GMER 2.2.19882 - http://www.gmer.net Rootkit scan 2017-01-07 16:46:50 Windows 6.1.7600 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 ST9320423AS rev.0003LVM1 298,09GB Running: gmer.exe; Driver: C:\Users\Gosia\AppData\Local\Temp\uxlyipog.sys ---- Threads - GMER 2.2 ---- Thread C:\Windows\system32\csrss.exe [488:716] 000007fefd523d44 Thread C:\Windows\system32\csrss.exe [488:720] 000007fefd523ae0 Thread C:\Windows\system32\csrss.exe [488:752] 000007fefd5242b0 Thread C:\Windows\system32\csrss.exe [488:756] 000007fefd5242b0 Thread C:\Windows\system32\csrss.exe [488:1736] 000007fefd5242b0 Thread C:\Windows\System32\svchost.exe [332:516] 000007fefafaf440 Thread C:\Windows\System32\svchost.exe [332:356] 000007fefb8d6204 Thread C:\Windows\System32\svchost.exe [332:612] 000007fefa22c110 Thread C:\Windows\System32\svchost.exe [332:1036] 000007fefa225608 Thread C:\Windows\System32\svchost.exe [332:1040] 000007fefa233294 Thread C:\Windows\System32\svchost.exe [332:1124] 000007fefa0affc0 Thread C:\Windows\System32\svchost.exe [332:1148] 000007fef9a5331c Thread C:\Windows\System32\svchost.exe [332:1212] 000007fef9a131e4 Thread C:\Windows\System32\svchost.exe [332:1316] 000007fef9763f1c Thread C:\Windows\System32\svchost.exe [332:1328] 000007fef94659a0 Thread C:\Windows\System32\svchost.exe [332:2332] 000007fefcf81a70 Thread C:\Windows\System32\svchost.exe [332:2552] 000007fef6e620c0 Thread C:\Windows\System32\svchost.exe [332:2556] 000007fef6e626a8 Thread C:\Windows\System32\svchost.exe [332:2684] 000007fef6e629dc Thread C:\Windows\System32\svchost.exe [332:2696] 000007fef6e629dc Thread C:\Windows\System32\svchost.exe [332:2708] 000007fef6e629dc Thread C:\Windows\System32\svchost.exe [332:3792] 000007fef8097750 Thread C:\Windows\System32\svchost.exe [332:4056] 000007fef86588f8 Thread C:\Windows\system32\svchost.exe [444:1432] 000007fef9066928 Thread C:\Windows\system32\svchost.exe [444:1444] 000007fef8db1a50 Thread C:\Windows\system32\svchost.exe [444:1448] 000007fef8cde7e0 Thread C:\Windows\system32\svchost.exe [444:1820] 000007fefcf81a70 Thread C:\Windows\system32\svchost.exe [444:1232] 000007fef83084d8 Thread C:\Windows\system32\svchost.exe [444:1876] 000007fefcf81a70 Thread C:\Windows\system32\svchost.exe [444:1940] 000007fef7ea23a8 Thread C:\Windows\system32\svchost.exe [444:1240] 000007fef7f00c20 Thread C:\Windows\system32\svchost.exe [444:2052] 000007fef76694a8 Thread C:\Windows\system32\svchost.exe [444:2232] 000007fef7f4aba0 Thread C:\Windows\system32\svchost.exe [444:2256] 000007fef73c506c Thread C:\Windows\system32\svchost.exe [444:2264] 000007fef7461c20 Thread C:\Windows\system32\svchost.exe [444:2268] 000007fef7461c20 Thread C:\Windows\system32\svchost.exe [444:2636] 000007fef9ce4164 Thread C:\Windows\system32\svchost.exe [1044:3316] 000007feec776848 Thread C:\Windows\system32\svchost.exe [1256:1284] 000007fef9883260 Thread C:\Windows\system32\svchost.exe [1256:1304] 000007fef9883aac Thread C:\Windows\system32\svchost.exe [1256:1308] 000007fef9883864 Thread C:\Windows\system32\svchost.exe [1256:1312] 000007fef98846d0 Thread C:\Windows\system32\svchost.exe [1256:1832] 000007fef869f978 Thread C:\Windows\system32\svchost.exe [1256:2004] 000007fef80383d8 Thread C:\Windows\system32\svchost.exe [1256:2008] 000007fef80383d8 Thread C:\Windows\system32\svchost.exe [1256:2012] 000007fef80383d8 Thread C:\Windows\system32\svchost.exe [1256:2016] 000007fef80383d8 Thread C:\Windows\system32\svchost.exe [1256:1660] 000007fef7ad3f0c Thread C:\Windows\system32\svchost.exe [1256:1936] 000007fef7aa22b8 Thread C:\Windows\system32\svchost.exe [1256:1880] 000007fef7aa1a38 Thread C:\Windows\system32\svchost.exe [1256:1956] 000007fef7775388 Thread C:\Windows\system32\svchost.exe [1256:1992] 000007fef7757738 Thread C:\Windows\system32\svchost.exe [1256:1964] 000007fef7711f90 Thread C:\Windows\system32\svchost.exe [1256:2488] 000007fef9883980 Thread C:\Windows\system32\svchost.exe [1256:3280] 000007fef6ebfd00 Thread C:\Windows\system32\WLANExt.exe [1340:1376] 0000000180125770 Thread C:\Windows\system32\WLANExt.exe [1340:1380] 00000001800c4b60 Thread C:\Windows\system32\WLANExt.exe [1340:1388] 0000000180125770 Thread C:\Windows\system32\WLANExt.exe [1340:2156] 000007fef9022f9c Thread C:\Windows\system32\WLANExt.exe [1340:2224] 000007fef8cde7e0 Thread C:\Windows\system32\WLANExt.exe [1340:2312] 0000000001798bf8 Thread C:\Windows\system32\WLANExt.exe [1340:2316] 0000000001798c14 Thread C:\Windows\system32\WLANExt.exe [1340:2320] 0000000001798bdc Thread C:\Windows\system32\WLANExt.exe [1340:2324] 000007fef9022f9c Thread C:\Windows\system32\svchost.exe [1580:1612] 000007fefcf81a70 Thread C:\Windows\system32\svchost.exe [1580:1652] 000007fefcf81a70 Thread C:\Windows\system32\svchost.exe [1580:1668] 000007fefcf81a70 Thread C:\Windows\system32\svchost.exe [1580:1676] 000007fef8a32920 Thread C:\Windows\system32\svchost.exe [1580:1716] 000007fef8a45840 Thread C:\Windows\system32\svchost.exe [1580:1728] 000007fef8a4e680 Thread C:\Windows\system32\svchost.exe [1580:1732] 000007fef8a39140 Thread C:\Windows\system32\svchost.exe [1580:1852] 000007fef8993060 Thread C:\Windows\system32\svchost.exe [1580:2540] 000007fef8995570 Thread C:\Windows\system32\svchost.exe [1580:2612] 000007fef6a82940 Thread C:\Windows\system32\svchost.exe [1580:2128] 000007fef5662888 Thread C:\Windows\system32\svchost.exe [1968:1984] 000007fefdeea808 Thread C:\Windows\system32\svchost.exe [1968:1108] 000007fef8276f00 Thread C:\Windows\system32\svchost.exe [1968:1216] 000007fef826d390 Thread C:\Windows\system32\svchost.exe [1968:2072] 000007fef7555fd0 Thread C:\Windows\system32\svchost.exe [1968:2084] 000007fef7543438 Thread C:\Windows\system32\svchost.exe [1968:2088] 000007fef75563ec Thread C:\Windows\system32\wbem\wmiprvse.exe [2236:2260] 000007fef7461c20 Thread C:\Windows\system32\wbem\wmiprvse.exe [2236:2296] 0000000180006e60 Thread C:\Windows\Explorer.EXE [2932:3648] 000007fefb481ebc Thread C:\Program Files\Microsoft Security Client\msseces.exe [2204:3176] 000007fefbb32a74 Thread C:\Windows\system32\svchost.exe [1884:1372] 000007feeca95b84 Thread C:\Windows\system32\svchost.exe [2472:3972] 000007fefdeea808 Thread C:\Windows\system32\taskhost.exe [648:2360] 000007fef6e7ef24 Thread C:\Windows\system32\taskhost.exe [648:2428] 000007fef8cde7e0 ---- EOF - GMER 2.2 ----