GMER 2.2.19882 - http://www.gmer.net Rootkit scan 2018-07-22 23:01:35 Windows 6.2.9200 x64 \Device\Harddisk0\DR0 -> \Device\00000039 HGST_HTS721010A9E630 rev.JB0OA3T0 931,51GB Running: m7rqrzo0.exe; Driver: C:\Users\Bolna\AppData\Local\Temp\fwkiiuob.sys ---- Disk sectors - GMER 2.2 ---- Disk \Device\Harddisk0\DR0 unknown MBR code ---- Threads - GMER 2.2 ---- Thread C:\WINDOWS\system32\csrss.exe [888:416] ffff909a91dd6840 ---- Services - GMER 2.2 ---- Service C:\WINDOWS\system32\svchost.exe (*** hidden *** ) [MANUAL] BcastDVRUserService_82d3f <-- ROOTKIT !!! Service C:\WINDOWS\system32\svchost.exe (*** hidden *** ) [MANUAL] BluetoothUserService_82d3f <-- ROOTKIT !!! Service C:\WINDOWS\system32\svchost.exe (*** hidden *** ) [AUTO] CDPUserSvc_82d3f <-- ROOTKIT !!! Service C:\WINDOWS\system32\svchost.exe (*** hidden *** ) [MANUAL] DevicePickerUserSvc_82d3f <-- ROOTKIT !!! Service C:\WINDOWS\system32\svchost.exe (*** hidden *** ) [MANUAL] DevicesFlowUserSvc_82d3f <-- ROOTKIT !!! Service C:\WINDOWS\system32\svchost.exe (*** hidden *** ) [MANUAL] MessagingService_82d3f <-- ROOTKIT !!! Service C:\WINDOWS\system32\svchost.exe (*** hidden *** ) [AUTO] OneSyncSvc_82d3f <-- ROOTKIT !!! Service C:\WINDOWS\system32\svchost.exe (*** hidden *** ) [MANUAL] PimIndexMaintenanceSvc_82d3f <-- ROOTKIT !!! Service C:\WINDOWS\system32\svchost.exe (*** hidden *** ) [MANUAL] PrintWorkflowUserSvc_82d3f <-- ROOTKIT !!! Service C:\WINDOWS\System32\svchost.exe (*** hidden *** ) [MANUAL] UnistoreSvc_82d3f <-- ROOTKIT !!! Service C:\WINDOWS\system32\svchost.exe (*** hidden *** ) [MANUAL] UserDataSvc_82d3f <-- ROOTKIT !!! Service C:\WINDOWS\system32\svchost.exe (*** hidden *** ) [AUTO] WpnUserService_82d3f <-- ROOTKIT !!! ---- EOF - GMER 2.2 ----