Postoji li sta sumnjivo?

2

Postoji li sta sumnjivo?

offline
  • Pridružio: 21 Jan 2008
  • Poruke: 10

GMER 1.0.14.14116 - gmer.net
Rootkit scan 2008-01-27 11:54:30
Windows 5.1.2600 Service Pack 2


---- System - GMER 1.0.14 ----

SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs LLC) ZwConnectPort [0xF7FFF4DD]
SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs LLC) ZwDeleteKey [0xF8013190]
SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs LLC) ZwDeleteValueKey [0xF80130C0]
SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs LLC) ZwLoadKey [0xF8013210]
SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs LLC) ZwOpenProcess [0xF8012A60]
SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs LLC) ZwReplaceKey [0xF8013380]
SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs LLC) ZwRestoreKey [0xF80134C0]
SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs LLC) ZwSecureConnectPort [0xF7FFF665]
SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs LLC) ZwSetValueKey [0xF8012FE0]

---- Kernel IAT/EAT - GMER 1.0.14 ----

IAT \SystemRoot\system32\DRIVERS\raspppoe.sys[NDIS.SYS!NdisRegisterProtocol] [F80032D0] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs LLC)
IAT \SystemRoot\system32\DRIVERS\raspppoe.sys[NDIS.SYS!NdisOpenAdapter] [F8003560] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs LLC)
IAT \SystemRoot\system32\DRIVERS\raspppoe.sys[NDIS.SYS!NdisCloseAdapter] [F80036A0] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs LLC)
IAT \SystemRoot\system32\DRIVERS\raspppoe.sys[NDIS.SYS!NdisDeregisterProtocol] [F8003450] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs LLC)
IAT \SystemRoot\system32\DRIVERS\psched.sys[NDIS.SYS!NdisDeregisterProtocol] [F8003450] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs LLC)
IAT \SystemRoot\system32\DRIVERS\psched.sys[NDIS.SYS!NdisRegisterProtocol] [F80032D0] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs LLC)
IAT \SystemRoot\system32\DRIVERS\psched.sys[NDIS.SYS!NdisOpenAdapter] [F8003560] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs LLC)
IAT \SystemRoot\system32\DRIVERS\psched.sys[NDIS.SYS!NdisCloseAdapter] [F80036A0] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs LLC)
IAT \SystemRoot\System32\Drivers\NDProxy.SYS[NDIS.SYS!NdisRegisterProtocol] [F80032D0] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs LLC)
IAT \SystemRoot\System32\Drivers\NDProxy.SYS[NDIS.SYS!NdisCloseAdapter] [F80036A0] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs LLC)
IAT \SystemRoot\System32\Drivers\NDProxy.SYS[NDIS.SYS!NdisOpenAdapter] [F8003560] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs LLC)
IAT \SystemRoot\System32\Drivers\NDProxy.SYS[NDIS.SYS!NdisDeregisterProtocol] [F8003450] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs LLC)
IAT \SystemRoot\system32\DRIVERS\tcpip.sys[NDIS.SYS!NdisCloseAdapter] [F80036A0] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs LLC)
IAT \SystemRoot\system32\DRIVERS\tcpip.sys[NDIS.SYS!NdisOpenAdapter] [F8003560] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs LLC)
IAT \SystemRoot\system32\DRIVERS\tcpip.sys[NDIS.SYS!NdisRegisterProtocol] [F80032D0] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs LLC)
IAT \SystemRoot\System32\drivers\afd.sys[ntoskrnl.exe!IoCreateFile] [F801EBF0] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs LLC)
IAT \SystemRoot\system32\DRIVERS\wanarp.sys[NDIS.SYS!NdisDeregisterProtocol] [F8003450] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs LLC)
IAT \SystemRoot\system32\DRIVERS\wanarp.sys[NDIS.SYS!NdisRegisterProtocol] [F80032D0] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs LLC)
IAT \SystemRoot\system32\DRIVERS\wanarp.sys[NDIS.SYS!NdisOpenAdapter] [F8003560] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs LLC)
IAT \SystemRoot\system32\DRIVERS\wanarp.sys[NDIS.SYS!NdisCloseAdapter] [F80036A0] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs LLC)
IAT \SystemRoot\system32\DRIVERS\ndisuio.sys[NDIS.SYS!NdisRegisterProtocol] [F80032D0] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs LLC)
IAT \SystemRoot\system32\DRIVERS\ndisuio.sys[NDIS.SYS!NdisDeregisterProtocol] [F8003450] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs LLC)
IAT \SystemRoot\system32\DRIVERS\ndisuio.sys[NDIS.SYS!NdisCloseAdapter] [F80036A0] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs LLC)
IAT \SystemRoot\system32\DRIVERS\ndisuio.sys[NDIS.SYS!NdisOpenAdapter] [F8003560] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs LLC)

---- User IAT/EAT - GMER 1.0.14 ----

IAT D:\Program Files\DAP\DAP.EXE[1880] @ C:\WINDOWS\system32\ole32.dll [ADVAPI32.dll!RegQueryValueA] 00EBB11D
IAT D:\Program Files\DAP\DAP.EXE[1880] @ C:\WINDOWS\system32\ole32.dll [ADVAPI32.dll!RegCreateKeyExW] 00EBAF30
IAT D:\Program Files\DAP\DAP.EXE[1880] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetProcAddress] 00EB695F
IAT D:\Program Files\DAP\DAP.EXE[1880] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] 00EB7538
IAT D:\Program Files\DAP\DAP.EXE[1880] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!CloseHandle] 00EB92E2
IAT D:\Program Files\DAP\DAP.EXE[1880] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!FreeLibrary] 00EB7D04
IAT D:\Program Files\DAP\DAP.EXE[1880] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] 00EB771D
IAT D:\Program Files\DAP\DAP.EXE[1880] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!CreateFileW] 00EB8B5D
IAT D:\Program Files\DAP\DAP.EXE[1880] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GlobalUnlock] 00EBA7C4
IAT D:\Program Files\DAP\DAP.EXE[1880] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GlobalLock] 00EBA7F4
IAT D:\Program Files\DAP\DAP.EXE[1880] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetProcessHeap] 00EBB337
IAT D:\Program Files\DAP\DAP.EXE[1880] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!FindFirstFileW] 00EBA51E
IAT D:\Program Files\DAP\DAP.EXE[1880] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!DuplicateHandle] 00EB9272
IAT D:\Program Files\DAP\DAP.EXE[1880] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!CreateThread] 00EB83C4
IAT D:\Program Files\DAP\DAP.EXE[1880] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] 00EB7B18
IAT D:\Program Files\DAP\DAP.EXE[1880] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetEnvironmentStringsW] 00EB8060
IAT D:\Program Files\DAP\DAP.EXE[1880] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!IsDebuggerPresent] 00EBB663
IAT D:\Program Files\DAP\DAP.EXE[1880] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!ReadFile] 00EB8D5C
IAT D:\Program Files\DAP\DAP.EXE[1880] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!SetFilePointer] 00EB916E
IAT D:\Program Files\DAP\DAP.EXE[1880] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!MapViewOfFileEx] 00EB98B1
IAT D:\Program Files\DAP\DAP.EXE[1880] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!CreateFileMappingW] 00EB95A1
IAT D:\Program Files\DAP\DAP.EXE[1880] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!MapViewOfFile] 00EB985F
IAT D:\Program Files\DAP\DAP.EXE[1880] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!OpenFileMappingW] 00EB9E9A
IAT D:\Program Files\DAP\DAP.EXE[1880] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!UnmapViewOfFile] 00EB99A9
IAT D:\Program Files\DAP\DAP.EXE[1880] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] 00EB792C
IAT D:\Program Files\DAP\DAP.EXE[1880] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!TerminateProcess] 00EB8319
IAT D:\Program Files\DAP\DAP.EXE[1880] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GlobalAlloc] 00EBA89F
IAT D:\Program Files\DAP\DAP.EXE[1880] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!FlushViewOfFile] 00EB9663
IAT D:\Program Files\DAP\DAP.EXE[1880] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetFileSize] 00EB9225
IAT D:\Program Files\DAP\DAP.EXE[1880] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!WriteFile] 00EB8F99
IAT D:\Program Files\DAP\DAP.EXE[1880] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetFileType] 00EB9372
IAT D:\Program Files\DAP\DAP.EXE[1880] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetACP] 00EBB343
IAT D:\Program Files\DAP\DAP.EXE[1880] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!CreateFileMappingA] 00EB9538
IAT D:\Program Files\DAP\DAP.EXE[1880] @ C:\WINDOWS\system32\ole32.dll [USER32.dll!LoadIconW] 00EBB4C8
IAT D:\Program Files\DAP\DAP.EXE[1880] @ C:\WINDOWS\system32\ole32.dll [USER32.dll!LoadCursorW] 00EBB496
IAT D:\Program Files\DAP\DAP.EXE[1880] @ C:\WINDOWS\system32\ole32.dll [USER32.dll!CreateDialogParamW] 00EBB5EB
IAT D:\Program Files\DAP\DAP.EXE[1880] @ C:\WINDOWS\system32\ole32.dll [USER32.dll!DialogBoxParamW] 00EBB647
IAT D:\Program Files\DAP\DAP.EXE[1880] @ C:\WINDOWS\system32\ole32.dll [USER32.dll!LoadStringW] 00EBB534

---- Devices - GMER 1.0.14 ----

Device \Driver\Tcpip \Device\Ip vsdatant.sys (TrueVector Device Driver/Zone Labs LLC)
Device \Driver\Tcpip \Device\Tcp vsdatant.sys (TrueVector Device Driver/Zone Labs LLC)
Device \Driver\Tcpip \Device\Udp vsdatant.sys (TrueVector Device Driver/Zone Labs LLC)
Device \Driver\Tcpip \Device\RawIp vsdatant.sys (TrueVector Device Driver/Zone Labs LLC)
Device \Driver\Tcpip \Device\IPMULTICAST vsdatant.sys (TrueVector Device Driver/Zone Labs LLC)

---- EOF - GMER 1.0.14 ----

offline
  • Pridružio: 04 Sep 2003
  • Poruke: 24135
  • Gde živiš: Wien

Meni ovo izgleda OK.
Ne bih rekao da imas vise neki malware na kompu koji mi ovde mozemo otkloniti.
Sada je na tebi da instaliras neki anti virus program, posto ne vidim ni jedan instaliran.

offline
  • Pridružio: 21 Jan 2008
  • Poruke: 10

Hvala puno! Pozdrav

Ko je trenutno na forumu
 

Ukupno su 1138 korisnika na forumu :: 46 registrovanih, 8 sakrivenih i 1084 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: airsuba, Alibaba1981, arsa, avijacija, bojank, bojankrstc, bojcistv, djboj, dolinalima, Dovla, dragan_mig31, Frunze, goranperović66, Griffon vulture, Ilija Cvorovic, ivica976, Koridor, Kubovac, kybonacci, Lieutenant, Litostroton, ljuba, Metanoja, MiG-29M2, milenko crazy north, mrvica78, Nemanja.M, nextyamb, nick79, Nikolaa11, novator, operniki, pacika, Panter, raptorsi, RJ, Romibrat, royst33, sabros, shaja1, SlaKoj, uruk, Viktor Petrenko, Volkhov-M, x9, šumar bk2