GMER 2.2.19882 - http://www.gmer.net
Rootkit scan 2017-05-30 21:39:38
Windows 6.2.9200  x64 \Device\Harddisk0\DR0 -> \Device\0000003a HGST_HTS721010A9E630 rev.JB0OA3J0 931,51GB
Running: 88cg4tdv.exe; Driver: C:\Users\Piotr\AppData\Local\Temp\pxldapow.sys


---- Kernel code sections - GMER 2.2 ----

.text  C:\Windows\System32\win32k.sys!W32pServiceTable                                                                                              fffff9600018ca00 15 bytes {ADD BL, CH; JMP 0x5}
.text  C:\Windows\System32\win32k.sys!W32pServiceTable + 16                                                                                         fffff9600018ca10 11 bytes [00, D6, FB, FF, 40, AA, BF, ...]

---- Registry - GMER 2.2 ----

Reg    HKLM\SYSTEM\CurrentControlSet\Control\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}\{C0C13D9C-FC5A-4CE8-92F6-9B7354E3E9B8}\Connection@Name  isatap.{DF0E1035-5DB3-4895-AA11-C5992BE4F609}
Reg    HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Kernel\RNG@RNGAuxiliarySeed                                                            571562600
Reg    HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\68172915814a                                                                  
Reg    HKLM\SYSTEM\CurrentControlSet\Services\iphlpsvc\Parameters\Isatap\{C0C13D9C-FC5A-4CE8-92F6-9B7354E3E9B8}@InterfaceName                       isatap.{DF0E1035-5DB3-4895-AA11-C5992BE4F609}
Reg    HKLM\SYSTEM\CurrentControlSet\Services\iphlpsvc\Parameters\Isatap\{C0C13D9C-FC5A-4CE8-92F6-9B7354E3E9B8}@ReusableType                        0
Reg    HKLM\SYSTEM\CurrentControlSet\Services\iphlpsvc\Parameters\Isatap\{C0C13D9C-FC5A-4CE8-92F6-9B7354E3E9B8}@DefunctTimestamp                    0x76 0xA5 0x2D 0x59 ...
Reg    HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Epoch@Epoch                                                                              13164
Reg    HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Epoch2@Epoch                                                                             10545
Reg    HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{DF0E1035-5DB3-4895-AA11-C5992BE4F609}@LeaseObtainedTime                  1496167736
Reg    HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{DF0E1035-5DB3-4895-AA11-C5992BE4F609}@T1                                 1496171336
Reg    HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{DF0E1035-5DB3-4895-AA11-C5992BE4F609}@T2                                 1496174036
Reg    HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{DF0E1035-5DB3-4895-AA11-C5992BE4F609}@LeaseTerminatesTime                1496174936

---- EOF - GMER 2.2 ----