GMER 2.1.19357 - http://www.gmer.net
Rootkit scan 2015-10-24 18:20:49
Windows 6.1.7601 Service Pack 1 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0 SAMSUNG_ rev.2AJ1 298,09GB
Running: ld60iow2.exe; Driver: C:\Users\Krzysiek\AppData\Local\Temp\kfldrpoc.sys


---- Kernel code sections - GMER 2.1 ----

.text   ntkrnlpa.exe!ZwReplaceKey + 1525                                                                 81C59B55 1 Byte  [06]
.text   ntkrnlpa.exe!KiDispatchInterrupt + 5A2                                                           81C93BB2 19 Bytes  [E0, 0F, BA, F0, 07, 73, 09, ...] {LOOPNZ 0x11; MOV EDX, 0x97307f0; MOV CR4, EAX; OR AL, 0x80; MOV CR4, EAX; RET ; MOV ECX, CR3}

---- Devices - GMER 2.1 ----

Device  \Driver\BTHUSB \Device\00000078                                                                  bthport.sys
Device  \Driver\BTHUSB \Device\0000007a                                                                  bthport.sys

---- Registry - GMER 2.1 ----

Reg     HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\506313ba2f77                      
Reg     HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\e0ca94373559                      
Reg     HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\506313ba2f77 (not active ControlSet)  
Reg     HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\e0ca94373559 (not active ControlSet)  
Reg     HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\CIT\System\Active               
Reg     HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\CIT\System\Active@3B2A933A      977

---- Disk sectors - GMER 2.1 ----

Disk    \Device\Harddisk0\DR0                                                                            unknown MBR code

---- EOF - GMER 2.1 ----