GMER 2.2.19882 - http://www.gmer.net Rootkit scan 2017-05-30 00:27:06 Windows 6.2.9200 x64 \Device\Harddisk0\DR0 -> \Device\00000030 SAMSUNG_MZMPC128HBFU-000H1 rev.CXM12H1Q 119,24GB Running: tu9xh4uc.exe; Driver: C:\Users\HP\AppData\Local\Temp\uglyiaow.sys ---- Threads - GMER 2.2 ---- Thread System [4:6360] ffff94893a0c2cd8 Thread System [4:6364] ffff94893a0fda1c Thread System [4:6392] ffff94893a106c84 Thread System [4:6396] ffff94893a105580 Thread System [4:6428] ffff94893a0ff1a4 Thread C:\WINDOWS\system32\svchost.exe [916:768] 00007ffb7e898ae0 Thread C:\WINDOWS\system32\svchost.exe [592:2880] 00007ffb73f339b0 Thread C:\WINDOWS\system32\svchost.exe [592:2896] 00007ffb72a41a50 Thread C:\WINDOWS\system32\svchost.exe [592:5632] 00007ffb79312cf0 Thread C:\WINDOWS\system32\svchost.exe [592:7372] 00007ffb751a6590 Thread C:\WINDOWS\system32\svchost.exe [592:620] 00007ffb7e791040 Thread C:\WINDOWS\system32\svchost.exe [592:7792] 00007ffb688b48e0 Thread C:\WINDOWS\system32\svchost.exe [592:7784] 00007ffb688b48e0 Thread C:\WINDOWS\system32\svchost.exe [592:8804] 00007ffb796a30f0 Thread C:\WINDOWS\system32\svchost.exe [592:4312] 00007ffb6e487ac0 Thread C:\WINDOWS\system32\svchost.exe [592:9748] 00007ffb6e487ac0 Thread C:\WINDOWS\System32\svchost.exe [1112:1620] 00007ffb79814e70 Thread C:\WINDOWS\System32\svchost.exe [1112:1648] 00007ffb797e9400 Thread C:\WINDOWS\System32\svchost.exe [1112:1660] 00007ffb79832f90 Thread C:\WINDOWS\System32\svchost.exe [1112:1664] 00007ffb79624310 Thread C:\WINDOWS\System32\svchost.exe [1112:2128] 00007ffb758a3520 Thread C:\WINDOWS\System32\svchost.exe [1112:3164] 00007ffb72862af0 Thread C:\WINDOWS\System32\svchost.exe [1112:3168] 00007ffb72862a40 Thread C:\WINDOWS\System32\svchost.exe [1112:4488] 00007ffb796d2e00 Thread C:\WINDOWS\System32\svchost.exe [1112:4820] 00007ffb811b59c0 Thread C:\WINDOWS\System32\svchost.exe [1112:4936] 00007ffb811b59c0 Thread C:\WINDOWS\System32\svchost.exe [1112:5000] 00007ffb811b59c0 Thread C:\WINDOWS\System32\svchost.exe [1112:5132] 00007ffb811b59c0 Thread C:\WINDOWS\System32\svchost.exe [1112:5136] 00007ffb811b59c0 Thread C:\WINDOWS\System32\svchost.exe [1112:5140] 00007ffb811b59c0 Thread C:\WINDOWS\System32\svchost.exe [1112:5144] 00007ffb811b59c0 Thread C:\WINDOWS\System32\svchost.exe [1112:5840] 00007ffb7285fdf0 Thread C:\WINDOWS\System32\svchost.exe [1112:5820] 00007ffb72855c80 Thread C:\WINDOWS\System32\svchost.exe [1112:7604] 00007ffb66f6f290 Thread C:\WINDOWS\System32\svchost.exe [1112:7632] 00007ffb66f2c990 Thread C:\WINDOWS\System32\svchost.exe [1112:7912] 00007ffb75f5dbe0 Thread C:\WINDOWS\System32\svchost.exe [1112:2448] 00007ffb75f5dbe0 Thread C:\WINDOWS\System32\svchost.exe [1112:8540] 00007ffb75f5dbe0 Thread C:\WINDOWS\system32\svchost.exe [1148:6292] 00007ffb4a8cb030 Thread C:\WINDOWS\system32\svchost.exe [1180:3080] 00007ffb72a6af40 Thread C:\WINDOWS\system32\svchost.exe [1180:3084] 00007ffb72a6ca00 Thread C:\WINDOWS\system32\svchost.exe [1180:4016] 00007ffb69b81240 Thread C:\WINDOWS\system32\svchost.exe [1180:4020] 00007ffb6b24a3b0 Thread C:\WINDOWS\system32\svchost.exe [1180:4176] 00007ffb688525e0 Thread C:\WINDOWS\system32\svchost.exe [1180:5956] 00007ffb64343bc0 Thread C:\WINDOWS\system32\svchost.exe [1180:4064] 00007ffb64342080 Thread C:\WINDOWS\system32\svchost.exe [1360:1456] 00007ffb7b50bf40 Thread C:\WINDOWS\system32\svchost.exe [1360:1464] 00007ffb7b5104f0 Thread C:\WINDOWS\system32\svchost.exe [1360:4356] 00007ffb6887b180 Thread C:\WINDOWS\system32\svchost.exe [1360:4368] 00007ffb6887f5f0 Thread C:\WINDOWS\system32\svchost.exe [1360:4920] 00007ffb6fae5bc0 Thread C:\WINDOWS\system32\svchost.exe [1360:4924] 00007ffb6faf7d70 Thread C:\WINDOWS\system32\svchost.exe [1360:10144] 00007ffb594659f0 Thread C:\WINDOWS\system32\svchost.exe [1360:6276] 00007ffb5948b2b0 Thread C:\WINDOWS\system32\svchost.exe [1360:4748] 00007ffb5948b2b0 Thread C:\WINDOWS\system32\svchost.exe [1360:9080] 00007ffb79e2e0b0 Thread C:\WINDOWS\system32\svchost.exe [1360:4188] 00007ffb79e2e0b0 Thread C:\WINDOWS\system32\svchost.exe [1360:8752] 00007ffb68896130 Thread C:\WINDOWS\System32\svchost.exe [1752:1780] 00007ffb778e3210 Thread C:\WINDOWS\System32\svchost.exe [1752:1788] 00007ffb77873ba0 Thread C:\WINDOWS\system32\svchost.exe [1820:1932] 00007ffb7741fa00 Thread C:\WINDOWS\system32\svchost.exe [1820:1948] 00007ffb76b910a0 Thread C:\WINDOWS\system32\svchost.exe [1820:2100] 00007ffb79312cf0 Thread C:\WINDOWS\system32\svchost.exe [1820:3996] 00007ffb759c5be0 Thread C:\WINDOWS\system32\svchost.exe [1820:4040] 00007ffb759c9b30 Thread C:\WINDOWS\system32\svchost.exe [1820:4072] 00007ffb79312cf0 Thread C:\WINDOWS\system32\svchost.exe [1968:1384] 00007ffb81ecb310 Thread C:\WINDOWS\system32\svchost.exe [1968:1640] 00007ffb75bf44b0 Thread C:\WINDOWS\system32\svchost.exe [1968:2104] 00007ffb7f436750 Thread C:\WINDOWS\System32\spoolsv.exe [1768:4328] 00007ffb6fae5bc0 Thread C:\WINDOWS\System32\spoolsv.exe [1768:4332] 00007ffb6fac2740 Thread C:\WINDOWS\System32\spoolsv.exe [1768:4480] 00007ffb685d1180 Thread C:\WINDOWS\System32\spoolsv.exe [1768:4496] 00007ffb68738e40 Thread C:\WINDOWS\system32\svchost.exe [2324:3308] 00007ffb71ce58c0 Thread C:\WINDOWS\system32\svchost.exe [2324:3412] 00007ffb71ce58c0 Thread C:\WINDOWS\System32\svchost.exe [5076:5804] 00007ffb75f5dbe0 Thread C:\WINDOWS\System32\svchost.exe [5076:5832] 00007ffb75f5dbe0 Thread C:\WINDOWS\Explorer.EXE [6160:6468] 00007ffb60e063b0 Thread C:\WINDOWS\Explorer.EXE [6160:6708] 00007ffb7fbafaa0 Thread C:\WINDOWS\Explorer.EXE [6160:6988] 00007ffb79312cf0 Thread C:\WINDOWS\Explorer.EXE [6160:7128] 00007ffb60e063b0 Thread C:\WINDOWS\Explorer.EXE [6160:3224] 00007ffb60e063b0 Thread C:\WINDOWS\Explorer.EXE [6160:5728] 00007ffb79312cf0 Thread C:\WINDOWS\Explorer.EXE [6160:6968] 00007ffb5a3ebb70 Thread C:\WINDOWS\Explorer.EXE [6160:4224] 00007ffb79312cf0 Thread C:\WINDOWS\Explorer.EXE [6160:4212] 00007ffb79312cf0 Thread C:\WINDOWS\Explorer.EXE [6160:7216] 00007ffb60e063b0 Thread C:\WINDOWS\Explorer.EXE [6160:7384] 00000000064e449c Thread C:\WINDOWS\Explorer.EXE [6160:7428] 0000000012394840 Thread C:\WINDOWS\Explorer.EXE [6160:7436] 000000001245dbb4 Thread C:\WINDOWS\Explorer.EXE [6160:7448] 000000001245dbb4 Thread C:\WINDOWS\Explorer.EXE [6160:7452] 000000001245dbb4 Thread C:\WINDOWS\Explorer.EXE [6160:7456] 000000001245dbb4 Thread C:\WINDOWS\Explorer.EXE [6160:7464] 00007ffb78eb1ba0 Thread C:\WINDOWS\Explorer.EXE [6160:7548] 00000000659e1dbc Thread C:\WINDOWS\Explorer.EXE [6160:6116] 00007ffb7e6c30f0 Thread C:\WINDOWS\Explorer.EXE [6160:1760] 00007ffb5dc9ffe0 Thread C:\WINDOWS\Explorer.EXE [6160:7020] 00007ffb764836f0 Thread C:\WINDOWS\Explorer.EXE [6160:10048] 00007ffb764920e0 Thread C:\WINDOWS\Explorer.EXE [6160:9196] 00007ffb3c9e2250 Thread C:\WINDOWS\Explorer.EXE [6160:7176] 00007ffb3c9fed90 Thread C:\WINDOWS\Explorer.EXE [6160:6480] 00007ffb764920e0 Thread C:\WINDOWS\Explorer.EXE [6160:3628] 00007ffb764920e0 Thread C:\WINDOWS\Explorer.EXE [6160:6488] 00000000656b8120 Thread C:\WINDOWS\Explorer.EXE [6160:10420] 00007ffb764920e0 Thread C:\WINDOWS\Explorer.EXE [6160:2200] 00007ffb75d87b50 Thread C:\Program Files\Microsoft Office\Office16\OUTLOOK.EXE [5876:3484] 00007ffb49dbcc00 Thread C:\Program Files\Microsoft Office\Office16\OUTLOOK.EXE [5876:3104] 00007ffb49dcd270 Thread C:\Program Files\Microsoft Office\Office16\OUTLOOK.EXE [5876:8444] 00007ffb53960d3c Thread C:\Program Files\Microsoft Office\Office16\OUTLOOK.EXE [5876:9448] 00007ffb53960d3c Thread C:\Program Files\Microsoft Office\Office16\OUTLOOK.EXE [5876:8956] 00007ffb53960d3c Thread C:\Program Files\Microsoft Office\Office16\OUTLOOK.EXE [5876:6552] 00007ffb53960d3c Thread C:\Program Files\Microsoft Office\Office16\OUTLOOK.EXE [5876:8252] 00007ffb53960d3c Thread C:\Program Files\Microsoft Office\Office16\OUTLOOK.EXE [5876:10016] 00007ffb4ae66234 Thread C:\Program Files\Microsoft Office\Office16\OUTLOOK.EXE [5876:10012] 00007ffb4ae1917c Thread C:\Program Files\Microsoft Office\Office16\OUTLOOK.EXE [5876:1268] 00007ffb4acab328 Thread C:\Program Files\Microsoft Office\Office16\OUTLOOK.EXE [5876:9552] 00007ffb4acd9668 Thread C:\Program Files\Microsoft Office\Office16\OUTLOOK.EXE [5876:7612] 00007ffb4424fea0 Thread C:\Program Files\Microsoft Office\Office16\OUTLOOK.EXE [5876:1980] 00007ffb43d99c20 Thread C:\Program Files\Microsoft Office\Office16\OUTLOOK.EXE [5876:7540] 00007ffb43d99c20 Thread C:\Program Files\Microsoft Office\Office16\OUTLOOK.EXE [5876:4140] 00007ffb459f50d0 Thread C:\Program Files\Microsoft Office\Office16\OUTLOOK.EXE [5876:6212] 00007ffb53960d3c Thread C:\Program Files\Microsoft Office\Office16\OUTLOOK.EXE [5876:7676] 00007ffb7fbafaa0 ---- Registry - GMER 2.2 ---- Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\kernel\RNG@RNGAuxiliarySeed 1314796574 Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\5891cf046fb8 Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\5891cf046fb8@001167a52b16 0x83 0x4C 0x12 0x65 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\5891cf046fb8@90e7c47584ff 0x12 0x0E 0xAC 0x5D ... Reg HKLM\SYSTEM\CurrentControlSet\Services\W32Time\SecureTimeLimits@SecureTimeEstimated 0x50 0x1E 0x20 0xFD ... Reg HKLM\SYSTEM\CurrentControlSet\Services\W32Time\SecureTimeLimits@SecureTimeHigh 0x50 0x86 0xE4 0x5E ... Reg HKLM\SYSTEM\CurrentControlSet\Services\W32Time\SecureTimeLimits@SecureTimeLow 0x50 0xB6 0x5B 0x9B ... Reg HKLM\SYSTEM\Setup\Upgrade\NsiMigrationRoot\60\0@Rw 0x64 0x62 0x03 0x00 ... Reg HKLM\SYSTEM\Setup\Upgrade\NsiMigrationRoot\60\0@RwMask 0x64 0x62 0x03 0x00 ... Reg HKLM\SYSTEM\Setup\Upgrade\NsiMigrationRoot\60\1@Rw 0x64 0x62 0x03 0x00 ... Reg HKLM\SYSTEM\Setup\Upgrade\NsiMigrationRoot\60\1@RwMask 0x64 0x62 0x03 0x00 ... Reg HKLM\SYSTEM\Setup\Upgrade\NsiMigrationRoot\60\2@Rw 0x64 0x62 0x03 0x00 ... Reg HKLM\SYSTEM\Setup\Upgrade\NsiMigrationRoot\60\2@RwMask 0x64 0x62 0x03 0x00 ... Reg HKLM\SYSTEM\Setup\Upgrade\NsiMigrationRoot\60\3@Rw 0x64 0x62 0x03 0x00 ... Reg HKLM\SYSTEM\Setup\Upgrade\NsiMigrationRoot\60\3@RwMask 0x64 0x62 0x03 0x00 ... Reg HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012017052220170523 Reg HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012017052220170523@CachePrefix :2017052220170523: Reg HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012017052220170523@CachePath C:\Users\HP\AppData\Local\Microsoft\Windows\History\History.IE5\MSHist012017052220170523 Reg HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012017052220170523@CacheRelativePath Microsoft\Windows\History\History.IE5\MSHist012017052220170523 Reg HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012017052220170523@CacheOptions 11 Reg HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012017052220170523@CacheRepair 0 Reg HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012017052220170523@CacheLimit 1 Reg HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012017052320170524 Reg HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012017052320170524@CachePrefix :2017052320170524: Reg HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012017052320170524@CachePath C:\Users\HP\AppData\Local\Microsoft\Windows\History\History.IE5\MSHist012017052320170524 Reg HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012017052320170524@CacheRelativePath Microsoft\Windows\History\History.IE5\MSHist012017052320170524 Reg HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012017052320170524@CacheOptions 11 Reg HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012017052320170524@CacheRepair 0 Reg HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012017052320170524@CacheLimit 1 Reg HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012017052420170525 Reg HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012017052420170525@CachePrefix :2017052420170525: Reg HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012017052420170525@CachePath C:\Users\HP\AppData\Local\Microsoft\Windows\History\History.IE5\MSHist012017052420170525 Reg HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012017052420170525@CacheRelativePath Microsoft\Windows\History\History.IE5\MSHist012017052420170525 Reg HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012017052420170525@CacheOptions 11 Reg HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012017052420170525@CacheRepair 0 Reg HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012017052420170525@CacheLimit 1 Reg HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012017052520170526 Reg HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012017052520170526@CachePrefix :2017052520170526: Reg HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012017052520170526@CachePath C:\Users\HP\AppData\Local\Microsoft\Windows\History\History.IE5\MSHist012017052520170526 Reg HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012017052520170526@CacheRelativePath Microsoft\Windows\History\History.IE5\MSHist012017052520170526 Reg HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012017052520170526@CacheOptions 11 Reg HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012017052520170526@CacheRepair 0 Reg HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012017052520170526@CacheLimit 1 Reg HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012017052620170527 Reg HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012017052620170527@CachePrefix :2017052620170527: Reg HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012017052620170527@CachePath C:\Users\HP\AppData\Local\Microsoft\Windows\History\History.IE5\MSHist012017052620170527 Reg HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012017052620170527@CacheRelativePath Microsoft\Windows\History\History.IE5\MSHist012017052620170527 Reg HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012017052620170527@CacheOptions 11 Reg HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012017052620170527@CacheRepair 0 Reg HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012017052620170527@CacheLimit 1 Reg HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012017052720170528 Reg HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012017052720170528@CachePrefix :2017052720170528: Reg HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012017052720170528@CachePath C:\Users\HP\AppData\Local\Microsoft\Windows\History\History.IE5\MSHist012017052720170528 Reg HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012017052720170528@CacheRelativePath Microsoft\Windows\History\History.IE5\MSHist012017052720170528 Reg HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012017052720170528@CacheOptions 11 Reg HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012017052720170528@CacheRepair 0 Reg HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012017052720170528@CacheLimit 1 Reg HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Search@JumpListChangedAppIds Chrome.UserData.ChromeDefaultData?OperaSoftware.OperaWebBrowser.1488912953? Reg HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Search\RecentApps\{FD2CC209-0191-4F75-8014-13916E67BFF9}\RecentItems\{AA624BE1-3322-4C5E-863B-819266418ABD} Reg HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Search\RecentApps\{FD2CC209-0191-4F75-8014-13916E67BFF9}\RecentItems\{AA624BE1-3322-4C5E-863B-819266418ABD}@Type 0 Reg HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Search\RecentApps\{FD2CC209-0191-4F75-8014-13916E67BFF9}\RecentItems\{AA624BE1-3322-4C5E-863B-819266418ABD}@Path C:\!!!zdarte!!!\HitmanPro v3.7.20 Build 286 Final Patched\HitmanPro v3.7.20 Build 286 Final Patched\Read Me.txt Reg HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Search\RecentApps\{FD2CC209-0191-4F75-8014-13916E67BFF9}\RecentItems\{AA624BE1-3322-4C5E-863B-819266418ABD}@DisplayName Read Me.txt Reg HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Search\RecentApps\{FD2CC209-0191-4F75-8014-13916E67BFF9}\RecentItems\{AA624BE1-3322-4C5E-863B-819266418ABD}@LastAccessedTime 0x00 0x00 0x00 0x00 ... Reg HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Search\RecentApps\{FD2CC209-0191-4F75-8014-13916E67BFF9}\RecentItems\{AA624BE1-3322-4C5E-863B-819266418ABD}@Points 0x00 0x00 0x00 0x00 Reg HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Search\RecentApps\{FD2CC209-0191-4F75-8014-13916E67BFF9}\RecentItems\{CD34D603-9289-4CCB-A540-5870E48623A1} Reg HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Search\RecentApps\{FD2CC209-0191-4F75-8014-13916E67BFF9}\RecentItems\{CD34D603-9289-4CCB-A540-5870E48623A1}@Type 0 Reg HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Search\RecentApps\{FD2CC209-0191-4F75-8014-13916E67BFF9}\RecentItems\{CD34D603-9289-4CCB-A540-5870E48623A1}@Path C:\Users\HP\Desktop\sobk?w\ASCII\SOBKOW P9_0001_A1 .XYZ Reg HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Search\RecentApps\{FD2CC209-0191-4F75-8014-13916E67BFF9}\RecentItems\{CD34D603-9289-4CCB-A540-5870E48623A1}@DisplayName SOBKOW P9_0001_A1 .XYZ Reg HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Search\RecentApps\{FD2CC209-0191-4F75-8014-13916E67BFF9}\RecentItems\{CD34D603-9289-4CCB-A540-5870E48623A1}@LastAccessedTime 0x00 0x00 0x00 0x00 ... Reg HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Search\RecentApps\{FD2CC209-0191-4F75-8014-13916E67BFF9}\RecentItems\{CD34D603-9289-4CCB-A540-5870E48623A1}@Points 0x00 0x00 0x00 0x00 ---- EOF - GMER 2.2 ----