GMER 2.1.19357 - http://www.gmer.net Rootkit scan 2014-04-23 22:05:21 Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 HGST_HTS rev.GG2O 465,76GB Running: mu4mycmn.exe; Driver: C:\Users\Zbyszek\AppData\Local\Temp\pwdiifoc.sys ---- Threads - GMER 2.1 ---- Thread C:\Windows\system32\svchost.exe [1012:3380] 000007fef85b0ea8 Thread C:\Windows\system32\svchost.exe [1012:3456] 000007fef85a9db0 Thread C:\Windows\system32\svchost.exe [1012:3508] 000007fef85b1c94 Thread C:\Windows\system32\svchost.exe [1012:4056] 000007fef85aaa10 Thread C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2012:3932] 000007fee5e1c680 ---- Registry - GMER 2.1 ---- Reg HKLM\SYSTEM\ControlSet001\services\BTHPORT\Parameters\Keys\0026b6d75abf (not active ControlSet) Reg HKLM\SYSTEM\ControlSet001\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet001\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 0 Reg HKLM\SYSTEM\ControlSet001\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0xBF 0x15 0x2F 0x25 ... Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\0026b6d75abf Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04 Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 0 Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0xBF 0x15 0x2F 0x25 ... Reg HKLM\SYSTEM\ControlSet003\services\BTHPORT\Parameters\Keys\0026b6d75abf (not active ControlSet) Reg HKLM\SYSTEM\ControlSet003\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet003\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 0 Reg HKLM\SYSTEM\ControlSet003\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0xBF 0x15 0x2F 0x25 ... ---- EOF - GMER 2.1 ----