GMER 2.2.19882 - http://www.gmer.net
Rootkit scan 2016-12-06 12:58:47
Windows 6.2.9200  x64 \Device\Harddisk0\DR0 -> \Device\00000029 WDC_WD10JPCX-24UE4T0 rev.01.01A01 931.51GB
Running: 8kjy9mjw.exe; Driver: C:\Users\lenovo\AppData\Local\Temp\pxryrpog.sys


---- User code sections - GMER 2.2 ----

.text   C:\Program Files\CCleaner\CCleaner64.exe[3224] C:\Windows\system32\USER32.dll!ShowScrollBar                       00007ff9dccd1150 5 bytes JMP 00007ff95cd40018
.text   C:\Program Files\CCleaner\CCleaner64.exe[3224] C:\Windows\system32\USER32.dll!SetScrollInfo                       00007ff9dccdc760 5 bytes JMP 00007ff95ccf0018
.text   C:\Program Files\CCleaner\CCleaner64.exe[3224] C:\Windows\system32\USER32.dll!GetScrollInfo                       00007ff9dcce66e0 5 bytes JMP 00007ff95cd00018
.text   C:\Program Files\CCleaner\CCleaner64.exe[3224] C:\Windows\system32\USER32.dll!SetScrollRange                      00007ff9dcce90b0 5 bytes JMP 00007ff95cd10018
.text   C:\Program Files\CCleaner\CCleaner64.exe[3224] C:\Windows\system32\USER32.dll!SetScrollPos                        00007ff9dcd050d0 5 bytes JMP 00007ff95cd80018
.text   C:\Program Files\CCleaner\CCleaner64.exe[3224] C:\Windows\system32\USER32.dll!EnableScrollBar                     00007ff9dcd07340 5 bytes JMP 00007ff95cd20018
.text   C:\Program Files\CCleaner\CCleaner64.exe[3224] C:\Windows\system32\USER32.dll!GetScrollPos                        00007ff9dcd0fcc0 5 bytes JMP 00007ff95cd30018
.text   C:\Program Files\CCleaner\CCleaner64.exe[3224] C:\Windows\system32\USER32.dll!GetScrollRange                      00007ff9dcd5edf0 5 bytes JMP 00007ff95cd70018

---- Threads - GMER 2.2 ----

Thread  C:\Windows\system32\csrss.exe [536:568]                                                                           fffff960008c52d0

---- Registry - GMER 2.2 ----

Reg     HKLM\SYSTEM\CurrentControlSet\Control\MUI\StringCacheSettings@StringCacheGeneration                               371
Reg     HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Kernel\RNG@RNGAuxiliarySeed                                 -1131828019
Reg     HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\38b1dbe001a0                                       
Reg     HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\38b1dbe08270                                       
Reg     HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\707781173804                                       
Reg     HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\acd1b8773f12                                       
Reg     HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\d05349e880f4                                       
Reg     HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\d05349ea4a54                                       
Reg     HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\d05349ea9e0e                                       
Reg     HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Epoch@Epoch                                                   2863
Reg     HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Epoch2@Epoch                                                  931
Reg     HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}\iexplore@Count    253
Reg     HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}\iexplore@Blocked  253

---- EOF - GMER 2.2 ----