GMER 2.1.19357 - http://www.gmer.net
Rootkit scan 2014-02-21 20:52:25
Windows 5.1.2600 Dodatek Service Pack 3 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-e WDC_WD800JD-00MSA1 rev.10.01E01 74,53GB
Running: bzg6szpz.exe; Driver: C:\DOCUME~1\ADMINI~1.000\USTAWI~1\Temp\awtyypog.sys


---- Devices - GMER 2.1 ----

AttachedDevice  \Driver\Tcpip \Device\Ip                                                           arcawfp.sys
AttachedDevice  \Driver\Tcpip \Device\Tcp                                                          arcawfp.sys
AttachedDevice  \Driver\Tcpip \Device\Udp                                                          arcawfp.sys
AttachedDevice  \Driver\Tcpip \Device\RawIp                                                        arcawfp.sys
AttachedDevice  \FileSystem\Fastfat \Fat                                                           fltmgr.sys

---- Registry - GMER 2.1 ----

Reg             HKLM\SYSTEM\CurrentControlSet\Services\acpi\Parameters\WakeUp                      
Reg             HKLM\SYSTEM\CurrentControlSet\Services\acpi\Parameters\WakeUp@FixedEventMask       0x20 0x01 
Reg             HKLM\SYSTEM\CurrentControlSet\Services\acpi\Parameters\WakeUp@FixedEventStatus     0x00 0x04 
Reg             HKLM\SYSTEM\CurrentControlSet\Services\acpi\Parameters\WakeUp@GenericEventMask     0x00 0x00 0x00 0x20 
Reg             HKLM\SYSTEM\CurrentControlSet\Services\acpi\Parameters\WakeUp@GenericEventStatus   0x00 0x00 0x02 0x96 
Reg             HKLM\SYSTEM\ControlSet002\Services\acpi\Parameters\WakeUp (not active ControlSet)  
Reg             HKLM\SYSTEM\ControlSet002\Services\acpi\Parameters\WakeUp@FixedEventMask           0x20 0x01 
Reg             HKLM\SYSTEM\ControlSet002\Services\acpi\Parameters\WakeUp@FixedEventStatus         0x00 0x04 
Reg             HKLM\SYSTEM\ControlSet002\Services\acpi\Parameters\WakeUp@GenericEventMask         0x00 0x00 0x00 0x20 
Reg             HKLM\SYSTEM\ControlSet002\Services\acpi\Parameters\WakeUp@GenericEventStatus       0x00 0x00 0x02 0x96 
Reg             HKLM\SYSTEM\ControlSet002\Services\fxvjt@DisplayName                               Shell Universal
Reg             HKLM\SYSTEM\ControlSet002\Services\fxvjt@Type                                      32
Reg             HKLM\SYSTEM\ControlSet002\Services\fxvjt@Start                                     2
Reg             HKLM\SYSTEM\ControlSet002\Services\fxvjt@ErrorControl                              0
Reg             HKLM\SYSTEM\ControlSet002\Services\fxvjt@ImagePath                                 %SystemRoot%\system32\svchost.exe -k netsvcs
Reg             HKLM\SYSTEM\ControlSet002\Services\fxvjt@ObjectName                                LocalSystem
Reg             HKLM\SYSTEM\ControlSet002\Services\fxvjt@Description                               Wykonuje funkcje przywracania systemu. Aby zatrzyma? us?ug?, wy??cz Przywracanie systemu na karcie Przywracanie systemu w M?j komputer->W?a?ciwo?ci
Reg             HKLM\SYSTEM\ControlSet002\Services\fxvjt\Parameters (not active ControlSet)        
Reg             HKLM\SYSTEM\ControlSet002\Services\fxvjt\Parameters@ServiceDll                     C:\WINDOWS\system32\vymabl.dll

---- EOF - GMER 2.1 ----