GMER 2.1.19357 - http://www.gmer.net Rootkit scan 2015-12-13 00:21:21 Windows 6.2.9200 x64 \Device\Harddisk0\DR0 -> \Device\0000001e ST500LT012-9WS142 rev.0001LVM1 465.76GB Running: 985hsllr.exe; Driver: C:\Users\Iglaczek\AppData\Local\Temp\kgliipoc.sys ---- Disk sectors - GMER 2.1 ---- Disk \Device\Harddisk0\DR0 unknown MBR code ---- Threads - GMER 2.1 ---- Thread C:\WINDOWS\system32\csrss.exe [792:816] fffff960009302d0 Thread C:\WINDOWS\SYSTEM32\ntdll.dll [4188:4192] 00000000004022cd ---- Processes - GMER 2.1 ---- Library C:\WINDOWS\SysWOW64\rpcnet.exe (*** suspicious ***) @ C:\WINDOWS\SysWOW64\rpcnet.exe [6100] 00000000011d0000 Library C:\WINDOWS\SYSTEM32\rpcnet.dll (*** suspicious ***) @ C:\WINDOWS\SysWOW64\rpcnet.exe [6100] 000000006d260000 Library C:\WINDOWS\SYSTEM32\rpcnet.dll (*** suspicious ***) @ C:\WINDOWS\SysWOW64\svchost.exe [5852] 000000006d260000 Library C:\WINDOWS\SYSTEM32\rpcnet.dll (*** suspicious ***) @ C:\WINDOWS\SysWOW64\OpenWith.exe [2652] 000000006d260000 ---- EOF - GMER 2.1 ----