GMER 2.1.19163 - http://www.gmer.net
Rootkit scan 2013-10-25 07:34:55
Windows 5.1.2600 Dodatek Service Pack 3 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3 STM3500418AS rev.CC38 465,76GB
Running: kveqxtci.exe; Driver: C:\DOCUME~1\Tomek\USTAWI~1\Temp\uwncaaow.sys


---- Kernel code sections - GMER 2.1 ----

init    C:\WINDOWS\system32\drivers\mmrtkrnl.sys                                                              entry point in "init" section [0xB9DB9A60]
.text   C:\WINDOWS\system32\DRIVERS\nv4_mini.sys                                                              section is writeable [0xB5325360, 0x35483F, 0xE8000020]

---- Devices - GMER 2.1 ----

Device  \FileSystem\Cdfs \Cdfs                                                                                B13D5400

---- Registry - GMER 2.1 ----

Reg     HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet)  
Reg     HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0                       0xD4 0xC3 0x97 0x02 ...
Reg     HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0                       0
Reg     HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12                    0x6E 0x12 0x2D 0xC5 ...
Reg     HKLM\SYSTEM\ControlSet003\Services\xfzpbtjox@DisplayName                                              Monitor Update
Reg     HKLM\SYSTEM\ControlSet003\Services\xfzpbtjox@Type                                                     32
Reg     HKLM\SYSTEM\ControlSet003\Services\xfzpbtjox@Start                                                    2
Reg     HKLM\SYSTEM\ControlSet003\Services\xfzpbtjox@ErrorControl                                             0
Reg     HKLM\SYSTEM\ControlSet003\Services\xfzpbtjox@ImagePath                                                %SystemRoot%\system32\svchost.exe -k netsvcs
Reg     HKLM\SYSTEM\ControlSet003\Services\xfzpbtjox@ObjectName                                               LocalSystem
Reg     HKLM\SYSTEM\ControlSet003\Services\xfzpbtjox@Description                                              Zarz?dza urz?dzeniami audio dla program?w dla systemu Windows. Je?li ta us?uga zostanie zatrzymana, urz?dzenia audio i efekty nie b?d? dzia?a?y w?a?ciwie. Je?li ta us?uga zostanie wy??czona, wszelkie us?ugi jawnie od niej zale?ne przestan? si? uruchamia?.
Reg     HKLM\SYSTEM\ControlSet003\Services\xfzpbtjox\Parameters (not active ControlSet)                       
Reg     HKLM\SYSTEM\ControlSet003\Services\xfzpbtjox\Parameters@ServiceDll                                    C:\WINDOWS\system32\vlqszdq.dll
Reg     HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Prefetcher@TracesProcessed                          63
Reg     HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Prefetcher@TracesSuccessful                         59

---- EOF - GMER 2.1 ----