
- Kod: Zaznacz wszystko
- GMER 2.1.19357 - http://www.gmer.net
 Rootkit scan 2014-03-01 13:27:16
 Windows 5.1.2600 Dodatek Service Pack 3 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3 SAMSUNG_HD250HJ rev.FH100-06 232,88GB
 Running: nmdqbgup.exe; Driver: C:\DOCUME~1\DMN\USTAWI~1\Temp\uxtdypoc.sys
 ---- System - GMER 2.1 ----
 SSDT \??\C:\WINDOWS\system32\drivers\aswSnx.sys ZwAddBootEntry [0xA2BDEACC]
 SSDT \??\C:\WINDOWS\system32\drivers\aswSnx.sys ZwAssignProcessToJobObject [0xA2BDF5AA]
 SSDT \??\C:\WINDOWS\system32\drivers\aswSnx.sys ZwClose [0xA2C23881]
 SSDT \??\C:\WINDOWS\system32\drivers\aswSnx.sys ZwCreateEvent [0xA2BEB692]
 SSDT \??\C:\WINDOWS\system32\drivers\aswSnx.sys ZwCreateEventPair [0xA2BEB6DE]
 SSDT \??\C:\WINDOWS\system32\drivers\aswSnx.sys ZwCreateIoCompletion [0xA2BEB878]
 SSDT \??\C:\WINDOWS\system32\drivers\aswSnx.sys ZwCreateKey [0xA2C23235]
 SSDT \??\C:\WINDOWS\system32\drivers\aswSnx.sys ZwCreateMutant [0xA2BEB600]
 SSDT \??\C:\WINDOWS\system32\drivers\aswSnx.sys ZwCreateSection [0xA2BEB722]
 SSDT \??\C:\WINDOWS\system32\drivers\aswSnx.sys ZwCreateSemaphore [0xA2BEB648]
 SSDT \??\C:\WINDOWS\system32\drivers\aswSnx.sys ZwCreateThread [0xA2BDFAE0]
 SSDT \??\C:\WINDOWS\system32\drivers\aswSnx.sys ZwCreateTimer [0xA2BEB832]
 SSDT \??\C:\WINDOWS\system32\drivers\aswSnx.sys ZwDebugActiveProcess [0xA2BE0398]
 SSDT \??\C:\WINDOWS\system32\drivers\aswSnx.sys ZwDeleteBootEntry [0xA2BDEB32]
 SSDT \??\C:\WINDOWS\system32\drivers\aswSnx.sys ZwDeleteKey [0xA2C23F47]
 SSDT \??\C:\WINDOWS\system32\drivers\aswSnx.sys ZwDeleteValueKey [0xA2C241FD]
 SSDT \??\C:\WINDOWS\system32\drivers\aswSnx.sys ZwDuplicateObject [0xA2BE3BE4]
 SSDT \??\C:\WINDOWS\system32\drivers\aswSnx.sys ZwEnumerateKey [0xA2C23DB2]
 SSDT \??\C:\WINDOWS\system32\drivers\aswSnx.sys ZwEnumerateValueKey [0xA2C23C1D]
 SSDT \??\C:\WINDOWS\system32\drivers\aswSnx.sys ZwLoadDriver [0xA2BDE71E]
 SSDT \??\C:\WINDOWS\system32\drivers\aswSP.sys ZwMapViewOfSection [0xA2E7C506]
 SSDT \??\C:\WINDOWS\system32\drivers\aswSnx.sys ZwModifyBootEntry [0xA2BDEB98]
 SSDT \??\C:\WINDOWS\system32\drivers\aswSnx.sys ZwNotifyChangeKey [0xA2BE3FDA]
 SSDT \??\C:\WINDOWS\system32\drivers\aswSnx.sys ZwNotifyChangeMultipleKeys [0xA2BE0EDE]
 SSDT \??\C:\WINDOWS\system32\drivers\aswSnx.sys ZwOpenEvent [0xA2BEB6BC]
 SSDT \??\C:\WINDOWS\system32\drivers\aswSnx.sys ZwOpenEventPair [0xA2BEB700]
 SSDT \??\C:\WINDOWS\system32\drivers\aswSnx.sys ZwOpenIoCompletion [0xA2BEB89C]
 SSDT \??\C:\WINDOWS\system32\drivers\aswSnx.sys ZwOpenKey [0xA2C23591]
 SSDT \??\C:\WINDOWS\system32\drivers\aswSnx.sys ZwOpenMutant [0xA2BEB626]
 SSDT \??\C:\WINDOWS\system32\drivers\aswSnx.sys ZwOpenProcess [0xA2BE34DE]
 SSDT \??\C:\WINDOWS\system32\drivers\aswSnx.sys ZwOpenSection [0xA2BEB7B0]
 SSDT \??\C:\WINDOWS\system32\drivers\aswSnx.sys ZwOpenSemaphore [0xA2BEB670]
 SSDT \??\C:\WINDOWS\system32\drivers\aswSnx.sys ZwOpenThread [0xA2BE38C6]
 SSDT \??\C:\WINDOWS\system32\drivers\aswSnx.sys ZwOpenTimer [0xA2BEB856]
 SSDT \??\C:\WINDOWS\system32\drivers\aswSP.sys ZwProtectVirtualMemory [0xA2E7C2AA]
 SSDT \??\C:\WINDOWS\system32\drivers\aswSnx.sys ZwQueryKey [0xA2C23A98]
 SSDT \??\C:\WINDOWS\system32\drivers\aswSnx.sys ZwQueryObject [0xA2BE0CF4]
 SSDT \??\C:\WINDOWS\system32\drivers\aswSnx.sys ZwQueryValueKey [0xA2C238EA]
 SSDT \??\C:\WINDOWS\system32\drivers\aswSnx.sys ZwQueueApcThread [0xA2BE084A]
 SSDT \??\C:\WINDOWS\system32\drivers\aswSP.sys ZwRenameKey [0xA2E8A286]
 SSDT \??\C:\WINDOWS\system32\drivers\aswSnx.sys ZwRestoreKey [0xA2C2287B]
 SSDT \??\C:\WINDOWS\system32\drivers\aswSnx.sys ZwSetBootEntryOrder [0xA2BDEBFE]
 SSDT \??\C:\WINDOWS\system32\drivers\aswSnx.sys ZwSetBootOptions [0xA2BDEC64]
 SSDT \??\C:\WINDOWS\system32\drivers\aswSnx.sys ZwSetContextThread [0xA2BE0212]
 SSDT \??\C:\WINDOWS\system32\drivers\aswSnx.sys ZwSetSystemInformation [0xA2BDE7B8]
 SSDT \??\C:\WINDOWS\system32\drivers\aswSnx.sys ZwSetSystemPowerState [0xA2BDE98A]
 SSDT \??\C:\WINDOWS\system32\drivers\aswSnx.sys ZwSetValueKey [0xA2C2404E]
 SSDT \??\C:\WINDOWS\system32\drivers\aswSnx.sys ZwShutdownSystem [0xA2BDE918]
 SSDT \??\C:\WINDOWS\system32\drivers\aswSnx.sys ZwSuspendProcess [0xA2BE0562]
 SSDT \??\C:\WINDOWS\system32\drivers\aswSnx.sys ZwSuspendThread [0xA2BE06C4]
 SSDT \??\C:\WINDOWS\system32\drivers\aswSnx.sys ZwSystemDebugControl [0xA2BDEA12]
 SSDT \??\C:\WINDOWS\system32\drivers\aswSnx.sys ZwTerminateProcess [0xA2BE0050]
 SSDT \??\C:\WINDOWS\system32\drivers\aswSnx.sys ZwTerminateThread [0xA2BE01F2]
 SSDT \??\C:\WINDOWS\system32\drivers\aswSnx.sys ZwVdmControl [0xA2BDECCA]
 SSDT \??\C:\WINDOWS\system32\drivers\aswSnx.sys ZwWriteVirtualMemory [0xA2BDF606]
 ---- Kernel code sections - GMER 2.1 ----
 .text ntkrnlpa.exe!ZwCallbackReturn + 2CAC 80504594 4 Bytes JMP C7E8A2BD
 .text ntkrnlpa.exe!ZwCallbackReturn + 2F4C 80504834 4 Bytes JMP A2A2C238
 .text ntkrnlpa.exe!ZwCallbackReturn + 2FD4 805048BC 12 Bytes [FE, EB, BD, A2, 64, EC, BD, ...]
 .text ntkrnlpa.exe!ZwCallbackReturn + 306C 80504954 4 Bytes JMP E8C0EC16
 .text ntkrnlpa.exe!ZwCallbackReturn + 307C 80504964 12 Bytes [62, 05, BE, A2, C4, 06, BE, ...]
 PAGE ntkrnlpa.exe!ZwReplyWaitReceivePortEx + 5EC 805A64DC 4 Bytes CALL A2BE15AF \??\C:\WINDOWS\system32\drivers\aswSnx.sys
 .text C:\WINDOWS\System32\DRIVERS\ati2mtag.sys section is writeable [0xB3157000, 0x17C668, 0xE8000020]
 ---- User code sections - GMER 2.1 ----
 .text C:\WINDOWS\Explorer.EXE[280] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62]
 .text C:\WINDOWS\Explorer.EXE[280] kernel32.dll!GetBinaryTypeW + 80 7C868E04 1 Byte [62]
 .text C:\Program Files\AudioBox USB\InstPresonusUSBDrv.exe[476] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62]
 .text C:\Program Files\AudioBox USB\InstPresonusUSBDrv.exe[476] kernel32.dll!GetBinaryTypeW + 80 7C868E04 1 Byte [62]
 .text C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\mom.exe[500] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62]
 .text C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\mom.exe[500] KERNEL32.dll!GetBinaryTypeW + 80 7C868E04 1 Byte [62]
 .text C:\WINDOWS\System32\smss.exe[652] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62]
 .text C:\WINDOWS\system32\csrss.exe[720] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62]
 .text C:\WINDOWS\system32\csrss.exe[720] KERNEL32.dll!GetBinaryTypeW + 80 7C868E04 1 Byte [62]
 .text C:\WINDOWS\System32\svchost.exe[740] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62]
 .text C:\WINDOWS\System32\svchost.exe[740] kernel32.dll!GetBinaryTypeW + 80 7C868E04 1 Byte [62]
 .text C:\WINDOWS\system32\winlogon.exe[764] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62]
 .text C:\WINDOWS\system32\winlogon.exe[764] kernel32.dll!GetBinaryTypeW + 80 7C868E04 1 Byte [62]
 .text C:\WINDOWS\system32\services.exe[812] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62]
 .text C:\WINDOWS\system32\services.exe[812] kernel32.dll!GetBinaryTypeW + 80 7C868E04 1 Byte [62]
 .text C:\WINDOWS\system32\lsass.exe[824] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62]
 .text C:\WINDOWS\system32\lsass.exe[824] kernel32.dll!GetBinaryTypeW + 80 7C868E04 1 Byte [62]
 .text C:\WINDOWS\System32\Ati2evxx.exe[1016] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62]
 .text C:\WINDOWS\System32\Ati2evxx.exe[1016] kernel32.dll!GetBinaryTypeW + 80 7C868E04 1 Byte [62]
 .text C:\WINDOWS\system32\svchost.exe[1044] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62]
 .text C:\WINDOWS\system32\svchost.exe[1044] kernel32.dll!GetBinaryTypeW + 80 7C868E04 1 Byte [62]
 .text C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe[1056] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62]
 .text C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe[1056] KERNEL32.dll!GetBinaryTypeW + 80 7C868E04 1 Byte [62]
 .text C:\Documents and Settings\DMN\Ustawienia lokalne\Dane aplikacji\GG\Application\ggapp.exe[1124] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 01445605 C:\Documents and Settings\DMN\Ustawienia lokalne\Dane aplikacji\GG\Application\xulrunner\xul.dll
 .text C:\Documents and Settings\DMN\Ustawienia lokalne\Dane aplikacji\GG\Application\ggapp.exe[1124] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62]
 .text C:\Documents and Settings\DMN\Ustawienia lokalne\Dane aplikacji\GG\Application\ggapp.exe[1124] kernel32.dll!lstrlenW + 43 7C809AEC 7 Bytes JMP 01F33805 C:\Documents and Settings\DMN\Ustawienia lokalne\Dane aplikacji\GG\Application\xulrunner\xul.dll
 .text C:\Documents and Settings\DMN\Ustawienia lokalne\Dane aplikacji\GG\Application\ggapp.exe[1124] kernel32.dll!MapViewOfFileEx + 6A 7C80B9A0 7 Bytes JMP 01F3384D C:\Documents and Settings\DMN\Ustawienia lokalne\Dane aplikacji\GG\Application\xulrunner\xul.dll
 .text C:\Documents and Settings\DMN\Ustawienia lokalne\Dane aplikacji\GG\Application\ggapp.exe[1124] kernel32.dll!ValidateLocale + B1C8 7C8449C8 7 Bytes JMP 0145577B C:\Documents and Settings\DMN\Ustawienia lokalne\Dane aplikacji\GG\Application\xulrunner\xul.dll
 .text C:\Documents and Settings\DMN\Ustawienia lokalne\Dane aplikacji\GG\Application\ggapp.exe[1124] kernel32.dll!GetBinaryTypeW + 80 7C868E04 1 Byte [62]
 .text C:\Documents and Settings\DMN\Ustawienia lokalne\Dane aplikacji\GG\Application\ggapp.exe[1124] GDI32.dll!SetDIBitsToDevice + 20A 77F19E14 7 Bytes JMP 01F33874 C:\Documents and Settings\DMN\Ustawienia lokalne\Dane aplikacji\GG\Application\xulrunner\xul.dll
 .text C:\WINDOWS\system32\svchost.exe[1164] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62]
 .text C:\WINDOWS\system32\svchost.exe[1164] kernel32.dll!GetBinaryTypeW + 80 7C868E04 1 Byte [62]
 .text C:\Program Files\AVAST Software\Avast\AvastUI.exe[1228] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62]
 .text C:\Program Files\AVAST Software\Avast\AvastUI.exe[1228] kernel32.dll!GetBinaryTypeW + 80 7C868E04 1 Byte [62]
 .text C:\WINDOWS\System32\svchost.exe[1260] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62]
 .text C:\WINDOWS\System32\svchost.exe[1260] kernel32.dll!GetBinaryTypeW + 80 7C868E04 1 Byte [62]
 .text C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[1320] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62]
 .text C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[1320] kernel32.dll!GetBinaryTypeW + 80 7C868E04 1 Byte [62]
 .text C:\Program Files\Java\jre7\bin\jqs.exe[1328] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62]
 .text C:\Program Files\Java\jre7\bin\jqs.exe[1328] kernel32.dll!GetBinaryTypeW + 80 7C868E04 1 Byte [62]
 .text C:\WINDOWS\System32\svchost.exe[1344] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62]
 .text C:\WINDOWS\System32\svchost.exe[1344] kernel32.dll!GetBinaryTypeW + 80 7C868E04 1 Byte [62]
 .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[1368] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62]
 .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[1368] kernel32.dll!GetBinaryTypeW + 80 7C868E04 1 Byte [62]
 .text C:\WINDOWS\system32\Ati2evxx.exe[1372] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62]
 .text C:\WINDOWS\system32\Ati2evxx.exe[1372] kernel32.dll!GetBinaryTypeW + 80 7C868E04 1 Byte [62]
 .text C:\WINDOWS\system32\svchost.exe[1512] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62]
 .text C:\WINDOWS\system32\svchost.exe[1512] kernel32.dll!GetBinaryTypeW + 80 7C868E04 1 Byte [62]
 .text C:\Program Files\AVAST Software\Avast\AvastSvc.exe[1624] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62]
 .text C:\Program Files\AVAST Software\Avast\AvastSvc.exe[1624] kernel32.dll!GetBinaryTypeW + 80 7C868E04 1 Byte [62]
 .text C:\Documents and Settings\DMN\Ustawienia lokalne\Dane aplikacji\GG\Application\gghub.exe[1712] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62]
 .text C:\Documents and Settings\DMN\Ustawienia lokalne\Dane aplikacji\GG\Application\gghub.exe[1712] kernel32.dll!GetBinaryTypeW + 80 7C868E04 1 Byte [62]
 .text C:\WINDOWS\system32\spoolsv.exe[1784] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62]
 .text C:\WINDOWS\system32\spoolsv.exe[1784] kernel32.dll!GetBinaryTypeW + 80 7C868E04 1 Byte [62]
 .text C:\WINDOWS\System32\svchost.exe[1932] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62]
 .text C:\WINDOWS\System32\svchost.exe[1932] kernel32.dll!GetBinaryTypeW + 80 7C868E04 1 Byte [62]
 .text C:\WINDOWS\System32\wdfmgr.exe[1972] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62]
 .text C:\WINDOWS\System32\wdfmgr.exe[1972] kernel32.dll!GetBinaryTypeW + 80 7C868E04 1 Byte [62]
 .text C:\WINDOWS\system32\ctfmon.exe[2040] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62]
 .text C:\WINDOWS\system32\ctfmon.exe[2040] kernel32.dll!GetBinaryTypeW + 80 7C868E04 1 Byte [62]
 .text C:\Documents and Settings\DMN\Ustawienia lokalne\Dane aplikacji\Skillbrains\lightshot\5.0.0.2\Lightshot.exe[2572] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62]
 .text C:\Documents and Settings\DMN\Ustawienia lokalne\Dane aplikacji\Skillbrains\lightshot\5.0.0.2\Lightshot.exe[2572] kernel32.dll!GetBinaryTypeW + 80 7C868E04 1 Byte [62]
 .text C:\Documents and Settings\DMN\Ustawienia lokalne\Dane aplikacji\GG\Application\ggdrive\ggdrive.exe[3176] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62]
 .text C:\Documents and Settings\DMN\Ustawienia lokalne\Dane aplikacji\GG\Application\ggdrive\ggdrive.exe[3176] kernel32.dll!GetBinaryTypeW + 80 7C868E04 1 Byte [62]
 .text C:\Program Files\Common Files\Java\Java Update\jucheck.exe[3240] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62]
 .text C:\Program Files\Common Files\Java\Java Update\jucheck.exe[3240] kernel32.dll!GetBinaryTypeW + 80 7C868E04 1 Byte [62]
 .text C:\Documents and Settings\DMN\Ustawienia lokalne\Dane aplikacji\GG\Application\xulrunner\gghub.exe[3424] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62]
 .text C:\Documents and Settings\DMN\Ustawienia lokalne\Dane aplikacji\GG\Application\xulrunner\gghub.exe[3424] kernel32.dll!GetBinaryTypeW + 80 7C868E04 1 Byte [62]
 .text C:\Documents and Settings\DMN\Ustawienia lokalne\Dane aplikacji\GG\Application\xulrunner\gghub.exe[3424] USER32.dll!DefWindowProcA + 11A 7E37C298 7 Bytes JMP 108DD196 C:\Documents and Settings\DMN\Ustawienia lokalne\Dane aplikacji\GG\Application\xulrunner\xul.dll
 .text C:\Documents and Settings\DMN\Ustawienia lokalne\Dane aplikacji\GG\Application\xulrunner\gghub.exe[3424] USER32.dll!SetWindowLongA + 19 7E37C2B6 7 Bytes JMP 108DD207 C:\Documents and Settings\DMN\Ustawienia lokalne\Dane aplikacji\GG\Application\xulrunner\xul.dll
 .text C:\Documents and Settings\DMN\Ustawienia lokalne\Dane aplikacji\GG\Application\xulrunner\gghub.exe[3424] USER32.dll!GetWindowInfo 7E37C49C 5 Bytes JMP 108E1006 C:\Documents and Settings\DMN\Ustawienia lokalne\Dane aplikacji\GG\Application\xulrunner\xul.dll
 .text C:\Documents and Settings\DMN\Ustawienia lokalne\Dane aplikacji\GG\Application\xulrunner\gghub.exe[3424] USER32.dll!GetMenuContextHelpId + 1A 7E3B5319 7 Bytes JMP 108DA8C1 C:\Documents and Settings\DMN\Ustawienia lokalne\Dane aplikacji\GG\Application\xulrunner\xul.dll
 .text C:\WINDOWS\System32\alg.exe[3556] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62]
 .text C:\WINDOWS\System32\alg.exe[3556] kernel32.dll!GetBinaryTypeW + 80 7C868E04 1 Byte [62]
 .text C:\WINDOWS\system32\wuauclt.exe[3608] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62]
 .text C:\WINDOWS\system32\wuauclt.exe[3608] kernel32.dll!GetBinaryTypeW + 80 7C868E04 1 Byte [62]
 .text C:\Documents and Settings\DMN\Moje dokumenty\Pobieranie\nmdqbgup.exe[3628] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62]
 .text C:\Documents and Settings\DMN\Moje dokumenty\Pobieranie\nmdqbgup.exe[3628] kernel32.dll!GetBinaryTypeW + 80 7C868E04 1 Byte [62]
 ---- User IAT/EAT - GMER 2.1 ----
 IAT C:\WINDOWS\system32\services.exe[812] @ C:\WINDOWS\system32\services.exe [ADVAPI32.dll!CreateProcessAsUserW] 003D0002
 IAT C:\WINDOWS\system32\services.exe[812] @ C:\WINDOWS\system32\services.exe [KERNEL32.dll!CreateProcessW] 003D0000
 ---- Devices - GMER 2.1 ----
 AttachedDevice \Driver\Tcpip \Device\Ip aswTdi.sys
 AttachedDevice \Driver\Tcpip \Device\Tcp aswTdi.sys
 AttachedDevice \Driver\Tcpip \Device\Udp aswTdi.sys
 AttachedDevice \Driver\Tcpip \Device\RawIp aswTdi.sys
 ---- EOF - GMER 2.1 ----
 
OTL:
http://wklej.org/id/1286642/
http://wklej.org/id/1286644/

 
	
