GMER 2.2.19882 - http://www.gmer.net Rootkit scan 2016-06-09 12:09:29 Windows 6.2.9200 x64 \Device\Harddisk0\DR0 -> \Device\00000029 ST3250318AS rev.HP40 232,89GB Running: k92c4eti.exe; Driver: C:\Users\Pc\AppData\Local\Temp\uwrcyuoc.sys ---- Threads - GMER 2.2 ---- Thread C:\WINDOWS\system32\csrss.exe [624:676] fffff96127714060 Thread C:\WINDOWS\Explorer.EXE [3440:2108] 00007ffae6270250 ---- Registry - GMER 2.2 ---- Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\kernel\RNG@RNGAuxiliarySeed -1397052137 Reg HKLM\SYSTEM\CurrentControlSet\Services\W32Time\SecureTimeLimits@SecureTimeEstimated 0xFD 0x39 0x6E 0x60 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\W32Time\SecureTimeLimits@SecureTimeHigh 0xFD 0xA1 0x32 0xC2 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\W32Time\SecureTimeLimits@SecureTimeLow 0xFD 0xD1 0xA9 0xFE ... Reg HKLM\SYSTEM\CurrentControlSet\Services\W32Time\SecureTimeLimits@SecureTimeTickCount 0xA6 0x5C 0x0A 0x00 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\WinDefend@FailureCommand C:\WINDOWS\system32\mrt.exe /EHB /ServiceFailure "CAMP=4.9.10586.0;approximate-> Engine=1.1.12805.0;AVSIG=1.223.1028.0;ASSIG=1.223.1028.0" /StartService /Defender /q Reg HKCU\SOFTWARE\Microsoft\Windows\Windows Error Reporting\Debug@StoreLocation C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_Microsoft.Window_4df4c5fadc77338f8a473a0b3499b4692f59_00c55871_0d24f9b7 ---- EOF - GMER 2.2 ----