GMER 2.1.19163 - http://www.gmer.net
Rootkit scan 2013-07-01 17:22:49
Windows 5.1.2600 Dodatek Service Pack 3 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3 ST9320325AS rev.0002SDM1 298,09GB
Running: 4r6ybv17.exe; Driver: C:\DOCUME~1\Damian\USTAWI~1\Temp\pgtdypoc.sys


---- Kernel code sections - GMER 2.1 ----

.text  C:\WINDOWS\system32\DRIVERS\ati2mtag.sys                                                              section is writeable [0xB7645000, 0x1CBE86, 0xE8000020]
init   C:\WINDOWS\system32\drivers\monfilt.sys                                                               entry point in "init" section [0xAB163280]

---- User code sections - GMER 2.1 ----

.text  E:\Programy\Mozilla\firefox.exe[2536] ntdll.dll!LdrLoadDll                                            7C91632D 5 Bytes  JMP 015C9CF0 E:\Programy\Mozilla\xul.dll
.text  E:\Programy\Mozilla\firefox.exe[2536] kernel32.dll!lstrlenW + 43                                      7C809AEC 7 Bytes  JMP 01B7542B E:\Programy\Mozilla\xul.dll
.text  E:\Programy\Mozilla\firefox.exe[2536] kernel32.dll!MapViewOfFileEx + 6A                               7C80B9A0 7 Bytes  JMP 01B75408 E:\Programy\Mozilla\xul.dll
.text  E:\Programy\Mozilla\firefox.exe[2536] kernel32.dll!ValidateLocale + B1C8                              7C8449C8 7 Bytes  JMP 015D369E E:\Programy\Mozilla\xul.dll
.text  E:\Programy\Mozilla\firefox.exe[2536] GDI32.dll!SetDIBitsToDevice + 20A                               77F19E14 7 Bytes  JMP 01B75389 E:\Programy\Mozilla\xul.dll

---- Registry - GMER 2.1 ----

Reg    HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC                      
Reg    HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0                   0x00 0x00 0x00 0x00 ...
Reg    HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0                   0
Reg    HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12                0x02 0xA3 0xC3 0xD3 ...
Reg    HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0                   E:\Programy\daemon\DAEMON Tools Lite\
Reg    HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet)  
Reg    HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0                       E:\Programy\Daemin\DAEMON Tools Lite\
Reg    HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0                       0x00 0x00 0x00 0x00 ...
Reg    HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0                       0
Reg    HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12                    0xF1 0xC6 0xF0 0xF4 ...

---- EOF - GMER 2.1 ----