GMER 2.1.19357 - http://www.gmer.net
Rootkit scan 2014-03-16 09:01:28
Windows 5.1.2600 Dodatek Service Pack 3 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0 Hitachi_ rev.BBCO 149,05GB
Running: ft7rptmg.exe; Driver: C:\DOCUME~1\ANDRZE~1\USTAWI~1\Temp\pwddrpog.sys


---- User code sections - GMER 2.1 ----

.text           C:\Program Files\Mozilla Firefox\firefox.exe[876] ntdll.dll!LdrLoadDll                    7C91632D 5 Bytes  JMP 10001FFD C:\Program Files\Mozilla Firefox\mozglue.dll
.text           C:\Program Files\Mozilla Firefox\firefox.exe[876] kernel32.dll!ReadFile                   7C801812 7 Bytes  JMP 05183F20 C:\WINDOWS\system32\jmdp\lmrn.dll
.text           C:\Program Files\Mozilla Firefox\firefox.exe[876] kernel32.dll!lstrlenW + 43              7C809AEC 7 Bytes  JMP 01B10455 C:\Program Files\Mozilla Firefox\xul.dll
.text           C:\Program Files\Mozilla Firefox\firefox.exe[876] kernel32.dll!CloseHandle                7C809BE7 5 Bytes  JMP 05184E70 C:\WINDOWS\system32\jmdp\lmrn.dll
.text           C:\Program Files\Mozilla Firefox\firefox.exe[876] kernel32.dll!MapViewOfFileEx + 6A       7C80B9A0 7 Bytes  JMP 01B1049D C:\Program Files\Mozilla Firefox\xul.dll
.text           C:\Program Files\Mozilla Firefox\firefox.exe[876] kernel32.dll!CreateFileW                7C810CD9 5 Bytes  JMP 05184920 C:\WINDOWS\system32\jmdp\lmrn.dll
.text           C:\Program Files\Mozilla Firefox\firefox.exe[876] kernel32.dll!WriteFile                  7C8112FF 7 Bytes  JMP 05184370 C:\WINDOWS\system32\jmdp\lmrn.dll
.text           C:\Program Files\Mozilla Firefox\firefox.exe[876] kernel32.dll!ValidateLocale + B1C8      7C8449C8 7 Bytes  JMP 01725A06 C:\Program Files\Mozilla Firefox\xul.dll
.text           C:\Program Files\Mozilla Firefox\firefox.exe[876] GDI32.dll!SetDIBitsToDevice + 20A       77F19E14 7 Bytes  JMP 01B104C4 C:\Program Files\Mozilla Firefox\xul.dll
.text           C:\Program Files\Mozilla Firefox\firefox.exe[876] USER32.dll!GetWindowInfo                7E37C49C 5 Bytes  JMP 01E15984 C:\Program Files\Mozilla Firefox\xul.dll
.text           C:\WINDOWS\system32\SearchIndexer.exe[2468] kernel32.dll!WriteFile                        7C8112FF 7 Bytes  JMP 00585C0C C:\WINDOWS\system32\MSSRCH.DLL
.text           C:\Program Files\Internet Explorer\IEXPLORE.EXE[3904] kernel32.dll!ReadFile               7C801812 7 Bytes  JMP 10013F20 C:\WINDOWS\system32\jmdp\lmrn.dll
.text           C:\Program Files\Internet Explorer\IEXPLORE.EXE[3904] kernel32.dll!LoadLibraryExW         7C801AF5 7 Bytes  JMP 10013EB0 C:\WINDOWS\system32\jmdp\lmrn.dll
.text           C:\Program Files\Internet Explorer\IEXPLORE.EXE[3904] ADVAPI32.dll!RegQueryValueExW       77DC6FFF 5 Bytes  JMP 10013900 C:\WINDOWS\system32\jmdp\lmrn.dll
.text           C:\Program Files\Internet Explorer\IEXPLORE.EXE[3904] ADVAPI32.dll!RegSetValueExW         77DCD767 7 Bytes  JMP 10013C00 C:\WINDOWS\system32\jmdp\lmrn.dll
.text           C:\Program Files\Internet Explorer\IEXPLORE.EXE[3904] USER32.dll!DialogBoxParamW          7E3747AB 5 Bytes  JMP 405D5559 C:\WINDOWS\system32\IEFRAME.dll
.text           C:\Program Files\Internet Explorer\IEXPLORE.EXE[3904] USER32.dll!CreateWindowExW          7E37D0A3 5 Bytes  JMP 406ADC44 C:\WINDOWS\system32\IEFRAME.dll
.text           C:\Program Files\Internet Explorer\IEXPLORE.EXE[3904] USER32.dll!DialogBoxIndirectParamW  7E382072 5 Bytes  JMP 407A79A7 C:\WINDOWS\system32\IEFRAME.dll
.text           C:\Program Files\Internet Explorer\IEXPLORE.EXE[3904] USER32.dll!MessageBoxIndirectA      7E38A082 5 Bytes  JMP 407A78D9 C:\WINDOWS\system32\IEFRAME.dll
.text           C:\Program Files\Internet Explorer\IEXPLORE.EXE[3904] USER32.dll!DialogBoxParamA          7E38B144 5 Bytes  JMP 407A7944 C:\WINDOWS\system32\IEFRAME.dll
.text           C:\Program Files\Internet Explorer\IEXPLORE.EXE[3904] USER32.dll!MessageBoxExW            7E3A0838 5 Bytes  JMP 407A77AA C:\WINDOWS\system32\IEFRAME.dll
.text           C:\Program Files\Internet Explorer\IEXPLORE.EXE[3904] USER32.dll!MessageBoxExA            7E3A085C 5 Bytes  JMP 407A780C C:\WINDOWS\system32\IEFRAME.dll
.text           C:\Program Files\Internet Explorer\IEXPLORE.EXE[3904] USER32.dll!DialogBoxIndirectParamA  7E3A6D7D 5 Bytes  JMP 407A7A0A C:\WINDOWS\system32\IEFRAME.dll
.text           C:\Program Files\Internet Explorer\IEXPLORE.EXE[3904] USER32.dll!MessageBoxIndirectW      7E3B64D5 5 Bytes  JMP 407A786E C:\WINDOWS\system32\IEFRAME.dll
.text           C:\Program Files\Internet Explorer\IEXPLORE.EXE[3936] kernel32.dll!ReadFile               7C801812 7 Bytes  JMP 10013F20 C:\WINDOWS\system32\jmdp\lmrn.dll
.text           C:\Program Files\Internet Explorer\IEXPLORE.EXE[3936] kernel32.dll!LoadLibraryExW         7C801AF5 7 Bytes  JMP 10013EB0 C:\WINDOWS\system32\jmdp\lmrn.dll
.text           C:\Program Files\Internet Explorer\IEXPLORE.EXE[3936] ADVAPI32.dll!RegQueryValueExW       77DC6FFF 5 Bytes  JMP 10013900 C:\WINDOWS\system32\jmdp\lmrn.dll
.text           C:\Program Files\Internet Explorer\IEXPLORE.EXE[3936] ADVAPI32.dll!RegSetValueExW         77DCD767 7 Bytes  JMP 10013C00 C:\WINDOWS\system32\jmdp\lmrn.dll
.text           C:\Program Files\Internet Explorer\IEXPLORE.EXE[3936] USER32.dll!DialogBoxParamW          7E3747AB 5 Bytes  JMP 405D5559 C:\WINDOWS\system32\IEFRAME.dll
.text           C:\Program Files\Internet Explorer\IEXPLORE.EXE[3936] USER32.dll!SetWindowsHookExW        7E37820F 5 Bytes  JMP 406A9BB9 C:\WINDOWS\system32\IEFRAME.dll
.text           C:\Program Files\Internet Explorer\IEXPLORE.EXE[3936] USER32.dll!CallNextHookEx           7E37B3C6 5 Bytes  JMP 4069D1F5 C:\WINDOWS\system32\IEFRAME.dll
.text           C:\Program Files\Internet Explorer\IEXPLORE.EXE[3936] USER32.dll!CreateWindowExW          7E37D0A3 5 Bytes  JMP 406ADC44 C:\WINDOWS\system32\IEFRAME.dll
.text           C:\Program Files\Internet Explorer\IEXPLORE.EXE[3936] USER32.dll!UnhookWindowsHookEx      7E37D5F3 5 Bytes  JMP 40614704 C:\WINDOWS\system32\IEFRAME.dll
.text           C:\Program Files\Internet Explorer\IEXPLORE.EXE[3936] USER32.dll!DialogBoxIndirectParamW  7E382072 5 Bytes  JMP 407A79A7 C:\WINDOWS\system32\IEFRAME.dll
.text           C:\Program Files\Internet Explorer\IEXPLORE.EXE[3936] USER32.dll!MessageBoxIndirectA      7E38A082 5 Bytes  JMP 407A78D9 C:\WINDOWS\system32\IEFRAME.dll
.text           C:\Program Files\Internet Explorer\IEXPLORE.EXE[3936] USER32.dll!DialogBoxParamA          7E38B144 5 Bytes  JMP 407A7944 C:\WINDOWS\system32\IEFRAME.dll
.text           C:\Program Files\Internet Explorer\IEXPLORE.EXE[3936] USER32.dll!MessageBoxExW            7E3A0838 5 Bytes  JMP 407A77AA C:\WINDOWS\system32\IEFRAME.dll
.text           C:\Program Files\Internet Explorer\IEXPLORE.EXE[3936] USER32.dll!MessageBoxExA            7E3A085C 5 Bytes  JMP 407A780C C:\WINDOWS\system32\IEFRAME.dll
.text           C:\Program Files\Internet Explorer\IEXPLORE.EXE[3936] USER32.dll!DialogBoxIndirectParamA  7E3A6D7D 5 Bytes  JMP 407A7A0A C:\WINDOWS\system32\IEFRAME.dll
.text           C:\Program Files\Internet Explorer\IEXPLORE.EXE[3936] USER32.dll!MessageBoxIndirectW      7E3B64D5 5 Bytes  JMP 407A786E C:\WINDOWS\system32\IEFRAME.dll
.text           C:\Program Files\Internet Explorer\IEXPLORE.EXE[3936] ole32.dll!CoCreateInstance          774EF1D4 5 Bytes  JMP 406ADCA0 C:\WINDOWS\system32\IEFRAME.dll
.text           C:\Program Files\Internet Explorer\IEXPLORE.EXE[3936] ole32.dll!OleLoadFromStream         7751988B 5 Bytes  JMP 407A7D0F C:\WINDOWS\system32\IEFRAME.dll

---- Devices - GMER 2.1 ----

AttachedDevice  \Driver\Kbdclass \Device\KeyboardClass0                                                   SynTP.sys

---- EOF - GMER 2.1 ----