GMER 2.1.19357 - http://www.gmer.net Rootkit scan 2015-01-12 04:07:40 Windows 5.1.2600 Dodatek Service Pack 3 \Device\Harddisk0\DR0 -> \Device\Scsi\nvgts1Port2Path0Target0Lun0 WDC_WD32 rev.01.0 298,09GB Running: 2jy3d1ju.exe; Driver: C:\DOCUME~1\MCU\USTAWI~1\Temp\fwloiuog.sys ---- Kernel code sections - GMER 2.1 ---- .text C:\WINDOWS\system32\DRIVERS\ati2mtag.sys section is writeable [0xF6A80000, 0x1B606E, 0xE8000020] ---- User code sections - GMER 2.1 ---- .text C:\Program Files\Mozilla Firefox\firefox.exe[2756] ntdll.dll!NtCreateFile 7C90D090 5 Bytes JMP 01949870 C:\Program Files\Mozilla Firefox\xul.dll .text C:\Program Files\Mozilla Firefox\firefox.exe[2756] ntdll.dll!NtFlushBuffersFile 7C90D310 2 Bytes JMP 0163D335 C:\Program Files\Mozilla Firefox\xul.dll .text C:\Program Files\Mozilla Firefox\firefox.exe[2756] ntdll.dll!NtFlushBuffersFile + 3 7C90D313 2 Bytes [D3, 84] .text C:\Program Files\Mozilla Firefox\firefox.exe[2756] ntdll.dll!NtQueryFullAttributesFile 7C90D790 5 Bytes JMP 0163D5B0 C:\Program Files\Mozilla Firefox\xul.dll .text C:\Program Files\Mozilla Firefox\firefox.exe[2756] ntdll.dll!NtReadFile 7C90D9B0 5 Bytes JMP 0163D390 C:\Program Files\Mozilla Firefox\xul.dll .text C:\Program Files\Mozilla Firefox\firefox.exe[2756] ntdll.dll!NtReadFileScatter 7C90D9C0 5 Bytes JMP 022A8330 C:\Program Files\Mozilla Firefox\xul.dll .text C:\Program Files\Mozilla Firefox\firefox.exe[2756] ntdll.dll!NtWriteFile 7C90DF60 5 Bytes JMP 0194A7F0 C:\Program Files\Mozilla Firefox\xul.dll .text C:\Program Files\Mozilla Firefox\firefox.exe[2756] ntdll.dll!NtWriteFileGather 7C90DF70 5 Bytes JMP 022A82DF C:\Program Files\Mozilla Firefox\xul.dll .text C:\Program Files\Mozilla Firefox\firefox.exe[2756] ntdll.dll!LdrLoadDll 7C9163A3 5 Bytes JMP 10001F42 C:\Program Files\Mozilla Firefox\mozglue.dll .text C:\Program Files\Mozilla Firefox\firefox.exe[2756] kernel32.dll!lstrlenW + 43 7C809ADC 7 Bytes JMP 021E9983 C:\Program Files\Mozilla Firefox\xul.dll .text C:\Program Files\Mozilla Firefox\firefox.exe[2756] kernel32.dll!MapViewOfFileEx + 6A 7C80B990 7 Bytes JMP 021E9960 C:\Program Files\Mozilla Firefox\xul.dll .text C:\Program Files\Mozilla Firefox\firefox.exe[2756] kernel32.dll!ValidateLocale + B1E8 7C8449F8 7 Bytes JMP 01946164 C:\Program Files\Mozilla Firefox\xul.dll .text C:\Program Files\Mozilla Firefox\firefox.exe[2756] GDI32.dll!SetDIBitsToDevice + 209 77F19E04 7 Bytes JMP 021E98E1 C:\Program Files\Mozilla Firefox\xul.dll .text C:\Program Files\Mozilla Firefox\firefox.exe[2756] USER32.dll!GetWindowInfo 7E37C49C 5 Bytes JMP 020EB65E C:\Program Files\Mozilla Firefox\xul.dll .text C:\Program Files\Mozilla Firefox\plugin-container.exe[3256] USER32.dll!GetWindowInfo 7E37C49C 5 Bytes JMP 010C2007 C:\Program Files\Mozilla Firefox\xul.dll .text C:\Program Files\Mozilla Firefox\plugin-container.exe[3256] USER32.dll!GetMenuContextHelpId + 1A 7E3B5319 7 Bytes JMP 010BB804 C:\Program Files\Mozilla Firefox\xul.dll .text C:\Program Files\Microsoft Office\Office12\WINWORD.EXE[3512] kernel32.dll!SetUnhandledExceptionFilter 7C8449FD 5 Bytes JMP 32605629 C:\Program Files\Common Files\Microsoft Shared\office12\mso.dll ---- Devices - GMER 2.1 ---- AttachedDevice \Driver\Tcpip \Device\Ip {02fbc4ae-66cc-4219-94c9-1ee6e15d3402}Gt.sys AttachedDevice \Driver\Tcpip \Device\Tcp {02fbc4ae-66cc-4219-94c9-1ee6e15d3402}Gt.sys AttachedDevice \Driver\Tcpip \Device\Udp {02fbc4ae-66cc-4219-94c9-1ee6e15d3402}Gt.sys AttachedDevice \Driver\Tcpip \Device\RawIp {02fbc4ae-66cc-4219-94c9-1ee6e15d3402}Gt.sys ---- Files - GMER 2.1 ---- File C:\Documents and Settings\MCU\Ustawienia lokalne\Dane aplikacji\Mozilla\Firefox\Profiles\1w26g0lb.default\cache2\entries\90A888BD44DB4CCC3B45D773ED739DF261042D2E 76020 bytes File C:\Documents and Settings\MCU\Ustawienia lokalne\Dane aplikacji\Mozilla\Firefox\Profiles\1w26g0lb.default\cache2\entries\3C3349E165C497557128E46C54AAA8C25D0D4D01 14828 bytes File C:\Documents and Settings\MCU\Ustawienia lokalne\Dane aplikacji\Mozilla\Firefox\Profiles\1w26g0lb.default\cache2\entries\356AD67FECDAF925E741F5978891E0088073DF2A 1215 bytes File C:\Documents and Settings\MCU\Ustawienia lokalne\Dane aplikacji\Mozilla\Firefox\Profiles\1w26g0lb.default\cache2\entries\5E653EDCF20FA530E8FAE14F22FE0AB77062EC72 39697 bytes File C:\Documents and Settings\MCU\Ustawienia lokalne\Dane aplikacji\Mozilla\Firefox\Profiles\1w26g0lb.default\cache2\entries\F43E487208E65D5E364A90ECCD78305B40AEFE1E 2293 bytes File C:\Documents and Settings\MCU\Ustawienia lokalne\Dane aplikacji\Mozilla\Firefox\Profiles\1w26g0lb.default\cache2\entries\D6985E4155F1EDB88DDCDB5DF91D1336904EA51B 489 bytes File C:\Documents and Settings\MCU\Ustawienia lokalne\Dane aplikacji\Mozilla\Firefox\Profiles\1w26g0lb.default\cache2\entries\ECAF1B0887893D5A485E712FFA6C443E9D42AA65 4880 bytes File C:\Documents and Settings\MCU\Ustawienia lokalne\Dane aplikacji\Mozilla\Firefox\Profiles\1w26g0lb.default\cache2\entries\39BF1E130C7E12FFF6579D674E3B54E9C2FED930 35409 bytes File C:\Documents and Settings\MCU\Ustawienia lokalne\Dane aplikacji\Mozilla\Firefox\Profiles\1w26g0lb.default\cache2\entries\9A1995CE6B6D484274D78830FB6AA1EF1DCFAB32 1442 bytes File C:\Documents and Settings\MCU\Ustawienia lokalne\Dane aplikacji\Mozilla\Firefox\Profiles\1w26g0lb.default\cache2\entries\A73B2704BD1E667E618DE1DF7A9D0AF039393A58 7710 bytes File C:\Documents and Settings\MCU\Ustawienia lokalne\Dane aplikacji\Mozilla\Firefox\Profiles\1w26g0lb.default\cache2\entries\B3FBA522D0E26BF543D451487F1A40E71CC12C9C 489 bytes File C:\Documents and Settings\MCU\Ustawienia lokalne\Dane aplikacji\Mozilla\Firefox\Profiles\1w26g0lb.default\cache2\entries\A0FB98EEB59A59FBE6A4B4FF83583B4B566FF1D1 555 bytes File C:\Documents and Settings\MCU\Ustawienia lokalne\Dane aplikacji\Mozilla\Firefox\Profiles\1w26g0lb.default\cache2\entries\8A29F93189712541D8AA6375B6F15F918ABA270E 3852 bytes File C:\Documents and Settings\MCU\Ustawienia lokalne\Dane aplikacji\Mozilla\Firefox\Profiles\1w26g0lb.default\cache2\entries\4C0D4A6249C69BE4E2AEFE18722BCF1822F00F5B 1057 bytes File C:\Documents and Settings\MCU\Ustawienia lokalne\Dane aplikacji\Mozilla\Firefox\Profiles\1w26g0lb.default\cache2\entries\CCB5E91138A6356D343B853FB33BC80DE6099262 3885 bytes File C:\Documents and Settings\MCU\Ustawienia lokalne\Dane aplikacji\Mozilla\Firefox\Profiles\1w26g0lb.default\cache2\entries\4EC19FB17ABF7F6CC6FCCF03687DF225CC00697F 13920 bytes File C:\Documents and Settings\MCU\Ustawienia lokalne\Dane aplikacji\Mozilla\Firefox\Profiles\1w26g0lb.default\cache2\entries\1110DFB2E1D51706C9B2344C203C054350041170 568 bytes File C:\Documents and Settings\MCU\Ustawienia lokalne\Dane aplikacji\Mozilla\Firefox\Profiles\1w26g0lb.default\cache2\entries\F7095F9FEF67B41FBA80579390A925F5A1BEA410 8449 bytes File C:\Documents and Settings\MCU\Ustawienia lokalne\Dane aplikacji\Mozilla\Firefox\Profiles\1w26g0lb.default\cache2\entries\24AFB4861ACDE86FC0783691C9CBAC658CE316E0 1533 bytes File C:\Documents and Settings\MCU\Ustawienia lokalne\Dane aplikacji\Mozilla\Firefox\Profiles\1w26g0lb.default\cache2\entries\6AF61E5CDBCCC34D5FB6CDCB3778CE7D4A371A2F 1510 bytes File C:\Documents and Settings\MCU\Ustawienia lokalne\Dane aplikacji\Mozilla\Firefox\Profiles\1w26g0lb.default\cache2\entries\0EAE96EFDCB9AF31E9A88058F5F596147972F1A5 4143 bytes File C:\Documents and Settings\MCU\Ustawienia lokalne\Dane aplikacji\Mozilla\Firefox\Profiles\1w26g0lb.default\cache2\entries\D57B5BD25918D114E2EF0F6F2AA11731F4588501 1239 bytes File C:\Documents and Settings\MCU\Ustawienia lokalne\Dane aplikacji\Mozilla\Firefox\Profiles\1w26g0lb.default\cache2\entries\F0052BEAD1959B32E7573F79D33F9CAD8C9BC5E4 4287 bytes File C:\Documents and Settings\MCU\Ustawienia lokalne\Dane aplikacji\Mozilla\Firefox\Profiles\1w26g0lb.default\cache2\entries\3769483011E8AA51EACE34F8C393E3C1D6D72797 559 bytes File C:\Documents and Settings\MCU\Ustawienia lokalne\Dane aplikacji\Mozilla\Firefox\Profiles\1w26g0lb.default\cache2\entries\5011D21F73A0A780017F2FF1F991F9B3BF63C76F 5031 bytes File C:\Documents and Settings\MCU\Ustawienia lokalne\Dane aplikacji\Mozilla\Firefox\Profiles\1w26g0lb.default\cache2\entries\5021F7984DE6C8F3738FE6CB3CBD66A965A9A5D2 3727 bytes File C:\Documents and Settings\MCU\Ustawienia lokalne\Dane aplikacji\Mozilla\Firefox\Profiles\1w26g0lb.default\cache2\entries\5022D966C2AAB45F908699BE66C366E3A10701FA 731 bytes File C:\Documents and Settings\MCU\Ustawienia lokalne\Dane aplikacji\Mozilla\Firefox\Profiles\1w26g0lb.default\cache2\entries\22050E410422903B16E325CF8A514F6EACF0E764 4187 bytes File C:\Documents and Settings\MCU\Ustawienia lokalne\Dane aplikacji\Mozilla\Firefox\Profiles\1w26g0lb.default\cache2\entries\F577DEFAF8865FF0DC6AD920654CCA2D46DAB216 10489 bytes File C:\Documents and Settings\MCU\Ustawienia lokalne\Dane aplikacji\Mozilla\Firefox\Profiles\1w26g0lb.default\cache2\entries\3EBF17FF6BD53E5A37139E4DEBED48F31AB02F2A 1575 bytes File C:\Documents and Settings\MCU\Ustawienia lokalne\Dane aplikacji\Mozilla\Firefox\Profiles\1w26g0lb.default\cache2\entries\FAE1D3A7EDD7F712781FAA453C8DE423705AFA62 587 bytes File C:\Documents and Settings\MCU\Ustawienia lokalne\Dane aplikacji\Mozilla\Firefox\Profiles\1w26g0lb.default\cache2\entries\82B23642412D1963C5D258FF6760CE3D639F92D0 563 bytes File C:\Documents and Settings\MCU\Ustawienia lokalne\Dane aplikacji\Mozilla\Firefox\Profiles\1w26g0lb.default\cache2\entries\61C7ED6652886EDC210462E105F46392D47498FA 1195 bytes File C:\Documents and Settings\MCU\Ustawienia lokalne\Dane aplikacji\Mozilla\Firefox\Profiles\1w26g0lb.default\cache2\entries\5DD142F8BB109F728D868DC06A953D0BF2C53F7A 11450 bytes File C:\Documents and Settings\MCU\Ustawienia lokalne\Dane aplikacji\Mozilla\Firefox\Profiles\1w26g0lb.default\cache2\entries\2CA5C1859D0456FBDB106B20E8346A640926A8D0 3499 bytes File C:\Documents and Settings\MCU\Ustawienia lokalne\Dane aplikacji\Mozilla\Firefox\Profiles\1w26g0lb.default\cache2\entries\2007AFEAC5FEB7B9E61B6B146526C70F8C686A91 3957 bytes File C:\Documents and Settings\MCU\Ustawienia lokalne\Dane aplikacji\Mozilla\Firefox\Profiles\1w26g0lb.default\cache2\entries\CF2456B231D496120D9EEDAEB50E658D311B7EA2 2187 bytes File C:\Documents and Settings\MCU\Ustawienia lokalne\Dane aplikacji\Mozilla\Firefox\Profiles\1w26g0lb.default\cache2\entries\6EB364A0A7FB62B531F627E974F21960F58A696B 1169 bytes File C:\Documents and Settings\MCU\Ustawienia lokalne\Dane aplikacji\Mozilla\Firefox\Profiles\1w26g0lb.default\cache2\entries\022C636594D5A25C42BCAE40D65711AEF5DA6C25 830 bytes File C:\Documents and Settings\MCU\Ustawienia lokalne\Dane aplikacji\Mozilla\Firefox\Profiles\1w26g0lb.default\cache2\entries\AD0C1589F970C781815FED0103ACF483B6032095 633 bytes File C:\Documents and Settings\MCU\Ustawienia lokalne\Dane aplikacji\Mozilla\Firefox\Profiles\1w26g0lb.default\cache2\entries\6314251D5789A6DE472CB642310EC87B8E947604 519 bytes File C:\Documents and Settings\MCU\Ustawienia lokalne\Dane aplikacji\Mozilla\Firefox\Profiles\1w26g0lb.default\cache2\entries\278F5D68DB79B4174FD422D5BF6EBD287E6BD941 1277 bytes File C:\Documents and Settings\MCU\Ustawienia lokalne\Dane aplikacji\Mozilla\Firefox\Profiles\1w26g0lb.default\cache2\entries\28BE6F4546CF3F144B16182A855B76F2B3C5ABEA 23720 bytes File C:\Documents and Settings\MCU\Ustawienia lokalne\Dane aplikacji\Mozilla\Firefox\Profiles\1w26g0lb.default\cache2\entries\8B661F87062373485B4E7BF2853622E0522922FE 1249 bytes File C:\Documents and Settings\MCU\Ustawienia lokalne\Dane aplikacji\Mozilla\Firefox\Profiles\1w26g0lb.default\cache2\entries\CA54C272955480592C90F30E47491068261E8115 15710 bytes File C:\Documents and Settings\MCU\Ustawienia lokalne\Dane aplikacji\Mozilla\Firefox\Profiles\1w26g0lb.default\cache2\entries\4216A56D2C64B771A6546BD01A4BED85863C44F6 520 bytes File C:\Documents and Settings\MCU\Ustawienia lokalne\Dane aplikacji\Mozilla\Firefox\Profiles\1w26g0lb.default\cache2\entries\EDE3B7A88D65D141E79F158DF1C296B3212F82D7 1240 bytes File C:\Documents and Settings\MCU\Ustawienia lokalne\Dane aplikacji\Mozilla\Firefox\Profiles\1w26g0lb.default\cache2\entries\8DEB7FBFD7226B7FD1B78E69B28FB593010FF2EE 10416 bytes File C:\Documents and Settings\MCU\Ustawienia lokalne\Dane aplikacji\Mozilla\Firefox\Profiles\1w26g0lb.default\cache2\entries\209FD61A1C2F3CD2CADFBEBFF2A56D945BD5B454 17303 bytes File C:\Documents and Settings\MCU\Ustawienia lokalne\Dane aplikacji\Mozilla\Firefox\Profiles\1w26g0lb.default\cache2\entries\44038CF0AE367246CD99692D6D5CE8218BF08A08 489 bytes File C:\Documents and Settings\MCU\Ustawienia lokalne\Dane aplikacji\Mozilla\Firefox\Profiles\1w26g0lb.default\cache2\entries\1866E17145188424B40C441061215C2144377766 531 bytes File C:\Documents and Settings\MCU\Ustawienia lokalne\Dane aplikacji\Mozilla\Firefox\Profiles\1w26g0lb.default\cache2\entries\8663096DD667BE795AC168684EA2E9099D4BBE0D 30802 bytes File C:\Documents and Settings\MCU\Ustawienia lokalne\Dane aplikacji\Mozilla\Firefox\Profiles\1w26g0lb.default\cache2\entries\A4BF0B35989460570110ECDAD490CA34AE2ADB01 4146 bytes File C:\Documents and Settings\MCU\Ustawienia lokalne\Dane aplikacji\Mozilla\Firefox\Profiles\1w26g0lb.default\cache2\entries\7509651AC379328A10A0FD11929383BEB7596C0D 4011 bytes File C:\Documents and Settings\MCU\Ustawienia lokalne\Dane aplikacji\Mozilla\Firefox\Profiles\1w26g0lb.default\cache2\entries\64AB751E40BD914B0F0CC07BD9C33F1DF0D809D2 32791 bytes File C:\Documents and Settings\MCU\Ustawienia lokalne\Dane aplikacji\Mozilla\Firefox\Profiles\1w26g0lb.default\cache2\entries\58A8D5D32E02A2A3A43F42A7A7527B66C650C8D1 4412 bytes File C:\Documents and Settings\MCU\Ustawienia lokalne\Dane aplikacji\Mozilla\Firefox\Profiles\1w26g0lb.default\cache2\entries\84ECFBCD6249050DF5FAE169A1E61A84084E9248 900 bytes File C:\Documents and Settings\MCU\Ustawienia lokalne\Dane aplikacji\Mozilla\Firefox\Profiles\1w26g0lb.default\cache2\entries\E76FC3E5C3375082C8F09AF97DE66F625F8597D3 1226 bytes File C:\Documents and Settings\MCU\Ustawienia lokalne\Dane aplikacji\Mozilla\Firefox\Profiles\1w26g0lb.default\cache2\entries\25E7557D351526E6E9A6C9B70E414C1235CE903E 1234 bytes File C:\Documents and Settings\MCU\Ustawienia lokalne\Dane aplikacji\Mozilla\Firefox\Profiles\1w26g0lb.default\cache2\entries\476DAE8A45E4A0EFF4160B1F7B2B137F5314A87E 1697 bytes File C:\Documents and Settings\MCU\Ustawienia lokalne\Dane aplikacji\Mozilla\Firefox\Profiles\1w26g0lb.default\cache2\entries\CCC6075C9F0A87C7AB4C2B694B771F632DA4C0D9 1194 bytes File C:\Documents and Settings\MCU\Ustawienia lokalne\Dane aplikacji\Mozilla\Firefox\Profiles\1w26g0lb.default\cache2\entries\691CF7889C90340F29B672E211B4117310D72BBE 1245 bytes File C:\Documents and Settings\MCU\Ustawienia lokalne\Dane aplikacji\Mozilla\Firefox\Profiles\1w26g0lb.default\cache2\entries\C7EBECD499550AAC9CEA9C3508D255CFDC215896 929 bytes File C:\Documents and Settings\MCU\Ustawienia lokalne\Dane aplikacji\Mozilla\Firefox\Profiles\1w26g0lb.default\cache2\entries\E6F800A18732213C8396CB9DF341AEE5B26159A4 4755 bytes File C:\Documents and Settings\MCU\Ustawienia lokalne\Dane aplikacji\Mozilla\Firefox\Profiles\1w26g0lb.default\cache2\entries\A55495E2F7DDC943033B9458EE4E7BA01DA7EF29 7321 bytes File C:\Documents and Settings\MCU\Ustawienia lokalne\Dane aplikacji\Mozilla\Firefox\Profiles\1w26g0lb.default\cache2\entries\BFB264178CA595930C83A6A558B2634DF372F936 7173 bytes File C:\Documents and Settings\MCU\Ustawienia lokalne\Dane aplikacji\Mozilla\Firefox\Profiles\1w26g0lb.default\cache2\entries\0CDB93C34D8FA0D66A9541CD6309BAB8C27201D8 4988 bytes File C:\Documents and Settings\MCU\Ustawienia lokalne\Dane aplikacji\Mozilla\Firefox\Profiles\1w26g0lb.default\cache2\entries\02C7FE39616D7B515DC6B46C2755022E07F14A70 4268 bytes File C:\Documents and Settings\MCU\Ustawienia lokalne\Dane aplikacji\Mozilla\Firefox\Profiles\1w26g0lb.default\cache2\entries\D759A051CD32C125469701AD35FF0C39E61897C9 804 bytes File C:\Documents and Settings\MCU\Ustawienia lokalne\Dane aplikacji\Mozilla\Firefox\Profiles\1w26g0lb.default\cache2\entries\D65B33BBD3C8C65C4D2BBB560AEBF07E9244D54F 3987 bytes File C:\Documents and Settings\MCU\Ustawienia lokalne\Dane aplikacji\Mozilla\Firefox\Profiles\1w26g0lb.default\cache2\entries\8F1D6557C5E84528027CF67E5E7064DD3F1A6C19 2766 bytes File C:\Documents and Settings\MCU\Ustawienia lokalne\Dane aplikacji\Mozilla\Firefox\Profiles\1w26g0lb.default\cache2\entries\A502F504BCB8E8AE16EF30AF6A4FAAAA1D6274E2 9087 bytes File C:\Documents and Settings\MCU\Ustawienia lokalne\Dane aplikacji\Mozilla\Firefox\Profiles\1w26g0lb.default\cache2\entries\8D2A588D4473A8A6131A694C5ED318029A4D42C8 489 bytes File C:\Documents and Settings\MCU\Ustawienia lokalne\Dane aplikacji\Mozilla\Firefox\Profiles\1w26g0lb.default\cache2\entries\989E32BEF21D67E69925321CC611A4167C167F74 4142 bytes File C:\Documents and Settings\MCU\Ustawienia lokalne\Dane aplikacji\Mozilla\Firefox\Profiles\1w26g0lb.default\cache2\entries\0E18CA650732DF2656ABD3A3B85EEDEFA7939A97 489 bytes ---- EOF - GMER 2.1 ----