GMER 2.2.19882 - http://www.gmer.net
Rootkit scan 2017-03-26 10:37:11
Windows 6.2.9200  x64 \Device\Harddisk0\DR0 -> \Device\00000038 PLEXTOR_PX-256M6S rev.1.03 238,47GB
Running: 5lhjdxiu.exe; Driver: C:\Users\Tomek\AppData\Local\Temp\uglcipow.sys


---- Threads - GMER 2.2 ----

Thread   C:\WINDOWS\system32\csrss.exe [700:1016]                                                                ffffcd5c64d36c20
Thread   C:\WINDOWS\Explorer.EXE [5408:6396]                                                                     00007ffa9dfe20e0

---- Services - GMER 2.2 ----

Service  C:\WINDOWS\system32\drivers\6324BA20.sys (*** hidden *** )                                              [BOOT] 6324BA20           <-- ROOTKIT !!!

---- Registry - GMER 2.2 ----

Reg      HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\kernel\RNG@RNGAuxiliarySeed                       -15941391
Reg      HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\8019344c2dbc                             
Reg      HKLM\SYSTEM\Setup\Upgrade\NsiMigrationRoot\62\0@Rw                                                      0x64 0x62 0x03 0x00 ...
Reg      HKLM\SYSTEM\Setup\Upgrade\NsiMigrationRoot\62\0@RwMask                                                  0x64 0x62 0x03 0x00 ...
Reg      HKLM\SYSTEM\Setup\Upgrade\NsiMigrationRoot\62\1@Rw                                                      0x64 0x62 0x03 0x00 ...
Reg      HKLM\SYSTEM\Setup\Upgrade\NsiMigrationRoot\62\1@RwMask                                                  0x64 0x62 0x03 0x00 ...
Reg      HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Live\Roaming\RegistrarData@LastRenewCollectionsInterest  0x92 0x87 0x85 0xC8 ...

---- Disk sectors - GMER 2.2 ----

Disk     \Device\Harddisk0\DR0                                                                                   unknown MBR code

---- EOF - GMER 2.2 ----