Author: Rogmur
Subject: RootRepeal Log
Posted: 11 January 2014 at 9:47am
Hello
Subject: RootRepeal Log
Posted: 11 January 2014 at 9:47am
Hello
I hope it is ok to post this log to this Forum, as I have followed the link form
RootRepeal website.
Below is a report from RootRepeal which has high lighted several (potential) Rootkits.
I do hope someone can advise me which to remove and which to keep.
(Please accept my apologies if I have posted this log to the wrong Forum)
Kindest regards
Roger P Murphy![Smile]( "Smile")
ROOTREPEAL (c) AD, 2007-2009
==================================================
Scan Start Time: 2014/01/11 09:04
Program Version: Version 1.3.5.0
Windows Version: Windows XP SP3
==================================================
Drivers
-------------------
Name: 1394BUS.SYS
Image Path: C:\WINDOWS\System32\DRIVERS\1394BUS.SYS
Address: 0xF8756000 Size: 57344 File Visible: - Signed: -
Status: -
Name: a2ddax86.sys
Image Path: C:\Program Files\Emsisoft Anti-Malware\a2ddax86.sys
Address: 0xF65ED000 Size: 12416 File Visible: - Signed: -
Status: -
Name: a2dix86.sys
Image Path: C:\Program Files\Emsisoft Anti-Malware\a2dix86.sys
Address: 0xF8A26000 Size: 28544 File Visible: - Signed: -
Status: -
Name: a2util32.sys
Image Path: C:\Program Files\Emsisoft Anti-Malware\a2util32.sys
Address: 0xF8CE0000 Size: 4864 File Visible: - Signed: -
Status: -
Name: ACPI.sys
Image Path: ACPI.sys
Address: 0xF86E7000 Size: 187776 File Visible: - Signed: -
Status: -
Name: ACPI_HAL
Image Path: \Driver\ACPI_HAL
Address: 0x804D7000 Size: 2193536 File Visible: - Signed: -
Status: -
Name: afd.sys
Image Path: C:\WINDOWS\System32\drivers\afd.sys
Address: 0xF4FE8000 Size: 138496 File Visible: - Signed: -
Status: -
Name: amdk7.sys
Image Path: C:\WINDOWS\System32\DRIVERS\amdk7.sys
Address: 0xF8936000 Size: 37760 File Visible: - Signed: -
Status: -
Name: arp1394.sys
Image Path: C:\WINDOWS\System32\DRIVERS\arp1394.sys
Address: 0xF8806000 Size: 60800 File Visible: - Signed: -
Status: -
Name: atapi.sys
Image Path: atapi.sys
Address: 0xF869F000 Size: 96512 File Visible: - Signed: -
Status: -
Name: audstub.sys
Image Path: C:\WINDOWS\System32\DRIVERS\audstub.sys
Address: 0xF8D80000 Size: 3072 File Visible: - Signed: -
Status: -
Name: Beep.SYS
Image Path: C:\WINDOWS\System32\Drivers\Beep.SYS
Address: 0xF8CDA000 Size: 4224 File Visible: - Signed: -
Status: -
Name: BOOTVID.dll
Image Path: C:\WINDOWS\system32\BOOTVID.dll
Address: 0xF8B46000 Size: 12288 File Visible: - Signed: -
Status: -
Name: Cdfs.SYS
Image Path: C:\WINDOWS\System32\Drivers\Cdfs.SYS
Address: 0xF8866000 Size: 63744 File Visible: - Signed: -
Status: -
Name: Cdfs.SYS
Image Path: C:\WINDOWS\System32\Drivers\Cdfs.SYS
Address: 0xF8866000 Size: 63744 File Visible: - Signed: -
Status: Hidden from the Windows API!
Name: cdrom.sys
Image Path: C:\WINDOWS\System32\DRIVERS\cdrom.sys
Address: 0xF79CF000 Size: 62976 File Visible: - Signed: -
Status: -
Name: cfwids.sys
Image Path: C:\WINDOWS\system32\drivers\cfwids.sys
Address: 0xB8E72000 Size: 53248 File Visible: - Signed: -
Status: -
Name: CLASSPNP.SYS
Image Path: C:\WINDOWS\System32\DRIVERS\CLASSPNP.SYS
Address: 0xF8796000 Size: 53248 File Visible: - Signed: -
Status: -
Name: ctac32k.sys
Image Path: C:\WINDOWS\System32\drivers\ctac32k.sys
Address: 0xF6240000 Size: 644896 File Visible: - Signed: -
Status: -
Name: ctaud2k.sys
Image Path: C:\WINDOWS\system32\drivers\ctaud2k.sys
Address: 0xF6F77000 Size: 465280 File Visible: - Signed: -
Status: -
Name: ctoss2k.sys
Image Path: C:\WINDOWS\system32\drivers\ctoss2k.sys
Address: 0xF6E5F000 Size: 176096 File Visible: - Signed: -
Status: -
Name: ctprxy2k.sys
Image Path: C:\WINDOWS\System32\drivers\ctprxy2k.sys
Address: 0xF8C78000 Size: 5632 File Visible: - Signed: -
Status: -
Name: ctsfm2k.sys
Image Path: C:\WINDOWS\System32\drivers\ctsfm2k.sys
Address: 0xF62DE000 Size: 124320 File Visible: - Signed: -
Status: -
Name: disk.sys
Image Path: disk.sys
Address: 0xF8786000 Size: 36352 File Visible: - Signed: -
Status: -
Name: drmk.sys
Image Path: C:\WINDOWS\system32\drivers\drmk.sys
Address: 0xF8826000 Size: 61440 File Visible: - Signed: -
Status: -
Name: dump_atapi.sys
Image Path: C:\WINDOWS\System32\Drivers\dump_atapi.sys
Address: 0xF4E6D000 Size: 98304 File Visible: No Signed: -
Status: -
Name: dump_WMILIB.SYS
Image Path: C:\WINDOWS\System32\Drivers\dump_WMILIB.SYS
Address: 0xF8C6E000 Size: 8192 File Visible: No Signed: -
Status: -
Name: Dxapi.sys
Image Path: C:\WINDOWS\System32\drivers\Dxapi.sys
Address: 0xF8C02000 Size: 12288 File Visible: - Signed: -
Status: -
Name: dxg.sys
Image Path: C:\WINDOWS\System32\drivers\dxg.sys
Address: 0xBF000000 Size: 73728 File Visible: - Signed: -
Status: -
Name: dxgthk.sys
Image Path: C:\WINDOWS\System32\drivers\dxgthk.sys
Address: 0xF8D48000 Size: 4096 File Visible: - Signed: -
Status: -
Name: emupia2k.sys
Image Path: C:\WINDOWS\System32\drivers\emupia2k.sys
Address: 0xF62FD000 Size: 136544 File Visible: - Signed: -
Status: -
Name: Fastfat.SYS
Image Path: C:\WINDOWS\System32\Drivers\Fastfat.SYS
Address: 0xB94D8000 Size: 143744 File Visible: - Signed: -
Status: -
Name: Fastfat.SYS
Image Path: C:\WINDOWS\System32\Drivers\Fastfat.SYS
Address: 0xB94D8000 Size: 143744 File Visible: - Signed: -
Status: Hidden from the Windows API!
Name: fdc.sys
Image Path: C:\WINDOWS\System32\DRIVERS\fdc.sys
Address: 0xF8AF6000 Size: 27392 File Visible: - Signed: -
Status: -
Name: Fips.SYS
Image Path: C:\WINDOWS\System32\Drivers\Fips.SYS
Address: 0xF87E6000 Size: 44544 File Visible: - Signed: -
Status: -
Name: flpydisk.sys
Image Path: C:\WINDOWS\System32\DRIVERS\flpydisk.sys
Address: 0xF8A0E000 Size: 20480 File Visible: - Signed: -
Status: -
Name: fltmgr.sys
Image Path: fltmgr.sys
Address: 0xF867F000 Size: 129792 File Visible: - Signed: -
Status: -
Name: Fs_Rec.SYS
Image Path: C:\WINDOWS\System32\Drivers\Fs_Rec.SYS
Address: 0xF8CD8000 Size: 7936 File Visible: - Signed: -
Status: -
Name: ftdisk.sys
Image Path: ftdisk.sys
Address: 0xF86B7000 Size: 125056 File Visible: - Signed: -
Status: -
Name: gameenum.sys
Image Path: C:\WINDOWS\System32\DRIVERS\gameenum.sys
Address: 0xF7FE7000 Size: 10624 File Visible: - Signed: -
Status: -
Name: ha10kx2k.sys
Image Path: C:\WINDOWS\System32\drivers\ha10kx2k.sys
Address: 0xF631F000 Size: 804320 File Visible: - Signed: -
Status: -
Name: hal.dll
Image Path: C:\WINDOWS\system32\hal.dll
Address: 0x806EF000 Size: 131840 File Visible: - Signed: -
Status: -
Name: hap16v2k.sys
Image Path: C:\WINDOWS\System32\drivers\hap16v2k.sys
Address: 0xF63E4000 Size: 145312 File Visible: - Signed: -
Status: -
Name: HSF_FALL.sys
Image Path: C:\WINDOWS\System32\DRIVERS\HSF_FALL.sys
Address: 0xB9B99000 Size: 289856 File Visible: - Signed: -
Status: -
Name: HSF_FAXX.sys
Image Path: C:\WINDOWS\System32\DRIVERS\HSF_FAXX.sys
Address: 0xB997B000 Size: 199680 File Visible: - Signed: -
Status: -
Name: HSF_FSKS.sys
Image Path: C:\WINDOWS\System32\DRIVERS\HSF_FSKS.sys
Address: 0xB9B7C000 Size: 115776 File Visible: - Signed: -
Status: -
Name: HSF_K56K.sys
Image Path: C:\WINDOWS\System32\DRIVERS\HSF_K56K.sys
Address: 0xB9B1C000 Size: 391168 File Visible: - Signed: -
Status: -
Name: HSF_TONE.sys
Image Path: C:\WINDOWS\System32\DRIVERS\HSF_TONE.sys
Address: 0xBA2B5000 Size: 50720 File Visible: - Signed: -
Status: -
Name: HSF_V124.sys
Image Path: C:\WINDOWS\System32\DRIVERS\HSF_V124.sys
Address: 0xB98DB000 Size: 488352 File Visible: - Signed: -
Status: -
Name: HSFBS2S2.sys
Image Path: C:\WINDOWS\System32\DRIVERS\HSFBS2S2.sys
Address: 0xF7458000 Size: 220032 File Visible: - Signed: -
Status: -
Name: HSFCXTS2.sys
Image Path: C:\WINDOWS\System32\DRIVERS\HSFCXTS2.sys
Address: 0xF70DD000 Size: 685056 File Visible: - Signed: -
Status: -
Name: HSFDPSP2.sys
Image Path: C:\WINDOWS\System32\DRIVERS\HSFDPSP2.sys
Address: 0xF71F9000 Size: 1041536 File Visible: - Signed: -
Status: -
Name: i8042prt.sys
Image Path: C:\WINDOWS\System32\DRIVERS\i8042prt.sys
Address: 0xF797F000 Size: 52480 File Visible: - Signed: -
Status: -
Name: Imapi.SYS
Image Path: C:\WINDOWS\System32\Drivers\Imapi.SYS
Address: 0xF799F000 Size: 42112 File Visible: - Signed: -
Status: -
Name: InCDFs.sys
Image Path: C:\WINDOWS\system32\DRIVERS\InCDFs.sys
Address: 0xF5121000 Size: 123520 File Visible: - Signed: -
Status: -
Name: InCDPass.sys
Image Path: C:\WINDOWS\system32\DRIVERS\InCDPass.sys
Address: 0xF79AF000 Size: 41600 File Visible: - Signed: -
Status: -
Name: InCDRec.sys
Image Path: C:\WINDOWS\system32\DRIVERS\InCDRec.sys
Address: 0xF848F000 Size: 12416 File Visible: - Signed: -
Status: -
Name: ipnat.sys
Image Path: C:\WINDOWS\System32\DRIVERS\ipnat.sys
Address: 0xF505A000 Size: 152832 File Visible: - Signed: -
Status: -
Name: ipsec.sys
Image Path: C:\WINDOWS\System32\DRIVERS\ipsec.sys
Address: 0xF50EE000 Size: 75264 File Visible: - Signed: -
Status: -
Name: isapnp.sys
Image Path: isapnp.sys
Address: 0xF8736000 Size: 37248 File Visible: - Signed: -
Status: -
Name: kbdclass.sys
Image Path: C:\WINDOWS\System32\DRIVERS\kbdclass.sys
Address: 0xF8B06000 Size: 24576 File Visible: - Signed: -
Status: -
Name: KDCOM.DLL
Image Path: C:\WINDOWS\system32\KDCOM.DLL
Address: 0xF8C36000 Size: 8192 File Visible: - Signed: -
Status: -
Name: kmixer.sys
Image Path: C:\WINDOWS\system32\drivers\kmixer.sys
Address: 0xB8E17000 Size: 172416 File Visible: - Signed: -
Status: -
Name: ks.sys
Image Path: C:\WINDOWS\System32\DRIVERS\ks.sys
Address: 0xF73EA000 Size: 143360 File Visible: - Signed: -
Status: -
Name: KSecDD.sys
Image Path: KSecDD.sys
Address: 0xF85CC000 Size: 92928 File Visible: - Signed: -
Status: -
Name: mdmxsdk.sys
Image Path: C:\WINDOWS\System32\DRIVERS\mdmxsdk.sys
Address: 0xB9A90000 Size: 11840 File Visible: - Signed: -
Status: -
Name: mfeapfk.sys
Image Path: C:\WINDOWS\system32\drivers\mfeapfk.sys
Address: 0xB963C000 Size: 125728 File Visible: - Signed: -
Status: -
Name: mfeavfk.sys
Image Path: C:\WINDOWS\system32\drivers\mfeavfk.sys
Address: 0xF6DD6000 Size: 227136 File Visible: - Signed: -
Status: -
Name: mfefirek.sys
Image Path: C:\WINDOWS\system32\drivers\mfefirek.sys
Address: 0xF6D7F000 Size: 355808 File Visible: - Signed: -
Status: -
Name: mfehidk.sys
Image Path: mfehidk.sys
Address: 0xF85E3000 Size: 561696 File Visible: - Signed: -
Status: -
Name: mfencbdc.sys
Image Path: C:\WINDOWS\system32\DRIVERS\mfencbdc.sys
Address: 0xF6D37000 Size: 292000 File Visible: - Signed: -
Status: -
Name: mfendisk.sys
Image Path: C:\WINDOWS\system32\DRIVERS\mfendisk.sys
Address: 0xF6693000 Size: 77088 File Visible: - Signed: -
Status: -
Name: mfetdi2k.sys
Image Path: C:\WINDOWS\system32\drivers\mfetdi2k.sys
Address: 0xF5080000 Size: 83712 File Visible: - Signed: -
Status: -
Name: mnmdd.SYS
Image Path: C:\WINDOWS\System32\Drivers\mnmdd.SYS
Address: 0xF8CDC000 Size: 4224 File Visible: - Signed: -
Status: -
Name: Modem.SYS
Image Path: C:\WINDOWS\System32\Drivers\Modem.SYS
Address: 0xF8ABE000 Size: 30080 File Visible: - Signed: -
Status: -
Name: mouclass.sys
Image Path: C:\WINDOWS\System32\DRIVERS\mouclass.sys
Address: 0xF8AFE000 Size: 23040 File Visible: - Signed: -
Status: -
Name: MountMgr.sys
Image Path: MountMgr.sys
Address: 0xF8766000 Size: 42368 File Visible: - Signed: -
Status: -
Name: mrxdav.sys
Image Path: C:\WINDOWS\System32\DRIVERS\mrxdav.sys
Address: 0xB9CD0000 Size: 180608 File Visible: - Signed: -
Status: -
Name: mrxsmb.sys
Image Path: C:\WINDOWS\System32\DRIVERS\mrxsmb.sys
Address: 0xF4EAD000 Size: 456320 File Visible: - Signed: -
Status: -
Name: Msfs.SYS
Image Path: C:\WINDOWS\System32\Drivers\Msfs.SYS
Address: 0xF8A46000 Size: 19072 File Visible: - Signed: -
Status: -
Name: msgpc.sys
Image Path: C:\WINDOWS\System32\DRIVERS\msgpc.sys
Address: 0xF88A6000 Size: 35072 File Visible: - Signed: -
Status: -
Name: msmpu401.sys
Image Path: C:\WINDOWS\system32\drivers\msmpu401.sys
Address: 0xF8D7E000 Size: 2944 File Visible: - Signed: -
Status: -
Name: mssmbios.sys
Image Path: C:\WINDOWS\System32\DRIVERS\mssmbios.sys
Address: 0xF7FCB000 Size: 15488 File Visible: - Signed: -
Status: -
Name: Mup.sys
Image Path: Mup.sys
Address: 0xF84F8000 Size: 105472 File Visible: - Signed: -
Status: -
Name: Mup.sys
Image Path: Mup.sys
Address: 0xF84F8000 Size: 105472 File Visible: - Signed: -
Status: Hidden from the Windows API!
Name: NDIS.sys
Image Path: NDIS.sys
Address: 0xF8512000 Size: 182656 File Visible: - Signed: -
Status: -
Name: ndistapi.sys
Image Path: C:\WINDOWS\System32\DRIVERS\ndistapi.sys
Address: 0xF7FD3000 Size: 10496 File Visible: - Signed: -
Status: -
Name: ndisuio.sys
Image Path: C:\WINDOWS\System32\DRIVERS\ndisuio.sys
Address: 0xBA700000 Size: 14592 File Visible: - Signed: -
Status: -
Name: ndiswan.sys
Image Path: C:\WINDOWS\System32\DRIVERS\ndiswan.sys
Address: 0xF667C000 Size: 91520 File Visible: - Signed: -
Status: -
Name: NDProxy.SYS
Image Path: C:\WINDOWS\System32\Drivers\NDProxy.SYS
Address: 0xF88D6000 Size: 40960 File Visible: - Signed: -
Status: -
Name: netbios.sys
Image Path: C:\WINDOWS\System32\DRIVERS\netbios.sys
Address: 0xF8996000 Size: 34688 File Visible: - Signed: -
Status: -
Name: netbt.sys
Image Path: C:\WINDOWS\System32\DRIVERS\netbt.sys
Address: 0xF500A000 Size: 162816 File Visible: - Signed: -
Status: -
Name: nic1394.sys
Image Path: C:\WINDOWS\System32\DRIVERS\nic1394.sys
Address: 0xF87D6000 Size: 61824 File Visible: - Signed: -
Status: -
Name: Npfs.SYS
Image Path: C:\WINDOWS\System32\Drivers\Npfs.SYS
Address: 0xF8A56000 Size: 30848 File Visible: - Signed: -
Status: -
Name: Ntfs.sys
Image Path: Ntfs.sys
Address: 0xF853F000 Size: 574976 File Visible: - Signed: -
Status: -
Name: Ntfs.sys
Image Path: Ntfs.sys
Address: 0xF853F000 Size: 574976 File Visible: - Signed: -
Status: Hidden from the Windows API!
Name: ntoskrnl.exe
Image Path: C:\WINDOWS\system32\ntoskrnl.exe
Address: 0x804D7000 Size: 2193536 File Visible: - Signed: -
Status: -
Name: Null.SYS
Image Path: C:\WINDOWS\System32\Drivers\Null.SYS
Address: 0xF8DDC000 Size: 2944 File Visible: - Signed: -
Status: -
Name: nv4_disp.dll
Image Path: C:\WINDOWS\System32\nv4_disp.dll
Address: 0xBF012000 Size: 6111232 File Visible: - Signed: -
Status: -
Name: nv4_mini.sys
Image Path: C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
Address: 0xF66CE000 Size: 6554496 File Visible: - Signed: -
Status: -
Name: nv_agp.sys
Image Path: nv_agp.sys
Address: 0xF8B4A000 Size: 13568 File Visible: - Signed: -
Status: -
Name: nvapu.sys
Image Path: C:\WINDOWS\system32\drivers\nvapu.sys
Address: 0xF6584000 Size: 396032 File Visible: - Signed: -
Status: -
Name: nvarm.sys
Image Path: C:\WINDOWS\system32\drivers\nvarm.sys
Address: 0xF6488000 Size: 69632 File Visible: - Signed: -
Status: -
Name: nvax.sys
Image Path: C:\WINDOWS\system32\drivers\nvax.sys
Address: 0xF8946000 Size: 48640 File Visible: - Signed: -
Status: -
Name: NVENET.sys
Image Path: C:\WINDOWS\system32\DRIVERS\NVENET.sys
Address: 0xF74D0000 Size: 80896 File Visible: - Signed: -
Status: -
Name: nvmcp.sys
Image Path: C:\WINDOWS\system32\drivers\nvmcp.sys
Address: 0xF6499000 Size: 962560 File Visible: - Signed: -
Status: -
Name: ohci1394.sys
Image Path: ohci1394.sys
Address: 0xF8746000 Size: 61696 File Visible: - Signed: -
Status: -
Name: parport.sys
Image Path: C:\WINDOWS\System32\DRIVERS\parport.sys
Address: 0xF66A6000 Size: 80128 File Visible: - Signed: -
Status: -
Name: PartMgr.sys
Image Path: PartMgr.sys
Address: 0xF89BE000 Size: 19712 File Visible: - Signed: -
Status: -
Name: ParVdm.SYS
Image Path: C:\WINDOWS\System32\Drivers\ParVdm.SYS
Address: 0xF8C8C000 Size: 6784 File Visible: - Signed: -
Status: -
Name: pci.sys
Image Path: pci.sys
Address: 0xF86D6000 Size: 68224 File Visible: - Signed: -
Status: -
Name: pciide.sys
Image Path: pciide.sys
Address: 0xF8CFE000 Size: 3328 File Visible: - Signed: -
Status: -
Name: PCIIDEX.SYS
Image Path: C:\WINDOWS\System32\DRIVERS\PCIIDEX.SYS
Address: 0xF89B6000 Size: 28672 File Visible: - Signed: -
Status: -
Name: PfModNT.sys
Image Path: C:\WINDOWS\system32\drivers\PfModNT.sys
Address: 0xB9C04000 Size: 15776 File Visible: - Signed: -
Status: -
Name: PnpManager
Image Path: \Driver\PnpManager
Address: 0x804D7000 Size: 2193536 File Visible: - Signed: -
Status: -
Name: portcls.sys
Image Path: C:\WINDOWS\system32\drivers\portcls.sys
Address: 0xF6F06000 Size: 147456 File Visible: - Signed: -
Status: -
Name: psched.sys
Image Path: C:\WINDOWS\System32\DRIVERS\psched.sys
Address: 0xF666B000 Size: 69120 File Visible: - Signed: -
Status: -
Name: ptilink.sys
Image Path: C:\WINDOWS\System32\DRIVERS\ptilink.sys
Address: 0xF8B16000 Size: 17792 File Visible: - Signed: -
Status: -
Name: PxHelp20.sys
Image Path: PxHelp20.sys
Address: 0xF87A6000 Size: 35712 File Visible: - Signed: -
Status: -
Name: rasacd.sys
Image Path: C:\WINDOWS\System32\DRIVERS\rasacd.sys
Address: 0xF7FEB000 Size: 8832 File Visible: - Signed: -
Status: -
Name: rasl2tp.sys
Image Path: C:\WINDOWS\System32\DRIVERS\rasl2tp.sys
Address: 0xF796F000 Size: 51328 File Visible: - Signed: -
Status: -
Name: raspppoe.sys
Image Path: C:\WINDOWS\System32\DRIVERS\raspppoe.sys
Address: 0xF8886000 Size: 41472 File Visible: - Signed: -
Status: -
Name: raspptp.sys
Image Path: C:\WINDOWS\System32\DRIVERS\raspptp.sys
Address: 0xF8896000 Size: 48384 File Visible: - Signed: -
Status: -
Name: raspti.sys
Image Path: C:\WINDOWS\System32\DRIVERS\raspti.sys
Address: 0xF8B1E000 Size: 16512 File Visible: - Signed: -
Status: -
Name: RAW
Image Path: \FileSystem\RAW
Address: 0x804D7000 Size: 2193536 File Visible: - Signed: -
Status: -
Name: rdbss.sys
Image Path: C:\WINDOWS\System32\DRIVERS\rdbss.sys
Address: 0xF4F1D000 Size: 175744 File Visible: - Signed: -
Status: -
Name: RDPCDD.sys
Image Path: C:\WINDOWS\System32\DRIVERS\RDPCDD.sys
Address: 0xF8CDE000 Size: 4224 File Visible: - Signed: -
Status: -
Name: redbook.sys
Image Path: C:\WINDOWS\System32\DRIVERS\redbook.sys
Address: 0xF79BF000 Size: 57600 File Visible: - Signed: -
Status: -
Name: rootrepeal.sys
Image Path: C:\WINDOWS\system32\drivers\rootrepeal.sys
Address: 0xB9D7D000 Size: 49152 File Visible: No Signed: -
Status: -
Name: serenum.sys
Image Path: C:\WINDOWS\System32\DRIVERS\serenum.sys
Address: 0xF7FDB000 Size: 15744 File Visible: - Signed: -
Status: -
Name: serial.sys
Image Path: C:\WINDOWS\System32\DRIVERS\serial.sys
Address: 0xF798F000 Size: 64512 File Visible: - Signed: -
Status: -
Name: sr.sys
Image Path: sr.sys
Address: 0xF866D000 Size: 73472 File Visible: - Signed: -
Status: -
Name: srv.sys
Image Path: C:\WINDOWS\System32\DRIVERS\srv.sys
Address: 0xB9AC4000 Size: 357888 File Visible: - Signed: -
Status: -
Name: swenum.sys
Image Path: C:\WINDOWS\System32\DRIVERS\swenum.sys
Address: 0xF8C7A000 Size: 4352 File Visible: - Signed: -
Status: -
Name: sysaudio.sys
Image Path: C:\WINDOWS\system32\drivers\sysaudio.sys
Address: 0xBA758000 Size: 60800 File Visible: - Signed: -
Status: -
Name: tcpip.sys
Image Path: C:\WINDOWS\System32\DRIVERS\tcpip.sys
Address: 0xF5095000 Size: 361600 File Visible: - Signed: -
Status: -
Name: tcpip.sys
Image Path: C:\WINDOWS\System32\DRIVERS\tcpip.sys
Address: 0xF5095000 Size: 361600 File Visible: - Signed: -
Status: Hidden from the Windows API!
Name: TDI.SYS
Image Path: C:\WINDOWS\System32\DRIVERS\TDI.SYS
Address: 0xF8B0E000 Size: 20480 File Visible: - Signed: -
Status: -
Name: termdd.sys
Image Path: C:\WINDOWS\System32\DRIVERS\termdd.sys
Address: 0xF88B6000 Size: 40704 File Visible: - Signed: -
Status: -
Name: update.sys
Image Path: C:\WINDOWS\System32\DRIVERS\update.sys
Address: 0xF660D000 Size: 384768 File Visible: - Signed: -
Status: -
Name: USBD.SYS
Image Path: C:\WINDOWS\System32\DRIVERS\USBD.SYS
Address: 0xF8C7C000 Size: 8192 File Visible: - Signed: -
Status: -
Name: usbehci.sys
Image Path: C:\WINDOWS\system32\DRIVERS\usbehci.sys
Address: 0xF8A5E000 Size: 30336 File Visible: - Signed: -
Status: -
Name: usbhub.sys
Image Path: C:\WINDOWS\System32\DRIVERS\usbhub.sys
Address: 0xF88C6000 Size: 59520 File Visible: - Signed: -
Status: -
Name: usbohci.sys
Image Path: C:\WINDOWS\System32\DRIVERS\usbohci.sys
Address: 0xF8A4E000 Size: 17152 File Visible: - Signed: -
Status: -
Name: USBPORT.SYS
Image Path: C:\WINDOWS\System32\DRIVERS\USBPORT.SYS
Address: 0xF7545000 Size: 147456 File Visible: - Signed: -
Status: -
Name: vga.sys
Image Path: C:\WINDOWS\System32\drivers\vga.sys
Address: 0xF8A36000 Size: 20992 File Visible: - Signed: -
Status: -
Name: VIDEOPRT.SYS
Image Path: C:\WINDOWS\system32\DRIVERS\VIDEOPRT.SYS
Address: 0xF66BA000 Size: 81920 File Visible: - Signed: -
Status: -
Name: VolSnap.sys
Image Path: VolSnap.sys
Address: 0xF8776000 Size: 52352 File Visible: - Signed: -
Status: -
Name: wanarp.sys
Image Path: C:\WINDOWS\System32\DRIVERS\wanarp.sys
Address: 0xF87F6000 Size: 34560 File Visible: - Signed: -
Status: -
Name: watchdog.sys
Image Path: C:\WINDOWS\System32\watchdog.sys
Address: 0xF8A96000 Size: 20480 File Visible: - Signed: -
Status: -
Name: wdmaud.sys
Image Path: C:\WINDOWS\system32\drivers\wdmaud.sys
Address: 0xBA363000 Size: 83072 File Visible: - Signed: -
Status: -
Name: Win32k
Image Path: \Driver\Win32k
Address: 0xBF800000 Size: 1880064 File Visible: - Signed: -
Status: -
Name: win32k.sys
Image Path: C:\WINDOWS\System32\win32k.sys
Address: 0xBF800000 Size: 1880064 File Visible: - Signed: -
Status: -
Name: WMILIB.SYS
Image Path: C:\WINDOWS\System32\DRIVERS\WMILIB.SYS
Address: 0xF8C38000 Size: 8192 File Visible: - Signed: -
Status: -
Name: WMIxWDM
Image Path: \Driver\WMIxWDM
Address: 0x804D7000 Size: 2193536 File Visible: - Signed: -
Status: -