GMER 1.0.15.15570 - http://www.gmer.net
Rootkit scan 2011-04-13 09:07:08
Windows 5.1.2600 Service Pack 3 Harddisk1\DR1 -> \Device\Ide\IdeDeviceP3T0L0-13 WDC_WD1500ADFD-00NLR1 rev.20.07P20
Running: gmer.exe; Driver: C:\DOCUME~1\user\LOCALS~1\Temp\uxtyrpod.sys


---- System - GMER 1.0.15 ----

SSDT            Lbd.sys (Boot Driver/Lavasoft AB)                                                     ZwCreateKey [0xF766787E]
SSDT            Lbd.sys (Boot Driver/Lavasoft AB)                                                     ZwSetValueKey [0xF7667BFE]

---- Kernel code sections - GMER 1.0.15 ----

.text           C:\WINDOWS\system32\DRIVERS\nv4_mini.sys                                              section is writeable [0xB7D683A0, 0x592C35, 0xE8000020]

---- User code sections - GMER 1.0.15 ----

.text           C:\Program Files\Maxthon2\Maxthon.exe[5728] kernel32.dll!CreateFileA                  7C801A28 5 Bytes  JMP 02F41A00 C:\Program Files\Maxthon2\Modules\MxSandBox\MxSec.dll (MxSec/Maxthon International ltd.)
.text           C:\Program Files\Maxthon2\Maxthon.exe[5728] kernel32.dll!LoadLibraryExW               7C801AF5 7 Bytes  JMP 02002C4B C:\Program Files\Maxthon2\MxCrashCatch.dll (MxCrashCatch/Maxthon International ltd.)
.text           C:\Program Files\Maxthon2\Maxthon.exe[5728] kernel32.dll!ExitThread                   7C80C0F8 7 Bytes  JMP 050012A0 C:\Program Files\Maxthon2\Modules\MxMute\MxMute.dll (MxMute/Maxthon International ltd.)
.text           C:\Program Files\Maxthon2\Maxthon.exe[5728] kernel32.dll!CreateFileW                  7C810800 5 Bytes  JMP 02F45FE0 C:\Program Files\Maxthon2\Modules\MxSandBox\MxSec.dll (MxSec/Maxthon International ltd.)
.text           C:\Program Files\Maxthon2\Maxthon.exe[5728] kernel32.dll!SetUnhandledExceptionFilter  7C84495D 5 Bytes  [33, C0, C2, 04, 00] {XOR EAX, EAX; RET 0x4}
.text           C:\Program Files\Maxthon2\Maxthon.exe[5728] WININET.dll!CommitUrlCacheEntryA          3D940F78 5 Bytes  JMP 02F41940 C:\Program Files\Maxthon2\Modules\MxSandBox\MxSec.dll (MxSec/Maxthon International ltd.)
.text           C:\Program Files\Maxthon2\Maxthon.exe[5728] WININET.dll!HttpOpenRequestA              3D94D508 5 Bytes  JMP 02F418C0 C:\Program Files\Maxthon2\Modules\MxSandBox\MxSec.dll (MxSec/Maxthon International ltd.)
.text           C:\Program Files\Maxthon2\Maxthon.exe[5728] ADVAPI32.dll!RegCloseKey                  77DD6C27 5 Bytes  JMP 004E77D5 C:\Program Files\Maxthon2\Maxthon.exe (Maxthon Browser/Maxthon International ltd.)
.text           C:\Program Files\Maxthon2\Maxthon.exe[5728] ADVAPI32.dll!RegOpenKeyExA                77DD7852 5 Bytes  JMP 004E780E C:\Program Files\Maxthon2\Maxthon.exe (Maxthon Browser/Maxthon International ltd.)
.text           C:\Program Files\Maxthon2\Maxthon.exe[5728] ADVAPI32.dll!RegEnumValueA                77DF9BBF 5 Bytes  JMP 004E78E6 C:\Program Files\Maxthon2\Maxthon.exe (Maxthon Browser/Maxthon International ltd.)
.text           C:\Program Files\Maxthon2\Maxthon.exe[5728] USER32.dll!MessageBoxA                    7E4507EA 5 Bytes  JMP 02F44D40 C:\Program Files\Maxthon2\Modules\MxSandBox\MxSec.dll (MxSec/Maxthon International ltd.)

---- Devices - GMER 1.0.15 ----

Device                                                                                                Ntfs.sys (NT File System Driver/Microsoft Corporation)
Device                                                                                                Fastfat.SYS (Fast FAT File System Driver/Microsoft Corporation)
Device                                                                                                Udfs.SYS (UDF File System Driver/Microsoft Corporation)
Device                                                                                                mrxsmb.sys (Windows NT SMB Minirdr/Microsoft Corporation)

AttachedDevice                                                                                        fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)

---- EOF - GMER 1.0.15 ----