GMER 1.0.15.15641 - http://www.gmer.net
Rootkit scan 2011-09-29 13:11:24
Windows 5.1.2600 Dodatek Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3 SAMSUNG_SP0802N rev.TK200-04
Running: 860d1qxs.exe; Driver: C:\DOCUME~1\user\USTAWI~1\Temp\kwqyqaod.sys


---- System - GMER 1.0.15 ----

SSDT   F8C2D806                                                                 ZwCreateKey
SSDT   F8C2D7FC                                                                 ZwCreateThread
SSDT   F8C2D80B                                                                 ZwDeleteKey
SSDT   F8C2D815                                                                 ZwDeleteValueKey
SSDT   F8C2D81A                                                                 ZwLoadKey
SSDT   F8C2D7E8                                                                 ZwOpenProcess
SSDT   F8C2D7ED                                                                 ZwOpenThread
SSDT   F8C2D824                                                                 ZwReplaceKey
SSDT   F8C2D81F                                                                 ZwRestoreKey
SSDT   F8C2D810                                                                 ZwSetValueKey

---- Kernel code sections - GMER 1.0.15 ----

.text  ntoskrnl.exe!_abnormal_termination + 234                                 804E2890 4 Bytes  CALL C646EB6C 

---- User code sections - GMER 1.0.15 ----

.text  C:\Program Files\Mozilla Firefox\firefox.exe[2036] ntdll.dll!LdrLoadDll  7C9163A3 5 Bytes  JMP 0119E590 C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation)

---- EOF - GMER 1.0.15 ----