GMER 2.1.19357 - http://www.gmer.net Rootkit scan 2015-11-29 19:31:19 Windows 6.2.9200 x64 \Device\Harddisk0\DR0 -> \Device\00000034 KINGSTON_SV300S37A120G rev.541ABBF0 111,79GB Running: j590ico9.exe; Driver: C:\Users\PC001\AppData\Local\Temp\pxldapow.sys ---- Kernel code sections - GMER 2.1 ---- .text C:\Windows\System32\win32k.sys!W32pServiceTable fffff96000083600 15 bytes [00, 96, F2, 01, 00, 6A, 6C, ...] .text C:\Windows\System32\win32k.sys!W32pServiceTable + 16 fffff96000083610 11 bytes [00, D7, FB, FF, 00, 7B, D1, ...] ---- Threads - GMER 2.1 ---- Thread C:\Windows\system32\csrss.exe [784:4948] fffff9600086e2d0 ---- Registry - GMER 2.1 ---- Reg HKLM\SYSTEM\CurrentControlSet\Control\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}\Descriptions@Karta Microsoft ISATAP 1?2? Reg HKLM\SYSTEM\CurrentControlSet\Control\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}\{AB25F119-8E1F-4CA9-93FF-A31B2D676E0F} Reg HKLM\SYSTEM\CurrentControlSet\Control\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}\{AB25F119-8E1F-4CA9-93FF-A31B2D676E0F}\Connection Reg HKLM\SYSTEM\CurrentControlSet\Control\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}\{AB25F119-8E1F-4CA9-93FF-A31B2D676E0F}\Connection@DefaultNameResourceId 1801 Reg HKLM\SYSTEM\CurrentControlSet\Control\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}\{AB25F119-8E1F-4CA9-93FF-A31B2D676E0F}\Connection@DefaultNameIndex 3 Reg HKLM\SYSTEM\CurrentControlSet\Control\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}\{AB25F119-8E1F-4CA9-93FF-A31B2D676E0F}\Connection@DefaultNameTargetsPort 0 Reg HKLM\SYSTEM\CurrentControlSet\Control\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}\{AB25F119-8E1F-4CA9-93FF-A31B2D676E0F}\Connection@Name Reusable ISATAP Interface {AB25F119-8E1F-4CA9-93FF-A31B2D676E0F} Reg HKLM\SYSTEM\CurrentControlSet\Control\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}\{AB25F119-8E1F-4CA9-93FF-A31B2D676E0F}\Connection@PnPInstanceId SWD\IP_TUNNEL_VBUS\ISATAP_0 Reg HKLM\SYSTEM\CurrentControlSet\Control\Network\{4d36e975-e325-11ce-bfc1-08002be10318}\{F4C8701D-6740-47A5-AC5E-5A1FC2F0D83D}\Linkage@Bind \Device\{AB25F119-8E1F-4CA9-93FF-A31B2D676E0F}?\Device\{E21B6ED1-67FD-4AD8-9B21-C5F9F4818C6F}?\Device\{1D573839-4562-42AC-8329-82D49F5D7944}? Reg HKLM\SYSTEM\CurrentControlSet\Control\Network\{4d36e975-e325-11ce-bfc1-08002be10318}\{F4C8701D-6740-47A5-AC5E-5A1FC2F0D83D}\Linkage@Route "{AB25F119-8E1F-4CA9-93FF-A31B2D676E0F}"?"{E21B6ED1-67FD-4AD8-9B21-C5F9F4818C6F}"?"{1D573839-4562-42AC-8329-82D49F5D7944}"? Reg HKLM\SYSTEM\CurrentControlSet\Control\Network\{4d36e975-e325-11ce-bfc1-08002be10318}\{F4C8701D-6740-47A5-AC5E-5A1FC2F0D83D}\Linkage@Export \Device\TCPIP6TUNNEL_{AB25F119-8E1F-4CA9-93FF-A31B2D676E0F}?\Device\TCPIP6TUNNEL_{E21B6ED1-67FD-4AD8-9B21-C5F9F4818C6F}?\Device\TCPIP6TUNNEL_{1D573839-4562-42AC-8329-82D49F5D7944}? Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Kernel\RNG@RNGAuxiliarySeed -1271239439 Reg HKLM\SYSTEM\CurrentControlSet\Services\iphlpsvc\Parameters\Isatap\{AB25F119-8E1F-4CA9-93FF-A31B2D676E0F} Reg HKLM\SYSTEM\CurrentControlSet\Services\iphlpsvc\Parameters\Isatap\{AB25F119-8E1F-4CA9-93FF-A31B2D676E0F}@InterfaceName Reusable ISATAP Interface {AB25F119-8E1F-4CA9-93FF-A31B2D676E0F} Reg HKLM\SYSTEM\CurrentControlSet\Services\iphlpsvc\Parameters\Isatap\{AB25F119-8E1F-4CA9-93FF-A31B2D676E0F}@ReusableType 1 Reg HKLM\SYSTEM\CurrentControlSet\Services\iphlpsvc\Parameters\Isatap\{AB25F119-8E1F-4CA9-93FF-A31B2D676E0F}@DeviceInstancePath SWD\IP_TUNNEL_VBUS\ISATAP_0 Reg HKLM\SYSTEM\CurrentControlSet\Services\iphlpsvc\Parameters\Isatap\{AB25F119-8E1F-4CA9-93FF-A31B2D676E0F}@DefunctTimestamp 0x45 0x0F 0x2D 0x56 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\LanmanServer\Linkage@Bind \Device\Tcpip6_{AB25F119-8E1F-4CA9-93FF-A31B2D676E0F}?\Device\Tcpip6_{48E53602-A77E-4DCF-9EA4-6B33CA62A439}?\Device\Tcpip6_{E8A3280B-FEE2-4B14-B2E4-CDF89A2E9608}?\Device\Tcpip6_{E21B6ED1-67FD-4AD8-9B21-C5F9F4818C6F}?\Device\Tcpip6_{1D573839-4562-42AC-8329-82D49F5D7944}?\Device\Tcpip6_{CEE444A8-B6B0-4EBD-84AE-918054C0D034}?\Device\Tcpip6_{6A72AC78-04F2-40F2-A775-F26CC5086CEA}?\Device\Tcpip6_{97B07203-6DD4-4199-A52E-72E7BC95989C}?\Device\Tcpip6_{8718928D-CBEB-45EA-A621-800A9249001D}?\Device\NetbiosSmb?\Device\NetBT_Tcpip6_{AB25F119-8E1F-4CA9-93FF-A31B2D676E0F}?\Device\NetBT_Tcpip6_{48E53602-A77E-4DCF-9EA4-6B33CA62A439}?\Device\NetBT_Tcpip6_{E8A3280B-FEE2-4B14-B2E4-CDF89A2E9608}?\Device\NetBT_Tcpip6_{E21B6ED1-67FD-4AD8-9B21-C5F9F4818C6F}?\Device\NetBT_Tcpip6_{1D573839-4562-42AC-8329-82D49F5D7944}?\Device\NetBT_Tcpip6_{CEE444A8-B6B0-4EBD-84AE-918054C0D034}?\Device\NetBT_Tcpip6_{6A72AC78-04F2-40F2-A775-F26CC5086CEA}?\Device\NetBT_Tcpip6_{97B07203-6DD4-4199-A52E-72E7BC95989C}?\Device\NetBT_Tcpip6_{8718928D-CBEB-45 Reg HKLM\SYSTEM\CurrentControlSet\Services\LanmanServer\Linkage@Route "Tcpip6" "{AB25F119-8E1F-4CA9-93FF-A31B2D676E0F}"?"Tcpip6" "{48E53602-A77E-4DCF-9EA4-6B33CA62A439}"?"Tcpip6" "{E8A3280B-FEE2-4B14-B2E4-CDF89A2E9608}"?"Tcpip6" "{E21B6ED1-67FD-4AD8-9B21-C5F9F4818C6F}"?"Tcpip6" "{1D573839-4562-42AC-8329-82D49F5D7944}"?"Tcpip6" "{CEE444A8-B6B0-4EBD-84AE-918054C0D034}"?"Tcpip6" "{6A72AC78-04F2-40F2-A775-F26CC5086CEA}"?"Tcpip6" "{97B07203-6DD4-4199-A52E-72E7BC95989C}"?"Tcpip6" "{8718928D-CBEB-45EA-A621-800A9249001D}"?"NetbiosSmb"?"NetBT" "Tcpip6" "{AB25F119-8E1F-4CA9-93FF-A31B2D676E0F}"?"NetBT" "Tcpip6" "{48E53602-A77E-4DCF-9EA4-6B33CA62A439}"?"NetBT" "Tcpip6" "{E8A3280B-FEE2-4B14-B2E4-CDF89A2E9608}"?"NetBT" "Tcpip6" "{E21B6ED1-67FD-4AD8-9B21-C5F9F4818C6F}"?"NetBT" "Tcpip6" "{1D573839-4562-42AC-8329-82D49F5D7944}"?"NetBT" "Tcpip6" "{CEE444A8-B6B0-4EBD-84AE-918054C0D034}"?"NetBT" "Tcpip6" "{6A72AC78-04F2-40F2-A775-F26CC5086CEA}"?"NetBT" "Tcpip6" "{97B07203-6DD4-4199-A52E-72E7BC95989C}"?"NetBT" "Tcpip6" "{8718928D-CBEB-45EA-A621-800A9249001D}"?"NetBT" "Tcpip" "{48E53602-A77E-4DCF-9 Reg HKLM\SYSTEM\CurrentControlSet\Services\LanmanServer\Linkage@Export \Device\LanmanServer_Tcpip6_{AB25F119-8E1F-4CA9-93FF-A31B2D676E0F}?\Device\LanmanServer_Tcpip6_{48E53602-A77E-4DCF-9EA4-6B33CA62A439}?\Device\LanmanServer_Tcpip6_{E8A3280B-FEE2-4B14-B2E4-CDF89A2E9608}?\Device\LanmanServer_Tcpip6_{E21B6ED1-67FD-4AD8-9B21-C5F9F4818C6F}?\Device\LanmanServer_Tcpip6_{1D573839-4562-42AC-8329-82D49F5D7944}?\Device\LanmanServer_Tcpip6_{CEE444A8-B6B0-4EBD-84AE-918054C0D034}?\Device\LanmanServer_Tcpip6_{6A72AC78-04F2-40F2-A775-F26CC5086CEA}?\Device\LanmanServer_Tcpip6_{97B07203-6DD4-4199-A52E-72E7BC95989C}?\Device\LanmanServer_Tcpip6_{8718928D-CBEB-45EA-A621-800A9249001D}?\Device\LanmanServer_NetbiosSmb?\Device\LanmanServer_NetBT_Tcpip6_{AB25F119-8E1F-4CA9-93FF-A31B2D676E0F}?\Device\LanmanServer_NetBT_Tcpip6_{48E53602-A77E-4DCF-9EA4-6B33CA62A439}?\Device\LanmanServer_NetBT_Tcpip6_{E8A3280B-FEE2-4B14-B2E4-CDF89A2E9608}?\Device\LanmanServer_NetBT_Tcpip6_{E21B6ED1-67FD-4AD8-9B21-C5F9F4818C6F}?\Device\LanmanServer_NetBT_Tcpip6_{1D573839-4562-42AC-8329-82D49F5D7944}?\Device\LanmanServer_Ne Reg HKLM\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Linkage@Bind \Device\Tcpip6_{AB25F119-8E1F-4CA9-93FF-A31B2D676E0F}?\Device\Tcpip6_{48E53602-A77E-4DCF-9EA4-6B33CA62A439}?\Device\Tcpip6_{E8A3280B-FEE2-4B14-B2E4-CDF89A2E9608}?\Device\Tcpip6_{E21B6ED1-67FD-4AD8-9B21-C5F9F4818C6F}?\Device\Tcpip6_{1D573839-4562-42AC-8329-82D49F5D7944}?\Device\Tcpip6_{CEE444A8-B6B0-4EBD-84AE-918054C0D034}?\Device\Tcpip6_{6A72AC78-04F2-40F2-A775-F26CC5086CEA}?\Device\Tcpip6_{97B07203-6DD4-4199-A52E-72E7BC95989C}?\Device\Tcpip6_{8718928D-CBEB-45EA-A621-800A9249001D}?\Device\NetbiosSmb?\Device\NetBT_Tcpip6_{AB25F119-8E1F-4CA9-93FF-A31B2D676E0F}?\Device\NetBT_Tcpip6_{48E53602-A77E-4DCF-9EA4-6B33CA62A439}?\Device\NetBT_Tcpip6_{E8A3280B-FEE2-4B14-B2E4-CDF89A2E9608}?\Device\NetBT_Tcpip6_{E21B6ED1-67FD-4AD8-9B21-C5F9F4818C6F}?\Device\NetBT_Tcpip6_{1D573839-4562-42AC-8329-82D49F5D7944}?\Device\NetBT_Tcpip6_{CEE444A8-B6B0-4EBD-84AE-918054C0D034}?\Device\NetBT_Tcpip6_{6A72AC78-04F2-40F2-A775-F26CC5086CEA}?\Device\NetBT_Tcpip6_{97B07203-6DD4-4199-A52E-72E7BC95989C}?\Device\NetBT_Tcpip6_{8718928D-CBEB-45 Reg HKLM\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Linkage@Route "Tcpip6" "{AB25F119-8E1F-4CA9-93FF-A31B2D676E0F}"?"Tcpip6" "{48E53602-A77E-4DCF-9EA4-6B33CA62A439}"?"Tcpip6" "{E8A3280B-FEE2-4B14-B2E4-CDF89A2E9608}"?"Tcpip6" "{E21B6ED1-67FD-4AD8-9B21-C5F9F4818C6F}"?"Tcpip6" "{1D573839-4562-42AC-8329-82D49F5D7944}"?"Tcpip6" "{CEE444A8-B6B0-4EBD-84AE-918054C0D034}"?"Tcpip6" "{6A72AC78-04F2-40F2-A775-F26CC5086CEA}"?"Tcpip6" "{97B07203-6DD4-4199-A52E-72E7BC95989C}"?"Tcpip6" "{8718928D-CBEB-45EA-A621-800A9249001D}"?"NetbiosSmb"?"NetBT" "Tcpip6" "{AB25F119-8E1F-4CA9-93FF-A31B2D676E0F}"?"NetBT" "Tcpip6" "{48E53602-A77E-4DCF-9EA4-6B33CA62A439}"?"NetBT" "Tcpip6" "{E8A3280B-FEE2-4B14-B2E4-CDF89A2E9608}"?"NetBT" "Tcpip6" "{E21B6ED1-67FD-4AD8-9B21-C5F9F4818C6F}"?"NetBT" "Tcpip6" "{1D573839-4562-42AC-8329-82D49F5D7944}"?"NetBT" "Tcpip6" "{CEE444A8-B6B0-4EBD-84AE-918054C0D034}"?"NetBT" "Tcpip6" "{6A72AC78-04F2-40F2-A775-F26CC5086CEA}"?"NetBT" "Tcpip6" "{97B07203-6DD4-4199-A52E-72E7BC95989C}"?"NetBT" "Tcpip6" "{8718928D-CBEB-45EA-A621-800A9249001D}"?"NetBT" "Tcpip" "{48E53602-A77E-4DCF-9 Reg HKLM\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Linkage@Export \Device\LanmanWorkstation_Tcpip6_{AB25F119-8E1F-4CA9-93FF-A31B2D676E0F}?\Device\LanmanWorkstation_Tcpip6_{48E53602-A77E-4DCF-9EA4-6B33CA62A439}?\Device\LanmanWorkstation_Tcpip6_{E8A3280B-FEE2-4B14-B2E4-CDF89A2E9608}?\Device\LanmanWorkstation_Tcpip6_{E21B6ED1-67FD-4AD8-9B21-C5F9F4818C6F}?\Device\LanmanWorkstation_Tcpip6_{1D573839-4562-42AC-8329-82D49F5D7944}?\Device\LanmanWorkstation_Tcpip6_{CEE444A8-B6B0-4EBD-84AE-918054C0D034}?\Device\LanmanWorkstation_Tcpip6_{6A72AC78-04F2-40F2-A775-F26CC5086CEA}?\Device\LanmanWorkstation_Tcpip6_{97B07203-6DD4-4199-A52E-72E7BC95989C}?\Device\LanmanWorkstation_Tcpip6_{8718928D-CBEB-45EA-A621-800A9249001D}?\Device\LanmanWorkstation_NetbiosSmb?\Device\LanmanWorkstation_NetBT_Tcpip6_{AB25F119-8E1F-4CA9-93FF-A31B2D676E0F}?\Device\LanmanWorkstation_NetBT_Tcpip6_{48E53602-A77E-4DCF-9EA4-6B33CA62A439}?\Device\LanmanWorkstation_NetBT_Tcpip6_{E8A3280B-FEE2-4B14-B2E4-CDF89A2E9608}?\Device\LanmanWorkstation_NetBT_Tcpip6_{E21B6ED1-67FD-4AD8-9B21-C5F9F4818C6F}?\Device\LanmanWorkstation_ Reg HKLM\SYSTEM\CurrentControlSet\Services\NetBIOS\Linkage@Bind \Device\NetBT_Tcpip6_{AB25F119-8E1F-4CA9-93FF-A31B2D676E0F}?\Device\NetBT_Tcpip6_{48E53602-A77E-4DCF-9EA4-6B33CA62A439}?\Device\NetBT_Tcpip6_{E8A3280B-FEE2-4B14-B2E4-CDF89A2E9608}?\Device\NetBT_Tcpip6_{E21B6ED1-67FD-4AD8-9B21-C5F9F4818C6F}?\Device\NetBT_Tcpip6_{1D573839-4562-42AC-8329-82D49F5D7944}?\Device\NetBT_Tcpip6_{CEE444A8-B6B0-4EBD-84AE-918054C0D034}?\Device\NetBT_Tcpip6_{6A72AC78-04F2-40F2-A775-F26CC5086CEA}?\Device\NetBT_Tcpip6_{97B07203-6DD4-4199-A52E-72E7BC95989C}?\Device\NetBT_Tcpip6_{8718928D-CBEB-45EA-A621-800A9249001D}?\Device\NetBT_Tcpip_{48E53602-A77E-4DCF-9EA4-6B33CA62A439}?\Device\NetBT_Tcpip_{E8A3280B-FEE2-4B14-B2E4-CDF89A2E9608}?\Device\NetBT_Tcpip_{CEE444A8-B6B0-4EBD-84AE-918054C0D034}?\Device\NetBT_Tcpip_{6A72AC78-04F2-40F2-A775-F26CC5086CEA}?\Device\NetBT_Tcpip_{97B07203-6DD4-4199-A52E-72E7BC95989C}?\Device\NetBT_Tcpip_{8718928D-CBEB-45EA-A621-800A9249001D}? Reg HKLM\SYSTEM\CurrentControlSet\Services\NetBIOS\Linkage@Route "NetBT" "Tcpip6" "{AB25F119-8E1F-4CA9-93FF-A31B2D676E0F}"?"NetBT" "Tcpip6" "{48E53602-A77E-4DCF-9EA4-6B33CA62A439}"?"NetBT" "Tcpip6" "{E8A3280B-FEE2-4B14-B2E4-CDF89A2E9608}"?"NetBT" "Tcpip6" "{E21B6ED1-67FD-4AD8-9B21-C5F9F4818C6F}"?"NetBT" "Tcpip6" "{1D573839-4562-42AC-8329-82D49F5D7944}"?"NetBT" "Tcpip6" "{CEE444A8-B6B0-4EBD-84AE-918054C0D034}"?"NetBT" "Tcpip6" "{6A72AC78-04F2-40F2-A775-F26CC5086CEA}"?"NetBT" "Tcpip6" "{97B07203-6DD4-4199-A52E-72E7BC95989C}"?"NetBT" "Tcpip6" "{8718928D-CBEB-45EA-A621-800A9249001D}"?"NetBT" "Tcpip" "{48E53602-A77E-4DCF-9EA4-6B33CA62A439}"?"NetBT" "Tcpip" "{E8A3280B-FEE2-4B14-B2E4-CDF89A2E9608}"?"NetBT" "Tcpip" "{CEE444A8-B6B0-4EBD-84AE-918054C0D034}"?"NetBT" "Tcpip" "{6A72AC78-04F2-40F2-A775-F26CC5086CEA}"?"NetBT" "Tcpip" "{97B07203-6DD4-4199-A52E-72E7BC95989C}"?"NetBT" "Tcpip" "{8718928D-CBEB-45EA-A621-800A9249001D}"? Reg HKLM\SYSTEM\CurrentControlSet\Services\NetBIOS\Linkage@Export \Device\NetBIOS_NetBT_Tcpip6_{AB25F119-8E1F-4CA9-93FF-A31B2D676E0F}?\Device\NetBIOS_NetBT_Tcpip6_{48E53602-A77E-4DCF-9EA4-6B33CA62A439}?\Device\NetBIOS_NetBT_Tcpip6_{E8A3280B-FEE2-4B14-B2E4-CDF89A2E9608}?\Device\NetBIOS_NetBT_Tcpip6_{E21B6ED1-67FD-4AD8-9B21-C5F9F4818C6F}?\Device\NetBIOS_NetBT_Tcpip6_{1D573839-4562-42AC-8329-82D49F5D7944}?\Device\NetBIOS_NetBT_Tcpip6_{CEE444A8-B6B0-4EBD-84AE-918054C0D034}?\Device\NetBIOS_NetBT_Tcpip6_{6A72AC78-04F2-40F2-A775-F26CC5086CEA}?\Device\NetBIOS_NetBT_Tcpip6_{97B07203-6DD4-4199-A52E-72E7BC95989C}?\Device\NetBIOS_NetBT_Tcpip6_{8718928D-CBEB-45EA-A621-800A9249001D}?\Device\NetBIOS_NetBT_Tcpip_{48E53602-A77E-4DCF-9EA4-6B33CA62A439}?\Device\NetBIOS_NetBT_Tcpip_{E8A3280B-FEE2-4B14-B2E4-CDF89A2E9608}?\Device\NetBIOS_NetBT_Tcpip_{CEE444A8-B6B0-4EBD-84AE-918054C0D034}?\Device\NetBIOS_NetBT_Tcpip_{6A72AC78-04F2-40F2-A775-F26CC5086CEA}?\Device\NetBIOS_NetBT_Tcpip_{97B07203-6DD4-4199-A52E-72E7BC95989C}?\Device\NetBIOS_NetBT_Tcpip_{8718928D-CBEB-45EA-A621-800A9249001D}? Reg HKLM\SYSTEM\CurrentControlSet\Services\NetBIOS\Parameters@MaxLana 14 Reg HKLM\SYSTEM\CurrentControlSet\Services\NetBT\Linkage@Bind \Device\Tcpip6_{AB25F119-8E1F-4CA9-93FF-A31B2D676E0F}?\Device\Tcpip6_{48E53602-A77E-4DCF-9EA4-6B33CA62A439}?\Device\Tcpip6_{E8A3280B-FEE2-4B14-B2E4-CDF89A2E9608}?\Device\Tcpip6_{E21B6ED1-67FD-4AD8-9B21-C5F9F4818C6F}?\Device\Tcpip6_{1D573839-4562-42AC-8329-82D49F5D7944}?\Device\Tcpip6_{CEE444A8-B6B0-4EBD-84AE-918054C0D034}?\Device\Tcpip6_{6A72AC78-04F2-40F2-A775-F26CC5086CEA}?\Device\Tcpip6_{97B07203-6DD4-4199-A52E-72E7BC95989C}?\Device\Tcpip6_{8718928D-CBEB-45EA-A621-800A9249001D}?\Device\Tcpip_{48E53602-A77E-4DCF-9EA4-6B33CA62A439}?\Device\Tcpip_{E8A3280B-FEE2-4B14-B2E4-CDF89A2E9608}?\Device\Tcpip_{CEE444A8-B6B0-4EBD-84AE-918054C0D034}?\Device\Tcpip_{6A72AC78-04F2-40F2-A775-F26CC5086CEA}?\Device\Tcpip_{97B07203-6DD4-4199-A52E-72E7BC95989C}?\Device\Tcpip_{8718928D-CBEB-45EA-A621-800A9249001D}? Reg HKLM\SYSTEM\CurrentControlSet\Services\NetBT\Linkage@Route "Tcpip6" "{AB25F119-8E1F-4CA9-93FF-A31B2D676E0F}"?"Tcpip6" "{48E53602-A77E-4DCF-9EA4-6B33CA62A439}"?"Tcpip6" "{E8A3280B-FEE2-4B14-B2E4-CDF89A2E9608}"?"Tcpip6" "{E21B6ED1-67FD-4AD8-9B21-C5F9F4818C6F}"?"Tcpip6" "{1D573839-4562-42AC-8329-82D49F5D7944}"?"Tcpip6" "{CEE444A8-B6B0-4EBD-84AE-918054C0D034}"?"Tcpip6" "{6A72AC78-04F2-40F2-A775-F26CC5086CEA}"?"Tcpip6" "{97B07203-6DD4-4199-A52E-72E7BC95989C}"?"Tcpip6" "{8718928D-CBEB-45EA-A621-800A9249001D}"?"Tcpip" "{48E53602-A77E-4DCF-9EA4-6B33CA62A439}"?"Tcpip" "{E8A3280B-FEE2-4B14-B2E4-CDF89A2E9608}"?"Tcpip" "{CEE444A8-B6B0-4EBD-84AE-918054C0D034}"?"Tcpip" "{6A72AC78-04F2-40F2-A775-F26CC5086CEA}"?"Tcpip" "{97B07203-6DD4-4199-A52E-72E7BC95989C}"?"Tcpip" "{8718928D-CBEB-45EA-A621-800A9249001D}"? Reg HKLM\SYSTEM\CurrentControlSet\Services\NetBT\Linkage@Export \Device\NetBT_Tcpip6_{AB25F119-8E1F-4CA9-93FF-A31B2D676E0F}?\Device\NetBT_Tcpip6_{48E53602-A77E-4DCF-9EA4-6B33CA62A439}?\Device\NetBT_Tcpip6_{E8A3280B-FEE2-4B14-B2E4-CDF89A2E9608}?\Device\NetBT_Tcpip6_{E21B6ED1-67FD-4AD8-9B21-C5F9F4818C6F}?\Device\NetBT_Tcpip6_{1D573839-4562-42AC-8329-82D49F5D7944}?\Device\NetBT_Tcpip6_{CEE444A8-B6B0-4EBD-84AE-918054C0D034}?\Device\NetBT_Tcpip6_{6A72AC78-04F2-40F2-A775-F26CC5086CEA}?\Device\NetBT_Tcpip6_{97B07203-6DD4-4199-A52E-72E7BC95989C}?\Device\NetBT_Tcpip6_{8718928D-CBEB-45EA-A621-800A9249001D}?\Device\NetBT_Tcpip_{48E53602-A77E-4DCF-9EA4-6B33CA62A439}?\Device\NetBT_Tcpip_{E8A3280B-FEE2-4B14-B2E4-CDF89A2E9608}?\Device\NetBT_Tcpip_{CEE444A8-B6B0-4EBD-84AE-918054C0D034}?\Device\NetBT_Tcpip_{6A72AC78-04F2-40F2-A775-F26CC5086CEA}?\Device\NetBT_Tcpip_{97B07203-6DD4-4199-A52E-72E7BC95989C}?\Device\NetBT_Tcpip_{8718928D-CBEB-45EA-A621-800A9249001D}? Reg HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Epoch@Epoch 10388 Reg HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Epoch2@Epoch 3196 Reg HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{6A72AC78-04F2-40F2-A775-F26CC5086CEA}@LeaseObtainedTime 1448728422 Reg HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{6A72AC78-04F2-40F2-A775-F26CC5086CEA}@T1 1449030822 Reg HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{6A72AC78-04F2-40F2-A775-F26CC5086CEA}@T2 1449257622 Reg HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{6A72AC78-04F2-40F2-A775-F26CC5086CEA}@LeaseTerminatesTime 1449333222 Reg HKLM\SYSTEM\CurrentControlSet\Services\TCPIP6\Linkage@Bind \Device\{AB25F119-8E1F-4CA9-93FF-A31B2D676E0F}?\Device\{48E53602-A77E-4DCF-9EA4-6B33CA62A439}?\Device\{E8A3280B-FEE2-4B14-B2E4-CDF89A2E9608}?\Device\{E21B6ED1-67FD-4AD8-9B21-C5F9F4818C6F}?\Device\{1D573839-4562-42AC-8329-82D49F5D7944}?\Device\{CEE444A8-B6B0-4EBD-84AE-918054C0D034}?\Device\{6A72AC78-04F2-40F2-A775-F26CC5086CEA}?\Device\{97B07203-6DD4-4199-A52E-72E7BC95989C}?\Device\{8718928D-CBEB-45EA-A621-800A9249001D}? Reg HKLM\SYSTEM\CurrentControlSet\Services\TCPIP6\Linkage@Route "{AB25F119-8E1F-4CA9-93FF-A31B2D676E0F}"?"{48E53602-A77E-4DCF-9EA4-6B33CA62A439}"?"{E8A3280B-FEE2-4B14-B2E4-CDF89A2E9608}"?"{E21B6ED1-67FD-4AD8-9B21-C5F9F4818C6F}"?"{1D573839-4562-42AC-8329-82D49F5D7944}"?"{CEE444A8-B6B0-4EBD-84AE-918054C0D034}"?"{6A72AC78-04F2-40F2-A775-F26CC5086CEA}"?"{97B07203-6DD4-4199-A52E-72E7BC95989C}"?"{8718928D-CBEB-45EA-A621-800A9249001D}"? Reg HKLM\SYSTEM\CurrentControlSet\Services\TCPIP6\Linkage@Export \Device\Tcpip6_{AB25F119-8E1F-4CA9-93FF-A31B2D676E0F}?\Device\Tcpip6_{48E53602-A77E-4DCF-9EA4-6B33CA62A439}?\Device\Tcpip6_{E8A3280B-FEE2-4B14-B2E4-CDF89A2E9608}?\Device\Tcpip6_{E21B6ED1-67FD-4AD8-9B21-C5F9F4818C6F}?\Device\Tcpip6_{1D573839-4562-42AC-8329-82D49F5D7944}?\Device\Tcpip6_{CEE444A8-B6B0-4EBD-84AE-918054C0D034}?\Device\Tcpip6_{6A72AC78-04F2-40F2-A775-F26CC5086CEA}?\Device\Tcpip6_{97B07203-6DD4-4199-A52E-72E7BC95989C}?\Device\Tcpip6_{8718928D-CBEB-45EA-A621-800A9249001D}? Reg HKLM\SYSTEM\CurrentControlSet\Services\TCPIP6\Parameters\Interfaces\{AB25F119-8E1F-4CA9-93FF-A31B2D676E0F} Reg HKLM\SYSTEM\CurrentControlSet\Services\TCPIP6\Parameters\Interfaces\{AB25F119-8E1F-4CA9-93FF-A31B2D676E0F}@NameServer Reg HKCU\Software\Microsoft\Windows\CurrentVersion\GWX\Usage@UsageTime 0x0F 0xE8 0x6E 0x03 ... ---- Files - GMER 2.1 ---- File C:\ProgramData\Microsoft\Windows\WER\ReportArchive\NonCritical_7.9.9600.17729_f4d62e9e3e89196fbe7236f157f7cefd4a83c21d_00000000_15013a16 0 bytes File C:\ProgramData\Microsoft\Windows\WER\ReportArchive\NonCritical_7.9.9600.17729_f4d62e9e3e89196fbe7236f157f7cefd4a83c21d_00000000_15013a16\Report.wer 2906 bytes File C:\Users\PC001\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000320 0 bytes File C:\Users\PC001\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0003f0 0 bytes File C:\Users\PC001\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00041b 0 bytes File C:\Users\PC001\AppData\Local\Microsoft\Windows\INetCache\IE\Q64GAMWE\up64[1] 0 bytes ---- EOF - GMER 2.1 ----