GMER 1.0.15.15020 [GAMERS.exe] - http://www.gmer.net Rootkit scan 2009-08-12 14:05:39 Windows 5.1.2600 Service Pack 2 ---- System - GMER 1.0.15 ---- Code 8646BC78 ZwEnumerateKey Code 85F7D3C0 ZwFlushInstructionCache Code 8646A726 IofCallDriver Code 864681D6 IofCompleteRequest ---- Kernel code sections - GMER 1.0.15 ---- .text ntoskrnl.exe!IofCallDriver 804E13A7 5 Bytes JMP 8646A72B .text ntoskrnl.exe!IofCompleteRequest 804E17BD 5 Bytes JMP 864681DB PAGE ntoskrnl.exe!ZwEnumerateKey 80578EE4 5 Bytes JMP 8646BC7C PAGE ntoskrnl.exe!ZwFlushInstructionCache 805873DB 5 Bytes JMP 85F7D3C4 ---- User code sections - GMER 1.0.15 ---- .text C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe[1288] kernel32.dll!SetUnhandledExceptionFilter 7C844915 4 Bytes [C2, 04, 00, 00] ---- Devices - GMER 1.0.15 ---- Device \FileSystem\Ntfs \Ntfs 86735FB0 AttachedDevice \FileSystem\Ntfs \Ntfs eamon.sys (Amon monitor/ESET) AttachedDevice \Driver\Tcpip \Device\Ip SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation) AttachedDevice \Driver\Tcpip \Device\Tcp SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation) Device \Driver\Cdrom \Device\CdRom0 863759C8 Device \FileSystem\Rdbss \Device\FsWrap 85AE07B8 Device \Driver\Cdrom \Device\CdRom1 863759C8 Device \Driver\atapi \Device\Ide\IdePort0 8636A1B0 Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 8636A1B0 Device \Driver\atapi \Device\Ide\IdePort1 8636A1B0 Device \Driver\atapi \Device\Ide\IdePort2 8636A1B0 Device \Driver\atapi \Device\Ide\IdePort3 8636A1B0 Device \FileSystem\Srv \Device\LanmanServer 86444F08 AttachedDevice \Driver\Tcpip \Device\Udp SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation) AttachedDevice \Driver\Tcpip \Device\RawIp SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation) Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver 86107170 Device \FileSystem\MRxSmb \Device\LanmanRedirector 86107170 Device \FileSystem\Npfs \Device\NamedPipe 86740FB0 Device \FileSystem\Msfs \Device\Mailslot 86740F30 Device \Driver\d347prt \Device\Scsi\d347prt1Port5Path0Target0Lun0 8644E230 Device \Driver\d347prt \Device\Scsi\d347prt1 8644E230 Device \FileSystem\Fs_Rec \FileSystem\UdfsCdRomRecognizer 86107388 Device \FileSystem\Fs_Rec \FileSystem\CdfsRecognizer 86107388 Device \FileSystem\Fs_Rec \FileSystem\FatCdRomRecognizer 86107388 Device \FileSystem\Fs_Rec \FileSystem\FatDiskRecognizer 86107388 Device \FileSystem\Fs_Rec \FileSystem\UdfsDiskRecognizer 86107388 Device \FileSystem\Cdfs \Cdfs 86106D98 ---- Modules - GMER 1.0.15 ---- Module _________ F774C000-F7764000 (98304 bytes) ---- Threads - GMER 1.0.15 ---- Thread System [4:644] 85D13790 ---- EOF - GMER 1.0.15 ----