GMER 1.0.15.15641 - http://www.gmer.net
Rootkit scan 2012-11-12 22:11:03
Windows 5.1.2600 Dodatek Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3 SAMSUNG_HD160JJ rev.ZM100-47
Running: 03puix0w.exe; Driver: C:\DOCUME~1\Dorota\USTAWI~1\Temp\pgdyapow.sys


---- System - GMER 1.0.15 ----

SSDT            86589C90                                                                                           ZwAssignProcessToJobObject
SSDT            8658A200                                                                                           ZwDebugActiveProcess
SSDT            8658A2F0                                                                                           ZwDuplicateObject
SSDT            86589590                                                                                           ZwOpenProcess
SSDT            86589800                                                                                           ZwOpenThread
SSDT            86589FD0                                                                                           ZwProtectVirtualMemory
SSDT            8658A0E0                                                                                           ZwQueueApcThread
SSDT            86589EC0                                                                                           ZwSetContextThread
SSDT            86589D90                                                                                           ZwSetInformationThread
SSDT            86586DA0                                                                                           ZwSetSecurityObject
SSDT            86589B90                                                                                           ZwSuspendProcess
SSDT            86589A80                                                                                           ZwSuspendThread
SSDT            865896E0                                                                                           ZwTerminateProcess
SSDT            86589A50                                                                                           ZwTerminateThread
SSDT            8658A6D0                                                                                           ZwWriteVirtualMemory

---- Kernel code sections - GMER 1.0.15 ----

.text           C:\WINDOWS\system32\DRIVERS\nv4_mini.sys                                                           section is writeable [0xF673F360, 0x32E00D, 0xE8000020]

---- User code sections - GMER 1.0.15 ----

.text           C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe[596] kernel32.dll!SetUnhandledExceptionFilter  7C84495D 4 Bytes  [C2, 04, 00, 00]
.text           C:\Program Files\Mozilla Firefox\firefox.exe[3352] ntdll.dll!LdrLoadDll                            7C91632D 5 Bytes  JMP 0126C930 C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation)
.text           C:\Program Files\Mozilla Firefox\firefox.exe[3352] kernel32.dll!VirtualAlloc                       7C809AF1 5 Bytes  JMP 0149E0AA C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation)
.text           C:\Program Files\Mozilla Firefox\firefox.exe[3352] kernel32.dll!MapViewOfFile                      7C80B9A5 5 Bytes  JMP 0149E083 C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation)
.text           C:\Program Files\Mozilla Firefox\firefox.exe[3352] GDI32.dll!CreateDIBSection                      77F19E19 5 Bytes  JMP 0149E00D C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation)

---- Devices - GMER 1.0.15 ----

AttachedDevice  \FileSystem\Ntfs \Ntfs                                                                             eamon.sys (Amon monitor/ESET)
AttachedDevice  \Driver\Tcpip \Device\Tcp                                                                          epfwtdir.sys (ESET Antivirus Network Redirector/ESET)
AttachedDevice  \FileSystem\Fastfat \Fat                                                                           eamon.sys (Amon monitor/ESET)

---- EOF - GMER 1.0.15 ----