GMER 2.1.19357 - http://www.gmer.net Rootkit scan 2015-09-28 18:45:03 Windows 5.1.2600 Dodatek Service Pack 3 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP3T0L0-7 ST3320418AS rev.CC35 298,09GB Running: gvvckiue.exe; Driver: C:\DOCUME~1\ASIAJO~1.000\USTAWI~1\Temp\awtdypog.sys ---- System - GMER 2.1 ---- SSDT \SystemRoot\system32\DRIVERS\avgidsshimx.sys ZwNotifyChangeKey [0xB84896F0] SSDT \SystemRoot\system32\DRIVERS\avgidsshimx.sys ZwNotifyChangeMultipleKeys [0xB8489820] SSDT \SystemRoot\system32\DRIVERS\avgidsshimx.sys ZwOpenProcess [0xB8489010] SSDT \SystemRoot\system32\DRIVERS\avgidsshimx.sys ZwOpenThread [0xB84894E0] SSDT \SystemRoot\system32\DRIVERS\avgidsshimx.sys ZwSuspendProcess [0xB8489300] SSDT \SystemRoot\system32\DRIVERS\avgidsshimx.sys ZwSuspendThread [0xB84893F0] SSDT \SystemRoot\system32\DRIVERS\avgidsshimx.sys ZwTerminateProcess [0xB8489120] SSDT \SystemRoot\system32\DRIVERS\avgidsshimx.sys ZwTerminateThread [0xB8489210] SSDT \SystemRoot\system32\DRIVERS\avgidsshimx.sys ZwWriteVirtualMemory [0xB84895F0] ---- Kernel code sections - GMER 2.1 ---- .text C:\WINDOWS\system32\DRIVERS\nv4_mini.sys section is writeable [0xB76E8360, 0x32B2AD, 0xE8000020] ? C:\WINDOWS\system32\33.tmp Nie można odnaleźć określonego pliku. ! ---- User code sections - GMER 2.1 ---- .text C:\Program Files\Google\Chrome\Application\chrome.exe[232] ntdll.dll!NtCreateFile + 6 7C90D0B4 4 Bytes [28, B0, 2D, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[232] ntdll.dll!NtCreateFile + B 7C90D0B9 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[232] ntdll.dll!NtMapViewOfSection + 6 7C90D524 4 Bytes [28, B3, 2D, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[232] ntdll.dll!NtMapViewOfSection + B 7C90D529 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[232] ntdll.dll!NtOpenFile + 6 7C90D5A4 4 Bytes [68, B0, 2D, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[232] ntdll.dll!NtOpenFile + B 7C90D5A9 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[232] ntdll.dll!NtOpenProcess + 6 7C90D604 4 Bytes [A8, B1, 2D, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[232] ntdll.dll!NtOpenProcess + B 7C90D609 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[232] ntdll.dll!NtOpenProcessToken + 6 7C90D614 4 Bytes CALL 7B9103CA .text C:\Program Files\Google\Chrome\Application\chrome.exe[232] ntdll.dll!NtOpenProcessToken + B 7C90D619 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[232] ntdll.dll!NtOpenProcessTokenEx + 6 7C90D624 4 Bytes [A8, B2, 2D, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[232] ntdll.dll!NtOpenProcessTokenEx + B 7C90D629 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[232] ntdll.dll!NtOpenThread + 6 7C90D664 4 Bytes [68, B1, 2D, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[232] ntdll.dll!NtOpenThread + B 7C90D669 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[232] ntdll.dll!NtOpenThreadToken + 6 7C90D674 4 Bytes [68, B2, 2D, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[232] ntdll.dll!NtOpenThreadToken + B 7C90D679 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[232] ntdll.dll!NtOpenThreadTokenEx + 6 7C90D684 4 Bytes CALL 7B91043B .text C:\Program Files\Google\Chrome\Application\chrome.exe[232] ntdll.dll!NtOpenThreadTokenEx + B 7C90D689 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[232] ntdll.dll!NtQueryAttributesFile + 6 7C90D714 4 Bytes [A8, B0, 2D, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[232] ntdll.dll!NtQueryAttributesFile + B 7C90D719 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[232] ntdll.dll!NtQueryFullAttributesFile + 6 7C90D7B4 4 Bytes CALL 7B910569 .text C:\Program Files\Google\Chrome\Application\chrome.exe[232] ntdll.dll!NtQueryFullAttributesFile + B 7C90D7B9 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[232] ntdll.dll!NtSetInformationFile + 6 7C90DC64 4 Bytes [28, B1, 2D, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[232] ntdll.dll!NtSetInformationFile + B 7C90DC69 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[232] ntdll.dll!NtSetInformationThread + 6 7C90DCB4 4 Bytes [28, B2, 2D, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[232] ntdll.dll!NtSetInformationThread + B 7C90DCB9 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[232] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 4 Bytes [68, B3, 2D, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[232] ntdll.dll!NtUnmapViewOfSection + B 7C90DF19 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[280] ntdll.dll!NtCreateFile + 6 7C90D0B4 4 Bytes [28, 30, 5D, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[280] ntdll.dll!NtCreateFile + B 7C90D0B9 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[280] ntdll.dll!NtMapViewOfSection + 6 7C90D524 4 Bytes [28, 33, 5D, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[280] ntdll.dll!NtMapViewOfSection + B 7C90D529 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[280] ntdll.dll!NtOpenFile + 6 7C90D5A4 4 Bytes [68, 30, 5D, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[280] ntdll.dll!NtOpenFile + B 7C90D5A9 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[280] ntdll.dll!NtOpenProcess + 6 7C90D604 4 Bytes [A8, 31, 5D, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[280] ntdll.dll!NtOpenProcess + B 7C90D609 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[280] ntdll.dll!NtOpenProcessToken + 6 7C90D614 4 Bytes CALL 7B91334A .text C:\Program Files\Google\Chrome\Application\chrome.exe[280] ntdll.dll!NtOpenProcessToken + B 7C90D619 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[280] ntdll.dll!NtOpenProcessTokenEx + 6 7C90D624 4 Bytes [A8, 32, 5D, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[280] ntdll.dll!NtOpenProcessTokenEx + B 7C90D629 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[280] ntdll.dll!NtOpenThread + 6 7C90D664 4 Bytes [68, 31, 5D, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[280] ntdll.dll!NtOpenThread + B 7C90D669 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[280] ntdll.dll!NtOpenThreadToken + 6 7C90D674 4 Bytes [68, 32, 5D, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[280] ntdll.dll!NtOpenThreadToken + B 7C90D679 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[280] ntdll.dll!NtOpenThreadTokenEx + 6 7C90D684 4 Bytes CALL 7B9133BB .text C:\Program Files\Google\Chrome\Application\chrome.exe[280] ntdll.dll!NtOpenThreadTokenEx + B 7C90D689 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[280] ntdll.dll!NtQueryAttributesFile + 6 7C90D714 4 Bytes [A8, 30, 5D, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[280] ntdll.dll!NtQueryAttributesFile + B 7C90D719 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[280] ntdll.dll!NtQueryFullAttributesFile + 6 7C90D7B4 4 Bytes CALL 7B9134E9 .text C:\Program Files\Google\Chrome\Application\chrome.exe[280] ntdll.dll!NtQueryFullAttributesFile + B 7C90D7B9 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[280] ntdll.dll!NtSetInformationFile + 6 7C90DC64 4 Bytes [28, 31, 5D, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[280] ntdll.dll!NtSetInformationFile + B 7C90DC69 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[280] ntdll.dll!NtSetInformationThread + 6 7C90DCB4 4 Bytes [28, 32, 5D, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[280] ntdll.dll!NtSetInformationThread + B 7C90DCB9 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[280] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 4 Bytes [68, 33, 5D, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[280] ntdll.dll!NtUnmapViewOfSection + B 7C90DF19 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[684] ntdll.dll!NtCreateFile + 6 7C90D0B4 4 Bytes [28, A0, 1E, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[684] ntdll.dll!NtCreateFile + B 7C90D0B9 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[684] ntdll.dll!NtMapViewOfSection + 6 7C90D524 4 Bytes [28, A3, 1E, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[684] ntdll.dll!NtMapViewOfSection + B 7C90D529 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[684] ntdll.dll!NtOpenFile + 6 7C90D5A4 4 Bytes [68, A0, 1E, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[684] ntdll.dll!NtOpenFile + B 7C90D5A9 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[684] ntdll.dll!NtOpenProcess + 6 7C90D604 4 Bytes [A8, A1, 1E, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[684] ntdll.dll!NtOpenProcess + B 7C90D609 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[684] ntdll.dll!NtOpenProcessToken + 6 7C90D614 4 Bytes CALL 7B90F4BA .text C:\Program Files\Google\Chrome\Application\chrome.exe[684] ntdll.dll!NtOpenProcessToken + B 7C90D619 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[684] ntdll.dll!NtOpenProcessTokenEx + 6 7C90D624 4 Bytes [A8, A2, 1E, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[684] ntdll.dll!NtOpenProcessTokenEx + B 7C90D629 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[684] ntdll.dll!NtOpenThread + 6 7C90D664 4 Bytes [68, A1, 1E, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[684] ntdll.dll!NtOpenThread + B 7C90D669 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[684] ntdll.dll!NtOpenThreadToken + 6 7C90D674 4 Bytes [68, A2, 1E, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[684] ntdll.dll!NtOpenThreadToken + B 7C90D679 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[684] ntdll.dll!NtOpenThreadTokenEx + 6 7C90D684 4 Bytes CALL 7B90F52B .text C:\Program Files\Google\Chrome\Application\chrome.exe[684] ntdll.dll!NtOpenThreadTokenEx + B 7C90D689 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[684] ntdll.dll!NtQueryAttributesFile + 6 7C90D714 4 Bytes [A8, A0, 1E, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[684] ntdll.dll!NtQueryAttributesFile + B 7C90D719 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[684] ntdll.dll!NtQueryFullAttributesFile + 6 7C90D7B4 4 Bytes CALL 7B90F659 .text C:\Program Files\Google\Chrome\Application\chrome.exe[684] ntdll.dll!NtQueryFullAttributesFile + B 7C90D7B9 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[684] ntdll.dll!NtSetInformationFile + 6 7C90DC64 4 Bytes [28, A1, 1E, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[684] ntdll.dll!NtSetInformationFile + B 7C90DC69 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[684] ntdll.dll!NtSetInformationThread + 6 7C90DCB4 4 Bytes [28, A2, 1E, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[684] ntdll.dll!NtSetInformationThread + B 7C90DCB9 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[684] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 4 Bytes [68, A3, 1E, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[684] ntdll.dll!NtUnmapViewOfSection + B 7C90DF19 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[696] ntdll.dll!NtCreateFile + 6 7C90D0B4 4 Bytes [28, 58, 4D, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[696] ntdll.dll!NtCreateFile + B 7C90D0B9 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[696] ntdll.dll!NtMapViewOfSection + 6 7C90D524 4 Bytes [28, 5B, 4D, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[696] ntdll.dll!NtMapViewOfSection + B 7C90D529 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[696] ntdll.dll!NtOpenFile + 6 7C90D5A4 4 Bytes [68, 58, 4D, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[696] ntdll.dll!NtOpenFile + B 7C90D5A9 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[696] ntdll.dll!NtOpenProcess + 6 7C90D604 4 Bytes [A8, 59, 4D, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[696] ntdll.dll!NtOpenProcess + B 7C90D609 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[696] ntdll.dll!NtOpenProcessToken + 6 7C90D614 4 Bytes CALL 7B912372 .text C:\Program Files\Google\Chrome\Application\chrome.exe[696] ntdll.dll!NtOpenProcessToken + B 7C90D619 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[696] ntdll.dll!NtOpenProcessTokenEx + 6 7C90D624 4 Bytes [A8, 5A, 4D, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[696] ntdll.dll!NtOpenProcessTokenEx + B 7C90D629 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[696] ntdll.dll!NtOpenThread + 6 7C90D664 4 Bytes [68, 59, 4D, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[696] ntdll.dll!NtOpenThread + B 7C90D669 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[696] ntdll.dll!NtOpenThreadToken + 6 7C90D674 4 Bytes [68, 5A, 4D, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[696] ntdll.dll!NtOpenThreadToken + B 7C90D679 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[696] ntdll.dll!NtOpenThreadTokenEx + 6 7C90D684 4 Bytes CALL 7B9123E3 .text C:\Program Files\Google\Chrome\Application\chrome.exe[696] ntdll.dll!NtOpenThreadTokenEx + B 7C90D689 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[696] ntdll.dll!NtQueryAttributesFile + 6 7C90D714 4 Bytes [A8, 58, 4D, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[696] ntdll.dll!NtQueryAttributesFile + B 7C90D719 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[696] ntdll.dll!NtQueryFullAttributesFile + 6 7C90D7B4 4 Bytes CALL 7B912511 .text C:\Program Files\Google\Chrome\Application\chrome.exe[696] ntdll.dll!NtQueryFullAttributesFile + B 7C90D7B9 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[696] ntdll.dll!NtSetInformationFile + 6 7C90DC64 4 Bytes [28, 59, 4D, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[696] ntdll.dll!NtSetInformationFile + B 7C90DC69 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[696] ntdll.dll!NtSetInformationThread + 6 7C90DCB4 4 Bytes [28, 5A, 4D, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[696] ntdll.dll!NtSetInformationThread + B 7C90DCB9 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[696] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 4 Bytes [68, 5B, 4D, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[696] ntdll.dll!NtUnmapViewOfSection + B 7C90DF19 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2484] ntdll.dll!NtCreateFile + 6 7C90D0B4 4 Bytes [28, 0C, D9, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2484] ntdll.dll!NtCreateFile + B 7C90D0B9 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2484] ntdll.dll!NtMapViewOfSection + 6 7C90D524 4 Bytes [28, 0F, D9, 00] {SUB [EDI], CL; FLD DWORD [EAX]} .text C:\Program Files\Google\Chrome\Application\chrome.exe[2484] ntdll.dll!NtMapViewOfSection + B 7C90D529 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2484] ntdll.dll!NtOpenFile + 6 7C90D5A4 4 Bytes [68, 0C, D9, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2484] ntdll.dll!NtOpenFile + B 7C90D5A9 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2484] ntdll.dll!NtOpenProcess + 6 7C90D604 4 Bytes [A8, 0D, D9, 00] {TEST AL, 0xd; FLD DWORD [EAX]} .text C:\Program Files\Google\Chrome\Application\chrome.exe[2484] ntdll.dll!NtOpenProcess + B 7C90D609 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2484] ntdll.dll!NtOpenProcessToken + 6 7C90D614 4 Bytes CALL 7B91AF26 .text C:\Program Files\Google\Chrome\Application\chrome.exe[2484] ntdll.dll!NtOpenProcessToken + B 7C90D619 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2484] ntdll.dll!NtOpenProcessTokenEx + 6 7C90D624 4 Bytes [A8, 0E, D9, 00] {TEST AL, 0xe; FLD DWORD [EAX]} .text C:\Program Files\Google\Chrome\Application\chrome.exe[2484] ntdll.dll!NtOpenProcessTokenEx + B 7C90D629 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2484] ntdll.dll!NtOpenThread + 6 7C90D664 4 Bytes [68, 0D, D9, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2484] ntdll.dll!NtOpenThread + B 7C90D669 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2484] ntdll.dll!NtOpenThreadToken + 6 7C90D674 4 Bytes [68, 0E, D9, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2484] ntdll.dll!NtOpenThreadToken + B 7C90D679 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2484] ntdll.dll!NtOpenThreadTokenEx + 6 7C90D684 4 Bytes CALL 7B91AF97 .text C:\Program Files\Google\Chrome\Application\chrome.exe[2484] ntdll.dll!NtOpenThreadTokenEx + B 7C90D689 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2484] ntdll.dll!NtQueryAttributesFile + 6 7C90D714 4 Bytes [A8, 0C, D9, 00] {TEST AL, 0xc; FLD DWORD [EAX]} .text C:\Program Files\Google\Chrome\Application\chrome.exe[2484] ntdll.dll!NtQueryAttributesFile + B 7C90D719 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2484] ntdll.dll!NtQueryFullAttributesFile + 6 7C90D7B4 4 Bytes CALL 7B91B0C5 .text C:\Program Files\Google\Chrome\Application\chrome.exe[2484] ntdll.dll!NtQueryFullAttributesFile + B 7C90D7B9 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2484] ntdll.dll!NtSetInformationFile + 6 7C90DC64 4 Bytes [28, 0D, D9, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2484] ntdll.dll!NtSetInformationFile + B 7C90DC69 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2484] ntdll.dll!NtSetInformationThread + 6 7C90DCB4 4 Bytes [28, 0E, D9, 00] {SUB [ESI], CL; FLD DWORD [EAX]} .text C:\Program Files\Google\Chrome\Application\chrome.exe[2484] ntdll.dll!NtSetInformationThread + B 7C90DCB9 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2484] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 4 Bytes [68, 0F, D9, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2484] ntdll.dll!NtUnmapViewOfSection + B 7C90DF19 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2812] ntdll.dll!NtCreateFile + 6 7C90D0B4 4 Bytes [28, 3C, 5A, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2812] ntdll.dll!NtCreateFile + B 7C90D0B9 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2812] ntdll.dll!NtMapViewOfSection + 6 7C90D524 4 Bytes [28, 3F, 5A, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2812] ntdll.dll!NtMapViewOfSection + B 7C90D529 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2812] ntdll.dll!NtOpenFile + 6 7C90D5A4 4 Bytes [68, 3C, 5A, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2812] ntdll.dll!NtOpenFile + B 7C90D5A9 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2812] ntdll.dll!NtOpenProcess + 6 7C90D604 4 Bytes [A8, 3D, 5A, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2812] ntdll.dll!NtOpenProcess + B 7C90D609 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2812] ntdll.dll!NtOpenProcessToken + 6 7C90D614 4 Bytes CALL 7B913056 .text C:\Program Files\Google\Chrome\Application\chrome.exe[2812] ntdll.dll!NtOpenProcessToken + B 7C90D619 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2812] ntdll.dll!NtOpenProcessTokenEx + 6 7C90D624 4 Bytes [A8, 3E, 5A, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2812] ntdll.dll!NtOpenProcessTokenEx + B 7C90D629 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2812] ntdll.dll!NtOpenThread + 6 7C90D664 4 Bytes [68, 3D, 5A, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2812] ntdll.dll!NtOpenThread + B 7C90D669 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2812] ntdll.dll!NtOpenThreadToken + 6 7C90D674 4 Bytes [68, 3E, 5A, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2812] ntdll.dll!NtOpenThreadToken + B 7C90D679 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2812] ntdll.dll!NtOpenThreadTokenEx + 6 7C90D684 4 Bytes CALL 7B9130C7 .text C:\Program Files\Google\Chrome\Application\chrome.exe[2812] ntdll.dll!NtOpenThreadTokenEx + B 7C90D689 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2812] ntdll.dll!NtQueryAttributesFile + 6 7C90D714 4 Bytes [A8, 3C, 5A, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2812] ntdll.dll!NtQueryAttributesFile + B 7C90D719 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2812] ntdll.dll!NtQueryFullAttributesFile + 6 7C90D7B4 4 Bytes CALL 7B9131F5 .text C:\Program Files\Google\Chrome\Application\chrome.exe[2812] ntdll.dll!NtQueryFullAttributesFile + B 7C90D7B9 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2812] ntdll.dll!NtSetInformationFile + 6 7C90DC64 4 Bytes [28, 3D, 5A, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2812] ntdll.dll!NtSetInformationFile + B 7C90DC69 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2812] ntdll.dll!NtSetInformationThread + 6 7C90DCB4 4 Bytes [28, 3E, 5A, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2812] ntdll.dll!NtSetInformationThread + B 7C90DCB9 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2812] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 4 Bytes [68, 3F, 5A, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2812] ntdll.dll!NtUnmapViewOfSection + B 7C90DF19 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3212] ntdll.dll!NtCreateFile + 6 7C90D0B4 4 Bytes [28, B8, A0, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3212] ntdll.dll!NtCreateFile + B 7C90D0B9 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3212] ntdll.dll!NtMapViewOfSection + 6 7C90D524 4 Bytes [28, BB, A0, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3212] ntdll.dll!NtMapViewOfSection + B 7C90D529 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3212] ntdll.dll!NtOpenFile + 6 7C90D5A4 4 Bytes [68, B8, A0, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3212] ntdll.dll!NtOpenFile + B 7C90D5A9 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3212] ntdll.dll!NtOpenProcess + 6 7C90D604 4 Bytes [A8, B9, A0, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3212] ntdll.dll!NtOpenProcess + B 7C90D609 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3212] ntdll.dll!NtOpenProcessToken + 6 7C90D614 4 Bytes CALL 7B9176D2 .text C:\Program Files\Google\Chrome\Application\chrome.exe[3212] ntdll.dll!NtOpenProcessToken + B 7C90D619 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3212] ntdll.dll!NtOpenProcessTokenEx + 6 7C90D624 4 Bytes [A8, BA, A0, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3212] ntdll.dll!NtOpenProcessTokenEx + B 7C90D629 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3212] ntdll.dll!NtOpenThread + 6 7C90D664 4 Bytes [68, B9, A0, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3212] ntdll.dll!NtOpenThread + B 7C90D669 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3212] ntdll.dll!NtOpenThreadToken + 6 7C90D674 4 Bytes [68, BA, A0, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3212] ntdll.dll!NtOpenThreadToken + B 7C90D679 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3212] ntdll.dll!NtOpenThreadTokenEx + 6 7C90D684 4 Bytes CALL 7B917743 .text C:\Program Files\Google\Chrome\Application\chrome.exe[3212] ntdll.dll!NtOpenThreadTokenEx + B 7C90D689 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3212] ntdll.dll!NtQueryAttributesFile + 6 7C90D714 4 Bytes [A8, B8, A0, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3212] ntdll.dll!NtQueryAttributesFile + B 7C90D719 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3212] ntdll.dll!NtQueryFullAttributesFile + 6 7C90D7B4 4 Bytes CALL 7B917871 .text C:\Program Files\Google\Chrome\Application\chrome.exe[3212] ntdll.dll!NtQueryFullAttributesFile + B 7C90D7B9 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3212] ntdll.dll!NtSetInformationFile + 6 7C90DC64 4 Bytes [28, B9, A0, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3212] ntdll.dll!NtSetInformationFile + B 7C90DC69 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3212] ntdll.dll!NtSetInformationThread + 6 7C90DCB4 4 Bytes [28, BA, A0, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3212] ntdll.dll!NtSetInformationThread + B 7C90DCB9 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3212] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 4 Bytes [68, BB, A0, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3212] ntdll.dll!NtUnmapViewOfSection + B 7C90DF19 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3704] ntdll.dll!NtCreateFile 7C90D0AE 5 Bytes JMP 100A8AF0 C:\Program Files\Common Files\SpeedBit\SBUpdate\sbci32.dll .text C:\Program Files\Google\Chrome\Application\chrome.exe[3704] ntdll.dll!NtMapViewOfSection + 6 7C90D524 4 Bytes [18, 20, C4, 01] {SBB [EAX], AH; LES EAX, [ECX]} .text C:\Program Files\Google\Chrome\Application\chrome.exe[3704] ntdll.dll!NtMapViewOfSection + B 7C90D529 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3704] ntdll.dll!NtOpenFile 7C90D59E 5 Bytes JMP 100A8B10 C:\Program Files\Common Files\SpeedBit\SBUpdate\sbci32.dll .text C:\Program Files\Google\Chrome\Application\chrome.exe[3704] kernel32.dll!CreateFileA 7C801A28 5 Bytes JMP 100A9020 C:\Program Files\Common Files\SpeedBit\SBUpdate\sbci32.dll .text C:\Program Files\Google\Chrome\Application\chrome.exe[3704] kernel32.dll!LoadLibraryExW 7C801AF5 7 Bytes JMP 100A9680 C:\Program Files\Common Files\SpeedBit\SBUpdate\sbci32.dll .text C:\Program Files\Google\Chrome\Application\chrome.exe[3704] kernel32.dll!LoadLibraryExA 7C801D53 5 Bytes JMP 100A9660 C:\Program Files\Common Files\SpeedBit\SBUpdate\sbci32.dll .text C:\Program Files\Google\Chrome\Application\chrome.exe[3704] kernel32.dll!LoadLibraryA 7C801D7B 5 Bytes JMP 100A9620 C:\Program Files\Common Files\SpeedBit\SBUpdate\sbci32.dll .text C:\Program Files\Google\Chrome\Application\chrome.exe[3704] kernel32.dll!CloseHandle 7C809BE7 5 Bytes JMP 100A9250 C:\Program Files\Common Files\SpeedBit\SBUpdate\sbci32.dll .text C:\Program Files\Google\Chrome\Application\chrome.exe[3704] kernel32.dll!FreeLibrary 7C80AC7E 5 Bytes JMP 100A9780 C:\Program Files\Common Files\SpeedBit\SBUpdate\sbci32.dll .text C:\Program Files\Google\Chrome\Application\chrome.exe[3704] kernel32.dll!GetProcAddress 7C80AE40 5 Bytes JMP 100A97A0 C:\Program Files\Common Files\SpeedBit\SBUpdate\sbci32.dll .text C:\Program Files\Google\Chrome\Application\chrome.exe[3704] kernel32.dll!LoadLibraryW 7C80AEEB 5 Bytes JMP 100A9640 C:\Program Files\Common Files\SpeedBit\SBUpdate\sbci32.dll .text C:\Program Files\Google\Chrome\Application\chrome.exe[3704] kernel32.dll!GetModuleFileNameW 7C80B475 7 Bytes JMP 100A96C0 C:\Program Files\Common Files\SpeedBit\SBUpdate\sbci32.dll .text C:\Program Files\Google\Chrome\Application\chrome.exe[3704] kernel32.dll!GetModuleFileNameA 7C80B56F 5 Bytes JMP 100A96A0 C:\Program Files\Common Files\SpeedBit\SBUpdate\sbci32.dll .text C:\Program Files\Google\Chrome\Application\chrome.exe[3704] kernel32.dll!GetModuleHandleA 7C80B741 5 Bytes JMP 100A96E0 C:\Program Files\Common Files\SpeedBit\SBUpdate\sbci32.dll .text C:\Program Files\Google\Chrome\Application\chrome.exe[3704] kernel32.dll!GetFileAttributesW 7C80B7EC 5 Bytes JMP 100A91C0 C:\Program Files\Common Files\SpeedBit\SBUpdate\sbci32.dll .text C:\Program Files\Google\Chrome\Application\chrome.exe[3704] kernel32.dll!GetModuleHandleW 7C80E4DD 5 Bytes JMP 100A9700 C:\Program Files\Common Files\SpeedBit\SBUpdate\sbci32.dll .text C:\Program Files\Google\Chrome\Application\chrome.exe[3704] kernel32.dll!CreateFileW 7C810CD9 5 Bytes JMP 100A9040 C:\Program Files\Common Files\SpeedBit\SBUpdate\sbci32.dll .text C:\Program Files\Google\Chrome\Application\chrome.exe[3704] kernel32.dll!GetFileAttributesExW 7C81166D 5 Bytes JMP 100A9200 C:\Program Files\Common Files\SpeedBit\SBUpdate\sbci32.dll .text C:\Program Files\Google\Chrome\Application\chrome.exe[3704] kernel32.dll!GetFileAttributesA 7C811AB4 5 Bytes JMP 100A91A0 C:\Program Files\Common Files\SpeedBit\SBUpdate\sbci32.dll .text C:\Program Files\Google\Chrome\Application\chrome.exe[3704] kernel32.dll!FlushFileBuffers 7C812BB9 5 Bytes JMP 100A9230 C:\Program Files\Common Files\SpeedBit\SBUpdate\sbci32.dll .text C:\Program Files\Google\Chrome\Application\chrome.exe[3704] kernel32.dll!GetModuleHandleExW 7C81ED19 5 Bytes JMP 100A9750 C:\Program Files\Common Files\SpeedBit\SBUpdate\sbci32.dll .text C:\Program Files\Google\Chrome\Application\chrome.exe[3704] kernel32.dll!MoveFileW 7C8202B9 5 Bytes JMP 100A90C0 C:\Program Files\Common Files\SpeedBit\SBUpdate\sbci32.dll .text C:\Program Files\Google\Chrome\Application\chrome.exe[3704] kernel32.dll!OpenFile 7C8209DA 5 Bytes JMP 100A9220 C:\Program Files\Common Files\SpeedBit\SBUpdate\sbci32.dll .text C:\Program Files\Google\Chrome\Application\chrome.exe[3704] kernel32.dll!CopyFileA 7C827746 5 Bytes JMP 100A9060 C:\Program Files\Common Files\SpeedBit\SBUpdate\sbci32.dll .text C:\Program Files\Google\Chrome\Application\chrome.exe[3704] kernel32.dll!CopyFileW 7C82E8BB 5 Bytes JMP 100A9080 C:\Program Files\Common Files\SpeedBit\SBUpdate\sbci32.dll .text C:\Program Files\Google\Chrome\Application\chrome.exe[3704] kernel32.dll!GetFileAttributesExA 7C82F9D1 5 Bytes JMP 100A91E0 C:\Program Files\Common Files\SpeedBit\SBUpdate\sbci32.dll .text C:\Program Files\Google\Chrome\Application\chrome.exe[3704] kernel32.dll!DeleteFileA 7C831F4D 5 Bytes JMP 100A9120 C:\Program Files\Common Files\SpeedBit\SBUpdate\sbci32.dll .text C:\Program Files\Google\Chrome\Application\chrome.exe[3704] kernel32.dll!DeleteFileW 7C831FD3 5 Bytes JMP 100A9140 C:\Program Files\Common Files\SpeedBit\SBUpdate\sbci32.dll .text C:\Program Files\Google\Chrome\Application\chrome.exe[3704] kernel32.dll!MoveFileExW 7C8356FB 5 Bytes JMP 100A9100 C:\Program Files\Common Files\SpeedBit\SBUpdate\sbci32.dll .text C:\Program Files\Google\Chrome\Application\chrome.exe[3704] kernel32.dll!MoveFileA 7C835F2F 5 Bytes JMP 100A90A0 C:\Program Files\Common Files\SpeedBit\SBUpdate\sbci32.dll .text C:\Program Files\Google\Chrome\Application\chrome.exe[3704] kernel32.dll!ReplaceFile 7C836CDC 5 Bytes JMP 100A9180 C:\Program Files\Common Files\SpeedBit\SBUpdate\sbci32.dll .text C:\Program Files\Google\Chrome\Application\chrome.exe[3704] kernel32.dll!MoveFileExA 7C85F033 5 Bytes JMP 100A90E0 C:\Program Files\Common Files\SpeedBit\SBUpdate\sbci32.dll .text C:\Program Files\Google\Chrome\Application\chrome.exe[3704] kernel32.dll!ReplaceFileA 7C85FE77 5 Bytes JMP 100A9160 C:\Program Files\Common Files\SpeedBit\SBUpdate\sbci32.dll .text C:\Program Files\Google\Chrome\Application\chrome.exe[3704] kernel32.dll!GetModuleHandleExA 7C860BE6 5 Bytes JMP 100A9720 C:\Program Files\Common Files\SpeedBit\SBUpdate\sbci32.dll .text C:\Program Files\Google\Chrome\Application\chrome.exe[3704] USER32.dll!SetWindowTextW 7E37960E 5 Bytes JMP 1000BC70 C:\Program Files\Common Files\SpeedBit\SBUpdate\sbci32.dll ---- Devices - GMER 2.1 ---- AttachedDevice \Driver\Tcpip \Device\Ip avgtdix.sys AttachedDevice \Driver\Tcpip \Device\Tcp avgtdix.sys AttachedDevice \Driver\Tcpip \Device\Udp avgtdix.sys AttachedDevice \Driver\Tcpip \Device\RawIp avgtdix.sys ---- EOF - GMER 2.1 ----