Jump to content

Malwarebytes found a rootkit please help

snook
 Share

Recommended Posts

snook

snook

Posted
Posted

hello my malwarebytes found a rootkit and it cannot delete it

the rootkit is C:\Windows\System32\Drivers\cmjresi.sys

here is a log from roorepeal:

ROOTREPEAL © AD, 2007-2009

==================================================

Scan Start Time: 2009/12/16 15:10

Program Version: Version 1.3.2.0

Windows Version: Windows Vista SP1

==================================================

Drivers

-------------------

Name: acpi.sys

Image Path: C:\Windows\system32\drivers\acpi.sys

Address: 0x8273B000 Size: 286720 File Visible: - Signed: -

Status: -

Name: ACPI_HAL

Image Path: \Driver\ACPI_HAL

Address: 0x8204C000 Size: 3903488 File Visible: - Signed: -

Status: -

Name: adjdkhxr.SYS

Image Path: C:\Windows\System32\Drivers\adjdkhxr.SYS

Address: 0x8D60D000 Size: 229376 File Visible: - Signed: -

Status: -

Name: afd.sys

Image Path: C:\Windows\system32\drivers\afd.sys

Address: 0x8D782000 Size: 294912 File Visible: - Signed: -

Status: -

Name: amdk8.sys

Image Path: C:\Windows\system32\DRIVERS\amdk8.sys

Address: 0x8819A000 Size: 65536 File Visible: - Signed: -

Status: -

Name: atapi.sys

Image Path: C:\Windows\system32\drivers\atapi.sys

Address: 0x87DEC000 Size: 32768 File Visible: - Signed: -

Status: -

Name: ataport.SYS

Image Path: C:\Windows\system32\drivers\ataport.SYS

Address: 0x827B0000 Size: 122880 File Visible: - Signed: -

Status: -

Name: ATMFD.DLL

Image Path: C:\Windows\System32\ATMFD.DLL

Address: 0x95AF0000 Size: 311296 File Visible: - Signed: -

Status: -

Name: Beep.SYS

Image Path: C:\Windows\System32\Drivers\Beep.SYS

Address: 0x8DB0D000 Size: 28672 File Visible: - Signed: -

Status: -

Name: BOOTVID.dll

Image Path: C:\Windows\system32\BOOTVID.dll

Address: 0x8061D000 Size: 32768 File Visible: - Signed: -

Status: -

Name: bowser.sys

Image Path: C:\Windows\system32\DRIVERS\bowser.sys

Address: 0x9D690000 Size: 102400 File Visible: - Signed: -

Status: -

Name: cdd.dll

Image Path: C:\Windows\System32\cdd.dll

Address: 0x95AE0000 Size: 57344 File Visible: - Signed: -

Status: -

Name: cdfs.sys

Image Path: C:\Windows\system32\DRIVERS\cdfs.sys

Address: 0x9EB09000 Size: 90112 File Visible: - Signed: -

Status: -

Name: cdrom.sys

Image Path: C:\Windows\system32\DRIVERS\cdrom.sys

Address: 0x8CBDF000 Size: 98304 File Visible: - Signed: -

Status: -

Name: CI.dll

Image Path: C:\Windows\system32\CI.dll

Address: 0x80666000 Size: 917504 File Visible: - Signed: -

Status: -

Name: CLASSPNP.SYS

Image Path: C:\Windows\system32\drivers\CLASSPNP.SYS

Address: 0x87DCB000 Size: 135168 File Visible: - Signed: -

Status: -

Name: cledx.sys

Image Path: C:\Windows\system32\DRIVERS\cledx.sys

Address: 0x8D718000 Size: 57344 File Visible: - Signed: -

Status: -

Name: CLFS.SYS

Image Path: C:\Windows\system32\CLFS.SYS

Address: 0x80625000 Size: 266240 File Visible: - Signed: -

Status: -

Name: cmjresi.sys

Image Path: C:\Windows\System32\Drivers\cmjresi.sys

Address: 0x87C08000 Size: 1159168 File Visible: No Signed: -

Status: -

Name: crashdmp.sys

Image Path: C:\Windows\System32\Drivers\crashdmp.sys

Address: 0x8DC6C000 Size: 53248 File Visible: - Signed: -

Status: -

Name: crcdisk.sys

Image Path: C:\Windows\system32\drivers\crcdisk.sys

Address: 0x883A4000 Size: 36864 File Visible: - Signed: -

Status: -

Name: dfsc.sys

Image Path: C:\Windows\System32\Drivers\dfsc.sys

Address: 0x8DC55000 Size: 94208 File Visible: - Signed: -

Status: -

Name: diginet.sys

Image Path: C:\Windows\system32\DRIVERS\diginet.sys

Address: 0x8DD6F000 Size: 32768 File Visible: - Signed: -

Status: -

Name: disk.sys

Image Path: C:\Windows\system32\drivers\disk.sys

Address: 0x88393000 Size: 69632 File Visible: - Signed: -

Status: -

Name: drmk.sys

Image Path: C:\Windows\system32\drivers\drmk.sys

Address: 0x8DAD8000 Size: 151552 File Visible: - Signed: -

Status: -

Name: dump_diskdump.sys

Image Path: C:\Windows\System32\Drivers\dump_diskdump.sys

Address: 0x8DC79000 Size: 40960 File Visible: No Signed: -

Status: -

Name: dump_nvstor32.sys

Image Path: C:\Windows\System32\Drivers\dump_nvstor32.sys

Address: 0x8DC83000 Size: 147456 File Visible: No Signed: -

Status: -

Name: Dxapi.sys

Image Path: C:\Windows\System32\drivers\Dxapi.sys

Address: 0x8DCA7000 Size: 40960 File Visible: - Signed: -

Status: -

Name: dxgkrnl.sys

Image Path: C:\Windows\System32\drivers\dxgkrnl.sys

Address: 0x8D529000 Size: 651264 File Visible: - Signed: -

Status: -

Name: ecache.sys

Image Path: C:\Windows\System32\drivers\ecache.sys

Address: 0x8836C000 Size: 159744 File Visible: - Signed: -

Status: -

Name: ElbyCDIO.sys

Image Path: C:\Windows\System32\Drivers\ElbyCDIO.sys

Address: 0x8DC50000 Size: 16896 File Visible: - Signed: -

Status: -

Name: fileinfo.sys

Image Path: C:\Windows\system32\drivers\fileinfo.sys

Address: 0x87E78000 Size: 65536 File Visible: - Signed: -

Status: -

Name: fltmgr.sys

Image Path: C:\Windows\system32\drivers\fltmgr.sys

Address: 0x87E46000 Size: 204800 File Visible: - Signed: -

Status: -

Name: Fs_Rec.SYS

Image Path: C:\Windows\System32\Drivers\Fs_Rec.SYS

Address: 0x8DAFD000 Size: 36864 File Visible: - Signed: -

Status: -

Name: fwpkclnt.sys

Image Path: C:\Windows\System32\drivers\fwpkclnt.sys

Address: 0x8817F000 Size: 110592 File Visible: - Signed: -

Status: -

Name: GEARAspiWDM.sys

Image Path: C:\Windows\system32\DRIVERS\GEARAspiWDM.sys

Address: 0x8CA00000 Size: 40960 File Visible: - Signed: -

Status: -

Name: hal.dll

Image Path: C:\Windows\system32\hal.dll

Address: 0x82019000 Size: 208896 File Visible: - Signed: -

Status: -

Name: HDAudBus.sys

Image Path: C:\Windows\system32\DRIVERS\HDAudBus.sys

Address: 0x8CACD000 Size: 73728 File Visible: - Signed: -

Status: -

Name: HSX_CNXT.sys

Image Path: C:\Windows\system32\DRIVERS\HSX_CNXT.sys

Address: 0x8CA0B000 Size: 741376 File Visible: - Signed: -

Status: -

Name: HSX_DP.sys

Image Path: C:\Windows\system32\DRIVERS\HSX_DP.sys

Address: 0x8C8D1000 Size: 1056768 File Visible: - Signed: -

Status: -

Name: HSXHWBS2.sys

Image Path: C:\Windows\system32\DRIVERS\HSXHWBS2.sys

Address: 0x8C85B000 Size: 311296 File Visible: - Signed: -

Status: -

Name: HTTP.sys

Image Path: C:\Windows\system32\drivers\HTTP.sys

Address: 0x9D606000 Size: 446464 File Visible: - Signed: -

Status: -

Name: i8042prt.sys

Image Path: C:\Windows\system32\DRIVERS\i8042prt.sys

Address: 0x881AA000 Size: 77824 File Visible: - Signed: -

Status: -

Name: kbdclass.sys

Image Path: C:\Windows\system32\DRIVERS\kbdclass.sys

Address: 0x881BD000 Size: 45056 File Visible: - Signed: -

Status: -

Name: kdcom.dll

Image Path: C:\Windows\system32\kdcom.dll

Address: 0x80604000 Size: 32768 File Visible: - Signed: -

Status: -

Name: ks.sys

Image Path: C:\Windows\system32\DRIVERS\ks.sys

Address: 0x8C8A7000 Size: 172032 File Visible: - Signed: -

Status: -

Name: ksecdd.sys

Image Path: C:\Windows\System32\Drivers\ksecdd.sys

Address: 0x87EA6000 Size: 462848 File Visible: - Signed: -

Status: -

Name: lgwefd.sys

Image Path: C:\Windows\System32\drivers\lgwefd.sys

Address: 0x80746000 Size: 54016 File Visible: No Signed: -

Status: -

Name: lltdio.sys

Image Path: C:\Windows\system32\DRIVERS\lltdio.sys

Address: 0x8DD77000 Size: 65536 File Visible: - Signed: -

Status: -

Name: mbamswissarmy.sys

Image Path: C:\Windows\system32\drivers\mbamswissarmy.sys

Address: 0x9EB39000 Size: 32768 File Visible: - Signed: -

Status: -

Name: mdmxsdk.sys

Image Path: C:\Windows\system32\DRIVERS\mdmxsdk.sys

Address: 0x9D7C1000 Size: 12672 File Visible: - Signed: -

Status: -

Name: modem.sys

Image Path: C:\Windows\system32\drivers\modem.sys

Address: 0x8CAC0000 Size: 53248 File Visible: - Signed: -

Status: -

Name: monitor.sys

Image Path: C:\Windows\system32\DRIVERS\monitor.sys

Address: 0x8DCB1000 Size: 61440 File Visible: - Signed: -

Status: -

Name: mouclass.sys

Image Path: C:\Windows\system32\DRIVERS\mouclass.sys

Address: 0x88200000 Size: 45056 File Visible: - Signed: -

Status: -

Name: mountmgr.sys

Image Path: C:\Windows\System32\drivers\mountmgr.sys

Address: 0x87DA0000 Size: 65536 File Visible: - Signed: -

Status: -

Name: mpsdrv.sys

Image Path: C:\Windows\System32\drivers\mpsdrv.sys

Address: 0x9D6A9000 Size: 86016 File Visible: - Signed: -

Status: -

Name: mrxdav.sys

Image Path: C:\Windows\system32\drivers\mrxdav.sys

Address: 0x9D6BE000 Size: 131072 File Visible: - Signed: -

Status: -

Name: mrxsmb.sys

Image Path: C:\Windows\system32\DRIVERS\mrxsmb.sys

Address: 0x9D6DE000 Size: 126976 File Visible: - Signed: -

Status: -

Name: mrxsmb10.sys

Image Path: C:\Windows\system32\DRIVERS\mrxsmb10.sys

Address: 0x9D6FD000 Size: 233472 File Visible: - Signed: -

Status: -

Name: mrxsmb20.sys

Image Path: C:\Windows\system32\DRIVERS\mrxsmb20.sys

Address: 0x9D736000 Size: 98304 File Visible: - Signed: -

Status: -

Name: Msfs.SYS

Image Path: C:\Windows\System32\Drivers\Msfs.SYS

Address: 0x8DB51000 Size: 45056 File Visible: - Signed: -

Status: -

Name: msisadrv.sys

Image Path: C:\Windows\system32\drivers\msisadrv.sys

Address: 0x82781000 Size: 32768 File Visible: - Signed: -

Status: -

Name: msiscsi.sys

Image Path: C:\Windows\system32\DRIVERS\msiscsi.sys

Address: 0x8D645000 Size: 188416 File Visible: - Signed: -

Status: -

Name: msrpc.sys

Image Path: C:\Windows\system32\drivers\msrpc.sys

Address: 0x8811A000 Size: 176128 File Visible: - Signed: -

Status: -

Name: mssmbios.sys

Image Path: C:\Windows\system32\DRIVERS\mssmbios.sys

Address: 0x8D726000 Size: 40960 File Visible: - Signed: -

Status: -

Name: mup.sys

Image Path: C:\Windows\System32\Drivers\mup.sys

Address: 0x8835D000 Size: 61440 File Visible: - Signed: -

Status: -

Name: ndis.sys

Image Path: C:\Windows\system32\drivers\ndis.sys

Address: 0x8800F000 Size: 1093632 File Visible: - Signed: -

Status: -

Name: ndistapi.sys

Image Path: C:\Windows\system32\DRIVERS\ndistapi.sys

Address: 0x8D695000 Size: 45056 File Visible: - Signed: -

Status: -

Name: ndiswan.sys

Image Path: C:\Windows\system32\DRIVERS\ndiswan.sys

Address: 0x8D6A0000 Size: 143360 File Visible: - Signed: -

Status: -

Name: NDProxy.SYS

Image Path: C:\Windows\System32\Drivers\NDProxy.SYS

Address: 0x8D771000 Size: 69632 File Visible: - Signed: -

Status: -

Name: netbios.sys

Image Path: C:\Windows\system32\DRIVERS\netbios.sys

Address: 0x8DBEE000 Size: 57344 File Visible: - Signed: -

Status: -

Name: netbt.sys

Image Path: C:\Windows\System32\DRIVERS\netbt.sys

Address: 0x8DB89000 Size: 204800 File Visible: - Signed: -

Status: -

Name: NETIO.SYS

Image Path: C:\Windows\system32\drivers\NETIO.SYS

Address: 0x88145000 Size: 237568 File Visible: - Signed: -

Status: -

Name: Npfs.SYS

Image Path: C:\Windows\System32\Drivers\Npfs.SYS

Address: 0x8DB5C000 Size: 57344 File Visible: - Signed: -

Status: -

Name: nsiproxy.sys

Image Path: C:\Windows\system32\drivers\nsiproxy.sys

Address: 0x8DC46000 Size: 40960 File Visible: - Signed: -

Status: -

Name: Ntfs.sys

Image Path: C:\Windows\System32\Drivers\Ntfs.sys

Address: 0x8820D000 Size: 1110016 File Visible: - Signed: -

Status: -

Name: ntkrnlpa.exe

Image Path: C:\Windows\system32\ntkrnlpa.exe

Address: 0x8204C000 Size: 3903488 File Visible: - Signed: -

Status: -

Name: Null.SYS

Image Path: C:\Windows\System32\Drivers\Null.SYS

Address: 0x8DB06000 Size: 28672 File Visible: - Signed: -

Status: -

Name: nvlddmkm.sys

Image Path: C:\Windows\system32\DRIVERS\nvlddmkm.sys

Address: 0x8CE0A000 Size: 7465312 File Visible: - Signed: -

Status: -

Name: nvmfdx32.sys

Image Path: C:\Windows\system32\DRIVERS\nvmfdx32.sys

Address: 0x8CADF000 Size: 1046016 File Visible: - Signed: -

Status: -

Name: nvraid.sys

Image Path: C:\Windows\system32\drivers\nvraid.sys

Address: 0x87DB0000 Size: 110592 File Visible: - Signed: -

Status: -

Name: nvstor32.sys

Image Path: C:\Windows\system32\DRIVERS\nvstor32.sys

Address: 0x827CE000 Size: 147456 File Visible: - Signed: -

Status: -

Name: pacer.sys

Image Path: C:\Windows\system32\DRIVERS\pacer.sys

Address: 0x8DBCF000 Size: 90112 File Visible: - Signed: -

Status: -

Name: partmgr.sys

Image Path: C:\Windows\System32\drivers\partmgr.sys

Address: 0x87D23000 Size: 61440 File Visible: - Signed: -

Status: -

Name: pci.sys

Image Path: C:\Windows\system32\drivers\pci.sys

Address: 0x82789000 Size: 159744 File Visible: - Signed: -

Status: -

Name: pciide.sys

Image Path: C:\Windows\system32\drivers\pciide.sys

Address: 0x87D8B000 Size: 28672 File Visible: - Signed: -

Status: -

Name: PCIIDEX.SYS

Image Path: C:\Windows\system32\drivers\PCIIDEX.SYS

Address: 0x87D92000 Size: 57344 File Visible: - Signed: -

Status: -

Name: peauth.sys

Image Path: C:\Windows\system32\drivers\peauth.sys

Address: 0x9EA0D000 Size: 909312 File Visible: - Signed: -

Status: -

Name: PnpManager

Image Path: \Driver\PnpManager

Address: 0x8204C000 Size: 3903488 File Visible: - Signed: -

Status: -

Name: portcls.sys

Image Path: C:\Windows\system32\drivers\portcls.sys

Address: 0x8DAAB000 Size: 184320 File Visible: - Signed: -

Status: -

Name: PSHED.dll

Image Path: C:\Windows\system32\PSHED.dll

Address: 0x8060C000 Size: 69632 File Visible: - Signed: -

Status: -

Name: rasacd.sys

Image Path: C:\Windows\System32\DRIVERS\rasacd.sys

Address: 0x8DB6A000 Size: 36864 File Visible: - Signed: -

Status: -

Name: rasl2tp.sys

Image Path: C:\Windows\system32\DRIVERS\rasl2tp.sys

Address: 0x8D67E000 Size: 94208 File Visible: - Signed: -

Status: -

Name: raspppoe.sys

Image Path: C:\Windows\system32\DRIVERS\raspppoe.sys

Address: 0x8D6C3000 Size: 61440 File Visible: - Signed: -

Status: -

Name: raspptp.sys

Image Path: C:\Windows\system32\DRIVERS\raspptp.sys

Address: 0x8D6D2000 Size: 81920 File Visible: - Signed: -

Status: -

Name: rassstp.sys

Image Path: C:\Windows\system32\DRIVERS\rassstp.sys

Address: 0x8D6E6000 Size: 86016 File Visible: - Signed: -

Status: -

Name: RAW

Image Path: \FileSystem\RAW

Address: 0x8204C000 Size: 3903488 File Visible: - Signed: -

Status: -

Name: rdbss.sys

Image Path: C:\Windows\system32\DRIVERS\rdbss.sys

Address: 0x8DC0A000 Size: 245760 File Visible: - Signed: -

Status: -

Name: RDPCDD.sys

Image Path: C:\Windows\System32\DRIVERS\RDPCDD.sys

Address: 0x8DB41000 Size: 32768 File Visible: - Signed: -

Status: -

Name: rdpencdd.sys

Image Path: C:\Windows\system32\drivers\rdpencdd.sys

Address: 0x8DB49000 Size: 32768 File Visible: - Signed: -

Status: -

Name: rootrepeal.sys

Image Path: C:\Windows\system32\drivers\rootrepeal.sys

Address: 0x9EB41000 Size: 49152 File Visible: No Signed: -

Status: -

Name: rspndr.sys

Image Path: C:\Windows\system32\DRIVERS\rspndr.sys

Address: 0x8DD87000 Size: 77824 File Visible: - Signed: -

Status: -

Name: RTKVHDA.sys

Image Path: C:\Windows\system32\drivers\RTKVHDA.sys

Address: 0x8D80E000 Size: 2738112 File Visible: - Signed: -

Status: -

Name: SCDEmu.SYS

Image Path: C:\Windows\System32\Drivers\SCDEmu.SYS

Address: 0x8D800000 Size: 55424 File Visible: - Signed: -

Status: -

Name: SCSIPORT.SYS

Image Path: C:\Windows\System32\Drivers\SCSIPORT.SYS

Address: 0x82715000 Size: 155648 File Visible: - Signed: -

Status: -

Name: secdrv.SYS

Image Path: C:\Windows\System32\Drivers\secdrv.SYS

Address: 0x9EAEB000 Size: 40960 File Visible: - Signed: -

Status: -

Name: smb.sys

Image Path: C:\Windows\system32\DRIVERS\smb.sys

Address: 0x8DBBB000 Size: 81920 File Visible: - Signed: -

Status: -

Name: spldr.sys

Image Path: C:\Windows\System32\Drivers\spldr.sys

Address: 0x88355000 Size: 32768 File Visible: - Signed: -

Status: -

Name: splk.sys

Image Path: C:\Windows\System32\Drivers\splk.sys

Address: 0x8260B000 Size: 1052672 File Visible: No Signed: -

Status: -

Name: spsys.sys

Image Path: C:\Windows\system32\drivers\spsys.sys

Address: 0x8DCC0000 Size: 716800 File Visible: - Signed: -

Status: -

Name: sptd

Image Path: \Driver\sptd

Address: 0x00000000 Size: 0 File Visible: No Signed: -

Status: -

Name: srv.sys

Image Path: C:\Windows\System32\DRIVERS\srv.sys

Address: 0x9D775000 Size: 311296 File Visible: - Signed: -

Status: -

Name: srv2.sys

Image Path: C:\Windows\System32\DRIVERS\srv2.sys

Address: 0x9D74E000 Size: 159744 File Visible: - Signed: -

Status: -

Name: srvnet.sys

Image Path: C:\Windows\System32\DRIVERS\srvnet.sys

Address: 0x9D673000 Size: 118784 File Visible: - Signed: -

Status: -

Name: storport.sys

Image Path: C:\Windows\system32\DRIVERS\storport.sys

Address: 0x87E05000 Size: 266240 File Visible: - Signed: -

Status: -

Name: swenum.sys

Image Path: C:\Windows\system32\DRIVERS\swenum.sys

Address: 0x8D716000 Size: 4992 File Visible: - Signed: -

Status: -

Name: SymIMv.sys

Image Path: C:\Windows\system32\DRIVERS\SymIMv.sys

Address: 0x8DBE5000 Size: 36864 File Visible: - Signed: -

Status: -

Name: tcpip.sys

Image Path: C:\Windows\System32\drivers\tcpip.sys

Address: 0x87F17000 Size: 954368 File Visible: - Signed: -

Status: -

Name: tcpipreg.sys

Image Path: C:\Windows\System32\drivers\tcpipreg.sys

Address: 0x9EAF5000 Size: 49152 File Visible: - Signed: -

Status: -

Name: TDI.SYS

Image Path: C:\Windows\system32\DRIVERS\TDI.SYS

Address: 0x8D673000 Size: 45056 File Visible: - Signed: -

Status: -

Name: tdx.sys

Image Path: C:\Windows\system32\DRIVERS\tdx.sys

Address: 0x8DB73000 Size: 90112 File Visible: - Signed: -

Status: -

Name: termdd.sys

Image Path: C:\Windows\system32\DRIVERS\termdd.sys

Address: 0x8D6FB000 Size: 65536 File Visible: - Signed: -

Status: -

Name: TPkd.sys

Image Path: C:\Windows\System32\Drivers\TPkd.sys

Address: 0x87E88000 Size: 122880 File Visible: - Signed: -

Status: -

Name: TSDDD.dll

Image Path: C:\Windows\System32\TSDDD.dll

Address: 0x95AC0000 Size: 36864 File Visible: - Signed: -

Status: -

Name: tunmp.sys

Image Path: C:\Windows\system32\DRIVERS\tunmp.sys

Address: 0x883F3000 Size: 36864 File Visible: - Signed: -

Status: -

Name: tunnel.sys

Image Path: C:\Windows\system32\DRIVERS\tunnel.sys

Address: 0x883E8000 Size: 45056 File Visible: - Signed: -

Status: -

Name: umbus.sys

Image Path: C:\Windows\system32\DRIVERS\umbus.sys

Address: 0x8D730000 Size: 53248 File Visible: - Signed: -

Status: -

Name: usbehci.sys

Image Path: C:\Windows\system32\DRIVERS\usbehci.sys

Address: 0x8C84C000 Size: 61440 File Visible: - Signed: -

Status: -

Name: usbhub.sys

Image Path: C:\Windows\system32\DRIVERS\usbhub.sys

Address: 0x8D73D000 Size: 212992 File Visible: - Signed: -

Status: -

Name: usbohci.sys

Image Path: C:\Windows\system32\DRIVERS\usbohci.sys

Address: 0x881C8000 Size: 40960 File Visible: - Signed: -

Status: -

Name: USBPORT.SYS

Image Path: C:\Windows\system32\DRIVERS\USBPORT.SYS

Address: 0x8C80E000 Size: 253952 File Visible: - Signed: -

Status: -

Name: VClone.sys

Image Path: C:\Windows\system32\DRIVERS\VClone.sys

Address: 0x8D70B000 Size: 45056 File Visible: - Signed: -

Status: -

Name: vga.sys

Image Path: C:\Windows\System32\drivers\vga.sys

Address: 0x8DB14000 Size: 49152 File Visible: - Signed: -

Status: -

Name: VIDEOPRT.SYS

Image Path: C:\Windows\System32\drivers\VIDEOPRT.SYS

Address: 0x8DB20000 Size: 135168 File Visible: - Signed: -

Status: -

Name: volmgr.sys

Image Path: C:\Windows\system32\drivers\volmgr.sys

Address: 0x87D32000 Size: 61440 File Visible: - Signed: -

Status: -

Name: volmgrx.sys

Image Path: C:\Windows\System32\drivers\volmgrx.sys

Address: 0x87D41000 Size: 303104 File Visible: - Signed: -

Status: -

Name: volsnap.sys

Image Path: C:\Windows\system32\drivers\volsnap.sys

Address: 0x8831C000 Size: 233472 File Visible: - Signed: -

Status: -

Name: wanarp.sys

Image Path: C:\Windows\system32\DRIVERS\wanarp.sys

Address: 0x8D7CA000 Size: 77824 File Visible: - Signed: -

Status: -

Name: watchdog.sys

Image Path: C:\Windows\System32\drivers\watchdog.sys

Address: 0x8D5C8000 Size: 53248 File Visible: - Signed: -

Status: -

Name: Wdf01000.sys

Image Path: C:\Windows\system32\drivers\Wdf01000.sys

Address: 0x80754000 Size: 507904 File Visible: - Signed: -

Status: -

Name: WDFLDR.SYS

Image Path: C:\Windows\system32\drivers\WDFLDR.SYS

Address: 0x807D0000 Size: 53248 File Visible: - Signed: -

Status: -

Name: Win32k

Image Path: \Driver\Win32k

Address: 0x958A0000 Size: 2105344 File Visible: - Signed: -

Status: -

Name: win32k.sys

Image Path: C:\Windows\System32\win32k.sys

Address: 0x958A0000 Size: 2105344 File Visible: - Signed: -

Status: -

Name: WMILIB.SYS

Image Path: C:\Windows\System32\Drivers\WMILIB.SYS

Address: 0x8270C000 Size: 36864 File Visible: - Signed: -

Status: -

Name: WMIxWDM

Image Path: \Driver\WMIxWDM

Address: 0x8204C000 Size: 3903488 File Visible: - Signed: -

Status: -

Name: xaudio.sys

Image Path: C:\Windows\system32\DRIVERS\xaudio.sys

Address: 0x9EB01000 Size: 32768 File Visible: - Signed: -

Status: -

Link to post
Share on other sites
Firefox

Firefox

Posted
Posted

Hello snook, and welcome to Malwarebytes.org

We don't work on Malware removal in the general forums.

Please print out, read and follow the directions here, skipping any steps you are unable to complete. Then post a NEW topic here.

One of the expert helpers there will give you one-on-one assistance when one becomes available.

After posting your new post make sure under options that you select Track this topic and choose one of the Email options so that you're alerted when someon has replied to your post.

Alternatively, as a paying customer, you can contact the help desk at support@malwarebytes.org

Link to post
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.