GMER 2.1.19357 - http://www.gmer.net Rootkit scan 2015-02-20 23:26:10 Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 Hitachi_ rev.JEDO 596,17GB Running: 7jbycrmj.exe; Driver: C:\Users\Olik\AppData\Local\Temp\kgqyakog.sys ---- User code sections - GMER 2.1 ---- .text C:\Program Files (x86)\Genie Soft\Genie Cleaner\GenieFloater.exe[4008] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 00000000766c1401 2 bytes JMP 7670b21b C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Genie Soft\Genie Cleaner\GenieFloater.exe[4008] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 00000000766c1419 2 bytes JMP 7670b346 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Genie Soft\Genie Cleaner\GenieFloater.exe[4008] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 00000000766c1431 2 bytes JMP 76788ea9 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Genie Soft\Genie Cleaner\GenieFloater.exe[4008] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 00000000766c144a 2 bytes CALL 766e48ad C:\Windows\syswow64\kernel32.dll .text ... * 9 .text C:\Program Files (x86)\Genie Soft\Genie Cleaner\GenieFloater.exe[4008] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 00000000766c14dd 2 bytes JMP 767887a2 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Genie Soft\Genie Cleaner\GenieFloater.exe[4008] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 00000000766c14f5 2 bytes JMP 76788978 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Genie Soft\Genie Cleaner\GenieFloater.exe[4008] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 00000000766c150d 2 bytes JMP 76788698 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Genie Soft\Genie Cleaner\GenieFloater.exe[4008] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 00000000766c1525 2 bytes JMP 76788a62 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Genie Soft\Genie Cleaner\GenieFloater.exe[4008] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 00000000766c153d 2 bytes JMP 766ffca8 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Genie Soft\Genie Cleaner\GenieFloater.exe[4008] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 00000000766c1555 2 bytes JMP 767068ef C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Genie Soft\Genie Cleaner\GenieFloater.exe[4008] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 00000000766c156d 2 bytes JMP 76788f61 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Genie Soft\Genie Cleaner\GenieFloater.exe[4008] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 00000000766c1585 2 bytes JMP 76788ac2 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Genie Soft\Genie Cleaner\GenieFloater.exe[4008] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 00000000766c159d 2 bytes JMP 7678865c C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Genie Soft\Genie Cleaner\GenieFloater.exe[4008] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 00000000766c15b5 2 bytes JMP 766ffd41 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Genie Soft\Genie Cleaner\GenieFloater.exe[4008] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 00000000766c15cd 2 bytes JMP 7670b2dc C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Genie Soft\Genie Cleaner\GenieFloater.exe[4008] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 00000000766c16b2 2 bytes JMP 76788e24 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Genie Soft\Genie Cleaner\GenieFloater.exe[4008] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 00000000766c16bd 2 bytes JMP 767885f1 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Mobogenie3\Mobogenie.exe[1324] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 00000000766c1401 2 bytes JMP 7670b21b C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Mobogenie3\Mobogenie.exe[1324] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 00000000766c1419 2 bytes JMP 7670b346 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Mobogenie3\Mobogenie.exe[1324] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 00000000766c1431 2 bytes JMP 76788ea9 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Mobogenie3\Mobogenie.exe[1324] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 00000000766c144a 2 bytes CALL 766e48ad C:\Windows\syswow64\kernel32.dll .text ... * 9 .text C:\Program Files (x86)\Mobogenie3\Mobogenie.exe[1324] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 00000000766c14dd 2 bytes JMP 767887a2 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Mobogenie3\Mobogenie.exe[1324] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 00000000766c14f5 2 bytes JMP 76788978 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Mobogenie3\Mobogenie.exe[1324] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 00000000766c150d 2 bytes JMP 76788698 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Mobogenie3\Mobogenie.exe[1324] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 00000000766c1525 2 bytes JMP 76788a62 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Mobogenie3\Mobogenie.exe[1324] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 00000000766c153d 2 bytes JMP 766ffca8 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Mobogenie3\Mobogenie.exe[1324] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 00000000766c1555 2 bytes JMP 767068ef C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Mobogenie3\Mobogenie.exe[1324] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 00000000766c156d 2 bytes JMP 76788f61 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Mobogenie3\Mobogenie.exe[1324] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 00000000766c1585 2 bytes JMP 76788ac2 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Mobogenie3\Mobogenie.exe[1324] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 00000000766c159d 2 bytes JMP 7678865c C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Mobogenie3\Mobogenie.exe[1324] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 00000000766c15b5 2 bytes JMP 766ffd41 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Mobogenie3\Mobogenie.exe[1324] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 00000000766c15cd 2 bytes JMP 7670b2dc C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Mobogenie3\Mobogenie.exe[1324] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 00000000766c16b2 2 bytes JMP 76788e24 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Mobogenie3\Mobogenie.exe[1324] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 00000000766c16bd 2 bytes JMP 767885f1 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Mobogenie3\Mobogenie.exe[6396] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 00000000766c1401 2 bytes JMP 7670b21b C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Mobogenie3\Mobogenie.exe[6396] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 00000000766c1419 2 bytes JMP 7670b346 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Mobogenie3\Mobogenie.exe[6396] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 00000000766c1431 2 bytes JMP 76788ea9 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Mobogenie3\Mobogenie.exe[6396] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 00000000766c144a 2 bytes CALL 766e48ad C:\Windows\syswow64\kernel32.dll .text ... * 9 .text C:\Program Files (x86)\Mobogenie3\Mobogenie.exe[6396] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 00000000766c14dd 2 bytes JMP 767887a2 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Mobogenie3\Mobogenie.exe[6396] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 00000000766c14f5 2 bytes JMP 76788978 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Mobogenie3\Mobogenie.exe[6396] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 00000000766c150d 2 bytes JMP 76788698 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Mobogenie3\Mobogenie.exe[6396] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 00000000766c1525 2 bytes JMP 76788a62 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Mobogenie3\Mobogenie.exe[6396] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 00000000766c153d 2 bytes JMP 766ffca8 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Mobogenie3\Mobogenie.exe[6396] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 00000000766c1555 2 bytes JMP 767068ef C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Mobogenie3\Mobogenie.exe[6396] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 00000000766c156d 2 bytes JMP 76788f61 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Mobogenie3\Mobogenie.exe[6396] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 00000000766c1585 2 bytes JMP 76788ac2 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Mobogenie3\Mobogenie.exe[6396] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 00000000766c159d 2 bytes JMP 7678865c C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Mobogenie3\Mobogenie.exe[6396] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 00000000766c15b5 2 bytes JMP 766ffd41 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Mobogenie3\Mobogenie.exe[6396] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 00000000766c15cd 2 bytes JMP 7670b2dc C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Mobogenie3\Mobogenie.exe[6396] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 00000000766c16b2 2 bytes JMP 76788e24 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Mobogenie3\Mobogenie.exe[6396] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 00000000766c16bd 2 bytes JMP 767885f1 C:\Windows\syswow64\kernel32.dll ---- User IAT/EAT - GMER 2.1 ---- IAT C:\Windows\Explorer.EXE[2488] @ C:\Windows\Explorer.EXE[USER32.dll!FillRect] [7feef948dd0] c:\program files (x86)\stardock\fences\DesktopDock64.dll IAT C:\Windows\Explorer.EXE[2488] @ C:\Windows\Explorer.EXE[USER32.dll!DrawTextW] [7feef948c40] c:\program files (x86)\stardock\fences\DesktopDock64.dll IAT C:\Windows\Explorer.EXE[2488] @ C:\Windows\system32\SHELL32.dll[USER32.dll!DrawTextW] [7feef948c40] c:\program files (x86)\stardock\fences\DesktopDock64.dll IAT C:\Windows\Explorer.EXE[2488] @ C:\Windows\system32\SHELL32.dll[USER32.dll!FillRect] [7feef948dd0] c:\program files (x86)\stardock\fences\DesktopDock64.dll IAT C:\Windows\Explorer.EXE[2488] @ C:\Windows\system32\EXPLORERFRAME.dll[USER32.dll!DrawTextExW] [7feef948d00] c:\program files (x86)\stardock\fences\DesktopDock64.dll IAT C:\Windows\Explorer.EXE[2488] @ C:\Windows\system32\EXPLORERFRAME.dll[USER32.dll!FillRect] [7feef948dd0] c:\program files (x86)\stardock\fences\DesktopDock64.dll IAT C:\Windows\Explorer.EXE[2488] @ C:\Windows\system32\EXPLORERFRAME.dll[USER32.dll!DrawTextW] [7feef948c40] c:\program files (x86)\stardock\fences\DesktopDock64.dll IAT C:\Windows\Explorer.EXE[2488] @ C:\Windows\system32\DUser.dll[USER32.dll!DrawTextW] [7feef948c40] c:\program files (x86)\stardock\fences\DesktopDock64.dll IAT C:\Windows\Explorer.EXE[2488] @ C:\Windows\system32\DUser.dll[USER32.dll!FillRect] [7feef948dd0] c:\program files (x86)\stardock\fences\DesktopDock64.dll IAT C:\Windows\Explorer.EXE[2488] @ C:\Windows\system32\DUI70.dll[USER32.dll!FillRect] [7feef948dd0] c:\program files (x86)\stardock\fences\DesktopDock64.dll IAT C:\Windows\Explorer.EXE[2488] @ C:\Windows\system32\DUI70.dll[USER32.dll!DrawTextW] [7feef948c40] c:\program files (x86)\stardock\fences\DesktopDock64.dll IAT C:\Windows\Explorer.EXE[2488] @ C:\Windows\system32\IMM32.dll[USER32.dll!DrawTextExW] [7feef948d00] c:\program files (x86)\stardock\fences\DesktopDock64.dll IAT C:\Windows\Explorer.EXE[2488] @ C:\Windows\system32\MSCTF.dll[USER32.dll!DrawTextExW] [7feef948d00] c:\program files (x86)\stardock\fences\DesktopDock64.dll IAT C:\Windows\Explorer.EXE[2488] @ C:\Windows\system32\MSCTF.dll[USER32.dll!FillRect] [7feef948dd0] c:\program files (x86)\stardock\fences\DesktopDock64.dll IAT C:\Windows\Explorer.EXE[2488] @ C:\Windows\system32\UxTheme.dll[USER32.dll!DrawTextW] [7feef948c40] c:\program files (x86)\stardock\fences\DesktopDock64.dll IAT C:\Windows\Explorer.EXE[2488] @ C:\Windows\system32\UxTheme.dll[USER32.dll!DrawTextExW] [7feef948d00] c:\program files (x86)\stardock\fences\DesktopDock64.dll IAT C:\Windows\Explorer.EXE[2488] @ C:\Windows\system32\UxTheme.dll[USER32.dll!FillRect] [7feef948dd0] c:\program files (x86)\stardock\fences\DesktopDock64.dll IAT C:\Windows\Explorer.EXE[2488] @ C:\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll[USER32.dll!DrawTextW] [7feef948c40] c:\program files (x86)\stardock\fences\DesktopDock64.dll IAT C:\Windows\Explorer.EXE[2488] @ C:\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll[USER32.dll!FillRect] [7feef948dd0] c:\program files (x86)\stardock\fences\DesktopDock64.dll IAT C:\Windows\Explorer.EXE[2488] @ C:\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll[USER32.dll!DrawTextExW] [7feef948d00] c:\program files (x86)\stardock\fences\DesktopDock64.dll IAT C:\Windows\Explorer.EXE[2488] @ C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL[USER32.dll!FillRect] [7feef948dd0] c:\program files (x86)\stardock\fences\DesktopDock64.dll IAT C:\Windows\Explorer.EXE[2488] @ C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL[USER32.dll!DrawTextW] [7feef948c40] c:\program files (x86)\stardock\fences\DesktopDock64.dll IAT C:\Windows\Explorer.EXE[2488] @ C:\Windows\system32\ntshrui.dll[USER32.dll!DrawTextW] [7feef948c40] c:\program files (x86)\stardock\fences\DesktopDock64.dll IAT C:\Windows\Explorer.EXE[2488] @ C:\Windows\system32\ATL.DLL[USER32.dll!FillRect] [7feef948dd0] c:\program files (x86)\stardock\fences\DesktopDock64.dll IAT C:\Windows\Explorer.EXE[2488] @ C:\Windows\System32\shdocvw.dll[USER32.dll!DrawTextExW] [7feef948d00] c:\program files (x86)\stardock\fences\DesktopDock64.dll IAT C:\Windows\Explorer.EXE[2488] @ C:\Windows\system32\msi.dll[USER32.dll!DrawTextW] [7feef948c40] c:\program files (x86)\stardock\fences\DesktopDock64.dll IAT C:\Windows\Explorer.EXE[2488] @ C:\Windows\system32\msutb.dll[USER32.dll!DrawTextExW] [7feef948d00] c:\program files (x86)\stardock\fences\DesktopDock64.dll IAT C:\Windows\Explorer.EXE[2488] @ C:\Windows\system32\msutb.dll[USER32.dll!FillRect] [7feef948dd0] c:\program files (x86)\stardock\fences\DesktopDock64.dll IAT C:\Windows\Explorer.EXE[2488] @ C:\Windows\system32\MsftEdit.dll[USER32.dll!FillRect] [7feef948dd0] c:\program files (x86)\stardock\fences\DesktopDock64.dll IAT C:\Windows\Explorer.EXE[2488] @ C:\Windows\system32\authui.dll[USER32.dll!FillRect] [7feef948dd0] c:\program files (x86)\stardock\fences\DesktopDock64.dll IAT C:\Windows\Explorer.EXE[2488] @ C:\Windows\system32\urlmon.dll[USER32.dll!DrawTextW] [7feef948c40] c:\program files (x86)\stardock\fences\DesktopDock64.dll IAT C:\Windows\Explorer.EXE[2488] @ C:\Windows\system32\dxp.dll[USER32.dll!FillRect] [7feef948dd0] c:\program files (x86)\stardock\fences\DesktopDock64.dll IAT C:\Windows\Explorer.EXE[2488] @ C:\Windows\system32\dxp.dll[USER32.dll!DrawTextW] [7feef948c40] c:\program files (x86)\stardock\fences\DesktopDock64.dll ---- Devices - GMER 2.1 ---- Device \Driver\axynh352 \Device\Scsi\axynh3521 fffffa80073d82c0 Device \Driver\axynh352 \Device\Scsi\axynh3521Port1Path0Target0Lun0 fffffa80073d82c0 Device \FileSystem\Ntfs \Ntfs fffffa800398e2c0 Device \FileSystem\fastfat \Fat fffffa80073f42c0 Device \Driver\NetBT \Device\NetBT_Tcpip_{070F1E39-95BC-4348-BC0D-F7FB92EB38AF} fffffa800741f2c0 Device \Driver\usbehci \Device\USBPDO-1 fffffa80073b22c0 Device \Driver\cdrom \Device\CdRom0 fffffa80072ae2c0 Device \Driver\cdrom \Device\CdRom1 fffffa80072ae2c0 Device \Driver\NetBT \Device\NetBT_Tcpip_{4590982B-B320-4A6D-B33F-9E0B095F98E5} fffffa800741f2c0 Device \Driver\usbehci \Device\USBFDO-0 fffffa80073b22c0 Device \Driver\NetBT \Device\NetBT_Tcpip_{ECC7D08C-1B95-4D21-B8EB-BAFBF4D5A791} fffffa800741f2c0 Device \Driver\usbehci \Device\USBFDO-1 fffffa80073b22c0 Device \Driver\NetBT \Device\NetBT_Tcpip_{D7DB1615-27FE-4CE2-9DAF-B843FA24AD70} fffffa800741f2c0 Device \Driver\NetBT \Device\NetBt_Wins_Export fffffa800741f2c0 Device \Driver\usbehci \Device\USBPDO-0 fffffa80073b22c0 Device \Driver\axynh352 \Device\ScsiPort1 fffffa80073d82c0 Device \Driver\NetBT \Device\NetBT_Tcpip_{34B7F5EB-E0AA-4A6E-88D7-5B6336DA36BB} fffffa800741f2c0 ---- Modules - GMER 2.1 ---- Module \SystemRoot\System32\Drivers\axynh352.SYS fffff8800553f000-fffff88005590000 (331776 bytes) ---- Threads - GMER 2.1 ---- Thread C:\Program Files (x86)\Windows Phone\WindowsPhone.exe [5488:1240] 000000005f1d32fb Thread C:\Program Files (x86)\Windows Phone\WindowsPhone.exe [5488:3124] 00000000567e4f00 Thread C:\Program Files (x86)\Windows Phone\WindowsPhone.exe [5488:3828] 00000000567e4f00 ---- Disk sectors - GMER 2.1 ---- Disk \Device\Harddisk0\DR0 unknown MBR code ---- EOF - GMER 2.1 ----