GMER 1.0.15.15477 - http://www.gmer.net Rootkit scan 2010-10-22 21:40:18 Windows 5.1.2600 Dodatek Service Pack 3 Running: ttmiyo7i.exe; Driver: C:\Temp\kgtdqpow.sys ---- System - GMER 1.0.15 ---- SSDT BA719266 ZwCreateKey SSDT BA71925C ZwCreateThread SSDT BA71926B ZwDeleteKey SSDT BA719275 ZwDeleteValueKey SSDT BA71927A ZwLoadKey SSDT BA719248 ZwOpenProcess SSDT BA71924D ZwOpenThread SSDT BA719284 ZwReplaceKey SSDT BA71927F ZwRestoreKey SSDT BA719270 ZwSetValueKey ---- Kernel code sections - GMER 1.0.15 ---- .xreloc C:\WINDOWS\system32\drivers\ps7arj8b.sys unknown last section [0xB9F66000, 0x9F4, 0x40000040] .text C:\WINDOWS\system32\DRIVERS\ati2mtag.sys section is writeable [0xB8DE2000, 0x1B601E, 0xE8000020] init C:\WINDOWS\system32\drivers\Senfilt.sys entry point in "init" section [0xACBCDA00] .text C:\WINDOWS\system32\DRIVERS\atksgt.sys section is writeable [0xA917D300, 0x3AE88, 0xE8000020] .text C:\WINDOWS\system32\DRIVERS\lirsgt.sys section is writeable [0xBA3E8300, 0x1B7E, 0xE8000020] ---- User code sections - GMER 1.0.15 ---- .text C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe[196] USER32.dll!DefWindowProcA + 11A 7E37C298 7 Bytes JMP 003C5CF0 C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\NewUI.dll (New UI/Avanquest Software) .text C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe[196] USER32.dll!SetWindowRgn + 2BD 7E37E7E5 7 Bytes JMP 003C5C60 C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\NewUI.dll (New UI/Avanquest Software) .text C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe[196] USER32.dll!SetClipboardData + 19D 7E38113B 1 Byte [E9] .text C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe[196] USER32.dll!SetClipboardData + 19D 7E38113B 7 Bytes JMP 003C5CD0 C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\NewUI.dll (New UI/Avanquest Software) ---- Devices - GMER 1.0.15 ---- Device \Driver\timounter \Device\AcroVBus snapman.sys (Acronis Snapshot API/Acronis) AttachedDevice \Driver\Ftdisk \Device\HarddiskVolume1 snapman.sys (Acronis Snapshot API/Acronis) AttachedDevice \Driver\Ftdisk \Device\HarddiskVolume2 snapman.sys (Acronis Snapshot API/Acronis) AttachedDevice \FileSystem\Fastfat \Fat fltMgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation) ---- EOF - GMER 1.0.15 ----