GMER 1.0.15.15641 - http://www.gmer.net Rootkit scan 2011-09-09 13:08:05 Windows 5.1.2600 Dodatek Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP4T0L0-19 SAMSUNG_SP0812C rev.SU100-27 Running: nh0wq48d.exe; Driver: C:\DOCUME~1\Home\USTAWI~1\Temp\pwrdypog.sys ---- System - GMER 1.0.15 ---- SSDT \SystemRoot\system32\DRIVERS\ehdrv.sys (ESET Helper driver/ESET) ZwAssignProcessToJobObject [0xF529E610] SSDT F7DC1834 ZwClose SSDT F7DC17EE ZwCreateKey SSDT F7DC183E ZwCreateSection SSDT F7DC17E4 ZwCreateThread SSDT \SystemRoot\system32\DRIVERS\ehdrv.sys (ESET Helper driver/ESET) ZwDebugActiveProcess [0xF529EC10] SSDT F7DC17F3 ZwDeleteKey SSDT F7DC17FD ZwDeleteValueKey SSDT F7DC182F ZwDuplicateObject SSDT F7DC1802 ZwLoadKey SSDT F7DC17D0 ZwOpenProcess SSDT F7DC17D5 ZwOpenThread SSDT \SystemRoot\system32\DRIVERS\ehdrv.sys (ESET Helper driver/ESET) ZwProtectVirtualMemory [0xF529E6D0] SSDT \SystemRoot\system32\DRIVERS\ehdrv.sys (ESET Helper driver/ESET) ZwQueueApcThread [0xF529E790] SSDT F7DC180C ZwReplaceKey SSDT F7DC1807 ZwRestoreKey SSDT F7DC1843 ZwSetContextThread SSDT \SystemRoot\system32\DRIVERS\ehdrv.sys (ESET Helper driver/ESET) ZwSetInformationThread [0xF529E650] SSDT \SystemRoot\system32\DRIVERS\ehdrv.sys (ESET Helper driver/ESET) ZwSetSecurityObject [0xF529E7D0] SSDT F7DC17F8 ZwSetValueKey SSDT \SystemRoot\system32\DRIVERS\ehdrv.sys (ESET Helper driver/ESET) ZwSuspendProcess [0xF529E510] SSDT \SystemRoot\system32\DRIVERS\ehdrv.sys (ESET Helper driver/ESET) ZwSuspendThread [0xF529E590] SSDT F7DC17DF ZwTerminateProcess SSDT \SystemRoot\system32\DRIVERS\ehdrv.sys (ESET Helper driver/ESET) ZwTerminateThread [0xF529E5D0] SSDT \SystemRoot\system32\DRIVERS\ehdrv.sys (ESET Helper driver/ESET) ZwWriteVirtualMemory [0xF529E750] ---- User code sections - GMER 1.0.15 ---- .text C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe[600] kernel32.dll!SetUnhandledExceptionFilter 7C84495D 4 Bytes [C2, 04, 00, 00] ---- Devices - GMER 1.0.15 ---- AttachedDevice \FileSystem\Ntfs \Ntfs eamon.sys (Amon monitor/ESET) AttachedDevice \Driver\Tcpip \Device\Tcp epfwtdir.sys (ESET Antivirus Network Redirector/ESET) AttachedDevice \Driver\Tcpip \Device\Tcp aswRdr.SYS (avast! TDI RDR Driver/AVAST Software) AttachedDevice \FileSystem\Fastfat \Fat fltMgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation) AttachedDevice \FileSystem\Fastfat \Fat eamon.sys (Amon monitor/ESET) ---- EOF - GMER 1.0.15 ----