GMER 1.0.15.15641 - http://www.gmer.net Rootkit scan 2011-08-25 07:00:39 Windows 5.1.2600 Dodatek Service Pack 2 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3 ST9250410ASG rev.0002SDM1 Running: umhtyrzb.exe; Driver: C:\DOCUME~1\buczat\USTAWI~1\Temp\kxliqpog.sys ---- User code sections - GMER 1.0.15 ---- .text C:\WINDOWS\SMINST\Scheduler.exe[2304] USER32.dll!GetSysColor 77D38E50 5 Bytes JMP 00418ED0 C:\WINDOWS\SMINST\Scheduler.exe .text C:\WINDOWS\SMINST\Scheduler.exe[2304] USER32.dll!GetSysColorBrush 77D38E83 5 Bytes JMP 00418F40 C:\WINDOWS\SMINST\Scheduler.exe .text C:\WINDOWS\SMINST\Scheduler.exe[2304] USER32.dll!SetScrollInfo 77D3902C 7 Bytes JMP 00418DC0 C:\WINDOWS\SMINST\Scheduler.exe .text C:\WINDOWS\SMINST\Scheduler.exe[2304] USER32.dll!GetScrollPos 77D3F66F 5 Bytes JMP 00418D50 C:\WINDOWS\SMINST\Scheduler.exe .text C:\WINDOWS\SMINST\Scheduler.exe[2304] USER32.dll!SetScrollRange 77D3F6BB 5 Bytes JMP 00418E40 C:\WINDOWS\SMINST\Scheduler.exe .text C:\WINDOWS\SMINST\Scheduler.exe[2304] USER32.dll!SetScrollPos 77D3F780 5 Bytes JMP 00418E00 C:\WINDOWS\SMINST\Scheduler.exe .text C:\WINDOWS\SMINST\Scheduler.exe[2304] USER32.dll!GetScrollRange 77D3F7B7 5 Bytes JMP 00418D80 C:\WINDOWS\SMINST\Scheduler.exe .text C:\WINDOWS\SMINST\Scheduler.exe[2304] USER32.dll!ShowScrollBar 77D40142 5 Bytes JMP 00418E90 C:\WINDOWS\SMINST\Scheduler.exe .text C:\WINDOWS\SMINST\Scheduler.exe[2304] USER32.dll!GetScrollInfo 77D43A2F 7 Bytes JMP 00418D10 C:\WINDOWS\SMINST\Scheduler.exe .text C:\WINDOWS\SMINST\Scheduler.exe[2304] USER32.dll!EnableScrollBar 77D87BAD 7 Bytes JMP 00418CD0 C:\WINDOWS\SMINST\Scheduler.exe .text C:\Program Files\O2CM-CE\O2 Connection Manager\tscui.exe[2408] USER32.dll!GetSysColor 77D38E50 5 Bytes JMP 004D9A90 C:\Program Files\O2CM-CE\O2 Connection Manager\tscui.exe (O2 Connection Manager/O2) .text C:\Program Files\O2CM-CE\O2 Connection Manager\tscui.exe[2408] USER32.dll!GetSysColorBrush 77D38E83 5 Bytes JMP 004D9B00 C:\Program Files\O2CM-CE\O2 Connection Manager\tscui.exe (O2 Connection Manager/O2) .text C:\Program Files\O2CM-CE\O2 Connection Manager\tscui.exe[2408] USER32.dll!SetScrollInfo 77D3902C 7 Bytes JMP 004D9980 C:\Program Files\O2CM-CE\O2 Connection Manager\tscui.exe (O2 Connection Manager/O2) .text C:\Program Files\O2CM-CE\O2 Connection Manager\tscui.exe[2408] USER32.dll!GetScrollPos 77D3F66F 5 Bytes JMP 004D9910 C:\Program Files\O2CM-CE\O2 Connection Manager\tscui.exe (O2 Connection Manager/O2) .text C:\Program Files\O2CM-CE\O2 Connection Manager\tscui.exe[2408] USER32.dll!SetScrollRange 77D3F6BB 5 Bytes JMP 004D9A00 C:\Program Files\O2CM-CE\O2 Connection Manager\tscui.exe (O2 Connection Manager/O2) .text C:\Program Files\O2CM-CE\O2 Connection Manager\tscui.exe[2408] USER32.dll!SetScrollPos 77D3F780 5 Bytes JMP 004D99C0 C:\Program Files\O2CM-CE\O2 Connection Manager\tscui.exe (O2 Connection Manager/O2) .text C:\Program Files\O2CM-CE\O2 Connection Manager\tscui.exe[2408] USER32.dll!GetScrollRange 77D3F7B7 5 Bytes JMP 004D9940 C:\Program Files\O2CM-CE\O2 Connection Manager\tscui.exe (O2 Connection Manager/O2) .text C:\Program Files\O2CM-CE\O2 Connection Manager\tscui.exe[2408] USER32.dll!ShowScrollBar 77D40142 5 Bytes JMP 004D9A50 C:\Program Files\O2CM-CE\O2 Connection Manager\tscui.exe (O2 Connection Manager/O2) .text C:\Program Files\O2CM-CE\O2 Connection Manager\tscui.exe[2408] USER32.dll!GetScrollInfo 77D43A2F 7 Bytes JMP 004D98D0 C:\Program Files\O2CM-CE\O2 Connection Manager\tscui.exe (O2 Connection Manager/O2) .text C:\Program Files\O2CM-CE\O2 Connection Manager\tscui.exe[2408] USER32.dll!EnableScrollBar 77D87BAD 7 Bytes JMP 004D9890 C:\Program Files\O2CM-CE\O2 Connection Manager\tscui.exe (O2 Connection Manager/O2) ---- Devices - GMER 1.0.15 ---- AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 SynTP.sys (Synaptics Touchpad Driver/Synaptics, Inc.) Device \FileSystem\Cdfs \Cdfs DLAIFS_M.SYS (Drive Letter Access Component/Sonic Solutions) ---- EOF - GMER 1.0.15 ----