GMER 1.0.15.15641 - http://www.gmer.net Rootkit scan 2012-06-27 19:28:13 Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3 WDC_WD3200JS-19PDB0 rev.21.00M21 Running: xio04nny.exe; Driver: C:\Temp\pgtdapow.sys ---- System - GMER 1.0.15 ---- SSDT B8745914 ZwClose SSDT B87458CE ZwCreateKey SSDT B874591E ZwCreateSection SSDT B87458C4 ZwCreateThread SSDT B87458D3 ZwDeleteKey SSDT B87458DD ZwDeleteValueKey SSDT B874590F ZwDuplicateObject SSDT B87458E2 ZwLoadKey SSDT B87458B0 ZwOpenProcess SSDT B87458B5 ZwOpenThread SSDT B8745937 ZwQueryValueKey SSDT B87458EC ZwReplaceKey SSDT B8745928 ZwRequestWaitReplyPort SSDT B87458E7 ZwRestoreKey SSDT B8745923 ZwSetContextThread SSDT B874592D ZwSetSecurityObject SSDT B87458D8 ZwSetValueKey SSDT B8745932 ZwSystemDebugControl SSDT B87458BF ZwTerminateProcess ---- Kernel code sections - GMER 1.0.15 ---- .text C:\WINDOWS\system32\DRIVERS\nv4_mini.sys section is writeable [0xB674B3C0, 0x9B091A, 0xE8000020] init C:\WINDOWS\system32\drivers\Senfilt.sys entry point in "init" section [0xB4049A80] ? System32\Drivers\SCDEmu.SYS System nie może odnaleźć określonej ścieżki. ! ---- Devices - GMER 1.0.15 ---- AttachedDevice \FileSystem\Fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation) ---- Threads - GMER 1.0.15 ---- Thread System [4:3620] B1FD21F0 ---- Processes - GMER 1.0.15 ---- Library c:\windows\system32\n (*** hidden *** ) @ C:\WINDOWS\System32\svchost.exe [1436] 0x45670000 Library c:\windows\system32\n (*** hidden *** ) @ C:\WINDOWS\explorer.exe [3288] 0x45670000 ---- EOF - GMER 1.0.15 ----