GMER 2.1.19163 - http://www.gmer.net
Rootkit scan 2013-12-18 22:14:27
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 TOSHIBA_ rev.AX00 465,76GB
Running: 06eccmi1.exe; Driver: C:\Users\Patrycja\AppData\Local\Temp\kwlyapoc.sys


---- Threads - GMER 2.1 ----

Thread  C:\windows\System32\spoolsv.exe [1944:3320]                                                      000000018000efb0
Thread  C:\windows\System32\spoolsv.exe [1944:3324]                                                      000000018000efb0
Thread  C:\windows\System32\spoolsv.exe [1944:3336]                                                      0000000001b33b2c
Thread  C:\windows\System32\spoolsv.exe [1944:3340]                                                      000007fef72710c8
Thread  C:\windows\System32\spoolsv.exe [1944:3344]                                                      000007fef7046144
Thread  C:\windows\System32\spoolsv.exe [1944:3348]                                                      000007fef6e35fd0
Thread  C:\windows\System32\spoolsv.exe [1944:3352]                                                      000007fef6e23438
Thread  C:\windows\System32\spoolsv.exe [1944:3356]                                                      000007fef6e363ec
Thread  C:\windows\System32\spoolsv.exe [1944:3364]                                                      000007fef72a5e5c
Thread  C:\windows\System32\spoolsv.exe [1944:3368]                                                      000007fef70e5074
Thread  C:\windows\system32\svchost.exe [1976:2088]                                                      000007fef93135c0
Thread  C:\windows\system32\svchost.exe [1976:3048]                                                      000007fef9315600
Thread  C:\windows\system32\svchost.exe [1976:2236]                                                      000007fef7702940
Thread  C:\windows\system32\svchost.exe [1976:2240]                                                      000007fef76e2888
Thread  C:\windows\system32\svchost.exe [1976:2348]                                                      000000018000efb0
Thread  C:\windows\system32\svchost.exe [1976:4060]                                                      000000018000efb0
Thread  C:\windows\system32\svchost.exe [1976:2612]                                                      000000018002d040
Thread  C:\windows\system32\svchost.exe [1976:4240]                                                      000007fef76e2a40
Thread  C:\windows\system32\Dwm.exe [3328:3444]                                                          000007fef697f0d8
Thread  C:\windows\system32\Dwm.exe [3328:3448]                                                          000007fef65eabf0
Thread  C:\windows\system32\svchost.exe [2836:5144]                                                      000000018000efb0
Thread  C:\windows\system32\svchost.exe [2836:5148]                                                      000000018000efb0
Thread  C:\windows\system32\svchost.exe [2836:5156]                                                      000000018002d040
Thread  C:\windows\system32\svchost.exe [2836:5160]                                                      000007fefcfc6a40
Thread  C:\windows\system32\svchost.exe [2836:5168]                                                      000000018002d040

---- Registry - GMER 2.1 ----

Reg     HKLM\SYSTEM\CurrentControlSet\Control\Power\User\PowerSchemes@ActivePowerScheme                  c1674ee0-2c48-45c7-baf7-200eca9a8b2a
Reg     HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\446d5722cf56                      
Reg     HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\446d5722cf56 (not active ControlSet)  

---- EOF - GMER 2.1 ----