GMER 2.1.19357 - http://www.gmer.net
Rootkit scan 2016-01-10 13:51:19
Windows 6.1.7600  x64 \Device\Harddisk0\DR0 -> \Device\0000005c ST950032 rev.0003 465,76GB
Running: 0yr3lccu.exe; Driver: C:\Users\Kinka\AppData\Local\Temp\pxdyqpog.sys


---- User code sections - GMER 2.1 ----

.text    C:\Program Files\AVAST Software\Avast\avastui.exe[4064] C:\Windows\syswow64\kernel32.dll!SetUnhandledExceptionFilter                                                                                                                                             000000007610d03c 8 bytes [31, C0, C2, 04, 00, 90, 90, ...]
---- Processes - GMER 2.1 ----

Library  \\?\C:\ProgramData\Microsoft\Windows\DRM\Cache\Indiv_SID_S-1-5-20\Indiv01_64.key (*** suspicious ***) @ C:\Program Files\Windows Media Player\wmpnetwk.exe [3976] (Individualized Black Box DLL/Microsoft Corporation)(2015-12-03 13:43:51)                      000000000ac00000
Library  C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{9BBEADD9-CB5D-453E-95F8-59EE2D78A734}\mpengine.dll (*** suspicious ***) @ C:\Windows\System32\svchost.exe [2784] (Microsoft Malware Protection Engine/Microsoft Corporation)(2015-09-29 02:27:12)  000007feeb1d0000
Library  C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{9BBEADD9-CB5D-453E-95F8-59EE2D78A734}\offreg.2784.dll (*** suspicious ***) @ C:\Windows\System32\svchost.exe [2784](2016-01-10 12:21:45)                                                           000007fef7b20000

---- Registry - GMER 2.1 ----

Reg      HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\1c4bd61d49e0                                                                                                                                                                                      
Reg      HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\1c4bd61d49e0 (not active ControlSet)                                                                                                                                                                  

---- Files - GMER 2.1 ----

File     C:\Users\Kinka\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DZIHFI34\InsaneColdBacktotheIceAgePl_20092[1].exe                                                                                                                            (size mismatch) 408403968/0 bytes executable
File     C:\Users\Kinka\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DZIHFI34\InsaneColdBacktotheIceAgePl_20092[2].exe                                                                                                                            (size mismatch) 475643904/0 bytes executable
File     C:\Users\Kinka\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\GSN35HFF\InsaneColdBacktotheIceAgePl_20092[1].exe                                                                                                                            (size mismatch) 469598208/0 bytes executable
File     C:\Users\Kinka\AppData\Local\Temp\InsaneColdBacktotheIceAgePl_20092.exe                                                                                                                                                                                          (size mismatch) 497156096/0 bytes executable

---- EOF - GMER 2.1 ----