GMER 2.1.19081 - http://www.gmer.net
Rootkit scan 2013-02-23 13:28:30
Windows 5.1.2600 Dodatek Service Pack 3 
Running: xrdpqcdf.exe


---- Services - GMER 2.1 ----

Service  C:\WINDOWS\System32\Drivers\328283668ce358b1.sys (*** hidden *** )    [BOOT] 328283668ce358b1                             <-- ROOTKIT !!!

---- Registry - GMER 2.1 ----

Reg      HKLM\SYSTEM\CurrentControlSet\Services\328283668ce358b1@ImagePath     \SystemRoot\System32\Drivers\328283668ce358b1.sys
Reg      HKLM\SYSTEM\CurrentControlSet\Services\328283668ce358b1@Group         Boot Bus Extender
Reg      HKLM\SYSTEM\CurrentControlSet\Services\328283668ce358b1@ErrorControl  0
Reg      HKLM\SYSTEM\CurrentControlSet\Services\328283668ce358b1@Type          1
Reg      HKLM\SYSTEM\CurrentControlSet\Services\328283668ce358b1@Start         0
Reg      HKLM\SYSTEM\CurrentControlSet\Services\328283668ce358b1@Tag           1
Reg      HKLM\SYSTEM\CurrentControlSet\Services\328283668ce358b1@DisplayName   syshost.exe
Reg      HKLM\SYSTEM\CurrentControlSet\Services\328283668ce358b1               
Reg      HKLM\SYSTEM\ControlSet002\Services\328283668ce358b1@ImagePath         \SystemRoot\System32\Drivers\328283668ce358b1.sys
Reg      HKLM\SYSTEM\ControlSet002\Services\328283668ce358b1@Group             Boot Bus Extender
Reg      HKLM\SYSTEM\ControlSet002\Services\328283668ce358b1@ErrorControl      0
Reg      HKLM\SYSTEM\ControlSet002\Services\328283668ce358b1@Type              1
Reg      HKLM\SYSTEM\ControlSet002\Services\328283668ce358b1@Start             0
Reg      HKLM\SYSTEM\ControlSet002\Services\328283668ce358b1@Tag               1
Reg      HKLM\SYSTEM\ControlSet002\Services\328283668ce358b1@DisplayName       syshost.exe

---- EOF - GMER 2.1 ----