GMER 1.0.15.15281 - http://www.gmer.net
Rootkit scan 2010-08-25 18:45:18
Windows 5.1.2600 Dodatek Service Pack 2
Running: uwgb6j24.exe; Driver: C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\pxtdapow.sys


---- User code sections - GMER 1.0.15 ----

.text  C:\program files\Internet Explorer\IEXPLORE.EXE[812] USER32.dll!CreateWindowExW                                     77D41AD5 5 Bytes  JMP 00CD4832 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text  C:\program files\Internet Explorer\IEXPLORE.EXE[812] USER32.dll!DialogBoxParamW                                     77D46702 5 Bytes  JMP 00BF9315 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text  C:\program files\Internet Explorer\IEXPLORE.EXE[812] USER32.dll!DialogBoxParamA                                     77D488E1 5 Bytes  JMP 00DEDFBE C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text  C:\program files\Internet Explorer\IEXPLORE.EXE[812] USER32.dll!DialogBoxIndirectParamW                             77D52598 5 Bytes  JMP 00DEE021 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text  C:\program files\Internet Explorer\IEXPLORE.EXE[812] USER32.dll!MessageBoxIndirectA                                 77D5AEF1 5 Bytes  JMP 00DEDF51 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text  C:\program files\Internet Explorer\IEXPLORE.EXE[812] USER32.dll!MessageBoxExW                                       77D70559 5 Bytes  JMP 00DEDE22 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text  C:\program files\Internet Explorer\IEXPLORE.EXE[812] USER32.dll!MessageBoxExA                                       77D7057D 5 Bytes  JMP 00DEDE84 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text  C:\program files\Internet Explorer\IEXPLORE.EXE[812] USER32.dll!DialogBoxIndirectParamA                             77D76CED 5 Bytes  JMP 00DEE084 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text  C:\program files\Internet Explorer\IEXPLORE.EXE[812] USER32.dll!MessageBoxIndirectW                                 77D860B7 5 Bytes  JMP 00DEDEE6 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text  C:\program files\Internet Explorer\IEXPLORE.EXE[944] USER32.dll!CallNextHookEx                                      77D3ED6E 5 Bytes  JMP 00CCDD81 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text  C:\program files\Internet Explorer\IEXPLORE.EXE[944] USER32.dll!CreateWindowExW                                     77D41AD5 5 Bytes  JMP 00CD4832 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text  C:\program files\Internet Explorer\IEXPLORE.EXE[944] USER32.dll!DialogBoxParamW                                     77D46702 5 Bytes  JMP 00BF9315 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text  C:\program files\Internet Explorer\IEXPLORE.EXE[944] USER32.dll!DialogBoxParamA                                     77D488E1 5 Bytes  JMP 00DEDFBE C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text  C:\program files\Internet Explorer\IEXPLORE.EXE[944] USER32.dll!DialogBoxIndirectParamW                             77D52598 5 Bytes  JMP 00DEE021 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text  C:\program files\Internet Explorer\IEXPLORE.EXE[944] USER32.dll!MessageBoxIndirectA                                 77D5AEF1 5 Bytes  JMP 00DEDF51 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text  C:\program files\Internet Explorer\IEXPLORE.EXE[944] USER32.dll!SetWindowsHookExW                                   77D5E621 5 Bytes  JMP 00CCDBCB C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text  C:\program files\Internet Explorer\IEXPLORE.EXE[944] USER32.dll!UnhookWindowsHookEx                                 77D5F29F 5 Bytes  JMP 00C31CA2 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text  C:\program files\Internet Explorer\IEXPLORE.EXE[944] USER32.dll!MessageBoxExW                                       77D70559 5 Bytes  JMP 00DEDE22 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text  C:\program files\Internet Explorer\IEXPLORE.EXE[944] USER32.dll!MessageBoxExA                                       77D7057D 5 Bytes  JMP 00DEDE84 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text  C:\program files\Internet Explorer\IEXPLORE.EXE[944] USER32.dll!DialogBoxIndirectParamA                             77D76CED 5 Bytes  JMP 00DEE084 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text  C:\program files\Internet Explorer\IEXPLORE.EXE[944] USER32.dll!MessageBoxIndirectW                                 77D860B7 5 Bytes  JMP 00DEDEE6 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text  C:\program files\Internet Explorer\IEXPLORE.EXE[944] ole32.dll!CoCreateInstance                                     77516009 5 Bytes  JMP 00CD488E C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

---- User IAT/EAT - GMER 1.0.15 ----

IAT    C:\program files\Internet Explorer\IEXPLORE.EXE[944] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW]  [017918FD] C:\program files\Internet Explorer\xpshims.dll (Internet Explorer Compatibility Shims for XP/Microsoft Corporation)

---- Disk sectors - GMER 1.0.15 ----

Disk   \Device\Harddisk0\DR0                                                                                               sector 05: copy of MBR

---- EOF - GMER 1.0.15 ----