GMER 2.1.19357 - http://www.gmer.net Rootkit scan 2015-12-11 01:54:37 Windows 5.1.2600 Dodatek Service Pack 3 \Device\Harddisk0\DR0 -> \Device\0000006d NVIDIA__ rev. 186,31GB Running: j66i19qk.exe; Driver: C:\DOCUME~1\radeczek\USTAWI~1\Temp\uwtdrpow.sys ---- Kernel code sections - GMER 2.1 ---- .text C:\WINDOWS\system32\DRIVERS\nv4_mini.sys section is writeable [0xF512E3C0, 0x84E2FA, 0xE8000020] ---- User code sections - GMER 2.1 ---- .text C:\Program Files\CCleaner\CCleaner.exe[1800] USER32.dll!SetScrollInfo 7E369056 5 Bytes JMP 00508950 C:\Program Files\CCleaner\CCleaner.exe .text C:\Program Files\CCleaner\CCleaner.exe[1800] USER32.dll!GetScrollInfo 7E37DFE2 5 Bytes JMP 005088AC C:\Program Files\CCleaner\CCleaner.exe .text C:\Program Files\CCleaner\CCleaner.exe[1800] USER32.dll!ShowScrollBar 7E37F2F2 5 Bytes JMP 005088DF C:\Program Files\CCleaner\CCleaner.exe .text C:\Program Files\CCleaner\CCleaner.exe[1800] USER32.dll!GetScrollPos 7E37F704 5 Bytes JMP 00508887 C:\Program Files\CCleaner\CCleaner.exe .text C:\Program Files\CCleaner\CCleaner.exe[1800] USER32.dll!SetScrollPos 7E37F750 5 Bytes JMP 0050882A C:\Program Files\CCleaner\CCleaner.exe .text C:\Program Files\CCleaner\CCleaner.exe[1800] USER32.dll!GetScrollRange 7E37F787 5 Bytes JMP 0050884F C:\Program Files\CCleaner\CCleaner.exe .text C:\Program Files\CCleaner\CCleaner.exe[1800] USER32.dll!SetScrollRange 7E37F99B 5 Bytes JMP 00508919 C:\Program Files\CCleaner\CCleaner.exe .text C:\Program Files\CCleaner\CCleaner.exe[1800] USER32.dll!EnableScrollBar 7E3B8005 5 Bytes JMP 00508984 C:\Program Files\CCleaner\CCleaner.exe .text C:\Program Files\Mozilla Firefox\firefox.exe[3168] ntdll.dll!NtCreateFile 7C90D0AE 5 Bytes JMP 0146B983 C:\Program Files\Mozilla Firefox\xul.dll .text C:\Program Files\Mozilla Firefox\firefox.exe[3168] ntdll.dll!NtFlushBuffersFile 7C90D32E 5 Bytes JMP 0146B6C3 C:\Program Files\Mozilla Firefox\xul.dll .text C:\Program Files\Mozilla Firefox\firefox.exe[3168] ntdll.dll!NtQueryFullAttributesFile 7C90D7AE 5 Bytes JMP 0146B7F8 C:\Program Files\Mozilla Firefox\xul.dll .text C:\Program Files\Mozilla Firefox\firefox.exe[3168] ntdll.dll!NtReadFile 7C90D9CE 5 Bytes JMP 0146B6FD C:\Program Files\Mozilla Firefox\xul.dll .text C:\Program Files\Mozilla Firefox\firefox.exe[3168] ntdll.dll!NtReadFileScatter 7C90D9DE 5 Bytes JMP 017F2E91 C:\Program Files\Mozilla Firefox\xul.dll .text C:\Program Files\Mozilla Firefox\firefox.exe[3168] ntdll.dll!NtWriteFile 7C90DF7E 5 Bytes JMP 0146BB27 C:\Program Files\Mozilla Firefox\xul.dll .text C:\Program Files\Mozilla Firefox\firefox.exe[3168] ntdll.dll!NtWriteFileGather 7C90DF8E 5 Bytes JMP 017F2EE1 C:\Program Files\Mozilla Firefox\xul.dll .text C:\Program Files\Mozilla Firefox\firefox.exe[3168] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 1000A8A8 C:\Program Files\Mozilla Firefox\mozglue.dll .text C:\Program Files\Mozilla Firefox\firefox.exe[3168] kernel32.dll!lstrlenW + 43 7C809AEC 7 Bytes JMP 017DBFAC C:\Program Files\Mozilla Firefox\xul.dll .text C:\Program Files\Mozilla Firefox\firefox.exe[3168] kernel32.dll!MapViewOfFileEx + 6A 7C80B9A0 7 Bytes JMP 017DB5A5 C:\Program Files\Mozilla Firefox\xul.dll .text C:\Program Files\Mozilla Firefox\firefox.exe[3168] kernel32.dll!ValidateLocale + B648 7C844EE0 7 Bytes JMP 0153AFF1 C:\Program Files\Mozilla Firefox\xul.dll .text C:\Program Files\Mozilla Firefox\firefox.exe[3168] GDI32.dll!SetDIBitsToDevice + 20A 77F19E14 7 Bytes JMP 017DAF5D C:\Program Files\Mozilla Firefox\xul.dll .text C:\Program Files\Mozilla Firefox\firefox.exe[3168] USER32.dll!GetWindowInfo 7E37C49C 5 Bytes JMP 022BAE81 C:\Program Files\Mozilla Firefox\xul.dll ---- EOF - GMER 2.1 ----