GMER 2.1.19163 - http://www.gmer.net Rootkit scan 2013-10-20 21:19:16 Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 ST500LT0 rev.0001 465,76GB Running: gdz78sl0.exe; Driver: C:\Users\Portitor\AppData\Local\Temp\pwldakow.sys ---- Threads - GMER 2.1 ---- Thread [1436:1692] 0000000077102e65 Thread [1436:1720] 0000000077103e85 Thread [1436:1724] 00000000732ef28e Thread [1436:1728] 0000000077103e85 Thread [1436:1736] 0000000076c97587 Thread [1436:1776] 0000000072b70580 Thread [1436:1124] 0000000072754bd0 Thread [1436:1784] 000000007279e8e0 Thread [1436:1800] 000000007279e080 Thread [1436:2236] 00000000732ef28e Thread [1436:2240] 00000000732ef28e Thread [1436:2244] 00000000732ef28e Thread [1436:2768] 00000000732ef28e Thread [1436:3188] 0000000072790e00 Thread [1436:3192] 0000000072790e00 Thread [1436:3196] 0000000072790e00 Thread [1436:3200] 0000000072790e00 Thread [1436:3204] 0000000072790e00 Thread [1436:3208] 0000000072792510 Thread [1436:3212] 00000000727917d0 Thread [1436:3216] 00000000727c6530 Thread [1436:3220] 00000000727c50c0 Thread [1436:3224] 00000000727c5550 Thread [1436:3228] 0000000072793bc0 Thread [1436:3232] 0000000072793bc0 Thread [1436:3236] 0000000072793bc0 Thread [1436:3240] 0000000072793bc0 Thread [1436:3244] 0000000072793bc0 Thread [1436:3248] 0000000074461080 Thread [1436:3252] 0000000074431530 Thread [1436:3336] 00000000732ef28e Thread [1436:3340] 00000000732ef28e Thread [1436:3344] 00000000743d1600 Thread [1436:3348] 000000007279f590 Thread [1436:3352] 0000000072793690 Thread [1436:3356] 00000000732ef28e Thread [1436:3364] 00000000743852c9 Thread [1436:3368] 00000000727ed630 Thread [1436:3372] 00000000726c71c0 Thread [1436:3376] 00000000744616d0 Thread [1436:3388] 000000007589d864 Thread [1436:3396] 00000000732ef28e Thread [1436:3412] 0000000077103e85 Thread [1436:3416] 00000000742a95d0 Thread [1436:3420] 0000000073ee1960 Thread [1436:3424] 0000000073ee1e90 Thread [1436:3436] 00000000732ef28e Thread [1436:3444] 0000000072b74720 Thread [1436:3448] 0000000072b764f0 Thread [1436:3452] 00000000732ef28e Thread [1436:3456] 0000000072b6c750 Thread [1436:3488] 00000000732ef28e Thread [1436:3688] 00000000732ef28e Thread [1436:3692] 00000000732ef28e Thread [1436:3696] 0000000077103e85 Thread [1436:3712] 00000000733376ef Thread [1436:3716] 00000000733376ef Thread [1436:3720] 00000000733376ef Thread [1436:3724] 00000000733376ef Thread [1436:3728] 00000000733376ef Thread [1436:3732] 00000000733376ef Thread [1436:3736] 00000000733376ef Thread [1436:3740] 00000000733376ef Thread [1436:3744] 00000000733376ef Thread [1436:3748] 00000000733376ef Thread [1436:3752] 00000000733376ef Thread [1436:3788] 00000000721062ee Thread [1436:7144] 0000000077103e85 Thread [1436:228] 0000000077103e85 Thread [1436:4112] 0000000077103e85 ---- Services - GMER 2.1 ---- Service C:\Windows\system32\drivers\aswFsBlk.sys (*** hidden *** ) [AUTO] aswFsBlk <-- ROOTKIT !!! Service C:\Windows\system32\drivers\aswMonFlt.sys (*** hidden *** ) [AUTO] aswMonFlt <-- ROOTKIT !!! Service C:\Windows\system32\drivers\aswRdr2.sys (*** hidden *** ) [SYSTEM] aswRdr <-- ROOTKIT !!! Service C:\Windows\system32\drivers\aswRvrt.sys (*** hidden *** ) [BOOT] aswRvrt <-- ROOTKIT !!! Service C:\Windows\system32\drivers\aswSnx.sys (*** hidden *** ) [SYSTEM] aswSnx <-- ROOTKIT !!! Service C:\Windows\system32\drivers\aswSP.sys (*** hidden *** ) [SYSTEM] aswSP <-- ROOTKIT !!! Service C:\Windows\system32\drivers\aswTdi.sys (*** hidden *** ) [SYSTEM] aswTdi <-- ROOTKIT !!! Service C:\Windows\system32\drivers\aswVmm.sys (*** hidden *** ) [BOOT] aswVmm <-- ROOTKIT !!! Service C:\Program Files\AVAST Software\Avast\AvastSvc.exe (*** hidden *** ) [AUTO] avast! Antivirus <-- ROOTKIT !!! ---- EOF - GMER 2.1 ----