GMER 2.1.19357 - http://www.gmer.net
Rootkit scan 2015-04-15 08:54:44
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP0T1L0-4 FUJITSU_MHV2100BH_PL rev.892C 93,16GB
Running: 7jnbyegd.exe; Driver: C:\Users\1\AppData\Local\Temp\axloquog.sys


---- Kernel code sections - GMER 2.1 ----

INITKDBG  C:\Windows\system32\ntoskrnl.exe!ExDeleteNPagedLookasideList + 544                                                 fffff80002dfd000 45 bytes [00, 00, 00, 00, 00, 00, 00, ...]
INITKDBG  C:\Windows\system32\ntoskrnl.exe!ExDeleteNPagedLookasideList + 591                                                 fffff80002dfd02f 16 bytes [00, 00, 00, 00, 00, 00, 00, ...]

---- User code sections - GMER 2.1 ----

.text     E:\Gry\Steam\Steam.exe[3228] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 69                               00000000762c1465 2 bytes [2C, 76]
.text     E:\Gry\Steam\Steam.exe[3228] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 155                              00000000762c14bb 2 bytes [2C, 76]
.text     ...                                                                                                                * 2
.text     E:\Gry\Steam\bin\steamwebhelper.exe[3332] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69                  00000000762c1465 2 bytes [2C, 76]
.text     E:\Gry\Steam\bin\steamwebhelper.exe[3332] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155                 00000000762c14bb 2 bytes [2C, 76]
.text     ...                                                                                                                * 2
.text     E:\Gry\Steam\bin\steamwebhelper.exe[4976] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69                  00000000762c1465 2 bytes [2C, 76]
.text     E:\Gry\Steam\bin\steamwebhelper.exe[4976] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155                 00000000762c14bb 2 bytes [2C, 76]
.text     ...                                                                                                                * 2
.text     C:\Program Files (x86)\SalePlus\y1jTPRbsJmMP1g.exe[4772] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 69   00000000762c1465 2 bytes [2C, 76]
.text     C:\Program Files (x86)\SalePlus\y1jTPRbsJmMP1g.exe[4772] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 155  00000000762c14bb 2 bytes [2C, 76]
.text     ...                                                                                                                * 2
.text     E:\Programy\ts\ts3client_win32.exe[3304] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69                   00000000762c1465 2 bytes [2C, 76]
.text     E:\Programy\ts\ts3client_win32.exe[3304] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155                  00000000762c14bb 2 bytes [2C, 76]
.text     ...                                                                                                                * 2

---- EOF - GMER 2.1 ----