GMER 2.1.19357 - http://www.gmer.net
Rootkit scan 2014-12-02 15:07:44
Windows 6.2.9200  x64 \Device\Harddisk0\DR0 -> \Device\00000033 TOSHIBA_MQ01ABF050 rev.AM0G3H 465.76GB
Running: gmer.exe; Driver: C:\Users\Gabulek\AppData\Local\Temp\pxloypog.sys


---- Disk sectors - GMER 2.1 ----

Disk    \Device\Harddisk0\DR0                                                unknown MBR code

---- Threads - GMER 2.1 ----

Thread  C:\Windows\system32\csrss.exe [568:592]                              fffff960008f95e8
Thread  C:\Windows\system32\svchost.exe [956:5080]                           000007fee61716b0
Thread  C:\Windows\System32\spoolsv.exe [1404:5324]                          000007ff034354c0
Thread  C:\Windows\System32\spoolsv.exe [1404:5328]                          000007ff034130ec
Thread  C:\Windows\System32\spoolsv.exe [1404:5416]                          000007fef3a55798
Thread  C:\Windows\System32\spoolsv.exe [1404:5420]                          000007fef3bbe080
Thread  C:\Windows\System32\spoolsv.exe [1404:5536]                          000007fef31981ac
Thread  C:\Windows\system32\svchost.exe [1440:1600]                          000007ff095f3c90
Thread  C:\Windows\system32\svchost.exe [1440:1612]                          000007ff095f3c90
Thread  C:\Windows\system32\svchost.exe [1440:1700]                          000007ff095f3c90
Thread  C:\Windows\system32\svchost.exe [1440:1708]                          000007ff02299240
Thread  C:\Windows\system32\svchost.exe [1440:1748]                          000007ff02277cf0
Thread  C:\Windows\system32\svchost.exe [1440:1752]                          000007ff022a6d90
Thread  C:\Windows\system32\svchost.exe [1440:1756]                          000007ff02277ea0
Thread  C:\Windows\system32\svchost.exe [1440:1988]                          000007ff009a31a0
Thread  C:\Windows\system32\svchost.exe [1440:4388]                          000007ff009a9c68
Thread  C:\Windows\system32\svchost.exe [1440:4712]                          000007fef4191544
Thread  C:\Windows\system32\svchost.exe [1440:4740]                          000007fef41755dc
Thread  C:\Windows\system32\svchost.exe [1440:4940]                          000007fef42524e8
Thread  C:\Windows\system32\svchost.exe [1440:4944]                          000007fef3d14910
Thread  C:\Windows\system32\svchost.exe [1440:4672]                          000007fef3d11044
Thread  C:\Windows\SYSTEM32\ntdll.dll [1636:1304]                            0000000000eb1c94
Thread  C:\Windows\SYSTEM32\ntdll.dll [1636:3496]                            00000000720ee767
Thread  C:\Windows\SYSTEM32\ntdll.dll [1636:1000]                            00000000701b25f1
Thread  C:\Windows\SYSTEM32\ntdll.dll [1636:3164]                            00000000701b25f1
Thread  C:\Windows\SYSTEM32\ntdll.dll [1636:3124]                            00000000701b25f1
Thread  C:\Windows\SYSTEM32\ntdll.dll [1636:3652]                            0000000071173189
Thread  C:\Windows\SYSTEM32\ntdll.dll [1636:3520]                            0000000071350999
Thread  C:\Windows\SYSTEM32\ntdll.dll [1636:572]                             000000006e1016dc
Thread  C:\Program Files\Softland\novaPDF 8\Server\novapdfs.exe [2176:2444]  000007feff1a1d20
Thread  C:\Program Files\Softland\novaPDF 8\Server\novapdfs.exe [2176:3552]  000007fef9291d20
Thread   [2472:2520]                                                         0000000077d950a7
Thread  C:\Windows\SYSTEM32\ntdll.dll [4072:3192]                            0000000000eb1c94
Thread  C:\Windows\SYSTEM32\ntdll.dll [4072:5732]                            00000000675228a5
Thread  C:\Windows\SYSTEM32\ntdll.dll [4072:5748]                            00000000675228a5
Thread  C:\Windows\SYSTEM32\ntdll.dll [4072:5752]                            00000000675228a5

---- EOF - GMER 2.1 ----