Don't let them infect your devices

Possible rootkit or is it Bullguard's own files or processes?

Posted 3/8/2013 5:26 PM
User avatar

121 in Huttoft Member

Date Joined Nov 2016
Total Posts: 2
I have tell-tale signs that I may have a rootkit installed. No regular AV or similar programs pick-up on it (including BG). However have just d/loaded and run GMER (anti-rootkit freeware) and it identifies stuff as follows:

Copy & Paste:

GMER 2.1.19155 -
Rootkit quick scan 2013-03-08 17:21:41
Windows 6.2.9200 \Device\Harddisk0\DR0 -> \Device\0000002e Hitachi_ rev.ST2O 298.09GB
Running: d2mlm8t7.exe; Driver: C:\Users\John\AppData\Local\Temp\pwldypob.sys

---- Disk sectors - GMER 2.1 ----
Disk \Device\Harddisk0\DR0 unknown MBR code
---- Devices - GMER 2.1 ----
AttachedDevice \FileSystem\fastfat \Fat fltmgr.sys
AttachedDevice \Driver\tdx \Device\Ip NSNetmon.sys
AttachedDevice \Driver\tdx \Device\Tcp NSNetmon.sys
AttachedDevice \Driver\tdx \Device\Udp NSNetmon.sys
AttachedDevice \Driver\tdx \Device\RawIp NSNetmon.sys
---- EOF - GMER 2.1 ----
There is a suggestion (from my various Googles) that NSNetmon.sys may be Bullguard-related - but I do not know how to interpret the findings of GNER (sounds like Great North Eastern Railway to me). Anyone with any ideas to assist please?
[color="red"]121 in Huttoft[/color]
Posted 3/8/2013 7:13 PM
User avatar

Robert Mateescu Advanced member

Date Joined Nov 2016
Total Posts: 427
Hi there,

NSNetmon.sys is part of the BullGuard Behavioral engine, which was developed in collaboration with NovaShield.

Best wishes!
Robert Mateescu
Senior Support Technician EN

Download the Free Trial version of BullGuard Internet Security

You have a BullGuard related problem? Contact our Support team directly via Live Chat for immediate assistance:!
Posted 3/8/2013 7:21 PM
User avatar

121 in Huttoft Member

Date Joined Nov 2016
Total Posts: 2
Thanks Robert

I assumed as much.

Post closed.
[color="red"]121 in Huttoft[/color]
  • Unread posts or replies
  • No unread posts or replies
  • Unread Posts (Read Only Forum)
  • No Unread Posts (Read Only Forum)

Forum Information

Currently it is Monday, October 23, 2017, 8:14 AM (GMT +2)
There are a total of 61,421 posts in 13,513 threads.
In the last 3 days there were 2 new threads and 4 reply posts.

Who's online

This forum has 38,104 registered members. Please welcome our newest member,
There are currently no users on-line.
We use cookies to ensure that we give you the best experience on our website. By continuing to browse, we are assuming that you have no objection in accepting cookies. You can change your cookie settings at any time.