GMER 2.1.19357 - http://www.gmer.net Rootkit scan 2016-02-05 19:12:46 Windows 6.1.7600 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-3 ST3320613AS rev.SD22 298,09GB Running: gmer.exe; Driver: C:\Users\Damian\AppData\Local\Temp\awrdrpog.sys ---- User code sections - GMER 2.1 ---- .text C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe[1452] C:\Windows\syswow64\kernel32.dll!SetUnhandledExceptionFilter 000000007532d03c 4 bytes [C2, 04, 00, 00] ---- Threads - GMER 2.1 ---- Thread [440:488] 000007fefd023d44 Thread [440:492] 000007fefd023ae0 Thread [440:504] 000007fefd084be4 Thread [440:508] 000007fefd083ff0 Thread [440:532] 000007fefd084be4 Thread [440:564] 000007fefd0242b0 Thread [440:568] 000007fefd0242b0 Thread [440:836] 000007fefd084be4 Thread [440:2460] 000007fefd084be4 Thread [440:240] 000007fefd0242b0 Thread C:\Windows\System32\svchost.exe [820:3868] 000007fef1936b8c Thread C:\Windows\System32\svchost.exe [820:3872] 000007fef1931d88 Thread C:\Windows\System32\svchost.exe [820:3416] 000007fef8ca5fd0 Thread C:\Windows\System32\svchost.exe [864:964] 000007fef92288f8 Thread C:\Windows\System32\svchost.exe [864:2916] 000007fef8d57750 Thread C:\Windows\system32\svchost.exe [284:1152] 000007fef84c0ea8 Thread C:\Windows\system32\svchost.exe [284:1524] 000007fef84b9db0 Thread C:\Windows\system32\svchost.exe [284:1360] 000007fef84baa10 Thread C:\Windows\system32\svchost.exe [284:1196] 000007fef84c1c94 Thread C:\Windows\system32\svchost.exe [284:3492] 000007fef1f8d3c8 Thread C:\Windows\system32\svchost.exe [284:2464] 000007fef1f8d3c8 Thread C:\Windows\system32\svchost.exe [284:1748] 000007fef1f8d3c8 Thread C:\Windows\system32\svchost.exe [284:3660] 000007fef1f8d3c8 Thread C:\Windows\system32\svchost.exe [804:344] 000007fefaf23260 Thread C:\Windows\system32\svchost.exe [804:464] 000007fefaf23aac Thread C:\Windows\system32\svchost.exe [804:308] 000007fefaf23864 Thread C:\Windows\system32\svchost.exe [804:360] 000007fefaf246d0 Thread C:\Windows\system32\svchost.exe [804:1540] 000007fef930f978 Thread C:\Windows\system32\svchost.exe [804:2440] 000007fef90c5124 Thread C:\Windows\system32\svchost.exe [804:4052] 000007fefaf23980 Thread C:\Windows\system32\svchost.exe [804:3680] 000007fef452fd00 Thread C:\Windows\System32\spoolsv.exe [1164:2100] 000007fef74510c8 Thread C:\Windows\System32\spoolsv.exe [1164:2128] 000007fef73f6144 Thread C:\Windows\System32\spoolsv.exe [1164:2144] 000007fef8ca5fd0 Thread C:\Windows\System32\spoolsv.exe [1164:2172] 000007fef72f3438 Thread C:\Windows\System32\spoolsv.exe [1164:2176] 000007fef8ca63ec Thread C:\Windows\System32\spoolsv.exe [1164:2204] 000007fef7a25e5c Thread C:\Windows\System32\spoolsv.exe [1164:2208] 000007fef7a94828 Thread C:\Windows\system32\svchost.exe [1232:1264] 000007fefca61a70 Thread C:\Windows\system32\svchost.exe [1232:1268] 000007fefca61a70 Thread C:\Windows\system32\svchost.exe [1232:1280] 000007fefca61a70 Thread C:\Windows\system32\svchost.exe [1232:1288] 000007fef9702920 Thread C:\Windows\system32\svchost.exe [1232:1296] 000007fef9715840 Thread C:\Windows\system32\svchost.exe [1232:1304] 000007fef971e680 Thread C:\Windows\system32\svchost.exe [1232:1308] 000007fef9709140 Thread C:\Windows\system32\svchost.exe [1232:1464] 000007fef9683060 Thread C:\Windows\system32\svchost.exe [1232:2016] 000007fef9685570 Thread C:\Windows\system32\svchost.exe [1232:1444] 000007fef7d72940 Thread C:\Windows\system32\svchost.exe [1232:2120] 000007fef73c2888 Thread C:\Windows\system32\svchost.exe [1232:2400] 000007fef73c2a40 Thread C:\Windows\system32\svchost.exe [1496:1660] 000007fef8ca5fd0 Thread C:\Windows\system32\svchost.exe [1496:1668] 000007fef8ca63ec Thread C:\Windows\system32\svchost.exe [1496:2420] 000007fef69f8470 Thread C:\Windows\system32\svchost.exe [1496:2436] 000007fef6a02418 Thread C:\Windows\system32\svchost.exe [1496:1088] 000007fef1bb5b84 Thread C:\Windows\system32\taskhost.exe [1884:1944] 000007fef7972740 Thread C:\Windows\system32\taskhost.exe [1884:1960] 000007fefb101010 Thread C:\Windows\system32\taskhost.exe [1884:924] 000007fef7e71f38 Thread C:\Windows\Explorer.EXE [2064:2384] 000007fef69e2154 Thread C:\Windows\Explorer.EXE [2064:2500] 000007fef1d62118 Thread C:\Windows\Explorer.EXE [2064:728] 000007fefb101010 Thread C:\Windows\System32\svchost.exe [3760:3892] 000007fef14c9688 ---- EOF - GMER 2.1 ----