GMER 2.2.19882 - http://www.gmer.net Rootkit scan 2017-04-20 09:30:46 Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk1\DR1 -> \Device\Ide\IAAStorageDevice-2 WDC_WD32 rev.12.0 298,09GB Running: gmer.exe; Driver: C:\Users\Gracjan\AppData\Local\Temp\pgddqpoc.sys ---- User code sections - GMER 2.2 ---- .text C:\Windows\Explorer.EXE[1800] C:\Windows\system32\ws2_32.dll!connect + 1 000007fefda742f1 5 bytes {JMP QWORD [RIP-0x7fef42be]} .text C:\Windows\Explorer.EXE[1800] C:\Windows\system32\ws2_32.dll!getsockname 000007fefda79150 6 bytes {JMP QWORD [RIP-0x7fed90e6]} .text C:\Windows\Explorer.EXE[1800] C:\Windows\system32\ws2_32.dll!WSAConnect 000007fefda9e080 6 bytes {JMP QWORD [RIP-0x7fefe04e]} .text C:\Windows\Explorer.EXE[1800] C:\Windows\system32\ws2_32.dll!getpeername 000007fefda9e3e0 6 bytes {JMP QWORD [RIP-0x7fefe33e]} ---- EOF - GMER 2.2 ----