GMER 2.2.19882 - http://www.gmer.net Rootkit scan 2016-06-16 07:07:46 Windows 5.1.2600 Dodatek Service Pack 3 \Device\Harddisk2\DR2 -> \Device\Ide\IdeDeviceP3T1L0-22 WDC_WD1600JD-22HBB0 rev.08.02D08 149,05GB Running: 8b5d2bnh.exe; Driver: C:\DOCUME~1\zbyszek\USTAWI~1\Temp\kxldapob.sys ---- System - GMER 2.2 ---- INT 0x06 \??\C:\WINDOWS\system32\drivers\Haspnt.sys B7E3F16D INT 0x0E \??\C:\WINDOWS\system32\drivers\Haspnt.sys B7E3EFC2 ---- Kernel code sections - GMER 2.2 ---- .text C:\WINDOWS\system32\DRIVERS\nv4_mini.sys section is writeable [0xF69CA3C0, 0x829A2A, 0xE8000020] init C:\WINDOWS\system32\drivers\ALCXSENS.SYS entry point in "init" section [0xF6879900] .text C:\WINDOWS\system32\drivers\hardlock.sys section is writeable [0xB7A50400, 0x87EE2, 0xE8000020] .protect˙˙˙˙hardlockentry point in ".protect˙˙˙˙hardlockentry point in ".protect˙˙˙˙hardlockentry point in ".p" section [0xB7AF4620] C:\WINDOWS\system32\drivers\hardlock.sys entry point in ".protect˙˙˙˙hardlockentry point in ".protect˙˙˙˙hardlockentry point in ".p" section [0xB7AF4620] .protect˙˙˙˙hardlockunknown last code section [0xB7AF4400, 0x5126, 0xE0000020] C:\WINDOWS\system32\drivers\hardlock.sys unknown last code section [0xB7AF4400, 0x5126, 0xE0000020] ---- Registry - GMER 2.2 ---- Reg HKLM\SYSTEM\CurrentControlSet\Control\Video\{55322EDB-7EEB-4C1B-B02D-425EB9CB54E4}\0000@D3D_\x3332\x3331 2089309684 Reg HKLM\SYSTEM\ControlSet002\Control\Video\{55322EDB-7EEB-4C1B-B02D-425EB9CB54E4}\0000@D3D_\x3332\x3331 2089309684 ---- EOF - GMER 2.2 ----