GMER 2.1.19163 - http://www.gmer.net
Rootkit scan 2014-09-30 20:26:04
Windows 6.2.9200  x64 \Device\Harddisk0\DR0 -> \Device\00000026 ST9250315AS rev.0010LVM1 232,89GB
Running: m57g1hli.exe; Driver: C:\Users\Adrian\AppData\Local\Temp\ugldipod.sys


---- User code sections - GMER 2.1 ----

.text  C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe[4920] C:\WINDOWS\system32\psapi.dll!GetModuleBaseNameA + 506  00007ffa7721169a 4 bytes [21, 77, FA, 7F]
.text  C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe[4920] C:\WINDOWS\system32\psapi.dll!GetModuleBaseNameA + 514  00007ffa772116a2 4 bytes [21, 77, FA, 7F]
.text  C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe[4920] C:\WINDOWS\system32\psapi.dll!QueryWorkingSet + 118     00007ffa7721181a 4 bytes [21, 77, FA, 7F]
.text  C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe[4920] C:\WINDOWS\system32\psapi.dll!QueryWorkingSet + 142     00007ffa77211832 4 bytes [21, 77, FA, 7F]

---- Registry - GMER 2.1 ----

Reg    HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Kernel\RNG@RNGAuxiliarySeed                                      682920484
Reg    HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Epoch2@Epoch                                                       15
Reg    HKLM\SYSTEM\Setup\Upgrade\NsiMigrationRoot\63\0@Rw                                                                     0x64 0x62 0x03 0x00 ...
Reg    HKLM\SYSTEM\Setup\Upgrade\NsiMigrationRoot\63\0@RwMask                                                                 0x64 0x62 0x03 0x00 ...
Reg    HKCU\Software\Microsoft\Windows\CurrentVersion\Live\Roaming\RegistrarData@LastRenewCollectionsInterest                 0x3B 0x23 0xC2 0x6B ...

---- EOF - GMER 2.1 ----