GMER 2.1.19163 - http://www.gmer.net Rootkit scan 2013-10-31 15:22:27 Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 SanDisk_SDSSDP128G rev.2.0.0 119,24GB Running: c5rdh7yi.exe; Driver: C:\Users\abc\AppData\Local\Temp\uxriapow.sys ---- User code sections - GMER 2.1 ---- .text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe[1256] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000076961465 2 bytes [96, 76] .text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe[1256] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000769614bb 2 bytes [96, 76] .text ... * 2 .text C:\Windows\SysWOW64\PnkBstrA.exe[2112] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 322 0000000072391a22 2 bytes [39, 72] .text C:\Windows\SysWOW64\PnkBstrA.exe[2112] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 496 0000000072391ad0 2 bytes [39, 72] .text C:\Windows\SysWOW64\PnkBstrA.exe[2112] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 552 0000000072391b08 2 bytes [39, 72] .text C:\Windows\SysWOW64\PnkBstrA.exe[2112] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 730 0000000072391bba 2 bytes [39, 72] .text C:\Windows\SysWOW64\PnkBstrA.exe[2112] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 762 0000000072391bda 2 bytes [39, 72] .text C:\Windows\SysWOW64\PnkBstrA.exe[2112] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000076961465 2 bytes [96, 76] .text C:\Windows\SysWOW64\PnkBstrA.exe[2112] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000769614bb 2 bytes [96, 76] .text ... * 2 .text C:\Program Files\SteelSeries\SteelSeries Engine\SteelSeriesEngine.exe[2864] C:\Windows\SYSTEM32\ntdll.dll!DbgBreakPoint 0000000076e00590 3 bytes [8B, 40, 30] ---- EOF - GMER 2.1 ----