GMER 2.2.19882 - http://www.gmer.net Rootkit scan 2017-04-19 15:24:33 Windows 6.2.9200 x64 Running: 34iu1clo.exe ---- Registry - GMER 2.2 ---- Reg HKLM\SYSTEM\CurrentControlSet\Control\MUI\StringCacheSettings@StringCacheGeneration 142 Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\kernel\RNG@RNGAuxiliarySeed 810007152 Reg HKLM\SYSTEM\CurrentControlSet\Services\aswRvrt\Parameters\Instup_14915461670782291@SetupOperations ???B?????B C?C?C?????????????????????????????????a?????????????????????????t?????????????]??? ???????B???????????B???????? ??????????????????????????B??????Commited?H???B?B?B?B?B?B?????????????????????????????????????????????????B??????????????????????????????? ??????????????????????????????? ???????B???????????????????? ??????????????????????????B??????Reverted?H???+?+?+?K?r???????????5??????0D???????????????????????????B??????????????????????? ???????B???????????????????? ??????????????????????????B???t??Reverted?:???????????????????????????????????????????i???????????????B???????????????????d??? ???????B???????????????????? ??????????????????????????B???)??Reverted?)???????????????????????????????????????????N?????tEM???????B???=???????\??????????? ???????B???????????????????? ??????????????????????????B???d??Reverted??????`??h???????????????????????????????????2???????????????B???\??????????????????? ???????B???????????????????? ??????????????????1???????B???H??Reverted?H???????????&?????????????????t??? Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\88532ed17daa Reg HKLM\SYSTEM\CurrentControlSet\Services\rdyboost\Parameters@LastBootPlanUserTime ??r.?, ?kwi ?19 ?17, 02:43:40?????????????????????????????????? Reg HKLM\SYSTEM\CurrentControlSet\Services\W32Time\SecureTimeLimits@SecureTimeEstimated 0xEB 0xDC 0x41 0xC4 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\W32Time\SecureTimeLimits@SecureTimeHigh 0xEB 0x44 0x06 0x26 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\W32Time\SecureTimeLimits@SecureTimeLow 0xEB 0x74 0x7D 0x62 ... Reg HKLM\SYSTEM\Setup\Upgrade\NsiMigrationRoot\60\0@Rw 0x64 0x62 0x03 0x00 ... Reg HKLM\SYSTEM\Setup\Upgrade\NsiMigrationRoot\60\0@RwMask 0x64 0x62 0x03 0x00 ... Reg HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Search\JumplistData@OperaSoftware.OperaWebBrowser.1453140238 0xD1 0xFD 0xA2 0x76 ... Reg HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Search\RecentApps\{5963EBAF-B20A-4DBA-9682-2486E778D15B}@LastAccessedTime 0xD0 0x97 0x4E 0x6B ... Reg HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Search\RecentApps\{5963EBAF-B20A-4DBA-9682-2486E778D15B}@LaunchCount 18 ---- EOF - GMER 2.2 ----