GMER 2.1.19357 - http://www.gmer.net Rootkit scan 2014-10-21 23:35:06 Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-4 SAMSUNG_SP2504C rev.VT100-50 232,89GB Running: tbelcm53.exe; Driver: C:\Users\Przemek\AppData\Local\Temp\pxldapog.sys ---- User code sections - GMER 2.1 ---- .text C:\Windows\SysWOW64\PnkBstrA.exe[2548] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 322 0000000072611a22 2 bytes [61, 72] .text C:\Windows\SysWOW64\PnkBstrA.exe[2548] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 496 0000000072611ad0 2 bytes [61, 72] .text C:\Windows\SysWOW64\PnkBstrA.exe[2548] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 552 0000000072611b08 2 bytes [61, 72] .text C:\Windows\SysWOW64\PnkBstrA.exe[2548] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 730 0000000072611bba 2 bytes [61, 72] .text C:\Windows\SysWOW64\PnkBstrA.exe[2548] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 762 0000000072611bda 2 bytes [61, 72] .text C:\Program Files (x86)\Windows Media Player\wmplayer.exe[4816] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000077441465 2 bytes [44, 77] .text C:\Program Files (x86)\Windows Media Player\wmplayer.exe[4816] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000774414bb 2 bytes [44, 77] .text ... * 2 ---- Registry - GMER 2.1 ---- Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04 Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 0 Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0x42 0x95 0x88 0x93 ... Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 0 Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0x42 0x95 0x88 0x93 ... ---- EOF - GMER 2.1 ----