GMER 2.1.19357 - http://www.gmer.net Rootkit scan 2015-11-24 13:02:13 Windows 6.2.9200 x64 \Device\Harddisk0\DR0 -> \Device\0000002c Hitachi_HTS545050A7E380 rev.GG2OA7B0 465,76GB Running: b1d62bmw.exe; Driver: C:\Users\k1313\AppData\Local\Temp\pxldqpog.sys ---- Kernel code sections - GMER 2.1 ---- .text C:\WINDOWS\System32\win32k.sys!W32pServiceTable fffff96000209100 15 bytes [40, A1, F1, 01, C0, E7, 6B, ...] .text C:\WINDOWS\System32\win32k.sys!W32pServiceTable + 16 fffff96000209110 11 bytes [00, 22, FC, FF, C0, DC, CA, ...] ---- Threads - GMER 2.1 ---- Thread C:\WINDOWS\system32\csrss.exe [6396:6216] fffff960008c52d0 Thread C:\WINDOWS\Explorer.EXE [6236:1432] 00007ffeb42137e0 Thread C:\WINDOWS\Explorer.EXE [6236:5644] 00007ffeb1019b10 Thread C:\WINDOWS\Explorer.EXE [6236:3108] 00007ffeb1019b10 Thread C:\WINDOWS\Explorer.EXE [6236:3600] 00007ffeb1019b10 Thread C:\WINDOWS\Explorer.EXE [6236:2060] 00007ffeafe81fe0 Thread C:\WINDOWS\Explorer.EXE [6236:2908] 0000000071a22480 Thread C:\WINDOWS\Explorer.EXE [6236:7444] 00007ffeb0b428c0 Thread C:\WINDOWS\Explorer.EXE [6236:5360] 00007ffeb16c4550 Thread C:\WINDOWS\Explorer.EXE [6236:6188] 00007ffe98322710 Thread C:\WINDOWS\Explorer.EXE [6236:6140] 00007ffeb1019b10 Thread C:\WINDOWS\Explorer.EXE [6236:4392] 00007ffeba86c900 Thread C:\WINDOWS\Explorer.EXE [6236:7556] 00007ffeb45f9970 Thread C:\WINDOWS\Explorer.EXE [6236:3184] 00007ffe9f1c06e0 Thread C:\WINDOWS\Explorer.EXE [6236:7288] 00007ffeb41d1090 ---- Disk sectors - GMER 2.1 ---- Disk \Device\Harddisk0\DR0 unknown MBR code ---- EOF - GMER 2.1 ----