GMER 2.1.19357 - http://www.gmer.net Rootkit scan 2015-03-07 22:24:39 Windows 6.2.9200 x64 \Device\Harddisk0\DR0 -> \Device\0000003c HGST_HTS541010A9E680 rev.JA0OA560 931,51GB Running: inxzqkp5.exe; Driver: C:\Users\M\AppData\Local\Temp\uxloypod.sys ---- User code sections - GMER 2.1 ---- .text C:\Program Files\Elantech\ETDCtrl.exe[2996] C:\windows\SYSTEM32\MSIMG32.dll!GradientFill + 690 000007fe514e1532 4 bytes [4E, 51, FE, 07] .text C:\Program Files\Elantech\ETDCtrl.exe[2996] C:\windows\SYSTEM32\MSIMG32.dll!GradientFill + 698 000007fe514e153a 4 bytes [4E, 51, FE, 07] .text C:\Program Files\Elantech\ETDCtrl.exe[2996] C:\windows\SYSTEM32\MSIMG32.dll!TransparentBlt + 246 000007fe514e165a 4 bytes [4E, 51, FE, 07] .text C:\Program Files\Elantech\ETDTouch.exe[1044] C:\windows\SYSTEM32\MSIMG32.dll!GradientFill + 690 000007fe514e1532 4 bytes [4E, 51, FE, 07] .text C:\Program Files\Elantech\ETDTouch.exe[1044] C:\windows\SYSTEM32\MSIMG32.dll!GradientFill + 698 000007fe514e153a 4 bytes [4E, 51, FE, 07] .text C:\Program Files\Elantech\ETDTouch.exe[1044] C:\windows\SYSTEM32\MSIMG32.dll!TransparentBlt + 246 000007fe514e165a 4 bytes [4E, 51, FE, 07] .text C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe[3764] C:\windows\system32\psapi.dll!GetProcessImageFileNameA + 306 000007fe5816177a 4 bytes [16, 58, FE, 07] .text C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe[3764] C:\windows\system32\psapi.dll!GetProcessImageFileNameA + 314 000007fe58161782 4 bytes [16, 58, FE, 07] .text C:\Program Files\Elantech\ETDCtrlHelper.exe[2820] C:\windows\SYSTEM32\MSIMG32.dll!GradientFill + 690 000007fe514e1532 4 bytes [4E, 51, FE, 07] .text C:\Program Files\Elantech\ETDCtrlHelper.exe[2820] C:\windows\SYSTEM32\MSIMG32.dll!GradientFill + 698 000007fe514e153a 4 bytes [4E, 51, FE, 07] .text C:\Program Files\Elantech\ETDCtrlHelper.exe[2820] C:\windows\SYSTEM32\MSIMG32.dll!TransparentBlt + 246 000007fe514e165a 4 bytes [4E, 51, FE, 07] .text C:\Program Files\Toshiba\Hotkey\TCrdMain_Win8.exe[4720] C:\windows\SYSTEM32\MSIMG32.dll!GradientFill + 690 000007fe514e1532 4 bytes [4E, 51, FE, 07] .text C:\Program Files\Toshiba\Hotkey\TCrdMain_Win8.exe[4720] C:\windows\SYSTEM32\MSIMG32.dll!GradientFill + 698 000007fe514e153a 4 bytes [4E, 51, FE, 07] .text C:\Program Files\Toshiba\Hotkey\TCrdMain_Win8.exe[4720] C:\windows\SYSTEM32\MSIMG32.dll!TransparentBlt + 246 000007fe514e165a 4 bytes [4E, 51, FE, 07] ---- Devices - GMER 2.1 ---- Device \Driver\eeCtrl \Device\EraserCtrlDrv fffff8801ae1b5fc Device \Driver\EraserUtilRebootDrv \Device\EraserUtilDrv11313 fffff8801ae93310 Device \FileSystem\SymEFA \Device\ccHP fffff8801971276c Device \Driver\SymDS \Device\SymDS fffff880195ed5a0 Device \Driver\SRTSPX \Device\SRTSPX fffff880197e3d00 Device \Driver\SymNetS \Device\SYMTDI fffff88018e06bf0 Device \FileSystem\SymEFA \Device\SYMEFA fffff8801971276c Device \Driver\SymNetS \Device\SYMRDRSEC fffff88018e06bf0 Device \Driver\ccSet_NIS \Device\ccSet_{0C55C096-0F1D-4F28-AAA2-85EF591126E7} fffff880194a0778 Device \Driver\SymEvent \Device\SymEvent fffff88018fabdb0 Device \Driver\SymIRON \Device\SymIron fffff880050a543c ---- Threads - GMER 2.1 ---- Thread C:\windows\system32\csrss.exe [696:720] fffff960008915e8 ---- Disk sectors - GMER 2.1 ---- Disk \Device\Harddisk0\DR0 unknown MBR code ---- EOF - GMER 2.1 ----