GMER 2.1.19155 - http://www.gmer.net Rootkit scan 2013-04-02 13:11:16 Windows 5.1.2600 Dodatek Service Pack 3 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T0L0-e ST380815AS rev.4.AAB 74,53GB Running: 9mq3hzv6.exe; Driver: C:\DOCUME~1\oem\USTAWI~1\Temp\kwpcifob.sys ---- User code sections - GMER 2.1 ---- .text C:\Program Files\Gadu-Gadu 10\gg.exe[636] USER32.dll!BeginPaint 7E378FE9 5 Bytes JMP 01E791E0 C:\Program Files\Gadu-Gadu 10\QtWebKit4.dll .text C:\Program Files\Gadu-Gadu 10\gg.exe[636] USER32.dll!EndPaint 7E378FFD 5 Bytes JMP 01E79250 C:\Program Files\Gadu-Gadu 10\QtWebKit4.dll .text C:\Program Files\Mozilla Firefox\firefox.exe[1484] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 0154D180 C:\Program Files\Mozilla Firefox\xul.dll .text C:\Program Files\Mozilla Firefox\firefox.exe[1484] kernel32.dll!lstrlenW + 43 7C809AEC 7 Bytes JMP 01896B9C C:\Program Files\Mozilla Firefox\xul.dll .text C:\Program Files\Mozilla Firefox\firefox.exe[1484] kernel32.dll!MapViewOfFileEx + 6A 7C80B9A0 7 Bytes JMP 01896B79 C:\Program Files\Mozilla Firefox\xul.dll .text C:\Program Files\Mozilla Firefox\firefox.exe[1484] kernel32.dll!ValidateLocale + B1C8 7C8449C8 7 Bytes JMP 0155F84B C:\Program Files\Mozilla Firefox\xul.dll .text C:\Program Files\Mozilla Firefox\firefox.exe[1484] GDI32.dll!SetDIBitsToDevice + 20A 77F19E14 7 Bytes JMP 01896AFA C:\Program Files\Mozilla Firefox\xul.dll ---- Registry - GMER 2.1 ---- Reg HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Epoch@Epoch 221417 Reg HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{512B356C-B6DA-4E77-8184-798378AC3B94}@DhcpRetryStatus 0 ---- EOF - GMER 2.1 ----