GMER 2.1.19357 - http://www.gmer.net
Rootkit scan 2015-03-14 17:19:56
Windows 5.1.2600 Dodatek Service Pack 3 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-e FUJITSU_MHY2200BH rev.0040020B 186,31GB
Running: h3qx9u7r.exe; Driver: C:\DOCUME~1\user\USTAWI~1\Temp\pfxiiaog.sys


---- System - GMER 2.1 ----

SSDT                                                                                                                                  \WINDOWS\system32\ntkrnlpa.exe                                     ZwCreateKey [0x804D70CC]
SSDT                                                                                                                                  \WINDOWS\system32\ntkrnlpa.exe[unknown section] [804D70CC]         ZwCreateKey [0x804D70CC]
SSDT                                                                                                                                  \WINDOWS\system32\ntkrnlpa.exe                                     ZwOpenKey [0x804D70D1]
SSDT                                                                                                                                  \WINDOWS\system32\ntkrnlpa.exe[unknown section] [804D70D1]         ZwOpenKey [0x804D70D1]

INT 0x03                                                                                                                              \WINDOWS\system32\ntkrnlpa.exe[unknown section]                    804D70DB

---- Kernel code sections - GMER 2.1 ----

.text                                                                                                                                 C:\WINDOWS\system32\DRIVERS\aksfridge.sys                          section is writeable [0xA912A000, 0x48011, 0xE0000020]
.init                                                                                                                                 C:\WINDOWS\system32\DRIVERS\aksfridge.sys                          entry point in ".init" section [0xA917F224]
.init                                                                                                                                 C:\WINDOWS\system32\DRIVERS\aksfridge.sys                          unknown last code section [0xA917F000, 0x4000, 0xE20000E0]
.text                                                                                                                                 C:\WINDOWS\system32\drivers\hardlock.sys                           section is writeable [0xA9036400, 0x6E1B2, 0xE8000020]
.protect˙˙˙˙hardlockentry point in ".protect˙˙˙˙hardlockentry point in ".protect˙˙˙˙hardlockentry point in ".p" section [0xA90C0220]  C:\WINDOWS\system32\drivers\hardlock.sys                           entry point in ".protect˙˙˙˙hardlockentry point in ".protect˙˙˙˙hardlockentry point in ".p" section [0xA90C0220]
.protect˙˙˙˙hardlockunknown last code section [0xA90C0000, 0x50EA, 0xE0000020]                                                        C:\WINDOWS\system32\drivers\hardlock.sys                           unknown last code section [0xA90C0000, 0x50EA, 0xE0000020]

---- Devices - GMER 2.1 ----

AttachedDevice                                                                                                                        \Driver\Kbdclass \Device\KeyboardClass0                            SynTP.sys
AttachedDevice                                                                                                                        \Driver\Kbdclass \Device\KeyboardClass1                            SynTP.sys

Device                                                                                                                                \Driver\aksusb \Device\00000070                                    AKSCLASS.SYS
Device                                                                                                                                \Driver\aksusb \Device\00000071                                    AKSCLASS.SYS
Device                                                                                                                                \Driver\Disk \Device\Harddisk0\DR0                                 aksfridge.sys
Device                                                                                                                                \Driver\Disk \Device\Harddisk1\DR6                                 aksfridge.sys
Device                                                                                                                                \Driver\Disk \Device\Harddisk1\DP(1)0-0+7                          aksfridge.sys
Device                                                                                                                                \Driver\usb_rndisx \Device\{E6F2D582-4F12-4C82-89F5-6D13CDBC1C7E}  RNDISMPX.SYS

AttachedDevice                                                                                                                        \FileSystem\Fastfat \Fat                                           fltmgr.sys

---- EOF - GMER 2.1 ----