GMER 1.0.15.15281 - http://www.gmer.net Rootkit scan 2010-07-02 14:40:36 Windows 5.1.2600 Service Pack 3 Running: 8xmbex4w.exe; Driver: C:\DOKUME~1\Beate\LOKALE~1\Temp\pgtdapog.sys ---- System - GMER 1.0.15 ---- SSDT \??\C:\Programme\AVPersonal\AVGNTDW.SYS (Filter Device for Windows XP/2000/NT/H+BEDV Datentechnik GmbH) ZwClose [0xB0FA77FC] SSDT \??\C:\Programme\AVPersonal\AVGNTDW.SYS (Filter Device for Windows XP/2000/NT/H+BEDV Datentechnik GmbH) ZwCreateFile [0xB0FA7B6A] SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs Inc.) ZwDeleteKey [0xB1EE3460] SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs Inc.) ZwDeleteValueKey [0xB1EE33C0] SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs Inc.) ZwLoadKey [0xB1EE34E0] SSDT \??\C:\Programme\AVPersonal\AVGNTDW.SYS (Filter Device for Windows XP/2000/NT/H+BEDV Datentechnik GmbH) ZwOpenFile [0xB0FA819E] SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs Inc.) ZwReplaceKey [0xB1EE3590] SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs Inc.) ZwRestoreKey [0xB1EE3610] SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs Inc.) ZwSetValueKey [0xB1EE3310] SSDT \??\C:\Programme\AVPersonal\AVGNTDW.SYS (Filter Device for Windows XP/2000/NT/H+BEDV Datentechnik GmbH) ZwWriteFile [0xB0FA790E] ---- Kernel code sections - GMER 1.0.15 ---- ? mblxx.sys Das System kann die angegebene Datei nicht finden. ! init C:\WINDOWS\system32\drivers\ALCXSENS.SYS entry point in "init" section [0xF7D45900] ---- Kernel IAT/EAT - GMER 1.0.15 ---- IAT \SystemRoot\system32\DRIVERS\raspppoe.sys[NDIS.SYS!NdisRegisterProtocol] [B1ED3AB0] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs Inc.) IAT \SystemRoot\system32\DRIVERS\raspppoe.sys[NDIS.SYS!NdisOpenAdapter] [B1ED3D00] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs Inc.) IAT \SystemRoot\system32\DRIVERS\raspppoe.sys[NDIS.SYS!NdisCloseAdapter] [B1ED3E40] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs Inc.) IAT \SystemRoot\system32\DRIVERS\raspppoe.sys[NDIS.SYS!NdisDeregisterProtocol] [B1ED3C10] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs Inc.) IAT \SystemRoot\system32\DRIVERS\psched.sys[NDIS.SYS!NdisDeregisterProtocol] [B1ED3C10] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs Inc.) IAT \SystemRoot\system32\DRIVERS\psched.sys[NDIS.SYS!NdisRegisterProtocol] [B1ED3AB0] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs Inc.) IAT \SystemRoot\system32\DRIVERS\psched.sys[NDIS.SYS!NdisOpenAdapter] [B1ED3D00] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs Inc.) IAT \SystemRoot\system32\DRIVERS\psched.sys[NDIS.SYS!NdisCloseAdapter] [B1ED3E40] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs Inc.) IAT \SystemRoot\System32\Drivers\NDProxy.SYS[NDIS.SYS!NdisRegisterProtocol] [B1ED3AB0] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs Inc.) IAT \SystemRoot\System32\Drivers\NDProxy.SYS[NDIS.SYS!NdisDeregisterProtocol] [B1ED3C10] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs Inc.) IAT \SystemRoot\System32\Drivers\NDProxy.SYS[NDIS.SYS!NdisCloseAdapter] [B1ED3E40] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs Inc.) IAT \SystemRoot\System32\Drivers\NDProxy.SYS[NDIS.SYS!NdisOpenAdapter] [B1ED3D00] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs Inc.) IAT \SystemRoot\system32\DRIVERS\tcpip.sys[NDIS.SYS!NdisCloseAdapter] [B1ED3E40] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs Inc.) IAT \SystemRoot\system32\DRIVERS\tcpip.sys[NDIS.SYS!NdisOpenAdapter] [B1ED3D00] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs Inc.) IAT \SystemRoot\system32\DRIVERS\tcpip.sys[NDIS.SYS!NdisRegisterProtocol] [B1ED3AB0] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs Inc.) IAT \SystemRoot\system32\DRIVERS\wanarp.sys[NDIS.SYS!NdisDeregisterProtocol] [B1ED3C10] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs Inc.) IAT \SystemRoot\system32\DRIVERS\wanarp.sys[NDIS.SYS!NdisRegisterProtocol] [B1ED3AB0] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs Inc.) IAT \SystemRoot\system32\DRIVERS\wanarp.sys[NDIS.SYS!NdisOpenAdapter] [B1ED3D00] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs Inc.) IAT \SystemRoot\system32\DRIVERS\wanarp.sys[NDIS.SYS!NdisCloseAdapter] [B1ED3E40] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs Inc.) IAT \SystemRoot\system32\DRIVERS\ndisuio.sys[NDIS.SYS!NdisRegisterProtocol] [B1ED3AB0] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs Inc.) IAT \SystemRoot\system32\DRIVERS\ndisuio.sys[NDIS.SYS!NdisDeregisterProtocol] [B1ED3C10] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs Inc.) IAT \SystemRoot\system32\DRIVERS\ndisuio.sys[NDIS.SYS!NdisCloseAdapter] [B1ED3E40] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs Inc.) IAT \SystemRoot\system32\DRIVERS\ndisuio.sys[NDIS.SYS!NdisOpenAdapter] [B1ED3D00] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs Inc.) ---- Devices - GMER 1.0.15 ---- Device \Driver\Tcpip \Device\Ip vsdatant.sys (TrueVector Device Driver/Zone Labs Inc.) Device \Driver\Tcpip \Device\Tcp vsdatant.sys (TrueVector Device Driver/Zone Labs Inc.) Device \Driver\Tcpip \Device\Udp vsdatant.sys (TrueVector Device Driver/Zone Labs Inc.) Device \Driver\Tcpip \Device\RawIp vsdatant.sys (TrueVector Device Driver/Zone Labs Inc.) Device \Driver\Tcpip \Device\IPMULTICAST vsdatant.sys (TrueVector Device Driver/Zone Labs Inc.) ---- EOF - GMER 1.0.15 ----