GMER 2.0.18454 - http://www.gmer.net Rootkit scan 2013-05-03 22:46:31 Windows 6.1.7600 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP3T1L0-8 ST3250410AS rev.3.AAC 232,88GB Running: 7ohtgt8p.exe; Driver: C:\Users\GyGens\AppData\Local\Temp\awxdrpob.sys ---- User code sections - GMER 2.0 ---- .text F:\programy\Malwarebytes' Anti-Malware\mbamservice.exe[1512] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 0000000074e41401 2 bytes [E4, 74] .text F:\programy\Malwarebytes' Anti-Malware\mbamservice.exe[1512] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 0000000074e41419 2 bytes [E4, 74] .text F:\programy\Malwarebytes' Anti-Malware\mbamservice.exe[1512] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 0000000074e41431 2 bytes [E4, 74] .text F:\programy\Malwarebytes' Anti-Malware\mbamservice.exe[1512] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 0000000074e4144a 2 bytes [E4, 74] .text ... * 9 .text F:\programy\Malwarebytes' Anti-Malware\mbamservice.exe[1512] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 0000000074e414dd 2 bytes [E4, 74] .text F:\programy\Malwarebytes' Anti-Malware\mbamservice.exe[1512] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 0000000074e414f5 2 bytes [E4, 74] .text F:\programy\Malwarebytes' Anti-Malware\mbamservice.exe[1512] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 0000000074e4150d 2 bytes [E4, 74] .text F:\programy\Malwarebytes' Anti-Malware\mbamservice.exe[1512] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 0000000074e41525 2 bytes [E4, 74] .text F:\programy\Malwarebytes' Anti-Malware\mbamservice.exe[1512] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 0000000074e4153d 2 bytes [E4, 74] .text F:\programy\Malwarebytes' Anti-Malware\mbamservice.exe[1512] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 0000000074e41555 2 bytes [E4, 74] .text F:\programy\Malwarebytes' Anti-Malware\mbamservice.exe[1512] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 0000000074e4156d 2 bytes [E4, 74] .text F:\programy\Malwarebytes' Anti-Malware\mbamservice.exe[1512] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 0000000074e41585 2 bytes [E4, 74] .text F:\programy\Malwarebytes' Anti-Malware\mbamservice.exe[1512] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 0000000074e4159d 2 bytes [E4, 74] .text F:\programy\Malwarebytes' Anti-Malware\mbamservice.exe[1512] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 0000000074e415b5 2 bytes [E4, 74] .text F:\programy\Malwarebytes' Anti-Malware\mbamservice.exe[1512] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 0000000074e415cd 2 bytes [E4, 74] .text F:\programy\Malwarebytes' Anti-Malware\mbamservice.exe[1512] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 0000000074e416b2 2 bytes [E4, 74] .text F:\programy\Malwarebytes' Anti-Malware\mbamservice.exe[1512] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 0000000074e416bd 2 bytes [E4, 74] ---- Devices - GMER 2.0 ---- Device \Driver\atapi \Device\Dev_fffffa8002f12680 fffffa800685f878 ---- EOF - GMER 2.0 ----