RkUnhooker report generator v0.6 ============================================== Rootkit Unhooker kernel version: 3.31.150.420 ============================================== Windows Major Version: 5 Windows Minor Version: 1 Windows Build Number: 2600 ============================================== >Processes Process: System Process Id: 4 EPROCESS Address: 0x823CA7C0 Process: C:\Program Files\Alwil Software\Avast4\ashServ.exe Process Id: 160 EPROCESS Address: 0x820C75C8 Process: C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe Process Id: 192 EPROCESS Address: 0x81B2A540 Process: C:\Program Files\Microsoft LifeCam\MSCamS32.exe Process Id: 288 EPROCESS Address: 0x819F9DA0 Process: C:\WINDOWS\system32\nvsvc32.exe Process Id: 308 EPROCESS Address: 0x81A72BC0 Process: C:\WINDOWS\explorer.exe Process Id: 432 EPROCESS Address: 0x8209DDA0 Process: C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe Process Id: 440 EPROCESS Address: 0x81B4D860 Process: C:\Program Files\Mozilla Firefox\firefox.exe Process Id: 476 EPROCESS Address: 0x817F54F8 Process: C:\WINDOWS\system32\spoolsv.exe Process Id: 704 EPROCESS Address: 0x820A4B28 Process: C:\WINDOWS\vVX3000.exe Process Id: 860 EPROCESS Address: 0x820774F8 Process: C:\WINDOWS\system32\spool\drivers\w32x86\3\E_FATIADE.EXE Process Id: 868 EPROCESS Address: 0x820C6728 Process: C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe Process Id: 876 EPROCESS Address: 0x820AADA0 Process: C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe Process Id: 892 EPROCESS Address: 0x820AA960 Process: C:\WINDOWS\system32\ctfmon.exe Process Id: 948 EPROCESS Address: 0x820295E8 Process: C:\Program Files\Kit ADSL\Wizard\Agent_WiFi.exe Process Id: 968 EPROCESS Address: 0x8206B4E0 Process: C:\WINDOWS\system32\smss.exe Process Id: 976 EPROCESS Address: 0x820FF838 Process: C:\WINDOWS\system32\svchost.exe Process Id: 1060 EPROCESS Address: 0x81A745B0 Process: C:\WINDOWS\system32\csrss.exe Process Id: 1104 EPROCESS Address: 0x820EBC30 Process: C:\WINDOWS\system32\winlogon.exe Process Id: 1128 EPROCESS Address: 0x8201D740 Process: C:\WINDOWS\system32\services.exe Process Id: 1172 EPROCESS Address: 0x821373E0 Process: C:\WINDOWS\system32\lsass.exe Process Id: 1184 EPROCESS Address: 0x8201D278 Process: C:\Program Files\Logitech\SetPoint\KEM.exe Process Id: 1236 EPROCESS Address: 0x821308E8 Process: C:\Program Files\Logitech\SetPoint\KHALMNPR.exe Process Id: 1296 EPROCESS Address: 0x8202DDA0 Process: C:\WINDOWS\system32\svchost.exe Process Id: 1340 EPROCESS Address: 0x820208B0 Process: C:\Program Files\Nikon\NkView6\NkvMon.exe Process Id: 1348 EPROCESS Address: 0x81FB8DA0 Process: C:\WINDOWS\system32\svchost.exe Process Id: 1416 EPROCESS Address: 0x8220A4F8 Process: C:\Program Files\802.11 Wireless LAN\802.11g Wireless Cardbus & PCI Adapter HW.21 V1.30\WlanCU.exe Process Id: 1596 EPROCESS Address: 0x8200FBE0 Process: C:\WINDOWS\system32\svchost.exe Process Id: 1608 EPROCESS Address: 0x8209BDA0 Process: C:\WINDOWS\system32\svchost.exe Process Id: 1664 EPROCESS Address: 0x820BBA20 Process: C:\WINDOWS\system32\svchost.exe Process Id: 1832 EPROCESS Address: 0x8206EA20 Process: C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe Process Id: 2112 EPROCESS Address: 0x819EE5B0 Process: C:\Program Files\Alwil Software\Avast4\ashWebSv.exe Process Id: 2144 EPROCESS Address: 0x8199C9E0 Process: C:\WINDOWS\system32\alg.exe Process Id: 2388 EPROCESS Address: 0x820A57C0 Process: C:\Program Files\VideoLAN\VLC\vlc.exe Process Id: 3524 EPROCESS Address: 0x81465AA8 Process: C:\Program Files\RkUnhooker\t3HP8jUPuejpfyeho.exe Process Id: 3632 EPROCESS Address: 0x819A8408 Process: C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe Process Id: 3740 EPROCESS Address: 0x81B7F020 ============================================== >Drivers Driver: C:\WINDOWS\System32\nv4_disp.dll Address: 0xBF012000 Size: 3923968 bytes Driver: C:\WINDOWS\System32\DRIVERS\nv4_mini.sys Address: 0xF7FFF000 Size: 3530752 bytes Driver: C:\WINDOWS\system32\ntkrnlpa.exe Address: 0x804D7000 Size: 2059648 bytes Driver: PnpManager Address: 0x804D7000 Size: 2059648 bytes Driver: RAW Address: 0x804D7000 Size: 2059648 bytes Driver: WMIxWDM Address: 0x804D7000 Size: 2059648 bytes Driver: C:\WINDOWS\system32\DRIVERS\VX3000.sys Address: 0xF676D000 Size: 1961984 bytes Driver: Win32k Address: 0xBF800000 Size: 1847296 bytes Driver: C:\WINDOWS\System32\win32k.sys Address: 0xBF800000 Size: 1847296 bytes Driver: C:\WINDOWS\system32\drivers\smwdm.sys Address: 0xF7E34000 Size: 581632 bytes Driver: Ntfs.sys Address: 0xF83ED000 Size: 577536 bytes Driver: C:\WINDOWS\System32\DRIVERS\mrxsmb.sys Address: 0xF6A35000 Size: 454656 bytes Driver: C:\WINDOWS\system32\DRIVERS\tnet1130.sys Address: 0xF7F5D000 Size: 389120 bytes Driver: C:\WINDOWS\System32\DRIVERS\tcpip.sys Address: 0xF6B19000 Size: 360448 bytes Driver: C:\WINDOWS\System32\DRIVERS\srv.sys Address: 0xB949F000 Size: 335872 bytes Driver: C:\WINDOWS\System32\Drivers\HTTP.sys Address: 0xB9541000 Size: 266240 bytes Driver: C:\WINDOWS\System32\DRIVERS\update.sys Address: 0xF7CEC000 Size: 212992 bytes Driver: ACPI.sys Address: 0xF8536000 Size: 192512 bytes Driver: C:\WINDOWS\System32\DRIVERS\yk51x86.sys Address: 0xF7FBC000 Size: 192512 bytes Driver: C:\WINDOWS\System32\DRIVERS\mrxdav.sys Address: 0xB9610000 Size: 184320 bytes Driver: NDIS.sys Address: 0xF83C0000 Size: 184320 bytes Driver: C:\WINDOWS\system32\drivers\kmixer.sys Address: 0xB8724000 Size: 176128 bytes Driver: C:\WINDOWS\System32\DRIVERS\rdbss.sys Address: 0xF6AA4000 Size: 176128 bytes Driver: C:\WINDOWS\System32\DRIVERS\netbt.sys Address: 0xF6AF1000 Size: 163840 bytes Driver: C:\WINDOWS\system32\drivers\portcls.sys Address: 0xF7E10000 Size: 147456 bytes Driver: C:\WINDOWS\System32\DRIVERS\ks.sys Address: 0xF7F3A000 Size: 143360 bytes Driver: C:\WINDOWS\System32\DRIVERS\USBPORT.SYS Address: 0xF7F17000 Size: 143360 bytes Driver: C:\WINDOWS\System32\drivers\afd.sys Address: 0xF6ACF000 Size: 139264 bytes Driver: C:\WINDOWS\System32\DRIVERS\ipnat.sys Address: 0xF6A14000 Size: 135168 bytes Driver: ACPI_HAL Address: 0x806CE000 Size: 131968 bytes Driver: C:\WINDOWS\system32\hal.dll Address: 0x806CE000 Size: 131968 bytes Driver: fltmgr.sys Address: 0xF84A3000 Size: 131072 bytes Driver: ftdisk.sys Address: 0xF8506000 Size: 126976 bytes Driver: Mup.sys Address: 0xF83A5000 Size: 110592 bytes Driver: atapi.sys Address: 0xF84EE000 Size: 98304 bytes Driver: C:\WINDOWS\System32\Drivers\dump_atapi.sys Address: 0xF6755000 Size: 98304 bytes Driver: C:\WINDOWS\System32\DRIVERS\SCSIPORT.SYS Address: 0xF84D6000 Size: 98304 bytes Driver: KSecDD.sys Address: 0xF847A000 Size: 94208 bytes Driver: C:\WINDOWS\System32\DRIVERS\ndiswan.sys Address: 0xF7DF9000 Size: 94208 bytes Driver: C:\WINDOWS\System32\Drivers\aswMon2.SYS Address: 0xB95D2000 Size: 90112 bytes Driver: C:\WINDOWS\system32\drivers\wdmaud.sys Address: 0xB98C3000 Size: 86016 bytes Driver: C:\WINDOWS\System32\DRIVERS\parport.sys Address: 0xF7F03000 Size: 81920 bytes Driver: C:\WINDOWS\System32\DRIVERS\VIDEOPRT.SYS Address: 0xF7FEB000 Size: 81920 bytes Driver: C:\WINDOWS\System32\DRIVERS\ipsec.sys Address: 0xF6B71000 Size: 77824 bytes Driver: C:\WINDOWS\System32\drivers\dxg.sys Address: 0xBF000000 Size: 73728 bytes Driver: sr.sys Address: 0xF8491000 Size: 73728 bytes Driver: pci.sys Address: 0xF8525000 Size: 69632 bytes Driver: C:\WINDOWS\System32\DRIVERS\psched.sys Address: 0xF7DC0000 Size: 69632 bytes Driver: C:\WINDOWS\System32\DRIVERS\serial.sys Address: 0xF7EC2000 Size: 69632 bytes Driver: C:\WINDOWS\System32\Drivers\Cdfs.SYS Address: 0xF7DA0000 Size: 65536 bytes Driver: C:\WINDOWS\System32\DRIVERS\nic1394.sys Address: 0xF8826000 Size: 65536 bytes Driver: C:\WINDOWS\System32\DRIVERS\arp1394.sys Address: 0xF87D6000 Size: 61440 bytes Driver: C:\WINDOWS\system32\drivers\drmk.sys Address: 0xF8876000 Size: 61440 bytes Driver: C:\WINDOWS\system32\DRIVERS\odysseyIM3.sys Address: 0xF8706000 Size: 61440 bytes Driver: ohci1394.sys Address: 0xF8676000 Size: 61440 bytes Driver: C:\WINDOWS\System32\DRIVERS\redbook.sys Address: 0xF8846000 Size: 61440 bytes Driver: C:\WINDOWS\system32\drivers\sysaudio.sys Address: 0xB9B70000 Size: 61440 bytes Driver: C:\WINDOWS\system32\drivers\usbaudio.sys Address: 0xF7DB0000 Size: 61440 bytes Driver: C:\WINDOWS\System32\DRIVERS\usbhub.sys Address: 0xF8766000 Size: 61440 bytes Driver: viamraid.sys Address: 0xF86B6000 Size: 61440 bytes Driver: C:\WINDOWS\System32\DRIVERS\i8042prt.sys Address: 0xF8866000 Size: 57344 bytes Driver: VolSnap.sys Address: 0xF86A6000 Size: 57344 bytes Driver: C:\WINDOWS\System32\DRIVERS\1394BUS.SYS Address: 0xF8686000 Size: 53248 bytes Driver: C:\WINDOWS\System32\DRIVERS\cdrom.sys Address: 0xF8836000 Size: 53248 bytes Driver: C:\WINDOWS\System32\DRIVERS\CLASSPNP.SYS Address: 0xF86D6000 Size: 53248 bytes Driver: C:\WINDOWS\System32\DRIVERS\rasl2tp.sys Address: 0xF8896000 Size: 53248 bytes Driver: C:\WINDOWS\System32\DRIVERS\raspptp.sys Address: 0xF88B6000 Size: 49152 bytes Driver: C:\WINDOWS\system32\DRIVERS\STREAM.SYS Address: 0xF8816000 Size: 49152 bytes Driver: C:\WINDOWS\System32\DRIVERS\imapi.sys Address: 0xF8856000 Size: 45056 bytes Driver: MountMgr.sys Address: 0xF8696000 Size: 45056 bytes Driver: C:\WINDOWS\System32\DRIVERS\raspppoe.sys Address: 0xF88A6000 Size: 45056 bytes Driver: C:\WINDOWS\System32\Drivers\NDProxy.SYS Address: 0xF8726000 Size: 40960 bytes Driver: C:\WINDOWS\System32\DRIVERS\processr.sys Address: 0xF8886000 Size: 40960 bytes Driver: C:\WINDOWS\System32\DRIVERS\termdd.sys Address: 0xF8716000 Size: 40960 bytes Driver: C:\WINDOWS\System32\Drivers\aswTdi.SYS Address: 0xF8796000 Size: 36864 bytes Driver: disk.sys Address: 0xF86C6000 Size: 36864 bytes Driver: C:\WINDOWS\System32\Drivers\Fips.SYS Address: 0xF87B6000 Size: 36864 bytes Driver: C:\WINDOWS\System32\DRIVERS\HIDCLASS.SYS Address: 0xF87F6000 Size: 36864 bytes Driver: isapnp.sys Address: 0xF8666000 Size: 36864 bytes Driver: C:\WINDOWS\System32\DRIVERS\msgpc.sys Address: 0xF88C6000 Size: 36864 bytes Driver: C:\WINDOWS\System32\DRIVERS\netbios.sys Address: 0xF87A6000 Size: 36864 bytes Driver: C:\WINDOWS\System32\DRIVERS\wanarp.sys Address: 0xF87C6000 Size: 36864 bytes Driver: C:\WINDOWS\System32\Drivers\Npfs.SYS Address: 0xF89F6000 Size: 32768 bytes Driver: C:\WINDOWS\System32\DRIVERS\usbccgp.sys Address: 0xF8A16000 Size: 32768 bytes Driver: C:\WINDOWS\system32\DRIVERS\fdc.sys Address: 0xF8986000 Size: 28672 bytes Driver: C:\WINDOWS\System32\DRIVERS\HIDPARSE.SYS Address: 0xF8A0E000 Size: 28672 bytes Driver: C:\WINDOWS\System32\DRIVERS\kbdclass.sys Address: 0xF897E000 Size: 28672 bytes Driver: C:\WINDOWS\System32\DRIVERS\PCIIDEX.SYS Address: 0xF88E6000 Size: 28672 bytes Driver: C:\WINDOWS\System32\DRIVERS\secdrv.sys Address: 0xF89DE000 Size: 28672 bytes Driver: C:\WINDOWS\System32\DRIVERS\usbehci.sys Address: 0xF8976000 Size: 28672 bytes Driver: viaagp1.sys Address: 0xF88F6000 Size: 28672 bytes Driver: C:\WINDOWS\System32\Drivers\Aavmker4.SYS Address: 0xF8A06000 Size: 24576 bytes Driver: C:\WINDOWS\System32\DRIVERS\mouclass.sys Address: 0xF89A6000 Size: 24576 bytes Driver: C:\WINDOWS\System32\drivers\vga.sys Address: 0xF89E6000 Size: 24576 bytes Driver: C:\WINDOWS\system32\DRIVERS\flpydisk.sys Address: 0xF89C6000 Size: 20480 bytes Driver: C:\WINDOWS\System32\Drivers\Msfs.SYS Address: 0xF89EE000 Size: 20480 bytes Driver: PartMgr.sys Address: 0xF88EE000 Size: 20480 bytes Driver: C:\WINDOWS\System32\DRIVERS\ptilink.sys Address: 0xF8996000 Size: 20480 bytes Driver: C:\WINDOWS\System32\DRIVERS\raspti.sys Address: 0xF899E000 Size: 20480 bytes Driver: C:\WINDOWS\System32\Drivers\rkhdrv31.SYS Address: 0xF8A56000 Size: 20480 bytes Driver: C:\WINDOWS\System32\DRIVERS\TDI.SYS Address: 0xF898E000 Size: 20480 bytes Driver: C:\WINDOWS\System32\DRIVERS\usbuhci.sys Address: 0xF896E000 Size: 20480 bytes Driver: C:\WINDOWS\System32\watchdog.sys Address: 0xF8A3E000 Size: 20480 bytes Driver: C:\WINDOWS\System32\Drivers\aswRdr.SYS Address: 0xB9397000 Size: 16384 bytes Driver: C:\WINDOWS\System32\DRIVERS\mssmbios.sys Address: 0xF8B56000 Size: 16384 bytes Driver: C:\WINDOWS\System32\DRIVERS\ndisuio.sys Address: 0xBA510000 Size: 16384 bytes Driver: C:\WINDOWS\system32\PCANDIS5.SYS Address: 0xB938B000 Size: 16384 bytes Driver: C:\WINDOWS\System32\DRIVERS\serenum.sys Address: 0xF8B42000 Size: 16384 bytes Driver: C:\WINDOWS\system32\BOOTVID.dll Address: 0xF8A76000 Size: 12288 bytes Driver: C:\WINDOWS\System32\drivers\Dxapi.sys Address: 0xF6BB8000 Size: 12288 bytes Driver: C:\WINDOWS\System32\DRIVERS\hidusb.sys Address: 0xF7DD9000 Size: 12288 bytes Driver: C:\WINDOWS\system32\DRIVERS\L8042Kbd.sys Address: 0xF8B3E000 Size: 12288 bytes Driver: C:\WINDOWS\System32\DRIVERS\mouhid.sys Address: 0xF7DD5000 Size: 12288 bytes Driver: C:\WINDOWS\System32\DRIVERS\ndistapi.sys Address: 0xF8B46000 Size: 12288 bytes Driver: C:\WINDOWS\System32\DRIVERS\rasacd.sys Address: 0xF8B12000 Size: 12288 bytes Driver: C:\WINDOWS\system32\drivers\aeaudio.sys Address: 0xF8B88000 Size: 8192 bytes Driver: C:\WINDOWS\System32\Drivers\Beep.SYS Address: 0xF8BC2000 Size: 8192 bytes Driver: C:\WINDOWS\System32\Drivers\dump_WMILIB.SYS Address: 0xF8BCE000 Size: 8192 bytes Driver: C:\WINDOWS\System32\Drivers\Fs_Rec.SYS Address: 0xF8BC0000 Size: 8192 bytes Driver: C:\WINDOWS\system32\KDCOM.DLL Address: 0xF8B66000 Size: 8192 bytes Driver: C:\WINDOWS\System32\Drivers\mnmdd.SYS Address: 0xF8BC4000 Size: 8192 bytes Driver: C:\WINDOWS\System32\Drivers\ParVdm.SYS Address: 0xF8B84000 Size: 8192 bytes Driver: C:\WINDOWS\System32\DRIVERS\RDPCDD.sys Address: 0xF8BC6000 Size: 8192 bytes Driver: C:\WINDOWS\System32\DRIVERS\swenum.sys Address: 0xF8B8A000 Size: 8192 bytes Driver: C:\WINDOWS\System32\DRIVERS\USBD.SYS Address: 0xF8B9E000 Size: 8192 bytes Driver: viaide.sys Address: 0xF8B6A000 Size: 8192 bytes Driver: C:\WINDOWS\System32\DRIVERS\WMILIB.SYS Address: 0xF8B68000 Size: 8192 bytes Driver: C:\WINDOWS\System32\DRIVERS\audstub.sys Address: 0xF8C42000 Size: 4096 bytes Driver: C:\WINDOWS\System32\drivers\dxgthk.sys Address: 0xF8C8F000 Size: 4096 bytes Driver: C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.sys Address: 0xF8D14000 Size: 4096 bytes Driver: C:\WINDOWS\System32\Drivers\Null.SYS Address: 0xF8D79000 Size: 4096 bytes ============================================== >Files ============================================== >Hooks