GMER 2.0.18444 - http://www.gmer.net Rootkit scan 2013-01-25 19:04:07 Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 TOSHIBA_MK5056GSY rev.LH003D 465,76GB Running: ywd6mkqw.exe; Driver: C:\Users\szaleska\AppData\Local\Temp\kxtiiuob.sys ---- Threads - GMER 2.0 ---- Thread C:\Program Files\Dell\DellDock\DockLogin.exe [376:484] 0000000074767587 Thread C:\Program Files\Dell\DellDock\DockLogin.exe [376:2944] 0000000076fa2e25 Thread C:\Program Files\Dell\DellDock\DockLogin.exe [376:4180] 0000000076fa3e45 Thread C:\Program Files\Dell\DellDock\DellDock.exe [3892:4296] 000007fefb8c2a7c Thread C:\Program Files\Dell\DellDock\DellDock.exe [3892:4580] 0000000180002820 Thread C:\Program Files\Dell\DellDock\DellDock.exe [3892:4584] 000000018000dba0 Thread c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe [4028:3432] 000007fef926cc10 Thread c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe [4028:3724] 000007fef912b564 Thread c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe [4028:3244] 000007fef912b564 Thread c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe [4028:3428] 000007fef912b564 Thread c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe [4028:3408] 000007fef912b564 Thread c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe [4028:2532] 000007fef912b564 Thread c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe [4028:688] 000007fef923f718 Thread c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe [4028:3904] 000007fef912b564 Thread c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe [4028:3852] 000007fef912b564 Thread c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe [4028:3108] 000007fef912143c Thread c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe [4028:4144] 000007fef9766050 Thread c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe [4028:2624] 000007fef912b564 Thread c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe [4028:4436] 000007fef912b564 Thread C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe [3360:3796] 000000006f15765f Thread C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe [3360:4036] 000000006f1d2695 Thread C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe [3360:2748] 00000000654b1bf0 Thread C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe [3104:3228] 000007fef926cc10 Thread C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe [3104:3232] 000007fef912b564 Thread C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe [3104:1108] 000007fef912b564 Thread C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe [3104:3240] 000007fef923f718 Thread C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe [3104:4108] 000007fef912b564 Thread C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe [3104:4112] 000007fef9766050 Thread C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe [3104:4184] 000007fef912b564 Thread C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe [3104:4188] 000007fefb8c2a7c Thread C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe [3104:4192] 000007fef912b564 Thread C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe [3104:4196] 000007fef912b564 Thread C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe [3104:4200] 000007fef912b564 Thread C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe [3104:4456] 000007fef912143c Thread C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe [3104:4472] 000007fef912b564 Thread C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe [3104:4496] 000007fef912b564 Thread C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe [3104:2496] 000007fef912b564 Thread [2628:2376] 0000000076fa2e25 Thread [2628:624] 0000000074767587 Thread [2628:1996] 00000000714932fb Thread [2628:4856] 0000000076fa3e45 Thread C:\Windows\System32\svchost.exe [3344:4660] 000007feed759688 Thread C:\Program Files\Windows Media Player\wmpnetwk.exe [3860:4772] 000007fefb8c2a7c Thread C:\Program Files\Windows Media Player\wmpnetwk.exe [3860:2168] 000007fee9b7d618 Thread C:\Program Files\Windows Media Player\wmpnetwk.exe [3860:2520] 000007fefaee5124 ---- Processes - GMER 2.0 ---- Library ? (*** suspicious ***) @ C:\Program Files\Dell\DellDock\DellDock.exe [3892] 000007fefcaa0000 Library ? (*** suspicious ***) @ C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe [3988] 00000000723d0000 Library ? (*** suspicious ***) @ c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe [4028] 000007fef9c20000 Library ? (*** suspicious ***) @ C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe [3360] 0000000075170000 Library ? (*** suspicious ***) @ C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe [3104] 000007fefd5a0000 Library ? (*** suspicious ***) @ [2628] 0000000000400000 Library ? (*** suspicious ***) @ C:\Windows\System32\svchost.exe [3344] 000007fefdb10000 Library ? (*** suspicious ***) @ C:\Program Files\Windows Media Player\wmpnetwk.exe [3860] 000007fefd100000 ---- EOF - GMER 2.0 ----