GMER 2.1.19357 - http://www.gmer.net
Rootkit scan 2014-03-06 20:30:44
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 ST9500325AS rev.0005HPM1 465,76GB
Running: zj2r31iy.exe; Driver: C:\Users\User\AppData\Local\Temp\aftcaaob.sys


---- Registry - GMER 2.1 ----

Reg  HKLM\SYSTEM\CurrentControlSet\Control\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}\{46A1CFAE-613B-4A17-9D1D-5AAFDC8A5BFF}\Connection@Name  isatap.{E56A6A5C-BBF5-4E26-875F-FFD4E676C71F}
Reg  HKLM\SYSTEM\CurrentControlSet\Control\Network\{4d36e975-e325-11ce-bfc1-08002be10318}\{2B07FAA1-8217-4E30-B5EC-FD4501E773BB}\Linkage@Bind     \Device\{FB7156EF-1775-450C-ADA6-329833D4598E}?\Device\{46A1CFAE-613B-4A17-9D1D-5AAFDC8A5BFF}?\Device\{26ADE18B-0152-45BC-B080-4A35D2702193}?\Device\{296106C7-2732-45B7-9B54-D8835945F025}?
Reg  HKLM\SYSTEM\CurrentControlSet\Control\Network\{4d36e975-e325-11ce-bfc1-08002be10318}\{2B07FAA1-8217-4E30-B5EC-FD4501E773BB}\Linkage@Route    "{FB7156EF-1775-450C-ADA6-329833D4598E}"?"{46A1CFAE-613B-4A17-9D1D-5AAFDC8A5BFF}"?"{26ADE18B-0152-45BC-B080-4A35D2702193}"?"{296106C7-2732-45B7-9B54-D8835945F025}"?
Reg  HKLM\SYSTEM\CurrentControlSet\Control\Network\{4d36e975-e325-11ce-bfc1-08002be10318}\{2B07FAA1-8217-4E30-B5EC-FD4501E773BB}\Linkage@Export   \Device\TCPIP6TUNNEL_{FB7156EF-1775-450C-ADA6-329833D4598E}?\Device\TCPIP6TUNNEL_{46A1CFAE-613B-4A17-9D1D-5AAFDC8A5BFF}?\Device\TCPIP6TUNNEL_{26ADE18B-0152-45BC-B080-4A35D2702193}?\Device\TCPIP6TUNNEL_{296106C7-2732-45B7-9B54-D8835945F025}?
Reg  HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\00271339129f                                                                  
Reg  HKLM\SYSTEM\CurrentControlSet\services\iphlpsvc\Parameters\Isatap\{46A1CFAE-613B-4A17-9D1D-5AAFDC8A5BFF}@InterfaceName                       isatap.{E56A6A5C-BBF5-4E26-875F-FFD4E676C71F}
Reg  HKLM\SYSTEM\CurrentControlSet\services\iphlpsvc\Parameters\Isatap\{46A1CFAE-613B-4A17-9D1D-5AAFDC8A5BFF}@ReusableType                        0
Reg  HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Epoch2@Epoch                                                                             817
Reg  HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\00271339129f (not active ControlSet)                                              

---- EOF - GMER 2.1 ----