GMER 2.2.19882 - http://www.gmer.net Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP3T0L0-6 WDC_WD5000AADS-00S9B0 rev.01.00A01 465,76GB Running: fusvd0mu.exe; Driver: C:\Users\Artur\AppData\Local\Temp\awddakod.sys ---- User IAT/EAT - GMER 2.2 ---- IAT C:\Windows\Explorer.EXE[1140] @ C:\Windows\system32\FunDisc.dll[msvcrt.dll!??3@YAXPEAX@Z] [f18b48d88b4920ec] IAT C:\Windows\Explorer.EXE[1140] @ C:\Windows\system32\FunDisc.dll[msvcrt.dll!_wcsicmp] [75ffff0000c1f748] IAT C:\Windows\Explorer.EXE[1140] @ C:\Windows\system32\FunDisc.dll[msvcrt.dll!??2@YAPEAX_K@Z] [3b0beb10408b4128] IAT C:\Windows\Explorer.EXE[1140] @ C:\Windows\system32\FunDisc.dll[msvcrt.dll!realloc] [834828438b1974c1] IAT C:\Windows\Explorer.EXE[1140] @ C:\Windows\system32\FunDisc.dll[msvcrt.dll!??_U@YAPEAX_K@Z] [33f075fff88318c3] IAT C:\Windows\Explorer.EXE[1140] @ C:\Windows\system32\FunDisc.dll[msvcrt.dll!_vsnwprintf] [834830245c8b48c0] IAT C:\Windows\Explorer.EXE[1140] @ C:\Windows\system32\FunDisc.dll[msvcrt.dll!??_V@YAXPEAX@Z] [ebc38b48c35e20c4] IAT C:\Windows\Explorer.EXE[1140] @ C:\Windows\system32\FunDisc.dll[msvcrt.dll!free] [7883412574d285f0] IAT C:\Windows\Explorer.EXE[1140] @ C:\Windows\system32\FunDisc.dll[msvcrt.dll!wcschr] [48138b48e374ff10] IAT C:\Windows\Explorer.EXE[1140] @ C:\Windows\system32\FunDisc.dll[msvcrt.dll!wcsncmp] [e8ce8b480c74d285] IAT C:\Windows\Explorer.EXE[1140] @ C:\Windows\system32\FunDisc.dll[msvcrt.dll!wcsstr] [dc74c085ffffe266] IAT C:\Windows\Explorer.EXE[1140] @ C:\Windows\system32\FunDisc.dll[msvcrt.dll!_wtoi] [ff107b8318c38348] IAT C:\Windows\Explorer.EXE[1140] @ C:\Windows\system32\FunDisc.dll[msvcrt.dll!wcsrchr] [74ff10788341e0eb] IAT C:\Windows\Explorer.EXE[1140] @ C:\Windows\system32\FunDisc.dll[msvcrt.dll!_XcptFilter] [d2854808538b48be] IAT C:\Windows\Explorer.EXE[1140] @ C:\Windows\system32\FunDisc.dll[msvcrt.dll!malloc] [e294e8ce8b480c74] IAT C:\Windows\Explorer.EXE[1140] @ C:\Windows\system32\FunDisc.dll[msvcrt.dll!memcpy] [8348b674c085ffff] IAT C:\Windows\Explorer.EXE[1140] @ C:\Windows\system32\FunDisc.dll[msvcrt.dll!_onexit] [dfebff107b8318c3] IAT C:\Windows\Explorer.EXE[1140] @ C:\Windows\system32\FunDisc.dll[msvcrt.dll!_lock] [cccccccccccccccc] IAT C:\Windows\Explorer.EXE[1140] @ C:\Windows\system32\FunDisc.dll[msvcrt.dll!__dllonexit] [83485708245c8948] IAT C:\Windows\Explorer.EXE[1140] @ C:\Windows\system32\FunDisc.dll[msvcrt.dll!_unlock] [83f98b49da8b20ec] IAT C:\Windows\Explorer.EXE[1140] @ C:\Windows\system32\FunDisc.dll[msvcrt.dll!_amsg_exit] [c085482b74db85ff] IAT C:\Windows\Explorer.EXE[1140] @ C:\Windows\system32\FunDisc.dll[msvcrt.dll!memmove] [c0854d008b4c0f74] IAT C:\Windows\Explorer.EXE[1140] @ C:\Windows\system32\FunDisc.dll[msvcrt.dll!_initterm] [eb00000001bb0774] IAT C:\Windows\Explorer.EXE[1140] @ C:\Windows\system32\FunDisc.dll[msvcrt.dll!memset] [aeda058d4cdb3309] IAT C:\Windows\Explorer.EXE[1140] @ C:\Windows\system32\FunDisc.dll[ntdll.dll!RtlCaptureContext] [ff4807880b74c084] IAT C:\Windows\Explorer.EXE[1140] @ C:\Windows\system32\FunDisc.dll[ntdll.dll!RtlLookupFunctionEntry] [48e57501e98348c7] IAT C:\Windows\Explorer.EXE[1140] @ C:\Windows\system32\FunDisc.dll[ntdll.dll!RtlVirtualUnwind] [c6cfff480375c985] IAT C:\Windows\Explorer.EXE[1140] @ C:\Windows\system32\FunDisc.dll[ntdll.dll!WinSqmAddToStreamEx] [245c8b48dbf70007] IAT C:\Windows\Explorer.EXE[1140] @ C:\Windows\system32\FunDisc.dll[ntdll.dll!NtQueryInformationProcess] [400525d0f7c01b30] IAT C:\Windows\Explorer.EXE[1140] @ C:\Windows\system32\FunDisc.dll[ntdll.dll!RtlCaptureStackBackTrace] [c35f20c483488000] IAT C:\Windows\Explorer.EXE[1140] @ C:\Windows\system32\FunDisc.dll[ntdll.dll!WinSqmIsOptedIn] [cccccccccccccccc] IAT C:\Windows\Explorer.EXE[1140] @ C:\Windows\system32\FunDisc.dll[ntdll.dll!EtwUnregisterTraceGuids] [4808588948c48b48] IAT C:\Windows\Explorer.EXE[1140] @ C:\Windows\system32\FunDisc.dll[ntdll.dll!EtwRegisterTraceGuidsW] [4818708948106889] IAT C:\Windows\Explorer.EXE[1140] @ C:\Windows\system32\FunDisc.dll[ntdll.dll!EtwGetTraceEnableFlags] [ec83485441207889] IAT C:\Windows\Explorer.EXE[1140] @ C:\Windows\system32\FunDisc.dll[ntdll.dll!EtwGetTraceEnableLevel] [8b4870247c8b4840] IAT C:\Windows\Explorer.EXE[1140] @ C:\Windows\system32\FunDisc.dll[ntdll.dll!EtwGetTraceLoggerHandle] [8348e98b49782474] IAT C:\Windows\Explorer.EXE[1140] @ C:\Windows\system32\FunDisc.dll[ntdll.dll!NtQueryInformationToken] [e08b4df903490026] IAT C:\Windows\Explorer.EXE[1140] @ C:\Windows\system32\FunDisc.dll[ntdll.dll!EtwTraceMessage] [41d28b44ffc88349] IAT C:\Windows\Explorer.EXE[1140] @ C:\Windows\system32\FunDisc.dll[ADVAPI32.dll!RegEnumKeyExW] [8b4906ebdb330472] IAT C:\Windows\Explorer.EXE[1140] @ C:\Windows\system32\FunDisc.dll[ADVAPI32.dll!RegNotifyChangeKeyValue] [5878db85d98b41f8] IAT C:\Windows\Explorer.EXE[1140] @ C:\Windows\system32\FunDisc.dll[ADVAPI32.dll!RegDeleteValueW] [2b800268348] IAT C:\Windows\Explorer.EXE[1140] @ C:\Windows\system32\FunDisc.dll[ADVAPI32.dll!RegSetValueExW] [75d28548e7f74800] IAT C:\Windows\Explorer.EXE[1140] @ C:\Windows\system32\FunDisc.dll[ADVAPI32.dll!RegQueryInfoKeyW] [c08b4906ebdb3304] IAT C:\Windows\Explorer.EXE[1140] @ C:\Windows\system32\FunDisc.dll[ADVAPI32.dll!RegCreateKeyExW] [4c3978db85d98b41] IAT C:\Windows\Explorer.EXE[1140] @ C:\Windows\system32\FunDisc.dll[ADVAPI32.dll!RegDeleteKeyExW] [d28b41c08b4cce8b] IAT C:\Windows\Explorer.EXE[1140] @ C:\Windows\system32\FunDisc.dll[ADVAPI32.dll!OpenProcessToken] [8348000003003024] IAT C:\Windows\Explorer.EXE[1140] @ C:\Windows\system32\FunDisc.dll[ADVAPI32.dll!RegCloseKey] [c48b4dcd8b4c0020] IAT C:\Windows\Explorer.EXE[1140] @ C:\Windows\system32\FunDisc.dll[ADVAPI32.dll!RegEnumKeyW] [ffff0434e8d78b48] IAT C:\Windows\Explorer.EXE[1140] @ C:\Windows\system32\FunDisc.dll[ADVAPI32.dll!RegQueryValueExW] [748b4858246c8b48] IAT C:\Windows\Explorer.EXE[1140] @ C:\Windows\system32\FunDisc.dll[ADVAPI32.dll!RegEnumValueW] [8b68247c8b486024] IAT C:\Windows\Explorer.EXE[1140] @ C:\Windows\system32\FunDisc.dll[ADVAPI32.dll!RegOpenKeyExW] [834850245c8b48c3] IAT C:\Windows\Explorer.EXE[1140] @ C:\Windows\system32\FunDisc.dll[USER32.dll!LoadStringW] [b2d0418dcccccccc] IAT C:\Windows\Explorer.EXE[1140] @ C:\Windows\system32\FunDisc.dll[KERNEL32.dll!lstrlenA] [669f418d37eb04c1] IAT C:\Windows\Explorer.EXE[1140] @ C:\Windows\system32\FunDisc.dll[KERNEL32.dll!lstrlenW] [47e980057719f883] IAT C:\Windows\Explorer.EXE[1140] @ C:\Windows\system32\FunDisc.dll[KERNEL32.dll!GetSystemTimeAsFileTime] [f88366bf418d29eb] IAT C:\Windows\Explorer.EXE[1140] @ C:\Windows\system32\FunDisc.dll[KERNEL32.dll!Sleep] [1beb41e980057719] IAT C:\Windows\Explorer.EXE[1140] @ C:\Windows\system32\FunDisc.dll[KERNEL32.dll!WaitForMultipleObjectsEx] [3eb104752bf98366] IAT C:\Windows\Explorer.EXE[1140] @ C:\Windows\system32\FunDisc.dll[KERNEL32.dll!ExpandEnvironmentStringsW] [f98366c2b60f11eb] IAT C:\Windows\Explorer.EXE[1140] @ C:\Windows\system32\FunDisc.dll[KERNEL32.dll!CompareFileTime] [ccccc3c18ac88ac2] IAT C:\Windows\Explorer.EXE[1140] @ C:\Windows\system32\FunDisc.dll[KERNEL32.dll!GetUserDefaultLCID] [28ec8348cccccccc] IAT C:\Windows\Explorer.EXE[1140] @ C:\Windows\system32\FunDisc.dll[KERNEL32.dll!SetUnhandledExceptionFilter] [1f9831d7401e983] IAT C:\Windows\Explorer.EXE[1140] @ C:\Windows\system32\FunDisc.dll[KERNEL32.dll!UnhandledExceptionFilter] [c9331cebc0320474] IAT C:\Windows\Explorer.EXE[1140] @ C:\Windows\system32\FunDisc.dll[KERNEL32.dll!TerminateProcess] [e08320e883c2b70f] IAT C:\Windows\Explorer.EXE[1140] @ C:\Windows\system32\FunDisc.dll[KERNEL32.dll!GetCurrentProcessId] [c1440f60fa83663f] IAT C:\Windows\Explorer.EXE[1140] @ C:\Windows\system32\FunDisc.dll[KERNEL32.dll!GetCurrentThreadId] [ff82e8cab70f08eb] IAT C:\Windows\Explorer.EXE[1140] @ C:\Windows\system32\FunDisc.dll[KERNEL32.dll!GetTickCount] [ccc328c48348ffff] IAT C:\Windows\Explorer.EXE[1140] @ C:\Windows\system32\FunDisc.dll[KERNEL32.dll!QueryPerformanceCounter] [cccccccccccccccc] IAT C:\Windows\Explorer.EXE[1140] @ C:\Windows\system32\FunDisc.dll[KERNEL32.dll!DelayLoadFailureHook] [57565508245c8948] IAT C:\Windows\Explorer.EXE[1140] @ C:\Windows\system32\FunDisc.dll[KERNEL32.dll!LoadLibraryExA] [10ec814855415441] IAT C:\Windows\Explorer.EXE[1140] @ C:\Windows\system32\FunDisc.dll[KERNEL32.dll!GetProcAddress] [4e3e058b48000002] IAT C:\Windows\Explorer.EXE[1140] @ C:\Windows\system32\FunDisc.dll[KERNEL32.dll!FreeLibraryAndExitThread] [ed33450000020024] IAT C:\Windows\Explorer.EXE[1140] @ C:\Windows\system32\FunDisc.dll[KERNEL32.dll!FreeLibrary] [8b48f08b49e18b44] IAT C:\Windows\Explorer.EXE[1140] @ C:\Windows\system32\FunDisc.dll[KERNEL32.dll!CreateThread] [b84121244c8d48ea] IAT C:\Windows\Explorer.EXE[1140] @ C:\Windows\system32\FunDisc.dll[KERNEL32.dll!LoadLibraryW] [8b41d233000001df] IAT C:\Windows\Explorer.EXE[1140] @ C:\Windows\system32\FunDisc.dll[KERNEL32.dll!GetModuleFileNameW] [de820246c8844dd] IAT C:\Windows\Explorer.EXE[1140] @ C:\Windows\system32\FunDisc.dll[KERNEL32.dll!DuplicateHandle] [8b45fd8b4100000c] IAT C:\Windows\Explorer.EXE[1140] @ C:\Windows\system32\FunDisc.dll[KERNEL32.dll!CreateEventW] [55b70fc58b4dd5] IAT C:\Windows\Explorer.EXE[1140] @ C:\Windows\system32\FunDisc.dll[KERNEL32.dll!WaitForSingleObject] [84840fd53b4166] IAT C:\Windows\Explorer.EXE[1140] @ C:\Windows\system32\FunDisc.dll[KERNEL32.dll!SetEvent] [842e0d2cf8b0474] IAT C:\Windows\Explorer.EXE[1140] @ C:\Windows\system32\FunDisc.dll[KERNEL32.dll!ResetEvent] [ff8306c783200444] IAT C:\Windows\Explorer.EXE[1140] @ C:\Windows\system32\FunDisc.dll[KERNEL32.dll!DisableThreadLibraryCalls] [81493b7508ef83c0] IAT C:\Windows\Explorer.EXE[1140] @ C:\Windows\system32\FunDisc.dll[KERNEL32.dll!CloseHandle] [484275000001e0f8] IAT C:\Windows\Explorer.EXE[1140] @ C:\Windows\system32\FunDisc.dll[KERNEL32.dll!GetCurrentProcess] [452024548d48068b] IAT C:\Windows\Explorer.EXE[1140] @ C:\Windows\system32\FunDisc.dll[KERNEL32.dll!InitializeCriticalSectionAndSpinCount] [2050ffce8b48c933] IAT C:\Windows\Explorer.EXE[1140] @ C:\Windows\system32\FunDisc.dll[KERNEL32.dll!GetLastError] [b97e8000001e0] ---- EOF - GMER 2.2 ----