GMER 2.1.19357 - http://www.gmer.net
Rootkit quick scan 2014-12-04 11:09:51
Windows 5.1.2600 Dodatek Service Pack 3 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T1L0-e WDC_WD5003AZEX-00MK2A0 rev.01.01A01 465,76GB
Running: r39pipk5.exe; Driver: C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\pgtdqpow.sys


---- Disk sectors - GMER 2.1 ----

Disk            \Device\Harddisk0\DR0                        unknown MBR code

---- System - GMER 2.1 ----

SSDT            \SystemRoot\System32\DRIVERS\cmdguard.sys    ZwEnumerateKey [0xB2458BD6]
SSDT            \SystemRoot\System32\DRIVERS\cmdguard.sys    ZwEnumerateValueKey [0xB2458DEA]

---- Devices - GMER 2.1 ----

Device          \Driver\atapi \Device\Ide\IdePort0           [B7E42B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device          \Driver\atapi \Device\Ide\IdePort1           [B7E42B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device          \Driver\atapi \Device\Ide\IdeDeviceP1T1L0-e  [B7E42B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device          \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-6  [B7E42B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device          \FileSystem\Ntfs \Ntfs                       8AF091F8

AttachedDevice  \Driver\Tcpip \Device\Ip                     cmdhlp.sys
AttachedDevice  \Driver\Tcpip \Device\Tcp                    cmdhlp.sys
AttachedDevice  \Driver\Tcpip \Device\Udp                    cmdhlp.sys
AttachedDevice  \Driver\Tcpip \Device\RawIp                  cmdhlp.sys

---- EOF - GMER 2.1 ----