GMER 1.0.15.15530 - http://www.gmer.net Rootkit quick scan 2011-02-10 14:14:05 Windows 6.0.6000 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T0L0-2 WDC_WD2500BEVS-75UST0 rev.01.01A01 Running: zpkp7jqy.exe; Driver: C:\Users\Tomek\AppData\Local\Temp\ugroipow.sys ---- Devices - GMER 1.0.15 ---- AttachedDevice \FileSystem\fastfat \Fat fltmgr.sys (Menedżer filtrów systemu plików firmy Microsoft/Microsoft Corporation) AttachedDevice \Driver\tdx \Device\Ip kl1.sys (Kaspersky Unified Driver/Kaspersky Lab ZAO) AttachedDevice \Driver\tdx \Device\Tcp kl1.sys (Kaspersky Unified Driver/Kaspersky Lab ZAO) AttachedDevice \Driver\tdx \Device\Udp kl1.sys (Kaspersky Unified Driver/Kaspersky Lab ZAO) AttachedDevice \Driver\tdx \Device\RawIp kl1.sys (Kaspersky Unified Driver/Kaspersky Lab ZAO) ---- Processes - GMER 1.0.15 ---- Process (*** hidden *** ) -2029916672 Process (*** hidden *** ) -2029457224 Process (*** hidden *** ) -2055662384 Process (*** hidden *** ) -2070761288 Process (*** hidden *** ) -2034927424 Process (*** hidden *** ) -2061297440 Process (*** hidden *** ) -2033351800 Process (*** hidden *** ) -2033851528 Process (*** hidden *** ) -2079742456 Process (*** hidden *** ) -2034440992 Process (*** hidden *** ) -1085016688 Process (*** hidden *** ) -2038742512 Process (*** hidden *** ) -2064990720 Process (*** hidden *** ) -1083181832 Process (*** hidden *** ) -944770888 Process (*** hidden *** ) -2063690736 Process (*** hidden *** ) -2019257096 Process (*** hidden *** ) -2033454296 Process (*** hidden *** ) -2073599816 Process (*** hidden *** ) -2073653064 Process (*** hidden *** ) -2062248944 Process (*** hidden *** ) -2063450624 Process (*** hidden *** ) -2064822784 Process (*** hidden *** ) -952109832 Process (*** hidden *** ) -2065108808 Process (*** hidden *** ) -2064233456 Process (*** hidden *** ) -2060682784 Process (*** hidden *** ) -2063438640 Process (*** hidden *** ) -2029483040 Process (*** hidden *** ) -2053172328 Process (*** hidden *** ) -2063417856 Process (*** hidden *** ) -2034253640 Process (*** hidden *** ) -2066127272 Process (*** hidden *** ) -2063253320 Process (*** hidden *** ) -2064904704 Process (*** hidden *** ) -2066471576 Process (*** hidden *** ) -2063691592 Process (*** hidden *** ) -1083968720 Process (*** hidden *** ) -2032412440 Process (*** hidden *** ) -2064183808 Process (*** hidden *** ) -2060275528 Process (*** hidden *** ) -2024453256 Process (*** hidden *** ) -2066753216 Process (*** hidden *** ) -2072521936 Process (*** hidden *** ) -2061619016 Process (*** hidden *** ) -2061419960 Process (*** hidden *** ) -947652480 Process (*** hidden *** ) -2030232744 Process (*** hidden *** ) -2066245912 Process (*** hidden *** ) -2039463752 Process (*** hidden *** ) -2062359264 Process (*** hidden *** ) -2024513352 Process (*** hidden *** ) -2030808904 Process (*** hidden *** ) -2072802344 Process (*** hidden *** ) -2061186088 Process (*** hidden *** ) -2071333384 Process (*** hidden *** ) -2060482264 Process (*** hidden *** ) -2029223752 Process (*** hidden *** ) -2033305488 Process (*** hidden *** ) -2060388712 Process (*** hidden *** ) -2061240568 Process (*** hidden *** ) -2072831008 Process (*** hidden *** ) -2047787688 Process (*** hidden *** ) -2062525904 Process (*** hidden *** ) -2060272968 Process (*** hidden *** ) -2064173480 Process (*** hidden *** ) -2060389680 Process (*** hidden *** ) -2024903280 Process (*** hidden *** ) -2072463496 Process (*** hidden *** ) -2071363400 Process (*** hidden *** ) -2063372104 Process (*** hidden *** ) -2063918264 Process (*** hidden *** ) -2064017368 Process (*** hidden *** ) -2061440472 Process (*** hidden *** ) -2028496440 Process (*** hidden *** ) -2063816936 Process (*** hidden *** ) -2064110520 Process (*** hidden *** ) -2074200936 Process (*** hidden *** ) -2022052520 Process (*** hidden *** ) -2060646552 Process (*** hidden *** ) -2037676392 Process (*** hidden *** ) -2064180408 Process (*** hidden *** ) -2073592992 Process (*** hidden *** ) -2063757824 Process (*** hidden *** ) -2032810320 Process (*** hidden *** ) -2028676608 Process (*** hidden *** ) -2064037384 Process (*** hidden *** ) -2025523176 Process (*** hidden *** ) -2028700160 Process (*** hidden *** ) -1084493640 Process (*** hidden *** ) -2060320584 Process (*** hidden *** ) -2027087296 Process (*** hidden *** ) -2051385536 Process (*** hidden *** ) -2024507896 Process (*** hidden *** ) -2061990672 Process (*** hidden *** ) -2062087208 Process (*** hidden *** ) -2072883992 Process (*** hidden *** ) -2062008832 Process (*** hidden *** ) -2027845808 Process (*** hidden *** ) -2073550664 Process (*** hidden *** ) -2071560008 Process (*** hidden *** ) -2024548808 Process (*** hidden *** ) -2029849392 Process (*** hidden *** ) -2063733416 Process (*** hidden *** ) -2063667712 Process (*** hidden *** ) -2051425816 Process (*** hidden *** ) -2071901152 Process (*** hidden *** ) -2028683080 Process (*** hidden *** ) -2027845112 Process (*** hidden *** ) -2024296264 Process (*** hidden *** ) -2027747536 Process (*** hidden *** ) -2027391744 Process (*** hidden *** ) -2066454648 Process (*** hidden *** ) -2062918472 Process (*** hidden *** ) -2060653056 Process (*** hidden *** ) -2033418056 Process (*** hidden *** ) -2028464680 Process (*** hidden *** ) -2055136608 Process (*** hidden *** ) -2027835208 Process (*** hidden *** ) -2029919224 Process (*** hidden *** ) -2025253928 Process (*** hidden *** ) -2024777240 Process (*** hidden *** ) -2073124680 Process (*** hidden *** ) -905056072 Process (*** hidden *** ) -2057626280 Process (*** hidden *** ) -2027813520 Process (*** hidden *** ) -2063864488 Process (*** hidden *** ) -2079737000 Process (*** hidden *** ) -2037689680 Process (*** hidden *** ) -2064238784 Process (*** hidden *** ) -2023577280 Process (*** hidden *** ) -2063919312 Process (*** hidden *** ) -942409376 Process (*** hidden *** ) -880676680 Process (*** hidden *** ) -2064240456 Process (*** hidden *** ) -2027812352 Process (*** hidden *** ) -2037490784 Process (*** hidden *** ) -2079743832 Process (*** hidden *** ) -2071710424 Process (*** hidden *** ) -2072560824 Process (*** hidden *** ) -2061906912 Process (*** hidden *** ) -2071368192 Process (*** hidden *** ) -2037746832 Process (*** hidden *** ) -2062955784 Process (*** hidden *** ) -2117147944 ---- EOF - GMER 1.0.15 ----