GMER 1.0.15.15530 - http://www.gmer.net Rootkit scan 2011-02-04 13:57:38 Windows 5.1.2600 Dodatek Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3 SAMSUNG_SP0822N rev.WA100-10 Running: ir02k0c4.exe; Driver: C:\DOCUME~1\MICHA~1\USTAWI~1\Temp\kwnyafod.sys ---- System - GMER 1.0.15 ---- SSDT B946178E ZwCreateKey SSDT B9461784 ZwCreateThread SSDT B9461793 ZwDeleteKey SSDT B946179D ZwDeleteValueKey SSDT B94617A2 ZwLoadKey SSDT B9461770 ZwOpenProcess SSDT B9461775 ZwOpenThread SSDT B94617AC ZwReplaceKey SSDT B94617A7 ZwRestoreKey SSDT B9461798 ZwSetValueKey ---- User code sections - GMER 1.0.15 ---- .text C:\Program Files\Mozilla Firefox\firefox.exe[1680] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 004013F0 C:\Program Files\Mozilla Firefox\firefox.exe (Firefox/Mozilla Corporation) ---- Devices - GMER 1.0.15 ---- Device Ntfs.sys (NT File System Driver/Microsoft Corporation) Device mrxsmb.sys (Windows NT SMB Minirdr/Microsoft Corporation) Device Fs_Rec.SYS (File System Recognizer Driver/Microsoft Corporation) ---- Processes - GMER 1.0.15 ---- Library c:\windows\system32\uxtuneup.dll (*** hidden *** ) @ C:\WINDOWS\System32\svchost.exe [1216] 0x55580000 ---- EOF - GMER 1.0.15 ----