Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- GMER 2.1.19163 - http://www.gmer.net
- Rootkit scan 2013-07-12 13:24:55
- Windows 5.1.2600 Service Pack 2 \Device\Harddisk0\DR0 -> \Device\Scsi\nvgts1Port2Path0Target0Lun0 ST350041 rev.CC38 465.76GB
- Running: k50wfoo2.exe; Driver: C:\DOCUME~1\Pedja\LOCALS~1\Temp\kfroraog.sys
- ---- System - GMER 2.1 ----
- SSDT \SystemRoot\system32\DRIVERS\avgidsshimx.sys ZwNotifyChangeKey [0xB84515D0]
- SSDT \SystemRoot\system32\DRIVERS\avgidsshimx.sys ZwNotifyChangeMultipleKeys [0xB8451700]
- SSDT \SystemRoot\system32\DRIVERS\avgidsshimx.sys ZwOpenProcess [0xB8451010]
- SSDT \??\C:\WINDOWS\system32\drivers\avgtpx86.sys ZwQueryValueKey [0xA43791D6]
- SSDT \SystemRoot\system32\DRIVERS\avgidsshimx.sys ZwSuspendProcess [0xB8451300]
- SSDT \SystemRoot\system32\DRIVERS\avgidsshimx.sys ZwSuspendThread [0xB84513E0]
- SSDT \SystemRoot\system32\DRIVERS\avgidsshimx.sys ZwTerminateProcess [0xB8451120]
- SSDT \SystemRoot\system32\DRIVERS\avgidsshimx.sys ZwTerminateThread [0xB8451210]
- SSDT \SystemRoot\system32\DRIVERS\avgidsshimx.sys ZwWriteVirtualMemory [0xB84514D0]
- ---- Kernel code sections - GMER 2.1 ----
- .text C:\WINDOWS\system32\DRIVERS\nv4_mini.sys section is writeable [0xB63C3380, 0x3DF295, 0xE8000020]
- ---- User code sections - GMER 2.1 ----
- .text C:\Program Files\Mozilla Firefox\firefox.exe[2180] ntdll.dll!LdrLoadDll 7C9161CA 5 Bytes JMP 0171EEB0 C:\Program Files\Mozilla Firefox\xul.dll
- .text C:\Program Files\Mozilla Firefox\firefox.exe[2180] kernel32.dll!lstrlenW + 43 7C809A7C 7 Bytes JMP 01D2979B C:\Program Files\Mozilla Firefox\xul.dll
- .text C:\Program Files\Mozilla Firefox\firefox.exe[2180] kernel32.dll!MapViewOfFileEx + 6A 7C80B788 7 Bytes JMP 01D29778 C:\Program Files\Mozilla Firefox\xul.dll
- .text C:\Program Files\Mozilla Firefox\firefox.exe[2180] kernel32.dll!lstrcpyn + 70 7C810381 7 Bytes JMP 01724CE9 C:\Program Files\Mozilla Firefox\xul.dll
- .text C:\Program Files\Mozilla Firefox\firefox.exe[2180] GDI32.dll!SetWindowOrgEx + 15E 77F1960B 7 Bytes JMP 01D296F9 C:\Program Files\Mozilla Firefox\xul.dll
- .text C:\Program Files\Mozilla Firefox\plugin-container.exe[2708] USER32.dll!SetPropW + 11B 77D4DECE 7 Bytes JMP 1099D8D4 C:\Program Files\Mozilla Firefox\xul.dll
- .text C:\Program Files\Mozilla Firefox\plugin-container.exe[2708] USER32.dll!SetWindowLongA + 19 77D4DEEC 7 Bytes JMP 1099D863 C:\Program Files\Mozilla Firefox\xul.dll
- .text C:\Program Files\Mozilla Firefox\plugin-container.exe[2708] USER32.dll!GetWindowInfo 77D4F122 5 Bytes JMP 107F2A67 C:\Program Files\Mozilla Firefox\xul.dll
- .text C:\Program Files\Mozilla Firefox\plugin-container.exe[2708] USER32.dll!GetMenuContextHelpId + 1A 77D94F11 7 Bytes JMP 107F306A C:\Program Files\Mozilla Firefox\xul.dll
- ---- Devices - GMER 2.1 ----
- AttachedDevice \Driver\Tcpip \Device\Ip avgtdix.sys
- AttachedDevice \Driver\Tcpip \Device\Tcp avgtdix.sys
- AttachedDevice \Driver\Tcpip \Device\Udp avgtdix.sys
- AttachedDevice \Driver\Tcpip \Device\RawIp avgtdix.sys
- ---- EOF - GMER 2.1 ----
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
