GMER 2.2.19882 - http://www.gmer.net Rootkit scan 2016-04-11 20:29:28 Windows 6.2.9200 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 WDC_WD2500BEKT-75PVMT0 rev.01.01A01 232,89GB Running: uop2mgwc.exe; Driver: C:\Users\FACTOR~1\AppData\Local\Temp\aftyapog.sys ---- Threads - GMER 2.2 ---- Thread C:\WINDOWS\system32\csrss.exe [540:2780] fffff96109f17300 Thread C:\WINDOWS\system32\csrss.exe [540:2756] fffff96109f17300 ---- Services - GMER 2.2 ---- Service C:\WINDOWS\System32\qmgr.dll (*** hidden *** ) [AUTO] BITS <-- ROOTKIT !!! ---- Registry - GMER 2.2 ---- Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\kernel\RNG@RNGAuxiliarySeed -978876733 Reg HKLM\SYSTEM\CurrentControlSet\Services\BITS@Start 2 Reg HKLM\SYSTEM\CurrentControlSet\Services\BITS Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\60d819fa4d7a Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Upgrade\LocalRadioSettings Reg HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.doc\OpenWithList@MRUList acdb Reg HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\UnreadMail\kokkos@tlen.pl@MessageCount 2 Reg HKCU\SOFTWARE\Microsoft\Windows\Windows Error Reporting\Debug@StoreLocation C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppHang_Microsoft.Window_8b1448a84b6d58587927e23562d4bce2896bad9f_180e67ff_075d146a Reg HKCU\SOFTWARE\Microsoft\Windows\Windows Error Reporting\Debug\UIHandles@CheckingForSolutionDialog 0xB2 0x02 0x01 0x00 ... Reg HKCU\SOFTWARE\Microsoft\Windows\Windows Error Reporting\Debug\UIHandles@FirstLevelConsentDialog 0x82 0x06 0x39 0x00 ... ---- EOF - GMER 2.2 ----