GMER 2.2.19882 - httpwww.gmer.net Rootkit scan 2016-12-21 141532 Windows 5.1.2600 Dodatek Service Pack 3 DeviceHarddisk0DR0 - DeviceIdeIAAStorageDevice-0 Hitachi_ rev.SBDO 111,79GB Running gmer.exe; Driver CDOCUME~1ADMINI~1USTAWI~1Temppgliqpoc.sys ---- User code sections - GMER 2.2 ---- ÒuÛŠëÔÿÿÿÿwinlogonentry point in ÒuÛŠëÔÿÿÿÿwinlogonentry point in section [0x0043071E] CDocuments and SettingsAdministratorUstawienia lokalneDane aplikacjiwinlogon.exe[428] CDocuments and SettingsAdministratorUstawienia lokalneDane aplikacjiwinlogon.exe entry point in ÒuÛŠëÔÿÿÿÿwinlogonentry point in section [0x0043071E] ÒuÛŠëÔÿÿÿÿwinlogonunknown last code section [0x00426000, 0x19000, 0xC00000E0] CDocuments and SettingsAdministratorUstawienia lokalneDane aplikacjiwinlogon.exe[428] CDocuments and SettingsAdministratorUstawienia lokalneDane aplikacjiwinlogon.exe unknown last code section [0x00426000, 0x19000, 0xC00000E0] ÒuÛŠëÔÿÿÿÿwinlogonentry point in ÒuÛŠëÔÿÿÿÿwinlogonentry point in section [0x0043071E] CDocuments and SettingsAdministratorUstawienia lokalneDane aplikacjiwinlogon.exe[436] CDocuments and SettingsAdministratorUstawienia lokalneDane aplikacjiwinlogon.exe entry point in ÒuÛŠëÔÿÿÿÿwinlogonentry point in section [0x0043071E] ÒuÛŠëÔÿÿÿÿwinlogonunknown last code section [0x00426000, 0x19000, 0xC00000E0] CDocuments and SettingsAdministratorUstawienia lokalneDane aplikacjiwinlogon.exe[436] CDocuments and SettingsAdministratorUstawienia lokalneDane aplikacjiwinlogon.exe unknown last code section [0x00426000, 0x19000, 0xC00000E0] ÒuÛŠëÔÿÿÿÿservicesentry point in ÒuÛŠëÔÿÿÿÿservicesentry point in section [0x0043071E] CDocuments and SettingsAdministratorUstawienia lokalneDane aplikacjiservices.exe[1152] CDocuments and SettingsAdministratorUstawienia lokalneDane aplikacjiservices.exe entry point in ÒuÛŠëÔÿÿÿÿservicesentry point in section [0x0043071E] ÒuÛŠëÔÿÿÿÿservicesunknown last code section [0x00426000, 0x19000, 0xC00000E0] CDocuments and SettingsAdministratorUstawienia lokalneDane aplikacjiservices.exe[1152] CDocuments and SettingsAdministratorUstawienia lokalneDane aplikacjiservices.exe unknown last code section [0x00426000, 0x19000, 0xC00000E0] ÒuÛŠëÔÿÿÿÿservicesentry point in ÒuÛŠëÔÿÿÿÿservicesentry point in section [0x0043071E] CDocuments and SettingsAdministratorUstawienia lokalneDane aplikacjiservices.exe[1160] CDocuments and SettingsAdministratorUstawienia lokalneDane aplikacjiservices.exe entry point in ÒuÛŠëÔÿÿÿÿservicesentry point in section [0x0043071E] ÒuÛŠëÔÿÿÿÿservicesunknown last code section [0x00426000, 0x19000, 0xC00000E0] CDocuments and SettingsAdministratorUstawienia lokalneDane aplikacjiservices.exe[1160] CDocuments and SettingsAdministratorUstawienia lokalneDane aplikacjiservices.exe unknown last code section [0x00426000, 0x19000, 0xC00000E0] .text CProgram FilesMozilla Firefoxfirefox.exe[1500] ntdll.dll!LdrLoadDll 7C9163A3 5 Bytes JMP 10008230 CProgram FilesMozilla Firefoxmozglue.dll .text CProgram FilesMozilla Firefoxfirefox.exe[1500] kernel32.dll!lstrlenW + 43 7C809ADC 7 Bytes JMP 01A9EBE6 CProgram FilesMozilla Firefoxxul.dll .text CProgram FilesMozilla Firefoxfirefox.exe[1500] kernel32.dll!MapViewOfFileEx + 6A 7C80B990 7 Bytes JMP 01A9DD1D CProgram FilesMozilla Firefoxxul.dll .text CProgram FilesMozilla Firefoxfirefox.exe[1500] kernel32.dll!ValidateLocale + B1E8 7C8449F8 7 Bytes JMP 017A2853 CProgram FilesMozilla Firefoxxul.dll .text CProgram FilesMozilla Firefoxfirefox.exe[1500] GDI32.dll!SetDIBitsToDevice + 209 77F19E04 7 Bytes JMP 01A9D5D4 CProgram FilesMozilla Firefoxxul.dll .text CProgram FilesMozilla Firefoxfirefox.exe[1500] USER32.dll!GetWindowInfo 7E37C49C 5 Bytes JMP 02718648 CProgram FilesMozilla Firefoxxul.dll .text CProgram FilesMozilla Firefoxfirefox.exe[1500] USER32.dll!CreateWindowExW 7E37D0A3 5 Bytes JMP 01758839 CProgram FilesMozilla Firefoxxul.dll .text CProgram FilesMozilla Firefoxfirefox.exe[1500] USER32.dll!CreateWindowExA 7E37E4A9 5 Bytes JMP 01C211A3 CProgram FilesMozilla Firefoxxul.dll ---- Devices - GMER 2.2 ---- AttachedDevice DriverKbdclass DeviceKeyboardClass0 SynTP.sys AttachedDevice DriverKbdclass DeviceKeyboardClass1 SynTP.sys Device FileSystemFastfat Fat A1A82D20 ---- EOF - GMER 2.2 ----