GMER 2.1.19163 - http://www.gmer.net
Rootkit scan 2013-12-29 13:03:38
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 ST1000DM003-1CH162 rev.CC47 931,51GB
Running: mj6d4bes.exe; Driver: C:\Users\BDZ\AppData\Local\Temp\pwldipob.sys


---- User code sections - GMER 2.1 ----

.text   C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe[1924] C:\Windows\syswow64\kernel32.dll!SetUnhandledExceptionFilter                    00000000760d8769 4 bytes [C2, 04, 00, 00]
.text   C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe[1924] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 69                         0000000076621465 2 bytes [62, 76]
.text   C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe[1924] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 155                        00000000766214bb 2 bytes [62, 76]
.text   ...                                                                                                                                          * 2
.text   C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe[2092] C:\Windows\syswow64\kernel32.dll!SetUnhandledExceptionFilter               00000000760d8769 5 bytes [33, C0, C2, 04, 00]
.text   C:\Users\BDZ\AppData\Roaming\minerd\bfgminer.exe[2420] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69                               0000000076621465 2 bytes [62, 76]
.text   C:\Users\BDZ\AppData\Roaming\minerd\bfgminer.exe[2420] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155                              00000000766214bb 2 bytes [62, 76]
.text   ...                                                                                                                                          * 2
.text   C:\Program Files (x86)\Bamboo Dock\BambooCore.exe[2436] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69                              0000000076621465 2 bytes [62, 76]
.text   C:\Program Files (x86)\Bamboo Dock\BambooCore.exe[2436] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155                             00000000766214bb 2 bytes [62, 76]
.text   ...                                                                                                                                          * 2
.text   C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin[2544] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69                    0000000076621465 2 bytes [62, 76]
.text   C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin[2544] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155                   00000000766214bb 2 bytes [62, 76]
.text   ...                                                                                                                                          * 2
.text   C:\Windows\SysWOW64\PnkBstrA.exe[2316] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 322                                                      0000000071811a22 2 bytes [81, 71]
.text   C:\Windows\SysWOW64\PnkBstrA.exe[2316] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 496                                                      0000000071811ad0 2 bytes [81, 71]
.text   C:\Windows\SysWOW64\PnkBstrA.exe[2316] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 552                                                      0000000071811b08 2 bytes [81, 71]
.text   C:\Windows\SysWOW64\PnkBstrA.exe[2316] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 730                                                      0000000071811bba 2 bytes [81, 71]
.text   C:\Windows\SysWOW64\PnkBstrA.exe[2316] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 762                                                      0000000071811bda 2 bytes [81, 71]

---- Registry - GMER 2.1 ----

Reg     HKLM\SYSTEM\CurrentControlSet\services\rdyboost\Parameters@ReadyBootPlanAge                                                                  1

---- Devices - GMER 2.1 ----

Device  \Driver\GPCIDrv \Device\GPCIDrv64                                                                                                            fffff88009d730e4

---- Registry - GMER 2.1 ----

Reg     HKLM\SYSTEM\CurrentControlSet\Control\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}\{523F9BDA-EF1E-4A0B-9DD2-E4A38D36EB9E}\Connection@Name  isatap.{FAEE8818-93FA-4827-882C-192463E02384}
Reg     HKLM\SYSTEM\CurrentControlSet\Control\Network\{4d36e975-e325-11ce-bfc1-08002be10318}\{2B07FAA1-8217-4E30-B5EC-FD4501E773BB}\Linkage@Bind     \Device\{856BE372-AC64-4E63-BC5F-00DC72BB9074}?\Device\{072C8D0E-3762-42F3-AC9E-C31AE939CDF2}?\Device\{523F9BDA-EF1E-4A0B-9DD2-E4A38D36EB9E}?\Device\{3A319314-E871-44CC-B6FA-14EF83B2EB27}?
Reg     HKLM\SYSTEM\CurrentControlSet\Control\Network\{4d36e975-e325-11ce-bfc1-08002be10318}\{2B07FAA1-8217-4E30-B5EC-FD4501E773BB}\Linkage@Route    "{856BE372-AC64-4E63-BC5F-00DC72BB9074}"?"{072C8D0E-3762-42F3-AC9E-C31AE939CDF2}"?"{523F9BDA-EF1E-4A0B-9DD2-E4A38D36EB9E}"?"{3A319314-E871-44CC-B6FA-14EF83B2EB27}"?
Reg     HKLM\SYSTEM\CurrentControlSet\Control\Network\{4d36e975-e325-11ce-bfc1-08002be10318}\{2B07FAA1-8217-4E30-B5EC-FD4501E773BB}\Linkage@Export   \Device\TCPIP6TUNNEL_{856BE372-AC64-4E63-BC5F-00DC72BB9074}?\Device\TCPIP6TUNNEL_{072C8D0E-3762-42F3-AC9E-C31AE939CDF2}?\Device\TCPIP6TUNNEL_{523F9BDA-EF1E-4A0B-9DD2-E4A38D36EB9E}?\Device\TCPIP6TUNNEL_{3A319314-E871-44CC-B6FA-14EF83B2EB27}?
Reg     HKLM\SYSTEM\CurrentControlSet\services\iphlpsvc\Parameters\Isatap\{523F9BDA-EF1E-4A0B-9DD2-E4A38D36EB9E}@InterfaceName                       isatap.{FAEE8818-93FA-4827-882C-192463E02384}
Reg     HKLM\SYSTEM\CurrentControlSet\services\iphlpsvc\Parameters\Isatap\{523F9BDA-EF1E-4A0B-9DD2-E4A38D36EB9E}@ReusableType                        0

---- EOF - GMER 2.1 ----