GMER 2.1.19163 - http://www.gmer.net Rootkit scan 2013-07-29 01:04:47 Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\0000006c ATA_____ rev.0001 931,51GB Running: joul93gm.exe; Driver: C:\Users\user\AppData\Local\Temp\awrdrpog.sys ---- Threads - GMER 2.1 ---- Thread C:\Windows\System32\svchost.exe [1056:1232] 000007fefc30f2f4 Thread C:\Windows\System32\svchost.exe [1056:1248] 000007fefb836204 Thread C:\Windows\System32\svchost.exe [1056:1476] 0000000000b95428 Thread C:\Windows\System32\svchost.exe [1056:1480] 000007fefa522070 Thread C:\Windows\System32\svchost.exe [1056:4004] 000007fef7175fd0 Thread C:\Windows\System32\svchost.exe [1056:1564] 000007feff41c608 Thread C:\Windows\System32\svchost.exe [1056:3976] 000007fef2666b8c Thread C:\Windows\System32\svchost.exe [1056:3312] 000007fef2661d88 Thread C:\Windows\System32\svchost.exe [1092:3796] 000007fef9ce20c0 Thread C:\Windows\System32\svchost.exe [1092:3800] 000007fef9ce26a8 Thread C:\Windows\System32\svchost.exe [1092:3832] 000007fef9ce29dc Thread C:\Windows\System32\svchost.exe [1092:3836] 000007fef9ce29dc Thread C:\Windows\System32\svchost.exe [1092:3840] 000007fef9ce29dc Thread C:\Windows\System32\svchost.exe [1092:3848] 000007fef93214a0 Thread C:\Windows\System32\svchost.exe [1092:3536] 000007fef145a2b0 Thread C:\Windows\System32\svchost.exe [1092:4460] 000007fef5f144e0 Thread C:\Windows\System32\svchost.exe [1092:4704] 000007fef09f8a4c Thread C:\Windows\System32\svchost.exe [1092:5116] 000007fef70288f8 Thread C:\Windows\system32\svchost.exe [1132:1184] 000007fefc1b034c Thread C:\Windows\system32\svchost.exe [1132:1188] 000007fefc1afb90 Thread C:\Windows\system32\svchost.exe [1132:3704] 000007fef57e0ea8 Thread C:\Windows\system32\svchost.exe [1132:3708] 000007fef57d9db0 Thread C:\Windows\system32\svchost.exe [1132:3740] 000007fef57daa10 Thread C:\Windows\system32\svchost.exe [1132:3756] 000007fef57e1c94 Thread C:\Windows\system32\svchost.exe [1132:2320] 000007fef112d3c8 Thread C:\Windows\system32\svchost.exe [1132:2820] 000007fef112d3c8 Thread C:\Windows\system32\svchost.exe [1132:2860] 000007fef112d3c8 Thread C:\Windows\system32\svchost.exe [1132:2140] 000007fef112d3c8 Thread C:\Windows\system32\svchost.exe [1156:1824] 000007fefa2d1e00 Thread C:\Windows\system32\svchost.exe [1156:1892] 000007fef9661a50 Thread C:\Windows\system32\svchost.exe [1156:1588] 000007fefd731a70 Thread C:\Windows\system32\svchost.exe [1156:2548] 000007fefd731a70 Thread C:\Windows\system32\svchost.exe [1156:2772] 000007fef50e506c Thread C:\Windows\system32\svchost.exe [1156:2776] 000007fef55f1c20 Thread C:\Windows\system32\svchost.exe [1156:2784] 000007fef55f1c20 Thread C:\Windows\system32\svchost.exe [1156:4976] 000007fefa254164 Thread C:\Windows\system32\svchost.exe [1156:4848] 000007fef5deb68c Thread C:\Windows\system32\svchost.exe [1156:1472] 000007fef5deb68c Thread C:\Windows\system32\svchost.exe [1156:3828] 000007fef5b417f8 Thread C:\Windows\system32\svchost.exe [1156:5028] 000007fef5b417f8 Thread C:\Windows\system32\svchost.exe [1268:1624] 000007fefb158274 Thread C:\Windows\system32\svchost.exe [1268:2104] 000007fefb158274 Thread C:\Windows\system32\svchost.exe [1364:1332] 000007fef839bd88 Thread C:\Windows\system32\svchost.exe [1364:3132] 000007fef2ff5170 Thread C:\Windows\system32\svchost.exe [1364:4400] 000007fef8225124 Thread C:\Windows\system32\WLANExt.exe [1440:1112] 000007fef8c146e4 Thread C:\Windows\system32\WLANExt.exe [1440:1704] 000007fef8c14700 Thread C:\Windows\system32\WLANExt.exe [1440:1928] 000007fef8c146c8 Thread C:\Windows\System32\spoolsv.exe [1916:2284] 000007fef73c10c8 Thread C:\Windows\System32\spoolsv.exe [1916:2288] 000007fef7386144 Thread C:\Windows\System32\spoolsv.exe [1916:2292] 000007fef7175fd0 Thread C:\Windows\System32\spoolsv.exe [1916:2296] 000007fef7163438 Thread C:\Windows\System32\spoolsv.exe [1916:2300] 000007fef71763ec Thread C:\Windows\System32\spoolsv.exe [1916:2308] 000007fef7455e5c Thread C:\Windows\System32\spoolsv.exe [1916:2312] 000007fef7665074 Thread C:\Windows\system32\svchost.exe [2000:1600] 000007fef84f35c0 Thread C:\Windows\system32\svchost.exe [2000:1724] 000007fef84f5600 Thread C:\Windows\system32\svchost.exe [2000:3876] 000007fef92d2940 Thread C:\Windows\system32\svchost.exe [2000:3884] 000007fef92b2888 Thread C:\Windows\system32\taskhost.exe [2108:2136] 000007fef7e21f38 Thread C:\Windows\system32\taskhost.exe [2108:2252] 000007fef7642740 Thread C:\Windows\system32\taskhost.exe [2108:2836] 000007fefaef1010 Thread C:\Windows\Explorer.EXE [2216:3452] 000007fefaef1010 Thread C:\Windows\Explorer.EXE [2216:3556] 000007fef1512118 Thread C:\Windows\Explorer.EXE [2216:3912] 000007fef9b62f9c Thread C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe [2276:3368] 0000000073d291f0 Thread C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe [2276:3380] 00000000719b345e Thread C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe [2276:3372] 0000000071e8a3e0 Thread C:\Windows\system32\svchost.exe [2488:3104] 000007fef7175fd0 Thread C:\Windows\system32\svchost.exe [2488:3824] 000007fef7163438 Thread C:\Windows\system32\svchost.exe [2488:3524] 000007fef71763ec Thread C:\Windows\system32\wbem\wmiprvse.exe [2752:2816] 0000000074aa1dbc Thread C:\Windows\system32\svchost.exe [3804:3944] 000007fef9b62f9c Thread C:\Windows\System32\WUDFHost.exe [3592:3160] 000007fef12b24a0 Thread C:\Windows\system32\svchost.exe [3984:4024] 000007fef7175fd0 Thread C:\Windows\system32\svchost.exe [3984:4028] 000007fef71763ec Thread C:\Windows\system32\svchost.exe [3984:4392] 000007fef0238470 Thread C:\Windows\system32\svchost.exe [3984:4396] 000007fef0242418 Thread C:\Windows\System32\svchost.exe [2864:4628] 000007fef8229874 Thread C:\Windows\system32\AUDIODG.EXE [1316:1856] 00000000746ed440 Thread C:\Windows\system32\AUDIODG.EXE [1316:3480] 00000000746ed69c Thread C:\Windows\system32\AUDIODG.EXE [1316:2612] 00000000746edcb0 Thread C:\Windows\system32\AUDIODG.EXE [1316:944] 000007fefa222d3c Thread C:\Windows\system32\AUDIODG.EXE [1316:292] 000007fefa223078 Thread C:\Windows\system32\AUDIODG.EXE [1316:3472] 0000000074701f88 Thread C:\Windows\system32\AUDIODG.EXE [1316:4884] 00000000747021a0 Thread C:\Windows\system32\AUDIODG.EXE [1316:2748] 00000000747019dc Thread C:\Windows\system32\taskhost.exe [3228:3688] 000007fef7e3ef24 ---- EOF - GMER 2.1 ----