: System Address: 0x84bd81f8 Size: 121
Object: Hidden Code [Driver: nvraid, IRP_MJ_QUERY_SECURITY]
Process: System Address: 0x84bd81f8 Size: 121
Object: Hidden Code [Driver: nvraid, IRP_MJ_SET_SECURITY]
Process: System Address: 0x84bd81f8 Size: 121
Object: Hidden Code [Driver: nvraid, IRP_MJ_POWER]
Process: System Address: 0x84bd81f8 Size: 121
Object: Hidden Code [Driver: nvraid, IRP_MJ_SYSTEM_CONTROL]
Process: System Address: 0x84bd81f8 Size: 121
Object: Hidden Code [Driver: nvraid, IRP_MJ_DEVICE_CHANGE]
Process: System Address: 0x84bd81f8 Size: 121
Object: Hidden Code [Driver: nvraid, IRP_MJ_QUERY_QUOTA]
Process: System Address: 0x84bd81f8 Size: 121
Object: Hidden Code [Driver: nvraid, IRP_MJ_SET_QUOTA]
Process: System Address: 0x84bd81f8 Size: 121
Object: Hidden Code [Driver: nvraid, IRP_MJ_PNP]
Process: System Address: 0x84bd81f8 Size: 121
Object: Hidden Code [Driver: usbehci, IRP_MJ_CREATE]
Process: System Address: 0x849c61f8 Size: 121
Object: Hidden Code [Driver: usbehci, IRP_MJ_CLOSE]
Process: System Address: 0x849c61f8 Size: 121
Object: Hidden Code [Driver: usbehci, IRP_MJ_DEVICE_CONTROL]
Process: System Address: 0x849c61f8 Size: 121
Object: Hidden Code [Driver: usbehci, IRP_MJ_INTERNAL_DEVICE_CONTROL]
Process: System Address: 0x849c61f8 Size: 121
Object: Hidden Code [Driver: usbehci, IRP_MJ_POWER]
Process: System Address: 0x849c61f8 Size: 121
Object: Hidden Code [Driver: usbehci, IRP_MJ_SYSTEM_CONTROL]
Process: System Address: 0x849c61f8 Size: 121
Object: Hidden Code [Driver: usbehci, IRP_MJ_PNP]
Process: System Address: 0x849c61f8 Size: 121
Object: Hidden Code [Driver: MRxSmb, IRP_MJ_CREATE]
Process: System Address: 0x83f711f8 Size: 121
Object: Hidden Code [Driver: MRxSmb, IRP_MJ_CREATE_NAMED_PIPE]
Process: System Address: 0x83f711f8 Size: 121
Object: Hidden Code [Driver: MRxSmb, IRP_MJ_CLOSE]
Process: System Address: 0x83f711f8 Size: 121
Object: Hidden Code [Driver: MRxSmb, IRP_MJ_READ]
Process: System Address: 0x83f711f8 Size: 121
Object: Hidden Code [Driver: MRxSmb, IRP_MJ_WRITE]
Process: System Address: 0x83f711f8 Size: 121
Object: Hidden Code [Driver: MRxSmb, IRP_MJ_QUERY_INFORMATION]
Process: System Address: 0x83f711f8 Size: 121
Object: Hidden Code [Driver: MRxSmb, IRP_MJ_SET_INFORMATION]
Process: System Address: 0x83f711f8 Size: 121
Object: Hidden Code [Driver: MRxSmb, IRP_MJ_QUERY_EA]
Process: System Address: 0x83f711f8 Size: 121
Object: Hidden Code [Driver: MRxSmb, IRP_MJ_SET_EA]
Process: System Address: 0x83f711f8 Size: 121
Object: Hidden Code [Driver: MRxSmb, IRP_MJ_FLUSH_BUFFERS]
Process: System Address: 0x83f711f8 Size: 121
Object: Hidden Code [Driver: MRxSmb, IRP_MJ_QUERY_VOLUME_INFORMATION]
Process: System Address: 0x83f711f8 Size: 121
Object: Hidden Code [Driver: MRxSmb, IRP_MJ_SET_VOLUME_INFORMATION]
Process: System Address: 0x83f711f8 Size: 121
Object: Hidden Code [Driver: MRxSmb, IRP_MJ_DIRECTORY_CONTROL]
Process: System Address: 0x83f711f8 Size: 121
Object: Hidden Code [Driver: MRxSmb, IRP_MJ_FILE_SYSTEM_CONTROL]
Process: System Address: 0x83f711f8 Size: 121
Object: Hidden Code [Driver: MRxSmb, IRP_MJ_DEVICE_CONTROL]
Process: System Address: 0x83f711f8 Size: 121
Object: Hidden Code [Driver: MRxSmb, IRP_MJ_INTERNAL_DEVICE_CONTROL]
Process: System Address: 0x83f711f8 Size: 121
Object: Hidden Code [Driver: MRxSmb, IRP_MJ_SHUTDOWN]
Process: System Address: 0x83f711f8 Size: 121
Object: Hidden Code [Driver: MRxSmb, IRP_MJ_LOCK_CONTROL]
Process: System Address: 0x83f711f8 Size: 121
Object: Hidden Code [Driver: MRxSmb, IRP_MJ_CLEANUP]
Process: System Address: 0x83f711f8 Size: 121
Object: Hidden Code [Driver: MRxSmb, IRP_MJ_CREATE_MAILSLOT]
Process: System Address: 0x83f711f8 Size: 121
Object: Hidden Code [Driver: MRxSmb, IRP_MJ_QUERY_SECURITY]
Process: System Address: 0x83f711f8 Size: 121
Object: Hidden Code [Driver: MRxSmb, IRP_MJ_SET_SECURITY]
Process: System Address: 0x83f711f8 Size: 121
Object: Hidden Code [Driver: MRxSmb, IRP_MJ_POWER]
Process: System Address: 0x83f711f8 Size: 121
Object: Hidden Code [Driver: MRxSmb, IRP_MJ_SYSTEM_CONTROL]
Process: System Address: 0x83f711f8 Size: 121
Object: Hidden Code [Driver: MRxSmb, IRP_MJ_DEVICE_CHANGE]
Process: System Address: 0x83f711f8 Size: 121
Object: Hidden Code [Driver: MRxSmb, IRP_MJ_QUERY_QUOTA]
Process: System Address: 0x83f711f8 Size: 121
Object: Hidden Code [Driver: MRxSmb, IRP_MJ_SET_QUOTA]
Process: System Address: 0x83f711f8 Size: 121
Object: Hidden Code [Driver: MRxSmb, IRP_MJ_PNP]
Process: System Address: 0x83f711f8 Size: 121
Object: Hidden Code [Driver: Cdfsࠅఉ瑎捦܉@考, IRP_MJ_CREATE]
Process: System Address: 0x847ce398 Size: 121
Object: Hidden Code [Driver: Cdfsࠅఉ瑎捦܉@考, IRP_MJ_CLOSE]
Process: System Address: 0x847ce398 Size: 121
Object: Hidden Code [Driver: Cdfsࠅఉ瑎捦܉@考, IRP_MJ_READ]
Process: System Address: 0x847ce398 Size: 121
Object: Hidden Code [Driver: Cdfsࠅఉ瑎捦܉@考, IRP_MJ_QUERY_INFORMATION]
Process: System Address: 0x847ce398 Size: 121
Object: Hidden Code [Driver: Cdfsࠅఉ瑎捦܉@考, IRP_MJ_SET_INFORMATION]
Process: System Address: 0x847ce398 Size: 121
Object: Hidden Code [Driver: Cdfsࠅఉ瑎捦܉@考, IRP_MJ_QUERY_VOLUME_INFORMATION]
Process: System Address: 0x847ce398 Size: 121
Object: Hidden Code [Driver: Cdfsࠅఉ瑎捦܉@考, IRP_MJ_DIRECTORY_CONTROL]
Process: System Address: 0x847ce398 Size: 121
Object: Hidden Code [Driver: Cdfsࠅఉ瑎捦܉@考, IRP_MJ_FILE_SYSTEM_CONTROL]
Process: System Address: 0x847ce398 Size: 121
Object: Hidden Code [Driver: Cdfsࠅఉ瑎捦܉@考, IRP_MJ_DEVICE_CONTROL]
Process: System Address: 0x847ce398 Size: 121
Object: Hidden Code [Driver: Cdfsࠅఉ瑎捦܉@考, IRP_MJ_SHUTDOWN]
Process: System Address: 0x847ce398 Size: 121
Object: Hidden Code [Driver: Cdfsࠅఉ瑎捦܉@考, IRP_MJ_LOCK_CONTROL]
Process: System Address: 0x847ce398 Size: 121
Object: Hidden Code [Driver: Cdfsࠅఉ瑎捦܉@考, IRP_MJ_CLEANUP]
Process: System Address: 0x847ce398 Size: 121
Object: Hidden Code [Driver: Cdfsࠅఉ瑎捦܉@考, IRP_MJ_PNP]
Process: System Address: 0x847ce398 Size: 121
Aber die HJT Logfile will nicht so wie ich will... ich mach nen Anhang, tschuldige... Geändert von pompidou (20.08.2010 um 18:10 Uhr) |
| Themen zu Desktop Security 2010 nicht entfernbar |
| 64-bit, adware.vomba, anti-malware, antivirenprogramm, dateien, desktop, einstellungen, exploit, explorer, folge, forum, frage, funktioniert, logfiles, malwarebytes, neustart, nicht sicher, probleme, programm, programme, recover, rkill.com, scan, security, spyware.onlinegames, temp, tipps, tr/trash.gen, trojan.fakealert, trojan.zlob, wiederholt |
Baum-Darstellung