GMER 2.1.19357 - http://www.gmer.net Rootkit scan 2015-10-04 21:57:08 Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP3T1L0-4 SAMSUNG_HD103SJ rev.1AJ10001 931,51GB Running: 9efm5b8m.exe; Driver: C:\Users\Pawel\AppData\Local\Temp\awddrkog.sys ---- User code sections - GMER 2.1 ---- .text C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[2800] C:\Windows\syswow64\KERNELBASE.dll!LoadLibraryExW 0000000075502ab1 5 bytes JMP 000000010120f4f2 ---- Processes - GMER 2.1 ---- Library C:\Users\Pawel\AppData\Local\Microsoft\Windows Sidebar\Gadgets\GPUObserver37.gadget\GPUStatusReader.dll (*** suspicious ***) @ C:\Program Files\Windows Sidebar\sidebar.exe [2852] (GPUStatusReader/Orbmu2k)(2015-04-30 09:39:35) 0000000074110000 ---- Registry - GMER 2.1 ---- Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\001122987654 Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\001122987654 (not active ControlSet) ---- EOF - GMER 2.1 ----