GMER 2.1.19357 - http://www.gmer.net
Rootkit scan 2014-03-07 13:08:54
Windows 6.2.9200  x64 \Device\Harddisk0\DR0 -> \Device\00000034 ST500LT012-9WS142 rev.0001YAM1 465,76GB
Running: 23w6h0nx.exe; Driver: C:\Users\Joanna\AppData\Local\Temp\pglorpow.sys


---- Kernel code sections - GMER 2.1 ----

.text   C:\Windows\System32\win32k.sys!W32pServiceTable                                                                fffff9600008d100 7 bytes [40, 4F, 82, 01, 00, 51, F2]
.text   C:\Windows\System32\win32k.sys!W32pServiceTable + 8                                                            fffff9600008d108 7 bytes [01, 15, C0, FF, 00, 12, DB]

---- User code sections - GMER 2.1 ----

.text   C:\Windows\Explorer.EXE[3240] C:\Windows\system32\WS2_32.dll!getsockname                                       000007f91e0d2f40 6 bytes {JMP QWORD [RIP-0x7fee2ede]}
.text   C:\Windows\Explorer.EXE[3240] C:\Windows\system32\WS2_32.dll!connect + 1                                       000007f91e0d4941 5 bytes {JMP QWORD [RIP-0x7fef490e]}
.text   C:\Windows\Explorer.EXE[3240] C:\Windows\system32\WS2_32.dll!getpeername                                       000007f91e0e60c0 6 bytes {JMP QWORD [RIP-0x7fef602e]}
.text   C:\Windows\Explorer.EXE[3240] C:\Windows\system32\WS2_32.dll!WSAConnect                                        000007f91e0e76e0 6 bytes {JMP QWORD [RIP-0x7fef76ae]}
.text   C:\Program Files\ESET\ESET Smart Security\egui.exe[4012] C:\Windows\system32\WS2_32.dll!getsockname            000007f91e0d2f40 6 bytes {JMP QWORD [RIP-0x7fee2ede]}
.text   C:\Program Files\ESET\ESET Smart Security\egui.exe[4012] C:\Windows\system32\WS2_32.dll!connect + 1            000007f91e0d4941 5 bytes {JMP QWORD [RIP-0x7fef490e]}
.text   C:\Program Files\ESET\ESET Smart Security\egui.exe[4012] C:\Windows\system32\WS2_32.dll!getpeername            000007f91e0e60c0 6 bytes {JMP QWORD [RIP-0x7fef602e]}
.text   C:\Program Files\ESET\ESET Smart Security\egui.exe[4012] C:\Windows\system32\WS2_32.dll!WSAConnect             000007f91e0e76e0 6 bytes {JMP QWORD [RIP-0x7fef76ae]}
.text   C:\Program Files\ESET\ESET Smart Security\egui.exe[4012] C:\Windows\SYSTEM32\msimg32.dll!GradientFill + 690    000007f919ae1532 4 bytes [AE, 19, F9, 07]
.text   C:\Program Files\ESET\ESET Smart Security\egui.exe[4012] C:\Windows\SYSTEM32\msimg32.dll!GradientFill + 698    000007f919ae153a 4 bytes [AE, 19, F9, 07]
.text   C:\Program Files\ESET\ESET Smart Security\egui.exe[4012] C:\Windows\SYSTEM32\msimg32.dll!TransparentBlt + 246  000007f919ae165a 4 bytes [AE, 19, F9, 07]

---- Threads - GMER 2.1 ----

Thread  System [4:3228]                                                                                                fffffa8007f7c4d0
Thread  C:\Windows\system32\csrss.exe [668:676]                                                                        fffff960009885e8

---- Disk sectors - GMER 2.1 ----

Disk    \Device\Harddisk0\DR0                                                                                          unknown MBR code

---- EOF - GMER 2.1 ----