GMER 1.0.15.15163 - http://www.gmer.net Rootkit quick scan 2010-10-04 18:56:01 Windows 5.1.2600 Dodatek Service Pack 3 Running: gmer.exe; Driver: C:\DOCUME~1\user\USTAWI~1\Temp\pwtyypog.sys ---- System - GMER 1.0.15 ---- SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwEnumerateKey [0xB6BFDECA] <-- ROOTKIT !!! SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwEnumerateValueKey [0xB6BFDF74] <-- ROOTKIT !!! Code \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) FsRtlCheckLockForReadAccess Code \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) IoIsOperationSynchronous ---- Devices - GMER 1.0.15 ---- Device \FileSystem\Ntfs \Ntfs 8ABB51D8 Device \FileSystem\Ntfs \Ntfs 8AD1C1F8 Device \FileSystem\Fastfat \Fat 87883500 AttachedDevice \FileSystem\Fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation) AttachedDevice \Driver\Tcpip \Device\Ip kl1.sys (Kaspersky Unified Driver/Kaspersky Lab) AttachedDevice \Driver\Tcpip \Device\Ip 8A91D158 AttachedDevice \Driver\Tcpip \Device\Tcp kl1.sys (Kaspersky Unified Driver/Kaspersky Lab) AttachedDevice \Driver\Tcpip \Device\Tcp 8A91D158 AttachedDevice \Driver\Tcpip \Device\Udp kl1.sys (Kaspersky Unified Driver/Kaspersky Lab) AttachedDevice \Driver\Tcpip \Device\Udp 8A91D158 AttachedDevice \Driver\Tcpip \Device\RawIp kl1.sys (Kaspersky Unified Driver/Kaspersky Lab) AttachedDevice \Driver\Tcpip \Device\RawIp 8A91D158 ---- Services - GMER 1.0.15 ---- Service (*** hidden *** ) [BOOT] mndul <-- ROOTKIT !!! ---- EOF - GMER 1.0.15 ----