GMER 2.2.19882 - http://www.gmer.net Rootkit scan 2016-04-04 23:17:05 Windows 6.2.9200 x64 \Device\Harddisk0\DR0 -> \Device\0000002e HGST_HTS545050A7E380 rev.GG2OACY0 465,76GB Running: l64nqwz8.exe; Driver: C:\Users\user\AppData\Local\Temp\aflcaaod.sys ---- Threads - GMER 2.2 ---- Thread C:\WINDOWS\system32\csrss.exe [5992:424] fffff9613c4f7300 ---- Registry - GMER 2.2 ---- Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\kernel\RNG@RNGAuxiliarySeed 297502932 Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\00271331500c Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\00271331500c@e8b4c8ca0066 0x28 0x28 0x36 0x7B ... Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\00271331500c@e8b4c8ca0382 0x34 0xF6 0xE7 0x98 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Upgrade\LocalRadioSettings Reg HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012016030720160314 Reg HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012016030720160314@CachePrefix :2016030720160314: Reg HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012016030720160314@CachePath C:\Users\user\AppData\Local\Microsoft\Windows\History\History.IE5\MSHist012016030720160314 Reg HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012016030720160314@CacheRelativePath Microsoft\Windows\History\History.IE5\MSHist012016030720160314 Reg HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012016030720160314@CacheOptions 11 Reg HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012016030720160314@CacheRepair 0 Reg HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012016030720160314@CacheLimit 8192 Reg HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012016033120160401 Reg HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012016033120160401@CachePrefix :2016033120160401: Reg HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012016033120160401@CachePath C:\Users\user\AppData\Local\Microsoft\Windows\History\History.IE5\MSHist012016033120160401 Reg HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012016033120160401@CacheRelativePath Microsoft\Windows\History\History.IE5\MSHist012016033120160401 Reg HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012016033120160401@CacheOptions 11 Reg HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012016033120160401@CacheRepair 0 Reg HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012016033120160401@CacheLimit 8192 ---- EOF - GMER 2.2 ----