GMER 2.2.19882 - http://www.gmer.net
Rootkit scan 2016-09-30 21:16:45
Windows 6.2.9200  x64 \Device\Harddisk0\DR0 -> \Device\00000023 ST1000LM024_HN-M101MBB rev.2BA30001 931,51GB
Running: bie5qlet.exe; Driver: C:\Users\Natalka\AppData\Local\Temp\fxlyrpog.sys


---- Kernel code sections - GMER 2.2 ----

.text   C:\WINDOWS\System32\win32k.sys!W32pServiceTable                                                                                  fffff96000167200 15 bytes [00, 28, F6, 01, 80, 1C, 6C, ...]
.text   C:\WINDOWS\System32\win32k.sys!W32pServiceTable + 16                                                                             fffff96000167210 11 bytes [00, 0E, FC, FF, 00, 05, C4, ...]

---- Threads - GMER 2.2 ----

Thread  C:\WINDOWS\system32\csrss.exe [608:7304]                                                                                         fffff960009c82d0

---- Registry - GMER 2.2 ----

Reg     HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Kernel\RNG@RNGAuxiliarySeed                                                1757878314
Reg     HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\acd1b8e75c98                                                      
Reg     HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\acd1b8e75c98@18002d5e5c67                                         0xE1 0xB4 0xF6 0x5C ...
Reg     HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\acd1b8e75c98@5cb52441ba3d                                         0xEA 0x6F 0x75 0xF6 ...
Reg     HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\acd1b8e75c98@08fc8837452c                                         0xAC 0x1B 0x3B 0x8E ...
Reg     HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\acd1b8e75c98@28987bee808e                                         0x95 0x91 0x06 0x5D ...

---- Disk sectors - GMER 2.2 ----

Disk    \Device\Harddisk0\DR0                                                                                                            unknown MBR code

---- Files - GMER 2.2 ----

File    C:\Windows\WinSxS\x86_microsoft-windows-fdeploy_31bf3856ad364e35_6.3.9600.17415_none_74a1f1a06c1e56a5\fdeploy.dll                (size mismatch) 73728/141312 bytes executable
File    C:\Windows\WinSxS\x86_microsoft-windows-fde_31bf3856ad364e35_6.3.9600.17415_none_3cf85ad9770b339f\fde.dll                        (size mismatch) 124928/130048 bytes executable
File    C:\Windows\WinSxS\x86_microsoft-windows-g..policy-admin-gpedit_31bf3856ad364e35_6.3.9600.17415_none_631e8bf880476a4b\gpedit.dll  (size mismatch) 566784/1058816 bytes executable
File    C:\Windows\WinSxS\x86_microsoft-windows-grouppolicy-gptext_31bf3856ad364e35_6.3.9600.17415_none_cc3c2bedaa66d1dc\gptext.dll      (size mismatch) 199680/19968 bytes executable

---- EOF - GMER 2.2 ----