GMER 1.0.15.15163 -
http://www.gmer.netRootkit scan 2009-10-18 15:22:43
Windows 5.1.2600 Service Pack 3
Running: ycqsnhx1.exe; Driver: C:\DOCUME~1\SPROTT~1\IMPOST~1\Temp\fgtdypog.sys
---- User code sections - GMER 1.0.15 ----
.text C:\Programmi\Internet Explorer\iexplore.exe[2392] USER32.dll!DialogBoxParamW 7E3A47AB 5 Bytes JMP 4027F4B9 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Programmi\Internet Explorer\iexplore.exe[2392] USER32.dll!DialogBoxIndirectParamW 7E3B2072 5 Bytes JMP 403F1FF7 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Programmi\Internet Explorer\iexplore.exe[2392] USER32.dll!MessageBoxIndirectA 7E3BA082 5 Bytes JMP 403F1F78 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Programmi\Internet Explorer\iexplore.exe[2392] USER32.dll!DialogBoxParamA 7E3BB144 5 Bytes JMP 403F1FBC C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Programmi\Internet Explorer\iexplore.exe[2392] USER32.dll!MessageBoxExW 7E3D0838 5 Bytes JMP 403F1F04 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Programmi\Internet Explorer\iexplore.exe[2392] USER32.dll!MessageBoxExA 7E3D085C 5 Bytes JMP 403F1F3E C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Programmi\Internet Explorer\iexplore.exe[2392] USER32.dll!DialogBoxIndirectParamA 7E3D6D7D 5 Bytes JMP 403F2032 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Programmi\Internet Explorer\iexplore.exe[2392] USER32.dll!MessageBoxIndirectW 7E3E64D5 5 Bytes JMP 402A17EA C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Programmi\Internet Explorer\iexplore.exe[2392] ole32.dll!OleLoadFromStream 774F9C85 5 Bytes JMP 403F21F4 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Programmi\MSN Messenger\MsnMsgr.Exe[3376] kernel32.dll!SetUnhandledExceptionFilter 7C84495D 5 Bytes JMP 004DE392 C:\Programmi\MSN Messenger\MsnMsgr.Exe (Messenger/Microsoft Corporation)
---- Devices - GMER 1.0.15 ----
AttachedDevice \Driver\Tcpip \Device\Ip avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 SynTP.sys (Synaptics Touchpad Driver/Synaptics, Inc.)
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 SynTP.sys (Synaptics Touchpad Driver/Synaptics, Inc.)
AttachedDevice \Driver\Tcpip \Device\Tcp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Tcpip \Device\Udp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Tcpip \Device\RawIp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \FileSystem\Fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
---- EOF - GMER 1.0.15 ----