GMER 1.0.15.15641 - http://www.gmer.net Rootkit scan 2012-06-22 14:11:45 Windows 6.0.6002 Service Pack 2 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 WDC_WD2500BEVT-75ZCT2 rev.11.01A11 Running: gsv01n1u.exe; Driver: C:\Users\Piotr\AppData\Local\Temp\kgloapow.sys ---- User code sections - GMER 1.0.15 ---- .text C:\Program Files\Mozilla Firefox\firefox.exe[720] ntdll.dll!LdrLoadDll 77BA9378 5 Bytes JMP 6EA7FA35 C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation) .text C:\Program Files\Mozilla Firefox\firefox.exe[720] kernel32.dll!MapViewOfFile 76C56B10 5 Bytes JMP 6ED2079E C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation) .text C:\Program Files\Mozilla Firefox\firefox.exe[720] kernel32.dll!VirtualAlloc 76C5AF75 5 Bytes JMP 6ED207C5 C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation) .text C:\Program Files\Mozilla Firefox\firefox.exe[720] USER32.dll!GetWindowInfo 76B8428E 5 Bytes JMP 6EC029CB C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation) .text C:\Program Files\Mozilla Firefox\firefox.exe[720] GDI32.dll!CreateDIBSection 763E7461 5 Bytes JMP 6ED20728 C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation) ---- Devices - GMER 1.0.15 ---- AttachedDevice \Driver\kbdclass \Device\KeyboardClass0 Wdf01000.sys (Aparat wykonawczy struktury sterowników trybu jądra/Microsoft Corporation) AttachedDevice \Driver\kbdclass \Device\KeyboardClass1 Wdf01000.sys (Aparat wykonawczy struktury sterowników trybu jądra/Microsoft Corporation) AttachedDevice \Driver\tdx \Device\Tcp aswRdr.SYS (avast! TDI Redirect Driver/AVAST Software) Device \FileSystem\fastfat \Fat 95B1DA7A AttachedDevice \FileSystem\fastfat \Fat fltmgr.sys (Menedżer filtrów systemu plików firmy Microsoft/Microsoft Corporation) ---- EOF - GMER 1.0.15 ----