GMER 2.1.19357 - http://www.gmer.net
Rootkit scan 2015-08-02 12:26:29
Windows 5.1.2600 Dodatek Service Pack 3 
Running: vili5kxm.exe


---- Services - GMER 2.1 ----

Service  C:\WINDOWS\System32\Drivers\6edf95fac9406c4e.sys (*** hidden *** )    [BOOT] 6edf95fac9406c4e                             <-- ROOTKIT !!!

---- Registry - GMER 2.1 ----

Reg      HKLM\SYSTEM\CurrentControlSet\Services\6edf95fac9406c4e@ImagePath     \SystemRoot\System32\Drivers\6edf95fac9406c4e.sys
Reg      HKLM\SYSTEM\CurrentControlSet\Services\6edf95fac9406c4e@Group         Boot Bus Extender
Reg      HKLM\SYSTEM\CurrentControlSet\Services\6edf95fac9406c4e@ErrorControl  0
Reg      HKLM\SYSTEM\CurrentControlSet\Services\6edf95fac9406c4e@Type          1
Reg      HKLM\SYSTEM\CurrentControlSet\Services\6edf95fac9406c4e@Start         0
Reg      HKLM\SYSTEM\CurrentControlSet\Services\6edf95fac9406c4e@Tag           1
Reg      HKLM\SYSTEM\CurrentControlSet\Services\6edf95fac9406c4e@DisplayName   svchost.exe
Reg      HKLM\SYSTEM\CurrentControlSet\Services\6edf95fac9406c4e               
Reg      HKLM\SYSTEM\ControlSet004\Services\6edf95fac9406c4e@ImagePath         \SystemRoot\System32\Drivers\6edf95fac9406c4e.sys
Reg      HKLM\SYSTEM\ControlSet004\Services\6edf95fac9406c4e@Group             Boot Bus Extender
Reg      HKLM\SYSTEM\ControlSet004\Services\6edf95fac9406c4e@ErrorControl      0
Reg      HKLM\SYSTEM\ControlSet004\Services\6edf95fac9406c4e@Type              1
Reg      HKLM\SYSTEM\ControlSet004\Services\6edf95fac9406c4e@Start             0
Reg      HKLM\SYSTEM\ControlSet004\Services\6edf95fac9406c4e@Tag               1
Reg      HKLM\SYSTEM\ControlSet004\Services\6edf95fac9406c4e@DisplayName       svchost.exe

---- EOF - GMER 2.1 ----