)ĭisk \Device\Harddisk0\DR0 code has been found <- ROOTKIT !!!ĭisk \Device\Harddisk0\DR0 sector 00: rootkit-like behavior )ĪttachedDevice \Driver\Tcpip \Device\Ip avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)ĪttachedDevice \Driver\Tcpip \Device\Tcp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)ĪttachedDevice \Driver\Tcpip \Device\Udp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)ĪttachedDevice \Driver\Tcpip \Device\RawIp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)ĪttachedDevice \FileSystem\Fastfat \Fat fltMgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)ĪttachedDevice \FileSystem\Fastfat \Fat AVGIDSFilter.Sys (IDS Application Activity Monitor Filter Driver./AVG Technologies CZ, s.r.o.
) ZwWriteVirtualMemory ĪttachedDevice \FileSystem\Ntfs \Ntfs AVGIDSFilter.Sys (IDS Application Activity Monitor Filter Driver./AVG Technologies CZ, s.r.o. SSDT \SystemRoot\system32\DRIVERS\AVGIDSShim.Sys (IDS Application Activity Monitor Loader Driver./AVG Technologies CZ, s.r.o. Running: zs7u7flp.exe Driver: C:\DOCUME~1\Ismael\LOCALS~1\Temp\kflcyfoc.sysĭisk \Device\Harddisk0\DR0 code has been found \Device\Ide\iaStor0 Intel_ rev.1.0.
Windows Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0 Intel_ rev.1.0. Time elapsed: 1 hour(s), 49 minute(s), 43 second(s)Ĭ:\system volume information\_restore\RP187\A0046579.exe () -> Quarantined and deleted successfully. Malwarebytes的日志- Malwarebytes' Anti-Malware 1.