GMER 2.1.19163 - http://www.gmer.net
Rootkit scan 2013-06-05 23:21:38
Windows 5.1.2600 Dodatek Service Pack 3 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T0L0-6 ST3500630A rev.3.AAE 465,76GB
Running: qkrlg4kw.exe; Driver: C:\DOCUME~1\OLA\USTAWI~1\Temp\ufgcrfoc.sys


---- Kernel code sections - GMER 2.1 ----

.text                                                                                                                                 C:\WINDOWS\system32\drivers\oreans32.sys  section is writeable [0xF7556280, 0x7B1C, 0xE8000020]
.text                                                                                                                                 C:\WINDOWS\system32\drivers\hardlock.sys  section is writeable [0xA8C7C400, 0x87EE2, 0xE8000020]
.protect˙˙˙˙hardlockentry point in ".protect˙˙˙˙hardlockentry point in ".protect˙˙˙˙hardlockentry point in ".p" section [0xA8D20620]  C:\WINDOWS\system32\drivers\hardlock.sys  entry point in ".protect˙˙˙˙hardlockentry point in ".protect˙˙˙˙hardlockentry point in ".p" section [0xA8D20620]
.protect˙˙˙˙hardlockunknown last code section [0xA8D20400, 0x5126, 0xE0000020]                                                        C:\WINDOWS\system32\drivers\hardlock.sys  unknown last code section [0xA8D20400, 0x5126, 0xE0000020]

---- Devices - GMER 2.1 ----

AttachedDevice                                                                                                                        \Driver\Ftdisk \Device\HarddiskVolume1    EUBKMON.sys
AttachedDevice                                                                                                                        \Driver\Ftdisk \Device\HarddiskVolume2    EUBKMON.sys
AttachedDevice                                                                                                                        \Driver\Ftdisk \Device\HarddiskVolume3    EUBKMON.sys

---- EOF - GMER 2.1 ----