GMER 1.0.15.15641 - http://www.gmer.net Rootkit scan 2012-08-26 14:15:15 Windows 5.1.2600 Dodatek Service Pack 2 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-4 SAMSUNG_SP1213N rev.TL100-30 Running: rf7j31pc.exe; Driver: C:\DOCUME~1\WŁAŚCI~1\USTAWI~1\Temp\kfpiqpow.sys ---- System - GMER 1.0.15 ---- SSDT d346bus.sys (PnP BIOS Extension/ ) ZwClose [0xF8679D08] SSDT d346bus.sys (PnP BIOS Extension/ ) ZwCreateKey [0xF8679CC0] SSDT d346bus.sys (PnP BIOS Extension/ ) ZwCreatePagingFile [0xF866DA20] SSDT d346bus.sys (PnP BIOS Extension/ ) ZwEnumerateKey [0xF866E4FC] SSDT d346bus.sys (PnP BIOS Extension/ ) ZwEnumerateValueKey [0xF8679E00] SSDT d346bus.sys (PnP BIOS Extension/ ) ZwOpenFile [0xF866DA60] SSDT d346bus.sys (PnP BIOS Extension/ ) ZwOpenKey [0xF8679C84] SSDT d346bus.sys (PnP BIOS Extension/ ) ZwQueryKey [0xF866E51C] SSDT d346bus.sys (PnP BIOS Extension/ ) ZwQueryValueKey [0xF8679D56] SSDT d346bus.sys (PnP BIOS Extension/ ) ZwSetSystemPowerState [0xF8679230] ---- Devices - GMER 1.0.15 ---- Device \FileSystem\Fastfat \FatCdrom 8338D0C8 Device \Driver\kfpiqpow \Device\kfpiqpow kfpiqpow.sys Device \Driver\Cdrom \Device\CdRom0 83330888 Device \Driver\atapi \Device\Ide\IdePort0 832541A8 Device \Driver\atapi \Device\Ide\IdePort1 832541A8 Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-4 832541A8 Device \Driver\atapi \Device\Ide\IdeDeviceP0T1L0-c 832541A8 Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-18 832541A8 Device \Driver\atapi \Device\Ide\IdeDeviceP1T1L0-20 832541A8 Device \Driver\Cdrom \Device\CdRom1 83330888 Device \FileSystem\Npfs \Device\NamedPipe 831D25D0 Device \FileSystem\Msfs \Device\Mailslot 831CDD98 Device \FileSystem\Fastfat \Fat 8338D0C8 Device \FileSystem\Fs_Rec \FileSystem\NtfsRecognizer 831D8A70 Device \FileSystem\Fs_Rec \FileSystem\UdfsCdRomRecognizer 831D8A70 Device \FileSystem\Fs_Rec \FileSystem\CdfsRecognizer 831D8A70 Device \FileSystem\Fs_Rec \FileSystem\FatDiskRecognizer 831D8A70 Device \FileSystem\Fs_Rec \FileSystem\UdfsDiskRecognizer 831D8A70 Device \FileSystem\Cdfs \Cdfs 831CFAC8 ---- Modules - GMER 1.0.15 ---- Module _________ F85CF000-F85E7000 (98304 bytes) ---- Registry - GMER 1.0.15 ---- Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet) Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0 Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0x6A 0x9A 0x8B 0xA6 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\d346prt\Cfg\0Jf40 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0x6A 0x9A 0x8B 0xA6 ... Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet) Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0 Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0x6A 0x9A 0x8B 0xA6 ... ---- Files - GMER 1.0.15 ---- File 005_08_11_lugano_acmilan_0-7.wmv File 005.08.14 AC Milan - Juventus Turyn 2-1 (XV Trofeo Luigi Berlusconi) File ilan1-1_Juve.wmv Settings\W File ilan2-1Juventus.avittings\W File ilan_2-1Juve.wmv Settings\W File humbs.dbents and Settings\W File ieira.avints and Settings\W ---- EOF - GMER 1.0.15 ----