GMER 1.0.15.15641 - http://www.gmer.net Rootkit scan 2011-11-24 18:31:41 Windows 5.1.2600 Dodatek Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-5 WDC_WD1600BEVS-60RST0 rev.04.01G04 Running: gmer.exe; Driver: C:\DOCUME~1\gh\Ustawienia lokalne\Temp\pwliapow.sys ---- Kernel code sections - GMER 1.0.15 ---- .text C:\WINDOWS\system32\DRIVERS\nv4_mini.sys section is writeable [0xB9F87380, 0x346307, 0xE8000020] ---- User code sections - GMER 1.0.15 ---- .text C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe[720] kernel32.dll!SetUnhandledExceptionFilter 7C84495D 4 Bytes [C2, 04, 00, 00] .text C:\WINDOWS\system32\WgaTray.exe[3460] WININET.dll!InternetErrorDlg 3FD8A7AF 5 Bytes JMP 0101211B C:\WINDOWS\system32\WgaTray.exe (Windows Genuine Advantage Notification/Microsoft Corporation) ---- Devices - GMER 1.0.15 ---- AttachedDevice \FileSystem\Ntfs \Ntfs eamon.sys (Amon monitor/ESET) AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 SynTP.sys (Synaptics Touchpad Driver/Synaptics, Inc.) AttachedDevice \Driver\Tcpip \Device\Tcp epfwtdir.sys AttachedDevice \FileSystem\Fastfat \Fat eamon.sys (Amon monitor/ESET) AttachedDevice \FileSystem\Fastfat \Fat fltMgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation) ---- Registry - GMER 1.0.15 ---- Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\System Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\System@OODEFRAG10.00.00.01WORKSTATION B406C51A15685BD2F5BBB31F1DFC40432EAC6BECACE34233C38D85854DD63615ECF6830B384CCC23A97C86077915346A85D1DD4CDE8C0EEF3700645838D6B26306B1AED4E92D45620100801F4BBE9A490B63A362D59F6A95AFA279442A465759CF5DEF9DDC16C0BE939F3AC3990869173B0CDE670ECB6903308E12FA3394F59E722664ADD6D96F47CE383D78FD40CF6F667928361683577C0DE2F44EF6F314C0683B9C722E8AFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CA6A0AC4980AC7933A6A0AC4980AC79335D575E7D6A3B98089DB7CE019D40AA5C1F2E97C0C7603C7C3EA6F7DFD7569C7074BBAB96C074B92461E937747B53468233C952B98741E674AF8518D45CFC7EEF84D97903217D5599EFA984703CCF806BB01D836FB000AD794DD95E40C594AA3EA842D8688995C77AE4449616192B0BA099C4F7193F48AE58D60ABC6ADD61F106FBC082BDB03AB972D7120A2F543D80EE23BF5172A2E9971EBE5CF89EE14EB8B8CD098102C10D637316CC4F0AA5FE8FE9B5F285393FD72F9FAA7EAF2D8265F98922AF37B4595494B39F13ABF836107DE771236030EDAB4B73F501CF68E3D84171AFADD45A0AF92F2A286636CF27349F01A57E7C9EF99FD874AFD6992921FE31ACE3E0E3FAD98BA91699ADDEE90B516295D791CDCD23145943185 ---- EOF - GMER 1.0.15 ----