GMER 2.1.19155 - http://www.gmer.net Rootkit scan 2013-04-01 19:55:00 Windows 6.1.7600 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 TOSHIBA_ rev.FG00 232,89GB Running: y1c8jby5.exe; Driver: C:\Users\Gienia\AppData\Local\Temp\fxrcyaog.sys ---- Threads - GMER 2.1 ---- Thread C:\WINDOWS\SYSTEM32\SVCHOST.EXE [872:3260] 000007fef4246b8c Thread C:\WINDOWS\SYSTEM32\SVCHOST.EXE [872:2956] 000007fef4241d88 Thread C:\WINDOWS\SYSTEM32\SVCHOST.EXE [924:2324] 000007fef75b88f8 Thread C:\WINDOWS\SYSTEM32\SVCHOST.EXE [924:4840] 000007fef0e97750 Thread C:\WINDOWS\SYSTEM32\SVCHOST.EXE [804:2308] 000007fef853f978 Thread C:\WINDOWS\SYSTEM32\SVCHOST.EXE [804:2884] 000007fefb2283e8 Thread C:\WINDOWS\SYSTEM32\SVCHOST.EXE [804:2888] 000007fefb2283e8 Thread C:\WINDOWS\SYSTEM32\SVCHOST.EXE [804:3528] 000007fef6d23f0c Thread C:\WINDOWS\SYSTEM32\SVCHOST.EXE [804:3532] 000007fef6cf1a38 Thread C:\WINDOWS\SYSTEM32\SVCHOST.EXE [804:3540] 000007fef6cc5388 Thread C:\WINDOWS\SYSTEM32\SVCHOST.EXE [804:3560] 000007fef6cd7738 Thread C:\WINDOWS\SYSTEM32\SVCHOST.EXE [804:3580] 000007fef6cb1f90 Thread C:\WINDOWS\SYSTEM32\SVCHOST.EXE [804:5024] 000007fef61efdf0 Thread C:\WINDOWS\SYSTEM32\SVCHOST.EXE [804:3440] 000007fef7555124 Thread C:\Windows\System32\spoolsv.exe [1156:1664] 000007fef95510c8 Thread C:\Windows\System32\spoolsv.exe [1156:1884] 000007fef92d6144 Thread C:\Windows\System32\spoolsv.exe [1156:1888] 000007fef90c5fd0 Thread C:\Windows\System32\spoolsv.exe [1156:1892] 000007fef8ee3438 Thread C:\Windows\System32\spoolsv.exe [1156:1904] 000007fef90c63ec Thread C:\Windows\System32\spoolsv.exe [1156:1932] 000007fef9a85e5c Thread C:\Windows\System32\spoolsv.exe [1156:1936] 000007fef9e9484c Thread C:\Windows\System32\spoolsv.exe [1156:1996] 000000006847ff60 Thread C:\Windows\System32\spoolsv.exe [1156:2032] 000000006847bb70 Thread C:\Windows\System32\spoolsv.exe [1156:2036] 000000006847bb70 Thread C:\Windows\System32\spoolsv.exe [1156:2040] 0000000068479f90 Thread C:\Windows\System32\spoolsv.exe [1156:1364] 000007fef9768760 Thread C:\WINDOWS\SYSTEM32\TASKHOST.EXE [1476:1504] 000007fef9b61f38 Thread C:\WINDOWS\SYSTEM32\TASKHOST.EXE [1476:1516] 000007fef9a52740 Thread C:\WINDOWS\SYSTEM32\TASKHOST.EXE [1476:1580] 000007fef9791010 ---- EOF - GMER 2.1 ----