GMER 2.2.19882 - http://www.gmer.net Rootkit scan 2017-04-02 22:29:15 Windows 6.2.9200 x64 Running: 750h7qol.exe ---- Registry - GMER 2.2 ---- Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\kernel\RNG@RNGAuxiliarySeed 1475680552 Reg HKLM\SYSTEM\CurrentControlSet\Services\aswRvrt\Parameters\Instup_14896485304212288@SetupOperations ???5?????5?6?6??????????????????????????????????????????? ???????4?????5?????5??????????P?>??????????????5?????????e????aswSnx???????5?5?5?5?5?5?5?5??????L??5?????????n????avast! virtualization driver (aswSnx)????????????\???????????????m??td???????????v???????O????P??5??????????????\SystemRoot\system32\drivers\aswSnx.sys?ys????????0??5??????????FSFilter Virtualization??????????5???????????e??FltMgr??????? ???????5?????5?????5? ???????? ?????????s??????? ??5???????????e??aswSnx Instance??????5?????5???5????? ???????5???????????5? ?????????????????????e???????5??????????137600???????5?5????????????????s??????5????? ???????5???????????5? ????????T??? ???????????? T??5??????????r???\??\C:\Program Files\AVAST Software\Avast????5?5????? P??5??????????????\??\C:\ProgramData\AVAST Software\Avast?????? ???????4?????5?????5? ????????N???????P????????5?????????e????aswSP????5?5?5?5?5?5?5?5??????.??5?????????n????avast! Self Protection??????????????????????????????????t????????????0??????OO????N??5???0????h439??\System Reg HKLM\SYSTEM\CurrentControlSet\Services\W32Time\SecureTimeLimits@SecureTimeEstimated 0xF7 0x08 0x29 0x54 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\W32Time\SecureTimeLimits@SecureTimeHigh 0xF7 0x70 0xED 0xB5 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\W32Time\SecureTimeLimits@SecureTimeLow 0xF7 0xA0 0x64 0xF2 ... Reg HKLM\SYSTEM\Setup\Upgrade\NsiMigrationRoot\60\0@Rw 0x64 0x62 0x03 0x00 ... Reg HKLM\SYSTEM\Setup\Upgrade\NsiMigrationRoot\60\0@RwMask 0x64 0x62 0x03 0x00 ... Reg HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Search\JumplistData@OperaSoftware.OperaWebBrowser.1455115975 0xB2 0xDC 0xB1 0x59 ... Reg HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Search\RecentApps\{4DA0C6AF-CE16-440E-9B96-A8F923E4CCEB} Reg HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Search\RecentApps\{4DA0C6AF-CE16-440E-9B96-A8F923E4CCEB}@LastAccessedTime 0x80 0x70 0x1E 0x6A ... Reg HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Search\RecentApps\{4DA0C6AF-CE16-440E-9B96-A8F923E4CCEB}@AppId C:\Users\tom615\Desktop\Resident_Evil_7_Crack_cpy.exe Reg HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Search\RecentApps\{4DA0C6AF-CE16-440E-9B96-A8F923E4CCEB}@LaunchCount 1 Reg HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Search\RecentApps\{A55DFD9E-6B99-4B10-8F59-EEDDF520A858}@LastAccessedTime 0xA0 0x77 0x2E 0x80 ... Reg HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Search\RecentApps\{A55DFD9E-6B99-4B10-8F59-EEDDF520A858}@LaunchCount 12 Reg HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Search\RecentApps\{B11BFD49-48E5-4657-A28F-1BF149369A18} Reg HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Search\RecentApps\{B11BFD49-48E5-4657-A28F-1BF149369A18}@LastAccessedTime 0x10 0x34 0x20 0xD0 ... Reg HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Search\RecentApps\{B11BFD49-48E5-4657-A28F-1BF149369A18}@AppId C:\Users\tom615\Desktop\adwcleaner_6.042.exe Reg HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Search\RecentApps\{B11BFD49-48E5-4657-A28F-1BF149369A18}@LaunchCount 1 Reg HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Security and Maintenance@MessageTime 0x3A 0x31 0x1C 0xD3 ... ---- EOF - GMER 2.2 ----