GMER 2.2.19882 - http://www.gmer.net Rootkit scan 2017-04-25 16:19:48 Windows 6.1.7601 Service Pack 1 x64 Running: 0qtv2s23.exe ---- Registry - GMER 2.2 ---- Reg HKLM\SYSTEM\CurrentControlSet\services\aswRvrt\Parameters\Instup_14913768876932291@SetupOperations ???u????????????????????????????????t?????????????????????R??????????????d???????????8??????? ????????????????????L??j?????????e????FSFilter Infrastructure?????PNP_TDI?????h?????????????????????????????????????????????4??j????????h???????Z??j?????????n????????????????HD????6??j????????h??????????????6??t1?????????????g?????j???????????p??????????????t???????????????????????????????????Network??????????????a??t????????i???????3???????????????????l??????????????????????????LocalSystem?????????????????t???@%SystemRoot%\system32\qmgr.dll,-1000???????????????????????t????|???8?????? ???????????????????????os????8??j????????h?????????????????t?????????????????????????????????"??j???????????q?q?????????)??????????????????????????????t?????????????????????????P????????????n????CD/DVD File System Reader???????????????????????????????????? ???????????????d??????????????????@%systemroot%\system32\browser.dll,-102????????????????????n?????????????????????????????p????4??j?????????e????????????????t????????n???u????????? Reg HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{95FAA78D-5EF0-4E8A-BFB8-FEBB283F15FA}@LeaseObtainedTime 1493125380 Reg HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{95FAA78D-5EF0-4E8A-BFB8-FEBB283F15FA}@T1 1493127180 Reg HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{95FAA78D-5EF0-4E8A-BFB8-FEBB283F15FA}@T2 1493128530 Reg HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{95FAA78D-5EF0-4E8A-BFB8-FEBB283F15FA}@LeaseTerminatesTime 1493128980 Reg HKLM\SYSTEM\ControlSet002\services\aswRvrt\Parameters\Instup_14913768876932291@SetupOperations ????????? ?????????????????????0????????????&???????????????????????? ?????????????????????0????????????????????? ?????????????????????0????????4?????????????4?????????????VF0420 Live! Cam Vista IM???????1???????????????????????????????????????????? ???????,?????????????,????????4???&???????????????????????VF0420 Live! Cam Vista IM???????????????????wave3??????????????????e?U??????????????????????????@wdma_usb.inf,%usb\class_01.devicedesc%;Urz?dzenie audio USB????????????????????????????????USBSTOR_BULK?\??STORAGE#VOLUME#_??_USBSTOR#DISK&VEN_HAMA&PROD_SD_CARD_READER&REV_9404#000000000000&0#???wpdfs.inf:Microsoft.NTamd64:Basic_Install:6.1.7600.16385:wpdbusenum\fs??????Sterownik woluminu systemu plik?w WPD???????????????????????????????????Basic_Install???DataTraveler 2.0?devicename%;Sterownik woluminu systemu plik?w WPD??????{77F7F122-20B0-4117-A2FB-059D1FC88256}??????88256}???????????????????????????e??? ??????????????????????SM/xD-Picture ?devicename%;Sterownik woluminu systemu plik?w WPD????????????????? Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{3EEEBFC3-4722-6B40-590B-8F987B0A443F} Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{3EEEBFC3-4722-6B40-590B-8F987B0A443F}@oajhfhkhhhokknknbohlaonjbllddm 0x64 0x61 0x67 0x66 ... Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{3EEEBFC3-4722-6B40-590B-8F987B0A443F}@oafkfnofchkhiiijcicloggdhgopkg 0x69 0x61 0x63 0x66 ... Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{3EEEBFC3-4722-6B40-590B-8F987B0A443F}@nalklkpmgdecaojhdelbfflgkbdo 0x69 0x61 0x63 0x66 ... ---- EOF - GMER 2.2 ----