Jump to content

ChristopherLorking

Members
  • Posts

    1
  • Joined

  • Last visited

Reputation

0 Neutral
  1. Hi there, Attached is a log file from Rootkit Unhooker run on an XP Pro SP3 machine - at the bottom are TWO unknown/hidden drivers. I hope this is the correct place to post this - please let me know if the DDS log needs to be posted BEFORE anyone can help with this issue. If the DDS is required, I will run it as soon as I can and post the log. RkUnhooker report generator v0.7 ============================================== Rootkit Unhooker kernel version: 3.7.300.505 ============================================== Windows Major Version: 5 Windows Minor Version: 1 Windows Build Number: 2600 ============================================== >Drivers Driver: C:\WINDOWS\system32\DRIVERS\igxpmp32.sys Address: 0xB90D0000 Size: 6320128 bytes Driver: C:\WINDOWS\system32\drivers\RtkHDAud.sys Address: 0xA79D4000 Size: 6103040 bytes Driver: C:\WINDOWS\System32\igxpdx32.DLL Address: 0xBF322000 Size: 3518464 bytes Driver: C:\WINDOWS\System32\igxpdv32.DLL Address: 0xBF05E000 Size: 2899968 bytes Driver: C:\WINDOWS\system32\ntkrnlpa.exe Address: 0x804D7000 Size: 2154496 bytes Driver: PnpManager Address: 0x804D7000 Size: 2154496 bytes Driver: RAW Address: 0x804D7000 Size: 2154496 bytes Driver: WMIxWDM Address: 0x804D7000 Size: 2154496 bytes Driver: Win32k Address: 0xBF800000 Size: 1871872 bytes Driver: C:\WINDOWS\System32\win32k.sys Address: 0xBF800000 Size: 1871872 bytes Driver: Ntfs.sys Address: 0xB9DC6000 Size: 577536 bytes Driver: C:\WINDOWS\system32\DRIVERS\Wdf01000.sys Address: 0xA7711000 Size: 503808 bytes Driver: C:\WINDOWS\system32\DRIVERS\mrxsmb.sys Address: 0xA77B4000 Size: 458752 bytes Driver: mfehidk.sys Address: 0xB9E6A000 Size: 454656 bytes Driver: C:\WINDOWS\system32\DRIVERS\update.sys Address: 0xB8F0E000 Size: 385024 bytes Driver: C:\WINDOWS\system32\DRIVERS\tcpip.sys Address: 0xA78D4000 Size: 364544 bytes Driver: C:\WINDOWS\system32\DRIVERS\srv.sys Address: 0xA6918000 Size: 360448 bytes Driver: C:\WINDOWS\System32\ATMFD.DLL Address: 0xBF67D000 Size: 290816 bytes Driver: C:\WINDOWS\System32\Drivers\HTTP.sys Address: 0xA59FB000 Size: 266240 bytes Driver: C:\WINDOWS\System32\igxpgd32.dll Address: 0xBF024000 Size: 237568 bytes Driver: C:\WINDOWS\system32\DRIVERS\k57xp32.sys Address: 0xB905E000 Size: 221184 bytes Driver: C:\WINDOWS\system32\DRIVERS\rdpdr.sys Address: 0xB8F6C000 Size: 196608 bytes Driver: ACPI.sys Address: 0xB9F79000 Size: 188416 bytes Driver: C:\WINDOWS\system32\DRIVERS\mrxdav.sys Address: 0xA6A60000 Size: 184320 bytes Driver: NDIS.sys Address: 0xB9D99000 Size: 184320 bytes Driver: C:\WINDOWS\system32\drivers\mfeavfk.sys Address: 0xB8FC4000 Size: 176128 bytes Driver: C:\WINDOWS\system32\DRIVERS\rdbss.sys Address: 0xA7824000 Size: 176128 bytes Driver: C:\WINDOWS\system32\DRIVERS\HDAudBus.sys Address: 0xB9094000 Size: 163840 bytes Driver: C:\WINDOWS\system32\DRIVERS\netbt.sys Address: 0xA7871000 Size: 163840 bytes Driver: dmio.sys Address: 0xB9F23000 Size: 155648 bytes Driver: C:\WINDOWS\system32\DRIVERS\ipnat.sys Address: 0xA7899000 Size: 155648 bytes Driver: C:\WINDOWS\system32\drivers\portcls.sys Address: 0xA79B0000 Size: 147456 bytes Driver: C:\WINDOWS\system32\DRIVERS\USBPORT.SYS Address: 0xB903A000 Size: 147456 bytes Driver: C:\WINDOWS\system32\DRIVERS\ks.sys Address: 0xB9017000 Size: 143360 bytes Driver: C:\WINDOWS\System32\Drivers\RDPWD.SYS Address: 0xA5708000 Size: 143360 bytes Driver: C:\WINDOWS\System32\drivers\afd.sys Address: 0xA784F000 Size: 139264 bytes Driver: ACPI_HAL Address: 0x806E5000 Size: 134528 bytes Driver: C:\WINDOWS\system32\hal.dll Address: 0x806E5000 Size: 134528 bytes Driver: fltMgr.sys Address: 0xB9EEB000 Size: 131072 bytes Driver: ftdisk.sys Address: 0xB9F49000 Size: 126976 bytes Driver: C:\WINDOWS\system32\drivers\mfeapfk.sys Address: 0xA55CA000 Size: 114688 bytes Driver: Mup.sys Address: 0xB9D7F000 Size: 106496 bytes Driver: atapi.sys Address: 0xB9F0B000 Size: 98304 bytes Driver: C:\WINDOWS\System32\Drivers\dump_atapi.sys Address: 0xA76F9000 Size: 98304 bytes Driver: KSecDD.sys Address: 0xB9E53000 Size: 94208 bytes Driver: C:\WINDOWS\system32\DRIVERS\ndiswan.sys Address: 0xB9000000 Size: 94208 bytes Driver: C:\WINDOWS\system32\drivers\mfetdi2k.sys Address: 0xA78BF000 Size: 86016 bytes Driver: C:\WINDOWS\system32\drivers\wdmaud.sys Address: 0xA6ADB000 Size: 86016 bytes Driver: C:\WINDOWS\system32\DRIVERS\VIDEOPRT.SYS Address: 0xB90BC000 Size: 81920 bytes Driver: C:\WINDOWS\system32\DRIVERS\ipsec.sys Address: 0xA792D000 Size: 77824 bytes Driver: C:\WINDOWS\System32\drivers\dxg.sys Address: 0xBF000000 Size: 73728 bytes Driver: C:\WINDOWS\System32\igxprd32.dll Address: 0xBF012000 Size: 73728 bytes Driver: sr.sys Address: 0xB9ED9000 Size: 73728 bytes Driver: pci.sys Address: 0xB9F68000 Size: 69632 bytes Driver: C:\WINDOWS\system32\DRIVERS\psched.sys Address: 0xB8FEF000 Size: 69632 bytes Driver: C:\WINDOWS\System32\Drivers\Cdfs.SYS Address: 0xBA2B8000 Size: 65536 bytes Driver: C:\WINDOWS\system32\DRIVERS\cdrom.sys Address: 0xB96E7000 Size: 65536 bytes Driver: C:\WINDOWS\system32\DRIVERS\serial.sys Address: 0xB9707000 Size: 65536 bytes Driver: C:\WINDOWS\system32\drivers\drmk.sys Address: 0xBA1A8000 Size: 61440 bytes Driver: C:\WINDOWS\system32\DRIVERS\redbook.sys Address: 0xB96D7000 Size: 61440 bytes Driver: C:\WINDOWS\system32\drivers\sysaudio.sys Address: 0xA6C10000 Size: 61440 bytes Driver: C:\WINDOWS\system32\DRIVERS\usbhub.sys Address: 0xBA178000 Size: 61440 bytes Driver: C:\WINDOWS\system32\DRIVERS\CLASSPNP.SYS Address: 0xBA0E8000 Size: 53248 bytes Driver: C:\WINDOWS\system32\drivers\mfebopk.sys Address: 0xA5616000 Size: 53248 bytes Driver: C:\WINDOWS\system32\DRIVERS\rasl2tp.sys Address: 0xBA128000 Size: 53248 bytes Driver: VolSnap.sys Address: 0xBA0C8000 Size: 53248 bytes Driver: C:\WINDOWS\system32\DRIVERS\WDFLDR.SYS Address: 0xBA218000 Size: 53248 bytes Driver: C:\WINDOWS\system32\drivers\mfetdik.sys Address: 0xBA1D8000 Size: 49152 bytes Driver: C:\WINDOWS\system32\DRIVERS\raspptp.sys Address: 0xBA148000 Size: 49152 bytes Driver: C:\WINDOWS\System32\Drivers\Fips.SYS Address: 0xBA1F8000 Size: 45056 bytes Driver: C:\WINDOWS\system32\DRIVERS\imapi.sys Address: 0xB96F7000 Size: 45056 bytes Driver: MountMgr.sys Address: 0xBA0B8000 Size: 45056 bytes Driver: C:\WINDOWS\system32\DRIVERS\raspppoe.sys Address: 0xBA138000 Size: 45056 bytes Driver: isapnp.sys Address: 0xBA0A8000 Size: 40960 bytes Driver: C:\WINDOWS\system32\drivers\LMIRfsDriver.sys Address: 0xA6C40000 Size: 40960 bytes Driver: C:\WINDOWS\System32\Drivers\NDProxy.SYS Address: 0xBA188000 Size: 40960 bytes Driver: C:\WINDOWS\system32\DRIVERS\termdd.sys Address: 0xBA168000 Size: 40960 bytes Driver: disk.sys Address: 0xBA0D8000 Size: 36864 bytes Driver: C:\WINDOWS\system32\DRIVERS\HIDCLASS.SYS Address: 0xBA208000 Size: 36864 bytes Driver: C:\WINDOWS\system32\DRIVERS\intelppm.sys Address: 0xB9717000 Size: 36864 bytes Driver: C:\WINDOWS\system32\DRIVERS\msgpc.sys Address: 0xBA158000 Size: 36864 bytes Driver: C:\WINDOWS\system32\DRIVERS\netbios.sys Address: 0xBA1E8000 Size: 36864 bytes Driver: C:\WINDOWS\system32\DRIVERS\wanarp.sys Address: 0xBA2A8000 Size: 36864 bytes Driver: C:\WINDOWS\System32\Drivers\Npfs.SYS Address: 0xBA468000 Size: 32768 bytes Driver: C:\WINDOWS\system32\DRIVERS\usbccgp.sys Address: 0xBA378000 Size: 32768 bytes Driver: C:\WINDOWS\system32\DRIVERS\usbehci.sys Address: 0xBA408000 Size: 32768 bytes Driver: C:\WINDOWS\system32\DRIVERS\HIDPARSE.SYS Address: 0xBA450000 Size: 28672 bytes Driver: C:\WINDOWS\system32\DRIVERS\NuidFltr.sys Address: 0xBA480000 Size: 28672 bytes Driver: C:\WINDOWS\system32\DRIVERS\PCIIDEX.SYS Address: 0xBA328000 Size: 28672 bytes Driver: C:\WINDOWS\system32\DRIVERS\usbprint.sys Address: 0xBA470000 Size: 28672 bytes Driver: C:\WINDOWS\system32\DRIVERS\kbdclass.sys Address: 0xBA428000 Size: 24576 bytes Driver: C:\WINDOWS\system32\DRIVERS\mouclass.sys Address: 0xBA430000 Size: 24576 bytes Driver: C:\WINDOWS\System32\Drivers\rkhdrv40.SYS Address: 0xBA4A0000 Size: 24576 bytes Driver: C:\WINDOWS\System32\Drivers\TDTCP.SYS Address: 0xBA4A8000 Size: 24576 bytes Driver: C:\WINDOWS\system32\DRIVERS\usbuhci.sys Address: 0xBA400000 Size: 24576 bytes Driver: C:\WINDOWS\System32\drivers\vga.sys Address: 0xBA458000 Size: 24576 bytes Driver: C:\WINDOWS\System32\Drivers\Msfs.SYS Address: 0xBA460000 Size: 20480 bytes Driver: PartMgr.sys Address: 0xBA330000 Size: 20480 bytes Driver: C:\WINDOWS\system32\DRIVERS\ptilink.sys Address: 0xBA418000 Size: 20480 bytes Driver: C:\WINDOWS\system32\DRIVERS\raspti.sys Address: 0xBA420000 Size: 20480 bytes Driver: C:\WINDOWS\system32\DRIVERS\TDI.SYS Address: 0xBA410000 Size: 20480 bytes Driver: C:\WINDOWS\System32\watchdog.sys Address: 0xBA388000 Size: 20480 bytes Driver: C:\WINDOWS\system32\DRIVERS\kbdhid.sys Address: 0xA779C000 Size: 16384 bytes Driver: C:\WINDOWS\system32\DRIVERS\mssmbios.sys Address: 0xB9D3B000 Size: 16384 bytes Driver: C:\WINDOWS\system32\DRIVERS\ndisuio.sys Address: 0xA75E5000 Size: 16384 bytes Driver: C:\WINDOWS\system32\DRIVERS\serenum.sys Address: 0xBA588000 Size: 16384 bytes Driver: C:\WINDOWS\system32\BOOTVID.dll Address: 0xBA4B8000 Size: 12288 bytes Driver: C:\WINDOWS\System32\drivers\Dxapi.sys Address: 0xA7794000 Size: 12288 bytes Driver: C:\WINDOWS\system32\DRIVERS\hidusb.sys Address: 0xB8236000 Size: 12288 bytes Driver: C:\WINDOWS\System32\Drivers\i2omgmt.SYS Address: 0xB8FB0000 Size: 12288 bytes Driver: C:\WINDOWS\system32\DRIVERS\mouhid.sys Address: 0xB822E000 Size: 12288 bytes Driver: C:\WINDOWS\system32\DRIVERS\ndistapi.sys Address: 0xBA58C000 Size: 12288 bytes Driver: C:\WINDOWS\system32\DRIVERS\rasacd.sys Address: 0xB8FA8000 Size: 12288 bytes Driver: 00000018 Address: 0xBA5A8000 Size: 8192 bytes Driver: C:\WINDOWS\System32\Drivers\Beep.SYS Address: 0xBA5DA000 Size: 8192 bytes Driver: dmload.sys Address: 0xBA5AE000 Size: 8192 bytes Driver: C:\WINDOWS\System32\Drivers\dump_WMILIB.SYS Address: 0xBA642000 Size: 8192 bytes Driver: C:\WINDOWS\System32\Drivers\Fs_Rec.SYS Address: 0xBA5D8000 Size: 8192 bytes Driver: intelide.sys Address: 0xBA5AC000 Size: 8192 bytes Driver: C:\WINDOWS\system32\KDCOM.DLL Address: 0xBA5A8000 Size: 8192 bytes Driver: C:\WINDOWS\System32\Drivers\mnmdd.SYS Address: 0xBA5DC000 Size: 8192 bytes Driver: C:\Program Files\LogMeIn\x86\RaInfo.sys Address: 0xBA66E000 Size: 8192 bytes Driver: C:\WINDOWS\System32\DRIVERS\RDPCDD.sys Address: 0xBA5DE000 Size: 8192 bytes Driver: C:\WINDOWS\system32\DRIVERS\swenum.sys Address: 0xBA5D2000 Size: 8192 bytes Driver: C:\WINDOWS\system32\DRIVERS\USBD.SYS Address: 0xBA5D4000 Size: 8192 bytes Driver: C:\WINDOWS\system32\DRIVERS\WMILIB.SYS Address: 0xBA5AA000 Size: 8192 bytes Driver: C:\WINDOWS\system32\DRIVERS\audstub.sys Address: 0xBA79F000 Size: 4096 bytes Driver: C:\WINDOWS\System32\drivers\dxgthk.sys Address: 0xBA707000 Size: 4096 bytes Driver: C:\WINDOWS\system32\DRIVERS\lmimirr.sys Address: 0xBA79E000 Size: 4096 bytes Driver: C:\WINDOWS\System32\Drivers\Null.SYS Address: 0xBA776000 Size: 4096 bytes Driver: pciide.sys Address: 0xBA670000 Size: 4096 bytes !!!!!!!!!!!Hidden driver: 00000056 Loaded from: Address: 0x8AA18053 Size: 4013 bytes ============================================== >Stealth Unknown page with executable code Address: 0x8AA1A58F Size: 2673 Unknown page with executable code Address: 0x8AA18053 Size: 4013
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.