GMER 2.2.19882 - http://www.gmer.net Rootkit scan 2017-06-17 20:55:53 Windows 6.2.9200 x64 \Device\Harddisk0\DR0 -> \Device\00000026 ST9320421ASG rev.SD13 298,09GB Running: bfm1u7q6.exe; Driver: C:\Users\Kotek\AppData\Local\Temp\pwriqpoc.sys ---- Kernel code sections - GMER 2.2 ---- .text C:\Windows\System32\win32k.sys!W32pServiceTable fffff96000078a00 15 bytes [00, 2E, F4, 01, 80, A0, 6E, ...] .text C:\Windows\System32\win32k.sys!W32pServiceTable + 17 fffff96000078a11 10 bytes [5E, FC, FF, 00, BB, C7, 00, ...] ---- User IAT/EAT - GMER 2.2 ---- IAT C:\Windows\system32\dwm.exe[784] @ C:\Windows\system32\uDWM.dll[USER32.dll!DrawTextW] [7ff9aab4fc10] C:\AeroGlass\dwmglass.dll IAT C:\Windows\system32\dwm.exe[784] @ C:\Windows\system32\uDWM.dll[GDI32.dll!CreateRoundRectRgn] [7ff9aab4fbe0] C:\AeroGlass\dwmglass.dll IAT C:\Windows\system32\dwm.exe[784] @ C:\Windows\system32\uDWM.dll[GDI32.dll!CreateBitmap] [7ff9aab4fe80] C:\AeroGlass\dwmglass.dll IAT C:\Windows\Explorer.EXE[1224] @ C:\Windows\Explorer.EXE[USER32.dll!GetWindowBand] [68d7b4e0] C:\Program Files (x86)\StartIsBack\StartIsBack64.dll IAT C:\Windows\Explorer.EXE[1224] @ C:\Windows\Explorer.EXE[USER32.dll!PeekMessageW] [68d96cb0] C:\Program Files (x86)\StartIsBack\StartIsBack64.dll IAT C:\Windows\Explorer.EXE[1224] @ C:\Windows\Explorer.EXE[USER32.dll!TileWindows] [68d7b480] C:\Program Files (x86)\StartIsBack\StartIsBack64.dll IAT C:\Windows\Explorer.EXE[1224] @ C:\Windows\Explorer.EXE[USER32.dll!CascadeWindows] [68d7b420] C:\Program Files (x86)\StartIsBack\StartIsBack64.dll IAT C:\Windows\Explorer.EXE[1224] @ C:\Windows\Explorer.EXE[dwmapi.dll!DwmEnableBlurBehindWindow] [68d947a0] C:\Program Files (x86)\StartIsBack\StartIsBack64.dll IAT C:\Windows\Explorer.EXE[1224] @ C:\Windows\Explorer.EXE[dwmapi.dll!DwmSetWindowAttribute] [68d7b1d0] C:\Program Files (x86)\StartIsBack\StartIsBack64.dll IAT C:\Windows\Explorer.EXE[1224] @ C:\Windows\system32\SHELL32.dll[GDI32.dll!ExtTextOutW] [7ff9aa1f1120] C:\Windows\System32\painter_x64.dll IAT C:\Windows\Explorer.EXE[1224] @ C:\Windows\SYSTEM32\DUI70.dll[KERNEL32.dll!FindResourceW] [7ff9abe92170] C:\Windows\system32\OldNewExplorer64.dll IAT C:\Windows\Explorer.EXE[1224] @ C:\Windows\SYSTEM32\twinui.dll[USER32.dll!GetSystemMetrics] [68d79f00] C:\Program Files (x86)\StartIsBack\StartIsBack64.dll IAT C:\Windows\Explorer.EXE[1224] @ C:\Windows\SYSTEM32\twinui.dll[USER32.dll!PostMessageW] [68d95410] C:\Program Files (x86)\StartIsBack\StartIsBack64.dll IAT C:\Windows\Explorer.EXE[1224] @ C:\Windows\SYSTEM32\twinui.dll[USER32.dll!TrackPopupMenu] [68d956f0] C:\Program Files (x86)\StartIsBack\StartIsBack64.dll IAT C:\Windows\Explorer.EXE[1224] @ C:\Windows\SYSTEM32\twinui.dll[USER32.dll!SetCursorPos] [68d95890] C:\Program Files (x86)\StartIsBack\StartIsBack64.dll IAT C:\Windows\Explorer.EXE[1224] @ C:\Windows\SYSTEM32\twinui.dll[dwmapi.dll!DwmSetWindowAttribute] [68d958e0] C:\Program Files (x86)\StartIsBack\StartIsBack64.dll IAT C:\Windows\explorer.exe[1632] @ C:\Windows\system32\SHELL32.dll[GDI32.dll!ExtTextOutW] [7ff9aa1f1120] C:\Windows\System32\painter_x64.dll IAT C:\Windows\explorer.exe[1632] @ C:\Windows\System32\DUI70.dll[KERNEL32.dll!FindResourceW] [7ff9abe92170] C:\Windows\system32\OldNewExplorer64.dll IAT C:\Windows\system32\taskmgr.exe[3852] @ C:\Windows\system32\DUI70.dll[KERNEL32.dll!FindResourceW] [7ff9abe92170] C:\Windows\system32\OldNewExplorer64.dll IAT C:\Windows\system32\mmc.exe[1188] @ C:\Windows\system32\DUI70.dll[KERNEL32.dll!FindResourceW] [7ff9abe92170] C:\Windows\system32\OldNewExplorer64.dll IAT C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[3444] @ C:\Windows\system32\DUI70.dll[KERNEL32.dll!FindResourceW] [7ff9abe92170] C:\Windows\system32\OldNewExplorer64.dll IAT C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1508] @ C:\Windows\system32\SHELL32.dll[USER32.dll!RegisterClassW] [7ff9b282002c] IAT C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1508] @ C:\Windows\system32\SHELL32.dll[GDI32.dll!GetStockObject] [7ff9b4c9006c] IAT C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1508] @ C:\Windows\system32\USER32.dll[GDI32.dll!GdiDllInitialize] [7ff9b4c9002c] IAT C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1508] @ C:\Windows\system32\USER32.dll[GDI32.dll!GetStockObject] [7ff9b4c9006c] IAT C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1508] @ C:\Windows\system32\SHLWAPI.dll[USER32.dll!RegisterClassW] [7ff9b282002c] IAT C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1508] @ C:\Windows\system32\SHLWAPI.dll[GDI32.dll!GetStockObject] [7ff9b4c9006c] IAT C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1508] @ C:\Windows\system32\MSCTF.dll[GDI32.dll!GetStockObject] [7ff9b4c9006c] IAT C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1508] @ C:\Windows\system32\ole32.dll[GDI32.dll!GetStockObject] [7ff9b4c9006c] IAT C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1508] @ C:\Windows\system32\ole32.dll[USER32.dll!RegisterClassW] [7ff9b282002c] IAT C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1508] @ C:\Windows\system32\COMDLG32.dll[USER32.dll!RegisterClassW] [7ff9b282002c] IAT C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1508] @ C:\Windows\system32\COMDLG32.dll[GDI32.dll!GetStockObject] [7ff9b4c9006c] IAT C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1508] @ C:\Windows\SYSTEM32\DWrite.dll[ntdll.dll!NtAlpcConnectPort] [7ff98ccd2730] C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.110\chrome_child.dll IAT C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1508] @ C:\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb\COMCTL32.dll[GDI32.dll!GetStockObject] [7ff9b4c9006c] IAT C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1508] @ C:\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb\COMCTL32.dll[USER32.dll!RegisterClassW] [7ff9b282002c] IAT C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[3512] @ C:\Windows\system32\SHELL32.dll[USER32.dll!RegisterClassW] [7ff9b282002c] IAT C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[3512] @ C:\Windows\system32\SHELL32.dll[GDI32.dll!GetStockObject] [7ff9b4c9006c] IAT C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[3512] @ C:\Windows\system32\USER32.dll[GDI32.dll!GdiDllInitialize] [7ff9b4c9002c] IAT C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[3512] @ C:\Windows\system32\USER32.dll[GDI32.dll!GetStockObject] [7ff9b4c9006c] IAT C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[3512] @ C:\Windows\system32\SHLWAPI.dll[USER32.dll!RegisterClassW] [7ff9b282002c] IAT C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[3512] @ C:\Windows\system32\SHLWAPI.dll[GDI32.dll!GetStockObject] [7ff9b4c9006c] IAT C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[3512] @ C:\Windows\system32\MSCTF.dll[GDI32.dll!GetStockObject] [7ff9b4c9006c] IAT C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[3512] @ C:\Windows\system32\ole32.dll[GDI32.dll!GetStockObject] [7ff9b4c9006c] IAT C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[3512] @ C:\Windows\system32\ole32.dll[USER32.dll!RegisterClassW] [7ff9b282002c] IAT C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[3512] @ C:\Windows\system32\COMDLG32.dll[USER32.dll!RegisterClassW] [7ff9b282002c] IAT C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[3512] @ C:\Windows\system32\COMDLG32.dll[GDI32.dll!GetStockObject] [7ff9b4c9006c] IAT C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[3512] @ C:\Windows\SYSTEM32\DWrite.dll[ntdll.dll!NtAlpcConnectPort] [7ff98ccd2730] C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.110\chrome_child.dll IAT C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[3512] @ C:\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb\COMCTL32.dll[GDI32.dll!GetStockObject] [7ff9b4c9006c] IAT C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[3512] @ C:\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb\COMCTL32.dll[USER32.dll!RegisterClassW] [7ff9b282002c] IAT C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[2304] @ C:\Windows\system32\SHELL32.dll[USER32.dll!RegisterClassW] [7ff9b282002c] IAT C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[2304] @ C:\Windows\system32\SHELL32.dll[GDI32.dll!GetStockObject] [7ff9b4c9006c] IAT C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[2304] @ C:\Windows\system32\USER32.dll[GDI32.dll!GdiDllInitialize] [7ff9b4c9002c] IAT C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[2304] @ C:\Windows\system32\USER32.dll[GDI32.dll!GetStockObject] [7ff9b4c9006c] IAT C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[2304] @ C:\Windows\system32\SHLWAPI.dll[USER32.dll!RegisterClassW] [7ff9b282002c] IAT C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[2304] @ C:\Windows\system32\SHLWAPI.dll[GDI32.dll!GetStockObject] [7ff9b4c9006c] IAT C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[2304] @ C:\Windows\system32\MSCTF.dll[GDI32.dll!GetStockObject] [7ff9b4c9006c] IAT C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[2304] @ C:\Windows\system32\ole32.dll[GDI32.dll!GetStockObject] [7ff9b4c9006c] IAT C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[2304] @ C:\Windows\system32\ole32.dll[USER32.dll!RegisterClassW] [7ff9b282002c] IAT C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[2304] @ C:\Windows\system32\COMDLG32.dll[USER32.dll!RegisterClassW] [7ff9b282002c] IAT C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[2304] @ C:\Windows\system32\COMDLG32.dll[GDI32.dll!GetStockObject] [7ff9b4c9006c] IAT C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[2304] @ C:\Windows\SYSTEM32\DWrite.dll[ntdll.dll!NtAlpcConnectPort] [7ff98ccd2730] C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.110\chrome_child.dll IAT C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[2304] @ C:\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb\COMCTL32.dll[GDI32.dll!GetStockObject] [7ff9b4c9006c] IAT C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[2304] @ C:\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb\COMCTL32.dll[USER32.dll!RegisterClassW] [7ff9b282002c] IAT C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[2676] @ C:\Windows\system32\SHELL32.dll[USER32.dll!RegisterClassW] [7ff9b282002c] IAT C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[2676] @ C:\Windows\system32\SHELL32.dll[GDI32.dll!GetStockObject] [7ff9b4c9006c] IAT C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[2676] @ C:\Windows\system32\USER32.dll[GDI32.dll!GdiDllInitialize] [7ff9b4c9002c] IAT C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[2676] @ C:\Windows\system32\USER32.dll[GDI32.dll!GetStockObject] [7ff9b4c9006c] IAT C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[2676] @ C:\Windows\system32\SHLWAPI.dll[USER32.dll!RegisterClassW] [7ff9b282002c] IAT C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[2676] @ C:\Windows\system32\SHLWAPI.dll[GDI32.dll!GetStockObject] [7ff9b4c9006c] IAT C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[2676] @ C:\Windows\system32\MSCTF.dll[GDI32.dll!GetStockObject] [7ff9b4c9006c] IAT C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[2676] @ C:\Windows\system32\ole32.dll[GDI32.dll!GetStockObject] [7ff9b4c9006c] IAT C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[2676] @ C:\Windows\system32\ole32.dll[USER32.dll!RegisterClassW] [7ff9b282002c] IAT C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[2676] @ C:\Windows\system32\COMDLG32.dll[USER32.dll!RegisterClassW] [7ff9b282002c] IAT C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[2676] @ C:\Windows\system32\COMDLG32.dll[GDI32.dll!GetStockObject] [7ff9b4c9006c] IAT C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[2676] @ C:\Windows\SYSTEM32\DWrite.dll[ntdll.dll!NtAlpcConnectPort] [7ff98ccd2730] C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.110\chrome_child.dll IAT C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[2676] @ C:\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb\COMCTL32.dll[GDI32.dll!GetStockObject] [7ff9b4c9006c] IAT C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[2676] @ C:\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb\COMCTL32.dll[USER32.dll!RegisterClassW] [7ff9b282002c] IAT C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[864] @ C:\Windows\system32\SHELL32.dll[USER32.dll!RegisterClassW] [7ff9b282002c] IAT C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[864] @ C:\Windows\system32\SHELL32.dll[GDI32.dll!GetStockObject] [7ff9b4c9006c] IAT C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[864] @ C:\Windows\system32\USER32.dll[GDI32.dll!GdiDllInitialize] [7ff9b4c9002c] IAT C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[864] @ C:\Windows\system32\USER32.dll[GDI32.dll!GetStockObject] [7ff9b4c9006c] IAT C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[864] @ C:\Windows\system32\SHLWAPI.dll[USER32.dll!RegisterClassW] [7ff9b282002c] IAT C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[864] @ C:\Windows\system32\SHLWAPI.dll[GDI32.dll!GetStockObject] [7ff9b4c9006c] IAT C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[864] @ C:\Windows\system32\MSCTF.dll[GDI32.dll!GetStockObject] [7ff9b4c9006c] IAT C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[864] @ C:\Windows\system32\ole32.dll[GDI32.dll!GetStockObject] [7ff9b4c9006c] IAT C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[864] @ C:\Windows\system32\ole32.dll[USER32.dll!RegisterClassW] [7ff9b282002c] IAT C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[864] @ C:\Windows\system32\COMDLG32.dll[USER32.dll!RegisterClassW] [7ff9b282002c] IAT C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[864] @ C:\Windows\system32\COMDLG32.dll[GDI32.dll!GetStockObject] [7ff9b4c9006c] IAT C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[864] @ C:\Windows\SYSTEM32\DWrite.dll[ntdll.dll!NtAlpcConnectPort] [7ff98ccd2730] C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.110\chrome_child.dll IAT C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[864] @ C:\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb\COMCTL32.dll[GDI32.dll!GetStockObject] [7ff9b4c9006c] IAT C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[864] @ C:\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb\COMCTL32.dll[USER32.dll!RegisterClassW] [7ff9b282002c] IAT C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1456] @ C:\Windows\system32\SHELL32.dll[USER32.dll!RegisterClassW] [7ff9b282002c] IAT C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1456] @ C:\Windows\system32\SHELL32.dll[GDI32.dll!GetStockObject] [7ff9b4c9006c] IAT C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1456] @ C:\Windows\system32\USER32.dll[GDI32.dll!GdiDllInitialize] [7ff9b4c9002c] IAT C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1456] @ C:\Windows\system32\USER32.dll[GDI32.dll!GetStockObject] [7ff9b4c9006c] IAT C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1456] @ C:\Windows\system32\SHLWAPI.dll[USER32.dll!RegisterClassW] [7ff9b282002c] IAT C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1456] @ C:\Windows\system32\SHLWAPI.dll[GDI32.dll!GetStockObject] [7ff9b4c9006c] IAT C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1456] @ C:\Windows\system32\MSCTF.dll[GDI32.dll!GetStockObject] [7ff9b4c9006c] IAT C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1456] @ C:\Windows\system32\ole32.dll[GDI32.dll!GetStockObject] [7ff9b4c9006c] IAT C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1456] @ C:\Windows\system32\ole32.dll[USER32.dll!RegisterClassW] [7ff9b282002c] IAT C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1456] @ C:\Windows\system32\COMDLG32.dll[USER32.dll!RegisterClassW] [7ff9b282002c] IAT C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1456] @ C:\Windows\system32\COMDLG32.dll[GDI32.dll!GetStockObject] [7ff9b4c9006c] IAT C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1456] @ C:\Windows\SYSTEM32\DWrite.dll[ntdll.dll!NtAlpcConnectPort] [7ff98ccd2730] C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.110\chrome_child.dll IAT C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1456] @ C:\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb\COMCTL32.dll[GDI32.dll!GetStockObject] [7ff9b4c9006c] IAT C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1456] @ C:\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb\COMCTL32.dll[USER32.dll!RegisterClassW] [7ff9b282002c] IAT C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[3728] @ C:\Windows\system32\SHELL32.dll[USER32.dll!RegisterClassW] [7ff9b282002c] IAT C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[3728] @ C:\Windows\system32\SHELL32.dll[GDI32.dll!GetStockObject] [7ff9b4c9006c] IAT C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[3728] @ C:\Windows\system32\USER32.dll[GDI32.dll!GdiDllInitialize] [7ff9b4c9002c] IAT C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[3728] @ C:\Windows\system32\USER32.dll[GDI32.dll!GetStockObject] [7ff9b4c9006c] IAT C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[3728] @ C:\Windows\system32\SHLWAPI.dll[USER32.dll!RegisterClassW] [7ff9b282002c] IAT C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[3728] @ C:\Windows\system32\SHLWAPI.dll[GDI32.dll!GetStockObject] [7ff9b4c9006c] IAT C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[3728] @ C:\Windows\system32\MSCTF.dll[GDI32.dll!GetStockObject] [7ff9b4c9006c] IAT C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[3728] @ C:\Windows\system32\ole32.dll[GDI32.dll!GetStockObject] [7ff9b4c9006c] IAT C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[3728] @ C:\Windows\system32\ole32.dll[USER32.dll!RegisterClassW] [7ff9b282002c] IAT C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[3728] @ C:\Windows\system32\COMDLG32.dll[USER32.dll!RegisterClassW] [7ff9b282002c] IAT C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[3728] @ C:\Windows\system32\COMDLG32.dll[GDI32.dll!GetStockObject] [7ff9b4c9006c] IAT C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[3728] @ C:\Windows\SYSTEM32\DWrite.dll[ntdll.dll!NtAlpcConnectPort] [7ff98ccd2730] C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.110\chrome_child.dll IAT C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[3728] @ C:\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb\COMCTL32.dll[GDI32.dll!GetStockObject] [7ff9b4c9006c] IAT C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[3728] @ C:\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb\COMCTL32.dll[USER32.dll!RegisterClassW] [7ff9b282002c] IAT C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[3332] @ C:\Windows\system32\SHELL32.dll[USER32.dll!RegisterClassW] [7ff9b282002c] IAT C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[3332] @ C:\Windows\system32\SHELL32.dll[GDI32.dll!GetStockObject] [7ff9b4c9006c] IAT C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[3332] @ C:\Windows\system32\USER32.dll[GDI32.dll!GdiDllInitialize] [7ff9b4c9002c] IAT C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[3332] @ C:\Windows\system32\USER32.dll[GDI32.dll!GetStockObject] [7ff9b4c9006c] IAT C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[3332] @ C:\Windows\system32\SHLWAPI.dll[USER32.dll!RegisterClassW] [7ff9b282002c] IAT C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[3332] @ C:\Windows\system32\SHLWAPI.dll[GDI32.dll!GetStockObject] [7ff9b4c9006c] IAT C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[3332] @ C:\Windows\system32\MSCTF.dll[GDI32.dll!GetStockObject] [7ff9b4c9006c] IAT C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[3332] @ C:\Windows\system32\ole32.dll[GDI32.dll!GetStockObject] [7ff9b4c9006c] IAT C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[3332] @ C:\Windows\system32\ole32.dll[USER32.dll!RegisterClassW] [7ff9b282002c] IAT C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[3332] @ C:\Windows\system32\COMDLG32.dll[USER32.dll!RegisterClassW] [7ff9b282002c] IAT C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[3332] @ C:\Windows\system32\COMDLG32.dll[GDI32.dll!GetStockObject] [7ff9b4c9006c] IAT C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[3332] @ C:\Windows\SYSTEM32\DWrite.dll[ntdll.dll!NtAlpcConnectPort] [7ff98ccd2730] C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.110\chrome_child.dll IAT C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[3332] @ C:\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb\COMCTL32.dll[GDI32.dll!GetStockObject] [7ff9b4c9006c] IAT C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[3332] @ C:\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb\COMCTL32.dll[USER32.dll!RegisterClassW] [7ff9b282002c] IAT C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[3900] @ C:\Windows\system32\SHELL32.dll[USER32.dll!RegisterClassW] [7ff9b282002c] IAT C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[3900] @ C:\Windows\system32\SHELL32.dll[GDI32.dll!GetStockObject] [7ff9b4c9006c] IAT C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[3900] @ C:\Windows\system32\USER32.dll[GDI32.dll!GdiDllInitialize] [7ff9b4c9002c] IAT C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[3900] @ C:\Windows\system32\USER32.dll[GDI32.dll!GetStockObject] [7ff9b4c9006c] IAT C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[3900] @ C:\Windows\system32\SHLWAPI.dll[USER32.dll!RegisterClassW] [7ff9b282002c] IAT C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[3900] @ C:\Windows\system32\SHLWAPI.dll[GDI32.dll!GetStockObject] [7ff9b4c9006c] IAT C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[3900] @ C:\Windows\system32\MSCTF.dll[GDI32.dll!GetStockObject] [7ff9b4c9006c] IAT C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[3900] @ C:\Windows\system32\ole32.dll[GDI32.dll!GetStockObject] [7ff9b4c9006c] IAT C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[3900] @ C:\Windows\system32\ole32.dll[USER32.dll!RegisterClassW] [7ff9b282002c] IAT C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[3900] @ C:\Windows\system32\COMDLG32.dll[USER32.dll!RegisterClassW] [7ff9b282002c] IAT C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[3900] @ C:\Windows\system32\COMDLG32.dll[GDI32.dll!GetStockObject] [7ff9b4c9006c] IAT C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[3900] @ C:\Windows\SYSTEM32\DWrite.dll[ntdll.dll!NtAlpcConnectPort] [7ff98ccd2730] C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.110\chrome_child.dll IAT C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[3900] @ C:\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb\COMCTL32.dll[GDI32.dll!GetStockObject] [7ff9b4c9006c] IAT C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[3900] @ C:\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb\COMCTL32.dll[USER32.dll!RegisterClassW] [7ff9b282002c] IAT C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[3448] @ C:\Windows\system32\SHELL32.dll[USER32.dll!RegisterClassW] [7ff9b282002c] IAT C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[3448] @ C:\Windows\system32\SHELL32.dll[GDI32.dll!GetStockObject] [7ff9b4c9006c] IAT C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[3448] @ C:\Windows\system32\USER32.dll[GDI32.dll!GdiDllInitialize] [7ff9b4c9002c] IAT C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[3448] @ C:\Windows\system32\USER32.dll[GDI32.dll!GetStockObject] [7ff9b4c9006c] IAT C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[3448] @ C:\Windows\system32\SHLWAPI.dll[USER32.dll!RegisterClassW] [7ff9b282002c] IAT C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[3448] @ C:\Windows\system32\SHLWAPI.dll[GDI32.dll!GetStockObject] [7ff9b4c9006c] IAT C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[3448] @ C:\Windows\system32\MSCTF.dll[GDI32.dll!GetStockObject] [7ff9b4c9006c] IAT C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[3448] @ C:\Windows\system32\ole32.dll[GDI32.dll!GetStockObject] [7ff9b4c9006c] IAT C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[3448] @ C:\Windows\system32\ole32.dll[USER32.dll!RegisterClassW] [7ff9b282002c] IAT C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[3448] @ C:\Windows\system32\COMDLG32.dll[USER32.dll!RegisterClassW] [7ff9b282002c] IAT C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[3448] @ C:\Windows\system32\COMDLG32.dll[GDI32.dll!GetStockObject] [7ff9b4c9006c] IAT C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[3448] @ C:\Windows\SYSTEM32\DWrite.dll[ntdll.dll!NtAlpcConnectPort] [7ff98ccd2730] C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.110\chrome_child.dll IAT C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[3448] @ C:\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb\COMCTL32.dll[GDI32.dll!GetStockObject] [7ff9b4c9006c] IAT C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[3448] @ C:\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb\COMCTL32.dll[USER32.dll!RegisterClassW] [7ff9b282002c] IAT C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4076] @ C:\Windows\system32\SHELL32.dll[USER32.dll!RegisterClassW] [7ff9b282002c] IAT C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4076] @ C:\Windows\system32\SHELL32.dll[GDI32.dll!GetStockObject] [7ff9b4c9006c] IAT C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4076] @ C:\Windows\system32\USER32.dll[GDI32.dll!GdiDllInitialize] [7ff9b4c9002c] IAT C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4076] @ C:\Windows\system32\USER32.dll[GDI32.dll!GetStockObject] [7ff9b4c9006c] IAT C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4076] @ C:\Windows\system32\SHLWAPI.dll[USER32.dll!RegisterClassW] [7ff9b282002c] IAT C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4076] @ C:\Windows\system32\SHLWAPI.dll[GDI32.dll!GetStockObject] [7ff9b4c9006c] IAT C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4076] @ C:\Windows\system32\MSCTF.dll[GDI32.dll!GetStockObject] [7ff9b4c9006c] IAT C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4076] @ C:\Windows\system32\ole32.dll[GDI32.dll!GetStockObject] [7ff9b4c9006c] IAT C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4076] @ C:\Windows\system32\ole32.dll[USER32.dll!RegisterClassW] [7ff9b282002c] IAT C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4076] @ C:\Windows\system32\COMDLG32.dll[USER32.dll!RegisterClassW] [7ff9b282002c] IAT C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4076] @ C:\Windows\system32\COMDLG32.dll[GDI32.dll!GetStockObject] [7ff9b4c9006c] IAT C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4076] @ C:\Windows\SYSTEM32\DWrite.dll[ntdll.dll!NtAlpcConnectPort] [7ff98ccd2730] C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.110\chrome_child.dll IAT C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4076] @ C:\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb\COMCTL32.dll[GDI32.dll!GetStockObject] [7ff9b4c9006c] IAT C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4076] @ C:\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb\COMCTL32.dll[USER32.dll!RegisterClassW] [7ff9b282002c] ---- Threads - GMER 2.2 ---- Thread C:\Windows\system32\csrss.exe [496:520] fffff9600097c2d0 Thread C:\Windows\system32\mmc.exe [1188:3980] 00007ff9a99f28c0 ---- Registry - GMER 2.2 ---- Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Kernel\RNG@RNGAuxiliarySeed 1796827265 Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\002556c821b9 Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\002556c821b9@b047bf63aef0 0x76 0x87 0x74 0xBE ... Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\002556c821b9@c07aa5025b51 0x7F 0x89 0x14 0x0B ... ---- EOF - GMER 2.2 ----