GMER 2.2.19882 - http://www.gmer.net Rootkit scan 2017-02-20 17:26:25 Windows 6.2.9200 x64 \Device\Harddisk0\DR0 -> \Device\0000003b ADATA_SU800NS38 rev.P0925A 238,47GB Running: izojpvfe.exe; Driver: C:\Users\zajec\AppData\Local\Temp\fwkdyfow.sys ---- Disk sectors - GMER 2.2 ---- Disk \Device\Harddisk0\DR0 unknown MBR code ---- Threads - GMER 2.2 ---- Thread C:\Windows\system32\csrss.exe [784:908] ffffedbc36b36c20 Thread C:\Windows\system32\svchost.exe [1020:492] 00007ffc5ac68ae0 Thread C:\Windows\System32\svchost.exe [1496:2148] 00007ffc4f47dbe0 Thread C:\Windows\System32\svchost.exe [1496:2156] 00007ffc4f47dbe0 Thread C:\Windows\System32\svchost.exe [1496:2444] 00007ffc460ec030 Thread C:\Windows\System32\svchost.exe [1496:2460] 00007ffc460e7000 Thread C:\Windows\System32\svchost.exe [1496:2464] 00007ffc460e8370 Thread C:\Windows\System32\svchost.exe [1496:2468] 00007ffc460ead30 Thread C:\Windows\System32\svchost.exe [1496:2900] 00007ffc3b8787e0 Thread C:\Windows\System32\svchost.exe [1496:6692] 00007ffc460ec830 Thread C:\Windows\System32\svchost.exe [1496:7860] 00007ffc460e7d50 Thread C:\Windows\system32\svchost.exe [2376:2800] 00007ffc43405bd0 Thread C:\Windows\system32\svchost.exe [2376:2816] 00007ffc43409b20 Thread C:\Windows\System32\spoolsv.exe [2736:2680] 00007ffc377b5bc0 Thread C:\Windows\System32\spoolsv.exe [2736:2384] 00007ffc37632740 Thread C:\Windows\System32\spoolsv.exe [2736:9724] 00007ffc59b31180 Thread C:\Windows\System32\spoolsv.exe [2736:10220] 00007ffc32a78e40 Thread C:\Windows\Explorer.EXE [3576:4480] 00007ffc30fb63b0 Thread C:\Windows\Explorer.EXE [3576:5080] 00007ffc31647ce0 Thread C:\Windows\Explorer.EXE [3576:5084] 00007ffc316430d0 Thread C:\Windows\Explorer.EXE [3576:5088] 00007ffc316b16d0 Thread C:\Windows\Explorer.EXE [3576:5092] 00007ffc316b16d0 Thread C:\Windows\Explorer.EXE [3576:5096] 00007ffc316b16d0 Thread C:\Windows\Explorer.EXE [3576:5100] 00007ffc316b16d0 Thread C:\Windows\Explorer.EXE [3576:5104] 00007ffc316b16d0 Thread C:\Windows\Explorer.EXE [3576:5108] 00007ffc316b16d0 Thread C:\Windows\Explorer.EXE [3576:5112] 00007ffc316b16d0 Thread C:\Windows\Explorer.EXE [3576:5116] 00007ffc316b16d0 Thread C:\Windows\Explorer.EXE [3576:4240] 00007ffc30fb63b0 Thread C:\Windows\Explorer.EXE [3576:5296] 00007ffc30fb63b0 Thread C:\Windows\Explorer.EXE [3576:5400] 00007ffc56652cf0 Thread C:\Windows\Explorer.EXE [3576:5408] 00007ffc2a1dbb70 Thread C:\Windows\Explorer.EXE [3576:5412] 00007ffc56652cf0 Thread C:\Windows\Explorer.EXE [3576:5424] 00007ffc56652cf0 Thread C:\Windows\Explorer.EXE [3576:5488] 00007ffc30fb63b0 Thread C:\Windows\Explorer.EXE [3576:7808] 00007ffc5bf3faa0 Thread C:\Windows\Explorer.EXE [3576:7852] 00007ffc56652cf0 Thread C:\Windows\Explorer.EXE [3576:8064] 00007ffc56501ba0 Thread C:\Windows\Explorer.EXE [3576:16276] 00007ffc27d236f0 ---- EOF - GMER 2.2 ----