Gmer update

Discussion in 'other anti-malware software' started by SystemJunkie, Apr 15, 2007.

Thread Status:
Not open for further replies.
  1. SystemJunkie

    SystemJunkie Resident Conspiracy Theorist

    Joined:
    Mar 3, 2006
    Posts:
    1,500
    Location:
    Germany
    Gmer update rates update.sys as a unknown problem:


    ---- Kernel code sections - GMER 1.0.12 ----

    ? C:\WINDOWS\system32\DRIVERS\update.sys

    ---- User code sections - GMER 1.0.12 ----

    .text C:\Programme\ProcessGuard\procguard.exe[320] ntdll.dll!DbgUiRemoteBreakin 7C96077B 1 Byte [ C3 ]

    ---- Devices - GMER 1.0.12 ----

    Does anyone know this problem/bug?
     
  2. gmer

    gmer Developer

    Joined:
    May 8, 2006
    Posts:
    86
    Thanks SystemJunkie

    Looks like a problem with code sections scan in update.sys - I will check it.

    GMER from v. 12070 shows all locked/removed driver files, i.e.: VideoAti0.sys -> http://www.gmer.net/rootkits.php

     
  3. SystemJunkie

    SystemJunkie Resident Conspiracy Theorist

    Joined:
    Mar 3, 2006
    Posts:
    1,500
    Location:
    Germany
    Good to know! Nevertheless Update.sys is still existent in driverdir.
     
Loading...
Thread Status:
Not open for further replies.