GMER 2.2.19882 - http://www.gmer.net
Rootkit scan 2016-03-31 20:18:02
Windows 6.2.9200  x64 \Device\Harddisk0\DR0 -> \Device\0000001c ST1000LM024_HN-M101MBB rev.2BA30001 931,51GB
Running: rbhvqi9s.exe; Driver: C:\Users\Sylwia\AppData\Local\Temp\uxldqpog.sys


---- User code sections - GMER 2.2 ----

?       C:\WINDOWS\system32\apphelp.dll [8544] entry point in ".rdata" section               0000000072c20380
?       C:\WINDOWS\system32\apphelp.dll [6704] entry point in ".rdata" section               0000000072c20380
?       C:\Windows\SYSTEM32\ActXPrxy.dll [6704] entry point in ".rdata" section              000000007044bc40
?       C:\WINDOWS\system32\mssprxy.dll [6704] entry point in ".rdata" section               000000006c5ca4e0
?       C:\Windows\SYSTEM32\iertutil.dll [6704] entry point in ".rdata" section              000000007298caf0
?       C:\WINDOWS\SYSTEM32\NTASN1.dll [6704] entry point in ".rdata" section                000000007097bb10
?       C:\WINDOWS\system32\apphelp.dll [10012] entry point in ".rdata" section              0000000072c20380
?       C:\WINDOWS\system32\apphelp.dll [9804] entry point in ".rdata" section               0000000072c20380
?       C:\WINDOWS\system32\apphelp.dll [9012] entry point in ".rdata" section               0000000072c20380
?       C:\WINDOWS\system32\apphelp.dll [9680] entry point in ".rdata" section               0000000072c20380
?       C:\WINDOWS\system32\apphelp.dll [5520] entry point in ".rdata" section               0000000072c20380
?       C:\WINDOWS\system32\apphelp.dll [9120] entry point in ".rdata" section               0000000072c20380
?       C:\WINDOWS\system32\apphelp.dll [2332] entry point in ".rdata" section               0000000072c20380
?       C:\WINDOWS\system32\apphelp.dll [3476] entry point in ".rdata" section               0000000072c20380

---- Threads - GMER 2.2 ----

Thread  C:\WINDOWS\system32\csrss.exe [9584:8708]                                            fffff961ec1e4060

---- Registry - GMER 2.2 ----

Reg     HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\kernel\RNG@RNGAuxiliarySeed    -162176860
Reg     HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\ac7ba17cd480          
Reg     HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Upgrade\LocalRadioSettings            
Reg     HKLM\SYSTEM\CurrentControlSet\Services\W32Time\SecureTimeLimits@SecureTimeEstimated  0x9A 0x53 0x1C 0x9D ...
Reg     HKLM\SYSTEM\CurrentControlSet\Services\W32Time\SecureTimeLimits@SecureTimeHigh       0x9A 0xBB 0xE0 0xFE ...
Reg     HKLM\SYSTEM\CurrentControlSet\Services\W32Time\SecureTimeLimits@SecureTimeLow        0x9A 0xEB 0x57 0x3B ...
Reg     HKLM\SYSTEM\CurrentControlSet\Services\W32Time\SecureTimeLimits@SecureTimeTickCount  0x87 0x44 0x42 0x49 ...
Reg     HKLM\SYSTEM\Setup\Upgrade\NsiMigrationRoot\62\0@Rw                                   0x64 0x62 0x03 0x00 ...
Reg     HKLM\SYSTEM\Setup\Upgrade\NsiMigrationRoot\62\0@RwMask                               0x64 0x62 0x03 0x00 ...
Reg     HKLM\SYSTEM\Setup\Upgrade\NsiMigrationRoot\62\1@Rw                                   0x64 0x62 0x03 0x00 ...
Reg     HKLM\SYSTEM\Setup\Upgrade\NsiMigrationRoot\62\1@RwMask                               0x64 0x62 0x03 0x00 ...

---- EOF - GMER 2.2 ----