GMER 1.0.15.15530 - http://www.gmer.net Rootkit scan 2010-11-18 23:58:38 Windows 5.1.2600 Dodatek Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3 WDC_WD1200BEVS-75UST0 rev.01.01A01 Running: 1v18xl44.exe; Driver: C:\DOCUME~1\monikat\USTAWI~1\Temp\uwtdypod.sys ---- System - GMER 1.0.15 ---- SSDT F7B11486 ZwCreateKey SSDT F7B1147C ZwCreateThread SSDT F7B1148B ZwDeleteKey SSDT F7B11495 ZwDeleteValueKey SSDT F7B1149A ZwLoadKey SSDT F7B11468 ZwOpenProcess SSDT F7B1146D ZwOpenThread SSDT F7B114A4 ZwReplaceKey SSDT F7B1149F ZwRestoreKey SSDT F7B11490 ZwSetValueKey ---- User code sections - GMER 1.0.15 ---- .text C:\Program Files\Mozilla Firefox\firefox.exe[1720] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 004013F0 C:\Program Files\Mozilla Firefox\firefox.exe (Firefox/Mozilla Corporation) .text C:\WINDOWS\system32\SearchIndexer.exe[2668] kernel32.dll!WriteFile 7C810E27 7 Bytes JMP 01121B19 C:\WINDOWS\system32\mssrch.dll (mssrch.lib/Microsoft Corporation) ---- Devices - GMER 1.0.15 ---- AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 SynTP.sys (Synaptics Touchpad Driver/Synaptics, Inc.) AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 SynTP.sys (Synaptics Touchpad Driver/Synaptics, Inc.) Device \FileSystem\Fastfat \Fat B995AD20 AttachedDevice \FileSystem\Fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation) ---- Files - GMER 1.0.15 ---- File C:\Documents and Settings\All Users\Dane aplikacji\Microsoft\Search\Data\Applications\Windows\MSS23C90.log 131072 bytes File C:\Documents and Settings\All Users\Dane aplikacji\Microsoft\Search\Data\Applications\Windows\MSS23C91.log 131072 bytes ---- EOF - GMER 1.0.15 ----