GMER 2.2.19882 - http://www.gmer.net
Rootkit scan 2016-10-14 22:07:23
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 WDC_WD75 rev.01.0 698,64GB
Running: wuffpyb5.exe; Driver: C:\Users\Marcin\AppData\Local\Temp\pwrdrpoc.sys


---- User code sections - GMER 2.2 ----

.text  C:\Program Files\AVAST Software\Avast\afwServ.exe[1860] C:\Windows\syswow64\kernel32.dll!SetUnhandledExceptionFilter                                                            00000000762c8769 8 bytes [31, C0, C2, 04, 00, 90, 90, ...]
.text  C:\Program Files\AVAST Software\Avast\afwServ.exe[1860] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17                                                                 0000000075fe1401 2 bytes JMP 762eb20b C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files\AVAST Software\Avast\afwServ.exe[1860] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17                                                                   0000000075fe1419 2 bytes JMP 762eb336 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files\AVAST Software\Avast\afwServ.exe[1860] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17                                                                 0000000075fe1431 2 bytes JMP 76368f39 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files\AVAST Software\Avast\afwServ.exe[1860] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42                                                                 0000000075fe144a 2 bytes CALL 762c4885 C:\Windows\syswow64\kernel32.dll
.text  ...                                                                                                                                                                             * 9
.text  C:\Program Files\AVAST Software\Avast\afwServ.exe[1860] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17                                                                    0000000075fe14dd 2 bytes JMP 76368832 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files\AVAST Software\Avast\afwServ.exe[1860] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17                                                             0000000075fe14f5 2 bytes JMP 76368a08 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files\AVAST Software\Avast\afwServ.exe[1860] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17                                                                    0000000075fe150d 2 bytes JMP 76368728 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files\AVAST Software\Avast\afwServ.exe[1860] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17                                                             0000000075fe1525 2 bytes JMP 76368af2 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files\AVAST Software\Avast\afwServ.exe[1860] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17                                                                   0000000075fe153d 2 bytes JMP 762dfc98 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files\AVAST Software\Avast\afwServ.exe[1860] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17                                                                        0000000075fe1555 2 bytes JMP 762e68df C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files\AVAST Software\Avast\afwServ.exe[1860] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17                                                                 0000000075fe156d 2 bytes JMP 76368ff1 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files\AVAST Software\Avast\afwServ.exe[1860] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17                                                                   0000000075fe1585 2 bytes JMP 76368b52 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files\AVAST Software\Avast\afwServ.exe[1860] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17                                                                      0000000075fe159d 2 bytes JMP 763686ec C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files\AVAST Software\Avast\afwServ.exe[1860] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17                                                                   0000000075fe15b5 2 bytes JMP 762dfd31 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files\AVAST Software\Avast\afwServ.exe[1860] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17                                                                 0000000075fe15cd 2 bytes JMP 762eb2cc C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files\AVAST Software\Avast\afwServ.exe[1860] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20                                                             0000000075fe16b2 2 bytes JMP 76368eb4 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files\AVAST Software\Avast\afwServ.exe[1860] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31                                                             0000000075fe16bd 2 bytes JMP 76368681 C:\Windows\syswow64\kernel32.dll
.text  C:\Windows\AsScrPro.exe[1840] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17                                                                                           0000000075fe1401 2 bytes JMP 762eb20b C:\Windows\syswow64\kernel32.dll
.text  C:\Windows\AsScrPro.exe[1840] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17                                                                                             0000000075fe1419 2 bytes JMP 762eb336 C:\Windows\syswow64\kernel32.dll
.text  C:\Windows\AsScrPro.exe[1840] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17                                                                                           0000000075fe1431 2 bytes JMP 76368f39 C:\Windows\syswow64\kernel32.dll
.text  C:\Windows\AsScrPro.exe[1840] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42                                                                                           0000000075fe144a 2 bytes CALL 762c4885 C:\Windows\syswow64\kernel32.dll
.text  ...                                                                                                                                                                             * 9
.text  C:\Windows\AsScrPro.exe[1840] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17                                                                                              0000000075fe14dd 2 bytes JMP 76368832 C:\Windows\syswow64\kernel32.dll
.text  C:\Windows\AsScrPro.exe[1840] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17                                                                                       0000000075fe14f5 2 bytes JMP 76368a08 C:\Windows\syswow64\kernel32.dll
.text  C:\Windows\AsScrPro.exe[1840] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17                                                                                              0000000075fe150d 2 bytes JMP 76368728 C:\Windows\syswow64\kernel32.dll
.text  C:\Windows\AsScrPro.exe[1840] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17                                                                                       0000000075fe1525 2 bytes JMP 76368af2 C:\Windows\syswow64\kernel32.dll
.text  C:\Windows\AsScrPro.exe[1840] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17                                                                                             0000000075fe153d 2 bytes JMP 762dfc98 C:\Windows\syswow64\kernel32.dll
.text  C:\Windows\AsScrPro.exe[1840] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17                                                                                                  0000000075fe1555 2 bytes JMP 762e68df C:\Windows\syswow64\kernel32.dll
.text  C:\Windows\AsScrPro.exe[1840] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17                                                                                           0000000075fe156d 2 bytes JMP 76368ff1 C:\Windows\syswow64\kernel32.dll
.text  C:\Windows\AsScrPro.exe[1840] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17                                                                                             0000000075fe1585 2 bytes JMP 76368b52 C:\Windows\syswow64\kernel32.dll
.text  C:\Windows\AsScrPro.exe[1840] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17                                                                                                0000000075fe159d 2 bytes JMP 763686ec C:\Windows\syswow64\kernel32.dll
.text  C:\Windows\AsScrPro.exe[1840] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17                                                                                             0000000075fe15b5 2 bytes JMP 762dfd31 C:\Windows\syswow64\kernel32.dll
.text  C:\Windows\AsScrPro.exe[1840] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17                                                                                           0000000075fe15cd 2 bytes JMP 762eb2cc C:\Windows\syswow64\kernel32.dll
.text  C:\Windows\AsScrPro.exe[1840] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20                                                                                       0000000075fe16b2 2 bytes JMP 76368eb4 C:\Windows\syswow64\kernel32.dll
.text  C:\Windows\AsScrPro.exe[1840] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31                                                                                       0000000075fe16bd 2 bytes JMP 76368681 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\syncables\syncables desktop\syncables.exe[4308] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17                                                  0000000075fe1401 2 bytes JMP 762eb20b C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\syncables\syncables desktop\syncables.exe[4308] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17                                                    0000000075fe1419 2 bytes JMP 762eb336 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\syncables\syncables desktop\syncables.exe[4308] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17                                                  0000000075fe1431 2 bytes JMP 76368f39 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\syncables\syncables desktop\syncables.exe[4308] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42                                                  0000000075fe144a 2 bytes CALL 762c4885 C:\Windows\syswow64\kernel32.dll
.text  ...                                                                                                                                                                             * 9
.text  C:\Program Files (x86)\syncables\syncables desktop\syncables.exe[4308] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17                                                     0000000075fe14dd 2 bytes JMP 76368832 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\syncables\syncables desktop\syncables.exe[4308] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17                                              0000000075fe14f5 2 bytes JMP 76368a08 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\syncables\syncables desktop\syncables.exe[4308] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17                                                     0000000075fe150d 2 bytes JMP 76368728 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\syncables\syncables desktop\syncables.exe[4308] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17                                              0000000075fe1525 2 bytes JMP 76368af2 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\syncables\syncables desktop\syncables.exe[4308] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17                                                    0000000075fe153d 2 bytes JMP 762dfc98 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\syncables\syncables desktop\syncables.exe[4308] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17                                                         0000000075fe1555 2 bytes JMP 762e68df C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\syncables\syncables desktop\syncables.exe[4308] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17                                                  0000000075fe156d 2 bytes JMP 76368ff1 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\syncables\syncables desktop\syncables.exe[4308] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17                                                    0000000075fe1585 2 bytes JMP 76368b52 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\syncables\syncables desktop\syncables.exe[4308] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17                                                       0000000075fe159d 2 bytes JMP 763686ec C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\syncables\syncables desktop\syncables.exe[4308] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17                                                    0000000075fe15b5 2 bytes JMP 762dfd31 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\syncables\syncables desktop\syncables.exe[4308] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17                                                  0000000075fe15cd 2 bytes JMP 762eb2cc C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\syncables\syncables desktop\syncables.exe[4308] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20                                              0000000075fe16b2 2 bytes JMP 76368eb4 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\syncables\syncables desktop\syncables.exe[4308] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31                                              0000000075fe16bd 2 bytes JMP 76368681 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\syncables\syncables desktop\jre\bin\javaw.exe[5572] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17                                              0000000075fe1401 2 bytes JMP 762eb20b C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\syncables\syncables desktop\jre\bin\javaw.exe[5572] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17                                                0000000075fe1419 2 bytes JMP 762eb336 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\syncables\syncables desktop\jre\bin\javaw.exe[5572] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17                                              0000000075fe1431 2 bytes JMP 76368f39 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\syncables\syncables desktop\jre\bin\javaw.exe[5572] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42                                              0000000075fe144a 2 bytes CALL 762c4885 C:\Windows\syswow64\kernel32.dll
.text  ...                                                                                                                                                                             * 9
.text  C:\Program Files (x86)\syncables\syncables desktop\jre\bin\javaw.exe[5572] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17                                                 0000000075fe14dd 2 bytes JMP 76368832 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\syncables\syncables desktop\jre\bin\javaw.exe[5572] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17                                          0000000075fe14f5 2 bytes JMP 76368a08 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\syncables\syncables desktop\jre\bin\javaw.exe[5572] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17                                                 0000000075fe150d 2 bytes JMP 76368728 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\syncables\syncables desktop\jre\bin\javaw.exe[5572] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17                                          0000000075fe1525 2 bytes JMP 76368af2 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\syncables\syncables desktop\jre\bin\javaw.exe[5572] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17                                                0000000075fe153d 2 bytes JMP 762dfc98 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\syncables\syncables desktop\jre\bin\javaw.exe[5572] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17                                                     0000000075fe1555 2 bytes JMP 762e68df C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\syncables\syncables desktop\jre\bin\javaw.exe[5572] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17                                              0000000075fe156d 2 bytes JMP 76368ff1 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\syncables\syncables desktop\jre\bin\javaw.exe[5572] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17                                                0000000075fe1585 2 bytes JMP 76368b52 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\syncables\syncables desktop\jre\bin\javaw.exe[5572] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17                                                   0000000075fe159d 2 bytes JMP 763686ec C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\syncables\syncables desktop\jre\bin\javaw.exe[5572] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17                                                0000000075fe15b5 2 bytes JMP 762dfd31 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\syncables\syncables desktop\jre\bin\javaw.exe[5572] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17                                              0000000075fe15cd 2 bytes JMP 762eb2cc C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\syncables\syncables desktop\jre\bin\javaw.exe[5572] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20                                          0000000075fe16b2 2 bytes JMP 76368eb4 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\syncables\syncables desktop\jre\bin\javaw.exe[5572] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31                                          0000000075fe16bd 2 bytes JMP 76368681 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files\AVAST Software\Avast\avastui.exe[4440] C:\Windows\syswow64\kernel32.dll!SetUnhandledExceptionFilter                                                            00000000762c8769 8 bytes [31, C0, C2, 04, 00, 90, 90, ...]
.text  C:\Program Files (x86)\syncables\syncables desktop\syncablesMAPI.exe[2308] C:\Program Files (x86)\Common Files\SYSTEM\MSMAPI\1045\MSMAPI32.DLL!HrDispatchNotifications@4 + 112  0000000072de1b80 4 bytes [88, F6, 3E, ED]
?      C:\Windows\system32\mssprxy.dll [2308] entry point in ".rdata" section                                                                                                          0000000072d971e6

---- Registry - GMER 2.2 ----

Reg    HKLM\SYSTEM\CurrentControlSet\services\aswRvrt\Parameters\Instup_14733531492422280@SetupOperations                                                                              ??????????P???????????????????????????????????$????????????n?????????????????????w?w????????????machine.inf_amd64_neutral_9e6bb86c3b39a3e9???????????????????????????????????????????e???4?4?i?i?x?j?i??bi??.sys?????????????????????????????:??os????????????????????<??????-???.??{2c5fbe1d-b359-11e3-a025-14dae90c92dc}?Mic??????????????{1??Urz?dzenie steruj?ce u?ytkownika zgodne z HID????????????????????????????n???????s??Microsoft? Nano Transceiver v2.0? ???????m???????????????????????h??? ??????????????????????????????????????NetBIOS Interface???? ???????????????? ??????????? ?B????????????????????????????????????????j???F??????????????????6-21-2006???? ?????????????????????0????????????????????????????? ?????????????????????-?????????????????????????????s???????s??? ???????????????????j?0????????????????????? ??????????????????????? ???????/?????????????,????????^???Y???????????????????????????????????????????????????\\?\USB#VID_0951&PID_160E#0019E0009EA4SK871E10004B#{a5dcbf10-6530-11d2-901f-00c04fb951ed}???? ?
Reg    HKLM\SYSTEM\CurrentControlSet\services\aswRvrt\Parameters\Instup_14733532074612280@SetupOperations                                                                              ????di??@input.inf,%stdmfg%;(Standardowe urz?dzenia systemowe)?107???f?h?i?j?j?i?k?k?j???h???????????D?????????DM)??{4d36e96f-e325-11ce-bfc1-08002be10318}\0011????????????????i?j?k?j???j??? ??????????????ta??? ???????F?????GT ???????????????????h???h??????????????????????????@msmouse.inf,%hid.mousedevice%;Mysz zgodna z HID?d??????????????????????????hidserv.inf:Microsoft.NTamd64:HIDSystemConsumerDevice:6.1.7600.16385:hid_device_up:000c_u:0001?:\P???4?4?4?4?6?7?9?9?_?7?9?:?_X?{8ECC055D-047F-11D1-A537-0000F8753ED1}?2??8??T?U?f?e?h?d?e?f?i?i?h?i?i???i?t?u?z?z?j?s?s?s???j???i?i?i?j?j?h?i?k?h???h???k?x???????U????????????? ???????????????????e?i?i?i?j?i?g?j?j???????????????????x?x?z?~???w?w?x?w???e???k?????????o?????u???u??STORAGE\VolumeSnapshot??????? x???????????????????N??????????????????????????p????????B?????????????usb\class_08&subclass_06&prot_50?=???????????????h????*????????????????n?????.??? ???????.??????????????,???????????????????aswndisflt??????????????????(???ms_vwifi????????????????????(???ms_nati
Reg    HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\0025d3b2962e                                                                                                     
Reg    HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\742f6834fcd8                                                                                                     
Reg    HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\742f6834fcd8@3816d154f595                                                                                        0xBC 0x9F 0x45 0xB5 ...
Reg    HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Epoch@Epoch                                                                                                                 32819
Reg    HKLM\SYSTEM\ControlSet002\services\aswRvrt\Parameters\Instup_14733531492422280@SetupOperations                                                                                  ????????? ???????a?????????????*????????????&????????????????????e@????-?-?-?-?-?-?.?-?_?_??ds???m??????????????????????????????????????????????????????????????????????????????-4??? ???????a?????????????*????????????&????????????????????,??MSAFD RfComm [Bluetooth]????? F???????????? ?????_?_?_?_?_?_?_?_?_?_?_?_?_?_?_?_?_?_?_?_?_?_?_?_?_?_?_?_?_?_?_?_?_?_?_?_?_?_?_?_?_?_?_?_?_?_?_?_?`?`?`?`?`?`?`?`?`?`?`?a?a?_?`?a?a?a?a?a?a?a?a?a?a?a?a?a?a?a?a?a?a?a?a`?msmouse.inf_amd64_neutral_7a5f47d3150cc0eb???????i????????????????????????N??????0?????D????? ???????a?????????????*?????????? ?&????????????????????d??NEC     MBR-7   ?NEC     MBR-7.4 ?PIONEER CHANGR DRM-1804X?PIONEER CD-ROM DRM-6324X?PIONEER CD-ROM DRM-624X ?TORiSAN CD-ROM CDR_C36??7???????????-??????????sptd?????????????n???????s????????????????????evic???????????????i??s4???????????s????`?@%SystemRoot%\System32\drivers\pacer.sys,-101?????????????????????????????????????????????????????????????????????????????????????x?User Mode Driver Frameworks Platform Dr
Reg    HKLM\SYSTEM\ControlSet002\services\aswRvrt\Parameters\Instup_14733532074612280@SetupOperations                                                                                  ?????&??? ?????????????????????0??L????????? ???????? ??? ?????????????????????0????????????&?????????????????????????????????????one???????????????Microsoft??????0?&?1?&?1?&?1?&?1?&?1?&?2?&?5?&?9?&?~?&???&???&???&???&??????????????????????????????????Karta tunelowa??? ???????/???????????j?,??????(?????????????? ??? ?????????????????????-?????????????????f??? ????????????????????N?????????????????????????????????usbstor.inf?????? ?????????????????????0????????????&???????????????????????? ???????????????? ??????????? ?B?%?????? ??? ???????s?????????????????????????????????????????????????????????~??????????????????????????D??9??????Ad????????????????????????????????????????????????BTeredo Tunneling Pseudo-Interface????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????BTeredo Tunneling Pseudo-Interface?????????????????????????????????????????
Reg    HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\0025d3b2962e (not active ControlSet)                                                                                 
Reg    HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\742f6834fcd8 (not active ControlSet)                                                                                 
Reg    HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\742f6834fcd8@3816d154f595                                                                                            0xBC 0x9F 0x45 0xB5 ...

---- EOF - GMER 2.2 ----