GMER 2.2.19882 - http://www.gmer.net Rootkit scan 2016-09-23 22:20:20 Windows 6.2.9200 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 WDC_WD5000AAKX-00ERMA0 rev.15.01H15 465,76GB Running: 2shl0zfu.exe; Driver: C:\Users\bo\AppData\Local\Temp\pxldqpob.sys ---- Threads - GMER 2.2 ---- Thread C:\WINDOWS\system32\csrss.exe [620:2812] ffff87532bda6c20 Thread C:\WINDOWS\system32\svchost.exe [76:2364] 00007ffd2ffc1a50 Thread C:\WINDOWS\system32\svchost.exe [76:2376] 00007ffd2ffe39b0 Thread C:\WINDOWS\system32\svchost.exe [76:5156] 00007ffd269e1040 Thread C:\WINDOWS\system32\svchost.exe [76:5160] 00007ffd2d2f48e0 Thread C:\WINDOWS\system32\svchost.exe [76:5164] 00007ffd2d2f48e0 Thread C:\WINDOWS\system32\svchost.exe [76:5360] 00007ffd1e9f04d0 Thread C:\WINDOWS\system32\svchost.exe [76:5400] 00007ffd1e9ee990 Thread C:\WINDOWS\system32\svchost.exe [76:5404] 00007ffd1e9ee990 Thread C:\WINDOWS\system32\svchost.exe [76:5408] 00007ffd1e9ee990 Thread C:\WINDOWS\system32\svchost.exe [76:5412] 00007ffd1ea14560 Thread C:\WINDOWS\system32\svchost.exe [76:5416] 00007ffd1e9ee990 Thread C:\WINDOWS\system32\svchost.exe [76:5424] 00007ffd1ea14560 Thread C:\WINDOWS\system32\svchost.exe [1168:1604] 00007ffd322eaf40 Thread C:\WINDOWS\system32\svchost.exe [1168:1600] 00007ffd322eca00 Thread C:\WINDOWS\system32\svchost.exe [1168:2300] 00007ffd2f7e1240 Thread C:\WINDOWS\system32\svchost.exe [1168:2304] 00007ffd303ba3b0 Thread C:\WINDOWS\system32\svchost.exe [1168:2528] 00007ffd2f4525e0 Thread C:\WINDOWS\system32\svchost.exe [1168:2736] 00007ffd2d3c3bc0 Thread C:\WINDOWS\system32\svchost.exe [1168:1184] 00007ffd2d3c2080 Thread C:\WINDOWS\system32\svchost.exe [1708:1744] 00007ffd34c9e830 Thread C:\WINDOWS\system32\svchost.exe [1708:1756] 00007ffd34c310a0 Thread C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe [3340:2656] 00007ffd3bd559c0 Thread C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe [3340:2668] 00007ffd326f2bc0 Thread C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe [3340:2700] 00007ffd338048e0 Thread C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe [3340:2220] 00007ffd3bd570d0 Thread C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe [3340:3892] 00007ffd2e9ce010 Thread C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe [3340:3896] 00007ffd3a6311a0 Thread C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe [3340:4112] 00007ffd23760830 Thread C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe [3340:4116] 00007ffd237dabe0 Thread C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe [3340:4120] 00007ffd23798100 Thread C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe [3340:4184] 00007ffd237dabe0 Thread C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe [3340:4220] 00007ffd237e28d0 Thread C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe [3340:4232] 00007ffd3c2225b0 ---- EOF - GMER 2.2 ----