GMER 2.2.19882 - http://www.gmer.net Rootkit scan 2016-09-17 11:12:23 Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\0000005e NVIDIA__ rev. 232,88GB Running: q8irzjcn.exe; Driver: c:\TEMP\awddykod.sys ---- User code sections - GMER 2.2 ---- .text C:\Program Files (x86)\Google\Update\GoogleUpdate.exe[2864] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 00000000753e1401 2 bytes JMP 76aeb21b C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Google\Update\GoogleUpdate.exe[2864] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 00000000753e1419 2 bytes JMP 76aeb346 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Google\Update\GoogleUpdate.exe[2864] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 00000000753e1431 2 bytes JMP 76b68ea9 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Google\Update\GoogleUpdate.exe[2864] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 00000000753e144a 2 bytes CALL 76ac48ad C:\Windows\syswow64\kernel32.dll .text ... * 9 .text C:\Program Files (x86)\Google\Update\GoogleUpdate.exe[2864] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 00000000753e14dd 2 bytes JMP 76b687a2 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Google\Update\GoogleUpdate.exe[2864] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 00000000753e14f5 2 bytes JMP 76b68978 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Google\Update\GoogleUpdate.exe[2864] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 00000000753e150d 2 bytes JMP 76b68698 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Google\Update\GoogleUpdate.exe[2864] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 00000000753e1525 2 bytes JMP 76b68a62 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Google\Update\GoogleUpdate.exe[2864] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 00000000753e153d 2 bytes JMP 76adfca8 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Google\Update\GoogleUpdate.exe[2864] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 00000000753e1555 2 bytes JMP 76ae68ef C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Google\Update\GoogleUpdate.exe[2864] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 00000000753e156d 2 bytes JMP 76b68f61 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Google\Update\GoogleUpdate.exe[2864] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 00000000753e1585 2 bytes JMP 76b68ac2 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Google\Update\GoogleUpdate.exe[2864] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 00000000753e159d 2 bytes JMP 76b6865c C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Google\Update\GoogleUpdate.exe[2864] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 00000000753e15b5 2 bytes JMP 76adfd41 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Google\Update\GoogleUpdate.exe[2864] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 00000000753e15cd 2 bytes JMP 76aeb2dc C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Google\Update\GoogleUpdate.exe[2864] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 00000000753e16b2 2 bytes JMP 76b68e24 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Google\Update\GoogleUpdate.exe[2864] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 00000000753e16bd 2 bytes JMP 76b685f1 C:\Windows\syswow64\kernel32.dll ---- Processes - GMER 2.2 ---- Library C:\Windows\TEMP\CR_90691.tmp\setup.exe (*** suspicious ***) @ C:\Windows\TEMP\CR_90691.tmp\setup.exe [2368] 0000000000b00000 ---- Files - GMER 2.2 ---- File C:\Users\Karol\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Cache\f_0139c7 0 bytes File C:\Users\Karol\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Cache\f_0139c8 0 bytes File C:\Users\Karol\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Cache\f_0139c9 0 bytes File C:\Users\Karol\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Cache\f_0139ca 0 bytes File C:\Users\Karol\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Cache\f_0139ce 37976 bytes File C:\Users\Karol\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Cache\f_0139d2 33252 bytes File C:\Users\Karol\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Cache\f_0139d3 173796 bytes File C:\Users\Karol\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Cache\f_0139d4 30020 bytes File C:\Users\Karol\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Cache\f_0139d5 50018 bytes File C:\Users\Karol\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Cache\f_0139d6 35397 bytes File C:\Users\Karol\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Cache\f_0139d7 25574 bytes File C:\Users\Karol\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Cache\f_0139d8 19197 bytes File C:\Users\Karol\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Cache\f_0139da 25211 bytes File C:\Users\Karol\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Cache\f_0139db 20654 bytes File C:\Users\Karol\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Cache\f_0139dc 51627 bytes File C:\Users\Karol\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Cache\f_0139dd 97930 bytes File C:\Users\Karol\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Cache\f_0139de 98124 bytes File C:\Users\Karol\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Cache\f_013a09 126446 bytes File C:\Users\Karol\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Cache\f_013a17 41415 bytes File C:\Users\Karol\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Cache\f_0139e0 25756 bytes File C:\Users\Karol\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Cache\f_0139e4 49850 bytes File C:\Users\Karol\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Cache\f_0139e5 129188 bytes File C:\Users\Karol\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Cache\f_0139e6 18292 bytes File C:\Users\Karol\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Cache\f_0139e7 17120 bytes File C:\Users\Karol\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Cache\f_0139e8 140452 bytes File C:\Users\Karol\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Cache\f_0139e9 141216 bytes File C:\Users\Karol\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Cache\f_0139f0 17444 bytes File C:\Users\Karol\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Cache\f_0139f7 43760 bytes File C:\Users\Karol\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Cache\f_0139f8 43468 bytes File C:\Users\Karol\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Cache\f_0139f9 76407 bytes File C:\Users\Karol\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Cache\f_0139fc 21815 bytes File C:\Users\Karol\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Cache\f_0139fe 36651 bytes File C:\Users\Karol\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Cache\f_0139ff 129180 bytes File C:\Users\Karol\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Cache\f_013a00 20927 bytes File C:\Users\Karol\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Cache\f_013a01 27351 bytes File C:\Users\Karol\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Cache\f_013a02 51515 bytes File C:\Users\Karol\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Cache\f_013a04 26984 bytes File C:\Users\Karol\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Cache\f_013a05 205904 bytes File C:\Users\Karol\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Cache\f_013a06 218347 bytes File C:\Users\Karol\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Cache\f_013a1e 180812 bytes File C:\Users\Karol\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Cache\f_013a1f 186166 bytes File C:\Users\Karol\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Cache\f_013a20 212900 bytes File C:\Users\Karol\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Cache\f_013a2d 59960 bytes File C:\Users\Karol\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Cache\f_013a2f 25650 bytes File C:\Users\Karol\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Cache\f_013a30 17198 bytes File C:\Users\Karol\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Cache\f_013a35 25202 bytes File C:\Users\Karol\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Cache\f_013a36 19127 bytes File C:\Users\Karol\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Cache\f_013a37 25421 bytes File C:\Users\Karol\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Cache\f_013a3a 0 bytes File C:\Users\Karol\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Cache\f_013a3b 0 bytes File C:\Users\Karol\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Cache\f_013a3c 0 bytes File C:\Users\Karol\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Cache\f_013a3d 0 bytes File C:\Users\Karol\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Cache\f_013a3e 0 bytes File C:\Users\Karol\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Cache\f_013a3f 0 bytes File C:\Users\Karol\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Cache\f_013a40 0 bytes File C:\Users\Karol\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Cache\f_013a41 0 bytes File C:\Users\Karol\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Cache\f_013a44 0 bytes File C:\Users\Karol\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Cache\f_0139df 110070 bytes File C:\Users\Karol\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Cache\f_0139cb 0 bytes ---- EOF - GMER 2.2 ----