GMER 2.1.19357 - http://www.gmer.net Rootkit scan 2014-09-16 13:59:10 Windows 6.1.7601 Service Pack 1 x64 Running: crwk7m2p.exe ---- Registry - GMER 2.1 ---- Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\00234df40839 Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\00234df40839@0c715d181aa4 0xA7 0xC3 0xB1 0x3B ... Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\00234df40839@28cc01642ce5 0x80 0x97 0x9A 0xBF ... Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\00234df40839@38192f87c989 0xA4 0xCE 0x97 0x9E ... Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\00234df40839@e063e5354e9c 0x8E 0xD8 0x42 0xEE ... Reg HKLM\SYSTEM\CurrentControlSet\services\CmdAgent\Mode\Configurations@SymbolicLinkValue 0x5C 0x00 0x52 0x00 ... Reg HKLM\SYSTEM\CurrentControlSet\services\CmdAgent\Mode\Data@SymbolicLinkValue 0x5C 0x00 0x52 0x00 ... Reg HKLM\SYSTEM\CurrentControlSet\services\CmdAgent\Mode\Options@SymbolicLinkValue 0x5C 0x00 0x52 0x00 ... Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04 Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 0 Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0xAE 0xF9 0xE9 0xCB ... Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\00234df40839 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\00234df40839@0c715d181aa4 0xA7 0xC3 0xB1 0x3B ... Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\00234df40839@28cc01642ce5 0x80 0x97 0x9A 0xBF ... Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\00234df40839@38192f87c989 0xA4 0xCE 0x97 0x9E ... Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\00234df40839@e063e5354e9c 0x8E 0xD8 0x42 0xEE ... Reg HKLM\SYSTEM\ControlSet002\services\CmdAgent\Mode\Configurations@SymbolicLinkValue 0x5C 0x00 0x52 0x00 ... Reg HKLM\SYSTEM\ControlSet002\services\CmdAgent\Mode\Data@SymbolicLinkValue 0x5C 0x00 0x52 0x00 ... Reg HKLM\SYSTEM\ControlSet002\services\CmdAgent\Mode\Options@SymbolicLinkValue 0x5C 0x00 0x52 0x00 ... Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 0 Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0xAE 0xF9 0xE9 0xCB ... Reg HKLM\SYSTEM\Software\COMODO\Cam@SymbolicLinkValue 0x5C 0x00 0x52 0x00 ... Reg HKLM\SYSTEM\Software\COMODO\Firewall Pro@SymbolicLinkValue 0x5C 0x00 0x52 0x00 ... ---- EOF - GMER 2.1 ----