GMER 2.1.19357 - http://www.gmer.net Rootkit scan 2014-09-30 22:05:35 Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 SAMSUNG_SP1203N rev.TL100-30 111,82GB Running: ph2o8h9h.exe; Driver: C:\Users\Grzesiek\AppData\Local\Temp\kxddrkow.sys ---- Threads - GMER 2.1 ---- Thread C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [716:2784] 0000000076db7587 Thread C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [716:2788] 0000000074bd7712 Thread C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [716:2860] 00000000777b2e65 Thread C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [716:1592] 00000000777b3e85 Thread C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [716:3524] 00000000777b3e85 Thread C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [716:2016] 00000000777b3e85 ---- Registry - GMER 2.1 ---- Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager@PendingFileRenameOperations ????pl???&???????n???????????????????o??????????? ???????????????? ????0???????????????????e??????(??????????y??aspnet_counters.dll??n????$?????????????OpenStateCounters?????&??????9??e0??CloseStateCounters????????*?????? ??????CollectStateCounters????? ?????????????????????0?????????????????e????????????????1&VE???????????0???&??4.0.30319.0?1&???????????2?????e4&??aspnet_state_perf.ini???????????????????????????????????????????????? ????????????????????????(??????????y????????????????p?????? ??????????????rd????,?????????????????? ??????????????{1???? ??????7?????tB9??????????????????????????????????????????????????????????????????B9??NT AUTHORITY\NetworkService?????? ?????????????????????0????????????????????????????? ???????????????? ????0????????~??????????eVE????*??????0??B&??OpenVersion4Counters?1????,??????&??e3??CloseVersion4Counters?????0??????2???t??CollectVersion4Counters?? ??? ?????????????????????0????????????????????????????????????4.0.30319.0?ud??? ??????????????????????????????????????s?????? ---- EOF - GMER 2.1 ----