GMER 2.1.19155 - http://www.gmer.net
Rootkit scan 2013-03-20 22:44:05
Windows 6.1.7600  \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 TOSHIBA_ rev.FF01 372,61GB
Running: pns3p57k.exe; Driver: C:\Users\Kuba\AppData\Local\Temp\kwtdqpod.sys


---- Kernel code sections - GMER 2.1 ----

.text           ntkrnlpa.exe!ZwRollbackTransaction + 13E9                                                        826838D9 1 Byte  [06]
.text           ntkrnlpa.exe!KiDispatchInterrupt + 5A2                                                           826A8312 19 Bytes  [E0, 0F, BA, F0, 07, 73, 09, ...] {LOOPNZ 0x11; MOV EDX, 0x97307f0; MOV CR4, EAX; OR AL, 0x80; MOV CR4, EAX; RET ; MOV ECX, CR3}

---- Devices - GMER 2.1 ----

AttachedDevice  \Driver\kbdclass \Device\KeyboardClass0                                                          Wdf01000.sys
AttachedDevice  \Driver\kbdclass \Device\KeyboardClass1                                                          Wdf01000.sys

---- Registry - GMER 2.1 ----

Reg             HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\002258e21d90                      
Reg             HKLM\SYSTEM\CurrentControlSet\services\WmiApRpl\Performance@Last Counter                         11184
Reg             HKLM\SYSTEM\CurrentControlSet\services\WmiApRpl\Performance@Last Help                            11185
Reg             HKLM\SYSTEM\CurrentControlSet\services\WmiApRpl\Performance@Object List                          11006 11012 11024 11034 11044 11064 11108 11118 11156 11162 11178
Reg             HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\002258e21d90 (not active ControlSet)  

---- EOF - GMER 2.1 ----