GMER 1.0.15.15641 - http://www.gmer.net
Rootkit quick scan 2012-11-16 09:09:12
Windows 6.0.6002 Service Pack 2 Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 WDC_WD32 rev.11.0
Running: qd8dj4cg.exe; Driver: C:\Users\Maciek\AppData\Local\Temp\kwliypod.sys


---- Devices - GMER 1.0.15 ----

Device          \Driver\iaStor \Device\Ide\iaStor0             [882C2EB0] \SystemRoot\system32\DRIVERS\iaStor.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device          \Driver\iaStor \Device\Ide\IAAStorageDevice-0  [882C2EB0] \SystemRoot\system32\DRIVERS\iaStor.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device          \Driver\iaStor \Device\Ide\IAAStorageDevice-1  [882C2EB0] \SystemRoot\system32\DRIVERS\iaStor.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device          \FileSystem\Ntfs \Ntfs                         8573C1F8
Device          \FileSystem\fastfat \Fat                       875711F8

AttachedDevice  \FileSystem\fastfat \Fat                       fltmgr.sys (Menedżer filtrów systemu plików firmy Microsoft/Microsoft Corporation)
AttachedDevice  \Driver\tdx \Device\Ip                         SYMTDIV.SYS (Network Dispatch Driver/Symantec Corporation)
AttachedDevice  \Driver\tdx \Device\Tcp                        SYMTDIV.SYS (Network Dispatch Driver/Symantec Corporation)
AttachedDevice  \Driver\tdx \Device\Udp                        SYMTDIV.SYS (Network Dispatch Driver/Symantec Corporation)
AttachedDevice  \Driver\tdx \Device\RawIp                      SYMTDIV.SYS (Network Dispatch Driver/Symantec Corporation)
AttachedDevice  \Driver\kbdclass \Device\KeyboardClass0        Wdf01000.sys (Aparat wykonawczy struktury sterowników trybu jądra/Microsoft Corporation)
AttachedDevice  \Driver\kbdclass \Device\KeyboardClass1        Wdf01000.sys (Aparat wykonawczy struktury sterowników trybu jądra/Microsoft Corporation)

---- EOF - GMER 1.0.15 ----