GMER 2.2.19882 - http://www.gmer.net Rootkit scan 2017-05-12 11:45:11 Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\00000058 ATA_____ rev.3E01 298,09GB Running: t05sdvdi.exe; Driver: C:\Users\And\AppData\Local\Temp\uxriapow.sys ---- User code sections - GMER 2.2 ---- .text C:\Windows\Explorer.EXE[3508] C:\Windows\system32\kernel32.dll!CreateProcessInternalW 000000007795e7b0 5 bytes JMP 0000000077830fd3 ---- Threads - GMER 2.2 ---- Thread C:\Windows\system32\svchost.exe [924:2360] 00000000016e0c8c Thread C:\Windows\system32\svchost.exe [924:2364] 00000000016e0c8c Thread C:\Windows\system32\svchost.exe [924:2368] 00000000016e0c8c Thread C:\Windows\system32\svchost.exe [924:2548] 00000000016d7378 Thread C:\Windows\system32\svchost.exe [924:2552] 00000000016d7378 Thread C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe [3736:2240] 0000000002d03e78 ---- EOF - GMER 2.2 ----