GMER 2.2.19882 - http://www.gmer.net
Rootkit scan 2017-01-03 21:12:36
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 SAMSUNG_ rev.2AJ1 298,09GB
Running: stewj5o4.exe; Driver: C:\Users\Ola\AppData\Local\Temp\pfldapod.sys


---- Kernel code sections - GMER 2.2 ----

.text  C:\Windows\System32\win32k.sys!EngSetLastError + 628                                                                            fffff96000124994 8 bytes [D0, 6B, 52, 04, 80, F8, FF, ...]
.text  C:\Windows\System32\win32k.sys!W32pServiceTable                                                                                 fffff96000153c00 7 bytes [00, 96, F3, FF, 01, A2, F0]
.text  C:\Windows\System32\win32k.sys!W32pServiceTable + 8                                                                             fffff96000153c08 3 bytes [C0, 06, 02]

---- User code sections - GMER 2.2 ----

.text  C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe[3748] C:\Windows\system32\KERNELBASE.dll!CreateRemoteThreadEx + 626  000007fefd539c82 4 bytes {CALL QWORD [RIP+0x190637a]}
.text  C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe[4052] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69           00000000757f1465 2 bytes [7F, 75]
.text  C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe[4052] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155          00000000757f14bb 2 bytes [7F, 75]
.text  ...                                                                                                                             * 2
.text  C:\Program Files\AVAST Software\Avast\avastui.exe[244] C:\Windows\syswow64\kernel32.dll!SetUnhandledExceptionFilter             00000000754187b1 8 bytes [31, C0, C2, 04, 00, 90, 90, ...]

---- Registry - GMER 2.2 ----

Reg    HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\889ffab28dd5                                                     
Reg    HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\889ffab28dd5@48dcfbf1971c                                        0x34 0x65 0xCB 0x04 ...
Reg    HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\889ffab28dd5@c8979fb5db74                                        0xD6 0x16 0x57 0x03 ...
Reg    HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\889ffab28dd5@7ce9d3c986f8                                        0x5D 0x8F 0x8F 0x91 ...
Reg    HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\889ffab28dd5@a4ebd32fe3cc                                        0xFD 0xA6 0xB9 0xC9 ...
Reg    HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Epoch@Epoch                                                                 75372
Reg    HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\889ffab28dd5 (not active ControlSet)                                 
Reg    HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\889ffab28dd5@48dcfbf1971c                                            0x34 0x65 0xCB 0x04 ...
Reg    HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\889ffab28dd5@c8979fb5db74                                            0xD6 0x16 0x57 0x03 ...
Reg    HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\889ffab28dd5@7ce9d3c986f8                                            0x5D 0x8F 0x8F 0x91 ...
Reg    HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\889ffab28dd5@a4ebd32fe3cc                                            0xFD 0xA6 0xB9 0xC9 ...

---- EOF - GMER 2.2 ----