GMER 2.1.19357 - http://www.gmer.net
Rootkit scan 2015-01-13 17:06:54
Windows 6.1.7600  x64 
Running: 40r2otdc.exe


---- Services - GMER 2.1 ----

Service  System32\Drivers\f7c9b5669dd71a8.sys (*** hidden *** )               [BOOT] f7c9b5669dd71a8                             <-- ROOTKIT !!!

---- Registry - GMER 2.1 ----

Reg      HKLM\SYSTEM\CurrentControlSet\services\f7c9b5669dd71a8@ImagePath     \SystemRoot\System32\Drivers\f7c9b5669dd71a8.sys
Reg      HKLM\SYSTEM\CurrentControlSet\services\f7c9b5669dd71a8@Group         Boot Bus Extender
Reg      HKLM\SYSTEM\CurrentControlSet\services\f7c9b5669dd71a8@ErrorControl  0
Reg      HKLM\SYSTEM\CurrentControlSet\services\f7c9b5669dd71a8@Type          1
Reg      HKLM\SYSTEM\CurrentControlSet\services\f7c9b5669dd71a8@Start         0
Reg      HKLM\SYSTEM\CurrentControlSet\services\f7c9b5669dd71a8@Tag           1
Reg      HKLM\SYSTEM\CurrentControlSet\services\f7c9b5669dd71a8@DisplayName   syshost.exe
Reg      HKLM\SYSTEM\CurrentControlSet\services\f7c9b5669dd71a8               
Reg      HKLM\SYSTEM\ControlSet002\services\f7c9b5669dd71a8@ImagePath         \SystemRoot\System32\Drivers\f7c9b5669dd71a8.sys
Reg      HKLM\SYSTEM\ControlSet002\services\f7c9b5669dd71a8@Group             Boot Bus Extender
Reg      HKLM\SYSTEM\ControlSet002\services\f7c9b5669dd71a8@ErrorControl      0
Reg      HKLM\SYSTEM\ControlSet002\services\f7c9b5669dd71a8@Type              1
Reg      HKLM\SYSTEM\ControlSet002\services\f7c9b5669dd71a8@Start             0
Reg      HKLM\SYSTEM\ControlSet002\services\f7c9b5669dd71a8@Tag               1
Reg      HKLM\SYSTEM\ControlSet002\services\f7c9b5669dd71a8@DisplayName       syshost.exe

---- EOF - GMER 2.1 ----