GMER 2.2.19882 - http://www.gmer.net
Rootkit scan 2017-03-10 13:18:14
Windows 6.2.9200  x64 \Device\Harddisk0\DR0 -> \Device\00000022 TOSHIBA_MQ01ABF050 rev.AM0P2C 465,76GB
Running: gmer.exe; Driver: C:\Users\JANUSZ~1\AppData\Local\Temp\kxldypog.sys


---- Kernel code sections - GMER 2.2 ----

.text   C:\Windows\System32\win32k.sys!W32pServiceTable                                                     fffff96000114800 15 bytes [C0, BB, ED, 01, 40, 02, 6A, ...]
.text   C:\Windows\System32\win32k.sys!W32pServiceTable + 16                                                fffff96000114810 11 bytes [00, 7E, FC, FF, 00, A7, B2, ...]

---- Threads - GMER 2.2 ----

Thread  C:\Windows\system32\csrss.exe [696:7420]                                                            fffff960009372d0

---- Registry - GMER 2.2 ----

Reg     HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Configuration Manager\Defrag@TotalBytesSaved  0x00 0x30 0x70 0x00 ...
Reg     HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Kernel\RNG@RNGAuxiliarySeed                   128348591
Reg     HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\48e2442d6aa0                         
Reg     HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\48e2442d6aa0@94ce2c1909b3            0x43 0xD8 0x67 0x10 ...
Reg     HKCU\Software\Microsoft\Windows\CurrentVersion\Store@LastTileRefresh                                0x90 0x99 0x44 0x90 ...
Reg     HKCU\Software\Microsoft\Windows\CurrentVersion\Store\RefreshBannedAppList@BannedAppsLastModified    0x80 0x18 0xE2 0x61 ...

---- Disk sectors - GMER 2.2 ----

Disk    \Device\Harddisk0\DR0                                                                               unknown MBR code

---- EOF - GMER 2.2 ----