GMER 2.1.19357 - http://www.gmer.net Rootkit scan 2014-07-23 12:26:28 Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 SAMSUNG_ rev.2AC1 465.76GB Running: wu23stok.exe; Driver: C:\Users\sklep\AppData\Local\Temp\fxldypow.sys ---- User code sections - GMER 2.1 ---- .text C:\Users\sklep\Downloads\OTL (1).exe[2132] C:\Windows\syswow64\PSAPI.dll!GetModuleInformation + 69 0000000075ae1465 2 bytes [AE, 75] .text C:\Users\sklep\Downloads\OTL (1).exe[2132] C:\Windows\syswow64\PSAPI.dll!GetModuleInformation + 155 0000000075ae14bb 2 bytes [AE, 75] .text ... * 2 ---- Registry - GMER 2.1 ---- Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\c44619e00c05 Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\c44619e00c05@d87533c1e9fd 0xE8 0xCF 0x3C 0x74 ... Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\c44619e00c05@9c4a7b0b8678 0x56 0x72 0xB2 0x11 ... Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\c44619e00c05@001f5d8d69e4 0x3D 0xEC 0x6D 0x3B ... Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\c44619e00c05@a8f2748ed83f 0xA3 0x58 0xAE 0x99 ... Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\c44619e00c05@0017b0ababd5 0x24 0xA6 0x3E 0x33 ... Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\c44619e00c05@001167fa9e7a 0x08 0x44 0x8C 0x22 ... Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\c44619e00c05@9c4a7b9c5e8d 0x62 0xBF 0xE9 0x84 ... Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\c44619e00c05@78471da36e41 0xB0 0xD6 0xA3 0x20 ... Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0x00 0x00 0x00 0x00 ... Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0 Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0x1E 0xCD 0x8B 0x45 ... Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files (x86)\DAEMON Tools Lite\ Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\c44619e00c05 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\c44619e00c05@d87533c1e9fd 0xE8 0xCF 0x3C 0x74 ... Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\c44619e00c05@9c4a7b0b8678 0x56 0x72 0xB2 0x11 ... Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\c44619e00c05@001f5d8d69e4 0x3D 0xEC 0x6D 0x3B ... Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\c44619e00c05@a8f2748ed83f 0xA3 0x58 0xAE 0x99 ... Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\c44619e00c05@0017b0ababd5 0x24 0xA6 0x3E 0x33 ... Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\c44619e00c05@001167fa9e7a 0x08 0x44 0x8C 0x22 ... Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\c44619e00c05@9c4a7b9c5e8d 0x62 0xBF 0xE9 0x84 ... Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\c44619e00c05@78471da36e41 0xB0 0xD6 0xA3 0x20 ... Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet) Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0x00 0x00 0x00 0x00 ... Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0 Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0x1E 0xCD 0x8B 0x45 ... Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files (x86)\DAEMON Tools Lite\ ---- EOF - GMER 2.1 ----