Trojaner-Board
Seite 2 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   Windows Audio-Dienst nach zufälliger Zeit beendet; Windowsstil ändert sich (https://www.trojaner-board.de/75732-windows-audio-dienst-zufaelliger-zeit-beendet-windowsstil-aendert.html)

Kyu17 28.07.2009 19:04
Drivers:
Code:
ROOTREPEAL (c) AD, 2007-2009
==================================================
Scan Start Time:                2009/07/28 20:01
Program Version:                Version 1.3.3.0
Windows Version:                Windows XP SP3
==================================================

Drivers
-------------------
Name: 1394BUS.SYS
Image Path: C:\WINDOWS\system32\DRIVERS\1394BUS.SYS
Address: 0xF7667000        Size: 57344        File Visible: -        Signed: -
Status: -

Name: ACPI.sys
Image Path: ACPI.sys
Address: 0xF7492000        Size: 188800        File Visible: -        Signed: -
Status: -

Name: ACPI_HAL
Image Path: \Driver\ACPI_HAL
Address: 0x804D7000        Size: 2191360        File Visible: -        Signed: -
Status: -

Name: afd.sys
Image Path: C:\WINDOWS\System32\drivers\afd.sys
Address: 0xA931D000        Size: 138112        File Visible: -        Signed: -
Status: -

Name: amdk7.sys
Image Path: C:\WINDOWS\system32\DRIVERS\amdk7.sys
Address: 0xBA780000        Size: 41856        File Visible: -        Signed: -
Status: -

Name: asliahmy.sys
Image Path: C:\DOKUME~1\Max\LOKALE~1\Temp\asliahmy.sys
Address: 0xA5E6C000        Size: 81664        File Visible: No        Signed: -
Status: -

Name: atapi.sys
Image Path: atapi.sys
Address: 0xF782A000        Size: 98304        File Visible: -        Signed: -
Status: -

Name: atapi.sys
Image Path: atapi.sys
Address: 0x00000000        Size: 0        File Visible: -        Signed: -
Status: -

Name: ati2cqag.dll
Image Path: C:\WINDOWS\System32\ati2cqag.dll
Address: 0xBF056000        Size: 315392        File Visible: -        Signed: -
Status: -

Name: ati2dvag.dll
Image Path: C:\WINDOWS\System32\ati2dvag.dll
Address: 0xBF012000        Size: 278528        File Visible: -        Signed: -
Status: -

Name: ati2mtag.sys
Image Path: C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
Address: 0xB98DB000        Size: 2125824        File Visible: -        Signed: -
Status: -

Name: ati3duag.dll
Image Path: C:\WINDOWS\System32\ati3duag.dll
Address: 0xBF0EF000        Size: 2678784        File Visible: -        Signed: -
Status: -

Name: atikvmag.dll
Image Path: C:\WINDOWS\System32\atikvmag.dll
Address: 0xBF0A3000        Size: 311296        File Visible: -        Signed: -
Status: -

Name: atitray.sys
Image Path: C:\Programme\Ray Adams\ATI Tray Tools\atitray.sys
Address: 0xBA6E6000        Size: 14592        File Visible: -        Signed: -
Status: -

Name: ativvaxx.dll
Image Path: C:\WINDOWS\System32\ativvaxx.dll
Address: 0xBF37D000        Size: 1290240        File Visible: -        Signed: -
Status: -

Name: ATMFD.DLL
Image Path: C:\WINDOWS\System32\ATMFD.DLL
Address: 0xBFFA0000        Size: 286720        File Visible: -        Signed: -
Status: -

Name: audstub.sys
Image Path: C:\WINDOWS\system32\DRIVERS\audstub.sys
Address: 0xB9CBF000        Size: 3072        File Visible: -        Signed: -
Status: -

Name: Beep.SYS
Image Path: C:\WINDOWS\System32\Drivers\Beep.SYS
Address: 0xF79B1000        Size: 4224        File Visible: -        Signed: -
Status: -

Name: BOOTVID.dll
Image Path: C:\WINDOWS\system32\BOOTVID.dll
Address: 0xF7897000        Size: 12288        File Visible: -        Signed: -
Status: -

Name: Cdfs.SYS
Image Path: C:\WINDOWS\System32\Drivers\Cdfs.SYS
Address: 0xBA790000        Size: 63744        File Visible: -        Signed: -
Status: -

Name: cdrom.sys
Image Path: C:\WINDOWS\system32\DRIVERS\cdrom.sys
Address: 0xBA760000        Size: 62976        File Visible: -        Signed: -
Status: -

Name: CLASSPNP.SYS
Image Path: C:\WINDOWS\system32\DRIVERS\CLASSPNP.SYS
Address: 0xF7637000        Size: 53248        File Visible: -        Signed: -
Status: -

Name: cmudax3.sys
Image Path: C:\WINDOWS\system32\drivers\cmudax3.sys
Address: 0xB9B29000        Size: 1512960        File Visible: -        Signed: -
Status: -

Name: disk.sys
Image Path: disk.sys
Address: 0xF7627000        Size: 36352        File Visible: -        Signed: -
Status: -

Name: dmio.sys
Image Path: dmio.sys
Address: 0xF7842000        Size: 154112        File Visible: -        Signed: -
Status: -

Name: dmload.sys
Image Path: dmload.sys
Address: 0xF798B000        Size: 5888        File Visible: -        Signed: -
Status: -

Name: drmk.sys
Image Path: C:\WINDOWS\system32\drivers\drmk.sys
Address: 0xBA770000        Size: 61440        File Visible: -        Signed: -
Status: -

Name: dump_atapi.sys
Image Path: C:\WINDOWS\System32\Drivers\dump_atapi.sys
Address: 0xA8A66000        Size: 98304        File Visible: No        Signed: -
Status: -

Name: dump_WMILIB.SYS
Image Path: C:\WINDOWS\System32\Drivers\dump_WMILIB.SYS
Address: 0xF79F1000        Size: 8192        File Visible: No        Signed: -
Status: -

Name: Dxapi.sys
Image Path: C:\WINDOWS\System32\drivers\Dxapi.sys
Address: 0xA93EF000        Size: 12288        File Visible: -        Signed: -
Status: -

Name: dxg.sys
Image Path: C:\WINDOWS\System32\drivers\dxg.sys
Address: 0xBF000000        Size: 73728        File Visible: -        Signed: -
Status: -

Name: dxgthk.sys
Image Path: C:\WINDOWS\System32\drivers\dxgthk.sys
Address: 0xB9FD6000        Size: 4096        File Visible: -        Signed: -
Status: -

Name: el90Xbc5.SYS
Image Path: C:\WINDOWS\system32\DRIVERS\el90Xbc5.SYS
Address: 0xA5E08000        Size: 66560        File Visible: -        Signed: -
Status: -

Name: Fips.SYS
Image Path: C:\WINDOWS\System32\Drivers\Fips.SYS
Address: 0xF76F7000        Size: 44672        File Visible: -        Signed: -
Status: -

Name: fltmgr.sys
Image Path: fltmgr.sys
Address: 0xF7967000        Size: 129792        File Visible: -        Signed: -
Status: -

Name: Fs_Rec.SYS
Image Path: C:\WINDOWS\System32\Drivers\Fs_Rec.SYS
Address: 0xF79AF000        Size: 7936        File Visible: -        Signed: -
Status: -

Name: ftdisk.sys
Image Path: ftdisk.sys
Address: 0xF7868000        Size: 126336        File Visible: -        Signed: -
Status: -

Name: gameenum.sys
Image Path: C:\WINDOWS\system32\DRIVERS\gameenum.sys
Address: 0xBA504000        Size: 10624        File Visible: -        Signed: -
Status: -

Name: GEARAspiWDM.sys
Image Path: C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys
Address: 0xF77EF000        Size: 17152        File Visible: -        Signed: -
Status: -

Name: hal.dll
Image Path: C:\WINDOWS\system32\hal.dll
Address: 0x806EE000        Size: 131840        File Visible: -        Signed: -
Status: -

Name: HIDPARSE.SYS
Image Path: C:\WINDOWS\system32\DRIVERS\HIDPARSE.SYS
Address: 0xF779F000        Size: 28672        File Visible: -        Signed: -
Status: -

Name: HTTP.sys
Image Path: C:\WINDOWS\System32\Drivers\HTTP.sys
Address: 0xA6100000        Size: 264832        File Visible: -        Signed: -
Status: -

Name: i8042prt.sys
Image Path: C:\WINDOWS\system32\DRIVERS\i8042prt.sys
Address: 0xB9E92000        Size: 52992        File Visible: -        Signed: -
Status: -

Name: ipnat.sys
Image Path: C:\WINDOWS\system32\DRIVERS\ipnat.sys
Address: 0xA9197000        Size: 152832        File Visible: -        Signed: -
Status: -

Name: ipsec.sys
Image Path: C:\WINDOWS\system32\DRIVERS\ipsec.sys
Address: 0xA93C0000        Size: 75264        File Visible: -        Signed: -
Status: -

Name: isapnp.sys
Image Path: isapnp.sys
Address: 0xF75F7000        Size: 37632        File Visible: -        Signed: -
Status: -

Name: kbdclass.sys
Image Path: C:\WINDOWS\system32\DRIVERS\kbdclass.sys
Address: 0xF775F000        Size: 25216        File Visible: -        Signed: -
Status: -

Name: KDCOM.DLL
Image Path: C:\WINDOWS\system32\KDCOM.DLL
Address: 0xF7987000        Size: 8192        File Visible: -        Signed: -
Status: -

Name: ks.sys
Image Path: C:\WINDOWS\system32\drivers\ks.sys
Address: 0xB9AE2000        Size: 143360        File Visible: -        Signed: -
Status: -

Name: KSecDD.sys
Image Path: KSecDD.sys
Address: 0xF7950000        Size: 92288        File Visible: -        Signed: -
Status: -

Name: L8042Kbd.sys
Image Path: C:\WINDOWS\system32\DRIVERS\L8042Kbd.sys
Address: 0xBA508000        Size: 13568        File Visible: -        Signed: -
Status: -

Name: L8042mou.Sys
Image Path: C:\WINDOWS\system32\DRIVERS\L8042mou.Sys
Address: 0xB9E82000        Size: 56448        File Visible: -        Signed: -
Status: -

Name: LMouKE.Sys
Image Path: C:\WINDOWS\system32\DRIVERS\LMouKE.Sys
Address: 0xB9857000        Size: 72448        File Visible: -        Signed: -
Status: -

Name: mnmdd.SYS
Image Path: C:\WINDOWS\System32\Drivers\mnmdd.SYS
Address: 0xF79B3000        Size: 4224        File Visible: -        Signed: -
Status: -

Name: mouclass.sys
Image Path: C:\WINDOWS\system32\DRIVERS\mouclass.sys
Address: 0xF7757000        Size: 23552        File Visible: -        Signed: -
Status: -

Name: MountMgr.sys
Image Path: MountMgr.sys
Address: 0xF7607000        Size: 42368        File Visible: -        Signed: -
Status: -

Name: mrxsmb.sys
Image Path: C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
Address: 0xA91BD000        Size: 456576        File Visible: -        Signed: -
Status: -

Name: Msfs.SYS
Image Path: C:\WINDOWS\System32\Drivers\Msfs.SYS
Address: 0xF77AF000        Size: 19072        File Visible: -        Signed: -
Status: -

Name: msgpc.sys
Image Path: C:\WINDOWS\system32\DRIVERS\msgpc.sys
Address: 0xB9E42000        Size: 35072        File Visible: -        Signed: -
Status: -

Name: msmpu401.sys
Image Path: C:\WINDOWS\system32\drivers\msmpu401.sys
Address: 0xB9CC0000        Size: 2944        File Visible: -        Signed: -
Status: -

Name: mssmbios.sys
Image Path: C:\WINDOWS\system32\DRIVERS\mssmbios.sys
Address: 0xF7927000        Size: 15488        File Visible: -        Signed: -
Status: -

Name: Mup.sys
Image Path: Mup.sys
Address: 0xBA746000        Size: 105344        File Visible: -        Signed: -
Status: -

Name: NDIS.sys
Image Path: NDIS.sys
Address: 0xF7A22000        Size: 182656        File Visible: -        Signed: -
Status: -

Name: ndistapi.sys
Image Path: C:\WINDOWS\system32\DRIVERS\ndistapi.sys
Address: 0xBA500000        Size: 10112        File Visible: -        Signed: -
Status: -

Name: ndisuio.sys
Image Path: C:\WINDOWS\system32\DRIVERS\ndisuio.sys
Address: 0xA680A000        Size: 14592        File Visible: -        Signed: -
Status: -

Name: ndiswan.sys
Image Path: C:\WINDOWS\system32\DRIVERS\ndiswan.sys
Address: 0xB9840000        Size: 91520        File Visible: -        Signed: -
Status: -

Name: NDProxy.SYS
Image Path: C:\WINDOWS\System32\Drivers\NDProxy.SYS
Address: 0xB9E12000        Size: 40576        File Visible: -        Signed: -
Status: -

Name: netbios.sys
Image Path: C:\WINDOWS\system32\DRIVERS\netbios.sys
Address: 0xF76C7000        Size: 34688        File Visible: -        Signed: -
Status: -

Name: netbt.sys
Image Path: C:\WINDOWS\system32\DRIVERS\netbt.sys
Address: 0xA933F000        Size: 162816        File Visible: -        Signed: -
Status: -

Name: Npfs.SYS
Image Path: C:\WINDOWS\System32\Drivers\Npfs.SYS
Address: 0xF77B7000        Size: 30848        File Visible: -        Signed: -
Status: -

Name: Ntfs.sys
Image Path: Ntfs.sys
Address: 0xF7B52000        Size: 574976        File Visible: -        Signed: -
Status: -

Name: ntoskrnl.exe
Image Path: C:\WINDOWS\system32\ntoskrnl.exe
Address: 0x804D7000        Size: 2191360        File Visible: -        Signed: -
Status: -

Name: Null.SYS
Image Path: C:\WINDOWS\System32\Drivers\Null.SYS
Address: 0xB9FD7000        Size: 2944        File Visible: -        Signed: -
Status: -

Name: nv_agp.sys
Image Path: nv_agp.sys
Address: 0xF789B000        Size: 13568        File Visible: -        Signed: -
Status: -

Name: ohci1394.sys
Image Path: ohci1394.sys
Address: 0xF7657000        Size: 61696        File Visible: -        Signed: -
Status: -

Name: parport.sys
Image Path: C:\WINDOWS\system32\DRIVERS\parport.sys
Address: 0xB9869000        Size: 80384        File Visible: -        Signed: -
Status: -

Name: PartMgr.sys
Image Path: PartMgr.sys
Address: 0xF770F000        Size: 19712        File Visible: -        Signed: -
Status: -

Name: ParVdm.SYS
Image Path: C:\WINDOWS\System32\Drivers\ParVdm.SYS
Address: 0xF79BD000        Size: 7040        File Visible: -        Signed: -
Status: -

Name: pci.sys
Image Path: pci.sys
Address: 0xF7481000        Size: 68224        File Visible: -        Signed: -
Status: -

Name: PCI_PNP9098
Image Path: \Driver\PCI_PNP9098
Address: 0x00000000        Size: 0        File Visible: No        Signed: -
Status: -

Name: pciide.sys
Image Path: pciide.sys
Address: 0xF7A4F000        Size: 3328        File Visible: -        Signed: -
Status: -

Name: PCIIDEX.SYS
Image Path: C:\WINDOWS\system32\DRIVERS\PCIIDEX.SYS
Address: 0xF7707000        Size: 28672        File Visible: -        Signed: -
Status: -

Name: PnpManager
Image Path: \Driver\PnpManager
Address: 0x804D7000        Size: 2191360        File Visible: -        Signed: -
Status: -

Name: portcls.sys
Image Path: C:\WINDOWS\system32\drivers\portcls.sys
Address: 0xB9B05000        Size: 147456        File Visible: -        Signed: -
Status: -

Name: psched.sys
Image Path: C:\WINDOWS\system32\DRIVERS\psched.sys
Address: 0xB982F000        Size: 69120        File Visible: -        Signed: -
Status: -

Name: ptilink.sys
Image Path: C:\WINDOWS\system32\DRIVERS\ptilink.sys
Address: 0xF7777000        Size: 17792        File Visible: -        Signed: -
Status: -

Name: PxHelp20.sys
Image Path: PxHelp20.sys
Address: 0xF7647000        Size: 36320        File Visible: -        Signed: -
Status: -

Name: rasacd.sys
Image Path: C:\WINDOWS\system32\DRIVERS\rasacd.sys
Address: 0xBA712000        Size: 8832        File Visible: -        Signed: -
Status: -

Name: rasl2tp.sys
Image Path: C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
Address: 0xB9E72000        Size: 51328        File Visible: -        Signed: -
Status: -

Name: raspppoe.sys
Image Path: C:\WINDOWS\system32\DRIVERS\raspppoe.sys
Address: 0xB9E62000        Size: 41472        File Visible: -        Signed: -
Status: -

Name: raspptp.sys
Image Path: C:\WINDOWS\system32\DRIVERS\raspptp.sys
Address: 0xB9E52000        Size: 48384        File Visible: -        Signed: -
Status: -

Name: raspti.sys
Image Path: C:\WINDOWS\system32\DRIVERS\raspti.sys
Address: 0xF777F000        Size: 16512        File Visible: -        Signed: -
Status: -

Name: RAW
Image Path: \FileSystem\RAW
Address: 0x804D7000        Size: 2191360        File Visible: -        Signed: -
Status: -

Name: rdbss.sys
Image Path: C:\WINDOWS\system32\DRIVERS\rdbss.sys
Address: 0xA922D000        Size: 175744        File Visible: -        Signed: -
Status: -

Name: RDPCDD.sys
Image Path: C:\WINDOWS\System32\DRIVERS\RDPCDD.sys
Address: 0xF79B5000        Size: 4224        File Visible: -        Signed: -
Status: -

Name: rdpdr.sys
Image Path: C:\WINDOWS\system32\DRIVERS\rdpdr.sys
Address: 0xB97FF000        Size: 196224        File Visible: -        Signed: -
Status: -

Name: rootrepeal.sys
Image Path: C:\WINDOWS\system32\drivers\rootrepeal.sys
Address: 0xA6010000        Size: 49152        File Visible: No        Signed: -
Status: -

Name: SASDIFSV.SYS
Image Path: C:\Programme\SUPERAntiSpyware\SASDIFSV.SYS
Address: 0xF77BF000        Size: 24576        File Visible: -        Signed: -
Status: -

Name: SASKUTIL.sys
Image Path: C:\Programme\SUPERAntiSpyware\SASKUTIL.sys
Address: 0xA9258000        Size: 151552        File Visible: -        Signed: -
Status: -

Name: SCSIPORT.SYS
Image Path: C:\WINDOWS\System32\Drivers\SCSIPORT.SYS
Address: 0xF74C1000        Size: 98304        File Visible: -        Signed: -
Status: -

Name: secdrv.sys
Image Path: C:\WINDOWS\system32\DRIVERS\secdrv.sys
Address: 0xA671E000        Size: 40960        File Visible: -        Signed: -
Status: -

Name: serenum.sys
Image Path: C:\WINDOWS\system32\DRIVERS\serenum.sys
Address: 0xBA50C000        Size: 15744        File Visible: -        Signed: -
Status: -

Name: serial.sys
Image Path: C:\WINDOWS\system32\DRIVERS\serial.sys
Address: 0xB9EA2000        Size: 65536        File Visible: -        Signed: -
Status: -

Name: sfdrv01.sys
Image Path: sfdrv01.sys
Address: 0xF7B40000        Size: 73728        File Visible: -        Signed: -
Status: -

Name: sfhlp02.sys
Image Path: sfhlp02.sys
Address: 0xF771F000        Size: 32768        File Visible: -        Signed: -
Status: -

Name: sfsync02.sys
Image Path: sfsync02.sys
Address: 0xF7717000        Size: 20544        File Visible: -        Signed: -
Status: -

Name: sfvfs02.sys
Image Path: sfvfs02.sys
Address: 0xF7A0F000        Size: 77824        File Visible: -        Signed: -
Status: -

Name: sptd
Image Path: \Driver\sptd
Address: 0x00000000        Size: 0        File Visible: No        Signed: -
Status: -

Name: spxc.sys
Image Path: spxc.sys
Address: 0xF74D9000        Size: 1036288        File Visible: No        Signed: -
Status: -

Name: srv.sys
Image Path: C:\WINDOWS\system32\DRIVERS\srv.sys
Address: 0xA651C000        Size: 334848        File Visible: -        Signed: -
Status: -

Name: swenum.sys
Image Path: C:\WINDOWS\system32\DRIVERS\swenum.sys
Address: 0xF79A9000        Size: 4352        File Visible: -        Signed: -
Status: -

Name: sysaudio.sys
Image Path: C:\WINDOWS\system32\drivers\sysaudio.sys
Address: 0xA65DE000        Size: 60800        File Visible: -        Signed: -
Status: -

Name: tcpip.sys
Image Path: C:\WINDOWS\system32\DRIVERS\tcpip.sys
Address: 0xA9367000        Size: 361344        File Visible: -        Signed: -
Status: -

Name: TDI.SYS
Image Path: C:\WINDOWS\system32\DRIVERS\TDI.SYS
Address: 0xF7767000        Size: 20480        File Visible: -        Signed: -
Status: -

Name: termdd.sys
Image Path: C:\WINDOWS\system32\DRIVERS\termdd.sys
Address: 0xB9E32000        Size: 40704        File Visible: -        Signed: -
Status: -

Name: update.sys
Image Path: C:\WINDOWS\system32\DRIVERS\update.sys
Address: 0xB97A1000        Size: 384768        File Visible: -        Signed: -
Status: -

Name: USBD.SYS
Image Path: C:\WINDOWS\system32\DRIVERS\USBD.SYS
Address: 0xF79AB000        Size: 8192        File Visible: -        Signed: -
Status: -

Name: usbehci.sys
Image Path: C:\WINDOWS\system32\DRIVERS\usbehci.sys
Address: 0xF77E7000        Size: 30208        File Visible: -        Signed: -
Status: -

Name: usbhub.sys
Image Path: C:\WINDOWS\system32\DRIVERS\usbhub.sys
Address: 0xB9E22000        Size: 59520        File Visible: -        Signed: -
Status: -

Name: usbohci.sys
Image Path: C:\WINDOWS\system32\DRIVERS\usbohci.sys
Address: 0xF77DF000        Size: 17152        File Visible: -        Signed: -
Status: -

Name: USBPORT.SYS
Image Path: C:\WINDOWS\system32\DRIVERS\USBPORT.SYS
Address: 0xB9C9B000        Size: 147456        File Visible: -        Signed: -
Status: -

Name: vga.sys
Image Path: C:\WINDOWS\System32\drivers\vga.sys
Address: 0xF77A7000        Size: 20992        File Visible: -        Signed: -
Status: -

Name: VIDEOPRT.SYS
Image Path: C:\WINDOWS\system32\DRIVERS\VIDEOPRT.SYS
Address: 0xB98C7000        Size: 81920        File Visible: -        Signed: -
Status: -

Name: VolSnap.sys
Image Path: VolSnap.sys
Address: 0xF7617000        Size: 53760        File Visible: -        Signed: -
Status: -

Name: wanarp.sys
Image Path: C:\WINDOWS\system32\DRIVERS\wanarp.sys
Address: 0xF7471000        Size: 34560        File Visible: -        Signed: -
Status: -

Name: watchdog.sys
Image Path: C:\WINDOWS\System32\watchdog.sys
Address: 0xA9463000        Size: 20480        File Visible: -        Signed: -
Status: -

Name: wdmaud.sys
Image Path: C:\WINDOWS\system32\drivers\wdmaud.sys
Address: 0xA6507000        Size: 83072        File Visible: -        Signed: -
Status: -

Name: Win32k
Image Path: \Driver\Win32k
Address: 0xBF800000        Size: 1847296        File Visible: -        Signed: -
Status: -

Name: win32k.sys
Image Path: C:\WINDOWS\System32\win32k.sys
Address: 0xBF800000        Size: 1847296        File Visible: -        Signed: -
Status: -

Name: WMILIB.SYS
Image Path: C:\WINDOWS\System32\Drivers\WMILIB.SYS
Address: 0xF7989000        Size: 8192        File Visible: -        Signed: -
Status: -

Name: WMIxWDM
Image Path: \Driver\WMIxWDM
Address: 0x804D7000        Size: 2191360        File Visible: -        Signed: -
Status: -

Kyu17 28.07.2009 19:05
Stealth Objects:
Code:
ROOTREPEAL (c) AD, 2007-2009
==================================================
Scan Start Time:                2009/07/28 20:01
Program Version:                Version 1.3.3.0
Windows Version:                Windows XP SP3
==================================================

Stealth Objects
-------------------
Object: Hidden Code [Driver: Ntfs, IRP_MJ_CREATE]
Process: System        Address: 0x8a2aa1f8        Size: 121

Object: Hidden Code [Driver: Ntfs, IRP_MJ_CLOSE]
Process: System        Address: 0x8a2aa1f8        Size: 121

Object: Hidden Code [Driver: Ntfs, IRP_MJ_READ]
Process: System        Address: 0x8a2aa1f8        Size: 121

Object: Hidden Code [Driver: Ntfs, IRP_MJ_WRITE]
Process: System        Address: 0x8a2aa1f8        Size: 121

Object: Hidden Code [Driver: Ntfs, IRP_MJ_QUERY_INFORMATION]
Process: System        Address: 0x8a2aa1f8        Size: 121

Object: Hidden Code [Driver: Ntfs, IRP_MJ_SET_INFORMATION]
Process: System        Address: 0x8a2aa1f8        Size: 121

Object: Hidden Code [Driver: Ntfs, IRP_MJ_QUERY_EA]
Process: System        Address: 0x8a2aa1f8        Size: 121

Object: Hidden Code [Driver: Ntfs, IRP_MJ_SET_EA]
Process: System        Address: 0x8a2aa1f8        Size: 121

Object: Hidden Code [Driver: Ntfs, IRP_MJ_FLUSH_BUFFERS]
Process: System        Address: 0x8a2aa1f8        Size: 121

Object: Hidden Code [Driver: Ntfs, IRP_MJ_QUERY_VOLUME_INFORMATION]
Process: System        Address: 0x8a2aa1f8        Size: 121

Object: Hidden Code [Driver: Ntfs, IRP_MJ_SET_VOLUME_INFORMATION]
Process: System        Address: 0x8a2aa1f8        Size: 121

Object: Hidden Code [Driver: Ntfs, IRP_MJ_DIRECTORY_CONTROL]
Process: System        Address: 0x8a2aa1f8        Size: 121

Object: Hidden Code [Driver: Ntfs, IRP_MJ_FILE_SYSTEM_CONTROL]
Process: System        Address: 0x8a2aa1f8        Size: 121

Object: Hidden Code [Driver: Ntfs, IRP_MJ_DEVICE_CONTROL]
Process: System        Address: 0x8a2aa1f8        Size: 121

Object: Hidden Code [Driver: Ntfs, IRP_MJ_SHUTDOWN]
Process: System        Address: 0x8a2aa1f8        Size: 121

Object: Hidden Code [Driver: Ntfs, IRP_MJ_LOCK_CONTROL]
Process: System        Address: 0x8a2aa1f8        Size: 121

Object: Hidden Code [Driver: Ntfs, IRP_MJ_CLEANUP]
Process: System        Address: 0x8a2aa1f8        Size: 121

Object: Hidden Code [Driver: Ntfs, IRP_MJ_QUERY_SECURITY]
Process: System        Address: 0x8a2aa1f8        Size: 121

Object: Hidden Code [Driver: Ntfs, IRP_MJ_SET_SECURITY]
Process: System        Address: 0x8a2aa1f8        Size: 121

Object: Hidden Code [Driver: Ntfs, IRP_MJ_QUERY_QUOTA]
Process: System        Address: 0x8a2aa1f8        Size: 121

Object: Hidden Code [Driver: Ntfs, IRP_MJ_SET_QUOTA]
Process: System        Address: 0x8a2aa1f8        Size: 121

Object: Hidden Code [Driver: Ntfs, IRP_MJ_PNP]
Process: System        Address: 0x8a2aa1f8        Size: 121

Object: Hidden Code [Driver: Cdrom, IRP_MJ_CREATE]
Process: System        Address: 0x8a0ee1f8        Size: 121

Object: Hidden Code [Driver: Cdrom, IRP_MJ_CLOSE]
Process: System        Address: 0x8a0ee1f8        Size: 121

Object: Hidden Code [Driver: Cdrom, IRP_MJ_READ]
Process: System        Address: 0x8a0ee1f8        Size: 121

Object: Hidden Code [Driver: Cdrom, IRP_MJ_WRITE]
Process: System        Address: 0x8a0ee1f8        Size: 121

Object: Hidden Code [Driver: Cdrom, IRP_MJ_FLUSH_BUFFERS]
Process: System        Address: 0x8a0ee1f8        Size: 121

Object: Hidden Code [Driver: Cdrom, IRP_MJ_DEVICE_CONTROL]
Process: System        Address: 0x8a0ee1f8        Size: 121

Object: Hidden Code [Driver: Cdrom, IRP_MJ_INTERNAL_DEVICE_CONTROL]
Process: System        Address: 0x8a0ee1f8        Size: 121

Object: Hidden Code [Driver: Cdrom, IRP_MJ_SHUTDOWN]
Process: System        Address: 0x8a0ee1f8        Size: 121

Object: Hidden Code [Driver: Cdrom, IRP_MJ_POWER]
Process: System        Address: 0x8a0ee1f8        Size: 121

Object: Hidden Code [Driver: Cdrom, IRP_MJ_SYSTEM_CONTROL]
Process: System        Address: 0x8a0ee1f8        Size: 121

Object: Hidden Code [Driver: Cdrom, IRP_MJ_PNP]
Process: System        Address: 0x8a0ee1f8        Size: 121

Object: Hidden Code [Driver: usbehci, IRP_MJ_CREATE]
Process: System        Address: 0x8a0f31f8        Size: 121

Object: Hidden Code [Driver: usbehci, IRP_MJ_CLOSE]
Process: System        Address: 0x8a0f31f8        Size: 121

Object: Hidden Code [Driver: usbehci, IRP_MJ_DEVICE_CONTROL]
Process: System        Address: 0x8a0f31f8        Size: 121

Object: Hidden Code [Driver: usbehci, IRP_MJ_INTERNAL_DEVICE_CONTROL]
Process: System        Address: 0x8a0f31f8        Size: 121

Object: Hidden Code [Driver: usbehci, IRP_MJ_POWER]
Process: System        Address: 0x8a0f31f8        Size: 121

Object: Hidden Code [Driver: usbehci, IRP_MJ_SYSTEM_CONTROL]
Process: System        Address: 0x8a0f31f8        Size: 121

Object: Hidden Code [Driver: usbehci, IRP_MJ_PNP]
Process: System        Address: 0x8a0f31f8        Size: 121

Object: Hidden Code [Driver: usbohci, IRP_MJ_CREATE]
Process: System        Address: 0x8a0481f8        Size: 121

Object: Hidden Code [Driver: usbohci, IRP_MJ_CLOSE]
Process: System        Address: 0x8a0481f8        Size: 121

Object: Hidden Code [Driver: usbohci, IRP_MJ_DEVICE_CONTROL]
Process: System        Address: 0x8a0481f8        Size: 121

Object: Hidden Code [Driver: usbohci, IRP_MJ_INTERNAL_DEVICE_CONTROL]
Process: System        Address: 0x8a0481f8        Size: 121

Object: Hidden Code [Driver: usbohci, IRP_MJ_POWER]
Process: System        Address: 0x8a0481f8        Size: 121

Object: Hidden Code [Driver: usbohci, IRP_MJ_SYSTEM_CONTROL]
Process: System        Address: 0x8a0481f8        Size: 121

Object: Hidden Code [Driver: usbohci, IRP_MJ_PNP]
Process: System        Address: 0x8a0481f8        Size: 121

Object: Hidden Code [Driver: dmio, IRP_MJ_CREATE]
Process: System        Address: 0x8a3181f8        Size: 121

Object: Hidden Code [Driver: dmio, IRP_MJ_CLOSE]
Process: System        Address: 0x8a3181f8        Size: 121

Object: Hidden Code [Driver: dmio, IRP_MJ_READ]
Process: System        Address: 0x8a3181f8        Size: 121

Object: Hidden Code [Driver: dmio, IRP_MJ_WRITE]
Process: System        Address: 0x8a3181f8        Size: 121

Object: Hidden Code [Driver: dmio, IRP_MJ_FLUSH_BUFFERS]
Process: System        Address: 0x8a3181f8        Size: 121

Object: Hidden Code [Driver: dmio, IRP_MJ_DEVICE_CONTROL]
Process: System        Address: 0x8a3181f8        Size: 121

Object: Hidden Code [Driver: dmio, IRP_MJ_INTERNAL_DEVICE_CONTROL]
Process: System        Address: 0x8a3181f8        Size: 121

Object: Hidden Code [Driver: dmio, IRP_MJ_SHUTDOWN]
Process: System        Address: 0x8a3181f8        Size: 121

Object: Hidden Code [Driver: dmio, IRP_MJ_POWER]
Process: System        Address: 0x8a3181f8        Size: 121

Object: Hidden Code [Driver: dmio, IRP_MJ_SYSTEM_CONTROL]
Process: System        Address: 0x8a3181f8        Size: 121

Object: Hidden Code [Driver: dmio, IRP_MJ_PNP]
Process: System        Address: 0x8a3181f8        Size: 121

Object: Hidden Code [Driver: Ftdisk, IRP_MJ_CREATE]
Process: System        Address: 0x8a2ac1f8        Size: 121

Object: Hidden Code [Driver: Ftdisk, IRP_MJ_READ]
Process: System        Address: 0x8a2ac1f8        Size: 121

Object: Hidden Code [Driver: Ftdisk, IRP_MJ_WRITE]
Process: System        Address: 0x8a2ac1f8        Size: 121

Object: Hidden Code [Driver: Ftdisk, IRP_MJ_FLUSH_BUFFERS]
Process: System        Address: 0x8a2ac1f8        Size: 121

Object: Hidden Code [Driver: Ftdisk, IRP_MJ_DEVICE_CONTROL]
Process: System        Address: 0x8a2ac1f8        Size: 121

Object: Hidden Code [Driver: Ftdisk, IRP_MJ_INTERNAL_DEVICE_CONTROL]
Process: System        Address: 0x8a2ac1f8        Size: 121

Object: Hidden Code [Driver: Ftdisk, IRP_MJ_SHUTDOWN]
Process: System        Address: 0x8a2ac1f8        Size: 121

Object: Hidden Code [Driver: Ftdisk, IRP_MJ_CLEANUP]
Process: System        Address: 0x8a2ac1f8        Size: 121

Object: Hidden Code [Driver: Ftdisk, IRP_MJ_POWER]
Process: System        Address: 0x8a2ac1f8        Size: 121

Object: Hidden Code [Driver: Ftdisk, IRP_MJ_SYSTEM_CONTROL]
Process: System        Address: 0x8a2ac1f8        Size: 121

Object: Hidden Code [Driver: Ftdisk, IRP_MJ_PNP]
Process: System        Address: 0x8a2ac1f8        Size: 121

Object: Hidden Code [Driver: NetBT, IRP_MJ_CREATE]
Process: System        Address: 0x89c021f8        Size: 121

Object: Hidden Code [Driver: NetBT, IRP_MJ_CLOSE]
Process: System        Address: 0x89c021f8        Size: 121

Object: Hidden Code [Driver: NetBT, IRP_MJ_DEVICE_CONTROL]
Process: System        Address: 0x89c021f8        Size: 121

Object: Hidden Code [Driver: NetBT, IRP_MJ_INTERNAL_DEVICE_CONTROL]
Process: System        Address: 0x89c021f8        Size: 121

Object: Hidden Code [Driver: NetBT, IRP_MJ_CLEANUP]
Process: System        Address: 0x89c021f8        Size: 121

Object: Hidden Code [Driver: NetBT, IRP_MJ_PNP]
Process: System        Address: 0x89c021f8        Size: 121

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_CREATE]
Process: System        Address: 0x89bde500        Size: 121

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_CREATE_NAMED_PIPE]
Process: System        Address: 0x89bde500        Size: 121

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_CLOSE]
Process: System        Address: 0x89bde500        Size: 121

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_READ]
Process: System        Address: 0x89bde500        Size: 121

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_WRITE]
Process: System        Address: 0x89bde500        Size: 121

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_QUERY_INFORMATION]
Process: System        Address: 0x89bde500        Size: 121

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_SET_INFORMATION]
Process: System        Address: 0x89bde500        Size: 121

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_QUERY_EA]
Process: System        Address: 0x89bde500        Size: 121

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_SET_EA]
Process: System        Address: 0x89bde500        Size: 121

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_FLUSH_BUFFERS]
Process: System        Address: 0x89bde500        Size: 121

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_QUERY_VOLUME_INFORMATION]
Process: System        Address: 0x89bde500        Size: 121

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_SET_VOLUME_INFORMATION]
Process: System        Address: 0x89bde500        Size: 121

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_DIRECTORY_CONTROL]
Process: System        Address: 0x89bde500        Size: 121

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_FILE_SYSTEM_CONTROL]
Process: System        Address: 0x89bde500        Size: 121

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_DEVICE_CONTROL]
Process: System        Address: 0x89bde500        Size: 121

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_INTERNAL_DEVICE_CONTROL]
Process: System        Address: 0x89bde500        Size: 121

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_SHUTDOWN]
Process: System        Address: 0x89bde500        Size: 121

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_LOCK_CONTROL]
Process: System        Address: 0x89bde500        Size: 121

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_CLEANUP]
Process: System        Address: 0x89bde500        Size: 121

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_CREATE_MAILSLOT]
Process: System        Address: 0x89bde500        Size: 121

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_QUERY_SECURITY]
Process: System        Address: 0x89bde500        Size: 121

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_SET_SECURITY]
Process: System        Address: 0x89bde500        Size: 121

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_POWER]
Process: System        Address: 0x89bde500        Size: 121

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_SYSTEM_CONTROL]
Process: System        Address: 0x89bde500        Size: 121

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_DEVICE_CHANGE]
Process: System        Address: 0x89bde500        Size: 121

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_QUERY_QUOTA]
Process: System        Address: 0x89bde500        Size: 121

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_SET_QUOTA]
Process: System        Address: 0x89bde500        Size: 121

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_PNP]
Process: System        Address: 0x89bde500        Size: 121

Object: Hidden Code [Driver: CdfsЅఐ卆浩#, IRP_MJ_CREATE]
Process: System        Address: 0x89f14500        Size: 121

Object: Hidden Code [Driver: CdfsЅఐ卆浩#, IRP_MJ_CLOSE]
Process: System        Address: 0x89f14500        Size: 121

Object: Hidden Code [Driver: CdfsЅఐ卆浩#, IRP_MJ_READ]
Process: System        Address: 0x89f14500        Size: 121

Object: Hidden Code [Driver: CdfsЅఐ卆浩#, IRP_MJ_QUERY_INFORMATION]
Process: System        Address: 0x89f14500        Size: 121

Object: Hidden Code [Driver: CdfsЅఐ卆浩#, IRP_MJ_SET_INFORMATION]
Process: System        Address: 0x89f14500        Size: 121

Object: Hidden Code [Driver: CdfsЅఐ卆浩#, IRP_MJ_QUERY_VOLUME_INFORMATION]
Process: System        Address: 0x89f14500        Size: 121

Object: Hidden Code [Driver: CdfsЅఐ卆浩#, IRP_MJ_DIRECTORY_CONTROL]
Process: System        Address: 0x89f14500        Size: 121

Object: Hidden Code [Driver: CdfsЅఐ卆浩#, IRP_MJ_FILE_SYSTEM_CONTROL]
Process: System        Address: 0x89f14500        Size: 121

Object: Hidden Code [Driver: CdfsЅఐ卆浩#, IRP_MJ_DEVICE_CONTROL]
Process: System        Address: 0x89f14500        Size: 121

Object: Hidden Code [Driver: CdfsЅఐ卆浩#, IRP_MJ_SHUTDOWN]
Process: System        Address: 0x89f14500        Size: 121

Object: Hidden Code [Driver: CdfsЅఐ卆浩#, IRP_MJ_LOCK_CONTROL]
Process: System        Address: 0x89f14500        Size: 121

Object: Hidden Code [Driver: CdfsЅఐ卆浩#, IRP_MJ_CLEANUP]
Process: System        Address: 0x89f14500        Size: 121

Object: Hidden Code [Driver: CdfsЅఐ卆浩#, IRP_MJ_PNP]
Process: System        Address: 0x89f14500        Size: 121
Hidden Services:
Code:
ROOTREPEAL (c) AD, 2007-2009
==================================================
Scan Start Time:                2009/07/28 20:02
Program Version:                Version 1.3.3.0
Windows Version:                Windows XP SP3
==================================================

Hidden Services
-------------------
Service Name: ovafog
Image Path%SystemRoot%\system32\svchost.exe -k netsvcs
Leider alles ein bisschen lang. Sieht wohl nicht so gut aus. ^^'

kira 29.07.2009 09:03
hi

Was sind Rootkits? - Rootkit/Definition
wie es aussieht, bleibt Dir eine komplette Neuinstallation nicht erspart!
Den "Auslieferungszustand wiederherzustellen" bzw so dass Du zu 100% dein System vertrauen kannst, ist nur mit Neuinstallation jeweils eine Änderung der Passwort und Zugangsdaten möglich
Wenn Du ganz sicher sein willst, dann würde Dich dazu raten

Kyu17 29.07.2009 13:21
Werde ich dann wohl mal besser machen. :o

Danke für deine nette Hilfe. =)

decotext 11.12.2009 17:15
WINDOWS-AUDIODIENST AKTIVIEREN:

Also erst: Verwaltung / Dienste / Dienst MULTIMEDIA-KLASSENPLANER aktivieren!

Danach:

1 Dienste/ Windows-Audio -starten-
2 Anmelden/ "Dieses Konto" > Lokale Dienst -eintragen-
3 Passwörte: löschen! (Wichtig!)
4 ÜBERNEHMEN (Sonst keine Aenderung!)
5 Zurück zu Allgemein / STARTEN -klicken-

Bei mir hat es funktioniert! Sound ist wieder da! :lach:


Alle Zeitangaben in WEZ +1. Es ist jetzt 02:42 Uhr.
Seite 2 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131