GMER 2.1.19357 - http://www.gmer.net Rootkit scan 2014-04-20 11:44:09 Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 Hitachi_HDP725050GLA360 rev.GM4OA52A 465,76GB Running: 8s0wei5k.exe; Driver: C:\Users\Home\AppData\Local\Temp\pxldapow.sys ---- Threads - GMER 2.1 ---- Thread C:\Windows\system32\svchost.exe [1140:2792] 000007fef56684d8 Thread C:\Windows\system32\svchost.exe [1140:2692] 000007fef55b23a8 Thread C:\Windows\system32\svchost.exe [1140:3180] 000007fef56c0d00 Thread C:\Windows\system32\svchost.exe [1140:3292] 000007fefa8d9498 Thread C:\Windows\system32\svchost.exe [1140:3920] 000007fef3b7506c Thread C:\Windows\system32\svchost.exe [1140:3924] 000007fef6441c20 Thread C:\Windows\system32\svchost.exe [1140:3928] 000007fef6441c20 Thread C:\Windows\system32\svchost.exe [1140:4224] 000007fef7c75124 Thread C:\Windows\system32\svchost.exe [1140:4540] 000007fef3f44164 Thread C:\Windows\system32\svchost.exe [1140:2916] 000007fef3f81ab0 Thread C:\Windows\system32\svchost.exe [1140:2252] 000007fef47d17f8 Thread C:\Windows\system32\svchost.exe [1140:3488] 000007fef47d17f8 Thread C:\Windows\system32\svchost.exe [1140:3148] 000007fef47d17f8 Thread C:\Windows\system32\svchost.exe [1320:2088] 000007fef81ebd88 Thread C:\Windows\system32\svchost.exe [1320:2488] 000007fef60d83d8 Thread C:\Windows\system32\svchost.exe [1320:2492] 000007fef60d83d8 Thread C:\Windows\system32\svchost.exe [1320:2496] 000007fef60d83d8 Thread C:\Windows\system32\svchost.exe [1320:2500] 000007fef60d83d8 Thread C:\Windows\system32\svchost.exe [1320:3068] 000007fef4ae3f1c Thread C:\Windows\system32\svchost.exe [1320:1852] 000007fef49a1a38 Thread C:\Windows\system32\svchost.exe [1320:1928] 000007fef4755388 Thread C:\Windows\system32\svchost.exe [1320:2148] 000007fef44a7738 Thread C:\Windows\system32\svchost.exe [1320:1796] 000007fef4441f90 Thread C:\Windows\system32\svchost.exe [1320:1212] 000007fef7c75124 Thread C:\Windows\system32\svchost.exe [1320:1836] 000007fef85f5170 Thread C:\Windows\System32\spoolsv.exe [1524:2112] 000007fef68c10c8 Thread C:\Windows\System32\spoolsv.exe [1524:2132] 000007fef6826144 Thread C:\Windows\System32\spoolsv.exe [1524:2136] 000007fef8865fd0 Thread C:\Windows\System32\spoolsv.exe [1524:2140] 000007fef6803438 Thread C:\Windows\System32\spoolsv.exe [1524:2144] 000007fef88663ec Thread C:\Windows\System32\spoolsv.exe [1524:2152] 000007fef79c5e5c Thread C:\Windows\System32\spoolsv.exe [1524:2156] 000007fef7e95074 Thread C:\Windows\system32\svchost.exe [1948:1216] 000007fef1198470 Thread C:\Windows\system32\svchost.exe [1948:1296] 000007fef11a2418 ---- Processes - GMER 2.1 ---- Library c:\users\home\appdata\local\temp\7zs3610\hpslpsvc64.dll (*** suspicious ***) @ C:\Windows\system32\svchost.exe [2948] (HP Network Devices Support/Hewlett-Packard Co.)(2012-07-06 15:23:45) 0000000180000000 ---- EOF - GMER 2.1 ----