GMER 2.1.19357 - http://www.gmer.net
Rootkit scan 2015-01-13 11:16:17
Windows 5.1.2600 Dodatek Service Pack 3 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3 ST3200827AS rev.3.AAD 186,31GB
Running: xixcj7nt.exe; Driver: C:\DOCUME~1\User\USTAWI~1\Temp\pgxoqfod.sys


---- Kernel code sections - GMER 2.1 ----

.text           C:\WINDOWS\system32\DRIVERS\ati2mtag.sys                                                            section is writeable [0xB99AE000, 0x1C5D38, 0xE8000020]

---- User code sections - GMER 2.1 ----

.text           C:\Program Files\CCleaner\CCleaner.exe[1080] USER32.dll!SetScrollInfo                               7E369056 5 Bytes  JMP 00505F4C C:\Program Files\CCleaner\CCleaner.exe
.text           C:\Program Files\CCleaner\CCleaner.exe[1080] USER32.dll!GetScrollInfo                               7E37DFE2 5 Bytes  JMP 00505EA8 C:\Program Files\CCleaner\CCleaner.exe
.text           C:\Program Files\CCleaner\CCleaner.exe[1080] USER32.dll!ShowScrollBar                               7E37F2F2 5 Bytes  JMP 00505EDB C:\Program Files\CCleaner\CCleaner.exe
.text           C:\Program Files\CCleaner\CCleaner.exe[1080] USER32.dll!GetScrollPos                                7E37F704 5 Bytes  JMP 00505E83 C:\Program Files\CCleaner\CCleaner.exe
.text           C:\Program Files\CCleaner\CCleaner.exe[1080] USER32.dll!SetScrollPos                                7E37F750 5 Bytes  JMP 00505E26 C:\Program Files\CCleaner\CCleaner.exe
.text           C:\Program Files\CCleaner\CCleaner.exe[1080] USER32.dll!GetScrollRange                              7E37F787 5 Bytes  JMP 00505E4B C:\Program Files\CCleaner\CCleaner.exe
.text           C:\Program Files\CCleaner\CCleaner.exe[1080] USER32.dll!SetScrollRange                              7E37F99B 5 Bytes  JMP 00505F15 C:\Program Files\CCleaner\CCleaner.exe
.text           C:\Program Files\CCleaner\CCleaner.exe[1080] USER32.dll!EnableScrollBar                             7E3B8005 5 Bytes  JMP 00505F80 C:\Program Files\CCleaner\CCleaner.exe
.text           C:\WINDOWS\Explorer.EXE[1472] SHELL32.dll!StrStrW                                                   7C9CEF18 8 Bytes  [80, 11, 60, 19, C0, 11, 60, ...] {ADC BYTE [ECX], 0x60; SBB EAX, EAX; ADC [EAX+0x19], ESP}
.text           C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe[1888] kernel32.dll!SetUnhandledExceptionFilter  7C844935 4 Bytes  [C2, 04, 00, 00]

---- Devices - GMER 2.1 ----

AttachedDevice  \FileSystem\Ntfs \Ntfs                                                                              eamon.sys
AttachedDevice  \Driver\Tcpip \Device\Tcp                                                                           epfwtdir.sys
AttachedDevice  \FileSystem\Fastfat \Fat                                                                            eamon.sys

---- Registry - GMER 2.1 ----

Reg             HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\HP Deskjet F2400 series@ChangeID   1725171

---- EOF - GMER 2.1 ----