GMER 2.1.19357 - http://www.gmer.net
Rootkit scan 2016-02-20 20:04:52
Windows 5.1.2600 Dodatek Service Pack 2 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3 WDC_WD800BB-00JHC0 rev.05.01C05 74,53GB
Running: gfp8w99m.exe; Driver: C:\DOCUME~1\Krysia\USTAWI~1\Temp\fxldqpoc.sys


---- User code sections - GMER 2.1 ----

.text           C:\Program Files\Mozilla Firefox\firefox.exe[2228] ntdll.dll!RtlAllocateHeap + 270                                                                                    7C910844 7 Bytes  JMP 00414AAE C:\Program Files\Mozilla Firefox\firefox.exe
.text           C:\Program Files\Mozilla Firefox\firefox.exe[2228] ntdll.dll!LdrLoadDll                                                                                               7C9161CA 5 Bytes  JMP 1000A784 C:\Program Files\Mozilla Firefox\mozglue.dll
.text           C:\Program Files\Mozilla Firefox\firefox.exe[2228] kernel32.dll!lstrlenW + 43                                                                                         7C809A7C 7 Bytes  JMP 017F5ABC C:\Program Files\Mozilla Firefox\xul.dll
.text           C:\Program Files\Mozilla Firefox\firefox.exe[2228] kernel32.dll!MapViewOfFileEx + 6A                                                                                  7C80B788 7 Bytes  JMP 017F50C2 C:\Program Files\Mozilla Firefox\xul.dll
.text           C:\Program Files\Mozilla Firefox\firefox.exe[2228] kernel32.dll!lstrcpyn + 70                                                                                         7C810381 7 Bytes  JMP 01565747 C:\Program Files\Mozilla Firefox\xul.dll
.text           C:\Program Files\Mozilla Firefox\firefox.exe[2228] USER32.dll!GetWindowInfo                                                                                           77D3F122 5 Bytes  JMP 02303F44 C:\Program Files\Mozilla Firefox\xul.dll
.text           C:\Program Files\Mozilla Firefox\firefox.exe[2228] USER32.dll!CreateWindowExA                                                                                         77D4190B 1 Byte  [E9]
.text           C:\Program Files\Mozilla Firefox\firefox.exe[2228] USER32.dll!CreateWindowExA                                                                                         77D4190B 5 Bytes  JMP 018DB40F C:\Program Files\Mozilla Firefox\xul.dll
.text           C:\Program Files\Mozilla Firefox\firefox.exe[2228] USER32.dll!CreateWindowExW                                                                                         77D41AD5 5 Bytes  JMP 015432C7 C:\Program Files\Mozilla Firefox\xul.dll
.text           C:\Program Files\Mozilla Firefox\firefox.exe[2228] GDI32.dll!SetWindowOrgEx + 15E                                                                                     77F1960B 7 Bytes  JMP 017F49EB C:\Program Files\Mozilla Firefox\xul.dll

---- Devices - GMER 2.1 ----

AttachedDevice  \Driver\Tcpip \Device\Tcp                                                                                                                                             tcpipBM.sys

---- Registry - GMER 2.1 ----

Reg             HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Epoch@Epoch                                                                                                       5384
Reg             HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{A3C13897-26F9-4187-8642-9A7AA4DE0A12}@DhcpIPAddress                                               100.77.142.142

---- Files - GMER 2.1 ----

File            C:\Documents and Settings\Krysia\Ustawienia lokalne\Dane aplikacji\Mozilla\Firefox\Profiles\ablnsgky.default\cache2\entries\2CF76C927D9378126B04B91975ACC31D015ADB38  898 bytes
File            C:\Documents and Settings\Krysia\Ustawienia lokalne\Dane aplikacji\Mozilla\Firefox\Profiles\ablnsgky.default\cache2\entries\03A54A0CFD2029092BC5DB3462FB7A7764BA0DB9  650 bytes
File            C:\Documents and Settings\Krysia\Ustawienia lokalne\Dane aplikacji\Mozilla\Firefox\Profiles\ablnsgky.default\cache2\entries\830AFD234F1D71FA01E5E081EEE81D9A30B452A0  21656 bytes
File            C:\Documents and Settings\Krysia\Ustawienia lokalne\Dane aplikacji\Mozilla\Firefox\Profiles\ablnsgky.default\cache2\entries\60F9628A57201EAADCD9A094519C35D5DD3BDBBC  880 bytes
File            C:\Documents and Settings\Krysia\Ustawienia lokalne\Dane aplikacji\Mozilla\Firefox\Profiles\ablnsgky.default\cache2\entries\D35113A22F175B4478CEA0A97AC0BF6FA712964D  881 bytes
File            C:\Documents and Settings\Krysia\Ustawienia lokalne\Dane aplikacji\Mozilla\Firefox\Profiles\ablnsgky.default\cache2\entries\BC5C8CD0914A1CDA3FB6D811F8390918552E3C6E  1137 bytes
File            C:\Documents and Settings\Krysia\Ustawienia lokalne\Dane aplikacji\Mozilla\Firefox\Profiles\ablnsgky.default\cache2\entries\682D94E1D3E123096A56321FF2FFBEF3C8B15795  1820 bytes
File            C:\Documents and Settings\Krysia\Ustawienia lokalne\Dane aplikacji\Mozilla\Firefox\Profiles\ablnsgky.default\cache2\entries\828ED27227BF9F8205C0761D1911C253ADA7EBEC  1003 bytes
File            C:\Documents and Settings\Krysia\Ustawienia lokalne\Dane aplikacji\Mozilla\Firefox\Profiles\ablnsgky.default\cache2\entries\FBF2D491585D0919268B45366C7F5A502A912A1A  9107 bytes
File            C:\Documents and Settings\Krysia\Ustawienia lokalne\Dane aplikacji\Mozilla\Firefox\Profiles\ablnsgky.default\cache2\entries\EB2F31848E09EC19EC3EE112EBD0CA2BB218D969  879 bytes
File            C:\Documents and Settings\Krysia\Ustawienia lokalne\Dane aplikacji\Mozilla\Firefox\Profiles\ablnsgky.default\cache2\entries\14EF70809AF7C491A63583B8232196EE7E11C2E5  4214 bytes
File            C:\Documents and Settings\Krysia\Ustawienia lokalne\Dane aplikacji\Mozilla\Firefox\Profiles\ablnsgky.default\cache2\entries\640FB1F580B79BB0FBB71BDF0A9A07A882856954  4033 bytes
File            C:\Documents and Settings\Krysia\Ustawienia lokalne\Dane aplikacji\Mozilla\Firefox\Profiles\ablnsgky.default\cache2\entries\28F3311C87DEB1D0DBB1A4100C856B1275538FCC  44413 bytes
File            C:\Documents and Settings\Krysia\Ustawienia lokalne\Dane aplikacji\Mozilla\Firefox\Profiles\ablnsgky.default\cache2\entries\92261EA019CAA2CE5A7C80F926B481E8CE81400B  571 bytes
File            C:\Documents and Settings\Krysia\Ustawienia lokalne\Dane aplikacji\Mozilla\Firefox\Profiles\ablnsgky.default\cache2\entries\D61A87E51006810188DC99AA13D6CF21AAD6AD98  900 bytes
File            C:\Documents and Settings\Krysia\Ustawienia lokalne\Dane aplikacji\Mozilla\Firefox\Profiles\ablnsgky.default\cache2\entries\12520838F3EADB761BAC1B501C02C30503637341  880 bytes
File            C:\Documents and Settings\Krysia\Ustawienia lokalne\Dane aplikacji\Mozilla\Firefox\Profiles\ablnsgky.default\cache2\entries\AD0E8FF2CB9AB041B4BB0C03BBB2DCE30566F017  627 bytes
File            C:\Documents and Settings\Krysia\Ustawienia lokalne\Dane aplikacji\Mozilla\Firefox\Profiles\ablnsgky.default\cache2\entries\E5D7F46CF2DA9E0DB70D9795F3FFC3145E8FB526  868 bytes
File            C:\Documents and Settings\Krysia\Ustawienia lokalne\Dane aplikacji\Mozilla\Firefox\Profiles\ablnsgky.default\cache2\entries\D425DC27313F80C1FBDFBBC9D325AB8EE2289C7A  28580 bytes
File            C:\Documents and Settings\Krysia\Ustawienia lokalne\Dane aplikacji\Mozilla\Firefox\Profiles\ablnsgky.default\cache2\entries\453FE81C3CFEC1B906AE361DA0BA54EFCD63263B  857 bytes
File            C:\Documents and Settings\Krysia\Ustawienia lokalne\Dane aplikacji\Mozilla\Firefox\Profiles\ablnsgky.default\cache2\entries\A7E858A002CC5DE191A11B6976C1D0AF8E70E5A5  630 bytes
File            C:\Documents and Settings\Krysia\Ustawienia lokalne\Dane aplikacji\Mozilla\Firefox\Profiles\ablnsgky.default\cache2\entries\5DD2B086EF03BAC1EC522EA0391B7C417F4FE427  28965 bytes
File            C:\Documents and Settings\Krysia\Ustawienia lokalne\Dane aplikacji\Mozilla\Firefox\Profiles\ablnsgky.default\cache2\entries\2F8B19E2FE4A13BDF3835188D35B78795992576E  34657 bytes
File            C:\Documents and Settings\Krysia\Ustawienia lokalne\Dane aplikacji\Mozilla\Firefox\Profiles\ablnsgky.default\cache2\entries\23DA23B514C1733E16223A8F3F2E58B8FA52BB9C  900 bytes

---- EOF - GMER 2.1 ----