GMER 2.1.19357 - http://www.gmer.net Rootkit scan 2014-11-09 01:40:41 Windows 6.0.6001 Service Pack 1 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 ST380815AS rev.3.AAC 74,53GB Running: 7ykbu7fi.exe; Driver: C:\Users\BB1\AppData\Local\Temp\pgddrpow.sys ---- User IAT/EAT - GMER 2.1 ---- IAT C:\Windows\Explorer.EXE[1036] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusShutdown] [73E78864] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18551_none_9e7a1850c9c1b3dc\gdiplus.dll IAT C:\Windows\Explorer.EXE[1036] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCloneImage] [73EB9855] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18551_none_9e7a1850c9c1b3dc\gdiplus.dll IAT C:\Windows\Explorer.EXE[1036] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDrawImageRectI] [73E7B984] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18551_none_9e7a1850c9c1b3dc\gdiplus.dll IAT C:\Windows\Explorer.EXE[1036] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetInterpolationMode] [73E6FB47] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18551_none_9e7a1850c9c1b3dc\gdiplus.dll IAT C:\Windows\Explorer.EXE[1036] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusStartup] [73E77A29] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18551_none_9e7a1850c9c1b3dc\gdiplus.dll IAT C:\Windows\Explorer.EXE[1036] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateFromHDC] [73E6EA65] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18551_none_9e7a1850c9c1b3dc\gdiplus.dll IAT C:\Windows\Explorer.EXE[1036] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateBitmapFromStreamICM] [73EAB12D] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18551_none_9e7a1850c9c1b3dc\gdiplus.dll IAT C:\Windows\Explorer.EXE[1036] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateBitmapFromStream] [73E7BC4A] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18551_none_9e7a1850c9c1b3dc\gdiplus.dll IAT C:\Windows\Explorer.EXE[1036] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageHeight] [73E70756] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18551_none_9e7a1850c9c1b3dc\gdiplus.dll IAT C:\Windows\Explorer.EXE[1036] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageWidth] [73E706BD] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18551_none_9e7a1850c9c1b3dc\gdiplus.dll IAT C:\Windows\Explorer.EXE[1036] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDisposeImage] [73E671B3] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18551_none_9e7a1850c9c1b3dc\gdiplus.dll IAT C:\Windows\Explorer.EXE[1036] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipLoadImageFromFileICM] [73EFD9E0] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18551_none_9e7a1850c9c1b3dc\gdiplus.dll IAT C:\Windows\Explorer.EXE[1036] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipLoadImageFromFile] [73E97329] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18551_none_9e7a1850c9c1b3dc\gdiplus.dll IAT C:\Windows\Explorer.EXE[1036] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDeleteGraphics] [73E6E109] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18551_none_9e7a1850c9c1b3dc\gdiplus.dll IAT C:\Windows\Explorer.EXE[1036] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipFree] [73E6697E] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18551_none_9e7a1850c9c1b3dc\gdiplus.dll IAT C:\Windows\Explorer.EXE[1036] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipAlloc] [73E669A9] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18551_none_9e7a1850c9c1b3dc\gdiplus.dll IAT C:\Windows\Explorer.EXE[1036] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetCompositingMode] [73E72475] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18551_none_9e7a1850c9c1b3dc\gdiplus.dll ---- Processes - GMER 2.1 ---- Process (*** hidden *** ) [4] 8664CA90 ---- EOF - GMER 2.1 ----