GMER 1.0.15.15641 - http://www.gmer.net Rootkit scan 2012-07-29 14:40:15 Windows 6.0.6002 Service Pack 2 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T0L0-1 WDC_WD1600BEVT-75ZCT2 rev.11.01A11 Running: i1cukpc2.exe; Driver: C:\Users\User\AppData\Local\Temp\kxldapob.sys ---- User code sections - GMER 1.0.15 ---- ÒuÛŠëÔÿÿÿÿwinlogonentry point in "ÒuÛŠëÔÿÿÿÿwinlogonentry point in "" section [0x0042E250] C:\Users\User\AppData\Local\winlogon.exe[2468] C:\Users\User\AppData\Local\winlogon.exe entry point in "ÒuÛŠëÔÿÿÿÿwinlogonentry point in "" section [0x0042E250] ÒuÛŠëÔÿÿÿÿwinlogonunknown last code section [0x00424000, 0x19000, 0xC00000E0] C:\Users\User\AppData\Local\winlogon.exe[2468] C:\Users\User\AppData\Local\winlogon.exe unknown last code section [0x00424000, 0x19000, 0xC00000E0] ÒuÛŠëÔÿÿÿÿservicesentry point in "ÒuÛŠëÔÿÿÿÿservicesentry point in "" section [0x0042E250] C:\Users\User\AppData\Local\services.exe[2788] C:\Users\User\AppData\Local\services.exe entry point in "ÒuÛŠëÔÿÿÿÿservicesentry point in "" section [0x0042E250] ÒuÛŠëÔÿÿÿÿservicesunknown last code section [0x00424000, 0x19000, 0xC00000E0] C:\Users\User\AppData\Local\services.exe[2788] C:\Users\User\AppData\Local\services.exe unknown last code section [0x00424000, 0x19000, 0xC00000E0] ---- Devices - GMER 1.0.15 ---- AttachedDevice \Driver\tdx \Device\Tcp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.) AttachedDevice \Driver\tdx \Device\Udp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.) AttachedDevice \Driver\tdx \Device\RawIp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.) AttachedDevice \FileSystem\fastfat \Fat fltmgr.sys (Mened¿er filtrów systemu plików firmy Microsoft/Microsoft Corporation) ---- EOF - GMER 1.0.15 ----