GMER 2.1.19357 - http://www.gmer.net
Rootkit scan 2014-04-09 11:09:06
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 TOSHIBA_ rev.GJ00 298,09GB
Running: 25ep93bo.exe; Driver: C:\Users\Jagna\AppData\Local\Temp\fwddykod.sys


---- Disk sectors - GMER 2.1 ----

Disk    \Device\Harddisk0\DR0                                                     unknown MBR code

---- Threads - GMER 2.1 ----

Thread  C:\windows\System32\svchost.exe [380:4508]                                000007fef7d944e0
Thread  C:\windows\System32\svchost.exe [380:5112]                                000007fef4568a4c
Thread  C:\windows\System32\svchost.exe [380:3656]                                000007fef80588f8
Thread  C:\windows\system32\svchost.exe [1128:2056]                               000007fef7c983d8
Thread  C:\windows\system32\svchost.exe [1128:2060]                               000007fef7c983d8
Thread  C:\windows\system32\svchost.exe [1128:2064]                               000007fef7c983d8
Thread  C:\windows\system32\svchost.exe [1128:2068]                               000007fef7c983d8
Thread  C:\windows\system32\svchost.exe [1128:2556]                               000007fef6013f1c
Thread  C:\windows\system32\svchost.exe [1128:2564]                               000007fef5fe1a38
Thread  C:\windows\system32\svchost.exe [1128:2580]                               000007fef5e65388
Thread  C:\windows\system32\svchost.exe [1128:2584]                               000007fef5e47738
Thread  C:\windows\system32\svchost.exe [1128:2700]                               000007fef5e31f90
Thread  C:\windows\system32\svchost.exe [1128:3400]                               000007fef8865170
Thread  C:\windows\system32\svchost.exe [1236:1760]                               000007fef86935c0
Thread  C:\windows\system32\svchost.exe [1236:1832]                               000007fef8695600
Thread  C:\windows\system32\svchost.exe [1236:568]                                000007fef6072888
Thread  C:\windows\system32\svchost.exe [1236:2412]                               000007fef6062940
Thread  C:\windows\System32\spoolsv.exe [1476:4916]                               000007fef43210c8
Thread  C:\windows\System32\spoolsv.exe [1476:4912]                               000007feed3a6144
Thread  C:\windows\System32\spoolsv.exe [1476:4920]                               000007feefdd5fd0
Thread  C:\windows\System32\spoolsv.exe [1476:4984]                               000007feed383438
Thread  C:\windows\System32\spoolsv.exe [1476:4992]                               000007feefdd63ec
Thread  C:\windows\System32\spoolsv.exe [1476:1176]                               000007fef81c5e5c
Thread  C:\windows\System32\spoolsv.exe [1476:1052]                               000007feed405074
Thread  C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [3548:3924]  0000000071bbcf23
Thread  C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [3548:3928]  0000000071bbcf23
Thread  C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [3548:3932]  0000000071bbcf23
Thread  C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [3548:3936]  0000000071bbcf23
Thread  C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [3548:3940]  0000000071bbe697
Thread  C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [3548:3944]  0000000071bbcf23
Thread  C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [3548:3948]  0000000071bbcf23
Thread  C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [3548:3952]  0000000071bbcf23
Thread  C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [3548:3956]  0000000071bbcf23
Thread  C:\windows\System32\svchost.exe [4184:4612]                               000007fef8865170
Thread  C:\windows\System32\svchost.exe [4184:672]                                000007fefa379874

---- EOF - GMER 2.1 ----