GMER 2.1.19357 - http://www.gmer.net
Rootkit scan 2015-01-08 12:35:25
Windows 6.2.9200  x64 \Device\Harddisk0\DR0 -> \Device\00000021 ST750LM022_HN-M750MBB rev.2AR10002 698,64GB
Running: 9sjbmof7.exe; Driver: C:\Users\Adrian\AppData\Local\Temp\uxtdyfod.sys


---- User IAT/EAT - GMER 2.1 ----

IAT      C:\ProgramData\EpicScale\6\x64\EpicScale64.exe[1736] @ C:\WINDOWS\SYSTEM32\WINSPOOL.DRV[KERNEL32.dll!LoadLibraryA]                                           [7ff7771e2ce0] C:\ProgramData\EpicScale\6\x64\EpicScale64.exe
IAT      C:\ProgramData\EpicScale\6\x64\EpicScale64.exe[1736] @ C:\WINDOWS\SYSTEM32\WINSPOOL.DRV[KERNEL32.dll!LoadLibraryW]                                           [7ff7771e2d70] C:\ProgramData\EpicScale\6\x64\EpicScale64.exe
IAT      C:\ProgramData\EpicScale\6\x64\EpicScale64.exe[1736] @ C:\WINDOWS\system32\ADVAPI32.dll[KERNEL32.dll!GetProcAddress]                                         [7ff7771e2e60] C:\ProgramData\EpicScale\6\x64\EpicScale64.exe
IAT      C:\ProgramData\EpicScale\6\x64\EpicScale64.exe[1736] @ C:\WINDOWS\system32\ADVAPI32.dll[KERNEL32.dll!LoadLibraryA]                                           [7ff7771e2ce0] C:\ProgramData\EpicScale\6\x64\EpicScale64.exe
IAT      C:\ProgramData\EpicScale\6\x64\EpicScale64.exe[1736] @ C:\WINDOWS\system32\ADVAPI32.dll[KERNEL32.dll!LoadLibraryW]                                           [7ff7771e2d70] C:\ProgramData\EpicScale\6\x64\EpicScale64.exe
IAT      C:\ProgramData\EpicScale\6\x64\EpicScale64.exe[1736] @ C:\WINDOWS\system32\ADVAPI32.dll[KERNEL32.dll!LoadLibraryExW]                                         [7ff7771e2e30] C:\ProgramData\EpicScale\6\x64\EpicScale64.exe
IAT      C:\ProgramData\EpicScale\6\x64\EpicScale64.exe[1736] @ C:\WINDOWS\system32\SHLWAPI.dll[KERNEL32.dll!LoadLibraryA]                                            [7ff7771e2ce0] C:\ProgramData\EpicScale\6\x64\EpicScale64.exe
IAT      C:\ProgramData\EpicScale\6\x64\EpicScale64.exe[1736] @ C:\WINDOWS\SYSTEM32\WININET.dll[KERNEL32.dll!GetProcAddress]                                          [7ff7771e2e60] C:\ProgramData\EpicScale\6\x64\EpicScale64.exe
IAT      C:\ProgramData\EpicScale\6\x64\EpicScale64.exe[1736] @ C:\WINDOWS\SYSTEM32\WININET.dll[KERNEL32.dll!LoadLibraryExA]                                          [7ff7771e2e00] C:\ProgramData\EpicScale\6\x64\EpicScale64.exe
IAT      C:\ProgramData\EpicScale\6\x64\EpicScale64.exe[1736] @ C:\WINDOWS\SYSTEM32\WININET.dll[KERNEL32.dll!LoadLibraryA]                                            [7ff7771e2ce0] C:\ProgramData\EpicScale\6\x64\EpicScale64.exe
IAT      C:\ProgramData\EpicScale\6\x64\EpicScale64.exe[1736] @ C:\WINDOWS\SYSTEM32\WININET.dll[KERNEL32.dll!LoadLibraryW]                                            [7ff7771e2d70] C:\ProgramData\EpicScale\6\x64\EpicScale64.exe
IAT      C:\ProgramData\EpicScale\6\x64\EpicScale64.exe[1736] @ C:\WINDOWS\SYSTEM32\WININET.dll[KERNEL32.dll!LoadLibraryExW]                                          [7ff7771e2e30] C:\ProgramData\EpicScale\6\x64\EpicScale64.exe
IAT      C:\ProgramData\EpicScale\6\x64\EpicScale64.exe[1736] @ C:\WINDOWS\SYSTEM32\iertutil.dll[KERNEL32.dll!LoadLibraryExA]                                         [7ff7771e2e00] C:\ProgramData\EpicScale\6\x64\EpicScale64.exe
IAT      C:\ProgramData\EpicScale\6\x64\EpicScale64.exe[1736] @ C:\WINDOWS\SYSTEM32\iertutil.dll[KERNEL32.dll!LoadLibraryA]                                           [7ff7771e2ce0] C:\ProgramData\EpicScale\6\x64\EpicScale64.exe
IAT      C:\ProgramData\EpicScale\6\x64\EpicScale64.exe[1736] @ C:\WINDOWS\SYSTEM32\iertutil.dll[KERNEL32.dll!LoadLibraryExW]                                         [7ff7771e2e30] C:\ProgramData\EpicScale\6\x64\EpicScale64.exe
IAT      C:\ProgramData\EpicScale\6\x64\EpicScale64.exe[1736] @ C:\WINDOWS\SYSTEM32\iertutil.dll[KERNEL32.dll!GetProcAddress]                                         [7ff7771e2e60] C:\ProgramData\EpicScale\6\x64\EpicScale64.exe
IAT      C:\ProgramData\EpicScale\6\x64\EpicScale64.exe[1736] @ C:\WINDOWS\SYSTEM32\iertutil.dll[KERNEL32.dll!LoadLibraryW]                                           [7ff7771e2d70] C:\ProgramData\EpicScale\6\x64\EpicScale64.exe

---- Threads - GMER 2.1 ----

Thread   C:\WINDOWS\system32\csrss.exe [576:600]                                                                                                                      fffff9600095c2d0
---- Processes - GMER 2.1 ----

Process  C:\Users\Adrian\AppData\Local\ConvertAd\CASrv.exe (*** suspicious ***) @ C:\Users\Adrian\AppData\Local\ConvertAd\CASrv.exe [1604](2                          00000000008b0000
Process  C:\Users\Adrian\AppData\Roaming\VOPackage\VOsrv.exe (*** suspicious ***) @ C:\Users\Adrian\AppData\Roaming\VOPackage\VOsrv.exe [1624](2015-01-06 21:06:51)   0000000000ee0000
Library  C:\ProgramData\GG\ggdrive\ggdrive-overlay.dll (*** suspicious ***) @ C:\WINDOWS\Explorer.EXE [1568] (GG drive overlay/GG Network S.A.)(2014-12-19 06:04:53)  000000005c080000
Library  C:\Users\Adrian\AppData\Roaming\GG\ggdrive\ggdrive-menu.dll (*** suspicious ***) @ C:\WINDOWS\Explorer.EXE [1568] (GG drive menu/GG Network S.A.)(2          000000005ff80000

---- Disk sectors - GMER 2.1 ----

Disk     \Device\Harddisk0\DR0                                                                                                                                        unknown MBR code

---- EOF - GMER 2.1 ----