GMER 2.1.19357 - http://www.gmer.net
Rootkit scan 2014-03-16 18:25:59
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 Samsung_SSD_840_EVO_250GB rev.EXT0BB6Q 232,89GB
Running: 09pskuru.exe; Driver: D:\Temp\uglcraoc.sys


---- Threads - GMER 2.1 ----

Thread   C:\Windows\Microsoft.NET\Framework\v2.0.50727\cvtres.exe [880:4124]                                                                                         000000000066ca30
Thread   C:\Windows\Microsoft.NET\Framework\v2.0.50727\cvtres.exe [880:4128]                                                                                         000000000066c3c0
Thread   C:\Windows\Microsoft.NET\Framework\v2.0.50727\cvtres.exe [880:4132]                                                                                         000000000066c3c0
Thread   C:\Windows\Microsoft.NET\Framework\v2.0.50727\cvtres.exe [880:4136]                                                                                         000000000066c3c0
Thread   C:\Windows\Microsoft.NET\Framework\v2.0.50727\cvtres.exe [880:4140]                                                                                         000000000066c3c0
Thread   C:\Windows\Microsoft.NET\Framework\v2.0.50727\cvtres.exe [880:4144]                                                                                         000000000066c3c0
Thread   C:\Windows\Microsoft.NET\Framework\v2.0.50727\cvtres.exe [880:4148]                                                                                         000000000066c3c0
Thread   C:\Windows\Microsoft.NET\Framework\v2.0.50727\cvtres.exe [880:4152]                                                                                         000000000066c3c0
Thread   C:\Windows\Microsoft.NET\Framework\v2.0.50727\cvtres.exe [880:4156]                                                                                         000000000066c3c0
---- Processes - GMER 2.1 ----

Process  C:\Users\PG\AppData\Roaming\Microsoft\Wcenter43.exe (*** suspicious ***) @ C:\Users\PG\AppData\Roaming\Microsoft\Wcenter43.exe [3408](2014-03-16 10:54:29)  00000000008d0000
Library  C:\Users\PG\AppData\Roaming\Microsoft\Wcenter43.exe (*** suspicious ***) @ C:\Users\PG\AppData\Roaming\Microsoft\Wcenter43.exe [3408](2014-03-16 10:54:29)  0000000000400000
Library  :\{9019ACD6-BC11-4308-8C49-92E0601DF38D}\temp\880\bxsdk32.dll (*** suspicious ***) @ C:\Windows\Microsoft.NET\Framework\v2.0.50727\cvtres.exe [880]        0000000010000000
Library  C:\Windows\Microsoft.NET\Framework\v2.0.50727\miner.dll (*** suspicious ***) @ C:\Windows\Microsoft.NET\Framework\v2.0.50727\cvtres.exe [880]               0000000013900000
Library  C:\Windows\Microsoft.NET\Framework\v2.0.50727\usft_ext.dll (*** suspicious ***) @ C:\Windows\Microsoft.NET\Framework\v2.0.50727\cvtres.exe [880]            0000000011000000
Library  C:\Windows\Microsoft.NET\Framework\v2.0.50727\coinutil.dll (*** suspicious ***) @ C:\Windows\Microsoft.NET\Framework\v2.0.50727\cvtres.exe [880]            0000000013800000
Library  C:\Windows\Microsoft.NET\Framework\v2.0.50727\MPIR.dll (*** suspicious ***) @ C:\Windows\Microsoft.NET\Framework\v2.0.50727\cvtres.exe [880]                0000000013000000

---- EOF - GMER 2.1 ----