GMER 1.0.15.15641 - http://www.gmer.net
Rootkit scan 2012-12-21 23:01:58
Windows 5.1.2600 Dodatek Service Pack 2 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-1f ST3500413AS rev.JC4B
Running: 2xrjjltr.exe; Driver: C:\DOCUME~1\Admin\USTAWI~1\Temp\kgxcipog.sys


---- Kernel code sections - GMER 1.0.15 ----

.text  C:\WINDOWS\system32\DRIVERS\ati2mtag.sys                                                          section is writeable [0xB8AE4000, 0x2C28EE, 0xE8000020]

---- User code sections - GMER 1.0.15 ----

.text  C:\Program Files\Mozilla Firefox\firefox.exe[2304] ntdll.dll!LdrLoadDll                           7C9161CA 5 Bytes  JMP 01644470 C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation)
.text  C:\Program Files\Mozilla Firefox\firefox.exe[2304] kernel32.dll!lstrlenW + 43                     7C809A7C 7 Bytes  JMP 0189047C C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation)
.text  C:\Program Files\Mozilla Firefox\firefox.exe[2304] kernel32.dll!MapViewOfFileEx + 6A              7C80B788 7 Bytes  JMP 01890459 C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation)
.text  C:\Program Files\Mozilla Firefox\firefox.exe[2304] kernel32.dll!lstrcpyn + 70                     7C810381 7 Bytes  JMP 0164F972 C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation)
.text  C:\Program Files\Mozilla Firefox\firefox.exe[2304] GDI32.dll!SetWindowOrgEx + 15E                 77F1960B 7 Bytes  JMP 018903DA C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation)
.text  C:\Program Files\Mozilla Firefox\plugin-container.exe[2800] USER32.dll!SetPropW + 11B             77D3DECE 7 Bytes  JMP 105F32C0 C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation)
.text  C:\Program Files\Mozilla Firefox\plugin-container.exe[2800] USER32.dll!SetWindowLongA + 19        77D3DEEC 7 Bytes  JMP 105F324F C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation)
.text  C:\Program Files\Mozilla Firefox\plugin-container.exe[2800] USER32.dll!GetWindowInfo              77D3F122 5 Bytes  JMP 1043A8A3 C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation)
.text  C:\Program Files\Mozilla Firefox\plugin-container.exe[2800] USER32.dll!GetMenuContextHelpId + 1A  77D84F11 7 Bytes  JMP 1043AED5 C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation)

---- EOF - GMER 1.0.15 ----