GMER 2.1.19163 - http://www.gmer.net
Rootkit scan 2013-12-19 15:52:23
Windows 5.1.2600 Dodatek Service Pack 3 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3 ST320DM000-1BD14C rev.KC44 298,09GB
Running: m57g1hli.exe; Driver: C:\DOCUME~1\Lectra\USTAWI~1\Temp\kwtdapow.sys


---- System - GMER 2.1 ----

SSDT                                                                                                                                  \WINDOWS\system32\ntkrnlpa.exe                              ZwCreateKey [0x804D7FEC]
SSDT                                                                                                                                  \WINDOWS\system32\ntkrnlpa.exe[unknown section] [804D7FEC]  ZwCreateKey [0x804D7FEC]
SSDT                                                                                                                                  \WINDOWS\system32\ntkrnlpa.exe                              ZwOpenKey [0x804D7FF1]
SSDT                                                                                                                                  \WINDOWS\system32\ntkrnlpa.exe[unknown section] [804D7FF1]  ZwOpenKey [0x804D7FF1]

INT 0x03                                                                                                                              \WINDOWS\system32\ntkrnlpa.exe[unknown section]             804D7FFB
INT 0x06                                                                                                                              \??\C:\WINDOWS\system32\drivers\Haspnt.sys                  A819716D
INT 0x0E                                                                                                                              \??\C:\WINDOWS\system32\drivers\Haspnt.sys                  A8196FC2

---- Kernel code sections - GMER 2.1 ----

.text                                                                                                                                 C:\WINDOWS\system32\DRIVERS\aksfridge.sys                   section is writeable [0xA7B9A000, 0x47E35, 0xE0000020]
.init                                                                                                                                 C:\WINDOWS\system32\DRIVERS\aksfridge.sys                   entry point in ".init" section [0xA7BEE224]
.init                                                                                                                                 C:\WINDOWS\system32\DRIVERS\aksfridge.sys                   unknown last code section [0xA7BEE000, 0x4000, 0xE20000E0]
.text                                                                                                                                 C:\WINDOWS\system32\drivers\hardlock.sys                    section is writeable [0xA7AB9400, 0x6E6E2, 0xE8000020]
.protectÿÿÿÿhardlockentry point in ".protectÿÿÿÿhardlockentry point in ".protectÿÿÿÿhardlockentry point in ".p" section [0xA7B43820]  C:\WINDOWS\system32\drivers\hardlock.sys                    entry point in ".protectÿÿÿÿhardlockentry point in ".protectÿÿÿÿhardlockentry point in ".p" section [0xA7B43820]
.protectÿÿÿÿhardlockunknown last code section [0xA7B43600, 0x512A, 0xE0000020]                                                        C:\WINDOWS\system32\drivers\hardlock.sys                    unknown last code section [0xA7B43600, 0x512A, 0xE0000020]

---- Devices - GMER 2.1 ----

Device                                                                                                                                \Driver\Disk \Device\Harddisk0\DR0                          aksfridge.sys
Device                                                                                                                                \Driver\Disk \Device\Harddisk1\DR4                          aksfridge.sys
Device                                                                                                                                \Driver\Disk \Device\Harddisk1\DP(1)0-0+5                   aksfridge.sys
Device                                                                                                                                \Driver\aksusb \Device\0000006d                             AKSCLASS.SYS
Device                                                                                                                                \Driver\aksusb \Device\0000006e                             AKSCLASS.SYS
Device                                                                                                                                \Driver\aksusb \Device\0000006f                             AKSCLASS.SYS

AttachedDevice                                                                                                                        \FileSystem\Fastfat \Fat                                    fltMgr.sys

---- EOF - GMER 2.1 ----