GMER 1.0.15.15641 - http://www.gmer.net Rootkit scan 2012-10-26 10:50:05 Windows 5.1.2600 Dodatek Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-4 SAMSUNG_SP0842N rev.BH900-41 Running: 6vsysscu.exe; Driver: C:\DOCUME~1\User\USTAWI~1\Temp\awtdypog.sys ---- System - GMER 1.0.15 ---- INT 0x06 \??\C:\WINDOWS\system32\drivers\Haspnt.sys (HASP Kernel Device Driver for Windows NT/Aladdin Knowledge Systems) A759316D INT 0x0E \??\C:\WINDOWS\system32\drivers\Haspnt.sys (HASP Kernel Device Driver for Windows NT/Aladdin Knowledge Systems) A7592FC2 ---- Kernel code sections - GMER 1.0.15 ---- .text C:\WINDOWS\system32\drivers\hardlock.sys section is writeable [0xA70D9400, 0x7EE2E, 0xE0000020] .protect˙˙˙˙hardlockentry point in ".protect˙˙˙˙hardlockentry point in ".protect˙˙˙˙hardlockentry point in ".p" section [0xA7176A20] C:\WINDOWS\system32\drivers\hardlock.sys entry point in ".protect˙˙˙˙hardlockentry point in ".protect˙˙˙˙hardlockentry point in ".p" section [0xA7176A20] .protect˙˙˙˙hardlockunknown last code section [0xA7176800, 0x4E48, 0xE0000020] C:\WINDOWS\system32\drivers\hardlock.sys unknown last code section [0xA7176800, 0x4E48, 0xE0000020] ---- Devices - GMER 1.0.15 ---- AttachedDevice \FileSystem\Fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation) ---- EOF - GMER 1.0.15 ----