GMER 2.1.19163 - http://www.gmer.net Rootkit scan 2013-11-01 13:58:20 Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP3T0L0-3 ST3320613AS rev.SD22 298,09GB Running: m57g1hli.exe; Driver: C:\Users\-\AppData\Local\Temp\axloquog.sys ---- User code sections - GMER 2.1 ---- .text C:\Program Files (x86)\Steam\Steam.exe[2212] C:\Windows\syswow64\KERNELBASE.dll!HeapCreate 0000000075a5549c 5 bytes JMP 00000001001f0800 ---- Threads - GMER 2.1 ---- Thread C:\Windows\system32\svchost.exe [376:1044] 000007fefb248274 Thread C:\Windows\system32\svchost.exe [376:1496] 000007fefb248274 Thread C:\Windows\System32\spoolsv.exe [1112:1864] 000007fef82610c8 Thread C:\Windows\System32\spoolsv.exe [1112:1872] 000007fefabb6144 Thread C:\Windows\System32\spoolsv.exe [1112:1876] 000007fefa3b5fd0 Thread C:\Windows\System32\spoolsv.exe [1112:1880] 000007fefab93438 Thread C:\Windows\System32\spoolsv.exe [1112:1884] 000007fefa3b63ec Thread C:\Windows\System32\spoolsv.exe [1112:1892] 000007fef82f5e5c Thread C:\Windows\System32\spoolsv.exe [1112:1896] 000007fef89e5074 Thread C:\Windows\system32\svchost.exe [1144:1912] 000007fef8ff2888 Thread C:\Windows\system32\svchost.exe [1144:1916] 000007fef8fe2940 Thread C:\Windows\system32\svchost.exe [1144:1588] 000007fef8ff2a40 Thread C:\Program Files\Windows Media Player\wmpnetwk.exe [2080:1460] 000007fef8482a7c Thread C:\Program Files\Windows Media Player\wmpnetwk.exe [2080:2120] 000007fef239d618 Thread C:\Program Files\Windows Media Player\wmpnetwk.exe [2080:2996] 000007fefa145124 ---- Registry - GMER 2.1 ---- Reg HKLM\SYSTEM\CurrentControlSet\services\IDSVia64@ImagePath \??\C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\IPSDefs\20131031.001_34c\IDSvia64.sys Reg HKLM\SYSTEM\CurrentControlSet\services\IDSVia64 ---- Files - GMER 2.1 ---- File C:\Users\-\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00012d 237568 bytes File C:\Users\-\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00012e 901120 bytes ---- EOF - GMER 2.1 ----