GMER 1.0.15.15281 - http://www.gmer.net
Rootkit scan 2010-05-12 23:36:35
Windows 5.1.2600 Service Pack 3
Running: qyw8vvp0.exe; Driver: C:\DOCUME~1\SOUBIROU\LOCALS~1\Temp\uggyqpog.sys


---- Kernel code sections - GMER 1.0.15 ----

.pak2    C:\WINDOWS\system32\drivers\jkljvts.sys                                              entry point in ".pak2" section [0xF73DE13D]
?        C:\WINDOWS\system32\drivers\jkljvts.sys                                              Un périphérique attaché au système ne fonctionne pas correctement.
PAGE     Ntfs.sys                                                                            F71EFE55 4 Bytes  CALL 863790E1 

---- Devices - GMER 1.0.15 ----

Device   \FileSystem\Ntfs \Ntfs                                                              862D58E0

---- Services - GMER 1.0.15 ----

Service   (*** hidden *** )                                                                  [BOOT] jkljvts                                                        <-- ROOTKIT !!!

---- Registry - GMER 1.0.15 ----

Reg      HKLM\SYSTEM\ControlSet001\Services\jkljvts@Type                                      1
Reg      HKLM\SYSTEM\ControlSet001\Services\jkljvts@Start                                     0
Reg      HKLM\SYSTEM\ControlSet001\Services\jkljvts@ErrorControl                              0
Reg      HKLM\SYSTEM\ControlSet001\Services\jkljvts@Group                                     Boot Bus Extender
Reg      HKLM\SYSTEM\ControlSet002\Services\jkljvts@Type                                      1
Reg      HKLM\SYSTEM\ControlSet002\Services\jkljvts@Start                                     0
Reg      HKLM\SYSTEM\ControlSet002\Services\jkljvts@ErrorControl                              0
Reg      HKLM\SYSTEM\ControlSet002\Services\jkljvts@Group                                     Boot Bus Extender
Reg      HKLM\SYSTEM\ControlSet003\Services\jkljvts@Type                                      1
Reg      HKLM\SYSTEM\ControlSet003\Services\jkljvts@Start                                     0
Reg      HKLM\SYSTEM\ControlSet003\Services\jkljvts@ErrorControl                              0
Reg      HKLM\SYSTEM\ControlSet003\Services\jkljvts@Group                                     Boot Bus Extender
Reg      HKLM\SYSTEM\CurrentControlSet\Services\jkljvts@Type                                  1
Reg      HKLM\SYSTEM\CurrentControlSet\Services\jkljvts@Start                                 0
Reg      HKLM\SYSTEM\CurrentControlSet\Services\jkljvts@ErrorControl                          0
Reg      HKLM\SYSTEM\CurrentControlSet\Services\jkljvts@Group                                 Boot Bus Extender
Reg      HKLM\SYSTEM\ControlSet005\Services\jkljvts@Type                                      1
Reg      HKLM\SYSTEM\ControlSet005\Services\jkljvts@Start                                     0
Reg      HKLM\SYSTEM\ControlSet005\Services\jkljvts@ErrorControl                              0
Reg      HKLM\SYSTEM\ControlSet005\Services\jkljvts@Group                                     Boot Bus Extender
Reg      HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows@DeviceNotSelectedTimeout  15
Reg      HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows@GDIProcessHandleQuota     10000
Reg      HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows@Spooler                   yes
Reg      HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows@swapdisk                  
Reg      HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows@TransmissionRetryTimeout  90
Reg      HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows@USERProcessHandleQuota    10000

---- Files - GMER 1.0.15 ----

File     C:\WINDOWS\system32\drivers\jkljvts.sys                                              (size mismatch) 802304/0 bytes executable

---- EOF - GMER 1.0.15 ----