GMER 1.0.15.15641 - http://www.gmer.net
Rootkit scan 2012-02-04 05:49:13
Windows 5.1.2600 Dodatek Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3 HITACHI_HTS541612J9SA00__3H rev.SB3IC7UP
Running: nfnz2i25.exe; Driver: C:\DOCUME~1\Lila\USTAWI~1\Temp\pwtdapod.sys


---- User code sections - GMER 1.0.15 ----

.text   C:\WINDOWS\Explorer.EXE[1456] C:\WINDOWS\Explorer.EXE                                                 section is writeable [0x01001000, 0x44C09, 0xE0000020]
.reloc  C:\WINDOWS\Explorer.EXE[1456] C:\WINDOWS\Explorer.EXE                                                 section is executable [0x010FB000, 0xA800, 0xE0000060]

---- Registry - GMER 1.0.15 ----

Reg     HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 (not active ControlSet)  
Reg     HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0                       0
Reg     HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh                    0x71 0x08 0x5C 0x26 ...
Reg     HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 (not active ControlSet)  
Reg     HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0                       0
Reg     HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh                    0x71 0x08 0x5C 0x26 ...
Reg     HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 (not active ControlSet)  
Reg     HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0                       0
Reg     HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh                    0x71 0x08 0x5C 0x26 ...
Reg     HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 (not active ControlSet)  
Reg     HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0                       0
Reg     HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh                    0x71 0x08 0x5C 0x26 ...
Reg     HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4                      
Reg     HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0                   0
Reg     HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh                0x71 0x08 0x5C 0x26 ...
Reg     HKLM\SYSTEM\ControlSet006\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 (not active ControlSet)  
Reg     HKLM\SYSTEM\ControlSet006\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0                       0
Reg     HKLM\SYSTEM\ControlSet006\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh                    0x71 0x08 0x5C 0x26 ...

---- EOF - GMER 1.0.15 ----