GMER 2.1.19357 - http://www.gmer.net
Rootkit scan 2015-04-15 00:15:24
Windows 6.3.9600  x64 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 ST2000DM001-1CH164 rev.CC27 1863,02GB
Running: t4fu3npk.exe; Driver: C:\Users\Michal\AppData\Local\Temp\pwldqpoc.sys


---- Kernel code sections - GMER 2.1 ----

.text   C:\Windows\system32\ntoskrnl.exe!NtCallbackReturn + 960                            fffff802ba1da700 61 bytes [80, CA, A9, FF, 82, 19, B1, ...]

---- User code sections - GMER 2.1 ----

.text   C:\Windows\Explorer.EXE[364] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 714    00007ffff415154a 4 bytes [15, F4, FF, 7F]
.text   C:\Windows\Explorer.EXE[364] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 722    00007ffff4151552 4 bytes [15, F4, FF, 7F]
.text   C:\Windows\Explorer.EXE[364] C:\Windows\SYSTEM32\MSIMG32.dll!TransparentBlt + 98   00007ffff415162a 4 bytes [15, F4, FF, 7F]
.text   C:\Windows\Explorer.EXE[364] C:\Windows\SYSTEM32\MSIMG32.dll!TransparentBlt + 122  00007ffff4151642 4 bytes [15, F4, FF, 7F]

---- Threads - GMER 2.1 ----

Thread  C:\Windows\system32\csrss.exe [476:492]                                            fffff960008dbb90

---- Disk sectors - GMER 2.1 ----

Disk    \Device\Harddisk0\DR0                                                              unknown MBR code

---- EOF - GMER 2.1 ----