1.
2.
3.
4.
5.
6.
7.
8.
9.
10.
11.
12.
13.
14.
15.
16.
17.
18.
19.
20.
21.
22.
23.
24.
25.
26.
27.
28.
29.
30.
31.
32.
33.
34.
35.
36.
37.
38.
39.
40.
41.
42.
43. | GMER 1.0.15.15281 - http://www.gmer.net
Rootkit scan 2010-02-09 18:29:53
Windows 5.1.2600 Dodatek Service Pack 2
Running: l4t45l0g.exe; Driver: C:DOCUME~1PrezesUSTAWI~1Tempkxacrfod.sys
---- System - GMER 1.0.15 ----
SSDT 8914AA70 ZwAssignProcessToJobObject
SSDT 8914B5F0 ZwDebugActiveProcess
SSDT 8914B020 ZwDuplicateObject
SSDT 8914A1B0 ZwOpenProcess
SSDT 8914A4B0 ZwOpenThread
SSDT 8914AEB0 ZwProtectVirtualMemory
SSDT 8914AD50 ZwSetContextThread
SSDT 8914ABD0 ZwSetInformationThread
SSDT 89147A90 ZwSetSecurityObject
SSDT 8914A910 ZwSuspendProcess
SSDT 8914A7B0 ZwSuspendThread
SSDT 8914A340 ZwTerminateProcess
SSDT 8914A640 ZwTerminateThread
SSDT 8914B440 ZwWriteVirtualMemory
---- Kernel code sections - GMER 1.0.15 ----
.text C:WINDOWSsystem32DRIVERSnv4_mini.sys section is writeable [0xBA89F380, 0x2F1D77, 0xE8000020]
---- User code sections - GMER 1.0.15 ----
.text C:Program FilesESETESET Smart Securityekrn.exe[572] kernel32.dll!SetUnhandledExceptionFilter 7C810386 4 Bytes [C2, 04, 00, 00]
.text C:Program FilesMozilla Firefoxfirefox.exe[3404] ntdll.dll!LdrLoadDll 7C9161CA 5 Bytes JMP 004013F0 C:Program FilesMozilla Firefoxfirefox.exe (Firefox/Mozilla Corporation)
---- Devices - GMER 1.0.15 ----
AttachedDevice FileSystemNtfs Ntfs eamon.sys (Amon monitor/ESET)
AttachedDevice DriverTcpip DeviceIp epfwtdi.sys (ESET Personal Firewall TDI filter/ESET)
AttachedDevice DriverTcpip DeviceTcp epfwtdi.sys (ESET Personal Firewall TDI filter/ESET)
AttachedDevice DriverTcpip DeviceUdp epfwtdi.sys (ESET Personal Firewall TDI filter/ESET)
AttachedDevice DriverTcpip DeviceRawIp epfwtdi.sys (ESET Personal Firewall TDI filter/ESET)
AttachedDevice FileSystemFastfat Fat eamon.sys (Amon monitor/ESET)
---- EOF - GMER 1.0.15 ----
|
