Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- GMER 2.1.19163 - http://www.gmer.net
- Rootkit scan 2014-01-06 22:59:02
- Windows 5.1.2600 Service Pack 3 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 FUJITSU_ rev.8909 232,89GB
- Running: i88il0lk.exe; Driver: C:\DOCUME~1\Milovan\LOCALS~1\Temp\fwtdrpog.sys
- ---- System - GMER 2.1 ----
- SSDT \??\c:\windows\system32\drivers\dlhpnmlg.sys ZwAssignProcessToJobObject [0xA0ADBCA8]
- SSDT \??\c:\windows\system32\drivers\dlhpnmlg.sys ZwClose [0xA0AD5AF8]
- SSDT \??\c:\windows\system32\drivers\dlhpnmlg.sys ZwCreateFile [0xA0ADA1F6]
- SSDT \??\c:\windows\system32\drivers\dlhpnmlg.sys ZwCreateSection [0xA0ADB340]
- SSDT \??\c:\windows\system32\drivers\dlhpnmlg.sys ZwCreateThread [0xA0ADC18C]
- SSDT \??\c:\windows\system32\drivers\dlhpnmlg.sys ZwDebugActiveProcess [0xA0ADBBCA]
- SSDT \??\c:\windows\system32\drivers\dlhpnmlg.sys ZwDeleteFile [0xA0ADA59A]
- SSDT \??\c:\windows\system32\drivers\dlhpnmlg.sys ZwDeviceIoControlFile [0xA0AD5CDA]
- SSDT \??\c:\windows\system32\drivers\dlhpnmlg.sys ZwDuplicateObject [0xA0AD96C6]
- SSDT \??\c:\windows\system32\drivers\dlhpnmlg.sys ZwFsControlFile [0xA0AD5B18]
- SSDT \??\c:\windows\system32\drivers\dlhpnmlg.sys ZwInitiatePowerAction [0xA0AD57FC]
- SSDT \??\c:\windows\system32\drivers\dlhpnmlg.sys ZwLoadDriver [0xA0AD90A8]
- SSDT \??\c:\windows\system32\drivers\dlhpnmlg.sys ZwMakeTemporaryObject [0xA0AD592C]
- SSDT \??\c:\windows\system32\drivers\dlhpnmlg.sys ZwOpenFile [0xA0AD9EB6]
- SSDT \??\c:\windows\system32\drivers\dlhpnmlg.sys ZwOpenProcess [0xA0ADB636]
- SSDT \??\c:\windows\system32\drivers\dlhpnmlg.sys ZwOpenSection [0xA0AD5E9C]
- SSDT \??\c:\windows\system32\drivers\dlhpnmlg.sys ZwOpenThread [0xA0ADBF62]
- SSDT \??\c:\windows\system32\drivers\dlhpnmlg.sys ZwProtectVirtualMemory [0xA0ADCBDA]
- SSDT \??\c:\windows\system32\drivers\dlhpnmlg.sys ZwQueueApcThread [0xA0ADC520]
- SSDT \??\c:\windows\system32\drivers\dlhpnmlg.sys ZwReadFile [0xA0AD5A5C]
- SSDT \??\c:\windows\system32\drivers\dlhpnmlg.sys ZwReadVirtualMemory [0xA0AD5F8C]
- SSDT \??\c:\windows\system32\drivers\dlhpnmlg.sys ZwRenameKey [0xA0AD762C]
- SSDT \??\c:\windows\system32\drivers\dlhpnmlg.sys ZwReplaceKey [0xA0ADB064]
- SSDT \??\c:\windows\system32\drivers\dlhpnmlg.sys ZwRequestWaitReplyPort [0xA0AD94A4]
- SSDT \??\c:\windows\system32\drivers\dlhpnmlg.sys ZwRestoreKey [0xA0ADAEC0]
- SSDT \??\c:\windows\system32\drivers\dlhpnmlg.sys ZwSetContextThread [0xA0ADC99A]
- SSDT \??\c:\windows\system32\drivers\dlhpnmlg.sys ZwSetInformationFile [0xA0ADAA26]
- SSDT \??\c:\windows\system32\drivers\dlhpnmlg.sys ZwSetInformationProcess [0xA0ADBE92]
- SSDT \??\c:\windows\system32\drivers\dlhpnmlg.sys ZwSetSecurityObject [0xA0AD9B86]
- SSDT \??\c:\windows\system32\drivers\dlhpnmlg.sys ZwSetSystemInformation [0xA0AD920E]
- SSDT \??\c:\windows\system32\drivers\dlhpnmlg.sys ZwSetSystemPowerState [0xA0AD5896]
- SSDT \??\c:\windows\system32\drivers\dlhpnmlg.sys ZwSetSystemTime [0xA0AD56C8]
- SSDT \??\c:\windows\system32\drivers\dlhpnmlg.sys ZwShutdownSystem [0xA0AD578A]
- SSDT \??\c:\windows\system32\drivers\dlhpnmlg.sys ZwSuspendProcess [0xA0ADBAEE]
- SSDT \??\c:\windows\system32\drivers\dlhpnmlg.sys ZwSuspendThread [0xA0ADC888]
- SSDT \??\c:\windows\system32\drivers\dlhpnmlg.sys ZwSystemDebugControl [0xA0AD563A]
- SSDT \??\c:\windows\system32\drivers\dlhpnmlg.sys ZwTerminateJobObject [0xA0ADBD7E]
- SSDT \??\c:\windows\system32\drivers\dlhpnmlg.sys ZwTerminateProcess [0xA0ADB9B2]
- SSDT \??\c:\windows\system32\drivers\dlhpnmlg.sys ZwTerminateThread [0xA0ADC758]
- SSDT \??\c:\windows\system32\drivers\dlhpnmlg.sys ZwUnmapViewOfSection [0xA0ADB21E]
- SSDT \??\c:\windows\system32\drivers\dlhpnmlg.sys ZwWriteFile [0xA0ADA706]
- SSDT \??\c:\windows\system32\drivers\dlhpnmlg.sys ZwWriteFileGather [0xA0ADA896]
- SSDT \??\c:\windows\system32\drivers\dlhpnmlg.sys ZwWriteVirtualMemory [0xA0ADCAAC]
- SSDT \WINDOWS\system32\ntkrnlpa.exe ZwCreateKey [0x804D70AE]
- SSDT \WINDOWS\system32\ntkrnlpa.exe[unknown section] [804D70AE] ZwCreateKey [0x804D70AE]
- SSDT \WINDOWS\system32\ntkrnlpa.exe ZwDeleteKey [0x804D70B8]
- SSDT \WINDOWS\system32\ntkrnlpa.exe[unknown section] [804D70B8] ZwDeleteKey [0x804D70B8]
- SSDT \WINDOWS\system32\ntkrnlpa.exe ZwDeleteValueKey [0x804D70A9]
- SSDT \WINDOWS\system32\ntkrnlpa.exe[unknown section] [804D70A9] ZwDeleteValueKey [0x804D70A9]
- SSDT \WINDOWS\system32\ntkrnlpa.exe ZwEnumerateKey [0x804D70BD]
- SSDT \WINDOWS\system32\ntkrnlpa.exe[unknown section] [804D70BD] ZwEnumerateKey [0x804D70BD]
- SSDT \WINDOWS\system32\ntkrnlpa.exe ZwEnumerateValueKey [0x804D70C2]
- SSDT \WINDOWS\system32\ntkrnlpa.exe[unknown section] [804D70C2] ZwEnumerateValueKey [0x804D70C2]
- SSDT \WINDOWS\system32\ntkrnlpa.exe ZwOpenKey [0x804D70D1]
- SSDT \WINDOWS\system32\ntkrnlpa.exe[unknown section] [804D70D1] ZwOpenKey [0x804D70D1]
- SSDT \WINDOWS\system32\ntkrnlpa.exe ZwQueryKey [0x804D70CC]
- SSDT \WINDOWS\system32\ntkrnlpa.exe[unknown section] [804D70CC] ZwQueryKey [0x804D70CC]
- SSDT \WINDOWS\system32\ntkrnlpa.exe ZwQueryValueKey [0x804D70C7]
- SSDT \WINDOWS\system32\ntkrnlpa.exe[unknown section] [804D70C7] ZwQueryValueKey [0x804D70C7]
- SSDT \WINDOWS\system32\ntkrnlpa.exe ZwSetValueKey [0x804D70B3]
- SSDT \WINDOWS\system32\ntkrnlpa.exe[unknown section] [804D70B3] ZwSetValueKey [0x804D70B3]
- INT 0x03 \WINDOWS\system32\ntkrnlpa.exe[unknown section] 804D70D6
- ---- Kernel code sections - GMER 2.1 ----
- .text ntkrnlpa.exe!ZwCallbackReturn + 2CBC 80504548 7 Bytes [9A, A5, AD, A0, B8, 70, 4D] {CALL FAR 0x4d70:0xb8a0ada5}
- .text ntkrnlpa.exe!ZwCallbackReturn + 2F84 80504810 12 Bytes [0E, 92, AD, A0, 96, 58, AD, ...] {PUSH CS; XCHG EDX, EAX; LODSD ; MOV AL, [0xa0ad5896]; ENTER 0xad56, 0xa0}
- .text ntkrnlpa.exe!ZwCallbackReturn + 2FB8 80504844 24 Bytes [EE, BA, AD, A0, 88, C8, AD, ...]
- ? C:\WINDOWS\system32\ntkrnlpa.exe Access is denied.
- ? C:\WINDOWS\system32\hal.dll Access is denied.
- ? C:\WINDOWS\system32\KDCOM.DLL Access is denied.
- ? C:\WINDOWS\system32\BOOTVID.dll Access is denied.
- ? C:\WINDOWS\System32\win32k.sys Access is denied.
- ? C:\WINDOWS\System32\watchdog.sys Access is denied.
- ? C:\WINDOWS\System32\igxpgd32.dll Access is denied.
- ? C:\WINDOWS\System32\igxprd32.dll Access is denied.
- ? C:\WINDOWS\System32\igxpdv32.DLL Access is denied.
- ? C:\WINDOWS\System32\igxpdx32.DLL Access is denied.
- ? C:\WINDOWS\System32\ATMFD.DLL Access is denied.
- .text C:\WINDOWS\system32\drivers\aksfridge.sys section is writeable [0x9AF29000, 0x44527, 0xE0000020]
- .init C:\WINDOWS\system32\drivers\aksfridge.sys entry point in ".init" section [0x9AF7B224]
- .init C:\WINDOWS\system32\drivers\aksfridge.sys unknown last code section [0x9AF7B000, 0x7000, 0xE20000E0]
- .text C:\WINDOWS\system32\drivers\hardlock.sys section is writeable [0x9AE56400, 0x88182, 0xE8000020]
- .protectÿÿÿÿhardlockentry point in ".protectÿÿÿÿhardlockentry point in ".protectÿÿÿÿhardlockentry point in ".p" section [0x9AEFA820] C:\WINDOWS\system32\drivers\hardlock.sys entry point in ".protectÿÿÿÿhardlockentry point in ".protectÿÿÿÿhardlockentry point in ".p" section [0x9AEFA820]
- .protectÿÿÿÿhardlockunknown last code section [0x9AEFA600, 0x50F6, 0xE0000020] C:\WINDOWS\system32\drivers\hardlock.sys unknown last code section [0x9AEFA600, 0x50F6, 0xE0000020]
- ? C:\WINDOWS\system32\ntdll.dll Access is denied.
- ---- User code sections - GMER 2.1 ----
- .text C:\Program Files\Mozilla Firefox\plugin-container.exe[2328] USER32.dll!DefWindowProcA + 11A 7E42C298 7 Bytes JMP 106112C8 C:\Program Files\Mozilla Firefox\xul.dll
- .text C:\Program Files\Mozilla Firefox\plugin-container.exe[2328] USER32.dll!SetWindowLongA + 19 7E42C2B6 7 Bytes JMP 10611339 C:\Program Files\Mozilla Firefox\xul.dll
- .text C:\Program Files\Mozilla Firefox\plugin-container.exe[2328] USER32.dll!GetWindowInfo 7E42C49C 5 Bytes JMP 1061508F C:\Program Files\Mozilla Firefox\xul.dll
- .text C:\Program Files\Mozilla Firefox\plugin-container.exe[2328] USER32.dll!GetMenuContextHelpId + 1A 7E465319 7 Bytes JMP 1060EA7F C:\Program Files\Mozilla Firefox\xul.dll
- .text C:\Program Files\Mozilla Firefox\firefox.exe[2376] ntdll.dll!LdrLoadDll 7C9163A3 5 Bytes JMP 0172E210 C:\Program Files\Mozilla Firefox\xul.dll
- .text C:\Program Files\Mozilla Firefox\firefox.exe[2376] kernel32.dll!lstrlenW + 43 7C809ADC 7 Bytes JMP 01EF22CD C:\Program Files\Mozilla Firefox\xul.dll
- .text C:\Program Files\Mozilla Firefox\firefox.exe[2376] kernel32.dll!MapViewOfFileEx + 6A 7C80B990 7 Bytes JMP 01EF22AA C:\Program Files\Mozilla Firefox\xul.dll
- .text C:\Program Files\Mozilla Firefox\firefox.exe[2376] kernel32.dll!ValidateLocale + B1E8 7C8449F8 7 Bytes JMP 01732C10 C:\Program Files\Mozilla Firefox\xul.dll
- .text C:\Program Files\Mozilla Firefox\firefox.exe[2376] GDI32.dll!SetDIBitsToDevice + 209 77F19E04 7 Bytes JMP 01EF222B C:\Program Files\Mozilla Firefox\xul.dll
- ---- Devices - GMER 2.1 ----
- AttachedDevice \Driver\Tcpip \Device\Ip dlhpnmlg.sys
- AttachedDevice \Driver\Tcpip \Device\Tcp dlhpnmlg.sys
- AttachedDevice \Driver\Tcpip \Device\Udp dlhpnmlg.sys
- Device \Driver\Disk \Device\Harddisk0\DR0 aksfridge.sys
- AttachedDevice \Driver\Tcpip \Device\RawIp dlhpnmlg.sys
- AttachedDevice \FileSystem\Fastfat \Fat fltMgr.sys
- ---- Processes - GMER 2.1 ----
- Library C:\WINDOWS\system32\wbem\wbemprox.dll (*** hidden *** ) @ C:\WINDOWS\system32\winlogon.exe [880] 0x74EF0000
- Library C:\WINDOWS\system32\wbem\wbemcomn.dll (*** hidden *** ) @ C:\WINDOWS\system32\winlogon.exe [880] 0x75290000
- Library C:\WINDOWS\system32\wbem\wbemsvc.dll (*** hidden *** ) @ C:\WINDOWS\system32\winlogon.exe [880] 0x74ED0000
- Library C:\WINDOWS\system32\wbem\fastprox.dll (*** hidden *** ) @ C:\WINDOWS\system32\winlogon.exe [880] 0x75690000
- Library c:\windows\system32\wbem\wmisvc.dll (*** hidden *** ) @ C:\WINDOWS\System32\svchost.exe [1320] 0x59490000
- Library C:\WINDOWS\system32\wbem\wbemcomn.dll (*** hidden *** ) @ C:\WINDOWS\System32\svchost.exe [1320] 0x75290000
- Library C:\WINDOWS\system32\wbem\wbemcore.dll (*** hidden *** ) @ C:\WINDOWS\System32\svchost.exe [1320] 0x762C0000
- Library C:\WINDOWS\system32\wbem\esscli.dll (*** hidden *** ) @ C:\WINDOWS\System32\svchost.exe [1320] 0x75310000
- Library C:\WINDOWS\system32\wbem\FastProx.dll (*** hidden *** ) @ C:\WINDOWS\System32\svchost.exe [1320] 0x75690000
- Library C:\WINDOWS\system32\wbem\wmiutils.dll (*** hidden *** ) @ C:\WINDOWS\System32\svchost.exe [1320] 0x75020000
- Library C:\WINDOWS\system32\wbem\repdrvfs.dll (*** hidden *** ) @ C:\WINDOWS\System32\svchost.exe [1320] 0x75200000
- Library C:\WINDOWS\system32\wbem\wmiprvsd.dll (*** hidden *** ) @ C:\WINDOWS\System32\svchost.exe [1320] 0x597F0000
- Library C:\WINDOWS\system32\wbem\wbemess.dll (*** hidden *** ) @ C:\WINDOWS\System32\svchost.exe [1320] 0x75390000
- Library C:\WINDOWS\system32\wbem\ncprov.dll (*** hidden *** ) @ C:\WINDOWS\System32\svchost.exe [1320] 0x5F740000
- Library C:\WINDOWS\system32\wbem\wbemsvc.dll (*** hidden *** ) @ C:\WINDOWS\System32\svchost.exe [1320] 0x74ED0000
- ---- Services - GMER 2.1 ----
- Service C:\WINDOWS\system32\winspool.drv (*** hidden *** ) [AUTO] Spooler <-- ROOTKIT !!!
- ---- Registry - GMER 2.1 ----
- Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows@DeviceNotSelectedTimeout 15
- Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows@GDIProcessHandleQuota 10000
- Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows@Spooler yes
- Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows@swapdisk
- Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows@TransmissionRetryTimeout 90
- Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows@USERProcessHandleQuota 10000
- Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows@RequireSignedAppInit_DLLs 1
- ---- Files - GMER 2.1 ----
- File C:\WINDOWS\system32\drivers\acpi.sys 187776 bytes executable <-- ROOTKIT !!!
- File C:\WINDOWS\system32\drivers\acpiec.sys 11648 bytes executable <-- ROOTKIT !!!
- File C:\WINDOWS\system32\drivers\ADIHdAud.sys 281600 bytes executable <-- ROOTKIT !!!
- File C:\WINDOWS\system32\drivers\aeaudio.sys 94976 bytes executable <-- ROOTKIT !!!
- File C:\WINDOWS\system32\drivers\aec.sys 142592 bytes executable <-- ROOTKIT !!!
- File C:\WINDOWS\system32\drivers\afd.sys 138112 bytes executable <-- ROOTKIT !!!
- File C:\WINDOWS\system32\drivers\AGRSM.sys 1202560 bytes executable <-- ROOTKIT !!!
- File C:\WINDOWS\system32\drivers\aksfridge.sys 351744 bytes executable <-- ROOTKIT !!!
- File C:\WINDOWS\system32\drivers\amdk6.sys 37376 bytes executable
- File C:\WINDOWS\system32\drivers\amdk7.sys 37760 bytes executable
- File C:\WINDOWS\system32\drivers\arp1394.sys 60800 bytes executable
- File C:\WINDOWS\system32\drivers\ASUSHWIO.SYS 5824 bytes executable
- File C:\WINDOWS\system32\drivers\asyncmac.sys 14336 bytes executable <-- ROOTKIT !!!
- File C:\WINDOWS\system32\drivers\atapi.sys 96512 bytes executable <-- ROOTKIT !!!
- File C:\WINDOWS\system32\drivers\atmarpc.sys 59904 bytes executable <-- ROOTKIT !!!
- File C:\WINDOWS\system32\drivers\atmepvc.sys 31360 bytes executable
- File C:\WINDOWS\system32\drivers\atmlane.sys 55808 bytes executable
- File C:\WINDOWS\system32\drivers\atmuni.sys 352256 bytes executable
- File C:\WINDOWS\system32\drivers\audstub.sys 3072 bytes executable <-- ROOTKIT !!!
- File C:\WINDOWS\system32\drivers\nwlnkflt.sys 12416 bytes executable <-- ROOTKIT !!!
- File C:\WINDOWS\system32\drivers\nwlnkfwd.sys 32512 bytes executable <-- ROOTKIT !!!
- File C:\WINDOWS\system32\drivers\nwlnkipx.sys 88320 bytes executable
- File C:\WINDOWS\system32\drivers\nwlnknb.sys 63232 bytes executable
- File C:\WINDOWS\system32\drivers\nwlnkspx.sys 55936 bytes executable
- File C:\WINDOWS\system32\drivers\nwrdr.sys 163584 bytes executable
- File C:\WINDOWS\system32\drivers\oprghdlr.sys 3456 bytes executable
- File C:\WINDOWS\system32\drivers\p3.sys 42752 bytes executable
- File C:\WINDOWS\system32\drivers\parport.sys 80128 bytes executable
- File C:\WINDOWS\system32\drivers\partmgr.sys 19712 bytes executable
- File C:\WINDOWS\system32\drivers\parvdm.sys 6784 bytes executable
- File C:\WINDOWS\system32\drivers\pci.sys 68224 bytes executable <-- ROOTKIT !!!
- File C:\WINDOWS\system32\drivers\pciide.sys 3328 bytes executable <-- ROOTKIT !!!
- File C:\WINDOWS\system32\drivers\pciidex.sys 24960 bytes executable
- File C:\WINDOWS\system32\drivers\pcmcia.sys 120192 bytes executable
- File C:\WINDOWS\system32\drivers\portcls.sys 146048 bytes executable
- File C:\WINDOWS\system32\drivers\processr.sys 35840 bytes executable
- File C:\WINDOWS\system32\drivers\psched.sys 69120 bytes executable <-- ROOTKIT !!!
- File C:\WINDOWS\system32\drivers\ptilink.sys 17792 bytes executable <-- ROOTKIT !!!
- File C:\WINDOWS\system32\drivers\qcusbser.sys 103552 bytes executable <-- ROOTKIT !!!
- File C:\WINDOWS\system32\drivers\rasacd.sys 8832 bytes executable <-- ROOTKIT !!!
- File C:\WINDOWS\system32\drivers\crusoe.sys 36736 bytes executable
- File C:\WINDOWS\system32\drivers\DGIVECP.SYS 41984 bytes executable <-- ROOTKIT !!!
- File C:\WINDOWS\system32\drivers\disdn 0 bytes
- File C:\WINDOWS\system32\drivers\disk.sys 36352 bytes executable <-- ROOTKIT !!!
- File C:\WINDOWS\system32\drivers\diskdump.sys 14208 bytes executable
- File C:\WINDOWS\system32\drivers\dlhpnmlg.sys 258392 bytes executable <-- ROOTKIT !!!
- File C:\WINDOWS\system32\drivers\dmboot.sys 799744 bytes executable <-- ROOTKIT !!!
- File C:\WINDOWS\system32\drivers\dmio.sys 153344 bytes executable <-- ROOTKIT !!!
- File C:\WINDOWS\system32\drivers\dmload.sys 5888 bytes executable <-- ROOTKIT !!!
- File C:\WINDOWS\system32\drivers\DMusic.sys 52864 bytes executable <-- ROOTKIT !!!
- File C:\WINDOWS\system32\drivers\drmk.sys 60160 bytes executable
- File C:\WINDOWS\system32\drivers\drmkaud.sys 2944 bytes executable <-- ROOTKIT !!!
- File C:\WINDOWS\system32\drivers\dxapi.sys 10496 bytes executable
- File C:\WINDOWS\system32\drivers\dxg.sys 71168 bytes executable
- File C:\WINDOWS\system32\drivers\dxgthk.sys 3328 bytes executable
- File C:\WINDOWS\system32\drivers\e1e5132.sys 250776 bytes executable <-- ROOTKIT !!!
- File C:\WINDOWS\system32\drivers\EIO.sys 8703 bytes executable <-- ROOTKIT !!!
- File C:\WINDOWS\system32\drivers\etc 0 bytes
- File C:\WINDOWS\system32\drivers\fastfat.sys 143744 bytes executable
- File C:\WINDOWS\system32\drivers\fdc.sys 27392 bytes executable
- File C:\WINDOWS\system32\drivers\fips.sys 44544 bytes executable
- File C:\WINDOWS\system32\drivers\FixTDSS.sys 26872 bytes executable <-- ROOTKIT !!!
- File C:\WINDOWS\system32\drivers\flpydisk.sys 20480 bytes executable
- File C:\WINDOWS\system32\drivers\fltMgr.sys 129792 bytes executable <-- ROOTKIT !!!
- File C:\WINDOWS\system32\drivers\fsvga.sys 12160 bytes executable
- File C:\WINDOWS\system32\drivers\fs_rec.sys 7936 bytes executable
- File C:\WINDOWS\system32\drivers\ftdibus.sys 24209 bytes executable <-- ROOTKIT !!!
- File C:\WINDOWS\system32\drivers\ftdisk.sys 125056 bytes executable <-- ROOTKIT !!!
- File C:\WINDOWS\system32\drivers\ftser2k.sys 57404 bytes executable <-- ROOTKIT !!!
- File C:\WINDOWS\system32\drivers\gm.dls 3440660 bytes
- File C:\WINDOWS\system32\drivers\hardlock.sys 694272 bytes executable <-- ROOTKIT !!!
- File C:\WINDOWS\system32\drivers\hdaudbus.sys 144384 bytes executable <-- ROOTKIT !!!
- File C:\WINDOWS\system32\drivers\hidclass.sys 36864 bytes executable
- File C:\WINDOWS\system32\drivers\hidparse.sys 24960 bytes executable
- File C:\WINDOWS\system32\drivers\hidusb.sys 10368 bytes executable <-- ROOTKIT !!!
- File C:\WINDOWS\system32\drivers\HpqKbFiltr.sys 16768 bytes executable <-- ROOTKIT !!!
- File C:\WINDOWS\system32\drivers\http.sys 264832 bytes executable <-- ROOTKIT !!!
- File C:\WINDOWS\system32\drivers\i8042prt.sys 52480 bytes executable <-- ROOTKIT !!!
- File C:\WINDOWS\system32\drivers\iaStor.sys 312344 bytes executable <-- ROOTKIT !!!
- File C:\WINDOWS\system32\drivers\igxpmp32.sys 5955872 bytes executable <-- ROOTKIT !!!
- File C:\WINDOWS\system32\drivers\imapi.sys 42112 bytes executable <-- ROOTKIT !!!
- File C:\WINDOWS\system32\drivers\intelppm.sys 36352 bytes executable <-- ROOTKIT !!!
- File C:\WINDOWS\system32\drivers\ip6fw.sys 36608 bytes executable <-- ROOTKIT !!!
- File C:\WINDOWS\system32\drivers\ipfltdrv.sys 32896 bytes executable <-- ROOTKIT !!!
- File C:\WINDOWS\system32\drivers\ipinip.sys 20864 bytes executable <-- ROOTKIT !!!
- File C:\WINDOWS\system32\drivers\ipnat.sys 152832 bytes executable <-- ROOTKIT !!!
- File C:\WINDOWS\system32\drivers\ipsec.sys 75264 bytes executable <-- ROOTKIT !!!
- File C:\WINDOWS\system32\drivers\raspppoe.sys 41472 bytes executable <-- ROOTKIT !!!
- File C:\WINDOWS\system32\drivers\raspptp.sys 48384 bytes executable <-- ROOTKIT !!!
- File C:\WINDOWS\system32\drivers\raspti.sys 16512 bytes executable <-- ROOTKIT !!!
- File C:\WINDOWS\system32\drivers\rawwan.sys 34432 bytes executable
- File C:\WINDOWS\system32\drivers\rdbss.sys 175744 bytes executable <-- ROOTKIT !!!
- File C:\WINDOWS\system32\drivers\rdpcdd.sys 4224 bytes executable <-- ROOTKIT !!!
- File C:\WINDOWS\system32\drivers\rdpdr.sys 196224 bytes executable <-- ROOTKIT !!!
- File C:\WINDOWS\system32\drivers\rdpwd.sys 139656 bytes executable
- File C:\WINDOWS\system32\drivers\redbook.sys 57600 bytes executable <-- ROOTKIT !!!
- File C:\WINDOWS\system32\drivers\rio8drv.sys 12032 bytes executable
- File C:\WINDOWS\system32\drivers\riodrv.sys 12032 bytes executable
- File C:\WINDOWS\system32\drivers\RMCast.sys 202624 bytes executable
- File C:\WINDOWS\system32\drivers\rndismp.sys 30592 bytes executable
- File C:\WINDOWS\system32\drivers\rootmdm.sys 5888 bytes executable
- File C:\WINDOWS\system32\drivers\RsFx0100.sys 235416 bytes executable
- File C:\WINDOWS\system32\drivers\RsFx0101.sys 239128 bytes executable
- File C:\WINDOWS\system32\drivers\RsFx0102.sys 242712 bytes executable <-- ROOTKIT !!!
- File C:\WINDOWS\system32\drivers\RsFx0103.sys 239336 bytes executable <-- ROOTKIT !!!
- File C:\WINDOWS\system32\drivers\Samsung 0 bytes
- File C:\WINDOWS\system32\drivers\scsiport.sys 96384 bytes executable
- File C:\WINDOWS\system32\drivers\sdbus.sys 79232 bytes executable
- File C:\WINDOWS\system32\drivers\secdrv.sys 20480 bytes executable <-- ROOTKIT !!!
- File C:\WINDOWS\system32\drivers\serenum.sys 15744 bytes executable <-- ROOTKIT !!!
- File C:\WINDOWS\system32\drivers\serial.sys 64512 bytes executable
- File C:\WINDOWS\system32\drivers\sffdisk.sys 11904 bytes executable
- File C:\WINDOWS\system32\drivers\sffp_mmc.sys 10240 bytes executable
- File C:\WINDOWS\system32\drivers\sfloppy.sys 11392 bytes executable
- File C:\WINDOWS\system32\drivers\SLIP.sys 11136 bytes executable <-- ROOTKIT !!!
- File C:\WINDOWS\system32\drivers\smclib.sys 14592 bytes executable
- File C:\WINDOWS\system32\drivers\sonydcam.sys 25344 bytes executable
- File C:\WINDOWS\system32\drivers\splitter.sys 6272 bytes executable <-- ROOTKIT !!!
- File C:\WINDOWS\system32\drivers\sr.sys 73472 bytes executable <-- ROOTKIT !!!
- File C:\WINDOWS\system32\drivers\srv.sys 334848 bytes executable <-- ROOTKIT !!!
- File C:\WINDOWS\system32\drivers\stream.sys 49408 bytes executable
- File C:\WINDOWS\system32\drivers\StreamIP.sys 15232 bytes executable <-- ROOTKIT !!!
- File C:\WINDOWS\system32\drivers\swenum.sys 4352 bytes executable <-- ROOTKIT !!!
- File C:\WINDOWS\system32\drivers\swmidi.sys 56576 bytes executable <-- ROOTKIT !!!
- File C:\WINDOWS\system32\drivers\sysaudio.sys 60800 bytes executable <-- ROOTKIT !!!
- File C:\WINDOWS\system32\drivers\tap0901.sys 26624 bytes executable
- File C:\WINDOWS\system32\drivers\tape.sys 14976 bytes executable
- File C:\WINDOWS\system32\drivers\tcpip.sys 361344 bytes executable <-- ROOTKIT !!!
- File C:\WINDOWS\system32\drivers\tcpip6.sys 225664 bytes executable
- File C:\WINDOWS\system32\drivers\tdi.sys 19072 bytes executable
- File C:\WINDOWS\system32\drivers\tdpipe.sys 12040 bytes executable
- File C:\WINDOWS\system32\drivers\tdtcp.sys 21896 bytes executable
- File C:\WINDOWS\system32\drivers\termdd.sys 40840 bytes executable <-- ROOTKIT !!!
- File C:\WINDOWS\system32\drivers\TMUSBXP.SYS 46336 bytes executable <-- ROOTKIT !!!
- File C:\WINDOWS\system32\drivers\tosdvd.sys 51712 bytes executable
- File C:\WINDOWS\system32\drivers\TrufosAlt.sys 309320 bytes executable
- File C:\WINDOWS\system32\drivers\tsbvcap.sys 21376 bytes executable
- File C:\WINDOWS\system32\drivers\tunmp.sys 12288 bytes executable
- File C:\WINDOWS\system32\drivers\udfs.sys 66048 bytes executable
- File C:\WINDOWS\system32\drivers\battc.sys 14208 bytes executable
- File C:\WINDOWS\system32\drivers\cpqdap01.sys 11776 bytes executable
- File C:\WINDOWS\system32\drivers\gmreadme.txt 646 bytes
- File C:\WINDOWS\system32\drivers\irenum.sys 11264 bytes executable <-- ROOTKIT !!!
- File C:\WINDOWS\system32\drivers\mqac.sys 92544 bytes executable
- File C:\WINDOWS\system32\drivers\null.sys 2944 bytes executable
- File C:\WINDOWS\system32\drivers\rasl2tp.sys 51328 bytes executable <-- ROOTKIT !!!
- File C:\WINDOWS\system32\drivers\sffp_sd.sys 11008 bytes executable
- File C:\WINDOWS\system32\drivers\update.sys 384768 bytes executable <-- ROOTKIT !!!
- File C:\WINDOWS\system32\drivers\mrxdav.sys 180608 bytes executable <-- ROOTKIT !!!
- File C:\WINDOWS\system32\drivers\mrxsmb.sys 456576 bytes executable <-- ROOTKIT !!!
- File C:\WINDOWS\system32\drivers\msfs.sys 19072 bytes executable
- File C:\WINDOWS\system32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf 0 bytes
- File C:\WINDOWS\system32\drivers\Msft_Kernel_HpqKbFiltr_01005.Wdf 0 bytes
- File C:\WINDOWS\system32\drivers\msgpc.sys 35072 bytes executable <-- ROOTKIT !!!
- File C:\WINDOWS\system32\drivers\MSKSSRV.sys 7552 bytes executable <-- ROOTKIT !!!
- File C:\WINDOWS\system32\drivers\MSPCLOCK.sys 5376 bytes executable <-- ROOTKIT !!!
- File C:\WINDOWS\system32\drivers\MSPQM.sys 4992 bytes executable <-- ROOTKIT !!!
- File C:\WINDOWS\system32\drivers\mssmbios.sys 15488 bytes executable <-- ROOTKIT !!!
- File C:\WINDOWS\system32\drivers\MSTEE.sys 5504 bytes executable <-- ROOTKIT !!!
- File C:\WINDOWS\system32\drivers\mup.sys 105344 bytes executable
- File C:\WINDOWS\system32\drivers\NABTSFEC.sys 85248 bytes executable <-- ROOTKIT !!!
- File C:\WINDOWS\system32\drivers\ndis.sys 182656 bytes executable
- File C:\WINDOWS\system32\drivers\NdisIP.sys 10880 bytes executable <-- ROOTKIT !!!
- File C:\WINDOWS\system32\drivers\ndistapi.sys 10112 bytes executable <-- ROOTKIT !!!
- File C:\WINDOWS\system32\drivers\ndisuio.sys 14592 bytes executable <-- ROOTKIT !!!
- File C:\WINDOWS\system32\drivers\ndiswan.sys 91520 bytes executable <-- ROOTKIT !!!
- File C:\WINDOWS\system32\drivers\ndproxy.sys 40576 bytes executable
- File C:\WINDOWS\system32\drivers\netbios.sys 34688 bytes executable <-- ROOTKIT !!!
- File C:\WINDOWS\system32\drivers\netbt.sys 162816 bytes executable <-- ROOTKIT !!!
- File C:\WINDOWS\system32\drivers\NETw5x32.sys 3636864 bytes executable <-- ROOTKIT !!!
- File C:\WINDOWS\system32\drivers\nic1394.sys 61824 bytes executable
- File C:\WINDOWS\system32\drivers\nikedrv.sys 12032 bytes executable
- File C:\WINDOWS\system32\drivers\nmnt.sys 40320 bytes executable
- File C:\WINDOWS\system32\drivers\npfs.sys 30848 bytes executable
- File C:\WINDOWS\system32\drivers\NST 0 bytes
- File C:\WINDOWS\system32\drivers\ntfs.sys 574976 bytes executable
- File C:\WINDOWS\system32\drivers\usb8023.sys 12800 bytes executable
- File C:\WINDOWS\system32\drivers\usbcamd.sys 25600 bytes executable
- File C:\WINDOWS\system32\drivers\usbcamd2.sys 25728 bytes executable
- File C:\WINDOWS\system32\drivers\usbccgp.sys 32128 bytes executable <-- ROOTKIT !!!
- File C:\WINDOWS\system32\drivers\usbd.sys 4736 bytes executable
- File C:\WINDOWS\system32\drivers\usbehci.sys 30208 bytes executable <-- ROOTKIT !!!
- File C:\WINDOWS\system32\drivers\usbhub.sys 59520 bytes executable <-- ROOTKIT !!!
- File C:\WINDOWS\system32\drivers\usbintel.sys 15872 bytes executable
- File C:\WINDOWS\system32\drivers\usbport.sys 143872 bytes executable
- File C:\WINDOWS\system32\drivers\usbprint.sys 25856 bytes executable <-- ROOTKIT !!!
- File C:\WINDOWS\system32\drivers\USBSTOR.SYS 26368 bytes executable <-- ROOTKIT !!!
- File C:\WINDOWS\system32\drivers\usbuhci.sys 20608 bytes executable <-- ROOTKIT !!!
- File C:\WINDOWS\system32\drivers\usbvideo.sys 121984 bytes executable <-- ROOTKIT !!!
- File C:\WINDOWS\system32\drivers\vdmindvd.sys 58112 bytes executable
- File C:\WINDOWS\system32\drivers\vga.sys 20992 bytes executable <-- ROOTKIT !!!
- File C:\WINDOWS\system32\drivers\videoprt.sys 81664 bytes executable
- File C:\WINDOWS\system32\drivers\VOLSNAP.SYS 52352 bytes executable
- File C:\WINDOWS\system32\drivers\wanarp.sys 34560 bytes executable <-- ROOTKIT !!!
- File C:\WINDOWS\system32\drivers\wdf01000.sys 492000 bytes executable <-- ROOTKIT !!!
- File C:\WINDOWS\system32\drivers\wdfldr.sys 32224 bytes executable
- File C:\WINDOWS\system32\drivers\wdmaud.sys 83072 bytes executable <-- ROOTKIT !!!
- File C:\WINDOWS\system32\drivers\wmiacpi.sys 8832 bytes executable <-- ROOTKIT !!!
- File C:\WINDOWS\system32\drivers\wmilib.sys 4352 bytes executable
- File C:\WINDOWS\system32\drivers\ws2ifsl.sys 12032 bytes executable <-- ROOTKIT !!!
- File C:\WINDOWS\system32\drivers\WSTCODEC.SYS 19200 bytes executable <-- ROOTKIT !!!
- File C:\WINDOWS\system32\drivers\beep.sys 4224 bytes executable
- File C:\WINDOWS\system32\drivers\bridge.sys 71552 bytes executable
- File C:\WINDOWS\system32\drivers\btaudio.sys 530861 bytes executable <-- ROOTKIT !!!
- File C:\WINDOWS\system32\drivers\btkrnl.sys 868298 bytes executable <-- ROOTKIT !!!
- File C:\WINDOWS\system32\drivers\btport.sys 30459 bytes executable <-- ROOTKIT !!!
- File C:\WINDOWS\system32\drivers\btwdndis.sys 149123 bytes executable <-- ROOTKIT !!!
- File C:\WINDOWS\system32\drivers\btwusb.sys 67960 bytes executable <-- ROOTKIT !!!
- File C:\WINDOWS\system32\drivers\cbidf2k.sys 13952 bytes executable
- File C:\WINDOWS\system32\drivers\CCDECODE.sys 17024 bytes executable <-- ROOTKIT !!!
- File C:\WINDOWS\system32\drivers\cdaudio.sys 18688 bytes executable
- File C:\WINDOWS\system32\drivers\cdfs.sys 63744 bytes executable
- File C:\WINDOWS\system32\drivers\cdrom.sys 62976 bytes executable <-- ROOTKIT !!!
- File C:\WINDOWS\system32\drivers\cinemst2.sys 262528 bytes executable
- File C:\WINDOWS\system32\drivers\classpnp.sys 49536 bytes executable
- File C:\WINDOWS\system32\drivers\CmBatt.sys 13952 bytes executable <-- ROOTKIT !!!
- File C:\WINDOWS\system32\drivers\compbatt.sys 10240 bytes executable <-- ROOTKIT !!!
- File C:\WINDOWS\system32\drivers\CPQBttn.sys 9344 bytes executable <-- ROOTKIT !!!
- File C:\WINDOWS\system32\drivers\isapnp.sys 37248 bytes executable <-- ROOTKIT !!!
- File C:\WINDOWS\system32\drivers\kbdclass.sys 24576 bytes executable <-- ROOTKIT !!!
- File C:\WINDOWS\system32\drivers\kbdhid.sys 14592 bytes executable <-- ROOTKIT !!!
- File C:\WINDOWS\system32\drivers\kmixer.sys 172416 bytes executable <-- ROOTKIT !!!
- File C:\WINDOWS\system32\drivers\ks.sys 141056 bytes executable
- File C:\WINDOWS\system32\drivers\ksecdd.sys 92288 bytes executable
- File C:\WINDOWS\system32\drivers\mbam.sys 22856 bytes executable
- File C:\WINDOWS\system32\drivers\mbamchameleon.sys 51416 bytes executable <-- ROOTKIT !!!
- File C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys 104664 bytes executable
- File C:\WINDOWS\system32\drivers\mcd.sys 7680 bytes executable
- File C:\WINDOWS\system32\drivers\mf.sys 63744 bytes executable
- File C:\WINDOWS\system32\drivers\mnmdd.sys 4224 bytes executable
- File C:\WINDOWS\system32\drivers\modem.sys 30080 bytes executable
- File C:\WINDOWS\system32\drivers\mouclass.sys 23040 bytes executable <-- ROOTKIT !!!
- File C:\WINDOWS\system32\drivers\mouhid.sys 12160 bytes executable <-- ROOTKIT !!!
- File C:\WINDOWS\system32\drivers\mountmgr.sys 42368 bytes executable
- ---- Services - GMER 2.1 ----
- Service C:\WINDOWS\system32\DRIVERS\ACPI.sys [BOOT] ACPI <-- ROOTKIT !!!
- Service C:\WINDOWS\system32\DRIVERS\ACPIEC.sys [BOOT] ACPIEC <-- ROOTKIT !!!
- Service C:\WINDOWS\system32\drivers\ADIHdAud.sys [MANUAL] ADIHdAudAddService <-- ROOTKIT !!!
- Service C:\WINDOWS\system32\drivers\AEAudio.sys [MANUAL] AEAudio <-- ROOTKIT !!!
- Service C:\WINDOWS\system32\drivers\aec.sys [MANUAL] aec <-- ROOTKIT !!!
- Service C:\WINDOWS\System32\drivers\afd.sys [SYSTEM] AFD <-- ROOTKIT !!!
- Service C:\WINDOWS\system32\DRIVERS\AGRSM.sys [MANUAL] AgereSoftModem <-- ROOTKIT !!!
- Service C:\WINDOWS\system32\drivers\aksfridge.sys [AUTO] aksfridge <-- ROOTKIT !!!
- Service C:\WINDOWS\system32\DRIVERS\asyncmac.sys [MANUAL] AsyncMac <-- ROOTKIT !!!
- Service C:\WINDOWS\system32\DRIVERS\atapi.sys [BOOT] atapi <-- ROOTKIT !!!
- Service C:\WINDOWS\system32\DRIVERS\atmarpc.sys [MANUAL] Atmarpc <-- ROOTKIT !!!
- Service C:\WINDOWS\system32\DRIVERS\audstub.sys [MANUAL] audstub <-- ROOTKIT !!!
- Service C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys [MANUAL] NwlnkFlt <-- ROOTKIT !!!
- Service C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys [MANUAL] NwlnkFwd <-- ROOTKIT !!!
- Service C:\WINDOWS\system32\DRIVERS\pci.sys [BOOT] PCI <-- ROOTKIT !!!
- Service C:\WINDOWS\system32\DRIVERS\pciide.sys [BOOT] PCIIde <-- ROOTKIT !!!
- Service C:\WINDOWS\system32\pschdprf.dll [MANUAL] PSched <-- ROOTKIT !!!
- Service C:\WINDOWS\system32\DRIVERS\ptilink.sys [MANUAL] Ptilink <-- ROOTKIT !!!
- Service C:\WINDOWS\system32\DRIVERS\qcusbser.sys [MANUAL] qcusbser <-- ROOTKIT !!!
- Service C:\WINDOWS\system32\DRIVERS\rasacd.sys [SYSTEM] RasAcd <-- ROOTKIT !!!
- Service C:\WINDOWS\system32\Drivers\DgiVecp.sys [AUTO] DgiVecp <-- ROOTKIT !!!
- Service C:\WINDOWS\system32\DRIVERS\disk.sys [BOOT] Disk <-- ROOTKIT !!!
- Service c:\windows\system32\drivers\dlhpnmlg.sys [SYSTEM] dlhpnmlg <-- ROOTKIT !!!
- Service C:\WINDOWS\System32\drivers\dmboot.sys [DISABLED] dmboot <-- ROOTKIT !!!
- Service C:\WINDOWS\System32\drivers\dmio.sys [BOOT] dmio <-- ROOTKIT !!!
- Service C:\WINDOWS\System32\drivers\dmload.sys [BOOT] dmload <-- ROOTKIT !!!
- Service C:\WINDOWS\system32\drivers\DMusic.sys [MANUAL] DMusic <-- ROOTKIT !!!
- Service C:\WINDOWS\system32\drivers\drmkaud.sys [MANUAL] drmkaud <-- ROOTKIT !!!
- Service C:\WINDOWS\system32\DRIVERS\e1e5132.sys [MANUAL] e1express <-- ROOTKIT !!!
- Service C:\WINDOWS\system32\drivers\EIO.sys [MANUAL] EIO <-- ROOTKIT !!!
- Service C:\WINDOWS\system32\drivers\FixTDSS.sys [BOOT] FixTDSS <-- ROOTKIT !!!
- Service C:\WINDOWS\system32\DRIVERS\fltMgr.sys [BOOT] FltMgr <-- ROOTKIT !!!
- Service C:\WINDOWS\system32\drivers\ftdibus.sys [MANUAL] FTDIBUS <-- ROOTKIT !!!
- Service C:\WINDOWS\system32\DRIVERS\ftdisk.sys [BOOT] Ftdisk <-- ROOTKIT !!!
- Service C:\WINDOWS\system32\drivers\ftser2k.sys [MANUAL] FTSER2K <-- ROOTKIT !!!
- Service C:\WINDOWS\system32\drivers\hardlock.sys [AUTO] Hardlock <-- ROOTKIT !!!
- Service C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [MANUAL] HDAudBus <-- ROOTKIT !!!
- Service C:\WINDOWS\system32\DRIVERS\hidusb.sys [MANUAL] HidUsb <-- ROOTKIT !!!
- Service C:\WINDOWS\system32\DRIVERS\HpqKbFiltr.sys [MANUAL] HpqKbFiltr <-- ROOTKIT !!!
- Service C:\WINDOWS\System32\Drivers\HTTP.sys [MANUAL] HTTP <-- ROOTKIT !!!
- Service C:\WINDOWS\system32\DRIVERS\i8042prt.sys [SYSTEM] i8042prt <-- ROOTKIT !!!
- Service C:\WINDOWS\system32\DRIVERS\iaStor.sys [BOOT] iaStor <-- ROOTKIT !!!
- Service C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [MANUAL] ialm <-- ROOTKIT !!!
- Service C:\WINDOWS\system32\DRIVERS\imapi.sys [SYSTEM] Imapi <-- ROOTKIT !!!
- Service C:\WINDOWS\system32\DRIVERS\intelppm.sys [SYSTEM] intelppm <-- ROOTKIT !!!
- Service C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys [MANUAL] Ip6Fw <-- ROOTKIT !!!
- Service C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys [MANUAL] IpFilterDriver <-- ROOTKIT !!!
- Service C:\WINDOWS\system32\DRIVERS\ipinip.sys [MANUAL] IpInIp <-- ROOTKIT !!!
- Service C:\WINDOWS\system32\DRIVERS\ipnat.sys [MANUAL] IpNat <-- ROOTKIT !!!
- Service C:\WINDOWS\system32\DRIVERS\ipsec.sys [SYSTEM] IPSec <-- ROOTKIT !!!
- Service C:\WINDOWS\system32\DRIVERS\raspppoe.sys [MANUAL] RasPppoe <-- ROOTKIT !!!
- Service C:\WINDOWS\system32\DRIVERS\raspptp.sys [MANUAL] PptpMiniport <-- ROOTKIT !!!
- Service C:\WINDOWS\system32\DRIVERS\raspti.sys [MANUAL] Raspti <-- ROOTKIT !!!
- Service C:\WINDOWS\system32\DRIVERS\rdbss.sys [SYSTEM] Rdbss <-- ROOTKIT !!!
- Service C:\WINDOWS\System32\DRIVERS\RDPCDD.sys [SYSTEM] RDPCDD <-- ROOTKIT !!!
- Service C:\WINDOWS\system32\DRIVERS\rdpdr.sys [MANUAL] rdpdr <-- ROOTKIT !!!
- Service C:\WINDOWS\system32\DRIVERS\redbook.sys [SYSTEM] redbook <-- ROOTKIT !!!
- Service C:\WINDOWS\system32\DRIVERS\RsFx0102.sys [DISABLED] RsFx0102 <-- ROOTKIT !!!
- Service C:\WINDOWS\system32\DRIVERS\RsFx0103.sys [DISABLED] RsFx0103 <-- ROOTKIT !!!
- Service C:\WINDOWS\system32\DRIVERS\secdrv.sys [MANUAL] Secdrv <-- ROOTKIT !!!
- Service C:\WINDOWS\system32\DRIVERS\serenum.sys [MANUAL] Serenum <-- ROOTKIT !!!
- Service C:\WINDOWS\system32\DRIVERS\SLIP.sys [MANUAL] SLIP <-- ROOTKIT !!!
- Service C:\WINDOWS\system32\drivers\splitter.sys [MANUAL] splitter <-- ROOTKIT !!!
- Service C:\WINDOWS\system32\DRIVERS\sr.sys [BOOT] sr <-- ROOTKIT !!!
- Service C:\WINDOWS\system32\DRIVERS\srv.sys [MANUAL] Srv <-- ROOTKIT !!!
- Service C:\WINDOWS\system32\DRIVERS\StreamIP.sys [MANUAL] streamip <-- ROOTKIT !!!
- Service C:\WINDOWS\system32\DRIVERS\swenum.sys [MANUAL] swenum <-- ROOTKIT !!!
- Service C:\WINDOWS\system32\drivers\swmidi.sys [MANUAL] swmidi <-- ROOTKIT !!!
- Service C:\WINDOWS\system32\drivers\sysaudio.sys [MANUAL] sysaudio <-- ROOTKIT !!!
- Service C:\WINDOWS\system32\Perfctrs.dll [SYSTEM] Tcpip <-- ROOTKIT !!!
- Service C:\WINDOWS\system32\DRIVERS\termdd.sys [SYSTEM] TermDD <-- ROOTKIT !!!
- Service C:\WINDOWS\system32\DRIVERS\TMUSBXP.SYS [MANUAL] TMUSB <-- ROOTKIT !!!
- Service C:\WINDOWS\system32\DRIVERS\irenum.sys [MANUAL] IRENUM <-- ROOTKIT !!!
- Service C:\WINDOWS\system32\DRIVERS\rasl2tp.sys [MANUAL] Rasl2tp <-- ROOTKIT !!!
- Service C:\WINDOWS\system32\DRIVERS\update.sys [MANUAL] Update <-- ROOTKIT !!!
- Service C:\WINDOWS\system32\DRIVERS\mrxdav.sys [MANUAL] MRxDAV <-- ROOTKIT !!!
- Service C:\WINDOWS\system32\DRIVERS\mrxsmb.sys [SYSTEM] MRxSmb <-- ROOTKIT !!!
- Service C:\WINDOWS\system32\DRIVERS\msgpc.sys [MANUAL] Gpc <-- ROOTKIT !!!
- Service C:\WINDOWS\system32\drivers\MSKSSRV.sys [MANUAL] MSKSSRV <-- ROOTKIT !!!
- Service C:\WINDOWS\system32\drivers\MSPCLOCK.sys [MANUAL] MSPCLOCK <-- ROOTKIT !!!
- Service C:\WINDOWS\system32\drivers\MSPQM.sys [MANUAL] MSPQM <-- ROOTKIT !!!
- Service C:\WINDOWS\system32\DRIVERS\mssmbios.sys [MANUAL] mssmbios <-- ROOTKIT !!!
- Service C:\WINDOWS\system32\drivers\MSTEE.sys [MANUAL] MSTEE <-- ROOTKIT !!!
- Service C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [MANUAL] NABTSFEC <-- ROOTKIT !!!
- Service C:\WINDOWS\system32\DRIVERS\NdisIP.sys [MANUAL] NdisIP <-- ROOTKIT !!!
- Service C:\WINDOWS\system32\DRIVERS\ndistapi.sys [MANUAL] NdisTapi <-- ROOTKIT !!!
- Service C:\WINDOWS\system32\DRIVERS\ndisuio.sys [MANUAL] Ndisuio <-- ROOTKIT !!!
- Service C:\WINDOWS\system32\DRIVERS\ndiswan.sys [MANUAL] NdisWan <-- ROOTKIT !!!
- Service C:\WINDOWS\system32\DRIVERS\netbios.sys [SYSTEM] NetBIOS <-- ROOTKIT !!!
- Service C:\WINDOWS\system32\DRIVERS\netbt.sys [SYSTEM] NetBT <-- ROOTKIT !!!
- Service C:\WINDOWS\system32\DRIVERS\NETw5x32.sys [MANUAL] NETw5x32 <-- ROOTKIT !!!
- Service C:\WINDOWS\system32\DRIVERS\usbccgp.sys [MANUAL] usbccgp <-- ROOTKIT !!!
- Service C:\WINDOWS\system32\DRIVERS\usbehci.sys [MANUAL] usbehci <-- ROOTKIT !!!
- Service C:\WINDOWS\system32\DRIVERS\usbhub.sys [MANUAL] usbhub <-- ROOTKIT !!!
- Service C:\WINDOWS\system32\DRIVERS\usbprint.sys [MANUAL] usbprint <-- ROOTKIT !!!
- Service C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [MANUAL] USBSTOR <-- ROOTKIT !!!
- Service C:\WINDOWS\system32\DRIVERS\usbuhci.sys [MANUAL] usbuhci <-- ROOTKIT !!!
- Service C:\WINDOWS\System32\Drivers\usbvideo.sys [MANUAL] usbvideo <-- ROOTKIT !!!
- Service C:\WINDOWS\System32\drivers\vga.sys [SYSTEM] VgaSave <-- ROOTKIT !!!
- Service C:\WINDOWS\system32\DRIVERS\wanarp.sys [MANUAL] Wanarp <-- ROOTKIT !!!
- Service C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [MANUAL] Wdf01000 <-- ROOTKIT !!!
- Service C:\WINDOWS\system32\drivers\wdmaud.sys [MANUAL] wdmaud <-- ROOTKIT !!!
- Service C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [SYSTEM] WmiAcpi <-- ROOTKIT !!!
- Service C:\WINDOWS\System32\drivers\ws2ifsl.sys [SYSTEM] WS2IFSL <-- ROOTKIT !!!
- Service C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [MANUAL] WSTCODEC <-- ROOTKIT !!!
- Service C:\WINDOWS\system32\drivers\btaudio.sys [MANUAL] btaudio <-- ROOTKIT !!!
- Service C:\WINDOWS\system32\DRIVERS\btkrnl.sys [MANUAL] BTKRNL <-- ROOTKIT !!!
- Service C:\WINDOWS\system32\DRIVERS\btport.sys [MANUAL] BTDriver <-- ROOTKIT !!!
- Service C:\WINDOWS\system32\DRIVERS\btwdndis.sys [MANUAL] BTWDNDIS <-- ROOTKIT !!!
- Service C:\WINDOWS\System32\Drivers\btwusb.sys [MANUAL] BTWUSB <-- ROOTKIT !!!
- Service C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [MANUAL] CCDECODE <-- ROOTKIT !!!
- Service C:\WINDOWS\system32\DRIVERS\cdrom.sys [SYSTEM] Cdrom <-- ROOTKIT !!!
- Service C:\WINDOWS\system32\DRIVERS\CmBatt.sys [MANUAL] CmBatt <-- ROOTKIT !!!
- Service C:\WINDOWS\system32\DRIVERS\compbatt.sys [BOOT] Compbatt <-- ROOTKIT !!!
- Service C:\WINDOWS\system32\DRIVERS\cpqbttn.sys [MANUAL] HBtnKey <-- ROOTKIT !!!
- Service C:\WINDOWS\system32\DRIVERS\isapnp.sys [BOOT] isapnp <-- ROOTKIT !!!
- Service C:\WINDOWS\system32\DRIVERS\kbdclass.sys [SYSTEM] Kbdclass <-- ROOTKIT !!!
- Service C:\WINDOWS\system32\DRIVERS\kbdhid.sys [SYSTEM] kbdhid <-- ROOTKIT !!!
- Service C:\WINDOWS\system32\drivers\kmixer.sys [MANUAL] kmixer <-- ROOTKIT !!!
- Service C:\WINDOWS\system32\drivers\mbamchameleon.sys [MANUAL] mbamchameleon <-- ROOTKIT !!!
- Service C:\WINDOWS\system32\DRIVERS\mouclass.sys [SYSTEM] Mouclass <-- ROOTKIT !!!
- Service C:\WINDOWS\system32\DRIVERS\mouhid.sys [MANUAL] mouhid <-- ROOTKIT !!!
- ---- EOF - GMER 2.1 ----
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement