GMER 2.1.19357 - http://www.gmer.net Rootkit scan 2014-08-30 19:05:36 Windows 6.2.9200 x64 \Device\Harddisk0\DR0 -> \Device\00000037 ST1000LM024_HN-M101MBB rev.2AR20002 931,51GB Running: gmer.exe; Driver: C:\Users\Victoria\AppData\Local\Temp\ufldqpow.sys ---- Disk sectors - GMER 2.1 ---- Disk \Device\Harddisk0\DR0 unknown MBR code ---- Threads - GMER 2.1 ---- Thread C:\WINDOWS\system32\csrss.exe [720:1416] fffff96000815b90 Thread C:\WINDOWS\system32\svchost.exe [1292:4080] 00007ffff7974608 Thread C:\WINDOWS\system32\svchost.exe [1292:4084] 00007ffff7951b40 Thread C:\WINDOWS\system32\svchost.exe [1292:6016] 00007ffff7971040 ---- Processes - GMER 2.1 ---- Process C:\ProgramData\DatacardService\DCService.exe (*** suspicious ***) @ C:\ProgramData\DatacardService\DCService.exe [1456](2010-05-08 11:48:36) 0000000000400000 Process C:\PROGRA~3\ASGVIS\DONGLE~1\STARTV~1.EXE (*** suspicious ***) @ C:\PROGRA~3\ASGVIS\DONGLE~1\STARTV~1.EXE [2356](2014-05-31 21:28:58) 0000000000400000 Process C:\ProgramData\DatacardService\DCSHelper.exe (*** suspicious ***) @ C:\ProgramData\DatacardService\DCSHelper.exe [3380] (DataCardMonitor MFC Application/Huawei Technologies Co., Ltd.)(2010-05-08 11:48:26) 0000000000400000 Process C:\Users\Victoria\AppData\Local\Temp\Rar$EXa0.524\gmer.exe (*** suspicious ***) @ C:\Users\Victoria\AppData\Local\Temp\Rar$EXa0.524\gmer.exe [3848](2014-08-30 17:03:04) 0000000000400000 ---- EOF - GMER 2.1 ----