GMER 2.2.19882 - http://www.gmer.net Rootkit scan 2017-08-01 22:19:50 Windows 6.2.9200 x64 Running: gmer.exe ---- Registry - GMER 2.2 ---- Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\kernel\RNG@RNGAuxiliarySeed 29186932 Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\kernel\RNG@RNGAuxiliarySeed 29186932 Reg HKLM\SYSTEM\CurrentControlSet\Services\aswRvrt\Parameters\Instup_15004920995152303@SetupOperations ?????????????????????????????????????????????0??????????????????????Package????????????????????t???????????????????????????t????????????? ???????????????????????????? ?????????????????????????????????Reverted???????????????????????????????????????????????????????t?????????????(??????????????????????????????????????????????????????????? ???????????????????????????? ?????????????????????????????????Reverted???????????????????????????????????t???????????????????tl(???????????A??????ix??????????????????????????????????????????????????? ???????????????????????????? ?????????????????????????????????Reverted? ?????????????????????????????????t?????????????????????????????????????????????????j???????????o??????????????????????????????? ???????????????????????????? ?????????????????????????????????Reverted???????????????????????????????????????????????????????t????????????????????????????????????????????????????????????????????????? ???????????????????????????? ?????????????????????????????????Reverted??????????????? Reg HKLM\SYSTEM\CurrentControlSet\Services\aswRvrt\Parameters\Instup_15004920995152303@SetupOperations ?????????????????????????????????????????????0??????????????????????Package????????????????????t???????????????????????????t????????????? ???????????????????????????? ?????????????????????????????????Reverted???????????????????????????????????????????????????????t?????????????(??????????????????????????????????????????????????????????? ???????????????????????????? ?????????????????????????????????Reverted???????????????????????????????????t???????????????????tl(???????????A??????ix??????????????????????????????????????????????????? ???????????????????????????? ?????????????????????????????????Reverted? ?????????????????????????????????t?????????????????????????????????????????????????j???????????o??????????????????????????????? ???????????????????????????? ?????????????????????????????????Reverted???????????????????????????????????????????????????????t????????????????????????????????????????????????????????????????????????? ???????????????????????????? ?????????????????????????????????Reverted??????????????? Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\1008b19143d0 Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\1008b19143d0@74e28c5440d7 0x96 0xBF 0x17 0xF3 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\1008b19143d0 Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\1008b19143d0@74e28c5440d7 0x96 0xBF 0x17 0xF3 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Epoch@Epoch 381 Reg HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Epoch2@Epoch 88 Reg HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Epoch@Epoch 381 Reg HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Epoch2@Epoch 88 Reg HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters@DhcpNameServer 192.168.43.1 Reg HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{3296ebf9-97ab-4672-af1a-1832541fbbdc}@DhcpIPAddress 192.168.43.219 Reg HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{3296ebf9-97ab-4672-af1a-1832541fbbdc}@DhcpServer 192.168.43.1 Reg HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{3296ebf9-97ab-4672-af1a-1832541fbbdc}@Lease 7200 Reg HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{3296ebf9-97ab-4672-af1a-1832541fbbdc}@LeaseObtainedTime 1501607698 Reg HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{3296ebf9-97ab-4672-af1a-1832541fbbdc}@T1 1501611298 Reg HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{3296ebf9-97ab-4672-af1a-1832541fbbdc}@T2 1501613998 Reg HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{3296ebf9-97ab-4672-af1a-1832541fbbdc}@LeaseTerminatesTime 1501614898 Reg HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{3296ebf9-97ab-4672-af1a-1832541fbbdc}@DhcpNetworkHint 35A75666F6779702E65647 Reg HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{3296ebf9-97ab-4672-af1a-1832541fbbdc}@DhcpNameServer 192.168.43.1 Reg HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{3296ebf9-97ab-4672-af1a-1832541fbbdc}@DhcpDefaultGateway 192.168.43.1? Reg HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{3296ebf9-97ab-4672-af1a-1832541fbbdc}\C496675626F687D203539323 Reg HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{3296ebf9-97ab-4672-af1a-1832541fbbdc}\C496675626F687D203539323@EnableDHCP 1 Reg HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{3296ebf9-97ab-4672-af1a-1832541fbbdc}\C496675626F687D203539323@Domain Reg HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{3296ebf9-97ab-4672-af1a-1832541fbbdc}\C496675626F687D203539323@NameServer Reg HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{3296ebf9-97ab-4672-af1a-1832541fbbdc}\C496675626F687D203539323@MTU 0 Reg HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{3296ebf9-97ab-4672-af1a-1832541fbbdc}\C496675626F687D203539323@UseZeroBroadcast 255 Reg HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{3296ebf9-97ab-4672-af1a-1832541fbbdc}\C496675626F687D203539323@DhcpIPAddress 192.168.1.13 Reg HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{3296ebf9-97ab-4672-af1a-1832541fbbdc}\C496675626F687D203539323@DhcpSubnetMask 255.255.255.0 Reg HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{3296ebf9-97ab-4672-af1a-1832541fbbdc}\C496675626F687D203539323@DhcpServer 192.168.1.1 Reg HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{3296ebf9-97ab-4672-af1a-1832541fbbdc}\C496675626F687D203539323@Lease 86400 Reg HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{3296ebf9-97ab-4672-af1a-1832541fbbdc}\C496675626F687D203539323@LeaseObtainedTime 1501580981 Reg HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{3296ebf9-97ab-4672-af1a-1832541fbbdc}\C496675626F687D203539323@T1 1501624181 Reg HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{3296ebf9-97ab-4672-af1a-1832541fbbdc}\C496675626F687D203539323@T2 1501656581 Reg HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{3296ebf9-97ab-4672-af1a-1832541fbbdc}\C496675626F687D203539323@LeaseTerminatesTime 1501667381 Reg HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{3296ebf9-97ab-4672-af1a-1832541fbbdc}\C496675626F687D203539323@AddressType 0 Reg HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{3296ebf9-97ab-4672-af1a-1832541fbbdc}\C496675626F687D203539323@IsServerNapAware 0 Reg HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{3296ebf9-97ab-4672-af1a-1832541fbbdc}\C496675626F687D203539323@DhcpConnForceBroadcastFlag 0 Reg HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{3296ebf9-97ab-4672-af1a-1832541fbbdc}\C496675626F687D203539323@DhcpNetworkHint C496675626F687D203539323 Reg HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{3296ebf9-97ab-4672-af1a-1832541fbbdc}\C496675626F687D203539323@DhcpDefaultGateway 192.168.1.1? Reg HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{3296ebf9-97ab-4672-af1a-1832541fbbdc}\C496675626F687D203539323@DhcpDomain home Reg HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{3296ebf9-97ab-4672-af1a-1832541fbbdc}\C496675626F687D203539323@DhcpNameServer 192.168.1.1 192.168.1.1 Reg HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{3296ebf9-97ab-4672-af1a-1832541fbbdc}\C496675626F687D203539323@DhcpSubnetMaskOpt 255.255.255.0? Reg HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{3296ebf9-97ab-4672-af1a-1832541fbbdc}\C496675626F687D203539323@DhcpInterfaceOptions Reg HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters@DhcpNameServer 192.168.43.1 Reg HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{3296ebf9-97ab-4672-af1a-1832541fbbdc}\C496675626F687D203539323@DhcpGatewayHardware 0xC0 0xA8 0x01 0x01 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{3296ebf9-97ab-4672-af1a-1832541fbbdc}\C496675626F687D203539323@DhcpGatewayHardwareCount 1 Reg HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{3296ebf9-97ab-4672-af1a-1832541fbbdc}@DhcpIPAddress 192.168.43.219 Reg HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{3296ebf9-97ab-4672-af1a-1832541fbbdc}@DhcpServer 192.168.43.1 Reg HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{3296ebf9-97ab-4672-af1a-1832541fbbdc}@Lease 7200 Reg HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{3296ebf9-97ab-4672-af1a-1832541fbbdc}@LeaseObtainedTime 1501607698 Reg HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{3296ebf9-97ab-4672-af1a-1832541fbbdc}@T1 1501611298 Reg HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{3296ebf9-97ab-4672-af1a-1832541fbbdc}@T2 1501613998 Reg HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{3296ebf9-97ab-4672-af1a-1832541fbbdc}@LeaseTerminatesTime 1501614898 Reg HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{3296ebf9-97ab-4672-af1a-1832541fbbdc}@DhcpNetworkHint 35A75666F6779702E65647 Reg HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{3296ebf9-97ab-4672-af1a-1832541fbbdc}@DhcpNameServer 192.168.43.1 Reg HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{3296ebf9-97ab-4672-af1a-1832541fbbdc}@DhcpDefaultGateway 192.168.43.1? Reg HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{3296ebf9-97ab-4672-af1a-1832541fbbdc}\C496675626F687D203539323 Reg HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{3296ebf9-97ab-4672-af1a-1832541fbbdc}\C496675626F687D203539323@EnableDHCP 1 Reg HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{3296ebf9-97ab-4672-af1a-1832541fbbdc}\C496675626F687D203539323@Domain Reg HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{3296ebf9-97ab-4672-af1a-1832541fbbdc}\C496675626F687D203539323@NameServer Reg HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{3296ebf9-97ab-4672-af1a-1832541fbbdc}\C496675626F687D203539323@MTU 0 Reg HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{3296ebf9-97ab-4672-af1a-1832541fbbdc}\C496675626F687D203539323@UseZeroBroadcast 255 Reg HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{3296ebf9-97ab-4672-af1a-1832541fbbdc}\C496675626F687D203539323@DhcpIPAddress 192.168.1.13 Reg HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{3296ebf9-97ab-4672-af1a-1832541fbbdc}\C496675626F687D203539323@DhcpSubnetMask 255.255.255.0 Reg HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{3296ebf9-97ab-4672-af1a-1832541fbbdc}\C496675626F687D203539323@DhcpServer 192.168.1.1 Reg HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{3296ebf9-97ab-4672-af1a-1832541fbbdc}\C496675626F687D203539323@Lease 86400 Reg HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{3296ebf9-97ab-4672-af1a-1832541fbbdc}\C496675626F687D203539323@LeaseObtainedTime 1501580981 Reg HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{3296ebf9-97ab-4672-af1a-1832541fbbdc}\C496675626F687D203539323@T1 1501624181 Reg HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{3296ebf9-97ab-4672-af1a-1832541fbbdc}\C496675626F687D203539323@T2 1501656581 Reg HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{3296ebf9-97ab-4672-af1a-1832541fbbdc}\C496675626F687D203539323@LeaseTerminatesTime 1501667381 Reg HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{3296ebf9-97ab-4672-af1a-1832541fbbdc}\C496675626F687D203539323@AddressType 0 Reg HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{3296ebf9-97ab-4672-af1a-1832541fbbdc}\C496675626F687D203539323@IsServerNapAware 0 Reg HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{3296ebf9-97ab-4672-af1a-1832541fbbdc}\C496675626F687D203539323@DhcpConnForceBroadcastFlag 0 Reg HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{3296ebf9-97ab-4672-af1a-1832541fbbdc}\C496675626F687D203539323@DhcpNetworkHint C496675626F687D203539323 Reg HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{3296ebf9-97ab-4672-af1a-1832541fbbdc}\C496675626F687D203539323@DhcpDefaultGateway 192.168.1.1? Reg HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{3296ebf9-97ab-4672-af1a-1832541fbbdc}\C496675626F687D203539323@DhcpDomain home Reg HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{3296ebf9-97ab-4672-af1a-1832541fbbdc}\C496675626F687D203539323@DhcpNameServer 192.168.1.1 192.168.1.1 Reg HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{3296ebf9-97ab-4672-af1a-1832541fbbdc}\C496675626F687D203539323@DhcpSubnetMaskOpt 255.255.255.0? Reg HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{3296ebf9-97ab-4672-af1a-1832541fbbdc}\C496675626F687D203539323@DhcpInterfaceOptions 0xFC 0x00 0x00 0x00 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{3296ebf9-97ab-4672-af1a-1832541fbbdc}\C496675626F687D203539323@DhcpGatewayHardware 0xC0 0xA8 0x01 0x01 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{3296ebf9-97ab-4672-af1a-1832541fbbdc}\C496675626F687D203539323@DhcpGatewayHardwareCount 1 Reg HKLM\SYSTEM\CurrentControlSet\Services\Tcpip6\Parameters\Interfaces\{3296ebf9-97ab-4672-af1a-1832541fbbdc}@DhcpV6NetworkHint 35A75666F6779702E65647 Reg HKLM\SYSTEM\CurrentControlSet\Services\Tcpip6\Parameters\Interfaces\{3296ebf9-97ab-4672-af1a-1832541fbbdc}@Dhcpv6InformationObtainedTime 1501607700 Reg HKLM\SYSTEM\CurrentControlSet\Services\Tcpip6\Parameters\Interfaces\{3296ebf9-97ab-4672-af1a-1832541fbbdc}@Dhcpv6InformationRefreshTime 86400 Reg HKLM\SYSTEM\CurrentControlSet\Services\Tcpip6\Parameters\Interfaces\{3296ebf9-97ab-4672-af1a-1832541fbbdc}\C496675626F687D203539323@Dhcpv6State 2 Reg HKLM\SYSTEM\CurrentControlSet\Services\Tcpip6\Parameters\Interfaces\{3296ebf9-97ab-4672-af1a-1832541fbbdc}\C496675626F687D203539323@Dhcpv6InformationObtainedTime 1501580982 Reg HKLM\SYSTEM\CurrentControlSet\Services\Tcpip6\Parameters\Interfaces\{3296ebf9-97ab-4672-af1a-1832541fbbdc}\C496675626F687D203539323@Dhcpv6InformationRefreshTime 86400 Reg HKLM\SYSTEM\CurrentControlSet\Services\Tcpip6\Parameters\Interfaces\{3296ebf9-97ab-4672-af1a-1832541fbbdc}@DhcpV6NetworkHint 35A75666F6779702E65647 Reg HKLM\SYSTEM\CurrentControlSet\Services\Tcpip6\Parameters\Interfaces\{3296ebf9-97ab-4672-af1a-1832541fbbdc}@Dhcpv6InformationObtainedTime 1501607700 Reg HKLM\SYSTEM\CurrentControlSet\Services\Tcpip6\Parameters\Interfaces\{3296ebf9-97ab-4672-af1a-1832541fbbdc}@Dhcpv6InformationRefreshTime 86400 Reg HKLM\SYSTEM\CurrentControlSet\Services\Tcpip6\Parameters\Interfaces\{3296ebf9-97ab-4672-af1a-1832541fbbdc}\C496675626F687D203539323@Dhcpv6State 2 Reg HKLM\SYSTEM\CurrentControlSet\Services\Tcpip6\Parameters\Interfaces\{3296ebf9-97ab-4672-af1a-1832541fbbdc}\C496675626F687D203539323@Dhcpv6InformationObtainedTime 1501580982 Reg HKLM\SYSTEM\CurrentControlSet\Services\Tcpip6\Parameters\Interfaces\{3296ebf9-97ab-4672-af1a-1832541fbbdc}\C496675626F687D203539323@Dhcpv6InformationRefreshTime 86400 Reg HKLM\SYSTEM\CurrentControlSet\Services\W32Time\SecureTimeLimits@SecureTimeEstimated 0xAF 0xAF 0x40 0x5C ... Reg HKLM\SYSTEM\CurrentControlSet\Services\W32Time\SecureTimeLimits@SecureTimeHigh 0xAF 0x17 0x05 0xBE ... Reg HKLM\SYSTEM\CurrentControlSet\Services\W32Time\SecureTimeLimits@SecureTimeLow 0xAF 0x47 0x7C 0xFA ... Reg HKLM\SYSTEM\CurrentControlSet\Services\W32Time\SecureTimeLimits@SecureTimeEstimated 0xAF 0xAF 0x40 0x5C ... Reg HKLM\SYSTEM\CurrentControlSet\Services\W32Time\SecureTimeLimits@SecureTimeHigh 0xAF 0x17 0x05 0xBE ... Reg HKLM\SYSTEM\CurrentControlSet\Services\W32Time\SecureTimeLimits@SecureTimeLow 0xAF 0x47 0x7C 0xFA ... Reg HKLM\SYSTEM\Setup\Upgrade\NsiMigrationRoot\60\0@Rw 0x64 0x62 0x03 0x00 ... Reg HKLM\SYSTEM\Setup\Upgrade\NsiMigrationRoot\60\0@RwMask 0x64 0x62 0x03 0x00 ... Reg HKLM\SYSTEM\Setup\Upgrade\NsiMigrationRoot\60\1@Rw 0x64 0x62 0x03 0x00 ... Reg HKLM\SYSTEM\Setup\Upgrade\NsiMigrationRoot\60\1@RwMask 0x64 0x62 0x03 0x00 ... Reg HKLM\SYSTEM\Setup\Upgrade\NsiMigrationRoot\60\0@Rw 0x64 0x62 0x03 0x00 ... Reg HKLM\SYSTEM\Setup\Upgrade\NsiMigrationRoot\60\0@RwMask 0x64 0x62 0x03 0x00 ... Reg HKLM\SYSTEM\Setup\Upgrade\NsiMigrationRoot\60\1@Rw 0x64 0x62 0x03 0x00 ... Reg HKLM\SYSTEM\Setup\Upgrade\NsiMigrationRoot\60\1@RwMask 0x64 0x62 0x03 0x00 ... Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Search\JumplistData Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Search\JumplistData@Chrome 0x32 0x08 0xE9 0x16 ... Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Search\JumplistData@{1AC14E77-02E7-4E5D-B744-2EB1AE5198B7}\notepad.exe 0xFA 0x64 0x60 0xF2 ... Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Search\JumplistData Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Search\JumplistData@Chrome 0x32 0x08 0xE9 0x16 ... Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Search\JumplistData@{1AC14E77-02E7-4E5D-B744-2EB1AE5198B7}\notepad.exe 0xFA 0x64 0x60 0xF2 ... Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Search\Microsoft.Windows.Cortana_cw5n1h2txyewy\AppsConstraintIndex@LatestConstraintIndexFolder C:\Users\katar\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\ConstraintIndex\Apps_{553f3856-5197-49c6-a111-5b4938877077} Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Search\Microsoft.Windows.Cortana_cw5n1h2txyewy\AppsConstraintIndex@LatestConstraintIndexFolder C:\Users\katar\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\ConstraintIndex\Apps_{553f3856-5197-49c6-a111-5b4938877077} Reg HKCU\Software\Microsoft\Windows NT\CurrentVersion\TileDataModel\ChangeId@ 164 ---- EOF - GMER 2.2 ----