GMER 1.0.15.15281 - http://www.gmer.net Rootkit scan 2010-06-17 18:47:24 Windows 5.1.2600 Dodatek Service Pack 3 Running: m1ofk9f2.exe; Driver: C:\DOCUME~1\Domek\USTAWI~1\Temp\kwlirfoc.sys ---- System - GMER 1.0.15 ---- SSDT \SystemRoot\system32\drivers\pwipf6.sys (pwipf6/Privacyware/PWI, Inc.) ZwAdjustPrivilegesToken [0xBA54CAF0] SSDT \SystemRoot\system32\drivers\pwipf6.sys (pwipf6/Privacyware/PWI, Inc.) ZwConnectPort [0xBA54E3A0] SSDT \SystemRoot\system32\drivers\pwipf6.sys (pwipf6/Privacyware/PWI, Inc.) ZwCreateFile [0xBA54D970] SSDT \SystemRoot\system32\drivers\pwipf6.sys (pwipf6/Privacyware/PWI, Inc.) ZwCreateKey [0xBA54C790] SSDT \SystemRoot\system32\drivers\pwipf6.sys (pwipf6/Privacyware/PWI, Inc.) ZwCreatePort [0xBA54E6C0] SSDT \SystemRoot\system32\drivers\pwipf6.sys (pwipf6/Privacyware/PWI, Inc.) ZwCreateProcessEx [0xBA54F1B0] SSDT \SystemRoot\system32\drivers\pwipf6.sys (pwipf6/Privacyware/PWI, Inc.) ZwCreateSection [0xBA54E920] SSDT \SystemRoot\system32\drivers\pwipf6.sys (pwipf6/Privacyware/PWI, Inc.) ZwCreateThread [0xBA54EDA0] SSDT \SystemRoot\system32\drivers\pwipf6.sys (pwipf6/Privacyware/PWI, Inc.) ZwDebugActiveProcess [0xBA54C240] SSDT \SystemRoot\system32\drivers\pwipf6.sys (pwipf6/Privacyware/PWI, Inc.) ZwDeleteKey [0xBA54D3C0] SSDT \SystemRoot\system32\drivers\pwipf6.sys (pwipf6/Privacyware/PWI, Inc.) ZwDeleteValueKey [0xBA54D530] SSDT \SystemRoot\system32\drivers\pwipf6.sys (pwipf6/Privacyware/PWI, Inc.) ZwDuplicateObject [0xBA54C350] SSDT \SystemRoot\system32\drivers\pwipf6.sys (pwipf6/Privacyware/PWI, Inc.) ZwOpenFile [0xBA54DBE0] SSDT \??\C:\Program Files\BitDefender\BitDefender 2009\bdselfpr.sys (BitDefender Self Protection Driver/BitDefender S.R.L.) ZwOpenProcess [0xB7A5CC90] SSDT \SystemRoot\system32\drivers\pwipf6.sys (pwipf6/Privacyware/PWI, Inc.) ZwOpenSection [0xBA54BDC0] SSDT \??\C:\Program Files\BitDefender\BitDefender 2009\bdselfpr.sys (BitDefender Self Protection Driver/BitDefender S.R.L.) ZwOpenThread [0xB7A5CD7E] SSDT \SystemRoot\system32\drivers\pwipf6.sys (pwipf6/Privacyware/PWI, Inc.) ZwResumeThread [0xBA54DE20] SSDT \SystemRoot\system32\drivers\pwipf6.sys (pwipf6/Privacyware/PWI, Inc.) ZwSecureConnectPort [0xBA54E530] SSDT \SystemRoot\system32\drivers\pwipf6.sys (pwipf6/Privacyware/PWI, Inc.) ZwSetValueKey [0xBA54D200] SSDT \??\C:\Program Files\BitDefender\BitDefender 2009\bdselfpr.sys (BitDefender Self Protection Driver/BitDefender S.R.L.) ZwTerminateProcess [0xB7A5CBF4] SSDT \??\C:\Program Files\BitDefender\BitDefender 2009\bdselfpr.sys (BitDefender Self Protection Driver/BitDefender S.R.L.) ZwTerminateThread [0xB7A5CEC4] ---- Kernel code sections - GMER 1.0.15 ---- .text ntoskrnl.exe!_abnormal_termination + 114 804E2780 4 Bytes JMP A66EE1D9 ---- User code sections - GMER 1.0.15 ---- .text C:\m1ofk9f2.exe[2344] ntdll.dll!NtClose + 5 7C90CFF3 5 Bytes JMP 60045DA0 C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_48\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA) .text C:\m1ofk9f2.exe[2344] ntdll.dll!NtCreateEvent + 5 7C90D093 5 Bytes JMP 60045E22 C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_48\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA) .text C:\m1ofk9f2.exe[2344] ntdll.dll!NtCreateFile + 5 7C90D0B3 5 Bytes JMP 60045DD2 C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_48\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA) .text C:\m1ofk9f2.exe[2344] ntdll.dll!NtCreateKey + 5 7C90D0F3 5 Bytes JMP 60045F62 C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_48\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA) .text C:\m1ofk9f2.exe[2344] ntdll.dll!NtCreateMutant + 5 7C90D113 5 Bytes JMP 60045E2C C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_48\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA) .text C:\m1ofk9f2.exe[2344] ntdll.dll!NtCreateProcess + 5 7C90D153 5 Bytes JMP 60045F4E C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_48\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA) .text C:\m1ofk9f2.exe[2344] ntdll.dll!NtCreateProcessEx + 5 7C90D163 5 Bytes JMP 60045DFA C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_48\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA) .text C:\m1ofk9f2.exe[2344] ntdll.dll!NtCreateSection + 5 7C90D183 5 Bytes JMP 60045DAA C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_48\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA) .text C:\m1ofk9f2.exe[2344] ntdll.dll!NtCreateThread + 5 7C90D1B3 5 Bytes JMP 60045F1C C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_48\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA) .text C:\m1ofk9f2.exe[2344] ntdll.dll!NtDeleteKey + 5 7C90D253 5 Bytes JMP 60045F08 C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_48\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA) .text C:\m1ofk9f2.exe[2344] ntdll.dll!NtDeleteValueKey + 5 7C90D273 5 Bytes JMP 60045EFE C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_48\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA) .text C:\m1ofk9f2.exe[2344] ntdll.dll!NtDuplicateObject + 5 7C90D2A3 5 Bytes JMP 60045ECC C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_48\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA) .text C:\m1ofk9f2.exe[2344] ntdll.dll!NtLoadDriver + 5 7C90D473 5 Bytes JMP 60045E18 C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_48\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA) .text C:\m1ofk9f2.exe[2344] ntdll.dll!NtMapViewOfSection + 5 7C90D523 5 Bytes JMP 60045DBE C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_48\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA) .text C:\m1ofk9f2.exe[2344] ntdll.dll!NtOpenFile + 5 7C90D5A3 5 Bytes JMP 60045F12 C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_48\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA) .text C:\m1ofk9f2.exe[2344] ntdll.dll!NtOpenKey + 5 7C90D5D3 5 Bytes JMP 60045F6C C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_48\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA) .text C:\m1ofk9f2.exe[2344] ntdll.dll!NtOpenProcess + 5 7C90D603 5 Bytes JMP 60045F44 C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_48\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA) .text C:\m1ofk9f2.exe[2344] ntdll.dll!NtOpenSection + 5 7C90D633 5 Bytes JMP 60045DB4 C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_48\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA) .text C:\m1ofk9f2.exe[2344] ntdll.dll!NtQueueApcThread + 5 7C90D9A3 5 Bytes JMP 60045F58 C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_48\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA) .text C:\m1ofk9f2.exe[2344] ntdll.dll!NtSetInformationFile + 5 7C90DC63 5 Bytes JMP 60045EF4 C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_48\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA) .text C:\m1ofk9f2.exe[2344] ntdll.dll!NtSetValueKey + 5 7C90DDD3 5 Bytes JMP 60045E04 C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_48\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA) .text C:\m1ofk9f2.exe[2344] ntdll.dll!NtTerminateProcess + 5 7C90DE73 5 Bytes JMP 60045EEA C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_48\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA) .text C:\m1ofk9f2.exe[2344] ntdll.dll!NtUnmapViewOfSection + 5 7C90DF13 5 Bytes JMP 60045DC8 C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_48\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA) .text C:\m1ofk9f2.exe[2344] ntdll.dll!NtWriteFile + 5 7C90DF83 5 Bytes JMP 60045EC2 C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_48\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA) .text C:\m1ofk9f2.exe[2344] ntdll.dll!NtWriteVirtualMemory + 5 7C90DFB3 5 Bytes JMP 60045F30 C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_48\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA) .text C:\m1ofk9f2.exe[2344] ntdll.dll!RtlCreateProcessParameters 7C922E99 5 Bytes JMP 60045E40 C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_48\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA) .text C:\m1ofk9f2.exe[2344] kernel32.dll!LoadLibraryExW 7C801AF5 5 Bytes JMP 60045EA4 C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_48\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA) .text C:\m1ofk9f2.exe[2344] kernel32.dll!GetStartupInfoW 7C801E54 5 Bytes JMP 60045E72 C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_48\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA) .text C:\m1ofk9f2.exe[2344] kernel32.dll!GetStartupInfoA 7C801EF2 5 Bytes JMP 60045E7C C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_48\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA) .text C:\m1ofk9f2.exe[2344] kernel32.dll!WriteProcessMemory 7C802213 5 Bytes JMP 60045F76 C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_48\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA) .text C:\m1ofk9f2.exe[2344] kernel32.dll!SleepEx 7C8023A0 5 Bytes JMP 60045EAE C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_48\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA) .text C:\m1ofk9f2.exe[2344] kernel32.dll!Sleep 7C802446 5 Bytes JMP 60045EB8 C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_48\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA) .text C:\m1ofk9f2.exe[2344] kernel32.dll!CloseHandle 7C809BE7 5 Bytes JMP 60045DDC C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_48\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA) .text C:\m1ofk9f2.exe[2344] kernel32.dll!FreeLibrary 7C80AC7E 5 Bytes JMP 60045F9E C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_48\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA) .text C:\m1ofk9f2.exe[2344] kernel32.dll!GetModuleHandleA 7C80B741 5 Bytes JMP 60045F8A C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_48\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA) .text C:\m1ofk9f2.exe[2344] kernel32.dll!GetModuleHandleW 7C80E4DD 5 Bytes JMP 60045E90 C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_48\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA) .text C:\m1ofk9f2.exe[2344] kernel32.dll!CreateRemoteThread 7C8104CC 5 Bytes JMP 60045F26 C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_48\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA) .text C:\m1ofk9f2.exe[2344] kernel32.dll!CreateThread 7C8106D7 5 Bytes JMP 60045F80 C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_48\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA) .text C:\m1ofk9f2.exe[2344] kernel32.dll!CreateFileW 7C810800 5 Bytes JMP 60045E0E C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_48\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA) .text C:\m1ofk9f2.exe[2344] kernel32.dll!CreateProcessInternalW 7C8197B0 5 Bytes JMP 60045ED6 C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_48\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA) .text C:\m1ofk9f2.exe[2344] kernel32.dll!ExitProcess 7C81CB12 5 Bytes JMP 60045E86 C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_48\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA) .text C:\m1ofk9f2.exe[2344] kernel32.dll!MoveFileWithProgressW 7C81F72E 5 Bytes JMP 60045DF0 C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_48\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA) .text C:\m1ofk9f2.exe[2344] kernel32.dll!CopyFileExW 7C827B32 5 Bytes JMP 60045DE6 C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_48\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA) .text C:\m1ofk9f2.exe[2344] kernel32.dll!PulseEvent 7C82C06E 5 Bytes JMP 60045FA8 C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_48\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA) .text C:\m1ofk9f2.exe[2344] kernel32.dll!SetFileAttributesW 7C8314DD 5 Bytes JMP 60045E9A C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_48\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA) .text C:\m1ofk9f2.exe[2344] kernel32.dll!DeleteFileW 7C831F63 5 Bytes JMP 60045EE0 C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_48\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA) .text C:\m1ofk9f2.exe[2344] kernel32.dll!SetUnhandledExceptionFilter 7C84495D 5 Bytes JMP 60045F94 C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_48\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA) .text C:\m1ofk9f2.exe[2344] kernel32.dll!CheckRemoteDebuggerPresent 7C85AAF2 5 Bytes JMP 60045E36 C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_48\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA) .text C:\m1ofk9f2.exe[2344] kernel32.dll!SetThreadContext 7C863C09 5 Bytes JMP 60045F3A C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_48\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA) .text C:\m1ofk9f2.exe[2344] kernel32.dll!ReadConsoleA 7C872B5D 5 Bytes JMP 60045E5E C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_48\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA) .text C:\m1ofk9f2.exe[2344] kernel32.dll!ReadConsoleW 7C872BAC 5 Bytes JMP 60045E68 C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_48\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA) .text C:\m1ofk9f2.exe[2344] kernel32.dll!ReadConsoleInputA 7C874613 5 Bytes JMP 60045E4A C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_48\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA) .text C:\m1ofk9f2.exe[2344] kernel32.dll!ReadConsoleInputW 7C874636 5 Bytes JMP 60045E54 C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_48\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA) .text C:\m1ofk9f2.exe[2344] ADVAPI32.dll!RegQueryValueExW + 10C 77DC710B 5 Bytes JMP 60045FB2 C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_48\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA) .text C:\m1ofk9f2.exe[2344] ADVAPI32.dll!OpenServiceW 77DD6FFD 5 Bytes JMP 60045FDA C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_48\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA) .text C:\m1ofk9f2.exe[2344] ADVAPI32.dll!ControlService 77DE4A09 5 Bytes JMP 60045FF8 C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_48\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA) .text C:\m1ofk9f2.exe[2344] ADVAPI32.dll!OpenServiceA 77DE4C66 5 Bytes JMP 60045FE4 C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_48\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA) .text C:\m1ofk9f2.exe[2344] ADVAPI32.dll!ChangeServiceConfigA 77E26E69 5 Bytes JMP 6004600C C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_48\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA) .text C:\m1ofk9f2.exe[2344] ADVAPI32.dll!ChangeServiceConfigW 77E27001 5 Bytes JMP 60046002 C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_48\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA) .text C:\m1ofk9f2.exe[2344] ADVAPI32.dll!CreateServiceA 77E27211 5 Bytes JMP 60045FC6 C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_48\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA) .text C:\m1ofk9f2.exe[2344] ADVAPI32.dll!CreateServiceW 77E273A9 5 Bytes JMP 60045FD0 C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_48\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA) .text C:\m1ofk9f2.exe[2344] ADVAPI32.dll!DeleteService 77E274B1 5 Bytes JMP 60045FEE C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_48\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA) .text C:\m1ofk9f2.exe[2344] USER32.dll!GetMessageW 7E3691C6 5 Bytes JMP 60046020 C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_48\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA) .text C:\m1ofk9f2.exe[2344] USER32.dll!PeekMessageW 7E36929B 5 Bytes JMP 60046034 C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_48\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA) .text C:\m1ofk9f2.exe[2344] USER32.dll!UserClientDllInitialize 7E36B217 5 Bytes JMP 60045FBC C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_48\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA) .text C:\m1ofk9f2.exe[2344] USER32.dll!GetMessageA 7E37772B 5 Bytes JMP 60046016 C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_48\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA) .text C:\m1ofk9f2.exe[2344] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 6004603E C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_48\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA) .text C:\m1ofk9f2.exe[2344] USER32.dll!PeekMessageA 7E37A340 5 Bytes JMP 6004602A C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_48\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA) .text C:\m1ofk9f2.exe[2344] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 60046048 C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_48\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA) .text C:\m1ofk9f2.exe[2344] msvcrt.dll!__p__environ 77C0F1C5 5 Bytes JMP 60046066 C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_48\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA) .text C:\m1ofk9f2.exe[2344] msvcrt.dll!__p__fmode 77C0F1DB 5 Bytes JMP 6004605C C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_48\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA) .text C:\m1ofk9f2.exe[2344] msvcrt.dll!__p__winver + B 77C0F2A1 5 Bytes JMP 60046052 C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_48\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA) ---- Devices - GMER 1.0.15 ---- AttachedDevice \Driver\Tcpip \Device\Ip pwipf6.sys (pwipf6/Privacyware/PWI, Inc.) AttachedDevice \Driver\Tcpip \Device\Tcp pwipf6.sys (pwipf6/Privacyware/PWI, Inc.) AttachedDevice \Driver\Tcpip \Device\Udp pwipf6.sys (pwipf6/Privacyware/PWI, Inc.) AttachedDevice \Driver\Tcpip \Device\RawIp pwipf6.sys (pwipf6/Privacyware/PWI, Inc.) ---- EOF - GMER 1.0.15 ----