GMER 2.1.19357 - http://www.gmer.net Rootkit scan 2014-10-19 08:58:32 Windows 5.1.2600 Dodatek Service Pack 3 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3 Hitachi_HTS541680J9SA00 rev.SB2OC70P 74,53GB Running: l9djtghb.exe; Driver: C:\DOCUME~1\dyrektor\USTAWI~1\Temp\kgpiafow.sys ---- User code sections - GMER 2.1 ---- .text C:\Program Files\Mozilla Firefox\firefox.exe[744] ntdll.dll!NtCreateFile 7C90D0AE 5 Bytes JMP 018DA210 C:\Program Files\Mozilla Firefox\xul.dll .text C:\Program Files\Mozilla Firefox\firefox.exe[744] ntdll.dll!NtFlushBuffersFile 7C90D32E 5 Bytes JMP 018BEB90 C:\Program Files\Mozilla Firefox\xul.dll .text C:\Program Files\Mozilla Firefox\firefox.exe[744] ntdll.dll!NtQueryFullAttributesFile 7C90D7AE 5 Bytes JMP 018D9C70 C:\Program Files\Mozilla Firefox\xul.dll .text C:\Program Files\Mozilla Firefox\firefox.exe[744] ntdll.dll!NtReadFile 7C90D9CE 5 Bytes JMP 018BEC80 C:\Program Files\Mozilla Firefox\xul.dll .text C:\Program Files\Mozilla Firefox\firefox.exe[744] ntdll.dll!NtReadFileScatter 7C90D9DE 5 Bytes JMP 021D4CE1 C:\Program Files\Mozilla Firefox\xul.dll .text C:\Program Files\Mozilla Firefox\firefox.exe[744] ntdll.dll!NtWriteFile 7C90DF7E 5 Bytes JMP 018DACB0 C:\Program Files\Mozilla Firefox\xul.dll .text C:\Program Files\Mozilla Firefox\firefox.exe[744] ntdll.dll!NtWriteFileGather 7C90DF8E 5 Bytes JMP 021D4C90 C:\Program Files\Mozilla Firefox\xul.dll .text C:\Program Files\Mozilla Firefox\firefox.exe[744] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 10001F42 C:\Program Files\Mozilla Firefox\mozglue.dll .text C:\Program Files\Mozilla Firefox\firefox.exe[744] kernel32.dll!lstrlenW + 43 7C809AEC 7 Bytes JMP 02141D0E C:\Program Files\Mozilla Firefox\xul.dll .text C:\Program Files\Mozilla Firefox\firefox.exe[744] kernel32.dll!MapViewOfFileEx + 6A 7C80B9A0 7 Bytes JMP 02141CEB C:\Program Files\Mozilla Firefox\xul.dll .text C:\Program Files\Mozilla Firefox\firefox.exe[744] kernel32.dll!ValidateLocale + B648 7C844EE0 7 Bytes JMP 018D6A9C C:\Program Files\Mozilla Firefox\xul.dll .text C:\Program Files\Mozilla Firefox\firefox.exe[744] GDI32.dll!SetDIBitsToDevice + 20A 77F19E14 7 Bytes JMP 02141C6C C:\Program Files\Mozilla Firefox\xul.dll .text C:\Program Files\Mozilla Firefox\firefox.exe[744] USER32.dll!GetWindowInfo 7E37C49C 5 Bytes JMP 020478E5 C:\Program Files\Mozilla Firefox\xul.dll .text C:\Program Files\Mozilla Firefox\plugin-container.exe[3664] USER32.dll!GetWindowInfo 7E37C49C 5 Bytes JMP 105470A8 C:\Program Files\Mozilla Firefox\xul.dll .text C:\Program Files\Mozilla Firefox\plugin-container.exe[3664] USER32.dll!GetMenuContextHelpId + 1A 7E3B5319 7 Bytes JMP 105408F6 C:\Program Files\Mozilla Firefox\xul.dll ---- Devices - GMER 2.1 ---- AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 SynTP.sys AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 SynTP.sys ---- EOF - GMER 2.1 ----