GMER 2.2.19882 - http://www.gmer.net Rootkit scan 2017-04-20 17:14:24 Windows 6.1.7601 Service Pack 1 x64 Running: j9iftt32.exe ---- Registry - GMER 2.2 ---- Reg HKLM\SYSTEM\CurrentControlSet\services\aswRvrt\Parameters\Instup_14923443932682291@SetupOperations ??????????6????????????n?????#H????????????????????????)????H?????????????????????????????????????????H??????m????????)??.???n?n????????????????????Virtual WiFi Filter Driver??????????????????????????system32\drivers\Wdf01000.sys???? ??????????????s???@%systemroot%\system32\rascfg.dll,-32012?????????????????????????????????o???????????e???????.???????????d???????????????d????????t?????acpi.inf_amd64_neutral_2a841284c9de8962??????????????????????????????????????????-???\???????d????N?????????????w???WmiApRpl.ini?????????????????????????????????????????n?n?n?n?r???n?????????????????????????r????home?d??? ???????????????????o?0????????????????????? ??????????????????6.1.7601.19144??????????????????????????????????USB????????????????????????????????e????16106 16112 16124 16134 16144 16164 16208 16218 16256 16262 16278???system32\drivers\WudfPf.sys?????255.255.255.0??.sy???????????5???????s??1D???????????F??????????2-???????????????????????????????????3???3??????1????????????????????.????????????????????????????? Reg HKLM\SYSTEM\CurrentControlSet\services\aswRvrt\Parameters\Instup_14923450001592291@SetupOperations ?????}??????????????@oem10.inf,%gatt.devicedesc1%;Bluetooth Generic Attribute Profile???BTHENUM\{00001801-0000-1000-8000-00805f9b34fb}_VID&0001001d_PID&1200?BTHENUM\{00001801-0000-1000-8000-00805f9b34fb}_LOCALMFG&0045??Act??BTHENUM\{00001801-0000-1000-8000-00805f9b34fb}??ro??{0d893963-54ac-51fb-9ebb-b3582de06fac}?fif??? ?????????????????????0??L????????? ??????Spo??? ?????????????????????0????????????????????????? ?????????????????????0????????????????????? ?????????????????????0????????????&????????????????????7??? ?????????????????????0????????????????????? ?????????????????????0????????????????????? ???????????????? ???????"??????????????????????????????.??e,???????????g??di??????? ?????????????????????0????????????????????? ?????????????????????0????????????????????? ???????????????????????f??oc??? ?????????????????????0?????????????????????????????????????%??? ?????????????????????0????????????????????6.1.7601.18199???????????l??????? ?????????????????????0????????????&????????????????????3????????????? Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\74de2b62e9c6 Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\74de2b62e9c6@90cf153441b6 0xB3 0xB3 0x9F 0xC1 ... Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\74de2b62e9c6@e063e533d242 0xB4 0xB3 0x41 0x9D ... Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\74de2b62e9c6@940070eed060 0x0E 0xFD 0xCA 0xCF ... Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\74de2b62e9c6@f8a9d0a412c2 0x38 0xA9 0x1D 0x8B ... Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\74de2b62e9c6@0c48858cf2b0 0xB1 0x48 0xFB 0xC6 ... Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\74de2b62e9c6@848edf7a9f1b 0xF7 0x7C 0x1A 0x63 ... Reg HKLM\SYSTEM\ControlSet002\services\aswRvrt\Parameters\Instup_14923443932682291@SetupOperations ?????m???h?h?h?h?h?h?h?h?h???h???????????????????t???e???????????5???????????????????1??????????Port_#0003.Hub_#0004????multi(0)disk(0)rdisk(0)partition(2)??????????????1?????t?????????????3??????????????????????????? ???????n???????m??????????????????????{745a17a0-74d3-11d0-b6fe-00a0c90f57da}\0006?????????????????????????????????????????WinUsb???U??? ??????????????????{8ECC055D-047F-11D1-A537-0000F8753ED1}?o?o??????$???4????? ??????? ??????????????????????????????????????????????????????? ??????????? ??????????? ??????????????? ???&????*??HJ???????????P???????P???P???P???-???????????*???????P???P???P???????????.???P?????????????????????????? ????,???,?????????? ????P?????? ????????????,????? ??????????????????????????????V?)?????????? ???????????????????`??????????T??? ???????BA??????????????????????????????????????? T??????g????????????????????????????????????????e???????X??????????????????????&???$???????e???????????????????o???????????????????e???$???????e???????????????????o??@usbstor.inf,%genericbulkon Reg HKLM\SYSTEM\ControlSet002\services\aswRvrt\Parameters\Instup_14923450001592291@SetupOperations ????ll??????2???{36fc9e60-c465-11cf-8056-444553540000}\0015??????????&??????????????????????$???4????? ??????? ??????????????????????????????????????????????????????? ??????????? ??????????? ??????????????? ???&????3??HJ???????????u???????u???u???u???6???????????3???????u???u???u???????????7???u?????????????????????????? ????5???5?????????? ????u?????? ????????????5??8??4?f?h?h?h?h?l?l?l?o?T???l??@input.inf,%hid_device%;Urz?dzenie zgodne z HID???(?? ???????,???????/??}???/????????????????????????????2??????????????????????????????????????????????????6???????????5?????????????????????;???????????:???????????3??????????????n?n?n?n?n??????????????????{36fc9e60-c465-11cf-8056-444553540000}?????????????????'???'?,?-?-???-???,??(1??????????? ??????????????????????????????x??? ??????USB??\??\C:\Program Files\AVAST Software\Avast????,?????&?,?-?-?-?-?-?&?-?.?*?.?2?o???????????l???????o??"C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe"?%???????? ??????????????????????????????????V???h???????V????????????? Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\74de2b62e9c6 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\74de2b62e9c6@90cf153441b6 0xB3 0xB3 0x9F 0xC1 ... Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\74de2b62e9c6@e063e533d242 0xB4 0xB3 0x41 0x9D ... Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\74de2b62e9c6@940070eed060 0x0E 0xFD 0xCA 0xCF ... Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\74de2b62e9c6@f8a9d0a412c2 0x38 0xA9 0x1D 0x8B ... Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\74de2b62e9c6@0c48858cf2b0 0xB1 0x48 0xFB 0xC6 ... Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\74de2b62e9c6@848edf7a9f1b 0xF7 0x7C 0x1A 0x63 ... ---- Files - GMER 2.2 ---- File C:\Users\pc\AppData\Local\Google\Chrome\User Data\Profile 1\Cache\f_00906b 0 bytes File C:\Users\pc\AppData\Local\Google\Chrome\User Data\Profile 1\Cache\f_00e259 0 bytes File C:\Users\pc\AppData\Local\Google\Chrome\User Data\Profile 1\Media Cache\f_000f57 0 bytes File C:\Users\pc\AppData\Local\Google\Chrome\User Data\Profile 1\Media Cache\f_000f58 1048576 bytes ---- EOF - GMER 2.2 ----