GMER 2.1.19357 - http://www.gmer.net Rootkit scan 2014-08-25 04:52:17 Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 ST320LT0 rev.0005 298,09GB Running: edu3p323.exe; Driver: C:\Users\Marysia\AppData\Local\Temp\kxliykob.sys ---- Kernel code sections - GMER 2.1 ---- INITKDBG C:\windows\system32\ntoskrnl.exe!ExDeleteNPagedLookasideList + 528 fffff800033fb000 45 bytes [00, 00, 33, 00, 46, 69, 6C, ...] INITKDBG C:\windows\system32\ntoskrnl.exe!ExDeleteNPagedLookasideList + 574 fffff800033fb02e 17 bytes [44, 00, 00, 00, 00, 00, 00, ...] ---- User code sections - GMER 2.1 ---- .text C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe[3352] C:\windows\syswow64\psapi.dll!GetModuleInformation + 69 00000000760f1465 2 bytes [0F, 76] .text C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe[3352] C:\windows\syswow64\psapi.dll!GetModuleInformation + 155 00000000760f14bb 2 bytes [0F, 76] .text ... * 2 ---- Devices - GMER 2.1 ---- Device \FileSystem\Ntfs \Ntfs fffffa8003ca72c0 Device \FileSystem\fastfat \Fat fffffa80084332c0 Device \Driver\usbehci \Device\USBPDO-1 fffffa80073682c0 Device \Driver\NetBT \Device\NetBT_Tcpip_{03438256-B566-443E-AB4F-80A75FAAEFED} fffffa8004fb12c0 Device \Driver\cdrom \Device\CdRom0 fffffa8004faf2c0 Device \Driver\usbehci \Device\USBFDO-0 fffffa80073682c0 Device \Driver\usbehci \Device\USBFDO-1 fffffa80073682c0 Device \Driver\NetBT \Device\NetBT_Tcpip_{8D164F34-9646-4746-8E7E-048C8B1FD4EC} fffffa8004fb12c0 Device \Driver\NetBT \Device\NetBt_Wins_Export fffffa8004fb12c0 Device \Driver\usbehci \Device\USBPDO-0 fffffa80073682c0 Device \Driver\NetBT \Device\NetBT_Tcpip_{D750871D-0CB5-46CB-922B-A07C010A9F9A} fffffa8004fb12c0 Device \Driver\NetBT \Device\NetBT_Tcpip_{884CBE22-5D41-432B-B55A-DB44EA891613} fffffa8004fb12c0 ---- EOF - GMER 2.1 ----