GMER 2.1.18952 - http://www.gmer.net Rootkit scan 2013-02-14 00:46:48 Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 ST950032 rev.D005 465.76GB Running: 83ow1t27.exe; Driver: C:\Users\MAGDAG~1\AppData\Local\Temp\uwdyypob.sys ---- User code sections - GMER 2.1 ---- .text C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe[1824] C:\Windows\syswow64\kernel32.dll!SetUnhandledExceptionFilter 00000000758c87b1 4 bytes [C2, 04, 00, 00] .text C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe[1824] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 69 0000000075ed1465 2 bytes [ED, 75] .text C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe[1824] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 155 0000000075ed14bb 2 bytes [ED, 75] .text ... * 2 .text C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe[4608] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000075ed1465 2 bytes [ED, 75] .text C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe[4608] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000075ed14bb 2 bytes [ED, 75] .text ... * 2 ---- Threads - GMER 2.1 ---- Thread C:\Windows\System32\svchost.exe [3052:960] 000007fef0a29688 ---- Registry - GMER 2.1 ---- Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\e4d53de778ec Reg HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Epoch@Epoch 5603 Reg HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Epoch2@Epoch 1845 Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\e4d53de778ec (not active ControlSet) Reg HKCU\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Persisted@C:\temp\aulauncher.exe 1 ---- EOF - GMER 2.1 ----