GMER 2.1.19163 - http://www.gmer.net Rootkit scan 2013-09-05 20:46:21 Windows 5.1.2600 Service Pack 2 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3 WDC_WD800BB-00JHA0 rev.05.01C05 74,53GB Running: gmer.exe; Driver: C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\awrorfow.sys ---- System - GMER 2.1 ---- SSDT 894F7580 ZwAssignProcessToJobObject SSDT 894F8100 ZwDebugActiveProcess SSDT 894F7B30 ZwDuplicateObject SSDT 894F6CC0 ZwOpenProcess SSDT 894F6FC0 ZwOpenThread SSDT 894F79C0 ZwProtectVirtualMemory SSDT 894F7860 ZwSetContextThread SSDT 894F76E0 ZwSetInformationThread SSDT 894F4700 ZwSetSecurityObject SSDT 894F7420 ZwSuspendProcess SSDT 894F72C0 ZwSuspendThread SSDT 894F6E50 ZwTerminateProcess SSDT 894F7150 ZwTerminateThread SSDT 894F7F50 ZwWriteVirtualMemory ---- User code sections - GMER 2.1 ---- .text C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe[228] kernel32.dll!SetUnhandledExceptionFilter 7C810386 4 Bytes [C2, 04, 00, 00] ---- Devices - GMER 2.1 ---- AttachedDevice \FileSystem\Ntfs \Ntfs eamon.sys AttachedDevice \Driver\Tcpip \Device\Tcp epfwtdir.sys AttachedDevice \FileSystem\Fastfat \Fat eamon.sys ---- EOF - GMER 2.1 ----