GMER 2.2.19882 - http://www.gmer.net Rootkit scan 2017-07-02 15:31:17 Windows 6.2.9200 x64 \Device\Harddisk0\DR0 -> \Device\00000035 GOODRAM rev.SAFM12.2 223,57GB Running: rmq2tm48.exe; Driver: C:\Users\ALEKSI~1\AppData\Local\Temp\awldyfoc.sys ---- Disk sectors - GMER 2.2 ---- Disk \Device\Harddisk0\DR0 unknown MBR code ---- Threads - GMER 2.2 ---- Thread C:\WINDOWS\system32\csrss.exe [716:456] ffffaee65f039ac0 Thread C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe [6952:7028] 00007ffed3848810 Thread C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe [6952:7048] 00007ffed3efc800 Thread C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe [6952:7052] 00007ffec89bd340 Thread C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe [6952:7056] 00007ffec3b76380 Thread C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe [6952:7068] 00007ffed3efc220 Thread C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe [6952:7132] 00007ffed3848810 Thread C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe [6952:7140] 00007ffec08c25f0 Thread C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe [6952:4656] 00007ffed2d4ae60 Thread C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe [6952:6172] 00007ffeb1554b80 Thread C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe [6952:6308] 00007ffeb16ee290 Thread C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe [6952:6192] 00007ffeb169ba70 Thread C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe [6952:6484] 00007ffeb16ee290 Thread C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe [6952:6476] 00007ffed2d4ae60 Thread C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe [6952:5920] 00007ffed2d4ae60 Thread C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe [6952:7188] 00007ffeb1555a40 Thread C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe [6952:7224] 00007ffeb16ee290 Thread C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe [6952:7712] 00007ffed1db0190 Thread C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe [6952:10440] 00007ffed016b2a0 Thread C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe [6952:8908] 00007ffed234c220 Thread C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe [6952:8768] 00007ffec89be860 Thread C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe [6952:7960] 00007ffeb16ee290 Thread C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe [6952:208] 00007ffed234c220 Thread C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe [6952:5960] 00007ffed2d4ae60 Thread C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe [6952:10520] 00007ffec3ab4240 ---- EOF - GMER 2.2 ----