API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Sep 2nd, 2015
113
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 36.30 KB | None | 0 0
raw download clone embed print report
  1. GMER 2.1.19357 - http://www.gmer.net
  2. Rootkit scan 2015-08-31 19:13:58
  3. Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 TOSHIBA_ rev.GS00 298,09GB
  4. Running: 1w435to2.exe; Driver: C:\Users\Yazan\AppData\Local\Temp\pgloypob.sys
  5.  
  6.  
  7. ---- User IAT/EAT - GMER 2.1 ----
  8.  
  9. IAT C:\Windows\system32\svchost.exe[556] @ c:\windows\system32\themeservice.dll[KERNEL32.dll!GetProcAddress] [7fefa442960] c:\windows\system32\uxtuneup.dll
  10. IAT C:\Windows\system32\svchost.exe[556] @ c:\windows\system32\themeservice.dll[KERNEL32.dll!ReadFile] [7fefa442840] c:\windows\system32\uxtuneup.dll
  11. IAT C:\Windows\system32\msiexec.exe[5888] @ C:\Windows\system32\msiexec.exe[ADVAPI32.dll!RegCreateKeyExW] [7fef191b4f4] C:\Windows\AppPatch\AppPatch64\AcGenral.DLL
  12. IAT C:\Windows\system32\msiexec.exe[5888] @ C:\Windows\system32\msiexec.exe[ADVAPI32.dll!RegDeleteValueW] [7fef191bbc8] C:\Windows\AppPatch\AppPatch64\AcGenral.DLL
  13. IAT C:\Windows\system32\msiexec.exe[5888] @ C:\Windows\system32\msiexec.exe[ADVAPI32.dll!RegOpenKeyExW] [7fef191b6d0] C:\Windows\AppPatch\AppPatch64\AcGenral.DLL
  14. IAT C:\Windows\system32\msiexec.exe[5888] @ C:\Windows\system32\msiexec.exe[ADVAPI32.dll!RegSetValueExW] [7fef191baa8] C:\Windows\AppPatch\AppPatch64\AcGenral.DLL
  15. IAT C:\Windows\system32\msiexec.exe[5888] @ C:\Windows\system32\msiexec.exe[KERNEL32.dll!GetProcAddress] [7fefc974230] C:\Windows\system32\apphelp.dll
  16. IAT C:\Windows\system32\msiexec.exe[5888] @ C:\Windows\system32\ADVAPI32.dll[KERNEL32.dll!CopyFileW] [7fef191a184] C:\Windows\AppPatch\AppPatch64\AcGenral.DLL
  17. IAT C:\Windows\system32\msiexec.exe[5888] @ C:\Windows\system32\ADVAPI32.dll[KERNEL32.dll!GetProcAddress] [7fefc974230] C:\Windows\system32\apphelp.dll
  18. IAT C:\Windows\system32\msiexec.exe[5888] @ C:\Windows\system32\ADVAPI32.dll[KERNEL32.dll!CreateFileW] [7fef191a42c] C:\Windows\AppPatch\AppPatch64\AcGenral.DLL
  19. IAT C:\Windows\system32\msiexec.exe[5888] @ C:\Windows\system32\ADVAPI32.dll[KERNEL32.dll!DeleteFileW] [7fef191a5e4] C:\Windows\AppPatch\AppPatch64\AcGenral.DLL
  20. IAT C:\Windows\system32\msiexec.exe[5888] @ C:\Windows\system32\USER32.dll[KERNEL32.dll!RegOpenKeyExW] [7fef191b6d0] C:\Windows\AppPatch\AppPatch64\AcGenral.DLL
  21. IAT C:\Windows\system32\msiexec.exe[5888] @ C:\Windows\system32\USER32.dll[KERNEL32.dll!RegCreateKeyExW] [7fef191b4f4] C:\Windows\AppPatch\AppPatch64\AcGenral.DLL
  22. IAT C:\Windows\system32\msiexec.exe[5888] @ C:\Windows\system32\USER32.dll[KERNEL32.dll!RegSetValueExW] [7fef191baa8] C:\Windows\AppPatch\AppPatch64\AcGenral.DLL
  23. IAT C:\Windows\system32\msiexec.exe[5888] @ C:\Windows\system32\USER32.dll[KERNEL32.dll!GetProcAddress] [7fefc974230] C:\Windows\system32\apphelp.dll
  24. IAT C:\Windows\system32\msiexec.exe[5888] @ C:\Windows\system32\USER32.dll[KERNEL32.dll!CreateFileW] [7fef191a42c] C:\Windows\AppPatch\AppPatch64\AcGenral.DLL
  25. IAT C:\Windows\system32\msiexec.exe[5888] @ C:\Windows\system32\GDI32.dll[KERNEL32.dll!CopyFileW] [7fef191a184] C:\Windows\AppPatch\AppPatch64\AcGenral.DLL
  26. IAT C:\Windows\system32\msiexec.exe[5888] @ C:\Windows\system32\GDI32.dll[KERNEL32.dll!DeleteFileW] [7fef191a5e4] C:\Windows\AppPatch\AppPatch64\AcGenral.DLL
  27. IAT C:\Windows\system32\msiexec.exe[5888] @ C:\Windows\system32\GDI32.dll[KERNEL32.dll!CreateFileW] [7fef191a42c] C:\Windows\AppPatch\AppPatch64\AcGenral.DLL
  28. IAT C:\Windows\system32\msiexec.exe[5888] @ C:\Windows\system32\GDI32.dll[KERNEL32.dll!GetProcAddress] [7fefc974230] C:\Windows\system32\apphelp.dll
  29. IAT C:\Windows\system32\msiexec.exe[5888] @ C:\Windows\system32\msi.dll[ADVAPI32.dll!SetFileSecurityW] [7fef191bcb0] C:\Windows\AppPatch\AppPatch64\AcGenral.DLL
  30. IAT C:\Windows\system32\msiexec.exe[5888] @ C:\Windows\system32\msi.dll[ADVAPI32.dll!RegCreateKeyExW] [7fef191b4f4] C:\Windows\AppPatch\AppPatch64\AcGenral.DLL
  31. IAT C:\Windows\system32\msiexec.exe[5888] @ C:\Windows\system32\msi.dll[ADVAPI32.dll!RegSetValueExA] [7fef191ba0c] C:\Windows\AppPatch\AppPatch64\AcGenral.DLL
  32. IAT C:\Windows\system32\msiexec.exe[5888] @ C:\Windows\system32\msi.dll[ADVAPI32.dll!RegOpenKeyExW] [7fef191b6d0] C:\Windows\AppPatch\AppPatch64\AcGenral.DLL
  33. IAT C:\Windows\system32\msiexec.exe[5888] @ C:\Windows\system32\msi.dll[ADVAPI32.dll!RegDeleteValueW] [7fef191bbc8] C:\Windows\AppPatch\AppPatch64\AcGenral.DLL
  34. IAT C:\Windows\system32\msiexec.exe[5888] @ C:\Windows\system32\msi.dll[ADVAPI32.dll!RegDeleteKeyW] [7fef191d12c] C:\Windows\AppPatch\AppPatch64\AcGenral.DLL
  35. IAT C:\Windows\system32\msiexec.exe[5888] @ C:\Windows\system32\msi.dll[ADVAPI32.dll!RegSetValueExW] [7fef191baa8] C:\Windows\AppPatch\AppPatch64\AcGenral.DLL
  36. IAT C:\Windows\system32\msiexec.exe[5888] @ C:\Windows\system32\msi.dll[KERNEL32.dll!MoveFileExW] [7fef191a804] C:\Windows\AppPatch\AppPatch64\AcGenral.DLL
  37. IAT C:\Windows\system32\msiexec.exe[5888] @ C:\Windows\system32\msi.dll[KERNEL32.dll!SetFileAttributesW] [7fef191abe0] C:\Windows\AppPatch\AppPatch64\AcGenral.DLL
  38. IAT C:\Windows\system32\msiexec.exe[5888] @ C:\Windows\system32\msi.dll[KERNEL32.dll!MoveFileW] [7fef191a6e0] C:\Windows\AppPatch\AppPatch64\AcGenral.DLL
  39. IAT C:\Windows\system32\msiexec.exe[5888] @ C:\Windows\system32\msi.dll[KERNEL32.dll!DeleteFileW] [7fef191a5e4] C:\Windows\AppPatch\AppPatch64\AcGenral.DLL
  40. IAT C:\Windows\system32\msiexec.exe[5888] @ C:\Windows\system32\msi.dll[KERNEL32.dll!CreateFileW] [7fef191a42c] C:\Windows\AppPatch\AppPatch64\AcGenral.DLL
  41. IAT C:\Windows\system32\msiexec.exe[5888] @ C:\Windows\system32\msi.dll[KERNEL32.dll!GetProcAddress] [7fefc974230] C:\Windows\system32\apphelp.dll
  42. IAT C:\Windows\system32\msiexec.exe[5888] @ C:\Windows\system32\SHELL32.dll[KERNEL32.dll!CopyFileW] [7fef191a184] C:\Windows\AppPatch\AppPatch64\AcGenral.DLL
  43. IAT C:\Windows\system32\msiexec.exe[5888] @ C:\Windows\system32\SHELL32.dll[KERNEL32.dll!MoveFileExW] [7fef191a804] C:\Windows\AppPatch\AppPatch64\AcGenral.DLL
  44. IAT C:\Windows\system32\msiexec.exe[5888] @ C:\Windows\system32\SHELL32.dll[KERNEL32.dll!MoveFileW] [7fef191a6e0] C:\Windows\AppPatch\AppPatch64\AcGenral.DLL
  45. IAT C:\Windows\system32\msiexec.exe[5888] @ C:\Windows\system32\SHLWAPI.dll[KERNEL32.dll!DeleteFileW] [7fef191a5e4] C:\Windows\AppPatch\AppPatch64\AcGenral.DLL
  46. IAT C:\Windows\system32\msiexec.exe[5888] @ C:\Windows\system32\SHLWAPI.dll[KERNEL32.dll!CreateFileW] [7fef191a42c] C:\Windows\AppPatch\AppPatch64\AcGenral.DLL
  47. IAT C:\Windows\system32\msiexec.exe[5888] @ C:\Windows\system32\SHLWAPI.dll[KERNEL32.dll!SetFileAttributesW] [7fef191abe0] C:\Windows\AppPatch\AppPatch64\AcGenral.DLL
  48. IAT C:\Windows\system32\msiexec.exe[5888] @ C:\Windows\system32\SHLWAPI.dll[KERNEL32.dll!SetFileAttributesA] [7fef191ab7c] C:\Windows\AppPatch\AppPatch64\AcGenral.DLL
  49. IAT C:\Windows\system32\msiexec.exe[5888] @ C:\Windows\system32\SHLWAPI.dll[KERNEL32.dll!GetProcAddress] [7fefc974230] C:\Windows\system32\apphelp.dll
  50. IAT C:\Windows\system32\msiexec.exe[5888] @ C:\Windows\system32\SHLWAPI.dll[KERNEL32.dll!CreateFileA] [7fef191a2d8] C:\Windows\AppPatch\AppPatch64\AcGenral.DLL
  51. IAT C:\Windows\system32\msiexec.exe[5888] @ C:\Windows\system32\WINSPOOL.DRV[KERNEL32.dll!DeleteFileW] [7fef191a5e4] C:\Windows\AppPatch\AppPatch64\AcGenral.DLL
  52. IAT C:\Windows\system32\msiexec.exe[5888] @ C:\Windows\system32\WINSPOOL.DRV[KERNEL32.dll!MoveFileExW] [7fef191a804] C:\Windows\AppPatch\AppPatch64\AcGenral.DLL
  53. IAT C:\Windows\system32\msiexec.exe[5888] @ C:\Windows\system32\WINSPOOL.DRV[KERNEL32.dll!SetFileAttributesW] [7fef191abe0] C:\Windows\AppPatch\AppPatch64\AcGenral.DLL
  54. IAT C:\Windows\system32\msiexec.exe[5888] @ C:\Windows\system32\WINSPOOL.DRV[KERNEL32.dll!CopyFileW] [7fef191a184] C:\Windows\AppPatch\AppPatch64\AcGenral.DLL
  55. IAT C:\Windows\system32\msiexec.exe[5888] @ C:\Windows\system32\WINSPOOL.DRV[KERNEL32.dll!CreateFileW] [7fef191a42c] C:\Windows\AppPatch\AppPatch64\AcGenral.DLL
  56. IAT C:\Windows\system32\msiexec.exe[5888] @ C:\Windows\system32\WINSPOOL.DRV[KERNEL32.dll!GetProcAddress] [7fefc974230] C:\Windows\system32\apphelp.dll
  57. IAT C:\Windows\system32\msiexec.exe[5888] @ C:\Windows\system32\MPR.dll[KERNEL32.dll!GetProcAddress] [7fefc974230] C:\Windows\system32\apphelp.dll
  58. IAT C:\Windows\system32\msiexec.exe[5888] @ C:\Windows\system32\sfc_os.DLL[KERNEL32.dll!GetProcAddress] [7fefc974230] C:\Windows\system32\apphelp.dll
  59. IAT C:\Windows\system32\msiexec.exe[5888] @ C:\Windows\system32\USERENV.dll[KERNEL32.dll!PrivCopyFileExW] [7fef191ab04] C:\Windows\AppPatch\AppPatch64\AcGenral.DLL
  60. IAT C:\Windows\system32\msiexec.exe[5888] @ C:\Windows\system32\USERENV.dll[KERNEL32.dll!MoveFileExW] [7fef191a804] C:\Windows\AppPatch\AppPatch64\AcGenral.DLL
  61. IAT C:\Windows\system32\msiexec.exe[5888] @ C:\Windows\system32\dwmapi.dll[KERNEL32.dll!GetProcAddress] [7fefc974230] C:\Windows\system32\apphelp.dll
  62. IAT C:\Windows\system32\msiexec.exe[5888] @ C:\Windows\system32\IMM32.DLL[KERNEL32.dll!OpenFile] [7fef191a890] C:\Windows\AppPatch\AppPatch64\AcGenral.DLL
  63. IAT C:\Windows\system32\msiexec.exe[5888] @ C:\Windows\system32\IMM32.DLL[KERNEL32.dll!CreateFileW] [7fef191a42c] C:\Windows\AppPatch\AppPatch64\AcGenral.DLL
  64. IAT C:\Windows\system32\msiexec.exe[5888] @ C:\Windows\system32\IMM32.DLL[KERNEL32.dll!GetProcAddress] [7fefc974230] C:\Windows\system32\apphelp.dll
  65. IAT C:\Windows\system32\msiexec.exe[5888] @ C:\Windows\system32\MSCTF.dll[KERNEL32.dll!GetProcAddress] [7fefc974230] C:\Windows\system32\apphelp.dll
  66. IAT C:\Windows\system32\msiexec.exe[5888] @ C:\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757\COMCTL32.DLL[KERNEL32.dll!CreateFileW] [7fef191a42c] C:\Windows\AppPatch\AppPatch64\AcGenral.DLL
  67. IAT C:\Windows\system32\msiexec.exe[5888] @ C:\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757\COMCTL32.DLL[KERNEL32.dll!GetProcAddress] [7fefc974230] C:\Windows\system32\apphelp.dll
  68. IAT C:\Windows\system32\msiexec.exe[5888] @ C:\Windows\system32\CLBCatQ.DLL[ADVAPI32.dll!RegDeleteValueW] [7fef191bbc8] C:\Windows\AppPatch\AppPatch64\AcGenral.DLL
  69. IAT C:\Windows\system32\msiexec.exe[5888] @ C:\Windows\system32\CLBCatQ.DLL[ADVAPI32.dll!RegCreateKeyExW] [7fef191b4f4] C:\Windows\AppPatch\AppPatch64\AcGenral.DLL
  70. IAT C:\Windows\system32\msiexec.exe[5888] @ C:\Windows\system32\CLBCatQ.DLL[ADVAPI32.dll!RegSetValueExW] [7fef191baa8] C:\Windows\AppPatch\AppPatch64\AcGenral.DLL
  71. IAT C:\Windows\system32\msiexec.exe[5888] @ C:\Windows\system32\CLBCatQ.DLL[ADVAPI32.dll!RegOpenKeyExW] [7fef191b6d0] C:\Windows\AppPatch\AppPatch64\AcGenral.DLL
  72. IAT C:\Windows\system32\msiexec.exe[5888] @ C:\Windows\system32\CLBCatQ.DLL[KERNEL32.dll!MoveFileExW] [7fef191a804] C:\Windows\AppPatch\AppPatch64\AcGenral.DLL
  73. IAT C:\Windows\system32\msiexec.exe[5888] @ C:\Windows\system32\CLBCatQ.DLL[KERNEL32.dll!CreateFileW] [7fef191a42c] C:\Windows\AppPatch\AppPatch64\AcGenral.DLL
  74. IAT C:\Windows\system32\msiexec.exe[5888] @ C:\Windows\system32\CLBCatQ.DLL[KERNEL32.dll!SetFileAttributesW] [7fef191abe0] C:\Windows\AppPatch\AppPatch64\AcGenral.DLL
  75. IAT C:\Windows\system32\msiexec.exe[5888] @ C:\Windows\system32\CLBCatQ.DLL[KERNEL32.dll!MoveFileW] [7fef191a6e0] C:\Windows\AppPatch\AppPatch64\AcGenral.DLL
  76. IAT C:\Windows\system32\msiexec.exe[5888] @ C:\Windows\system32\CLBCatQ.DLL[KERNEL32.dll!DeleteFileW] [7fef191a5e4] C:\Windows\AppPatch\AppPatch64\AcGenral.DLL
  77. IAT C:\Windows\system32\msiexec.exe[5888] @ C:\Windows\system32\CLBCatQ.DLL[KERNEL32.dll!GetProcAddress] [7fefc974230] C:\Windows\system32\apphelp.dll
  78. IAT C:\Windows\system32\msiexec.exe[5888] @ C:\Windows\system32\OLEAUT32.dll[KERNEL32.dll!GetProcAddress] [7fefc974230] C:\Windows\system32\apphelp.dll
  79. IAT C:\Windows\system32\msiexec.exe[5888] @ C:\Windows\system32\OLEAUT32.dll[KERNEL32.dll!_lwrite] [7fef191aa1c] C:\Windows\AppPatch\AppPatch64\AcGenral.DLL
  80. IAT C:\Windows\system32\msiexec.exe[5888] @ C:\Windows\system32\OLEAUT32.dll[KERNEL32.dll!CreateFileW] [7fef191a42c] C:\Windows\AppPatch\AppPatch64\AcGenral.DLL
  81. IAT C:\Windows\system32\msiexec.exe[5888] @ C:\Windows\system32\OLEAUT32.dll[KERNEL32.dll!CreateFileA] [7fef191a2d8] C:\Windows\AppPatch\AppPatch64\AcGenral.DLL
  82. IAT C:\Windows\system32\msiexec.exe[5888] @ C:\Windows\system32\rsaenh.dll[KERNEL32.dll!DeleteFileW] [7fef191a5e4] C:\Windows\AppPatch\AppPatch64\AcGenral.DLL
  83. IAT C:\Windows\system32\msiexec.exe[5888] @ C:\Windows\system32\rsaenh.dll[KERNEL32.dll!CreateFileW] [7fef191a42c] C:\Windows\AppPatch\AppPatch64\AcGenral.DLL
  84. IAT C:\Windows\system32\msiexec.exe[5888] @ C:\Windows\system32\rsaenh.dll[KERNEL32.dll!RegCreateKeyExA] [7fef191b3dc] C:\Windows\AppPatch\AppPatch64\AcGenral.DLL
  85. IAT C:\Windows\system32\msiexec.exe[5888] @ C:\Windows\system32\rsaenh.dll[KERNEL32.dll!GetProcAddress] [7fefc974230] C:\Windows\system32\apphelp.dll
  86. IAT C:\Windows\system32\msiexec.exe[5888] @ C:\Windows\system32\rsaenh.dll[KERNEL32.dll!MoveFileExW] [7fef191a804] C:\Windows\AppPatch\AppPatch64\AcGenral.DLL
  87. IAT C:\Windows\system32\msiexec.exe[5888] @ C:\Windows\system32\rsaenh.dll[KERNEL32.dll!RegSetValueExA] [7fef191ba0c] C:\Windows\AppPatch\AppPatch64\AcGenral.DLL
  88. IAT C:\Windows\system32\msiexec.exe[5888] @ C:\Windows\system32\wkscli.dll[KERNEL32.dll!GetProcAddress] [7fefc974230] C:\Windows\system32\apphelp.dll
  89. IAT C:\Windows\system32\msiexec.exe[5888] @ C:\Windows\system32\VERSION.DLL[KERNEL32.dll!_lcreat] [7fef191a9a0] C:\Windows\AppPatch\AppPatch64\AcGenral.DLL
  90. IAT C:\Windows\system32\msiexec.exe[5888] @ C:\Windows\system32\VERSION.DLL[KERNEL32.dll!_lopen] [7fef191a924] C:\Windows\AppPatch\AppPatch64\AcGenral.DLL
  91. IAT C:\Windows\system32\msiexec.exe[5888] @ C:\Windows\system32\VERSION.DLL[KERNEL32.dll!_lwrite] [7fef191aa1c] C:\Windows\AppPatch\AppPatch64\AcGenral.DLL
  92. IAT C:\Windows\system32\msiexec.exe[5888] @ C:\Windows\system32\VERSION.DLL[KERNEL32.dll!DeleteFileA] [7fef191a580] C:\Windows\AppPatch\AppPatch64\AcGenral.DLL
  93. IAT C:\Windows\system32\msiexec.exe[5888] @ C:\Windows\system32\VERSION.DLL[KERNEL32.dll!GetProcAddress] [7fefc974230] C:\Windows\system32\apphelp.dll
  94. IAT C:\Windows\system32\msiexec.exe[5888] @ C:\Windows\system32\VERSION.DLL[KERNEL32.dll!CreateFileW] [7fef191a42c] C:\Windows\AppPatch\AppPatch64\AcGenral.DLL
  95. IAT C:\Windows\system32\msiexec.exe[5888] @ C:\Windows\system32\VERSION.DLL[KERNEL32.dll!DeleteFileW] [7fef191a5e4] C:\Windows\AppPatch\AppPatch64\AcGenral.DLL
  96. IAT C:\Windows\system32\msiexec.exe[5888] @ C:\Windows\system32\VERSION.DLL[KERNEL32.dll!MoveFileW] [7fef191a6e0] C:\Windows\AppPatch\AppPatch64\AcGenral.DLL
  97. IAT C:\Windows\system32\msiexec.exe[5888] @ C:\Windows\system32\ncrypt.dll[KERNEL32.dll!DeleteFileW] [7fef191a5e4] C:\Windows\AppPatch\AppPatch64\AcGenral.DLL
  98. IAT C:\Windows\system32\msiexec.exe[5888] @ C:\Windows\system32\ncrypt.dll[KERNEL32.dll!CreateFileW] [7fef191a42c] C:\Windows\AppPatch\AppPatch64\AcGenral.DLL
  99. IAT C:\Windows\system32\msiexec.exe[5888] @ C:\Windows\system32\ncrypt.dll[KERNEL32.dll!MoveFileExW] [7fef191a804] C:\Windows\AppPatch\AppPatch64\AcGenral.DLL
  100. IAT C:\Windows\system32\msiexec.exe[5888] @ C:\Windows\system32\bcrypt.dll[KERNEL32.dll!GetProcAddress] [7fefc974230] C:\Windows\system32\apphelp.dll
  101. IAT C:\Windows\system32\msiexec.exe[5888] @ C:\Windows\system32\SETUPAPI.dll[KERNEL32.dll!MoveFileExW] [7fef191a804] C:\Windows\AppPatch\AppPatch64\AcGenral.DLL
  102. IAT C:\Windows\system32\msiexec.exe[5888] @ C:\Windows\system32\SETUPAPI.dll[KERNEL32.dll!CopyFileW] [7fef191a184] C:\Windows\AppPatch\AppPatch64\AcGenral.DLL
  103. IAT C:\Windows\system32\msiexec.exe[5888] @ C:\Windows\system32\SETUPAPI.dll[KERNEL32.dll!CreateFileA] [7fef191a2d8] C:\Windows\AppPatch\AppPatch64\AcGenral.DLL
  104. IAT C:\Windows\system32\msiexec.exe[5888] @ C:\Windows\system32\SETUPAPI.dll[KERNEL32.dll!RegSetValueExW] [7fef191baa8] C:\Windows\AppPatch\AppPatch64\AcGenral.DLL
  105. IAT C:\Windows\system32\msiexec.exe[5888] @ C:\Windows\system32\SETUPAPI.dll[KERNEL32.dll!RegDeleteValueW] [7fef191bbc8] C:\Windows\AppPatch\AppPatch64\AcGenral.DLL
  106. IAT C:\Windows\system32\msiexec.exe[5888] @ C:\Windows\system32\SETUPAPI.dll[KERNEL32.dll!RegCreateKeyExW] [7fef191b4f4] C:\Windows\AppPatch\AppPatch64\AcGenral.DLL
  107. IAT C:\Windows\system32\msiexec.exe[5888] @ C:\Windows\system32\SETUPAPI.dll[KERNEL32.dll!RegOpenKeyExW] [7fef191b6d0] C:\Windows\AppPatch\AppPatch64\AcGenral.DLL
  108. IAT C:\Windows\system32\msiexec.exe[5888] @ C:\Windows\system32\SETUPAPI.dll[KERNEL32.dll!GetProcAddress] [7fefc974230] C:\Windows\system32\apphelp.dll
  109. IAT C:\Windows\system32\msiexec.exe[5888] @ C:\Windows\system32\SETUPAPI.dll[KERNEL32.dll!MoveFileW] [7fef191a6e0] C:\Windows\AppPatch\AppPatch64\AcGenral.DLL
  110. IAT C:\Windows\system32\msiexec.exe[5888] @ C:\Windows\system32\SETUPAPI.dll[KERNEL32.dll!DeleteFileW] [7fef191a5e4] C:\Windows\AppPatch\AppPatch64\AcGenral.DLL
  111. IAT C:\Windows\system32\msiexec.exe[5888] @ C:\Windows\system32\SETUPAPI.dll[KERNEL32.dll!SetFileAttributesW] [7fef191abe0] C:\Windows\AppPatch\AppPatch64\AcGenral.DLL
  112. IAT C:\Windows\system32\msiexec.exe[5888] @ C:\Windows\system32\SETUPAPI.dll[KERNEL32.dll!CreateFileW] [7fef191a42c] C:\Windows\AppPatch\AppPatch64\AcGenral.DLL
  113. IAT C:\Windows\system32\msiexec.exe[5888] @ C:\Windows\system32\DEVRTL.dll[KERNEL32.dll!MoveFileW] [7fef191a6e0] C:\Windows\AppPatch\AppPatch64\AcGenral.DLL
  114. IAT C:\Windows\system32\msiexec.exe[5888] @ C:\Windows\system32\DEVRTL.dll[KERNEL32.dll!MoveFileExW] [7fef191a804] C:\Windows\AppPatch\AppPatch64\AcGenral.DLL
  115. IAT C:\Windows\system32\msiexec.exe[5888] @ C:\Windows\system32\ntmarta.dll[ADVAPI32.dll!RegSetValueExW] [7fef191baa8] C:\Windows\AppPatch\AppPatch64\AcGenral.DLL
  116. IAT C:\Windows\system32\msiexec.exe[5888] @ C:\Windows\system32\ntmarta.dll[ADVAPI32.dll!RegCreateKeyExW] [7fef191b4f4] C:\Windows\AppPatch\AppPatch64\AcGenral.DLL
  117. IAT C:\Windows\system32\msiexec.exe[5888] @ C:\Windows\system32\ntmarta.dll[ADVAPI32.dll!RegOpenKeyExW] [7fef191b6d0] C:\Windows\AppPatch\AppPatch64\AcGenral.DLL
  118. IAT C:\Windows\system32\msiexec.exe[5888] @ C:\Windows\system32\ntmarta.dll[KERNEL32.dll!CreateFileW] [7fef191a42c] C:\Windows\AppPatch\AppPatch64\AcGenral.DLL
  119. IAT C:\Windows\system32\msiexec.exe[5888] @ C:\Windows\system32\ntmarta.dll[KERNEL32.dll!GetProcAddress] [7fefc974230] C:\Windows\system32\apphelp.dll
  120. IAT C:\Windows\system32\msiexec.exe[5888] @ C:\Windows\system32\WLDAP32.dll[KERNEL32.dll!GetProcAddress] [7fefc974230] C:\Windows\system32\apphelp.dll
  121. IAT C:\Windows\system32\msiexec.exe[5888] @ C:\Windows\System32\perfproc.dll[ADVAPI32.dll!RegOpenKeyExW] [7fef191b6d0] C:\Windows\AppPatch\AppPatch64\AcGenral.DLL
  122. IAT C:\Windows\system32\msiexec.exe[5888] @ C:\Windows\system32\PROPSYS.dll[KERNEL32.dll!RegDeleteValueA] [7fef191bb44] C:\Windows\AppPatch\AppPatch64\AcGenral.DLL
  123. IAT C:\Windows\system32\msiexec.exe[5888] @ C:\Windows\system32\PROPSYS.dll[KERNEL32.dll!RegSetValueExA] [7fef191ba0c] C:\Windows\AppPatch\AppPatch64\AcGenral.DLL
  124. IAT C:\Windows\system32\msiexec.exe[5888] @ C:\Windows\system32\PROPSYS.dll[KERNEL32.dll!GetProcAddress] [7fefc974230] C:\Windows\system32\apphelp.dll
  125. IAT C:\Windows\system32\msiexec.exe[5888] @ C:\Windows\system32\PROPSYS.dll[KERNEL32.dll!DeleteFileW] [7fef191a5e4] C:\Windows\AppPatch\AppPatch64\AcGenral.DLL
  126. IAT C:\Windows\system32\msiexec.exe[5888] @ C:\Windows\system32\PROPSYS.dll[KERNEL32.dll!CreateFileW] [7fef191a42c] C:\Windows\AppPatch\AppPatch64\AcGenral.DLL
  127. IAT C:\Windows\system32\msiexec.exe[5888] @ C:\Windows\system32\PROPSYS.dll[KERNEL32.dll!RegOpenKeyExA] [7fef191b60c] C:\Windows\AppPatch\AppPatch64\AcGenral.DLL
  128. IAT C:\Windows\system32\msiexec.exe[5888] @ C:\Windows\system32\PROPSYS.dll[KERNEL32.dll!RegDeleteValueW] [7fef191bbc8] C:\Windows\AppPatch\AppPatch64\AcGenral.DLL
  129. IAT C:\Windows\system32\msiexec.exe[5888] @ C:\Windows\system32\PROPSYS.dll[KERNEL32.dll!RegSetValueExW] [7fef191baa8] C:\Windows\AppPatch\AppPatch64\AcGenral.DLL
  130.  
  131. ---- Threads - GMER 2.1 ----
  132.  
  133. Thread C:\Windows\system32\svchost.exe [448:5404] 000007fef46ad3c8
  134. Thread C:\Windows\system32\svchost.exe [448:4996] 000007fef46ad3c8
  135. Thread C:\Windows\system32\svchost.exe [448:2632] 000007fef46ad3c8
  136. Thread C:\Windows\system32\svchost.exe [448:1804] 000007fef46ad3c8
  137. Thread C:\Windows\system32\svchost.exe [1776:720] 000007fef5d035c0
  138. Thread C:\Windows\system32\svchost.exe [1776:2132] 000007fef5d05600
  139. Thread C:\Windows\system32\svchost.exe [1776:4676] 000007fef3ff2888
  140. Thread C:\Windows\system32\svchost.exe [1776:4716] 000007fef4152940
  141. Thread C:\Windows\system32\svchost.exe [1776:2124] 000007fef3ff2a40
  142. Thread C:\Windows\System32\svchost.exe [2672:3164] 000007fef5d83410
  143. Thread C:\Windows\System32\svchost.exe [2672:3248] 000007fef5d62e30
  144. Thread C:\Windows\System32\svchost.exe [2672:3256] 000007fef5d35050
  145. Thread C:\Windows\System32\svchost.exe [2672:3260] 000007fef5d5ed70
  146. Thread C:\Windows\System32\svchost.exe [2672:3264] 000007fef5d35040
  147. Thread C:\Windows\System32\svchost.exe [2672:3268] 000007fef5dd4290
  148.  
  149. ---- Registry - GMER 2.1 ----
  150.  
  151. Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\1c4bd607e35a
  152. Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\1c4bd607e35a@c488e5a613b7 0xF5 0x7B 0x57 0xF1 ...
  153. Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\1c4bd607e35a@4cedde03a70e 0xA5 0x36 0xDD 0x31 ...
  154. Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\1c4bd607e35a@14f42a04b1be 0xB3 0xF4 0x5E 0xF4 ...
  155. Reg HKLM\SYSTEM\CurrentControlSet\services\rdyboost\Parameters@LastBootPlanUserTime ?Mon?, ?Aug ?31 ?15, 06:50:12 PM???????????????????????????????
  156. Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\1c4bd607e35a (not active ControlSet)
  157. Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\1c4bd607e35a@c488e5a613b7 0xF5 0x7B 0x57 0xF1 ...
  158. Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\1c4bd607e35a@4cedde03a70e 0xA5 0x36 0xDD 0x31 ...
  159. Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\1c4bd607e35a@14f42a04b1be 0xB3 0xF4 0x5E 0xF4 ...
  160.  
  161. ---- EOF - GMER 2.1 ----
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!