GMER 1.0.15.15281 - http://www.gmer.net
Rootkit scan 2010-06-23 17:55:35
Windows 5.1.2600 Service Pack 3
Running: gmer.exe; Driver: C:\DOCUME~1\Barbara\LOCALS~1\Temp\fxtdipog.sys


---- System - GMER 1.0.15 ----

SSDT            \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS (SASKUTIL.SYS/SUPERAdBlocker.com and SUPERAntiSpyware.com)  ZwTerminateProcess [0xF6B96620]

Code            84ACB950                                                                                                       ZwCreateSection
Code            84AC7A98                                                                                                       ZwDuplicateObject
Code            84ACB820                                                                                                       ZwSetInformationFile
Code            84A9FEE8                                                                                                       ZwSetSystemInformation
Code            84B9D628                                                                                                       ZwWriteFile
Code            84ACB94F                                                                                                       NtCreateSection
Code            84AC7A97                                                                                                       NtDuplicateObject
Code            84ACB81F                                                                                                       NtSetInformationFile
Code            84B9D627                                                                                                       NtWriteFile

---- Kernel code sections - GMER 1.0.15 ----

PAGE            ntkrnlpa.exe!IoGetBootDiskInformation + 66F                                                                    8056BB79 7 Bytes  JMP 84B3E5AC 
PAGE            ntkrnlpa.exe!NtSetInformationFile                                                                              805702F6 5 Bytes  JMP 84ACB824 
PAGE            ntkrnlpa.exe!NtWriteFile                                                                                       805722BA 7 Bytes  JMP 84B9D62C 
PAGE            ntkrnlpa.exe!NtCreateSection                                                                                   805A075C 7 Bytes  JMP 84ACB954 
PAGE            ntkrnlpa.exe!ObCloseHandle + 17                                                                                805B1CB5 7 Bytes  JMP 84B7AEEC 
PAGE            ntkrnlpa.exe!NtDuplicateObject                                                                                 805B38CE 7 Bytes  JMP 84AC7A9C 
PAGE            ntkrnlpa.exe!ZwSetSystemInformation                                                                            80605F20 5 Bytes  JMP 84A9FEEC 
PAGE            Fastfat.SYS                                                                                                    F69E29C8 7 Bytes  JMP 84AC7BCC 

---- User code sections - GMER 1.0.15 ----

.text           C:\Program Files\Mozilla Firefox\firefox.exe[2704] ntdll.dll!LdrLoadDll                                        7C9163C3 5 Bytes  JMP 004013F0 C:\Program Files\Mozilla Firefox\firefox.exe (Firefox/Mozilla Corporation)

---- Devices - GMER 1.0.15 ----

Device          \FileSystem\Fastfat \FatCdrom Code                                                                             84AC7BC8

AttachedDevice  \Driver\Tcpip \Device\Ip                                                                                       rp_skt32.sys (Radialpoint Filter/Radialpoint Inc.)
AttachedDevice  \Driver\Tcpip \Device\Tcp                                                                                      rp_skt32.sys (Radialpoint Filter/Radialpoint Inc.)
AttachedDevice  \Driver\Tcpip \Device\Udp                                                                                      rp_skt32.sys (Radialpoint Filter/Radialpoint Inc.)
AttachedDevice  \Driver\Tcpip \Device\RawIp                                                                                    rp_skt32.sys (Radialpoint Filter/Radialpoint Inc.)

Device          \FileSystem\Fastfat \Fat Code                                                                                  84AC7BC8

AttachedDevice  \FileSystem\Fastfat \Fat                                                                                       fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)

---- Files - GMER 1.0.15 ----

File            C:\WINDOWS\Temp\Perflib_Perfdata_e24.dat                                                                       16384 bytes

---- EOF - GMER 1.0.15 ----