GMER 2.2.19882 - http://www.gmer.net Rootkit scan 2016-07-13 10:13:02 Windows 6.2.9200 x64 \Device\Harddisk0\DR0 -> \Device\00000036 WDC_WD10SPCX-24HWST1 rev.02.01A02 931,51GB Running: 9zv46gkf.exe; Driver: C:\Users\Kondzio\AppData\Local\Temp\fxadqfob.sys ---- Threads - GMER 2.2 ---- Thread C:\Windows\system32\csrss.exe [716:12336] fffff961b4604030 Thread C:\Windows\system32\svchost.exe [936:92] 00007ffe0f79a8a0 Thread C:\Windows\system32\svchost.exe [936:76] 00007ffe0f799c70 Thread C:\Windows\system32\svchost.exe [936:448] 00007ffe0f3d8d90 Thread C:\Windows\system32\dwm.exe [424:1232] 00007ffe0f1f18f0 Thread C:\Windows\system32\dwm.exe [424:1244] 00007ffe0efd4ea0 Thread C:\Windows\system32\dwm.exe [424:1280] 00007ffe0ef8a420 Thread C:\Windows\system32\dwm.exe [424:1284] 00007ffe0efc8df0 Thread C:\Windows\system32\dwm.exe [424:1288] 00007ffe0efc8de0 Thread C:\Windows\system32\dwm.exe [424:1292] 00007ffe0efc8d10 Thread C:\Windows\system32\dwm.exe [424:1772] 00007ffe0f153c90 Thread C:\Windows\system32\dwm.exe [424:1868] 00007ffe0bb17450 Thread C:\Windows\system32\svchost.exe [596:3052] 00007ffdff991a50 Thread C:\Windows\system32\svchost.exe [596:3456] 00007ffdfde74ba0 Thread C:\Windows\system32\svchost.exe [596:2788] 00007ffdffa12750 Thread C:\Windows\system32\svchost.exe [596:2252] 00007ffe069a1040 Thread C:\Windows\system32\svchost.exe [596:1132] 00007ffe07874c50 Thread C:\Windows\system32\svchost.exe [596:1324] 00007ffe07874c50 Thread C:\Windows\system32\svchost.exe [596:7844] 00007ffdeefac480 Thread C:\Windows\system32\svchost.exe [596:4468] 00007ffdeefac480 Thread C:\Windows\system32\svchost.exe [596:7024] 00007ffdeefac480 Thread C:\Windows\system32\svchost.exe [596:8300] 00007ffdeef88640 Thread C:\Windows\system32\svchost.exe [596:8304] 00007ffdeefac480 Thread C:\Windows\system32\svchost.exe [596:9668] 00007ffe0c18c330 Thread C:\Windows\system32\svchost.exe [596:9676] 00007ffe0c18c330 Thread C:\Windows\system32\svchost.exe [596:6452] 00007ffe0cd965c0 Thread C:\Windows\system32\svchost.exe [596:10672] 00007ffdeefac480 Thread C:\Windows\system32\svchost.exe [596:13036] 00007ffdeefb7a10 Thread C:\Windows\system32\svchost.exe [596:5160] 00007ffe0cd965c0 Thread C:\Windows\system32\svchost.exe [596:18720] 00007ffe0cd965c0 Thread C:\Windows\system32\svchost.exe [632:1816] 00007ffe0c2ed4c0 Thread C:\Windows\system32\svchost.exe [632:1928] 00007ffe05264530 Thread C:\Windows\system32\svchost.exe [632:2212] 00007ffe0fdf6b60 Thread C:\Windows\system32\svchost.exe [632:2916] 00007ffe00429670 Thread C:\Windows\system32\svchost.exe [632:4196] 00007ffe00425a40 Thread C:\Windows\system32\svchost.exe [632:9340] 00007ffe0741b9e0 Thread C:\Windows\system32\svchost.exe [632:4720] 00007ffdfe07c040 Thread C:\Windows\system32\svchost.exe [632:720] 00007ffdfe07c040 Thread C:\Windows\system32\svchost.exe [632:3540] 00007ffdfe07c040 Thread C:\Windows\system32\svchost.exe [632:7292] 00007ffe0041e0e0 Thread C:\Windows\system32\svchost.exe [1180:1804] 00007ffe0bbca070 Thread C:\Windows\system32\svchost.exe [1180:1808] 00007ffe0bbca0f0 Thread C:\Windows\system32\svchost.exe [1180:3640] 00007ffdfd5f0160 Thread C:\Windows\system32\svchost.exe [1180:3664] 00007ffdfd5f5ab0 Thread C:\Windows\system32\svchost.exe [1180:3668] 00007ffdfd5f9e00 Thread C:\Windows\system32\svchost.exe [1180:3672] 00007ffdfd5f9720 Thread C:\Windows\system32\svchost.exe [1180:3676] 00007ffdfd5f94f0 Thread C:\Windows\system32\svchost.exe [1180:3680] 00007ffdfda49fd0 Thread C:\Windows\system32\svchost.exe [1180:3684] 00007ffe05054440 Thread C:\Windows\system32\svchost.exe [1180:1384] 00007ffe0bb58850 Thread C:\Windows\system32\svchost.exe [1180:6188] 00007ffdfab32a20 Thread C:\Windows\system32\svchost.exe [1180:13112] 00007ffdfab32610 Thread C:\Windows\system32\svchost.exe [1180:5452] 00007ffdfd5f8d30 Thread C:\Windows\system32\svchost.exe [1188:3192] 00007ffdfc30c550 Thread C:\Windows\system32\svchost.exe [1188:3188] 00007ffdfc30c530 Thread C:\Windows\system32\svchost.exe [1188:1112] 00007ffdfe306320 Thread C:\Windows\system32\svchost.exe [1188:2980] 00007ffdfe3186e0 Thread C:\Windows\system32\svchost.exe [1188:1224] 00007ffdfd5a0660 Thread C:\Windows\system32\svchost.exe [1188:7216] 00007ffdfd5a0660 Thread C:\Windows\system32\svchost.exe [1248:2448] 00007ffe0fdf6b60 Thread C:\Windows\system32\svchost.exe [1248:2468] 00007ffe0fdf6b60 Thread C:\Windows\system32\svchost.exe [1248:2480] 00007ffe0fdf6b60 Thread C:\Windows\system32\svchost.exe [1248:2488] 00007ffe009fe110 Thread C:\Windows\system32\svchost.exe [1248:2720] 00007ffe009ffc10 Thread C:\Windows\system32\svchost.exe [1248:2724] 00007ffe009ee720 Thread C:\Windows\system32\svchost.exe [1248:2728] 00007ffe009ff120 Thread C:\Windows\system32\svchost.exe [1248:2732] 00007ffe006e6aa0 Thread C:\Windows\system32\svchost.exe [1248:2736] 00007ffe006eb0c0 Thread C:\Windows\system32\svchost.exe [1248:3556] 00007ffe052e3d30 Thread C:\Windows\system32\svchost.exe [1248:1796] 00007ffdfd3d1240 Thread C:\Windows\system32\svchost.exe [1248:1832] 00007ffdfd729490 Thread C:\Windows\system32\svchost.exe [1248:3312] 00007ffdfc5429b0 Thread C:\Windows\system32\svchost.exe [1248:9476] 00007ffe052e22b0 Thread C:\Windows\System32\svchost.exe [1604:2044] 00007ffe07b7b450 Thread C:\Windows\System32\svchost.exe [1604:1560] 00007ffe07a58e30 Thread C:\Windows\System32\svchost.exe [1604:1968] 00007ffe05aa54a0 Thread C:\Windows\System32\svchost.exe [1604:1976] 00007ffe05a910a0 Thread C:\Windows\System32\svchost.exe [1604:2172] 00007ffe05054440 Thread C:\Windows\System32\svchost.exe [1604:2196] 00007ffe04eb4460 Thread C:\Windows\System32\svchost.exe [1604:2204] 00007ffe04eb71f0 Thread C:\Windows\System32\svchost.exe [1604:2208] 00007ffe05054440 Thread C:\Windows\System32\svchost.exe [1604:6964] 00007ffdfadf9dd0 Thread C:\Windows\System32\svchost.exe [1604:6968] 00007ffdfadf2450 Thread C:\Windows\System32\svchost.exe [1604:12584] 00007ffdfe591670 Thread C:\Windows\system32\svchost.exe [1980:1996] 00007ffe07d6cc70 Thread C:\Windows\system32\svchost.exe [1980:2008] 00007ffe07d6d540 Thread C:\Windows\system32\svchost.exe [1980:2012] 00007ffe07d6db50 Thread C:\Windows\system32\svchost.exe [1980:2016] 00007ffe07d6bed0 Thread C:\Windows\system32\svchost.exe [1980:2436] 00007ffe026ca840 Thread C:\Windows\system32\svchost.exe [1980:2808] 00007ffe008ffd10 Thread C:\Windows\system32\svchost.exe [1980:3628] 00007ffdffa12750 Thread C:\Windows\system32\svchost.exe [1980:1028] 00007ffdfe07c040 Thread C:\Windows\system32\svchost.exe [1980:14160] 00007ffe07d6dd00 Thread C:\Windows\system32\svchost.exe [1980:10328] 00007ffe07d66a30 Thread C:\Windows\System32\spoolsv.exe [2368:2388] 00007ffe11ef47b0 Thread C:\Windows\System32\spoolsv.exe [2368:6984] 00007ffdfe306320 Thread C:\Windows\System32\spoolsv.exe [2368:6976] 00007ffdfe2e29a0 Thread C:\Windows\System32\spoolsv.exe [2368:5356] 00007ffe03d71180 Thread C:\Windows\System32\spoolsv.exe [2368:7048] 00007ffdf0b6cd90 Thread C:\Windows\system32\svchost.exe [2676:3180] 00007ffdff607710 Thread C:\Windows\system32\svchost.exe [2676:3260] 00007ffdff6103f0 Thread C:\Windows\system32\svchost.exe [2676:1844] 00007ffdfe306320 Thread C:\Windows\system32\svchost.exe [2676:18904] 00007ffdfe2e29a0 Thread C:\Windows\system32\dashost.exe [2772:3888] 00007ffdffa12750 Thread C:\Windows\Explorer.EXE [4996:4536] 00007ffe0dbb9230 Thread C:\Windows\Explorer.EXE [4996:4596] 00007ffdffc65024 Thread C:\Windows\Explorer.EXE [4996:1124] 00007ffe0f230880 Thread C:\Windows\Explorer.EXE [4996:1312] 00007ffe00b5c1c0 Thread C:\Windows\Explorer.EXE [4996:4872] 00007ffe04045c28 Thread C:\Windows\Explorer.EXE [4996:5020] 00007ffe077fc350 Thread C:\Windows\Explorer.EXE [4996:5012] 00007ffe077fc350 Thread C:\Windows\Explorer.EXE [4996:5040] 00007ffe077fc350 Thread C:\Windows\Explorer.EXE [4996:4868] 00007ffe07834b10 Thread C:\Windows\Explorer.EXE [4996:5028] 00007ffe077d71b4 Thread C:\Windows\Explorer.EXE [4996:5004] 00007ffe077c4190 Thread C:\Windows\Explorer.EXE [4996:4864] 00007ffe077c2ff8 Thread C:\Windows\Explorer.EXE [4996:5112] 000000006573f8e0 Thread C:\Windows\Explorer.EXE [4996:4860] 000000000a05cc04 Thread C:\Windows\Explorer.EXE [4996:4736] 00007ffe05af7fe0 Thread C:\Windows\Explorer.EXE [4996:6536] 00007ffe05af7fe0 Thread C:\Windows\Explorer.EXE [4996:6936] 00007ffe05af7fe0 Thread C:\Windows\Explorer.EXE [4996:5224] 00007ffde96822f0 Thread C:\Windows\Explorer.EXE [4996:4180] 00007ffe00bc39e0 Thread C:\Windows\Explorer.EXE [4996:9292] 00007ffdedd61750 Thread C:\Windows\Explorer.EXE [4996:9620] 00007ffe0f2530f0 Thread C:\Windows\Explorer.EXE [4996:3528] 00007ffe10663e80 Thread C:\Windows\Explorer.EXE [4996:17604] 00007ffe05054440 Thread C:\Windows\Explorer.EXE [4996:18828] 00007ffe0230dfe0 Thread C:\Windows\Explorer.EXE [4996:14432] 00007ffe0230dfe0 Thread C:\Windows\Explorer.EXE [4996:7492] 00007ffdf8dfc9c0 Thread C:\Windows\Explorer.EXE [4996:13704] 00007ffdfff82400 Thread C:\Windows\system32\wbem\wmiprvse.exe [1220:2264] 00007ffe07874c50 Thread C:\Windows\system32\wbem\wmiprvse.exe [1220:5108] 00007ffe044f4094 Thread C:\Windows\system32\wbem\wmiprvse.exe [1220:8780] 00007ffe06796820 Thread C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [4100:5032] 00007ffe01647944 Thread C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [4100:4760] 00007ffe0150beb4 Thread C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [4100:7120] 00007ffe0150beb4 Thread C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe [2076:4704] 00007ffe10e98f90 Thread C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe [2076:4700] 00007ffdf57ab530 Thread C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe [2076:5268] 00007ffe0763e200 Thread C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe [2076:5364] 00007ffe10e98f90 Thread C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe [2076:5368] 00007ffdf57ab530 Thread C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe [2076:6800] 00007ffdf9a1fc00 Thread C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe [2076:6816] 00007ffe10e98f90 Thread C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe [2076:6820] 00007ffdf57ab530 Thread C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe [2076:7020] 00007ffdf9a1fc00 Thread C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe [2076:6312] 00007ffdf55c5530 Thread C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe [2076:6400] 00007ffdf55c5530 Thread C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe [2076:2876] 00007ffdf55c5530 Thread C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe [2076:6304] 00007ffdf55c5530 Thread C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe [2076:2516] 00007ffe0f2530f0 Thread C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe [2076:2456] 00007ffe10e98f90 Thread C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe [2076:6564] 00007ffdf57ab530 Thread C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe [2076:9624] 00007ffdf9a1fc00 Thread C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe [2076:11416] 00007ffe10e98f90 Thread C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe [2076:5404] 00007ffdf57ab530 Thread C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe [2076:11768] 00007ffdf9a1fc00 Thread C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe [2076:14752] 00007ffe10e98f90 Thread C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe [2076:11492] 00007ffdf9a1fc00 Thread C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe [2076:14884] 00007ffdf4c86580 Thread C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe [2076:5976] 00007ffe10e9a090 Thread C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe [2076:14084] 00007ffdf4c86580 Thread C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe [2076:1448] 00007ffe0f6aecf0 Thread C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe [2076:15948] 00007ffdfef127e0 Thread C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe [2076:19232] 00007ffdf5546a00 Thread C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe [2076:15676] 00007ffdf5546a00 Thread C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe [2076:19280] 00007ffdf5546a00 Thread C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe [2076:17216] 00007ffdf5546a00 Thread C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe [2076:18824] 00007ffdf5546a00 Thread C:\Windows\system32\taskhostw.exe [4348:5200] 00007ffe03ef1230 Thread C:\Windows\system32\taskhostw.exe [4348:5204] 00007ffe03822020 Thread C:\Windows\system32\taskhostw.exe [4348:5220] 00007ffe13955300 Thread C:\Windows\system32\taskhostw.exe [4348:5240] 00007ffe0f2530f0 Thread C:\Windows\system32\taskhostw.exe [4348:6472] 00007ffdfe07c040 Thread C:\Windows\System32\RuntimeBroker.exe [5316:10632] 00007ffdfef127e0 Thread C:\Windows\System32\RuntimeBroker.exe [5316:15212] 00007ffe0f230880 Thread C:\Windows\System32\RuntimeBroker.exe [5316:17580] 00007ffdfef127e0 Thread C:\Windows\System32\RuntimeBroker.exe [5316:18308] 00007ffdfef127e0 Thread C:\Windows\System32\RuntimeBroker.exe [5316:4064] 00007ffdfef127e0 Thread C:\Windows\System32\RuntimeBroker.exe [5316:18200] 00007ffdfef127e0 Thread C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe [5436:5792] 00007ffe10e98f90 Thread C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe [5436:5800] 00007ffdf57ab530 Thread C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe [5436:5812] 00007ffe0763e200 Thread C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe [5436:5900] 00007ffdf9a1fc00 Thread C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe [5436:2756] 00007ffdf2cb27d0 Thread C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe [5436:5956] 00007ffdf2c9a6b0 Thread C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe [5436:6004] 00007ffdf2d03870 Thread C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe [5436:6012] 00007ffdf2ca2bb0 Thread C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe [5436:6808] 00007ffdf2d03870 Thread C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe [5436:7128] 00007ffdf2d005c0 Thread C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe [5436:13248] 00007ffdf2d03870 Thread C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe [5436:6912] 00007ffe10e9a090 Thread C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe [5436:16256] 00007ffdf2d03870 Thread C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe [5436:6796] 00007ffe1118cd20 Thread C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe [5436:12796] 00007ffdf2d03870 Thread C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe [5436:18300] 00007ffdf5546a00 Thread C:\Users\Kondzio\AppData\Local\Microsoft\OneDrive\OneDrive.exe [5360:8640] 0000000067664ccc Thread C:\Users\Kondzio\AppData\Local\Microsoft\OneDrive\OneDrive.exe [5360:8644] 0000000067664ccc Thread C:\Users\Kondzio\AppData\Local\Microsoft\OneDrive\OneDrive.exe [5360:8648] 00000000681fbfb4 Thread C:\Users\Kondzio\AppData\Local\Microsoft\OneDrive\OneDrive.exe [5360:8652] 00000000681fbfb4 Thread C:\Users\Kondzio\AppData\Local\Microsoft\OneDrive\OneDrive.exe [5360:8684] 00000000681fbfb4 Thread C:\Users\Kondzio\AppData\Local\Microsoft\OneDrive\OneDrive.exe [5360:8688] 00000000681fbfb4 Thread C:\Users\Kondzio\AppData\Local\Microsoft\OneDrive\OneDrive.exe [5360:8692] 00000000681fbfb4 Thread C:\Windows\system32\svchost.exe [8632:5412] 00007ffdfe07c040 Thread C:\Windows\system32\taskhostw.exe [12232:1260] 00007ffe00505e30 Thread C:\Windows\system32\DllHost.exe [13924:13688] 00007ffe13c37bd0 Thread C:\Windows\system32\DllHost.exe [13924:12628] 00007ffdfda49fd0 Thread C:\Windows\system32\DllHost.exe [13924:4368] 00007ffe05054440 Thread C:\Windows\system32\WLANExt.exe [11720:11604] 00007ffe044f4094 Thread C:\Windows\system32\WLANExt.exe [11720:4308] 00007ffe04c5b2b0 Thread C:\Windows\system32\WLANExt.exe [11720:14272] 00007ffe044f4094 Thread C:\Windows\system32\WLANExt.exe [11720:13960] 00007ffe05054440 Thread C:\Windows\system32\WLANExt.exe [11720:16000] 00007ffe05054440 Thread C:\Windows\system32\WLANExt.exe [11720:10324] 00007ffe04bb8ef0 Thread C:\Windows\system32\WLANExt.exe [11720:11320] 00007ffe034b46d0 Thread C:\Windows\system32\WLANExt.exe [11720:7400] 00007ffe034b46ec Thread C:\Windows\system32\WLANExt.exe [11720:10128] 00007ffe034b46b4 Thread C:\Windows\system32\WLANExt.exe [11720:15608] 00007ffe05054440 Thread C:\Windows\system32\conhost.exe [3776:924] 00007ffe04ff9b40 Thread C:\Windows\system32\conhost.exe [12100:5228] 00007ffe04ff9b40 Thread C:\Windows\system32\conhost.exe [12100:18032] 00007ffe04ff2e90 ---- EOF - GMER 2.2 ----