GMER 2.1.19357 - http://www.gmer.net
Rootkit scan 2015-03-08 15:26:38
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 SAMSUNG_HD155UI rev.1AQ10001 1397,26GB
Running: 81f4z3l6.exe; Driver: C:\Users\Tadek\AppData\Local\Temp\kwddykog.sys


---- User code sections - GMER 2.1 ----

.text  C:\Windows\SysWOW64\PnkBstrA.exe[1636] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 322                                                           0000000071951a22 2 bytes [95, 71]
.text  C:\Windows\SysWOW64\PnkBstrA.exe[1636] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 496                                                           0000000071951ad0 2 bytes [95, 71]
.text  C:\Windows\SysWOW64\PnkBstrA.exe[1636] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 552                                                           0000000071951b08 2 bytes [95, 71]
.text  C:\Windows\SysWOW64\PnkBstrA.exe[1636] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 730                                                           0000000071951bba 2 bytes [95, 71]
.text  C:\Windows\SysWOW64\PnkBstrA.exe[1636] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 762                                                           0000000071951bda 2 bytes [95, 71]
.text  C:\Windows\SysWOW64\PnkBstrA.exe[1636] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69                                                    0000000074e71465 2 bytes [E7, 74]
.text  C:\Windows\SysWOW64\PnkBstrA.exe[1636] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155                                                   0000000074e714bb 2 bytes [E7, 74]
.text  ...                                                                                                                                               * 2

---- Registry - GMER 2.1 ----

Reg    HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\0015830a2b14                                                                       
Reg    HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\0015830a2b14@002403be6de4                                                          0x8C 0x6D 0x8C 0xCB ...
Reg    HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\0015830a2b14 (not active ControlSet)                                                   
Reg    HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\0015830a2b14@002403be6de4                                                              0x8C 0x6D 0x8C 0xCB ...
Reg    HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{71739B86-81B5-CD8B-4EB9-4BA8AD00420F}                                   
Reg    HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{71739B86-81B5-CD8B-4EB9-4BA8AD00420F}@oajkkecgjikpggbmeigdkkpbkmpigj    0x69 0x61 0x65 0x6E ...
Reg    HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{71739B86-81B5-CD8B-4EB9-4BA8AD00420F}@padkehajkeeehihlcijknbopnlgijhao  0x69 0x61 0x65 0x6E ...

---- EOF - GMER 2.1 ----