GMER 2.2.19882 - http://www.gmer.net Rootkit scan 2016-10-18 22:39:55 Windows 6.1.7601 Service Pack 1 Running: zz7yknfe.exe ---- Registry - GMER 2.2 ---- Reg HKLM\SYSTEM\CurrentControlSet\services\aswRvrt\Parameters\Instup_14749018435412280@SetupOperations ????????????????????????????????????????? ?????????????????????1????????????????????? ???????????????????o?1????????????????????{00000000-0000-0000-0000-000000000000}??????????????????????? ?????????????????????1??????????????????????????????????????????????????????????P?????????? ???????????????????s?1????????????????????????????? ?????????????????????1????????????????????? ???????????????????s?1??????????????????????2??????????????????????????h??????????????????????????? ???????t??????s????????_????????????????????\?????????????????????????????????f????????????i??????? ???????n?????????????-??(???????????????????7?????? ?????????????????????-??"???&?????????????????em????N??????t?????D?z??STORAGE\VolumeSnapshot??? ??? f?????????????????msmouse.inf??????????????k???????????????????????????????????????????????c????e2f1?????????????????????????????????????????????????????s????????????????????????{71a27cdd-812a-11d0-bec7-08002be2092f}??????????????%systemroot%\system32\scext.dll??????????@?@?@??????????????\De Reg HKLM\SYSTEM\CurrentControlSet\services\aswRvrt\Parameters\Instup_14749020463112280@SetupOperations ?????s??????e ?????????????????e????????????????????????????????????????????????????????????e???? ?????????????????????1????????????&???????????????????????? ?????????????????????1????????????????????????????? ???????????????????{?1????????????????????????????????????????????????????????????? ?????????????{???????-?????????????????????????5??????????????????????input.inf??????????????????s????? ?????????????????????-?????????????????f??????????? 0?????????????????STORAGE\VolumeSnapshot????????N????????????D????{00000000-0000-0000-0000-000000000000}??????????d?????????????????????????????????????????????7?7?7?7?7?7?????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????? Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\c298ab012ce9 Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\c298ab012ce9@78c3e926a681 0x13 0xEC 0xC9 0xFE ... Reg HKLM\SYSTEM\ControlSet002\services\aswRvrt\Parameters\Instup_14749018435412280@SetupOperations ????sy????2?????????????????.NT?????fvevol?rdyboost??gvss??.sy???????????C??D.???????????????h??Microsoft???wvmbus.inf_x86_neutral_f6b968c04185b840?27????????????????????m???????@???????????????)??????v??????????????????????????????????????AD???????????????????u?u?u?u?u?u?????????n???t??????????????????????????????????????????????????????????????????????????????????????\\?\STORAGE#Volume#_??_USBSTOR#Disk&Ven_Canon&Prod_MP550_series&Rev_0104#7&11084e39&0&23B249&0#{53f56307-b6bf-11d0-94f2-00a0c91efb8b}#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}????\\?\USB#VID_04A9&PID_173D&MI_00#6&6b02afa&0&0000#{6bdd1fc6-810f-11d0-bec7-08002be2092f}??????m??????????????????????d? ?4822f1b21????????????????????????????????v???????????????v??{77F7F122-20B0-4117-A2FB-059D1FC88256}??????????????????????????????????????????@volume.inf,%storage\volume.devicedesc%;Wolumin uniwersalny?????{36fc9e60-c465-11cf-8056-444553540000}\0014??????????????i??le???????o???????????????????????????????????????????\??as??generic_hid_device?am ???{?|?|? Reg HKLM\SYSTEM\ControlSet002\services\aswRvrt\Parameters\Instup_14749020463112280@SetupOperations ????????disk_install???????????????????s????????? ?????????????????????-?????????????????f??{74df7660-3c24-5c11-aa98-2743266296a0}???????????v???o??????Ev??? 2?????????????????????????????disk.inf:disk_device.NTx86:disk_install:6.1.7600.16385:gendisk?\C:??6.1.7600.16385??????{74df7660-3c24-5c11-aa98-2743266296a0}??~???{4d36e967-e325-11ce-bfc1-08002be10318}?mow????H?????????????????????Microsoft?????N??????t?????D????USBSTOR\DiskSanDisk_Cruzer_Blade____1.27?USBSTOR\DiskSanDisk_Cruzer_Blade____?USBSTOR\DiskSanDisk_?USBSTOR\SanDisk_Cruzer_Blade____1?SanDisk_Cruzer_Blade____1?USBSTOR\GenDisk?GenDisk??:U??disk.inf:disk_device.NTx86:disk_install:6.1.7600.16385:gendisk?f?n??@disk.inf,%genmanufacturer%;(Standardowe stacje dysk?w)???????N??????i????Dtor???????????????????V??????Generic ?f,%microsoftmfg%;Microsoft?n|??????s6??? ?????????????????????1????????????????????????????????????WPD?????????????????????????????????????????????????wa??????????????????????????????????????????????????{4d36e967-e325-11ce-bfc1-08002b Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\c298ab012ce9 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\c298ab012ce9@78c3e926a681 0x13 0xEC 0xC9 0xFE ... ---- EOF - GMER 2.2 ----