GMER 1.0.15.15641 - http://www.gmer.net Rootkit scan 2012-01-11 09:01:58 Windows 6.1.7600 Running: gmer.exe ---- Services - GMER 1.0.15 ---- Service System32\Drivers\9dbe1675f81eed37.sys (*** hidden *** ) [BOOT] 9dbe1675f81eed37 <-- ROOTKIT !!! ---- Registry - GMER 1.0.15 ---- Reg HKLM\SYSTEM\CurrentControlSet\services\9dbe1675f81eed37@ImagePath \SystemRoot\System32\Drivers\9dbe1675f81eed37.sys Reg HKLM\SYSTEM\CurrentControlSet\services\9dbe1675f81eed37@Group Boot Bus Extender Reg HKLM\SYSTEM\CurrentControlSet\services\9dbe1675f81eed37@ErrorControl 0 Reg HKLM\SYSTEM\CurrentControlSet\services\9dbe1675f81eed37@Type 1 Reg HKLM\SYSTEM\CurrentControlSet\services\9dbe1675f81eed37@Start 0 Reg HKLM\SYSTEM\CurrentControlSet\services\9dbe1675f81eed37@Tag 1 Reg HKLM\SYSTEM\CurrentControlSet\services\9dbe1675f81eed37@DisplayName 1durzdhq02.exe Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\0027133317a2 Reg HKLM\SYSTEM\ControlSet002\services\9dbe1675f81eed37@ImagePath \SystemRoot\System32\Drivers\9dbe1675f81eed37.sys Reg HKLM\SYSTEM\ControlSet002\services\9dbe1675f81eed37@Group Boot Bus Extender Reg HKLM\SYSTEM\ControlSet002\services\9dbe1675f81eed37@ErrorControl 0 Reg HKLM\SYSTEM\ControlSet002\services\9dbe1675f81eed37@Type 1 Reg HKLM\SYSTEM\ControlSet002\services\9dbe1675f81eed37@Start 0 Reg HKLM\SYSTEM\ControlSet002\services\9dbe1675f81eed37@Tag 1 Reg HKLM\SYSTEM\ControlSet002\services\9dbe1675f81eed37@DisplayName 1durzdhq02.exe Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\0027133317a2 (not active ControlSet) ---- EOF - GMER 1.0.15 ----