GMER 1.0.15.15530 - http://www.gmer.net Rootkit quick scan 2011-02-16 23:17:34 Windows 6.0.6000 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T0L0-2 WDC_WD2500BEVS-75UST0 rev.01.01A01 Running: hxs75ofe.exe; Driver: C:\Users\Tomek\AppData\Local\Temp\ugroipow.sys ---- Devices - GMER 1.0.15 ---- AttachedDevice \FileSystem\fastfat \Fat fltmgr.sys (Menedżer filtrów systemu plików firmy Microsoft/Microsoft Corporation) AttachedDevice \Driver\tdx \Device\Ip kl1.sys (Kaspersky Unified Driver/Kaspersky Lab ZAO) AttachedDevice \Driver\tdx \Device\Tcp kl1.sys (Kaspersky Unified Driver/Kaspersky Lab ZAO) AttachedDevice \Driver\tdx \Device\Udp kl1.sys (Kaspersky Unified Driver/Kaspersky Lab ZAO) AttachedDevice \Driver\tdx \Device\RawIp kl1.sys (Kaspersky Unified Driver/Kaspersky Lab ZAO) ---- Processes - GMER 1.0.15 ---- Process (*** hidden *** ) -2029992976 Process (*** hidden *** ) -2063742576 Process (*** hidden *** ) -2032149600 Process (*** hidden *** ) -2069421152 Process (*** hidden *** ) -2065080832 Process (*** hidden *** ) -2035403880 Process (*** hidden *** ) -2063923424 Process (*** hidden *** ) -2069286728 Process (*** hidden *** ) -2028310344 Process (*** hidden *** ) -2064185448 Process (*** hidden *** ) -2069615656 Process (*** hidden *** ) -2048632712 Process (*** hidden *** ) -2070701536 Process (*** hidden *** ) -2028851712 Process (*** hidden *** ) -2023782632 Process (*** hidden *** ) -2024595968 Process (*** hidden *** ) -2026967552 Process (*** hidden *** ) -2040244576 Process (*** hidden *** ) -2048648880 Process (*** hidden *** ) -2070407880 Process (*** hidden *** ) -2064486912 Process (*** hidden *** ) -2069869056 Process (*** hidden *** ) -2026653608 Process (*** hidden *** ) -2026654304 Process (*** hidden *** ) -2027475456 Process (*** hidden *** ) -2067623752 Process (*** hidden *** ) -2069807616 Process (*** hidden *** ) -2068272872 Process (*** hidden *** ) -2036424520 Process (*** hidden *** ) -2065007104 Process (*** hidden *** ) -2070381056 Process (*** hidden *** ) -2069406504 Process (*** hidden *** ) -2069297896 Process (*** hidden *** ) -2029978280 Process (*** hidden *** ) -2034405928 Process (*** hidden *** ) -2033890656 Process (*** hidden *** ) -2027011272 Process (*** hidden *** ) -2033495552 Process (*** hidden *** ) -2069110600 Process (*** hidden *** ) -2063840440 Process (*** hidden *** ) -2031409616 Process (*** hidden *** ) -2063940336 Process (*** hidden *** ) -2070999552 Process (*** hidden *** ) -2070396744 Process (*** hidden *** ) -2068021760 Process (*** hidden *** ) -2068411488 Process (*** hidden *** ) -2069273144 Process (*** hidden *** ) -2034234568 Process (*** hidden *** ) -2064489096 Process (*** hidden *** ) -2028928440 Process (*** hidden *** ) -2070991360 Process (*** hidden *** ) -2065009552 Process (*** hidden *** ) -2033903120 Process (*** hidden *** ) -2034448440 Process (*** hidden *** ) -2073350720 Process (*** hidden *** ) -2069106504 Process (*** hidden *** ) -2069617632 Process (*** hidden *** ) -2070373976 Process (*** hidden *** ) -2064520552 Process (*** hidden *** ) -2061757016 Process (*** hidden *** ) -2048622264 Process (*** hidden *** ) -2068985792 Process (*** hidden *** ) -2069686464 Process (*** hidden *** ) -2069487432 Process (*** hidden *** ) -2071002144 Process (*** hidden *** ) -2066169088 Process (*** hidden *** ) -2034179912 Process (*** hidden *** ) -2065109728 Process (*** hidden *** ) -2070805472 Process (*** hidden *** ) -2029902560 Process (*** hidden *** ) -2049720136 Process (*** hidden *** ) -2034258432 Process (*** hidden *** ) -2069862296 Process (*** hidden *** ) -2030939976 Process (*** hidden *** ) -2063987200 Process (*** hidden *** ) -2029459616 Process (*** hidden *** ) -2034130560 Process (*** hidden *** ) -2069168640 Process (*** hidden *** ) -2069750968 Process (*** hidden *** ) -2068936560 Process (*** hidden *** ) -2029695488 Process (*** hidden *** ) -2036646400 Process (*** hidden *** ) -2040263568 Process (*** hidden *** ) -2063749632 Process (*** hidden *** ) -2036769792 Process (*** hidden *** ) -2069122888 Process (*** hidden *** ) -2069814128 Process (*** hidden *** ) -2070933320 Process (*** hidden *** ) -2069750272 Process (*** hidden *** ) -2069432400 Process (*** hidden *** ) -2069171008 Process (*** hidden *** ) -2071464600 Process (*** hidden *** ) -2063837880 Process (*** hidden *** ) -2069136144 Process (*** hidden *** ) -2036932424 Process (*** hidden *** ) -2070591712 Process (*** hidden *** ) -2033781472 Process (*** hidden *** ) -2040562256 Process (*** hidden *** ) -2068456584 Process (*** hidden *** ) -2064086152 Process (*** hidden *** ) -2034465480 Process (*** hidden *** ) -2039795528 Process (*** hidden *** ) -2070872576 Process (*** hidden *** ) -2028291800 Process (*** hidden *** ) -2050600776 Process (*** hidden *** ) -2029898616 Process (*** hidden *** ) -2034315080 Process (*** hidden *** ) -2025296384 Process (*** hidden *** ) -2079739736 Process (*** hidden *** ) -2039792776 Process (*** hidden *** ) -2069815112 Process (*** hidden *** ) -2069274440 Process (*** hidden *** ) -2069388224 Process (*** hidden *** ) -2026637200 Process (*** hidden *** ) -2070609736 Process (*** hidden *** ) -2032535192 Process (*** hidden *** ) -2034158728 Process (*** hidden *** ) -2032373576 Process (*** hidden *** ) -2070234816 Process (*** hidden *** ) -2049729840 Process (*** hidden *** ) -2026890776 Process (*** hidden *** ) -2069183352 Process (*** hidden *** ) -2069128376 Process (*** hidden *** ) -2050499624 Process (*** hidden *** ) -2079893464 Process (*** hidden *** ) -2028349464 Process (*** hidden *** ) -2069539992 Process (*** hidden *** ) -2032572816 Process (*** hidden *** ) -2068275712 Process (*** hidden *** ) -2036850504 Process (*** hidden *** ) -2069235384 Process (*** hidden *** ) -2031422576 Process (*** hidden *** ) -2031121440 Process (*** hidden *** ) -2036281160 Process (*** hidden *** ) -2028341000 Process (*** hidden *** ) -2024935936 Process (*** hidden *** ) -2064962744 Process (*** hidden *** ) -2028147200 Process (*** hidden *** ) -2027171656 Process (*** hidden *** ) -2034342592 Process (*** hidden *** ) -2079894144 Process (*** hidden *** ) -2069175320 Process (*** hidden *** ) -2069376016 Process (*** hidden *** ) -2069484200 Process (*** hidden *** ) -2033166840 Process (*** hidden *** ) -2028255936 Process (*** hidden *** ) -2041556808 Process (*** hidden *** ) -2040841088 Process (*** hidden *** ) -2033889848 Process (*** hidden *** ) -2063979416 Process (*** hidden *** ) -2028147896 Process (*** hidden *** ) -2026838680 Process (*** hidden *** ) -2064040448 Process (*** hidden *** ) -2071047232 Process (*** hidden *** ) -2064183808 Process (*** hidden *** ) -2026865152 Process (*** hidden *** ) -2072596992 Process (*** hidden *** ) -2027514312 Process (*** hidden *** ) -2071158600 Process (*** hidden *** ) -2067705672 Process (*** hidden *** ) -2032486784 Process (*** hidden *** ) -2032457840 Process (*** hidden *** ) -2070377704 Process (*** hidden *** ) -2069181600 Process (*** hidden *** ) -2032650432 Process (*** hidden *** ) -2029409400 Process (*** hidden *** ) -2068935168 Process (*** hidden *** ) -2033583216 Process (*** hidden *** ) -2079741096 Process (*** hidden *** ) -2034758960 Process (*** hidden *** ) -2025025352 Process (*** hidden *** ) -2026951776 Process (*** hidden *** ) -2032307896 Process (*** hidden *** ) -2029491464 Process (*** hidden *** ) -2074229968 Process (*** hidden *** ) -2025082696 Process (*** hidden *** ) -2117147944 ---- EOF - GMER 1.0.15 ----