GMER 1.0.15.15641 - http://www.gmer.net Rootkit scan 2012-05-01 17:46:29 Windows 5.1.2600 Dodatek Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T0L0-5 TOSHIBA_MK3263GSX rev.FG020M Running: tw7sgz77.exe; Driver: C:\DOCUME~1\Ola\USTAWI~1\Temp\uwpoqpoc.sys ---- Devices - GMER 1.0.15 ---- Device Ntfs.sys (NT File System Driver/Microsoft Corporation) Device Sftfsxp.sys (Microsoft Application Virtualization File System/Microsoft Corporation) AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 wdf01000.sys (WDF Dynamic/Microsoft Corporation) AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 wdf01000.sys (WDF Dynamic/Microsoft Corporation) Device mrxsmb.sys (Windows NT SMB Minirdr/Microsoft Corporation) ---- Registry - GMER 1.0.15 ---- Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\00158315a310 Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\00158315a310@0019637b9afd 0x11 0xBF 0x44 0x5F ... Reg HKLM\SYSTEM\ControlSet003\Services\BTHPORT\Parameters\Keys\00158315a310 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet003\Services\BTHPORT\Parameters\Keys\00158315a310@0019637b9afd 0x11 0xBF 0x44 0x5F ... ---- EOF - GMER 1.0.15 ----