GMER 2.1.19357 - http://www.gmer.net
Rootkit scan 2015-05-07 22:40:58
Windows 6.2.9200  x64 \Device\Harddisk0\DR0 -> \Device\00000034 ST320LT012-9WS14C rev.0001SDM1 298,09GB
Running: xc1e2hu3.exe; Driver: C:\Users\kati\AppData\Local\Temp\fxloqpod.sys


---- User code sections - GMER 2.1 ----

.text   C:\Windows\system32\FBAgent.exe[1072] C:\Windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 306  000007ff9f74177a 4 bytes [74, 9F, FF, 07]
.text   C:\Windows\system32\FBAgent.exe[1072] C:\Windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 314  000007ff9f741782 4 bytes [74, 9F, FF, 07]
.text   C:\Windows\Explorer.EXE[2564] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 690                    000007ff95211532 4 bytes [21, 95, FF, 07]
.text   C:\Windows\Explorer.EXE[2564] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 698                    000007ff9521153a 4 bytes [21, 95, FF, 07]
.text   C:\Windows\Explorer.EXE[2564] C:\Windows\SYSTEM32\MSIMG32.dll!TransparentBlt + 246                  000007ff9521165a 4 bytes [21, 95, FF, 07]

---- Threads - GMER 2.1 ----

Thread  C:\Windows\system32\csrss.exe [520:544]                                                             fffff960009cc5e8
Thread  C:\Windows\System32\svchost.exe [812:1056]                                                          000007ff99abba00
Thread  C:\Windows\System32\svchost.exe [812:1872]                                                          000007ff91a1d594
Thread  C:\Windows\System32\svchost.exe [812:2912]                                                          000007ff91a14150
Thread  C:\Windows\System32\svchost.exe [288:4820]                                                          000007ff96dc3c88

---- Disk sectors - GMER 2.1 ----

Disk    \Device\Harddisk0\DR0                                                                               unknown MBR code

---- EOF - GMER 2.1 ----