GMER 1.0.15.15640 - http://www.gmer.net
Rootkit scan 2011-06-10 00:22:50
Windows 5.1.2600 Dodatek Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3 ST3500418AS rev.CC38
Running: iq26qgh7.exe; Driver: C:\DOCUME~1\RAFA~1\USTAWI~1\Temp\kxtdapob.sys


---- System - GMER 1.0.15 ----

INT 0x06                                                                                                                              \??\C:\WINDOWS\system32\drivers\Haspnt.sys (HASP Kernel Device Driver for Windows NT/Aladdin Knowledge Systems)  B175216D
INT 0x0E                                                                                                                              \??\C:\WINDOWS\system32\drivers\Haspnt.sys (HASP Kernel Device Driver for Windows NT/Aladdin Knowledge Systems)  B1751FC2

---- Kernel code sections - GMER 1.0.15 ----

.text                                                                                                                                 C:\WINDOWS\system32\DRIVERS\nv4_mini.sys                                                                         section is writeable [0xB4DF1380, 0x34E2EF, 0xE8000020]
.text                                                                                                                                 C:\WINDOWS\system32\drivers\hardlock.sys                                                                         section is writeable [0xB12FD400, 0x87EE2, 0xE8000020]
.protectÿÿÿÿhardlockentry point in ".protectÿÿÿÿhardlockentry point in ".protectÿÿÿÿhardlockentry point in ".p" section [0xB13A1620]  C:\WINDOWS\system32\drivers\hardlock.sys                                                                         entry point in ".protectÿÿÿÿhardlockentry point in ".protectÿÿÿÿhardlockentry point in ".p" section [0xB13A1620]
.protectÿÿÿÿhardlockunknown last code section [0xB13A1400, 0x5126, 0xE0000020]                                                        C:\WINDOWS\system32\drivers\hardlock.sys                                                                         unknown last code section [0xB13A1400, 0x5126, 0xE0000020]

---- User code sections - GMER 1.0.15 ----

.text                                                                                                                                 C:\WINDOWS\system32\SearchIndexer.exe[1384] kernel32.dll!WriteFile                                               7C810E27 7 Bytes  JMP 00585C0C C:\WINDOWS\system32\MSSRCH.DLL (mssrch.dll/Microsoft Corporation)

---- Devices - GMER 1.0.15 ----

AttachedDevice                                                                                                                        \Driver\Tcpip \Device\Ip                                                                                         avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice                                                                                                                        \Driver\Tcpip \Device\Tcp                                                                                        avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)

Device                                                                                                                                \Driver\aksusb \Device\00000071                                                                                  AKSCLASS.SYS (Aladdin Class Driver/Aladdin Knowledge Systems Ltd.)

AttachedDevice                                                                                                                        \Driver\Tcpip \Device\Udp                                                                                        avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice                                                                                                                        \Driver\Tcpip \Device\RawIp                                                                                      avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice                                                                                                                        \FileSystem\Fastfat \Fat                                                                                         fltMgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)

---- EOF - GMER 1.0.15 ----