GMER 1.0.15.15641 - http://www.gmer.net Rootkit scan 2013-01-26 21:20:40 Windows 5.1.2600 Dodatek Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3 ST3250310AS rev.3.AAC Running: gmer.exe; Driver: C:\DOCUME~1\Tomek\USTAWI~1\Temp\pxtdipog.sys ---- System - GMER 1.0.15 ---- SSDT F7BBBCDC ZwClose SSDT F7BBBC96 ZwCreateKey SSDT F7BBBCE6 ZwCreateSection SSDT F7BBBC8C ZwCreateThread SSDT F7BBBC9B ZwDeleteKey SSDT F7BBBCA5 ZwDeleteValueKey SSDT F7BBBCD7 ZwDuplicateObject SSDT F7BBBCAA ZwLoadKey SSDT F7BBBC78 ZwOpenProcess SSDT F7BBBC7D ZwOpenThread SSDT F7BBBCB4 ZwReplaceKey SSDT F7BBBCAF ZwRestoreKey SSDT F7BBBCEB ZwSetContextThread SSDT F7BBBCA0 ZwSetValueKey SSDT F7BBBC87 ZwTerminateProcess ---- Kernel code sections - GMER 1.0.15 ---- .xreloc C:\WINDOWS\system32\drivers\sfsync04.sys unknown last section [0xF7499000, 0xC0A, 0x40000040] .text C:\WINDOWS\system32\DRIVERS\nv4_mini.sys section is writeable [0xB704E3C0, 0x72B99A, 0xE8000020] .text C:\WINDOWS\system32\DRIVERS\atksgt.sys section is writeable [0xB35C2300, 0x3AF78, 0xE8000020] .text C:\WINDOWS\system32\DRIVERS\lirsgt.sys section is writeable [0xF7943300, 0x1BCE, 0xE8000020] ---- User code sections - GMER 1.0.15 ---- .text C:\Program Files\Mozilla Firefox\firefox.exe[4020] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 0155C5B0 C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation) .text C:\Program Files\Mozilla Firefox\firefox.exe[4020] kernel32.dll!lstrlenW + 43 7C809AEC 7 Bytes JMP 018A61C7 C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation) .text C:\Program Files\Mozilla Firefox\firefox.exe[4020] kernel32.dll!MapViewOfFileEx + 6A 7C80B9A0 7 Bytes JMP 018A61A4 C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation) .text C:\Program Files\Mozilla Firefox\firefox.exe[4020] kernel32.dll!ValidateLocale + B1C8 7C8449C8 7 Bytes JMP 0157544E C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation) .text C:\Program Files\Mozilla Firefox\firefox.exe[4020] GDI32.dll!SetDIBitsToDevice + 20A 77F19E14 7 Bytes JMP 018A6125 C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation) ---- Devices - GMER 1.0.15 ---- Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 867E16D0 Device \Driver\atapi \Device\Ide\IdePort0 867E16D0 Device \Driver\atapi \Device\Ide\IdePort1 867E16D0 Device \Driver\usbstor \Device\00000080 861A63A0 Device \Driver\usbstor \Device\00000081 861A63A0 Device \Driver\usbstor \Device\00000082 861A63A0 Device \Driver\usbstor \Device\0000007b 861A63A0 Device \Driver\usbstor \Device\0000007f 861A63A0 Device \Driver\viadsk \Device\Scsi\viadsk1 867C6910 Device \Driver\viadsk \Device\Scsi\viadsk2 867C6910 Device \Driver\viadsk \Device\Scsi\viadsk1Port2Path0Target0Lun0 867C6910 ---- EOF - GMER 1.0.15 ----