GMER 2.1.19357 - http://www.gmer.net
Rootkit scan 2015-02-21 12:03:48
Windows 6.2.9200  x64 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 SAMSUNG_HD502HI rev.1AG01118 465,76GB
Running: y1uktrlo.exe; Driver: C:\Users\Mateusz\AppData\Local\Temp\uxldapog.sys


---- Kernel code sections - GMER 2.1 ----

.text   C:\Windows\System32\win32k.sys!W32pServiceTable                                                fffff960001f0200 15 bytes [00, 65, F4, 01, 80, 7D, 6A, ...]
.text   C:\Windows\System32\win32k.sys!W32pServiceTable + 17                                           fffff960001f0211 10 bytes [F3, FB, FF, 00, 17, C7, 00, ...]

---- User code sections - GMER 2.1 ----

.text   C:\Program Files\CCleaner\CCleaner64.exe[3788] C:\Windows\system32\USER32.dll!ShowScrollBar    00007ffe822f1130 5 bytes JMP 00007fff02360018
.text   C:\Program Files\CCleaner\CCleaner64.exe[3788] C:\Windows\system32\USER32.dll!SetScrollInfo    00007ffe822f6ff0 5 bytes JMP 00007fff02310018
.text   C:\Program Files\CCleaner\CCleaner64.exe[3788] C:\Windows\system32\USER32.dll!GetScrollInfo    00007ffe823008bc 5 bytes JMP 00007fff02320018
.text   C:\Program Files\CCleaner\CCleaner64.exe[3788] C:\Windows\system32\USER32.dll!SetScrollRange   00007ffe8230e1e8 5 bytes JMP 00007fff02350018
.text   C:\Program Files\CCleaner\CCleaner64.exe[3788] C:\Windows\system32\USER32.dll!GetScrollPos     00007ffe8231ff10 5 bytes JMP 00007fff02330018
.text   C:\Program Files\CCleaner\CCleaner64.exe[3788] C:\Windows\system32\USER32.dll!EnableScrollBar  00007ffe82328d80 5 bytes JMP 00007fff02340018
.text   C:\Program Files\CCleaner\CCleaner64.exe[3788] C:\Windows\system32\USER32.dll!SetScrollPos     00007ffe82329c10 5 bytes JMP 00007fff023a0018
.text   C:\Program Files\CCleaner\CCleaner64.exe[3788] C:\Windows\system32\USER32.dll!GetScrollRange   00007ffe8237a4bc 5 bytes JMP 00007fff02390018

---- Threads - GMER 2.1 ----

Thread  C:\Windows\system32\csrss.exe [512:548]                                                        fffff9600084ab90

---- Registry - GMER 2.1 ----

Reg     HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Kernel\RNG@RNGAuxiliarySeed              -246229769
Reg     HKLM\SYSTEM\CurrentControlSet\Services\rdyboost\Parameters@ReadyBootPlanAge                    1
Reg     HKLM\SYSTEM\CurrentControlSet\Services\rdyboost\Parameters@LastBootPlanUserTime                ?Wt?, ?lut ?17 ?15, 10:07:36???????????????????????????????????

---- EOF - GMER 2.1 ----