GMER 2.1.19115 - http://www.gmer.net Rootkit scan 2013-02-27 12:35:23 Windows 5.1.2600 Dodatek Service Pack 3 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3 ST9320325AS rev.0003SDM1 298,09GB Running: fv9em9h6.exe; Driver: C:\DOCUME~1\OM\USTAWI~1\Temp\kfkiifog.sys ---- Kernel code sections - GMER 2.1 ---- init C:\WINDOWS\system32\drivers\monfilt.sys entry point in "init" section [0xA89E0280] ---- User code sections - GMER 2.1 ---- .text C:\WINDOWS\system32\igfxsrvc.exe[160] kernel32.dll!TerminateProcess 7C801E1A 1 Byte [C3] .text C:\WINDOWS\system32\igfxsrvc.exe[160] kernel32.dll!TerminateThread 7C81CB3B 1 Byte [C3] .text C:\WINDOWS\system32\igfxpers.exe[176] kernel32.dll!TerminateProcess 7C801E1A 1 Byte [C3] .text C:\WINDOWS\system32\igfxpers.exe[176] kernel32.dll!TerminateThread 7C81CB3B 1 Byte [C3] .text C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe[200] kernel32.dll!TerminateProcess 7C801E1A 1 Byte [C3] .text C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe[200] kernel32.dll!TerminateThread 7C81CB3B 1 Byte [C3] .text C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[248] kernel32.dll!TerminateProcess 7C801E1A 1 Byte [C3] .text C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[248] kernel32.dll!TerminateThread 7C81CB3B 1 Byte [C3] .text C:\WINDOWS\system32\ctfmon.exe[276] kernel32.dll!TerminateProcess 7C801E1A 1 Byte [C3] .text C:\WINDOWS\system32\ctfmon.exe[276] kernel32.dll!TerminateThread 7C81CB3B 1 Byte [C3] .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[280] kernel32.dll!TerminateProcess 7C801E1A 1 Byte [C3] .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[280] kernel32.dll!TerminateThread 7C81CB3B 1 Byte [C3] .text C:\Program Files\Ares\Ares.exe[316] kernel32.dll!TerminateProcess 7C801E1A 1 Byte [C3] .text C:\Program Files\Ares\Ares.exe[316] kernel32.dll!TerminateThread 7C81CB3B 1 Byte [C3] .text C:\Program Files\Skype\Phone\Skype.exe[352] kernel32.dll!TerminateProcess 7C801E1A 1 Byte [C3] .text C:\Program Files\Skype\Phone\Skype.exe[352] kernel32.dll!TerminateThread 7C81CB3B 1 Byte [C3] .text C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE[368] kernel32.dll!TerminateProcess 7C801E1A 1 Byte [C3] .text C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE[368] kernel32.dll!TerminateThread 7C81CB3B 1 Byte [C3] .text C:\WINDOWS\system32\igfxtray.exe[2032] kernel32.dll!TerminateProcess 7C801E1A 1 Byte [C3] .text C:\WINDOWS\system32\igfxtray.exe[2032] kernel32.dll!TerminateThread 7C81CB3B 1 Byte [C3] .text C:\WINDOWS\system32\hkcmd.exe[2040] kernel32.dll!TerminateProcess 7C801E1A 1 Byte [C3] .text C:\WINDOWS\system32\hkcmd.exe[2040] kernel32.dll!TerminateThread 7C81CB3B 1 Byte [C3] .text F:\luiqii.scr[2392] kernel32.dll!TerminateProcess 7C801E1A 1 Byte [C3] .text F:\luiqii.scr[2392] kernel32.dll!TerminateThread 7C81CB3B 1 Byte [C3] .text C:\Documents and Settings\OM\Pulpit\naprawa\fv9em9h6.exe[3300] kernel32.dll!TerminateProcess 7C801E1A 1 Byte [C3] .text C:\Documents and Settings\OM\Pulpit\naprawa\fv9em9h6.exe[3300] kernel32.dll!TerminateThread 7C81CB3B 1 Byte [C3] ---- EOF - GMER 2.1 ----