GMER 2.2.19882 - http://www.gmer.net Rootkit scan 2018-10-25 18:36:09 Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 HGST_HTS545032A7E380 rev.GGBZBF40 298,09GB Running: osriuodn.exe; Driver: C:\Users\HP\AppData\Local\Temp\uglciaoc.sys ---- Processes - GMER 2.2 ---- Library C:\Program Files (x86)\Google\Update\Install\{DE87B0A6-D109-42E7-B412-6E2891BCFB30}\GoogleUpdateSetup.exe (*** suspicious ***) @ C:\Program Files (x86)\Google\Update\Install\{DE87B0A6-D109-42E7-B412-6E2891BCFB30}\GoogleUpdateSetup.exe [6168] 0000000000c00000 Library C:\Program Files (x86)\GUMB7BB.tmp\GoogleUpdate.exe (*** suspicious ***) @ C:\Program Files (x86)\GUMB7BB.tmp\GoogleUpdate.exe [6040] 00000000008a0000 Library C:\Program Files (x86)\GUMB7BB.tmp\goopdate.dll (*** suspicious ***) @ C:\Program Files (x86)\GUMB7BB.tmp\GoogleUpdate.exe [6040] 00000000684e0000 ---- Registry - GMER 2.2 ---- Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\a41731b3a53a Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\a41731b45db2 Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\f4b7e2ff0b73 Reg HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Epoch@Epoch 212 Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\a41731b3a53a (not active ControlSet) Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\a41731b45db2 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\f4b7e2ff0b73 (not active ControlSet) ---- EOF - GMER 2.2 ----