GMER 2.1.19357 - http://www.gmer.net Rootkit scan 2015-01-22 18:37:15 Windows 6.2.9200 x64 \Device\Harddisk0\DR0 -> \Device\00000020 ST500LT012-9WS142 rev.0001YAM1 465,76GB Running: gmer.exe; Driver: C:\Users\krutki\AppData\Local\Temp\pxldrpod.sys ---- Kernel code sections - GMER 2.1 ---- .text C:\WINDOWS\System32\win32k.sys!W32pServiceTable fffff96000102200 15 bytes [00, 28, F6, 01, 80, 1C, 6C, ...] .text C:\WINDOWS\System32\win32k.sys!W32pServiceTable + 16 fffff96000102210 11 bytes [00, 0E, FC, FF, 00, 05, C4, ...] ---- User code sections - GMER 2.1 ---- .text C:\WINDOWS\Explorer.EXE[1344] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 506 00007ffc556e169a 4 bytes [6E, 55, FC, 7F] .text C:\WINDOWS\Explorer.EXE[1344] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 514 00007ffc556e16a2 4 bytes [6E, 55, FC, 7F] .text C:\WINDOWS\Explorer.EXE[1344] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 118 00007ffc556e181a 4 bytes [6E, 55, FC, 7F] .text C:\WINDOWS\Explorer.EXE[1344] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 142 00007ffc556e1832 4 bytes [6E, 55, FC, 7F] .text C:\Windows\System32\igfxpers.exe[3340] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 506 00007ffc556e169a 4 bytes [6E, 55, FC, 7F] .text C:\Windows\System32\igfxpers.exe[3340] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 514 00007ffc556e16a2 4 bytes [6E, 55, FC, 7F] .text C:\Windows\System32\igfxpers.exe[3340] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 118 00007ffc556e181a 4 bytes [6E, 55, FC, 7F] .text C:\Windows\System32\igfxpers.exe[3340] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 142 00007ffc556e1832 4 bytes [6E, 55, FC, 7F] ? C:\Windows\SYSTEM32\BsHelpCSps.dll [3564] entry point in ".data" section 0000000002f45055 ? C:\Windows\SYSTEM32\BlueSoleilCSps.dll [3772] entry point in ".rdata" section 0000000010004085 ? C:\Windows\SYSTEM32\BsHelpCSps.dll [3772] entry point in ".data" section 0000000002065055 ---- Threads - GMER 2.1 ---- Thread C:\WINDOWS\system32\csrss.exe [612:636] fffff9600090bb90 ---- EOF - GMER 2.1 ----