GMER 2.1.19163 - http://www.gmer.net Rootkit scan 2014-10-01 01:08:42 Windows 6.2.9200 x64 \Device\Harddisk0\DR0 -> \Device\00000026 ST9250315AS rev.0010LVM1 232,89GB Running: m57g1hli.exe; Driver: C:\Users\Adrian\AppData\Local\Temp\ugldipod.sys ---- Threads - GMER 2.1 ---- Thread C:\WINDOWS\system32\csrss.exe [448:480] fffff96000910b90 Thread C:\WINDOWS\system32\svchost.exe [1020:1144] 00007ffcd9b62b90 Thread C:\WINDOWS\system32\svchost.exe [1020:1616] 00007ffcd9b667bc Thread C:\WINDOWS\system32\svchost.exe [1020:1996] 00007ffcd1e72110 Thread C:\WINDOWS\system32\svchost.exe [1020:1392] 00007ffcd1971584 Thread C:\WINDOWS\system32\svchost.exe [1020:1436] 00007ffcd1911b30 Thread C:\WINDOWS\system32\svchost.exe [1020:2184] 00007ffcd0784608 Thread C:\WINDOWS\system32\svchost.exe [1020:3176] 00007ffcd0781040 Thread C:\WINDOWS\Explorer.EXE [2268:2964] 00007ffcde4d7ea8 Thread C:\WINDOWS\Explorer.EXE [2268:3052] 00007ffccc3117a0 Thread C:\WINDOWS\Explorer.EXE [2268:3848] 00007ffcd810d6bc Thread C:\WINDOWS\Explorer.EXE [2268:2764] 00007ffcd8108c54 Thread C:\WINDOWS\Explorer.EXE [2268:3248] 00007ffcd810d6bc Thread C:\WINDOWS\Explorer.EXE [2268:3400] 00007ffcd810d6bc Thread C:\WINDOWS\Explorer.EXE [2268:3976] 00007ffcd810d6bc Thread C:\WINDOWS\Explorer.EXE [2268:3612] 00007ffcd04a1120 Thread C:\WINDOWS\Explorer.EXE [2268:704] 00007ffcd810d6bc Thread C:\WINDOWS\Explorer.EXE [2268:3900] 00007ffcd810d6bc Thread C:\WINDOWS\Explorer.EXE [2268:3916] 00007ffcd810d6bc Thread C:\WINDOWS\Explorer.EXE [2268:356] 00007ffcd810d6bc Thread C:\Windows\System32\skydrive.exe [3064:624] 00007ffcda5764f4 Thread C:\Windows\System32\skydrive.exe [3064:2616] 00007ffcc9523ad0 Thread C:\Windows\System32\skydrive.exe [3064:2636] 00007ffcc9523ad0 Thread C:\Windows\System32\skydrive.exe [3064:2748] 00007ffcce946780 Thread C:\Windows\System32\skydrive.exe [3064:2088] 00007ffcc941fb38 ---- Registry - GMER 2.1 ---- Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Kernel\RNG@RNGAuxiliarySeed -117358695 Reg HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{59DE0B55-5971-4AF0-B834-2F7EBB1F305B}@LeaseObtainedTime 1412113913 Reg HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{59DE0B55-5971-4AF0-B834-2F7EBB1F305B}@T1 1412115713 Reg HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{59DE0B55-5971-4AF0-B834-2F7EBB1F305B}@T2 1412117063 Reg HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{59DE0B55-5971-4AF0-B834-2F7EBB1F305B}@LeaseTerminatesTime 1412117513 Reg HKLM\SYSTEM\Setup\Upgrade\NsiMigrationRoot\63\0@Rw 0x64 0x62 0x03 0x00 ... Reg HKLM\SYSTEM\Setup\Upgrade\NsiMigrationRoot\63\0@RwMask 0x64 0x62 0x03 0x00 ... ---- EOF - GMER 2.1 ----