GMER 2.2.19882 - http://www.gmer.net Rootkit scan 2016-09-30 07:43:21 Windows 6.1.7601 Service Pack 1 Running: 7qeoruw4.exe ---- Services - GMER 2.2 ---- Service System32\Drivers\5d8039a9b7e0d966.sys (*** hidden *** ) [BOOT] 5d8039a9b7e0d966 <-- ROOTKIT !!! ---- Registry - GMER 2.2 ---- Reg HKLM\SYSTEM\CurrentControlSet\services\5d8039a9b7e0d966@ImagePath \SystemRoot\System32\Drivers\5d8039a9b7e0d966.sys Reg HKLM\SYSTEM\CurrentControlSet\services\5d8039a9b7e0d966@Group Boot Bus Extender Reg HKLM\SYSTEM\CurrentControlSet\services\5d8039a9b7e0d966@ErrorControl 0 Reg HKLM\SYSTEM\CurrentControlSet\services\5d8039a9b7e0d966@Type 1 Reg HKLM\SYSTEM\CurrentControlSet\services\5d8039a9b7e0d966@Start 0 Reg HKLM\SYSTEM\CurrentControlSet\services\5d8039a9b7e0d966@Tag 1 Reg HKLM\SYSTEM\CurrentControlSet\services\5d8039a9b7e0d966@DisplayName syshost.exe Reg HKLM\SYSTEM\CurrentControlSet\services\5d8039a9b7e0d966 Reg HKLM\SYSTEM\ControlSet002\services\5d8039a9b7e0d966@ImagePath \SystemRoot\System32\Drivers\5d8039a9b7e0d966.sys Reg HKLM\SYSTEM\ControlSet002\services\5d8039a9b7e0d966@Group Boot Bus Extender Reg HKLM\SYSTEM\ControlSet002\services\5d8039a9b7e0d966@ErrorControl 0 Reg HKLM\SYSTEM\ControlSet002\services\5d8039a9b7e0d966@Type 1 Reg HKLM\SYSTEM\ControlSet002\services\5d8039a9b7e0d966@Start 0 Reg HKLM\SYSTEM\ControlSet002\services\5d8039a9b7e0d966@Tag 1 Reg HKLM\SYSTEM\ControlSet002\services\5d8039a9b7e0d966@DisplayName syshost.exe Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\CIT\System\Active Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\CIT\System\Active@13238D99 590 ---- EOF - GMER 2.2 ----