GMER 2.2.19882 - http://www.gmer.net Rootkit scan 2016-03-23 19:36:36 Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 ST950042 rev.D004 465,76GB Running: ptbox2d2.exe; Driver: C:\Users\Iwonka\AppData\Local\Temp\awrdypow.sys ---- User code sections - GMER 2.2 ---- .text C:\Program Files\AVAST Software\Avast\avastui.exe[4824] C:\Windows\syswow64\kernel32.dll!SetUnhandledExceptionFilter 00000000757f8769 8 bytes [31, C0, C2, 04, 00, 90, 90, ...] ---- Kernel IAT/EAT - GMER 2.2 ---- IAT C:\Windows\system32\drivers\atapi.sys[ataport.SYS!AtaPortReadPortBufferUshort] [fffff8800102be94] \SystemRoot\System32\Drivers\sptd.sys [.text] IAT C:\Windows\system32\drivers\atapi.sys[ataport.SYS!AtaPortReadPortUchar] [fffff8800102bc38] \SystemRoot\System32\Drivers\sptd.sys [.text] IAT C:\Windows\system32\drivers\atapi.sys[ataport.SYS!AtaPortWritePortUchar] [fffff8800102c654] \SystemRoot\System32\Drivers\sptd.sys [.text] IAT C:\Windows\system32\drivers\atapi.sys[ataport.SYS!AtaPortWritePortUlong] [fffff8800102ca50] \SystemRoot\System32\Drivers\sptd.sys [.text] IAT C:\Windows\system32\drivers\atapi.sys[ataport.SYS!AtaPortWritePortBufferUshort] [fffff8800102c8ac] \SystemRoot\System32\Drivers\sptd.sys [.text] ---- Devices - GMER 2.2 ---- Device \FileSystem\Ntfs \Ntfs fffffa80044822c0 Device \FileSystem\fastfat \Fat fffffa8007ab82c0 Device \Driver\NetBT \Device\NetBT_Tcpip_{ECF6E18F-6A33-44C1-986C-18663F6F831A} fffffa8006cb92c0 Device \Driver\usbehci \Device\USBPDO-1 fffffa8006ea72c0 Device \Driver\cdrom \Device\CdRom0 fffffa8006bc72c0 Device \Driver\usbehci \Device\USBFDO-0 fffffa8006ea72c0 Device \Driver\NetBT \Device\NetBT_Tcpip_{6C08D927-A8B0-4523-8622-5271403B9F1A} fffffa8006cb92c0 Device \Driver\NetBT \Device\NetBT_Tcpip_{E6975F54-49E6-4B57-A563-8FBC1103DB3A} fffffa8006cb92c0 Device \Driver\usbehci \Device\USBFDO-1 fffffa8006ea72c0 Device \Driver\NetBT \Device\NetBt_Wins_Export fffffa8006cb92c0 Device \Driver\usbehci \Device\USBPDO-0 fffffa8006ea72c0 ---- Registry - GMER 2.2 ---- Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\5063138b2535 Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04 Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 0 Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0xC5 0xB7 0xF1 0x72 ... Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\5063138b2535 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 0 Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0xC5 0xB7 0xF1 0x72 ... ---- EOF - GMER 2.2 ----