Tech Support Forum banner
Status
Not open for further replies.
1 - 1 of 1 Posts

·
Registered
Joined
·
1 Posts
Discussion Starter · #1 ·
i donno wat should i do with this.. totally confuse.. pls help..

GMER 1.0.15.15252 - http://www.gmer.net
Rootkit scan 2009-11-24 11:24:41
Windows 5.1.2600 Service Pack 2
Running: gmer.exe; Driver: C:\DOCUME~1\Ho\LOCALS~1\Temp\afacrpod.sys


---- System - GMER 1.0.15 ----

SSDT spbb.sys ZwCreateKey [0xB7EA70E0]
SSDT spbb.sys ZwEnumerateKey [0xB7EC5CA4]
SSDT spbb.sys ZwEnumerateValueKey [0xB7EC6032]
SSDT spbb.sys ZwOpenKey [0xB7EA70C0]
SSDT spbb.sys ZwQueryKey [0xB7EC610A]
SSDT spbb.sys ZwQueryValueKey [0xB7EC5F8A]
SSDT spbb.sys ZwSetValueKey [0xB7EC619C]
SSDT \??\C:\Documents and Settings\Ho\My Documents\SUPERAntiSpyware\SASKUTIL.sys ZwTerminateProcess [0xB4C5B660]

INT 0x63 ? 89EA4BF8
INT 0x73 ? 8A0C5BF8
INT 0x74 ? 89EA4BF8
INT 0x83 ? 89EA4BF8
INT 0x94 ? 89EA4BF8
INT 0xB4 ? 8A0C5BF8
INT 0xB4 ? 8A0C5BF8
INT 0xB4 ? 8A0C5BF8
INT 0xB4 ? 8A0C5BF8
INT 0xB4 ? 89EA4BF8

---- Devices - GMER 1.0.15 ----

Device \FileSystem\Ntfs \Ntfs 8A0C31F8

AttachedDevice \FileSystem\Ntfs \Ntfs tdrpm251.sys (Acronis Try&Decide Volume Filter Driver/Acronis)

Device \Driver\NetBT \Device\NetBT_Tcpip_{C4741E81-7F1C-45F2-ABAF-FD02652D5561} 89B5B500
Device \Driver\NetBT \Device\NetBT_Tcpip_{8F01560F-94D1-4380-9BAC-6C571DF9204D} 89B5B500
Device \Driver\usbuhci \Device\USBPDO-0 89EA21F8
Device \Driver\dmio \Device\DmControl\DmIoDaemon 8A0C61F8
Device \Driver\dmio \Device\DmControl\DmConfig 8A0C61F8
Device \Driver\dmio \Device\DmControl\DmPnP 8A0C61F8
Device \Driver\dmio \Device\DmControl\DmInfo 8A0C61F8
Device \Driver\usbuhci \Device\USBPDO-1 89EA21F8
Device \Driver\PCI_PNP8582 \Device\00000045 spbb.sys
Device \Driver\usbehci \Device\USBPDO-2 89E751F8
Device \Driver\usbuhci \Device\USBPDO-3 89EA21F8
Device \Driver\usbuhci \Device\USBPDO-4 89EA21F8

AttachedDevice \Driver\Tcpip \Device\Tcp fssfltr_tdi.sys (Family Safety Filter Driver (TDI)/Microsoft Corporation)

Device \Driver\usbuhci \Device\USBPDO-5 89EA21F8
Device \Driver\dmio \Device\HarddiskDmVolumes\PhysicalDmVolumes\RawVolume1 8A0C61F8
Device \Driver\dmio \Device\HarddiskDmVolumes\PhysicalDmVolumes\BlockVolume1 8A0C61F8
Device \Driver\usbehci \Device\USBPDO-6 89E751F8
Device \Driver\Cdrom \Device\CdRom0 89E504C0
Device \Driver\Cdrom \Device\CdRom1 89E504C0
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 8A0C51F8
Device \Driver\atapi \Device\Ide\IdePort0 8A0C51F8
Device \Driver\atapi \Device\Ide\IdePort1 8A0C51F8
Device \Driver\atapi \Device\Ide\IdePort2 8A0C51F8
Device \Driver\atapi \Device\Ide\IdePort3 8A0C51F8
Device \Driver\atapi \Device\Ide\IdePort4 8A0C51F8
Device \Driver\atapi \Device\Ide\IdePort5 8A0C51F8
Device \Driver\atapi \Device\Ide\IdeDeviceP4T0L0-14 8A0C51F8
Device \Driver\NetBT \Device\NetBt_Wins_Export 89B5B500
Device \Driver\NetBT \Device\NetbiosSmb 89B5B500
Device \Driver\sptd \Device\3732594832 spbb.sys
Device \Driver\usbuhci \Device\USBFDO-0 89EA21F8
Device \Driver\usbuhci \Device\USBFDO-1 89EA21F8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver 89B6B500
Device \Driver\usbehci \Device\USBFDO-2 89E751F8
Device \FileSystem\MRxSmb \Device\LanmanRedirector 89B6B500
Device \Driver\usbuhci \Device\USBFDO-3 89EA21F8
Device \Driver\usbuhci \Device\USBFDO-4 89EA21F8
Device \Driver\Ftdisk \Device\FtControl 8A0C71F8
Device \Driver\usbuhci \Device\USBFDO-5 89EA21F8
Device \Driver\usbehci \Device\USBFDO-6 89E751F8
Device \Driver\ak8mpamd \Device\Scsi\ak8mpamd1Port6Path0Target0Lun0 89B4C1F8
Device \Driver\ak8mpamd \Device\Scsi\ak8mpamd1 89B4C1F8
Device \FileSystem\Cdfs \Cdfs 89BBC1F8

---- Registry - GMER 1.0.15 ----

Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\[email protected] 771343423
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\[email protected] 285507792
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\[email protected] 1
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\[email protected] C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\[email protected] 0
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\[email protected] 0xFA 0x3F 0xAC 0xC2 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\[email protected] 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\[email protected] 0xFE 0xCB 0x9F 0xD4 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\[email protected] 0x9A 0x7A 0xBF 0xAF ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\[email protected] C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\[email protected] 0
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\[email protected] 0xFA 0x3F 0xAC 0xC2 ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\[email protected] 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\[email protected] 0xFE 0xCB 0x9F 0xD4 ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\[email protected] 0x9A 0x7A 0xBF 0xAF ...

---- EOF - GMER 1.0.15 ----
 

Attachments

1 - 1 of 1 Posts
Status
Not open for further replies.
Top